/src/etc/inc/config.lib.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/config.lib.inc @ 6990ad35

1	12df7edc	Erik	<?php
2			/***h pfSense/config
3			* NAME
4	032c40c7	Scott Ullrich	* config.lib.inc - Functions to manipulate config.xml
5	12df7edc	Erik	* DESCRIPTION
6			* This include contains various config.xml specific functions.
7			* HISTORY
8			* $Id$
9			******
10
11			config.lib.inc
12			Ported from config.inc by Erik Kristensen
13	032c40c7	Scott Ullrich	Copyright (C) 2004-2010 Scott Ullrich
14	12df7edc	Erik	All rights reserved.
15
16			originally part of m0n0wall (http://m0n0.ch/wall)
17			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
18			All rights reserved.
19
20			Redistribution and use in source and binary forms, with or without
21			modification, are permitted provided that the following conditions are met:
22
23			1. Redistributions of source code must retain the above copyright notice,
24			this list of conditions and the following disclaimer.
25
26			2. Redistributions in binary form must reproduce the above copyright
27			notice, this list of conditions and the following disclaimer in the
28			documentation and/or other materials provided with the distribution.
29
30			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
31			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
32			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
33			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
34			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
35			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
36			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
37			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
38			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
39			POSSIBILITY OF SUCH DAMAGE.
40
41
42	d32c16bc	Ermal LUÇI	pfSense_BUILDER_BINARIES: /sbin/mount /sbin/umount /sbin/halt
43	12df7edc	Erik	pfSense_MODULE: config
44			*/
45
46			/***f config/encrypted_configxml
47			* NAME
48			* encrypted_configxml - Checks to see if config.xml is encrypted and if so, prompts to unlock.
49			* INPUTS
50			* None
51			* RESULT
52			* $config - rewrites config.xml without encryption
53			******/
54			function encrypted_configxml() {
55			global $g, $config;
56	02e9880e	Ermal
57	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
58	02e9880e	Ermal	return;
59	1e0b1727	Phil Davis	}
60	02e9880e	Ermal
61	1e0b1727	Phil Davis	if (!platform_booting()) {
62	02e9880e	Ermal	return;
63	1e0b1727	Phil Davis	}
64	02e9880e	Ermal
65	1e0b1727	Phil Davis	$configtxt = file_get_contents($g['conf_path'] . "/config.xml");
66			if (tagfile_deformat($configtxt, $configtxt, "config.xml")) {
67	02e9880e	Ermal	$fp = fopen('php://stdin', 'r');
68			$data = "";
69			echo "\n\n* Encrypted config.xml detected *\n";
70	1e0b1727	Phil Davis	while ($data == "") {
71	02e9880e	Ermal	echo "\nEnter the password to decrypt config.xml: ";
72			$decrypt_password = chop(fgets($fp));
73			$data = decrypt_data($configtxt, $decrypt_password);
74	1e0b1727	Phil Davis	if (!strstr($data, "<pfsense>")) {
75	12df7edc	Erik	$data = "";
76	1e0b1727	Phil Davis	}
77			if ($data) {
78	02e9880e	Ermal	$fd = fopen($g['conf_path'] . "/config.xml.tmp", "w");
79			fwrite($fd, $data);
80			fclose($fd);
81			exec("/bin/mv {$g['conf_path']}/config.xml.tmp {$g['conf_path']}/config.xml");
82	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Config.xml unlocked.") . "\n";
83	02e9880e	Ermal	fclose($fp);
84	8a811010	Chris Buechler	pfSense_fsync("{$g['conf_path']}/config.xml");
85	02e9880e	Ermal	} else {
86	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Invalid password entered. Please try again.") . "\n";
87	12df7edc	Erik	}
88			}
89			}
90			}
91
92			/***f config/parse_config
93			* NAME
94			* parse_config - Read in config.cache or config.xml if needed and return $config array
95			* INPUTS
96			* $parse - boolean to force parse_config() to read config.xml and generate config.cache
97			* RESULT
98			* $config - array containing all configuration variables
99			******/
100	1295e769	Scott Ullrich	function parse_config($parse = false) {
101	4e9a3392	Scott Ullrich	global $g, $config_parsed, $config_extra;
102	02e9880e	Ermal
103	12df7edc	Erik	$lockkey = lock('config');
104	0af381c2	Scott Ullrich	$config_parsed = false;
105	02e9880e	Ermal
106	12df7edc	Erik	if (!file_exists("{$g['conf_path']}/config.xml") \|\| filesize("{$g['conf_path']}/config.xml") == 0) {
107			$last_backup = discover_last_backup();
108	1e0b1727	Phil Davis	if ($last_backup) {
109	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
110			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
111	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
112			} else {
113			unlock($lockkey);
114	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
115	12df7edc	Erik	}
116			}
117	02e9880e	Ermal
118	086cf944	Phil Davis	if (platform_booting(true)) {
119	02e9880e	Ermal	echo ".";
120	086cf944	Phil Davis	}
121	02e9880e	Ermal
122	12df7edc	Erik	// Check for encrypted config.xml
123			encrypted_configxml();
124	02e9880e	Ermal
125	1e0b1727	Phil Davis	if (!$parse) {
126	02e9880e	Ermal	if (file_exists($g['tmp_path'] . '/config.cache')) {
127	12df7edc	Erik	$config = unserialize(file_get_contents($g['tmp_path'] . '/config.cache'));
128	1e0b1727	Phil Davis	if (is_null($config)) {
129	02e9880e	Ermal	$parse = true;
