/etc/inc/config.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/config.inc @ 10f0a7f0

1	5b237745	Scott Ullrich	<?php
2	f5da67d0	Bill Marquette	/***h pfSense/config
3			* NAME
4			* config.inc - Functions to manipulate config.xml
5			* DESCRIPTION
6			* This include contains various config.xml specific functions.
7			* HISTORY
8			* $Id$
9			******
10
11	5b237745	Scott Ullrich	config.inc
12	0e16b9ca	Scott Ullrich	Copyright (C) 2004-2006 Scott Ullrich
13	cfc707f7	Scott Ullrich	All rights reserved.
14	5b237745	Scott Ullrich
15	cfc707f7	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
16	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
17			All rights reserved.
18
19			Redistribution and use in source and binary forms, with or without
20			modification, are permitted provided that the following conditions are met:
21
22			1. Redistributions of source code must retain the above copyright notice,
23			this list of conditions and the following disclaimer.
24
25			2. Redistributions in binary form must reproduce the above copyright
26			notice, this list of conditions and the following disclaimer in the
27			documentation and/or other materials provided with the distribution.
28
29			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
30			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
31			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
32			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
33			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
34			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
35			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
36			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
37			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
38			POSSIBILITY OF SUCH DAMAGE.
39			*/
40	11f869ea	Ermal Luçi	/*
41			* XXX: Hack around the cvs syntax checks.
42			* DISABLE_PHP_LINT_CHECKING
43			*/
44
45	5b237745	Scott Ullrich
46	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
47
48	96447b25	Scott Ullrich	/* do not load this file twice. */
49			if($config_inc_loaded == true)
50			return;
51			else
52			$config_inc_loaded = true;
53
54	5b237745	Scott Ullrich	/* include globals/utility/XML parser files */
55			require_once("globals.inc");
56	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
57	5b237745	Scott Ullrich	require_once("util.inc");
58	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
59	5b237745	Scott Ullrich	require_once("xmlparse.inc");
60	67fc82b5	Ermal Lu?i	if($g['booting']) echo ".";
61			require_once("crypt.inc");
62	5b237745	Scott Ullrich
63			/* read platform */
64	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
65	5b237745	Scott Ullrich	if (file_exists("{$g['etc_path']}/platform")) {
66			$g['platform'] = chop(file_get_contents("{$g['etc_path']}/platform"));
67			} else {
68			$g['platform'] = "unknown";
69			}
70
71	727a2b91	Scott Ullrich	/* if /debugging exists, lets set $debugging
72			so we can output more information */
73	1324a93a	Scott Ullrich	if(file_exists("/debugging")) {
74	727a2b91	Scott Ullrich	$debugging = true;
75	1324a93a	Scott Ullrich	$g['debug'] = true;
76			}
77	727a2b91	Scott Ullrich
78	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
79	49ed889c	Scott Ullrich	if(file_exists("/cf/conf/config.xml")) {
80			$config_contents = file_get_contents("/cf/conf/config.xml");
81	0394c816	Scott Ullrich	if(stristr($config_contents, "<m0n0wall>") == true) {
82	87294955	Scott Ullrich	if($g['booting']) echo ".";
83	49ed889c	Scott Ullrich	/* user has just upgraded to m0n0wall, replace root xml tags */
84	5e2a2a1e	Scott Ullrich	log_error("Upgrading m0n0wall configuration to pfSense... ");
85	d9413241	Scott Ullrich	$config_contents = str_replace("m0n0wall","pfsense", $config_contents);
86	d2b70684	Scott Ullrich	if (!config_validate("{$g['conf_path']}/config.xml"))
87	37db27bb	Scott Ullrich	log_error("ERROR! Could not convert m0n0wall -> pfsense in config.xml");
88	9bbf0b4e	Scott Ullrich	conf_mount_rw();
89	49ed889c	Scott Ullrich	$fd = fopen("/cf/conf/config.xml", "w");
90			fwrite($fd, $config_contents);
91			fclose($fd);
92	37db27bb	Scott Ullrich	conf_mount_ro();
93	49ed889c	Scott Ullrich	}
94	e9208daf	Scott Ullrich	}
95	727a2b91	Scott Ullrich
96	6e8c1d1c	Scott Ullrich	/* if our config file exists bail out, we're already set. */
97			if ($g['booting'] and !file_exists($g['cf_conf_path'] . "/config.xml") ) {
98	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
99	5b237745	Scott Ullrich	/* find the device where config.xml resides and write out an fstab */
100			unset($cfgdevice);
101	87294955	Scott Ullrich	if($g['booting']) echo ".";
102	5b237745	Scott Ullrich	/* check if there's already an fstab (NFS booting?) */
103			if (!file_exists("{$g['etc_path']}/fstab")) {
104	87294955	Scott Ullrich	if($g['booting']) echo ".";
105	5b237745	Scott Ullrich	if (strstr($g['platform'], "cdrom")) {
106			/* config is on floppy disk for CD-ROM version */
107			$cfgdevice = $cfgpartition = "fd0";
108	e76de94e	Scott Ullrich	$dmesg = `dmesg -a`;
109	da9de371	Scott Ullrich	if(ereg("da0", $dmesg) == true) {
110	e76de94e	Scott Ullrich	$cfgdevice = $cfgpartition = "da0" ;
111	da9de371	Scott Ullrich	if (mwexec("/sbin/mount -r /dev/{$cfgdevice} /cf")) {
112	e76de94e	Scott Ullrich	/* could not mount, fallback to floppy */
113			$cfgdevice = $cfgpartition = "fd0";
114			}
115			}
116	a7592ba0	Scott Ullrich	$cfgfstype = "msdosfs";
117	c3cbc094	Scott Ullrich	echo "CDROM build\n";
118			echo " CFG: {$cfgpartition}\n";
119			echo " TYPE: {$cfgfstype}\n";
120	5b237745	Scott Ullrich	} else {
121	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
122	5b237745	Scott Ullrich	/* probe kernel known disks until we find one with config.xml */
123			$disks = explode(" ", trim(preg_replace("/kern.disks: /", "", exec("/sbin/sysctl kern.disks"))));
124			foreach ($disks as $mountdisk) {
125			/* skip mfs mounted filesystems */
126			if (strstr($mountdisk, "md"))
127			continue;
128			if (mwexec("/sbin/mount -r /dev/{$mountdisk}a {$g['cf_path']}") == 0) {
129			if (file_exists("{$g['cf_conf_path']}/config.xml")) {
130			/* found it */
131			$cfgdevice = $mountdisk;
132			$cfgpartition = $cfgdevice . "a";
133			$cfgfstype = "ufs";
134			echo "Found configuration on $cfgdevice.\n";
135			}
136
137			mwexec("/sbin/umount -f {$g['cf_path']}");
138
139	655a80eb	Scott Ullrich	if ($cfgdevice)
140			break;
141			}
142			if (mwexec("/sbin/mount -r /dev/{$mountdisk}d {$g['cf_path']}") == 0) {
143	87294955	Scott Ullrich	if($g['booting']) echo ".";
144	655a80eb	Scott Ullrich	if (file_exists("{$g['cf_conf_path']}/config.xml")) {
145			/* found it */
146			$cfgdevice = $mountdisk;
147	4de945fa	Scott Ullrich	$cfgpartition = $cfgdevice . "d";
148	655a80eb	Scott Ullrich	$cfgfstype = "ufs";
149			echo "Found configuration on $cfgdevice.\n";
150			}
151
152			mwexec("/sbin/umount -f {$g['cf_path']}");
153
154	5b237745	Scott Ullrich	if ($cfgdevice)
155			break;
156			}
157			}
158			}
159	1d9652cf	Scott Ullrich	if($g['booting']) echo ".";
160	5b237745	Scott Ullrich	if (!$cfgdevice) {
161	1a23410c	Scott Ullrich	$last_backup = discover_last_backup();
162			if($last_backup) {
163			log_error("No config.xml found, attempting last known config restore.");
164	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
165	1a23410c	Scott Ullrich	restore_backup("/cf/conf/backup/{$last_backup}");
166			} else {
167	791bcfd4	Bill Marquette	log_error("No config.xml or config backups found, resetting to factory defaults.");
168	c755c016	Bill Marquette	restore_backup('/conf.default/config.xml');
169	1a23410c	Scott Ullrich	}
170	5b237745	Scott Ullrich	}
171
172			/* write device name to a file for rc.firmware */
173			$fd = fopen("{$g['varetc_path']}/cfdevice", "w");
174			fwrite($fd, $cfgdevice . "\n");
175			fclose($fd);
176
177			/* write out an fstab */
178			$fd = fopen("{$g['etc_path']}/fstab", "w");
179
180			$fstab = "/dev/{$cfgpartition} {$g['cf_path']} {$cfgfstype} ro 1 1\n";
181			$fstab .= "proc /proc procfs rw 0 0\n";
182
183			fwrite($fd, $fstab);
184			fclose($fd);
185			}
186	87294955	Scott Ullrich	if($g['booting']) echo ".";
187	5b237745	Scott Ullrich	/* mount all filesystems */
188			mwexec("/sbin/mount -a");
189			}
190
191	5025a56c	Scott Ullrich	/***f config/encrypted_configxml
192			* NAME
193			* encrypted_configxml - Checks to see if config.xml is encrypted and if so, prompts to unlock.
