Project

General

Profile

Download (36.5 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	system.inc
5
	part of m0n0wall (http://m0n0.ch/wall)
6

    
7
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8
	All rights reserved.
9

    
10
	Redistribution and use in source and binary forms, with or without
11
	modification, are permitted provided that the following conditions are met:
12

    
13
	1. Redistributions of source code must retain the above copyright notice,
14
	   this list of conditions and the following disclaimer.
15

    
16
	2. Redistributions in binary form must reproduce the above copyright
17
	   notice, this list of conditions and the following disclaimer in the
18
	   documentation and/or other materials provided with the distribution.
19

    
20
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
	POSSIBILITY OF SUCH DAMAGE.
30
*/
31

    
32
/*
33
	pfSense_BUILDER_BINARIES:	/usr/sbin/powerd	/usr/bin/killall	/sbin/sysctl	/sbin/route
34
	pfSense_BUILDER_BINARIES:	/bin/hostname	/bin/ls	/usr/bin/netstat	/usr/sbin/syslogd	
35
	pfSense_BUILDER_BINARIES:	/usr/sbin/pccardd	/usr/local/sbin/lighttpd	/bin/chmod 	/bin/mkdir
36
	pfSense_BUILDER_BINARIES:	/usr/bin/tar	/bin/sync	/usr/local/sbin/ntpd	/usr/sbin/ntpdate
37
	pfSense_BUILDER_BINARIES:	/usr/bin/nohup	/sbin/dmesg	/usr/local/sbin/atareinit
38
	pfSense_MODULE:	utils
39
*/
40

    
41
function activate_powerd() {
42
	global $config, $g;
43
	if(isset($config['system']['powerd_enable'])) {
44
		exec("/usr/sbin/powerd -b adp -a adp");
45
	} else {
46
		exec("/usr/bin/killall powerd");
47
	}
48
}
49

    
50
function activate_sysctls() {
51
	global $config, $g;
52
	
53
	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
54
	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
55
	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
56
	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
57

    
58
	if (is_array($config['sysctl'])) 
59
		foreach ($config['sysctl']['item'] as $tunable) 
60
			mwexec("sysctl " . $tunable['tunable'] . "=\"" 
61
				. $tunable['value'] .  "\"");
62
}
63

    
64
function system_resolvconf_generate($dynupdate = false) {
65
	global $config, $g;
66

    
67
	if(isset($config['system']['developerspew'])) {
68
		$mt = microtime();
69
		echo "system_resolvconf_generate() being called $mt\n";
70
	}
71

    
72
	$syscfg = $config['system'];
73

    
74
	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
75
	if (!$fd) {
76
		printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
77
		return 1;
78
	}
79

    
80
	$resolvconf = "domain {$syscfg['domain']}\n";
81

    
82
	$havedns = false;
83

    
84
	if (isset($syscfg['dnsallowoverride'])) {
85
		/* get dynamically assigned DNS servers (if any) */
86
		$ns = array_unique(get_nameservers());
87
		foreach($ns as $nameserver) {
88
			if($nameserver) {
89
				$resolvconf .= "nameserver $nameserver\n";
90
				$havedns = true;
91
			}
92
		}
93
	}
94
	if (!$havedns && is_array($syscfg['dnsserver'])) {
95
		foreach ($syscfg['dnsserver'] as $ns) {
96
			if ($ns) {
97
				$resolvconf .= "nameserver $ns\n";
98
				$havedns = true;
99
			}
100
		}
101
	}
102

    
103
	fwrite($fd, $resolvconf);
104
	fclose($fd);
105

    
106
	if (!$g['booting']) {
107
		/* restart dhcpd (nameservers may have changed) */
108
		if (!$dynupdate)
109
			services_dhcpd_configure();
110
	}
111

    
112
	/* setup static routes for DNS servers. */
113
	for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
114
		/* setup static routes for dns servers */
115
		$dnsgw = "dns{$dnscounter}gwint";
116
		if (isset($config['system'][$dnsgw])) {
117
			$interface = $config['system'][$dnsgw];
118
			if (($interface <> "") && ($interface <> "none")) {
119
				$gatewayip = get_interface_gateway($interface);
120
				if(is_ipaddr($gatewayip)) {
121
					/* dns server array starts at 0 */
122
					$dnscountermo = $dnscounter - 1;
123
					mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}");
124
					mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
125
				}
126
			}
127
		}
128
	}
129
	
130
	return 0;
131
}
132

    
133
function get_nameservers() {
134
	global $config, $g;
135
	$master_list = array();
136
	
137
	// Read in dhclient nameservers
138
	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
139
	if(is_array($dns_lists)) {
140
		foreach($dns_lists as $dns) {
141
			if(!$dns) 
142
				continue;
143
			$items = split("\n", file_get_contents($dns));
144
			foreach($items as $item)
145
				if($item <> "")
146
					$master_list[] = $item;
147
		}
148
	}
149

    
150
	// Read in any extra nameservers
151
	if(file_exists("/var/etc/nameservers.conf")) {
152
		$dns = `cat /var/etc/nameservers.conf`;
153
		$dns_s = split("\n", $dns);
154
		if(is_array($dns_s))
155
			foreach($dns_s as $dns)
156
				$master_list[] = $dns;
157
	}
158

    
159
	return $master_list;
160
}
161

    
162
function system_hosts_generate() {
163
	global $config, $g;
164
	if(isset($config['system']['developerspew'])) {
165
		$mt = microtime();
166
		echo "system_hosts_generate() being called $mt\n";
167
	}
168

