/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 102b2d8a

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34	0f282d7a	Scott Ullrich
35	adf4b768	Scott Ullrich	function opcode_cache_configuration() {
36	4184c024	Scott Ullrich	global $g;
37			if($g['platform'] == "cdrom")
38			return;
39	e9624a0a	Scott Ullrich
40	adf4b768	Scott Ullrich	/* get system memory amount */
41			$memory = get_memory();
42			$avail = $memory[0];
43
44			/* disable apc for platforms less than 90 megs of ram */
45			if($memory > 90) {
46			$opcode_cacher = "extension=apc.so\n";
47			$opcode_cacher .= "apc.enabled=\"1\"\n";
48			$opcode_cacher .= "apc.enable_cli=\"1\"\n";
49	5b4a9528	Scott Ullrich	$opcode_cacher .= "apc.shm_size=\"8\"\n";
50	adf4b768	Scott Ullrich	} else {
51			$opcode_cacher = "";
52			}
53
54			/* create a php.ini variable */
55			$php_conf = file_get_contents("/usr/local/lib/php.ini");
56
57			$php_ini = <<<EOFF
58			output_buffering = "0"
59			implicit_flush = true
60			magic_quotes_gpc = Off
61			max_execution_time = 99999999
62			max_input_time = 99999999
63	ec7f0db2	Seth Mos	memory_limit = 32M
64	adf4b768	Scott Ullrich	register_argc_argv = On
65			file_uploads = On
66	afd5cfd7	Scott Ullrich	extension_dir=/usr/local/lib/php/extensions/no-debug-non-zts-20020429/
67	adf4b768	Scott Ullrich	upload_tmp_dir = /tmp
68			upload_max_filesize = 100M
69			post_max_size = 100M
70			html_errors = Off
71			include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg"
72			extension=radius.so
73			{$opcode_cacher}
74
75			EOFF;
76
77	e9624a0a	Scott Ullrich	config_lock();
78	adf4b768	Scott Ullrich	conf_mount_rw();
79
80			/* open up php.ini and write back out contents */
81			$fd = fopen("/usr/local/lib/php.ini","w");
82			fwrite($fd, $php_ini);
83			fclose($fd);
84
85	eb5814ae	Scott Ullrich	mwexec("sync");
86	adf4b768	Scott Ullrich	conf_mount_ro();
87	e9624a0a	Scott Ullrich	exec("sync");
88			config_unlock();
89	adf4b768	Scott Ullrich	}
90
91	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
92	f19d3b7a	Scott Ullrich	global $config, $g;
93	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
94			$mt = microtime();
95	dcf0598e	Scott Ullrich	echo "system_resolvconf_generate() being called $mt\n";
96	333f8ef0	Scott Ullrich	}
97	ef217c69	Scott Ullrich
98			$syscfg = $config['system'];
99
100			$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
101			if (!$fd) {
102			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
103			return 1;
104			}
105
106			$resolvconf = "domain {$syscfg['domain']}\n";
107
108			$havedns = false;
109
110			if (isset($syscfg['dnsallowoverride'])) {
111			/* get dynamically assigned DNS servers (if any) */
112	5c83df30	Scott Ullrich	$ns = array_unique(get_nameservers());
113	3d00ccaa	Scott Ullrich	foreach($ns as $nameserver) {
114	e428c94d	Scott Ullrich	if($nameserver) {
115			$resolvconf .= "nameserver $nameserver\n";
116			$havedns = true;
117			}
118	3d00ccaa	Scott Ullrich	}
119	ef217c69	Scott Ullrich	}
120			if (!$havedns && is_array($syscfg['dnsserver'])) {
121			foreach ($syscfg['dnsserver'] as $ns) {
122	e428c94d	Scott Ullrich	if ($ns) {
123	ef217c69	Scott Ullrich	$resolvconf .= "nameserver $ns\n";
124	e428c94d	Scott Ullrich	$havedns = true;
125			}
126	ef217c69	Scott Ullrich	}
127			}
128	0f282d7a	Scott Ullrich
129	ef217c69	Scott Ullrich	fwrite($fd, $resolvconf);
130			fclose($fd);
131	0f282d7a	Scott Ullrich
132	ef217c69	Scott Ullrich	if (!$g['booting']) {
133			/* restart dhcpd (nameservers may have changed) */
134			if (!$dynupdate)
135			services_dhcpd_configure();
136			}
137
138			return 0;
139	5b237745	Scott Ullrich	}
140
141	3d00ccaa	Scott Ullrich	function get_nameservers() {
142			global $config, $g;
143			$master_list = array();
144	cdd88d2f	Scott Ullrich	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
145	3d00ccaa	Scott Ullrich	foreach($dns_lists as $dns) {
146			$items = split("\n", file_get_contents($dns));
147			foreach($items as $item)
148			if($item <> "")
149			$master_list[] = $item;
150			}
151	9ee93e3d	Scott Ullrich	if(!file_exists("/var/etc/nameservers.conf"))
152			return $master_list;
153			$dns = `cat /var/etc/nameservers.conf`;
154			$dns_s = split("\n", $dns);
155	0dbac999	Scott Ullrich	if(is_array($dns_s))
156			foreach($dns_s as $dns)
157			$master_list[] = $dns;
158	3d00ccaa	Scott Ullrich	return $master_list;
159			}
160
161	5b237745	Scott Ullrich	function system_hosts_generate() {
162	f19d3b7a	Scott Ullrich	global $config, $g;
163	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
164			$mt = microtime();
165	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
166	f19d3b7a	Scott Ullrich	}
167	0f282d7a	Scott Ullrich
168	5b237745	Scott Ullrich	$syscfg = $config['system'];
169			$lancfg = $config['interfaces']['lan'];
170			$dnsmasqcfg = $config['dnsmasq'];
171
172			if (!is_array($dnsmasqcfg['hosts'])) {
173			$dnsmasqcfg['hosts'] = array();
174			}
175			$hostscfg = $dnsmasqcfg['hosts'];
176	0f282d7a	Scott Ullrich
177	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
178			if (!$fd) {
179	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
180	5b237745	Scott Ullrich	return 1;
181			}
182	0f282d7a	Scott Ullrich
183	5b237745	Scott Ullrich	$hosts = <<<EOD
184			127.0.0.1 localhost localhost.{$syscfg['domain']}
185			{$lancfg['ipaddr']} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
186
187			EOD;
188	0f282d7a	Scott Ullrich
189	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
190			if ($host['host'])
191			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
192			else
193			$hosts .= "{$host['ip']} {$host['domain']}\n";
194			}
195	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
196			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
197			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
198	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
199	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
200			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
201	a56e787d	Scott Ullrich	}
202	5b237745	Scott Ullrich	fwrite($fd, $hosts);
203			fclose($fd);
204	0f282d7a	Scott Ullrich
205	5b237745	Scott Ullrich	return 0;
206			}
207
208			function system_hostname_configure() {
209	f19d3b7a	Scott Ullrich	global $config, $g;
210	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
211			$mt = microtime();
212	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
213	333f8ef0	Scott Ullrich	}
214	0f282d7a	Scott Ullrich
215	5b237745	Scott Ullrich	$syscfg = $config['system'];
216	0f282d7a	Scott Ullrich
217	5b237745	Scott Ullrich	/* set hostname */
218	30934c59	Scott Ullrich	$status = mwexec("/bin/hostname " .
