/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 1e332e98

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36			pfSense_BUILDER_BINARIES: /usr/bin/tar /bin/sync /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55			foreach($sysctls as $sysctl => $value) {
56			if($sysctl == $id)
57			return $value;
58			}
59			}
60
61	6df9d7e3	Scott Ullrich	function activate_sysctls() {
62			global $config, $g;
63	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
64	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
65	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
66	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
67	99e88aa0	Ermal Luçi
68	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
69	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
70	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
71			$value = get_default_sysctl_value($tunable['tunable']);
72			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
73			} else {
74	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
75	b2d0140c	Scott Ullrich	}
76	d0b461f5	sullrich	}
77			}
78	6df9d7e3	Scott Ullrich	}
79
80	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
81	c3f535c0	Seth Mos	global $config, $g;
82
83			if(isset($config['system']['developerspew'])) {
84			$mt = microtime();
85			echo "system_resolvconf_generate() being called $mt\n";
86			}
87	ef217c69	Scott Ullrich
88	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
89	ef217c69	Scott Ullrich
90	30cee7b2	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
91			if (!$fd) {
92			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
93			return 1;
94			}
95	ef217c69	Scott Ullrich
96	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
97	ef217c69	Scott Ullrich
98	30cee7b2	Scott Ullrich	$havedns = false;
99	ef217c69	Scott Ullrich
100	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
101	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
102			$ns = array_unique(get_nameservers());
103			foreach($ns as $nameserver) {
104			if($nameserver) {
105			$resolvconf .= "nameserver $nameserver\n";
106			$havedns = true;
107	e428c94d	Scott Ullrich	}
108	c3f535c0	Seth Mos	}
109	30cee7b2	Scott Ullrich	}
110			if (!$havedns && is_array($syscfg['dnsserver'])) {
111	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
112			if ($ns) {
113			$resolvconf .= "nameserver $ns\n";
114			$havedns = true;
115	e428c94d	Scott Ullrich	}
116	e180a6e3	Scott Ullrich	}
117	c3f535c0	Seth Mos	}
118	0f282d7a	Scott Ullrich
119	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
120			fclose($fd);
121	0f282d7a	Scott Ullrich
122	30cee7b2	Scott Ullrich	if (!$g['booting']) {
123	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
124			if (!$dynupdate)
125			services_dhcpd_configure();
126	30cee7b2	Scott Ullrich	}
127	ef217c69	Scott Ullrich
128	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
129			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
130			/* setup static routes for dns servers */
131			$dnsgw = "dns{$dnscounter}gwint";
132			if (isset($config['system'][$dnsgw])) {
133			$interface = $config['system'][$dnsgw];
134			if (($interface <> "") && ($interface <> "none")) {
135			$gatewayip = get_interface_gateway($interface);
136			if(is_ipaddr($gatewayip)) {
137			/* dns server array starts at 0 */
138	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
139	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
140	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
141	b875f306	Scott Ullrich	}
142			}
143	e180a6e3	Scott Ullrich	}
144	c3f535c0	Seth Mos	}
145
146			return 0;
147	5b237745	Scott Ullrich	}
148
149	3d00ccaa	Scott Ullrich	function get_nameservers() {
150			global $config, $g;
151			$master_list = array();
152	30cee7b2	Scott Ullrich
153	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
154	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameserver_* 2>/dev/null`);
155			if (is_array($dns_lists)) {
156	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
157	1033de74	Ermal	if(is_ipaddr($dns))
158	ae9617ae	Ermal	$master_list[] = $dns;
159	60951398	Scott Ullrich	}
160	3d00ccaa	Scott Ullrich	}
161	2a1226ad	Scott Ullrich
162			// Read in any extra nameservers
163			if(file_exists("/var/etc/nameservers.conf")) {
164	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameservers.conf`);
165	2a1226ad	Scott Ullrich	if(is_array($dns_s))
166			foreach($dns_s as $dns)
167	1033de74	Ermal	if (is_ipaddr($dns))
168			$master_list[] = $dns;
169	2a1226ad	Scott Ullrich	}
170
171	3d00ccaa	Scott Ullrich	return $master_list;
172			}
173
174	5b237745	Scott Ullrich	function system_hosts_generate() {
175	f19d3b7a	Scott Ullrich	global $config, $g;
176	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
177			$mt = microtime();
178	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
179	f19d3b7a	Scott Ullrich	}
180	0f282d7a	Scott Ullrich
181	5b237745	Scott Ullrich	$syscfg = $config['system'];
182			$dnsmasqcfg = $config['dnsmasq'];
183
184			if (!is_array($dnsmasqcfg['hosts'])) {
185			$dnsmasqcfg['hosts'] = array();
186			}
187			$hostscfg = $dnsmasqcfg['hosts'];
188	0f282d7a	Scott Ullrich
189	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
190			if (!$fd) {
191	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
192	5b237745	Scott Ullrich	return 1;
193			}
194	0f282d7a	Scott Ullrich
195	f38f8062	Ermal	$hosts .= "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
196	a55e9c70	Ermal Lu?i
197	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
198			$cfgip = get_interface_ip("lan");
199	f38f8062	Ermal	if (is_ipaddr($cfgip))
200			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
201	e5995f9d	Ermal	} else {
202			$sysiflist = get_configured_interface_list();