    
169
	$syscfg = $config['system'];
170
	$lancfg = $config['interfaces']['lan'];
171
	$lancfgip = get_interface_ip("lan");
172
	$dnsmasqcfg = $config['dnsmasq'];
173

    
174
	if (!is_array($dnsmasqcfg['hosts'])) {
175
		$dnsmasqcfg['hosts'] = array();
176
	}
177
	$hostscfg = $dnsmasqcfg['hosts'];
178

    
179
	$fd = fopen("{$g['varetc_path']}/hosts", "w");
180
	if (!$fd) {
181
		log_error("Error: cannot open hosts file in system_hosts_generate().\n");
182
		return 1;
183
	}
184

    
185
	$hosts = <<<EOD
186
127.0.0.1	localhost localhost.{$syscfg['domain']}
187

    
188
EOD;
189
	if (is_ipaddr($lancfgip))
190
		$hosts .= <<<EOD
191
{$lancfgip}	{$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
192

    
193
EOD;
194

    
195
	foreach ($hostscfg as $host) {
196
		if ($host['host'])
197
			$hosts .= "{$host['ip']}	{$host['host']}.{$host['domain']} {$host['host']}\n";
198
		else
199
			$hosts .= "{$host['ip']}	{$host['domain']}\n";
200
	}
201
	if (isset($dnsmasqcfg['regdhcpstatic'])) {
202
		foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
203
			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
204
					foreach ($dhcpifconf['staticmap'] as $host)
205
						if ($host['ipaddr'] && $host['hostname'])
206
							$hosts .= "{$host['ipaddr']}	{$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
207
	}
208
	fwrite($fd, $hosts);
209
	fclose($fd);
210

    
211
	return 0;
212
}
213

    
214
function system_hostname_configure() {
215
	global $config, $g;
216
	if(isset($config['system']['developerspew'])) {
217
		$mt = microtime();
218
		echo "system_hostname_configure() being called $mt\n";
219
	}
220

    
221
	$syscfg = $config['system'];
222

    
223
	/* set hostname */
224
	$status = mwexec("/bin/hostname " .
225
		escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
226

    
227
    /* Setup host GUID ID.  This is used by ZFS. */
228
	mwexec("/etc/rc.d/hostid start");
229

    
230
	return $status;
231
}
232

    
233
function system_routing_configure() {
234
	global $config, $g;
235
	if(isset($config['system']['developerspew'])) {
236
		$mt = microtime();
237
		echo "system_routing_configure() being called $mt\n";
238
	}
239

    
240
	/* Enable fast routing, if enabled */
241
	if(isset($config['staticroutes']['enablefastrouting']))
242
		mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
243

    
244
	$route_str = exec_command("/usr/bin/netstat -rn");
245

    
246
	/* clear out old routes, if necessary */
247
	if (file_exists("{$g['vardb_path']}/routes.db")) {
248
		$fd = fopen("{$g['vardb_path']}/routes.db", "r");
249
		if (!$fd) {
250
			printf("Error: cannot open routes DB file in system_routing_configure().\n");
251
			return 1;
252
		}
253
		while (!feof($fd)) {
254
			$oldrt = trim(fgets($fd));
255
			if (($oldrt) && (stristr($route_str, $oldrt)))
256
				mwexec("/sbin/route delete " . escapeshellarg($oldrt));
257
		}
258
		fclose($fd);
259
		unlink("{$g['vardb_path']}/routes.db");
260
	}
261

    
262
	/* if list */
263
	$iflist = get_configured_interface_list();
264

    
265
	$dont_remove_route = false;
266
	foreach ($iflist as $ifent => $ifname) {
267
		/* 
268
		 * XXX: The value of this is really when this function can take
269
		 * 	an interface as parameter.
270
		 */
271
		/* do not process interfaces that will end up with gateways */
272
		if (interface_has_gateway($ifent) || 
273
			$config['interfaces'][$ifent]['ipaddr'] == "carpdev-dhcp") {
274
			$dont_remove_route = true;
275
			break;
276
		}
277
	}
278

    
279
	if ($dont_remove_route == false) {
280
		/* remove default route */
281
		mwexec("/sbin/route delete default", true);
282
	}
283

    
284
	$dont_add_route = false;
285
	/* if OLSRD is enabled, allow WAN to house DHCP. */
286
	if($config['installedpackages']['olsrd']) {
287
		foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
288
			if($olsrd['enabledyngw'] == "on") {
289
				$dont_add_route = true;
290
				break;
291
			}
292
		}
293
	}
294

    
295
	if($dont_add_route == false) {
296
		if(is_array($config['gateways']['gateway_item'])) {
297
			foreach($config['gateways']['gateway_item'] as $gateway) {
298
		        	if(isset($gateway['defaultgw'])) {
299
					$gatewayip = $gateway['gateway'];
300
					$interfacegw = $gateway['interface'];
301
				}
302
			}
303
			if(($interfacegw <> "bgpd") && (is_ipaddr($gatewayip)))
304
				mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
305
		} else {
306
			/* FIXME */
307
			/* adding gateway for 1.2-style configs without the new
308
			  gateway setup configured.
309
			  Force WAN to be default gateway because that is the
310
			  1.2 behavior.
311
			*/
312
			if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
313
				$gatewayip = $config['interfaces']['wan']['gateway'];
314
				mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
315
			}
316
		}
317
	}
318

    
319
	if (is_array($config['staticroutes']['route'])) {
320

    
321
		$fd = fopen("{$g['vardb_path']}/routes.db", "w");
322
		if (!$fd) {
323
			printf("Error: cannot open routes DB file in system_routing_configure().\n");
324
			return 1;
325
		}
326

