/src/usr/local/www/diag_backup.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/diag_backup.php @ 3314e626

1	8ccc8f1a	Scott Ullrich	<?php
2	5b237745	Scott Ullrich	/*
3			diag_backup.php
4			*/
5	fd9ebcd5	Stephen Beaver	/* ====================================================================
6	0e834fc5	Stephen Beaver	* Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved.
7	9da2cf1c	Stephen Beaver	*
8	c9df279d	Stephen Beaver	* Some or all of this file is based on the m0n0wall project which is
9	9da2cf1c	Stephen Beaver	* Copyright (c) 2004 Manuel Kasper (BSD 2 clause)
10	fd9ebcd5	Stephen Beaver	*
11	0e834fc5	Stephen Beaver	* Redistribution and use in source and binary forms, with or without modification,
12			* are permitted provided that the following conditions are met:
13	fd9ebcd5	Stephen Beaver	*
14	0e834fc5	Stephen Beaver	* 1. Redistributions of source code must retain the above copyright notice,
15			* this list of conditions and the following disclaimer.
16	fd9ebcd5	Stephen Beaver	*
17	0e834fc5	Stephen Beaver	* 2. Redistributions in binary form must reproduce the above copyright
18			* notice, this list of conditions and the following disclaimer in
19			* the documentation and/or other materials provided with the
20			* distribution.
21	fd9ebcd5	Stephen Beaver	*
22	0e834fc5	Stephen Beaver	* 3. All advertising materials mentioning features or use of this software
23			* must display the following acknowledgment:
24			* "This product includes software developed by the pfSense Project
25			* for use in the pfSense software distribution. (http://www.pfsense.org/).
26	fd9ebcd5	Stephen Beaver	*
27	0e834fc5	Stephen Beaver	* 4. The names "pfSense" and "pfSense Project" must not be used to
28			* endorse or promote products derived from this software without
29			* prior written permission. For written permission, please contact
30			* coreteam@pfsense.org.
31	fd9ebcd5	Stephen Beaver	*
32	0e834fc5	Stephen Beaver	* 5. Products derived from this software may not be called "pfSense"
33			* nor may "pfSense" appear in their names without prior written
34			* permission of the Electric Sheep Fencing, LLC.
35	fd9ebcd5	Stephen Beaver	*
36	0e834fc5	Stephen Beaver	* 6. Redistributions of any form whatsoever must retain the following
37			* acknowledgment:
38	fd9ebcd5	Stephen Beaver	*
39	0e834fc5	Stephen Beaver	* "This product includes software developed by the pfSense Project
40			* for use in the pfSense software distribution (http://www.pfsense.org/).
41	0da0d43e	Phil Davis	*
42	0e834fc5	Stephen Beaver	* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
43			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
44			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
45			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
46			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
47			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
48			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
49			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
50			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
51			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
52			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53			* OF THE POSSIBILITY OF SUCH DAMAGE.
54	fd9ebcd5	Stephen Beaver	*
55	0e834fc5	Stephen Beaver	* ====================================================================
56	fd9ebcd5	Stephen Beaver	*
57			*/
58	5b237745	Scott Ullrich
59	6b07c15a	Matthew Grooms	##\|+PRIV
60	5d916fc7	Stephen Beaver	##\|*IDENT=page-diagnostics-backup-restore
61	0f298138	k-paulius	##\|*NAME=Diagnostics: Backup & Restore
62			##\|*DESCR=Allow access to the 'Diagnostics: Backup & Restore' page.
63	6b07c15a	Matthew Grooms	##\|MATCH=diag_backup.php
64			##\|-PRIV
65
66	47d11b79	Mark Crane	/* Allow additional execution time 0 = no limit. */
67	3420028c	Scott Ullrich	ini_set('max_execution_time', '0');
68			ini_set('max_input_time', '0');
69	47d11b79	Mark Crane
70	5b237745	Scott Ullrich	/* omit no-cache headers because it confuses IE with file downloads */
71			$omit_nocacheheaders = true;
72	8ccc8f1a	Scott Ullrich	require("guiconfig.inc");
73	7a927e67	Scott Ullrich	require_once("functions.inc");
74			require_once("filter.inc");
75			require_once("shaper.inc");
76	5b237745	Scott Ullrich
77	8bdb6879	Darren Embry	$rrddbpath = "/var/db/rrd";
78			$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
79
80			function rrd_data_xml() {
81			global $rrddbpath;
82			global $rrdtool;
83	73ed069b	Renato Botelho
84	8bdb6879	Darren Embry	$result = "\t<rrddata>\n";
85			$rrd_files = glob("{$rrddbpath}/*.rrd");
86			$xml_files = array();
