pfSense

#!/usr/local/bin/php -q

<?php

/* $Id$ */

/*

	rc.initial.setlanip

	part of m0n0wall (http://m0n0.ch/wall)

	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.

	All rights reserved.

	Redistribution and use in source and binary forms, with or without

	modification, are permitted provided that the following conditions are met:

	1. Redistributions of source code must retain the above copyright notice,

	   this list of conditions and the following disclaimer.

	2. Redistributions in binary form must reproduce the above copyright

	   notice, this list of conditions and the following disclaimer in the

	   documentation and/or other materials provided with the distribution.

	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,

	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,

	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF

	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN

	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

	POSSIBILITY OF SUCH DAMAGE.

*/

$options = getopt("hn", array("dry-run", "help"));

if (isset($options["h"]) || isset($options["help"])) {

	echo "usage: /etc/rc.initial.setlanip [option ...]\n";

	echo "  -h, --help       show this message\n";

	echo "  -n, --dry-run    do not make any configuration changes\n";

	exit(0);

}

$dry_run = isset($options["n"]) || isset($options["dry-run"]);

if ($dry_run) {

	echo "DRY RUN MODE IS ON\n";

}

/* parse the configuration and include all functions used below */

require_once("config.inc");

require_once("functions.inc");

require_once("filter.inc");

require_once("shaper.inc");

require_once("rrd.inc");

function console_get_interface_from_ppp($realif) {

	global $config;

	if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {

		foreach ($config['ppps']['ppp'] as $pppid => $ppp) {

			if ($realif == $ppp['if']) {

				$ifaces = explode(",", $ppp['ports']);

				return $ifaces[0];

			}

		}

	}

	return "";

}

function prompt_for_enable_dhcp_server($version = 4) {

	global $config, $fp, $interface;

	if($interface == "wan") {

		if($config['interfaces']['lan']) 

			return "n";

	}

	/* only allow DHCP server to be enabled when static IP is

	   configured on this interface */

	if ($version === 6) {

		$is_ipaddr = is_ipaddrv6($config['interfaces'][$interface]['ipaddrv6']);

	} else {

		$is_ipaddr = is_ipaddrv4($config['interfaces'][$interface]['ipaddr']);

	}

	if ($is_ipaddr) {

		$label_DHCP = ($version === 6) ? "DHCP6" : "DHCP";

		do {

			$good = false;

			$upperifname = strtoupper($interface);

			echo "\n" . sprintf(gettext("Do you want to enable the %s server on %s? [y|n]"),

			                    $label_DHCP, $upperifname) . "  ";

			$yn = strtolower(chop(fgets($fp)));

			if ($yn[0] == "y" or $yn[0] == "n")

				$good = true;

		} while (!$good);

	}

	return $yn;

}

function get_interface_config_description($iface) {

	global $config;

	$c = $config['interfaces'][$iface];

	if (!$c) { return null; }

	$if = $c['if'];

	$result = $if;

	$result2 = array();

	$ipaddr = $c['ipaddr'];

	$ipaddrv6 = $c['ipaddrv6'];

	if (is_ipaddr($ipaddr)) {

		$result2[] = "static";

	} else if ($ipaddr == "dhcp") {

		$result2[] = "dhcp";

	}

	if (is_ipaddr($ipaddrv6)) {

		$result2[] = "staticv6";

	} else if ($ipaddrv6 == "dhcp6") {

		$result2[] = "dhcp6";

	}

	if (count($result2)) {

		$result .= " - " . implode(", ", $result2);

	}

	return $result;

}

$fp = fopen('php://stdin', 'r');

/* build an interface collection */

$ifdescrs = get_configured_interface_with_descr(false, true);

$count = count($ifdescrs);

/* grab interface that we will operate on, unless there is only one

   interface */

if ($count > 1) {

	echo "Available interfaces:\n\n";

	$x=1;

	foreach($ifdescrs as $iface => $ifdescr) {

		$config_descr = get_interface_config_description($iface);

		echo "{$x} - {$ifdescr} ({$config_descr})\n";

		$x++;

	}

	echo "\nEnter the number of the interface you wish to configure: ";

	$intnum = chop(fgets($fp));	

} else {

	$intnum = $count;

}

if($intnum < 1) 

	exit;

if($intnum > $count)

	exit;

$index = 1;

foreach ($ifdescrs as $ifname => $ifdesc) {

	if ($intnum == $index)  {

		$interface = $ifname;

		break;

