/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 5e041d5f

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34	0f282d7a	Scott Ullrich
35	6df9d7e3	Scott Ullrich	function activate_sysctls() {
36			global $config, $g;
37	d36e6e3b	Ermal Luçi
38	68c3a264	Ermal Luçi	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000000");
39	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
40	68c3a264	Ermal Luçi	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000000");
41	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
42	99e88aa0	Ermal Luçi
43			if (is_array($config['sysctl']))
44			foreach ($config['sysctl']['item'] as $tunable)
45			mwexec("sysctl " . $tunable['tunable'] . "=\""
46			. $tunable['value'] . "\"");
47	6df9d7e3	Scott Ullrich	}
48
49	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
50	c3f535c0	Seth Mos	global $config, $g;
51
52			if(isset($config['system']['developerspew'])) {
53			$mt = microtime();
54			echo "system_resolvconf_generate() being called $mt\n";
55			}
56	ef217c69	Scott Ullrich
57			$syscfg = $config['system'];
58
59			$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
60			if (!$fd) {
61			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
62			return 1;
63			}
64
65			$resolvconf = "domain {$syscfg['domain']}\n";
66
67			$havedns = false;
68
69			if (isset($syscfg['dnsallowoverride'])) {
70	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
71			$ns = array_unique(get_nameservers());
72			foreach($ns as $nameserver) {
73			if($nameserver) {
74			$resolvconf .= "nameserver $nameserver\n";
75			$havedns = true;
76	e428c94d	Scott Ullrich	}
77	c3f535c0	Seth Mos	}
78	ef217c69	Scott Ullrich	}
79			if (!$havedns && is_array($syscfg['dnsserver'])) {
80	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
81			if ($ns) {
82			$resolvconf .= "nameserver $ns\n";
83			$havedns = true;
84	e428c94d	Scott Ullrich	}
85	e180a6e3	Scott Ullrich	}
86	c3f535c0	Seth Mos	}
87	0f282d7a	Scott Ullrich
88	ef217c69	Scott Ullrich	fwrite($fd, $resolvconf);
89			fclose($fd);
90	0f282d7a	Scott Ullrich
91	ef217c69	Scott Ullrich	if (!$g['booting']) {
92	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
93			if (!$dynupdate)
94			services_dhcpd_configure();
95	ef217c69	Scott Ullrich	}
96
97	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
98			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
99			/* setup static routes for dns servers */
100			$dnsgw = "dns{$dnscounter}gwint";
101			if (isset($config['system'][$dnsgw])) {
102			$interface = $config['system'][$dnsgw];
103			if (($interface <> "") && ($interface <> "none")) {
104			$gatewayip = get_interface_gateway($interface);
105			if(is_ipaddr($gatewayip)) {
106			/* dns server array starts at 0 */
107	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
108	c3f535c0	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}");
109			mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
110	b875f306	Scott Ullrich	}
111			}
112	e180a6e3	Scott Ullrich	}
113	c3f535c0	Seth Mos	}
114
115			return 0;
116	5b237745	Scott Ullrich	}
117
118	3d00ccaa	Scott Ullrich	function get_nameservers() {
119			global $config, $g;
120			$master_list = array();
121	cdd88d2f	Scott Ullrich	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
122	3d00ccaa	Scott Ullrich	foreach($dns_lists as $dns) {
123			$items = split("\n", file_get_contents($dns));
124			foreach($items as $item)
125			if($item <> "")
126			$master_list[] = $item;
127			}
128	9ee93e3d	Scott Ullrich	if(!file_exists("/var/etc/nameservers.conf"))
129			return $master_list;
130			$dns = `cat /var/etc/nameservers.conf`;
131			$dns_s = split("\n", $dns);
132	0dbac999	Scott Ullrich	if(is_array($dns_s))
133			foreach($dns_s as $dns)
134			$master_list[] = $dns;
135	3d00ccaa	Scott Ullrich	return $master_list;
136			}
137
138	5b237745	Scott Ullrich	function system_hosts_generate() {
139	f19d3b7a	Scott Ullrich	global $config, $g;
140	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
141			$mt = microtime();
142	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
143	f19d3b7a	Scott Ullrich	}
144	0f282d7a	Scott Ullrich
145	5b237745	Scott Ullrich	$syscfg = $config['system'];
146			$lancfg = $config['interfaces']['lan'];
147			$dnsmasqcfg = $config['dnsmasq'];
148
149			if (!is_array($dnsmasqcfg['hosts'])) {
150			$dnsmasqcfg['hosts'] = array();
151			}
152			$hostscfg = $dnsmasqcfg['hosts'];
153	0f282d7a	Scott Ullrich
154	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
155			if (!$fd) {
156	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
157	5b237745	Scott Ullrich	return 1;
158			}
159	0f282d7a	Scott Ullrich
160	5b237745	Scott Ullrich	$hosts = <<<EOD
161			127.0.0.1 localhost localhost.{$syscfg['domain']}
162			{$lancfg['ipaddr']} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
163
164			EOD;
165	0f282d7a	Scott Ullrich
166	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
167			if ($host['host'])
168			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
169			else
170			$hosts .= "{$host['ip']} {$host['domain']}\n";
171			}
172	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
173			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
174			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
175	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
176	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
177			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
178	a56e787d	Scott Ullrich	}
179	5b237745	Scott Ullrich	fwrite($fd, $hosts);
180			fclose($fd);
181	0f282d7a	Scott Ullrich
182	5b237745	Scott Ullrich	return 0;
183			}
184
185			function system_hostname_configure() {
186	f19d3b7a	Scott Ullrich	global $config, $g;
187	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
188			$mt = microtime();
189	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
190	333f8ef0	Scott Ullrich	}
191	0f282d7a	Scott Ullrich
192	5b237745	Scott Ullrich	$syscfg = $config['system'];
193	0f282d7a	Scott Ullrich
194	5b237745	Scott Ullrich	/* set hostname */
195			return mwexec("/bin/hostname " .