87			foreach ($rrd_files as $rrd_file) {
88			$basename = basename($rrd_file);
89			$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
90			exec("$rrdtool dump '{$rrd_file}' '{$xml_file}'");
91			$xml_data = file_get_contents($xml_file);
92			unlink($xml_file);
93			if ($xml_data !== false) {
94			$result .= "\t\t<rrddatafile>\n";
95			$result .= "\t\t\t<filename>{$basename}</filename>\n";
96			$result .= "\t\t\t<xmldata>" . base64_encode(gzdeflate($xml_data)) . "</xmldata>\n";
97			$result .= "\t\t</rrddatafile>\n";
98			}
99			}
100			$result .= "\t</rrddata>\n";
101			return $result;
102			}
103
104	754b75d0	Darren Embry	function restore_rrddata() {
105	7eead1fc	Darren Embry	global $config, $g, $rrdtool, $input_errors;
106	5f601060	Phil Davis	foreach ($config['rrddata']['rrddatafile'] as $rrd) {
107	754b75d0	Darren Embry	if ($rrd['xmldata']) {
108			$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
109			$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
110	08877746	Darren Embry	if (file_put_contents($xml_file, gzinflate(base64_decode($rrd['xmldata']))) === false) {
111	ff30e319	bruno	log_error(sprintf(gettext("Cannot write %s"), $xml_file));
112	08877746	Darren Embry	continue;
113			}
114			$output = array();
115			$status = null;
116			exec("$rrdtool restore -f '{$xml_file}' '{$rrd_file}'", $output, $status);
117			if ($status) {
118	f757431d	Darren Embry	log_error("rrdtool restore -f '{$xml_file}' '{$rrd_file}' failed returning {$status}.");
119	08877746	Darren Embry	continue;
120			}
121	754b75d0	Darren Embry	unlink($xml_file);
122	5f601060	Phil Davis	} else if ($rrd['data']) {
123	7eead1fc	Darren Embry	$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
124			$rrd_fd = fopen($rrd_file, "w");
125	08877746	Darren Embry	if (!$rrd_fd) {
126	ff30e319	bruno	log_error(sprintf(gettext("Cannot write %s"), $rrd_file));
127	08877746	Darren Embry	continue;
128			}
129	754b75d0	Darren Embry	$data = base64_decode($rrd['data']);
130			/* Try to decompress the data. */
131			$dcomp = @gzinflate($data);
132			if ($dcomp) {
133			/* If the decompression worked, write the decompressed data */
134	08877746	Darren Embry	if (fwrite($rrd_fd, $dcomp) === false) {
135	ff30e319	bruno	log_error(sprintf(gettext("fwrite %s failed"), $rrd_file));
136	08877746	Darren Embry	continue;
137			}
138	754b75d0	Darren Embry	} else {
139			/* If the decompression failed, it wasn't compressed, so write raw data */
140	08877746	Darren Embry	if (fwrite($rrd_fd, $data) === false) {
141	ff30e319	bruno	log_error(sprintf(gettext("fwrite %s failed"), $rrd_file));
142	08877746	Darren Embry	continue;
143			}
144			}
145			if (fclose($rrd_fd) === false) {
146	ff30e319	bruno	log_error(sprintf(gettext("fclose %s failed"), $rrd_file));
147	08877746	Darren Embry	continue;
148	754b75d0	Darren Embry	}
149			}
150			}
151			}
152
153	3420028c	Scott Ullrich	function add_base_packages_menu_items() {
154			global $g, $config;
155	52c7f0d4	jim-p	$base_packages = explode(",", $g['base_packages']);
156	3420028c	Scott Ullrich	$modified_config = false;
157	5f601060	Phil Davis	foreach ($base_packages as $bp) {
158	da17d77e	Ermal Lu?i	$basepkg_path = "/usr/local/pkg/{$bp}";
159	a250f179	Renato Botelho	$tmpinfo = pathinfo($basepkg_path, PATHINFO_EXTENSION);
160	5f601060	Phil Davis	if ($tmpinfo['extension'] == "xml" && file_exists($basepkg_path)) {
161	da17d77e	Ermal Lu?i	$pkg_config = parse_xml_config_pkg($basepkg_path, "packagegui");
162	5f601060	Phil Davis	if ($pkg_config['menu'] != "") {
163			if (is_array($pkg_config['menu'])) {
164			foreach ($pkg_config['menu'] as $menu) {
165			if (is_array($config['installedpackages']['menu'])) {
166			foreach ($config['installedpackages']['menu'] as $amenu) {
167			if ($amenu['name'] == $menu['name']) {
168	3420028c	Scott Ullrich	continue;
169	5f601060	Phil Davis	}
170			}
171			}
172	3420028c	Scott Ullrich	$config['installedpackages']['menu'][] = $menu;
173			$modified_config = true;
174			}
175			}
176			}
177			}
178			}
179	5f601060	Phil Davis	if ($modified_config) {
180	f3ceee6e	Vinicius Coque	write_config(gettext("Restored base_package menus after configuration restore."));
181	3420028c	Scott Ullrich	$config = parse_config(true);
182			}
183			}
184
185	645ec835	Scott Ullrich	function remove_bad_chars($string) {
186	699737d9	Phil Davis	return preg_replace('/[^a-z_0-9]/i', '', $string);
187	645ec835	Scott Ullrich	}
188
189	b3277798	Scott Ullrich	function check_and_returnif_section_exists($section) {
190			global $config;
191	5f601060	Phil Davis	if (is_array($config[$section])) {
192	b3277798	Scott Ullrich	return true;