219	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
220	30934c59	Scott Ullrich
221			/* Setup host GUID ID. This is used by ZFS. */
222			mwexec("/etc/rc.d/hostid start");
223
224			return $status;
225	5b237745	Scott Ullrich	}
226
227			function system_routing_configure() {
228	f19d3b7a	Scott Ullrich	global $config, $g;
229	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
230			$mt = microtime();
231	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
232	58c7450e	Scott Ullrich	}
233	333f8ef0	Scott Ullrich
234	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
235			if(isset($config['staticroutes']['enablefastrouting']))
236			mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
237
238	5b237745	Scott Ullrich	/* clear out old routes, if necessary */
239	6e867889	Seth Mos	exec("/usr/bin/netstat -rn", $route_arr, $retval);
240	da7c792a	Seth Mos	$route_str = implode("\n", $route_arr);
241
242	5b237745	Scott Ullrich	if (file_exists("{$g['vardb_path']}/routes.db")) {
243			$fd = fopen("{$g['vardb_path']}/routes.db", "r");
244			if (!$fd) {
245			printf("Error: cannot open routes DB file in system_routing_configure().\n");
246	0f282d7a	Scott Ullrich	return 1;
247	5b237745	Scott Ullrich	}
248			while (!feof($fd)) {
249	b0e48077	Seth Mos	$oldrt = trim(fgets($fd));
250	cfec5019	Seth Mos	if (($oldrt) && (stristr($route_str, $oldrt)))
251	5b237745	Scott Ullrich	mwexec("/sbin/route delete " . escapeshellarg($oldrt));
252			}
253			fclose($fd);
254			unlink("{$g['vardb_path']}/routes.db");
255			}
256	0f282d7a	Scott Ullrich
257	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
258	0f282d7a	Scott Ullrich
259	5b237745	Scott Ullrich	$fd = fopen("{$g['vardb_path']}/routes.db", "w");
260			if (!$fd) {
261			printf("Error: cannot open routes DB file in system_routing_configure().\n");
262	0f282d7a	Scott Ullrich	return 1;
263	5b237745	Scott Ullrich	}
264	0f282d7a	Scott Ullrich
265	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
266	fef3a8ef	Scott Ullrich	if(isset($rtent['interfacegateway'])) {
267			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
268	333f8ef0	Scott Ullrich	" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($rtent['interface'])));
269	fef3a8ef	Scott Ullrich	} else {
270			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
271			" " . escapeshellarg($rtent['gateway']));
272			}
273	5b237745	Scott Ullrich	/* record route so it can be easily removed later (if necessary) */
274			fwrite($fd, $rtent['network'] . "\n");
275			}
276	0f282d7a	Scott Ullrich
277			fclose($fd);
278	5b237745	Scott Ullrich	}
279	0f282d7a	Scott Ullrich
280	9b0c4cd7	Scott Ullrich	/* Make sure default gateway is present */
281			$result = `/usr/bin/netstat -rn \| grep default`;
282	13277cbf	Scott Ullrich	if(!$result) {
283			if(is_ipaddr($config['interfaces']['wan']['gateway'])) {
284			log_error("No default gateway detected, adding {$config['interfaces']['wan']['gateway']}");
285	9b0c4cd7	Scott Ullrich	mwexec("/sbin/route add default " . escapeshellarg($config['interfaces']['wan']['gateway']));
286	13277cbf	Scott Ullrich	}
287			}
288	5b237745	Scott Ullrich	return 0;
289			}
290
291			function system_routing_enable() {
292	f19d3b7a	Scott Ullrich	global $config, $g;
293	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
294			$mt = microtime();
295	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
296	58c7450e	Scott Ullrich	}
297	0f282d7a	Scott Ullrich
298	5b237745	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
299			}
300
301			function system_syslogd_start() {
302	f19d3b7a	Scott Ullrich	global $config, $g;
303	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
304			$mt = microtime();
305	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
306	58c7450e	Scott Ullrich	}
307	0f282d7a	Scott Ullrich
308	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
309
310	0f282d7a	Scott Ullrich	if ($g['booting'])
311	f05740c1	Scott Ullrich	echo "Starting syslog...";
312	5b237745	Scott Ullrich	else
313			killbypid("{$g['varrun_path']}/syslog.pid");
314	0f282d7a	Scott Ullrich
315	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
316	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
317	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
318			foreach($config['installedpackages']['package'] as $package) {
319	333f8ef0	Scott Ullrich	if($package['logging']) {
320	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
321	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
322	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
323			mwexec("clog -i -s 10000 {$g['varlog_path']}/{$package['logging']['logfilename']}");
324	d2834563	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t%{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
325	a728d2ea	Colin Smith	}
326			}
327			}
328	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
329	5b237745	Scott Ullrich	/* write syslog.conf */
330			$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
331			if (!$fd) {
332			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
333			return 1;
334			}
335	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
336	18330d38	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
337			$syslogconf .= <<<EOD
338			. %{$g['varlog_path']}/ntpd.log
339
340			EOD;
341			}
342	840549ca	Chris Buechler	$syslogconf .= "!apinger\n";
343	1cdec603	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
344	0260caec	Scott Ullrich	$syslogconf .= <<<EOD
