/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ 85e3f445

1	17f6eafa	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5	417fc5c4	Scott Ullrich	part of the pfSense project (http://www.pfsense.com)
6	a25183c5	Scott Ullrich
7	417fc5c4	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
8	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9	f64e8f99	Ermal	Copyright (C) 2010 Ermal Lu?i
10	5b237745	Scott Ullrich	All rights reserved.
11	a25183c5	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	a25183c5	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	a25183c5	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	a25183c5	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	523855b0	Scott Ullrich	/*
35			pfSense_BUILDER_BINARIES: /usr/bin/killall /bin/sh /usr/local/sbin/dhcpd /usr/local/sbin/igmpproxy
36			pfSense_BUILDER_BINARIES: /sbin/ifconfig /usr/sbin/arp /sbin/ifconfig /usr/local/sbin/dnsmasq
37	abcb2bed	Ermal Lu?i	pfSense_BUILDER_BINARIES: /usr/sbin/bsnmpd /sbin/route /usr/local/sbin/olsrd
38	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/local/sbin/miniupnpd
39			pfSense_MODULE: utils
40			*/
41
42	5b237745	Scott Ullrich	function services_dhcpd_configure() {
43	f19d3b7a	Scott Ullrich	global $config, $g;
44	e3a13b00	Scott Ullrich
45			if($g['services_dhcp_server_enable'] == false)
46			return;
47
48	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
49	acd910bf	Scott Ullrich	$mt = microtime();
50	f19d3b7a	Scott Ullrich	echo "services_dhcpd_configure($if) being called $mt\n";
51	acd910bf	Scott Ullrich	}
52	af25d415	Chris Buechler
53			/* kill any running dhcpd */
54			if(is_process_running("dhcpd"))
55			mwexec("killall dhcpd", true);
56	a25183c5	Scott Ullrich
57	15be1722	Ermal Luçi	/* DHCP enabled on any interfaces? */
58			if (!is_dhcp_server_enabled())
59			return 0;
60
61	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
62	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
63			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
64			if($olsrd['enable'])
65	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
66
67	68a0e4fc	Scott Ullrich	/* configure DHCPD chroot */
68	6955830f	Ermal Lu?i	$fd = fopen("{$g['tmp_path']}/dhcpd.sh","w");
69	1d023e00	Scott Ullrich	$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
70			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
71			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
72			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
73			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
74			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
75	ffdc499a	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n");
76	1d023e00	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
77			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
78			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
79			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
80	aa1f476d	Scott Ullrich	fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
81	1d023e00	Scott Ullrich	fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
82			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
83	c7f44ae0	Scott Ullrich	if(!trim($status))
84	b5848422	Scott Ullrich	fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
85	68a0e4fc	Scott Ullrich	fclose($fd);
86	6955830f	Ermal Lu?i	mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh");
87	68a0e4fc	Scott Ullrich
88	381e43e0	jim-p	if ($g['booting']) {
89			if ($g['platform'] != "pfSense") {
90			/* restore the leases, if we have them */
91			if (file_exists("{$g['cf_conf_path']}/dhcpleases.tgz")) {
92			$dhcprestore = "";
93			$dhcpreturn = "";
94			exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcpleases.tgz 2>&1", $dhcprestore, $dhcpreturn);
95			$dhcprestore = implode(" ", $dhcprestore);
96			if($dhcpreturn <> 0) {
97			log_error("DHCP leases restore failed exited with $dhcpreturn, the error is: $dhcprestore\n");
98			}
99			}
100			}
101			}
102
103	5b237745	Scott Ullrich	$syscfg = $config['system'];
104			$dhcpdcfg = $config['dhcpd'];
105	6f9b8073	Ermal Luçi	$Iflist = get_configured_interface_list();
106	15be1722	Ermal Luçi
107	5b237745	Scott Ullrich	if ($g['booting'])
108	f05740c1	Scott Ullrich	echo "Starting DHCP service...";
109	5b237745	Scott Ullrich	else
110			sleep(1);
111	a25183c5	Scott Ullrich
112	5b237745	Scott Ullrich	/* write dhcpd.conf */
113	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
114	5b237745	Scott Ullrich	if (!$fd) {
115			printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
116			return 1;
117			}
118	a25183c5	Scott Ullrich
119	518030b3	Scott Ullrich	$custoptions = "";
120			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
121	c71f5fcd	Ermal	if(is_array($dhcpifconf['numberoptions']) && is_array($dhcpifconf['numberoptions']['item'])) {
122	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
123	678dfd0f	Erik Fonnesbeck	if(!empty($item['type']))
124			$itemtype = $item['type'];
125			else
126			$itemtype = "text";
127			$custoptions .= "option custom-{$dhcpif}-{$itemidx} code {$item['number']} = {$itemtype};\n";
128	518030b3	Scott Ullrich	}
129			}
130			}
131	4cab31d0	Scott Ullrich
132	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
133	9c88328f	Scott Ullrich
134	5b237745	Scott Ullrich	option domain-name "{$syscfg['domain']}";
135	6c23757b	Martin Fuchs	option ldap-server code 95 = text;
136	9be23653	Martin Fuchs	option domain-search-list code 119 = text;
137	518030b3	Scott Ullrich	{$custoptions}
138	5b237745	Scott Ullrich	default-lease-time 7200;
139			max-lease-time 86400;
140			log-facility local7;
141			ddns-update-style none;
142	175fe82b	Scott Ullrich	one-lease-per-client true;
143	436a0f50	Scott Ullrich	deny duplicates;
144	9c88328f	Scott Ullrich	ping-check true;
145	5b237745	Scott Ullrich
146			EOD;
147	a25183c5	Scott Ullrich
148	d8912c6b	Chris Buechler	if(!isset($dhcpifconf['disableauthoritative']))
149			$dhcpdconf .= "authoritative;\n";
150
151	5252b98d	Scott Ullrich	if(isset($dhcpifconf['alwaysbroadcast']))
152			$dhcpdconf .= "always-broadcast on\n";
153
154	5b237745	Scott Ullrich	$dhcpdifs = array();
155	c7f44ae0	Scott Ullrich
156	4494cf6a	Chris Buechler	/* loop through and determine if we need to setup
157	8fa56d1f	Scott Ullrich	* failover peer "bleh" entries
158			*/
159			$dhcpnum = 0;
160			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
161	53f32329	Scott Ullrich
162	09f11c71	jim-p	interfaces_staticarp_configure($dhcpif);
163
164	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']))
165			continue;
166
167	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
168	85b13495	jim-p	$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
169			$intip = find_interface_ip($int);
170			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
171	8fa56d1f	Scott Ullrich	/*
172			* yep, failover peer is defined.