193	5f601060	Phil Davis	}
194	b3277798	Scott Ullrich	return false;
195			}
196
197	da17d77e	Ermal Lu?i	if ($_POST['apply']) {
198	73ed069b	Renato Botelho	ob_flush();
199			flush();
200	c9a19238	Darren Embry	conf_mount_rw();
201			clear_subsystem_dirty("restore");
202			conf_mount_ro();
203	73ed069b	Renato Botelho	exit;
204	da17d77e	Ermal Lu?i	}
205
206	5b237745	Scott Ullrich	if ($_POST) {
207			unset($input_errors);
208	5f601060	Phil Davis	if (stristr($_POST['Submit'], gettext("Restore configuration"))) {
209	5b237745	Scott Ullrich	$mode = "restore";
210	5f601060	Phil Davis	} else if (stristr($_POST['Submit'], gettext("Reinstall"))) {
211	8ccc8f1a	Scott Ullrich	$mode = "reinstallpackages";
212	5f601060	Phil Davis	} else if (stristr($_POST['Submit'], gettext("Clear Package Lock"))) {
213	039cb920	jim-p	$mode = "clearpackagelock";
214	5f601060	Phil Davis	} else if (stristr($_POST['Submit'], gettext("Download"))) {
215	5b237745	Scott Ullrich	$mode = "download";
216	5f601060	Phil Davis	} else if (stristr($_POST['Submit'], gettext("Restore version"))) {
217	7cf03119	Bill Marquette	$mode = "restore_ver";
218	5f601060	Phil Davis	}
219			if ($_POST["nopackages"] <> "") {
220	528cad39	Colin Smith	$options = "nopackages";
221	5f601060	Phil Davis	}
222			if ($_POST["ver"] <> "") {
223	7cf03119	Bill Marquette	$ver2restore = $_POST["ver"];
224	5f601060	Phil Davis	}
225	5b237745	Scott Ullrich	if ($mode) {
226			if ($mode == "download") {
227	8ff5ffcc	Matthew Grooms	if ($_POST['encrypt']) {
228	76d6d925	Stephen Beaver	if (!$_POST['encrypt_password']) {
229	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You must supply and confirm the password for encryption.");
230	5f601060	Phil Davis	}
231	528cad39	Colin Smith	}
232	73ed069b	Renato Botelho
233	8ff5ffcc	Matthew Grooms	if (!$input_errors) {
234	73ed069b	Renato Botelho
235	07b1797b	sullrich	//$lockbckp = lock('config');
236	73ed069b	Renato Botelho
237	8ff5ffcc	Matthew Grooms	$host = "{$config['system']['hostname']}.{$config['system']['domain']}";
238			$name = "config-{$host}-".date("YmdHis").".xml";
239			$data = "";
240	73ed069b	Renato Botelho
241	5f601060	Phil Davis	if ($options == "nopackages") {
242			if (!$_POST['backuparea']) {
243	4195c967	sullrich	/* backup entire configuration */
244			$data = file_get_contents("{$g['conf_path']}/config.xml");
245			} else {
246			/* backup specific area of configuration */
247			$data = backup_config_section($_POST['backuparea']);
248			$name = "{$_POST['backuparea']}-{$name}";
249			}
250	da17d77e	Ermal Lu?i	$sfn = "{$g['tmp_path']}/config.xml.nopkg";
251	4195c967	sullrich	file_put_contents($sfn, $data);
252			exec("sed '/<installedpackages>/,/<\/installedpackages>/d' {$sfn} > {$sfn}-new");
253	a250f179	Renato Botelho	$data = file_get_contents($sfn . "-new");
254	8ff5ffcc	Matthew Grooms	} else {
255	5f601060	Phil Davis	if (!$_POST['backuparea']) {
256	8ff5ffcc	Matthew Grooms	/* backup entire configuration */
257			$data = file_get_contents("{$g['conf_path']}/config.xml");
258	7eead1fc	Darren Embry	} else if ($_POST['backuparea'] === "rrddata") {
259			$data = rrd_data_xml();
260			$name = "{$_POST['backuparea']}-{$name}";
261	8ff5ffcc	Matthew Grooms	} else {
262			/* backup specific area of configuration */
263			$data = backup_config_section($_POST['backuparea']);
264			$name = "{$_POST['backuparea']}-{$name}";
265			}
266	181462b5	Scott Ullrich	}
267	73ed069b	Renato Botelho
268	07b1797b	sullrich	//unlock($lockbckp);
269	73ed069b	Renato Botelho
270	a250f179	Renato Botelho	/*
271	0e834fc5	Stephen Beaver	* Backup RRD Data
272	1390b049	Scott Ullrich	*/
273	7eead1fc	Darren Embry	if ($_POST['backuparea'] !== "rrddata" && !$_POST['donotbackuprrd']) {
274	8bdb6879	Darren Embry	$rrd_data_xml = rrd_data_xml();
275			$closing_tag = "</" . $g['xml_rootobj'] . ">";
276			$data = str_replace($closing_tag, $rrd_data_xml . $closing_tag, $data);
277	1390b049	Scott Ullrich	}
278	73ed069b	Renato Botelho
279	4cfd2390	Renato Botelho	if ($_POST['encrypt']) {
280			$data = encrypt_data($data, $_POST['encrypt_password']);
281			tagfile_reformat($data, $data, "config.xml");
282			}
283
284	8ff5ffcc	Matthew Grooms	$size = strlen($data);
285			header("Content-Type: application/octet-stream");
286			header("Content-Disposition: attachment; filename={$name}");
287	a8c35980	Scott Ullrich	header("Content-Length: $size");
288	e77ea573	jim-p	if (isset($_SERVER['HTTPS'])) {
289			header('Pragma: ');
290			header('Cache-Control: ');
291			} else {
292			header("Pragma: private");
293			header("Cache-Control: private, must-revalidate");
294			}
295	8ff5ffcc	Matthew Grooms	echo $data;
