/src/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/system.inc @ 48190921

1	5b237745	Scott Ullrich	<?php
2			/*
3			system.inc
4			part of m0n0wall (http://m0n0.ch/wall)
5	0f282d7a	Scott Ullrich
6	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
7			All rights reserved.
8	0f282d7a	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	0f282d7a	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	0f282d7a	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	0f282d7a	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30
31	8e9fa41d	Scott Ullrich	function activate_powerd() {
32			global $config, $g;
33	6fa9f38c	Renato Botelho
34	61e047a5	Phil Davis	if (is_process_running("powerd")) {
35	53c210dd	Cristian Feldman	exec("/usr/bin/killall powerd");
36	61e047a5	Phil Davis	}
37			if (isset($config['system']['powerd_enable'])) {
38			if ($g["platform"] == "nanobsd") {
39	c3b13d60	jim-p	exec("/sbin/kldload cpufreq");
40	61e047a5	Phil Davis	}
41	a358eec2	N0YB
42			$ac_mode = "hadp";
43	61e047a5	Phil Davis	if (!empty($config['system']['powerd_ac_mode'])) {
44	a358eec2	N0YB	$ac_mode = $config['system']['powerd_ac_mode'];
45	61e047a5	Phil Davis	}
46	a358eec2	N0YB
47			$battery_mode = "hadp";
48	61e047a5	Phil Davis	if (!empty($config['system']['powerd_battery_mode'])) {
49	a358eec2	N0YB	$battery_mode = $config['system']['powerd_battery_mode'];
50	61e047a5	Phil Davis	}
51	a358eec2	N0YB
52	3d77cc35	Steven Selph	$normal_mode = "hadp";
53	61e047a5	Phil Davis	if (!empty($config['system']['powerd_normal_mode'])) {
54	3d77cc35	Steven Selph	$normal_mode = $config['system']['powerd_normal_mode'];
55	61e047a5	Phil Davis	}
56	3d77cc35	Steven Selph
57			mwexec("/usr/sbin/powerd -b $battery_mode -a $ac_mode -n $normal_mode");
58	8e9fa41d	Scott Ullrich	}
59			}
60
61	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
62			global $sysctls;
63	f3c91cb5	Erik Fonnesbeck
64	61e047a5	Phil Davis	if (isset($sysctls[$id])) {
65	f3c91cb5	Erik Fonnesbeck	return $sysctls[$id];
66	61e047a5	Phil Davis	}
67	3a35f55f	Scott Ullrich	}
68
69	d87fcac9	Ermal	function get_sysctl_descr($sysctl) {
70			unset($output);
71			$_gb = exec("/sbin/sysctl -nd {$sysctl}", $output);
72
73			return $output[0];
74			}
75
76			function system_get_sysctls() {
77			global $config, $sysctls;
78
79			$disp_sysctl = array();
80			$disp_cache = array();
81			if (is_array($config['sysctl']) && is_array($config['sysctl']['item'])) {
82	61e047a5	Phil Davis	foreach ($config['sysctl']['item'] as $id => $tunable) {
83			if ($tunable['value'] == "default") {
84	d87fcac9	Ermal	$value = get_default_sysctl_value($tunable['tunable']);
85	61e047a5	Phil Davis	} else {
86	d87fcac9	Ermal	$value = $tunable['value'];
87	61e047a5	Phil Davis	}
88	d87fcac9	Ermal
89			$disp_sysctl[$id] = $tunable;
90			$disp_sysctl[$id]['modified'] = true;
91			$disp_cache[$tunable['tunable']] = 'set';
92			}
93			}
94
95			foreach ($sysctls as $sysctl => $value) {
96	61e047a5	Phil Davis	if (isset($disp_cache[$sysctl])) {
97	d87fcac9	Ermal	continue;
98	61e047a5	Phil Davis	}
99	d87fcac9	Ermal
100			$disp_sysctl[$sysctl] = array('tunable' => $sysctl, 'value' => $value, 'descr' => get_sysctl_descr($sysctl));
101			}
102			unset($disp_cache);
103			return $disp_sysctl;
104			}
105
106	6df9d7e3	Scott Ullrich	function activate_sysctls() {
107	c46f9695	Ermal	global $config, $g, $sysctls;
108	971de1f9	Renato Botelho
109	d87fcac9	Ermal	if (is_array($config['sysctl']) && is_array($config['sysctl']['item'])) {
110	61e047a5	Phil Davis	foreach ($config['sysctl']['item'] as $tunable) {
111			if ($tunable['value'] == "default") {
112	b2d0140c	Scott Ullrich	$value = get_default_sysctl_value($tunable['tunable']);
113	61e047a5	Phil Davis	} else {
114	971de1f9	Renato Botelho	$value = $tunable['value'];
115	61e047a5	Phil Davis	}
116	971de1f9	Renato Botelho
117			$sysctls[$tunable['tunable']] = $value;
118	d0b461f5	sullrich	}
119			}
120	971de1f9	Renato Botelho
121			set_sysctl($sysctls);
122	6df9d7e3	Scott Ullrich	}
123
124	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
125	c3f535c0	Seth Mos	global $config, $g;
126
127	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
128	c3f535c0	Seth Mos	$mt = microtime();
129			echo "system_resolvconf_generate() being called $mt\n";
130			}
131	ef217c69	Scott Ullrich
132	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
133	ef217c69	Scott Ullrich
134	61e047a5	Phil Davis	if ((((isset($config['dnsmasq']['enable'])) &&
135			(!isset($config['dnsmasq']['port']) \|\| $config['dnsmasq']['port'] == "53") &&
136			(empty($config['dnsmasq']['interface']) \|\|
137			in_array("lo0", explode(",", $config['dnsmasq']['interface'])))) \|\|
138			((isset($config['unbound']['enable'])) &&
139			(!isset($config['unbound']['port']) \|\| $config['unbound']['port'] == "53") &&
140			(empty($config['unbound']['active_interface']) \|\|
141			in_array("lo0", explode(",", $config['unbound']['active_interface'])) \|\|
142			in_array("all", explode(",", $config['unbound']['active_interface']), true)))) &&
143			(!isset($config['system']['dnslocalhost']))) {
144	6c86a39f	Ermal	$resolvconf .= "nameserver 127.0.0.1\n";
145	61e047a5	Phil Davis	}
146	8ac329da	Ermal
147	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
148	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
149	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
150	61e047a5	Phil Davis	foreach ($ns as $searchserver) {
151			if ($searchserver) {
152	86dcdfc9	Ermal	$resolvconf .= "search {$searchserver}\n";
153	61e047a5	Phil Davis	}
154	86dcdfc9	Ermal	}
155	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
156	61e047a5	Phil Davis	foreach ($ns as $nameserver) {
157			if ($nameserver) {
158	c3f535c0	Seth Mos	$resolvconf .= "nameserver $nameserver\n";
159	61e047a5	Phil Davis	}
160	c3f535c0	Seth Mos	}
161	e8b5f724	Chris Buechler	} else {
162	4ad1ddf2	Phil Davis	$ns = array();
163	e8b5f724	Chris Buechler	// Do not create blank search/domain lines, it can break tools like dig.
164	61e047a5	Phil Davis	if ($syscfg['domain']) {
165	97383d2b	Chris Buechler	$resolvconf .= "search {$syscfg['domain']}\n";
166	61e047a5	Phil Davis	}
167	30cee7b2	Scott Ullrich	}
168	8e866217	Ermal	if (is_array($syscfg['dnsserver'])) {
169	4ad1ddf2	Phil Davis	foreach ($syscfg['dnsserver'] as $sys_dnsserver) {
170	14a6c356	Phil Davis	if ($sys_dnsserver && (!in_array($sys_dnsserver, $ns))) {
171	4ad1ddf2	Phil Davis	$resolvconf .= "nameserver $sys_dnsserver\n";
172	61e047a5	Phil Davis	}
173	e180a6e3	Scott Ullrich	}
174	c3f535c0	Seth Mos	}
175	0f282d7a	Scott Ullrich
176	3b95d9ec	Warren Baker	// Add EDNS support
177	61e047a5	Phil Davis	if (isset($config['unbound']['enable']) && isset($config['unbound']['edns'])) {
178	3b95d9ec	Warren Baker	$resolvconf .= "options edns0\n";
179	61e047a5	Phil Davis	}
180	3b95d9ec	Warren Baker
181	d97ff036	Ermal	$dnslock = lock('resolvconf', LOCK_EX);
182
183	e1daff07	Ermal	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
184			if (!$fd) {
185			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
186	d97ff036	Ermal	unlock($dnslock);
187	e1daff07	Ermal	return 1;
188			}
189
190	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
191			fclose($fd);
192	0f282d7a	Scott Ullrich
193	30501526	Warren Baker	// Prevent resolvconf(8) from rewriting our resolv.conf
194			$fd = fopen("{$g['varetc_path']}/resolvconf.conf", "w");
195			if (!$fd) {
196			printf("Error: cannot open resolvconf.conf in system_resolvconf_generate().\n");
197			return 1;
198			}
199			fwrite($fd, "resolv_conf=\"/dev/null\"\n");
200			fclose($fd);
201
202	285ef132	Ermal LUÇI	if (!platform_booting()) {
203	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
204	61e047a5	Phil Davis	if (!$dynupdate) {
205	c3f535c0	Seth Mos	services_dhcpd_configure();
206	61e047a5	Phil Davis	}
207	30cee7b2	Scott Ullrich	}
208	ef217c69	Scott Ullrich
209	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
210			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
211			/* setup static routes for dns servers */
212	c935003d	Seth Mos	$dnsgw = "dns{$dnscounter}gw";
213	c3f535c0	Seth Mos	if (isset($config['system'][$dnsgw])) {
214	c935003d	Seth Mos	$gwname = $config['system'][$dnsgw];
215			if (($gwname <> "") && ($gwname <> "none")) {
216			$gatewayip = lookup_gateway_ip_by_name($gwname);
217			if (is_ipaddrv4($gatewayip)) {
218	c3f535c0	Seth Mos	/* dns server array starts at 0 */
219	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
220	12f77b03	Ermal	mwexec("/sbin/route change -host " . $syscfg['dnsserver'][$dnscountermo] . " {$gatewayip}");
221	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
222			$mt = microtime();
223			log_error("ROUTING debug: $mt - route change -host {$syscfg['dnsserver'][$dnscountermo]} $gatewayip ");
224			}
225	b875f306	Scott Ullrich	}
226	c935003d	Seth Mos	if (is_ipaddrv6($gatewayip)) {
227			/* dns server array starts at 0 */
228			$dnscountermo = $dnscounter - 1;
229	12f77b03	Ermal	mwexec("/sbin/route change -host -inet6 " . $syscfg['dnsserver'][$dnscountermo] . " {$gatewayip}");
230	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
231			$mt = microtime();
232			log_error("ROUTING debug: $mt - route change -host -inet6 {$syscfg['dnsserver'][$dnscountermo]} $gatewayip ");
233	61e047a5	Phil Davis	}
234	c935003d	Seth Mos	}
235	b875f306	Scott Ullrich	}
236	e180a6e3	Scott Ullrich	}
237	c3f535c0	Seth Mos	}
238	d97ff036	Ermal
239			unlock($dnslock);
240
241	c3f535c0	Seth Mos	return 0;
242	5b237745	Scott Ullrich	}
243
244	86dcdfc9	Ermal	function get_searchdomains() {
245			global $config, $g;
246
247			$master_list = array();
248	61e047a5	Phil Davis
249	86dcdfc9	Ermal	// Read in dhclient nameservers
250	e1daff07	Ermal	$search_list = glob("/var/etc/searchdomain_*");
251	f4a4bcbc	Renato Botelho	if (is_array($search_list)) {
252	61e047a5	Phil Davis	foreach ($search_list as $fdns) {
253	807fd6cd	Ermal	$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
254	61e047a5	Phil Davis	if (!is_array($contents)) {
255	807fd6cd	Ermal	continue;
256	61e047a5	Phil Davis	}
257	807fd6cd	Ermal	foreach ($contents as $dns) {
258	61e047a5	Phil Davis	if (is_hostname($dns)) {
259	807fd6cd	Ermal	$master_list[] = $dns;
260	61e047a5	Phil Davis	}
261	807fd6cd	Ermal	}
262	86dcdfc9	Ermal	}
263			}
264
265			return $master_list;
266			}
267
268	3d00ccaa	Scott Ullrich	function get_nameservers() {
269			global $config, $g;
270			$master_list = array();
271	61e047a5	Phil Davis
272	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
273	e1daff07	Ermal	$dns_lists = glob("/var/etc/nameserver_*");
274	1033de74	Ermal	if (is_array($dns_lists)) {
275	61e047a5	Phil Davis	foreach ($dns_lists as $fdns) {
276	807fd6cd	Ermal	$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
277	61e047a5	Phil Davis	if (!is_array($contents)) {
278	807fd6cd	Ermal	continue;
279	61e047a5	Phil Davis	}
280	807fd6cd	Ermal	foreach ($contents as $dns) {
281	61e047a5	Phil Davis	if (is_ipaddr($dns)) {
282	807fd6cd	Ermal	$master_list[] = $dns;
283	61e047a5	Phil Davis	}
284	807fd6cd	Ermal	}
285	60951398	Scott Ullrich	}
286	3d00ccaa	Scott Ullrich	}
287	2a1226ad	Scott Ullrich
288			// Read in any extra nameservers
289	61e047a5	Phil Davis	if (file_exists("/var/etc/nameservers.conf")) {
290	33818198	Ermal	$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