	} else {

		$index++;

	}

}	

if(!$interface) {

	echo "Invalid interface!\n";

	exit;

}

$ifaceassigned = "";

function next_unused_gateway_name($interface) {

	global $g, $config;

	$new_name = "GW_" . strtoupper($interface);

	if (!is_array($config['gateways']['gateway_item'])) { return $new_name; }

	$count = 1;

	do {

		$existing = false;

		foreach ($config['gateways']['gateway_item'] as $item) {

			if ($item['name'] === $new_name) {

				$existing = true;

				break;

			}

		}

		if ($existing) {

			$count += 1;

			$new_name = "GW_" . strtoupper($interface) . "_" . $count;

		}

	} while ($existing);

	return $new_name;

}

function add_gateway_to_config($interface, $gatewayip, $inet_type) {

	global $g, $config, $dry_run;

	if (!is_array($config['gateways']['gateway_item'])) {

		$config['gateways']['gateway_item'] = array();

	}

	$a_gateways = &$config['gateways']['gateway_item'];

	if ($dry_run) {

		print_r($a_gateways);

	}

	$new_name = '';

	$is_default = true;

	foreach ($a_gateways as $item) {

		if ($item['ipprotocol'] === $inet_type) {

			if (isset($item['defaultgw']))

				$is_default = false;

			if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip))

				$new_name = $item['name'];

		}

	}

	if ($new_name == '') {

		$new_name = next_unused_gateway_name($interface);

		$item = array(

			"interface" => $interface,

			"gateway" => $gatewayip,

			"name" => $new_name,

			"weight" => 1,

			"ipprotocol" => $inet_type,

			"interval" => true,

			"descr" => "Interface $interface Gateway",

			"defaultgw" => $is_default

		);

		if ($dry_run) {

			print_r($item);

		}

		$a_gateways[] = $item;

	}

	return $new_name;

}

function console_configure_ip_address($version) {

	global $g, $config, $interface, $restart_dhcpd, $ifaceassigned, $fp;

	$label_IPvX = ($version === 6) ? "IPv6"   : "IPv4";

	$maxbits    = ($version === 6) ? 127      : 31;

	$label_DHCP = ($version === 6) ? "DHCP6"  : "DHCP";

	$upperifname = strtoupper($interface);

	if($interface == "wan") {

		echo sprintf(gettext("Configure %s address %s interface via %s?  [y|n]"),

		             $label_IPvX, $upperifname, $label_DHCP) . "\n> ";

		$intdhcp = chop(fgets($fp));

		if(strtolower($intdhcp) == "y" || strtolower($intdhcp) == "yes") {

			$ifppp = console_get_interface_from_ppp(get_real_interface("wan"));

			if (!empty($ifppp))

				$ifaceassigned = $ifppp;

			$intip = ($version === 6) ? "dhcp6" : "dhcp";

			$intbits = "";

			$isintdhcp = true;

			$restart_dhcpd = true;

		} 

	}

	if($isintdhcp == false or $interface <> "wan") {

		do {

			echo "\n" . sprintf(gettext("Enter the new %s %s address.  Press <ENTER> for none:"),

			                    $upperifname, $label_IPvX) . "\n> ";

			$intip = chop(fgets($fp));

			$is_ipaddr = ($version === 6) ? is_ipaddrv6($intip) : is_ipaddrv4($intip);

			if ($is_ipaddr && is_ipaddr_configured($intip, $interface, true)) {

				$ip_conflict = true;

				echo gettext("This IP address conflicts with another interface or a VIP") . "\n";

			} else

				$ip_conflict = false;

		} while (($ip_conflict === true) || !($is_ipaddr || $intip == ''));

		if ($intip != '') {

			echo "\n" . sprintf(gettext("Subnet masks are entered as bit counts (as in CIDR notation) in %s."),

			                    $g['product_name']) . "\n";

			if ($version === 6) {

				echo "e.g. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 = 120\n";

				echo "     ffff:ffff:ffff:ffff:ffff:ffff:ffff:0    = 112\n";

				echo "     ffff:ffff:ffff:ffff:ffff:ffff:0:0       =  96\n";

				echo "     ffff:ffff:ffff:ffff:ffff:0:0:0          =  80\n";

				echo "     ffff:ffff:ffff:ffff:0:0:0:0             =  64\n";