    
327
		foreach ($config['staticroutes']['route'] as $rtent) {
328
			unset($gatewayip);
329
			unset($interfacegw);
330
			if(is_array($config['gateways']['gateway_item'])) {
331
				foreach($config['gateways']['gateway_item'] as $gateway) {
332
					if($rtent['gateway'] == $gateway['name']) {
333
						$gatewayip = $gateway['gateway'];
334
						$interfacegw = $gateway['interface'];
335
					}
336
				}
337
			}
338
			if((is_ipaddr($rtent['gateway'])) && ($gatewayip == ""))  {
339
				$gatewayip = $rtent['gateway'];
340
				$interfacegw = $rtent['interface'];
341
			}			
342
			if((isset($rtent['interfacegateway'])) && (! is_ipaddr($gatewayip))){
343
				mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
344
					" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($interfacegw)));
345
			} else {
346
				mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
347
					" " . escapeshellarg($gatewayip));
348
			}
349
			/* record route so it can be easily removed later (if necessary) */
350
			fwrite($fd, $rtent['network'] . "\n");
351
		}
352
		fclose($fd);
353
	}
354

    
355
	return 0;
356
}
357

    
358

    
359
function system_routing_enable() {
360
	global $config, $g;
361
	if(isset($config['system']['developerspew'])) {
362
		$mt = microtime();
363
		echo "system_routing_enable() being called $mt\n";
364
	}
365

    
366
	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
367
}
368

    
369
function system_syslogd_start() {
370
	global $config, $g;
371
	if(isset($config['system']['developerspew'])) {
372
		$mt = microtime();
373
		echo "system_syslogd_start() being called $mt\n";
374
	}
375

    
376
	$syslogcfg = $config['syslog'];
377

    
378
	if ($g['booting'])
379
		echo "Starting syslog...";
380
	else
381
		killbypid("{$g['varrun_path']}/syslog.pid");
382

    
383
	mwexec("/usr/bin/killall -9 syslogd");
384
	mwexec("/usr/bin/killall -9 fifolog_writer");
385
	
386
	// Define carious commands for logging
387
	$fifolog_create = "/usr/sbin/fifolog_create -s ";
388
	$fifolog_log = "|/usr/sbin/fifolog_writer ";
389
	$clog_create = "/usr/sbin/clog -i -s ";
390
	$clog_log = "%";
391

    
392
	// Which logging type are we using this week??
393
	if(isset($config['system']['usefifolog'])) {
394
		$log_directive = $fifolog_log;
395
		$log_create_directive = $fifolog_create;		
396
	} else { // Defaults to CLOG
397
		$log_directive = $clog_log;
398
		$log_create_directive = $clog_create;
399
	}
400
	
401
	if (isset($syslogcfg)) {
402
		$separatelogfacilities = array('ntpd','racoon','openvpn');
403
		if($config['installedpackages']['package']) {
404
			foreach($config['installedpackages']['package'] as $package) {
405
				if($package['logging']) {
406
					$pkgfacilities[] = $package['logging']['facilityname'];
407
					$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
408
					$facilitylist = implode(',', $pkgfacilities);
409
					mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
410
					$syslogconf .= "!{$facilitylist}\n*.*\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
411
				}
412
			}
413
		}
414
		$facilitylist = implode(',', array_unique($separatelogfacilities));
415
		/* write syslog.conf */		
416
		$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
417
		if (!$fd) {
418
			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
419
			return 1;
420
		}
421
		$syslogconf .= "!ntpdate,!ntpd\n";
422
		if (!isset($syslogcfg['disablelocallogging'])) 
423
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ntpd.log\n";
424
		$syslogconf .= "!ppp\n";
425
		if (!isset($syslogcfg['disablelocallogging'])) 
426
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ppp.log\n";
427
		$syslogconf .= "!racoon\n";
428
		if (!isset($syslogcfg['disablelocallogging'])) 
429
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ipsec.log\n";
430
		$syslogconf .= "!apinger\n";
431
		if (!isset($syslogcfg['disablelocallogging'])) 
432
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/slbd.log\n";
433
		if (isset($syslogcfg['vpn'])) {
434
			if($syslogcfg['remoteserver'])
435
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver']}\n";
436
			if($syslogcfg['remoteserver2'])
437
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver2']}\n";
438
			if($syslogcfg['remoteserver3'])
439
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
440
		}
441
		$syslogconf .= "!openvpn\n";
442
		if (!isset($syslogcfg['disablelocallogging'])) 
443
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/openvpn.log\n";
444
		if (isset($syslogcfg['vpn'])) {
445
			if($syslogcfg['remoteserver'])
446
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver']}\n";
447
			if($syslogcfg['remoteserver2'])
448
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
449
			if($syslogcfg['remoteserver3'])
450
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
451
		}
452
		$syslogconf .= "!-{$facilitylist}\n";
453
		if (!isset($syslogcfg['disablelocallogging'])) 
454
			$syslogconf .= <<<EOD
455
local0.*										 {$log_directive}{$g['varlog_path']}/filter.log
456
local3.*										 {$log_directive}{$g['varlog_path']}/vpn.log
457
local4.*										 {$log_directive}{$g['varlog_path']}/portalauth.log
458
local7.*										 {$log_directive}{$g['varlog_path']}/dhcpd.log
459
*.notice;kern.debug;lpr.info;mail.crit; 		 {$log_directive}{$g['varlog_path']}/system.log
460
news.err;local0.none;local3.none;local4.none; 	 {$log_directive}{$g['varlog_path']}/system.log
461
local7.none										 {$log_directive}{$g['varlog_path']}/system.log
462
security.*										 {$log_directive}{$g['varlog_path']}/system.log
463
auth.info;authpriv.info;daemon.info				 {$log_directive}{$g['varlog_path']}/system.log
464
local1.*										 {$log_directive}{$g['varlog_path']}/relayd.log
465
auth.info;authpriv.info 						 |exec /usr/local/sbin/sshlockout_pf
466
*.emerg											 *
467

