Project

General

Profile

Download (43.4 KB) Statistics
| Branch: | Tag: | Revision:
1 5b237745 Scott Ullrich
<?php
2 307cd525 Bill Marquette
/* $Id$ */
3 5b237745 Scott Ullrich
/*
4
	system.inc
5
	part of m0n0wall (http://m0n0.ch/wall)
6 0f282d7a Scott Ullrich
7 5b237745 Scott Ullrich
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8
	All rights reserved.
9 0f282d7a Scott Ullrich
10 5b237745 Scott Ullrich
	Redistribution and use in source and binary forms, with or without
11
	modification, are permitted provided that the following conditions are met:
12 0f282d7a Scott Ullrich
13 5b237745 Scott Ullrich
	1. Redistributions of source code must retain the above copyright notice,
14
	   this list of conditions and the following disclaimer.
15 0f282d7a Scott Ullrich
16 5b237745 Scott Ullrich
	2. Redistributions in binary form must reproduce the above copyright
17
	   notice, this list of conditions and the following disclaimer in the
18
	   documentation and/or other materials provided with the distribution.
19 0f282d7a Scott Ullrich
20 5b237745 Scott Ullrich
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
	POSSIBILITY OF SUCH DAMAGE.
30
*/
31
32 523855b0 Scott Ullrich
/*
33
	pfSense_BUILDER_BINARIES:	/usr/sbin/powerd	/usr/bin/killall	/sbin/sysctl	/sbin/route
34
	pfSense_BUILDER_BINARIES:	/bin/hostname	/bin/ls	/usr/bin/netstat	/usr/sbin/syslogd	
35
	pfSense_BUILDER_BINARIES:	/usr/sbin/pccardd	/usr/local/sbin/lighttpd	/bin/chmod 	/bin/mkdir
36 5ba5a8de Scott Ullrich
	pfSense_BUILDER_BINARIES:	/usr/bin/tar		/usr/local/sbin/ntpd	/usr/sbin/ntpdate
37 c3b13d60 jim-p
	pfSense_BUILDER_BINARIES:	/usr/bin/nohup	/sbin/dmesg	/usr/local/sbin/atareinit	/sbin/kldload
38 523855b0 Scott Ullrich
	pfSense_MODULE:	utils
39
*/
40 0f282d7a Scott Ullrich
41 8e9fa41d Scott Ullrich
function activate_powerd() {
42
	global $config, $g;
43
	if(isset($config['system']['powerd_enable'])) {
44 c3b13d60 jim-p
		if ($g["platform"] == "nanobsd")
45
			exec("/sbin/kldload cpufreq");
46 8e9fa41d Scott Ullrich
		exec("/usr/sbin/powerd -b adp -a adp");
47
	} else {
48 1e5c49aa sullrich
		if(is_process_running("powerd"))
49
			exec("/usr/bin/killall powerd");
50 8e9fa41d Scott Ullrich
	}
51
}
52
53 3a35f55f Scott Ullrich
function get_default_sysctl_value($id) {
54
	global $sysctls;
55 f3c91cb5 Erik Fonnesbeck
56
	if (isset($sysctls[$id]))
57
		return $sysctls[$id];
58 3a35f55f Scott Ullrich
}
59
60 6df9d7e3 Scott Ullrich
function activate_sysctls() {
61
	global $config, $g;
62 08c7e2e3 Chris Buechler
	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63 ddcb7b8c Bill Marquette
	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64 08c7e2e3 Chris Buechler
	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65 c0192947 Scott Ullrich
	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66 99e88aa0 Ermal Luçi
67 3a35f55f Scott Ullrich
	if(is_array($config['sysctl'])) {
68 cac19f50 Scott Ullrich
		foreach($config['sysctl']['item'] as $tunable) {
69 b2d0140c Scott Ullrich
			if($tunable['value'] == "default") {
70
				$value = get_default_sysctl_value($tunable['tunable']);
71
				mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value .  "\"");
72
			} else { 
73 09f82b11 Administrator
				mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] .  "\"");
74 b2d0140c Scott Ullrich
			}
75 d0b461f5 sullrich
		}
76
	}
77 6df9d7e3 Scott Ullrich
}
78
79 5b237745 Scott Ullrich
function system_resolvconf_generate($dynupdate = false) {
80 c3f535c0 Seth Mos
	global $config, $g;
81
82
	if(isset($config['system']['developerspew'])) {
83
		$mt = microtime();
84
		echo "system_resolvconf_generate() being called $mt\n";
85
	}
86 ef217c69 Scott Ullrich
87 30cee7b2 Scott Ullrich
	$syscfg = $config['system'];
88 ef217c69 Scott Ullrich
89 30cee7b2 Scott Ullrich
	$resolvconf = "domain {$syscfg['domain']}\n";
90 ef217c69 Scott Ullrich
91 30cee7b2 Scott Ullrich
	$havedns = false;
92 ef217c69 Scott Ullrich
93 30cee7b2 Scott Ullrich
	if (isset($syscfg['dnsallowoverride'])) {
94 c3f535c0 Seth Mos
		/* get dynamically assigned DNS servers (if any) */
95 86dcdfc9 Ermal
		$ns = array_unique(get_searchdomains());
96
		foreach($ns as $searchserver) {
97
			if($searchserver) {
98
				$resolvconf .= "search {$searchserver}\n";
99
				$havedns = true;
100
			}
101
		}
102 c3f535c0 Seth Mos
		$ns = array_unique(get_nameservers());
103
		foreach($ns as $nameserver) {
104
			if($nameserver) {
105
				$resolvconf .= "nameserver $nameserver\n";
106
				$havedns = true;
107 e428c94d Scott Ullrich
			}
108 c3f535c0 Seth Mos
		}
109 30cee7b2 Scott Ullrich
	}
110
	if (!$havedns && is_array($syscfg['dnsserver'])) {
111 c3f535c0 Seth Mos
		foreach ($syscfg['dnsserver'] as $ns) {
112
			if ($ns) {
113
				$resolvconf .= "nameserver $ns\n";
114
				$havedns = true;
115 e428c94d Scott Ullrich
			}
116 e180a6e3 Scott Ullrich
		}
117 c3f535c0 Seth Mos
	}
118 0f282d7a Scott Ullrich
119 e1daff07 Ermal
	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
120
	if (!$fd) {
121
		printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
122
		return 1;
123
	}
124
125 30cee7b2 Scott Ullrich
	fwrite($fd, $resolvconf);
126
	fclose($fd);
127 0f282d7a Scott Ullrich
128 30cee7b2 Scott Ullrich
	if (!$g['booting']) {
129 c3f535c0 Seth Mos
		/* restart dhcpd (nameservers may have changed) */
130
		if (!$dynupdate)
131
			services_dhcpd_configure();
132 30cee7b2 Scott Ullrich
	}
133 ef217c69 Scott Ullrich
134 c3f535c0 Seth Mos
	/* setup static routes for DNS servers. */
135
	for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136
		/* setup static routes for dns servers */
137
		$dnsgw = "dns{$dnscounter}gwint";
138
		if (isset($config['system'][$dnsgw])) {
139
			$interface = $config['system'][$dnsgw];
140
			if (($interface <> "") && ($interface <> "none")) {
141
				$gatewayip = get_interface_gateway($interface);
142
				if(is_ipaddr($gatewayip)) {
143
					/* dns server array starts at 0 */
144 b875f306 Scott Ullrich
					$dnscountermo = $dnscounter - 1;
145 84d07e67 Seth Mos
					mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
146 c3f535c0 Seth Mos
					mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
147 b875f306 Scott Ullrich
				}
148
			}
149 e180a6e3 Scott Ullrich
		}
150 c3f535c0 Seth Mos
	}
151
	
152
	return 0;
153 5b237745 Scott Ullrich
}
154
155 86dcdfc9 Ermal
function get_searchdomains() {
156
	global $config, $g;
157
158
	$master_list = array();
159
	
160
	// Read in dhclient nameservers
161 e1daff07 Ermal
	$search_list = glob("/var/etc/searchdomain_*");
162 86dcdfc9 Ermal
	if (is_array($search_lists)) {
163 807fd6cd Ermal
		foreach($search_lists as $fdns) {
164
			$contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
165
			if (!is_array($contents))
166
				continue;
167
			foreach ($contents as $dns) {
168
				if(is_hostname($dns)) 
169
					$master_list[] = $dns;
170
			}
171 86dcdfc9 Ermal
		}
172
	}
173
174
	return $master_list;
175
}
176
177 3d00ccaa Scott Ullrich
function get_nameservers() {
178
	global $config, $g;
179
	$master_list = array();
180 30cee7b2 Scott Ullrich
	