345	840549ca	Chris Buechler	. %{$g['varlog_path']}/slbd.log
346	0260caec	Scott Ullrich
347	e1c6b3d6	Seth Mos	EOD;
348			}
349	840549ca	Chris Buechler	$syslogconf .= "!racoon\n";
350	e1c6b3d6	Seth Mos	if (!isset($syslogcfg['disablelocallogging'])) {
351			$syslogconf .= <<<EOD
352	840549ca	Chris Buechler	. %{$g['varlog_path']}/ipsec.log
353	e1c6b3d6	Seth Mos
354	0260caec	Scott Ullrich	EOD;
355			}
356			if (isset($syslogcfg['vpn'])) {
357			$syslogconf .= <<<EOD
358			. @{$syslogcfg['remoteserver']}
359
360			EOD;
361			}
362	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
363	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
364			$syslogconf .= <<<EOD
365			. %{$g['varlog_path']}/openvpn.log
366
367			EOD;
368			}
369			if (isset($syslogcfg['vpn'])) {
370			$syslogconf .= <<<EOD
371			. @{$syslogcfg['remoteserver']}
372
373			EOD;
374			}
375	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
376	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
377			$syslogconf .= <<<EOD
378	bc328042	Bill Marquette	local0.* %{$g['varlog_path']}/filter.log
379			local3.* %{$g['varlog_path']}/vpn.log
380			local4.* %{$g['varlog_path']}/portalauth.log
381			local7.* %{$g['varlog_path']}/dhcpd.log
382	d2834563	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; %{$g['varlog_path']}/system.log
383	f3b064aa	Scott Ullrich	news.err;local0.none;local3.none;local4.none; %{$g['varlog_path']}/system.log
384	7e77107f	Scott Ullrich	local7.none %{$g['varlog_path']}/system.log
385	bc328042	Bill Marquette	security.* %{$g['varlog_path']}/system.log
386			auth.info;authpriv.info;daemon.info %{$g['varlog_path']}/system.log
387	a5dba545	Scott Ullrich	local1.* %{$g['varlog_path']}/slbd.log
388	d2834563	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
389	5b237745	Scott Ullrich	.emerg
390
391			EOD;
392	e1c0c35a	Scott Ullrich	}
393	5b237745	Scott Ullrich
394			if (isset($syslogcfg['filter'])) {
395			$syslogconf .= <<<EOD
396			local0.* @{$syslogcfg['remoteserver']}
397
398			EOD;
399			}
400	0f282d7a	Scott Ullrich
401	5b237745	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
402			$syslogconf .= <<<EOD
403			local3.* @{$syslogcfg['remoteserver']}
404	0a123b4c	Scott Ullrich
405	3f2b92d2	Scott Ullrich	EOD;
406			}
407
408	5b237745	Scott Ullrich
409	3f2b92d2	Scott Ullrich	if (isset($syslogcfg['portalauth'])) {
410			$syslogconf .= <<<EOD
411			local4.* @{$syslogcfg['remoteserver']}
412	0a123b4c	Scott Ullrich
413	5b237745	Scott Ullrich	EOD;
414			}
415
416	3f2b92d2	Scott Ullrich
417	5b237745	Scott Ullrich	if (isset($syslogcfg['dhcp'])) {
418			$syslogconf .= <<<EOD
419			local7.* @{$syslogcfg['remoteserver']}
420	0a123b4c	Scott Ullrich
421	5b237745	Scott Ullrich	EOD;
422			}
423
424			if (isset($syslogcfg['system'])) {
425			$syslogconf .= <<<EOD
426	7e77107f	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
427			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
428	5b237745	Scott Ullrich	security.* @{$syslogcfg['remoteserver']}
429			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
430			*.emerg @{$syslogcfg['remoteserver']}
431	d2834563	Scott Ullrich
432	5b237745	Scott Ullrich	EOD;
433			}
434			fwrite($fd, $syslogconf);
435			fclose($fd);
436	0f282d7a	Scott Ullrich
437	9f5b217f	Scott Ullrich	// Are we logging to a least one remote server ?
438			if(strpos($syslogconf, "@") != false)
439			$retval = mwexec("/usr/sbin/syslogd -s -f {$g['varetc_path']}/syslog.conf");
440			else
441			$retval = mwexec("/usr/sbin/syslogd -ss -f {$g['varetc_path']}/syslog.conf");
442	5b237745	Scott Ullrich
443			} else {
444			$retval = mwexec("/usr/sbin/syslogd -ss");
445			}
446	0f282d7a	Scott Ullrich
447	5b237745	Scott Ullrich	if ($g['booting'])
448	5c6d0f65	Colin Smith	echo "done.\n";
449	0f282d7a	Scott Ullrich
450	5b237745	Scott Ullrich	return $retval;
451			}
452
453			function system_pccard_start() {
454	f19d3b7a	Scott Ullrich	global $config, $g;
455	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
456			$mt = microtime();
457	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
458	58c7450e	Scott Ullrich	}
459	0f282d7a	Scott Ullrich
460	5b237745	Scott Ullrich	if ($g['booting'])
461	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
462	0f282d7a	Scott Ullrich
463	5b237745	Scott Ullrich	/* kill any running pccardd */
464			killbypid("{$g['varrun_path']}/pccardd.pid");
465	0f282d7a	Scott Ullrich
466	5b237745	Scott Ullrich	/* fire up pccardd */
467			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
468	0f282d7a	Scott Ullrich
469	5b237745	Scott Ullrich	if ($g['booting']) {
470			if ($res == 0)
471	5c6d0f65	Colin Smith	echo "done.\n";
472	5b237745	Scott Ullrich	else
473	5c6d0f65	Colin Smith	echo "failed!\n";
474	5b237745	Scott Ullrich	}
475	0f282d7a	Scott Ullrich
476	5b237745	Scott Ullrich	return $res;
477			}
478
479	819197a8	Scott Ullrich
480	5b237745	Scott Ullrich	function system_webgui_start() {
481	f19d3b7a	Scott Ullrich	global $config, $g;
482	877ac35d	Scott Ullrich
483			if ($g['booting'])
484	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
485	877ac35d	Scott Ullrich
486	383a4439	Scott Ullrich	/* kill any running lighttpd */
487	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
488
489	e9d0bf64	Scott Ullrich	sleep(1);
490
491	877ac35d	Scott Ullrich	/* generate password file */
492			system_password_configure();
493
494			chdir($g['www_path']);
495
496			/* non-standard port? */
497			if ($config['system']['webgui']['port'])
498	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