    
468
EOD;
469
		if (isset($syslogcfg['filter'])) {
470
			if($syslogcfg['remoteserver'])
471
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver']}\n";
472
			if($syslogcfg['remoteserver2'])
473
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver2']}\n";
474
			if($syslogcfg['remoteserver3'])
475
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver3']}\n";
476

    
477
		}
478
		if (isset($syslogcfg['vpn'])) {
479
			if($syslogcfg['remoteserver'])
480
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver']}\n";
481
			if($syslogcfg['remoteserver2'])
482
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver2']}\n";
483
			if($syslogcfg['remoteserver3'])
484
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver3']}\n";
485
		}
486
		if (isset($syslogcfg['portalauth'])) {
487
			if($syslogcfg['remoteserver'])
488
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver']}\n";
489
			if($syslogcfg['remoteserver2'])
490
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver2']}\n";
491
			if($syslogcfg['remoteserver3'])
492
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver3']}\n";
493
		}
494
		if (isset($syslogcfg['dhcp'])) {
495
			if($syslogcfg['remoteserver'])
496
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver']}\n";
497
			if($syslogcfg['remoteserver2'])
498
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver2']}\n";
499
			if($syslogcfg['remoteserver3'])
500
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver3']}\n";
501
		}
502
		if (isset($syslogcfg['system'])) {
503
			if($syslogcfg['remoteserver'])
504
				$syslogconf .= <<<EOD
505
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver']}
506
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver']}
507
security.*										 @{$syslogcfg['remoteserver']}
508
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver']}
509
*.emerg											 @{$syslogcfg['remoteserver']}
510

    
511
EOD;
512

    
513
		if (isset($syslogcfg['system'])) {
514
			if($syslogcfg['remoteserver2'])
515
				$syslogconf .= <<<EOD
516
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver2']}
517
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver2']}
518
security.*										 @{$syslogcfg['remoteserver2']}
519
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver2']}
520
*.emerg											 @{$syslogcfg['remoteserver2']}
521

    
522
EOD;
523

    
524
		if (isset($syslogcfg['system'])) {
525
			if($syslogcfg['remoteserver3'])
526
				$syslogconf .= <<<EOD
527
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver3']}
528
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver3']}
529
security.*										 @{$syslogcfg['remoteserver3']}
530
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver3']}
531
*.emerg											 @{$syslogcfg['remoteserver3']}
532

    
533
EOD;
534

    
535
}
536
		if (isset($syslogcfg['logall'])) {
537
			if($syslogcfg['remoteserver'])
538
				$syslogconf .= <<<EOD
539
*.*								@{$syslogcfg['remoteserver']}
540

    
541
EOD;
542

    
543
}
544
			if($syslogcfg['remoteserver2'])
545
				$syslogconf .= <<<EOD
546
*.*								@{$syslogcfg['remoteserver2']}
547

    
548
EOD;
549

    
550
}
551
			if($syslogcfg['remoteserver3'])
552
				$syslogconf .= <<<EOD
553
*.*								@{$syslogcfg['remoteserver3']}
554

    
555
EOD;
556

    
557
}
558
		fwrite($fd, $syslogconf);
559
		fclose($fd);
560
		// Are we logging to a least one remote server ?
561
		if(strpos($syslogconf, "@") != false)
562
			$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
563
		else
564
			$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
565

    
566
	} else {
567
		$retval = mwexec("/usr/sbin/syslogd -c");
568
	}
569

    
570
	if ($g['booting'])
571
		echo "done.\n";
572

    
573
	return $retval;
574
}
575

    
576
function system_pccard_start() {
577
	global $config, $g;
578
	if(isset($config['system']['developerspew'])) {
579
		$mt = microtime();
580
		echo "system_pccard_start() being called $mt\n";
581
	}
582

    
583
	if ($g['booting'])
584
		echo "Initializing PCMCIA...";
585

    
586
	/* kill any running pccardd */
587
	killbypid("{$g['varrun_path']}/pccardd.pid");
588

    
589
	/* fire up pccardd */
590
	$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
591

    
592
	if ($g['booting']) {
593
		if ($res == 0)
594
			echo "done.\n";
595
		else
596
			echo "failed!\n";
597
	}
598

    
599
	return $res;
600
}
601

    
602

    
603
function system_webgui_start() {
604
	global $config, $g;
605

    
606
	if ($g['booting'])
607
		echo "Starting webConfigurator...";
608

    
609
	/* kill any running lighttpd */
610
	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
611

    
612
	sleep(1);
613

    
614
	chdir($g['www_path']);
615

    
616
	/* defaults */
617
	$portarg = "80";
618
	$crt = "";
619
	$key = "";
620
	$ca = "";
621

    
622
	/* non-standard port? */
623
	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
624
		$portarg = "{$config['system']['webgui']['port']}";
625

    
626
	if ($config['system']['webgui']['protocol'] == "https") {
627

    
628
		$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
629
		if(is_array($cert) && $cert['crt'] && $cert['prv']) {
630
			$crt = base64_decode($cert['crt']);
631
			$key = base64_decode($cert['prv']);
632
			if(!$config['system']['webgui']['port'])
633
				$portarg = "443";
634
			$ca = ca_chain($cert);
635
		} else
636
			log_error("Invalid webConfigurator https certificate, defaulting to http");
637
	}
638