296	73ed069b	Renato Botelho
297	8ff5ffcc	Matthew Grooms	exit;
298			}
299			}
300	73ed069b	Renato Botelho
301	8ff5ffcc	Matthew Grooms	if ($mode == "restore") {
302			if ($_POST['decrypt']) {
303	76d6d925	Stephen Beaver	if (!$_POST['decrypt_password']) {
304	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You must supply and confirm the password for decryption.");
305	5f601060	Phil Davis	}
306	8ff5ffcc	Matthew Grooms	}
307	73ed069b	Renato Botelho
308	8ff5ffcc	Matthew Grooms	if (!$input_errors) {
309			if (is_uploaded_file($_FILES['conffile']['tmp_name'])) {
310	73ed069b	Renato Botelho
311	8ff5ffcc	Matthew Grooms	/* read the file contents */
312			$data = file_get_contents($_FILES['conffile']['tmp_name']);
313	5f601060	Phil Davis	if (!$data) {
314	dae4c487	Carlos Eduardo Ramos	log_error(sprintf(gettext("Warning, could not read file %s"), $_FILES['conffile']['tmp_name']));
315	8ff5ffcc	Matthew Grooms	return 1;
316	9fd18b1f	Scott Ullrich	}
317	73ed069b	Renato Botelho
318	8ff5ffcc	Matthew Grooms	if ($_POST['decrypt']) {
319			if (!tagfile_deformat($data, $data, "config.xml")) {
320	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The uploaded file does not appear to contain an encrypted pfsense configuration.");
321	8ff5ffcc	Matthew Grooms	return 1;
322			}
323			$data = decrypt_data($data, $_POST['decrypt_password']);
324			}
325	73ed069b	Renato Botelho
326	5f601060	Phil Davis	if (stristr($data, "<m0n0wall>")) {
327	205da5a0	Neriberto C.Prado	log_error(gettext("Upgrading m0n0wall configuration to pfsense."));
328	8ff5ffcc	Matthew Grooms	/* m0n0wall was found in config. convert it. */
329			$data = str_replace("m0n0wall", "pfsense", $data);
330			$m0n0wall_upgrade = true;
331			}
332	5f601060	Phil Davis	if ($_POST['restorearea']) {
333	8ff5ffcc	Matthew Grooms	/* restore a specific area of the configuration */
334	5f601060	Phil Davis	if (!stristr($data, "<" . $_POST['restorearea'] . ">")) {
335	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
336	8ff5ffcc	Matthew Grooms	} else {
337	8dcca9b5	Darren Embry	if (!restore_config_section($_POST['restorearea'], $data)) {
338			$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
339			} else {
340			if ($config['rrddata']) {
341			restore_rrddata();
342			unset($config['rrddata']);
343			unlink_if_exists("{$g['tmp_path']}/config.cache");
344			write_config();
345			add_base_packages_menu_items();
346			convert_config();
347			conf_mount_ro();
348			}
349			filter_configure();
350	8545adde	k-paulius	$savemsg = gettext("The configuration area has been restored. You may need to reboot the firewall.");
351	7eead1fc	Darren Embry	}
352	8ff5ffcc	Matthew Grooms	}
353	181462b5	Scott Ullrich	} else {
354	5f601060	Phil Davis	if (!stristr($data, "<" . $g['xml_rootobj'] . ">")) {
355	dae4c487	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("You have selected to restore the full configuration but we could not locate a %s tag."), $g['xml_rootobj']);
356	8ff5ffcc	Matthew Grooms	} else {
357			/* restore the entire configuration */
358			file_put_contents($_FILES['conffile']['tmp_name'], $data);
359			if (config_install($_FILES['conffile']['tmp_name']) == 0) {
360			/* this will be picked up by /index.php */
361			conf_mount_rw();
362	da17d77e	Ermal Lu?i	mark_subsystem_dirty("restore");
363	e6068346	Phil Davis	touch("/conf/needs_package_sync_after_reboot");
364	8ff5ffcc	Matthew Grooms	/* remove cache, we will force a config reboot */
365	5f601060	Phil Davis	if (file_exists("{$g['tmp_path']}/config.cache")) {
366	da17d77e	Ermal Lu?i	unlink("{$g['tmp_path']}/config.cache");
367	5f601060	Phil Davis	}
368	8ff5ffcc	Matthew Grooms	$config = parse_config(true);
369	0174c480	Ermal LUÇI	if (file_exists("/boot/loader.conf")) {
370			$loaderconf = file_get_contents("/boot/loader.conf");
371	08af94cb	Chris Buechler	if (strpos($loaderconf, "console=\"comconsole")) {
372	0174c480	Ermal LUÇI	$config['system']['enableserial'] = true;
373	ff30e319	bruno	write_config(gettext("Restore serial console enabling in configuration."));
374	0174c480	Ermal LUÇI	}
375	5d4b8830	Ermal LUÇI	unset($loaderconf);
376	0174c480	Ermal LUÇI	}
377	67bc955d	Chris Buechler	/* extract out rrd items, unset from $config when done */
378	5f601060	Phil Davis	if ($config['rrddata']) {
379	754b75d0	Darren Embry	restore_rrddata();
380	a2b8f7b2	Scott Ullrich	unset($config['rrddata']);
381	da17d77e	Ermal Lu?i	unlink_if_exists("{$g['tmp_path']}/config.cache");
382	a2b8f7b2	Scott Ullrich	write_config();
383	3420028c	Scott Ullrich	add_base_packages_menu_items();
384	d442e4e2	Scott Ullrich	convert_config();
385	a2b8f7b2	Scott Ullrich	conf_mount_ro();
