/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ 1cb3a834

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	a25183c5	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	a25183c5	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	a25183c5	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	a25183c5	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	a25183c5	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34
35	ab0d0394	Scott Ullrich	function load_balancer_use_sticky() {
36			global $config, $g;
37			if (isset ($config['system']['lb_use_sticky']))
38			touch("/var/etc/use_pf_pool__stickyaddr");
39			else
40			unlink_if_exists("/var/etc/use_pf_pool__stickyaddr");
41			}
42
43	5b237745	Scott Ullrich	function services_dhcpd_configure() {
44	f19d3b7a	Scott Ullrich	global $config, $g;
45	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
46	acd910bf	Scott Ullrich	$mt = microtime();
47	f19d3b7a	Scott Ullrich	echo "services_dhcpd_configure($if) being called $mt\n";
48	acd910bf	Scott Ullrich	}
49	a25183c5	Scott Ullrich
50	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
51	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
52			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
53			if($olsrd['enable'])
54	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
55
56	68a0e4fc	Scott Ullrich	/* configure DHCPD chroot */
57			$fd = fopen("/tmp/dhcpd.sh","w");
58	1d023e00	Scott Ullrich	$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
59			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
60			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
61			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
62			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
63			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
64			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
65			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
66			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
67			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
68			fwrite($fd, "cp /lib/libc.so.6 {$g['dhcpd_chroot_path']}/lib/\n");
69			fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
70			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
71	c7f44ae0	Scott Ullrich	if(!trim($status))
72	1d023e00	Scott Ullrich	fwrite($fd, "mount_devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
73	68a0e4fc	Scott Ullrich	fclose($fd);
74			mwexec("/bin/sh /tmp/dhcpd.sh");
75
76	5b237745	Scott Ullrich	/* kill any running dhcpd */
77	a3046c54	Scott Ullrich	if(is_process_running("dhcpd"))
78			mwexec("killall dhcpd");
79	a25183c5	Scott Ullrich
80	5b237745	Scott Ullrich	$syscfg = $config['system'];
81			$dhcpdcfg = $config['dhcpd'];
82	a25183c5	Scott Ullrich
83	5b237745	Scott Ullrich	/* DHCP enabled on any interfaces? */
84			$dhcpdenable = false;
85			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
86			if (isset($dhcpifconf['enable']) &&
87			(($dhcpif == "lan") \|\|
88			(isset($config['interfaces'][$dhcpif]['enable']) &&
89			$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
90			$dhcpdenable = true;
91	77f32eff	Scott Ullrich	if (isset($dhcpifconf['enable']) &&
92			(($dhcpif == "wan") \|\| (isset($config['interfaces'][$dhcpif]['enable']) &&
93			$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
94	c7f44ae0	Scott Ullrich	$dhcpdenable = true;
95	5b237745	Scott Ullrich	}
96	a25183c5	Scott Ullrich
97	5b237745	Scott Ullrich	if (!$dhcpdenable)
98			return 0;
99	a25183c5	Scott Ullrich
100	5b237745	Scott Ullrich	if ($g['booting'])
101	f05740c1	Scott Ullrich	echo "Starting DHCP service...";
102	5b237745	Scott Ullrich	else
103			sleep(1);
104	a25183c5	Scott Ullrich
105	5b237745	Scott Ullrich	/* write dhcpd.conf */
106	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
107	5b237745	Scott Ullrich	if (!$fd) {
108			printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
109			return 1;
110			}
111	a25183c5	Scott Ullrich
112	c7f44ae0	Scott Ullrich
113	4cab31d0	Scott Ullrich
114	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
115			option domain-name "{$syscfg['domain']}";
116			default-lease-time 7200;
117			max-lease-time 86400;
118			authoritative;
119			log-facility local7;
120			ddns-update-style none;
121	175fe82b	Scott Ullrich	one-lease-per-client true;
122	436a0f50	Scott Ullrich	deny duplicates;
123	5b237745	Scott Ullrich
124			EOD;
125	a25183c5	Scott Ullrich
126	5b237745	Scott Ullrich	$dhcpdifs = array();
127	c7f44ae0	Scott Ullrich
128	8fa56d1f	Scott Ullrich	/* loop through and deterimine if we need to setup
129			* failover peer "bleh" entries
130			*/
131			$dhcpnum = 0;
132			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
133			if($dhcpifconf['failover_peerip'] <> "") {
134			/*
135			* yep, failover peer is defined.
136			* does it match up to a defined vip?
137			*/
138	d2edbd8a	Scott Ullrich	$skew = 110;
139	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
140	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
141			foreach ($a_vip as $vipent) {
142			$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
143			$intip = find_interface_ip($int);
144			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
145			if($int == $real_dhcpif) {
146			/* this is the interface! */
147	54c47ec5	Scott Ullrich	if($vipent['advskew'] < "20")
148	6181b36f	Scott Ullrich	$skew = 0;
149			}
150	8fa56d1f	Scott Ullrich	}
151	25066204	Scott Ullrich	} else {
152			log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!");
153	8fa56d1f	Scott Ullrich	}
154	5e390f54	Scott Ullrich	if($skew > 10) {
155	8fa56d1f	Scott Ullrich	$type = "secondary";
156	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
157	0e93097a	Scott Ullrich	$my_port = "520";
158			$peer_port = "519";
159	8fa56d1f	Scott Ullrich	} else {
160	0e93097a	Scott Ullrich	$my_port = "519";
161			$peer_port = "520";
162	8fa56d1f	Scott Ullrich	$type = "primary";
163	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
164	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
165	8fa56d1f	Scott Ullrich	}
166			$dhcpdconf .= <<<EOPP
167	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
168	8fa56d1f	Scott Ullrich	{$type};
169			address {$intip};
170	0e93097a	Scott Ullrich	port {$my_port};
171	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
172	0e93097a	Scott Ullrich	peer port {$peer_port};