181 2a1226ad Scott Ullrich
	// Read in dhclient nameservers
182 e1daff07 Ermal
	$dns_lists = glob("/var/etc/nameserver_*");
183 1033de74 Ermal
	if (is_array($dns_lists)) {
184 807fd6cd Ermal
		foreach($dns_lists as $fdns) {
185
			$contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
186
			if (!is_array($contents))
187
				continue;
188
			foreach ($contents as $dns) {
189
				if(is_ipaddr($dns)) 
190
					$master_list[] = $dns;
191
			}
192 60951398 Scott Ullrich
		}
193 3d00ccaa Scott Ullrich
	}
194 2a1226ad Scott Ullrich
195
	// Read in any extra nameservers
196
	if(file_exists("/var/etc/nameservers.conf")) {
197 33818198 Ermal
		$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
198 e1daff07 Ermal
		if(is_array($dns_s)) {
199 2a1226ad Scott Ullrich
			foreach($dns_s as $dns)
200 1033de74 Ermal
				if (is_ipaddr($dns))
201
					$master_list[] = $dns;
202 e1daff07 Ermal
		}
203 2a1226ad Scott Ullrich
	}
204
205 3d00ccaa Scott Ullrich
	return $master_list;
206
}
207
208 5b237745 Scott Ullrich
function system_hosts_generate() {
209 f19d3b7a Scott Ullrich
	global $config, $g;
210 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
211
		$mt = microtime();
212 dcf0598e Scott Ullrich
		echo "system_hosts_generate() being called $mt\n";
213 f19d3b7a Scott Ullrich
	}
214 0f282d7a Scott Ullrich
215 5b237745 Scott Ullrich
	$syscfg = $config['system'];
216
	$dnsmasqcfg = $config['dnsmasq'];
217
218
	if (!is_array($dnsmasqcfg['hosts'])) {
219
		$dnsmasqcfg['hosts'] = array();
220
	}
221
	$hostscfg = $dnsmasqcfg['hosts'];
222 0f282d7a Scott Ullrich
223 58db1fc4 Ermal
	$hosts = "127.0.0.1	localhost localhost.{$syscfg['domain']}\n";
224 a55e9c70 Ermal Lu?i
225 e5995f9d Ermal
	if ($config['interfaces']['lan']) {
226
		$cfgip = get_interface_ip("lan");
227 f38f8062 Ermal
		if (is_ipaddr($cfgip))
228
			$hosts .= "{$cfgip}	{$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
229 e5995f9d Ermal
	} else {
230
		$sysiflist = get_configured_interface_list();
231
		foreach ($sysiflist as $sysif) {
232
			if (!interface_has_gateway($sysif)) {
233
				$cfgip = get_interface_ip($sysif);
234
				if (is_ipaddr($cfgip)) {
235
					$hosts .= "{$cfgip}	{$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
236
					break;
237
				}
238
			}
239
		}
240 f38f8062 Ermal
	}
241 0f282d7a Scott Ullrich
242 5b237745 Scott Ullrich
	foreach ($hostscfg as $host) {
243
		if ($host['host'])
244
			$hosts .= "{$host['ip']}	{$host['host']}.{$host['domain']} {$host['host']}\n";
245
		else
246
			$hosts .= "{$host['ip']}	{$host['domain']}\n";
247
	}
248 da6155e0 Erik Fonnesbeck
	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
249 6a01ea44 Bill Marquette
		foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
250
			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
251 a56e787d Scott Ullrich
					foreach ($dhcpifconf['staticmap'] as $host)
252 6a01ea44 Bill Marquette
						if ($host['ipaddr'] && $host['hostname'])
253
							$hosts .= "{$host['ipaddr']}	{$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
254 a56e787d Scott Ullrich
	}
255 58db1fc4 Ermal
256
	/*
257
	 * Do not remove this because dhcpleases monitors with kqueue it needs to be 
258
	 * killed before writing to hosts files.
259
	 */
260
	if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
261
		sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
262
                @unlink("{$g['varrun_path']}/dhcpleases.pid");
263
	}
264
	$fd = fopen("{$g['varetc_path']}/hosts", "w");
265
	if (!$fd) {
266
		log_error("Error: cannot open hosts file in system_hosts_generate().\n");
267
		return 1;
268
	}
269 5b237745 Scott Ullrich
	fwrite($fd, $hosts);
270
	fclose($fd);
271 0f282d7a Scott Ullrich
272 24d619f5 Ermal
	system_dhcpleases_configure();
273
274
	return 0;
275
}
276
277
function system_dhcpleases_configure() {
278 15d456b9 gnhb
	global $config, $g;
279
	
280 956950de Ermal
	/* Start the monitoring process for dynamic dhcpclients. */
281
	if (isset($config['dnsmasq']['regdhcp'])) {
282
		/* Make sure we do not error out */
283
		@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
284 15d456b9 gnhb
		if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
285
				sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
286
		else
287
			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
288
	} else {
289
		sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
290
		@unlink("{$g['varrun_path']}/dhcpleases.pid");
291
	}
292 5b237745 Scott Ullrich
}
293
294
function system_hostname_configure() {
295 f19d3b7a Scott Ullrich
	global $config, $g;
296 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
297
		$mt = microtime();
298 dcf0598e Scott Ullrich
		echo "system_hostname_configure() being called $mt\n";
299 333f8ef0 Scott Ullrich
	}
300 0f282d7a Scott Ullrich
301 5b237745 Scott Ullrich
	$syscfg = $config['system'];
302 0f282d7a Scott Ullrich
303 5b237745 Scott Ullrich
	/* set hostname */
304 6bfccde7 Scott Ullrich
	$status = mwexec("/bin/hostname " .
305 5b237745 Scott Ullrich
		escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
306 6bfccde7 Scott Ullrich
307
    /* Setup host GUID ID.  This is used by ZFS. */
308
	mwexec("/etc/rc.d/hostid start");
309
310
	return $status;
311 5b237745 Scott Ullrich
}
312
313 1ea67f2e Ermal
function system_routing_configure($interface = "") {
314 962625aa Ermal
	global $config, $g;
315 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
316
		$mt = microtime();
317 dcf0598e Scott Ullrich
		echo "system_routing_configure() being called $mt\n";
318 58c7450e Scott Ullrich
	}
319 333f8ef0 Scott Ullrich
320 a529aced Ermal
	$gatewayip = "";
321
	$interfacegw = "";
322 3cc07282 Ermal
	$foundgw = false;
323 a529aced Ermal
	/* tack on all the hard defined gateways as well */
324
	if (is_array($config['gateways']['gateway_item'])) {
325 d499c12b Ermal
		mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
326 a529aced Ermal
		foreach	($config['gateways']['gateway_item'] as $gateway) {
327
			if (isset($gateway['defaultgw'])) {
328 911a262f smos
				if(strstr($gateway['gateway'], ":"))
329
					break;
330 a529aced Ermal
				if ($gateway['gateway'] == "dynamic")
331
					$gateway['gateway'] = get_interface_gateway($gateway['interface']);
332
				$gatewayip = $gateway['gateway'];
333
				$interfacegw = $gateway['interface'];
334 924f202e Ermal
				if (!empty($interfacegw)) {
335
					$defaultif = get_real_interface($gateway['interface']);
336
					if ($defaultif)
337
						@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
338
				}
339
				$foundgw = true;
340 a529aced Ermal
				break;
341
			}
342 6e17413e Ermal Lu?i
		}
343 b24bda08 Scott Ullrich
	}
344 3cc07282 Ermal
	if ($foundgw == false) {
345
		$defaultif = get_real_interface("wan");
346
		$interfacegw = "wan";
347
		$gatewayip = get_interface_gateway("wan");
348
		@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
349
	}	
350 d173230c Seth Mos
	$dont_add_route = false;
351
	/* if OLSRD is enabled, allow WAN to house DHCP. */
352
	if($config['installedpackages']['olsrd']) {
353
		foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
354
			if($olsrd['enabledyngw'] == "on") {
355
				$dont_add_route = true;
356 6e17413e Ermal Lu?i
				break;
357 d173230c Seth Mos
			}
358
		}
359
	}
360 07b54e8c smos
	/* Create a array from the existing route table */
361
	exec("/usr/bin/netstat -rnf inet", $route_str);
362
	array_shift($route_str);
363
	array_shift($route_str);
364
	array_shift($route_str);
365
	array_shift($route_str);
366
	$route_arr = array();
367
	foreach($route_str as $routeline) {
368
		$items = preg_split("/[ ]+/i", $routeline);
369 aceedad4 Ermal
		$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
370 07b54e8c smos
	}
371
372 1ea67f2e Ermal
	if ($dont_add_route == false ) {
373 8d29cef4 Ermal
		if (!empty($interface) && $interface != $interfacegw)
374 1ea67f2e Ermal
			;
375
		else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
376 b61154fb smos
			$action = "add";
377
			if(isset($route_arr['default'])) {
378 07b54e8c smos
				$action = "change";
379
			}
380 b61154fb smos
			log_error("ROUTING: $action default route to $gatewayip");
381 96e889fc smos
			mwexec("/sbin/route {$action} -inet default " . escapeshellarg($gatewayip));
382 d173230c Seth Mos
		}
383
	}
384
385 5b237745 Scott Ullrich
	if (is_array($config['staticroutes']['route'])) {
386 a529aced Ermal
		$gateways_arr = return_gateways_array();
387 0f282d7a Scott Ullrich
388 5b237745 Scott Ullrich
		foreach ($config['staticroutes']['route'] as $rtent) {
389 a529aced Ermal
			$gatewayip = "";
390 a02708b1 Ermal
			if (empty($gateways_arr[$rtent['gateway']])) {
391 24fb2263 Chris Buechler
				log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
392 a529aced Ermal
				continue;
393
			}
394 a02708b1 Ermal
			$gateway = $gateways_arr[$rtent['gateway']];
395 1801c223 Ermal
			if (!empty($interface) && $interface != $gateway['friendlyiface'])
396 a02708b1 Ermal
				continue;
397
			$gatewayip = $gateway['gateway'];
398
			$interfacegw = $gateway['interface'];
399 a529aced Ermal
			$action = "add";
400 b61154fb smos
			if (isset($route_arr[$rtent['network']]))
401 a529aced Ermal
				$action = "change";
402
403
			if (is_ipaddr($gatewayip)) {
404 96e889fc smos
				mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) .
405 b24bda08 Scott Ullrich
					" " . escapeshellarg($gatewayip));
406 a529aced Ermal
			} else if (!empty($interfacegw)) {
407 96e889fc smos
				mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) .
408 a529aced Ermal
					" -iface " . escapeshellarg($interfacegw));
409 7a98edde Seth Mos
			}
410 5b237745 Scott Ullrich
		}
411
	}
412 67ee1ec5 Ermal Luçi
413 b9c501ea Seth Mos
	return 0;
414 5b237745 Scott Ullrich
}
415
416
function system_routing_enable() {
417 f19d3b7a Scott Ullrich
	global $config, $g;
418 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
419
		$mt = microtime();
420 dcf0598e Scott Ullrich
		echo "system_routing_enable() being called $mt\n";
421 58c7450e Scott Ullrich
	}
422 0f282d7a Scott Ullrich
423 5e041d5f Scott Ullrich
	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
424 5b237745 Scott Ullrich
}
425
426
function system_syslogd_start() {
427 f19d3b7a Scott Ullrich
	global $config, $g;
428 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
429
		$mt = microtime();
430 dcf0598e Scott Ullrich
		echo "system_syslogd_start() being called $mt\n";
431 58c7450e Scott Ullrich
	}
432 0f282d7a Scott Ullrich
433 5b237745 Scott Ullrich
	$syslogcfg = $config['syslog'];
434
435 0f282d7a Scott Ullrich
	if ($g['booting'])
436 f05740c1 Scott Ullrich
		echo "Starting syslog...";
437 5b237745 Scott Ullrich
	else
438
		killbypid("{$g['varrun_path']}/syslog.pid");
439 0f282d7a Scott Ullrich
440 99f98b80 sullrich
	if(is_process_running("syslogd"))
441
		mwexec("/usr/bin/killall -9 syslogd");
442
	if(is_process_running("fifolog_writer"))
443
		mwexec("/usr/bin/killall -9 fifolog_writer");
444 7ee97cb3 Scott Ullrich
	