173			* does it match up to a defined vip?
174			*/
175	d2edbd8a	Scott Ullrich	$skew = 110;
176	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
177	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
178			foreach ($a_vip as $vipent) {
179			if($int == $real_dhcpif) {
180			/* this is the interface! */
181	ad487c48	jim-p	if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20"))
182	6181b36f	Scott Ullrich	$skew = 0;
183			}
184	8fa56d1f	Scott Ullrich	}
185	25066204	Scott Ullrich	} else {
186			log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!");
187	8fa56d1f	Scott Ullrich	}
188	5e390f54	Scott Ullrich	if($skew > 10) {
189	8fa56d1f	Scott Ullrich	$type = "secondary";
190	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
191	0e93097a	Scott Ullrich	$my_port = "520";
192			$peer_port = "519";
193	8fa56d1f	Scott Ullrich	} else {
194	0e93097a	Scott Ullrich	$my_port = "519";
195			$peer_port = "520";
196	8fa56d1f	Scott Ullrich	$type = "primary";
197	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
198	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
199	8fa56d1f	Scott Ullrich	}
200			$dhcpdconf .= <<<EOPP
201	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
202	8fa56d1f	Scott Ullrich	{$type};
203			address {$intip};
204	0e93097a	Scott Ullrich	port {$my_port};
205	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
206	0e93097a	Scott Ullrich	peer port {$peer_port};
207	2cd5ce14	Scott Ullrich	max-response-delay 10;
208	b865d178	Scott Ullrich	max-unacked-updates 10;
209			{$dhcpdconf_pri}
210	b259d1c6	Scott Ullrich	load balance max seconds 3;
211	8fa56d1f	Scott Ullrich	}
212	c286d395	Scott Ullrich
213	8fa56d1f	Scott Ullrich	EOPP;
214			$dhcpnum++;
215			}
216			}
217
218			$dhcpnum = 0;
219
220	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
221	a25183c5	Scott Ullrich
222	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
223	a25183c5	Scott Ullrich
224	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']) \|\| !isset($Iflist[$dhcpif]))
225	5b237745	Scott Ullrich	continue;
226	a55e9c70	Ermal Lu?i	$ifcfgip = get_interface_ip($dhcpif);
227			$ifcfgsn = get_interface_subnet($dhcpif);
228			$subnet = gen_subnet($ifcfgip, $ifcfgsn);
229			$subnetmask = gen_subnet_mask($ifcfgsn);
230	a25183c5	Scott Ullrich
231	85e3f445	Ermal	if (!is_ipaddr($subnet))
232			continue;
233
234	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
235	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
236	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
237	48ab0cd2	Scott Ullrich
238	5b237745	Scott Ullrich	$dnscfg = "";
239	a25183c5	Scott Ullrich
240	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
241			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
242			}
243	9be23653	Martin Fuchs
244	6f9b8073	Ermal Luçi	if($dhcpifconf['domainsearchlist'] <> "") {
245	9be23653	Martin Fuchs	$dnscfg .= " option domain-search-list \"{$dhcpifconf['domainsearchlist']}\";\n";
246	6f9b8073	Ermal Luçi	}
247	9be23653	Martin Fuchs
248	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
249			if($dhcpifconf['ddnsdomain'] <> "") {
250			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
251			}
252			$dnscfg .= " ddns-update-style interim;\n";
253			}
254
255	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
256	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
257	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
258	a55e9c70	Ermal Lu?i	$dnscfg .= " option domain-name-servers {$ifcfgip};";
259	aff9d6ab	Scott Ullrich	} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
260			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
261			}
262
263	85e3f445	Ermal	$dhcpdconf .= "subnet {$subnet} netmask {$subnetmask} {\n";
264	aff9d6ab	Scott Ullrich	$dhcpdconf .= " pool {\n";
265
266	2589c9bd	Scott Ullrich	/* is failover dns setup? */
267	698f5500	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
268	aff9d6ab	Scott Ullrich	$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
269	698f5500	Scott Ullrich	if($dhcpifconf['dnsserver'][1] <> "")
270			$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
271	e35dfd89	Scott Ullrich	$dhcpdconf .= ";\n";
272	5b237745	Scott Ullrich	}
273	c7f44ae0	Scott Ullrich
274			if($dhcpifconf['failover_peerip'] <> "")
275	aff9d6ab	Scott Ullrich	$dhcpdconf .= " deny dynamic bootp clients;\n";
276	c7f44ae0	Scott Ullrich
277	a25183c5	Scott Ullrich	if (isset($dhcpifconf['denyunknown']))
278	5b237745	Scott Ullrich	$dhcpdconf .= " deny unknown clients;\n";
279	a25183c5	Scott Ullrich
280	5b237745	Scott Ullrich	if ($dhcpifconf['gateway'])
281			$routers = $dhcpifconf['gateway'];
282			else
283	a55e9c70	Ermal Lu?i	$routers = $ifcfgip;
284	a25183c5	Scott Ullrich
285	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
286			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
287			$dhcpnum++;
288			}
289
290	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
291			range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
292			}
293			option routers {$routers};
294			$dnscfg
295
296			EOD;
297	9be23653	Martin Fuchs
298	518030b3	Scott Ullrich	// default-lease-time
299			if ($dhcpifconf['defaultleasetime'])
300	5b237745	Scott Ullrich	$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
301	518030b3	Scott Ullrich
302			// max-lease-time
303	5b237745	Scott Ullrich	if ($dhcpifconf['maxleasetime'])