173	8fa56d1f	Scott Ullrich	max-response-delay 60;
174	b865d178	Scott Ullrich	max-unacked-updates 10;
175			{$dhcpdconf_pri}
176	b259d1c6	Scott Ullrich	load balance max seconds 3;
177	8fa56d1f	Scott Ullrich	}
178	c286d395	Scott Ullrich
179	8fa56d1f	Scott Ullrich	EOPP;
180			$dhcpnum++;
181			}
182			}
183
184			$dhcpnum = 0;
185
186	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
187	a25183c5	Scott Ullrich
188	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
189	a25183c5	Scott Ullrich
190	5b237745	Scott Ullrich	if (!isset($dhcpifconf['enable']) \|\|
191	2d5614de	Seth Mos	($ifcfg['ipaddr'] == "dhcp") \|\|
192	5b237745	Scott Ullrich	(($dhcpif != "lan") &&
193			(!isset($ifcfg['enable']) \|\| !$ifcfg['if'] \|\| $ifcfg['bridge'])))
194			continue;
195	d254fe7b	Scott Ullrich
196			if($dhcpif == "lan" && $ifcfg['bridge'])
197	c920cf13	Scott Ullrich	log_error("NOTE: DHCP Server on LAN is enabled.");
198	a25183c5	Scott Ullrich
199	5b237745	Scott Ullrich	$subnet = gen_subnet($ifcfg['ipaddr'], $ifcfg['subnet']);
200			$subnetmask = gen_subnet_mask($ifcfg['subnet']);
201	a25183c5	Scott Ullrich
202	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
203	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
204	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
205	48ab0cd2	Scott Ullrich
206	5b237745	Scott Ullrich	$dnscfg = "";
207	a25183c5	Scott Ullrich
208	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
209			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
210			}
211	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
212			if($dhcpifconf['ddnsdomain'] <> "") {
213			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
214			}
215			$dnscfg .= " ddns-update-style interim;\n";
216			}
217
218	a25183c5	Scott Ullrich
219	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
220	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
221	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
222			$dnscfg .= " option domain-name-servers " . $ifcfg['ipaddr'] . ";";
223			} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
224			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
225			}
226
227			$dhcpdconf .= "subnet $subnet netmask $subnetmask {\n";
228			$dhcpdconf .= " pool {\n";
229
230	2589c9bd	Scott Ullrich	/* is failover dns setup? */
231	698f5500	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
232	aff9d6ab	Scott Ullrich	$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
233	698f5500	Scott Ullrich	if($dhcpifconf['dnsserver'][1] <> "")
234			$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
235	e35dfd89	Scott Ullrich	$dhcpdconf .= ";\n";
236	5b237745	Scott Ullrich	}
237	c7f44ae0	Scott Ullrich
238			if($dhcpifconf['failover_peerip'] <> "")
239	aff9d6ab	Scott Ullrich	$dhcpdconf .= " deny dynamic bootp clients;\n";
240	c7f44ae0	Scott Ullrich
241	a25183c5	Scott Ullrich	if (isset($dhcpifconf['denyunknown']))
242	5b237745	Scott Ullrich	$dhcpdconf .= " deny unknown clients;\n";
243	a25183c5	Scott Ullrich
244	5b237745	Scott Ullrich	if ($dhcpifconf['gateway'])
245			$routers = $dhcpifconf['gateway'];
246			else
247			$routers = $ifcfg['ipaddr'];
248	a25183c5	Scott Ullrich
249	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
250			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
251			$dhcpnum++;
252			}
253
254	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
255			range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
256			}
257			option routers {$routers};
258			$dnscfg
259
260			EOD;
261
262			if ($dhcpifconf['defaultleasetime'])
263			$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
264			if ($dhcpifconf['maxleasetime'])
265			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
266	a25183c5	Scott Ullrich
267	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
268			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
269			$dhcpdconf .= " option netbios-node-type 8;\n";
270			}
271	a25183c5	Scott Ullrich
272	37380063	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
273			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
274
275	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
276			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
277			$dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n";
278			$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
279			}
280			}
281	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
282			}
283
284			EOD;
285
286			/* add static mappings */
287			if (is_array($dhcpifconf['staticmap'])) {
288	a25183c5	Scott Ullrich
289	5b237745	Scott Ullrich	$i = 0;
290			foreach ($dhcpifconf['staticmap'] as $sm) {
291			$dhcpdconf .= <<<EOD
292			host s_{$dhcpif}_{$i} {
293			hardware ethernet {$sm['mac']};
294
295			EOD;
296			if ($sm['ipaddr'])
297			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
298	a25183c5	Scott Ullrich
299	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
300			$i++;
301			}
302			}
303	a25183c5	Scott Ullrich
304	5b237745	Scott Ullrich	$dhcpdifs[] = $ifcfg['if'];
305			}
306
307			fwrite($fd, $dhcpdconf);
308			fclose($fd);
309
310			/* create an empty leases database */
311	1d023e00	Scott Ullrich	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
312	a25183c5	Scott Ullrich
313	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
314	1d023e00	Scott Ullrich	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf {$g['dhcpd_chroot_path']}/etc/dhcpd.conf " .
315	5b237745	Scott Ullrich	join(" ", $dhcpdifs));
316	a25183c5	Scott Ullrich
317	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
318	68a0e4fc	Scott Ullrich	print "done.\n";
319	5c6d0f65	Colin Smith	}
320	a25183c5	Scott Ullrich
321	5b237745	Scott Ullrich	return 0;
322			}
323
324	80933129	Bill Marquette	function interfaces_staticarp_configure($if) {
325	f19d3b7a	Scott Ullrich	global $config, $g;
326	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
327	acd910bf	Scott Ullrich	$mt = microtime();
328	dcf0598e	Scott Ullrich	echo "interfaces_staticarp_configure($if) being called $mt\n";
329	acd910bf	Scott Ullrich	}
330	c7f44ae0	Scott Ullrich
331	80933129	Bill Marquette	$ifcfg = $config['interfaces'][$if];
332	5c0538e0	Bill Marquette
333			/* Enable staticarp, if enabled */
334	80933129	Bill Marquette	if(isset($config['dhcpd'][$if]['staticarp'])) {