499	877ac35d	Scott Ullrich	else
500			$portarg = "";
501
502			if ($config['system']['webgui']['protocol'] == "https") {
503
504	1b2db323	Scott Ullrich	if(!$config['system']['webgui']['port'])
505			$portarg = "443";
506
507	877ac35d	Scott Ullrich	if ($config['system']['webgui']['certificate'] && $config['system']['webgui']['private-key']) {
508			$cert = base64_decode($config['system']['webgui']['certificate']);
509			$key = base64_decode($config['system']['webgui']['private-key']);
510			} else {
511			/* default certificate/key */
512			$cert = <<<EOD
513			-----BEGIN CERTIFICATE-----
514	6e0f3899	Scott Ullrich	MIIDEzCCAnygAwIBAgIJAJM91W+s6qptMA0GCSqGSIb3DQEBBAUAMGUxCzAJBgNV
515			BAYTAlVTMQswCQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UE
516			ChMHcGZTZW5zZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZTAe
517			Fw0wNjAzMTAyMzQ1MTlaFw0xNjAzMDcyMzQ1MTlaMGUxCzAJBgNVBAYTAlVTMQsw
518			CQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UEChMHcGZTZW5z
519			ZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZTCBnzANBgkqhkiG
520			9w0BAQEFAAOBjQAwgYkCgYEA3lPNTFH6qge/ygaqe/BS4oH59O6KvAesWcRzSu5N
521			21lyVE5tBbL0zqOSXmlLyReMSbtAMZqt1P8EPYFoOcaEQHIWm2VQF80Z18+8Gh4O
522			UQGjHq88OeaLqyk3OLpSKzSpXuCFrSN7q9Kez8zp5dQEu7sIW30da3pAbdqYOimA
523			1VsCAwEAAaOByjCBxzAdBgNVHQ4EFgQUAnx+ggC4SzJ0CK+rhPhJ2ZpyunEwgZcG
524			A1UdIwSBjzCBjIAUAnx+ggC4SzJ0CK+rhPhJ2ZpyunGhaaRnMGUxCzAJBgNVBAYT
525			AlVTMQswCQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UEChMH
526			cGZTZW5zZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZYIJAJM9
527			1W+s6qptMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAAviQpdoeabL8
528			1HSZiD7Yjx82pdLpyQOdXvAu3jEAYz53ckx0zSMrzsQ5r7Vae6AE7Xd7Pj+1Yihs
529			AJZzOQujnmsuim7qu6YSxzP34xonKwd1C9tZUlyNRNnEmtXOEDupn05bih1ugtLG
530			kqfPIgDbDLXuPtEAA6QDUypaunI6+1E=
531	877ac35d	Scott Ullrich	-----END CERTIFICATE-----
532	6e0f3899	Scott Ullrich
533	877ac35d	Scott Ullrich	EOD;
534
535			$key = <<<EOD
536			-----BEGIN RSA PRIVATE KEY-----
537	6e0f3899	Scott Ullrich	MIICXgIBAAKBgQDeU81MUfqqB7/KBqp78FLigfn07oq8B6xZxHNK7k3bWXJUTm0F
538			svTOo5JeaUvJF4xJu0Axmq3U/wQ9gWg5xoRAchabZVAXzRnXz7waHg5RAaMerzw5
539			5ourKTc4ulIrNKle4IWtI3ur0p7PzOnl1AS7uwhbfR1rekBt2pg6KYDVWwIDAQAB
540			AoGAP7E0VFP8Aq/7os3sE1uS8y8XQ7L+7cUo/AKKoQHKLjfeyAY7t3FALt6vdPqn
541			anGjkA/j4RIWELoKJfCnwj17703NDCPwB7klcmZvmTx5Om1ZrRyZdQ6RJs0pOOO1
542			r2wOnZNaNWStXE9Afpw3dj20Gh0V/Ioo5HXn3sHfxZm8dnkCQQDwv8OaUdp2Hl8t
543			FDfXB1CMvUG1hEAvbQvZK1ODkE7na2/ChKjVPddEI3DvfzG+nLrNuTrAyVWgRLte
544			r8qX5PQHAkEA7GlKx0S18LdiKo6wy2QeGu6HYkPncaHNFOWX8cTpvGGtQoWYSh0J
545			tjCt1/mz4/XkvZWuZyTNx2FdkVlNF5nHDQJBAIRWVTZqEjVlwpmsCHnp6mxCyHD4
546			DrRDNAUfnNuwIr9xPlDlzUzSnpc1CCqOd5C45LKbRGGfCrN7tKd66FmQoFcCQQCy
547			Kvw3R1pTCvHJnvYwoshphaC0dvaDVeyINiwYAk4hMf/wpVxLZqz+CJvLrB1dzOBR
548			3O+uPjdzbrakpweJpNQ1AkEA3ZtlgEj9eWsLAJP8aKlwB8VqD+EtG9OJSUMnCDiQ
549			WFFNj/t3Ze3IVuAyL/yMpiv3JNEnZhIxCta42eDFpIZAKw==
550	877ac35d	Scott Ullrich	-----END RSA PRIVATE KEY-----
551	6e0f3899	Scott Ullrich
552	877ac35d	Scott Ullrich	EOD;
553			}
554			} else {
555			$cert = "";
556			$key = "";
557			}
558
559			/* generate lighttpd configuration */
560			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
561	1b2db323	Scott Ullrich	$cert, $key, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
562	877ac35d	Scott Ullrich
563			/* attempt to start lighthttpd */
564			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
565
566			if ($g['booting']) {
567			if ($res == 0)
568			echo "done.\n";
569			else
570			echo "failed!\n";
571			}
572
573			return $res;
574			}
575
576			function system_webgui_start_old() {
577			global $config, $g;
578	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
579			$mt = microtime();
580	dcf0598e	Scott Ullrich	echo "system_webgui_start() being called $mt\n";
581	58c7450e	Scott Ullrich	}
582	0f282d7a	Scott Ullrich
583	819197a8	Scott Ullrich	if ($g['booting'])
584	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
585	0f282d7a	Scott Ullrich
586	819197a8	Scott Ullrich	/* kill any running mini_httpd */
587			killbypid("{$g['varrun_path']}/mini_httpd.pid");
588	0f282d7a	Scott Ullrich
589	819197a8	Scott Ullrich	/* generate password file */
590			system_password_configure();
591	0f282d7a	Scott Ullrich
592	819197a8	Scott Ullrich	chdir($g['www_path']);
593	0f282d7a	Scott Ullrich
594	819197a8	Scott Ullrich	/* non-standard port? */
595			if ($config['system']['webgui']['port'])
596			$portarg = "-p {$config['system']['webgui']['port']}";
597			else
598			$portarg = "";
599	0f282d7a	Scott Ullrich
600	819197a8	Scott Ullrich	if ($config['system']['webgui']['protocol'] == "https") {
601	0f282d7a	Scott Ullrich
602	819197a8	Scott Ullrich	if ($config['system']['webgui']['certificate'] && $config['system']['webgui']['private-key']) {
603			$cert = base64_decode($config['system']['webgui']['certificate']);
604	7aae518a	Scott Ullrich	$key = base64_decode($config['system']['webgui']['private-key']);
605	819197a8	Scott Ullrich	} else {
606			/* default certificate/key */
607			$cert = <<<EOD
608	5b237745	Scott Ullrich	-----BEGIN CERTIFICATE-----
609	819197a8	Scott Ullrich	MIIBlDCB/gIBADANBgkqhkiG9w0BAQQFADATMREwDwYDVQQKEwhtMG4wd2FsbDAe
610			Fw0wNTA1MTAxMjI0NDRaFw0wNzA1MTAxMjI0NDRaMBMxETAPBgNVBAoTCG0wbjB3
611			YWxsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAShszhFz+o8lsMWTGgTxs
612			TMPR+v4+qL5jXDyY97MLTGFK7aqQOtpIQc+TcTc4jklgOVlHoR7oBXrsi8YrbCd+