445
	// Define carious commands for logging
446
	$fifolog_create = "/usr/sbin/fifolog_create -s ";
447
	$fifolog_log = "|/usr/sbin/fifolog_writer ";
448
	$clog_create = "/usr/sbin/clog -i -s ";
449
	$clog_log = "%";
450
451
	// Which logging type are we using this week??
452
	if(isset($config['system']['usefifolog'])) {
453
		$log_directive = $fifolog_log;
454
		$log_create_directive = $fifolog_create;		
455
	} else { // Defaults to CLOG
456
		$log_directive = $clog_log;
457
		$log_create_directive = $clog_create;
458
	}
459
	
460 88ebd635 Scott Ullrich
	if (isset($syslogcfg)) {
461 a6607b5f jim-p
		$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps');
462 a728d2ea Colin Smith
		if($config['installedpackages']['package']) {
463 0d9d2a1b Scott Ullrich
			foreach($config['installedpackages']['package'] as $package) {
464
				if($package['logging']) {
465 d589cccf Warren Baker
					array_push($separatelogfacilities, $package['logging']['facilityname']);
466 7ee97cb3 Scott Ullrich
					mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
467 eeb52fea Warren Baker
					$syslogconf .= "!{$package['logging']['facilityname']}\n*.*\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
468 a728d2ea Colin Smith
				}
469 0d9d2a1b Scott Ullrich
			}
470
		}
471 d2834563 Scott Ullrich
		$facilitylist = implode(',', array_unique($separatelogfacilities));
472 0d9d2a1b Scott Ullrich
		/* write syslog.conf */		
473 5b237745 Scott Ullrich
		$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
474
		if (!$fd) {
475
			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
476
			return 1;
477
		}
478 8fbd88cd Seth Mos
		$syslogconf .= "!ntpdate,!ntpd\n";
479 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
480 fe5f3b38 Scott Ullrich
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ntpd.log\n";
481 295e19dd Scott Ullrich
		$syslogconf .= "!ppp\n";
482
		if (!isset($syslogcfg['disablelocallogging'])) 
483
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ppp.log\n";
484 a6607b5f jim-p
		$syslogconf .= "!pptps\n";
485 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
486 a6607b5f jim-p
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/pptps.log\n";
487
		$syslogconf .= "!poes\n";
488 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
489 a6607b5f jim-p
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/poes.log\n";
490
		$syslogconf .= "!l2tps\n";
491 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
492 a6607b5f jim-p
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/l2tps.log\n";
493 0260caec Scott Ullrich
		$syslogconf .= "!racoon\n";
494 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
495 fe5f3b38 Scott Ullrich
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/ipsec.log\n";
496 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['vpn'])) {
497
			if($syslogcfg['remoteserver'])
498
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver']}\n";
499
			if($syslogcfg['remoteserver2'])
500
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver2']}\n";
501
			if($syslogcfg['remoteserver3'])
502
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
503
		}
504 d2834563 Scott Ullrich
		$syslogconf .= "!openvpn\n";
505 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
506 fe5f3b38 Scott Ullrich
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/openvpn.log\n";
507 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['vpn'])) {
508
			if($syslogcfg['remoteserver'])
509
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver']}\n";
510
			if($syslogcfg['remoteserver2'])
511
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
512
			if($syslogcfg['remoteserver3'])
513
				$syslogconf .= "*.*					 @{$syslogcfg['remoteserver3']}\n";
514
		}
515 7bc41b19 jim-p
		$syslogconf .= "!apinger\n";
516
		if (!isset($syslogcfg['disablelocallogging']))
517
			$syslogconf .= "*.*					 {$log_directive}{$g['varlog_path']}/apinger.log\n";
518 087a89f8 Chris Buechler
		$syslogconf .= "!relayd\n";
519
		$syslogconf .= "*.* 						{$log_directive}{$g['varlog_path']}/relayd.log\n";
520 d2834563 Scott Ullrich
		$syslogconf .= "!-{$facilitylist}\n";
521 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
522 5b237745 Scott Ullrich
			$syslogconf .= <<<EOD
523 fe5f3b38 Scott Ullrich
local0.*										 {$log_directive}{$g['varlog_path']}/filter.log
524 4f7ead45 Scott Ullrich
local3.*										 {$log_directive}{$g['varlog_path']}/vpn.log
525 fe5f3b38 Scott Ullrich
local4.*										 {$log_directive}{$g['varlog_path']}/portalauth.log
526
local7.*										 {$log_directive}{$g['varlog_path']}/dhcpd.log
527
*.notice;kern.debug;lpr.info;mail.crit; 		 {$log_directive}{$g['varlog_path']}/system.log
528
news.err;local0.none;local3.none;local4.none; 	 {$log_directive}{$g['varlog_path']}/system.log
529
local7.none										 {$log_directive}{$g['varlog_path']}/system.log
530
security.*										 {$log_directive}{$g['varlog_path']}/system.log
531
auth.info;authpriv.info;daemon.info				 {$log_directive}{$g['varlog_path']}/system.log
532 6d8ff5e9 Scott Ullrich
auth.info;authpriv.info 						 |exec /usr/local/sbin/sshlockout_pf 15
533 9dac9942 Scott Ullrich
*.emerg											 *
534 0a123b4c Scott Ullrich
535 5b237745 Scott Ullrich
EOD;
536 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['filter'])) {
537
			if($syslogcfg['remoteserver'])
538
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver']}\n";
539
			if($syslogcfg['remoteserver2'])
540
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver2']}\n";
541
			if($syslogcfg['remoteserver3'])
542
				$syslogconf .= "local0.*			 @{$syslogcfg['remoteserver3']}\n";
543
544
		}
545
		if (isset($syslogcfg['vpn'])) {
546
			if($syslogcfg['remoteserver'])
547
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver']}\n";
548
			if($syslogcfg['remoteserver2'])
549
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver2']}\n";
550
			if($syslogcfg['remoteserver3'])
551
				$syslogconf .= "local3.*			 @{$syslogcfg['remoteserver3']}\n";
552
		}
553
		if (isset($syslogcfg['portalauth'])) {
554
			if($syslogcfg['remoteserver'])
555
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver']}\n";
556
			if($syslogcfg['remoteserver2'])
557
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver2']}\n";
558
			if($syslogcfg['remoteserver3'])
559
				$syslogconf .= "local4.*			 @{$syslogcfg['remoteserver3']}\n";
560
		}
561
		if (isset($syslogcfg['dhcp'])) {
562
			if($syslogcfg['remoteserver'])
563
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver']}\n";
564
			if($syslogcfg['remoteserver2'])
565
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver2']}\n";
566
			if($syslogcfg['remoteserver3'])
567
				$syslogconf .= "local7.*			 @{$syslogcfg['remoteserver3']}\n";
568
		}
569
		if (isset($syslogcfg['system'])) {
570
			if($syslogcfg['remoteserver'])
571
				$syslogconf .= <<<EOD
572 9dac9942 Scott Ullrich
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver']}
573
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver']}
574
security.*										 @{$syslogcfg['remoteserver']}
575
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver']}
576
*.emerg											 @{$syslogcfg['remoteserver']}
577 d2834563 Scott Ullrich
578 5b237745 Scott Ullrich
EOD;
579 be5d59d7 Scott Ullrich
580 07bdaacd pierrepomes
}
581
582 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['system'])) {
583
			if($syslogcfg['remoteserver2'])
584
				$syslogconf .= <<<EOD
585
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver2']}
586
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver2']}
587
security.*										 @{$syslogcfg['remoteserver2']}
588
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver2']}
589
*.emerg											 @{$syslogcfg['remoteserver2']}
590
591
EOD;
592
593 07bdaacd pierrepomes
}
594
595 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['system'])) {
596
			if($syslogcfg['remoteserver3'])
597
				$syslogconf .= <<<EOD
598
*.notice;kern.debug;lpr.info;mail.crit;			 @{$syslogcfg['remoteserver3']}
599
news.err;local0.none;local3.none;local7.none	 @{$syslogcfg['remoteserver3']}
600
security.*										 @{$syslogcfg['remoteserver3']}
601
auth.info;authpriv.info;daemon.info				 @{$syslogcfg['remoteserver3']}
602