335			mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
336	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -ad > /dev/null 2>&1 ");
337	80933129	Bill Marquette	if (is_array($config['dhcpd'][$if]['staticmap'])) {
338	5c0538e0	Bill Marquette
339	80933129	Bill Marquette	foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
340	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
341	f29c9fb3	Scott Ullrich	log_error("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
342	5c0538e0	Bill Marquette	}
343	c7f44ae0	Scott Ullrich
344	5c0538e0	Bill Marquette	}
345			} else {
346	80933129	Bill Marquette	mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
347	d4d6caab	Scott Ullrich	mwexec("/usr/sbin/arp -da > /dev/null 2>&1 ");
348	5c0538e0	Bill Marquette	}
349
350			return 0;
351			}
352
353	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
354	f19d3b7a	Scott Ullrich	global $config, $g;
355	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
356	acd910bf	Scott Ullrich	$mt = microtime();
357	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
358	acd910bf	Scott Ullrich	}
359	a25183c5	Scott Ullrich
360	5b237745	Scott Ullrich	/* kill any running dhcrelay */
361			killbypid("{$g['varrun_path']}/dhcrelay.pid");
362	a25183c5	Scott Ullrich
363	5b237745	Scott Ullrich	$dhcrelaycfg = $config['dhcrelay'];
364	a25183c5	Scott Ullrich
365	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
366			$dhcrelayenable = false;
367	0ab19c0e	Scott Ullrich	if(is_array($dhcrelaycfg)) {
368			foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
369			if (isset($dhcrelayifconf['enable']) &&
370			(($dhcrelayif == "lan") \|\|
371			(isset($config['interfaces'][$dhcrelayif]['enable']) &&
372			$config['interfaces'][$dhcrelayif]['if'] && (!$config['interfaces'][$dhcrelayif]['bridge']))))
373			$dhcrelayenable = true;
374			}
375	5b237745	Scott Ullrich	}
376	a25183c5	Scott Ullrich
377	5b237745	Scott Ullrich	if (!$dhcrelayenable)
378			return 0;
379	a25183c5	Scott Ullrich
380	5b237745	Scott Ullrich	if ($g['booting'])
381	f05740c1	Scott Ullrich	echo "Starting DHCP relay service...";
382	5b237745	Scott Ullrich	else
383			sleep(1);
384	a25183c5	Scott Ullrich
385	5b237745	Scott Ullrich	$dhcrelayifs = array();
386			foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
387	a25183c5	Scott Ullrich
388	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcrelayif];
389	a25183c5	Scott Ullrich
390	5b237745	Scott Ullrich	if (!isset($dhcrelayifconf['enable']) \|\|
391			(($dhcrelayif != "lan") &&
392			(!isset($ifcfg['enable']) \|\| !$ifcfg['if'] \|\| $ifcfg['bridge'])))
393			continue;
394	a25183c5	Scott Ullrich
395	5b237745	Scott Ullrich	$dhcrelayifs[] = $ifcfg['if'];
396			}
397
398	a25183c5	Scott Ullrich	/* In order for the relay to work, it needs to be active on the
399	5b237745	Scott Ullrich	interface in which the destination server sits */
400			foreach ($config['interfaces'] as $ifname) {
401			$subnet = $ifname['ipaddr'] . "/" . $ifname['subnet'];
402	a25183c5	Scott Ullrich	if (ip_in_subnet($dhcrelaycfg['server'],$subnet))
403			$destif = $ifname['if'];
404	5b237745	Scott Ullrich	}
405	a25183c5	Scott Ullrich
406			if (!isset($destif))
407	5b237745	Scott Ullrich	$destif = $config['interfaces']['wan']['if'];
408	a25183c5	Scott Ullrich
409	5b237745	Scott Ullrich	$dhcrelayifs[] = $destif;
410			$dhcrelayifs = array_unique($dhcrelayifs);
411
412			/* fire up dhcrelay */
413			$cmd = "/usr/local/sbin/dhcrelay -i " . join(" -i ", $dhcrelayifs);
414
415	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
416	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
417
418			$cmd .= " {$dhcrelaycfg['server']}";
419			mwexec($cmd);
420	a25183c5	Scott Ullrich
421	5b237745	Scott Ullrich	if (!$g['booting']) {
422	e239df5a	Scott Ullrich	/* set the reload filter dity flag */
423	f229e20f	Scott Ullrich	touch("{$g['tmp_path']}/filter_dirty");
424	5c6d0f65	Colin Smith	}
425	a25183c5	Scott Ullrich
426	5b237745	Scott Ullrich	return 0;
427			}
428
429			function services_dyndns_reset() {
430	f19d3b7a	Scott Ullrich	global $config, $g;
431	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
432			$mt = microtime();
433			echo "services_dyndns_reset() being called $mt\n";
434			}
435	5b237745	Scott Ullrich
436			if (file_exists("{$g['vardb_path']}/ez-ipupdate.cache")) {
437	59a63553	Scott Ullrich	conf_mount_rw();
438	5b237745	Scott Ullrich	unlink("{$g['vardb_path']}/ez-ipupdate.cache");
439	59a63553	Scott Ullrich	conf_mount_ro();
440			}
441
442	5b237745	Scott Ullrich	if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
443			conf_mount_rw();
444			unlink("{$g['conf_path']}/ez-ipupdate.cache");
445			conf_mount_ro();
446			}
447	59a63553	Scott Ullrich
448	5b237745	Scott Ullrich	return 0;
449			}
450
451			function services_dyndns_configure() {
452	f19d3b7a	Scott Ullrich	global $config, $g;
453	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
454			$mt = microtime();
455			echo "services_dyndns_configure() being called $mt\n";
456			}
457
458	5b237745	Scott Ullrich	$dyndnscfg = $config['dyndns'];
459	9cc8c59e	Scott Ullrich	$wancfg = $config['interfaces']['wan'];
460	59a63553	Scott Ullrich
461	5b237745	Scott Ullrich	if (isset($dyndnscfg['enable'])) {
462	59a63553	Scott Ullrich
463			if ($g['booting']) {
464	f05740c1	Scott Ullrich	echo "Starting DynDNS client...";
465	59a63553	Scott Ullrich	if(isset($config['system']['use_old_dyndns'])) {
466			echo " [Using ez-ipupdate] ";
467			services_dyndns_configure_old();
468			return;
469	c7f44ae0	Scott Ullrich	}
470	59a63553	Scott Ullrich	} else {
471	5b237745	Scott Ullrich	sleep(1);
472	59a63553	Scott Ullrich	if(isset($config['system']['use_old_dyndns'])) {
473			services_dyndns_configure_old();
474			return;
475	c7f44ae0	Scott Ullrich	}
476	5e2f59ed	Scott Ullrich	}
477	c7f44ae0	Scott Ullrich
478	59a63553	Scott Ullrich	/* load up the dyndns.class */
479			require_once("dyndns.class");
480
481			log_error("DynDns: Running updatedns()");
482
483	6b35646f	Scott Ullrich	/* determine WAN interface name */
484			$wanif = get_real_wan_interface();
485			/* get ip */
486			$ip = find_interface_ip($wanif);
487
488	59a63553	Scott Ullrich	$dns = new updatedns($dnsService = $config['dyndns']['type'],
489			$dnsHost = $config['dyndns']['host'],
490			$dnsUser = $config['dyndns']['username'],