613			83LPQmQoSPC0VqhfU3uYf3NzxiK8r97aPCsmWgwT2pQ6TcESTm6sF7nLprOf/zFP
614			C4jE2fvjkbzyVolPywBuewIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAFR962c4R5tV
615			cTn0OQcszYoW6WC+ini9tQQh5ku5jYDAiC+00atawJEVLnL3lwAcpSKTIWlTkD20
616			tl3lz5br1qFgYky+Rd0kwS2nk9jRbkxSXxd6KJVnNRCKre28aw3ENzZfCSurPQsX
617			UPp5er+NtwMT1g7s/JDmKTC4w1rGr5/c
618	5b237745	Scott Ullrich	-----END CERTIFICATE-----
619	819197a8	Scott Ullrich
620	5b237745	Scott Ullrich	EOD;
621
622	819197a8	Scott Ullrich	$key = <<<EOD
623	5b237745	Scott Ullrich	-----BEGIN RSA PRIVATE KEY-----
624	819197a8	Scott Ullrich	MIICXQIBAAKBgQDAShszhFz+o8lsMWTGgTxsTMPR+v4+qL5jXDyY97MLTGFK7aqQ
625			OtpIQc+TcTc4jklgOVlHoR7oBXrsi8YrbCd+83LPQmQoSPC0VqhfU3uYf3NzxiK8
626			r97aPCsmWgwT2pQ6TcESTm6sF7nLprOf/zFPC4jE2fvjkbzyVolPywBuewIDAQAB
627			AoGAbJJrQW9fQrggJuLMz/hwsYW2m31oyOBmf5u463YQtjRuSuxe/gj87weZuNqY
628			H2rXq2k2K+ehl8hgW+egASyUL3L7kCkEAsVREujKTEyhSqqIRDPWTxo9S/YA9Gvn
629			2ZnJvkrcKjqCO9aHX3rvJOK/ErYI6akctgI3KmgkYw5XNmECQQDuZU97RTWH9rmP
630			aQr57ysNXxgFsyhetOOqeYkPtIVwpOiNbfwE1zi5RGdtO4Ku3fG1lV4J2UoWJ9yD
631			awdoyYIHAkEAzn0xJ90IjPsHk+8SODEj5JGdHSZPNu1tgtrbjEi9sfGWg4K7XTxr
632			QW90pWb1bKKU1uh5FzW6OhnFfuQXt1kC7QJAPSthqY+onKqCEnoxhtAHi/bKgyvl
633			P+fKQwPMV2tKkgy+XwvJjrRqqZ8TqsOKVLQ+QQmCh6RpjiXMPyxHSmvqIQJBAKLR
634			HF1ucDuaBROkwx0DwmWMW/KMLpIFDQDNSaiIAuu4rxHrl4mhBoGGPNffI04RtILw
635			s+qVNs5xW8T+XaT4ztECQQDFHPnZeoPWE5z+AX/UUQIUWaDExz3XRzmIxRbOrlFi
636			CsF1s0TdJLi/wzNQRAL37A8vqCeVFR/ng3Xpg96Yg+8Z
637	5b237745	Scott Ullrich	-----END RSA PRIVATE KEY-----
638	208e9a9c	Scott Ullrich
639	819197a8	Scott Ullrich	EOD;
640			}
641	333f8ef0	Scott Ullrich
642	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
643			$key = str_replace("\r", "", $key);
644	333f8ef0	Scott Ullrich
645	819197a8	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/cert.pem", "w");
646			if (!$fd) {
647			printf("Error: cannot open cert.pem in system_webgui_start().\n");
648			return 1;
649			}
650			chmod("{$g['varetc_path']}/cert.pem", 0600);
651			fwrite($fd, $cert);
652			fwrite($fd, "\n");
653			fwrite($fd, $key);
654			fclose($fd);
655
656			$res = mwexec("/usr/local/sbin/mini_httpd -S -E {$g['varetc_path']}/cert.pem" .
657			" -c \".php\|.cgi\" -u root -maxproc 16 $portarg" .
658			" -i {$g['varrun_path']}/mini_httpd.pid");
659			} else {
660			$res = mwexec("/usr/local/sbin/mini_httpd -c \".php\|.cgi\" -u root" .
661			" -maxproc 16 $portarg -i {$g['varrun_path']}/mini_httpd.pid");
662			}
663	0f282d7a	Scott Ullrich
664	819197a8	Scott Ullrich	if ($g['booting']) {
665			if ($res == 0)
666			echo "done\n";
667			else
668			echo "failed\n";
669			}
670	a632cf43	Scott Ullrich
671	819197a8	Scott Ullrich	return $res;
672	a632cf43	Scott Ullrich	}
673
674	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
675			$cert,
676			$key,
677			$pid_file,
678			$port = 80,
679			$document_root = "/usr/local/www/",
680			$cert_location = "cert.pem",
681	b5317d07	Scott Ullrich	$max_procs = 2,
682	eb0f441c	Scott Ullrich	$max_requests = "1",
683			$fast_cgi_enable = true,
684			$captive_portal = false) {
685	58c7450e	Scott Ullrich
686	f19d3b7a	Scott Ullrich	global $config, $g;
687
688	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
689			$mt = microtime();
690	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
691	58c7450e	Scott Ullrich	}
692
693	eb0f441c	Scott Ullrich	if($captive_portal == true) {
694			$captiveportal = ",\"mod_rewrite\"";
695	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
696	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
697			$maxprocperip = $config['captiveportal']['maxprocperip'];
698	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
699			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
700			else
701			$captive_portal_mod_evasive = "";
702	9db733ca	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"/tmp/captiveportal/\" )\n";
703			exec("mkdir -p /tmp/captiveportal");
704			exec("chmod a-w /tmp/captiveportal");
705	5a244130	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
706	b0bdc06e	Scott Ullrich	} else {
707			$captive_portal_module = "";
708			$captive_portal_mod_evasive = "";
709	9db733ca	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n";
710	5a244130	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
711	eb0f441c	Scott Ullrich	}
712
713	28cae949	Scott Ullrich	if($port <> "")
714			$lighty_port = $port;
715			else
716			$lighty_port = "80";
717	3d77d4c4	Scott Ullrich
718			$memory = get_memory();
719			$avail = $memory[0];
720
721	b0bdc06e	Scott Ullrich	if($avail > 0 and $avail < 98) {
722	f994f4d6	Scott Ullrich	$max_procs = 1;
723			$max_requests = 1;
724	52624d2c	Scott Ullrich	}
725	1a043fa7	Scott Ullrich
726	b0bdc06e	Scott Ullrich	if($avail > 97 and $avail < 128) {
727	b858851d	Scott Ullrich	$max_procs = 1;
728			$max_requests = 3;
729	b0bdc06e	Scott Ullrich	}
730
731	b858851d	Scott Ullrich	if($avail > 127 and $avail < 256) {
732			$max_procs = 1;
733			$max_requests = 5;
734			}
735	b0bdc06e	Scott Ullrich
736	b858851d	Scott Ullrich	if($avail > 255 and $avail < 384) {
737			$max_procs = 3;
738			$max_requests = 10;
739			}
740	b0bdc06e	Scott Ullrich
741	14b1ec94	Chris Buechler	if($avail > 384) {
742	b858851d	Scott Ullrich	$max_procs = 4;
743			$max_requests = 16;
744			}
745	b0bdc06e	Scott Ullrich
746	e4397563	Scott Ullrich	if($captive_portal == true) {
747			$bin_environment = <<<EOC
748			"bin-environment" => (
749			"PHP_FCGI_CHILDREN" => "16",
750			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