*.emerg											 @{$syslogcfg['remoteserver3']}
603
604
EOD;
605
606
}
607 4ef2d703 Chris Buechler
		if (isset($syslogcfg['logall'])) {
608 be5d59d7 Scott Ullrich
			if($syslogcfg['remoteserver'])
609
				$syslogconf .= <<<EOD
610 4ef2d703 Chris Buechler
*.*								@{$syslogcfg['remoteserver']}
611
612
EOD;
613 be5d59d7 Scott Ullrich
614
			if($syslogcfg['remoteserver2'])
615
				$syslogconf .= <<<EOD
616
*.*								@{$syslogcfg['remoteserver2']}
617
618
EOD;
619
620
			if($syslogcfg['remoteserver3'])
621
				$syslogconf .= <<<EOD
622
*.*								@{$syslogcfg['remoteserver3']}
623
624
EOD;
625
626
}
627 5b237745 Scott Ullrich
		fwrite($fd, $syslogconf);
628
		fclose($fd);
629 42ee8bde Scott Ullrich
630
		// Ensure that the log directory exists
631 81868072 Scott Ullrich
		if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
632 42ee8bde Scott Ullrich
			exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
633
634 6a638a89 Scott Ullrich
		// Are we logging to a least one remote server ?
635
		if(strpos($syslogconf, "@") != false)
636 f8895161 jim-p
			$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
637 6a638a89 Scott Ullrich
		else
638 65f7fba8 Scott Ullrich
			$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
639 5b237745 Scott Ullrich
640
	} else {
641 65f7fba8 Scott Ullrich
		$retval = mwexec("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
642 5b237745 Scott Ullrich
	}
643 0f282d7a Scott Ullrich
644 5b237745 Scott Ullrich
	if ($g['booting'])
645 5c6d0f65 Colin Smith
		echo "done.\n";
646 0f282d7a Scott Ullrich
647 5b237745 Scott Ullrich
	return $retval;
648
}
649
650
function system_pccard_start() {
651 f19d3b7a Scott Ullrich
	global $config, $g;
652 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
653
		$mt = microtime();
654 dcf0598e Scott Ullrich
		echo "system_pccard_start() being called $mt\n";
655 58c7450e Scott Ullrich
	}
656 0f282d7a Scott Ullrich
657 5b237745 Scott Ullrich
	if ($g['booting'])
658 f05740c1 Scott Ullrich
		echo "Initializing PCMCIA...";
659 0f282d7a Scott Ullrich
660 5b237745 Scott Ullrich
	/* kill any running pccardd */
661
	killbypid("{$g['varrun_path']}/pccardd.pid");
662 0f282d7a Scott Ullrich
663 5b237745 Scott Ullrich
	/* fire up pccardd */
664
	$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
665 0f282d7a Scott Ullrich
666 5b237745 Scott Ullrich
	if ($g['booting']) {
667
		if ($res == 0)
668 5c6d0f65 Colin Smith
			echo "done.\n";
669 5b237745 Scott Ullrich
		else
670 5c6d0f65 Colin Smith
			echo "failed!\n";
671 5b237745 Scott Ullrich
	}
672 0f282d7a Scott Ullrich
673 5b237745 Scott Ullrich
	return $res;
674
}
675
676 819197a8 Scott Ullrich
677 5b237745 Scott Ullrich
function system_webgui_start() {
678 f19d3b7a Scott Ullrich
	global $config, $g;
679 877ac35d Scott Ullrich
680
	if ($g['booting'])
681 f05740c1 Scott Ullrich
		echo "Starting webConfigurator...";
682 877ac35d Scott Ullrich
683 383a4439 Scott Ullrich
	/* kill any running lighttpd */
684 877ac35d Scott Ullrich
	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
685
686 e9d0bf64 Scott Ullrich
	sleep(1);
687
688 877ac35d Scott Ullrich
	chdir($g['www_path']);
689
690 fb1266d3 Matthew Grooms
	/* defaults */
691
	$portarg = "80";
692
	$crt = "";
693
	$key = "";
694 2cf6ddcb Nigel Graham
	$ca = "";
695 fb1266d3 Matthew Grooms
696 877ac35d Scott Ullrich
	/* non-standard port? */
697 f4875d35 Ermal Lu?i
	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
698 528df9a7 Scott Ullrich
		$portarg = "{$config['system']['webgui']['port']}";
699 877ac35d Scott Ullrich
700
	if ($config['system']['webgui']['protocol'] == "https") {
701 02b383fe sullrich
		// Ensure that we have a webConfigurator CERT
702 fb1266d3 Matthew Grooms
		$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
703 02b383fe sullrich
		if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
704 1e332e98 jim-p
			if (!is_array($config['ca']))
705
				$config['ca'] = array();
706
			$a_ca =& $config['ca'];
707
			if (!is_array($config['cert']))
708
				$config['cert'] = array();
709
			$a_cert =& $config['cert'];
710 e9954aef Scott Ullrich
			log_error("Creating SSL Certificate for this host");
711 aab4ca82 Scott Ullrich
			$cert = array();
712
			$cert['refid'] = uniqid();
713 f2a86ca9 jim-p
			$cert['descr'] = "webConfigurator default";
714 6955830f Ermal Lu?i
			mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
715
			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
716
			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
717
			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
718
			unlink("{$g['tmp_path']}/ssl.key");
719
			unlink("{$g['tmp_path']}/ssl.crt");
720 aab4ca82 Scott Ullrich
			cert_import($cert, $crt, $key);
721
			$a_cert[] = $cert;
722
			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
723
			write_config("Importing HTTPS certificate");
724
			if(!$config['system']['webgui']['port'])
725
				$portarg = "443";
726
			$ca = ca_chain($cert);
727 edc8a9f8 jim-p
		} else {
728 fb1266d3 Matthew Grooms
			$crt = base64_decode($cert['crt']);
729
			$key = base64_decode($cert['prv']);
730
			if(!$config['system']['webgui']['port'])
731
				$portarg = "443";
732 2cf6ddcb Nigel Graham
			$ca = ca_chain($cert);
733 edc8a9f8 jim-p
		}
734 877ac35d Scott Ullrich
	}
735
736
	/* generate lighttpd configuration */
737
	system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
738 2cf6ddcb Nigel Graham
		$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
739 877ac35d Scott Ullrich
740
	/* attempt to start lighthttpd */
741
	$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
742
743 cc093472 sullrich
	/* fetch page to preload apc cache */
744 eb0f4fc6 Ermal Lu?i
	$proto = "http";
745
	if ($config['system']['webgui']['protocol'])
746
		$proto = $config['system']['webgui']['protocol'];
747 bd96ff65 Ermal Lu?i
	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
748 cc093472 sullrich
749 877ac35d Scott Ullrich
	if ($g['booting']) {
750
		if ($res == 0)
751
			echo "done.\n";
752
		else
753
			echo "failed!\n";
754
	}
755
756
	return $res;
757
}
758
759 eb0f441c Scott Ullrich
function system_generate_lighty_config($filename,
760
	$cert,
761
	$key,
762 2cf6ddcb Nigel Graham
	$ca,
763 eb0f441c Scott Ullrich
	$pid_file,
764
	$port = 80,
765
	$document_root = "/usr/local/www/",
766
	$cert_location = "cert.pem",
767 2cf6ddcb Nigel Graham
	$ca_location = "ca.pem",
768 1b666ae2 Scott Ullrich
	$max_procs = 2,
769 280b75d9 Scott Ullrich
	$max_requests = "2",
770 eb0f441c Scott Ullrich
	$fast_cgi_enable = true,
771
	$captive_portal = false) {
772 58c7450e Scott Ullrich
773 f19d3b7a Scott Ullrich
	global $config, $g;
774
775 6955830f Ermal Lu?i
	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
776
		mkdir("{$g['tmp_path']}/lighttpdcompress");
777 570ef08c sullrich
778 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
779
		$mt = microtime();
780 dcf0598e Scott Ullrich
		echo "system_generate_lighty_config() being called $mt\n";
781 58c7450e Scott Ullrich
	}
782
783 eb0f441c Scott Ullrich
	if($captive_portal == true)  {
784
		$captiveportal = ",\"mod_rewrite\"";
785 6bef50b3 Scott Ullrich
		$captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
786 ec192fe5 Scott Ullrich
		$captive_portal_module = "";
787 b0bdc06e Scott Ullrich
		$maxprocperip = $config['captiveportal']['maxprocperip'];
788 632e8d54 Scott Ullrich
		if(!$maxprocperip and $maxprocperip > 0)
789
			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
790
		else
791
			$captive_portal_mod_evasive = "";
792 6955830f Ermal Lu?i
		$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
793
		exec("mkdir -p {$g['tmp_path']}/captiveportal");
794
		exec("chmod a-w {$g['tmp_path']}/captiveportal");
795 775556ab Scott Ullrich
		$server_max_request_size = "server.max-request-size    = 384";
796 b0bdc06e Scott Ullrich
	} else {
797 3435dc35 Ermal Lu?i
		$captiveportal = "";
798
		$captive_portal_rewrite = "";
799 b0bdc06e Scott Ullrich
		$captive_portal_module = "";
800
		$captive_portal_mod_evasive = "";
801 6955830f Ermal Lu?i
		$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
802 775556ab Scott Ullrich
		$server_max_request_size = "server.max-request-size    = 2097152";
803 eb0f441c Scott Ullrich
	}
804 3306a341 Scott Ullrich
	