491			$dnsPass = $config['dyndns']['password'],
492			$dnsWilcard = $config['dyndns']['wildcard'],
493			$dnsMX = $config['dyndns']['mx']);
494
495			if ($g['booting'])
496			echo "done.\n";
497			}
498
499			return 0;
500			}
501
502			function services_dyndns_configure_old() {
503			global $config, $g;
504			if(isset($config['system']['developerspew'])) {
505			$mt = microtime();
506			echo "services_dyndns_configure_old() being called $mt\n";
507			}
508
509			/* kill any running ez-ipupdate */
510			/* ez-ipupdate needs SIGQUIT instead of SIGTERM */
511			sigkillbypid("{$g['varrun_path']}/ez-ipupdate.pid", "QUIT");
512
513			$dyndnscfg = $config['dyndns'];
514			$wancfg = $config['interfaces']['wan'];
515
516			if (isset($dyndnscfg['enable'])) {
517
518			if ($g['booting'])
519	f05740c1	Scott Ullrich	echo "Starting DynDNS client...";
520	59a63553	Scott Ullrich	else
521			sleep(1);
522
523			/* determine WAN interface name */
524			$wanif = get_real_wan_interface();
525
526			/* write ez-ipupdate.conf */
527			$fd = fopen("{$g['varetc_path']}/ez-ipupdate.conf", "w");
528			if (!$fd) {
529			printf("Error: cannot open ez-ipupdate.conf in services_dyndns_configure().\n");
530			return 1;
531			}
532
533			$ezipupdateconf = <<<EOD
534	0d5f2f3e	Scott Ullrich	service-type={$dyndnscfg['type']}
535			user={$dyndnscfg['username']}:{$dyndnscfg['password']}
536			host={$dyndnscfg['host']}
537	59a63553	Scott Ullrich	interface={$wanif}
538	0d5f2f3e	Scott Ullrich	max-interval=2073600
539			pid-file={$g['varrun_path']}/ez-ipupdate.pid
540			cache-file={$g['vardb_path']}/ez-ipupdate.cache
541			execute=/etc/rc.dyndns.storecache
542			daemon
543
544			EOD;
545
546	59a63553	Scott Ullrich	/* enable server[:port]? */
547			if ($dyndnscfg['server']) {
548			if ($dyndnscfg['port'])
549			$ezipupdateconf .= "server={$dyndnscfg['server']}:{$dyndnscfg['port']}\n";
550			else
551			$ezipupdateconf .= "server={$dyndnscfg['server']}\n";
552			}
553	0d5f2f3e	Scott Ullrich
554	59a63553	Scott Ullrich	/* enable MX? */
555			if ($dyndnscfg['mx']) {
556			$ezipupdateconf .= "mx={$dyndnscfg['mx']}\n";
557			}
558	0d5f2f3e	Scott Ullrich
559	59a63553	Scott Ullrich	/* enable wildcards? */
560			if (isset($dyndnscfg['wildcard'])) {
561			$ezipupdateconf .= "wildcard\n";
562			}
563
564			fwrite($fd, $ezipupdateconf);
565			fclose($fd);
566
567			/* if we're booting, copy the cache file from /conf */
568			if ($g['booting']) {
569			if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
570			copy("{$g['conf_path']}/ez-ipupdate.cache", "{$g['vardb_path']}/ez-ipupdate.cache");
571			}
572			}
573
574			/* run ez-ipupdate */
575			mwexec("/usr/local/bin/ez-ipupdate -c {$g['varetc_path']}/ez-ipupdate.conf");
576
577			if ($g['booting'])
578			echo "done\n";
579			}
580
581			return 0;
582	0d5f2f3e	Scott Ullrich	}
583
584	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
585	f19d3b7a	Scott Ullrich	global $config, $g;
586	6a01ea44	Bill Marquette	$return = 0;
587
588	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
589	acd910bf	Scott Ullrich	$mt = microtime();
590	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
591	acd910bf	Scott Ullrich	}
592
593	5b237745	Scott Ullrich	/* kill any running dnsmasq */
594			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
595
596			if (isset($config['dnsmasq']['enable'])) {
597	a25183c5	Scott Ullrich
598	5b237745	Scott Ullrich	if ($g['booting'])
599	f05740c1	Scott Ullrich	echo "Starting DNS forwarder...";
600	5b237745	Scott Ullrich	else
601			sleep(1);
602
603			/* generate hosts file */
604	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
605			$return = 1;
606	a25183c5	Scott Ullrich
607	5b237745	Scott Ullrich	$args = "";
608	a25183c5	Scott Ullrich
609	5b237745	Scott Ullrich	if (isset($config['dnsmasq']['regdhcp'])) {
610	a25183c5	Scott Ullrich
611	d097bb38	Scott Ullrich	$args .= " -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases" .
612	5b237745	Scott Ullrich	" -s {$config['system']['domain']}";
613			}
614
615	0c2b5df7	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
616			foreach($config['dnsmasq']['domainoverrides'] as $override) {
617			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
618			}
619			}
620
621	190010cd	Scott Ullrich	/* suppose that dnsmasq handles our domain and don't send
622			requests for our local domain to upstream servers */
623	79b0d213	Scott Ullrich	//if (!empty($config['system']['domain'])) {
624			// $args .= sprintf(' --local=/%s/', $config['system']['domain']);
625			//}
626	190010cd	Scott Ullrich
627	5b237745	Scott Ullrich	/* run dnsmasq */
628			mwexec("/usr/local/sbin/dnsmasq {$args}");
629
630			if ($g['booting'])
631	5c6d0f65	Colin Smith	echo "done.\n";
632	5b237745	Scott Ullrich	}
633	a25183c5	Scott Ullrich
634	5b237745	Scott Ullrich	if (!$g['booting']) {
635	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
636			$return = 1;
637	5b237745	Scott Ullrich	}
638
639	6a01ea44	Bill Marquette	return $return;
640	5b237745	Scott Ullrich	}
641
642			function services_snmpd_configure() {
643	f19d3b7a	Scott Ullrich	global $config, $g;
644	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
645	acd910bf	Scott Ullrich	$mt = microtime();
646	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
647			}
648	5b237745	Scott Ullrich
649			/* kill any running snmpd */
650			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
651	bc95f193	Scott Ullrich	if(is_process_running("bsnmpd"))
652			exec("/usr/bin/killall bsnmpd");
653	5b237745	Scott Ullrich
654			if (isset($config['snmpd']['enable'])) {
655	a25183c5	Scott Ullrich
656	5b237745	Scott Ullrich	if ($g['booting'])
657	5c6d0f65	Colin Smith	echo "Starting SNMP daemon... ";
658	5b237745	Scott Ullrich
659			/* generate snmpd.conf */
660			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
661			if (!$fd) {
662			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
663			return 1;
664			}
665	a25183c5	Scott Ullrich
666	142da8f7	John Fleming
667	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
668	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
669			contact := "{$config['snmpd']['syscontact']}"
670			read := "{$config['snmpd']['rocommunity']}"
671	142da8f7	John Fleming
672			EOD;
673
674			/* No docs on what write strings do there for disable for now.