196			escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
197			}
198
199			function system_routing_configure() {
200	f19d3b7a	Scott Ullrich	global $config, $g;
201	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
202			$mt = microtime();
203	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
204	58c7450e	Scott Ullrich	}
205	333f8ef0	Scott Ullrich
206	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
207			if(isset($config['staticroutes']['enablefastrouting']))
208			mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
209
210	2731ebc8	Seth Mos	exec("/usr/bin/netstat -rn", $route_arr, $retval);
211	e0b4e47f	Seth Mos	$route_str = implode("\n", $route_arr);
212
213	5b237745	Scott Ullrich	/* clear out old routes, if necessary */
214			if (file_exists("{$g['vardb_path']}/routes.db")) {
215			$fd = fopen("{$g['vardb_path']}/routes.db", "r");
216			if (!$fd) {
217			printf("Error: cannot open routes DB file in system_routing_configure().\n");
218	0f282d7a	Scott Ullrich	return 1;
219	5b237745	Scott Ullrich	}
220			while (!feof($fd)) {
221	b24bda08	Scott Ullrich	$oldrt = trim(fgets($fd));
222			if (($oldrt) && (stristr($route_str, $oldrt)))
223			mwexec("/sbin/route delete " . escapeshellarg($oldrt));
224	5b237745	Scott Ullrich	}
225			fclose($fd);
226			unlink("{$g['vardb_path']}/routes.db");
227			}
228	0f282d7a	Scott Ullrich
229	d173230c	Seth Mos	/* if list */
230	b6db9217	Ermal Luçi	$iflist = get_configured_interface_list();
231	d173230c	Seth Mos
232	b24bda08	Scott Ullrich	$dont_remove_route = false;
233			foreach ($iflist as $ifent => $ifname) {
234			/* do not process interfaces that will end up with gateways */
235			if (interface_has_gateway($ifent))
236			$dont_remove_route = true;
237			}
238	d173230c	Seth Mos
239	b24bda08	Scott Ullrich	if($config['interfaces']['wan']['ipaddr'] == "carpdev-dhcp")
240	3fceab6c	Scott Ullrich	$dont_remove_route = true;
241
242	d173230c	Seth Mos	if($dont_remove_route == false) {
243	b24bda08	Scott Ullrich	/* remove default route */
244			mwexec("/sbin/route delete default", true);
245	d173230c	Seth Mos	}
246
247			$dont_add_route = false;
248			/* if OLSRD is enabled, allow WAN to house DHCP. */
249			if($config['installedpackages']['olsrd']) {
250			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
251			if($olsrd['enabledyngw'] == "on") {
252			$dont_add_route = true;
253			}
254			}
255			}
256
257			if($dont_add_route == false) {
258	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
259	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
260			if(isset($gateway['defaultgw'])) {
261	b24bda08	Scott Ullrich	$gatewayip = $gateway['gateway'];
262			$interfacegw = $gateway['interface'];
263	3b9758de	Seth Mos	}
264	d173230c	Seth Mos	}
265	b24bda08	Scott Ullrich	if(($interfacegw <> "bgpd") && (is_ipaddr($gatewayip)))
266			mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
267	ef9ed4cd	Chris Buechler	} else {
268	69c8c66c	Seth Mos	/* FIXME */
269	ef9ed4cd	Chris Buechler	/* adding gateway for 1.2-style configs without the new
270			gateway setup configured.
271			Force WAN to be default gateway because that is the
272			1.2 behavior.
