/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 6e0b68bf

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34	b368b35a	Ermal	pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/sbin/syslogd
35	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36	42135f07	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
44			return;
45	53c210dd	Cristian Feldman	if(is_process_running("powerd"))
46			exec("/usr/bin/killall powerd");
47	8e9fa41d	Scott Ullrich	if(isset($config['system']['powerd_enable'])) {
48	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
49			exec("/sbin/kldload cpufreq");
50	53c210dd	Cristian Feldman	$mode = "hadp";
51			if (!empty($config['system']['powerd_mode']))
52			$mode = $config['system']['powerd_mode'];
53			mwexec("/usr/sbin/powerd -b $mode -a $mode");
54	8e9fa41d	Scott Ullrich	}
55			}
56
57	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
58			global $sysctls;
59	f3c91cb5	Erik Fonnesbeck
60			if (isset($sysctls[$id]))
61			return $sysctls[$id];
62	3a35f55f	Scott Ullrich	}
63
64	6df9d7e3	Scott Ullrich	function activate_sysctls() {
65			global $config, $g;
66	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
67			return;
68	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
69	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
70	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
71	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
72	99e88aa0	Ermal Luçi
73	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
74	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
75	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
76			$value = get_default_sysctl_value($tunable['tunable']);
77			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
78			} else {
79	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
80	b2d0140c	Scott Ullrich	}
81	d0b461f5	sullrich	}
82			}
83	6df9d7e3	Scott Ullrich	}
84
85	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
86	c3f535c0	Seth Mos	global $config, $g;
87
88			if(isset($config['system']['developerspew'])) {
89			$mt = microtime();
90			echo "system_resolvconf_generate() being called $mt\n";
91			}
92	ef217c69	Scott Ullrich
93	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
94	ef217c69	Scott Ullrich
95	53bbbf04	Scott Ullrich	// Do not create blank domain lines, it breaks tools like dig.
96			if($syscfg['domain'])
97			$resolvconf = "domain {$syscfg['domain']}\n";
98	ef217c69	Scott Ullrich
99	af6576a8	jim-p	if (isset($config['dnsmasq']['enable']) && !isset($config['system']['dnslocalhost']))
100	6c86a39f	Ermal	$resolvconf .= "nameserver 127.0.0.1\n";
101	8ac329da	Ermal
102	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
103	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
104	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
105			foreach($ns as $searchserver) {
106	8e866217	Ermal	if($searchserver)
107	86dcdfc9	Ermal	$resolvconf .= "search {$searchserver}\n";
108			}
109	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
110			foreach($ns as $nameserver) {
111	8e866217	Ermal	if($nameserver)
112	c3f535c0	Seth Mos	$resolvconf .= "nameserver $nameserver\n";
113			}
114	30cee7b2	Scott Ullrich	}
115	8e866217	Ermal	if (is_array($syscfg['dnsserver'])) {
116	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
117	8e866217	Ermal	if ($ns)
118	c3f535c0	Seth Mos	$resolvconf .= "nameserver $ns\n";
119	e180a6e3	Scott Ullrich	}
120	c3f535c0	Seth Mos	}
121	0f282d7a	Scott Ullrich
122	d97ff036	Ermal	$dnslock = lock('resolvconf', LOCK_EX);
123
124	e1daff07	Ermal	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
125			if (!$fd) {
126			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
127	d97ff036	Ermal	unlock($dnslock);
128	e1daff07	Ermal	return 1;
129			}
130
131	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
132			fclose($fd);
133	0f282d7a	Scott Ullrich
134	30cee7b2	Scott Ullrich	if (!$g['booting']) {
135	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
136			if (!$dynupdate)
137			services_dhcpd_configure();
138	30cee7b2	Scott Ullrich	}
139	ef217c69	Scott Ullrich
140	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
141			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
142			/* setup static routes for dns servers */
143	c935003d	Seth Mos	$dnsgw = "dns{$dnscounter}gw";
144	c3f535c0	Seth Mos	if (isset($config['system'][$dnsgw])) {
145	c935003d	Seth Mos	$gwname = $config['system'][$dnsgw];
146			if (($gwname <> "") && ($gwname <> "none")) {
147			$gatewayip = lookup_gateway_ip_by_name($gwname);
148			if (is_ipaddrv4($gatewayip)) {
149	c3f535c0	Seth Mos	/* dns server array starts at 0 */
150	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
151	4c41b626	Ermal	mwexec("route change -host " . $syscfg['dnsserver'][$dnscountermo] . " {$gatewayip}");
152	b875f306	Scott Ullrich	}
153	c935003d	Seth Mos	if (is_ipaddrv6($gatewayip)) {
154			/* dns server array starts at 0 */
155			$dnscountermo = $dnscounter - 1;
156	64a8dbf2	jim-p	mwexec("route change -host -inet6 " . $syscfg['dnsserver'][$dnscountermo] . " {$gatewayip}");
157	c935003d	Seth Mos	}
158	b875f306	Scott Ullrich	}
159	e180a6e3	Scott Ullrich	}
160	c3f535c0	Seth Mos	}
161	d97ff036	Ermal
162			unlock($dnslock);
163
164	c3f535c0	Seth Mos	return 0;
165	5b237745	Scott Ullrich	}
166
167	86dcdfc9	Ermal	function get_searchdomains() {
168			global $config, $g;
169
170			$master_list = array();
171
172			// Read in dhclient nameservers
173	e1daff07	Ermal	$search_list = glob("/var/etc/searchdomain_*");
174	86dcdfc9	Ermal	if (is_array($search_lists)) {
175	807fd6cd	Ermal	foreach($search_lists as $fdns) {
176			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
177			if (!is_array($contents))
178			continue;
179			foreach ($contents as $dns) {
180			if(is_hostname($dns))
181			$master_list[] = $dns;
182			}
183	86dcdfc9	Ermal	}
184			}
185
186			return $master_list;
187			}
188
189	3d00ccaa	Scott Ullrich	function get_nameservers() {
190			global $config, $g;
191			$master_list = array();
192	30cee7b2	Scott Ullrich
193	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
194	e1daff07	Ermal	$dns_lists = glob("/var/etc/nameserver_*");
195	1033de74	Ermal	if (is_array($dns_lists)) {
196	807fd6cd	Ermal	foreach($dns_lists as $fdns) {
197			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
198			if (!is_array($contents))
199			continue;
200			foreach ($contents as $dns) {
201			if(is_ipaddr($dns))
202			$master_list[] = $dns;
203			}
204	60951398	Scott Ullrich	}
205	3d00ccaa	Scott Ullrich	}
206	2a1226ad	Scott Ullrich
207			// Read in any extra nameservers
208			if(file_exists("/var/etc/nameservers.conf")) {
209	33818198	Ermal	$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
210	e1daff07	Ermal	if(is_array($dns_s)) {
211	2a1226ad	Scott Ullrich	foreach($dns_s as $dns)
212	1033de74	Ermal	if (is_ipaddr($dns))
213			$master_list[] = $dns;
214	e1daff07	Ermal	}
215	2a1226ad	Scott Ullrich	}
216
217	3d00ccaa	Scott Ullrich	return $master_list;
218			}
219
220	5b237745	Scott Ullrich	function system_hosts_generate() {
221	f19d3b7a	Scott Ullrich	global $config, $g;
222	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
223			$mt = microtime();
224	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
225	f19d3b7a	Scott Ullrich	}
226	0f282d7a	Scott Ullrich
227	5b237745	Scott Ullrich	$syscfg = $config['system'];
228			$dnsmasqcfg = $config['dnsmasq'];
229
230			if (!is_array($dnsmasqcfg['hosts'])) {
231			$dnsmasqcfg['hosts'] = array();
232			}
233			$hostscfg = $dnsmasqcfg['hosts'];
234	0f282d7a	Scott Ullrich
235	58db1fc4	Ermal	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
236	aa994814	Andrew Thompson	$lhosts = "";
237			$dhosts = "";
238	a55e9c70	Ermal Lu?i
239	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
240			$cfgip = get_interface_ip("lan");
241	f38f8062	Ermal	if (is_ipaddr($cfgip))
242			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
243	e5995f9d	Ermal	} else {
244			$sysiflist = get_configured_interface_list();
245			foreach ($sysiflist as $sysif) {
246			if (!interface_has_gateway($sysif)) {
247			$cfgip = get_interface_ip($sysif);
248			if (is_ipaddr($cfgip)) {
249			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
250			break;
251			}
252			}
253			}
254	f38f8062	Ermal	}
255	0f282d7a	Scott Ullrich
256	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
257			if ($host['host'])
258	aa994814	Andrew Thompson	$lhosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
259	5b237745	Scott Ullrich	else
260	aa994814	Andrew Thompson	$lhosts .= "{$host['ip']} {$host['domain']}\n";
261	5db4d1eb	jim-p	if (!is_array($host['aliases']) \|\| !is_array($host['aliases']['item']))
262			continue;
263	5a2a8349	Lorenz Schori	foreach ($host['aliases']['item'] as $alias) {
264			if ($alias['host'])
265			$lhosts .= "{$host['ip']} {$alias['host']}.{$alias['domain']} {$alias['host']}\n";
266			else
267			$lhosts .= "{$host['ip']} {$alias['domain']}\n";
268			}
269	5b237745	Scott Ullrich	}
270	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
271	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
272			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
273	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
274	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
275	aa994814	Andrew Thompson	$dhosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
276	4b2bf4fc	smos	}
277			if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpdv6'])) {
278	7c6856f8	jim-p	foreach ($config['dhcpdv6'] as $dhcpif => $dhcpifconf)
279			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
280			foreach ($dhcpifconf['staticmap'] as $host)
281			if ($host['ipaddrv6'] && $host['hostname'])
282			$dhosts .= "{$host['ipaddrv6']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
283	a56e787d	Scott Ullrich	}
284	58db1fc4	Ermal
285	aa994814	Andrew Thompson	if (isset($dnsmasqcfg['dhcpfirst']))
286			$hosts .= $dhosts . $lhosts;
287			else
288			$hosts .= $lhosts . $dhosts;
289
290	58db1fc4	Ermal	/*
291			* Do not remove this because dhcpleases monitors with kqueue it needs to be
292			* killed before writing to hosts files.