675			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
676			$snmpdconf .= <<<EOD
677			# write string
678			write := "{$config['snmpd']['rwcommunity']}"
679
680			EOD;
681			}
682			*/
683
684
685			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
686			$snmpdconf .= <<<EOD
687			# SNMP Trap support.
688	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
689			trapport := {$config['snmpd']['trapserverport']}
690			trap := "{$config['snmpd']['trapstring']}"
691	142da8f7	John Fleming
692
693			EOD;
694			}
695
696
697			$snmpdconf .= <<<EOD
698	d47a8a69	Scott Ullrich	system := 1 # pfSense
699			%snmpd
700			begemotSnmpdDebugDumpPdus = 2
701			begemotSnmpdDebugSyslogPri = 7
702			begemotSnmpdCommunityString.0.1 = $(read)
703	142da8f7	John Fleming
704			EOD;
705
706			/* No docs on what write strings do there for disable for now.
707			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
708			$snmpdconf .= <<<EOD
709			begemotSnmpdCommunityString.0.2 = $(write)
710
711			EOD;
712			}
713			*/
714
715	c7f44ae0	Scott Ullrich
716	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
717			$snmpdconf .= <<<EOD
718			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
719			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
720			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
721
722			EOD;
723			}
724
725
726			$snmpdconf .= <<<EOD
727	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
728	03ba7a0f	John Fleming
729			EOD;
730
731	7cbad422	Scott Ullrich	if(isset($config['snmpd']['bindlan'])) {
732			$bind_to_ip = $config['interfaces']['lan']['ipaddr'];
733			} else {
734			$bind_to_ip = "0.0.0.0";
735			}
736
737	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
738			$snmpdconf .= <<<EOD
739	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
740	03ba7a0f	John Fleming
741			EOD;
742
743			}
744
745			$snmpdconf .= <<<EOD
746	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
747			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
748	142da8f7	John Fleming
749	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
750	9cc8c59e	Scott Ullrich	sysContact = $(contact)
751			sysLocation = $(location)
752			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
753	142da8f7	John Fleming
754	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
755	03ba7a0f	John Fleming
756			EOD;
757
758			if (is_array( $config['snmpd']['modules'] )) {
759			if(isset($config['snmpd']['modules']['mibii'])) {
760			$snmpdconf .= <<<EOD
761	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
762	03ba7a0f	John Fleming
763			EOD;
764			}
765
766			if(isset($config['snmpd']['modules']['netgraph'])) {
767			$snmpdconf .= <<<EOD
768	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
769			%netgraph
770			begemotNgControlNodeName = "snmpd"
771	03ba7a0f	John Fleming
772			EOD;
773			}
774
775			if(isset($config['snmpd']['modules']['pf'])) {
776			$snmpdconf .= <<<EOD
777	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
778	95fb49e8	Seth Mos
779			EOD;
780			}
781
782			if(isset($config['snmpd']['modules']['hostres'])) {
783			$snmpdconf .= <<<EOD
784			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
785
786			EOD;
787			}
788			if(isset($config['snmpd']['modules']['bridge'])) {
789			$snmpdconf .= <<<EOD
790			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
791	d47a8a69	Scott Ullrich	# config must end with blank line
792	5b237745	Scott Ullrich
793	03ba7a0f	John Fleming
794	5b237745	Scott Ullrich	EOD;
795	03ba7a0f	John Fleming	}
796			}
797	5b237745	Scott Ullrich
798			fwrite($fd, $snmpdconf);
799			fclose($fd);
800
801	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
802			$bindlan = "";
803			}
804
805	853e003a	Scott Ullrich	/* run bsnmpd */
806			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
807	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
808	5b237745	Scott Ullrich
809			if ($g['booting'])
810	5c6d0f65	Colin Smith	echo "done.\n";
811	5b237745	Scott Ullrich	}
812
813			return 0;
814			}
815
816	f19d3b7a	Scott Ullrich	function services_proxyarp_configure() {
817			global $config, $g;
818	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
819	acd910bf	Scott Ullrich	$mt = microtime();
820	f19d3b7a	Scott Ullrich	echo "services_proxyarp_configure() being called $mt\n";
821	acd910bf	Scott Ullrich	}
822
823	5b237745	Scott Ullrich	/* kill any running choparp */
824			killbyname("choparp");
825	a25183c5	Scott Ullrich
826	1425e067	Bill Marquette	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
827	a23d7248	Scott Ullrich	$paa = array();
828	a25183c5	Scott Ullrich
829	a23d7248	Scott Ullrich	/* group by interface */
830	1425e067	Bill Marquette	foreach ($config['virtualip']['vip'] as $vipent) {
831			if ($vipent['mode'] === "proxyarp") {
832			if ($vipent['interface'])
833			$if = $vipent['interface'];
834			else
835			$if = "wan";
836	a23d7248	Scott Ullrich
837	1425e067	Bill Marquette	if (!is_array($paa[$if]))
838			$paa[$if] = array();
839	a23d7248	Scott Ullrich
840	1425e067	Bill Marquette	$paa[$if][] = $vipent;
841			}
842	e4b7e011	Bill Marquette	}
843	a23d7248	Scott Ullrich
844	1425e067	Bill Marquette	if (count($paa))
845	e4b7e011	Bill Marquette	foreach ($paa as $paif => $paents) {
846			if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) \|\|
847	a23d7248	Scott Ullrich	($config['interfaces']['wan']['ipaddr'] == "dhcp") \|\|
848			($config['interfaces']['wan']['ipaddr'] == "bigpond")))
849			continue;
850
851	e4b7e011	Bill Marquette	$args = $config['interfaces'][$paif]['if'] . " auto";
852	a23d7248	Scott Ullrich
853	e4b7e011	Bill Marquette	foreach ($paents as $paent) {
854	a23d7248	Scott Ullrich
855	1425e067	Bill Marquette	if (isset($paent['subnet']))
856			$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
857	e4b7e011	Bill Marquette	else if (isset($paent['range']))
858			$args .= " " . escapeshellarg($paent['range']['from'] . "-" .