273			*/
274			if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
275			$gatewayip = $config['interfaces']['wan']['gateway'];
276	4e7a2819	Seth Mos	mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
277	ef9ed4cd	Chris Buechler	}
278	d173230c	Seth Mos	}
279			}
280
281	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
282	0f282d7a	Scott Ullrich
283	5b237745	Scott Ullrich	$fd = fopen("{$g['vardb_path']}/routes.db", "w");
284			if (!$fd) {
285			printf("Error: cannot open routes DB file in system_routing_configure().\n");
286	0f282d7a	Scott Ullrich	return 1;
287	5b237745	Scott Ullrich	}
288	0f282d7a	Scott Ullrich
289	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
290	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
291	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
292			if($rtent['gateway'] == $gateway['name']) {
293			$gatewayip = $gateway['gateway'];
294			$interfacegw = $gateway['interface'];
295			}
296	d173230c	Seth Mos	}
297			}
298	b24bda08	Scott Ullrich	if((is_ipaddr($rtent['gateway'])) && ($gatewayip == "")) {
299			$gatewayip = $rtent['gateway'];
300			$interfacegw = $rtent['interface'];
301			}
302			if(isset($rtent['interfacegateway'])) {
303			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
304			" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($interfacegw)));
305			} else {
306			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
307			" " . escapeshellarg($gatewayip));
308	7a98edde	Seth Mos	}
309	b24bda08	Scott Ullrich	/* record route so it can be easily removed later (if necessary) */
310			fwrite($fd, $rtent['network'] . "\n");
311	5b237745	Scott Ullrich	}
312	0f282d7a	Scott Ullrich	fclose($fd);
313	5b237745	Scott Ullrich	}
314	67ee1ec5	Ermal Luçi
315	b9c501ea	Seth Mos	return 0;
316	5b237745	Scott Ullrich	}
317
318	b24bda08	Scott Ullrich
319	5b237745	Scott Ullrich	function system_routing_enable() {
320	f19d3b7a	Scott Ullrich	global $config, $g;
321	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
322			$mt = microtime();
323	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
324	58c7450e	Scott Ullrich	}
325	0f282d7a	Scott Ullrich
326	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
327	5b237745	Scott Ullrich	}
328
329			function system_syslogd_start() {
330	f19d3b7a	Scott Ullrich	global $config, $g;
331	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
332			$mt = microtime();
333	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
334	58c7450e	Scott Ullrich	}
335	0f282d7a	Scott Ullrich
336	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
337
338	0f282d7a	Scott Ullrich	if ($g['booting'])
339	f05740c1	Scott Ullrich	echo "Starting syslog...";
340	5b237745	Scott Ullrich	else
341			killbypid("{$g['varrun_path']}/syslog.pid");
342	0f282d7a	Scott Ullrich
343	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
344	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
345	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
346			foreach($config['installedpackages']['package'] as $package) {
347	333f8ef0	Scott Ullrich	if($package['logging']) {
348	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
349	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
350	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
351			mwexec("clog -i -s 10000 {$g['varlog_path']}/{$package['logging']['logfilename']}");
352	d2834563	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t%{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
353	a728d2ea	Colin Smith	}
354			}
355			}
356	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
357	5b237745	Scott Ullrich	/* write syslog.conf */
358			$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
359			if (!$fd) {
360			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
361			return 1;
362			}
363	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
364	18330d38	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
365			$syslogconf .= <<<EOD
366			. %{$g['varlog_path']}/ntpd.log
367
368			EOD;
369			}
370	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
371	1cdec603	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
372	0260caec	Scott Ullrich	$syslogconf .= <<<EOD
373	bc7f52e2	Colin Smith	. %{$g['varlog_path']}/ipsec.log
374	0260caec	Scott Ullrich
375			EOD;
376			}
377			if (isset($syslogcfg['vpn'])) {
378			$syslogconf .= <<<EOD
379			. @{$syslogcfg['remoteserver']}
380
381			EOD;
382			}
383	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
384	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
385			$syslogconf .= <<<EOD
386			. %{$g['varlog_path']}/openvpn.log
387
388			EOD;
389			}
390			if (isset($syslogcfg['vpn'])) {
391			$syslogconf .= <<<EOD
392			. @{$syslogcfg['remoteserver']}
393
394			EOD;
395			}
396	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
397	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
398			$syslogconf .= <<<EOD
399	bc328042	Bill Marquette	local0.* %{$g['varlog_path']}/filter.log
400			local3.* %{$g['varlog_path']}/vpn.log