805 28cae949 Scott Ullrich
	if($port <> "")
806
		$lighty_port = $port;
807
	else
808
		$lighty_port = "80";
809 3d77d4c4 Scott Ullrich
810
	$memory = get_memory();
811
	$avail = $memory[0];
812
813 f4ebc84a Scott Ullrich
	if($avail > 0 and $avail < 65) {
814
		$fast_cgi_enable = false;
815
	}
816
817 70cc6249 Scott Ullrich
	// Ramp up captive portal max procs
818
	if($captive_portal == true)  {
819
		if($avail > 65 and $avail < 98) {
820
			$max_procs = 1;
821
		}
822
		if($avail > 97 and $avail < 128) {
823
			$max_procs = 2;
824
		}
825
		if($avail > 127 and $avail < 256) {
826
			$max_procs = 3;
827
		}
828
		if($avail > 255 and $avail < 384) {
829
			$max_procs = 4;
830
		}
831
		if($avail > 383) {
832
			$max_procs = 5;
833
		}
834 b0bdc06e Scott Ullrich
	}
835
836 6e337a84 Scott Ullrich
	if($captive_portal == true)  {	
837
		$bin_environment =  <<<EOC
838 5e041d5f Scott Ullrich
        "bin-environment" => (
839 e59dd448 Scott Ullrich
           "PHP_FCGI_CHILDREN" => "$max_procs",
840
           "PHP_FCGI_MAX_REQUESTS" => "500"
841 6e337a84 Scott Ullrich
        ), 
842
EOC;
843
844 04f4a116 Ermal Luçi
	} else if ($avail > 0 and $avail < 128) {
845
		$bin_environment = <<<EOC
846 980df75c Scott Ullrich
		"bin-environment" => (
847 effecc51 Scott Ullrich
			"PHP_FCGI_CHILDREN" => "$max_procs",
848 980df75c Scott Ullrich
			"PHP_FCGI_MAX_REQUESTS" => "2",
849 04f4a116 Ermal Luçi
	),
850
851
EOC;
852
	} else
853 980df75c Scott Ullrich
		$bin_environment =  <<<EOC
854
        "bin-environment" => (
855
           "PHP_FCGI_CHILDREN" => "$max_procs",
856
           "PHP_FCGI_MAX_REQUESTS" => "500"
857
        ), 
858
EOC;
859
860 4edb490d Scott Ullrich
	if($fast_cgi_enable == true) {
861 dde4f60c Scott Ullrich
		$module = "\"mod_fastcgi\", \"mod_cgi\"";
862 4edb490d Scott Ullrich
		$cgi_config = "";
863
		$fastcgi_config = <<<EOD
864
#### fastcgi module
865
## read fastcgi.txt for more info
866 b0bdc06e Scott Ullrich
fastcgi.server = ( ".php" =>
867
	( "localhost" =>
868
		(
869 6955830f Ermal Lu?i
			"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
870 980df75c Scott Ullrich
			"min-procs" => 0,
871 b0bdc06e Scott Ullrich
			"max-procs" => {$max_procs},
872 6e337a84 Scott Ullrich
			{$bin_environment}			
873 b0bdc06e Scott Ullrich
			"bin-path" => "/usr/local/bin/php"
874
		)
875
	)
876
)
877 4edb490d Scott Ullrich
878 dde4f60c Scott Ullrich
#### CGI module
879 5999dd9c Scott Ullrich
cgi.assign                 = ( ".cgi" => "" )
880 dde4f60c Scott Ullrich
881 4edb490d Scott Ullrich
EOD;
882
	} else {
883
		$fastcgi_config = "";
884
		$module = "\"mod_cgi\"";
885
		$cgi_config = <<<EOD
886
#### CGI module
887
cgi.assign                 = ( ".php"  => "/usr/local/bin/php",
888 d4302f46 Espen Johansen
                               ".cgi" => "" )
889 333f8ef0 Scott Ullrich
890 4edb490d Scott Ullrich
EOD;
891
	}
892 333f8ef0 Scott Ullrich
893 3435dc35 Ermal Lu?i
	$lighty_config = "";
894 a84b65dc Scott Ullrich
	$lighty_config .= <<<EOD
895 28cae949 Scott Ullrich
#
896 a632cf43 Scott Ullrich
# lighttpd configuration file
897
#
898
# use a it as base for lighttpd 1.0.0 and above
899 28cae949 Scott Ullrich
#
900 a632cf43 Scott Ullrich
############ Options you really have to take care of ####################
901
902 770b4b9c Scott Ullrich
## FreeBSD!
903 60ff6204 Scott Ullrich
server.event-handler	= "freebsd-kqueue"
904
server.network-backend 	= "writev"
905 096261af Scott Ullrich
906 a632cf43 Scott Ullrich
## modules to load
907 4edb490d Scott Ullrich
server.modules              =   (
908 c93ad789 Scott Ullrich
									{$captive_portal_module}
909 d7e230ae Chris Buechler
									"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
910 c93ad789 Scott Ullrich
									{$module}{$captiveportal}
911
								)
912 28cae949 Scott Ullrich
913
## Unused modules
914 6a019c11 Scott Ullrich
#                               "mod_setenv",
915
#                               "mod_rewrite",
916 28cae949 Scott Ullrich
#                               "mod_ssi",
917
#                               "mod_usertrack",
918
#                               "mod_expire",
919
#                               "mod_secdownload",
920
#                               "mod_rrdtool",
921 a632cf43 Scott Ullrich
#                               "mod_auth",
922
#                               "mod_status",
923 28cae949 Scott Ullrich
#                               "mod_alias",
924 a632cf43 Scott Ullrich
#                               "mod_proxy",
925
#                               "mod_simple_vhost",
926
#                               "mod_evhost",
927
#                               "mod_userdir",
928 28cae949 Scott Ullrich
#                               "mod_cgi",
929 a632cf43 Scott Ullrich
930 d9acea75 Scott Ullrich
server.max-keep-alive-requests = 15
931
server.max-keep-alive-idle = 30
932
933 a632cf43 Scott Ullrich
## a static document-root, for virtual-hosting take look at the
934
## server.virtual-* options
935 332b4ac0 Scott Ullrich
server.document-root        = "{$document_root}"
936 eb0f441c Scott Ullrich
{$captive_portal_rewrite}
937 a632cf43 Scott Ullrich
938 38a9a1ab Scott Ullrich
# Maximum idle time with nothing being written (php downloading)
939
server.max-write-idle = 999
940
941 a632cf43 Scott Ullrich
## where to send error-messages to
942 ee959dc4 Scott Ullrich
server.errorlog             = "/var/log/lighttpd.error.log"
943 a632cf43 Scott Ullrich
944
# files to check for if .../ is requested
945
server.indexfiles           = ( "index.php", "index.html",
946
                                "index.htm", "default.htm" )
947
948
# mimetype mapping
949
mimetype.assign             = (
950
  ".pdf"          =>      "application/pdf",
951
  ".sig"          =>      "application/pgp-signature",
952
  ".spl"          =>      "application/futuresplash",
953
  ".class"        =>      "application/octet-stream",
954
  ".ps"           =>      "application/postscript",
955
  ".torrent"      =>      "application/x-bittorrent",
956
  ".dvi"          =>      "application/x-dvi",
957
  ".gz"           =>      "application/x-gzip",
958
  ".pac"          =>      "application/x-ns-proxy-autoconfig",
959
  ".swf"          =>      "application/x-shockwave-flash",
960
  ".tar.gz"       =>      "application/x-tgz",
961
  ".tgz"          =>      "application/x-tgz",
962
  ".tar"          =>      "application/x-tar",
963
  ".zip"          =>      "application/zip",
964
  ".mp3"          =>      "audio/mpeg",
965
  ".m3u"          =>      "audio/x-mpegurl",
966
  ".wma"          =>      "audio/x-ms-wma",
967
  ".wax"          =>      "audio/x-ms-wax",
968
  ".ogg"          =>      "audio/x-wav",
969
  ".wav"          =>      "audio/x-wav",
970
  ".gif"          =>      "image/gif",
971
  ".jpg"          =>      "image/jpeg",
972
  ".jpeg"         =>      "image/jpeg",
973
  ".png"          =>      "image/png",
974
  ".xbm"          =>      "image/x-xbitmap",
975
  ".xpm"          =>      "image/x-xpixmap",
976
  ".xwd"          =>      "image/x-xwindowdump",
977
  ".css"          =>      "text/css",
978
  ".html"         =>      "text/html",
979
  ".htm"          =>      "text/html",
980
  ".js"           =>      "text/javascript",
981
  ".asc"          =>      "text/plain",
982
  ".c"            =>      "text/plain",
983
  ".conf"         =>      "text/plain",
984
  ".text"         =>      "text/plain",
985
  ".txt"          =>      "text/plain",
986
  ".dtd"          =>      "text/xml",
987
  ".xml"          =>      "text/xml",
988
  ".mpeg"         =>      "video/mpeg",
989
  ".mpg"          =>      "video/mpeg",
990
  ".mov"          =>      "video/quicktime",
991
  ".qt"           =>      "video/quicktime",
992
  ".avi"          =>      "video/x-msvideo",
993
  ".asf"          =>      "video/x-ms-asf",
994
  ".asx"          =>      "video/x-ms-asf",
995
  ".wmv"          =>      "video/x-ms-wmv",
996
  ".bz2"          =>      "application/x-bzip",
997
  ".tbz"          =>      "application/x-bzip-compressed-tar",
998
  ".tar.bz2"      =>      "application/x-bzip-compressed-tar"
999
 )
1000
1001
# Use the "Content-Type" extended attribute to obtain mime type if possible
1002
#mimetypes.use-xattr        = "enable"
1003
1004
#### accesslog module
1005 6a019c11 Scott Ullrich