203			foreach ($sysiflist as $sysif) {
204			if (!interface_has_gateway($sysif)) {
205			$cfgip = get_interface_ip($sysif);
206			if (is_ipaddr($cfgip)) {
207			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
208			break;
209			}
210			}
211			}
212	f38f8062	Ermal	}
213	0f282d7a	Scott Ullrich
214	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
215			if ($host['host'])
216			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
217			else
218			$hosts .= "{$host['ip']} {$host['domain']}\n";
219			}
220	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
221			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
222			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
223	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
224	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
225			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
226	a56e787d	Scott Ullrich	}
227	5b237745	Scott Ullrich	fwrite($fd, $hosts);
228			fclose($fd);
229	0f282d7a	Scott Ullrich
230	24d619f5	Ermal	system_dhcpleases_configure();
231
232			return 0;
233			}
234
235			function system_dhcpleases_configure() {
236	15d456b9	gnhb	global $config, $g;
237
238	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
239			if (isset($config['dnsmasq']['regdhcp'])) {
240			/* Make sure we do not error out */
241			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
242	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
243			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
244			else
245			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
246			} else {
247			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
248			@unlink("{$g['varrun_path']}/dhcpleases.pid");
249			}
250	5b237745	Scott Ullrich	}
251
252			function system_hostname_configure() {
253	f19d3b7a	Scott Ullrich	global $config, $g;
254	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
255			$mt = microtime();
256	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
257	333f8ef0	Scott Ullrich	}
258	0f282d7a	Scott Ullrich
259	5b237745	Scott Ullrich	$syscfg = $config['system'];
260	0f282d7a	Scott Ullrich
261	5b237745	Scott Ullrich	/* set hostname */
262	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
263	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
264	6bfccde7	Scott Ullrich
265			/* Setup host GUID ID. This is used by ZFS. */
266			mwexec("/etc/rc.d/hostid start");
267
268			return $status;
269	5b237745	Scott Ullrich	}
270
271	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
272	962625aa	Ermal	global $config, $g;
273	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
274			$mt = microtime();
275	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
276	58c7450e	Scott Ullrich	}
277	333f8ef0	Scott Ullrich
278	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
279	a529aced	Ermal	/* XXX: More checks need to be done for subsystems that are not compatibel with fast routing. */
280	c64d5028	Ermal	if(isset($config['staticroutes']['enablefastrouting']) && !isset($config['ipsec']['enable']))
281	0f282d7a	Scott Ullrich	mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
282
283	a529aced	Ermal	$gatewayip = "";
284			$interfacegw = "";
285	3cc07282	Ermal	$foundgw = false;
286	a529aced	Ermal	/* tack on all the hard defined gateways as well */
287			if (is_array($config['gateways']['gateway_item'])) {
288	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
289	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
290			if (isset($gateway['defaultgw'])) {
291			if ($gateway['gateway'] == "dynamic")
292			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
293			$gatewayip = $gateway['gateway'];
294			$interfacegw = $gateway['interface'];
295	924f202e	Ermal	if (!empty($interfacegw)) {
296			$defaultif = get_real_interface($gateway['interface']);
297			if ($defaultif)
298			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
299			}
300			$foundgw = true;
301	a529aced	Ermal	break;
302			}
303	6e17413e	Ermal Lu?i	}
304	b24bda08	Scott Ullrich	}
305	3cc07282	Ermal	if ($foundgw == false) {
306			$defaultif = get_real_interface("wan");
307			$interfacegw = "wan";
308			$gatewayip = get_interface_gateway("wan");
309			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
310			}
311	d173230c	Seth Mos	$dont_add_route = false;
312			/* if OLSRD is enabled, allow WAN to house DHCP. */
313			if($config['installedpackages']['olsrd']) {
314			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
315			if($olsrd['enabledyngw'] == "on") {
316			$dont_add_route = true;
317	6e17413e	Ermal Lu?i	break;
318	d173230c	Seth Mos	}
319			}
320			}
321	07b54e8c	smos	/* Create a array from the existing route table */
322			exec("/usr/bin/netstat -rnf inet", $route_str);
323			array_shift($route_str);
324			array_shift($route_str);
325			array_shift($route_str);
326			array_shift($route_str);
327			$route_arr = array();
328			foreach($route_str as $routeline) {
329			$items = preg_split("/[ ]+/i", $routeline);
330	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
331	07b54e8c	smos	}
332
333	1ea67f2e	Ermal	if ($dont_add_route == false ) {
334			if (!empty($interface) && $inteface != $interafegw)
335			;
336			else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
337	b61154fb	smos	$action = "add";
338			if(isset($route_arr['default'])) {
339	07b54e8c	smos	$action = "change";
340			}
341	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
342	07b54e8c	smos	mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip));
343	79f30c1c	Ermal	} else if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
344	a529aced	Ermal	/* Adding gateway for 1.2-style configs without the new
345			* gateway setup configured.
346			* Force WAN to be default gateway because that is the 1.2 behavior.