401			local4.* %{$g['varlog_path']}/portalauth.log
402			local7.* %{$g['varlog_path']}/dhcpd.log
403	d2834563	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; %{$g['varlog_path']}/system.log
404	f3b064aa	Scott Ullrich	news.err;local0.none;local3.none;local4.none; %{$g['varlog_path']}/system.log
405	7e77107f	Scott Ullrich	local7.none %{$g['varlog_path']}/system.log
406	bc328042	Bill Marquette	security.* %{$g['varlog_path']}/system.log
407			auth.info;authpriv.info;daemon.info %{$g['varlog_path']}/system.log
408	0d47aeff	Seth Mos	local1.* %{$g['varlog_path']}/relayd.log
409	d2834563	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
410	5b237745	Scott Ullrich	.emerg
411
412			EOD;
413	e1c0c35a	Scott Ullrich	}
414	5b237745	Scott Ullrich
415			if (isset($syslogcfg['filter'])) {
416			$syslogconf .= <<<EOD
417			local0.* @{$syslogcfg['remoteserver']}
418
419			EOD;
420			}
421	0f282d7a	Scott Ullrich
422	5b237745	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
423			$syslogconf .= <<<EOD
424			local3.* @{$syslogcfg['remoteserver']}
425	0a123b4c	Scott Ullrich
426	3f2b92d2	Scott Ullrich	EOD;
427			}
428
429	5b237745	Scott Ullrich
430	3f2b92d2	Scott Ullrich	if (isset($syslogcfg['portalauth'])) {
431			$syslogconf .= <<<EOD
432			local4.* @{$syslogcfg['remoteserver']}
433	0a123b4c	Scott Ullrich
434	5b237745	Scott Ullrich	EOD;
435			}
436
437	3f2b92d2	Scott Ullrich
438	5b237745	Scott Ullrich	if (isset($syslogcfg['dhcp'])) {
439			$syslogconf .= <<<EOD
440			local7.* @{$syslogcfg['remoteserver']}
441	0a123b4c	Scott Ullrich
442	5b237745	Scott Ullrich	EOD;
443			}
444
445			if (isset($syslogcfg['system'])) {
446			$syslogconf .= <<<EOD
447	7e77107f	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
448			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
449	5b237745	Scott Ullrich	security.* @{$syslogcfg['remoteserver']}
450			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
451			*.emerg @{$syslogcfg['remoteserver']}
452	d2834563	Scott Ullrich
453	5b237745	Scott Ullrich	EOD;
454			}
455			fwrite($fd, $syslogconf);
456			fclose($fd);
457	0f282d7a	Scott Ullrich
458	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
459			if(strpos($syslogconf, "@") != false)
460			$retval = mwexec("/usr/sbin/syslogd -s -f {$g['varetc_path']}/syslog.conf");
461			else
462			$retval = mwexec("/usr/sbin/syslogd -ss -f {$g['varetc_path']}/syslog.conf");
463	5b237745	Scott Ullrich
464			} else {
465			$retval = mwexec("/usr/sbin/syslogd -ss");
466			}
467	0f282d7a	Scott Ullrich
468	5b237745	Scott Ullrich	if ($g['booting'])
469	5c6d0f65	Colin Smith	echo "done.\n";
470	0f282d7a	Scott Ullrich
471	5b237745	Scott Ullrich	return $retval;
472			}
473
474			function system_pccard_start() {
475	f19d3b7a	Scott Ullrich	global $config, $g;
476	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
477			$mt = microtime();
478	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
479	58c7450e	Scott Ullrich	}
480	0f282d7a	Scott Ullrich
481	5b237745	Scott Ullrich	if ($g['booting'])
482	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
483	0f282d7a	Scott Ullrich
484	5b237745	Scott Ullrich	/* kill any running pccardd */
485			killbypid("{$g['varrun_path']}/pccardd.pid");
486	0f282d7a	Scott Ullrich
487	5b237745	Scott Ullrich	/* fire up pccardd */
488			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
489	0f282d7a	Scott Ullrich
490	5b237745	Scott Ullrich	if ($g['booting']) {
491			if ($res == 0)
492	5c6d0f65	Colin Smith	echo "done.\n";
493	5b237745	Scott Ullrich	else
494	5c6d0f65	Colin Smith	echo "failed!\n";
495	5b237745	Scott Ullrich	}
496	0f282d7a	Scott Ullrich
497	5b237745	Scott Ullrich	return $res;
498			}
499
500	819197a8	Scott Ullrich
501	5b237745	Scott Ullrich	function system_webgui_start() {
502	f19d3b7a	Scott Ullrich	global $config, $g;
503	877ac35d	Scott Ullrich
504			if ($g['booting'])
505	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
506	877ac35d	Scott Ullrich
507	383a4439	Scott Ullrich	/* kill any running lighttpd */
508	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
509
510	e9d0bf64	Scott Ullrich	sleep(1);
511
512	877ac35d	Scott Ullrich	chdir($g['www_path']);
513
514	fb1266d3	Matthew Grooms	/* defaults */
515			$portarg = "80";
516			$crt = "";
517			$key = "";
518
519	877ac35d	Scott Ullrich	/* non-standard port? */
520			if ($config['system']['webgui']['port'])
521	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
522	877ac35d	Scott Ullrich
523			if ($config['system']['webgui']['protocol'] == "https") {
524
525	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
526			if(is_array($cert) && $cert['crt'] && $cert['prv']) {
527			$crt = base64_decode($cert['crt']);
528			$key = base64_decode($cert['prv']);
529			if(!$config['system']['webgui']['port'])
530			$portarg = "443";
531			} else
532			log_error("Invalid webConfigurator https certificate, defaulting to http");
533	877ac35d	Scott Ullrich	}
534
535			/* generate lighttpd configuration */
536			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