130	1e0b1727	Phil Davis	}
131			} else {
132	02e9880e	Ermal	$parse = true;
133	1e0b1727	Phil Davis	}
134	02e9880e	Ermal	}
135			if ($parse == true) {
136	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
137			if (platform_booting(true)) {
138	02e9880e	Ermal	echo ".";
139	1e0b1727	Phil Davis	}
140	12df7edc	Erik	log_error("No config.xml found, attempting last known config restore.");
141			file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
142			$last_backup = discover_last_backup();
143	1e0b1727	Phil Davis	if ($last_backup) {
144	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
145	1e0b1727	Phil Davis	} else {
146	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Could not restore config.xml."));
147	50cafcf3	Ermal	unlock($lockkey);
148	4816e5ca	Renato Botelho	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
149	50cafcf3	Ermal	}
150	12df7edc	Erik	}
151	990d7c03	Erik Fonnesbeck	$config = parse_xml_config($g['conf_path'] . '/config.xml', array($g['xml_rootobj'], 'pfsense'));
152	1e0b1727	Phil Davis	if ($config == -1) {
153	12df7edc	Erik	$last_backup = discover_last_backup();
154	1e0b1727	Phil Davis	if ($last_backup) {
155	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
156	1e0b1727	Phil Davis	} else {
157	12df7edc	Erik	log_error(gettext("Could not restore config.xml."));
158	50cafcf3	Ermal	unlock($lockkey);
159			die("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.");
160			}
161	12df7edc	Erik	}
162			generate_config_cache($config);
163			}
164	02e9880e	Ermal
165	1e0b1727	Phil Davis	if (platform_booting(true)) {
166	02e9880e	Ermal	echo ".";
167	1e0b1727	Phil Davis	}
168	02e9880e	Ermal
169	12df7edc	Erik	$config_parsed = true;
170			unlock($lockkey);
171
172	02e9880e	Ermal	alias_make_table($config);
173
174	12df7edc	Erik	return $config;
175			}
176
177			/***f config/generate_config_cache
178			* NAME
179			* generate_config_cache - Write serialized configuration to cache.
180			* INPUTS
181			* $config - array containing current firewall configuration
182			* RESULT
183			* boolean - true on completion
184			******/
185			function generate_config_cache($config) {
186	4e9a3392	Scott Ullrich	global $g, $config_extra;
187	12df7edc	Erik
188			$configcache = fopen($g['tmp_path'] . '/config.cache', "w");
189			fwrite($configcache, serialize($config));
190			fclose($configcache);
191	88f2c335	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.cache");
192	6990ad35	Phil Davis
193	4e9a3392	Scott Ullrich	unset($configcache);
194			/* Used for config.extra.xml */
195	1e0b1727	Phil Davis	if (file_exists($g['tmp_path'] . '/config.extra.cache') && $config_extra) {
196	4e9a3392	Scott Ullrich	$configcacheextra = fopen($g['tmp_path'] . '/config.extra.cache', "w");
197			fwrite($configcacheextra, serialize($config_extra));
198	1e0b1727	Phil Davis	fclose($configcacheextra);
199	fd29caa1	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.extra.cache");
200	4e9a3392	Scott Ullrich	unset($configcacheextra);
201			}
202	12df7edc	Erik	}
203
204			function discover_last_backup() {
205	692c21fd	Renato Botelho	$backups = glob('/cf/conf/backup/*.xml');
206	12df7edc	Erik	$last_backup = "";
207	692c21fd	Renato Botelho	$last_mtime = 0;
208	1e0b1727	Phil Davis	foreach ($backups as $backup) {
209			if (filemtime($backup) > $last_mtime) {
210	692c21fd	Renato Botelho	$last_mtime = filemtime($backup);
211			$last_backup = $backup;
212			}
213			}
214	12df7edc	Erik
215	692c21fd	Renato Botelho	return basename($last_backup);
216	12df7edc	Erik	}
217
218			function restore_backup($file) {
219			global $g;
220
221			if (file_exists($file)) {
222			conf_mount_rw();
223			unlink_if_exists("{$g['tmp_path']}/config.cache");
224	086cf944	Phil Davis	copy("$file", "/cf/conf/config.xml");
225	38b35612	Renato Botelho	pfSense_fsync("/cf/conf/config.xml");
226	d7b97ca3	Chris Buechler	pfSense_fsync($g['conf_path']);
227	0f806eca	Erik Fonnesbeck	disable_security_checks();
228	addc0439	Renato Botelho	log_error(sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file));
229			file_notice("config.xml", sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file), "pfSenseConfigurator", "");
230	12df7edc	Erik	conf_mount_ro();
231			}
232			}
233
234			/***f config/parse_config_bootup
235			* NAME
236			* parse_config_bootup - Bootup-specific configuration checks.
237			* RESULT
238			* null
239			******/
240			function parse_config_bootup() {
241	50cafcf3	Ermal	global $config, $g;
242	12df7edc	Erik
243	1e0b1727	Phil Davis	if (platform_booting()) {
244	02e9880e	Ermal	echo ".";
245	1e0b1727	Phil Davis	}
246	12df7edc	Erik
247			$lockkey = lock('config');
248	50cafcf3	Ermal	if (!file_exists("{$g['conf_path']}/config.xml")) {
249	285ef132	Ermal LUÇI	if (platform_booting()) {
250	50cafcf3	Ermal	if (strstr($g['platform'], "cdrom")) {
251			/* try copying the default config. to the floppy */
252	4816e5ca	Renato Botelho	echo gettext("Resetting factory defaults...") . "\n";
253	50cafcf3	Ermal	reset_factory_defaults(true);
254			if (!file_exists("{$g['conf_path']}/config.xml")) {
255	4816e5ca	Renato Botelho	echo gettext("No XML configuration file found - using factory defaults.\n" .
256			"Make sure that the configuration floppy disk with the conf/config.xml\n" .
257			"file is inserted. If it isn't, your configuration changes will be lost\n" .