291	61e047a5	Phil Davis	if (is_array($dns_s)) {
292			foreach ($dns_s as $dns) {
293			if (is_ipaddr($dns)) {
294	1033de74	Ermal	$master_list[] = $dns;
295	61e047a5	Phil Davis	}
296			}
297	e1daff07	Ermal	}
298	2a1226ad	Scott Ullrich	}
299
300	3d00ccaa	Scott Ullrich	return $master_list;
301			}
302
303	5b237745	Scott Ullrich	function system_hosts_generate() {
304	f19d3b7a	Scott Ullrich	global $config, $g;
305	f6248774	Warren Baker	if (isset($config['system']['developerspew'])) {
306	58c7450e	Scott Ullrich	$mt = microtime();
307	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
308	f19d3b7a	Scott Ullrich	}
309	0f282d7a	Scott Ullrich
310	5b237745	Scott Ullrich	$syscfg = $config['system'];
311	61e047a5	Phil Davis	if (isset($config['unbound']) && isset($config['unbound']['enable'])) {
312	21713b25	Renato Botelho	$dnsmasqcfg = $config['unbound'];
313	61e047a5	Phil Davis	} else {
314	21713b25	Renato Botelho	$dnsmasqcfg = $config['dnsmasq'];
315	61e047a5	Phil Davis	}
316	5b237745	Scott Ullrich
317	6c07db48	Phil Davis	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
318	21713b25	Renato Botelho	$hosts .= "::1 localhost localhost.{$syscfg['domain']}\n";
319	aa994814	Andrew Thompson	$lhosts = "";
320			$dhosts = "";
321	a55e9c70	Ermal Lu?i
322	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
323			$cfgip = get_interface_ip("lan");
324	61e047a5	Phil Davis	if (is_ipaddr($cfgip)) {
325	f38f8062	Ermal	$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
326	61e047a5	Phil Davis	}
327	f7dddc86	Chris Buechler	$cfgipv6 = get_interface_ipv6("lan");
328	61e047a5	Phil Davis	if (is_ipaddrv6($cfgipv6)) {
329	f7dddc86	Chris Buechler	$hosts .= "{$cfgipv6} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
330	61e047a5	Phil Davis	}
331	e5995f9d	Ermal	} else {
332			$sysiflist = get_configured_interface_list();
333	f7dddc86	Chris Buechler	$hosts_if_found = false;
334	e5995f9d	Ermal	foreach ($sysiflist as $sysif) {
335			if (!interface_has_gateway($sysif)) {
336			$cfgip = get_interface_ip($sysif);
337			if (is_ipaddr($cfgip)) {
338			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
339	f7dddc86	Chris Buechler	$hosts_if_found = true;
340			}
341			$cfgipv6 = get_interface_ipv6($sysif);
342			if (is_ipaddrv6($cfgipv6)) {
343			$hosts .= "{$cfgipv6} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
344			$hosts_if_found = true;
345	e5995f9d	Ermal	}
346	61e047a5	Phil Davis	if ($hosts_if_found == true) {
347	f7dddc86	Chris Buechler	break;
348	61e047a5	Phil Davis	}
349	e5995f9d	Ermal	}
350			}
351	f38f8062	Ermal	}
352	0f282d7a	Scott Ullrich
353	a80cb9ca	PiBa-NL	if (isset($dnsmasqcfg['enable'])) {
354	61e047a5	Phil Davis	if (!is_array($dnsmasqcfg['hosts'])) {
355	ea1aca13	Renato Botelho	$dnsmasqcfg['hosts'] = array();
356	61e047a5	Phil Davis	}
357	ea1aca13	Renato Botelho
358			foreach ($dnsmasqcfg['hosts'] as $host) {
359	6d457361	Chris Buechler	if ($host['host'] \|\| $host['host'] == "0") {
360	ea1aca13	Renato Botelho	$lhosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
361	61e047a5	Phil Davis	} else {
362	ea1aca13	Renato Botelho	$lhosts .= "{$host['ip']} {$host['domain']}\n";
363	61e047a5	Phil Davis	}
364			if (!is_array($host['aliases']) \|\| !is_array($host['aliases']['item'])) {
365	ea1aca13	Renato Botelho	continue;
366	61e047a5	Phil Davis	}
367	ea1aca13	Renato Botelho	foreach ($host['aliases']['item'] as $alias) {
368	6d457361	Chris Buechler	if ($alias['host'] \|\| $alias['host'] == "0") {
369	ea1aca13	Renato Botelho	$lhosts .= "{$host['ip']} {$alias['host']}.{$alias['domain']} {$alias['host']}\n";
370	61e047a5	Phil Davis	} else {
371	ea1aca13	Renato Botelho	$lhosts .= "{$host['ip']} {$alias['domain']}\n";
372	61e047a5	Phil Davis	}
373	ea1aca13	Renato Botelho	}
374			}
375			if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
376	61e047a5	Phil Davis	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) {
377			if (is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable'])) {
378			foreach ($dhcpifconf['staticmap'] as $host) {
379			if ($host['ipaddr'] && $host['hostname'] && $host['domain']) {
380			$dhosts .= "{$host['ipaddr']} {$host['hostname']}.{$host['domain']} {$host['hostname']}\n";
381			} else if ($host['ipaddr'] && $host['hostname'] && $dhcpifconf['domain']) {
382			$dhosts .= "{$host['ipaddr']} {$host['hostname']}.{$dhcpifconf['domain']} {$host['hostname']}\n";
383			} else if ($host['ipaddr'] && $host['hostname']) {
384			$dhosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
385			}
386			}
387			}
388			}
389	ea1aca13	Renato Botelho	}
390			if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpdv6'])) {
391	61e047a5	Phil Davis	foreach ($config['dhcpdv6'] as $dhcpif => $dhcpifconf) {
392			if (is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable'])) {
393			foreach ($dhcpifconf['staticmap'] as $host) {
394			if ($host['ipaddrv6'] && $host['hostname'] && $host['domain']) {
395			$dhosts .= "{$host['ipaddrv6']} {$host['hostname']}.{$host['domain']} {$host['hostname']}\n";
396			} else if ($host['ipaddrv6'] && $host['hostname'] && $dhcpifconf['domain']) {
397			$dhosts .= "{$host['ipaddrv6']} {$host['hostname']}.{$dhcpifconf['domain']} {$host['hostname']}\n";
398			} else if ($host['ipaddrv6'] && $host['hostname']) {
399			$dhosts .= "{$host['ipaddrv6']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
400			}
401			}
402			}
403			}
404			}
405
406			if (isset($dnsmasqcfg['dhcpfirst'])) {
407	ea1aca13	Renato Botelho	$hosts .= $dhosts . $lhosts;
408	61e047a5	Phil Davis	} else {
409	ea1aca13	Renato Botelho	$hosts .= $lhosts . $dhosts;
410	61e047a5	Phil Davis	}
411	ea1aca13	Renato Botelho	}
412	aa994814	Andrew Thompson
413	58db1fc4	Ermal	/*
414	61e047a5	Phil Davis	* Do not remove this because dhcpleases monitors with kqueue it needs to be
415	58db1fc4	Ermal	* killed before writing to hosts files.
416			*/
417			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
418			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
419	ea1aca13	Renato Botelho	@unlink("{$g['varrun_path']}/dhcpleases.pid");
420	58db1fc4	Ermal	}
421			$fd = fopen("{$g['varetc_path']}/hosts", "w");
422			if (!$fd) {
423			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
424			return 1;
425			}
426	5b237745	Scott Ullrich	fwrite($fd, $hosts);
427			fclose($fd);
428	0f282d7a	Scott Ullrich
429	3f06e538	Warren Baker	if (isset($config['unbound']['enable'])) {
430			require_once("unbound.inc");
431	f6248774	Warren Baker	unbound_hosts_generate();
432	3f06e538	Warren Baker	}
433	f6248774	Warren Baker
434	24d619f5	Ermal	return 0;
435			}
436
437			function system_dhcpleases_configure() {
438	15d456b9	gnhb	global $config, $g;
439	61e047a5	Phil Davis
440	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
441	61e047a5	Phil Davis	if ((isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcp'])) \|\|
442			(isset($config['unbound']['enable']) && isset($config['unbound']['regdhcp']))) {
443	956950de	Ermal	/* Make sure we do not error out */
444	abdd01f5	Ermal	mwexec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/db");
445	61e047a5	Phil Davis	if (!file_exists("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases")) {
446	abdd01f5	Ermal	@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
447	61e047a5	Phil Davis	}
448	4dbcf2fb	Renato Botelho
449	21713b25	Renato Botelho	if (isset($config['unbound']['enable'])) {
450	4dbcf2fb	Renato Botelho	$dns_pid = "unbound.pid";
451	21713b25	Renato Botelho	$unbound_conf = "-u {$g['unbound_chroot_path']}/dhcpleases_entries.conf";
452			} else {
453	4dbcf2fb	Renato Botelho	$dns_pid = "dnsmasq.pid";
454	21713b25	Renato Botelho	$unbound_conf = "";
455			}
456	4dbcf2fb	Renato Botelho
457			$pidfile = "{$g['varrun_path']}/dhcpleases.pid";
458			if (isvalidpid($pidfile)) {
459			/* Make sure dhcpleases is using correct unbound or dnsmasq */
460			$_gb = exec("/bin/pgrep -F {$pidfile} -f {$dns_pid}", $output, $retval);
461			if (intval($retval) == 0) {
462			sigkillbypid($pidfile, "HUP");
463			return;
464	61e047a5	Phil Davis	} else {
465	4dbcf2fb	Renato Botelho	sigkillbypid($pidfile, "TERM");
466	61e047a5	Phil Davis	}
467	69e593c1	jim-p	}
468	4dbcf2fb	Renato Botelho
469			/* To ensure we do not start multiple instances of dhcpleases, perform some clean-up first. */
470	61e047a5	Phil Davis	if (is_process_running("dhcpleases")) {
471	21713b25	Renato Botelho	sigkillbyname('dhcpleases', "TERM");
472	61e047a5	Phil Davis	}
473	21713b25	Renato Botelho	@unlink($pidfile);
474			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/{$dns_pid} {$unbound_conf} -h {$g['varetc_path']}/hosts");
475	15d456b9	gnhb	} else {
476	21713b25	Renato Botelho	sigkillbypid($pidfile, "TERM");
477			@unlink($pidfile);
478	15d456b9	gnhb	}
479	5b237745	Scott Ullrich	}
480
481			function system_hostname_configure() {
482	f19d3b7a	Scott Ullrich	global $config, $g;
483	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
484	58c7450e	Scott Ullrich	$mt = microtime();
485	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
486	333f8ef0	Scott Ullrich	}
487	0f282d7a	Scott Ullrich
488	5b237745	Scott Ullrich	$syscfg = $config['system'];
489	0f282d7a	Scott Ullrich
490	5b237745	Scott Ullrich	/* set hostname */
491	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
492	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
493	6bfccde7	Scott Ullrich
494	61e047a5	Phil Davis	/* Setup host GUID ID. This is used by ZFS. */
495	6bfccde7	Scott Ullrich	mwexec("/etc/rc.d/hostid start");
496
497			return $status;
498	5b237745	Scott Ullrich	}
499
500	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
501	962625aa	Ermal	global $config, $g;
502	6fa9f38c	Renato Botelho
503	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
504	58c7450e	Scott Ullrich	$mt = microtime();
505	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
506	58c7450e	Scott Ullrich	}
507	333f8ef0	Scott Ullrich
508	a529aced	Ermal	$gatewayip = "";
509			$interfacegw = "";
510	5a5413bb	Seth Mos	$gatewayipv6 = "";
511			$interfacegwv6 = "";
512	d35dfaae	Ermal	$foundgw = false;
513	5a5413bb	Seth Mos	$foundgwv6 = false;
514	a529aced	Ermal	/* tack on all the hard defined gateways as well */
515			if (is_array($config['gateways']['gateway_item'])) {
516	873c1701	Renato Botelho	array_map('unlink', glob("{$g['tmp_path']}/*_defaultgw{,v6}", GLOB_BRACE));
517	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
518	f934af33	Ermal	if (isset($gateway['defaultgw'])) {
519	d35dfaae	Ermal	if ($foundgw == false && ($gateway['ipprotocol'] != "inet6" && (is_ipaddrv4($gateway['gateway']) \|\| $gateway['gateway'] == "dynamic"))) {
520	61e047a5	Phil Davis	if (strpos($gateway['gateway'], ":")) {
521	f934af33	Ermal	continue;
522	61e047a5	Phil Davis	}
523			if ($gateway['gateway'] == "dynamic") {
524	f934af33	Ermal	$gateway['gateway'] = get_interface_gateway($gateway['interface']);
525	61e047a5	Phil Davis	}
526	9d595f6a	Ermal	$gatewayip = $gateway['gateway'];
527	03e96afb	Renato Botelho	$interfacegw = $gateway['interface'];
528	f934af33	Ermal	if (!empty($gateway['interface'])) {
529			$defaultif = get_real_interface($gateway['interface']);
530	61e047a5	Phil Davis	if ($defaultif) {
531	f934af33	Ermal	@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gateway['gateway']);
532	61e047a5	Phil Davis	}
533	f934af33	Ermal	}
534			$foundgw = true;