537	fb1266d3	Matthew Grooms	$crt, $key, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
538	877ac35d	Scott Ullrich
539			/* attempt to start lighthttpd */
540			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
541
542			if ($g['booting']) {
543			if ($res == 0)
544			echo "done.\n";
545			else
546			echo "failed!\n";
547			}
548
549			return $res;
550			}
551
552	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
553			$cert,
554			$key,
555			$pid_file,
556			$port = 80,
557			$document_root = "/usr/local/www/",
558			$cert_location = "cert.pem",
559	b5317d07	Scott Ullrich	$max_procs = 2,
560	eb0f441c	Scott Ullrich	$max_requests = "1",
561			$fast_cgi_enable = true,
562			$captive_portal = false) {
563	58c7450e	Scott Ullrich
564	f19d3b7a	Scott Ullrich	global $config, $g;
565
566	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
567			$mt = microtime();
568	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
569	58c7450e	Scott Ullrich	}
570
571	eb0f441c	Scott Ullrich	if($captive_portal == true) {
572			$captiveportal = ",\"mod_rewrite\"";
573	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
574	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
575			$maxprocperip = $config['captiveportal']['maxprocperip'];
576	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
577			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
578			else
579			$captive_portal_mod_evasive = "";
580	3306a341	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"/tmp/captiveportal/\" )\n";
581			exec("mkdir -p /tmp/captiveportal");
582			exec("chmod a-w /tmp/captiveportal");
583	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
584	b0bdc06e	Scott Ullrich	} else {
585			$captive_portal_module = "";
586			$captive_portal_mod_evasive = "";
587	3306a341	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n";
588	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
589	eb0f441c	Scott Ullrich	}
590	3306a341	Scott Ullrich
591	28cae949	Scott Ullrich	if($port <> "")
592			$lighty_port = $port;
593			else
594			$lighty_port = "80";
595	3d77d4c4	Scott Ullrich
596			$memory = get_memory();
597			$avail = $memory[0];
598
599	b0bdc06e	Scott Ullrich	if($avail > 0 and $avail < 98) {
600	f994f4d6	Scott Ullrich	$max_procs = 1;
601			$max_requests = 1;
602	52624d2c	Scott Ullrich	}
603	1a043fa7	Scott Ullrich
604	b0bdc06e	Scott Ullrich	if($avail > 97 and $avail < 128) {
605	04f4a116	Ermal Luçi	$max_procs = 1;
606			$max_requests = 3;
607	b0bdc06e	Scott Ullrich	}
608
609			if($avail > 127 and $avail < 256) {
610	04f4a116	Ermal Luçi	$max_procs = 1;
611	6e337a84	Scott Ullrich	$max_requests = 5;
612	b0bdc06e	Scott Ullrich	}
613
614			if($avail > 255 and $avail < 384) {
615			$max_procs = 3;
616	6e337a84	Scott Ullrich	$max_requests = 10;
617	b0bdc06e	Scott Ullrich	}
618
619	8cd294de	Chris Buechler	if($avail > 383) {
620	b0bdc06e	Scott Ullrich	$max_procs = 4;
621	6e337a84	Scott Ullrich	$max_requests = 16;
622	b0bdc06e	Scott Ullrich	}
623
624	6e337a84	Scott Ullrich	if($captive_portal == true) {
625			$bin_environment = <<<EOC
626	5e041d5f	Scott Ullrich	"bin-environment" => (
627			"PHP_FCGI_CHILDREN" => "16",
628			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
629	6e337a84	Scott Ullrich	),
630			EOC;
631
632	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
633			$bin_environment = <<<EOC
634			"bin-environment" => (
635			"PHP_FCGI_CHILDREN" => "1",
636			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
637			),
638
639			EOC;
640			} else
641	6e337a84	Scott Ullrich	$bin_environment = "";
642
643	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
644	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
645	4edb490d	Scott Ullrich	$cgi_config = "";
646			$fastcgi_config = <<<EOD
647			#### fastcgi module
648			## read fastcgi.txt for more info
649	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
650			( "localhost" =>
651			(
652			"socket" => "/tmp/php-fastcgi.socket",
653	5e041d5f	Scott Ullrich	"min-procs" => 1,
654	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
655	6e337a84	Scott Ullrich	{$bin_environment}
656	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
657			)
658			)
659			)
660	4edb490d	Scott Ullrich
661	dde4f60c	Scott Ullrich	#### CGI module
662	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
663	dde4f60c	Scott Ullrich
664	4edb490d	Scott Ullrich	EOD;
665			} else {
666			$fastcgi_config = "";
667			$module = "\"mod_cgi\"";
668			$cgi_config = <<<EOD
669			#### CGI module
670			cgi.assign = ( ".php" => "/usr/local/bin/php",
671	d4302f46	Espen Johansen	".cgi" => "" )
672	333f8ef0	Scott Ullrich
673	4edb490d	Scott Ullrich	EOD;
674			}
675	333f8ef0	Scott Ullrich
676	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
677	28cae949	Scott Ullrich	#
678	a632cf43	Scott Ullrich	# lighttpd configuration file
679			#
680			# use a it as base for lighttpd 1.0.0 and above
681	28cae949	Scott Ullrich	#
682	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
683
684	770b4b9c	Scott Ullrich	## FreeBSD!
