/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 4450527f

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36	5ba5a8de	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55	f3c91cb5	Erik Fonnesbeck
56			if (isset($sysctls[$id]))
57			return $sysctls[$id];
58	3a35f55f	Scott Ullrich	}
59
60	6df9d7e3	Scott Ullrich	function activate_sysctls() {
61			global $config, $g;
62	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66	99e88aa0	Ermal Luçi
67	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
68	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
69	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
70			$value = get_default_sysctl_value($tunable['tunable']);
71			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
72			} else {
73	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
74	b2d0140c	Scott Ullrich	}
75	d0b461f5	sullrich	}
76			}
77	6df9d7e3	Scott Ullrich	}
78
79	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
80	c3f535c0	Seth Mos	global $config, $g;
81
82			if(isset($config['system']['developerspew'])) {
83			$mt = microtime();
84			echo "system_resolvconf_generate() being called $mt\n";
85			}
86	ef217c69	Scott Ullrich
87	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
88	ef217c69	Scott Ullrich
89	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
90	ef217c69	Scott Ullrich
91	30cee7b2	Scott Ullrich	$havedns = false;
92	ef217c69	Scott Ullrich
93	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
94	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
95	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
96			foreach($ns as $searchserver) {
97			if($searchserver) {
98			$resolvconf .= "search {$searchserver}\n";
99			$havedns = true;
100			}
101			}
102	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
103			foreach($ns as $nameserver) {
104			if($nameserver) {
105			$resolvconf .= "nameserver $nameserver\n";
106			$havedns = true;
107	e428c94d	Scott Ullrich	}
108	c3f535c0	Seth Mos	}
109	30cee7b2	Scott Ullrich	}
110			if (!$havedns && is_array($syscfg['dnsserver'])) {
111	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
112			if ($ns) {
113			$resolvconf .= "nameserver $ns\n";
114			$havedns = true;
115	e428c94d	Scott Ullrich	}
116	e180a6e3	Scott Ullrich	}
117	c3f535c0	Seth Mos	}
118	0f282d7a	Scott Ullrich
119	e1daff07	Ermal	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
120			if (!$fd) {
121			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
122			return 1;
123			}
124
125	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
126			fclose($fd);
127	0f282d7a	Scott Ullrich
128	30cee7b2	Scott Ullrich	if (!$g['booting']) {
129	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
130			if (!$dynupdate)
131			services_dhcpd_configure();
132	30cee7b2	Scott Ullrich	}
133	ef217c69	Scott Ullrich
134	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
135			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136			/* setup static routes for dns servers */
137			$dnsgw = "dns{$dnscounter}gwint";
138			if (isset($config['system'][$dnsgw])) {
139			$interface = $config['system'][$dnsgw];
140			if (($interface <> "") && ($interface <> "none")) {
141			$gatewayip = get_interface_gateway($interface);
142			if(is_ipaddr($gatewayip)) {
143			/* dns server array starts at 0 */
144	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
145	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
146	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
147	b875f306	Scott Ullrich	}
148			}
149	e180a6e3	Scott Ullrich	}
150	c3f535c0	Seth Mos	}
151
152			return 0;
153	5b237745	Scott Ullrich	}
154
155	86dcdfc9	Ermal	function get_searchdomains() {
156			global $config, $g;
157
158			$master_list = array();
159
160			// Read in dhclient nameservers
161	e1daff07	Ermal	$search_list = glob("/var/etc/searchdomain_*");
162	86dcdfc9	Ermal	if (is_array($search_lists)) {
163	807fd6cd	Ermal	foreach($search_lists as $fdns) {
164			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
165			if (!is_array($contents))
166			continue;
167			foreach ($contents as $dns) {
168			if(is_hostname($dns))
169			$master_list[] = $dns;
170			}
171	86dcdfc9	Ermal	}
172			}
173
174			return $master_list;
175			}
176
177	3d00ccaa	Scott Ullrich	function get_nameservers() {
178			global $config, $g;
179			$master_list = array();
180	30cee7b2	Scott Ullrich
181	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
182	e1daff07	Ermal	$dns_lists = glob("/var/etc/nameserver_*");
183	1033de74	Ermal	if (is_array($dns_lists)) {
184	807fd6cd	Ermal	foreach($dns_lists as $fdns) {
185			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
186			if (!is_array($contents))
187			continue;
188			foreach ($contents as $dns) {
189			if(is_ipaddr($dns))
190			$master_list[] = $dns;
191			}
192	60951398	Scott Ullrich	}
193	3d00ccaa	Scott Ullrich	}
194	2a1226ad	Scott Ullrich
195			// Read in any extra nameservers
196			if(file_exists("/var/etc/nameservers.conf")) {
197	33818198	Ermal	$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
198	e1daff07	Ermal	if(is_array($dns_s)) {
199	2a1226ad	Scott Ullrich	foreach($dns_s as $dns)
200	1033de74	Ermal	if (is_ipaddr($dns))
201			$master_list[] = $dns;
202	e1daff07	Ermal	}
203	2a1226ad	Scott Ullrich	}
204
205	3d00ccaa	Scott Ullrich	return $master_list;
206			}
207
208	5b237745	Scott Ullrich	function system_hosts_generate() {
209	f19d3b7a	Scott Ullrich	global $config, $g;
210	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
211			$mt = microtime();
212	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
213	f19d3b7a	Scott Ullrich	}
214	0f282d7a	Scott Ullrich
215	5b237745	Scott Ullrich	$syscfg = $config['system'];
216			$dnsmasqcfg = $config['dnsmasq'];
217
218			if (!is_array($dnsmasqcfg['hosts'])) {
219			$dnsmasqcfg['hosts'] = array();
220			}
221			$hostscfg = $dnsmasqcfg['hosts'];
222	0f282d7a	Scott Ullrich
223	58db1fc4	Ermal	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
224	a55e9c70	Ermal Lu?i
225	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
226			$cfgip = get_interface_ip("lan");
227	f38f8062	Ermal	if (is_ipaddr($cfgip))
228			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
229	e5995f9d	Ermal	} else {
230			$sysiflist = get_configured_interface_list();
231			foreach ($sysiflist as $sysif) {
232			if (!interface_has_gateway($sysif)) {
233			$cfgip = get_interface_ip($sysif);
234			if (is_ipaddr($cfgip)) {
235			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
236			break;
237			}
238			}
239			}
240	f38f8062	Ermal	}
241	0f282d7a	Scott Ullrich
242	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
243			if ($host['host'])
244			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
245			else
246			$hosts .= "{$host['ip']} {$host['domain']}\n";
247			}
248	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
249	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
250			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
251	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
252	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
253			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
254	a56e787d	Scott Ullrich	}
255	58db1fc4	Ermal
256			/*
257			* Do not remove this because dhcpleases monitors with kqueue it needs to be
258			* killed before writing to hosts files.