304			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
305	a25183c5	Scott Ullrich
306	518030b3	Scott Ullrich	// netbios-name*
307	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
308			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
309			$dhcpdconf .= " option netbios-node-type 8;\n";
310			}
311	a25183c5	Scott Ullrich
312	518030b3	Scott Ullrich	// ntp-servers
313	ad171999	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
314			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
315
316	518030b3	Scott Ullrich	// tftp-server-name
317	ee1b024e	Martin Fuchs	if ($dhcpifconf['tftp'] <> "")
318	6c23757b	Martin Fuchs	$dhcpdconf .= " option tftp-server-name \"{$dhcpifconf['tftp']}\";\n";
319
320	518030b3	Scott Ullrich	// Handle option, number rowhelper values
321			$dhcpdconf .= "\n";
322			if($dhcpifconf['numberoptions']['item']) {
323	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
324	678dfd0f	Erik Fonnesbeck	if(empty($item['type']) \|\| $item['type'] == "text")
325			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} \"{$item['value']}\";\n";
326			else
327			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} {$item['value']};\n";
328	518030b3	Scott Ullrich	}
329			}
330
331			// ldap-server
332			if ($dhcpifconf['ldap'] <> "")
333	6c23757b	Martin Fuchs	$dhcpdconf .= " option ldap-server \"{$dhcpifconf['ldap']}\";\n";
334
335	518030b3	Scott Ullrich	// net boot information
336	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
337			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
338			$dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n";
339			$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
340			}
341	ca126e03	Martin Fuchs	if ($dhcpifconf['rootpath'] <> "") {
342			$dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n";
343	518030b3	Scott Ullrich	}
344	4e9cd828	Seth Mos	}
345	ee1b024e	Martin Fuchs
346	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
347			}
348
349			EOD;
350
351			/* add static mappings */
352			if (is_array($dhcpifconf['staticmap'])) {
353	a25183c5	Scott Ullrich
354	5b237745	Scott Ullrich	$i = 0;
355			foreach ($dhcpifconf['staticmap'] as $sm) {
356			$dhcpdconf .= <<<EOD
357			host s_{$dhcpif}_{$i} {
358			hardware ethernet {$sm['mac']};
359
360			EOD;
361			if ($sm['ipaddr'])
362			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
363	a25183c5	Scott Ullrich
364	ad30055f	Ermal Lu?i	if ($sm['hostname']) {
365			$dhhostname = str_replace(" ", "_", $sm['hostname']);
366	46c5b763	pierrepomes	$dhhostname = str_replace(".", "_", $dhhostname);
367	ad30055f	Ermal Lu?i	$dhcpdconf .= " option host-name {$dhhostname};\n";
368			}
369	d6d50244	Ermal	if ($sm['netbootfile'])
370			$dhcpdconf .= " filename \"{$sm['netbootfile']}\";\n";
371	80717709	Martin Fuchs
372	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
373			$i++;
374			}
375			}
376	a25183c5	Scott Ullrich
377	6f9b8073	Ermal Luçi	$dhcpdifs[] = get_real_interface($dhcpif);
378	5b237745	Scott Ullrich	}
379
380			fwrite($fd, $dhcpdconf);
381			fclose($fd);
382
383			/* create an empty leases database */
384	1d023e00	Scott Ullrich	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
385	d8c3d46e	Scott Ullrich	touch("{$g['varrun_path']}/dhcpd.pid");
386
387	a25183c5	Scott Ullrich
388	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
389	de651e21	smos	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf " .
390	5b237745	Scott Ullrich	join(" ", $dhcpdifs));
391	a25183c5	Scott Ullrich
392	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
393	68a0e4fc	Scott Ullrich	print "done.\n";
394	5c6d0f65	Colin Smith	}
395	a25183c5	Scott Ullrich
396	5b237745	Scott Ullrich	return 0;
397			}
398
399	41997fbb	Ermal Luci	function services_igmpproxy_configure() {
400			global $config, $g;
401
402			$iflist = get_configured_interface_list();
403
404			/* kill any running igmpproxy */
405			killbyname("igmpproxy");
406
407			if (!is_array($config['igmpproxy']['igmpentry']))
408			return 1;
409
410			$igmpconf = <<<EOD
411
412			##------------------------------------------------------
413			## Enable Quickleave mode (Sends Leave instantly)
414			##------------------------------------------------------
415			quickleave
416
417			EOD;
418
419			foreach ($config['igmpproxy']['igmpentry'] as $igmpcf) {
420			unset($iflist[$igmpcf['ifname']]);
421			$realif = get_real_interface($igmpcf['ifname']);
422			if (empty($igmpcf['threshold']))
423			$threshld = 1;
424			else
425			$threshld = $igmpcf['threshold'];
426			$igmpconf .= "phyint {$realif} {$igmpcf['type']} ratelimit 0 threshold {$threshld}\n";
427
428			if ($igmpcf['address'] <> "") {
429			$item = explode(" ", $igmpcf['address']);
430			foreach($item as $iww)
431			$igmpconf .= "altnet {$iww}\n";
432			}
433			$igmpconf .= "\n";
434			}
435			foreach ($iflist as $ifn) {
436			$realif = get_real_interface($ifn);
437			$igmpconf .= "phyint {$realif} disabled\n";
438			}
439
440			$igmpfl = fopen($g['tmp_path'] . "/igmpproxy.conf", "w");
441			if (!$igmpfl) {
442			log_error("Could not write Igmpproxy configuration file!");
443			return;
444			}
445			fwrite($igmpfl, $igmpconf);
446			fclose($igmpfl);
447
448			mwexec("/usr/local/sbin/igmpproxy -c " . $g['tmp_path'] . "/igmpproxy.conf");
449			log_error("Started Igmpproxy service sucsesfully.");
450
451			return 0;
452			}
453