293			*/
294			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
295			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
296			@unlink("{$g['varrun_path']}/dhcpleases.pid");
297			}
298			$fd = fopen("{$g['varetc_path']}/hosts", "w");
299			if (!$fd) {
300			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
301			return 1;
302			}
303	5b237745	Scott Ullrich	fwrite($fd, $hosts);
304			fclose($fd);
305	0f282d7a	Scott Ullrich
306	24d619f5	Ermal	system_dhcpleases_configure();
307
308			return 0;
309			}
310
311			function system_dhcpleases_configure() {
312	15d456b9	gnhb	global $config, $g;
313
314	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
315			return;
316	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
317			if (isset($config['dnsmasq']['regdhcp'])) {
318			/* Make sure we do not error out */
319			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
320	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
321			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
322			else
323			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
324			} else {
325			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
326			@unlink("{$g['varrun_path']}/dhcpleases.pid");
327			}
328	5b237745	Scott Ullrich	}
329
330			function system_hostname_configure() {
331	f19d3b7a	Scott Ullrich	global $config, $g;
332	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
333			$mt = microtime();
334	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
335	333f8ef0	Scott Ullrich	}
336	0f282d7a	Scott Ullrich
337	5b237745	Scott Ullrich	$syscfg = $config['system'];
338	0f282d7a	Scott Ullrich
339	5b237745	Scott Ullrich	/* set hostname */
340	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
341	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
342	6bfccde7	Scott Ullrich
343			/* Setup host GUID ID. This is used by ZFS. */
344			mwexec("/etc/rc.d/hostid start");
345
346			return $status;
347	5b237745	Scott Ullrich	}
348
349	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
350	962625aa	Ermal	global $config, $g;
351	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
352			return;
353	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
354			$mt = microtime();
355	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
356	58c7450e	Scott Ullrich	}
357	333f8ef0	Scott Ullrich
358	a529aced	Ermal	$gatewayip = "";
359			$interfacegw = "";
360	3cc07282	Ermal	$foundgw = false;
361	5a5413bb	Seth Mos	$gatewayipv6 = "";
362			$interfacegwv6 = "";
363			$foundgwv6 = false;
364	a529aced	Ermal	/* tack on all the hard defined gateways as well */
365			if (is_array($config['gateways']['gateway_item'])) {
366	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
367	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
368	08ab5cd2	jim-p	if (isset($gateway['defaultgw']) && ((is_ipaddrv4($gateway['gateway'])) \|\| ($gateway['gateway'] == "dynamic"))) {
369	911a262f	smos	if(strstr($gateway['gateway'], ":"))
370			break;
371	a529aced	Ermal	if ($gateway['gateway'] == "dynamic")
372			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
373			$gatewayip = $gateway['gateway'];
374			$interfacegw = $gateway['interface'];
375	924f202e	Ermal	if (!empty($interfacegw)) {
376			$defaultif = get_real_interface($gateway['interface']);
377			if ($defaultif)
378			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
379			}
380			$foundgw = true;
381	a529aced	Ermal	break;
382			}
383	6e17413e	Ermal Lu?i	}
384	5a5413bb	Seth Mos	foreach ($config['gateways']['gateway_item'] as $gateway) {
385	08ab5cd2	jim-p	if (isset($gateway['defaultgw']) && ((is_ipaddrv6($gateway['gateway'])) \|\| ($gateway['gateway'] == "dynamic6"))) {
386	1a40ed8a	smos	if ($gateway['gateway'] == "dynamic6")
387	5a5413bb	Seth Mos	$gateway['gateway'] = get_interface_gateway_v6($gateway['interface']);
388			$gatewayipv6 = $gateway['gateway'];
389			$interfacegwv6 = $gateway['interface'];
390			if (!empty($interfacegwv6)) {
391	4f332466	Seth Mos	$defaultifv6 = get_real_interface($gateway['interface']);
392			if ($defaultifv6)
393	17a5b095	Seth Mos	@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gatewayipv6);
394	5a5413bb	Seth Mos	}
395			$foundgwv6 = true;
396			break;
397			}
398			}
399	b24bda08	Scott Ullrich	}
400	3cc07282	Ermal	if ($foundgw == false) {
401			$defaultif = get_real_interface("wan");
402			$interfacegw = "wan";
403			$gatewayip = get_interface_gateway("wan");
404			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
405			}
406	5a5413bb	Seth Mos	if ($foundgwv6 == false) {
407	4f332466	Seth Mos	$defaultifv6 = get_real_interface("wan");
408			$interfacegwv6 = "wan";
409			$gatewayipv6 = get_interface_gateway_v6("wan");
410	5a5413bb	Seth Mos	@touch("{$g['tmp_path']}/{$defaultif}_defaultgwv6");
411	17a5b095	Seth Mos	}
412	d173230c	Seth Mos	$dont_add_route = false;
413			/* if OLSRD is enabled, allow WAN to house DHCP. */
414			if($config['installedpackages']['olsrd']) {
415			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
416	f581cb10	Chris Buechler	if(($olsrd['enabledyngw'] == "on") && ($olsrd['enable'] == "on")) {
417	d173230c	Seth Mos	$dont_add_route = true;
418	f581cb10	Chris Buechler	log_error(sprintf(gettext("Not adding default route because OLSR dynamic gateway is enabled.")));
419	6e17413e	Ermal Lu?i	break;
420	d173230c	Seth Mos	}
421			}
422			}
423	07b54e8c	smos