859			$paent['range']['to']);
860			}
861	a25183c5	Scott Ullrich
862	e4b7e011	Bill Marquette	mwexec_bg("/usr/local/sbin/choparp " . $args);
863			}
864	a23d7248	Scott Ullrich	}
865			}
866
867			function services_dnsupdate_process() {
868	f19d3b7a	Scott Ullrich	global $config, $g;
869	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
870	acd910bf	Scott Ullrich	$mt = microtime();
871	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
872	acd910bf	Scott Ullrich	}
873	f19d3b7a	Scott Ullrich
874	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
875			if (isset($config['dnsupdate']['enable'])) {
876	c7f44ae0	Scott Ullrich
877	a23d7248	Scott Ullrich	$wanip = get_current_wan_address();
878			if ($wanip) {
879	c7f44ae0	Scott Ullrich
880	a23d7248	Scott Ullrich	$keyname = $config['dnsupdate']['keyname'];
881			/* trailing dot */
882			if (substr($keyname, -1) != ".")
883			$keyname .= ".";
884	c7f44ae0	Scott Ullrich
885	a23d7248	Scott Ullrich	$hostname = $config['dnsupdate']['host'];
886			/* trailing dot */
887			if (substr($hostname, -1) != ".")
888			$hostname .= ".";
889	c7f44ae0	Scott Ullrich
890	a23d7248	Scott Ullrich	/* write private key file
891			this is dumb - public and private keys are the same for HMAC-MD5,
892			but nsupdate insists on having both */
893			$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w");
894			$privkey .= <<<EOD
895			Private-key-format: v1.2
896			Algorithm: 157 (HMAC)
897			Key: {$config['dnsupdate']['keydata']}
898
899			EOD;
900			fwrite($fd, $privkey);
901			fclose($fd);
902	c7f44ae0	Scott Ullrich
903	a23d7248	Scott Ullrich	/* write public key file */
904			if ($config['dnsupdate']['keytype'] == "zone") {
905			$flags = 257;
906			$proto = 3;
907			} else if ($config['dnsupdate']['keytype'] == "host") {
908			$flags = 513;
909			$proto = 3;
910			} else if ($config['dnsupdate']['keytype'] == "user") {
911			$flags = 0;
912			$proto = 2;
913			}
914	c7f44ae0	Scott Ullrich
915	a23d7248	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w");
916			fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n");
917			fclose($fd);
918	c7f44ae0	Scott Ullrich
919	a23d7248	Scott Ullrich	/* generate update instructions */
920			$upinst = "update delete {$config['dnsupdate']['host']} A\n";
921			$upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n";
922			$upinst .= "\n"; /* mind that trailing newline! */
923	c7f44ae0	Scott Ullrich
924	a23d7248	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w");
925			fwrite($fd, $upinst);
926			fclose($fd);
927	c7f44ae0	Scott Ullrich
928	a23d7248	Scott Ullrich	/* invoke nsupdate */
929	2c9b965a	Scott Ullrich	$cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}/K{$keyname}+157+00000.key";
930	a23d7248	Scott Ullrich	if (isset($config['dnsupdate']['usetcp']))
931			$cmd .= " -v";
932			$cmd .= " {$g['varetc_path']}/nsupdatecmds";
933	c7f44ae0	Scott Ullrich
934	a23d7248	Scott Ullrich	mwexec_bg($cmd);
935			}
936			}
937	c7f44ae0	Scott Ullrich
938	a23d7248	Scott Ullrich	return 0;
939	5b237745	Scott Ullrich	}
940
941	ac809adb	Scott Ullrich	function setup_wireless_olsr() {
942	f19d3b7a	Scott Ullrich	global $config, $g;
943	834c3bbd	Scott Ullrich	if(!$config['installedpackages']['olsrd'] \|\| !$config['installedpackages'])
944	c7f44ae0	Scott Ullrich	return;
945	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
946	acd910bf	Scott Ullrich	$mt = microtime();
947	f19d3b7a	Scott Ullrich	echo "setup_wireless_olsr($interface) being called $mt\n";
948	acd910bf	Scott Ullrich	}
949	eebeaf0d	Scott Ullrich	conf_mount_rw();
950	78e07da7	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
951	8fb40409	Scott Ullrich	$olsr_enable = $olsrd['enable'];
952			if($olsr_enable <> "on")
953	c7f44ae0	Scott Ullrich	return;
954	ac809adb	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
955	48ab0cd2	Scott Ullrich
956	dad93b75	Scott Ullrich	if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
957			$enableannounce .= "\nHna4\n";
958			$enableannounce .= "{\n";
959	bdd25a82	Scott Ullrich	if($olsrd['announcedynamicroute'])
960			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
961			if($olsrd['enableannounce'] == "on")
962			$enableannounce .= "0.0.0.0 0.0.0.0";
963	dad93b75	Scott Ullrich	$enableannounce .= "\n}\n";
964			} else {
965	48ab0cd2	Scott Ullrich	$enableannounce = "";
966	dad93b75	Scott Ullrich	}
967	48ab0cd2	Scott Ullrich
968	db5fbdb7	Scott Ullrich	$olsr .= <<<EODA
969	80ce93c6	Scott Ullrich	#
970			# olsr.org OLSR daemon config file
971			#
972			# Lines starting with a # are discarded
973			#
974	ac809adb	Scott Ullrich	# This file was generated by setup_wireless_olsr() in services.inc
975	80ce93c6	Scott Ullrich	#
976
977	6d0433a5	Scott Ullrich	# This file is an example of a typical
978			# configuration for a mostly static
979			# network(regarding mobility) using
980			# the LQ extention
981
982	80ce93c6	Scott Ullrich	# Debug level(0-9)
983			# If set to 0 the daemon runs in the background
984
985	6d0433a5	Scott Ullrich	DebugLevel 2
986	80ce93c6	Scott Ullrich
987			# IP version to use (4 or 6)
988
989	6d0433a5	Scott Ullrich	IpVersion 4
990	80ce93c6	Scott Ullrich
991			# Clear the screen each time the internal state changes
992
993			ClearScreen yes
994
995	fa4a6253	Scott Ullrich	{$enableannounce}
996	80ce93c6	Scott Ullrich
997			# Should olsrd keep on running even if there are
998			# no interfaces available? This is a good idea
999			# for a PCMCIA/USB hotswap environment.