258			"on reboot.\n");
259	12df7edc	Erik	}
260			} else {
261	50cafcf3	Ermal	$last_backup = discover_last_backup();
262	1e0b1727	Phil Davis	if ($last_backup) {
263	50cafcf3	Ermal	log_error("No config.xml found, attempting last known config restore.");
264	4816e5ca	Renato Botelho	file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
265	50cafcf3	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
266			}
267	1e0b1727	Phil Davis	if (!file_exists("{$g['conf_path']}/config.xml")) {
268	4816e5ca	Renato Botelho	echo sprintf(gettext("XML configuration file not found. %s cannot continue booting."), $g['product_name']) . "\n";
269	02e9880e	Ermal	unlock($lockkey);
270	50cafcf3	Ermal	mwexec("/sbin/halt");
271			exit;
272			}
273			log_error("Last known config found and restored. Please double check your configuration file for accuracy.");
274	4816e5ca	Renato Botelho	file_notice("config.xml", gettext("Last known config found and restored. Please double check your configuration file for accuracy."), "pfSenseConfigurator", "");
275	12df7edc	Erik	}
276	50cafcf3	Ermal	} else {
277			unlock($lockkey);
278	b5e8282d	Ermal	log_error(gettext("Could not find a usable configuration file! Exiting...."));
279	50cafcf3	Ermal	exit(0);
280	12df7edc	Erik	}
281			}
282	50cafcf3	Ermal
283	12df7edc	Erik	if (filesize("{$g['conf_path']}/config.xml") == 0) {
284			$last_backup = discover_last_backup();
285	1e0b1727	Phil Davis	if ($last_backup) {
286	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
287			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
288	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
289			} else {
290			unlock($lockkey);
291	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
292	12df7edc	Erik	}
293			}
294			unlock($lockkey);
295
296	89adb2f3	Ermal	$config = parse_config(true);
297
298	12df7edc	Erik	if ((float)$config['version'] > (float)$g['latest_config']) {
299			echo <<<EOD
300
301
302			*******************************************************************************
303			* WARNING! *
304			* The current configuration has been created with a newer version of {$g['product_name']} *
305			* than this one! This can lead to serious misbehavior and even security *
306			* holes! You are urged to either upgrade to a newer version of {$g['product_name']} or *
307			* revert to the default configuration immediately! *
308			*******************************************************************************
309
310
311			EOD;
312			}
313
314			/* make alias table (for faster lookups) */
315			alias_make_table($config);
316			}
317
318			/***f config/conf_mount_rw
319			* NAME
320			* conf_mount_rw - Mount filesystems read/write.
321			* RESULT
322			* null
323			******/
324			/* mount flash card read/write */
325	63e18082	jim-p	function conf_mount_rw() {
326	7b229013	jim-p	global $g, $config;
327	12df7edc	Erik
328			/* do not mount on cdrom platform */
329	1e0b1727	Phil Davis	if ($g['platform'] == "cdrom" or $g['platform'] == "pfSense") {
330	12df7edc	Erik	return;
331	1e0b1727	Phil Davis	}
332	a45e27ba	Ermal
333	1e0b1727	Phil Davis	if ((refcount_reference(1000) > 1) && is_writable("/")) {
334	12df7edc	Erik	return;
335	1e0b1727	Phil Davis	}
336	12df7edc	Erik
337	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
338	1e0b1727	Phil Davis	if ($status <> 0) {
339			if (platform_booting()) {
340	d32c16bc	Ermal LUÇI	echo gettext("/cf Filesystem is dirty.") . "\n";
341	1e0b1727	Phil Davis	}
342	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
343	12df7edc	Erik	}
344
345			/* if the platform is soekris or wrap or pfSense, lets mount the
346			* compact flash cards root.
347	1e0b1727	Phil Davis	*/
348	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
349	d32c16bc	Ermal LUÇI	/* we could not mount this correctly. */
350	1e0b1727	Phil Davis	if ($status <> 0) {
351	d32c16bc	Ermal LUÇI	log_error(gettext("/ File system is dirty."));
352	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
353	12df7edc	Erik	}
354	1e0b1727	Phil Davis
355	12df7edc	Erik	mark_subsystem_dirty('mount');
356			}
357
358			/***f config/conf_mount_ro
359			* NAME
360			* conf_mount_ro - Mount filesystems readonly.
361			* RESULT
362			* null
363			******/
364	63e18082	jim-p	function conf_mount_ro() {
365	7b229013	jim-p	global $g, $config;
366	12df7edc	Erik
367	2de8d745	jim-p	/* Do not trust $g['platform'] since this can be clobbered during factory reset. */
368			$platform = trim(file_get_contents("/etc/platform"));
369	23f0ca50	Ermal Lu?i	/* do not umount on cdrom or pfSense platforms */
370	1e0b1727	Phil Davis	if ($platform == "cdrom" or $platform == "pfSense") {
371	23f0ca50	Ermal Lu?i	return;
372	1e0b1727	Phil Davis	}
373	23f0ca50	Ermal Lu?i
374	1e0b1727	Phil Davis	if (refcount_unreference(1000) > 0) {
375	52f4c092	Scott Ullrich	return;
376	1e0b1727	Phil Davis	}
377	52f4c092	Scott Ullrich
378	1e0b1727	Phil Davis	if (isset($config['system']['nanobsd_force_rw'])) {
379	b8250344	Renato Botelho	return;
380	1e0b1727	Phil Davis	}
381	b8250344	Renato Botelho
382	1e0b1727	Phil Davis	if (platform_booting()) {
383	12df7edc	Erik	return;
384	1e0b1727	Phil Davis	}
385	12df7edc	Erik
386			clear_subsystem_dirty('mount');
387			/* sync data, then force a remount of /cf */
388	d0577bd2	Renato Botelho	pfSense_fsync($g['cf_path']);
389	e8567e89	jim-p	mwexec("/sbin/mount -u -r -f -o sync,noatime {$g['cf_path']}");
390			mwexec("/sbin/mount -u -r -f -o sync,noatime /");
391	12df7edc	Erik	}
392
393			/***f config/convert_config
394			* NAME
395			* convert_config - Attempt to update config.xml.