#accesslog.filename          = "/dev/null"
1006 a632cf43 Scott Ullrich
1007
## deny access the file-extensions
1008
#
1009
# ~    is for backupfiles from vi, emacs, joe, ...
1010
# .inc is often used for code includes which should in general not be part
1011
#      of the document-root
1012
url.access-deny             = ( "~", ".inc" )
1013
1014
1015
######### Options that are good to be but not neccesary to be changed #######
1016
1017
## bind to port (default: 80)
1018 28cae949 Scott Ullrich
server.port                = {$lighty_port}
1019 a632cf43 Scott Ullrich
1020
## error-handler for status 404
1021
#server.error-handler-404   = "/error-handler.html"
1022
#server.error-handler-404   = "/error-handler.php"
1023
1024
## to help the rc.scripts
1025
server.pid-file            = "/var/run/{$pid_file}"
1026
1027
## virtual directory listings
1028 28cae949 Scott Ullrich
server.dir-listing         = "disable"
1029 a632cf43 Scott Ullrich
1030
## enable debugging
1031 28cae949 Scott Ullrich
debug.log-request-header   = "disable"
1032
debug.log-response-header  = "disable"
1033
debug.log-request-handling = "disable"
1034
debug.log-file-not-found   = "disable"
1035 a632cf43 Scott Ullrich
1036 570ef08c sullrich
# gzip compression
1037 6955830f Ermal Lu?i
compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1038 570ef08c sullrich
compress.filetype  = ("text/plain","text/css", "text/xml", "text/javascript" )
1039
1040 3306a341 Scott Ullrich
{$server_upload_dirs}
1041 1ef7b568 Scott Ullrich
1042 a6e8af9c Scott Ullrich
{$server_max_request_size}
1043 ee959dc4 Scott Ullrich
1044 4edb490d Scott Ullrich
{$fastcgi_config}
1045
1046
{$cgi_config}
1047 a632cf43 Scott Ullrich
1048 b0bdc06e Scott Ullrich
{$captive_portal_mod_evasive}
1049
1050 569f47e9 Scott Ullrich
expire.url = (
1051 05a5e5c5 Scott Ullrich
				"" => "access 50 hours",	
1052 569f47e9 Scott Ullrich
        )
1053
1054 a632cf43 Scott Ullrich
EOD;
1055
1056 7aae518a Scott Ullrich
	$cert = str_replace("\r", "", $cert);
1057 333f8ef0 Scott Ullrich
	$key = str_replace("\r", "", $key);
1058 2cf6ddcb Nigel Graham
	$ca = str_replace("\r", "", $ca);
1059 7aae518a Scott Ullrich
1060
	$cert = str_replace("\n\n", "\n", $cert);
1061 333f8ef0 Scott Ullrich
	$key = str_replace("\n\n", "\n", $key);
1062 2cf6ddcb Nigel Graham
	$ca = str_replace("\n\n", "\n", $ca);
1063 7aae518a Scott Ullrich
1064 a632cf43 Scott Ullrich
	if($cert <> "" and $key <> "") {
1065 3a66b621 Scott Ullrich
		$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1066 5b237745 Scott Ullrich
		if (!$fd) {
1067
			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1068
			return 1;
1069
		}
1070 3a66b621 Scott Ullrich
		chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1071 5b237745 Scott Ullrich
		fwrite($fd, $cert);
1072
		fwrite($fd, "\n");
1073
		fwrite($fd, $key);
1074
		fclose($fd);
1075 546f30ca jim-p
		if(!(empty($ca) || (strlen(trim($ca)) == 0))) {
1076 2cf6ddcb Nigel Graham
			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1077
			if (!$fd) {
1078
				printf("Error: cannot open ca.pem in system_webgui_start().\n");
1079
				return 1;
1080
			}
1081
			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1082
			fwrite($fd, $ca);
1083
			fclose($fd);
1084
		}
1085 5e041d5f Scott Ullrich
		$lighty_config .= "\n";
1086 9f0cbb16 Scott Ullrich
		$lighty_config .= "## ssl configuration\n";
1087 a632cf43 Scott Ullrich
		$lighty_config .= "ssl.engine = \"enable\"\n";
1088 333f8ef0 Scott Ullrich
		$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1089 673ee7b1 Scott Ullrich
1090
		// Harden SSL a bit for PCI conformance testing
1091
		$lighty_config .= "ssl.use-sslv2 = \"disable\"\n";
1092
		$lighty_config .= "ssl.cipher-list = \"TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH\"\n";
1093
1094 75e9ed89 jim-p
		if(!(empty($ca) || (strlen(trim($ca)) == 0)))
1095 2cf6ddcb Nigel Graham
			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1096 5b237745 Scott Ullrich
	}
1097 a978a0ff Chris Buechler
1098
	// Add HTTP to HTTPS redirect	
1099
	if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1100 7921e8e5 Chris Buechler
		if($lighty_port != "443") 
1101
			$redirectport = ":{$lighty_port}";
1102 d7e230ae Chris Buechler
		$lighty_config .= <<<EOD
1103
\$SERVER["socket"] == ":80" {
1104
	\$HTTP["host"] =~ "(.*)" {
1105 7921e8e5 Chris Buechler
		url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1106 d7e230ae Chris Buechler
	}
1107
}
1108
EOD;
1109
	}
1110 0f282d7a Scott Ullrich
1111 4f3756f3 Scott Ullrich
	$fd = fopen("{$filename}", "w");
1112 a632cf43 Scott Ullrich
	if (!$fd) {
1113 4f3756f3 Scott Ullrich
		printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1114 a632cf43 Scott Ullrich
		return 1;
1115 5b237745 Scott Ullrich
	}
1116 a632cf43 Scott Ullrich
	fwrite($fd, $lighty_config);
1117
	fclose($fd);
1118
1119
	return 0;
1120 0f282d7a Scott Ullrich
1121 5b237745 Scott Ullrich
}
1122
1123
function system_timezone_configure() {
1124 f19d3b7a Scott Ullrich
	global $config, $g;
1125 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1126
		$mt = microtime();
1127 dcf0598e Scott Ullrich
		echo "system_timezone_configure() being called $mt\n";
1128 333f8ef0 Scott Ullrich
	}
1129 5b237745 Scott Ullrich
1130
	$syscfg = $config['system'];
1131
1132
	if ($g['booting'])
1133 f05740c1 Scott Ullrich
		echo "Setting timezone...";
1134 5b237745 Scott Ullrich
1135
	/* extract appropriate timezone file */
1136
	$timezone = $syscfg['timezone'];
1137
	if (!$timezone)
1138
		$timezone = "Etc/UTC";
1139 0f282d7a Scott Ullrich
1140 34febcde Scott Ullrich
	conf_mount_rw();
1141
1142 029d1a71 Scott Ullrich
	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1143 5b237745 Scott Ullrich
		escapeshellarg($timezone) . " > /etc/localtime");
1144
1145 4efd4885 Scott Ullrich
	mwexec("sync");
1146 27150275 Scott Ullrich
	conf_mount_ro();
1147 34febcde Scott Ullrich
1148 5b237745 Scott Ullrich
	if ($g['booting'])
1149 5c6d0f65 Colin Smith
		echo "done.\n";
1150 5b237745 Scott Ullrich
}
1151
1152
function system_ntp_configure() {
1153 f19d3b7a Scott Ullrich
	global $config, $g;
1154 5b237745 Scott Ullrich
1155 b2305621 Ermal
	$ntpcfg = "# \n";
1156
	$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
1157
	$ntpcfg .= "# \n\n";
1158 0f282d7a Scott Ullrich
1159 20b90e0a Scott Ullrich
	/* foreach through servers and write out to ntpd.conf */
1160 b2305621 Ermal
	foreach (explode(' ', $config['system']['timeservers']) as $ts)
1161
		$ntpcfg .= "servers {$ts}\n";
1162 0f282d7a Scott Ullrich
1163 5b6210e3 Bill Marquette
	/* Setup listener(s) if the user has configured one */
1164 67ee1ec5 Ermal Luçi
        if ($config['installedpackages']['openntpd']) {
1165
    		/* server config is in coregui1 */
1166 5b6210e3 Bill Marquette
		$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1167
		if ($xmlsettings['enable'] == 'on') {
1168
			$ifaces = explode(',', $xmlsettings['interface']);
1169 435f11c8 Ermal Lu?i
			$ifaces = array_map('get_real_interface', $ifaces);
1170 5b6210e3 Bill Marquette
			$ifaces = array_filter($ifaces, 'does_interface_exist');
1171
			$ips = array_map('find_interface_ip', $ifaces);
1172
			foreach ($ips as $ip) {
1173 5e041d5f Scott Ullrich
				if (is_ipaddr($ip))
1174 5b64e336 jim-p
					$ntpcfg .= "listen on $ip\n";
1175 5b6210e3 Bill Marquette
			}
1176 95594e5a Scott Ullrich
		}
1177
	}
1178 5b64e336 jim-p
	$ntpcfg .= "\n";
1179 95594e5a Scott Ullrich
1180 b2305621 Ermal
	/* open configuration for wrting or bail */
1181
	$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1182
	if(!$fd) {
1183
		log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1184
		return;
1185
	}
1186
	fwrite($fd, $ntpcfg);
1187 0f282d7a Scott Ullrich
1188 20b90e0a Scott Ullrich
	/* slurp! */
1189
	fclose($fd);
1190
1191
	/* if openntpd is running, kill it */
1192 5f3e1f12 Scott Ullrich
	while(is_process_running("ntpd")) {
1193 c8960970 Ermal
		killbyname("ntpd");
1194 5f3e1f12 Scott Ullrich
	}
1195
1196
	/* if /var/empty does not exist, create it */
1197
	if(!is_dir("/var/empty"))
1198
		exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1199
1200 20b90e0a Scott Ullrich
	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1201
	exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1202 83eb4567 Scott Ullrich
	