347			*/
348	24fb2263	Chris Buechler	log_error("WARNING: There is no default gateway in the configuration.");
349	79f30c1c	Ermal	$gatewayip = $config['interfaces']['wan']['gateway'];
350			mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
351	d173230c	Seth Mos	}
352			}
353
354	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
355	a529aced	Ermal	$gateways_arr = return_gateways_array();
356	0f282d7a	Scott Ullrich
357	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
358	a529aced	Ermal	$gatewayip = "";
359			if (isset($gateways_arr[$rtent['gateway']])) {
360			$gatewayip = $gateways_arr[$rtent['gateway']]['gateway'];
361	2db1f552	Ermal	$interfacegw = $gateways_arr[$rtent['gateway']]['interface'];
362	a529aced	Ermal	} else if (is_ipaddr($rtent['gateway'])) {
363	b24bda08	Scott Ullrich	$gatewayip = $rtent['gateway'];
364			} else {
365	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
366	a529aced	Ermal	continue;
367			}
368
369			$action = "add";
370	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
371	a529aced	Ermal	$action = "change";
372
373			if (is_ipaddr($gatewayip)) {
374			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
375	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
376	a529aced	Ermal	} else if (!empty($interfacegw)) {
377			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
378			" -iface " . escapeshellarg($interfacegw));
379	7a98edde	Seth Mos	}
380	5b237745	Scott Ullrich	}
381			}
382	67ee1ec5	Ermal Luçi
383	b9c501ea	Seth Mos	return 0;
384	5b237745	Scott Ullrich	}
385
386			function system_routing_enable() {
387	f19d3b7a	Scott Ullrich	global $config, $g;
388	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
389			$mt = microtime();
390	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
391	58c7450e	Scott Ullrich	}
392	0f282d7a	Scott Ullrich
393	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
394	5b237745	Scott Ullrich	}
395
396			function system_syslogd_start() {
397	f19d3b7a	Scott Ullrich	global $config, $g;
398	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
399			$mt = microtime();
400	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
401	58c7450e	Scott Ullrich	}
402	0f282d7a	Scott Ullrich
403	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
404
405	0f282d7a	Scott Ullrich	if ($g['booting'])
406	f05740c1	Scott Ullrich	echo "Starting syslog...";
407	5b237745	Scott Ullrich	else
408			killbypid("{$g['varrun_path']}/syslog.pid");
409	0f282d7a	Scott Ullrich
410	99f98b80	sullrich	if(is_process_running("syslogd"))
411			mwexec("/usr/bin/killall -9 syslogd");
412			if(is_process_running("fifolog_writer"))
413			mwexec("/usr/bin/killall -9 fifolog_writer");
414	7ee97cb3	Scott Ullrich
415			// Define carious commands for logging
416			$fifolog_create = "/usr/sbin/fifolog_create -s ";
417			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
418			$clog_create = "/usr/sbin/clog -i -s ";
419			$clog_log = "%";
420
421			// Which logging type are we using this week??
422			if(isset($config['system']['usefifolog'])) {
423			$log_directive = $fifolog_log;
424			$log_create_directive = $fifolog_create;
425			} else { // Defaults to CLOG
426			$log_directive = $clog_log;
427			$log_create_directive = $clog_create;
428			}
429
430	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
431	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
432	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
433	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
434			if($package['logging']) {
435	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
436	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
437	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
438	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
439	fe5f3b38	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
440	a728d2ea	Colin Smith	}
441	0d9d2a1b	Scott Ullrich	}
442			}
443	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
444	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
445	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
446			if (!$fd) {
447			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
448			return 1;
449			}
450	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
451	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
452	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
453	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
454			if (!isset($syslogcfg['disablelocallogging']))
455			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
456	328efaba	Ermal	$syslogconf .= "!pptp\n";
457			if (!isset($syslogcfg['disablelocallogging']))
458			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptp.log\n";
459			$syslogconf .= "!pppoe\n";
460			if (!isset($syslogcfg['disablelocallogging']))
461			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pppoe.log\n";
462			$syslogconf .= "!l2tp\n";
463			if (!isset($syslogcfg['disablelocallogging']))
464	bedd946f	Ermal	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tp.log\n";
465	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
466	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
467	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
468	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
469			if($syslogcfg['remoteserver'])
470			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
471			if($syslogcfg['remoteserver2'])
472			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
473			if($syslogcfg['remoteserver3'])
474			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
475			}
476	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
477	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
478	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
479	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
480			if($syslogcfg['remoteserver'])
481			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
482			if($syslogcfg['remoteserver2'])
483			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
484			if($syslogcfg['remoteserver3'])
485			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
486			}
487	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
488			if (!isset($syslogcfg['disablelocallogging']))
489			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
490	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
491			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
492	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
493	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
494	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
495	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
496	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
497	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
498			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
499			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
500			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