396			* DESCRIPTION
397			* convert_config() reads the current global configuration
398			* and attempts to convert it to conform to the latest
399			* config.xml version. This allows major formatting changes
400			* to be made with a minimum of breakage.
401			* RESULT
402			* null
403			******/
404			/* convert configuration, if necessary */
405			function convert_config() {
406			global $config, $g;
407			$now = date("H:i:s");
408	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Start Configuration upgrade at %s, set execution timeout to 15 minutes"), $now));
409	59cfe65d	Ermal	//ini_set("max_execution_time", "900");
410	12df7edc	Erik
411			/* special case upgrades */
412			/* fix every minute crontab bogons entry */
413	32a9eb18	Ermal	if (is_array($config['cron'])) {
414			$cron_item_count = count($config['cron']['item']);
415	086cf944	Phil Davis	for ($x = 0; $x < $cron_item_count; $x++) {
416	1e0b1727	Phil Davis	if (stristr($config['cron']['item'][$x]['command'], "rc.update_bogons.sh")) {
417	086cf944	Phil Davis	if ($config['cron']['item'][$x]['hour'] == "*") {
418	1e0b1727	Phil Davis	$config['cron']['item'][$x]['hour'] = "3";
419	32a9eb18	Ermal	write_config(gettext("Updated bogon update frequency to 3am"));
420			log_error(gettext("Updated bogon update frequency to 3am"));
421	1e0b1727	Phil Davis	}
422	32a9eb18	Ermal	}
423	12df7edc	Erik	}
424			}
425	1e0b1727	Phil Davis	if ($config['version'] == $g['latest_config']) {
426	12df7edc	Erik	return; /* already at latest version */
427	1e0b1727	Phil Davis	}
428	12df7edc	Erik
429			// Save off config version
430			$prev_version = $config['version'];
431	1e0b1727	Phil Davis
432	b96cad97	Seth Mos	include_once('auth.inc');
433	12df7edc	Erik	include_once('upgrade_config.inc');
434	1e0b1727	Phil Davis	if (file_exists("/etc/inc/upgrade_config_custom.inc")) {
435	e58da189	Ermal	include_once("upgrade_config_custom.inc");
436	1e0b1727	Phil Davis	}
437	12df7edc	Erik	/* Loop and run upgrade_VER_to_VER() until we're at current version */
438			while ($config['version'] < $g['latest_config']) {
439			$cur = $config['version'] * 10;
440			$next = $cur + 1;
441			$migration_function = sprintf('upgrade_%03d_to_%03d', $cur, $next);
442	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
443	cb0e3f8e	Ermal	$migration_function();
444	1e0b1727	Phil Davis	}
445	e58da189	Ermal	$migration_function = "{$migration_function}_custom";
446	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
447	e58da189	Ermal	$migration_function();
448	1e0b1727	Phil Davis	}
449	12df7edc	Erik	$config['version'] = sprintf('%.1f', $next / 10);
450	1e0b1727	Phil Davis	if (platform_booting()) {
451	92cf9fcd	sullrich	echo ".";
452	1e0b1727	Phil Davis	}
453	12df7edc	Erik	}
454
455			$now = date("H:i:s");
456	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Ended Configuration upgrade at %s"), $now));
457	12df7edc	Erik
458	1e0b1727	Phil Davis	if ($prev_version != $config['version']) {
459	addc0439	Renato Botelho	write_config(sprintf(gettext('Upgraded config version level from %1$s to %2$s'), $prev_version, $config['version']));
460	1e0b1727	Phil Davis	}
461	12df7edc	Erik	}
462
463	ddd42db3	Ermal Lu?i	/***f config/safe_write_file
464			* NAME
465			* safe_write_file - Write a file out atomically
466			* DESCRIPTION
467			* safe_write_file() Writes a file out atomically by first writing to a
468			* temporary file of the same name but ending with the pid of the current
469			* process, them renaming the temporary file over the original.
470			* INPUTS
471			* $filename - string containing the filename of the file to write
472			* $content - string containing the file content to write to file
473			* $force_binary - boolean denoting whether we should force binary
474			* mode writing.
475			* RESULT
476			* boolean - true if successful, false if not
477			******/
478			function safe_write_file($file, $content, $force_binary) {
479	628d1548	Ermal	$tmp_file = $file . "." . getmypid();
480			$write_mode = $force_binary ? "wb" : "w";
481	ddd42db3	Ermal Lu?i
482	628d1548	Ermal	$fd = fopen($tmp_file, $write_mode);
483			if (!$fd) {
484			// Unable to open temporary file for writing
485			return false;
486	1e0b1727	Phil Davis	}
487	628d1548	Ermal	if (!fwrite($fd, $content)) {
488			// Unable to write to temporary file
489	00bc5bcc	Scott Ullrich	fclose($fd);
490	628d1548	Ermal	return false;
491			}
492			fflush($fd);
493			fclose($fd);
494	ddd42db3	Ermal Lu?i
495	a83602e8	Renato Botelho	if (!pfSense_fsync($tmp_file) \|\| !rename($tmp_file, $file)) {
496	628d1548	Ermal	// Unable to move temporary file to original
497			@unlink($tmp_file);
498			return false;
499			}
500	00bc5bcc	Scott Ullrich
501	628d1548	Ermal	// Sync file before returning
502	8a811010	Chris Buechler	return pfSense_fsync($file);
503	ddd42db3	Ermal Lu?i	}
504
505	12df7edc	Erik	/***f config/write_config
506			* NAME
507			* write_config - Backup and write the firewall configuration.