1203
	// Note that we are starting up
1204 0b9d02f3 jim-p
	log_error("OpenNTPD is starting up.");
1205 0f282d7a Scott Ullrich
1206 5b237745 Scott Ullrich
}
1207
1208 652cf082 Seth Mos
function sync_system_time() {
1209
	global $config, $g;
1210
1211
	if ($g['booting'])
1212 4582b281 Scott Ullrich
		echo "Syncing system time before startup...";
1213 652cf082 Seth Mos
1214
	/* foreach through servers and write out to ntpd.conf */
1215 b2305621 Ermal
	foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1216 652cf082 Seth Mos
		mwexec("/usr/sbin/ntpdate -s $ts");
1217
	}
1218 4582b281 Scott Ullrich
	
1219
	if ($g['booting'])
1220
		echo "done.\n";
1221
	
1222 652cf082 Seth Mos
}
1223
1224 405e5de0 Scott Ullrich
function system_halt() {
1225
	global $g;
1226
1227
	system_reboot_cleanup();
1228
1229 523855b0 Scott Ullrich
	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1230 405e5de0 Scott Ullrich
}
1231
1232 5b237745 Scott Ullrich
function system_reboot() {
1233
	global $g;
1234 0f282d7a Scott Ullrich
1235 5b237745 Scott Ullrich
	system_reboot_cleanup();
1236 0f282d7a Scott Ullrich
1237 5b237745 Scott Ullrich
	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1238
}
1239
1240
function system_reboot_sync() {
1241
	global $g;
1242 0f282d7a Scott Ullrich
1243 5b237745 Scott Ullrich
	system_reboot_cleanup();
1244 0f282d7a Scott Ullrich
1245 5b237745 Scott Ullrich
	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1246
}
1247
1248
function system_reboot_cleanup() {
1249 97d4e30b Seth Mos
	mwexec("/usr/local/bin/beep.sh stop");
1250 04967d99 jim-p
	require_once("captiveportal.inc");
1251 5b237745 Scott Ullrich
	captiveportal_radius_stop_all();
1252 336e3c1c Charlie
	require_once("voucher.inc");
1253
	voucher_save_db_to_config();
1254 5b237745 Scott Ullrich
}
1255
1256
function system_do_shell_commands($early = 0) {
1257 f19d3b7a Scott Ullrich
	global $config, $g;
1258 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1259
		$mt = microtime();
1260 dcf0598e Scott Ullrich
		echo "system_do_shell_commands() being called $mt\n";
1261 58c7450e Scott Ullrich
	}
1262 0f282d7a Scott Ullrich
1263 5b237745 Scott Ullrich
	if ($early)
1264
		$cmdn = "earlyshellcmd";
1265
	else
1266
		$cmdn = "shellcmd";
1267 0f282d7a Scott Ullrich
1268 5b237745 Scott Ullrich
	if (is_array($config['system'][$cmdn])) {
1269 333f8ef0 Scott Ullrich
1270 245388b4 Scott Ullrich
		/* *cmd is an array, loop through */
1271 5b237745 Scott Ullrich
		foreach ($config['system'][$cmdn] as $cmd) {
1272
			exec($cmd);
1273
		}
1274 245388b4 Scott Ullrich
1275
	} elseif($config['system'][$cmdn] <> "") {
1276 333f8ef0 Scott Ullrich
1277 245388b4 Scott Ullrich
		/* execute single item */
1278
		exec($config['system'][$cmdn]);
1279
1280 5b237745 Scott Ullrich
	}
1281
}
1282
1283
function system_console_configure() {
1284 f19d3b7a Scott Ullrich
	global $config, $g;
1285 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1286
		$mt = microtime();
1287 dcf0598e Scott Ullrich
		echo "system_console_configure() being called $mt\n";
1288 333f8ef0 Scott Ullrich
	}
1289 0f282d7a Scott Ullrich
1290 5b237745 Scott Ullrich
	if (isset($config['system']['disableconsolemenu'])) {
1291
		touch("{$g['varetc_path']}/disableconsole");
1292
	} else {
1293
		unlink_if_exists("{$g['varetc_path']}/disableconsole");
1294
	}
1295
}
1296
1297
function system_dmesg_save() {
1298 f19d3b7a Scott Ullrich
	global $g;
1299 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1300
		$mt = microtime();
1301 dcf0598e Scott Ullrich
		echo "system_dmesg_save() being called $mt\n";
1302 f19d3b7a Scott Ullrich
	}
1303 0f282d7a Scott Ullrich
1304 767a716e Scott Ullrich
	$dmesg = "";
1305 5b237745 Scott Ullrich
	exec("/sbin/dmesg", $dmesg);
1306 0f282d7a Scott Ullrich
1307 5b237745 Scott Ullrich
	/* find last copyright line (output from previous boots may be present) */
1308
	$lastcpline = 0;
1309 0f282d7a Scott Ullrich
1310 5b237745 Scott Ullrich
	for ($i = 0; $i < count($dmesg); $i++) {
1311
		if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1312
			$lastcpline = $i;
1313
	}
1314 0f282d7a Scott Ullrich
1315 5b237745 Scott Ullrich
	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1316
	if (!$fd) {
1317
		printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1318
		return 1;
1319
	}
1320 0f282d7a Scott Ullrich
1321 5b237745 Scott Ullrich
	for ($i = $lastcpline; $i < count($dmesg); $i++)
1322
		fwrite($fd, $dmesg[$i] . "\n");
1323 0f282d7a Scott Ullrich
1324 5b237745 Scott Ullrich
	fclose($fd);
1325 0f282d7a Scott Ullrich
1326 5b237745 Scott Ullrich
	return 0;
1327
}
1328
1329
function system_set_harddisk_standby() {
1330 f19d3b7a Scott Ullrich
	global $g, $config;
1331 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1332
		$mt = microtime();
1333 dcf0598e Scott Ullrich
		echo "system_set_harddisk_standby() being called $mt\n";
1334 58c7450e Scott Ullrich
	}
1335 5b237745 Scott Ullrich
1336
	if (isset($config['system']['harddiskstandby'])) {
1337
		if ($g['booting']) {
1338 5c6d0f65 Colin Smith
			echo 'Setting hard disk standby... ';
1339 5b237745 Scott Ullrich
		}
1340
1341
		$standby = $config['system']['harddiskstandby'];
1342
		// Check for a numeric value
1343
		if (is_numeric($standby)) {
1344
			// Sync the disk(s)
1345 5ba5a8de Scott Ullrich
			pfSense_sync();
1346 5b237745 Scott Ullrich
			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1347
				// Reinitialize ATA-drives
1348
				mwexec('/usr/local/sbin/atareinit');