259			*/
260			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
261			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
262			@unlink("{$g['varrun_path']}/dhcpleases.pid");
263			}
264			$fd = fopen("{$g['varetc_path']}/hosts", "w");
265			if (!$fd) {
266			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
267			return 1;
268			}
269	5b237745	Scott Ullrich	fwrite($fd, $hosts);
270			fclose($fd);
271	0f282d7a	Scott Ullrich
272	24d619f5	Ermal	system_dhcpleases_configure();
273
274			return 0;
275			}
276
277			function system_dhcpleases_configure() {
278	15d456b9	gnhb	global $config, $g;
279
280	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
281			if (isset($config['dnsmasq']['regdhcp'])) {
282			/* Make sure we do not error out */
283			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
284	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
285			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
286			else
287			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
288			} else {
289			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
290			@unlink("{$g['varrun_path']}/dhcpleases.pid");
291			}
292	5b237745	Scott Ullrich	}
293
294			function system_hostname_configure() {
295	f19d3b7a	Scott Ullrich	global $config, $g;
296	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
297			$mt = microtime();
298	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
299	333f8ef0	Scott Ullrich	}
300	0f282d7a	Scott Ullrich
301	5b237745	Scott Ullrich	$syscfg = $config['system'];
302	0f282d7a	Scott Ullrich
303	5b237745	Scott Ullrich	/* set hostname */
304	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
305	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
306	6bfccde7	Scott Ullrich
307			/* Setup host GUID ID. This is used by ZFS. */
308			mwexec("/etc/rc.d/hostid start");
309
310			return $status;
311	5b237745	Scott Ullrich	}
312
313	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
314	962625aa	Ermal	global $config, $g;
315	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
316			$mt = microtime();
317	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
318	58c7450e	Scott Ullrich	}
319	333f8ef0	Scott Ullrich
320	a529aced	Ermal	$gatewayip = "";
321			$interfacegw = "";
322	3cc07282	Ermal	$foundgw = false;
323	a529aced	Ermal	/* tack on all the hard defined gateways as well */
324			if (is_array($config['gateways']['gateway_item'])) {
325	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
326	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
327			if (isset($gateway['defaultgw'])) {
328	911a262f	smos	if(strstr($gateway['gateway'], ":"))
329			break;
330	a529aced	Ermal	if ($gateway['gateway'] == "dynamic")
331			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
332			$gatewayip = $gateway['gateway'];
333			$interfacegw = $gateway['interface'];
334	924f202e	Ermal	if (!empty($interfacegw)) {
335			$defaultif = get_real_interface($gateway['interface']);
336			if ($defaultif)
337			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
338			}
339			$foundgw = true;
340	a529aced	Ermal	break;
341			}
342	6e17413e	Ermal Lu?i	}
343	b24bda08	Scott Ullrich	}
344	3cc07282	Ermal	if ($foundgw == false) {
345			$defaultif = get_real_interface("wan");
346			$interfacegw = "wan";
347			$gatewayip = get_interface_gateway("wan");
348			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
349			}
350	d173230c	Seth Mos	$dont_add_route = false;
351			/* if OLSRD is enabled, allow WAN to house DHCP. */
352			if($config['installedpackages']['olsrd']) {
353			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
354			if($olsrd['enabledyngw'] == "on") {
355			$dont_add_route = true;
356	6e17413e	Ermal Lu?i	break;
357	d173230c	Seth Mos	}
358			}
359			}
360	07b54e8c	smos	/* Create a array from the existing route table */
361			exec("/usr/bin/netstat -rnf inet", $route_str);
362			array_shift($route_str);
363			array_shift($route_str);
364			array_shift($route_str);
365			array_shift($route_str);
366			$route_arr = array();
367			foreach($route_str as $routeline) {
368			$items = preg_split("/[ ]+/i", $routeline);
369	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
370	07b54e8c	smos	}
371
372	1ea67f2e	Ermal	if ($dont_add_route == false ) {
373	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
374	1ea67f2e	Ermal	;
375			else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
376	b61154fb	smos	$action = "add";
377			if(isset($route_arr['default'])) {
378	07b54e8c	smos	$action = "change";
379			}
380	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
381	96e889fc	smos	mwexec("/sbin/route {$action} -inet default " . escapeshellarg($gatewayip));
382	d173230c	Seth Mos	}
383			}
384
385	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
386	a529aced	Ermal	$gateways_arr = return_gateways_array();
387	0f282d7a	Scott Ullrich
388	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
389	a529aced	Ermal	$gatewayip = "";
390	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
391	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
392	a529aced	Ermal	continue;
393			}
394	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
395	1801c223	Ermal	if (!empty($interface) && $interface != $gateway['friendlyiface'])
396	a02708b1	Ermal	continue;
397			$gatewayip = $gateway['gateway'];
398			$interfacegw = $gateway['interface'];
399	a529aced	Ermal	$action = "add";
400	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
401	a529aced	Ermal	$action = "change";
402
403			if (is_ipaddr($gatewayip)) {
404	96e889fc	smos	mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) .
405	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
406	a529aced	Ermal	} else if (!empty($interfacegw)) {
407	96e889fc	smos	mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) .