194			* INPUTS
195			* None
196			* RESULT
197			* $config - rewrites config.xml without encryption
198			******/
199			function encrypted_configxml() {
200			global $g, $config;
201			if(file_exists($g['conf_path'] . "/config.xml")) {
202			if($g['booting']) {
203			$configtxt = file_get_contents($g['conf_path'] . "/config.xml");
204	864bbcdd	Scott Ullrich	if(tagfile_deformat($configtxt, $configtxt, "config.xml")) {
205	5025a56c	Scott Ullrich	$fp = fopen('php://stdin', 'r');
206			$data = "";
207			echo "\n\n* Encrypted config.xml detected *\n";
208			while($data == "") {
209			echo "\nEnter the password to decrypt config.xml: ";
210			$decrypt_password = chop(fgets($fp));
211			$data = decrypt_data($configtxt, $decrypt_password);
212	adb0c767	Scott Ullrich	if(!strstr($data, "<pfsense>"))
213	f45e6a3b	Scott Ullrich	$data = "";
214	5025a56c	Scott Ullrich	if($data) {
215			$fd = fopen($g['conf_path'] . "/config.xml", "w");
216			fwrite($fd, $data);
217			fclose($fd);
218			echo "\nConfig.xml unlocked.\n";
219			fclose($fp);
220			} else {
221	332ccd2b	Scott Ullrich	echo "\nInvalid password entered. Please try again.\n";
222	5025a56c	Scott Ullrich	}
223			}
224			}
225			}
226			}
227			}
228
229	f5da67d0	Bill Marquette	/***f config/parse_config
230			* NAME
231			* parse_config - Read in config.cache or config.xml if needed and return $config array
232			* INPUTS
233			* $parse - boolean to force parse_config() to read config.xml and generate config.cache
234			* RESULT
235			* $config - array containing all configuration variables
236			******/
237	781beaaa	Colin Smith	function parse_config($parse = false) {
238	baa7645c	Colin Smith	global $g;
239	0027de0a	Ermal Lu?i
240			$lockkey = lock('config');
241			if (filesize("{$g['conf_path']}/config.xml") == 0) {
242	1b07cd63	Scott Ullrich	$last_backup = discover_last_backup();
243			if($last_backup) {
244			log_error("No config.xml found, attempting last known config restore.");
245	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
246	1b07cd63	Scott Ullrich	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
247			} else {
248	0027de0a	Ermal Lu?i	unlock($lockkey);
249	1b07cd63	Scott Ullrich	die("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.");
250			}
251			}
252	87294955	Scott Ullrich	if($g['booting']) echo ".";
253	5025a56c	Scott Ullrich	// Check for encrypted config.xml
254			encrypted_configxml();
255	781beaaa	Colin Smith	if(!$parse) {
256			if(file_exists($g['tmp_path'] . '/config.cache')) {
257			$config = unserialize(file_get_contents($g['tmp_path'] . '/config.cache'));
258	baa7645c	Colin Smith	if(is_null($config)) {
259	0027de0a	Ermal Lu?i	unlock($lockkey);
260	baa7645c	Colin Smith	parse_config(true);
261			}
262	781beaaa	Colin Smith	} else {
263	db9db2a8	Scott Ullrich	if(!file_exists($g['conf_path'] . "/config.xml")) {
264	a0a0c545	Scott Ullrich	log_error("No config.xml found, attempting last known config restore.");
265	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
266	db9db2a8	Scott Ullrich	$last_backup = discover_last_backup();
267			if ($last_backup)
268			restore_backup("/cf/conf/backup/{$last_backup}");
269			else
270	a0a0c545	Scott Ullrich	log_error("Could not restore config.xml.");
271	db9db2a8	Scott Ullrich	}
272	0027de0a	Ermal Lu?i	unlock($lockkey);
273	baa7645c	Colin Smith	$config = parse_config(true);
274	0027de0a	Ermal Lu?i	$lockkey = lock('config');
275	781beaaa	Colin Smith	}
276	ffd1b445	Scott Ullrich	} else {
277	63cc5ece	Scott Ullrich	if(!file_exists($g['conf_path'] . "/config.xml")) {
278	87294955	Scott Ullrich	if($g['booting']) echo ".";
279	a0a0c545	Scott Ullrich	log_error("No config.xml found, attempting last known config restore.");
280	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
281	63cc5ece	Scott Ullrich	$last_backup = discover_last_backup();
282			if ($last_backup)
283			restore_backup("/cf/conf/backup/{$last_backup}");
284			else
285	a0a0c545	Scott Ullrich	log_error("Could not restore config.xml.");
286	63cc5ece	Scott Ullrich	}
287	781beaaa	Colin Smith	$config = parse_xml_config($g['conf_path'] . '/config.xml', $g['xml_rootobj']);
288	3e1aaa57	Scott Ullrich	if($config == "-1") {
289			$last_backup = discover_last_backup();
290			if ($last_backup)
291			restore_backup("/cf/conf/backup/{$last_backup}");
292			else
293			log_error(gettext("Could not restore config.xml."));
294			}
295	baa7645c	Colin Smith	generate_config_cache($config);
296	781beaaa	Colin Smith	}
297	87294955	Scott Ullrich	if($g['booting']) echo ".";
298	918a884d	Bill Marquette	alias_make_table($config);
299	0027de0a	Ermal Lu?i	unlock($lockkey);
300	aa9fd9e6	Scott Ullrich
301	5025a56c	Scott Ullrich	/* process packager manager custom rules */
302			if(is_dir("/usr/local/pkg/config_parse/")) {
303			update_filter_reload_status("Running plugins (config_parse)");
304			run_plugins("/usr/local/pkg/config_parse/");
305			update_filter_reload_status("Plugins completed.");
306			}
307
308	baa7645c	Colin Smith	return $config;
309	41508358	Scott Ullrich	}
310	5b237745	Scott Ullrich
311	840c97dc	Colin Smith	/***f config/generate_config_cache
312			* NAME
313			* generate_config_cache - Write serialized configuration to cache.
314			* INPUTS
315			* $config - array containing current firewall configuration
316			* RESULT
317			* boolean - true on completion
318			******/
319	baa7645c	Colin Smith	function generate_config_cache($config) {
320			global $g;
321	0027de0a	Ermal Lu?i
322	842bf9f1	Scott Ullrich	conf_mount_rw();
323	41508358	Scott Ullrich	$configcache = fopen($g['tmp_path'] . '/config.cache', "w");
324			fwrite($configcache, serialize($config));
325			fclose($configcache);
326	842bf9f1	Scott Ullrich	conf_mount_ro();
327	41508358	Scott Ullrich	}
328
329	ed4f9cd6	Scott Ullrich	function discover_last_backup() {
330	10333416	Scott Ullrich	$backups = split("\n", `cd /cf/conf/backup && ls -ltr *.xml \| awk '{print \$9}'`);
331	0027de0a	Ermal Lu?i	$last_backup = "";
332	ed4f9cd6	Scott Ullrich	foreach($backups as $backup)
333	10333416	Scott Ullrich	if($backup)
334			$last_backup = $backup;
335	0027de0a	Ermal Lu?i
336	ed4f9cd6	Scott Ullrich	return $last_backup;
337			}
338
339			function restore_backup($file) {
340	0027de0a	Ermal Lu?i	if (file_exists($file)) {
341	ed4f9cd6	Scott Ullrich	conf_mount_rw();
342	604eed79	Scott Ullrich	copy("$file","/cf/conf/config.xml");
343	8008038a	Scott Ullrich	unlink_if_exists("/tmp/config.cache");
344	36d0358b	Scott Ullrich	log_error("{$g['product_name']} is restoring the configuration $file");
345			file_notice("config.xml", "{$g['product_name']} is restoring the configuration $file", "pfSenseConfigurator", "");
346	8008038a	Scott Ullrich	conf_mount_ro();
347	ed4f9cd6	Scott Ullrich	}
348			}
349
350	840c97dc	Colin Smith	/***f config/parse_config_bootup
351			* NAME
352			* parse_config_bootup - Bootup-specific configuration checks.