1349
				if ($g['booting']) {
1350 5c6d0f65 Colin Smith
					echo "done.\n";
1351 5b237745 Scott Ullrich
				}
1352
			} else if ($g['booting']) {
1353 5c6d0f65 Colin Smith
				echo "failed!\n";
1354 5b237745 Scott Ullrich
			}
1355
		} else if ($g['booting']) {
1356 5c6d0f65 Colin Smith
			echo "failed!\n";
1357 5b237745 Scott Ullrich
		}
1358
	}
1359
}
1360
1361 3ff9d424 Scott Ullrich
function system_setup_sysctl() {
1362 f19d3b7a Scott Ullrich
	global $config;
1363 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1364
		$mt = microtime();
1365 dcf0598e Scott Ullrich
		echo "system_setup_sysctl() being called $mt\n";
1366 58c7450e Scott Ullrich
	}
1367 243aa7b9 Scott Ullrich
1368 6df9d7e3 Scott Ullrich
	activate_sysctls();	
1369
1370 243aa7b9 Scott Ullrich
	if (isset($config['system']['sharednet'])) {
1371
		system_disable_arp_wrong_if();
1372
	}
1373
}
1374
1375
function system_disable_arp_wrong_if() {
1376 f19d3b7a Scott Ullrich
	global $config;
1377 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1378
		$mt = microtime();
1379 dcf0598e Scott Ullrich
		echo "system_disable_arp_wrong_if() being called $mt\n";
1380 333f8ef0 Scott Ullrich
	}
1381 6cb438cf Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1382 89f4b6a3 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1383 3ff9d424 Scott Ullrich
}
1384
1385 243aa7b9 Scott Ullrich
function system_enable_arp_wrong_if() {
1386 f19d3b7a Scott Ullrich
	global $config;
1387 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1388
		$mt = microtime();
1389 dcf0598e Scott Ullrich
		echo "system_enable_arp_wrong_if() being called $mt\n";
1390 58c7450e Scott Ullrich
	}
1391 243aa7b9 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1392 89f4b6a3 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1393 243aa7b9 Scott Ullrich
}
1394
1395 a199b93e Scott Ullrich
function enable_watchdog() {
1396
	global $config;
1397 1a479479 Scott Ullrich
	return;
1398 a199b93e Scott Ullrich
	$install_watchdog = false;
1399
	$supported_watchdogs = array("Geode");
1400
	$file = file_get_contents("/var/log/dmesg.boot");
1401
	foreach($supported_watchdogs as $sd) {
1402
		if(stristr($file, "Geode")) {
1403
			$install_watchdog = true;
1404
		}
1405
	}
1406
	if($install_watchdog == true) {
1407 2e44fb05 Scott Ullrich
		if(is_process_running("watchdogd"))
1408 e0b4e47f Seth Mos
			mwexec("/usr/bin/killall watchdogd", true);
1409 333f8ef0 Scott Ullrich
		exec("/usr/sbin/watchdogd");
1410 a199b93e Scott Ullrich
	}
1411
}
1412 15f14889 Scott Ullrich
1413
function system_check_reset_button() {
1414 fa83737d Scott Ullrich
	global $g;
1415 223ef06a Scott Ullrich
	if($g['platform'] != "nanobsd")
1416 fa83737d Scott Ullrich
		return 0;
1417 15f14889 Scott Ullrich
1418 31c9379c Scott Ullrich
	$specplatform = system_identify_specific_platform();
1419
1420 15f14889 Scott Ullrich
	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1421
		return 0;
1422
1423
	$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1424
1425
	if ($retval == 99) {
1426
		/* user has pressed reset button for 2 seconds - 
1427
		   reset to factory defaults */
1428
		echo <<<EOD
1429
1430
***********************************************************************
1431
* Reset button pressed - resetting configuration to factory defaults. *
1432
* The system will reboot after this completes.                        *
1433
***********************************************************************
1434
1435
1436
EOD;
1437
		
1438
		reset_factory_defaults();
1439
		system_reboot_sync();
1440
		exit(0);
1441
	}
1442
1443
	return 0;
1444
}
1445
1446 31c9379c Scott Ullrich
/* attempt to identify the specific platform (for embedded systems)
1447
   Returns an array with two elements:
1448
	name => platform string (e.g. 'wrap', 'alix' etc.)
1449
	descr => human-readable description (e.g. "PC Engines WRAP")
1450
*/
1451
function system_identify_specific_platform() {
1452
	global $g;
1453
	
1454
	if ($g['platform'] == 'generic-pc')
1455
		return array('name' => 'generic-pc', 'descr' => "Generic PC");
1456
	
1457
	if ($g['platform'] == 'generic-pc-cdrom')
1458
		return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1459
	
1460
	/* the rest of the code only deals with 'embedded' platforms */
1461 1a2911a7 Scott Ullrich
	if ($g['platform'] != 'nanobsd')
1462 31c9379c Scott Ullrich
		return array('name' => $g['platform'], 'descr' => $g['platform']);
1463
	
1464
	$dmesg = system_get_dmesg_boot();
1465
	
1466
	if (strpos($dmesg, "PC Engines WRAP") !== false)
1467
		return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1468
	
1469
	if (strpos($dmesg, "PC Engines ALIX") !== false)
1470
		return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1471
1472
	if (preg_match("/Soekris net45../", $dmesg, $matches))
1473
		return array('name' => 'net45xx', 'descr' => $matches[0]);
1474
	
1475
	if (preg_match("/Soekris net48../", $dmesg, $matches))
1476
		return array('name' => 'net48xx', 'descr' => $matches[0]);
1477
		
1478
	if (preg_match("/Soekris net55../", $dmesg, $matches))
1479
		return array('name' => 'net55xx', 'descr' => $matches[0]);
1480
	
1481
	/* unknown embedded platform */
1482
	return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1483
}
1484
1485
function system_get_dmesg_boot() {
1486
	global $g;
1487 d16af75d Scott Ullrich
		
1488 31c9379c Scott Ullrich
	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1489
}
1490
1491 e1daff07 Ermal
?>