    
639
	/* generate lighttpd configuration */
640
	system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
641
		$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
642

    
643
	/* attempt to start lighthttpd */
644
	$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
645

    
646
	if ($g['booting']) {
647
		if ($res == 0)
648
			echo "done.\n";
649
		else
650
			echo "failed!\n";
651
	}
652

    
653
	return $res;
654
}
655

    
656
function system_generate_lighty_config($filename,
657
	$cert,
658
	$key,
659
	$ca,
660
	$pid_file,
661
	$port = 80,
662
	$document_root = "/usr/local/www/",
663
	$cert_location = "cert.pem",
664
	$ca_location = "ca.pem",
665
	$max_procs = 2,
666
	$max_requests = "1",
667
	$fast_cgi_enable = true,
668
	$captive_portal = false) {
669

    
670
	global $config, $g;
671

    
672
	if(isset($config['system']['developerspew'])) {
673
		$mt = microtime();
674
		echo "system_generate_lighty_config() being called $mt\n";
675
	}
676

    
677
	if($captive_portal == true)  {
678
		$captiveportal = ",\"mod_rewrite\"";
679
		$captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
680
		$captive_portal_module = "\"mod_accesslog\", ";
681
		$maxprocperip = $config['captiveportal']['maxprocperip'];
682
		if(!$maxprocperip and $maxprocperip > 0)
683
			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
684
		else
685
			$captive_portal_mod_evasive = "";
686
		$server_upload_dirs = "server.upload-dirs = ( \"/tmp/captiveportal/\" )\n";
687
		exec("mkdir -p /tmp/captiveportal");
688
		exec("chmod a-w /tmp/captiveportal");
689
		$server_max_request_size = "server.max-request-size    = 384";
690
	} else {
691
		$captive_portal_module = "";
692
		$captive_portal_mod_evasive = "";
693
		$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n";
694
		$server_max_request_size = "server.max-request-size    = 2097152";
695
	}
696
	
697
	if($port <> "")
698
		$lighty_port = $port;
699
	else
700
		$lighty_port = "80";
701

    
702
	$memory = get_memory();
703
	$avail = $memory[0];
704

    
705
	if($avail > 0 and $avail < 65) {
706
		$fast_cgi_enable = false;
707
	}
708

    
709
	if($avail > 65 and $avail < 98) {
710
		$max_procs = 1;
711
	}
712

    
713
	if($avail > 97 and $avail < 128) {
714
		$max_procs = 1;
715
	}
716

    
717
	if($avail > 127 and $avail < 256) {
718
		$max_procs = 1;
719
	}
720

    
721
	if($avail > 255 and $avail < 384) {
722
		$max_procs = 3;
723
	}
724

    
725
	if($avail > 383) {
726
		$max_procs = 4;
727
	}
728

    
729
	if($captive_portal == true)  {	
730
		$bin_environment =  <<<EOC
731
        "bin-environment" => (
732
           "PHP_FCGI_CHILDREN" => "$max_procs",
733
           "PHP_FCGI_MAX_REQUESTS" => "500"
734
        ), 
735
EOC;
736

    
737
	} else if ($avail > 0 and $avail < 128) {
738
		$bin_environment = <<<EOC
739
		"bin-environment" => (
740
			"PHP_FCGI_CHILDREN" => "$max_procs",
741
			"PHP_FCGI_MAX_REQUESTS" => "2",
742
	),
743

    
744
EOC;
745
	} else
746
		$bin_environment =  <<<EOC
747
        "bin-environment" => (
748
           "PHP_FCGI_CHILDREN" => "$max_procs",
749
           "PHP_FCGI_MAX_REQUESTS" => "500"
750
        ), 
751
EOC;
752

    
753
	if($fast_cgi_enable == true) {
754
		$module = "\"mod_fastcgi\", \"mod_cgi\"";
755
		$cgi_config = "";
756
		$fastcgi_config = <<<EOD
757
#### fastcgi module
758
## read fastcgi.txt for more info
759
fastcgi.server = ( ".php" =>
760
	( "localhost" =>
761
		(
762
			"socket" => "/tmp/php-fastcgi.socket",
763
			"min-procs" => 0,
764
			"max-procs" => {$max_procs},
765
			{$bin_environment}			
766
			"bin-path" => "/usr/local/bin/php"
767
		)
768
	)
769
)
770

    
771
#### CGI module
772
cgi.assign                 = ( ".cgi" => "" )
773

    
774
EOD;
775
	} else {
776
		$fastcgi_config = "";
777
		$module = "\"mod_cgi\"";
778
		$cgi_config = <<<EOD
779
#### CGI module
780
cgi.assign                 = ( ".php"  => "/usr/local/bin/php",
781
                               ".cgi" => "" )
782

    
783
EOD;
784
	}
785

    
786
	$lighty_config .= <<<EOD
787
#
788
# lighttpd configuration file
789
#
790
# use a it as base for lighttpd 1.0.0 and above
791
#
792
############ Options you really have to take care of ####################
793

    
794
## FreeBSD!
795
server.event-handler	= "freebsd-kqueue"
796
server.network-backend 	= "writev"
797

    
798
## modules to load
799
server.modules              =   (
800
									{$captive_portal_module}
801
									"mod_access", "mod_accesslog", "mod_expire", "mod_compress",
802
									{$module}{$captiveportal}
803
								)
804

