/src/usr/local/www/status.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status.php @ 819d58ac

1	5b237745	Scott Ullrich	<?php
2	919d91f9	Phil Davis	/*
3			status.php
4			*/
5	5b237745	Scott Ullrich	/* Run various commands and collect their output into HTML tables.
6			* Jim McBeath <jimmc@macrovision.com> Nov 2003
7			*
8			* (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
9	878f7270	Scott Ullrich	* (modified for pfSense by Scott Ullrich geekgod@pfsense.com)
10	29aef6c4	Jim Thompson	*
11	5b237745	Scott Ullrich	*/
12	191cb31d	Stephen Beaver	/* ====================================================================
13			* Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved.
14			*
15	cb41dd63	Renato Botelho	* Some or all of this file is based on the m0n0wall project which is
16			* Copyright (c) 2004 Manuel Kasper (BSD 2 clause)
17	191cb31d	Stephen Beaver	*
18			* Redistribution and use in source and binary forms, with or without modification,
19			* are permitted provided that the following conditions are met:
20			*
21			* 1. Redistributions of source code must retain the above copyright notice,
22			* this list of conditions and the following disclaimer.
23			*
24			* 2. Redistributions in binary form must reproduce the above copyright
25			* notice, this list of conditions and the following disclaimer in
26			* the documentation and/or other materials provided with the
27			* distribution.
28			*
29			* 3. All advertising materials mentioning features or use of this software
30			* must display the following acknowledgment:
31			* "This product includes software developed by the pfSense Project
32			* for use in the pfSense software distribution. (http://www.pfsense.org/).
33			*
34			* 4. The names "pfSense" and "pfSense Project" must not be used to
35			* endorse or promote products derived from this software without
36			* prior written permission. For written permission, please contact
37			* coreteam@pfsense.org.
38			*
39			* 5. Products derived from this software may not be called "pfSense"
40			* nor may "pfSense" appear in their names without prior written
41			* permission of the Electric Sheep Fencing, LLC.
42			*
43			* 6. Redistributions of any form whatsoever must retain the following
44			* acknowledgment:
45			*
46			* "This product includes software developed by the pfSense Project
47			* for use in the pfSense software distribution (http://www.pfsense.org/).
48			*
49			* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
50			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
52			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
53			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
54			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
55			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
56			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
58			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
59			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
60			* OF THE POSSIBILITY OF SUCH DAMAGE.
61			*
62			* ====================================================================
63			*
64			*/
65	6b07c15a	Matthew Grooms
66			##\|+PRIV
67			##\|*IDENT=page-hidden-detailedstatus
68	5230f468	jim-p	##\|*NAME=Hidden: Detailed Status
69	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'Hidden: Detailed Status' page.
70			##\|MATCH=status.php
71			##\|-PRIV
72	5b237745	Scott Ullrich