424	1ea67f2e	Ermal	if ($dont_add_route == false ) {
425	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
426	1ea67f2e	Ermal	;
427	5a5413bb	Seth Mos	else if (($interfacegw <> "bgpd") && (is_ipaddrv4($gatewayip))) {
428	b368b35a	Ermal	log_error("ROUTING: setting default route to $gatewayip");
429			mwexec("/sbin/route change -inet default " . escapeshellarg($gatewayip));
430	d173230c	Seth Mos	}
431
432	17a5b095	Seth Mos	if (!empty($interface) && $interface != $interfacegwv6)
433	5a5413bb	Seth Mos	;
434			else if (($interfacegwv6 <> "bgpd") && (is_ipaddrv6($gatewayipv6))) {
435	26ecc19c	smos	if(preg_match("/fe80::/i", $gatewayipv6))
436			$ifscope = "%{$defaultifv6}";
437	ea91a8c0	smos	log_error("ROUTING: setting IPv6 default route to {$gatewayipv6}{$ifscope}");
438	02091d23	smos	mwexec("/sbin/route change -inet6 default " . escapeshellarg($gatewayipv6) ."{$ifscope}");
439	5a5413bb	Seth Mos	}
440			}
441
442	f898c1a9	jim-p	$static_routes = get_staticroutes();
443			if (count($static_routes)) {
444	a529aced	Ermal	$gateways_arr = return_gateways_array();
445	0f282d7a	Scott Ullrich
446	f898c1a9	jim-p	foreach ($static_routes as $rtent) {
447	a529aced	Ermal	$gatewayip = "";
448	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
449	4a896b86	Carlos Eduardo Ramos	log_error(sprintf(gettext("Static Routes: Gateway IP could not be found for %s"), $rtent['network']));
450	a529aced	Ermal	continue;
451			}
452	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
453	1801c223	Ermal	if (!empty($interface) && $interface != $gateway['friendlyiface'])
454	a02708b1	Ermal	continue;
455	9740fad8	Seth Mos
456	bfe407e5	Warren Baker	if(isset($rtent['disabled'])) {
457			mwexec("/sbin/route delete " . escapeshellarg($rtent['network']), true);
458			continue;
459			}
460
461	a02708b1	Ermal	$gatewayip = $gateway['gateway'];
462			$interfacegw = $gateway['interface'];
463	a529aced	Ermal
464	5a5413bb	Seth Mos	if(is_ipaddrv6($gatewayip)) {
465	2db19fec	Seth Mos	$inetfamily = "-inet6";
466	5a5413bb	Seth Mos	} else {
467	2db19fec	Seth Mos	$inetfamily = "-inet";
468	5a5413bb	Seth Mos	}
469	a529aced	Ermal	if (is_ipaddr($gatewayip)) {
470	b368b35a	Ermal	mwexec("/sbin/route change {$inetfamily} " . escapeshellarg($rtent['network']) .
471	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
472	a529aced	Ermal	} else if (!empty($interfacegw)) {
473	b368b35a	Ermal	mwexec("/sbin/route change {$inetfamily} " . escapeshellarg($rtent['network']) .
474	a529aced	Ermal	" -iface " . escapeshellarg($interfacegw));
475	7a98edde	Seth Mos	}
476	5b237745	Scott Ullrich	}
477			}
478	67ee1ec5	Ermal Luçi
479	b9c501ea	Seth Mos	return 0;
480	5b237745	Scott Ullrich	}
481
482			function system_routing_enable() {
483	f19d3b7a	Scott Ullrich	global $config, $g;
484	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
485			$mt = microtime();
486	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
487	58c7450e	Scott Ullrich	}
488	0f282d7a	Scott Ullrich
489	6da3df4e	Seth Mos	mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
490			mwexec("/sbin/sysctl net.inet6.ip6.forwarding=1");
491			return;
492	5b237745	Scott Ullrich	}
493
494	bd29bb7b	jim-p	function system_syslogd_fixup_server($server) {
495			/* If it's an IPv6 IP alone, encase it in brackets */
496			if (is_ipaddrv6($server))
497			return "[$server]";
498			else
499			return $server;
500			}
501
502	236524c2	jim-p	function system_syslogd_get_remote_servers($syslogcfg, $facility = ".") {
503			// Rather than repeatedly use the same code, use this function to build a list of remote servers.
504			$facility .= " ".
505			$remote_servers = "";
506			$pad_to = 56;
507			$padding = ceil(($pad_to - strlen($facility))/8)+1;
508			if($syslogcfg['remoteserver'])
509	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver']) . "\n";
510	236524c2	jim-p	if($syslogcfg['remoteserver2'])
511	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver2']) . "\n";
512	236524c2	jim-p	if($syslogcfg['remoteserver3'])
513	bd29bb7b	jim-p	$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@" . system_syslogd_fixup_server($syslogcfg['remoteserver3']) . "\n";
514	236524c2	jim-p	return $remote_servers;
515			}
516
517	5b237745	Scott Ullrich	function system_syslogd_start() {
518	f19d3b7a	Scott Ullrich	global $config, $g;
519	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
520			$mt = microtime();
521	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
522	58c7450e	Scott Ullrich	}
523	0f282d7a	Scott Ullrich
524	1fd3fe31	Scott Ullrich	mwexec("/etc/rc.d/hostid start");
525
526	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
527
528	0f282d7a	Scott Ullrich	if ($g['booting'])
529	4a896b86	Carlos Eduardo Ramos	echo gettext("Starting syslog...");
530	5b237745	Scott Ullrich	else
531			killbypid("{$g['varrun_path']}/syslog.pid");
532	0f282d7a	Scott Ullrich
533	99f98b80	sullrich	if(is_process_running("syslogd"))
534	236524c2	jim-p	mwexec('/bin/pkill syslogd');
535	99f98b80	sullrich	if(is_process_running("fifolog_writer"))
536	236524c2	jim-p	mwexec('/bin/pkill fifolog_writer');
537	7ee97cb3	Scott Ullrich
538			// Define carious commands for logging
539			$fifolog_create = "/usr/sbin/fifolog_create -s ";
540			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
541			$clog_create = "/usr/sbin/clog -i -s ";
542			$clog_log = "%";
543
544			// Which logging type are we using this week??