454	80933129	Bill Marquette	function interfaces_staticarp_configure($if) {
455	f19d3b7a	Scott Ullrich	global $config, $g;
456	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
457	acd910bf	Scott Ullrich	$mt = microtime();
458	dcf0598e	Scott Ullrich	echo "interfaces_staticarp_configure($if) being called $mt\n";
459	acd910bf	Scott Ullrich	}
460	c7f44ae0	Scott Ullrich
461	80933129	Bill Marquette	$ifcfg = $config['interfaces'][$if];
462	5c0538e0	Bill Marquette
463	beeafd46	jim-p	if (empty($if) \|\| empty($ifcfg['if']))
464			return 0;
465
466	5c0538e0	Bill Marquette	/* Enable staticarp, if enabled */
467	80933129	Bill Marquette	if(isset($config['dhcpd'][$if]['staticarp'])) {
468			mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
469	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
470	80933129	Bill Marquette	if (is_array($config['dhcpd'][$if]['staticmap'])) {
471	5c0538e0	Bill Marquette
472	80933129	Bill Marquette	foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
473	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
474
475			}
476	c7f44ae0	Scott Ullrich
477	5c0538e0	Bill Marquette	}
478			} else {
479	80933129	Bill Marquette	mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
480	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
481	5c0538e0	Bill Marquette	}
482
483			return 0;
484			}
485
486	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
487	f19d3b7a	Scott Ullrich	global $config, $g;
488	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
489	acd910bf	Scott Ullrich	$mt = microtime();
490	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
491	acd910bf	Scott Ullrich	}
492	a25183c5	Scott Ullrich
493	5b237745	Scott Ullrich	/* kill any running dhcrelay */
494			killbypid("{$g['varrun_path']}/dhcrelay.pid");
495	a25183c5	Scott Ullrich
496	2f06cc3f	Ermal	$dhcrelaycfg =& $config['dhcrelay'];
497	a25183c5	Scott Ullrich
498	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
499	2f06cc3f	Ermal	if (!isset($dhcrelaycfg['enable']))
500	5b237745	Scott Ullrich	return 0;
501	a25183c5	Scott Ullrich
502	5b237745	Scott Ullrich	if ($g['booting'])
503	f05740c1	Scott Ullrich	echo "Starting DHCP relay service...";
504	5b237745	Scott Ullrich	else
505			sleep(1);
506	a25183c5	Scott Ullrich
507	2f06cc3f	Ermal	$iflist = get_configured_interface_list();
508	a25183c5	Scott Ullrich
509	2f06cc3f	Ermal	$dhcifaces = explode(",", $dhcrelaycfg['interface']);
510			foreach ($dhcifaces as $dhcrelayif) {
511			if (!isset($iflist[$dhcrelayif]) \|\|
512			link_interface_to_bridge($dhcrelayif))
513	5b237745	Scott Ullrich	continue;
514	a25183c5	Scott Ullrich
515	2f06cc3f	Ermal	if (is_ipaddr(get_interface_ip($dhcrelayif)))
516			$dhcrelayifs[] = get_real_interface($dhcrelayif);
517	5b237745	Scott Ullrich	}
518
519	2f06cc3f	Ermal	/*
520			* In order for the relay to work, it needs to be active
521			* on the interface in which the destination server sits.
522			*/
523			$srvips = explode(",", $dhcrelaycfg['server']);
524			foreach ($srvips as $srcidx => $srvip) {
525			unset($destif);
526			foreach ($iflist as $ifname) {
527			$subnet = get_interface_ip($ifname);
528			if (!is_ipaddr($subnet))
529			continue;
530			$subnet .= "/" . get_interface_subnet($ifname);
531			if (ip_in_subnet($srvip, $subnet)) {
532			$destif = get_real_interface($ifname);
533			break;
534			}
535	6f9b154b	Ermal	}
536	2f06cc3f	Ermal	if (!isset($destif)) {
537			if (is_array($config['staticroutes']['route'])) {
538			foreach ($config['staticroutes']['route'] as $rtent) {
539			if (ip_in_subnet($srvip, $rtent['network'])) {
540			$a_gateways = return_gateways_array(true);
541			$destif = $a_gateways[$rtent['gateway']]['interface'];
542			break;
543			}
544	6f9b154b	Ermal	}
545			}
546			}
547	a25183c5	Scott Ullrich
548	2f06cc3f	Ermal	if (!isset($destif)) {
549			/* Create a array from the existing route table */
550			exec("/usr/bin/netstat -rnWf inet", $route_str);
551			array_shift($route_str);
552			array_shift($route_str);
553			array_shift($route_str);
554			array_shift($route_str);
555			$route_arr = array();
556			foreach($route_str as $routeline) {
557			$items = preg_split("/[ ]+/i", $routeline);
558			if (ip_in_subnet($srvip, $items[0])) {
559			$destif = trim($items[2]);
560	c935eb77	Ermal	break;
561	2f06cc3f	Ermal	}
562			}
563			}
564
565			if (!isset($destif)) {
566			if (is_array($config['gateways']['gateway_item'])) {
567			foreach ($config['gateways']['gateway_item'] as $gateway) {
568			if (isset($gateway['defaultgw'])) {
569			$a_gateways = return_gateways_array(true);
570			$destif = $a_gateways[$rtent['gateway']]['interface'];
571			break;
572			}
573			}
574			} else
575			$destif = get_real_interface("wan");
576			}
577	a25183c5	Scott Ullrich
578	24997966	Ermal	if (!empty($destif))
579			$dhcrelayifs[] = $destif;
580	2f06cc3f	Ermal	}
581	5b237745	Scott Ullrich	$dhcrelayifs = array_unique($dhcrelayifs);
582
583			/* fire up dhcrelay */
584	24997966	Ermal	if (empty($dhcrelayifs)) {
585	5a171fb7	Warren Baker	log_error("No suitable interface found for running dhcrelay!");
586	24997966	Ermal	return; /* XXX */
587			}
588
589			$cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);
590	5b237745	Scott Ullrich
591	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
592	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
593
594	2f06cc3f	Ermal	$cmd .= " " . implode(" ", $srvips);