535	d35dfaae	Ermal	} else if ($foundgwv6 == false && ($gateway['ipprotocol'] == "inet6" && (is_ipaddrv6($gateway['gateway']) \|\| $gateway['gateway'] == "dynamic"))) {
536	61e047a5	Phil Davis	if ($gateway['gateway'] == "dynamic") {
537	f934af33	Ermal	$gateway['gateway'] = get_interface_gateway_v6($gateway['interface']);
538	61e047a5	Phil Davis	}
539	9d595f6a	Ermal	$gatewayipv6 = $gateway['gateway'];
540	03e96afb	Renato Botelho	$interfacegwv6 = $gateway['interface'];
541	f934af33	Ermal	if (!empty($gateway['interface'])) {
542	c79f717a	Ermal	$defaultifv6 = get_real_interface($gateway['interface']);
543	61e047a5	Phil Davis	if ($defaultifv6) {
544	f934af33	Ermal	@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gateway['gateway']);
545	61e047a5	Phil Davis	}
546	f934af33	Ermal	}
547			$foundgwv6 = true;
548	924f202e	Ermal	}
549	a529aced	Ermal	}
550	61e047a5	Phil Davis	if ($foundgw === true && $foundgwv6 === true) {
551	5a5413bb	Seth Mos	break;
552	61e047a5	Phil Davis	}
553	5a5413bb	Seth Mos	}
554	b24bda08	Scott Ullrich	}
555	3cc07282	Ermal	if ($foundgw == false) {
556			$defaultif = get_real_interface("wan");
557			$interfacegw = "wan";
558			$gatewayip = get_interface_gateway("wan");
559	d35dfaae	Ermal	@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
560	61e047a5	Phil Davis	}
561	5a5413bb	Seth Mos	if ($foundgwv6 == false) {
562	c79f717a	Ermal	$defaultifv6 = get_real_interface("wan");
563	4f332466	Seth Mos	$interfacegwv6 = "wan";
564			$gatewayipv6 = get_interface_gateway_v6("wan");
565	d35dfaae	Ermal	@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gatewayipv6);
566	17a5b095	Seth Mos	}
567	d173230c	Seth Mos	$dont_add_route = false;
568			/* if OLSRD is enabled, allow WAN to house DHCP. */
569	f934af33	Ermal	if (is_array($config['installedpackages']['olsrd'])) {
570	61e047a5	Phil Davis	foreach ($config['installedpackages']['olsrd']['config'] as $olsrd) {
571			if (($olsrd['enabledyngw'] == "on") && ($olsrd['enable'] == "on")) {
572	d173230c	Seth Mos	$dont_add_route = true;
573	f581cb10	Chris Buechler	log_error(sprintf(gettext("Not adding default route because OLSR dynamic gateway is enabled.")));
574	6e17413e	Ermal Lu?i	break;
575	d173230c	Seth Mos	}
576			}
577			}
578	07b54e8c	smos
579	de34f1fc	PiBa-NL	$gateways_arr = return_gateways_array(false, true);
580	4e322e2c	Phil Davis	foreach ($gateways_arr as $gateway) {
581	de34f1fc	PiBa-NL	// setup static interface routes for nonlocal gateways
582			if (isset($gateway["nonlocalgateway"])) {
583			$srgatewayip = $gateway['gateway'];
584			$srinterfacegw = $gateway['interface'];
585			if (is_ipaddr($srgatewayip) && !empty($srinterfacegw)) {
586			$inet = (!is_ipaddrv4($srgatewayip) ? "-inet6" : "-inet");
587			$cmd = "/sbin/route change {$inet} " . escapeshellarg($srgatewayip) . " ";
588			mwexec($cmd . "-iface " . escapeshellarg($srinterfacegw));
589			if (isset($config['system']['route-debug'])) {
590			$mt = microtime();
591			log_error("ROUTING debug: $mt - $cmd -iface $srinterfacegw ");
592			}
593			}
594			}
595			}
596
597	61e047a5	Phil Davis	if ($dont_add_route == false) {
598			if (!empty($interface) && $interface != $interfacegw) {
599	1ea67f2e	Ermal	;
600	61e047a5	Phil Davis	} else if (is_ipaddrv4($gatewayip)) {
601	b368b35a	Ermal	log_error("ROUTING: setting default route to $gatewayip");
602			mwexec("/sbin/route change -inet default " . escapeshellarg($gatewayip));
603	d173230c	Seth Mos	}
604
605	61e047a5	Phil Davis	if (!empty($interface) && $interface != $interfacegwv6) {
606	5a5413bb	Seth Mos	;
607	61e047a5	Phil Davis	} else if (is_ipaddrv6($gatewayipv6)) {
608	8be135cd	Ermal	$ifscope = "";
609	61e047a5	Phil Davis	if (is_linklocal($gatewayipv6) && !strpos($gatewayipv6, '%')) {
610	26ecc19c	smos	$ifscope = "%{$defaultifv6}";
611	61e047a5	Phil Davis	}
612	ea91a8c0	smos	log_error("ROUTING: setting IPv6 default route to {$gatewayipv6}{$ifscope}");
613	ef74c9e4	Renato Botelho	mwexec("/sbin/route change -inet6 default " . escapeshellarg("{$gatewayipv6}{$ifscope}"));
614	5a5413bb	Seth Mos	}
615			}
616
617	2a2b9eea	Renato Botelho	system_staticroutes_configure($interface, false);
618
619			return 0;
620			}
621
622			function system_staticroutes_configure($interface = "", $update_dns = false) {
623			global $config, $g, $aliastable;
624
625	356e86d4	Renato Botelho	$filterdns_list = array();
626
627	e47d24e4	Renato Botelho	$static_routes = get_staticroutes(false, true);
628	f898c1a9	jim-p	if (count($static_routes)) {
629	6fdea6a2	smos	$gateways_arr = return_gateways_array(false, true);
630	0f282d7a	Scott Ullrich
631	f898c1a9	jim-p	foreach ($static_routes as $rtent) {
632	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
633	4a896b86	Carlos Eduardo Ramos	log_error(sprintf(gettext("Static Routes: Gateway IP could not be found for %s"), $rtent['network']));
634	a529aced	Ermal	continue;
635			}
636	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
637	61e047a5	Phil Davis	if (!empty($interface) && $interface != $gateway['friendlyiface']) {
638	a02708b1	Ermal	continue;
639	61e047a5	Phil Davis	}
640	9740fad8	Seth Mos
641	a02708b1	Ermal	$gatewayip = $gateway['gateway'];
642			$interfacegw = $gateway['interface'];
643	a529aced	Ermal
644	1e5f47bb	smos	$blackhole = "";
645	61e047a5	Phil Davis	if (!strcasecmp("Null", substr($rtent['gateway'], 0, 3))) {
646	1e5f47bb	smos	$blackhole = "-blackhole";
647	61e047a5	Phil Davis	}
648	1e5f47bb	smos
649	61e047a5	Phil Davis	if (!is_fqdn($rtent['network']) && !is_subnet($rtent['network'])) {
650	2a2b9eea	Renato Botelho	continue;
651	61e047a5	Phil Davis	}
652	046583c3	Renato Botelho
653	e47d24e4	Renato Botelho	$dnscache = array();
654			if ($update_dns === true) {
655	61e047a5	Phil Davis	if (is_subnet($rtent['network'])) {
656	2a2b9eea	Renato Botelho	continue;
657	61e047a5	Phil Davis	}
658	e47d24e4	Renato Botelho	$dnscache = explode("\n", trim(compare_hostname_to_dnscache($rtent['network'])));
659	61e047a5	Phil Davis	if (empty($dnscache)) {
660	e47d24e4	Renato Botelho	continue;
661	61e047a5	Phil Davis	}
662	e47d24e4	Renato Botelho	}
663	046583c3	Renato Botelho
664	61e047a5	Phil Davis	if (is_subnet($rtent['network'])) {
665	e47d24e4	Renato Botelho	$ips = array($rtent['network']);
666	61e047a5	Phil Davis	} else {
667			if (!isset($rtent['disabled'])) {
668	e47d24e4	Renato Botelho	$filterdns_list[] = $rtent['network'];
669	61e047a5	Phil Davis	}
670	e47d24e4	Renato Botelho	$ips = add_hostname_to_watch($rtent['network']);
671			}
672	2a2b9eea	Renato Botelho
673	e47d24e4	Renato Botelho	foreach ($dnscache as $ip) {
674	61e047a5	Phil Davis	if (in_array($ip, $ips)) {
675	e47d24e4	Renato Botelho	continue;
676	61e047a5	Phil Davis	}
677	e47d24e4	Renato Botelho	mwexec("/sbin/route delete " . escapeshellarg($ip), true);
678	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
679			$mt = microtime();
680			log_error("ROUTING debug: $mt - route delete $ip ");
681			}
682	e47d24e4	Renato Botelho	}
683	2a2b9eea	Renato Botelho
684	e47d24e4	Renato Botelho	if (isset($rtent['disabled'])) {
685	1f4ad8f4	Chris Buechler	/* XXX: This can break things by deleting routes that shouldn't be deleted - OpenVPN, dynamic routing scenarios, etc. redmine #3709 */
686	7bd413eb	Chris Buechler	foreach ($ips as $ip) {
687	2a2b9eea	Renato Botelho	mwexec("/sbin/route delete " . escapeshellarg($ip), true);
688	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
689			$mt = microtime();
690			log_error("ROUTING debug: $mt - route delete $ip ");
691			}
692			}
693	e47d24e4	Renato Botelho	continue;
694			}
695	2a2b9eea	Renato Botelho
696	e47d24e4	Renato Botelho	foreach ($ips as $ip) {
697	61e047a5	Phil Davis	if (is_ipaddrv4($ip)) {
698	e47d24e4	Renato Botelho	$ip .= "/32";
699	61e047a5	Phil Davis	}
700	e78509cc	Chris Buechler	// do NOT do the same check here on v6, is_ipaddrv6 returns true when including the CIDR mask. doing so breaks v6 routes
701	61e047a5	Phil Davis
702	e47d24e4	Renato Botelho	$inet = (is_subnetv6($ip) ? "-inet6" : "-inet");
703	2a2b9eea	Renato Botelho
704	e47d24e4	Renato Botelho	$cmd = "/sbin/route change {$inet} {$blackhole} " . escapeshellarg($ip) . " ";
705
706	61e047a5	Phil Davis	if (is_subnet($ip)) {
707	7bd413eb	Chris Buechler	if (is_ipaddr($gatewayip)) {
708	e47d24e4	Renato Botelho	mwexec($cmd . escapeshellarg($gatewayip));
709	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
710			$mt = microtime();
711			log_error("ROUTING debug: $mt - $cmd $gatewayip");
712			}
713			} else if (!empty($interfacegw)) {
714	e47d24e4	Renato Botelho	mwexec($cmd . "-iface " . escapeshellarg($interfacegw));
715	7bd413eb	Chris Buechler	if (isset($config['system']['route-debug'])) {
716			$mt = microtime();
717			log_error("ROUTING debug: $mt - $cmd -iface $interfacegw ");
718			}
719			}
720	61e047a5	Phil Davis	}
721	2a2b9eea	Renato Botelho	}
722	5b237745	Scott Ullrich	}
723	6a205b6a	Ermal	unset($gateways_arr);
724	5b237745	Scott Ullrich	}
725	6a205b6a	Ermal	unset($static_routes);
726	67ee1ec5	Ermal Luçi
727	e47d24e4	Renato Botelho	if ($update_dns === false) {
728			if (count($filterdns_list)) {
729			$interval = 60;
730			$hostnames = "";
731			array_unique($filterdns_list);
732	61e047a5	Phil Davis	foreach ($filterdns_list as $hostname) {
733	e47d24e4	Renato Botelho	$hostnames .= "cmd {$hostname} '/usr/local/sbin/pfSctl -c \"service reload routedns\"'\n";
734	61e047a5	Phil Davis	}
735	e47d24e4	Renato Botelho	file_put_contents("{$g['varetc_path']}/filterdns-route.hosts", $hostnames);
736			unset($hostnames);
737
738	61e047a5	Phil Davis	if (isvalidpid("{$g['varrun_path']}/filterdns-route.pid")) {
739	e47d24e4	Renato Botelho	sigkillbypid("{$g['varrun_path']}/filterdns-route.pid", "HUP");
740	61e047a5	Phil Davis	} else {
741	e47d24e4	Renato Botelho	mwexec("/usr/local/sbin/filterdns -p {$g['varrun_path']}/filterdns-route.pid -i {$interval} -c {$g['varetc_path']}/filterdns-route.hosts -d 1");
742	61e047a5	Phil Davis	}
743	e47d24e4	Renato Botelho	} else {
744			killbypid("{$g['varrun_path']}/filterdns-route.pid");
745			@unlink("{$g['varrun_path']}/filterdns-route.pid");
746			}
747	356e86d4	Renato Botelho	}
748	e47d24e4	Renato Botelho	unset($filterdns_list);
749	356e86d4	Renato Botelho
750	b9c501ea	Seth Mos	return 0;
751	5b237745	Scott Ullrich	}
752
753			function system_routing_enable() {
754	f19d3b7a	Scott Ullrich	global $config, $g;
755	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
756	58c7450e	Scott Ullrich	$mt = microtime();
757	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
758	58c7450e	Scott Ullrich	}
759	0f282d7a	Scott Ullrich
760	971de1f9	Renato Botelho	set_sysctl(array(
761			"net.inet.ip.forwarding" => "1",
762			"net.inet6.ip6.forwarding" => "1"
763			));
764
765	6da3df4e	Seth Mos	return;
766	5b237745	Scott Ullrich	}
767
768	bd29bb7b	jim-p	function system_syslogd_fixup_server($server) {
769			/* If it's an IPv6 IP alone, encase it in brackets */
770	61e047a5	Phil Davis	if (is_ipaddrv6($server)) {
771	bd29bb7b	jim-p	return "[$server]";
772	61e047a5	Phil Davis	} else {
773	bd29bb7b	jim-p	return $server;
774	61e047a5	Phil Davis	}
775	bd29bb7b	jim-p	}
776
777	236524c2	jim-p	function system_syslogd_get_remote_servers($syslogcfg, $facility = ".") {
778			// Rather than repeatedly use the same code, use this function to build a list of remote servers.
779			$facility .= " ".