353			* RESULT
354			* null
355			******/
356	41508358	Scott Ullrich	function parse_config_bootup() {
357	a8a5bdfc	Scott Ullrich	global $config, $g, $noparseconfig;
358	0027de0a	Ermal Lu?i
359	87294955	Scott Ullrich	if($g['booting']) echo ".";
360	0027de0a	Ermal Lu?i
361			$lockkey = lock('config');
362	41508358	Scott Ullrich	if (!$noparseconfig) {
363	5b237745	Scott Ullrich	if (!file_exists("{$g['conf_path']}/config.xml")) {
364			if ($g['booting']) {
365			if (strstr($g['platform'], "cdrom")) {
366			/* try copying the default config. to the floppy */
367	c3cbc094	Scott Ullrich	echo "Resetting factory defaults...\n";
368	0027de0a	Ermal Lu?i	reset_factory_defaults(true);
369	ed4f9cd6	Scott Ullrich	if (file_exists("{$g['conf_path']}/config.xml")) {
370	cfd6d14f	Scott Ullrich	/* do nothing, we have a file. */
371	ed4f9cd6	Scott Ullrich	} else {
372			echo "No XML configuration file found - using factory defaults.\n";
373			echo "Make sure that the configuration floppy disk with the conf/config.xml\n";
374			echo "file is inserted. If it isn't, your configuration changes will be lost\n";
375			echo "on reboot.\n";
376			}
377	5b237745	Scott Ullrich	} else {
378	ed4f9cd6	Scott Ullrich	$last_backup = discover_last_backup();
379			if($last_backup) {
380			log_error("No config.xml found, attempting last known config restore.");
381	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
382	ed4f9cd6	Scott Ullrich	restore_backup("/cf/conf/backup/{$last_backup}");
383			}
384			if(!file_exists("{$g['conf_path']}/config.xml")) {
385	36d0358b	Scott Ullrich	echo "XML configuration file not found. {$g['product_name']} cannot continue booting.\n";
386	ed4f9cd6	Scott Ullrich	mwexec("/sbin/halt");
387			exit;
388			}
389			log_error("Last known config found and restored. Please double check your configuration file for accuracy.");
390	5b95638a	Scott Ullrich	file_notice("config.xml", "Last known config found and restored. Please double check your configuration file for accuracy.", "pfSenseConfigurator", "");
391	5b237745	Scott Ullrich	}
392			} else {
393	0027de0a	Ermal Lu?i	unlock($lockkey);
394	5b237745	Scott Ullrich	exit(0);
395			}
396			}
397	41508358	Scott Ullrich	}
398	0027de0a	Ermal Lu?i	if (filesize("{$g['conf_path']}/config.xml") == 0) {
399	be973d8c	Scott Ullrich	$last_backup = discover_last_backup();
400			if($last_backup) {
401			log_error("No config.xml found, attempting last known config restore.");
402	5b95638a	Scott Ullrich	file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
403	be973d8c	Scott Ullrich	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
404			} else {
405	0027de0a	Ermal Lu?i	unlock($lockkey);
406	be973d8c	Scott Ullrich	die("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.");
407			}
408			}
409	0027de0a	Ermal Lu?i	unlock($lockkey);
410	5c6d0f65	Colin Smith	parse_config(true);
411	9bbf0b4e	Scott Ullrich
412	41508358	Scott Ullrich	if ((float)$config['version'] > (float)$g['latest_config']) {
413	5c6d0f65	Colin Smith	echo <<<EOD
414	5b237745	Scott Ullrich
415
416			*******************************************************************************
417			* WARNING! *
418	36d0358b	Scott Ullrich	* The current configuration has been created with a newer version of {$g['product_name']} *
419	5b237745	Scott Ullrich	* than this one! This can lead to serious misbehavior and even security *
420	36d0358b	Scott Ullrich	* holes! You are urged to either upgrade to a newer version of {$g['product_name']} or *
421	5b237745	Scott Ullrich	* revert to the default configuration immediately! *
422			*******************************************************************************
423
424
425			EOD;
426			}
427
428			/* make alias table (for faster lookups) */
429	918a884d	Bill Marquette	alias_make_table($config);
430	5b237745	Scott Ullrich	}
431
432	840c97dc	Colin Smith	/***f config/conf_mount_rw
433			* NAME
434			* conf_mount_rw - Mount filesystems read/write.
435			* RESULT
436			* null
437			******/
438	5b237745	Scott Ullrich	/* mount flash card read/write */
439			function conf_mount_rw() {
440			global $g;
441
442	875e24be	Scott Ullrich	/* do not mount on cdrom platform */
443	6f4f5eb3	Scott Ullrich	if($g['platform'] == "cdrom" or $g['platform'] == "pfSense")
444	875e24be	Scott Ullrich	return;
445	d5cfa74b	Scott Ullrich
446	1772b830	Scott Ullrich	$status = mwexec("/sbin/mount -u -w {$g['cf_path']}");
447	4fde4ce4	Colin Smith	if($status <> 0) {
448	9bbf0b4e	Scott Ullrich	if($g['booting'])
449			echo "Disk is dirty. Running fsck -y\n";
450	4fde4ce4	Colin Smith	mwexec("/sbin/fsck -y {$g['cf_path']}");
451	1772b830	Scott Ullrich	$status = mwexec("/sbin/mount -u -w {$g['cf_path']}");
452	18859f3b	Scott Ullrich	}
453	14249fda	Scott Ullrich
454	578d4f38	Scott Ullrich	/* if the platform is soekris or wrap or pfSense, lets mount the
455			* compact flash cards root.
456			*/
457	3e52930a	Scott Ullrich	if($g['platform'] == "wrap" or $g['platform'] == "net45xx"
458			or $g['platform'] == "embedded") {
459	1772b830	Scott Ullrich	$status = mwexec("/sbin/mount -u -w /");
460	1ef6e981	Scott Ullrich	/* we could not mount this correctly. kick off fsck */
461	4fde4ce4	Colin Smith	if($status <> 0) {
462	1ef6e981	Scott Ullrich	log_error("File system is dirty. Launching FSCK for /");
463	1772b830	Scott Ullrich	mwexec("/sbin/fsck -y /");
464			$status = mwexec("/sbin/mount -u -w /");
465	1ef6e981	Scott Ullrich	}
466	c8b8a2b7	Scott Ullrich	}
467	5b237745	Scott Ullrich	}
468
469	840c97dc	Colin Smith	/***f config/conf_mount_ro
470	9bbf0b4e	Scott Ullrich	* NAME
471	840c97dc	Colin Smith	* conf_mount_ro - Mount filesystems readonly.
472			* RESULT
473	9bbf0b4e	Scott Ullrich	* null
474	840c97dc	Colin Smith	******/
475	5b237745	Scott Ullrich	function conf_mount_ro() {
476	669e1adb	Bill Marquette	global $g;
477	f699da52	Scott Ullrich
478	81e3bbc7	Scott Ullrich	if($g['booting'] == true)
479			return;
480	9bbf0b4e	Scott Ullrich
481	87294955	Scott Ullrich	/* firmare upgrade in progress */
482	211dff55	Scott Ullrich	if(file_exists($g['varrun_path'] . "/firmware.lock"))
483	87294955	Scott Ullrich	return;
484
485	81e3bbc7	Scott Ullrich	/* do not umount if generating ssh keys */
486			if(file_exists("/tmp/keys_generating"))
487			return;
488	9bbf0b4e	Scott Ullrich
489	1dc67b04	Scott Ullrich	/* do not umount on cdrom or pfSense platforms */
490			if($g['platform'] == "cdrom" or $g['platform'] == "pfSense")
491	ac4878f9	Scott Ullrich	return;
492	5b237745	Scott Ullrich
493	1772b830	Scott Ullrich	/* sync data, then force a remount of /cf */
494	1dc67b04	Scott Ullrich	mwexec("/bin/sync");
495	0027de0a	Ermal Lu?i	mwexec("/bin/sync");
496	1772b830	Scott Ullrich	mwexec("/sbin/mount -u -r -f {$g['cf_path']}");
497			mwexec("/sbin/mount -u -r -f /");
498	5b237745	Scott Ullrich	}
499
500	840c97dc	Colin Smith	/***f config/convert_config
501	9bbf0b4e	Scott Ullrich	* NAME
502	840c97dc	Colin Smith	* convert_config - Attempt to update config.xml.