595	5b237745	Scott Ullrich	mwexec($cmd);
596	a25183c5	Scott Ullrich
597	5b237745	Scott Ullrich	return 0;
598			}
599
600	181d7c95	Ermal Luçi	function services_dyndns_configure_client($conf) {
601
602	d2946062	Ermal	if (!isset($conf['enable']))
603	65996399	Ermal	return;
604	d2946062	Ermal
605	181d7c95	Ermal Luçi	/* load up the dyndns.class */
606			require_once("dyndns.class");
607
608			log_error("DynDns: Running updatedns()");
609
610			$dns = new updatedns($dnsService = $conf['type'],
611			$dnsHost = $conf['host'],
612			$dnsUser = $conf['username'],
613			$dnsPass = $conf['password'],
614			$dnsWilcard = $conf['wildcard'],
615	9c38bcea	sullrich	$dnsMX = $conf['mx'],
616			$dnsIf = "{$conf['interface']}");
617	181d7c95	Ermal Luçi	}
618
619	0be93267	Ermal Lu?i	function services_dyndns_configure($int = "") {
620	f19d3b7a	Scott Ullrich	global $config, $g;
621	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
622			$mt = microtime();
623			echo "services_dyndns_configure() being called $mt\n";
624			}
625
626	67ee1ec5	Ermal Luçi	$dyndnscfg = $config['dyndnses']['dyndns'];
627
628			if (is_array($dyndnscfg)) {
629	181d7c95	Ermal Luçi	if ($g['booting'])
630			echo "Starting DynDNS clients...";
631
632	67ee1ec5	Ermal Luçi	foreach ($dyndnscfg as $dyndns) {
633	0be93267	Ermal Lu?i	if (!empty($int) && $int != $dyndns['interface'])
634			continue;
635
636	181d7c95	Ermal Luçi	services_dyndns_configure_client($dyndns);
637	67ee1ec5	Ermal Luçi
638	181d7c95	Ermal Luçi	sleep(1);
639	67ee1ec5	Ermal Luçi	}
640	59a63553	Scott Ullrich
641			if ($g['booting'])
642			echo "done.\n";
643			}
644
645			return 0;
646			}
647
648	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
649	f19d3b7a	Scott Ullrich	global $config, $g;
650	6a01ea44	Bill Marquette	$return = 0;
651
652	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
653	acd910bf	Scott Ullrich	$mt = microtime();
654	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
655	acd910bf	Scott Ullrich	}
656
657	5b237745	Scott Ullrich	/* kill any running dnsmasq */
658			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
659
660			if (isset($config['dnsmasq']['enable'])) {
661	a25183c5	Scott Ullrich
662	5b237745	Scott Ullrich	if ($g['booting'])
663	f05740c1	Scott Ullrich	echo "Starting DNS forwarder...";
664	5b237745	Scott Ullrich	else
665			sleep(1);
666
667			/* generate hosts file */
668	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
669			$return = 1;
670	a25183c5	Scott Ullrich
671	5b237745	Scott Ullrich	$args = "";
672	a25183c5	Scott Ullrich
673	0261381a	Ermal	if (isset($config['dnsmasq']['regdhcp'])) {
674			$args .= " --dhcp-hostsfile={$g['varetc_path']}/hosts ";
675			}
676	2c46f11f	Scott Ullrich
677			/* Setup forwarded domains */
678	739b97d9	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
679			foreach($config['dnsmasq']['domainoverrides'] as $override) {
680			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
681			}
682			}
683	0c2b5df7	Scott Ullrich
684	2c46f11f	Scott Ullrich	/* Allow DNS Rebind for forwarded domains */
685	29721fe6	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
686	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
687			foreach($config['dnsmasq']['domainoverrides'] as $override) {
688			$args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
689			}
690	2c46f11f	Scott Ullrich	}
691			}
692	91adc5c1	Scott Ullrich
693	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck']))
694			$dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
695
696	5b237745	Scott Ullrich	/* run dnsmasq */
697	30d20e7d	Scott Ullrich	mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
698	5b237745	Scott Ullrich
699			if ($g['booting'])
700	5c6d0f65	Colin Smith	echo "done.\n";
701	5b237745	Scott Ullrich	}
702	a25183c5	Scott Ullrich
703	5b237745	Scott Ullrich	if (!$g['booting']) {
704	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
705			$return = 1;
706	5b237745	Scott Ullrich	}
707
708	6a01ea44	Bill Marquette	return $return;
709	5b237745	Scott Ullrich	}
710
711			function services_snmpd_configure() {
712	f19d3b7a	Scott Ullrich	global $config, $g;
713	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
714	acd910bf	Scott Ullrich	$mt = microtime();
715	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
716			}
717	5b237745	Scott Ullrich
718			/* kill any running snmpd */
719			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
720	dd18038e	Ermal	sleep(2);
721	bc95f193	Scott Ullrich	if(is_process_running("bsnmpd"))
722	a976fa82	Scott Ullrich	mwexec("/usr/bin/killall bsnmpd", true);
723	5b237745	Scott Ullrich
724			if (isset($config['snmpd']['enable'])) {
725	a25183c5	Scott Ullrich
726	5b237745	Scott Ullrich	if ($g['booting'])
727	5c6d0f65	Colin Smith	echo "Starting SNMP daemon... ";
728	5b237745	Scott Ullrich
729			/* generate snmpd.conf */
730			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
731			if (!$fd) {
732			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
733			return 1;
734			}
735	a25183c5	Scott Ullrich
736	142da8f7	John Fleming
737	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
738	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
739			contact := "{$config['snmpd']['syscontact']}"
740			read := "{$config['snmpd']['rocommunity']}"
741	142da8f7	John Fleming
742			EOD;
743
744			/* No docs on what write strings do there for disable for now.
