/src/etc/inc/globals.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/globals.inc @ 44857365

1	5b237745	Scott Ullrich	<?php
2	ac24dc24	Renato Botelho	/*
3			* globals.inc
4	2af1b0c7	Stephen Beaver	*
5	ac24dc24	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	b8f91b7c	Luiz Souza	* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
7	ac24dc24	Renato Botelho	* All rights reserved.
8	2af1b0c7	Stephen Beaver	*
9	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
10			* you may not use this file except in compliance with the License.
11			* You may obtain a copy of the License at
12	2af1b0c7	Stephen Beaver	*
13	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
14	2af1b0c7	Stephen Beaver	*
15	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
16			* distributed under the License is distributed on an "AS IS" BASIS,
17			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18			* See the License for the specific language governing permissions and
19			* limitations under the License.
20	2af1b0c7	Stephen Beaver	*/
21	9ba87997	Phil Davis
22	43c83997	Phil Davis	// Global defines
23	523855b0	Scott Ullrich
24	43c83997	Phil Davis	// Automatic panel collapse
25	820562e8	NewEraCracker	define('COLLAPSIBLE', 0x08);
26			define('SEC_CLOSED', 0x04);
27			define('SEC_OPEN', 0x00);
28	5b237745	Scott Ullrich
29	77a8a7d6	Steve Beaver	// IP address types
30	ca86de04	Steve Beaver	define("IPV4", 4);
31			define("IPV6", 6);
32			define("IPV4V6", 2);
33			define("ALIAS", 1);
34	77a8a7d6	Steve Beaver
35	0793de1a	Luiz Souza	// Interface Name Size
36			define("IF_NAMESIZE", 15); /* 16 minus the terminating NULL */
37
38	5ea90990	Stephen Beaver	// AddPassword method defines
39	820562e8	NewEraCracker	define('DMYPWD', "********");
40	5ea90990	Stephen Beaver
41	8346b5c4	jim-p	global $g;
42	5b237745	Scott Ullrich	$g = array(
43	0ae6daf8	Ermal	"event_address" => "unix:///var/run/check_reload_status",
44	4b96b367	mgrooms	"factory_shipped_username" => "admin",
45	46974905	Chris Buechler	"factory_shipped_password" => "pfsense",
46	1ef7b568	Scott Ullrich	"upload_path" => "/root",
47	e9e7d501	Matthew Grooms	"dhcpd_chroot_path" => "/var/dhcpd",
48	6671b7cd	Warren Baker	"unbound_chroot_path" => "/var/unbound",
49	563771b1	Renato Botelho	"var_path" => "/var",
50	e9e7d501	Matthew Grooms	"varrun_path" => "/var/run",
51			"varetc_path" => "/var/etc",
52			"vardb_path" => "/var/db",
53			"varlog_path" => "/var/log",
54			"etc_path" => "/etc",
55			"tmp_path" => "/tmp",
56	8d80a771	stilez	"tmp_path_user_code" => "/tmp/user_code",
57	e9e7d501	Matthew Grooms	"conf_path" => "/conf",
58			"conf_default_path" => "/conf.default",
59			"cf_path" => "/cf",
60			"cf_conf_path" => "/cf/conf",
61			"www_path" => "/usr/local/www",
62			"xml_rootobj" => "pfsense",
63			"admin_group" => "admins",
64	36d0358b	Scott Ullrich	"product_name" => "pfSense",
65	70497688	Renato Botelho	"product_version" => trim(file_get_contents("/etc/version"), " \n"),
66	2bb93345	Tuyan Ozipek	"product_copyright_years" => "2004 - ".date("Y"),
67	3b29612f	Chris Buechler	"disablehelpmenu" => false,
68	28181237	Renato Botelho	"disablehelpicon" => false,
69	36365f49	Scott Ullrich	"disablecrashreporter" => false,