73			/* Execute a command, with a title, and generate an HTML table
74			* showing the results.
75			*/
76	1d169baa	Bill Marquette
77			/* include all configuration functions */
78	f977ac60	Bill Marquette	require_once("guiconfig.inc");
79	1d169baa	Bill Marquette	require_once("functions.inc");
80	6f62e89f	jim-p	$output_path = "/tmp/status_output/";
81			$output_file = "/tmp/status_output.tgz";
82	1d169baa	Bill Marquette
83	289b91c8	jim-p	if (is_dir($output_path)) {
84			unlink_if_exists("{$output_path}/*");
85			@rmdir($output_path);
86			}
87			unlink_if_exists($output_file);
88			mkdir($output_path);
89
90	5b237745	Scott Ullrich	function doCmdT($title, $command) {
91	6f62e89f	jim-p	global $output_path, $output_file;
92			/* Fixup output directory */
93
94	2151894c	Colin Fleming	$rubbish = array('\|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
95	6c07db48	Phil Davis	echo "\n<a name=\"" . str_replace($rubbish, '', $title) . "\" id=\"" . str_replace($rubbish, '', $title) . "\"></a>\n";
96	454cec57	sbeaver
97			print('<div class="panel panel-default">');
98	95fa5cce	Phil Davis	print('<div class="panel-heading"><h2 class="panel-title">' . $title . '</h2></div>');
99	abe98adb	Phil Davis	print('<div class="panel-body">');
100			print('<pre>');
101	f997992b	Scott Ullrich
102	5b237745	Scott Ullrich	if ($command == "dumpconfigxml") {
103	6f62e89f	jim-p	$ofd = @fopen("{$output_path}/config-sanitized.xml", "w");
104	5b237745	Scott Ullrich	$fd = @fopen("/conf/config.xml", "r");
105			if ($fd) {
106			while (!feof($fd)) {
107			$line = fgets($fd);
108	70069758	Bill Marquette	/* remove sensitive contents */
109	5b237745	Scott Ullrich	$line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line);
110			$line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line);
111	70069758	Bill Marquette	$line = preg_replace("/<rocommunity>.*?<\\/rocommunity>/", "<rocommunity>xxxxx</rocommunity>", $line);
112	8a2229e3	jim-p	$line = preg_replace("/<prv>.*?<\\/prv>/", "<prv>xxxxx</prv>", $line);
113	fd192dbc	jim-p	$line = preg_replace("/<shared_key>.*?<\\/shared_key>/", "<shared_key>xxxxx</shared_key>", $line);
114			$line = preg_replace("/<tls>.*?<\\/tls>/", "<tls>xxxxx</tls>", $line);
115	8a2229e3	jim-p	$line = preg_replace("/<ipsecpsk>.*?<\\/ipsecpsk>/", "<ipsecpsk>xxxxx</ipsecpsk>", $line);
116			$line = preg_replace("/<md5-hash>.*?<\\/md5-hash>/", "<md5-hash>xxxxx</md5-hash>", $line);
117			$line = preg_replace("/<md5password>.*?<\\/md5password>/", "<md5password>xxxxx</md5password>", $line);
118	289b91c8	jim-p	$line = preg_replace("/<nt-hash>.*?<\\/nt-hash>/", "<nt-hash>xxxxx</nt-hash>", $line);
119	8a2229e3	jim-p	$line = preg_replace("/<radius_secret>.*?<\\/radius_secret>/", "<radius_secret>xxxxx</radius_secret>", $line);
120			$line = preg_replace("/<ldap_bindpw>.*?<\\/ldap_bindpw>/", "<ldap_bindpw>xxxxx</ldap_bindpw>", $line);
121			$line = preg_replace("/<passwordagain>.*?<\\/passwordagain>/", "<passwordagain>xxxxx</passwordagain>", $line);
122			$line = preg_replace("/<crypto_password>.*?<\\/crypto_password>/", "<crypto_password>xxxxx</crypto_password>", $line);
123			$line = preg_replace("/<crypto_password2>.*?<\\/crypto_password2>/", "<crypto_password2>xxxxx</crypto_password2>", $line);
124	5b237745	Scott Ullrich	$line = str_replace("\t", " ", $line);
125	6c07db48	Phil Davis	echo htmlspecialchars($line, ENT_NOQUOTES);