745			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
746			$snmpdconf .= <<<EOD
747			# write string
748			write := "{$config['snmpd']['rwcommunity']}"
749
750			EOD;
751			}
752			*/
753
754
755			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
756			$snmpdconf .= <<<EOD
757			# SNMP Trap support.
758	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
759			trapport := {$config['snmpd']['trapserverport']}
760			trap := "{$config['snmpd']['trapstring']}"
761	142da8f7	John Fleming
762
763			EOD;
764			}
765
766
767			$snmpdconf .= <<<EOD
768	d47a8a69	Scott Ullrich	system := 1 # pfSense
769			%snmpd
770			begemotSnmpdDebugDumpPdus = 2
771			begemotSnmpdDebugSyslogPri = 7
772			begemotSnmpdCommunityString.0.1 = $(read)
773	142da8f7	John Fleming
774			EOD;
775
776			/* No docs on what write strings do there for disable for now.
777			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
778			$snmpdconf .= <<<EOD
779			begemotSnmpdCommunityString.0.2 = $(write)
780
781			EOD;
782			}
783			*/
784
785	c7f44ae0	Scott Ullrich
786	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
787			$snmpdconf .= <<<EOD
788			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
789			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
790			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
791
792			EOD;
793			}
794
795
796			$snmpdconf .= <<<EOD
797	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
798	03ba7a0f	John Fleming
799			EOD;
800
801	7cbad422	Scott Ullrich	if(isset($config['snmpd']['bindlan'])) {
802	a55e9c70	Ermal Lu?i	$bind_to_ip = get_interface_ip("lan");
803	7cbad422	Scott Ullrich	} else {
804			$bind_to_ip = "0.0.0.0";
805			}
806
807	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
808			$snmpdconf .= <<<EOD
809	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
810	03ba7a0f	John Fleming
811			EOD;
812
813			}
814
815			$snmpdconf .= <<<EOD
816	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
817			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
818	142da8f7	John Fleming
819	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
820	9cc8c59e	Scott Ullrich	sysContact = $(contact)
821			sysLocation = $(location)
822			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
823	142da8f7	John Fleming
824	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
825	03ba7a0f	John Fleming
826			EOD;
827
828			if (is_array( $config['snmpd']['modules'] )) {
829			if(isset($config['snmpd']['modules']['mibii'])) {
830			$snmpdconf .= <<<EOD
831	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
832	03ba7a0f	John Fleming
833			EOD;
834			}
835
836			if(isset($config['snmpd']['modules']['netgraph'])) {
837			$snmpdconf .= <<<EOD
838	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
839			%netgraph
840			begemotNgControlNodeName = "snmpd"
841	03ba7a0f	John Fleming
842			EOD;
843			}
844
845			if(isset($config['snmpd']['modules']['pf'])) {
846			$snmpdconf .= <<<EOD
847	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
848	95fb49e8	Seth Mos
849			EOD;
850			}
851
852			if(isset($config['snmpd']['modules']['hostres'])) {
853			$snmpdconf .= <<<EOD
854			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
855
856			EOD;
857			}
858			if(isset($config['snmpd']['modules']['bridge'])) {
859			$snmpdconf .= <<<EOD
860			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
861	d47a8a69	Scott Ullrich	# config must end with blank line
862	5b237745	Scott Ullrich
863	03ba7a0f	John Fleming
864	5b237745	Scott Ullrich	EOD;
865	03ba7a0f	John Fleming	}
866			}
867	5b237745	Scott Ullrich
868			fwrite($fd, $snmpdconf);
869			fclose($fd);
870
871	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
872			$bindlan = "";
873			}
874
875	853e003a	Scott Ullrich	/* run bsnmpd */
876			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
877	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
878	5b237745	Scott Ullrich
879			if ($g['booting'])
880	5c6d0f65	Colin Smith	echo "done.\n";
881	5b237745	Scott Ullrich	}
882
883			return 0;
884			}
885
886	2ec2a374	Ermal Lu?i	function services_dnsupdate_process($int = "") {
887	f19d3b7a	Scott Ullrich	global $config, $g;
888	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
889	acd910bf	Scott Ullrich	$mt = microtime();
890	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
891	acd910bf	Scott Ullrich	}
892	f19d3b7a	Scott Ullrich
893	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
894	67ee1ec5	Ermal Luçi	if (is_array($config['dnsupdates']['dnsupdate'])) {
895			foreach ($config['dnsupdates']['dnsupdate'] as $i => $dnsupdate) {
896	26586f7a	Ermal Lu?i	if (!isset($dnsupdate['enable']))
897	2ec2a374	Ermal Lu?i	continue;
898	26586f7a	Ermal Lu?i	if (!empty($int) && $int != $dnsupdate['interface'])
899	67ee1ec5	Ermal Luçi	continue;
900
901	2ec2a374	Ermal Lu?i	/* determine interface name */
902	26586f7a	Ermal Lu?i	$if = get_real_interface($dnsupdate['interface']);
903			$wanip = get_interface_ip($dnsupdate['interface']);
904	67ee1ec5	Ermal Luçi	if ($wanip) {
905
906			$keyname = $dnsupdate['keyname'];
907			/* trailing dot */
908			if (substr($keyname, -1) != ".")
909			$keyname .= ".";
910
911			$hostname = $dnsupdate['host'];
912			/* trailing dot */
913			if (substr($hostname, -1) != ".")