508			* DESCRIPTION
509			* write_config() handles backing up the current configuration,
510			* applying changes, and regenerating the configuration cache.
511			* INPUTS
512			* $desc - string containing the a description of configuration changes
513			* $backup - boolean: do not back up current configuration if false.
514			* RESULT
515			* null
516			******/
517			/* save the system configuration */
518			function write_config($desc="Unknown", $backup = true) {
519			global $config, $g;
520
521	a74260cb	jim-p	if (!empty($_SERVER['REMOTE_ADDR'])) {
522	1e0b1727	Phil Davis	if (!session_id()) {
523	a74260cb	jim-p	@session_start();
524	1e0b1727	Phil Davis	}
525	cf0dae69	Ermal	if (!empty($_SESSION['Username']) && ($_SESSION['Username'] != "admin")) {
526			$user = getUserEntry($_SESSION['Username']);
527			if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) {
528			session_commit();
529			return false;
530			}
531	4111fcf5	Ermal	}
532	170cb2bc	jim-p	}
533	4111fcf5	Ermal
534	1e0b1727	Phil Davis	if (!isset($argc)) {
535	9d584d5d	Ermal	session_commit();
536	1e0b1727	Phil Davis	}
537	4111fcf5	Ermal
538	1e0b1727	Phil Davis	if ($backup) {
539	12df7edc	Erik	backup_config();
540	1e0b1727	Phil Davis	}
541	12df7edc	Erik
542	ba1d9714	jim-p	$config['revision'] = make_config_revision_entry($desc);
543	12df7edc	Erik
544	b6c34bfc	Ermal	conf_mount_rw();
545			$lockkey = lock('config', LOCK_EX);
546	12df7edc	Erik
547			/* generate configuration XML */
548			$xmlconfig = dump_xml_config($config, $g['xml_rootobj']);
549
550	41bf8e8e	Scott Ullrich	/* write new configuration */
551			if (!safe_write_file("{$g['cf_conf_path']}/config.xml", $xmlconfig, false)) {
552	89a8d28e	Chris Buechler	log_error(gettext("WARNING: Config contents could not be saved. Could not open file!"));
553	12df7edc	Erik	unlock($lockkey);
554	4e038d31	Carlos Eduardo Ramos	file_notice("config.xml", sprintf(gettext("Unable to open %s/config.xml for writing in write_config()%s"), $g['cf_conf_path'], "\n"));
555	541989d5	Ermal	return -1;
556	e5977136	Scott Ullrich	}
557	1e0b1727	Phil Davis
558	e1ebe9e2	jim-p	cleanup_backupcache(true);
559	12df7edc	Erik
560			/* re-read configuration */
561	541989d5	Ermal	/* NOTE: We assume that the file can be parsed since we wrote it. */
562	12df7edc	Erik	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
563	e490f995	Ermal	if ($config == -1) {
564	557300a7	jim-p	copy("{$g['conf_path']}/config.xml", "{$g['conf_path']}/config.xml.bad");
565	e490f995	Ermal	$last_backup = discover_last_backup();
566	557300a7	jim-p	if ($last_backup) {
567	e490f995	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
568	557300a7	jim-p	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
569	285ef132	Ermal LUÇI	if (platform_booting()) {
570	557300a7	jim-p	echo "\n\n ************ WARNING ************";
571	6177fd92	jim-p	echo "\n\n Configuration could not be validated. A previous configuration was restored. \n";
572	05d5503b	Ermal	echo "\n The failed configuration file has been saved as {$g['conf_path']}/config.xml.bad \n\n";
573	557300a7	jim-p	}
574	1e0b1727	Phil Davis	} else {
575	e490f995	Ermal	log_error(gettext("Could not restore config.xml."));
576	1e0b1727	Phil Davis	}
577			} else {
578	e490f995	Ermal	generate_config_cache($config);
579	1e0b1727	Phil Davis	}
580	12df7edc	Erik
581			unlock($lockkey);
582
583			unlink_if_exists("/usr/local/pkg/pf/carp_sync_client.php");
584	16b96ea6	Scott Ullrich
585	b6c34bfc	Ermal	/* tell kernel to sync fs data */
586			conf_mount_ro();
587
588	12df7edc	Erik	/* sync carp entries to other firewalls */
589	16b96ea6	Scott Ullrich	carp_sync_client();
590	12df7edc	Erik
591	1e0b1727	Phil Davis	if (is_dir("/usr/local/pkg/write_config")) {
592	12df7edc	Erik	/* process packager manager custom rules */
593			run_plugins("/usr/local/pkg/write_config/");
594			}
595
596			return $config;
597			}
598
599			/***f config/reset_factory_defaults
600			* NAME
601			* reset_factory_defaults - Reset the system to its default configuration.