501			local7.none {$log_directive}{$g['varlog_path']}/system.log
502			security.* {$log_directive}{$g['varlog_path']}/system.log
503			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
504	9dac9942	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
505			.emerg
506	0a123b4c	Scott Ullrich
507	5b237745	Scott Ullrich	EOD;
508	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
509			if($syslogcfg['remoteserver'])
510			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
511			if($syslogcfg['remoteserver2'])
512			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
513			if($syslogcfg['remoteserver3'])
514			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
515
516			}
517			if (isset($syslogcfg['vpn'])) {
518			if($syslogcfg['remoteserver'])
519			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
520			if($syslogcfg['remoteserver2'])
521			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
522			if($syslogcfg['remoteserver3'])
523			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
524			}
525			if (isset($syslogcfg['portalauth'])) {
526			if($syslogcfg['remoteserver'])
527			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
528			if($syslogcfg['remoteserver2'])
529			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
530			if($syslogcfg['remoteserver3'])
531			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
532			}
533			if (isset($syslogcfg['dhcp'])) {
534			if($syslogcfg['remoteserver'])
535			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
536			if($syslogcfg['remoteserver2'])
537			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
538			if($syslogcfg['remoteserver3'])
539			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
540			}
541			if (isset($syslogcfg['system'])) {
542			if($syslogcfg['remoteserver'])
543			$syslogconf .= <<<EOD
544	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
545			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
546			security.* @{$syslogcfg['remoteserver']}
547			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
548			*.emerg @{$syslogcfg['remoteserver']}
549	d2834563	Scott Ullrich
550	5b237745	Scott Ullrich	EOD;
551	be5d59d7	Scott Ullrich
552			if (isset($syslogcfg['system'])) {
553			if($syslogcfg['remoteserver2'])
554			$syslogconf .= <<<EOD
555			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
556			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
557			security.* @{$syslogcfg['remoteserver2']}
558			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
559			*.emerg @{$syslogcfg['remoteserver2']}
560
561			EOD;
562
563			if (isset($syslogcfg['system'])) {
564			if($syslogcfg['remoteserver3'])
565			$syslogconf .= <<<EOD
566			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
567			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
568			security.* @{$syslogcfg['remoteserver3']}
569			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
570			*.emerg @{$syslogcfg['remoteserver3']}
571
572			EOD;
573
574			}
575	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
576	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
577			$syslogconf .= <<<EOD
578	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
579
580			EOD;
581	be5d59d7	Scott Ullrich
582			}
583			if($syslogcfg['remoteserver2'])
584			$syslogconf .= <<<EOD
585			. @{$syslogcfg['remoteserver2']}
586
587			EOD;
588
589			}
590			if($syslogcfg['remoteserver3'])
591			$syslogconf .= <<<EOD
592			. @{$syslogcfg['remoteserver3']}
593
594			EOD;
595
596			}
597	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
598			fclose($fd);
599	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
600			if(strpos($syslogconf, "@") != false)
601	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
602	6a638a89	Scott Ullrich	else
603	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
604	5b237745	Scott Ullrich
605			} else {
606	c9f8d4f5	Ermal Lu?i	$retval = mwexec("/usr/sbin/syslogd -c");
607	5b237745	Scott Ullrich	}
608	0f282d7a	Scott Ullrich
609	5b237745	Scott Ullrich	if ($g['booting'])
610	5c6d0f65	Colin Smith	echo "done.\n";
611	0f282d7a	Scott Ullrich
612	5b237745	Scott Ullrich	return $retval;
613			}
614
615			function system_pccard_start() {
616	f19d3b7a	Scott Ullrich	global $config, $g;
617	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
618			$mt = microtime();
619	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
620	58c7450e	Scott Ullrich	}
621	0f282d7a	Scott Ullrich
622	5b237745	Scott Ullrich	if ($g['booting'])
623	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
624	0f282d7a	Scott Ullrich
625	5b237745	Scott Ullrich	/* kill any running pccardd */
626			killbypid("{$g['varrun_path']}/pccardd.pid");
627	0f282d7a	Scott Ullrich
628	5b237745	Scott Ullrich	/* fire up pccardd */
629			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
630	0f282d7a	Scott Ullrich
631	5b237745	Scott Ullrich	if ($g['booting']) {
632			if ($res == 0)
633	5c6d0f65	Colin Smith	echo "done.\n";
634	5b237745	Scott Ullrich	else
635	5c6d0f65	Colin Smith	echo "failed!\n";
636	5b237745	Scott Ullrich	}
637	0f282d7a	Scott Ullrich
638	5b237745	Scott Ullrich	return $res;
639			}
640
641	819197a8	Scott Ullrich
642	5b237745	Scott Ullrich	function system_webgui_start() {
643	f19d3b7a	Scott Ullrich	global $config, $g;
644	877ac35d	Scott Ullrich
645			if ($g['booting'])
646	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
647	877ac35d	Scott Ullrich
648	383a4439	Scott Ullrich	/* kill any running lighttpd */
649	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
650
651	e9d0bf64	Scott Ullrich	sleep(1);
652
653	877ac35d	Scott Ullrich	chdir($g['www_path']);
654
655	fb1266d3	Matthew Grooms	/* defaults */
656			$portarg = "80";
657			$crt = "";
658			$key = "";
659	2cf6ddcb	Nigel Graham	$ca = "";
660	fb1266d3	Matthew Grooms
661	877ac35d	Scott Ullrich	/* non-standard port? */
662	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
663	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
664	877ac35d	Scott Ullrich
665			if ($config['system']['webgui']['protocol'] == "https") {
666	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
667	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
668	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
669	1e332e98	jim-p	if (!is_array($config['ca']))
670			$config['ca'] = array();
671			$a_ca =& $config['ca'];
672			if (!is_array($config['cert']))
673			$config['cert'] = array();
674			$a_cert =& $config['cert'];
675	0cdaaa8e	Chris Buechler	echo "Creating SSL Certificate... ";
676	aab4ca82	Scott Ullrich	$cert = array();
677			$cert['refid'] = uniqid();
678			$cert['name'] = "webConfigurator default";
679	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
680			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
681			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
682			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
683			unlink("{$g['tmp_path']}/ssl.key");