751			),
752			EOC;
753
754			} else {
755			$bin_environment = "";
756			}
757
758	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
759	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
760	4edb490d	Scott Ullrich	$cgi_config = "";
761			$fastcgi_config = <<<EOD
762			#### fastcgi module
763			## read fastcgi.txt for more info
764	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
765			( "localhost" =>
766			(
767			"socket" => "/tmp/php-fastcgi.socket",
768			"min-procs" => 1,
769			"max-procs" => {$max_procs},
770	472d46e7	Scott Ullrich	"idle-timeout" => 0,
771	e4397563	Scott Ullrich	{$bin_environment}
772	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
773			)
774			)
775			)
776	4edb490d	Scott Ullrich
777	dde4f60c	Scott Ullrich	#### CGI module
778	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
779	dde4f60c	Scott Ullrich
780	4edb490d	Scott Ullrich	EOD;
781			} else {
782			$fastcgi_config = "";
783			$module = "\"mod_cgi\"";
784			$cgi_config = <<<EOD
785			#### CGI module
786			cgi.assign = ( ".php" => "/usr/local/bin/php",
787	d4302f46	Espen Johansen	".cgi" => "" )
788	333f8ef0	Scott Ullrich
789	4edb490d	Scott Ullrich	EOD;
790			}
791	333f8ef0	Scott Ullrich
792	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
793	28cae949	Scott Ullrich	#
794	a632cf43	Scott Ullrich	# lighttpd configuration file
795			#
796			# use a it as base for lighttpd 1.0.0 and above
797	28cae949	Scott Ullrich	#
798	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
799
800	770b4b9c	Scott Ullrich	## FreeBSD!
801			server.event-handler = "freebsd-kqueue"
802	e4397563	Scott Ullrich	server.network-backend = "writev" ## Fixes 7.x upload issues
803	770b4b9c	Scott Ullrich
804	d25b4a55	Scott Ullrich	{$network_handler}
805	096261af	Scott Ullrich
806	a632cf43	Scott Ullrich	## modules to load
807	4edb490d	Scott Ullrich	server.modules = (
808	b0bdc06e	Scott Ullrich	{$captive_portal_module}
809	ee959dc4	Scott Ullrich	"mod_access", "mod_accesslog",
810	eb0f441c	Scott Ullrich	{$module}{$captiveportal}
811	4edb490d	Scott Ullrich	)
812	28cae949	Scott Ullrich
813			## Unused modules
814	6a019c11	Scott Ullrich	# "mod_setenv",
815			# "mod_compress"
816			# "mod_redirect",
817			# "mod_rewrite",
818	28cae949	Scott Ullrich	# "mod_ssi",
819			# "mod_usertrack",
820			# "mod_expire",
821			# "mod_secdownload",
822			# "mod_rrdtool",
823	a632cf43	Scott Ullrich	# "mod_auth",
824			# "mod_status",
825	28cae949	Scott Ullrich	# "mod_alias",
826	a632cf43	Scott Ullrich	# "mod_proxy",
827			# "mod_simple_vhost",
828			# "mod_evhost",
829			# "mod_userdir",
830	28cae949	Scott Ullrich	# "mod_cgi",
831			# "mod_accesslog"
832	a632cf43	Scott Ullrich
833			## a static document-root, for virtual-hosting take look at the
834			## server.virtual-* options
835	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
836	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
837	a632cf43	Scott Ullrich
838	472d46e7	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
839			server.max-write-idle = 999
840
841	a632cf43	Scott Ullrich	## where to send error-messages to
842	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
843	a632cf43	Scott Ullrich
844			# files to check for if .../ is requested
845			server.indexfiles = ( "index.php", "index.html",
846			"index.htm", "default.htm" )
847
848			# mimetype mapping
849			mimetype.assign = (
850			".pdf" => "application/pdf",
851			".sig" => "application/pgp-signature",
852			".spl" => "application/futuresplash",
853			".class" => "application/octet-stream",
854			".ps" => "application/postscript",
855			".torrent" => "application/x-bittorrent",
856			".dvi" => "application/x-dvi",
857			".gz" => "application/x-gzip",
858			".pac" => "application/x-ns-proxy-autoconfig",
859			".swf" => "application/x-shockwave-flash",
860			".tar.gz" => "application/x-tgz",
861			".tgz" => "application/x-tgz",
862			".tar" => "application/x-tar",
863			".zip" => "application/zip",
864			".mp3" => "audio/mpeg",
865			".m3u" => "audio/x-mpegurl",
866			".wma" => "audio/x-ms-wma",
867			".wax" => "audio/x-ms-wax",
868			".ogg" => "audio/x-wav",
869			".wav" => "audio/x-wav",
870			".gif" => "image/gif",
871			".jpg" => "image/jpeg",
872			".jpeg" => "image/jpeg",
873			".png" => "image/png",
874			".xbm" => "image/x-xbitmap",
875			".xpm" => "image/x-xpixmap",
876			".xwd" => "image/x-xwindowdump",
877			".css" => "text/css",
878			".html" => "text/html",
879			".htm" => "text/html",
880			".js" => "text/javascript",
881			".asc" => "text/plain",
882			".c" => "text/plain",
883			".conf" => "text/plain",
884			".text" => "text/plain",
885			".txt" => "text/plain",
886			".dtd" => "text/xml",
887			".xml" => "text/xml",
888			".mpeg" => "video/mpeg",
889			".mpg" => "video/mpeg",
890			".mov" => "video/quicktime",
891			".qt" => "video/quicktime",
892			".avi" => "video/x-msvideo",
893			".asf" => "video/x-ms-asf",
894			".asx" => "video/x-ms-asf",
895			".wmv" => "video/x-ms-wmv",
896			".bz2" => "application/x-bzip",
897			".tbz" => "application/x-bzip-compressed-tar",
898			".tar.bz2" => "application/x-bzip-compressed-tar"
899			)
900
901			# Use the "Content-Type" extended attribute to obtain mime type if possible
902			#mimetypes.use-xattr = "enable"
903
904			#### accesslog module
905	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
906	a632cf43	Scott Ullrich
907			## deny access the file-extensions
908			#
909			# ~ is for backupfiles from vi, emacs, joe, ...