602			* RESULT
603			* integer - indicates completion
604			******/
605			function reset_factory_defaults($lock = false) {
606			global $g;
607
608			conf_mount_rw();
609	1e0b1727	Phil Davis	if (!$lock) {
610	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
611	1e0b1727	Phil Davis	}
612	12df7edc	Erik
613			/* create conf directory, if necessary */
614			safe_mkdir("{$g['cf_conf_path']}");
615
616			/* clear out /conf */
617			$dh = opendir($g['conf_path']);
618			while ($filename = readdir($dh)) {
619			if (($filename != ".") && ($filename != "..")) {
620			unlink_if_exists($g['conf_path'] . "/" . $filename);
621			}
622			}
623			closedir($dh);
624	63dd9f08	Ermal	unlink_if_exists($g['tmp_path'] . "/config.cache");
625	12df7edc	Erik
626			/* copy default configuration */
627			copy("{$g['conf_default_path']}/config.xml", "{$g['conf_path']}/config.xml");
628
629	0f806eca	Erik Fonnesbeck	disable_security_checks();
630
631	12df7edc	Erik	/* call the wizard */
632			touch("/conf/trigger_initial_wizard");
633	1e0b1727	Phil Davis	if (!$lock) {
634	12df7edc	Erik	unlock($lockkey);
635	1e0b1727	Phil Davis	}
636	b6c34bfc	Ermal	conf_mount_ro();
637	673966e4	jim-p	setup_serial_port();
638	12df7edc	Erik	return 0;
639			}
640
641			function config_restore($conffile) {
642			global $config, $g;
643
644	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
645	12df7edc	Erik	return 1;
646	1e0b1727	Phil Davis	}
647	12df7edc	Erik
648			backup_config();
649
650	f2087c85	Scott Ullrich	conf_mount_rw();
651	1e0b1727	Phil Davis
652	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
653	12df7edc	Erik
654			unlink_if_exists("{$g['tmp_path']}/config.cache");
655	e490f995	Ermal	copy($conffile, "{$g['cf_conf_path']}/config.xml");
656	12df7edc	Erik
657	0f806eca	Erik Fonnesbeck	disable_security_checks();
658
659	12df7edc	Erik	unlock($lockkey);
660
661			$config = parse_config(true);
662
663			conf_mount_ro();
664
665	4e038d31	Carlos Eduardo Ramos	write_config(gettext("Reverted to") . " " . array_pop(explode("/", $conffile)) . ".", false);
666	e296b183	Ermal Lu?i
667	12df7edc	Erik	return 0;
668			}
669
670			function config_install($conffile) {
671			global $config, $g;
672
673	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
674	12df7edc	Erik	return 1;
675	1e0b1727	Phil Davis	}
676	12df7edc	Erik
677	1e0b1727	Phil Davis	if (!config_validate("{$conffile}")) {
678	12df7edc	Erik	return 1;
679	1e0b1727	Phil Davis	}
680	12df7edc	Erik
681	1e0b1727	Phil Davis	if (platform_booting()) {
682	4e038d31	Carlos Eduardo Ramos	echo gettext("Installing configuration...") . "\n";
683	1e0b1727	Phil Davis	} else {
684	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Installing configuration ...."));
685	1e0b1727	Phil Davis	}
686	12df7edc	Erik
687			conf_mount_rw();
688	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
689	12df7edc	Erik
690			copy($conffile, "{$g['conf_path']}/config.xml");
691
692	0f806eca	Erik Fonnesbeck	disable_security_checks();
693
694	12df7edc	Erik	/* unlink cache file if it exists */
695	1e0b1727	Phil Davis	if (file_exists("{$g['tmp_path']}/config.cache")) {
696	12df7edc	Erik	unlink("{$g['tmp_path']}/config.cache");
697	1e0b1727	Phil Davis	}
698	12df7edc	Erik
699			unlock($lockkey);
700			conf_mount_ro();
701
702	1e0b1727	Phil Davis	return 0;
703	12df7edc	Erik	}
704
705	0f806eca	Erik Fonnesbeck	/*
706			* Disable security checks for DNS rebind and HTTP referrer until next time
707			* they pass (or reboot), to aid in preventing accidental lockout when
708			* restoring settings like hostname, domain, IP addresses, and settings
709			* related to the DNS rebind and HTTP referrer checks.
710			* Intended for use when restoring a configuration or directly
711			* modifying config.xml without an unconditional reboot.
712			*/
713			function disable_security_checks() {
714			global $g;
715			touch("{$g['tmp_path']}/disable_security_checks");
716			}
717
718			/* Restores security checks. Should be called after all succeed. */
719			function restore_security_checks() {
720			global $g;
721			unlink_if_exists("{$g['tmp_path']}/disable_security_checks");
722			}
723
724			/* Returns status of security check temporary disable. */
725			function security_checks_disabled() {
726			global $g;
727			return file_exists("{$g['tmp_path']}/disable_security_checks");
728			}
729
730	12df7edc	Erik	function config_validate($conffile) {
731
732			global $g, $xmlerr;
733
734			$xml_parser = xml_parser_create();
735
736			if (!($fp = fopen($conffile, "r"))) {
737	4e038d31	Carlos Eduardo Ramos	$xmlerr = gettext("XML error: unable to open file");
738	12df7edc	Erik	return false;
739			}
740
741			while ($data = fread($fp, 4096)) {
742			if (!xml_parse($xml_parser, $data, feof($fp))) {
743	addc0439	Renato Botelho	$xmlerr = sprintf(gettext('%1$s at line %2$d'),
744	12df7edc	Erik	xml_error_string(xml_get_error_code($xml_parser)),
745			xml_get_current_line_number($xml_parser));
746			return false;
747			}
748			}
749			xml_parser_free($xml_parser);
750
751			fclose($fp);
752
753			return true;
754			}
755
756	e1ebe9e2	jim-p	function cleanup_backupcache($lock = false) {
757	12df7edc	Erik	global $g;
758			$i = false;
759	e1ebe9e2	jim-p
760			$revisions = get_config_backup_count();
761
762	1e0b1727	Phil Davis	if (!$lock) {
763	12df7edc	Erik	$lockkey = lock('config');
764	1e0b1727	Phil Davis	}
765	cd25a2b2	jim-p
766			conf_mount_rw();
767
768			$backups = get_backups();
769			if ($backups) {
770	12df7edc	Erik	$baktimes = $backups['versions'];
771			unset($backups['versions']);
772	cd25a2b2	jim-p	} else {
773			$backups = array();
774			$baktimes = array();
775			}
776			$newbaks = array();
777			$bakfiles = glob($g['cf_conf_path'] . "/backup/config-*");
778			$tocache = array();
779	12df7edc	Erik
780	1e0b1727	Phil Davis	foreach ($bakfiles as $backup) { // Check for backups in the directory not represented in the cache.