			} else {

				echo "e.g. 255.255.255.0 = 24\n";

				echo "     255.255.0.0   = 16\n";

				echo "     255.0.0.0     = 8\n";

			}

			do {

				$upperifname = strtoupper($interface);

				echo "\n" . sprintf(gettext("Enter the new %s %s subnet bit count:"),

				                    $upperifname, $label_IPvX) . "\n> ";

				$intbits = chop(fgets($fp));

				$restart_dhcpd = true;

			} while (!is_numeric($intbits) || ($intbits < 1) || ($intbits > $maxbits));

			if ($version === 6) {

				$subnet = gen_subnetv6($intip, $intbits);

			} else {

				$subnet = gen_subnet($intip, $intbits);

			}

			do {

				echo "\n" . sprintf(gettext("Enter the new %s %s gateway address.  Press <ENTER> for none:"),

				                    $upperifname, $label_IPvX) . "\n> ";

				$gwip = chop(fgets($fp));

				$is_ipaddr = ($version === 6) ? is_ipaddrv6($gwip) : is_ipaddrv4($gwip);

				$is_in_subnet = $is_ipaddr && ip_in_subnet($gwip, $subnet . "/" . $intbits);

				if ($gwip != '') {

					if (!$is_ipaddr) {

						echo sprintf(gettext("not an %s IP address!"), $label_IPvX) . "\n";

					} else if (!$is_in_subnet) {

						echo gettext("not in subnet!") . "\n";

					}

				}

			} while (!($gwip == '' || ($is_ipaddr && $is_in_subnet)));

			if ($gwip != '') {

				$inet_type = ($version === 6) ? "inet6" : "inet";

				$gwname = add_gateway_to_config($interface, $gwip, $inet_type);

			}

		}

		$ifppp = console_get_interface_from_ppp(get_real_interface($interface));

		if (!empty($ifppp))

			$ifaceassigned = $ifppp;

	}

	return array($intip, $intbits, $gwname);

}

list($intip,  $intbits,  $gwname)  = console_configure_ip_address(4);

list($intip6, $intbits6, $gwname6) = console_configure_ip_address(6);

if (!empty($ifaceassigned))

	$config['interfaces'][$interface]['if'] = $ifaceassigned;

$config['interfaces'][$interface]['ipaddr']    = $intip;

$config['interfaces'][$interface]['subnet']    = $intbits;

$config['interfaces'][$interface]['gateway']   = $gwname;

$config['interfaces'][$interface]['ipaddrv6']  = $intip6;

$config['interfaces'][$interface]['subnetv6']  = $intbits6;

$config['interfaces'][$interface]['gatewayv6'] = $gwname6;

$config['interfaces'][$interface]['enable']    = true;

function console_configure_dhcpd($version = 4) {

	global $g, $config, $restart_dhcpd, $fp, $interface, $dry_run;

	$label_IPvX = ($version === 6) ? "IPv6"    : "IPv4";

	$dhcpd      = ($version === 6) ? "dhcpdv6" : "dhcpd";

	if($g['services_dhcp_server_enable'])

		$yn = prompt_for_enable_dhcp_server($version);

	if ($yn == "y") {

		do {

			echo sprintf(gettext("Enter the start address of the %s client address range:"), $label_IPvX) . " ";

			$dhcpstartip = chop(fgets($fp));

			if ($dhcpstartip === "") {

				fclose($fp);

				exit(0);

			}

			$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpstartip) : is_ipaddrv4($dhcpstartip);

		} while (!$is_ipaddr);

		do {

			echo sprintf(gettext("Enter the end address of the %s client address range:"), $label_IPvX) . " ";

			$dhcpendip = chop(fgets($fp));

			if ($dhcpendip === "") {

				fclose($fp);

				exit(0);

			}

			$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpendip) : is_ipaddrv4($dhcpendip);

		} while (!$is_ipaddr);

		$restart_dhcpd = true;

		$config[$dhcpd][$interface]['enable'] = true;

		$config[$dhcpd][$interface]['range']['from'] = $dhcpstartip;

		$config[$dhcpd][$interface]['range']['to'] = $dhcpendip;

	} else {

		/* TODO - this line is causing a "Fatal error: Cannot unset

		   string offsets in /etc/rc.initial.setlanip" on below line

		   number */

		if($config[$dhcpd][$interface]) 

			unset($config[$dhcpd][$interface]['enable']);

		echo "Disabling DHCPD...";

		if (!$dry_run) {

			services_dhcpd_configure();