910			# .inc is often used for code includes which should in general not be part
911			# of the document-root
912			url.access-deny = ( "~", ".inc" )
913
914
915			######### Options that are good to be but not neccesary to be changed #######
916
917			## bind to port (default: 80)
918	28cae949	Scott Ullrich	server.port = {$lighty_port}
919	a632cf43	Scott Ullrich
920			## error-handler for status 404
921			#server.error-handler-404 = "/error-handler.html"
922			#server.error-handler-404 = "/error-handler.php"
923
924			## to help the rc.scripts
925			server.pid-file = "/var/run/{$pid_file}"
926
927			## virtual directory listings
928	28cae949	Scott Ullrich	server.dir-listing = "disable"
929	a632cf43	Scott Ullrich
930			## enable debugging
931	28cae949	Scott Ullrich	debug.log-request-header = "disable"
932			debug.log-response-header = "disable"
933			debug.log-request-handling = "disable"
934			debug.log-file-not-found = "disable"
935	a632cf43	Scott Ullrich
936			#### compress module
937			#compress.cache-dir = "/tmp/lighttpd/cache/compress/"
938			#compress.filetype = ("text/plain", "text/html")
939
940	ee959dc4	Scott Ullrich	#server.network-backend = "writev"
941
942	9db733ca	Scott Ullrich	{$server_upload_dirs}
943	1ef7b568	Scott Ullrich
944	4604d1e7	Scott Ullrich	{$server_max_request_size}
945	ee959dc4	Scott Ullrich
946	4edb490d	Scott Ullrich	{$fastcgi_config}
947
948			{$cgi_config}
949	a632cf43	Scott Ullrich
950	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
951
952	a632cf43	Scott Ullrich	EOD;
953
954	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
955	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
956	7aae518a	Scott Ullrich
957			$cert = str_replace("\n\n", "\n", $cert);
958	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
959	7aae518a	Scott Ullrich
960	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
961	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
962	5b237745	Scott Ullrich	if (!$fd) {
963			printf("Error: cannot open cert.pem in system_webgui_start().\n");
964			return 1;
965			}
966	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
967	5b237745	Scott Ullrich	fwrite($fd, $cert);
968			fwrite($fd, "\n");
969			fwrite($fd, $key);
970			fclose($fd);
971	a632cf43	Scott Ullrich	$lighty_config .= "\n";
972	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
973	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
974	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
975	5b237745	Scott Ullrich	}
976	0f282d7a	Scott Ullrich
977	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
978	a632cf43	Scott Ullrich	if (!$fd) {
979	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
980	a632cf43	Scott Ullrich	return 1;
981	5b237745	Scott Ullrich	}
982	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
983			fclose($fd);
984
985			return 0;
986	0f282d7a	Scott Ullrich
987	5b237745	Scott Ullrich	}
988
989			function system_password_configure() {
990	f19d3b7a	Scott Ullrich	global $config, $g;
991	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
992			$mt = microtime();
993	dcf0598e	Scott Ullrich	echo "system_password_configure() being called $mt\n";
994	f19d3b7a	Scott Ullrich	}
995
996	0d174c5f	Scott Ullrich	/* sync passwords */
997			sync_webgui_passwords();
998
999			/* !NOTE! conf_mount_ro is done by sync_webgui_passwords() */
1000	0f282d7a	Scott Ullrich
1001	5b237745	Scott Ullrich	return 0;
1002			}
1003
1004			function system_timezone_configure() {
1005	f19d3b7a	Scott Ullrich	global $config, $g;
1006	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1007			$mt = microtime();
1008	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1009	333f8ef0	Scott Ullrich	}
1010	5b237745	Scott Ullrich
1011			$syscfg = $config['system'];
1012
1013			if ($g['booting'])
1014	f05740c1	Scott Ullrich	echo "Setting timezone...";
1015	5b237745	Scott Ullrich
1016			/* extract appropriate timezone file */
1017			$timezone = $syscfg['timezone'];
1018			if (!$timezone)
1019			$timezone = "Etc/UTC";
1020	0f282d7a	Scott Ullrich
1021	34febcde	Scott Ullrich	conf_mount_rw();
1022
1023	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1024	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1025
1026	eb5814ae	Scott Ullrich	mwexec("sync");
1027	27150275	Scott Ullrich	conf_mount_ro();
1028	34febcde	Scott Ullrich
1029	5b237745	Scott Ullrich	if ($g['booting'])
1030	5c6d0f65	Colin Smith	echo "done.\n";
1031	5b237745	Scott Ullrich	}
1032
1033			function system_ntp_configure() {
1034	f19d3b7a	Scott Ullrich	global $config, $g;
1035	5b237745	Scott Ullrich
1036			$syscfg = $config['system'];
1037
1038	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1039			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1040			if(!$fd) {
1041	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1042	20b90e0a	Scott Ullrich	return;
1043	5b237745	Scott Ullrich	}
1044
1045	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1046			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1047			fwrite($fd, "# \n\n");
1048	0f282d7a	Scott Ullrich
1049	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1050			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1051			fwrite($fd, "servers {$ts}\n");
1052	0f282d7a	Scott Ullrich
1053	95594e5a	Scott Ullrich	/* server config is in coregui1 */
1054			$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1055			if ($xmlsettings['enable'] == 'on') {
1056			$ifaces = explode(',', $xmlsettings['interface']);
1057			$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
1058			$ifaces = array_filter($ifaces, 'does_interface_exist');
1059			$ips = array_map('find_interface_ip', $ifaces);
1060			foreach ($ips as $ip) {
1061			if (is_ipaddr($ip))
1062			fwrite($fd, "listen on $ip\n");
1063			}
1064			}
1065
1066	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1067	0f282d7a	Scott Ullrich
1068	20b90e0a	Scott Ullrich	/* slurp! */
1069			fclose($fd);
1070
1071			/* if openntpd is running, kill it */
1072	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1073	ba1e7572	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
1074	5f3e1f12	Scott Ullrich	}
1075
1076			/* if /var/empty does not exist, create it */
1077			if(!is_dir("/var/empty"))
1078			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1079
1080	4f46cd86	Scott Ullrich	if($g['booting'])
1081			return;
1082	20b90e0a	Scott Ullrich
1083			/* start opentpd, set time now and use /var/etc/ntpd.conf */
1084			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1085	0f282d7a	Scott Ullrich
1086	5b237745	Scott Ullrich	}
1087
1088	652cf082	Seth Mos	function sync_system_time() {
1089			global $config, $g;