503			* DESCRIPTION
504			* convert_config() reads the current global configuration
505			* and attempts to convert it to conform to the latest
506			* config.xml version. This allows major formatting changes
507			* to be made with a minimum of breakage.
508			* RESULT
509	9bbf0b4e	Scott Ullrich	* null
510	840c97dc	Colin Smith	******/
511	5b237745	Scott Ullrich	/* convert configuration, if necessary */
512			function convert_config() {
513	669e1adb	Bill Marquette	global $config, $g;
514	791bcfd4	Bill Marquette	$now = date("H:i:s");
515			log_error("Start Configuration upgrade at $now, set execution timeout to 15 minutes");
516			ini_set("max_execution_time", "900");
517	5b237745	Scott Ullrich
518	232c07a7	Scott Ullrich	/* special case upgrades */
519			/* fix every minute crontab bogons entry */
520			$cron_item_count = count($config['cron']['item']);
521			for($x=0; $x<$cron_item_count; $x++) {
522	64f4155b	Scott Ullrich	if(stristr($config['cron']['item'][$x]['command'], "rc.update_bogons.sh")) {
523			if($config['cron']['item'][$x]['hour'] == "*" ) {
524	2672d65d	Scott Ullrich	$config['cron']['item'][$x]['hour'] = "3";
525			write_config("Updated bogon update frequency to 3am");
526			log_error("Updated bogon update frequency to 3am");
527	64f4155b	Scott Ullrich	}
528			}
529	232c07a7	Scott Ullrich	}
530	5b237745	Scott Ullrich	if ($config['version'] == $g['latest_config'])
531			return; /* already at latest version */
532
533	d05dff82	Bill Marquette	// Save off config version
534			$prev_version = $config['version'];
535	1fbbe26f	Seth Mos
536	791bcfd4	Bill Marquette	include_once('upgrade_config.inc');
537			/* Loop and run upgrade_VER_to_VER() until we're at current version */
538			while ($config['version'] < $g['latest_config']) {
539	07ea77d0	Bill Marquette	$cur = $config['version'] * 10;
540	791bcfd4	Bill Marquette	$next = $cur + 1;
541			$migration_function = sprintf('upgrade_%03d_to_%03d', $cur, $next);
542			$migration_function();
543			$config['version'] = sprintf('%.1f', $next / 10);
544			echo ".";
545	0092b3bd	mgrooms	}
546
547	cbdf9821	Seth Mos	$now = date("H:i:s");
548			log_error("Ended Configuration upgrade at $now");
549
550	45ee90ed	Matthew Grooms	if ($prev_version != $config['version'])
551	fc13ca75	Bill Marquette	write_config("Upgraded config version level from {$prev_version} to {$config['version']}");
552	5b237745	Scott Ullrich	}
553
554	840c97dc	Colin Smith	/***f config/write_config
555			* NAME
556			* write_config - Backup and write the firewall configuration.
557			* DESCRIPTION
558			* write_config() handles backing up the current configuration,
559			* applying changes, and regenerating the configuration cache.
560			* INPUTS
561			* $desc - string containing the a description of configuration changes
562			* $backup - boolean: do not back up current configuration if false.
563			* RESULT
564	9bbf0b4e	Scott Ullrich	* null
565	840c97dc	Colin Smith	******/
566	5b237745	Scott Ullrich	/* save the system configuration */
567	41508358	Scott Ullrich	function write_config($desc="Unknown", $backup = true) {
568	5b237745	Scott Ullrich	global $config, $g;
569
570	5c88e187	Scott Ullrich	if($g['bootup'])
571			log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml");
572
573	9bbf0b4e	Scott Ullrich	if($backup)
574	cdccfea2	Scott Ullrich	backup_config();
575	5b237745	Scott Ullrich
576	41508358	Scott Ullrich	if (time() > mktime(0, 0, 0, 9, 1, 2004)) /* make sure the clock settings are plausible */
577	cdccfea2	Scott Ullrich	$changetime = time();
578	a331fd27	Colin Smith
579	9bbf0b4e	Scott Ullrich	/* Log the running script so it's not entirely unlogged what changed */
580			if ($desc == "Unknown")
581			$desc = "{$_SERVER['SCRIPT_NAME']} made unknown change";
582	b638fcfd	Colin Smith
583	41508358	Scott Ullrich	$config['revision']['description'] = $desc;
584			$config['revision']['time'] = $changetime;
585	9bbf0b4e	Scott Ullrich
586	0027de0a	Ermal Lu?i	$lockkey = lock('config');
587	5b237745	Scott Ullrich
588			/* generate configuration XML */
589			$xmlconfig = dump_xml_config($config, $g['xml_rootobj']);
590
591	04daa3c6	Scott Ullrich	conf_mount_rw();
592
593	41508358	Scott Ullrich	/* write new configuration */
594	0027de0a	Ermal Lu?i	$fd = fopen("{$g['cf_conf_path']}/config.xml", "w");
595			if (!$fd) {
596			// Unable to open temporary file for writing
597			log_error("WARNING: Config contents could not be save. Could not open file!");
598			unlock($lockkey);
599			return false;
600			}
601			if (!fwrite($fd, $xmlconfig)) {
602			// Unable to write to temporary file
603			log_error("WARNING: Config contents could not be written on file.");
604			fclose($fd);
605			unlock($lockkey);
606			return false;
607			}
608			fclose($fd);
609	5b237745	Scott Ullrich
610	594c28ce	Scott Ullrich	if($g['platform'] == "embedded") {
611	0027de0a	Ermal Lu?i	cleanup_backupcache(5, false);
612	889044ca	Scott Ullrich	} else {
613	0027de0a	Ermal Lu?i	cleanup_backupcache(30, false);
614	02facbd0	Scott Ullrich	}
615
616	4fa14081	Scott Ullrich	/* re-read configuration */
617			$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
618
619			/* write config cache */
620	0027de0a	Ermal Lu?i	$fd = @fopen("{$g['tmp_path']}/config.cache", "wb");
621			if ($fd) {
622			fwrite($fd, serialize($config));
623			fclose($fd);
624			}
625	4fa14081	Scott Ullrich
626			/* tell kernel to sync fs data */
627	0027de0a	Ermal Lu?i	if (!$g['booting'])
628			conf_mount_ro();
629			unlock($lockkey);
630	d8f4eede	Scott Ullrich
631	64a0b4e4	Scott Ullrich	if(is_dir("/usr/local/pkg/write_config/")) {
632			/* process packager manager custom rules */
633			update_filter_reload_status("Running plugins");
634			run_plugins("/usr/local/pkg/write_config/");
635			update_filter_reload_status("Plugins completed.");
636			}
637	5025a56c	Scott Ullrich
638	917d4a96	Colin Smith	return $config;
639	5b237745	Scott Ullrich	}
640
641	840c97dc	Colin Smith	/***f config/reset_factory_defaults
642			* NAME
643			* reset_factory_defaults - Reset the system to its default configuration.