70	f3109fac	Chris Buechler	"crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php",
71	e9e7d501	Matthew Grooms	"debug" => false,
72	b89270b7	Renato Botelho	"latest_config" => "18.8",
73	67b0ed57	Chris Buechler	"minimum_ram_warning" => "101",
74	9f274393	Chris Buechler	"minimum_ram_warning_text" => "128 MB",
75	1180e4f0	Sjon Hortensius	"wan_interface_name" => "wan",
76	e9e7d501	Matthew Grooms	"captiveportal_path" => "/usr/local/captiveportal",
77			"captiveportal_element_path" => "/var/db/cpelements",
78	c2d0699f	Scott Ullrich	"captiveportal_element_sizelimit" => 1048576,
79	517b893e	Renato Botelho	"captiveportal_rules_interval" => 50,
80	e3a13b00	Scott Ullrich	"services_dhcp_server_enable" => true,
81	ac516731	Renato Botelho	"wireless_regex" => "/^(ath\|bwi\|bwn\|ipw\|iwi\|iwm\|iwn\|malo\|mwl\|ral\|rsu\|rum\|run\|uath\|upgt\|ural\|urtw\|urtwn\|wi\|wpi\|wtap\|zyd)[0-9]+/",
82	0bd239d9	Renato Botelho	"help_base_url" => "/help.php",
83	60ff91f1	Renato Botelho	"pkg_prefix" => "pfSense-pkg-",
84	ceecd29b	Renato Botelho	"default_timezone" => "Etc/UTC",
85	0c2dffb0	Renato Botelho	"language" => "en_US",
86	2d113b12	Renato Botelho	"default_config_backup_count" => 30,
87	b395c4f2	Renato Botelho	"minimumtableentries_bogonsv6" => 400000,
88	aa6184b6	Renato Botelho	"alternativemetaports" => array("vmware", "php72")
89	5b237745	Scott Ullrich	);
90
91	a03e3c1f	Bill Marquette	/* IP TOS flags */
92	ec6adc21	Bill Marquette	$iptos = array("lowdelay", "throughput", "reliability");
93	a03e3c1f	Bill Marquette
94			/* TCP flags */
95	79cc9e6b	bcyrill	$tcpflags = array("syn", "ack", "fin", "rst", "psh", "urg", "ece", "cwr");
96	a03e3c1f	Bill Marquette
97	5a0235ca	Renato Botelho	if (file_exists("/etc/version.patch")) {
98			$g["product_version_patch"] = trim(file_get_contents("/etc/version.patch"), " \n");
99			} else {
100			$g["product_version_patch"] = "0";
101			}
102
103			$g['product_version_string'] = $g['product_version'];
104			if (is_numeric($g["product_version_patch"]) && $g["product_version_patch"] != "0") {
105			$g['product_version_string'] .= "-p{$g['product_version_patch']}";
106			}
107
108	dc61252a	Renato Botelho	/* XXX: Backward compatible */
109			$g['platform'] = $g['product_name'];
110	b24a7390	Scott Ullrich
111	630326d4	Renato Botelho	if (file_exists("{$g['etc_path']}/default-config-flavor")) {
112			$flavor_array = file("{$g['etc_path']}/default-config-flavor");
113			$g['default-config-flavor'] = chop($flavor_array[0]);
114			} else {
115			$g['default-config-flavor'] = '';
116			}
117
118	3a35f55f	Scott Ullrich	/* Default sysctls */
119	1180e4f0	Sjon Hortensius	$sysctls = array("net.inet.ip.portrange.first" => "1024",
120			"net.inet.tcp.blackhole" => "2",
121			"net.inet.udp.blackhole" => "1",
122			"net.inet.ip.random_id" => "1",
123			"net.inet.tcp.drop_synfin" => "1",
124			"net.inet.ip.redirect" => "1",
125			"net.inet6.ip6.redirect" => "1",
126	20a3b436	Renato Botelho	"net.inet6.ip6.use_tempaddr" => "0",
127			"net.inet6.ip6.prefer_tempaddr" => "0",
128	1180e4f0	Sjon Hortensius	"net.inet.tcp.syncookies" => "1",
129			"net.inet.tcp.recvspace" => "65228",
130			"net.inet.tcp.sendspace" => "65228",