126	6f62e89f	jim-p	fwrite($ofd, $line);
127	5b237745	Scott Ullrich	}
128			}
129			fclose($fd);
130	6f62e89f	jim-p	fclose($ofd);
131	5b237745	Scott Ullrich	} else {
132	6f62e89f	jim-p	$ofd = @fopen("{$output_path}/{$title}.txt", "w");
133	767a716e	Scott Ullrich	$execOutput = "";
134			$execStatus = "";
135	5b237745	Scott Ullrich	exec ($command . " 2>&1", $execOutput, $execStatus);
136			for ($i = 0; isset($execOutput[$i]); $i++) {
137			if ($i > 0) {
138			echo "\n";
139			}
140	6c07db48	Phil Davis	echo htmlspecialchars($execOutput[$i], ENT_NOQUOTES);
141	6f62e89f	jim-p	fwrite($ofd, $execOutput[$i] . "\n");
142	5b237745	Scott Ullrich	}
143	6f62e89f	jim-p	fclose($ofd);
144	5b237745	Scott Ullrich	}
145	454cec57	sbeaver
146	abe98adb	Phil Davis	print('</pre>');
147			print('</div>');
148	454cec57	sbeaver	print('</div>');
149	5b237745	Scott Ullrich	}
150
151			/* Define a command, with a title, to be executed later. */
152			function defCmdT($title, $command) {
153	2151894c	Colin Fleming	global $commands;
154	6c07db48	Phil Davis	$title = htmlspecialchars($title, ENT_NOQUOTES);
155	2151894c	Colin Fleming	$commands[] = array($title, $command);
156	5b237745	Scott Ullrich	}
157
158			/* List all of the commands as an index. */
159			function listCmds() {
160	454cec57	sbeaver	global $currentDate;
161	2151894c	Colin Fleming	global $commands;
162	454cec57	sbeaver
163			$rubbish = array('\|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
164
165			print('<div class="panel panel-default">');
166	95fa5cce	Phil Davis	print('<div class="panel-heading"><h2 class="panel-title">' . gettext("System Status on ") . $currentDate . '</h2></div>');
167	abe98adb	Phil Davis	print('<div class="panel-body">');
168			print(' <div class="content">');
169	454cec57	sbeaver	print("\n<p>" . gettext("This status page includes the following information") . ":\n");
170			print("<ul>\n");
171	abe98adb	Phil Davis	for ($i = 0; isset($commands[$i]); $i++) {
172			print("\t<li><strong><a href=\"#" . str_replace($rubbish, '', $commands[$i][0]) . "\">" . $commands[$i][0] . "</a></strong></li>\n");
173	2151894c	Colin Fleming	}
174	454cec57	sbeaver
175			print("</ul>\n");
176	2ca4eec2	Jared Dillard	print(' </div>');
177	454cec57	sbeaver	print(' </div>');
178			print('</div>');
179	5b237745	Scott Ullrich	}
180
181			/* Execute all of the commands which were defined by a call to defCmd. */
182			function execCmds() {
183	2151894c	Colin Fleming	global $commands;
184	6c07db48	Phil Davis	for ($i = 0; isset($commands[$i]); $i++) {
185	2151894c	Colin Fleming	doCmdT($commands[$i][0], $commands[$i][1]);
186			}
187	5b237745	Scott Ullrich	}
188
189	58f2f42a	Renato Botelho	global $g, $config;
190	1d169baa	Bill Marquette
191	5b237745	Scott Ullrich	/* Set up all of the commands we want to execute. */
192	289b91c8	jim-p
193			/* System stats/info */
194	95fa5cce	Phil Davis	defCmdT("System Uptime", "/usr/bin/uptime");
195	abe98adb	Phil Davis	defCmdT("Interfaces", "/sbin/ifconfig -a");
196			defCmdT("Interface Statistics", "/usr/bin/netstat -nWi");
197	289b91c8	jim-p	defCmdT("Top Process Info", "/usr/bin/top \| /usr/bin/head -n5");
198	abe98adb	Phil Davis	defCmdT("Processes", "/bin/ps xauww");
199	289b91c8	jim-p	defCmdT("Mounted Filesystems", "/sbin/mount");
200	abe98adb	Phil Davis	defCmdT("Free Disk Space", "/bin/df -hi");
201			defCmdT("Routing tables", "/usr/bin/netstat -nWr");
202			defCmdT("Mbuf Usage", "/usr/bin/netstat -mb");