    
805
## Unused modules
806
#                               "mod_setenv",
807
#                               "mod_compress"
808
#				"mod_redirect",
809
#                               "mod_rewrite",
810
#                               "mod_ssi",
811
#                               "mod_usertrack",
812
#                               "mod_expire",
813
#                               "mod_secdownload",
814
#                               "mod_rrdtool",
815
#                               "mod_auth",
816
#                               "mod_status",
817
#                               "mod_alias",
818
#                               "mod_proxy",
819
#                               "mod_simple_vhost",
820
#                               "mod_evhost",
821
#                               "mod_userdir",
822
#                               "mod_cgi",
823
#                                "mod_accesslog"
824

    
825
server.max-keep-alive-requests = 15
826
server.max-keep-alive-idle = 30
827

    
828
## a static document-root, for virtual-hosting take look at the
829
## server.virtual-* options
830
server.document-root        = "{$document_root}"
831
{$captive_portal_rewrite}
832

    
833
# Maximum idle time with nothing being written (php downloading)
834
server.max-write-idle = 999
835

    
836
## where to send error-messages to
837
server.errorlog             = "/var/log/lighttpd.error.log"
838

    
839
# files to check for if .../ is requested
840
server.indexfiles           = ( "index.php", "index.html",
841
                                "index.htm", "default.htm" )
842

    
843
# mimetype mapping
844
mimetype.assign             = (
845
  ".pdf"          =>      "application/pdf",
846
  ".sig"          =>      "application/pgp-signature",
847
  ".spl"          =>      "application/futuresplash",
848
  ".class"        =>      "application/octet-stream",
849
  ".ps"           =>      "application/postscript",
850
  ".torrent"      =>      "application/x-bittorrent",
851
  ".dvi"          =>      "application/x-dvi",
852
  ".gz"           =>      "application/x-gzip",
853
  ".pac"          =>      "application/x-ns-proxy-autoconfig",
854
  ".swf"          =>      "application/x-shockwave-flash",
855
  ".tar.gz"       =>      "application/x-tgz",
856
  ".tgz"          =>      "application/x-tgz",
857
  ".tar"          =>      "application/x-tar",
858
  ".zip"          =>      "application/zip",
859
  ".mp3"          =>      "audio/mpeg",
860
  ".m3u"          =>      "audio/x-mpegurl",
861
  ".wma"          =>      "audio/x-ms-wma",
862
  ".wax"          =>      "audio/x-ms-wax",
863
  ".ogg"          =>      "audio/x-wav",
864
  ".wav"          =>      "audio/x-wav",
865
  ".gif"          =>      "image/gif",
866
  ".jpg"          =>      "image/jpeg",
867
  ".jpeg"         =>      "image/jpeg",
868
  ".png"          =>      "image/png",
869
  ".xbm"          =>      "image/x-xbitmap",
870
  ".xpm"          =>      "image/x-xpixmap",
871
  ".xwd"          =>      "image/x-xwindowdump",
872
  ".css"          =>      "text/css",
873
  ".html"         =>      "text/html",
874
  ".htm"          =>      "text/html",
875
  ".js"           =>      "text/javascript",
876
  ".asc"          =>      "text/plain",
877
  ".c"            =>      "text/plain",
878
  ".conf"         =>      "text/plain",
879
  ".text"         =>      "text/plain",
880
  ".txt"          =>      "text/plain",
881
  ".dtd"          =>      "text/xml",
882
  ".xml"          =>      "text/xml",
883
  ".mpeg"         =>      "video/mpeg",
884
  ".mpg"          =>      "video/mpeg",
885
  ".mov"          =>      "video/quicktime",
886
  ".qt"           =>      "video/quicktime",
887
  ".avi"          =>      "video/x-msvideo",
888
  ".asf"          =>      "video/x-ms-asf",
889
  ".asx"          =>      "video/x-ms-asf",
890
  ".wmv"          =>      "video/x-ms-wmv",
891
  ".bz2"          =>      "application/x-bzip",
892
  ".tbz"          =>      "application/x-bzip-compressed-tar",
893
  ".tar.bz2"      =>      "application/x-bzip-compressed-tar"
894
 )
895

    
896
# Use the "Content-Type" extended attribute to obtain mime type if possible
897
#mimetypes.use-xattr        = "enable"
898

    
899
#### accesslog module
900
#accesslog.filename          = "/dev/null"
901

    
902
## deny access the file-extensions
903
#
904
# ~    is for backupfiles from vi, emacs, joe, ...
905
# .inc is often used for code includes which should in general not be part
906
#      of the document-root
907
url.access-deny             = ( "~", ".inc" )
908

    
909

    
910
######### Options that are good to be but not neccesary to be changed #######
911

    
912
## bind to port (default: 80)
913
server.port                = {$lighty_port}
914

    
915
## error-handler for status 404
916
#server.error-handler-404   = "/error-handler.html"
917
#server.error-handler-404   = "/error-handler.php"
918

    
919
## to help the rc.scripts
920
server.pid-file            = "/var/run/{$pid_file}"
921

    
922
## virtual directory listings
923
server.dir-listing         = "disable"
924

    
925
## enable debugging
926
debug.log-request-header   = "disable"
927
debug.log-response-header  = "disable"
928
debug.log-request-handling = "disable"
929
debug.log-file-not-found   = "disable"
930

    
931
{$server_upload_dirs}
932

    
933
{$server_max_request_size}
934

    
935
{$fastcgi_config}
936

    
937
{$cgi_config}
938

    
939
{$captive_portal_mod_evasive}
940

    
941
# Turn on Lighty caching directives
942
compress.cache-dir         = "/tmp/"
943
compress.filetype          = ("text/plain", "text/html", "text/javascript", "text/css")
944