408	a529aced	Ermal	" -iface " . escapeshellarg($interfacegw));
409	7a98edde	Seth Mos	}
410	5b237745	Scott Ullrich	}
411			}
412	67ee1ec5	Ermal Luçi
413	b9c501ea	Seth Mos	return 0;
414	5b237745	Scott Ullrich	}
415
416			function system_routing_enable() {
417	f19d3b7a	Scott Ullrich	global $config, $g;
418	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
419			$mt = microtime();
420	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
421	58c7450e	Scott Ullrich	}
422	0f282d7a	Scott Ullrich
423	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
424	5b237745	Scott Ullrich	}
425
426			function system_syslogd_start() {
427	f19d3b7a	Scott Ullrich	global $config, $g;
428	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
429			$mt = microtime();
430	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
431	58c7450e	Scott Ullrich	}
432	0f282d7a	Scott Ullrich
433	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
434
435	0f282d7a	Scott Ullrich	if ($g['booting'])
436	f05740c1	Scott Ullrich	echo "Starting syslog...";
437	5b237745	Scott Ullrich	else
438			killbypid("{$g['varrun_path']}/syslog.pid");
439	0f282d7a	Scott Ullrich
440	99f98b80	sullrich	if(is_process_running("syslogd"))
441			mwexec("/usr/bin/killall -9 syslogd");
442			if(is_process_running("fifolog_writer"))
443			mwexec("/usr/bin/killall -9 fifolog_writer");
444	7ee97cb3	Scott Ullrich
445			// Define carious commands for logging
446			$fifolog_create = "/usr/sbin/fifolog_create -s ";
447			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
448			$clog_create = "/usr/sbin/clog -i -s ";
449			$clog_log = "%";
450
451			// Which logging type are we using this week??
452			if(isset($config['system']['usefifolog'])) {
453			$log_directive = $fifolog_log;
454			$log_create_directive = $fifolog_create;
455			} else { // Defaults to CLOG
456			$log_directive = $clog_log;
457			$log_create_directive = $clog_create;
458			}
459
460	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
461	a6607b5f	jim-p	$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps');
462	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
463	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
464			if($package['logging']) {
465	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
466	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
467	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
468	a728d2ea	Colin Smith	}
469	0d9d2a1b	Scott Ullrich	}
470			}
471	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
472	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
473	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
474			if (!$fd) {
475			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
476			return 1;
477			}
478	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
479	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
480	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
481	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
482			if (!isset($syslogcfg['disablelocallogging']))
483			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
484	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
485	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
486	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
487			$syslogconf .= "!poes\n";
488	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
489	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
490			$syslogconf .= "!l2tps\n";
491	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
492	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
493	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
494	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
495	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
496	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
497			if($syslogcfg['remoteserver'])
498			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
499			if($syslogcfg['remoteserver2'])
500			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
501			if($syslogcfg['remoteserver3'])
502			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
503			}
504	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
505	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
506	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
507	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
508			if($syslogcfg['remoteserver'])
509			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
510			if($syslogcfg['remoteserver2'])
511			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
512			if($syslogcfg['remoteserver3'])
513			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
514			}
515	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
516			if (!isset($syslogcfg['disablelocallogging']))
517			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
518	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
519			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
520	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
521	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
522	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
523	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
524	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
525	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
526			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
527			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
528			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
529			local7.none {$log_directive}{$g['varlog_path']}/system.log
530			security.* {$log_directive}{$g['varlog_path']}/system.log
531			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
532	6d8ff5e9	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
533	9dac9942	Scott Ullrich	.emerg
534	0a123b4c	Scott Ullrich
535	5b237745	Scott Ullrich	EOD;
536	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
537			if($syslogcfg['remoteserver'])
538			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
539			if($syslogcfg['remoteserver2'])
540			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
541			if($syslogcfg['remoteserver3'])
542			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
543
544			}
545			if (isset($syslogcfg['vpn'])) {
546			if($syslogcfg['remoteserver'])
547			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
548			if($syslogcfg['remoteserver2'])
549			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
550			if($syslogcfg['remoteserver3'])
551			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
552			}
553			if (isset($syslogcfg['portalauth'])) {
554			if($syslogcfg['remoteserver'])
555			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
556			if($syslogcfg['remoteserver2'])
557			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
558			if($syslogcfg['remoteserver3'])
559			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