386	1390b049	Scott Ullrich	}
387	5f601060	Phil Davis	if ($m0n0wall_upgrade == true) {
388			if ($config['system']['gateway'] <> "") {
389	8ff5ffcc	Matthew Grooms	$config['interfaces']['wan']['gateway'] = $config['system']['gateway'];
390	5f601060	Phil Davis	}
391	8ff5ffcc	Matthew Grooms	unset($config['shaper']);
392			/* optional if list */
393			$ifdescrs = get_configured_interface_list(true, true);
394			/* remove special characters from interface descriptions */
395	5f601060	Phil Davis	if (is_array($ifdescrs)) {
396			foreach ($ifdescrs as $iface) {
397	8ff5ffcc	Matthew Grooms	$config['interfaces'][$iface]['descr'] = remove_bad_chars($config['interfaces'][$iface]['descr']);
398	5f601060	Phil Davis	}
399			}
400	b6db8ea3	sullrich	/* check for interface names with an alias */
401	5f601060	Phil Davis	if (is_array($ifdescrs)) {
402			foreach ($ifdescrs as $iface) {
403			if (is_alias($config['interfaces'][$iface]['descr'])) {
404	b6db8ea3	sullrich	// Firewall rules
405			$origname = $config['interfaces'][$iface]['descr'];
406	6c07db48	Phil Davis	$newname = $config['interfaces'][$iface]['descr'] . "Alias";
407	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $newname, $origname);
408			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $newname, $origname);
409	b6db8ea3	sullrich	// NAT Rules
410	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $newname, $origname);
411			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $newname, $origname);
412			update_alias_names_upon_change(array('nat', 'rule'), array('target'), $newname, $origname);
413	b6db8ea3	sullrich	// Alias in an alias
414	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $newname, $origname);
415	b6db8ea3	sullrich	}
416			}
417			}
418	da17d77e	Ermal Lu?i	unlink_if_exists("{$g['tmp_path']}/config.cache");
419	888e7a27	Scott Ullrich	// Reset configuration version to something low
420	a250f179	Renato Botelho	// in order to force the config upgrade code to
421	888e7a27	Scott Ullrich	// run through with all steps that are required.
422			$config['system']['version'] = "1.0";
423	798cb31a	Scott Ullrich	// Deal with descriptions longer than 63 characters
424			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
425	5f601060	Phil Davis	if (count($config['filter']['rule'][$i]['descr']) > 63) {
426	798cb31a	Scott Ullrich	$config['filter']['rule'][$i]['descr'] = substr($config['filter']['rule'][$i]['descr'], 0, 63);
427	5f601060	Phil Davis	}
428	798cb31a	Scott Ullrich	}
429			// Move interface from ipsec to enc0
430			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
431	5f601060	Phil Davis	if ($config['filter']['rule'][$i]['interface'] == "ipsec") {
432	798cb31a	Scott Ullrich	$config['filter']['rule'][$i]['interface'] = "enc0";
433	5f601060	Phil Davis	}
434	798cb31a	Scott Ullrich	}
435			// Convert icmp types
436			// http://www.openbsd.org/cgi-bin/man.cgi?query=icmp&sektion=4&arch=i386&apropos=0&manpath=OpenBSD+Current
437			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
438	5f601060	Phil Davis	if ($config["filter"]["rule"][$i]['icmptype']) {
439			switch ($config["filter"]["rule"][$i]['icmptype']) {
440			case "echo":
441			$config["filter"]["rule"][$i]['icmptype'] = "echoreq";
442			break;
443			case "unreach":
444			$config["filter"]["rule"][$i]['icmptype'] = "unreach";
445			break;
446			case "echorep":
447			$config["filter"]["rule"][$i]['icmptype'] = "echorep";
448			break;
449			case "squench":
450			$config["filter"]["rule"][$i]['icmptype'] = "squench";
451			break;
452			case "redir":
453			$config["filter"]["rule"][$i]['icmptype'] = "redir";
454			break;
455			case "timex":
456			$config["filter"]["rule"][$i]['icmptype'] = "timex";
457			break;
458			case "paramprob":
459			$config["filter"]["rule"][$i]['icmptype'] = "paramprob";
460			break;
461			case "timest":
462			$config["filter"]["rule"][$i]['icmptype'] = "timereq";
463			break;
464			case "timestrep":
465			$config["filter"]["rule"][$i]['icmptype'] = "timerep";
466			break;
467			case "inforeq":
468			$config["filter"]["rule"][$i]['icmptype'] = "inforeq";
469			break;
470			case "inforep":
471			$config["filter"]["rule"][$i]['icmptype'] = "inforep";
472			break;
473			case "maskreq":
474			$config["filter"]["rule"][$i]['icmptype'] = "maskreq";
475			break;
476			case "maskrep":
477			$config["filter"]["rule"][$i]['icmptype'] = "maskrep";
478			break;
479	798cb31a	Scott Ullrich	}
480			}
481	dec5cb85	Scott Ullrich	}
482			$config['diag']['ipv6nat'] = true;
483	8ff5ffcc	Matthew Grooms	write_config();
484	a250f179	Renato Botelho	add_base_packages_menu_items();