781	bfe615ee	jim-p	$backupsize = filesize($backup);
782	1e0b1727	Phil Davis	if ($backupsize == 0) {
783	cd25a2b2	jim-p	unlink($backup);
784			continue;
785			}
786	b3bbed58	Ermal LUÇI	$backupexp = explode('-', $backup);
787			$backupexp = explode('.', array_pop($backupexp));
788			$tocheck = array_shift($backupexp);
789			unset($backupexp);
790	1e0b1727	Phil Davis	if (!in_array($tocheck, $baktimes)) {
791	cd25a2b2	jim-p	$i = true;
792	1e0b1727	Phil Davis	if (platform_booting()) {
793	cd25a2b2	jim-p	echo ".";
794	1e0b1727	Phil Davis	}
795	990d7c03	Erik Fonnesbeck	$newxml = parse_xml_config($backup, array($g['xml_rootobj'], 'pfsense'));
796	1e0b1727	Phil Davis	if ($newxml == "-1") {
797	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
798	cd25a2b2	jim-p	unlink($backup);
799	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
800	cd25a2b2	jim-p	continue;
801	12df7edc	Erik	}
802	1e0b1727	Phil Davis	if ($newxml['revision']['description'] == "") {
803	cd25a2b2	jim-p	$newxml['revision']['description'] = "Unknown";
804	1e0b1727	Phil Davis	}
805			if ($newxml['version'] == "") {
806	92420c0a	jim-p	$newxml['version'] = "?";
807	1e0b1727	Phil Davis	}
808	bfe615ee	jim-p	$tocache[$tocheck] = array('description' => $newxml['revision']['description'], 'version' => $newxml['version'], 'filesize' => $backupsize);
809	12df7edc	Erik	}
810	cd25a2b2	jim-p	}
811	1e0b1727	Phil Davis	foreach ($backups as $checkbak) {
812			if (count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) {
813	cd25a2b2	jim-p	$newbaks[] = $checkbak;
814			} else {
815			$i = true;
816	285ef132	Ermal LUÇI	if (platform_booting()) print " " . $tocheck . "r";
817	cd25a2b2	jim-p	}
818			}
819	1e0b1727	Phil Davis	foreach ($newbaks as $todo) {
820			$tocache[$todo['time']] = array('description' => $todo['description'], 'version' => $todo['version'], 'filesize' => $todo['filesize']);
821			}
822			if (is_int($revisions) and (count($tocache) > $revisions)) {
823	cd25a2b2	jim-p	$toslice = array_slice(array_keys($tocache), 0, $revisions);
824	1e0b1727	Phil Davis	foreach ($toslice as $sliced) {
825	cd25a2b2	jim-p	$newcache[$sliced] = $tocache[$sliced];
826	1e0b1727	Phil Davis	}
827			foreach ($tocache as $version => $versioninfo) {
828			if (!in_array($version, array_keys($newcache))) {
829	cd25a2b2	jim-p	unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml');
830	12df7edc	Erik	}
831			}
832	cd25a2b2	jim-p	$tocache = $newcache;
833	12df7edc	Erik	}
834	cd25a2b2	jim-p	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
835			fwrite($bakout, serialize($tocache));
836			fclose($bakout);
837	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
838	cd25a2b2	jim-p	conf_mount_ro();
839
840	1e0b1727	Phil Davis	if (!$lock) {
841	12df7edc	Erik	unlock($lockkey);
842	1e0b1727	Phil Davis	}
843	12df7edc	Erik	}
844
845			function get_backups() {
846			global $g;
847	1e0b1727	Phil Davis	if (file_exists("{$g['cf_conf_path']}/backup/backup.cache")) {
848	12df7edc	Erik	$confvers = unserialize(file_get_contents("{$g['cf_conf_path']}/backup/backup.cache"));
849			$bakvers = array_keys($confvers);
850			$toreturn = array();
851			sort($bakvers);
852			// $bakvers = array_reverse($bakvers);
853	1e0b1727	Phil Davis	foreach (array_reverse($bakvers) as $bakver) {
854	bfe615ee	jim-p	$toreturn[] = array('time' => $bakver, 'description' => $confvers[$bakver]['description'], 'version' => $confvers[$bakver]['version'], 'filesize' => $confvers[$bakver]['filesize']);
855	1e0b1727	Phil Davis	}
856	12df7edc	Erik	} else {
857			return false;
858			}
859			$toreturn['versions'] = $bakvers;
860			return $toreturn;
861			}
862
863			function backup_config() {
864			global $config, $g;
865
866	1e0b1727	Phil Davis	if ($g['platform'] == "cdrom") {
867	12df7edc	Erik	return;
868	1e0b1727	Phil Davis	}
869	12df7edc	Erik
870			conf_mount_rw();
871
872			/* Create backup directory if needed */
873			safe_mkdir("{$g['cf_conf_path']}/backup");
874	1e0b1727	Phil Davis	if ($config['revision']['time'] == "") {
875			$baktime = 0;
876			} else {
877			$baktime = $config['revision']['time'];
878			}
879	8a811010	Chris Buechler
880	1e0b1727	Phil Davis	if ($config['revision']['description'] == "") {
881			$bakdesc = "Unknown";
882			} else {
883			$bakdesc = $config['revision']['description'];
884			}
885	8059f9cb	jim-p
886			$bakver = ($config['version'] == "") ? "?" : $config['version'];
887	bfe615ee	jim-p	$bakfilename = $g['cf_conf_path'] . '/backup/config-' . $baktime . '.xml';
888			copy($g['cf_conf_path'] . '/config.xml', $bakfilename);
889	8a811010	Chris Buechler
890	1e0b1727	Phil Davis	if (file_exists($g['cf_conf_path'] . '/backup/backup.cache')) {
891			$backupcache = unserialize(file_get_contents($g['cf_conf_path'] . '/backup/backup.cache'));