685			server.event-handler = "freebsd-kqueue"
686	d14aea59	Scott Ullrich	server.network-backend = "freebsd-sendfile" ## was writev - Fixes 7.x upload issues
687	096261af	Scott Ullrich
688	a632cf43	Scott Ullrich	## modules to load
689	4edb490d	Scott Ullrich	server.modules = (
690	c93ad789	Scott Ullrich	{$captive_portal_module}
691			"mod_access", "mod_accesslog", "mod_expire", "mod_compress",
692			{$module}{$captiveportal}
693			)
694	28cae949	Scott Ullrich
695			## Unused modules
696	6a019c11	Scott Ullrich	# "mod_setenv",
697			# "mod_compress"
698			# "mod_redirect",
699			# "mod_rewrite",
700	28cae949	Scott Ullrich	# "mod_ssi",
701			# "mod_usertrack",
702			# "mod_expire",
703			# "mod_secdownload",
704			# "mod_rrdtool",
705	a632cf43	Scott Ullrich	# "mod_auth",
706			# "mod_status",
707	28cae949	Scott Ullrich	# "mod_alias",
708	a632cf43	Scott Ullrich	# "mod_proxy",
709			# "mod_simple_vhost",
710			# "mod_evhost",
711			# "mod_userdir",
712	28cae949	Scott Ullrich	# "mod_cgi",
713			# "mod_accesslog"
714	a632cf43	Scott Ullrich
715			## a static document-root, for virtual-hosting take look at the
716			## server.virtual-* options
717	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
718	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
719	a632cf43	Scott Ullrich
720	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
721			server.max-write-idle = 999
722
723	a632cf43	Scott Ullrich	## where to send error-messages to
724	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
725	a632cf43	Scott Ullrich
726			# files to check for if .../ is requested
727			server.indexfiles = ( "index.php", "index.html",
728			"index.htm", "default.htm" )
729
730			# mimetype mapping
731			mimetype.assign = (
732			".pdf" => "application/pdf",
733			".sig" => "application/pgp-signature",
734			".spl" => "application/futuresplash",
735			".class" => "application/octet-stream",
736			".ps" => "application/postscript",
737			".torrent" => "application/x-bittorrent",
738			".dvi" => "application/x-dvi",
739			".gz" => "application/x-gzip",
740			".pac" => "application/x-ns-proxy-autoconfig",
741			".swf" => "application/x-shockwave-flash",
742			".tar.gz" => "application/x-tgz",
743			".tgz" => "application/x-tgz",
744			".tar" => "application/x-tar",
745			".zip" => "application/zip",
746			".mp3" => "audio/mpeg",
747			".m3u" => "audio/x-mpegurl",
748			".wma" => "audio/x-ms-wma",
749			".wax" => "audio/x-ms-wax",
750			".ogg" => "audio/x-wav",
751			".wav" => "audio/x-wav",
752			".gif" => "image/gif",
753			".jpg" => "image/jpeg",
754			".jpeg" => "image/jpeg",
755			".png" => "image/png",
756			".xbm" => "image/x-xbitmap",
757			".xpm" => "image/x-xpixmap",
758			".xwd" => "image/x-xwindowdump",
759			".css" => "text/css",
760			".html" => "text/html",
761			".htm" => "text/html",
762			".js" => "text/javascript",
763			".asc" => "text/plain",
764			".c" => "text/plain",
765			".conf" => "text/plain",
766			".text" => "text/plain",
767			".txt" => "text/plain",
768			".dtd" => "text/xml",
769			".xml" => "text/xml",
770			".mpeg" => "video/mpeg",
771			".mpg" => "video/mpeg",
772			".mov" => "video/quicktime",
773			".qt" => "video/quicktime",
774			".avi" => "video/x-msvideo",
775			".asf" => "video/x-ms-asf",
776			".asx" => "video/x-ms-asf",
777			".wmv" => "video/x-ms-wmv",
778			".bz2" => "application/x-bzip",
779			".tbz" => "application/x-bzip-compressed-tar",
780			".tar.bz2" => "application/x-bzip-compressed-tar"
781			)
782
783			# Use the "Content-Type" extended attribute to obtain mime type if possible
784			#mimetypes.use-xattr = "enable"
785
786			#### accesslog module
787	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
788	a632cf43	Scott Ullrich
789			## deny access the file-extensions
790			#
791			# ~ is for backupfiles from vi, emacs, joe, ...
792			# .inc is often used for code includes which should in general not be part
793			# of the document-root
794			url.access-deny = ( "~", ".inc" )
795
796
797			######### Options that are good to be but not neccesary to be changed #######
798
799			## bind to port (default: 80)
800	28cae949	Scott Ullrich	server.port = {$lighty_port}
801	a632cf43	Scott Ullrich
802			## error-handler for status 404
803			#server.error-handler-404 = "/error-handler.html"
804			#server.error-handler-404 = "/error-handler.php"
805
806			## to help the rc.scripts
807			server.pid-file = "/var/run/{$pid_file}"
808
809			## virtual directory listings
810	28cae949	Scott Ullrich	server.dir-listing = "disable"
811	a632cf43	Scott Ullrich
812			## enable debugging
813	28cae949	Scott Ullrich	debug.log-request-header = "disable"
814			debug.log-response-header = "disable"
815			debug.log-request-handling = "disable"
816			debug.log-file-not-found = "disable"
817	a632cf43	Scott Ullrich
818	3306a341	Scott Ullrich	{$server_upload_dirs}
819	1ef7b568	Scott Ullrich
820	a6e8af9c	Scott Ullrich	{$server_max_request_size}
821	ee959dc4	Scott Ullrich
822	4edb490d	Scott Ullrich	{$fastcgi_config}
823
824			{$cgi_config}
825	a632cf43	Scott Ullrich
826	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
827
828	569f47e9	Scott Ullrich	# Turn on Lighty caching directives
829			compress.cache-dir = "/tmp/"
830			compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css")
831
832			expire.url = (
833	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
834	569f47e9	Scott Ullrich	)
835
836	a632cf43	Scott Ullrich	EOD;
837
838	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
839	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
840	7aae518a	Scott Ullrich
841			$cert = str_replace("\n\n", "\n", $cert);
842	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