		}

		echo "Done!\n";

	}

}

console_configure_dhcpd(4);

console_configure_dhcpd(6);

//*****************************************************************************

if ($config['system']['webgui']['protocol'] == "https") {

	do {

		$good = false;

		echo "\n" . gettext("Do you want to revert to HTTP as the webConfigurator protocol? (y/n)") . " ";

		$yn = strtolower(chop(fgets($fp)));

		if ($yn[0] == "y" or $yn[0] == "n")

			$good = true;

	} while (!$good);

	if ($yn == "y") {

		$config['system']['webgui']['protocol'] = "http";

		$restart_webgui = true;

	}

}

if (isset($config['system']['webgui']['noantilockout'])) {

	echo "\n" . sprintf(gettext("Note: the anti-lockout rule on %s has been re-enabled."), $interface) . "\n";

	unset($config['system']['webgui']['noantilockout']);

}

if($config['interfaces']['lan']) {

	if($config['dhcpd'])

		if($config['dhcpd']['wan'])

			unset($config['dhcpd']['wan']);		

	if($config['dhcpdv6'])

		if($config['dhcpdv6']['wan'])

			unset($config['dhcpdv6']['wan']);

}

if(!$config['interfaces']['lan']) {

	unset($config['interfaces']['lan']);

	if($config['dhcpd']['lan'])

		unset($config['dhcpd']['lan']);

	if($config['dhcpdv6']['lan'])

		unset($config['dhcpdv6']['lan']);

	unset($config['shaper']);

	unset($config['ezshaper']);

	unset($config['nat']);

	if (!$dry_run) {

		system("rm /var/dhcpd/var/db/* >/dev/null 2>/dev/null");

		services_dhcpd_configure();

	}

}

$upperifname = strtoupper($interface);

if (!$dry_run) {

	echo "\nPlease wait while the changes are saved to {$upperifname}...";

	write_config(sprintf(gettext("%s IP configuration from console menu"), $interface));

	interface_reconfigure(strtolower($upperifname));

	echo " Reloading filter...";

	filter_configure_sync();

	echo "\n";

	if($restart_dhcpd) {

		echo " DHCPD..."; 

		services_dhcpd_configure();

	}

	if($restart_webgui) {

		echo " restarting webConfigurator... ";

		mwexec("/etc/rc.restart_webgui");

	}

}

if ($intip != '') {

	if (is_ipaddr($intip)) {

		echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),

		                      $upperifname, "{$intip}/{$intbits}") . "\n";

	} else {

		echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),

		                      $upperifname, $intip) . "\n";

	}

}

if ($intip6 != '') {

	if (is_ipaddr($intip6)) {

		echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),

		                      $upperifname, "${intip6}/${intbits6}") . "\n";

	} else {

		echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),

		                      $upperifname, $intip6) . "\n";

	}

}

if ($intip != '' || $intip6 != '') {

	if (count($ifdescrs) == "1" or $interface = "lan") {

		if ($debug) {

			echo "ifdescrs count is " . count($ifdescrs) . "\n";

			echo "interface is {$interface} \n";

		}

		echo gettext('You can now access the webConfigurator by opening the following URL in your web browser:') . "\n";

		if(!empty($config['system']['webgui']['port'])) {

			$webuiport = $config['system']['webgui']['port'];

			if ($intip != '') {

				echo "		{$config['system']['webgui']['protocol']}://{$intip}:{$webuiport}/\n";

			}

			if ($intip6 != '') {

				if (is_ipaddr($intip6)) {

					echo "		{$config['system']['webgui']['protocol']}://[{$intip6}]:{$webuiport}/\n";

				} else {

					echo "		{$config['system']['webgui']['protocol']}://{$intip6}:{$webuiport}/\n";

				}

			}

		} else {

			if ($intip != '') {

				echo "		{$config['system']['webgui']['protocol']}://{$intip}/\n";

			}

			if ($intip6 != '') {

				if (is_ipaddr($intip6)) {

					echo "		{$config['system']['webgui']['protocol']}://[{$intip6}]/\n";

				} else {

					echo "		{$config['system']['webgui']['protocol']}://{$intip6}/\n";

				}

			}

		}

	}

}

echo "\n" . gettext('Press <ENTER> to continue.');

fgets($fp);

fclose($fp);

?>