1000			# "yes" OR "no"
1001
1002	6d0433a5	Scott Ullrich	AllowNoInt yes
1003	80ce93c6	Scott Ullrich
1004			# TOS(type of service) value for
1005			# the IP header of control traffic.
1006			# If not set it will default to 16
1007
1008	6d0433a5	Scott Ullrich	#TosValue 16
1009	80ce93c6	Scott Ullrich
1010			# The fixed willingness to use(0-7)
1011			# If not set willingness will be calculated
1012			# dynamically based on battery/power status
1013			# if such information is available
1014
1015	6d0433a5	Scott Ullrich	#Willingness 4
1016	80ce93c6	Scott Ullrich
1017			# Allow processes like the GUI front-end
1018			# to connect to the daemon.
1019
1020			IpcConnect
1021			{
1022			# Determines how many simultaneously
1023			# IPC connections that will be allowed
1024			# Setting this to 0 disables IPC
1025
1026			MaxConnections 0
1027
1028			# By default only 127.0.0.1 is allowed
1029			# to connect. Here allowed hosts can
1030			# be added
1031
1032			Host 127.0.0.1
1033			#Host 10.0.0.5
1034
1035	c7f44ae0	Scott Ullrich	# You can also specify entire net-ranges
1036	80ce93c6	Scott Ullrich	# that are allowed to connect. Multiple
1037			# entries are allowed
1038
1039	c7f44ae0	Scott Ullrich	#Net 192.168.1.0 255.255.255.0
1040	80ce93c6	Scott Ullrich	}
1041
1042			# Wether to use hysteresis or not
1043			# Hysteresis adds more robustness to the
1044			# link sensing but delays neighbor registration.
1045			# Used by default. 'yes' or 'no'
1046
1047	6d0433a5	Scott Ullrich	UseHysteresis no
1048	80ce93c6	Scott Ullrich
1049			# Hysteresis parameters
1050	c7f44ae0	Scott Ullrich	# Do not alter these unless you know
1051	80ce93c6	Scott Ullrich	# what you are doing!
1052			# Set to auto by default. Allowed
1053			# values are floating point values
1054			# in the interval 0,1
1055			# THR_LOW must always be lower than
1056			# THR_HIGH.
1057
1058	6d0433a5	Scott Ullrich	#HystScaling 0.50
1059			#HystThrHigh 0.80
1060			#HystThrLow 0.30
1061	80ce93c6	Scott Ullrich
1062
1063			# Link quality level
1064			# 0 = do not use link quality
1065			# 1 = use link quality for MPR selection
1066			# 2 = use link quality for MPR selection and routing
1067			# Defaults to 0
1068
1069	11bc553c	Scott Ullrich	LinkQualityLevel {$olsrd['enablelqe']}
1070	80ce93c6	Scott Ullrich
1071			# Link quality window size
1072			# Defaults to 10
1073
1074	6d0433a5	Scott Ullrich	LinkQualityWinSize 10
1075	80ce93c6	Scott Ullrich
1076	c7f44ae0	Scott Ullrich	# Polling rate in seconds(float).
1077	80ce93c6	Scott Ullrich	# Default value 0.05 sec
1078
1079	6d0433a5	Scott Ullrich	Pollrate 0.05
1080	80ce93c6	Scott Ullrich
1081
1082			# TC redundancy
1083			# Specifies how much neighbor info should
1084			# be sent in TC messages
1085			# Possible values are:
1086			# 0 - only send MPR selectors
1087			# 1 - send MPR selectors and MPRs
1088			# 2 - send all neighbors
1089			#
1090			# defaults to 0
1091
1092	6d0433a5	Scott Ullrich	TcRedundancy 2
1093	80ce93c6	Scott Ullrich
1094			#
1095			# MPR coverage
1096			# Specifies how many MPRs a node should
1097			# try select to reach every 2 hop neighbor
1098			#
1099			# Can be set to any integer >0
1100			#
1101			# defaults to 1
1102
1103	6d0433a5	Scott Ullrich	MprCoverage 3
1104	80ce93c6	Scott Ullrich
1105	db5fbdb7	Scott Ullrich	# Example plugin entry with parameters:
1106	80ce93c6	Scott Ullrich
1107	db5fbdb7	Scott Ullrich	EODA;
1108	80ce93c6	Scott Ullrich
1109	1a2369f4	Scott Ullrich	if($olsrd['enablehttpinfo'] == "on") {
1110	db5fbdb7	Scott Ullrich	$olsr .= <<<EODB
1111
1112			LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
1113			{
1114	78e07da7	Scott Ullrich	PlParam "port" "{$olsrd['port']}"
1115			PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
1116	db5fbdb7	Scott Ullrich	}
1117	80ce93c6	Scott Ullrich
1118	db5fbdb7	Scott Ullrich	EODB;
1119
1120			}
1121
1122	aac0e00c	Scott Ullrich	if($olsrd['enabledsecure'] == "on") {
1123	db5fbdb7	Scott Ullrich	$olsr .= <<<EODC
1124
1125	e2894d7f	Scott Ullrich	LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
1126	db5fbdb7	Scott Ullrich	{
1127			PlParam "Keyfile" "/usr/local/etc/olsrkey.txt"
1128			}
1129	80ce93c6	Scott Ullrich
1130	db5fbdb7	Scott Ullrich	EODC;
1131
1132			}
1133
1134	1a2369f4	Scott Ullrich	if($olsrd['enabledyngw'] == "on") {
1135	10c6e7a8	Scott Ullrich
1136			/* unset default route, olsr auto negotiates */
1137			mwexec("/sbin/route delete default");
1138	c7f44ae0	Scott Ullrich
1139	db5fbdb7	Scott Ullrich	$olsr .= <<<EODE
1140
1141			LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
1142			{
1143			# how often to look for a inet gw, in seconds
1144			# defaults to 5 secs, if commented out
1145	78e07da7	Scott Ullrich	PlParam "Interval" "{$olsrd['polling']}"
1146	80ce93c6	Scott Ullrich
1147			# if one or more IPv4 addresses are given, do a ping on these in
1148			# descending order to validate that there is not only an entry in
1149			# routing table, but also a real internet connection. If any of
1150			# these addresses could be pinged successfully, the test was
1151			# succesful, i.e. if the ping on the 1st address was successful,the
1152			# 2nd won't be pinged
1153	78e07da7	Scott Ullrich	PlParam "Ping" "{$olsrd['ping']}"
1154	db5fbdb7	Scott Ullrich	#PlParam "HNA" "192.168.81.0 255.255.255.0"
1155			}
1156	80ce93c6	Scott Ullrich