    
945
expire.url = (
946
				"" => "access 50 hours",	
947
        )
948

    
949
EOD;
950

    
951
	$cert = str_replace("\r", "", $cert);
952
	$key = str_replace("\r", "", $key);
953
	$ca = str_replace("\r", "", $ca);
954

    
955
	$cert = str_replace("\n\n", "\n", $cert);
956
	$key = str_replace("\n\n", "\n", $key);
957
	$ca = str_replace("\n\n", "\n", $ca);
958

    
959
	if($cert <> "" and $key <> "") {
960
		$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
961
		if (!$fd) {
962
			printf("Error: cannot open cert.pem in system_webgui_start().\n");
963
			return 1;
964
		}
965
		chmod("{$g['varetc_path']}/{$cert_location}", 0600);
966
		fwrite($fd, $cert);
967
		fwrite($fd, "\n");
968
		fwrite($fd, $key);
969
		fclose($fd);
970
		if($ca <> "") {
971
			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
972
			if (!$fd) {
973
				printf("Error: cannot open ca.pem in system_webgui_start().\n");
974
				return 1;
975
			}
976
			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
977
			fwrite($fd, $ca);
978
			fclose($fd);
979
		}
980
		$lighty_config .= "\n";
981
		$lighty_config .= "## ssl configuration\n";
982
		$lighty_config .= "ssl.engine = \"enable\"\n";
983
		$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
984
		if($ca <> "")
985
			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
986
	}
987

    
988
	$fd = fopen("{$filename}", "w");
989
	if (!$fd) {
990
		printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
991
		return 1;
992
	}
993
	fwrite($fd, $lighty_config);
994
	fclose($fd);
995

    
996
	return 0;
997

    
998
}
999

    
1000
function system_timezone_configure() {
1001
	global $config, $g;
1002
	if(isset($config['system']['developerspew'])) {
1003
		$mt = microtime();
1004
		echo "system_timezone_configure() being called $mt\n";
1005
	}
1006

    
1007
	$syscfg = $config['system'];
1008

    
1009
	if ($g['booting'])
1010
		echo "Setting timezone...";
1011

    
1012
	/* extract appropriate timezone file */
1013
	$timezone = $syscfg['timezone'];
1014
	if (!$timezone)
1015
		$timezone = "Etc/UTC";
1016

    
1017
	conf_mount_rw();
1018

    
1019
	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1020
		escapeshellarg($timezone) . " > /etc/localtime");
1021

    
1022
	mwexec("sync");
1023
	conf_mount_ro();
1024

    
1025
	if ($g['booting'])
1026
		echo "done.\n";
1027
}
1028

    
1029
function system_ntp_configure() {
1030
	global $config, $g;
1031

    
1032
	$syscfg = $config['system'];
1033

    
1034
	/* open configuration for wrting or bail */
1035
	$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1036
	if(!$fd) {
1037
		log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1038
		return;
1039
	}
1040

    
1041
	fwrite($fd, "# \n");
1042
	fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1043
	fwrite($fd, "# \n\n");
1044

    
1045
	/* foreach through servers and write out to ntpd.conf */
1046
	foreach (explode(' ', $syscfg['timeservers']) as $ts)
1047
		fwrite($fd, "servers {$ts}\n");
1048

    
1049
	/* Setup listener(s) if the user has configured one */
1050
        if ($config['installedpackages']['openntpd']) {
1051
    		/* server config is in coregui1 */
1052
		$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1053
		if ($xmlsettings['enable'] == 'on') {
1054
			$ifaces = explode(',', $xmlsettings['interface']);
1055
			$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
1056
			$ifaces = array_filter($ifaces, 'does_interface_exist');
1057
			$ips = array_map('find_interface_ip', $ifaces);
1058
			foreach ($ips as $ip) {
1059
				if (is_ipaddr($ip))
1060
					fwrite($fd, "listen on $ip\n");
1061
			}
1062
		}
1063
	}
1064

    
1065
	fwrite($fd, "\n");
1066

    
1067
	/* slurp! */
1068
	fclose($fd);
1069

    
1070
	/* if openntpd is running, kill it */
1071
	while(is_process_running("ntpd")) {
1072
		mwexec("/usr/bin/killall ntpd", true);
1073
	}
1074

    
1075
	/* if /var/empty does not exist, create it */
1076
	if(!is_dir("/var/empty"))
1077
		exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1078

    
1079
	if($g['booting'])
1080
		return;
1081
	
1082
	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1083
	exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1084
	
1085
	// Note that we are starting up
1086
	exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1087

    
1088
}
1089

    
1090
function sync_system_time() {
1091
	global $config, $g;
1092

    
1093
	$syscfg = $config['system'];
1094

    
1095
	if ($g['booting'])
1096
		echo "Syncing system time before startup...";
1097

    
1098
	/* foreach through servers and write out to ntpd.conf */
1099
	foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1100
		mwexec("/usr/sbin/ntpdate -s $ts");
1101
	}
1102
	
1103
	if ($g['booting'])
1104
		echo "done.\n";
1105
	
1106
}
1107

    
1108
function system_halt() {
1109
	global $g;
1110

    
1111
	system_reboot_cleanup();
1112

    
1113
	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1114
}
1115

    
1116
function system_reboot() {
1117
	global $g;
1118

    
1119
	system_reboot_cleanup();
1120

    
1121
	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1122
}
1123

    
1124
function system_reboot_sync() {
1125
	global $g;
1126

    
1127
	system_reboot_cleanup();
1128

    
1129
	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1130
}
1131

    
1132
function system_reboot_cleanup() {
1133
	mwexec("/usr/local/bin/beep.sh stop");
1134
	captiveportal_radius_stop_all();
1135
	require_once("voucher.inc");
1136
	voucher_save_db_to_config();
1137
}
1138