684			unlink("{$g['tmp_path']}/ssl.crt");
685	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
686			$a_cert[] = $cert;
687			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
688			write_config("Importing HTTPS certificate");
689			if(!$config['system']['webgui']['port'])
690			$portarg = "443";
691			$ca = ca_chain($cert);
692	edc8a9f8	jim-p	} else {
693	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
694			$key = base64_decode($cert['prv']);
695			if(!$config['system']['webgui']['port'])
696			$portarg = "443";
697	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
698	edc8a9f8	jim-p	}
699	877ac35d	Scott Ullrich	}
700
701			/* generate lighttpd configuration */
702			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
703	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
704	877ac35d	Scott Ullrich
705			/* attempt to start lighthttpd */
706			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
707
708	cc093472	sullrich	/* fetch page to preload apc cache */
709	eb0f4fc6	Ermal Lu?i	$proto = "http";
710			if ($config['system']['webgui']['protocol'])
711			$proto = $config['system']['webgui']['protocol'];
712	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
713	cc093472	sullrich
714	877ac35d	Scott Ullrich	if ($g['booting']) {
715			if ($res == 0)
716			echo "done.\n";
717			else
718			echo "failed!\n";
719			}
720
721			return $res;
722			}
723
724	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
725			$cert,
726			$key,
727	2cf6ddcb	Nigel Graham	$ca,
728	eb0f441c	Scott Ullrich	$pid_file,
729			$port = 80,
730			$document_root = "/usr/local/www/",
731			$cert_location = "cert.pem",
732	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
733	1b666ae2	Scott Ullrich	$max_procs = 2,
734	280b75d9	Scott Ullrich	$max_requests = "2",
735	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
736			$captive_portal = false) {
737	58c7450e	Scott Ullrich
738	f19d3b7a	Scott Ullrich	global $config, $g;
739
740	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
741			mkdir("{$g['tmp_path']}/lighttpdcompress");
742	570ef08c	sullrich
743	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
744			$mt = microtime();
745	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
746	58c7450e	Scott Ullrich	}
747
748	eb0f441c	Scott Ullrich	if($captive_portal == true) {
749			$captiveportal = ",\"mod_rewrite\"";
750	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
751	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
752			$maxprocperip = $config['captiveportal']['maxprocperip'];
753	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
754			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
755			else
756			$captive_portal_mod_evasive = "";
757	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
758			exec("mkdir -p {$g['tmp_path']}/captiveportal");
759			exec("chmod a-w {$g['tmp_path']}/captiveportal");
760	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
761	b0bdc06e	Scott Ullrich	} else {
762	3435dc35	Ermal Lu?i	$captiveportal = "";
763			$captive_portal_rewrite = "";
764	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
765			$captive_portal_mod_evasive = "";
766	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
767	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
768	eb0f441c	Scott Ullrich	}
769	3306a341	Scott Ullrich
770	28cae949	Scott Ullrich	if($port <> "")
771			$lighty_port = $port;
772			else
773			$lighty_port = "80";
774	3d77d4c4	Scott Ullrich
775			$memory = get_memory();
776			$avail = $memory[0];
777
778	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
779			$fast_cgi_enable = false;
780			}
781
782	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
783			if($captive_portal == true) {
784			if($avail > 65 and $avail < 98) {
785			$max_procs = 1;
786			}
787			if($avail > 97 and $avail < 128) {
788			$max_procs = 2;
789			}
790			if($avail > 127 and $avail < 256) {
791			$max_procs = 3;
792			}
793			if($avail > 255 and $avail < 384) {
794			$max_procs = 4;
795			}
796			if($avail > 383) {
797			$max_procs = 5;
798			}
799	b0bdc06e	Scott Ullrich	}
800
801	6e337a84	Scott Ullrich	if($captive_portal == true) {
802			$bin_environment = <<<EOC
803	5e041d5f	Scott Ullrich	"bin-environment" => (
804	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
805			"PHP_FCGI_MAX_REQUESTS" => "500"
806	6e337a84	Scott Ullrich	),
807			EOC;
808
809	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
810			$bin_environment = <<<EOC
811	980df75c	Scott Ullrich	"bin-environment" => (
812	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
813	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
814	04f4a116	Ermal Luçi	),
815
816			EOC;
817			} else
818	980df75c	Scott Ullrich	$bin_environment = <<<EOC
819			"bin-environment" => (
820			"PHP_FCGI_CHILDREN" => "$max_procs",
821			"PHP_FCGI_MAX_REQUESTS" => "500"
822			),
823			EOC;
824
825	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
826	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
827	4edb490d	Scott Ullrich	$cgi_config = "";
828			$fastcgi_config = <<<EOD
829			#### fastcgi module
830			## read fastcgi.txt for more info
831	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
832			( "localhost" =>
833			(
834	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
835	980df75c	Scott Ullrich	"min-procs" => 0,
836	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
837	6e337a84	Scott Ullrich	{$bin_environment}
838	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
839			)
840			)
841			)
842	4edb490d	Scott Ullrich
843	dde4f60c	Scott Ullrich	#### CGI module
844	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
845	dde4f60c	Scott Ullrich
846	4edb490d	Scott Ullrich	EOD;
847			} else {
848			$fastcgi_config = "";
849			$module = "\"mod_cgi\"";
850			$cgi_config = <<<EOD
851			#### CGI module
852			cgi.assign = ( ".php" => "/usr/local/bin/php",
853	d4302f46	Espen Johansen	".cgi" => "" )
854	333f8ef0	Scott Ullrich
855	4edb490d	Scott Ullrich	EOD;
856			}
857	333f8ef0	Scott Ullrich
858	3435dc35	Ermal Lu?i	$lighty_config = "";
859	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
860	28cae949	Scott Ullrich	#
861	a632cf43	Scott Ullrich	# lighttpd configuration file
862			#
863			# use a it as base for lighttpd 1.0.0 and above
864	28cae949	Scott Ullrich	#
865	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
866
867	770b4b9c	Scott Ullrich	## FreeBSD!
868	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
869			server.network-backend = "writev"
870	096261af	Scott Ullrich
871	a632cf43	Scott Ullrich	## modules to load
872	4edb490d	Scott Ullrich	server.modules = (
873	c93ad789	Scott Ullrich	{$captive_portal_module}
874	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
875	c93ad789	Scott Ullrich	{$module}{$captiveportal}
876			)
877	28cae949	Scott Ullrich
878			## Unused modules
879	6a019c11	Scott Ullrich	# "mod_setenv",
880			# "mod_rewrite",