545			if(isset($config['system']['usefifolog'])) {
546			$log_directive = $fifolog_log;
547	236524c2	jim-p	$log_create_directive = $fifolog_create;
548	7ee97cb3	Scott Ullrich	} else { // Defaults to CLOG
549			$log_directive = $clog_log;
550			$log_create_directive = $clog_create;
551			}
552
553	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
554	e0c45357	jim-p	$separatelogfacilities = array('ntp','ntpd','ntpdate','racoon','openvpn','pptps','poes','l2tps','relayd','hostapd','dnsmasq','unbound','dhcpd','dhcrelay','apinger','radvd','routed','olsrd','zebra','ospfd','bgpd');
555	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
556	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
557			if($package['logging']) {
558	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
559	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
560	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
561	a728d2ea	Colin Smith	}
562	0d9d2a1b	Scott Ullrich	}
563			}
564	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
565	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
566	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
567			if (!$fd) {
568	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open syslog.conf in system_syslogd_start().%s"), "\n");
569	5b237745	Scott Ullrich	return 1;
570			}
571	e0c45357	jim-p	$syslogconf .= "!radvd,routed,olsrd,zebra,ospfd,bgpd\n";
572			if (!isset($syslogcfg['disablelocallogging']))
573			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/routing.log\n";
574
575			$syslogconf .= "!ntp,ntpd,ntpdate\n";
576	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
577	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
578
579	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
580			if (!isset($syslogcfg['disablelocallogging']))
581	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
582
583	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
584	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
585	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
586
587	a6607b5f	jim-p	$syslogconf .= "!poes\n";
588	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
589	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
590
591	a6607b5f	jim-p	$syslogconf .= "!l2tps\n";
592	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
593	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
594
595	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
596	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
597	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
598			if (isset($syslogcfg['vpn']))
599			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
600
601	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
602	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
603	236524c2	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
604			if (isset($syslogcfg['vpn']))
605			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
606
607	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
608			if (!isset($syslogcfg['disablelocallogging']))
609	e0977fed	smos	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/gateways.log\n";
610			if (isset($syslogcfg['apinger']))
611			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
612
613			$syslogconf .= "!dnsmasq,unbound\n";
614			if (!isset($syslogcfg['disablelocallogging']))
615			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/resolver.log\n";
616			if (isset($syslogcfg['apinger']))
617			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
618
619			$syslogconf .= "!dhcpd,dhcrelay\n";
620			if (!isset($syslogcfg['disablelocallogging']))
621			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/dhcpd.log\n";
622	236524c2	jim-p	if (isset($syslogcfg['apinger']))
623			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
624
625	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
626	236524c2	jim-p	if (!isset($syslogcfg['disablelocallogging']))
627			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
628			if (isset($syslogcfg['relayd']))
629			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
630
631	689eaa4d	jim-p	$syslogconf .= "!hostapd\n";
632	236524c2	jim-p	if (!isset($syslogcfg['disablelocallogging']))
633			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/wireless.log\n";
634			if (isset($syslogcfg['hostapd']))
635			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
636
637	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
638	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
639	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
640	236524c2	jim-p	local0.* {$log_directive}{$g['varlog_path']}/filter.log
641			local3.* {$log_directive}{$g['varlog_path']}/vpn.log
642			local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
643			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
644			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
645			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
646			local7.none {$log_directive}{$g['varlog_path']}/system.log
647			security.* {$log_directive}{$g['varlog_path']}/system.log
648			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
649			auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
650			.emerg
651	be5d59d7	Scott Ullrich
652			EOD;
653	236524c2	jim-p	if (isset($syslogcfg['filter']))
654			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local0.*");
655			if (isset($syslogcfg['vpn']))
656			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local3.*");
657			if (isset($syslogcfg['portalauth']))
658			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local4.*");
659			if (isset($syslogcfg['dhcp']))
660			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local7.*");
661	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
662	236524c2	jim-p	$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.notice;kern.debug;lpr.info;mail.crit;");
663			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "news.err;local0.none;local3.none;local7.none");
664			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "security.*");
665			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "auth.info;authpriv.info;daemon.info");
666			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.emerg");
667			}
668	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
669	236524c2	jim-p	// Make everything mean everything, including facilities excluded above.
670			$syslogconf .= "!*\n";
671			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, ".");
672			}
673	be5d59d7	Scott Ullrich
674	a213ad18	Andrew Thompson	if (isset($syslogcfg['zmqserver'])) {
675			$syslogconf .= <<<EOD
676			. ^{$syslogcfg['zmqserver']}
677
678			EOD;
679			}
680	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
681			fclose($fd);
682	42ee8bde	Scott Ullrich
683			// Ensure that the log directory exists
684	81868072	Scott Ullrich	if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
685	42ee8bde	Scott Ullrich	exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
686
687	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
688			if(strpos($syslogconf, "@") != false)
689	1e656ec4	jim-p	$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
690			else {
691			$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
692			}
693	5b237745	Scott Ullrich
694			} else {
695	1e656ec4	jim-p	$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
696	5b237745	Scott Ullrich	}
697	0f282d7a	Scott Ullrich
698	5b237745	Scott Ullrich	if ($g['booting'])
699	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
700	0f282d7a	Scott Ullrich
701	5b237745	Scott Ullrich	return $retval;
702			}
703
704			function system_pccard_start() {
705	f19d3b7a	Scott Ullrich	global $config, $g;
706	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
707			$mt = microtime();
708	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
709	58c7450e	Scott Ullrich	}
710	0f282d7a	Scott Ullrich
711	5b237745	Scott Ullrich	if ($g['booting'])
712	4a896b86	Carlos Eduardo Ramos	echo gettext("Initializing PCMCIA...");
713	0f282d7a	Scott Ullrich
714	5b237745	Scott Ullrich	/* kill any running pccardd */
715			killbypid("{$g['varrun_path']}/pccardd.pid");
716	0f282d7a	Scott Ullrich
717	5b237745	Scott Ullrich	/* fire up pccardd */
718			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
719	0f282d7a	Scott Ullrich
720	5b237745	Scott Ullrich	if ($g['booting']) {
721			if ($res == 0)
722	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
723	5b237745	Scott Ullrich	else
724	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
725	5b237745	Scott Ullrich	}
726	0f282d7a	Scott Ullrich
727	5b237745	Scott Ullrich	return $res;
728			}
729
730	819197a8	Scott Ullrich
731	5b237745	Scott Ullrich	function system_webgui_start() {
732	f19d3b7a	Scott Ullrich	global $config, $g;
733	877ac35d	Scott Ullrich
734			if ($g['booting'])
735	4a896b86	Carlos Eduardo Ramos	echo gettext("Starting webConfigurator...");
736	877ac35d	Scott Ullrich
737	383a4439	Scott Ullrich	/* kill any running lighttpd */
738	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
739
740	e9d0bf64	Scott Ullrich	sleep(1);
741
742	877ac35d	Scott Ullrich	chdir($g['www_path']);
743