644			* RESULT
645			* integer - indicates completion
646			******/
647	0027de0a	Ermal Lu?i	function reset_factory_defaults($lock = false) {
648	5b237745	Scott Ullrich	global $g;
649
650	0027de0a	Ermal Lu?i	if ($lock)
651			$lockkey = lock('config');
652	5b237745	Scott Ullrich	conf_mount_rw();
653
654			/* create conf directory, if necessary */
655	d058b0be	Colin Smith	safe_mkdir("{$g['cf_conf_path']}");
656	5b237745	Scott Ullrich
657			/* clear out /conf */
658			$dh = opendir($g['conf_path']);
659			while ($filename = readdir($dh)) {
660			if (($filename != ".") && ($filename != "..")) {
661	e50b0c5d	Bill Marquette	unlink_if_exists($g['conf_path'] . "/" . $filename);
662	5b237745	Scott Ullrich	}
663			}
664			closedir($dh);
665
666			/* copy default configuration */
667	e50b0c5d	Bill Marquette	copy("{$g['conf_default_path']}/config.xml", "{$g['conf_path']}/config.xml");
668	9bbf0b4e	Scott Ullrich
669	4973d941	Scott Ullrich	/* call the wizard */
670	cb21eb7b	Scott Ullrich	touch("/conf/trigger_initial_wizard");
671	5b237745	Scott Ullrich	conf_mount_ro();
672	0027de0a	Ermal Lu?i	if ($lock)
673			unlock($lockkey);
674	5b237745	Scott Ullrich
675			return 0;
676			}
677
678	41508358	Scott Ullrich	function config_restore($conffile) {
679	5b237745	Scott Ullrich	global $config, $g;
680	9bbf0b4e	Scott Ullrich
681	cdccfea2	Scott Ullrich	if (!file_exists($conffile))
682			return 1;
683	9bbf0b4e	Scott Ullrich
684	0027de0a	Ermal Lu?i	$lockkey = lock('config');
685			conf_mount_rw();
686	9bbf0b4e	Scott Ullrich
687	0027de0a	Ermal Lu?i	backup_config();
688			copy($conffile, "{$g['cf_conf_path']}/config.xml");
689	1f4adc3e	Colin Smith	$config = parse_config(true);
690	0027de0a	Ermal Lu?i	write_config("Reverted to " . array_pop(explode("/", $conffile)) . ".", false);
691	9bbf0b4e	Scott Ullrich
692	0027de0a	Ermal Lu?i	conf_mount_ro();
693			unlock($lockkey);
694	41508358	Scott Ullrich
695	0027de0a	Ermal Lu?i	return 0;
696	41508358	Scott Ullrich	}
697	5b237745	Scott Ullrich
698	41508358	Scott Ullrich	function config_install($conffile) {
699	cdccfea2	Scott Ullrich	global $config, $g;
700	9bbf0b4e	Scott Ullrich
701	cdccfea2	Scott Ullrich	if (!file_exists($conffile))
702			return 1;
703	7f8d1f3f	Scott Ullrich
704	abf3737f	Scott Ullrich	if (!config_validate("{$g['conf_path']}/config.xml"))
705	5af3e206	Scott Ullrich	return 1;
706
707	7f8d1f3f	Scott Ullrich	if($g['booting'] == true)
708			echo "Installing configuration...\n";
709	9bbf0b4e	Scott Ullrich
710	0027de0a	Ermal Lu?i	$lockkey = lock('config');
711			conf_mount_rw();
712	9bbf0b4e	Scott Ullrich
713	0027de0a	Ermal Lu?i	copy($conffile, "{$g['conf_path']}/config.xml");
714	80c02328	Scott Ullrich
715			/* unlink cache file if it exists */
716			if(file_exists("{$g['tmp_path']}/config.cache"))
717			unlink("{$g['tmp_path']}/config.cache");
718	9bbf0b4e	Scott Ullrich
719	0027de0a	Ermal Lu?i	conf_mount_ro();
720			unlock($lockkey);
721	41508358	Scott Ullrich
722	cdccfea2	Scott Ullrich	return 0;
723	5b237745	Scott Ullrich	}
724
725	5af3e206	Scott Ullrich	function config_validate($conffile) {
726
727			global $g, $xmlerr;
728
729			$xml_parser = xml_parser_create();
730	9bbf0b4e	Scott Ullrich
731	5af3e206	Scott Ullrich	if (!($fp = fopen($conffile, "r"))) {
732			$xmlerr = "XML error: unable to open file";
733			return false;
734			}
735	9bbf0b4e	Scott Ullrich
736	5af3e206	Scott Ullrich	while ($data = fread($fp, 4096)) {
737			if (!xml_parse($xml_parser, $data, feof($fp))) {
738			$xmlerr = sprintf("%s at line %d",
739			xml_error_string(xml_get_error_code($xml_parser)),
740			xml_get_current_line_number($xml_parser));
741			return false;
742			}
743			}
744			xml_parser_free($xml_parser);
745	9bbf0b4e	Scott Ullrich
746	5af3e206	Scott Ullrich	fclose($fp);
747	9bbf0b4e	Scott Ullrich
748	5af3e206	Scott Ullrich	return true;
749			}
750
751	afe53428	Scott Ullrich	function set_networking_interfaces_ports() {
752	bb17ff99	Scott Ullrich	global $noreboot;
753	c1666878	Scott Ullrich	global $config;
754			global $g;
755	e522f83c	Scott Ullrich	global $fp;
756	bb17ff99	Scott Ullrich
757	afe53428	Scott Ullrich	$fp = fopen('php://stdin', 'r');
758
759	65929949	Scott Ullrich	$memory = get_memory();
760			$avail = $memory[0];
761
762	cc46fb88	Scott Ullrich	if($avail < $g['minimum_ram_warning']) {
763	65929949	Scott Ullrich	echo "\n\n\n";
764	cc46fb88	Scott Ullrich	echo "DANGER! WARNING! ACHTUNG!\n\n";
765	1b7700c1	Chris Buechler	echo "{$g['product_name']} requires AT LEAST {$g['minimum_ram_warning_text']} RAM to function correctly.\n";
766			echo "Only ({$avail}) MB RAM has been detected.\n";
767	cc46fb88	Scott Ullrich	echo "\nPress ENTER to continue. ";
768	65929949	Scott Ullrich	fgets($fp);
769			echo "\n";
770			}
771
772	4fde4ce4	Colin Smith	$iflist = get_interface_list();
773	afe53428	Scott Ullrich
774			echo <<<EOD
775
776			Valid interfaces are:
777
778
779			EOD;
780
781	1d9118a1	Scott Ullrich	if(!is_array($iflist)) {
782			echo "No interfaces found!\n";
783	1b7700c1	Chris Buechler	$iflist = array();
784	1d9118a1	Scott Ullrich	} else {
785			foreach ($iflist as $iface => $ifa) {
786	a296c95d	Seth Mos	echo sprintf("% -8s%s%s\t%s\n", $iface, $ifa['mac'],
787			$ifa['up'] ? " (up)" : " (down)", $ifa['dmesg']);
788	1d9118a1	Scott Ullrich	}
789	afe53428	Scott Ullrich	}
790
791			echo <<<EOD
792
793			Do you want to set up VLANs first?
794	9bbf0b4e	Scott Ullrich	If you are not going to use VLANs, or only for optional interfaces, you should
795	08b15f2d	Scott Ullrich	say no here and use the webConfigurator to configure VLANs later, if required.
796	afe53428	Scott Ullrich
797			Do you want to set up VLANs now [y\|n]?
798			EOD;
799
800			if (strcasecmp(chop(fgets($fp)), "y") == 0)
801			vlan_setup();
802
803			if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) {
804
805			echo "\n\nVLAN interfaces:\n\n";
806			foreach ($config['vlans']['vlan'] as $vlan) {
807
808	58634283	Ermal Lu?i	echo sprintf("% -8s%s\n", "vlan{$vlan['tag']}",
809	afe53428	Scott Ullrich	"VLAN tag {$vlan['tag']}, interface {$vlan['if']}");
810
811	58634283	Ermal Lu?i	$iflist['vlan' . $vlan['tag']] = array();
812	afe53428	Scott Ullrich	}
813			}
814
815			echo <<<EOD
816
817	cc46fb88	Scott Ullrich	NOTE {$g['product_name']} requires {$g['minimum_nic_count_text']} assigned interfaces to function.
818	d9df12f7	Chris Buechler	If you do not have {$g['minimum_nic_count_text']} interfaces you CANNOT continue.
819	95385647	Scott Ullrich
820	cc46fb88	Scott Ullrich	If you do not have at least {$g['minimum_nic_count']} REAL network interface cards
821	8d475853	Chris Buechler	or one interface with multiple VLANs then {$g['product_name']}
822			WILL NOT function correctly.
823	4fde4ce4	Colin Smith
824	763f6238	Scott Ullrich	If you do not know the names of your interfaces, you may choose to use
825	8d475853	Chris Buechler	auto-detection. In that case, disconnect all interfaces now before
826	cc46fb88	Scott Ullrich	hitting 'a' to initiate auto detection.