892			} else {
893			$backupcache = array();
894			}
895	bfe615ee	jim-p	$backupcache[$baktime] = array('description' => $bakdesc, 'version' => $bakver, 'filesize' => filesize($bakfilename));
896	1e0b1727	Phil Davis	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
897			fwrite($bakout, serialize($backupcache));
898			fclose($bakout);
899	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
900	12df7edc	Erik
901			conf_mount_ro();
902
903			return true;
904			}
905
906			function set_device_perms() {
907			$devices = array(
908	6c07db48	Phil Davis	'pf' => array(
909			'user' => 'root',
910			'group' => 'proxy',
911			'mode' => 0660),
912	12df7edc	Erik	);
913
914			foreach ($devices as $name => $attr) {
915			$path = "/dev/$name";
916			if (file_exists($path)) {
917			chown($path, $attr['user']);
918			chgrp($path, $attr['group']);
919			chmod($path, $attr['mode']);
920			}
921			}
922			}
923
924	ba1d9714	jim-p	function get_config_user() {
925			if (empty($_SESSION["Username"])) {
926	362ec35d	Ermal	$username = getenv("USER");
927	1e0b1727	Phil Davis	if (empty($conuser) \|\| $conuser == "root") {
928	ba1d9714	jim-p	$username = "(system)";
929	1e0b1727	Phil Davis	}
930			} else {
931	ba1d9714	jim-p	$username = $_SESSION["Username"];
932	1e0b1727	Phil Davis	}
933	ba1d9714	jim-p
934	1e0b1727	Phil Davis	if (!empty($_SERVER['REMOTE_ADDR'])) {
935	ba1d9714	jim-p	$username .= '@' . $_SERVER['REMOTE_ADDR'];
936	1e0b1727	Phil Davis	}
937	ba1d9714	jim-p
938			return $username;
939			}
940
941			function make_config_revision_entry($desc = null, $override_user = null) {
942	1e0b1727	Phil Davis	if (empty($override_user)) {
943	ba1d9714	jim-p	$username = get_config_user();
944	1e0b1727	Phil Davis	} else {
945	ba1d9714	jim-p	$username = $override_user;
946	1e0b1727	Phil Davis	}
947	ba1d9714	jim-p
948			$revision = array();
949
950	1e0b1727	Phil Davis	if (time() > mktime(0, 0, 0, 9, 1, 2004)) { /* make sure the clock settings are plausible */
951	ba1d9714	jim-p	$revision['time'] = time();
952	1e0b1727	Phil Davis	}
953	ba1d9714	jim-p
954			/* Log the running script so it's not entirely unlogged what changed */
955	1e0b1727	Phil Davis	if ($desc == "Unknown") {
956	ba1d9714	jim-p	$desc = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
957	1e0b1727	Phil Davis	}
958			if (!empty($desc)) {
959	ba1d9714	jim-p	$revision['description'] = "{$username}: " . $desc;
960	1e0b1727	Phil Davis	}
961	ba1d9714	jim-p	$revision['username'] = $username;
962			return $revision;
963			}
964
965	e1ebe9e2	jim-p	function get_config_backup_count() {
966			global $config, $g;
967			if (isset($config['system']['backupcount']) && is_numeric($config['system']['backupcount']) && ($config['system']['backupcount'] >= 0)) {
968			return intval($config['system']['backupcount']);
969	e61f548f	Ermal	} elseif ($g['platform'] == "nanobsd") {
970	e1ebe9e2	jim-p	return 5;
971			} else {
972			return 30;
973			}
974			}
975
976	00e55088	Ermal	function pfSense_clear_globals() {
977			global $config, $FilterIfList, $GatewaysList, $filterdns, $aliases, $aliastable;
978
979	be2d7eb7	Chris Buechler	$error = error_get_last();
980	1e0b1727	Phil Davis
981			if ($error !== NULL) {
982	b3f2f476	PiBa-NL	if ($error['type'] == E_ERROR) {
983	be2d7eb7	Chris Buechler	$errorstr = "PHP ERROR: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
984	b3f2f476	PiBa-NL	print($errorstr);
985			log_error($errorstr);
986	6c07db48	Phil Davis	} else if ($error['type'] != E_NOTICE) {
987	b3f2f476	PiBa-NL	$errorstr = "PHP WARNING: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
988	e8e494f3	Chris Buechler	// XXX: comment out for now, should re-enable post-2.2
989			//print($errorstr);
990			//log_error($errorstr);
991	be2d7eb7	Chris Buechler	}
992			}
993
994	1e0b1727	Phil Davis	if (isset($FilterIfList)) {
995	00e55088	Ermal	unset($FilterIfList);
996	1e0b1727	Phil Davis	}
997	00e55088	Ermal
998	1e0b1727	Phil Davis	if (isset($GatewaysList)) {
999	00e55088	Ermal	unset($GatewaysList);
1000	1e0b1727	Phil Davis	}
1001	00e55088	Ermal
1002			/* Used for the hostname dns resolver */
1003	1e0b1727	Phil Davis	if (isset($filterdns)) {
1004	00e55088	Ermal	unset($filterdns);
1005	1e0b1727	Phil Davis	}
1006	00e55088	Ermal
1007			/* Used for aliases and interface macros */
1008	1e0b1727	Phil Davis	if (isset($aliases)) {
1009	00e55088	Ermal	unset($aliases);
1010	1e0b1727	Phil Davis	}
1011			if (isset($aliastable)) {
1012	00e55088	Ermal	unset($aliastable);
1013	1e0b1727	Phil Davis	}
1014	00e55088	Ermal
1015			unset($config);
1016			}
1017
1018			register_shutdown_function('pfSense_clear_globals');
1019
1020	4e038d31	Carlos Eduardo Ramos	?>

Project

General

Profile

pfSense