744	fb1266d3	Matthew Grooms	/* defaults */
745			$portarg = "80";
746			$crt = "";
747			$key = "";
748	2cf6ddcb	Nigel Graham	$ca = "";
749	fb1266d3	Matthew Grooms
750	877ac35d	Scott Ullrich	/* non-standard port? */
751	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
752	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
753	877ac35d	Scott Ullrich
754			if ($config['system']['webgui']['protocol'] == "https") {
755	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
756	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
757	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
758	1e332e98	jim-p	if (!is_array($config['ca']))
759			$config['ca'] = array();
760			$a_ca =& $config['ca'];
761			if (!is_array($config['cert']))
762			$config['cert'] = array();
763			$a_cert =& $config['cert'];
764	e9954aef	Scott Ullrich	log_error("Creating SSL Certificate for this host");
765	aab4ca82	Scott Ullrich	$cert = array();
766			$cert['refid'] = uniqid();
767	4816e5ca	Renato Botelho	$cert['descr'] = gettext("webConfigurator default");
768	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
769			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
770			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
771			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
772			unlink("{$g['tmp_path']}/ssl.key");
773			unlink("{$g['tmp_path']}/ssl.crt");
774	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
775			$a_cert[] = $cert;
776			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
777	4a896b86	Carlos Eduardo Ramos	write_config(gettext("Importing HTTPS certificate"));
778	aab4ca82	Scott Ullrich	if(!$config['system']['webgui']['port'])
779			$portarg = "443";
780			$ca = ca_chain($cert);
781	edc8a9f8	jim-p	} else {
782	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
783			$key = base64_decode($cert['prv']);
784			if(!$config['system']['webgui']['port'])
785			$portarg = "443";
786	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
787	edc8a9f8	jim-p	}
788	877ac35d	Scott Ullrich	}
789
790			/* generate lighttpd configuration */
791			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
792	c41602e1	jim-p	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/",
793	98f20e35	Irving Popovetsky	"cert.pem", "ca.pem");
794	877ac35d	Scott Ullrich
795			/* attempt to start lighthttpd */
796			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
797
798	cc093472	sullrich	/* fetch page to preload apc cache */
799	eb0f4fc6	Ermal Lu?i	$proto = "http";
800			if ($config['system']['webgui']['protocol'])
801			$proto = $config['system']['webgui']['protocol'];
802	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
803	cc093472	sullrich
804	877ac35d	Scott Ullrich	if ($g['booting']) {
805			if ($res == 0)
806	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
807	877ac35d	Scott Ullrich	else
808	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
809	877ac35d	Scott Ullrich	}
810
811			return $res;
812			}
813
814	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
815			$cert,
816			$key,
817	2cf6ddcb	Nigel Graham	$ca,
818	eb0f441c	Scott Ullrich	$pid_file,
819			$port = 80,
820			$document_root = "/usr/local/www/",
821			$cert_location = "cert.pem",
822	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
823	280b75d9	Scott Ullrich	$max_requests = "2",
824	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
825			$captive_portal = false) {
826	58c7450e	Scott Ullrich
827	f19d3b7a	Scott Ullrich	global $config, $g;
828
829	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
830			mkdir("{$g['tmp_path']}/lighttpdcompress");
831	570ef08c	sullrich
832	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
833			$mt = microtime();
834	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
835	58c7450e	Scott Ullrich	}
836
837	b4792bf8	Ermal	if($captive_portal != false) {
838	eb0f441c	Scott Ullrich	$captiveportal = ",\"mod_rewrite\"";
839	b4792bf8	Ermal	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?zone={$captive_portal}&redirurl=$1\" )\n";
840	ec192fe5	Scott Ullrich	$captive_portal_module = "";
841	b0bdc06e	Scott Ullrich	$maxprocperip = $config['captiveportal']['maxprocperip'];
842	6968b356	Ermal	if($maxprocperip and $maxprocperip > 0)
843	632e8d54	Scott Ullrich	$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
844			else
845			$captive_portal_mod_evasive = "";
846	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
847			exec("mkdir -p {$g['tmp_path']}/captiveportal");
848			exec("chmod a-w {$g['tmp_path']}/captiveportal");
849	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
850	b0bdc06e	Scott Ullrich	} else {
851	3435dc35	Ermal Lu?i	$captiveportal = "";
852			$captive_portal_rewrite = "";
853	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
854			$captive_portal_mod_evasive = "";
855	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
856	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
857	eb0f441c	Scott Ullrich	}
858	3306a341	Scott Ullrich
859	28cae949	Scott Ullrich	if($port <> "")
860			$lighty_port = $port;
861			else
862			$lighty_port = "80";
863	3d77d4c4	Scott Ullrich
864			$memory = get_memory();
865			$avail = $memory[0];
866
867	98f20e35	Irving Popovetsky	// Determine web GUI process settings and take into account low memory systems
868	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
869			$fast_cgi_enable = false;
870			}
871	98f20e35	Irving Popovetsky	if($avail > 64 and $avail < 256) {
872			$max_procs = ($config['system']['webgui']['max_procs']) ? $config['system']['webgui']['max_procs'] : 1;
873			}
874			if($avail > 255 ) {
875			$max_procs = ($config['system']['webgui']['max_procs']) ? $config['system']['webgui']['max_procs'] : 2;
876			}
877	f4ebc84a	Scott Ullrich
878	98f20e35	Irving Popovetsky	// Ramp up captive portal max procs, assuming each PHP process can consume up to 64MB RAM
879	70cc6249	Scott Ullrich	if($captive_portal == true) {
880	98f20e35	Irving Popovetsky	if($avail > 107 and $avail < 256) {
881			$max_procs += 1; // 2 worker processes
882	70cc6249	Scott Ullrich	}
883	98f20e35	Irving Popovetsky	if($avail > 255 and $avail < 320) {
884			$max_procs += 1; // 3 worker processes
885	70cc6249	Scott Ullrich	}
886	98f20e35	Irving Popovetsky	if($avail > 319 and $avail < 384) {
887			$max_procs += 2; // 4 worker processes
888	70cc6249	Scott Ullrich	}
889	98f20e35	Irving Popovetsky	if($avail > 383 and $avail < 448) {
890			$max_procs += 3; // 5 worker processes
891	70cc6249	Scott Ullrich	}
892	98f20e35	Irving Popovetsky	if($avail > 447) {
893			$max_procs += 4; // 6 worker processes
894	70cc6249	Scott Ullrich	}
895	b0bdc06e	Scott Ullrich	}
896
897	6e337a84	Scott Ullrich	if($captive_portal == true) {
898			$bin_environment = <<<EOC
899	5d2e5116	jim-p	"bin-environment" => (
900	f5b8bdbf	Ermal	"PHP_FCGI_CHILDREN" => "0",
901	5d2e5116	jim-p	"PHP_FCGI_MAX_REQUESTS" => "500"
902			),
903	6e337a84	Scott Ullrich	EOC;
904
905	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
906			$bin_environment = <<<EOC
907	5d2e5116	jim-p	"bin-environment" => (
908	f5b8bdbf	Ermal	"PHP_FCGI_CHILDREN" => "0",
909	5d2e5116	jim-p	"PHP_FCGI_MAX_REQUESTS" => "2",
910			),
911	04f4a116	Ermal Luçi
912			EOC;
913			} else
914	980df75c	Scott Ullrich	$bin_environment = <<<EOC
915	5d2e5116	jim-p	"bin-environment" => (
916	f5b8bdbf	Ermal	"PHP_FCGI_CHILDREN" => "0",
917	5d2e5116	jim-p	"PHP_FCGI_MAX_REQUESTS" => "500"
918			),
919	980df75c	Scott Ullrich	EOC;
920
921	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
922	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
923	b4792bf8	Ermal	if ($captive_portal != false)
924			$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket";
925			else
926			$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi.socket";
927	4edb490d	Scott Ullrich	$cgi_config = "";
928			$fastcgi_config = <<<EOD
929			#### fastcgi module
930			## read fastcgi.txt for more info
931	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
932			( "localhost" =>
933			(
934	b4792bf8	Ermal	"socket" => "{$fast_cgi_path}",
935	980df75c	Scott Ullrich	"min-procs" => 0,
936	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
937	5d2e5116	jim-p	{$bin_environment}
938	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
939			)
940			)
941			)
942	4edb490d	Scott Ullrich
943	dde4f60c	Scott Ullrich	#### CGI module
944	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
945	dde4f60c	Scott Ullrich
946	4edb490d	Scott Ullrich	EOD;
947			} else {
948			$fastcgi_config = "";
949			$module = "\"mod_cgi\"";
950			$cgi_config = <<<EOD
951			#### CGI module
952			cgi.assign = ( ".php" => "/usr/local/bin/php",
953	d4302f46	Espen Johansen	".cgi" => "" )
954	333f8ef0	Scott Ullrich
955	4edb490d	Scott Ullrich	EOD;
956			}
957	333f8ef0	Scott Ullrich
958	3435dc35	Ermal Lu?i	$lighty_config = "";
959	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
960	28cae949	Scott Ullrich	#
961	a632cf43	Scott Ullrich	# lighttpd configuration file
962			#
963			# use a it as base for lighttpd 1.0.0 and above
964	28cae949	Scott Ullrich	#
965	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
966
967	770b4b9c	Scott Ullrich	## FreeBSD!