560			}
561			if (isset($syslogcfg['dhcp'])) {
562			if($syslogcfg['remoteserver'])
563			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
564			if($syslogcfg['remoteserver2'])
565			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
566			if($syslogcfg['remoteserver3'])
567			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
568			}
569			if (isset($syslogcfg['system'])) {
570			if($syslogcfg['remoteserver'])
571			$syslogconf .= <<<EOD
572	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
573			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
574			security.* @{$syslogcfg['remoteserver']}
575			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
576			*.emerg @{$syslogcfg['remoteserver']}
577	d2834563	Scott Ullrich
578	5b237745	Scott Ullrich	EOD;
579	be5d59d7	Scott Ullrich
580	07bdaacd	pierrepomes	}
581
582	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
583			if($syslogcfg['remoteserver2'])
584			$syslogconf .= <<<EOD
585			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
586			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
587			security.* @{$syslogcfg['remoteserver2']}
588			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
589			*.emerg @{$syslogcfg['remoteserver2']}
590
591			EOD;
592
593	07bdaacd	pierrepomes	}
594
595	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
596			if($syslogcfg['remoteserver3'])
597			$syslogconf .= <<<EOD
598			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
599			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
600			security.* @{$syslogcfg['remoteserver3']}
601			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
602			*.emerg @{$syslogcfg['remoteserver3']}
603
604			EOD;
605
606			}
607	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
608	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
609			$syslogconf .= <<<EOD
610	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
611
612			EOD;
613	be5d59d7	Scott Ullrich
614			if($syslogcfg['remoteserver2'])
615			$syslogconf .= <<<EOD
616			. @{$syslogcfg['remoteserver2']}
617
618			EOD;
619
620			if($syslogcfg['remoteserver3'])
621			$syslogconf .= <<<EOD
622			. @{$syslogcfg['remoteserver3']}
623
624			EOD;
625
626			}
627	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
628			fclose($fd);
629	42ee8bde	Scott Ullrich
630			// Ensure that the log directory exists
631	81868072	Scott Ullrich	if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
632	42ee8bde	Scott Ullrich	exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
633
634	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
635			if(strpos($syslogconf, "@") != false)
636	f8895161	jim-p	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
637	6a638a89	Scott Ullrich	else
638	65f7fba8	Scott Ullrich	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
639	5b237745	Scott Ullrich
640			} else {
641	65f7fba8	Scott Ullrich	$retval = mwexec("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
642	5b237745	Scott Ullrich	}
643	0f282d7a	Scott Ullrich
644	5b237745	Scott Ullrich	if ($g['booting'])
645	5c6d0f65	Colin Smith	echo "done.\n";
646	0f282d7a	Scott Ullrich
647	5b237745	Scott Ullrich	return $retval;
648			}
649
650			function system_pccard_start() {
651	f19d3b7a	Scott Ullrich	global $config, $g;
652	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
653			$mt = microtime();
654	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
655	58c7450e	Scott Ullrich	}
656	0f282d7a	Scott Ullrich
657	5b237745	Scott Ullrich	if ($g['booting'])
658	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
659	0f282d7a	Scott Ullrich
660	5b237745	Scott Ullrich	/* kill any running pccardd */
661			killbypid("{$g['varrun_path']}/pccardd.pid");
662	0f282d7a	Scott Ullrich
663	5b237745	Scott Ullrich	/* fire up pccardd */
664			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
665	0f282d7a	Scott Ullrich
666	5b237745	Scott Ullrich	if ($g['booting']) {
667			if ($res == 0)
668	5c6d0f65	Colin Smith	echo "done.\n";
669	5b237745	Scott Ullrich	else
670	5c6d0f65	Colin Smith	echo "failed!\n";
671	5b237745	Scott Ullrich	}
672	0f282d7a	Scott Ullrich
673	5b237745	Scott Ullrich	return $res;
674			}
675
676	819197a8	Scott Ullrich
677	5b237745	Scott Ullrich	function system_webgui_start() {
678	f19d3b7a	Scott Ullrich	global $config, $g;
679	877ac35d	Scott Ullrich
680			if ($g['booting'])
681	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
682	877ac35d	Scott Ullrich
683	383a4439	Scott Ullrich	/* kill any running lighttpd */
684	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
685
686	e9d0bf64	Scott Ullrich	sleep(1);
687
688	877ac35d	Scott Ullrich	chdir($g['www_path']);
689
690	fb1266d3	Matthew Grooms	/* defaults */
691			$portarg = "80";
692			$crt = "";
693			$key = "";
694	2cf6ddcb	Nigel Graham	$ca = "";
695	fb1266d3	Matthew Grooms
696	877ac35d	Scott Ullrich	/* non-standard port? */
697	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
698	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
699	877ac35d	Scott Ullrich
700			if ($config['system']['webgui']['protocol'] == "https") {
701	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
702	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
703	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
704	1e332e98	jim-p	if (!is_array($config['ca']))
705			$config['ca'] = array();
706			$a_ca =& $config['ca'];
707			if (!is_array($config['cert']))
708			$config['cert'] = array();
709			$a_cert =& $config['cert'];
710	e9954aef	Scott Ullrich	log_error("Creating SSL Certificate for this host");
711	aab4ca82	Scott Ullrich	$cert = array();
712			$cert['refid'] = uniqid();
713	f2a86ca9	jim-p	$cert['descr'] = "webConfigurator default";
714	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
715			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
716			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
717			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
718			unlink("{$g['tmp_path']}/ssl.key");
719			unlink("{$g['tmp_path']}/ssl.crt");
720	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
721			$a_cert[] = $cert;
722			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
723			write_config("Importing HTTPS certificate");
724			if(!$config['system']['webgui']['port'])
725			$portarg = "443";
726			$ca = ca_chain($cert);
727	edc8a9f8	jim-p	} else {
728	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
729			$key = base64_decode($cert['prv']);
730			if(!$config['system']['webgui']['port'])
731			$portarg = "443";
732	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
733	edc8a9f8	jim-p	}
734	877ac35d	Scott Ullrich	}
735
736			/* generate lighttpd configuration */
737			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
738	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