881	28cae949	Scott Ullrich	# "mod_ssi",
882			# "mod_usertrack",
883			# "mod_expire",
884			# "mod_secdownload",
885			# "mod_rrdtool",
886	a632cf43	Scott Ullrich	# "mod_auth",
887			# "mod_status",
888	28cae949	Scott Ullrich	# "mod_alias",
889	a632cf43	Scott Ullrich	# "mod_proxy",
890			# "mod_simple_vhost",
891			# "mod_evhost",
892			# "mod_userdir",
893	28cae949	Scott Ullrich	# "mod_cgi",
894	a632cf43	Scott Ullrich
895	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
896			server.max-keep-alive-idle = 30
897
898	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
899			## server.virtual-* options
900	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
901	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
902	a632cf43	Scott Ullrich
903	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
904			server.max-write-idle = 999
905
906	a632cf43	Scott Ullrich	## where to send error-messages to
907	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
908	a632cf43	Scott Ullrich
909			# files to check for if .../ is requested
910			server.indexfiles = ( "index.php", "index.html",
911			"index.htm", "default.htm" )
912
913			# mimetype mapping
914			mimetype.assign = (
915			".pdf" => "application/pdf",
916			".sig" => "application/pgp-signature",
917			".spl" => "application/futuresplash",
918			".class" => "application/octet-stream",
919			".ps" => "application/postscript",
920			".torrent" => "application/x-bittorrent",
921			".dvi" => "application/x-dvi",
922			".gz" => "application/x-gzip",
923			".pac" => "application/x-ns-proxy-autoconfig",
924			".swf" => "application/x-shockwave-flash",
925			".tar.gz" => "application/x-tgz",
926			".tgz" => "application/x-tgz",
927			".tar" => "application/x-tar",
928			".zip" => "application/zip",
929			".mp3" => "audio/mpeg",
930			".m3u" => "audio/x-mpegurl",
931			".wma" => "audio/x-ms-wma",
932			".wax" => "audio/x-ms-wax",
933			".ogg" => "audio/x-wav",
934			".wav" => "audio/x-wav",
935			".gif" => "image/gif",
936			".jpg" => "image/jpeg",
937			".jpeg" => "image/jpeg",
938			".png" => "image/png",
939			".xbm" => "image/x-xbitmap",
940			".xpm" => "image/x-xpixmap",
941			".xwd" => "image/x-xwindowdump",
942			".css" => "text/css",
943			".html" => "text/html",
944			".htm" => "text/html",
945			".js" => "text/javascript",
946			".asc" => "text/plain",
947			".c" => "text/plain",
948			".conf" => "text/plain",
949			".text" => "text/plain",
950			".txt" => "text/plain",
951			".dtd" => "text/xml",
952			".xml" => "text/xml",
953			".mpeg" => "video/mpeg",
954			".mpg" => "video/mpeg",
955			".mov" => "video/quicktime",
956			".qt" => "video/quicktime",
957			".avi" => "video/x-msvideo",
958			".asf" => "video/x-ms-asf",
959			".asx" => "video/x-ms-asf",
960			".wmv" => "video/x-ms-wmv",
961			".bz2" => "application/x-bzip",
962			".tbz" => "application/x-bzip-compressed-tar",
963			".tar.bz2" => "application/x-bzip-compressed-tar"
964			)
965
966			# Use the "Content-Type" extended attribute to obtain mime type if possible
967			#mimetypes.use-xattr = "enable"
968
969			#### accesslog module
970	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
971	a632cf43	Scott Ullrich
972			## deny access the file-extensions
973			#
974			# ~ is for backupfiles from vi, emacs, joe, ...
975			# .inc is often used for code includes which should in general not be part
976			# of the document-root
977			url.access-deny = ( "~", ".inc" )
978
979
980			######### Options that are good to be but not neccesary to be changed #######
981
982			## bind to port (default: 80)
983	28cae949	Scott Ullrich	server.port = {$lighty_port}
984	a632cf43	Scott Ullrich
985			## error-handler for status 404
986			#server.error-handler-404 = "/error-handler.html"
987			#server.error-handler-404 = "/error-handler.php"
988
989			## to help the rc.scripts
990			server.pid-file = "/var/run/{$pid_file}"
991
992			## virtual directory listings
993	28cae949	Scott Ullrich	server.dir-listing = "disable"
994	a632cf43	Scott Ullrich
995			## enable debugging
996	28cae949	Scott Ullrich	debug.log-request-header = "disable"
997			debug.log-response-header = "disable"
998			debug.log-request-handling = "disable"
999			debug.log-file-not-found = "disable"
1000	a632cf43	Scott Ullrich
1001	570ef08c	sullrich	# gzip compression
1002	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1003	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1004
1005	3306a341	Scott Ullrich	{$server_upload_dirs}
1006	1ef7b568	Scott Ullrich
1007	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1008	ee959dc4	Scott Ullrich
1009	4edb490d	Scott Ullrich	{$fastcgi_config}
1010
1011			{$cgi_config}
1012	a632cf43	Scott Ullrich
1013	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1014
1015	569f47e9	Scott Ullrich	expire.url = (
1016	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1017	569f47e9	Scott Ullrich	)
1018
1019	a632cf43	Scott Ullrich	EOD;
1020
1021	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1022	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1023	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1024	7aae518a	Scott Ullrich
1025			$cert = str_replace("\n\n", "\n", $cert);
1026	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1027	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1028	7aae518a	Scott Ullrich
1029	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1030	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1031	5b237745	Scott Ullrich	if (!$fd) {
1032			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1033			return 1;
1034			}
1035	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1036	5b237745	Scott Ullrich	fwrite($fd, $cert);
1037			fwrite($fd, "\n");
1038			fwrite($fd, $key);
1039			fclose($fd);
1040	2cf6ddcb	Nigel Graham	if($ca <> "") {
1041			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1042			if (!$fd) {
1043			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1044			return 1;
1045			}
1046			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1047			fwrite($fd, $ca);
1048			fclose($fd);
1049			}
1050	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1051	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1052	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1053	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1054	2cf6ddcb	Nigel Graham	if($ca <> "")
1055			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1056	5b237745	Scott Ullrich	}
1057	a978a0ff	Chris Buechler
1058			// Add HTTP to HTTPS redirect
1059			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1060	7921e8e5	Chris Buechler	if($lighty_port != "443")
1061			$redirectport = ":{$lighty_port}";
1062	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1063			\$SERVER["socket"] == ":80" {
1064			\$HTTP["host"] =~ "(.*)" {
1065	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1066	d7e230ae	Chris Buechler	}
1067			}
1068			EOD;