968	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
969			server.network-backend = "writev"
970	543ecd59	Seth Mos	#server.use-ipv6 = "enable"
971	096261af	Scott Ullrich
972	a632cf43	Scott Ullrich	## modules to load
973	4edb490d	Scott Ullrich	server.modules = (
974	a41c5253	Seth Mos	{$captive_portal_module}
975			"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
976			{$module}{$captiveportal}
977			)
978	28cae949	Scott Ullrich
979			## Unused modules
980	6a019c11	Scott Ullrich	# "mod_setenv",
981			# "mod_rewrite",
982	28cae949	Scott Ullrich	# "mod_ssi",
983			# "mod_usertrack",
984			# "mod_expire",
985			# "mod_secdownload",
986			# "mod_rrdtool",
987	a632cf43	Scott Ullrich	# "mod_auth",
988			# "mod_status",
989	28cae949	Scott Ullrich	# "mod_alias",
990	a632cf43	Scott Ullrich	# "mod_proxy",
991			# "mod_simple_vhost",
992			# "mod_evhost",
993			# "mod_userdir",
994	28cae949	Scott Ullrich	# "mod_cgi",
995	a632cf43	Scott Ullrich
996	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
997			server.max-keep-alive-idle = 30
998
999	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
1000			## server.virtual-* options
1001	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
1002	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
1003	a632cf43	Scott Ullrich
1004	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
1005			server.max-write-idle = 999
1006
1007	a632cf43	Scott Ullrich	## where to send error-messages to
1008	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
1009	a632cf43	Scott Ullrich
1010			# files to check for if .../ is requested
1011			server.indexfiles = ( "index.php", "index.html",
1012			"index.htm", "default.htm" )
1013
1014			# mimetype mapping
1015			mimetype.assign = (
1016			".pdf" => "application/pdf",
1017			".sig" => "application/pgp-signature",
1018			".spl" => "application/futuresplash",
1019			".class" => "application/octet-stream",
1020			".ps" => "application/postscript",
1021			".torrent" => "application/x-bittorrent",
1022			".dvi" => "application/x-dvi",
1023			".gz" => "application/x-gzip",
1024			".pac" => "application/x-ns-proxy-autoconfig",
1025			".swf" => "application/x-shockwave-flash",
1026			".tar.gz" => "application/x-tgz",
1027			".tgz" => "application/x-tgz",
1028			".tar" => "application/x-tar",
1029			".zip" => "application/zip",
1030			".mp3" => "audio/mpeg",
1031			".m3u" => "audio/x-mpegurl",
1032			".wma" => "audio/x-ms-wma",
1033			".wax" => "audio/x-ms-wax",
1034			".ogg" => "audio/x-wav",
1035			".wav" => "audio/x-wav",
1036			".gif" => "image/gif",
1037			".jpg" => "image/jpeg",
1038			".jpeg" => "image/jpeg",
1039			".png" => "image/png",
1040			".xbm" => "image/x-xbitmap",
1041			".xpm" => "image/x-xpixmap",
1042			".xwd" => "image/x-xwindowdump",
1043			".css" => "text/css",
1044			".html" => "text/html",
1045			".htm" => "text/html",
1046			".js" => "text/javascript",
1047			".asc" => "text/plain",
1048			".c" => "text/plain",
1049			".conf" => "text/plain",
1050			".text" => "text/plain",
1051			".txt" => "text/plain",
1052			".dtd" => "text/xml",
1053			".xml" => "text/xml",
1054			".mpeg" => "video/mpeg",
1055			".mpg" => "video/mpeg",
1056			".mov" => "video/quicktime",
1057			".qt" => "video/quicktime",
1058			".avi" => "video/x-msvideo",
1059			".asf" => "video/x-ms-asf",
1060			".asx" => "video/x-ms-asf",
1061			".wmv" => "video/x-ms-wmv",
1062			".bz2" => "application/x-bzip",
1063			".tbz" => "application/x-bzip-compressed-tar",
1064			".tar.bz2" => "application/x-bzip-compressed-tar"
1065			)
1066
1067			# Use the "Content-Type" extended attribute to obtain mime type if possible
1068			#mimetypes.use-xattr = "enable"
1069
1070			#### accesslog module
1071	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
1072	a632cf43	Scott Ullrich
1073			## deny access the file-extensions
1074			#
1075			# ~ is for backupfiles from vi, emacs, joe, ...
1076			# .inc is often used for code includes which should in general not be part
1077			# of the document-root
1078			url.access-deny = ( "~", ".inc" )
1079
1080
1081			######### Options that are good to be but not neccesary to be changed #######
1082
1083			## bind to port (default: 80)
1084	9cb94dd4	Ermal
1085			EOD;
1086
1087	543ecd59	Seth Mos	if($captive_portal == true) {
1088	ef59af27	Darren Embry	$lighty_config .= "server.bind = \"0.0.0.0\"\n";
1089	543ecd59	Seth Mos	$lighty_config .= "server.port = {$lighty_port}\n";
1090	ef59af27	Darren Embry	$lighty_config .= "\$SERVER[\"socket\"] == \"0.0.0.0:{$lighty_port}\" { }\n";
1091	a41c5253	Seth Mos	$lighty_config .= "\$SERVER[\"socket\"] == \"[::1]:{$lighty_port}\" { \n";
1092	293079d1	Seth Mos	if($cert <> "" and $key <> "") {
1093			$lighty_config .= "\n";
1094			$lighty_config .= "## ssl configuration\n";
1095			$lighty_config .= "ssl.engine = \"enable\"\n";
1096			$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1097			if($ca <> "")
1098			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1099			}
1100			$lighty_config .= " }\n";
1101	543ecd59	Seth Mos	} else {
1102	5b6661d8	Seth Mos	$lighty_config .= "server.bind = \"0.0.0.0\"\n";
1103	543ecd59	Seth Mos	$lighty_config .= "server.port = {$lighty_port}\n";
1104	a41c5253	Seth Mos	$lighty_config .= "\$SERVER[\"socket\"] == \"0.0.0.0:{$lighty_port}\" { }\n";
1105			$lighty_config .= "\$SERVER[\"socket\"] == \"[::]:{$lighty_port}\" { \n";
1106	293079d1	Seth Mos	if($cert <> "" and $key <> "") {
1107			$lighty_config .= "\n";
1108			$lighty_config .= "## ssl configuration\n";
1109			$lighty_config .= "ssl.engine = \"enable\"\n";
1110			$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1111			if($ca <> "")
1112			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1113			}
1114			$lighty_config .= " }\n";
1115	543ecd59	Seth Mos	}
1116
1117	9cb94dd4	Ermal
1118			$lighty_config .= <<<EOD
1119	a632cf43	Scott Ullrich
1120			## error-handler for status 404
1121			#server.error-handler-404 = "/error-handler.html"
1122			#server.error-handler-404 = "/error-handler.php"
1123
1124			## to help the rc.scripts
1125			server.pid-file = "/var/run/{$pid_file}"
1126
1127			## virtual directory listings
1128	28cae949	Scott Ullrich	server.dir-listing = "disable"
1129	a632cf43	Scott Ullrich
1130			## enable debugging
1131	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1132			debug.log-response-header = "disable"
1133			debug.log-request-handling = "disable"
1134			debug.log-file-not-found = "disable"
1135	a632cf43	Scott Ullrich
1136	570ef08c	sullrich	# gzip compression
1137	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1138	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1139
1140	3306a341	Scott Ullrich	{$server_upload_dirs}
1141	1ef7b568	Scott Ullrich
1142	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1143	ee959dc4	Scott Ullrich
1144	4edb490d	Scott Ullrich	{$fastcgi_config}
1145
1146			{$cgi_config}
1147	a632cf43	Scott Ullrich
1148	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1149
1150	569f47e9	Scott Ullrich	expire.url = (
1151	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1152	569f47e9	Scott Ullrich	)
1153
1154	a632cf43	Scott Ullrich	EOD;
1155
1156	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1157	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1158	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1159	7aae518a	Scott Ullrich
1160			$cert = str_replace("\n\n", "\n", $cert);
1161	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1162	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1163	7aae518a	Scott Ullrich
1164	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1165	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1166	5b237745	Scott Ullrich	if (!$fd) {
1167	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open cert.pem in system_webgui_start().%s"), "\n");
1168	5b237745	Scott Ullrich	return 1;
1169			}
1170	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1171	5b237745	Scott Ullrich	fwrite($fd, $cert);
1172			fwrite($fd, "\n");
1173			fwrite($fd, $key);
1174			fclose($fd);
1175	546f30ca	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0))) {
1176	2cf6ddcb	Nigel Graham	$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1177			if (!$fd) {