914			$hostname .= ".";
915
916			/* write private key file
917			this is dumb - public and private keys are the same for HMAC-MD5,
918			but nsupdate insists on having both */
919			$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.private", "w");
920			$privkey .= <<<EOD
921	a23d7248	Scott Ullrich	Private-key-format: v1.2
922			Algorithm: 157 (HMAC)
923	67ee1ec5	Ermal Luçi	Key: {$dnsupdate['keydata']}
924	a23d7248	Scott Ullrich
925			EOD;
926	67ee1ec5	Ermal Luçi	fwrite($fd, $privkey);
927			fclose($fd);
928
929			/* write public key file */
930			if ($dnsupdate['keytype'] == "zone") {
931			$flags = 257;
932			$proto = 3;
933			} else if ($dnsupdate['keytype'] == "host") {
934			$flags = 513;
935			$proto = 3;
936			} else if ($dnsupdate['keytype'] == "user") {
937			$flags = 0;
938			$proto = 2;
939			}
940	c7f44ae0	Scott Ullrich
941	26586f7a	Ermal Lu?i	$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.key", "w");
942	67ee1ec5	Ermal Luçi	fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
943			fclose($fd);
944
945			/* generate update instructions */
946			$upinst = "";
947			if (!empty($dnsupdate['server']))
948			$upinst .= "server {$dnsupdate['server']}\n";
949			$upinst .= "update delete {$dnsupdate['host']} A\n";
950			$upinst .= "update add {$dnsupdate['host']} {$dnsupdate['ttl']} A {$wanip}\n";
951			$upinst .= "\n"; /* mind that trailing newline! */
952
953			$fd = fopen("{$g['varetc_path']}/nsupdatecmds{$i}", "w");
954			fwrite($fd, $upinst);
955			fclose($fd);
956
957			/* invoke nsupdate */
958	f6d0ad0f	Chris Buechler	$cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
959	67ee1ec5	Ermal Luçi	if (isset($dnsupdate['usetcp']))
960			$cmd .= " -v";
961			$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
962
963			mwexec_bg($cmd);
964			}
965	a23d7248	Scott Ullrich	}
966			}
967	c7f44ae0	Scott Ullrich
968	a23d7248	Scott Ullrich	return 0;
969	5b237745	Scott Ullrich	}
970
971	ac809adb	Scott Ullrich	function setup_wireless_olsr() {
972	f19d3b7a	Scott Ullrich	global $config, $g;
973	834c3bbd	Scott Ullrich	if(!$config['installedpackages']['olsrd'] \|\| !$config['installedpackages'])
974	c7f44ae0	Scott Ullrich	return;
975	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
976	acd910bf	Scott Ullrich	$mt = microtime();
977	f19d3b7a	Scott Ullrich	echo "setup_wireless_olsr($interface) being called $mt\n";
978	acd910bf	Scott Ullrich	}
979	eebeaf0d	Scott Ullrich	conf_mount_rw();
980	78e07da7	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
981	8fb40409	Scott Ullrich	$olsr_enable = $olsrd['enable'];
982			if($olsr_enable <> "on")
983	c7f44ae0	Scott Ullrich	return;
984	ac809adb	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
985	48ab0cd2	Scott Ullrich
986	dad93b75	Scott Ullrich	if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
987			$enableannounce .= "\nHna4\n";
988			$enableannounce .= "{\n";
989	bdd25a82	Scott Ullrich	if($olsrd['announcedynamicroute'])
990			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
991			if($olsrd['enableannounce'] == "on")
992			$enableannounce .= "0.0.0.0 0.0.0.0";
993	dad93b75	Scott Ullrich	$enableannounce .= "\n}\n";
994			} else {
995	48ab0cd2	Scott Ullrich	$enableannounce = "";
996	dad93b75	Scott Ullrich	}
997	48ab0cd2	Scott Ullrich
998	db5fbdb7	Scott Ullrich	$olsr .= <<<EODA
999	80ce93c6	Scott Ullrich	#
1000			# olsr.org OLSR daemon config file
1001			#
1002			# Lines starting with a # are discarded
1003			#
1004	ac809adb	Scott Ullrich	# This file was generated by setup_wireless_olsr() in services.inc
1005	80ce93c6	Scott Ullrich	#
1006
1007	6d0433a5	Scott Ullrich	# This file is an example of a typical
1008			# configuration for a mostly static
1009			# network(regarding mobility) using
1010			# the LQ extention
1011
1012	80ce93c6	Scott Ullrich	# Debug level(0-9)
1013			# If set to 0 the daemon runs in the background
1014
1015	6d0433a5	Scott Ullrich	DebugLevel 2
1016	80ce93c6	Scott Ullrich
1017			# IP version to use (4 or 6)
1018
1019	6d0433a5	Scott Ullrich	IpVersion 4
1020	80ce93c6	Scott Ullrich
1021			# Clear the screen each time the internal state changes
1022
1023			ClearScreen yes
1024
1025	fa4a6253	Scott Ullrich	{$enableannounce}
1026	80ce93c6	Scott Ullrich
1027			# Should olsrd keep on running even if there are
1028			# no interfaces available? This is a good idea
1029			# for a PCMCIA/USB hotswap environment.
1030			# "yes" OR "no"
1031
1032	6d0433a5	Scott Ullrich	AllowNoInt yes
1033	80ce93c6	Scott Ullrich
1034			# TOS(type of service) value for
1035			# the IP header of control traffic.
1036			# If not set it will default to 16
1037
1038	6d0433a5	Scott Ullrich	#TosValue 16
1039	80ce93c6	Scott Ullrich
1040			# The fixed willingness to use(0-7)
1041			# If not set willingness will be calculated
1042			# dynamically based on battery/power status
1043			# if such information is available
1044
1045	6d0433a5	Scott Ullrich	#Willingness 4
1046	80ce93c6	Scott Ullrich
1047			# Allow processes like the GUI front-end
1048			# to connect to the daemon.