    
1139
function system_do_shell_commands($early = 0) {
1140
	global $config, $g;
1141
	if(isset($config['system']['developerspew'])) {
1142
		$mt = microtime();
1143
		echo "system_do_shell_commands() being called $mt\n";
1144
	}
1145

    
1146
	if ($early)
1147
		$cmdn = "earlyshellcmd";
1148
	else
1149
		$cmdn = "shellcmd";
1150

    
1151
	if (is_array($config['system'][$cmdn])) {
1152

    
1153
		/* *cmd is an array, loop through */
1154
		foreach ($config['system'][$cmdn] as $cmd) {
1155
			exec($cmd);
1156
		}
1157

    
1158
	} elseif($config['system'][$cmdn] <> "") {
1159

    
1160
		/* execute single item */
1161
		exec($config['system'][$cmdn]);
1162

    
1163
	}
1164
}
1165

    
1166
function system_console_configure() {
1167
	global $config, $g;
1168
	if(isset($config['system']['developerspew'])) {
1169
		$mt = microtime();
1170
		echo "system_console_configure() being called $mt\n";
1171
	}
1172

    
1173
	if (isset($config['system']['disableconsolemenu'])) {
1174
		touch("{$g['varetc_path']}/disableconsole");
1175
	} else {
1176
		unlink_if_exists("{$g['varetc_path']}/disableconsole");
1177
	}
1178
}
1179

    
1180
function system_dmesg_save() {
1181
	global $g;
1182
	if(isset($config['system']['developerspew'])) {
1183
		$mt = microtime();
1184
		echo "system_dmesg_save() being called $mt\n";
1185
	}
1186

    
1187
	$dmesg = "";
1188
	exec("/sbin/dmesg", $dmesg);
1189

    
1190
	/* find last copyright line (output from previous boots may be present) */
1191
	$lastcpline = 0;
1192

    
1193
	for ($i = 0; $i < count($dmesg); $i++) {
1194
		if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1195
			$lastcpline = $i;
1196
	}
1197

    
1198
	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1199
	if (!$fd) {
1200
		printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1201
		return 1;
1202
	}
1203

    
1204
	for ($i = $lastcpline; $i < count($dmesg); $i++)
1205
		fwrite($fd, $dmesg[$i] . "\n");
1206

    
1207
	fclose($fd);
1208

    
1209
	return 0;
1210
}
1211

    
1212
function system_set_harddisk_standby() {
1213
	global $g, $config;
1214
	if(isset($config['system']['developerspew'])) {
1215
		$mt = microtime();
1216
		echo "system_set_harddisk_standby() being called $mt\n";
1217
	}
1218

    
1219
	if (isset($config['system']['harddiskstandby'])) {
1220
		if ($g['booting']) {
1221
			echo 'Setting hard disk standby... ';
1222
		}
1223

    
1224
		$standby = $config['system']['harddiskstandby'];
1225
		// Check for a numeric value
1226
		if (is_numeric($standby)) {
1227
			// Sync the disk(s)
1228
			mwexec('/bin/sync');
1229
			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1230
				// Reinitialize ATA-drives
1231
				mwexec('/usr/local/sbin/atareinit');
1232
				if ($g['booting']) {
1233
					echo "done.\n";
1234
				}
1235
			} else if ($g['booting']) {
1236
				echo "failed!\n";
1237
			}
1238
		} else if ($g['booting']) {
1239
			echo "failed!\n";
1240
		}
1241
	}
1242
}
1243

    
1244
function system_setup_sysctl() {
1245
	global $config;
1246
	if(isset($config['system']['developerspew'])) {
1247
		$mt = microtime();
1248
		echo "system_setup_sysctl() being called $mt\n";
1249
	}
1250

    
1251
	activate_sysctls();	
1252

    
1253
	if (isset($config['system']['sharednet'])) {
1254
		system_disable_arp_wrong_if();
1255
	}
1256
}
1257

    
1258
function system_disable_arp_wrong_if() {
1259
	global $config;
1260
	if(isset($config['system']['developerspew'])) {
1261
		$mt = microtime();
1262
		echo "system_disable_arp_wrong_if() being called $mt\n";
1263
	}
1264
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1265
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1266
}
1267

    
1268
function system_enable_arp_wrong_if() {
1269
	global $config;
1270
	if(isset($config['system']['developerspew'])) {
1271
		$mt = microtime();
1272
		echo "system_enable_arp_wrong_if() being called $mt\n";
1273
	}
1274
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1275
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1276
}
1277

    
1278
function enable_watchdog() {
1279
	global $config;
1280
	return;
1281
	$install_watchdog = false;
1282
	$supported_watchdogs = array("Geode");
1283
	$file = file_get_contents("/var/log/dmesg.boot");
1284
	foreach($supported_watchdogs as $sd) {
1285
		if(stristr($file, "Geode")) {
1286
			$install_watchdog = true;
1287
		}
1288
	}
1289
	if($install_watchdog == true) {
1290
		if(is_process_running("watchdogd"))
1291
			mwexec("/usr/bin/killall watchdogd", true);
1292
		exec("/usr/sbin/watchdogd");
1293
	}
1294
}
1295

    
1296
?>
(39-39/50)