1069			}
1070	0f282d7a	Scott Ullrich
1071	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1072	a632cf43	Scott Ullrich	if (!$fd) {
1073	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1074	a632cf43	Scott Ullrich	return 1;
1075	5b237745	Scott Ullrich	}
1076	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1077			fclose($fd);
1078
1079			return 0;
1080	0f282d7a	Scott Ullrich
1081	5b237745	Scott Ullrich	}
1082
1083			function system_timezone_configure() {
1084	f19d3b7a	Scott Ullrich	global $config, $g;
1085	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1086			$mt = microtime();
1087	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1088	333f8ef0	Scott Ullrich	}
1089	5b237745	Scott Ullrich
1090			$syscfg = $config['system'];
1091
1092			if ($g['booting'])
1093	f05740c1	Scott Ullrich	echo "Setting timezone...";
1094	5b237745	Scott Ullrich
1095			/* extract appropriate timezone file */
1096			$timezone = $syscfg['timezone'];
1097			if (!$timezone)
1098			$timezone = "Etc/UTC";
1099	0f282d7a	Scott Ullrich
1100	34febcde	Scott Ullrich	conf_mount_rw();
1101
1102	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1103	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1104
1105	4efd4885	Scott Ullrich	mwexec("sync");
1106	27150275	Scott Ullrich	conf_mount_ro();
1107	34febcde	Scott Ullrich
1108	5b237745	Scott Ullrich	if ($g['booting'])
1109	5c6d0f65	Colin Smith	echo "done.\n";
1110	5b237745	Scott Ullrich	}
1111
1112			function system_ntp_configure() {
1113	f19d3b7a	Scott Ullrich	global $config, $g;
1114	5b237745	Scott Ullrich
1115			$syscfg = $config['system'];
1116
1117	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1118			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1119			if(!$fd) {
1120	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1121	20b90e0a	Scott Ullrich	return;
1122	5b237745	Scott Ullrich	}
1123
1124	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1125			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1126			fwrite($fd, "# \n\n");
1127	0f282d7a	Scott Ullrich
1128	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1129			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1130			fwrite($fd, "servers {$ts}\n");
1131	0f282d7a	Scott Ullrich
1132	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1133	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1134			/* server config is in coregui1 */
1135	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1136			if ($xmlsettings['enable'] == 'on') {
1137			$ifaces = explode(',', $xmlsettings['interface']);
1138	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1139	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1140			$ips = array_map('find_interface_ip', $ifaces);
1141			foreach ($ips as $ip) {
1142	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1143	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1144			}
1145	95594e5a	Scott Ullrich	}
1146			}
1147
1148	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1149	0f282d7a	Scott Ullrich
1150	20b90e0a	Scott Ullrich	/* slurp! */
1151			fclose($fd);
1152
1153			/* if openntpd is running, kill it */
1154	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1155	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
1156	5f3e1f12	Scott Ullrich	}
1157
1158			/* if /var/empty does not exist, create it */
1159			if(!is_dir("/var/empty"))
1160			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1161
1162	4a40de3c	Scott Ullrich	if($g['booting'])
1163			return;
1164
1165	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1166			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1167	83eb4567	Scott Ullrich
1168			// Note that we are starting up
1169			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1170	0f282d7a	Scott Ullrich
1171	5b237745	Scott Ullrich	}
1172
1173	652cf082	Seth Mos	function sync_system_time() {
1174			global $config, $g;
1175
1176			$syscfg = $config['system'];
1177
1178			if ($g['booting'])
1179	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1180	652cf082	Seth Mos
1181			/* foreach through servers and write out to ntpd.conf */
1182			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1183			mwexec("/usr/sbin/ntpdate -s $ts");
1184			}
1185	4582b281	Scott Ullrich
1186			if ($g['booting'])
1187			echo "done.\n";
1188
1189	652cf082	Seth Mos	}
1190
1191	405e5de0	Scott Ullrich	function system_halt() {
1192			global $g;
1193
1194			system_reboot_cleanup();
1195
1196	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1197	405e5de0	Scott Ullrich	}
1198
1199	5b237745	Scott Ullrich	function system_reboot() {
1200			global $g;
1201	0f282d7a	Scott Ullrich
1202	5b237745	Scott Ullrich	system_reboot_cleanup();
1203	0f282d7a	Scott Ullrich
1204	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1205			}
1206
1207			function system_reboot_sync() {
1208			global $g;
1209	0f282d7a	Scott Ullrich
1210	5b237745	Scott Ullrich	system_reboot_cleanup();
1211	0f282d7a	Scott Ullrich
1212	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1213			}
1214
1215			function system_reboot_cleanup() {
1216	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1217	04967d99	jim-p	require_once("captiveportal.inc");
1218	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1219	336e3c1c	Charlie	require_once("voucher.inc");
1220			voucher_save_db_to_config();
1221	5b237745	Scott Ullrich	}
1222
1223			function system_do_shell_commands($early = 0) {
1224	f19d3b7a	Scott Ullrich	global $config, $g;
1225	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1226			$mt = microtime();
1227	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1228	58c7450e	Scott Ullrich	}
1229	0f282d7a	Scott Ullrich
1230	5b237745	Scott Ullrich	if ($early)
1231			$cmdn = "earlyshellcmd";
1232			else
1233			$cmdn = "shellcmd";
1234	0f282d7a	Scott Ullrich
1235	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1236	333f8ef0	Scott Ullrich
1237	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1238	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1239			exec($cmd);
1240			}
1241	245388b4	Scott Ullrich
1242			} elseif($config['system'][$cmdn] <> "") {
1243	333f8ef0	Scott Ullrich
1244	245388b4	Scott Ullrich	/* execute single item */
1245			exec($config['system'][$cmdn]);
1246
1247	5b237745	Scott Ullrich	}
1248			}
1249
1250			function system_console_configure() {
1251	f19d3b7a	Scott Ullrich	global $config, $g;
1252	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1253			$mt = microtime();
1254	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1255	333f8ef0	Scott Ullrich	}
1256	0f282d7a	Scott Ullrich
1257	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1258			touch("{$g['varetc_path']}/disableconsole");
1259			} else {
1260			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1261			}
1262			}
1263
1264			function system_dmesg_save() {
1265	f19d3b7a	Scott Ullrich	global $g;
1266	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1267			$mt = microtime();