739	877ac35d	Scott Ullrich
740			/* attempt to start lighthttpd */
741			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
742
743	cc093472	sullrich	/* fetch page to preload apc cache */
744	eb0f4fc6	Ermal Lu?i	$proto = "http";
745			if ($config['system']['webgui']['protocol'])
746			$proto = $config['system']['webgui']['protocol'];
747	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
748	cc093472	sullrich
749	877ac35d	Scott Ullrich	if ($g['booting']) {
750			if ($res == 0)
751			echo "done.\n";
752			else
753			echo "failed!\n";
754			}
755
756			return $res;
757			}
758
759	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
760			$cert,
761			$key,
762	2cf6ddcb	Nigel Graham	$ca,
763	eb0f441c	Scott Ullrich	$pid_file,
764			$port = 80,
765			$document_root = "/usr/local/www/",
766			$cert_location = "cert.pem",
767	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
768	1b666ae2	Scott Ullrich	$max_procs = 2,
769	280b75d9	Scott Ullrich	$max_requests = "2",
770	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
771			$captive_portal = false) {
772	58c7450e	Scott Ullrich
773	f19d3b7a	Scott Ullrich	global $config, $g;
774
775	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
776			mkdir("{$g['tmp_path']}/lighttpdcompress");
777	570ef08c	sullrich
778	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
779			$mt = microtime();
780	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
781	58c7450e	Scott Ullrich	}
782
783	eb0f441c	Scott Ullrich	if($captive_portal == true) {
784			$captiveportal = ",\"mod_rewrite\"";
785	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
786	ec192fe5	Scott Ullrich	$captive_portal_module = "";
787	b0bdc06e	Scott Ullrich	$maxprocperip = $config['captiveportal']['maxprocperip'];
788	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
789			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
790			else
791			$captive_portal_mod_evasive = "";
792	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
793			exec("mkdir -p {$g['tmp_path']}/captiveportal");
794			exec("chmod a-w {$g['tmp_path']}/captiveportal");
795	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
796	b0bdc06e	Scott Ullrich	} else {
797	3435dc35	Ermal Lu?i	$captiveportal = "";
798			$captive_portal_rewrite = "";
799	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
800			$captive_portal_mod_evasive = "";
801	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
802	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
803	eb0f441c	Scott Ullrich	}
804	3306a341	Scott Ullrich
805	28cae949	Scott Ullrich	if($port <> "")
806			$lighty_port = $port;
807			else
808			$lighty_port = "80";
809	3d77d4c4	Scott Ullrich
810			$memory = get_memory();
811			$avail = $memory[0];
812
813	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
814			$fast_cgi_enable = false;
815			}
816
817	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
818			if($captive_portal == true) {
819			if($avail > 65 and $avail < 98) {
820			$max_procs = 1;
821			}
822			if($avail > 97 and $avail < 128) {
823			$max_procs = 2;
824			}
825			if($avail > 127 and $avail < 256) {
826			$max_procs = 3;
827			}
828			if($avail > 255 and $avail < 384) {
829			$max_procs = 4;
830			}
831			if($avail > 383) {
832			$max_procs = 5;
833			}
834	b0bdc06e	Scott Ullrich	}
835
836	6e337a84	Scott Ullrich	if($captive_portal == true) {
837			$bin_environment = <<<EOC
838	5e041d5f	Scott Ullrich	"bin-environment" => (
839	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
840			"PHP_FCGI_MAX_REQUESTS" => "500"
841	6e337a84	Scott Ullrich	),
842			EOC;
843
844	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
845			$bin_environment = <<<EOC
846	980df75c	Scott Ullrich	"bin-environment" => (
847	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
848	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
849	04f4a116	Ermal Luçi	),
850
851			EOC;
852			} else
853	980df75c	Scott Ullrich	$bin_environment = <<<EOC
854			"bin-environment" => (
855			"PHP_FCGI_CHILDREN" => "$max_procs",
856			"PHP_FCGI_MAX_REQUESTS" => "500"
857			),
858			EOC;
859
860	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
861	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
862	4edb490d	Scott Ullrich	$cgi_config = "";
863			$fastcgi_config = <<<EOD
864			#### fastcgi module
865			## read fastcgi.txt for more info
866	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
867			( "localhost" =>
868			(
869	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
870	980df75c	Scott Ullrich	"min-procs" => 0,
871	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
872	6e337a84	Scott Ullrich	{$bin_environment}
873	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
874			)
875			)
876			)
877	4edb490d	Scott Ullrich
878	dde4f60c	Scott Ullrich	#### CGI module
879	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
880	dde4f60c	Scott Ullrich
881	4edb490d	Scott Ullrich	EOD;
882			} else {
883			$fastcgi_config = "";
884			$module = "\"mod_cgi\"";
885			$cgi_config = <<<EOD
886			#### CGI module
887			cgi.assign = ( ".php" => "/usr/local/bin/php",
888	d4302f46	Espen Johansen	".cgi" => "" )
889	333f8ef0	Scott Ullrich
890	4edb490d	Scott Ullrich	EOD;
891			}
892	333f8ef0	Scott Ullrich
893	3435dc35	Ermal Lu?i	$lighty_config = "";
894	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
895	28cae949	Scott Ullrich	#
896	a632cf43	Scott Ullrich	# lighttpd configuration file
897			#
898			# use a it as base for lighttpd 1.0.0 and above
899	28cae949	Scott Ullrich	#
900	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
901
902	770b4b9c	Scott Ullrich	## FreeBSD!
903	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
904			server.network-backend = "writev"
905	096261af	Scott Ullrich
906	a632cf43	Scott Ullrich	## modules to load
907	4edb490d	Scott Ullrich	server.modules = (
908	c93ad789	Scott Ullrich	{$captive_portal_module}
909	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
910	c93ad789	Scott Ullrich	{$module}{$captiveportal}
911			)
912	28cae949	Scott Ullrich
913			## Unused modules
914	6a019c11	Scott Ullrich	# "mod_setenv",
915			# "mod_rewrite",
916	28cae949	Scott Ullrich	# "mod_ssi",
917			# "mod_usertrack",
918			# "mod_expire",
919			# "mod_secdownload",
920			# "mod_rrdtool",
921	a632cf43	Scott Ullrich	# "mod_auth",
922			# "mod_status",
923	28cae949	Scott Ullrich	# "mod_alias",
924	a632cf43	Scott Ullrich	# "mod_proxy",
925			# "mod_simple_vhost",
926			# "mod_evhost",
927			# "mod_userdir",
928	28cae949	Scott Ullrich	# "mod_cgi",
929	a632cf43	Scott Ullrich
930	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
931			server.max-keep-alive-idle = 30
932
933	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
934			## server.virtual-* options
935	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