1090
1091			$syscfg = $config['system'];
1092
1093			if ($g['booting'])
1094	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1095	652cf082	Seth Mos
1096			/* foreach through servers and write out to ntpd.conf */
1097			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1098			mwexec("/usr/sbin/ntpdate -s $ts");
1099			}
1100	4582b281	Scott Ullrich
1101			if ($g['booting'])
1102			echo "done.\n";
1103
1104	652cf082	Seth Mos	}
1105
1106	405e5de0	Scott Ullrich	function system_halt() {
1107			global $g;
1108
1109			system_reboot_cleanup();
1110
1111			mwexec("nohup /etc/rc.halt > /dev/null 2>&1 &");
1112			}
1113
1114	5b237745	Scott Ullrich	function system_reboot() {
1115			global $g;
1116	0f282d7a	Scott Ullrich
1117	5b237745	Scott Ullrich	system_reboot_cleanup();
1118	0f282d7a	Scott Ullrich
1119	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1120			}
1121
1122			function system_reboot_sync() {
1123			global $g;
1124	0f282d7a	Scott Ullrich
1125	5b237745	Scott Ullrich	system_reboot_cleanup();
1126	0f282d7a	Scott Ullrich
1127	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1128			}
1129
1130			function system_reboot_cleanup() {
1131	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1132	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1133			}
1134
1135			function system_do_shell_commands($early = 0) {
1136	f19d3b7a	Scott Ullrich	global $config, $g;
1137	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1138			$mt = microtime();
1139	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1140	58c7450e	Scott Ullrich	}
1141	0f282d7a	Scott Ullrich
1142	5b237745	Scott Ullrich	if ($early)
1143			$cmdn = "earlyshellcmd";
1144			else
1145			$cmdn = "shellcmd";
1146	0f282d7a	Scott Ullrich
1147	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1148	333f8ef0	Scott Ullrich
1149	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1150	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1151			exec($cmd);
1152			}
1153	245388b4	Scott Ullrich
1154			} elseif($config['system'][$cmdn] <> "") {
1155	333f8ef0	Scott Ullrich
1156	245388b4	Scott Ullrich	/* execute single item */
1157			exec($config['system'][$cmdn]);
1158
1159	5b237745	Scott Ullrich	}
1160			}
1161
1162			function system_console_configure() {
1163	f19d3b7a	Scott Ullrich	global $config, $g;
1164	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1165			$mt = microtime();
1166	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1167	333f8ef0	Scott Ullrich	}
1168	0f282d7a	Scott Ullrich
1169	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1170			touch("{$g['varetc_path']}/disableconsole");
1171			} else {
1172			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1173			}
1174			}
1175
1176			function system_dmesg_save() {
1177	f19d3b7a	Scott Ullrich	global $g;
1178	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1179			$mt = microtime();
1180	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1181	f19d3b7a	Scott Ullrich	}
1182	0f282d7a	Scott Ullrich
1183	767a716e	Scott Ullrich	$dmesg = "";
1184	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1185	0f282d7a	Scott Ullrich
1186	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1187			$lastcpline = 0;
1188	0f282d7a	Scott Ullrich
1189	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1190			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1191			$lastcpline = $i;
1192			}
1193	0f282d7a	Scott Ullrich
1194	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1195			if (!$fd) {
1196			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1197			return 1;
1198			}
1199	0f282d7a	Scott Ullrich
1200	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1201			fwrite($fd, $dmesg[$i] . "\n");
1202	0f282d7a	Scott Ullrich
1203	5b237745	Scott Ullrich	fclose($fd);
1204	0f282d7a	Scott Ullrich
1205	5b237745	Scott Ullrich	return 0;
1206			}
1207
1208			function system_set_harddisk_standby() {
1209	f19d3b7a	Scott Ullrich	global $g, $config;
1210	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1211			$mt = microtime();
1212	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1213	58c7450e	Scott Ullrich	}
1214	5b237745	Scott Ullrich
1215			if (isset($config['system']['harddiskstandby'])) {
1216			if ($g['booting']) {
1217	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1218	5b237745	Scott Ullrich	}
1219
1220			$standby = $config['system']['harddiskstandby'];
1221			// Check for a numeric value
1222			if (is_numeric($standby)) {
1223			// Sync the disk(s)
1224			mwexec('/bin/sync');
1225			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1226			// Reinitialize ATA-drives
1227			mwexec('/usr/local/sbin/atareinit');
1228			if ($g['booting']) {
1229	5c6d0f65	Colin Smith	echo "done.\n";
1230	5b237745	Scott Ullrich	}
1231			} else if ($g['booting']) {
1232	5c6d0f65	Colin Smith	echo "failed!\n";
1233	5b237745	Scott Ullrich	}
1234			} else if ($g['booting']) {
1235	5c6d0f65	Colin Smith	echo "failed!\n";
1236	5b237745	Scott Ullrich	}
1237			}
1238			}
1239
1240	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1241	f19d3b7a	Scott Ullrich	global $config;
1242	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1243			$mt = microtime();
1244	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1245	58c7450e	Scott Ullrich	}
1246	243aa7b9	Scott Ullrich
1247	3ff9d424	Scott Ullrich	$sysctl = return_filename_as_array("/etc/sysctl.conf");
1248			foreach($sysctl as $sysc) {
1249	73a80049	Chris Buechler	$sysc = rtrim($sysc);
1250	89f7e23c	Scott Ullrich	if($sysc <> "")
1251	beae8857	Scott Ullrich	mwexec("sysctl {$sysc} 2>/dev/null");
1252	3ff9d424	Scott Ullrich	}
1253	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1254			system_disable_arp_wrong_if();
1255			}
1256			}
1257
1258			function system_disable_arp_wrong_if() {
1259	f19d3b7a	Scott Ullrich	global $config;
1260	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1261			$mt = microtime();
1262	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1263	333f8ef0	Scott Ullrich	}
1264	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1265	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1266	3ff9d424	Scott Ullrich	}
1267
1268	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1269	f19d3b7a	Scott Ullrich	global $config;
1270	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1271			$mt = microtime();
1272	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1273	58c7450e	Scott Ullrich	}
1274	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1275	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1276	243aa7b9	Scott Ullrich	}
1277
1278	854a64d1	Scott Ullrich	?>

Project

General

Profile

pfSense