131			"net.inet.tcp.delayed_ack" => "0",
132			"net.inet.udp.maxdgram" => "57344",
133			"net.link.bridge.pfil_onlyip" => "0",
134			"net.link.bridge.pfil_member" => "1",
135			"net.link.bridge.pfil_bridge" => "0",
136			"net.link.tap.user_open" => "1",
137	c2a14eec	Luiz Souza	"net.link.vlan.mtag_pcp" => "1",
138	1180e4f0	Sjon Hortensius	"kern.randompid" => "347",
139			"net.inet.ip.intr_queue_maxlen" => "1000",
140			"hw.syscons.kbd_reboot" => "0",
141			"net.inet.tcp.log_debug" => "0",
142			"net.inet.tcp.tso" => "1",
143	feae85bc	Scott Ullrich	"net.inet.icmp.icmplim" => "0",
144	abe7607f	Scott Ullrich	"vfs.read_max" => "32",
145	2b7ca9b2	Ermal	"kern.ipc.maxsockbuf" => "4262144",
146	c06240db	Ermal	"net.inet.ip.process_options" => 0,
147	c3938c16	Luiz Souza	"kern.random.harvest.mask" => "351",
148	7d8b75ab	Ermal	"net.route.netisr_maxqlen" => 1024,
149	a3a1b24e	Ermal	"net.inet.udp.checksum" => 1,
150	2f5488df	Ermal	"net.inet.icmp.reply_from_interface" => 1,
151	ec5753e7	Ermal LUÇI	"net.inet6.ip6.rfc6204w3" => 1,
152	c46f9695	Ermal	"net.enc.out.ipsec_bpf_mask" => "0x0001",
153			"net.enc.out.ipsec_filter_mask" => "0x0001",
154	8e068605	Chris Buechler	"net.enc.in.ipsec_bpf_mask" => "0x0002",
155			"net.enc.in.ipsec_filter_mask" => "0x0002",
156	62dc93d1	Chris Buechler	"net.key.preferred_oldsa" => "0",
157	1dbe220c	jim-p	"net.inet.carp.senderr_demotion_factor" => 0, /* Do not demote CARP for interface send errors */
158	c81678f4	Chris Buechler	"net.pfsync.carp_demotion_factor" => 0, /* Do not demote CARP for pfsync errors */
159			"net.raw.recvspace" => 65536,
160	48a8235e	Chris Buechler	"net.raw.sendspace" => 65536,
161			"net.inet.raw.recvspace" => 131072,
162	a08208f8	jim-p	"net.inet.raw.maxdgram" => 131072,
163			"kern.corefile" => "/root/%N.core" /* Write all core files to /root/ so they do not consume space on other slices */
164	feae85bc	Scott Ullrich	);
165	3a35f55f	Scott Ullrich
166	545d0b46	Dave Cornejo	$machine_type = php_uname('m');
167			if (($machine_type == 'arm') \|\| ($machine_type == 'arm64')) {
168			$sysctls['kern.shutdown.secure_halt'] = 1;
169			}
170
171	8346b5c4	jim-p	/* Include override values for the above if needed. If the file doesn't exist, don't try to load it. */
172	9ba87997	Phil Davis	if (file_exists("/etc/inc/globals_override.inc")) {
173	86573bb9	Phil Davis	@include_once("globals_override.inc");
174	9ba87997	Phil Davis	}
175	8346b5c4	jim-p
176	ae04affe	Renato Botelho	/* Read all XML files in following dir and load menu entries */
177			$g["ext_menu_path"] = "/usr/local/share/{$g['product_name']}/menu";
178
179	e8f8aeb6	Renato Botelho	/* Cache file used to store pfSense version */
180			$g["version_cache_file"] = "{$g['varrun_path']}/{$g['product_name']}_version";
181	e0e922da	Renato Botelho	$g['version_cache_refresh'] = 2 * 60 * 60; /* 2h */
182	e8f8aeb6	Renato Botelho
183	16d6c1df	Renato Botelho	function platform_booting($on_console = false) {
184	285ef132	Ermal LUÇI	global $g;
185
186	9ba87997	Phil Davis	if ($g['booting'] \|\| file_exists("{$g['varrun_path']}/booting")) {
187			if ($on_console == false \|\| php_sapi_name() != 'fpm-fcgi') {
188	16d6c1df	Renato Botelho	return true;
189	9ba87997	Phil Davis	}