827	afe53428	Scott Ullrich
828			EOD;
829
830	cc46fb88	Scott Ullrich	do {
831			echo "\nEnter the WAN interface name or 'a' for auto-detection: ";
832			$wanif = chop(fgets($fp));
833			if ($wanif === "") {
834			return;
835			}
836			if ($wanif === "a")
837			$wanif = autodetect_interface("WAN", $fp);
838			else if (!array_key_exists($wanif, $iflist)) {
839			echo "\nInvalid interface name '{$wanif}'\n";
840			unset($wanif);
841			continue;
842			}
843			} while (!$wanif);
844
845	afe53428	Scott Ullrich	do {
846	9c98515d	Chris Buechler	echo "\nEnter the LAN interface name or 'a' for auto-detection \n" .
847	bbcc0a41	Scott Ullrich	"NOTE: this enables full Firewalling/NAT mode.\n" .
848	9c98515d	Chris Buechler	"(or nothing if finished): ";
849	bbcc0a41	Scott Ullrich
850	afe53428	Scott Ullrich	$lanif = chop(fgets($fp));
851	9c98515d	Chris Buechler
852	eb566cd3	Scott Ullrich	if($lanif == "exit") {
853			exit;
854			}
855	cc46fb88	Scott Ullrich
856			if($lanif == "") {
857	ea5070be	Scott Ullrich	if($g['minimum_nic_count'] < 2) {
858	9c98515d	Chris Buechler	break;
859			} else {
860			fclose($fp);
861			return;
862	ea5070be	Scott Ullrich	}
863	cc46fb88	Scott Ullrich	}
864	eb566cd3	Scott Ullrich
865	afe53428	Scott Ullrich	if ($lanif === "a")
866			$lanif = autodetect_interface("LAN", $fp);
867			else if (!array_key_exists($lanif, $iflist)) {
868			echo "\nInvalid interface name '{$lanif}'\n";
869			unset($lanif);
870			continue;
871			}
872			} while (!$lanif);
873
874			/* optional interfaces */
875			$i = 0;
876			$optif = array();
877
878	b41456d0	Chris Buechler	if($lanif <> "") {
879			while (1) {
880			if ($optif[$i])
881			$i++;
882			$i1 = $i + 1;
883
884			if($config['interfaces']['opt' . $i1]['descr'])
885			echo "\nOptional interface {$i1} description found: {$config['interfaces']['opt' . $i1]['descr']}";
886	a174a5ac	Ermal Luçi
887	b41456d0	Chris Buechler	echo "\nEnter the Optional {$i1} interface name or 'a' for auto-detection\n" .
888			"(or nothing if finished): ";
889
890			$optif[$i] = chop(fgets($fp));
891
892			if ($optif[$i]) {
893			if ($optif[$i] === "a") {
894			$ad = autodetect_interface("Optional " . $i1, $fp);
895			if ($ad)
896			$optif[$i] = $ad;
897			else
898			unset($optif[$i]);
899			} else if (!array_key_exists($optif[$i], $iflist)) {
900			echo "\nInvalid interface name '{$optif[$i]}'\n";
901	afe53428	Scott Ullrich	unset($optif[$i]);
902	b41456d0	Chris Buechler	continue;
903			}
904			} else {
905	afe53428	Scott Ullrich	unset($optif[$i]);
906	b41456d0	Chris Buechler	break;
907	afe53428	Scott Ullrich	}
908			}
909			}
910	b41456d0	Chris Buechler
911	afe53428	Scott Ullrich	/* check for double assignments */
912			$ifarr = array_merge(array($lanif, $wanif), $optif);
913	b41456d0	Chris Buechler
914	afe53428	Scott Ullrich	for ($i = 0; $i < (count($ifarr)-1); $i++) {
915	b41456d0	Chris Buechler	for ($j = ($i+1); $j < count($ifarr); $j++) {
916			if ($ifarr[$i] == $ifarr[$j]) {
917			echo <<<EOD
918	afe53428	Scott Ullrich
919	763f6238	Scott Ullrich	Error: you cannot assign the same interface name twice!
920	afe53428	Scott Ullrich
921			EOD;
922	9bda2241	Scott Ullrich	fclose($fp);
923	e196278c	Scott Ullrich	return;
924	afe53428	Scott Ullrich	}
925			}
926			}
927
928	bbcc0a41	Scott Ullrich	echo "\nThe interfaces will be assigned as follows: \n\n";
929	afe53428	Scott Ullrich
930	9c98515d	Chris Buechler	if ($lanif != "")
931			echo "LAN ->" . $lanif . "\n";
932			echo "WAN ->" . $wanif . "\n";
933	afe53428	Scott Ullrich	for ($i = 0; $i < count($optif); $i++) {
934			echo "OPT" . ($i+1) . " -> " . $optif[$i] . "\n";
935			}
936
937	bb17ff99	Scott Ullrich	echo <<<EOD
938	afe53428	Scott Ullrich
939			Do you want to proceed [y\|n]?
940			EOD;
941
942			if (strcasecmp(chop(fgets($fp)), "y") == 0) {
943	45f7f880	Scott Ullrich	if($lanif) {
944	dc6f8942	Scott Ullrich	$config['interfaces']['lan']['if'] = $lanif;
945	c0d63576	Chris Buechler	} elseif (!$g['booting']) {
946	8b67117b	Scott Ullrich
947			echo <<<EODD
948
949			You have chosen to remove the LAN interface.
950
951	b41456d0	Chris Buechler	Would you like to remove the LAN IP address and
952	8b67117b	Scott Ullrich	unload the interface now? [y\|n]?
953			EODD;
954
955	18d8c406	Scott Ullrich	if (strcasecmp(chop(fgets($fp)), "y") == 0) {
956			if($config['interfaces']['lan']['if'])
957			mwexec("/sbin/ifconfig delete " . $config['interfaces']['lan']['if']);
958			}
959	de40ddc9	Chris Buechler	if(isset($config['interfaces']['lan']))
960	c0d63576	Chris Buechler	unset($config['interfaces']['lan']);
961	de40ddc9	Chris Buechler	if(isset($config['dhcpd']['lan']))
962	c0d63576	Chris Buechler	unset($config['dhcpd']['lan']);
963	de40ddc9	Chris Buechler	if(isset($config['interfaces']['lan']['if']))
964	c0d63576	Chris Buechler	unset($config['interfaces']['lan']['if']);
965	de40ddc9	Chris Buechler	if(isset($config['interfaces']['wan']['blockpriv']))
966	c0d63576	Chris Buechler	unset($config['interfaces']['wan']['blockpriv']);
967	de40ddc9	Chris Buechler	if(isset($config['shaper']))
968	c0d63576	Chris Buechler	unset($config['shaper']);
969	de40ddc9	Chris Buechler	if(isset($config['ezshaper']))
970	c0d63576	Chris Buechler	unset($config['ezshaper']);
971	de40ddc9	Chris Buechler	if(isset($config['nat']))
972	c0d63576	Chris Buechler	unset($config['nat']);
973	de40ddc9	Chris Buechler	} else {
974			if(isset($config['interfaces']['lan']['if']))
975	c0d63576	Chris Buechler	mwexec("/sbin/ifconfig delete " . $config['interfaces']['lan']['if']);
976	de40ddc9	Chris Buechler	if(isset($config['interfaces']['lan']))
977	2065448e	Chris Buechler	unset($config['interfaces']['lan']);
978	de40ddc9	Chris Buechler	if(isset($config['dhcpd']['lan']))
979	2065448e	Chris Buechler	unset($config['dhcpd']['lan']);
980	de40ddc9	Chris Buechler	if(isset($config['interfaces']['lan']['if']))
981	2065448e	Chris Buechler	unset($config['interfaces']['lan']['if']);
982	de40ddc9	Chris Buechler	if(isset($config['interfaces']['wan']['blockpriv']))
983	2065448e	Chris Buechler	unset($config['interfaces']['wan']['blockpriv']);
984	de40ddc9	Chris Buechler	if(isset($config['shaper']))
985	2065448e	Chris Buechler	unset($config['shaper']);
986	de40ddc9	Chris Buechler	if(isset($config['ezshaper']))
987	2065448e	Chris Buechler	unset($config['ezshaper']);
988	de40ddc9	Chris Buechler	if(isset($config['nat']))
989	2065448e	Chris Buechler	unset($config['nat']);
990	45f7f880	Scott Ullrich	}
991	fd91e85c	Scott Ullrich	if (preg_match($g['wireless_regex'], $lanif)) {
992	afe53428	Scott Ullrich	if (!is_array($config['interfaces']['lan']['wireless']))
993			$config['interfaces']['lan']['wireless'] = array();
994			} else {
995			unset($config['interfaces']['lan']['wireless']);
996			}
997	9bbf0b4e	Scott Ullrich
998	afe53428	Scott Ullrich	$config['interfaces']['wan']['if'] = $wanif;