780			$remote_servers = "";
781	7d4d7822	Phil Davis	$pad_to = max(strlen($facility), 56);
782	236524c2	jim-p	$padding = ceil(($pad_to - strlen($facility))/8)+1;
783	61e047a5	Phil Davis	if ($syslogcfg['remoteserver']) {
784	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver']) . "\n";
785	61e047a5	Phil Davis	}
786			if ($syslogcfg['remoteserver2']) {
787	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver2']) . "\n";
788	61e047a5	Phil Davis	}
789			if ($syslogcfg['remoteserver3']) {
790	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver3']) . "\n";
791	61e047a5	Phil Davis	}
792	236524c2	jim-p	return $remote_servers;
793			}
794
795	41df62c1	jim-p	function clear_log_file($logfile = "/var/log/system.log", $restart_syslogd = true) {
796			global $config, $g;
797			if ($restart_syslogd) {
798			exec("/usr/bin/killall syslogd");
799			}
800			if (isset($config['system']['disablesyslogclog'])) {
801			unlink($logfile);
802			touch($logfile);
803			} else {
804			$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "511488";
805			$log_size = isset($config['syslog'][basename($logfile, '.log') . '_settings']['logfilesize']) ? $config['syslog'][basename($logfile, '.log') . '_settings']['logfilesize'] : $log_size;
806			exec("/usr/local/sbin/clog -i -s {$log_size} " . escapeshellarg($logfile));
807			}
808			if ($restart_syslogd) {
809			system_syslogd_start();
810			}
811			}
812
813			function clear_all_log_files($restart = false) {
814			global $g;
815			exec("/usr/bin/killall syslogd");
816
817	1e8599e5	Chris Buechler	$log_files = array("system", "filter", "dhcpd", "vpn", "pptps", "poes", "l2tps", "openvpn", "portalauth", "ipsec", "ppp", "relayd", "wireless", "nginx", "ntpd", "gateways", "resolver", "routing");
818	41df62c1	jim-p	foreach ($log_files as $lfile) {
819			clear_log_file("{$g['varlog_path']}/{$lfile}.log", false);
820			}
821
822			if ($restart) {
823			system_syslogd_start();
824			killbyname("dhcpd");
825			services_dhcpd_configure();
826			}
827			return;
828			}
829
830	5b237745	Scott Ullrich	function system_syslogd_start() {
831	f19d3b7a	Scott Ullrich	global $config, $g;
832	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
833	58c7450e	Scott Ullrich	$mt = microtime();
834	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
835	58c7450e	Scott Ullrich	}
836	0f282d7a	Scott Ullrich
837	1fd3fe31	Scott Ullrich	mwexec("/etc/rc.d/hostid start");
838
839	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
840
841	61e047a5	Phil Davis	if (platform_booting()) {
842	4a896b86	Carlos Eduardo Ramos	echo gettext("Starting syslog...");
843	61e047a5	Phil Davis	}
844	0f282d7a	Scott Ullrich
845	7ee97cb3	Scott Ullrich	// Which logging type are we using this week??
846	100f3e71	Ermal	if (isset($config['system']['disablesyslogclog'])) {
847			$log_directive = "";
848			$log_create_directive = "/usr/bin/touch ";
849			$log_size = "";
850	7ee97cb3	Scott Ullrich	} else { // Defaults to CLOG
851	100f3e71	Ermal	$log_directive = "%";
852	c7a3356e	jim-p	$log_size = isset($config['syslog']['logfilesize']) ? $config['syslog']['logfilesize'] : "10240";
853	2a50fd8a	Renato Botelho	$log_create_directive = "/usr/local/sbin/clog -i -s ";
854	7ee97cb3	Scott Ullrich	}
855	66201c96	Ermal
856			$syslogd_extra = "";
857	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
858	69eefb50	Renato Botelho	$separatelogfacilities = array('ntp', 'ntpd', 'ntpdate', 'charon', 'ipsec_starter', 'openvpn', 'pptps', 'poes', 'l2tps', 'relayd', 'hostapd', 'dnsmasq', 'filterdns', 'unbound', 'dhcpd', 'dhcrelay', 'dhclient', 'dhcp6c', 'dpinger', 'radvd', 'routed', 'olsrd', 'zebra', 'ospfd', 'bgpd', 'miniupnpd', 'filterlog');
859	344016a8	Ermal	$syslogconf = "";
860	61e047a5	Phil Davis	if ($config['installedpackages']['package']) {
861			foreach ($config['installedpackages']['package'] as $package) {
862			if ($package['logging']) {
863	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
864	086cf944	Phil Davis	if (!is_file($g['varlog_path'].'/'.$package['logging']['logfilename'])) {
865	6587e2af	Robert Nelson	mwexec("{$log_create_directive} {$log_size} {$g['varlog_path']}/{$package['logging']['logfilename']}");
866	086cf944	Phil Davis	}
867	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
868	a728d2ea	Colin Smith	}
869	0d9d2a1b	Scott Ullrich	}
870			}
871	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
872	5c8cbb26	jim-p	$syslogconf .= "!radvd,routed,olsrd,zebra,ospfd,bgpd,miniupnpd\n";
873	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
874	e0c45357	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/routing.log\n";
875	61e047a5	Phil Davis	}
876	e0c45357	jim-p
877			$syslogconf .= "!ntp,ntpd,ntpdate\n";
878	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
879	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
880	61e047a5	Phil Davis	}
881	236524c2	jim-p
882	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
883	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
884	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
885	61e047a5	Phil Davis	}
886	236524c2	jim-p
887	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
888	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
889	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
890	61e047a5	Phil Davis	}
891	236524c2	jim-p
892	a6607b5f	jim-p	$syslogconf .= "!poes\n";
893	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
894	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
895	61e047a5	Phil Davis	}
896	236524c2	jim-p
897	a6607b5f	jim-p	$syslogconf .= "!l2tps\n";
898	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
899	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
900	61e047a5	Phil Davis	}
901	236524c2	jim-p
902	20a95904	Ermal	$syslogconf .= "!charon,ipsec_starter\n";
903	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
904	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
905	61e047a5	Phil Davis	}
906			if (isset($syslogcfg['vpn'])) {
907	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
908	61e047a5	Phil Davis	}
909	236524c2	jim-p
910	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
911	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
912	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
913	61e047a5	Phil Davis	}
914			if (isset($syslogcfg['vpn'])) {
915	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
916	61e047a5	Phil Davis	}
917	236524c2	jim-p
918	69eefb50	Renato Botelho	$syslogconf .= "!dpinger\n";
919	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
920	e0977fed	smos	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/gateways.log\n";
921	61e047a5	Phil Davis	}
922	69eefb50	Renato Botelho	if (isset($syslogcfg['dpinger'])) {
923	e0977fed	smos	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
924	61e047a5	Phil Davis	}
925	e0977fed	smos
926	a89b7342	jim-p	$syslogconf .= "!dnsmasq,filterdns,unbound\n";
927	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
928	e0977fed	smos	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/resolver.log\n";
929	61e047a5	Phil Davis	}
930	e0977fed	smos
931	b462fc5e	Renato Botelho	$syslogconf .= "!dhcpd,dhcrelay,dhclient,dhcp6c\n";
932	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
933	e0977fed	smos	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/dhcpd.log\n";
934	61e047a5	Phil Davis	}
935			if (isset($syslogcfg['dhcp'])) {
936	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
937	61e047a5	Phil Davis	}
938	236524c2	jim-p
939	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
940	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
941	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
942	61e047a5	Phil Davis	}
943			if (isset($syslogcfg['relayd'])) {
944	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
945	61e047a5	Phil Davis	}
946	236524c2	jim-p
947	689eaa4d	jim-p	$syslogconf .= "!hostapd\n";
948	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
949	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/wireless.log\n";
950	61e047a5	Phil Davis	}
951			if (isset($syslogcfg['hostapd'])) {
952	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
953	61e047a5	Phil Davis	}
954	236524c2	jim-p
955	686777c4	Ermal	$syslogconf .= "!filterlog\n";
956			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/filter.log\n";
957	61e047a5	Phil Davis	if (isset($syslogcfg['filter'])) {
958	686777c4	Ermal	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
959	61e047a5	Phil Davis	}
960	686777c4	Ermal
961	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
962	61e047a5	Phil Davis	if (!isset($syslogcfg['disablelocallogging'])) {
963	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
964	236524c2	jim-p	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
965			local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
966	be6da8a4	Chris Buechler	local5.* {$log_directive}{$g['varlog_path']}/nginx.log
967	236524c2	jim-p	local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
968	7d4d7822	Phil Davis	.notice;kern.debug;lpr.info;mail.crit;daemon.none;news.err;local0.none;local3.none;local4.none;local7.none;security.;auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
969	236524c2	jim-p	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
970			.emerg
971	be5d59d7	Scott Ullrich
972			EOD;
973	61e047a5	Phil Davis	}
974			if (isset($syslogcfg['vpn'])) {
975	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local3.*");
976	61e047a5	Phil Davis	}
977			if (isset($syslogcfg['portalauth'])) {
978	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local4.*");
979	61e047a5	Phil Davis	}
980			if (isset($syslogcfg['dhcp'])) {
981	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local7.*");
982	61e047a5	Phil Davis	}
983	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
984	7d4d7822	Phil Davis	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".emerg;.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none;security.*;auth.info;authpriv.info;daemon.info");
985	236524c2	jim-p	}
986	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
987	236524c2	jim-p	// Make everything mean everything, including facilities excluded above.
988			$syslogconf .= "!*\n";
989			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
990			}
991	be5d59d7	Scott Ullrich
992	a213ad18	Andrew Thompson	if (isset($syslogcfg['zmqserver'])) {
993			$syslogconf .= <<<EOD
994			. ^{$syslogcfg['zmqserver']}
995
996			EOD;
997			}
998	61e047a5	Phil Davis	/* write syslog.conf */
999	344016a8	Ermal	if (!@file_put_contents("{$g['varetc_path']}/syslog.conf", $syslogconf)) {
1000			printf(gettext("Error: cannot open syslog.conf in system_syslogd_start().%s"), "\n");
1001			unset($syslogconf);
1002			return 1;
1003			}
1004			unset($syslogconf);
1005	42ee8bde	Scott Ullrich
1006			// Ensure that the log directory exists
1007	61e047a5	Phil Davis	if (!is_dir("{$g['dhcpd_chroot_path']}/var/run")) {
1008	42ee8bde	Scott Ullrich	exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
1009	61e047a5	Phil Davis	}
1010	42ee8bde	Scott Ullrich
1011	cbe12b8d	jim-p	$sourceip = "";
1012			if (!empty($syslogcfg['sourceip'])) {
1013			if ($syslogcfg['ipproto'] == "ipv6") {
1014			$ifaddr = is_ipaddr($syslogcfg['sourceip']) ? $syslogcfg['sourceip'] : get_interface_ipv6($syslogcfg['sourceip']);
1015	61e047a5	Phil Davis	if (!is_ipaddr($ifaddr)) {
1016	cbe12b8d	jim-p	$ifaddr = get_interface_ip($syslogcfg['sourceip']);
1017	61e047a5	Phil Davis	}
1018	cbe12b8d	jim-p	} else {
1019			$ifaddr = is_ipaddr($syslogcfg['sourceip']) ? $syslogcfg['sourceip'] : get_interface_ip($syslogcfg['sourceip']);
1020	61e047a5	Phil Davis	if (!is_ipaddr($ifaddr)) {
1021	cbe12b8d	jim-p	$ifaddr = get_interface_ipv6($syslogcfg['sourceip']);
1022	61e047a5	Phil Davis	}
1023	cbe12b8d	jim-p	}
1024			if (is_ipaddr($ifaddr)) {
1025			$sourceip = "-b {$ifaddr}";
1026			}
1027			}
1028
1029	66201c96	Ermal	$syslogd_extra = "-f {$g['varetc_path']}/syslog.conf {$sourceip}";
1030	5b237745	Scott Ullrich	}
1031	0f282d7a	Scott Ullrich
1032	209ba3aa	Chris Buechler	if (isvalidpid("{$g['varrun_path']}/syslog.pid")) {
1033	f1905a3e	Chris Buechler	sigkillbypid("{$g['varrun_path']}/syslog.pid", "TERM");
1034	209ba3aa	Chris Buechler	usleep(100000); // syslogd often doesn't respond to a TERM quickly enough for the starting of syslogd below to be successful
1035			}
1036	61e047a5	Phil Davis
1037	209ba3aa	Chris Buechler	if (isvalidpid("{$g['varrun_path']}/syslog.pid")) {
1038	61e047a5	Phil Davis	// if it still hasn't responded to the TERM, KILL it.