203	289b91c8	jim-p	defCmdT("VMStat", "/usr/bin/vmstat -afimsz");
204			defCmdT("Sockets", "/usr/bin/sockstat");
205	37502a4a	Scott Ullrich
206	289b91c8	jim-p	/* Firewall rules and info */
207	abe98adb	Phil Davis	defCmdT("Generated Ruleset", "/bin/cat {$g['tmp_path']}/rules.debug");
208			defCmdT("Generated Ruleset Limiters", "/bin/cat {$g['tmp_path']}/rules.limiter");
209			defCmdT("Generated Ruleset Limits", "/bin/cat {$g['tmp_path']}/rules.limits");
210	289b91c8	jim-p	defCmdT("pf NAT Rules", "/sbin/pfctl -vvsn");
211			defCmdT("pf Firewall Rules", "/sbin/pfctl -vvsr");
212	abe98adb	Phil Davis	defCmdT("pf Tables", "/sbin/pfctl -vs Tables");
213	486cbb1d	jim-p	defCmdT("pf State Table Contents", "/sbin/pfctl -vvss");
214	289b91c8	jim-p	defCmdT("pf Info", "/sbin/pfctl -si");
215			defCmdT("pf Show All", "/sbin/pfctl -sa");
216	abe98adb	Phil Davis	defCmdT("pf Queues", "/sbin/pfctl -s queue -v");
217			defCmdT("pf OSFP", "/sbin/pfctl -s osfp");
218	95fa5cce	Phil Davis	defCmdT("pfsync Stats", "/usr/bin/netstat -s -ppfsync");
219	abe98adb	Phil Davis	defCmdT("pftop Default", "/usr/local/sbin/pftop -a -b");
220			defCmdT("pftop Long", "/usr/local/sbin/pftop -w 150 -a -b -v long");
221			defCmdT("pftop Queue", "/usr/local/sbin/pftop -w 150 -a -b -v queue");
222			defCmdT("pftop Rules", "/usr/local/sbin/pftop -w 150 -a -b -v rules");
223			defCmdT("pftop Size", "/usr/local/sbin/pftop -w 150 -a -b -v size");
224			defCmdT("pftop Speed", "/usr/local/sbin/pftop -w 150 -a -b -v speed");
225	baec2b00	Ermal	if (isset($config['captiveportal']) && is_array($config['captiveportal'])) {
226			foreach ($config['captiveportal'] as $cpZone => $cpdata) {
227	abe98adb	Phil Davis	if (isset($cpdata['enable'])) {
228	95fa5cce	Phil Davis	defCmdT("IPFW Rules for {$cpdata['zone']}", "/sbin/ipfw -x " . escapeshellarg($cpdata['zoneid']) . " show");
229	abe98adb	Phil Davis	}
230	baec2b00	Ermal	}
231			}
232	58f2f42a	Renato Botelho
233	6f62e89f	jim-p	/* Configuration Files */
234	289b91c8	jim-p	defCmdT("Contents of var run", "/bin/ls /var/run");
235			defCmdT("Contents of conf", "/bin/ls /conf");
236	abe98adb	Phil Davis	defCmdT("config.xml", "dumpconfigxml");
237			defCmdT("resolv.conf", "/bin/cat /etc/resolv.conf");
238			defCmdT("DHCP Configuration", "/bin/cat /var/dhcpd/etc/dhcpd.conf");
239			defCmdT("DHCPv6 Configuration", "/bin/cat /var/dhcpd/etc/dhcpdv6.conf");
240	95fa5cce	Phil Davis	defCmdT("strongSwan Configuration", "/bin/cat /var/etc/ipsec/strongswan.conf");
241			defCmdT("IPsec Configuration", "/bin/cat /var/etc/ipsec/ipsec.conf");
242	abe98adb	Phil Davis	defCmdT("IPsec Status", "/usr/local/sbin/ipsec statusall");
243			defCmdT("SPD", "/sbin/setkey -DP");
244			defCmdT("SAD", "/sbin/setkey -D");
245	6f62e89f	jim-p	if (file_exists("/cf/conf/upgrade_log.txt")) {
246			defCmdT("Upgrade Log", "/bin/cat /cf/conf/upgrade_log.txt");
247			}
248			if (file_exists("/boot/loader.conf")) {
249			defCmdT("Loader Configuration", "/bin/cat /boot/loader.conf");
250			}
251			if (file_exists("/boot/loader.conf.local")) {
252			defCmdT("Loader Configuration (Local)", "/bin/cat /boot/loader.conf.local");
253			}
254			if (file_exists("/var/etc/filterdns.conf")) {
255	95fa5cce	Phil Davis	defCmdT("Filter DNS Daemon Configuration", "/bin/cat /var/etc/filterdns.conf");
256	6f62e89f	jim-p	}
257	41df62c1	jim-p	defCmdT("last 1000 system log entries", "/usr/local/sbin/clog /var/log/system.log 2>&1 \| tail -n 1000");