485	d442e4e2	Scott Ullrich	convert_config();
486	8ff5ffcc	Matthew Grooms	conf_mount_ro();
487	205da5a0	Neriberto C.Prado	$savemsg = gettext("The m0n0wall configuration has been restored and upgraded to pfSense.");
488	da17d77e	Ermal Lu?i	mark_subsystem_dirty("restore");
489	8ff5ffcc	Matthew Grooms	}
490	5f601060	Phil Davis	if (is_array($config['captiveportal'])) {
491			foreach ($config['captiveportal'] as $cp) {
492	2e19a683	Renato Botelho	if (isset($cp['enable'])) {
493			/* for some reason ipfw doesn't init correctly except on bootup sequence */
494			mark_subsystem_dirty("restore");
495			break;
496			}
497			}
498	8ff5ffcc	Matthew Grooms	}
499			setup_serial_port();
500	5f601060	Phil Davis	if (is_interface_mismatch() == true) {
501	8ff5ffcc	Matthew Grooms	touch("/var/run/interface_mismatch_reboot_needed");
502	da17d77e	Ermal Lu?i	clear_subsystem_dirty("restore");
503	f5a57bb0	Scott Ullrich	convert_config();
504	8ff5ffcc	Matthew Grooms	header("Location: interfaces_assign.php");
505	bafaf123	Scott Ullrich	exit;
506	8ff5ffcc	Matthew Grooms	}
507	66bcba1b	Ermal	if (is_interface_vlan_mismatch() == true) {
508			touch("/var/run/interface_mismatch_reboot_needed");
509			clear_subsystem_dirty("restore");
510			convert_config();
511			header("Location: interfaces_assign.php");
512			exit;
513			}
514	8ff5ffcc	Matthew Grooms	} else {
515	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The configuration could not be restored.");
516	db3996df	Scott Ullrich	}
517	9c72b993	Scott Ullrich	}
518	181462b5	Scott Ullrich	}
519	8ff5ffcc	Matthew Grooms	} else {
520	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The configuration could not be restored (file upload error).");
521	db3996df	Scott Ullrich	}
522	5b237745	Scott Ullrich	}
523	8ff5ffcc	Matthew Grooms	}
524	73ed069b	Renato Botelho
525	8ff5ffcc	Matthew Grooms	if ($mode == "reinstallpackages") {
526	8ccc8f1a	Scott Ullrich	header("Location: pkg_mgr_install.php?mode=reinstallall");
527			exit;
528	039cb920	jim-p	} else if ($mode == "clearpackagelock") {
529			clear_subsystem_dirty('packagelock');
530	8545adde	k-paulius	$savemsg = "Package lock cleared.";
531	73ed069b	Renato Botelho	} else if ($mode == "restore_ver") {
532	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("XXX - this feature may hose your config (do NOT backrev configs!) - billm");
533	7cf03119	Bill Marquette	if ($ver2restore <> "") {
534			$conf_file = "{$g['cf_conf_path']}/bak/config-" . strtotime($ver2restore) . ".xml";
535	343bb325	sullrich	if (config_install($conf_file) == 0) {
536	c9a19238	Darren Embry	mark_subsystem_dirty("restore");
537			} else {
538			$input_errors[] = gettext("The configuration could not be restored.");
539			}
540			} else {
541			$input_errors[] = gettext("No version selected.");
542			}
543	5b237745	Scott Ullrich	}
544			}
545			}
546	6a1e6651	Bill Marquette
547	02e1170d	Scott Ullrich	$id = rand() . '.' . time();
548
549			$mth = ini_get('upload_progress_meter.store_method');
550			$dir = ini_get('upload_progress_meter.file.filename_template');
551
552	a4af095c	Renato Botelho	function build_area_list($showall) {
553			global $config;
554	b63695db	Scott Ullrich
555	0e834fc5	Stephen Beaver	$areas = array(
556			"aliases" => gettext("Aliases"),
557	a4af095c	Renato Botelho	"captiveportal" => gettext("Captive Portal"),
558			"voucher" => gettext("Captive Portal Vouchers"),
559			"dnsmasq" => gettext("DNS Forwarder"),
560			"unbound" => gettext("DNS Resolver"),
561			"dhcpd" => gettext("DHCP Server"),
562			"dhcpdv6" => gettext("DHCPv6 Server"),
563			"filter" => gettext("Firewall Rules"),
564			"interfaces" => gettext("Interfaces"),
565			"ipsec" => gettext("IPSEC"),
566			"nat" => gettext("NAT"),
567			"openvpn" => gettext("OpenVPN"),
568			"installedpackages" => gettext("Package Manager"),
569			"rrddata" => gettext("RRD Data"),
570			"cron" => gettext("Scheduled Tasks"),
571			"syslog" => gettext("Syslog"),
572			"system" => gettext("System"),
573			"staticroutes" => gettext("Static routes"),
574			"sysctl" => gettext("System tunables"),
575			"snmpd" => gettext("SNMP Server"),
576			"shaper" => gettext("Traffic Shaper"),
577			"vlans" => gettext("VLANS"),
578	7ca42d47	k-paulius	"wol" => gettext("Wake-on-LAN")
579	a4af095c	Renato Botelho	);
580	0e834fc5	Stephen Beaver
581			$list = array("" => gettext("All"));
582
583	288a2a0f	Phil Davis	if ($showall) {
584	0e834fc5	Stephen Beaver	return($list + $areas);
585	288a2a0f	Phil Davis	} else {
586	a4af095c	Renato Botelho	foreach ($areas as $area => $areaname) {
587			if ($area === "rrddata" \|\| check_and_returnif_section_exists($area) == true) {