1039	209ba3aa	Chris Buechler	sigkillbypid("{$g['varrun_path']}/syslog.pid", "KILL");
1040	61e047a5	Phil Davis	usleep(100000);
1041	209ba3aa	Chris Buechler	}
1042
1043	61e047a5	Phil Davis
1044	f1905a3e	Chris Buechler	$retval = mwexec_bg("/usr/sbin/syslogd -s -c -c -l {$g['dhcpd_chroot_path']}/var/run/log -P {$g['varrun_path']}/syslog.pid {$syslogd_extra}");
1045	66201c96	Ermal
1046	61e047a5	Phil Davis	if (platform_booting()) {
1047	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1048	61e047a5	Phil Davis	}
1049	0f282d7a	Scott Ullrich
1050	5b237745	Scott Ullrich	return $retval;
1051			}
1052
1053	7c4c77ee	jim-p	function system_webgui_create_certificate() {
1054			global $config, $g;
1055
1056	61e047a5	Phil Davis	if (!is_array($config['ca'])) {
1057	7c4c77ee	jim-p	$config['ca'] = array();
1058	61e047a5	Phil Davis	}
1059	7c4c77ee	jim-p	$a_ca =& $config['ca'];
1060	61e047a5	Phil Davis	if (!is_array($config['cert'])) {
1061	7c4c77ee	jim-p	$config['cert'] = array();
1062	61e047a5	Phil Davis	}
1063	7c4c77ee	jim-p	$a_cert =& $config['cert'];
1064			log_error("Creating SSL Certificate for this host");
1065
1066			$cert = array();
1067			$cert['refid'] = uniqid();
1068	2cf2c62b	jim-p	$cert['descr'] = gettext("webConfigurator default ({$cert['refid']})");
1069	7c4c77ee	jim-p
1070			$dn = array(
1071			'countryName' => "US",
1072			'stateOrProvinceName' => "State",
1073			'localityName' => "Locality",
1074			'organizationName' => "{$g['product_name']} webConfigurator Self-Signed Certificate",
1075			'emailAddress' => "admin@{$config['system']['hostname']}.{$config['system']['domain']}",
1076	2cf2c62b	jim-p	'commonName' => "{$config['system']['hostname']}-{$cert['refid']}");
1077	f416763b	Phil Davis	$old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warnings directly to a page screwing menu tab */
1078	61e047a5	Phil Davis	if (!cert_create($cert, null, 2048, 2000, $dn, "self-signed", "sha256")) {
1079			while ($ssl_err = openssl_error_string()) {
1080	7c4c77ee	jim-p	log_error("Error creating WebGUI Certificate: openssl library returns: " . $ssl_err);
1081			}
1082			error_reporting($old_err_level);
1083			return null;
1084			}
1085			error_reporting($old_err_level);
1086
1087			$a_cert[] = $cert;
1088			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
1089	2cf2c62b	jim-p	write_config(gettext("Generated new self-signed HTTPS certificate ({$cert['refid']})"));
1090	7c4c77ee	jim-p	return $cert;
1091			}
1092
1093	5b237745	Scott Ullrich	function system_webgui_start() {
1094	f19d3b7a	Scott Ullrich	global $config, $g;
1095	877ac35d	Scott Ullrich
1096	61e047a5	Phil Davis	if (platform_booting()) {
1097	4a896b86	Carlos Eduardo Ramos	echo gettext("Starting webConfigurator...");
1098	61e047a5	Phil Davis	}
1099	877ac35d	Scott Ullrich
1100			chdir($g['www_path']);
1101
1102	fb1266d3	Matthew Grooms	/* defaults */
1103			$portarg = "80";
1104			$crt = "";
1105			$key = "";
1106	2cf6ddcb	Nigel Graham	$ca = "";
1107	fb1266d3	Matthew Grooms
1108	877ac35d	Scott Ullrich	/* non-standard port? */
1109	61e047a5	Phil Davis	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "") {
1110	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
1111	61e047a5	Phil Davis	}
1112	877ac35d	Scott Ullrich
1113			if ($config['system']['webgui']['protocol'] == "https") {
1114	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
1115	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
1116	61e047a5	Phil Davis	if (!is_array($cert) \|\| !$cert['crt'] \|\| !$cert['prv']) {
1117	7c4c77ee	jim-p	$cert = system_webgui_create_certificate();
1118	61e047a5	Phil Davis	}
1119	0a8dd27b	Renato Botelho	$crt = base64_decode($cert['crt']);
1120			$key = base64_decode($cert['prv']);
1121	7c4c77ee	jim-p
1122	61e047a5	Phil Davis	if (!$config['system']['webgui']['port']) {
1123	7c4c77ee	jim-p	$portarg = "443";
1124	61e047a5	Phil Davis	}
1125	6c07db48	Phil Davis	$ca = ca_chain($cert);
1126	877ac35d	Scott Ullrich	}
1127
1128	1e8599e5	Chris Buechler	/* generate nginx configuration */
1129			system_generate_nginx_config("{$g['varetc_path']}/nginx-webConfigurator.conf",
1130	257fdefe	Chris Buechler	$crt, $key, $ca, "nginx-webConfigurator.pid", $portarg, "/usr/local/www/",
1131	1e8599e5	Chris Buechler	"cert.crt", "cert.key");
1132	877ac35d	Scott Ullrich
1133	1e8599e5	Chris Buechler	/* kill any running nginx */
1134			killbypid("{$g['varrun_path']}/nginx-webConfigurator.pid");
1135	a11bc497	Ermal
1136			sleep(1);
1137
1138	1e8599e5	Chris Buechler	@unlink("{$g['varrun_path']}/nginx-webConfigurator.pid");
1139	a11bc497	Ermal
1140	1e8599e5	Chris Buechler	/* start nginx */
1141			$res = mwexec("/usr/local/sbin/nginx -c {$g['varetc_path']}/nginx-webConfigurator.conf");
1142	877ac35d	Scott Ullrich
1143	285ef132	Ermal LUÇI	if (platform_booting()) {
1144	61e047a5	Phil Davis	if ($res == 0) {
1145	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1146	61e047a5	Phil Davis	} else {
1147	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
1148	61e047a5	Phil Davis	}
1149	877ac35d	Scott Ullrich	}
1150
1151			return $res;
1152			}
1153
1154	1e8599e5	Chris Buechler	function system_generate_nginx_config($filename,
1155	eb0f441c	Scott Ullrich	$cert,
1156			$key,
1157	257fdefe	Chris Buechler	$ca,
1158	eb0f441c	Scott Ullrich	$pid_file,
1159			$port = 80,
1160			$document_root = "/usr/local/www/",
1161	1e8599e5	Chris Buechler	$cert_location = "cert.crt",
1162			$key_location = "cert.key",
1163	eb0f441c	Scott Ullrich	$captive_portal = false) {
1164	58c7450e	Scott Ullrich
1165	f19d3b7a	Scott Ullrich	global $config, $g;
1166
1167	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1168	58c7450e	Scott Ullrich	$mt = microtime();
1169	1e8599e5	Chris Buechler	echo "system_generate_nginx_config() being called $mt\n";
1170	58c7450e	Scott Ullrich	}
1171
1172	6c07db48	Phil Davis	if ($captive_portal !== false) {
1173	b4792bf8	Ermal	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?zone={$captive_portal}&redirurl=$1\" )\n";
1174	48190921	Chris Buechler
1175	6844896c	bcyrill	$maxprocperip = $config['captiveportal'][$captive_portal]['maxprocperip'];
1176	61e047a5	Phil Davis	if (empty($maxprocperip)) {
1177	f7bddb24	Ermal	$maxprocperip = 10;
1178	61e047a5	Phil Davis	}
1179	e90d9933	Chris Buechler	$captive_portal_maxprocperip = "limit_conn_zone \$binary_remote_addr zone=addr:10m;\n";
1180			$captive_portal_maxprocperip .= "limit_conn addr $maxprocperip\n";
1181	74a4edc3	Ermal
1182	e90d9933	Chris Buechler	}
1183	61e047a5	Phil Davis
1184			if (empty($port)) {
1185	1e8599e5	Chris Buechler	$nginx_port = "80";
1186	61e047a5	Phil Davis	} else {
1187	1e8599e5	Chris Buechler	$nginx_port = $port;
1188	61e047a5	Phil Davis	}
1189	3d77d4c4	Scott Ullrich
1190			$memory = get_memory();
1191	6b0739ac	Phil Davis	$realmem = $memory[1];
1192	3d77d4c4	Scott Ullrich
1193	98f20e35	Irving Popovetsky	// Determine web GUI process settings and take into account low memory systems
1194	61e047a5	Phil Davis	if ($realmem < 255) {
1195	a96f2d3d	Ermal	$max_procs = 1;
1196	61e047a5	Phil Davis	} else {
1197	98f20e35	Irving Popovetsky	$max_procs = ($config['system']['webgui']['max_procs']) ? $config['system']['webgui']['max_procs'] : 2;
1198	61e047a5	Phil Davis	}
1199	f4ebc84a	Scott Ullrich
1200	61e047a5	Phil Davis	// Ramp up captive portal max procs, assuming each PHP process can consume up to 64MB RAM
1201	6c07db48	Phil Davis	if ($captive_portal !== false) {
1202	6b0739ac	Phil Davis	if ($realmem > 135 and $realmem < 256) {
1203	98f20e35	Irving Popovetsky	$max_procs += 1; // 2 worker processes
1204	6b0739ac	Phil Davis	} else if ($realmem > 255 and $realmem < 513) {
1205	a96f2d3d	Ermal	$max_procs += 2; // 3 worker processes
1206	6b0739ac	Phil Davis	} else if ($realmem > 512) {
1207	98f20e35	Irving Popovetsky	$max_procs += 4; // 6 worker processes
1208	70cc6249	Scott Ullrich	}
1209	48190921	Chris Buechler	}
1210	980df75c	Scott Ullrich
1211	1e8599e5	Chris Buechler	$nginx_config = <<<EOD
1212	28cae949	Scott Ullrich	#
1213	1e8599e5	Chris Buechler	# nginx configuration file
1214	a632cf43	Scott Ullrich
1215	1e8599e5	Chris Buechler	pid {$g['varrun_path']}/{$pid_file};
1216	096261af	Scott Ullrich
1217	1e8599e5	Chris Buechler	user root wheel;
1218			worker_processes {$max_procs};
1219	28cae949	Scott Ullrich
1220	f77f43ff	Chris Buechler	EOD;
1221
1222			if (!isset($config['syslog']['nolognginx'])) {
1223			$nginx_config .= "error_log syslog:server=unix:/var/run/log,facility=local5;\n";
1224			}
1225
1226			$nginx_config .= <<<EOD
1227	1e8599e5	Chris Buechler
1228			events {
1229			worker_connections 1024;
1230			}
1231	a632cf43	Scott Ullrich
1232	1e8599e5	Chris Buechler	http {
1233			include /usr/local/etc/nginx/mime.types;
1234			default_type application/octet-stream;
1235			add_header X-Frame-Options SAMEORIGIN;
1236			server_tokens off;
1237	a632cf43	Scott Ullrich
1238	1e8599e5	Chris Buechler	sendfile on;
1239			keepalive_timeout 65;
1240	a632cf43	Scott Ullrich
1241	be6da8a4	Chris Buechler	access_log syslog:server=unix:/var/run/log,facility=local5 combined;
1242	2400f545	Jose Luis Duran
1243	1e8599e5	Chris Buechler	server {
1244			listen {$nginx_port};
1245			listen [::]:{$nginx_port};
1246	9cb94dd4	Ermal
1247			EOD;
1248
1249	61e047a5	Phil Davis	if ($cert <> "" and $key <> "") {
1250	1e8599e5	Chris Buechler	$nginx_config .= "\t\tssl on;\n";
1251			$nginx_config .= "\t\tssl_certificate {$g['varetc_path']}/{$cert_location};\n";
1252			$nginx_config .= "\t\tssl_certificate_key {$g['varetc_path']}/{$key_location};\n";
1253			$nginx_config .= "\t\tssl_session_timeout 10m;\n";
1254			$nginx_config .= "\t\tkeepalive_timeout 70;\n";
1255			$nginx_config .= "\t\tssl_session_cache shared:SSL:100m;\n";
1256			$nginx_config .= "\t\tssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n";
1257			$nginx_config .= "\t\tssl_ciphers \"EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH\";\n";
1258			$nginx_config .= "\t\tssl_prefer_server_ciphers on;\n";
1259			$nginx_config .= "\t\tadd_header Strict-Transport-Security \"max-age=31536000; preload\";\n";
1260			$nginx_config .= "\t\tadd_header X-Content-Type-Options nosniff;\n";
1261			$nginx_config .= "\t\tssl_session_tickets off;\n";
1262			$nginx_config .= "\t\tssl_stapling on;\n";
1263			$nginx_config .= "\t\tssl_stapling_verify on;\n";
1264			$nginx_config .= "\n";
1265			}
1266
1267			$nginx_config .= <<<EOD
1268			root "{$document_root}";
1269			location / {
1270			index index.html index.htm index.php;
1271			}
1272
1273			location ~ \.php$ {
1274			try_files \$uri =404; # This line closes a potential security hole
1275			# ensuring users can't execute uploaded files
1276			# see: http://forum.nginx.org/read.php?2,88845,page=3
1277			fastcgi_pass unix:{$g['varrun_path']}/php-fpm.socket;
1278			fastcgi_index index.php;
1279			fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
1280			include /usr/local/etc/nginx/fastcgi_params;
1281	61e047a5	Phil Davis	}
1282	543ecd59	Seth Mos	}
1283	569f47e9	Scott Ullrich
1284	a632cf43	Scott Ullrich	EOD;
1285
1286	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1287	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1288	7aae518a	Scott Ullrich
1289			$cert = str_replace("\n\n", "\n", $cert);
1290	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1291	7aae518a	Scott Ullrich
1292	61e047a5	Phil Davis	if ($cert <> "" and $key <> "") {
1293	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1294	5b237745	Scott Ullrich	if (!$fd) {
1295	1e8599e5	Chris Buechler	printf(gettext("Error: cannot open certificate file in system_webgui_start().%s"), "\n");
1296	5b237745	Scott Ullrich	return 1;
1297			}
1298	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1299	5b237745	Scott Ullrich	fwrite($fd, $cert);
1300			fclose($fd);
1301	1e8599e5	Chris Buechler	$fd = fopen("{$g['varetc_path']}/{$key_location}", "w");
1302			if (!$fd) {
1303			printf(gettext("Error: cannot open certificate key file in system_webgui_start().%s"), "\n");
1304			return 1;
1305	61e047a5	Phil Davis	}
1306	1e8599e5	Chris Buechler	chmod("{$g['varetc_path']}/{$key_location}", 0600);
1307			fwrite($fd, $key);