936	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
937	a632cf43	Scott Ullrich
938	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
939			server.max-write-idle = 999
940
941	a632cf43	Scott Ullrich	## where to send error-messages to
942	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
943	a632cf43	Scott Ullrich
944			# files to check for if .../ is requested
945			server.indexfiles = ( "index.php", "index.html",
946			"index.htm", "default.htm" )
947
948			# mimetype mapping
949			mimetype.assign = (
950			".pdf" => "application/pdf",
951			".sig" => "application/pgp-signature",
952			".spl" => "application/futuresplash",
953			".class" => "application/octet-stream",
954			".ps" => "application/postscript",
955			".torrent" => "application/x-bittorrent",
956			".dvi" => "application/x-dvi",
957			".gz" => "application/x-gzip",
958			".pac" => "application/x-ns-proxy-autoconfig",
959			".swf" => "application/x-shockwave-flash",
960			".tar.gz" => "application/x-tgz",
961			".tgz" => "application/x-tgz",
962			".tar" => "application/x-tar",
963			".zip" => "application/zip",
964			".mp3" => "audio/mpeg",
965			".m3u" => "audio/x-mpegurl",
966			".wma" => "audio/x-ms-wma",
967			".wax" => "audio/x-ms-wax",
968			".ogg" => "audio/x-wav",
969			".wav" => "audio/x-wav",
970			".gif" => "image/gif",
971			".jpg" => "image/jpeg",
972			".jpeg" => "image/jpeg",
973			".png" => "image/png",
974			".xbm" => "image/x-xbitmap",
975			".xpm" => "image/x-xpixmap",
976			".xwd" => "image/x-xwindowdump",
977			".css" => "text/css",
978			".html" => "text/html",
979			".htm" => "text/html",
980			".js" => "text/javascript",
981			".asc" => "text/plain",
982			".c" => "text/plain",
983			".conf" => "text/plain",
984			".text" => "text/plain",
985			".txt" => "text/plain",
986			".dtd" => "text/xml",
987			".xml" => "text/xml",
988			".mpeg" => "video/mpeg",
989			".mpg" => "video/mpeg",
990			".mov" => "video/quicktime",
991			".qt" => "video/quicktime",
992			".avi" => "video/x-msvideo",
993			".asf" => "video/x-ms-asf",
994			".asx" => "video/x-ms-asf",
995			".wmv" => "video/x-ms-wmv",
996			".bz2" => "application/x-bzip",
997			".tbz" => "application/x-bzip-compressed-tar",
998			".tar.bz2" => "application/x-bzip-compressed-tar"
999			)
1000
1001			# Use the "Content-Type" extended attribute to obtain mime type if possible
1002			#mimetypes.use-xattr = "enable"
1003
1004			#### accesslog module
1005	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
1006	a632cf43	Scott Ullrich
1007			## deny access the file-extensions
1008			#
1009			# ~ is for backupfiles from vi, emacs, joe, ...
1010			# .inc is often used for code includes which should in general not be part
1011			# of the document-root
1012			url.access-deny = ( "~", ".inc" )
1013
1014
1015			######### Options that are good to be but not neccesary to be changed #######
1016
1017			## bind to port (default: 80)
1018	28cae949	Scott Ullrich	server.port = {$lighty_port}
1019	a632cf43	Scott Ullrich
1020			## error-handler for status 404
1021			#server.error-handler-404 = "/error-handler.html"
1022			#server.error-handler-404 = "/error-handler.php"
1023
1024			## to help the rc.scripts
1025			server.pid-file = "/var/run/{$pid_file}"
1026
1027			## virtual directory listings
1028	28cae949	Scott Ullrich	server.dir-listing = "disable"
1029	a632cf43	Scott Ullrich
1030			## enable debugging
1031	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1032			debug.log-response-header = "disable"
1033			debug.log-request-handling = "disable"
1034			debug.log-file-not-found = "disable"
1035	a632cf43	Scott Ullrich
1036	570ef08c	sullrich	# gzip compression
1037	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1038	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1039
1040	3306a341	Scott Ullrich	{$server_upload_dirs}
1041	1ef7b568	Scott Ullrich
1042	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1043	ee959dc4	Scott Ullrich
1044	4edb490d	Scott Ullrich	{$fastcgi_config}
1045
1046			{$cgi_config}
1047	a632cf43	Scott Ullrich
1048	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1049
1050	569f47e9	Scott Ullrich	expire.url = (
1051	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1052	569f47e9	Scott Ullrich	)
1053
1054	a632cf43	Scott Ullrich	EOD;
1055
1056	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1057	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1058	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1059	7aae518a	Scott Ullrich
1060			$cert = str_replace("\n\n", "\n", $cert);
1061	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1062	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1063	7aae518a	Scott Ullrich
1064	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1065	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1066	5b237745	Scott Ullrich	if (!$fd) {
1067			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1068			return 1;
1069			}
1070	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1071	5b237745	Scott Ullrich	fwrite($fd, $cert);
1072			fwrite($fd, "\n");
1073			fwrite($fd, $key);
1074			fclose($fd);
1075	546f30ca	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0))) {
1076	2cf6ddcb	Nigel Graham	$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1077			if (!$fd) {
1078			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1079			return 1;
1080			}
1081			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1082			fwrite($fd, $ca);
1083			fclose($fd);
1084			}
1085	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1086	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1087	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1088	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1089	673ee7b1	Scott Ullrich
1090			// Harden SSL a bit for PCI conformance testing
1091			$lighty_config .= "ssl.use-sslv2 = \"disable\"\n";
1092			$lighty_config .= "ssl.cipher-list = \"TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH\"\n";
1093
1094	75e9ed89	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0)))
1095	2cf6ddcb	Nigel Graham	$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1096	5b237745	Scott Ullrich	}
1097	a978a0ff	Chris Buechler
1098			// Add HTTP to HTTPS redirect
1099			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1100	7921e8e5	Chris Buechler	if($lighty_port != "443")
1101			$redirectport = ":{$lighty_port}";
1102	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1103			\$SERVER["socket"] == ":80" {
1104			\$HTTP["host"] =~ "(.*)" {
1105	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1106	d7e230ae	Chris Buechler	}
1107			}
1108			EOD;
1109			}
1110	0f282d7a	Scott Ullrich
1111	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1112	a632cf43	Scott Ullrich	if (!$fd) {