1178	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open ca.pem in system_webgui_start().%s"), "\n");
1179	2cf6ddcb	Nigel Graham	return 1;
1180			}
1181			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1182			fwrite($fd, $ca);
1183			fclose($fd);
1184			}
1185	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1186	4a896b86	Carlos Eduardo Ramos	$lighty_config .= "## " . gettext("ssl configuration") . "\n";
1187	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1188	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1189	673ee7b1	Scott Ullrich
1190			// Harden SSL a bit for PCI conformance testing
1191			$lighty_config .= "ssl.use-sslv2 = \"disable\"\n";
1192			$lighty_config .= "ssl.cipher-list = \"TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH\"\n";
1193
1194	75e9ed89	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0)))
1195	2cf6ddcb	Nigel Graham	$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1196	5b237745	Scott Ullrich	}
1197	a978a0ff	Chris Buechler
1198			// Add HTTP to HTTPS redirect
1199			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1200	7921e8e5	Chris Buechler	if($lighty_port != "443")
1201			$redirectport = ":{$lighty_port}";
1202	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1203			\$SERVER["socket"] == ":80" {
1204			\$HTTP["host"] =~ "(.*)" {
1205	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1206	d7e230ae	Chris Buechler	}
1207			}
1208			EOD;
1209			}
1210	0f282d7a	Scott Ullrich
1211	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1212	a632cf43	Scott Ullrich	if (!$fd) {
1213	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open %s in system_generate_lighty_config().%s"), $filename, "\n");
1214	a632cf43	Scott Ullrich	return 1;
1215	5b237745	Scott Ullrich	}
1216	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1217			fclose($fd);
1218
1219			return 0;
1220	0f282d7a	Scott Ullrich
1221	5b237745	Scott Ullrich	}
1222
1223			function system_timezone_configure() {
1224	f19d3b7a	Scott Ullrich	global $config, $g;
1225	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1226			$mt = microtime();
1227	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1228	333f8ef0	Scott Ullrich	}
1229	5b237745	Scott Ullrich
1230			$syscfg = $config['system'];
1231
1232			if ($g['booting'])
1233	4a896b86	Carlos Eduardo Ramos	echo gettext("Setting timezone...");
1234	5b237745	Scott Ullrich
1235			/* extract appropriate timezone file */
1236			$timezone = $syscfg['timezone'];
1237			if (!$timezone)
1238			$timezone = "Etc/UTC";
1239	0f282d7a	Scott Ullrich
1240	34febcde	Scott Ullrich	conf_mount_rw();
1241
1242	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1243	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1244
1245	4efd4885	Scott Ullrich	mwexec("sync");
1246	27150275	Scott Ullrich	conf_mount_ro();
1247	34febcde	Scott Ullrich
1248	5b237745	Scott Ullrich	if ($g['booting'])
1249	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1250	5b237745	Scott Ullrich	}
1251
1252	0b8e9d38	jim-p	function system_ntp_configure($start_ntpd=true) {
1253	f19d3b7a	Scott Ullrich	global $config, $g;
1254	42135f07	jim-p	$driftfile = "/var/db/ntpd.drift";
1255	5b237745	Scott Ullrich
1256	7734aea6	Andrew Thompson	if ($g['platform'] == 'jail')
1257			return;
1258
1259	b2305621	Ermal	$ntpcfg = "# \n";
1260	42135f07	jim-p	$ntpcfg .= "# pfSense ntp configuration file \n";
1261	b2305621	Ermal	$ntpcfg .= "# \n\n";
1262	0f282d7a	Scott Ullrich
1263	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1264	b2305621	Ermal	foreach (explode(' ', $config['system']['timeservers']) as $ts)
1265	42135f07	jim-p	$ntpcfg .= "server {$ts} iburst maxpoll 9\n";
1266
1267			$ntpcfg .= "driftfile {$driftfile}\n";
1268	95594e5a	Scott Ullrich
1269	b2305621	Ermal	/* open configuration for wrting or bail */
1270			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1271			if(!$fd) {
1272			log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1273			return;
1274			}
1275			fwrite($fd, $ntpcfg);
1276	0f282d7a	Scott Ullrich
1277	20b90e0a	Scott Ullrich	/* slurp! */
1278			fclose($fd);
1279
1280	0b8e9d38	jim-p	/* At bootup we just want to write out the config. */
1281			if (!$start_ntpd)
1282			return;
1283
1284	42135f07	jim-p	/* if ntpd is running, kill it */
1285	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1286	c8960970	Ermal	killbyname("ntpd");
1287	5f3e1f12	Scott Ullrich	}
1288
1289			/* if /var/empty does not exist, create it */
1290			if(!is_dir("/var/empty"))
1291			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1292
1293	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1294	7dab8995	jim-p	$oldset = array();
1295			pcntl_sigprocmask(SIG_SETMASK, array(), $oldset);
1296	42135f07	jim-p	exec("/usr/sbin/ntpd -g -c {$g['varetc_path']}/ntpd.conf");
1297	7dab8995	jim-p	pcntl_sigprocmask(SIG_SETMASK, $oldset);
1298	83eb4567	Scott Ullrich
1299			// Note that we are starting up
1300	42135f07	jim-p	log_error("NTPD is starting up.");
1301	0b8e9d38	jim-p	return;
1302	5b237745	Scott Ullrich	}
1303
1304	652cf082	Seth Mos	function sync_system_time() {
1305			global $config, $g;
1306
1307			if ($g['booting'])
1308	4a896b86	Carlos Eduardo Ramos	echo gettext("Syncing system time before startup...");
1309	652cf082	Seth Mos
1310			/* foreach through servers and write out to ntpd.conf */
1311	b2305621	Ermal	foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1312	652cf082	Seth Mos	mwexec("/usr/sbin/ntpdate -s $ts");
1313			}
1314	4582b281	Scott Ullrich
1315			if ($g['booting'])
1316	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1317	4582b281	Scott Ullrich
1318	652cf082	Seth Mos	}
1319
1320	405e5de0	Scott Ullrich	function system_halt() {
1321			global $g;
1322
1323			system_reboot_cleanup();
1324
1325	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1326	405e5de0	Scott Ullrich	}
1327
1328	5b237745	Scott Ullrich	function system_reboot() {
1329			global $g;
1330	0f282d7a	Scott Ullrich
1331	5b237745	Scott Ullrich	system_reboot_cleanup();
1332	0f282d7a	Scott Ullrich
1333	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1334			}
1335
1336			function system_reboot_sync() {
1337			global $g;
1338	0f282d7a	Scott Ullrich
1339	5b237745	Scott Ullrich	system_reboot_cleanup();
1340	0f282d7a	Scott Ullrich
1341	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1342			}
1343
1344			function system_reboot_cleanup() {
1345	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1346	04967d99	jim-p	require_once("captiveportal.inc");
1347	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1348	336e3c1c	Charlie	require_once("voucher.inc");
1349			voucher_save_db_to_config();
1350	60dd7649	jim-p	require_once("pkg-utils.inc");
1351			stop_packages();
1352	5b237745	Scott Ullrich	}
1353
1354			function system_do_shell_commands($early = 0) {
1355	f19d3b7a	Scott Ullrich	global $config, $g;
1356	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1357			$mt = microtime();
1358	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1359	58c7450e	Scott Ullrich	}
1360	0f282d7a	Scott Ullrich
1361	5b237745	Scott Ullrich	if ($early)
1362			$cmdn = "earlyshellcmd";
1363			else
1364			$cmdn = "shellcmd";
1365	0f282d7a	Scott Ullrich
1366	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1367	333f8ef0	Scott Ullrich
1368	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1369	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1370			exec($cmd);
1371			}
1372	245388b4	Scott Ullrich
1373			} elseif($config['system'][$cmdn] <> "") {
1374	333f8ef0	Scott Ullrich
1375	245388b4	Scott Ullrich	/* execute single item */
1376			exec($config['system'][$cmdn]);
1377
1378	5b237745	Scott Ullrich	}
1379			}
1380
1381			function system_console_configure() {
1382	f19d3b7a	Scott Ullrich	global $config, $g;
1383	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1384			$mt = microtime();
1385	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1386	333f8ef0	Scott Ullrich	}
1387	0f282d7a	Scott Ullrich
1388	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1389			touch("{$g['varetc_path']}/disableconsole");
1390			} else {
1391			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1392			}
1393			}
1394
1395			function system_dmesg_save() {
1396	f19d3b7a	Scott Ullrich	global $g;
1397	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1398			$mt = microtime();