1308			fclose($fd);
1309	5b237745	Scott Ullrich	}
1310	a978a0ff	Chris Buechler
1311	61e047a5	Phil Davis	// Add HTTP to HTTPS redirect
1312	6839a678	Ermal	if ($captive_portal === false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1313	1e8599e5	Chris Buechler	if ($nginx_port != "443") {
1314			$redirectport = ":{$nginx_port}";
1315	61e047a5	Phil Davis	}
1316	1e8599e5	Chris Buechler	$nginx_config .= <<<EOD
1317			server {
1318			listen 80;
1319			listen [::]:80;
1320			rewrite ^ https://\$http_host$redirectport\$request_uri? permanent;
1321	64a2da80	Chris Buechler	}
1322	1e8599e5	Chris Buechler
1323	d7e230ae	Chris Buechler	EOD;
1324			}
1325	1e8599e5	Chris Buechler
1326			$nginx_config .= "}\n";
1327	0f282d7a	Scott Ullrich
1328	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1329	a632cf43	Scott Ullrich	if (!$fd) {
1330	1e8599e5	Chris Buechler	printf(gettext("Error: cannot open %s in system_generate_nginx_config().%s"), $filename, "\n");
1331	a632cf43	Scott Ullrich	return 1;
1332	5b237745	Scott Ullrich	}
1333	1e8599e5	Chris Buechler	fwrite($fd, $nginx_config);
1334	a632cf43	Scott Ullrich	fclose($fd);
1335
1336			return 0;
1337	0f282d7a	Scott Ullrich
1338	5b237745	Scott Ullrich	}
1339
1340	60ff91f1	Renato Botelho	function system_get_timezone_list() {
1341			global $g;
1342
1343	fc3bec29	Renato Botelho	$file_list = array_merge(
1344			glob("/usr/share/zoneinfo/[A-Z]*"),
1345	97433447	jim-p	glob("/usr/share/zoneinfo//"),
1346			glob("/usr/share/zoneinfo///*")
1347	fc3bec29	Renato Botelho	);
1348	60ff91f1	Renato Botelho
1349			if (empty($file_list)) {
1350			$file_list[] = $g['default_timezone'];
1351	fc3bec29	Renato Botelho	} else {
1352			/* Remove directories from list */
1353			$file_list = array_filter($file_list, function($v) {
1354			return !is_dir($v);
1355			});
1356	60ff91f1	Renato Botelho	}
1357
1358	fc3bec29	Renato Botelho	/* Remove directory prefix */
1359			$file_list = str_replace('/usr/share/zoneinfo/', '', $file_list);
1360
1361			sort($file_list);
1362
1363			return $file_list;
1364	60ff91f1	Renato Botelho	}
1365
1366	5b237745	Scott Ullrich	function system_timezone_configure() {
1367	f19d3b7a	Scott Ullrich	global $config, $g;
1368	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1369	58c7450e	Scott Ullrich	$mt = microtime();
1370	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1371	333f8ef0	Scott Ullrich	}
1372	5b237745	Scott Ullrich
1373			$syscfg = $config['system'];
1374
1375	61e047a5	Phil Davis	if (platform_booting()) {
1376	4a896b86	Carlos Eduardo Ramos	echo gettext("Setting timezone...");
1377	61e047a5	Phil Davis	}
1378	5b237745	Scott Ullrich
1379			/* extract appropriate timezone file */
1380	60ff91f1	Renato Botelho	$timezone = (isset($syscfg['timezone']) ? $syscfg['timezone'] : $g['default_timezone']);
1381	34febcde	Scott Ullrich	conf_mount_rw();
1382	c9ab2622	Chris Buechler	/* DO NOT remove \n otherwise tzsetup will fail */
1383	60ff91f1	Renato Botelho	@file_put_contents("/var/db/zoneinfo", $timezone . "\n");
1384			mwexec("/usr/sbin/tzsetup -r");
1385	27150275	Scott Ullrich	conf_mount_ro();
1386	34febcde	Scott Ullrich
1387	61e047a5	Phil Davis	if (platform_booting()) {
1388	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1389	61e047a5	Phil Davis	}
1390	5b237745	Scott Ullrich	}
1391
1392	5c8843d5	jim-p	function system_ntp_setup_gps($serialport) {
1393	142f7393	nagyrobi	global $config, $g;
1394	5c8843d5	jim-p	$gps_device = '/dev/gps0';
1395			$serialport = '/dev/'.$serialport;
1396
1397	61e047a5	Phil Davis	if (!file_exists($serialport)) {
1398	5c8843d5	jim-p	return false;
1399	61e047a5	Phil Davis	}
1400	5c8843d5	jim-p
1401			conf_mount_rw();
1402			// Create symlink that ntpd requires
1403			unlink_if_exists($gps_device);
1404	11caacf6	Ermal LUÇI	@symlink($serialport, $gps_device);
1405	5c8843d5	jim-p
1406	1e329241	Robert Noland	$gpsbaud = '4800';
1407			if (is_array($config['ntpd']) && is_array($config['ntpd']['gps']) && !empty($config['ntpd']['gps']['speed'])) {
1408			switch ($config['ntpd']['gps']['speed']) {
1409			case '16':
1410			$gpsbaud = '9600';
1411			break;
1412			case '32':
1413			$gpsbaud = '19200';
1414			break;
1415			case '48':
1416			$gpsbaud = '38400';
1417			break;
1418			case '64':
1419			$gpsbaud = '57600';
1420			break;
1421			case '80':
1422			$gpsbaud = '115200';
1423			break;
1424			}
1425			}
1426
1427			/* Configure the serial port for raw IO and set the speed */
1428	417008f7	Renato Botelho	mwexec("stty -f {$serialport}.init raw speed {$gpsbaud}");
1429	1e329241	Robert Noland
1430	5c8843d5	jim-p	/* Send the following to the GPS port to initialize the GPS */
1431	ec7bc948	Ermal	if (is_array($config['ntpd']) && is_array($config['ntpd']['gps']) && !empty($config['ntpd']['gps']['type'])) {
1432	142f7393	nagyrobi	$gps_init = base64_decode($config['ntpd']['gps']['initcmd']);
1433	61e047a5	Phil Davis	} else {
1434	142f7393	nagyrobi	$gps_init = base64_decode('JFBVQlgsNDAsR1NWLDAsMCwwLDAqNTkNCiRQVUJYLDQwLEdMTCwwLDAsMCwwKjVDDQokUFVCWCw0MCxaREEsMCwwLDAsMCo0NA0KJFBVQlgsNDAsVlRHLDAsMCwwLDAqNUUNCiRQVUJYLDQwLEdTViwwLDAsMCwwKjU5DQokUFVCWCw0MCxHU0EsMCwwLDAsMCo0RQ0KJFBVQlgsNDAsR0dBLDAsMCwwLDANCiRQVUJYLDQwLFRYVCwwLDAsMCwwDQokUFVCWCw0MCxSTUMsMCwwLDAsMCo0Ng0KJFBVQlgsNDEsMSwwMDA3LDAwMDMsNDgwMCwwDQokUFVCWCw0MCxaREEsMSwxLDEsMQ==');
1435			}
1436	ec7bc948	Ermal
1437			/* XXX: Why not file_put_contents to the device */
1438			@file_put_contents('/tmp/gps.init', $gps_init);
1439	417008f7	Renato Botelho	mwexec("cat /tmp/gps.init > {$serialport}");
1440	5c8843d5	jim-p
1441			/* Add /etc/remote entry in case we need to read from the GPS with tip */
1442	ec7bc948	Ermal	if (intval(`grep -c '^gps0' /etc/remote`) == 0) {
1443			@file_put_contents("/etc/remote", "gps0:dv={$serialport}:br#{$gpsbaud}:pa=none:", FILE_APPEND);
1444			}
1445	5c8843d5	jim-p
1446			conf_mount_ro();
1447
1448			return true;
1449			}
1450
1451	142f7393	nagyrobi	function system_ntp_setup_pps($serialport) {
1452			global $config, $g;
1453	ec7bc948	Ermal
1454	142f7393	nagyrobi	$pps_device = '/dev/pps0';
1455			$serialport = '/dev/'.$serialport;
1456
1457	61e047a5	Phil Davis	if (!file_exists($serialport)) {
1458	142f7393	nagyrobi	return false;
1459	61e047a5	Phil Davis	}
1460	142f7393	nagyrobi
1461			conf_mount_rw();
1462			// Create symlink that ntpd requires
1463			unlink_if_exists($pps_device);
1464	ec7bc948	Ermal	@symlink($serialport, $pps_device);
1465	142f7393	nagyrobi
1466			conf_mount_ro();
1467
1468			return true;
1469			}
1470
1471
1472	0b8e9d38	jim-p	function system_ntp_configure($start_ntpd=true) {
1473	f19d3b7a	Scott Ullrich	global $config, $g;
1474	ec7bc948	Ermal
1475	42135f07	jim-p	$driftfile = "/var/db/ntpd.drift";
1476	5c8843d5	jim-p	$statsdir = "/var/log/ntp";
1477			$gps_device = '/dev/gps0';
1478	5b237745	Scott Ullrich
1479	5c8843d5	jim-p	safe_mkdir($statsdir);
1480
1481	61e047a5	Phil Davis	if (!is_array($config['ntpd'])) {
1482	ec7bc948	Ermal	$config['ntpd'] = array();
1483	61e047a5	Phil Davis	}
1484	ec7bc948	Ermal
1485	b2305621	Ermal	$ntpcfg = "# \n";
1486	42135f07	jim-p	$ntpcfg .= "# pfSense ntp configuration file \n";
1487	b2305621	Ermal	$ntpcfg .= "# \n\n";
1488	362c9bb0	jim-p	$ntpcfg .= "tinker panic 0 \n";
1489	0f282d7a	Scott Ullrich
1490	142f7393	nagyrobi	/* Add Orphan mode */
1491			$ntpcfg .= "# Orphan mode stratum\n";
1492			$ntpcfg .= 'tos orphan ';
1493			if (!empty($config['ntpd']['orphan'])) {
1494			$ntpcfg .= $config['ntpd']['orphan'];
1495	61e047a5	Phil Davis	} else {
1496	142f7393	nagyrobi	$ntpcfg .= '12';
1497			}
1498			$ntpcfg .= "\n";
1499
1500			/* Add PPS configuration */
1501	61e047a5	Phil Davis	if (is_array($config['ntpd']['pps']) && !empty($config['ntpd']['pps']['port']) &&
1502			file_exists('/dev/'.$config['ntpd']['pps']['port']) &&
1503			system_ntp_setup_pps($config['ntpd']['pps']['port'])) {
1504	142f7393	nagyrobi	$ntpcfg .= "\n";
1505			$ntpcfg .= "# PPS Setup\n";
1506			$ntpcfg .= 'server 127.127.22.0';
1507			$ntpcfg .= ' minpoll 4 maxpoll 4';
1508			if (empty($config['ntpd']['pps']['prefer'])) { /note: this one works backwards /
1509	61e047a5	Phil Davis	$ntpcfg .= ' prefer';
1510	142f7393	nagyrobi	}
1511			if (!empty($config['ntpd']['pps']['noselect'])) {
1512			$ntpcfg .= ' noselect ';
1513			}
1514			$ntpcfg .= "\n";
1515			$ntpcfg .= 'fudge 127.127.22.0';
1516			if (!empty($config['ntpd']['pps']['fudge1'])) {
1517			$ntpcfg .= ' time1 ';
1518			$ntpcfg .= $config['ntpd']['pps']['fudge1'];
1519			}
1520			if (!empty($config['ntpd']['pps']['flag2'])) {
1521			$ntpcfg .= ' flag2 1';
1522			}
1523			if (!empty($config['ntpd']['pps']['flag3'])) {
1524			$ntpcfg .= ' flag3 1';
1525	61e047a5	Phil Davis	} else {
1526	142f7393	nagyrobi	$ntpcfg .= ' flag3 0';
1527			}
1528			if (!empty($config['ntpd']['pps']['flag4'])) {
1529			$ntpcfg .= ' flag4 1';
1530			}
1531			if (!empty($config['ntpd']['pps']['refid'])) {
1532			$ntpcfg .= ' refid ';
1533			$ntpcfg .= $config['ntpd']['pps']['refid'];
1534			}
1535			$ntpcfg .= "\n";
1536			}
1537			/* End PPS configuration */
1538
1539			/* Add GPS configuration */
1540	61e047a5	Phil Davis	if (is_array($config['ntpd']['gps']) && !empty($config['ntpd']['gps']['port']) &&
1541			file_exists('/dev/'.$config['ntpd']['gps']['port']) &&
1542			system_ntp_setup_gps($config['ntpd']['gps']['port'])) {
1543	142f7393	nagyrobi	$ntpcfg .= "\n";
1544			$ntpcfg .= "# GPS Setup\n";
1545			$ntpcfg .= 'server 127.127.20.0 mode ';
1546			if (!empty($config['ntpd']['gps']['nmea']) \|\| !empty($config['ntpd']['gps']['speed']) \|\| !empty($config['ntpd']['gps']['subsec'])) {
1547			if (!empty($config['ntpd']['gps']['nmea'])) {
1548			$ntpmode = (int) $config['ntpd']['gps']['nmea'];
1549			}
1550			if (!empty($config['ntpd']['gps']['speed'])) {
1551			$ntpmode += (int) $config['ntpd']['gps']['speed'];
1552			}
1553			if (!empty($config['ntpd']['gps']['subsec'])) {
1554			$ntpmode += 128;
1555			}
1556			$ntpcfg .= (string) $ntpmode;
1557	61e047a5	Phil Davis	} else {
1558	142f7393	nagyrobi	$ntpcfg .= '0';
1559			}
1560			$ntpcfg .= ' minpoll 4 maxpoll 4';
1561			if (empty($config['ntpd']['gps']['prefer'])) { /note: this one works backwards /
1562	61e047a5	Phil Davis	$ntpcfg .= ' prefer';
1563	142f7393	nagyrobi	}
1564			if (!empty($config['ntpd']['gps']['noselect'])) {
1565			$ntpcfg .= ' noselect ';
1566			}
1567			$ntpcfg .= "\n";
1568			$ntpcfg .= 'fudge 127.127.20.0';
1569			if (!empty($config['ntpd']['gps']['fudge1'])) {
1570			$ntpcfg .= ' time1 ';
1571			$ntpcfg .= $config['ntpd']['gps']['fudge1'];
1572			}
1573			if (!empty($config['ntpd']['gps']['fudge2'])) {
1574			$ntpcfg .= ' time2 ';
1575			$ntpcfg .= $config['ntpd']['gps']['fudge2'];
1576			}
1577			if (!empty($config['ntpd']['gps']['flag1'])) {
1578			$ntpcfg .= ' flag1 1';
1579	61e047a5	Phil Davis	} else {
1580	142f7393	nagyrobi	$ntpcfg .= ' flag1 0';
1581			}
1582			if (!empty($config['ntpd']['gps']['flag2'])) {
1583			$ntpcfg .= ' flag2 1';
1584			}
1585			if (!empty($config['ntpd']['gps']['flag3'])) {
1586			$ntpcfg .= ' flag3 1';
1587	61e047a5	Phil Davis	} else {
1588	142f7393	nagyrobi	$ntpcfg .= ' flag3 0';
1589			}
1590			if (!empty($config['ntpd']['gps']['flag4'])) {
1591			$ntpcfg .= ' flag4 1';
1592			}
1593			if (!empty($config['ntpd']['gps']['refid'])) {
1594			$ntpcfg .= ' refid ';
1595			$ntpcfg .= $config['ntpd']['gps']['refid'];
1596			}
1597	66937f5c	Jean Cyr	if (!empty($config['ntpd']['gps']['stratum'])) {
1598			$ntpcfg .= ' stratum ';
1599			$ntpcfg .= $config['ntpd']['gps']['stratum'];
1600			}
1601	142f7393	nagyrobi	$ntpcfg .= "\n";
1602	61e047a5	Phil Davis	} elseif (is_array($config['ntpd']) && !empty($config['ntpd']['gpsport']) &&
1603			file_exists('/dev/'.$config['ntpd']['gpsport']) &&
1604			system_ntp_setup_gps($config['ntpd']['gpsport'])) {
1605	142f7393	nagyrobi	/* This handles a 2.1 and earlier config */
1606	5c8843d5	jim-p	$ntpcfg .= "# GPS Setup\n";
1607			$ntpcfg .= "server 127.127.20.0 mode 0 minpoll 4 maxpoll 4 prefer\n";
1608			$ntpcfg .= "fudge 127.127.20.0 time1 0.155 time2 0.000 flag1 1 flag2 0 flag3 1\n";
1609			// Fall back to local clock if GPS is out of sync?