1268	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1269	f19d3b7a	Scott Ullrich	}
1270	0f282d7a	Scott Ullrich
1271	767a716e	Scott Ullrich	$dmesg = "";
1272	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1273	0f282d7a	Scott Ullrich
1274	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1275			$lastcpline = 0;
1276	0f282d7a	Scott Ullrich
1277	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1278			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1279			$lastcpline = $i;
1280			}
1281	0f282d7a	Scott Ullrich
1282	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1283			if (!$fd) {
1284			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1285			return 1;
1286			}
1287	0f282d7a	Scott Ullrich
1288	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1289			fwrite($fd, $dmesg[$i] . "\n");
1290	0f282d7a	Scott Ullrich
1291	5b237745	Scott Ullrich	fclose($fd);
1292	0f282d7a	Scott Ullrich
1293	5b237745	Scott Ullrich	return 0;
1294			}
1295
1296			function system_set_harddisk_standby() {
1297	f19d3b7a	Scott Ullrich	global $g, $config;
1298	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1299			$mt = microtime();
1300	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1301	58c7450e	Scott Ullrich	}
1302	5b237745	Scott Ullrich
1303			if (isset($config['system']['harddiskstandby'])) {
1304			if ($g['booting']) {
1305	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1306	5b237745	Scott Ullrich	}
1307
1308			$standby = $config['system']['harddiskstandby'];
1309			// Check for a numeric value
1310			if (is_numeric($standby)) {
1311			// Sync the disk(s)
1312			mwexec('/bin/sync');
1313			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1314			// Reinitialize ATA-drives
1315			mwexec('/usr/local/sbin/atareinit');
1316			if ($g['booting']) {
1317	5c6d0f65	Colin Smith	echo "done.\n";
1318	5b237745	Scott Ullrich	}
1319			} else if ($g['booting']) {
1320	5c6d0f65	Colin Smith	echo "failed!\n";
1321	5b237745	Scott Ullrich	}
1322			} else if ($g['booting']) {
1323	5c6d0f65	Colin Smith	echo "failed!\n";
1324	5b237745	Scott Ullrich	}
1325			}
1326			}
1327
1328	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1329	f19d3b7a	Scott Ullrich	global $config;
1330	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1331			$mt = microtime();
1332	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1333	58c7450e	Scott Ullrich	}
1334	243aa7b9	Scott Ullrich
1335	6df9d7e3	Scott Ullrich	activate_sysctls();
1336
1337	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1338			system_disable_arp_wrong_if();
1339			}
1340			}
1341
1342			function system_disable_arp_wrong_if() {
1343	f19d3b7a	Scott Ullrich	global $config;
1344	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1345			$mt = microtime();
1346	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1347	333f8ef0	Scott Ullrich	}
1348	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1349	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1350	3ff9d424	Scott Ullrich	}
1351
1352	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1353	f19d3b7a	Scott Ullrich	global $config;
1354	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1355			$mt = microtime();
1356	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1357	58c7450e	Scott Ullrich	}
1358	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1359	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1360	243aa7b9	Scott Ullrich	}
1361
1362	a199b93e	Scott Ullrich	function enable_watchdog() {
1363			global $config;
1364	1a479479	Scott Ullrich	return;
1365	a199b93e	Scott Ullrich	$install_watchdog = false;
1366			$supported_watchdogs = array("Geode");
1367			$file = file_get_contents("/var/log/dmesg.boot");
1368			foreach($supported_watchdogs as $sd) {
1369			if(stristr($file, "Geode")) {
1370			$install_watchdog = true;
1371			}
1372			}
1373			if($install_watchdog == true) {
1374	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1375	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1376	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1377	a199b93e	Scott Ullrich	}
1378			}
1379	15f14889	Scott Ullrich
1380			function system_check_reset_button() {
1381	fa83737d	Scott Ullrich	global $g;
1382	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1383	fa83737d	Scott Ullrich	return 0;
1384	15f14889	Scott Ullrich
1385	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1386
1387	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1388			return 0;
1389
1390			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1391
1392			if ($retval == 99) {
1393			/* user has pressed reset button for 2 seconds -
1394			reset to factory defaults */
1395			echo <<<EOD
1396
1397			***********************************************************************
1398			* Reset button pressed - resetting configuration to factory defaults. *
1399			* The system will reboot after this completes. *
1400			***********************************************************************
1401
1402
1403			EOD;
1404
1405			reset_factory_defaults();
1406			system_reboot_sync();
1407			exit(0);
1408			}
1409
1410			return 0;
1411			}
1412
1413	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1414			Returns an array with two elements:
1415			name => platform string (e.g. 'wrap', 'alix' etc.)
1416			descr => human-readable description (e.g. "PC Engines WRAP")
1417			*/
1418			function system_identify_specific_platform() {
1419			global $g;
1420
1421			if ($g['platform'] == 'generic-pc')
1422			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1423
1424			if ($g['platform'] == 'generic-pc-cdrom')
1425			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1426
1427			/* the rest of the code only deals with 'embedded' platforms */
1428	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1429	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1430
1431			$dmesg = system_get_dmesg_boot();
1432
1433			if (strpos($dmesg, "PC Engines WRAP") !== false)
1434			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1435
1436			if (strpos($dmesg, "PC Engines ALIX") !== false)
1437			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1438
1439			if (preg_match("/Soekris net45../", $dmesg, $matches))
1440			return array('name' => 'net45xx', 'descr' => $matches[0]);
1441
1442			if (preg_match("/Soekris net48../", $dmesg, $matches))
1443			return array('name' => 'net48xx', 'descr' => $matches[0]);
1444
1445			if (preg_match("/Soekris net55../", $dmesg, $matches))
1446			return array('name' => 'net55xx', 'descr' => $matches[0]);
1447
1448			/* unknown embedded platform */
1449			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1450			}
1451
1452			function system_get_dmesg_boot() {
1453			global $g;
1454	d16af75d	Scott Ullrich
1455	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1456			}
1457
1458	3cc07282	Ermal	?>

Project

General

Profile

pfSense