1113	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1114	a632cf43	Scott Ullrich	return 1;
1115	5b237745	Scott Ullrich	}
1116	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1117			fclose($fd);
1118
1119			return 0;
1120	0f282d7a	Scott Ullrich
1121	5b237745	Scott Ullrich	}
1122
1123			function system_timezone_configure() {
1124	f19d3b7a	Scott Ullrich	global $config, $g;
1125	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1126			$mt = microtime();
1127	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1128	333f8ef0	Scott Ullrich	}
1129	5b237745	Scott Ullrich
1130			$syscfg = $config['system'];
1131
1132			if ($g['booting'])
1133	f05740c1	Scott Ullrich	echo "Setting timezone...";
1134	5b237745	Scott Ullrich
1135			/* extract appropriate timezone file */
1136			$timezone = $syscfg['timezone'];
1137			if (!$timezone)
1138			$timezone = "Etc/UTC";
1139	0f282d7a	Scott Ullrich
1140	34febcde	Scott Ullrich	conf_mount_rw();
1141
1142	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1143	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1144
1145	4efd4885	Scott Ullrich	mwexec("sync");
1146	27150275	Scott Ullrich	conf_mount_ro();
1147	34febcde	Scott Ullrich
1148	5b237745	Scott Ullrich	if ($g['booting'])
1149	5c6d0f65	Colin Smith	echo "done.\n";
1150	5b237745	Scott Ullrich	}
1151
1152			function system_ntp_configure() {
1153	f19d3b7a	Scott Ullrich	global $config, $g;
1154	5b237745	Scott Ullrich
1155	b2305621	Ermal	$ntpcfg = "# \n";
1156			$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
1157			$ntpcfg .= "# \n\n";
1158	0f282d7a	Scott Ullrich
1159	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1160	b2305621	Ermal	foreach (explode(' ', $config['system']['timeservers']) as $ts)
1161			$ntpcfg .= "servers {$ts}\n";
1162	0f282d7a	Scott Ullrich
1163	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1164	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1165			/* server config is in coregui1 */
1166	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1167			if ($xmlsettings['enable'] == 'on') {
1168			$ifaces = explode(',', $xmlsettings['interface']);
1169	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1170	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1171			$ips = array_map('find_interface_ip', $ifaces);
1172			foreach ($ips as $ip) {
1173	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1174	5b64e336	jim-p	$ntpcfg .= "listen on $ip\n";
1175	5b6210e3	Bill Marquette	}
1176	95594e5a	Scott Ullrich	}
1177			}
1178	5b64e336	jim-p	$ntpcfg .= "\n";
1179	95594e5a	Scott Ullrich
1180	b2305621	Ermal	/* open configuration for wrting or bail */
1181			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1182			if(!$fd) {
1183			log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1184			return;
1185			}
1186			fwrite($fd, $ntpcfg);
1187	0f282d7a	Scott Ullrich
1188	20b90e0a	Scott Ullrich	/* slurp! */
1189			fclose($fd);
1190
1191			/* if openntpd is running, kill it */
1192	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1193	c8960970	Ermal	killbyname("ntpd");
1194	5f3e1f12	Scott Ullrich	}
1195
1196			/* if /var/empty does not exist, create it */
1197			if(!is_dir("/var/empty"))
1198			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1199
1200	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1201			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1202	83eb4567	Scott Ullrich
1203			// Note that we are starting up
1204	0b9d02f3	jim-p	log_error("OpenNTPD is starting up.");
1205	0f282d7a	Scott Ullrich
1206	5b237745	Scott Ullrich	}
1207
1208	652cf082	Seth Mos	function sync_system_time() {
1209			global $config, $g;
1210
1211			if ($g['booting'])
1212	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1213	652cf082	Seth Mos
1214			/* foreach through servers and write out to ntpd.conf */
1215	b2305621	Ermal	foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1216	652cf082	Seth Mos	mwexec("/usr/sbin/ntpdate -s $ts");
1217			}
1218	4582b281	Scott Ullrich
1219			if ($g['booting'])
1220			echo "done.\n";
1221
1222	652cf082	Seth Mos	}
1223
1224	405e5de0	Scott Ullrich	function system_halt() {
1225			global $g;
1226
1227			system_reboot_cleanup();
1228
1229	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1230	405e5de0	Scott Ullrich	}
1231
1232	5b237745	Scott Ullrich	function system_reboot() {
1233			global $g;
1234	0f282d7a	Scott Ullrich
1235	5b237745	Scott Ullrich	system_reboot_cleanup();
1236	0f282d7a	Scott Ullrich
1237	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1238			}
1239
1240			function system_reboot_sync() {
1241			global $g;
1242	0f282d7a	Scott Ullrich
1243	5b237745	Scott Ullrich	system_reboot_cleanup();
1244	0f282d7a	Scott Ullrich
1245	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1246			}
1247
1248			function system_reboot_cleanup() {
1249	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1250	04967d99	jim-p	require_once("captiveportal.inc");
1251	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1252	336e3c1c	Charlie	require_once("voucher.inc");
1253			voucher_save_db_to_config();
1254	5b237745	Scott Ullrich	}
1255
1256			function system_do_shell_commands($early = 0) {
1257	f19d3b7a	Scott Ullrich	global $config, $g;
1258	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1259			$mt = microtime();
1260	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1261	58c7450e	Scott Ullrich	}
1262	0f282d7a	Scott Ullrich
1263	5b237745	Scott Ullrich	if ($early)
1264			$cmdn = "earlyshellcmd";
1265			else
1266			$cmdn = "shellcmd";
1267	0f282d7a	Scott Ullrich
1268	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1269	333f8ef0	Scott Ullrich
1270	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1271	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1272			exec($cmd);
1273			}
1274	245388b4	Scott Ullrich
1275			} elseif($config['system'][$cmdn] <> "") {
1276	333f8ef0	Scott Ullrich
1277	245388b4	Scott Ullrich	/* execute single item */
1278			exec($config['system'][$cmdn]);
1279
1280	5b237745	Scott Ullrich	}
1281			}
1282
1283			function system_console_configure() {
1284	f19d3b7a	Scott Ullrich	global $config, $g;
1285	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1286			$mt = microtime();
1287	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1288	333f8ef0	Scott Ullrich	}
1289	0f282d7a	Scott Ullrich
1290	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1291			touch("{$g['varetc_path']}/disableconsole");
1292			} else {
1293			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1294			}
1295			}
1296
1297			function system_dmesg_save() {
1298	f19d3b7a	Scott Ullrich	global $g;
1299	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1300			$mt = microtime();
1301	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1302	f19d3b7a	Scott Ullrich	}
1303	0f282d7a	Scott Ullrich