843	7aae518a	Scott Ullrich
844	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
845	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
846	5b237745	Scott Ullrich	if (!$fd) {
847			printf("Error: cannot open cert.pem in system_webgui_start().\n");
848			return 1;
849			}
850	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
851	5b237745	Scott Ullrich	fwrite($fd, $cert);
852			fwrite($fd, "\n");
853			fwrite($fd, $key);
854			fclose($fd);
855	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
856	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
857	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
858	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
859	5b237745	Scott Ullrich	}
860	0f282d7a	Scott Ullrich
861	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
862	a632cf43	Scott Ullrich	if (!$fd) {
863	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
864	a632cf43	Scott Ullrich	return 1;
865	5b237745	Scott Ullrich	}
866	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
867			fclose($fd);
868
869			return 0;
870	0f282d7a	Scott Ullrich
871	5b237745	Scott Ullrich	}
872
873			function system_timezone_configure() {
874	f19d3b7a	Scott Ullrich	global $config, $g;
875	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
876			$mt = microtime();
877	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
878	333f8ef0	Scott Ullrich	}
879	5b237745	Scott Ullrich
880			$syscfg = $config['system'];
881
882			if ($g['booting'])
883	f05740c1	Scott Ullrich	echo "Setting timezone...";
884	5b237745	Scott Ullrich
885			/* extract appropriate timezone file */
886			$timezone = $syscfg['timezone'];
887			if (!$timezone)
888			$timezone = "Etc/UTC";
889	0f282d7a	Scott Ullrich
890	34febcde	Scott Ullrich	conf_mount_rw();
891
892	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
893	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
894
895	4efd4885	Scott Ullrich	mwexec("sync");
896	27150275	Scott Ullrich	conf_mount_ro();
897	34febcde	Scott Ullrich
898	5b237745	Scott Ullrich	if ($g['booting'])
899	5c6d0f65	Colin Smith	echo "done.\n";
900	5b237745	Scott Ullrich	}
901
902			function system_ntp_configure() {
903	f19d3b7a	Scott Ullrich	global $config, $g;
904	5b237745	Scott Ullrich
905			$syscfg = $config['system'];
906
907	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
908			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
909			if(!$fd) {
910	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
911	20b90e0a	Scott Ullrich	return;
912	5b237745	Scott Ullrich	}
913
914	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
915			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
916			fwrite($fd, "# \n\n");
917	0f282d7a	Scott Ullrich
918	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
919			foreach (explode(' ', $syscfg['timeservers']) as $ts)
920			fwrite($fd, "servers {$ts}\n");
921	0f282d7a	Scott Ullrich
922	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
923	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
924			/* server config is in coregui1 */
925	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
926			if ($xmlsettings['enable'] == 'on') {
927			$ifaces = explode(',', $xmlsettings['interface']);
928			$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
929			$ifaces = array_filter($ifaces, 'does_interface_exist');
930			$ips = array_map('find_interface_ip', $ifaces);
931			foreach ($ips as $ip) {
932	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
933	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
934			}
935	95594e5a	Scott Ullrich	}
936			}
937
938	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
939	0f282d7a	Scott Ullrich
940	20b90e0a	Scott Ullrich	/* slurp! */
941			fclose($fd);
942
943			/* if openntpd is running, kill it */
944	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
945	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
946	5f3e1f12	Scott Ullrich	}
947
948			/* if /var/empty does not exist, create it */
949			if(!is_dir("/var/empty"))
950			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
951
952	4a40de3c	Scott Ullrich	if($g['booting'])
953			return;
954
955	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
956			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
957	0f282d7a	Scott Ullrich
958	5b237745	Scott Ullrich	}
959
960	652cf082	Seth Mos	function sync_system_time() {
961			global $config, $g;
962
963			$syscfg = $config['system'];
964
965			if ($g['booting'])
966	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
967	652cf082	Seth Mos
968			/* foreach through servers and write out to ntpd.conf */
969			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
970			mwexec("/usr/sbin/ntpdate -s $ts");
971			}
972	4582b281	Scott Ullrich
973			if ($g['booting'])
974			echo "done.\n";
975
976	652cf082	Seth Mos	}
977
978	405e5de0	Scott Ullrich	function system_halt() {
979			global $g;
980
981			system_reboot_cleanup();
982
983			mwexec("nohup /etc/rc.halt > /dev/null 2>&1 &");
984			}
985
986	5b237745	Scott Ullrich	function system_reboot() {
987			global $g;
988	0f282d7a	Scott Ullrich
989	5b237745	Scott Ullrich	system_reboot_cleanup();
990	0f282d7a	Scott Ullrich
991	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
992			}
993
994			function system_reboot_sync() {
995			global $g;
996	0f282d7a	Scott Ullrich
997	5b237745	Scott Ullrich	system_reboot_cleanup();
998	0f282d7a	Scott Ullrich
999	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1000			}
1001
1002			function system_reboot_cleanup() {
1003	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1004	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1005			}
1006