999	fd91e85c	Scott Ullrich	if (preg_match($g['wireless_regex'], $wanif)) {
1000	afe53428	Scott Ullrich	if (!is_array($config['interfaces']['wan']['wireless']))
1001			$config['interfaces']['wan']['wireless'] = array();
1002			} else {
1003			unset($config['interfaces']['wan']['wireless']);
1004			}
1005	9bbf0b4e	Scott Ullrich
1006	afe53428	Scott Ullrich	for ($i = 0; $i < count($optif); $i++) {
1007			if (!is_array($config['interfaces']['opt' . ($i+1)]))
1008			$config['interfaces']['opt' . ($i+1)] = array();
1009	9bbf0b4e	Scott Ullrich
1010	afe53428	Scott Ullrich	$config['interfaces']['opt' . ($i+1)]['if'] = $optif[$i];
1011	9bbf0b4e	Scott Ullrich
1012	afe53428	Scott Ullrich	/* wireless interface? */
1013	fd91e85c	Scott Ullrich	if (preg_match($g['wireless_regex'], $optif[$i])) {
1014	afe53428	Scott Ullrich	if (!is_array($config['interfaces']['opt' . ($i+1)]['wireless']))
1015			$config['interfaces']['opt' . ($i+1)]['wireless'] = array();
1016			} else {
1017			unset($config['interfaces']['opt' . ($i+1)]['wireless']);
1018			}
1019	9bbf0b4e	Scott Ullrich
1020	afe53428	Scott Ullrich	unset($config['interfaces']['opt' . ($i+1)]['enable']);
1021			$config['interfaces']['opt' . ($i+1)]['descr'] = "OPT" . ($i+1);
1022			}
1023	9bbf0b4e	Scott Ullrich
1024	afe53428	Scott Ullrich	/* remove all other (old) optional interfaces */
1025			for (; isset($config['interfaces']['opt' . ($i+1)]); $i++)
1026			unset($config['interfaces']['opt' . ($i+1)]);
1027	9bbf0b4e	Scott Ullrich
1028	8fb67752	Scott Ullrich	echo "\nWriting configuration...";
1029	fd91e85c	Scott Ullrich	write_config();
1030	dc6f8942	Scott Ullrich	echo "done.\n";
1031	9bbf0b4e	Scott Ullrich
1032	afe53428	Scott Ullrich	echo <<<EOD
1033
1034	bb17ff99	Scott Ullrich
1035	afe53428	Scott Ullrich
1036			EOD;
1037	0912a5f5	Scott Ullrich
1038	9bda2241	Scott Ullrich	fclose($fp);
1039	82958e6d	Scott Ullrich	if($g['booting'])
1040	cf1aa877	Scott Ullrich	return;
1041	0912a5f5	Scott Ullrich
1042	01622555	Scott Ullrich	echo "One moment while we reload the settings...";
1043	71c5821b	Scott Ullrich
1044	e4fb0a1e	Scott Ullrich	$g['booting'] = false;
1045
1046	2b4d37de	Ermal Lu?i	/* XXX: ermal - disable it for now this is used during bootup at best so shouldn't be needed.
1047			* For now just comment it out and later remove it completely.
1048			* resync everything
1049			reload_all_sync();
1050			*/
1051	9bbf0b4e	Scott Ullrich
1052	111207b5	Scott Ullrich	echo " done!\n";
1053	9bbf0b4e	Scott Ullrich
1054	76612f46	Scott Ullrich	touch("{$g['tmp_path']}/assign_complete");
1055	afe53428	Scott Ullrich
1056			}
1057	1fc6d183	Scott Ullrich	}
1058	afe53428	Scott Ullrich
1059	1fc6d183	Scott Ullrich	function autodetect_interface($ifname, $fp) {
1060	9249b756	Colin Smith	$iflist_prev = get_interface_list("media");
1061	1fc6d183	Scott Ullrich	echo <<<EOD
1062	afe53428	Scott Ullrich
1063			Connect the {$ifname} interface now and make sure that the link is up.
1064			Then press ENTER to continue.
1065
1066			EOD;
1067	1fc6d183	Scott Ullrich	fgets($fp);
1068	9249b756	Colin Smith	$iflist = get_interface_list("media");
1069	4fde4ce4	Colin Smith
1070	1fc6d183	Scott Ullrich	foreach ($iflist_prev as $ifn => $ifa) {
1071			if (!$ifa['up'] && $iflist[$ifn]['up']) {
1072			echo "Detected link-up on interface {$ifn}.\n";
1073			return $ifn;
1074	afe53428	Scott Ullrich	}
1075			}
1076
1077	1fc6d183	Scott Ullrich	echo "No link-up detected.\n";
1078
1079			return null;
1080	e522f83c	Scott Ullrich	}
1081	afe53428	Scott Ullrich
1082	e522f83c	Scott Ullrich	function vlan_setup() {
1083			global $iflist, $config, $g, $fp;
1084	afe53428	Scott Ullrich
1085	d8dc587b	Scott Ullrich	$iflist = get_interface_list();
1086
1087	e522f83c	Scott Ullrich	if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) {
1088
1089			echo <<<EOD
1090	afe53428	Scott Ullrich
1091			WARNING: all existing VLANs will be cleared if you proceed!
1092
1093			Do you want to proceed [y\|n]?
1094			EOD;
1095
1096	e522f83c	Scott Ullrich	if (strcasecmp(chop(fgets($fp)), "y") != 0)
1097			return;
1098			}
1099	afe53428	Scott Ullrich
1100	e522f83c	Scott Ullrich	$config['vlans']['vlan'] = array();
1101			echo "\n";
1102	afe53428	Scott Ullrich
1103	cf305899	Ermal Luçi	$vlanif = 0;
1104
1105	e522f83c	Scott Ullrich	while (1) {
1106			$vlan = array();
1107	afe53428	Scott Ullrich
1108	7695ef3f	Scott Ullrich	echo "\n\nVLAN Capable interfaces:\n\n";
1109			if(!is_array($iflist)) {
1110			echo "No interfaces found!\n";
1111			} else {
1112			$vlan_capable=0;
1113			foreach ($iflist as $iface => $ifa) {
1114	0ed78ddb	Scott Ullrich	if (is_jumbo_capable($iface)) {
1115	7695ef3f	Scott Ullrich	echo sprintf("% -8s%s%s\n", $iface, $ifa['mac'],
1116			$ifa['up'] ? " (up)" : "");
1117			$vlan_capable++;
1118			}
1119			}
1120			}
1121
1122			if($vlan_capable == 0) {
1123			echo "No VLAN capable interfaces detected.\n";
1124			return;
1125			}
1126
1127	e522f83c	Scott Ullrich	echo "\nEnter the parent interface name for the new VLAN (or nothing if finished): ";
1128			$vlan['if'] = chop(fgets($fp));
1129	afe53428	Scott Ullrich
1130	e522f83c	Scott Ullrich	if ($vlan['if']) {
1131	6a32d1e5	Scott Ullrich	if (!array_key_exists($vlan['if'], $iflist) or
1132			!is_jumbo_capable($vlan['if'])) {
1133	e522f83c	Scott Ullrich	echo "\nInvalid interface name '{$vlan['if']}'\n";
1134	afe53428	Scott Ullrich	continue;
1135			}
1136	e522f83c	Scott Ullrich	} else {
1137			break;
1138			}
1139
1140			echo "Enter the VLAN tag (1-4094): ";
1141			$vlan['tag'] = chop(fgets($fp));
1142	2f998593	Ermal Lu?i	$vlan['vlanif'] = "vlan{$vlan['tag']}";
1143	e522f83c	Scott Ullrich	if (!is_numericint($vlan['tag']) \|\| ($vlan['tag'] < 1) \|\| ($vlan['tag'] > 4094)) {
1144			echo "\nInvalid VLAN tag '{$vlan['tag']}'\n";
1145			continue;
1146	afe53428	Scott Ullrich	}
1147	a174a5ac	Ermal Luçi
1148	e522f83c	Scott Ullrich	$config['vlans']['vlan'][] = $vlan;
1149	cf305899	Ermal Luçi	$vlanif++;
1150	afe53428	Scott Ullrich	}
1151			}
1152
1153	0027de0a	Ermal Lu?i	function cleanup_backupcache($revisions = 30, $lock = true) {
1154	392a9bb8	Colin Smith	global $g;
1155	41508358	Scott Ullrich	$i = false;
1156	0027de0a	Ermal Lu?i
1157			if ($lock)
1158			$lockkey = lock('config');
1159	dc74c78a	Colin Smith	if(file_exists($g['cf_conf_path'] . '/backup/backup.cache')) {
1160	3fd7c6af	Scott Ullrich	conf_mount_rw();
1161	dc74c78a	Colin Smith	$backups = get_backups();
1162			$newbaks = array();
1163	8a421967	Colin Smith	$bakfiles = glob($g['cf_conf_path'] . "/backup/config-*");
1164	dc74c78a	Colin Smith	$baktimes = $backups['versions'];
1165			$tocache = array();
1166			unset($backups['versions']);
1167	6ec72f51	Scott Ullrich	foreach($bakfiles as $backup) { // Check for backups in the directory not represented in the cache.