1304	767a716e	Scott Ullrich	$dmesg = "";
1305	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1306	0f282d7a	Scott Ullrich
1307	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1308			$lastcpline = 0;
1309	0f282d7a	Scott Ullrich
1310	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1311			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1312			$lastcpline = $i;
1313			}
1314	0f282d7a	Scott Ullrich
1315	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1316			if (!$fd) {
1317			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1318			return 1;
1319			}
1320	0f282d7a	Scott Ullrich
1321	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1322			fwrite($fd, $dmesg[$i] . "\n");
1323	0f282d7a	Scott Ullrich
1324	5b237745	Scott Ullrich	fclose($fd);
1325	0f282d7a	Scott Ullrich
1326	5b237745	Scott Ullrich	return 0;
1327			}
1328
1329			function system_set_harddisk_standby() {
1330	f19d3b7a	Scott Ullrich	global $g, $config;
1331	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1332			$mt = microtime();
1333	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1334	58c7450e	Scott Ullrich	}
1335	5b237745	Scott Ullrich
1336			if (isset($config['system']['harddiskstandby'])) {
1337			if ($g['booting']) {
1338	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1339	5b237745	Scott Ullrich	}
1340
1341			$standby = $config['system']['harddiskstandby'];
1342			// Check for a numeric value
1343			if (is_numeric($standby)) {
1344			// Sync the disk(s)
1345	5ba5a8de	Scott Ullrich	pfSense_sync();
1346	5b237745	Scott Ullrich	if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1347			// Reinitialize ATA-drives
1348			mwexec('/usr/local/sbin/atareinit');
1349			if ($g['booting']) {
1350	5c6d0f65	Colin Smith	echo "done.\n";
1351	5b237745	Scott Ullrich	}
1352			} else if ($g['booting']) {
1353	5c6d0f65	Colin Smith	echo "failed!\n";
1354	5b237745	Scott Ullrich	}
1355			} else if ($g['booting']) {
1356	5c6d0f65	Colin Smith	echo "failed!\n";
1357	5b237745	Scott Ullrich	}
1358			}
1359			}
1360
1361	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1362	f19d3b7a	Scott Ullrich	global $config;
1363	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1364			$mt = microtime();
1365	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1366	58c7450e	Scott Ullrich	}
1367	243aa7b9	Scott Ullrich
1368	6df9d7e3	Scott Ullrich	activate_sysctls();
1369
1370	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1371			system_disable_arp_wrong_if();
1372			}
1373			}
1374
1375			function system_disable_arp_wrong_if() {
1376	f19d3b7a	Scott Ullrich	global $config;
1377	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1378			$mt = microtime();
1379	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1380	333f8ef0	Scott Ullrich	}
1381	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1382	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1383	3ff9d424	Scott Ullrich	}
1384
1385	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1386	f19d3b7a	Scott Ullrich	global $config;
1387	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1388			$mt = microtime();
1389	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1390	58c7450e	Scott Ullrich	}
1391	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1392	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1393	243aa7b9	Scott Ullrich	}
1394
1395	a199b93e	Scott Ullrich	function enable_watchdog() {
1396			global $config;
1397	1a479479	Scott Ullrich	return;
1398	a199b93e	Scott Ullrich	$install_watchdog = false;
1399			$supported_watchdogs = array("Geode");
1400			$file = file_get_contents("/var/log/dmesg.boot");
1401			foreach($supported_watchdogs as $sd) {
1402			if(stristr($file, "Geode")) {
1403			$install_watchdog = true;
1404			}
1405			}
1406			if($install_watchdog == true) {
1407	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1408	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1409	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1410	a199b93e	Scott Ullrich	}
1411			}
1412	15f14889	Scott Ullrich
1413			function system_check_reset_button() {
1414	fa83737d	Scott Ullrich	global $g;
1415	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1416	fa83737d	Scott Ullrich	return 0;
1417	15f14889	Scott Ullrich
1418	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1419
1420	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1421			return 0;
1422
1423			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1424
1425			if ($retval == 99) {
1426			/* user has pressed reset button for 2 seconds -
1427			reset to factory defaults */
1428			echo <<<EOD
1429
1430			***********************************************************************
1431			* Reset button pressed - resetting configuration to factory defaults. *
1432			* The system will reboot after this completes. *
1433			***********************************************************************
1434
1435
1436			EOD;
1437
1438			reset_factory_defaults();
1439			system_reboot_sync();
1440			exit(0);
1441			}
1442
1443			return 0;
1444			}
1445
1446	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1447			Returns an array with two elements:
1448			name => platform string (e.g. 'wrap', 'alix' etc.)
1449			descr => human-readable description (e.g. "PC Engines WRAP")
1450			*/
1451			function system_identify_specific_platform() {
1452			global $g;
1453
1454			if ($g['platform'] == 'generic-pc')
1455			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1456
1457			if ($g['platform'] == 'generic-pc-cdrom')
1458			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1459
1460			/* the rest of the code only deals with 'embedded' platforms */
1461	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1462	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1463
1464			$dmesg = system_get_dmesg_boot();
1465
1466			if (strpos($dmesg, "PC Engines WRAP") !== false)
1467			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1468
1469			if (strpos($dmesg, "PC Engines ALIX") !== false)
1470			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1471
1472			if (preg_match("/Soekris net45../", $dmesg, $matches))
1473			return array('name' => 'net45xx', 'descr' => $matches[0]);
1474
1475			if (preg_match("/Soekris net48../", $dmesg, $matches))
1476			return array('name' => 'net48xx', 'descr' => $matches[0]);
1477
1478			if (preg_match("/Soekris net55../", $dmesg, $matches))
1479			return array('name' => 'net55xx', 'descr' => $matches[0]);
1480
1481			/* unknown embedded platform */
1482			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1483			}
1484
1485			function system_get_dmesg_boot() {
1486			global $g;
1487	d16af75d	Scott Ullrich
1488	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1489			}
1490
1491	e1daff07	Ermal	?>

Project

General

Profile

pfSense