1007			function system_do_shell_commands($early = 0) {
1008	f19d3b7a	Scott Ullrich	global $config, $g;
1009	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1010			$mt = microtime();
1011	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1012	58c7450e	Scott Ullrich	}
1013	0f282d7a	Scott Ullrich
1014	5b237745	Scott Ullrich	if ($early)
1015			$cmdn = "earlyshellcmd";
1016			else
1017			$cmdn = "shellcmd";
1018	0f282d7a	Scott Ullrich
1019	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1020	333f8ef0	Scott Ullrich
1021	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1022	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1023			exec($cmd);
1024			}
1025	245388b4	Scott Ullrich
1026			} elseif($config['system'][$cmdn] <> "") {
1027	333f8ef0	Scott Ullrich
1028	245388b4	Scott Ullrich	/* execute single item */
1029			exec($config['system'][$cmdn]);
1030
1031	5b237745	Scott Ullrich	}
1032			}
1033
1034			function system_console_configure() {
1035	f19d3b7a	Scott Ullrich	global $config, $g;
1036	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1037			$mt = microtime();
1038	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1039	333f8ef0	Scott Ullrich	}
1040	0f282d7a	Scott Ullrich
1041	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1042			touch("{$g['varetc_path']}/disableconsole");
1043			} else {
1044			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1045			}
1046			}
1047
1048			function system_dmesg_save() {
1049	f19d3b7a	Scott Ullrich	global $g;
1050	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1051			$mt = microtime();
1052	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1053	f19d3b7a	Scott Ullrich	}
1054	0f282d7a	Scott Ullrich
1055	767a716e	Scott Ullrich	$dmesg = "";
1056	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1057	0f282d7a	Scott Ullrich
1058	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1059			$lastcpline = 0;
1060	0f282d7a	Scott Ullrich
1061	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1062			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1063			$lastcpline = $i;
1064			}
1065	0f282d7a	Scott Ullrich
1066	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1067			if (!$fd) {
1068			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1069			return 1;
1070			}
1071	0f282d7a	Scott Ullrich
1072	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1073			fwrite($fd, $dmesg[$i] . "\n");
1074	0f282d7a	Scott Ullrich
1075	5b237745	Scott Ullrich	fclose($fd);
1076	0f282d7a	Scott Ullrich
1077	5b237745	Scott Ullrich	return 0;
1078			}
1079
1080			function system_set_harddisk_standby() {
1081	f19d3b7a	Scott Ullrich	global $g, $config;
1082	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1083			$mt = microtime();
1084	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1085	58c7450e	Scott Ullrich	}
1086	5b237745	Scott Ullrich
1087			if (isset($config['system']['harddiskstandby'])) {
1088			if ($g['booting']) {
1089	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1090	5b237745	Scott Ullrich	}
1091
1092			$standby = $config['system']['harddiskstandby'];
1093			// Check for a numeric value
1094			if (is_numeric($standby)) {
1095			// Sync the disk(s)
1096			mwexec('/bin/sync');
1097			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1098			// Reinitialize ATA-drives
1099			mwexec('/usr/local/sbin/atareinit');
1100			if ($g['booting']) {
1101	5c6d0f65	Colin Smith	echo "done.\n";
1102	5b237745	Scott Ullrich	}
1103			} else if ($g['booting']) {
1104	5c6d0f65	Colin Smith	echo "failed!\n";
1105	5b237745	Scott Ullrich	}
1106			} else if ($g['booting']) {
1107	5c6d0f65	Colin Smith	echo "failed!\n";
1108	5b237745	Scott Ullrich	}
1109			}
1110			}
1111
1112	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1113	f19d3b7a	Scott Ullrich	global $config;
1114	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1115			$mt = microtime();
1116	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1117	58c7450e	Scott Ullrich	}
1118	243aa7b9	Scott Ullrich
1119	6df9d7e3	Scott Ullrich	activate_sysctls();
1120
1121	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1122			system_disable_arp_wrong_if();
1123			}
1124			}
1125
1126			function system_disable_arp_wrong_if() {
1127	f19d3b7a	Scott Ullrich	global $config;
1128	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1129			$mt = microtime();
1130	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1131	333f8ef0	Scott Ullrich	}
1132	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1133	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1134	3ff9d424	Scott Ullrich	}
1135
1136	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1137	f19d3b7a	Scott Ullrich	global $config;
1138	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1139			$mt = microtime();
1140	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1141	58c7450e	Scott Ullrich	}
1142	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1143	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1144	243aa7b9	Scott Ullrich	}
1145
1146	a199b93e	Scott Ullrich	function enable_watchdog() {
1147			global $config;
1148			$install_watchdog = false;
1149			$supported_watchdogs = array("Geode");
1150			$file = file_get_contents("/var/log/dmesg.boot");
1151			foreach($supported_watchdogs as $sd) {
1152			if(stristr($file, "Geode")) {
1153			$install_watchdog = true;
1154			}
1155			}
1156			if($install_watchdog == true) {
1157	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1158	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1159	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1160	a199b93e	Scott Ullrich	}
1161			}
1162	243aa7b9	Scott Ullrich
1163	38a9a1ab	Scott Ullrich	?>

Project

General

Profile

pfSense