1610			$ntpcfg .= "server 127.127.1.0\n";
1611			$ntpcfg .= "fudge 127.127.1.0 stratum 12\n";
1612			}
1613	142f7393	nagyrobi	/* End GPS configuration */
1614	61e047a5	Phil Davis
1615	5c8843d5	jim-p	$ntpcfg .= "\n\n# Upstream Servers\n";
1616	142f7393	nagyrobi	/* foreach through ntp servers and write out to ntpd.conf */
1617			foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1618			$ntpcfg .= "server {$ts} iburst maxpoll 9";
1619	61e047a5	Phil Davis	if (substr_count($config['ntpd']['prefer'], $ts)) {
1620			$ntpcfg .= ' prefer';
1621			}
1622			if (substr_count($config['ntpd']['noselect'], $ts)) {
1623			$ntpcfg .= ' noselect';
1624			}
1625	142f7393	nagyrobi	$ntpcfg .= "\n";
1626			}
1627			unset($ts);
1628
1629			$ntpcfg .= "\n\n";
1630	e1a456e6	Chris Buechler	$ntpcfg .= "disable monitor\n"; //prevent NTP reflection attack, see https://forum.pfsense.org/index.php/topic,67189.msg389132.html#msg389132
1631	142f7393	nagyrobi	if (!empty($config['ntpd']['clockstats']) \|\| !empty($config['ntpd']['loopstats']) \|\| !empty($config['ntpd']['peerstats'])) {
1632			$ntpcfg .= "enable stats\n";
1633			$ntpcfg .= 'statistics';
1634			if (!empty($config['ntpd']['clockstats'])) {
1635			$ntpcfg .= ' clockstats';
1636			}
1637			if (!empty($config['ntpd']['loopstats'])) {
1638			$ntpcfg .= ' loopstats';
1639			}
1640			if (!empty($config['ntpd']['peerstats'])) {
1641			$ntpcfg .= ' peerstats';
1642			}
1643			$ntpcfg .= "\n";
1644			}
1645	5c8843d5	jim-p	$ntpcfg .= "statsdir {$statsdir}\n";
1646	142f7393	nagyrobi	$ntpcfg .= 'logconfig =syncall +clockall';
1647			if (!empty($config['ntpd']['logpeer'])) {
1648			$ntpcfg .= ' +peerall';
1649			}
1650			if (!empty($config['ntpd']['logsys'])) {
1651			$ntpcfg .= ' +sysall';
1652			}
1653			$ntpcfg .= "\n";
1654	42135f07	jim-p	$ntpcfg .= "driftfile {$driftfile}\n";
1655	142f7393	nagyrobi	/* Access restrictions */
1656			$ntpcfg .= 'restrict default';
1657			if (empty($config['ntpd']['kod'])) { /note: this one works backwards /
1658	61e047a5	Phil Davis	$ntpcfg .= ' kod limited';
1659	142f7393	nagyrobi	}
1660			if (empty($config['ntpd']['nomodify'])) { /note: this one works backwards /
1661	61e047a5	Phil Davis	$ntpcfg .= ' nomodify';
1662	142f7393	nagyrobi	}
1663			if (!empty($config['ntpd']['noquery'])) {
1664			$ntpcfg .= ' noquery';
1665			}
1666			if (empty($config['ntpd']['nopeer'])) { /note: this one works backwards /
1667	61e047a5	Phil Davis	$ntpcfg .= ' nopeer';
1668	142f7393	nagyrobi	}
1669			if (empty($config['ntpd']['notrap'])) { /note: this one works backwards /
1670	61e047a5	Phil Davis	$ntpcfg .= ' notrap';
1671	142f7393	nagyrobi	}
1672			if (!empty($config['ntpd']['noserve'])) {
1673			$ntpcfg .= ' noserve';
1674			}
1675			$ntpcfg .= "\nrestrict -6 default";
1676			if (empty($config['ntpd']['kod'])) { /note: this one works backwards /
1677	61e047a5	Phil Davis	$ntpcfg .= ' kod limited';
1678	142f7393	nagyrobi	}
1679			if (empty($config['ntpd']['nomodify'])) { /note: this one works backwards /
1680	61e047a5	Phil Davis	$ntpcfg .= ' nomodify';
1681	142f7393	nagyrobi	}
1682			if (!empty($config['ntpd']['noquery'])) {
1683			$ntpcfg .= ' noquery';
1684			}
1685			if (empty($config['ntpd']['nopeer'])) { /note: this one works backwards /
1686	61e047a5	Phil Davis	$ntpcfg .= ' nopeer';
1687	142f7393	nagyrobi	}
1688			if (!empty($config['ntpd']['noserve'])) {
1689			$ntpcfg .= ' noserve';
1690			}
1691			if (empty($config['ntpd']['notrap'])) { /note: this one works backwards /
1692	61e047a5	Phil Davis	$ntpcfg .= ' notrap';
1693	142f7393	nagyrobi	}
1694			$ntpcfg .= "\n";
1695
1696			/* A leapseconds file is really only useful if this clock is stratum 1 */
1697			$ntpcfg .= "\n";
1698			if (!empty($config['ntpd']['leapsec'])) {
1699			$leapsec .= base64_decode($config['ntpd']['leapsec']);
1700			file_put_contents('/var/db/leap-seconds', $leapsec);
1701			$ntpcfg .= "leapfile /var/db/leap-seconds\n";
1702			}
1703	61e047a5	Phil Davis
1704	95594e5a	Scott Ullrich
1705	51e76899	Ermal LUÇI	if (empty($config['ntpd']['interface'])) {
1706	61e047a5	Phil Davis	if (is_array($config['installedpackages']['openntpd']) && !empty($config['installedpackages']['openntpd']['config'][0]['interface'])) {
1707	cf180ccc	jim-p	$interfaces = explode(",", $config['installedpackages']['openntpd']['config'][0]['interface']);
1708	61e047a5	Phil Davis	} else {
1709	cf180ccc	jim-p	$interfaces = array();
1710	61e047a5	Phil Davis	}
1711			} else {
1712	cf180ccc	jim-p	$interfaces = explode(",", $config['ntpd']['interface']);
1713	61e047a5	Phil Davis	}
1714	cf180ccc	jim-p
1715			if (is_array($interfaces) && count($interfaces)) {
1716			$ntpcfg .= "interface ignore all\n";
1717			foreach ($interfaces as $interface) {
1718	c4b3bd50	Chris Buechler	if (strstr($interface, "_vip")) {
1719			$interface = get_configured_carp_interface_list($interface);
1720			}
1721	cf180ccc	jim-p	if (!is_ipaddr($interface)) {
1722			$interface = get_real_interface($interface);
1723			}
1724	61e047a5	Phil Davis	if (!empty($interface)) {
1725	8b650e57	jim-p	$ntpcfg .= "interface listen {$interface}\n";
1726	61e047a5	Phil Davis	}
1727	cf180ccc	jim-p	}
1728			}
1729
1730	f416763b	Phil Davis	/* open configuration for writing or bail */
1731	b9f29f84	Ermal	if (!@file_put_contents("{$g['varetc_path']}/ntpd.conf", $ntpcfg)) {
1732	b2305621	Ermal	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1733			return;
1734			}
1735	20b90e0a	Scott Ullrich
1736	0b8e9d38	jim-p	/* At bootup we just want to write out the config. */
1737	61e047a5	Phil Davis	if (!$start_ntpd) {
1738	0b8e9d38	jim-p	return;
1739	61e047a5	Phil Davis	}
1740	0b8e9d38	jim-p
1741	42135f07	jim-p	/* if ntpd is running, kill it */
1742	df40755d	Ermal	while (isvalidpid("{$g['varrun_path']}/ntpd.pid")) {
1743	b9f29f84	Ermal	killbypid("{$g['varrun_path']}/ntpd.pid");
1744	5f3e1f12	Scott Ullrich	}
1745	b9f29f84	Ermal	@unlink("{$g['varrun_path']}/ntpd.pid");
1746	5f3e1f12	Scott Ullrich
1747			/* if /var/empty does not exist, create it */
1748	61e047a5	Phil Davis	if (!is_dir("/var/empty")) {
1749	0fd64e94	nagyrobi	mkdir("/var/empty", 0775, true);
1750	61e047a5	Phil Davis	}
1751	5f3e1f12	Scott Ullrich
1752	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1753	0fd64e94	nagyrobi	mwexec("/usr/local/sbin/ntpd -g -c {$g['varetc_path']}/ntpd.conf -p {$g['varrun_path']}/ntpd.pid", false, true);
1754	61e047a5	Phil Davis
1755	83eb4567	Scott Ullrich	// Note that we are starting up
1756	42135f07	jim-p	log_error("NTPD is starting up.");
1757	0b8e9d38	jim-p	return;
1758	5b237745	Scott Ullrich	}
1759
1760	652cf082	Seth Mos	function sync_system_time() {
1761			global $config, $g;
1762
1763	61e047a5	Phil Davis	if (platform_booting()) {
1764	4a896b86	Carlos Eduardo Ramos	echo gettext("Syncing system time before startup...");
1765	61e047a5	Phil Davis	}
1766	652cf082	Seth Mos
1767			/* foreach through servers and write out to ntpd.conf */
1768	b2305621	Ermal	foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1769	fdfa8f43	jim-p	mwexec("/usr/local/sbin/ntpdate -s $ts");
1770	652cf082	Seth Mos	}
1771	61e047a5	Phil Davis
1772			if (platform_booting()) {
1773	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1774	61e047a5	Phil Davis	}
1775
1776	652cf082	Seth Mos	}
1777
1778	405e5de0	Scott Ullrich	function system_halt() {
1779			global $g;
1780
1781			system_reboot_cleanup();
1782
1783	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1784	405e5de0	Scott Ullrich	}
1785
1786	5b237745	Scott Ullrich	function system_reboot() {
1787			global $g;
1788	0f282d7a	Scott Ullrich
1789	5b237745	Scott Ullrich	system_reboot_cleanup();
1790	0f282d7a	Scott Ullrich
1791	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1792			}
1793
1794			function system_reboot_sync() {
1795			global $g;
1796	0f282d7a	Scott Ullrich
1797	5b237745	Scott Ullrich	system_reboot_cleanup();
1798	0f282d7a	Scott Ullrich
1799	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1800			}
1801
1802			function system_reboot_cleanup() {
1803	62f20eab	Michael Newton	global $config, $cpzone;
1804
1805	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1806	04967d99	jim-p	require_once("captiveportal.inc");
1807	52034432	Renato Botelho	if (is_array($config['captiveportal'])) {
1808	34cb8645	Jean Cyr	foreach ($config['captiveportal'] as $cpzone=>$cp) {
1809			captiveportal_radius_stop_all();
1810			captiveportal_send_server_accounting(true);
1811			}
1812	62f20eab	Michael Newton	}
1813	336e3c1c	Charlie	require_once("voucher.inc");
1814			voucher_save_db_to_config();
1815	60dd7649	jim-p	require_once("pkg-utils.inc");
1816			stop_packages();
1817	5b237745	Scott Ullrich	}
1818
1819			function system_do_shell_commands($early = 0) {
1820	f19d3b7a	Scott Ullrich	global $config, $g;
1821	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1822	58c7450e	Scott Ullrich	$mt = microtime();
1823	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1824	58c7450e	Scott Ullrich	}
1825	0f282d7a	Scott Ullrich
1826	61e047a5	Phil Davis	if ($early) {
1827	5b237745	Scott Ullrich	$cmdn = "earlyshellcmd";
1828	61e047a5	Phil Davis	} else {
1829	5b237745	Scott Ullrich	$cmdn = "shellcmd";
1830	61e047a5	Phil Davis	}
1831	0f282d7a	Scott Ullrich
1832	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1833	333f8ef0	Scott Ullrich
1834	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1835	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1836			exec($cmd);
1837			}
1838	245388b4	Scott Ullrich
1839	61e047a5	Phil Davis	} elseif ($config['system'][$cmdn] <> "") {
1840	333f8ef0	Scott Ullrich
1841	245388b4	Scott Ullrich	/* execute single item */
1842			exec($config['system'][$cmdn]);
1843
1844	5b237745	Scott Ullrich	}
1845			}
1846
1847			function system_console_configure() {
1848	f19d3b7a	Scott Ullrich	global $config, $g;
1849	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1850	58c7450e	Scott Ullrich	$mt = microtime();
1851	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1852	333f8ef0	Scott Ullrich	}
1853	0f282d7a	Scott Ullrich
1854	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1855			touch("{$g['varetc_path']}/disableconsole");
1856			} else {
1857			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1858			}
1859			}
1860
1861			function system_dmesg_save() {
1862	f19d3b7a	Scott Ullrich	global $g;
1863	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1864	58c7450e	Scott Ullrich	$mt = microtime();
1865	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1866	f19d3b7a	Scott Ullrich	}
1867	0f282d7a	Scott Ullrich
1868	767a716e	Scott Ullrich	$dmesg = "";
1869	703b1ce1	Ermal	$_gb = exec("/sbin/dmesg", $dmesg);
1870	0f282d7a	Scott Ullrich
1871	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1872			$lastcpline = 0;
1873	0f282d7a	Scott Ullrich
1874	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1875	61e047a5	Phil Davis	if (strstr($dmesg[$i], "Copyright (c) 1992-")) {
1876	5b237745	Scott Ullrich	$lastcpline = $i;
1877	61e047a5	Phil Davis	}
1878	5b237745	Scott Ullrich	}
1879	0f282d7a	Scott Ullrich
1880	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1881			if (!$fd) {
1882	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open dmesg.boot in system_dmesg_save().%s"), "\n");
1883	5b237745	Scott Ullrich	return 1;
1884			}
1885	0f282d7a	Scott Ullrich
1886	61e047a5	Phil Davis	for ($i = $lastcpline; $i < count($dmesg); $i++) {
1887	5b237745	Scott Ullrich	fwrite($fd, $dmesg[$i] . "\n");
1888	61e047a5	Phil Davis	}
1889	0f282d7a	Scott Ullrich
1890	5b237745	Scott Ullrich	fclose($fd);
1891	703b1ce1	Ermal	unset($dmesg);
1892	0f282d7a	Scott Ullrich
1893	5b237745	Scott Ullrich	return 0;
1894			}
1895
1896			function system_set_harddisk_standby() {
1897	f19d3b7a	Scott Ullrich	global $g, $config;
1898	3e4f8fc4	doktornotor
1899	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1900	58c7450e	Scott Ullrich	$mt = microtime();
1901	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1902	58c7450e	Scott Ullrich	}
1903	5b237745	Scott Ullrich
1904			if (isset($config['system']['harddiskstandby'])) {
1905	285ef132	Ermal LUÇI	if (platform_booting()) {
1906	4a896b86	Carlos Eduardo Ramos	echo gettext('Setting hard disk standby... ');
1907	5b237745	Scott Ullrich	}
1908
1909			$standby = $config['system']['harddiskstandby'];
1910			// Check for a numeric value
1911			if (is_numeric($standby)) {
1912	0357ecfc	doktornotor	// Get only suitable candidates for standby; using get_smart_drive_list()
1913			// from utils.inc to get the list of drives.