258			defCmdT("last 1000 DHCP log entries", "/usr/local/sbin/clog /var/log/dhcpd.log 2>&1 \| tail -n 1000");
259			defCmdT("last 500 filter log entries", "/usr/local/sbin/clog /var/log/filter.log 2>&1 \| tail -n 500");
260			defCmdT("last 1000 gateways log entries", "/usr/local/sbin/clog /var/log/gateways.log 2>&1 \| tail -n 1000");
261			defCmdT("last 1000 IPsec log entries", "/usr/local/sbin/clog /var/log/ipsec.log 2>&1 \| tail -n 1000");
262			defCmdT("last 1000 L2TP log entries", "/usr/local/sbin/clog /var/log/l2tps.log 2>&1 \| tail -n 1000");
263			defCmdT("last 1000 NTP log entries", "/usr/local/sbin/clog /var/log/ntpd.log 2>&1 \| tail -n 1000");
264			defCmdT("last 1000 OpenVPN log entries", "/usr/local/sbin/clog /var/log/openvpn.log 2>&1 \| tail -n 1000");
265			defCmdT("last 1000 Captive Portal auth log entries", "/usr/local/sbin/clog /var/log/portalauth.log 2>&1 \| tail -n 1000");
266			defCmdT("last 1000 PPP log entries", "/usr/local/sbin/clog /var/log/poes.log 2>&1 \| tail -n 1000");
267			defCmdT("last 1000 relayd log entries", "/usr/local/sbin/clog /var/log/relayd.log 2>&1 \| tail -n 1000");
268			defCmdT("last 1000 resolver log entries", "/usr/local/sbin/clog /var/log/resolver.log 2>&1 \| tail -n 1000");
269			defCmdT("last 1000 routing log entries", "/usr/local/sbin/clog /var/log/routing.log 2>&1 \| tail -n 1000");
270			defCmdT("last 1000 wireless log entries", "/usr/local/sbin/clog /var/log/wireless.log 2>&1 \| tail -n 1000");
271	6f62e89f	jim-p	if (file_exists("/tmp/PHP_errors.log")) {
272			defCmdT("PHP Error Log", "/bin/cat /tmp/PHP_errors.log");
273			}
274	abe98adb	Phil Davis	defCmdT("System Message Buffer", "/sbin/dmesg -a");
275			defCmdT("System Message Buffer (Boot)", "/bin/cat /var/log/dmesg.boot");
276			defCmdT("sysctl values", "/sbin/sysctl -a");
277	486cbb1d	jim-p	defCmdT("Kernel Environment", "/bin/kenv");
278			defCmdT("Installed OS Packages", "/usr/sbin/pkg info");
279	9cd0b618	Scott Ullrich
280	5b237745	Scott Ullrich	exec("/bin/date", $dateOutput, $dateStatus);
281			$currentDate = $dateOutput[0];
282
283	95fa5cce	Phil Davis	$pgtitle = array("{$g['product_name']}", "Status");
284	4df96eff	Scott Ullrich	include("head.inc");
285
286	289b91c8	jim-p	print_info_box(gettext("Make sure all sensitive information is removed! (Passwords, etc.) before posting " .
287			"information from this page in public places (like mailing lists)") . '<br />' .
288			gettext("Common password fields in config.xml have been automatically redacted.") . '<br />' .
289			gettext("When the page has finished loading, the output will be stored in {$output_file}. It may be downloaded via scp or ") .
290			"<a href=\"/exec.php?dlPath={$output_file}\">" . gettext("Diagnostics > Command Prompt") . '</a>');
291	5b237745	Scott Ullrich
292	454cec57	sbeaver	listCmds();
293			execCmds();
294	5b237745	Scott Ullrich
295	6543ffa4	Stephen Beaver	print(gettext("Saving output to archive..."));
296
297			if (is_dir($output_path)) {
298			mwexec("/usr/bin/tar czpf " . escapeshellarg($output_file) . " -C " . escapeshellarg(dirname($output_path)) . " " . escapeshellarg(basename($output_path)));
299			unlink_if_exists("{$output_path}/*");
300			@rmdir($output_path);
301			}
302
303			print(gettext("Done."));
304
305	56bd1847	Chris Buechler	include("foot.inc");

Project

General

Profile

pfSense