588			$list[$area] = $areaname;
589			}
590			}
591	8ff5ffcc	Matthew Grooms
592	0e834fc5	Stephen Beaver	return($list);
593	5f601060	Phil Davis	}
594	8ff5ffcc	Matthew Grooms	}
595
596	0f298138	k-paulius	$pgtitle = array(gettext("Diagnostics"), htmlspecialchars(gettext("Backup & Restore")), htmlspecialchars(gettext("Backup & Restore")));
597	b63695db	Scott Ullrich	include("head.inc");
598
599	947141fd	Phil Davis	if ($input_errors) {
600	a4af095c	Renato Botelho	print_input_errors($input_errors);
601	947141fd	Phil Davis	}
602	0e834fc5	Stephen Beaver
603	947141fd	Phil Davis	if ($savemsg) {
604	a4af095c	Renato Botelho	print_info_box($savemsg, 'success');
605	947141fd	Phil Davis	}
606	0e834fc5	Stephen Beaver
607	a4af095c	Renato Botelho	if (is_subsystem_dirty('restore')):
608	5b237745	Scott Ullrich	?>
609	a4af095c	Renato Botelho	<br/>
610	1af5edbf	Stephen Beaver	<form action="diag_reboot.php" method="post">
611	7d5b007c	Sjon Hortensius	<input name="Submit" type="hidden" value="Yes" />
612	f6aebbcc	NewEraCracker	<?php print_info_box(gettext("The firewall configuration has been changed.") . "<br />" . gettext("The firewall is now rebooting.")); ?>
613	a4af095c	Renato Botelho	<br />
614	7d5b007c	Sjon Hortensius	</form>
615	0e834fc5	Stephen Beaver	<?php
616	a4af095c	Renato Botelho	endif;
617
618			$tab_array = array();
619	0f298138	k-paulius	$tab_array[] = array(htmlspecialchars(gettext("Backup & Restore")), true, "diag_backup.php");
620	a4af095c	Renato Botelho	$tab_array[] = array(gettext("Config History"), false, "diag_confbak.php");
621			display_top_tabs($tab_array);
622
623			$form = new Form(false);
624	3beeb66a	Stephen Beaver	$form->setMultipartEncoding(); // Allow file uploads
625	a4af095c	Renato Botelho
626	5f88f964	k-paulius	$section = new Form_Section('Backup Configuration');
627	a4af095c	Renato Botelho
628			$section->addInput(new Form_Select(
629			'backuparea',
630			'Backup area',
631			'',
632			build_area_list(false)
633			));
634
635			$section->addInput(new Form_Checkbox(
636			'nopackages',
637			'Skip packages',
638			'Do not backup package information.',
639			false
640			));
641
642			$section->addInput(new Form_Checkbox(
643			'donotbackuprrd',
644			'Skip RRD data',
645			'Do not backup RRD data (NOTE: RRD Data can consume 4+ megabytes of config.xml space!)',
646			true
647			));
648
649			$section->addInput(new Form_Checkbox(
650			'encrypt',
651			'Encryption',
652			'Encrypt this configuration file.',
653			false
654	7c0f116b	Jared Dillard	));
655	a4af095c	Renato Botelho
656	76d6d925	Stephen Beaver	$section->addInput(new Form_Input(
657	a4af095c	Renato Botelho	'encrypt_password',
658	c8b10b4c	Stephen Beaver	'Password',
659	a4af095c	Renato Botelho	'password',
660	c8b10b4c	Stephen Beaver	null
661	7c0f116b	Jared Dillard	));
662	a4af095c	Renato Botelho
663			$group = new Form_Group('');
664	1d80d714	NOYB	// Note: ID attribute of each element created is to be unique. Not being used, suppressing it.
665	a4af095c	Renato Botelho	$group->add(new Form_Button(
666			'Submit',
667	37676f4e	jim-p	'Download configuration as XML',
668			null,
669			'fa-download'
670			))->setAttribute('id')->addClass('btn-primary');
671	a4af095c	Renato Botelho
672			$section->add($group);
673			$form->add($section);
674
675	5f88f964	k-paulius	$section = new Form_Section('Restore Backup');
676	a4af095c	Renato Botelho
677			$section->addInput(new Form_StaticText(
678			null,
679	52e416cc	Phil Davis	sprintf(gettext("Open a %s configuration XML file and click the button below to restore the configuration."), $g['product_name'])
680	a4af095c	Renato Botelho	));
681
682			$section->addInput(new Form_Select(
683			'restorearea',
684			'Restore area',
685			'',
686			build_area_list(false)
687			));
688
689			$section->addInput(new Form_Input(
690			'conffile',
691			'Configuration file',
692			'file',
693			null
694			));
695
696			$section->addInput(new Form_Checkbox(
697	7c0f116b	Jared Dillard	'decrypt',
698	a4af095c	Renato Botelho	'Encryption',
699	7c0f116b	Jared Dillard	'Configuration file is encrypted.',
700	a4af095c	Renato Botelho	false
701	7c0f116b	Jared Dillard	));
702	a4af095c	Renato Botelho
703	76d6d925	Stephen Beaver	$section->addInput(new Form_Input(
704	a4af095c	Renato Botelho	'decrypt_password',
705	c8b10b4c	Stephen Beaver	'Password',
706	a4af095c	Renato Botelho	'password',
707			null,
708			['placeholder' => 'Password']
709	7c0f116b	Jared Dillard	));
710	a4af095c	Renato Botelho
711			$group = new Form_Group('');
712	1d80d714	NOYB	// Note: ID attribute of each element created is to be unique. Not being used, suppressing it.