1168			if(filesize($backup) == 0) {
1169			unlink($backup);
1170			continue;
1171			}
1172			$tocheck = array_shift(explode('.', array_pop(explode('-', $backup))));
1173			if(!in_array($tocheck, $baktimes)) {
1174			$i = true;
1175			if($g['booting'])
1176	708e6345	Scott Ullrich	echo ".";
1177	6ec72f51	Scott Ullrich	$newxml = parse_xml_config($backup, $g['xml_rootobj']);
1178	7fb87dbe	Scott Ullrich	if($newxml == "-1") {
1179			log_error("The backup cache file $backup is corrupted. Unlinking.");
1180			unlink($backup);
1181	197bfe96	Ermal Luçi	log_error("The backup cache file $backup is corrupted. Unlinking.");
1182	7fb87dbe	Scott Ullrich	continue;
1183			}
1184	6ec72f51	Scott Ullrich	if($newxml['revision']['description'] == "")
1185			$newxml['revision']['description'] = "Unknown";
1186			$tocache[$tocheck] = array('description' => $newxml['revision']['description']);
1187			}
1188			}
1189	dc74c78a	Colin Smith	foreach($backups as $checkbak) {
1190	6ec72f51	Scott Ullrich
1191	dc74c78a	Colin Smith	if(count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) {
1192			$newbaks[] = $checkbak;
1193			} else {
1194			$i = true;
1195	346089b0	Scott Ullrich	if($g['booting']) print " " . $tocheck . "r";
1196	dc74c78a	Colin Smith	}
1197	41508358	Scott Ullrich	}
1198	9bbf0b4e	Scott Ullrich	foreach($newbaks as $todo) $tocache[$todo['time']] = array('description' => $todo['description']);
1199	7cc29855	Colin Smith	if(is_int($revisions) and (count($tocache) > $revisions)) {
1200	dc74c78a	Colin Smith	$toslice = array_slice(array_keys($tocache), 0, $revisions);
1201	9bbf0b4e	Scott Ullrich	foreach($toslice as $sliced)
1202	cdccfea2	Scott Ullrich	$newcache[$sliced] = $tocache[$sliced];
1203	dc74c78a	Colin Smith	foreach($tocache as $version => $versioninfo) {
1204			if(!in_array($version, array_keys($newcache))) {
1205			unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml');
1206	346089b0	Scott Ullrich	if($g['booting']) print " " . $tocheck . "d";
1207	dc74c78a	Colin Smith	}
1208	41508358	Scott Ullrich	}
1209	dc74c78a	Colin Smith	$tocache = $newcache;
1210	41508358	Scott Ullrich	}
1211	dc74c78a	Colin Smith	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
1212	cdccfea2	Scott Ullrich	fwrite($bakout, serialize($tocache));
1213			fclose($bakout);
1214	3fd7c6af	Scott Ullrich	conf_mount_ro();
1215	41508358	Scott Ullrich	}
1216	0027de0a	Ermal Lu?i	if($g['booting'] && $i)
1217			print "done.\n";
1218			if ($lock)
1219			unlock($lockkey);
1220	41508358	Scott Ullrich	}
1221	9bbf0b4e	Scott Ullrich
1222			function get_backups() {
1223	e50b0c5d	Bill Marquette	global $g;
1224	cdccfea2	Scott Ullrich	if(file_exists("{$g['cf_conf_path']}/backup/backup.cache")) {
1225			$confvers = unserialize(file_get_contents("{$g['cf_conf_path']}/backup/backup.cache"));
1226	41508358	Scott Ullrich	$bakvers = array_keys($confvers);
1227			$toreturn = array();
1228			sort($bakvers);
1229	cdccfea2	Scott Ullrich	// $bakvers = array_reverse($bakvers);
1230	9bbf0b4e	Scott Ullrich	foreach(array_reverse($bakvers) as $bakver)
1231	cdccfea2	Scott Ullrich	$toreturn[] = array('time' => $bakver, 'description' => $confvers[$bakver]['description']);
1232	9bbf0b4e	Scott Ullrich	} else {
1233			return false;
1234	cdccfea2	Scott Ullrich	}
1235	41508358	Scott Ullrich	$toreturn['versions'] = $bakvers;
1236	cdccfea2	Scott Ullrich	return $toreturn;
1237	41508358	Scott Ullrich	}
1238	926312b6	Colin Smith
1239	41508358	Scott Ullrich	function backup_config() {
1240			global $config, $g;
1241	e50b0c5d	Bill Marquette
1242	8fb3a072	Scott Ullrich	if($g['platform'] == "cdrom")
1243			return;
1244
1245	865e08c2	Scott Ullrich	conf_mount_rw();
1246
1247	e50b0c5d	Bill Marquette	/* Create backup directory if needed */
1248			safe_mkdir("{$g['cf_conf_path']}/backup");
1249
1250	cdccfea2	Scott Ullrich	if($config['revision']['time'] == "") {
1251			$baktime = 0;
1252			} else {
1253			$baktime = $config['revision']['time'];
1254			}
1255			if($config['revision']['description'] == "") {
1256			$bakdesc = "Unknown";
1257			} else {
1258			$bakdesc = $config['revision']['description'];
1259			}
1260			copy($g['cf_conf_path'] . '/config.xml', $g['cf_conf_path'] . '/backup/config-' . $baktime . '.xml');
1261			if(file_exists($g['cf_conf_path'] . '/backup/backup.cache')) {
1262			$backupcache = unserialize(file_get_contents($g['cf_conf_path'] . '/backup/backup.cache'));
1263			} else {
1264			$backupcache = array();
1265			}
1266			$backupcache[$baktime] = array('description' => $bakdesc);
1267			$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
1268			fwrite($bakout, serialize($backupcache));
1269			fclose($bakout);
1270	9bbf0b4e	Scott Ullrich
1271	865e08c2	Scott Ullrich	conf_mount_ro();
1272	9bbf0b4e	Scott Ullrich
1273	41508358	Scott Ullrich	return true;
1274			}
1275	dd2ab8f8	Scott Ullrich
1276	09b949e1	Scott Ullrich	function set_device_perms() {
1277			$devices = array(
1278			'pf' => array( 'user' => 'proxy',
1279			'group' => 'proxy',
1280			'mode' => 0660),
1281			);
1282
1283			foreach ($devices as $name => $attr) {
1284			$path = "/dev/$name";
1285			if (file_exists($path)) {
1286			chown($path, $attr['user']);
1287			chgrp($path, $attr['group']);
1288			chmod($path, $attr['mode']);
1289			}
1290			}
1291			}
1292
1293	f1d634bb	Scott Ullrich	if($g['booting']) echo ".";
1294			$config = parse_config();
1295
1296	049a688e	Ermal Lu?i	?>

Project

General

Profile

pfSense