1399	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1400	f19d3b7a	Scott Ullrich	}
1401	0f282d7a	Scott Ullrich
1402	767a716e	Scott Ullrich	$dmesg = "";
1403	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1404	0f282d7a	Scott Ullrich
1405	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1406			$lastcpline = 0;
1407	0f282d7a	Scott Ullrich
1408	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1409			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1410			$lastcpline = $i;
1411			}
1412	0f282d7a	Scott Ullrich
1413	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1414			if (!$fd) {
1415	4a896b86	Carlos Eduardo Ramos	printf(gettext("Error: cannot open dmesg.boot in system_dmesg_save().%s"), "\n");
1416	5b237745	Scott Ullrich	return 1;
1417			}
1418	0f282d7a	Scott Ullrich
1419	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1420			fwrite($fd, $dmesg[$i] . "\n");
1421	0f282d7a	Scott Ullrich
1422	5b237745	Scott Ullrich	fclose($fd);
1423	0f282d7a	Scott Ullrich
1424	5b237745	Scott Ullrich	return 0;
1425			}
1426
1427			function system_set_harddisk_standby() {
1428	f19d3b7a	Scott Ullrich	global $g, $config;
1429	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1430			$mt = microtime();
1431	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1432	58c7450e	Scott Ullrich	}
1433	5b237745	Scott Ullrich
1434			if (isset($config['system']['harddiskstandby'])) {
1435			if ($g['booting']) {
1436	4a896b86	Carlos Eduardo Ramos	echo gettext('Setting hard disk standby... ');
1437	5b237745	Scott Ullrich	}
1438
1439			$standby = $config['system']['harddiskstandby'];
1440			// Check for a numeric value
1441			if (is_numeric($standby)) {
1442			// Sync the disk(s)
1443	5ba5a8de	Scott Ullrich	pfSense_sync();
1444	5b237745	Scott Ullrich	if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1445			// Reinitialize ATA-drives
1446			mwexec('/usr/local/sbin/atareinit');
1447			if ($g['booting']) {
1448	4a896b86	Carlos Eduardo Ramos	echo gettext("done.") . "\n";
1449	5b237745	Scott Ullrich	}
1450			} else if ($g['booting']) {
1451	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
1452	5b237745	Scott Ullrich	}
1453			} else if ($g['booting']) {
1454	4a896b86	Carlos Eduardo Ramos	echo gettext("failed!") . "\n";
1455	5b237745	Scott Ullrich	}
1456			}
1457			}
1458
1459	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1460	f19d3b7a	Scott Ullrich	global $config;
1461	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1462			$mt = microtime();
1463	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1464	58c7450e	Scott Ullrich	}
1465	243aa7b9	Scott Ullrich
1466	6df9d7e3	Scott Ullrich	activate_sysctls();
1467
1468	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1469			system_disable_arp_wrong_if();
1470			}
1471			}
1472
1473			function system_disable_arp_wrong_if() {
1474	f19d3b7a	Scott Ullrich	global $config;
1475	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1476			$mt = microtime();
1477	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1478	333f8ef0	Scott Ullrich	}
1479	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1480	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1481	3ff9d424	Scott Ullrich	}
1482
1483	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1484	f19d3b7a	Scott Ullrich	global $config;
1485	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1486			$mt = microtime();
1487	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1488	58c7450e	Scott Ullrich	}
1489	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1490	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1491	243aa7b9	Scott Ullrich	}
1492
1493	a199b93e	Scott Ullrich	function enable_watchdog() {
1494			global $config;
1495	1a479479	Scott Ullrich	return;
1496	a199b93e	Scott Ullrich	$install_watchdog = false;
1497			$supported_watchdogs = array("Geode");
1498			$file = file_get_contents("/var/log/dmesg.boot");
1499			foreach($supported_watchdogs as $sd) {
1500			if(stristr($file, "Geode")) {
1501			$install_watchdog = true;
1502			}
1503			}
1504			if($install_watchdog == true) {
1505	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1506	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1507	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1508	a199b93e	Scott Ullrich	}
1509			}
1510	15f14889	Scott Ullrich
1511			function system_check_reset_button() {
1512	fa83737d	Scott Ullrich	global $g;
1513	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1514	fa83737d	Scott Ullrich	return 0;
1515	15f14889	Scott Ullrich
1516	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1517
1518	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1519			return 0;
1520
1521			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1522
1523			if ($retval == 99) {
1524			/* user has pressed reset button for 2 seconds -
1525			reset to factory defaults */
1526			echo <<<EOD
1527
1528			***********************************************************************
1529			* Reset button pressed - resetting configuration to factory defaults. *
1530			* The system will reboot after this completes. *
1531			***********************************************************************
1532
1533
1534			EOD;
1535
1536			reset_factory_defaults();
1537			system_reboot_sync();
1538			exit(0);
1539			}
1540
1541			return 0;
1542			}
1543
1544	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1545			Returns an array with two elements:
1546			name => platform string (e.g. 'wrap', 'alix' etc.)
1547			descr => human-readable description (e.g. "PC Engines WRAP")
1548			*/
1549			function system_identify_specific_platform() {
1550			global $g;
1551
1552			if ($g['platform'] == 'generic-pc')
1553	4a896b86	Carlos Eduardo Ramos	return array('name' => 'generic-pc', 'descr' => gettext("Generic PC"));
1554	31c9379c	Scott Ullrich
1555			if ($g['platform'] == 'generic-pc-cdrom')
1556	4a896b86	Carlos Eduardo Ramos	return array('name' => 'generic-pc-cdrom', 'descr' => gettext("Generic PC (CD-ROM)"));
1557	31c9379c	Scott Ullrich
1558			/* the rest of the code only deals with 'embedded' platforms */
1559	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1560	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1561
1562			$dmesg = system_get_dmesg_boot();
1563
1564			if (strpos($dmesg, "PC Engines WRAP") !== false)
1565	4a896b86	Carlos Eduardo Ramos	return array('name' => 'wrap', 'descr' => gettext('PC Engines WRAP'));
1566	31c9379c	Scott Ullrich
1567			if (strpos($dmesg, "PC Engines ALIX") !== false)
1568	4a896b86	Carlos Eduardo Ramos	return array('name' => 'alix', 'descr' => gettext('PC Engines ALIX'));
1569	31c9379c	Scott Ullrich
1570			if (preg_match("/Soekris net45../", $dmesg, $matches))
1571			return array('name' => 'net45xx', 'descr' => $matches[0]);
1572
1573			if (preg_match("/Soekris net48../", $dmesg, $matches))
1574			return array('name' => 'net48xx', 'descr' => $matches[0]);
1575
1576			if (preg_match("/Soekris net55../", $dmesg, $matches))
1577			return array('name' => 'net55xx', 'descr' => $matches[0]);
1578
1579			/* unknown embedded platform */
1580	4a896b86	Carlos Eduardo Ramos	return array('name' => 'embedded', 'descr' => gettext('embedded (unknown)'));
1581	31c9379c	Scott Ullrich	}
1582
1583			function system_get_dmesg_boot() {
1584			global $g;
1585	d16af75d	Scott Ullrich
1586	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1587			}
1588
1589	c82b2c3f	jim-p	function get_possible_listen_ips() {
1590	7401c8c4	jim-p	$interfaces = get_configured_interface_with_descr();
1591			$carplist = get_configured_carp_interface_list();
1592			$listenips = array();
1593			foreach ($carplist as $cif => $carpip)
1594			$interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")";
1595			$aliaslist = get_configured_ip_aliases_list();
1596			foreach ($aliaslist as $aliasip => $aliasif)
1597			$interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
1598			foreach ($interfaces as $iface => $ifacename) {
1599			$tmp["name"] = $ifacename;
1600			$tmp["value"] = $iface;
1601			$listenips[] = $tmp;
1602			}
1603			$tmp["name"] = "Localhost";
1604			$tmp["value"] = "lo0";
1605			$listenips[] = $tmp;
1606			return $listenips;
1607			}
1608	943994ff	Scott Ullrich
1609	3b8a17a1	Ermal	?>

Project

General

Profile

pfSense