713	a4af095c	Renato Botelho	$group->add(new Form_Button(
714			'Submit',
715	37676f4e	jim-p	'Restore Configuration',
716			null,
717			'fa-undo'
718			))->setHelp('The firewall will reboot after restoring the configuration.')->addClass('btn-danger restore')->setAttribute('id');
719	a4af095c	Renato Botelho
720			$section->add($group);
721
722			$form->add($section);
723
724			if (($config['installedpackages']['package'] != "") \|\| (is_subsystem_dirty("packagelock"))) {
725	5f88f964	k-paulius	$section = new Form_Section('Package Functions');
726	0e834fc5	Stephen Beaver
727	a4af095c	Renato Botelho	if ($config['installedpackages']['package'] != "") {
728			$group = new Form_Group('');
729	1d80d714	NOYB	// Note: ID attribute of each element created is to be unique. Not being used, suppressing it.
730	a4af095c	Renato Botelho	$group->add(new Form_Button(
731			'Submit',
732	37676f4e	jim-p	'Reinstall Packages',
733			null,
734			'fa-retweet'
735			))->setHelp('Click this button to reinstall all system packages. This may take a while.')->addClass('btn-success')->setAttribute('id');
736	0e834fc5	Stephen Beaver
737	a4af095c	Renato Botelho	$section->add($group);
738	7eead1fc	Darren Embry	}
739	0e834fc5	Stephen Beaver
740	a4af095c	Renato Botelho	if (is_subsystem_dirty("packagelock")) {
741			$group = new Form_Group('');
742	1d80d714	NOYB	// Note: ID attribute of each element created is to be unique. Not being used, suppressing it.
743	a4af095c	Renato Botelho	$group->add(new Form_Button(
744			'Submit',
745	37676f4e	jim-p	'Clear Package Lock',
746			null,
747			'fa-wrench'
748			))->setHelp('Click this button to clear the package lock if a package fails to reinstall properly after an upgrade.')->addClass('btn-warning')->setAttribute('id');
749	0e834fc5	Stephen Beaver
750	a4af095c	Renato Botelho	$section->add($group);
751			}
752	0e834fc5	Stephen Beaver
753	a4af095c	Renato Botelho	$form->add($section);
754	a1003d57	Ermal Lu?i	}
755	a4af095c	Renato Botelho
756			print($form);
757	7c0f116b	Jared Dillard	?>
758			<script type="text/javascript">
759			//<![CDATA[
760	947141fd	Phil Davis	events.push(function() {
761	7c0f116b	Jared Dillard
762			// ------- Show/hide sections based on checkbox settings --------------------------------------
763	0da0d43e	Phil Davis
764	7c0f116b	Jared Dillard	function hideSections(hide) {
765			hidePasswords();
766			}
767
768			function hidePasswords() {
769	3beeb66a	Stephen Beaver
770	7c0f116b	Jared Dillard	encryptHide = !($('input[name="encrypt"]').is(':checked'));
771			decryptHide = !($('input[name="decrypt"]').is(':checked'));
772
773			hideInput('encrypt_password', encryptHide);
774	c8b10b4c	Stephen Beaver	hideInput('encrypt_password_confirm', encryptHide);
775	7c0f116b	Jared Dillard	hideInput('decrypt_password', decryptHide);
776	c8b10b4c	Stephen Beaver	hideInput('decrypt_password_confirm', decryptHide);
777	7c0f116b	Jared Dillard	}
778
779	ff59b884	Stephen Beaver	// ---------- Click handlers ------------------------------------------------------------------
780	7c0f116b	Jared Dillard
781			$('input[name="encrypt"]').on('change', function() {
782			hidePasswords();
783			});
784
785			$('input[name="decrypt"]').on('change', function() {
786			hidePasswords();
787	3beeb66a	Stephen Beaver	});
788	7c0f116b	Jared Dillard
789	947141fd	Phil Davis	$('#conffile').change(function () {
790	40f146c5	Phil Davis	if (document.getElementById("conffile").value) {
791			$('.restore').prop('disabled', false);
792			} else {
793			$('.restore').prop('disabled', true);
794			}
795	ff59b884	Stephen Beaver	});
796	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
797
798	7c0f116b	Jared Dillard	hideSections();
799	ff59b884	Stephen Beaver	$('.restore').prop('disabled', true);
800	7c0f116b	Jared Dillard	});
801			//]]>
802			</script>
803
804			<?php
805	a4af095c	Renato Botelho	include("foot.inc");
806	7a7f3af1	sullrich
807	5f601060	Phil Davis	if (is_subsystem_dirty('restore')) {
808	cf9a4467	jim-p	system_reboot();
809	c9d46a8e	Renato Botelho	}

Project

General

Profile

pfSense