1914			$harddisks = get_smart_drive_list();
1915
1916	3e4f8fc4	doktornotor	// Since get_smart_drive_list() only matches ad\|da\|ada; lets put the check below
1917			// just in case of some weird pfSense platform installs.
1918			if (count($harddisks) > 0) {
1919			// Iterate disks and run the camcontrol command for each
1920			foreach ($harddisks as $harddisk) {
1921			mwexec("/sbin/camcontrol standby {$harddisk} -t {$standby}");
1922			}
1923	285ef132	Ermal LUÇI	if (platform_booting()) {
1924	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1925	5b237745	Scott Ullrich	}
1926	285ef132	Ermal LUÇI	} else if (platform_booting()) {
1927	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
1928	5b237745	Scott Ullrich	}
1929	285ef132	Ermal LUÇI	} else if (platform_booting()) {
1930	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
1931	5b237745	Scott Ullrich	}
1932			}
1933			}
1934
1935	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1936	f19d3b7a	Scott Ullrich	global $config;
1937	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1938	58c7450e	Scott Ullrich	$mt = microtime();
1939	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1940	58c7450e	Scott Ullrich	}
1941	243aa7b9	Scott Ullrich
1942	61e047a5	Phil Davis	activate_sysctls();
1943	6df9d7e3	Scott Ullrich
1944	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1945			system_disable_arp_wrong_if();
1946			}
1947			}
1948
1949			function system_disable_arp_wrong_if() {
1950	f19d3b7a	Scott Ullrich	global $config;
1951	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1952	58c7450e	Scott Ullrich	$mt = microtime();
1953	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1954	333f8ef0	Scott Ullrich	}
1955	971de1f9	Renato Botelho	set_sysctl(array(
1956			"net.link.ether.inet.log_arp_wrong_iface" => "0",
1957			"net.link.ether.inet.log_arp_movements" => "0"
1958			));
1959	3ff9d424	Scott Ullrich	}
1960
1961	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1962	f19d3b7a	Scott Ullrich	global $config;
1963	61e047a5	Phil Davis	if (isset($config['system']['developerspew'])) {
1964	58c7450e	Scott Ullrich	$mt = microtime();
1965	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1966	58c7450e	Scott Ullrich	}
1967	971de1f9	Renato Botelho	set_sysctl(array(
1968			"net.link.ether.inet.log_arp_wrong_iface" => "1",
1969			"net.link.ether.inet.log_arp_movements" => "1"
1970			));
1971	243aa7b9	Scott Ullrich	}
1972
1973	a199b93e	Scott Ullrich	function enable_watchdog() {
1974			global $config;
1975	1a479479	Scott Ullrich	return;
1976	a199b93e	Scott Ullrich	$install_watchdog = false;
1977			$supported_watchdogs = array("Geode");
1978			$file = file_get_contents("/var/log/dmesg.boot");
1979	61e047a5	Phil Davis	foreach ($supported_watchdogs as $sd) {
1980			if (stristr($file, "Geode")) {
1981	a199b93e	Scott Ullrich	$install_watchdog = true;
1982			}
1983			}
1984	61e047a5	Phil Davis	if ($install_watchdog == true) {
1985			if (is_process_running("watchdogd")) {
1986	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1987	61e047a5	Phil Davis	}
1988	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1989	a199b93e	Scott Ullrich	}
1990			}
1991	15f14889	Scott Ullrich
1992			function system_check_reset_button() {
1993	fa83737d	Scott Ullrich	global $g;
1994	15f14889	Scott Ullrich
1995	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1996
1997	365fc95d	Renato Botelho	switch ($specplatform['name']) {
1998	61e047a5	Phil Davis	case 'alix':
1999			case 'wrap':
2000			case 'FW7541':
2001			case 'APU':
2002	80e47bb0	Chris Buechler	case 'RCC-VE':
2003	ba8c6e37	Renato Botelho	case 'RCC-DFF':
2004	61e047a5	Phil Davis	break;
2005			default:
2006			return 0;
2007	365fc95d	Renato Botelho	}
2008	15f14889	Scott Ullrich
2009			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
2010
2011			if ($retval == 99) {
2012	61e047a5	Phil Davis	/* user has pressed reset button for 2 seconds -
2013	15f14889	Scott Ullrich	reset to factory defaults */
2014			echo <<<EOD
2015
2016			***********************************************************************
2017			* Reset button pressed - resetting configuration to factory defaults. *
2018			* The system will reboot after this completes. *
2019			***********************************************************************
2020
2021
2022			EOD;
2023	61e047a5	Phil Davis
2024	15f14889	Scott Ullrich	reset_factory_defaults();
2025			system_reboot_sync();
2026			exit(0);
2027			}
2028
2029			return 0;
2030			}
2031
2032	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
2033			Returns an array with two elements:
2034			name => platform string (e.g. 'wrap', 'alix' etc.)
2035			descr => human-readable description (e.g. "PC Engines WRAP")
2036			*/
2037			function system_identify_specific_platform() {
2038			global $g;
2039	61e047a5	Phil Davis
2040			if ($g['platform'] == 'generic-pc') {
2041	4a896b86	Carlos Eduardo Ramos	return array('name' => 'generic-pc', 'descr' => gettext("Generic PC"));
2042	61e047a5	Phil Davis	}
2043
2044			if ($g['platform'] == 'generic-pc-cdrom') {
2045	4a896b86	Carlos Eduardo Ramos	return array('name' => 'generic-pc-cdrom', 'descr' => gettext("Generic PC (CD-ROM)"));
2046	61e047a5	Phil Davis	}
2047
2048	5a8519bb	Chris Buechler	/* Try to guess from smbios strings */
2049			unset($output);
2050	7e36f71c	Renato Botelho	$_gb = exec('/bin/kenv smbios.system.product 2>/dev/null', $output);
2051	5a8519bb	Chris Buechler	switch ($output[0]) {
2052	61e047a5	Phil Davis	case 'FW7541':
2053			return (array('name' => 'FW7541', 'descr' => 'Netgate FW7541'));
2054			break;
2055			case 'APU':
2056			return (array('name' => 'APU', 'descr' => 'Netgate APU'));
2057			break;
2058			case 'RCC-VE':
2059	80e47bb0	Chris Buechler	return (array('name' => 'RCC-VE', 'descr' => 'Netgate RCC-VE'));
2060	61e047a5	Phil Davis	break;
2061	ba8c6e37	Renato Botelho	case 'DFFv2':
2062			return (array('name' => 'RCC-DFF', 'descr' => 'Netgate RCC-DFF'));
2063			break;
2064	be2191af	Jeremy Porter	case 'SYS-5018A-FTN4':
2065	bc09b90a	Renato Botelho	case 'A1SAi':
2066			return (array('name' => 'C2758', 'descr' => 'Super Micro C2758'));
2067			break;
2068	47b09af7	Matt Smith	case 'SYS-5018D-FN4T':
2069			return (array('name' => 'D1540-XG', 'descr' => 'Super Micro D1540-XG'));
2070			break;
2071	5a8519bb	Chris Buechler	}
2072
2073	31c9379c	Scott Ullrich	/* the rest of the code only deals with 'embedded' platforms */
2074	61e047a5	Phil Davis	if ($g['platform'] != 'nanobsd') {
2075	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
2076	61e047a5	Phil Davis	}
2077	f0014c64	Ermal
2078	971de1f9	Renato Botelho	$dmesg = get_single_sysctl('hw.model');
2079	f0014c64	Ermal
2080	61e047a5	Phil Davis	if (strpos($dmesg, "PC Engines WRAP") !== false) {
2081	4a896b86	Carlos Eduardo Ramos	return array('name' => 'wrap', 'descr' => gettext('PC Engines WRAP'));
2082	61e047a5	Phil Davis	}
2083
2084			if (strpos($dmesg, "PC Engines ALIX") !== false) {
2085	4a896b86	Carlos Eduardo Ramos	return array('name' => 'alix', 'descr' => gettext('PC Engines ALIX'));
2086	61e047a5	Phil Davis	}
2087	31c9379c	Scott Ullrich
2088	61e047a5	Phil Davis	if (preg_match("/Soekris net45../", $dmesg, $matches)) {
2089	31c9379c	Scott Ullrich	return array('name' => 'net45xx', 'descr' => $matches[0]);
2090	61e047a5	Phil Davis	}
2091
2092			if (preg_match("/Soekris net48../", $dmesg, $matches)) {
2093	31c9379c	Scott Ullrich	return array('name' => 'net48xx', 'descr' => $matches[0]);
2094	61e047a5	Phil Davis	}
2095
2096			if (preg_match("/Soekris net55../", $dmesg, $matches)) {
2097	31c9379c	Scott Ullrich	return array('name' => 'net55xx', 'descr' => $matches[0]);
2098	61e047a5	Phil Davis	}
2099	1f97f379	Renato Botelho
2100			unset($dmesg);
2101
2102			$dmesg_boot = system_get_dmesg_boot();
2103	61e047a5	Phil Davis	if (strpos($dmesg_boot, "PC Engines ALIX") !== false) {
2104	1f97f379	Renato Botelho	return array('name' => 'alix', 'descr' => gettext('PC Engines ALIX'));
2105	61e047a5	Phil Davis	}
2106	1f97f379	Renato Botelho	unset($dmesg_boot);
2107
2108	31c9379c	Scott Ullrich	/* unknown embedded platform */
2109	4a896b86	Carlos Eduardo Ramos	return array('name' => 'embedded', 'descr' => gettext('embedded (unknown)'));
2110	31c9379c	Scott Ullrich	}
2111
2112			function system_get_dmesg_boot() {
2113			global $g;
2114	61e047a5	Phil Davis
2115	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
2116			}
2117
2118	bc09b90a	Renato Botelho	?>

Project

General

Profile

pfSense