1157	db5fbdb7	Scott Ullrich	EODE;
1158	80ce93c6	Scott Ullrich
1159	db5fbdb7	Scott Ullrich	}
1160	80ce93c6	Scott Ullrich
1161	a4904847	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $conf) {
1162	c7f44ae0	Scott Ullrich	$interfaces = explode(',', $conf['iface_array']);
1163			foreach($interfaces as $interface) {
1164	015b7184	Scott Ullrich	$realinterface = convert_friendly_interface_to_real_interface_name($interface);
1165	c7f44ae0	Scott Ullrich	$olsr .= <<<EODAD
1166			Interface "{$realinterface}"
1167	80ce93c6	Scott Ullrich	{
1168
1169			# Hello interval in seconds(float)
1170	6d0433a5	Scott Ullrich	HelloInterval 2.0
1171	80ce93c6	Scott Ullrich
1172			# HELLO validity time
1173	6d0433a5	Scott Ullrich	HelloValidityTime 20.0
1174	80ce93c6	Scott Ullrich
1175			# TC interval in seconds(float)
1176	6d0433a5	Scott Ullrich	TcInterval 5.0
1177	80ce93c6	Scott Ullrich
1178			# TC validity time
1179	6d0433a5	Scott Ullrich	TcValidityTime 30.0
1180	80ce93c6	Scott Ullrich
1181			# MID interval in seconds(float)
1182	6d0433a5	Scott Ullrich	MidInterval 5.0
1183	80ce93c6	Scott Ullrich
1184			# MID validity time
1185	6d0433a5	Scott Ullrich	MidValidityTime 30.0
1186	80ce93c6	Scott Ullrich
1187			# HNA interval in seconds(float)
1188	6d0433a5	Scott Ullrich	HnaInterval 5.0
1189	80ce93c6	Scott Ullrich
1190			# HNA validity time
1191	6d0433a5	Scott Ullrich	HnaValidityTime 30.0
1192	80ce93c6	Scott Ullrich
1193			# When multiple links exist between hosts
1194			# the weight of interface is used to determine
1195			# the link to use. Normally the weight is
1196			# automatically calculated by olsrd based
1197			# on the characteristics of the interface,
1198			# but here you can specify a fixed value.
1199			# Olsrd will choose links with the lowest value.
1200
1201			# Weight 0
1202
1203
1204			}
1205	ac809adb	Scott Ullrich
1206	c7f44ae0	Scott Ullrich	EODAD;
1207	ac809adb	Scott Ullrich
1208			}
1209	d70f19da	Scott Ullrich	break;
1210	ac809adb	Scott Ullrich	}
1211	db5fbdb7	Scott Ullrich	fwrite($fd, $olsr);
1212			fclose($fd);
1213			}
1214	c7f44ae0	Scott Ullrich
1215	5b991209	Scott Ullrich	if(is_process_running("olsrd"))
1216	97fd5cb8	Scott Ullrich	mwexec("/usr/bin/killall olsrd");
1217
1218			sleep(2);
1219
1220			mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
1221	c7f44ae0	Scott Ullrich
1222	eebeaf0d	Scott Ullrich	conf_mount_ro();
1223	80ce93c6	Scott Ullrich	}
1224
1225	1071e028	Scott Ullrich	/* configure cron service */
1226			function configure_cron() {
1227			global $g, $config;
1228	64088d3f	Scott Ullrich	conf_mount_rw();
1229	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1230			$crontab_contents = file_get_contents("/etc/crontab");
1231			$crontab_contents_a = split("\n", $crontab_contents);
1232
1233			for ($i = 0; $i < count($crontab_contents_a); $i++) {
1234			$item =& $crontab_contents_a[$i];
1235			if (strpos($item, "# pfSense specific crontab entries") !== false) {
1236			array_splice($crontab_contents_a, $i - 1);
1237			break;
1238			}
1239			}
1240			$crontab_contents = implode("\n", $crontab_contents_a) . "\n";
1241
1242
1243			if (is_array($config['cron']['item'])) {
1244			$crontab_contents .= "#\n";
1245			$crontab_contents .= "# pfSense specific crontab entries\n";
1246			$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
1247			$crontab_contents .= "#\n";
1248
1249			foreach ($config['cron']['item'] as $item) {
1250			$crontab_contents .= "\n{$item['minute']}\t";
1251			$crontab_contents .= "{$item['hour']}\t";
1252			$crontab_contents .= "{$item['mday']}\t";
1253			$crontab_contents .= "{$item['month']}\t";
1254			$crontab_contents .= "{$item['wday']}\t";
1255			$crontab_contents .= "{$item['who']}\t";
1256			$crontab_contents .= "{$item['command']}";
1257			}
1258
1259			$crontab_contents .= "\n#\n";
1260			$crontab_contents .= "# If possible do not add items to this file manually.\n";
1261			$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
1262			$crontab_contents .= "#\n\n";
1263			}
1264
1265			/* please maintain the newline at the end of file */
1266			file_put_contents("/etc/crontab", $crontab_contents);
1267
1268			if (!$g['booting'])
1269			conf_mount_ro();
1270			}
1271
1272	1cb3a834	Ryan Wagoner	function upnp_action ($action) {
1273			switch($action) {
1274			case "start":
1275			if(file_exists('/var/etc/miniupnpd.conf'))
1276			mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf');
1277			break;
1278			case "stop":
1279			while((int)exec("pgrep miniupnpd \| wc -l") > 0)
1280			mwexec('killall miniupnpd 2>/dev/null');
1281			mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1282			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1283			break;
1284			case "restart":
1285			upnp_action('stop');
1286			upnp_action('start');
1287			break;
1288			}
1289			}
1290
1291	f7c2ef28	Scott Ullrich	function upnp_start() {
1292	1cb3a834	Ryan Wagoner	global $config, $g;
1293			if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1294			if($g['booting']) {
1295			echo "Starting UPnP service...";
1296			include('/usr/local/pkg/miniupnpd.inc');
1297			sync_package_miniupnpd();
1298			echo "done.\n";
1299			}
1300			else {
1301			upnp_action('start');
1302			}
1303	f7c2ef28	Scott Ullrich	}
1304			}
1305
1306	1cb3a834	Ryan Wagoner	?>

Project

General

Profile

pfSense