190			}
191	285ef132	Ermal LUÇI
192			return false;
193			}
194	b8d09280	Ermal LUÇI
195	9ba87997	Phil Davis	if (file_exists("{$g['cf_conf_path']}/enableserial_force")) {
196	719db60e	Ermal LUÇI	$g['enableserial_force'] = true;
197	9ba87997	Phil Davis	}
198	719db60e	Ermal LUÇI
199	1883455a	Ermal	$config_parsed = false;
200	9734b054	Scott Ullrich
201	39d2f39d	NOYB	/* Factory default check IP service. */
202			$factory_default_checkipservice = array(
203			"enable" => true,
204			"name" => 'Default',
205			"url" => 'http://checkip.dyndns.org',
206			// "username" => '',
207			// "password" => '',
208			// "verifysslpeer" => true,
209			"descr" => 'Default Check IP Service'
210			);
211
212	456ba14f	Sam Neely	$dyndns_split_domain_types = array("namecheap", "cloudflare", "cloudflare-v6", "gratisdns", "cloudns", "godaddy", "godaddy-v6");
213	b20cfb55	jim-p
214			/* pf tokens from FreeBSD source sbin/pfctl/parse.y (plus our custom entries at the end)*/
215			global $pf_reserved_keywords;
216			$pf_reserved_keywords = array(
217			"pass", "block", "scrub", "return", "in", "os", "out", "log", "quick", "on", "from", "to", "flags", "returnrst",
218			"returnicmp", "returnicmp6", "proto", "inet", "inet6", "all", "any", "icmptype", "icmp6type", "code", "keep",
219			"modulate", "state", "port", "rdr", "nat", "binat", "arrow", "nodf", "minttl", "error", "allowopts", "fastroute",
220			"filename", "routeto", "dupto", "replyto", "no", "label", "noroute", "urpffailed", "fragment", "user", "group",
221			"maxmss", "maximum", "ttl", "tos", "drop", "table", "reassemble", "fragdrop", "fragcrop", "anchor", "natanchor",
222			"rdranchor", "binatanchor", "set", "optimization", "timeout", "limit", "loginterface", "blockpolicy", "randomid",
223			"requireorder", "synproxy", "fingerprints", "nosync", "debug", "skip", "hostid", "antispoof", "for", "include",
224			"bitmask", "random", "sourcehash", "roundrobin", "staticport", "probability", "altq", "cbq", "codel", "priq",
225			"hfsc", "fairq", "bandwidth", "tbrsize", "linkshare", "realtime", "upperlimit", "queue", "priority", "qlimit",
226			"hogs", "buckets", "rtable", "target", "interval", "load", "ruleset_optimization", "prio", "stickyaddress",
227			"maxsrcstates", "maxsrcnodes", "sourcetrack", "global", "rule", "maxsrcconn", "maxsrcconnrate", "overload",
228			"flush", "sloppy", "tagged", "tag", "ifbound", "floating", "statepolicy", "statedefaults", "route", "settos",
229			"divertto", "divertreply", "max", "min", "pptp", "pppoe", "L2TP", "OpenVPN", "IPsec");
230	62ed56dc	Luiz Souza
231			/* VLAN Prio values. */
232			$vlanprio_values = array(
233			"bk" => 0,
234			"be" => 1,
235			"ee" => 2,
236			"ca" => 3,
237			"vi" => 4,
238			"vo" => 5,
239			"ic" => 6,
240			"nc" => 7
241			);
242
243			$vlanprio = array(
244			"bk" => "Background (BK, 0)",
245			"be" => "Best Effort (BE, 1)",
246			"ee" => "Excellent Effort (EE, 2)",
247			"ca" => "Critical Applications (CA, 3)",
248			"vi" => "Video (VI, 4)",
249			"vo" => "Voice (VO, 5)",
250			"ic" => "Internetwork Control (IC, 6)",
251			"nc" => "Network Control (NC, 7)"
252			);
253
254	2b7ca9b2	Ermal	?>

Project

General

Profile

pfSense