1049
1050			IpcConnect
1051			{
1052			# Determines how many simultaneously
1053			# IPC connections that will be allowed
1054			# Setting this to 0 disables IPC
1055
1056			MaxConnections 0
1057
1058			# By default only 127.0.0.1 is allowed
1059			# to connect. Here allowed hosts can
1060			# be added
1061
1062			Host 127.0.0.1
1063			#Host 10.0.0.5
1064
1065	c7f44ae0	Scott Ullrich	# You can also specify entire net-ranges
1066	80ce93c6	Scott Ullrich	# that are allowed to connect. Multiple
1067			# entries are allowed
1068
1069	c7f44ae0	Scott Ullrich	#Net 192.168.1.0 255.255.255.0
1070	80ce93c6	Scott Ullrich	}
1071
1072			# Wether to use hysteresis or not
1073			# Hysteresis adds more robustness to the
1074			# link sensing but delays neighbor registration.
1075			# Used by default. 'yes' or 'no'
1076
1077	6d0433a5	Scott Ullrich	UseHysteresis no
1078	80ce93c6	Scott Ullrich
1079			# Hysteresis parameters
1080	c7f44ae0	Scott Ullrich	# Do not alter these unless you know
1081	80ce93c6	Scott Ullrich	# what you are doing!
1082			# Set to auto by default. Allowed
1083			# values are floating point values
1084			# in the interval 0,1
1085			# THR_LOW must always be lower than
1086			# THR_HIGH.
1087
1088	6d0433a5	Scott Ullrich	#HystScaling 0.50
1089			#HystThrHigh 0.80
1090			#HystThrLow 0.30
1091	80ce93c6	Scott Ullrich
1092
1093			# Link quality level
1094			# 0 = do not use link quality
1095			# 1 = use link quality for MPR selection
1096			# 2 = use link quality for MPR selection and routing
1097			# Defaults to 0
1098
1099	11bc553c	Scott Ullrich	LinkQualityLevel {$olsrd['enablelqe']}
1100	80ce93c6	Scott Ullrich
1101			# Link quality window size
1102			# Defaults to 10
1103
1104	6d0433a5	Scott Ullrich	LinkQualityWinSize 10
1105	80ce93c6	Scott Ullrich
1106	c7f44ae0	Scott Ullrich	# Polling rate in seconds(float).
1107	80ce93c6	Scott Ullrich	# Default value 0.05 sec
1108
1109	6d0433a5	Scott Ullrich	Pollrate 0.05
1110	80ce93c6	Scott Ullrich
1111
1112			# TC redundancy
1113			# Specifies how much neighbor info should
1114			# be sent in TC messages
1115			# Possible values are:
1116			# 0 - only send MPR selectors
1117			# 1 - send MPR selectors and MPRs
1118			# 2 - send all neighbors
1119			#
1120			# defaults to 0
1121
1122	6d0433a5	Scott Ullrich	TcRedundancy 2
1123	80ce93c6	Scott Ullrich
1124			#
1125			# MPR coverage
1126			# Specifies how many MPRs a node should
1127			# try select to reach every 2 hop neighbor
1128			#
1129			# Can be set to any integer >0
1130			#
1131			# defaults to 1
1132
1133	6d0433a5	Scott Ullrich	MprCoverage 3
1134	80ce93c6	Scott Ullrich
1135	db5fbdb7	Scott Ullrich	# Example plugin entry with parameters:
1136	80ce93c6	Scott Ullrich
1137	db5fbdb7	Scott Ullrich	EODA;
1138	80ce93c6	Scott Ullrich
1139	1a2369f4	Scott Ullrich	if($olsrd['enablehttpinfo'] == "on") {
1140	db5fbdb7	Scott Ullrich	$olsr .= <<<EODB
1141
1142			LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
1143			{
1144	78e07da7	Scott Ullrich	PlParam "port" "{$olsrd['port']}"
1145			PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
1146	db5fbdb7	Scott Ullrich	}
1147	80ce93c6	Scott Ullrich
1148	db5fbdb7	Scott Ullrich	EODB;
1149
1150			}
1151
1152	aac0e00c	Scott Ullrich	if($olsrd['enabledsecure'] == "on") {
1153	db5fbdb7	Scott Ullrich	$olsr .= <<<EODC
1154
1155	e2894d7f	Scott Ullrich	LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
1156	db5fbdb7	Scott Ullrich	{
1157			PlParam "Keyfile" "/usr/local/etc/olsrkey.txt"
1158			}
1159	80ce93c6	Scott Ullrich
1160	db5fbdb7	Scott Ullrich	EODC;
1161
1162			}
1163
1164	1a2369f4	Scott Ullrich	if($olsrd['enabledyngw'] == "on") {
1165	10c6e7a8	Scott Ullrich
1166			/* unset default route, olsr auto negotiates */
1167			mwexec("/sbin/route delete default");
1168	c7f44ae0	Scott Ullrich
1169	db5fbdb7	Scott Ullrich	$olsr .= <<<EODE
1170
1171			LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
1172			{
1173			# how often to look for a inet gw, in seconds
1174			# defaults to 5 secs, if commented out
1175	78e07da7	Scott Ullrich	PlParam "Interval" "{$olsrd['polling']}"
1176	80ce93c6	Scott Ullrich
1177			# if one or more IPv4 addresses are given, do a ping on these in
1178			# descending order to validate that there is not only an entry in
1179			# routing table, but also a real internet connection. If any of
1180			# these addresses could be pinged successfully, the test was
1181			# succesful, i.e. if the ping on the 1st address was successful,the
1182			# 2nd won't be pinged
1183	78e07da7	Scott Ullrich	PlParam "Ping" "{$olsrd['ping']}"
1184	db5fbdb7	Scott Ullrich	#PlParam "HNA" "192.168.81.0 255.255.255.0"
1185			}
1186	80ce93c6	Scott Ullrich
1187	db5fbdb7	Scott Ullrich	EODE;
1188	80ce93c6	Scott Ullrich
1189	db5fbdb7	Scott Ullrich	}
1190	80ce93c6	Scott Ullrich
1191	a4904847	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $conf) {
1192	c7f44ae0	Scott Ullrich	$interfaces = explode(',', $conf['iface_array']);
1193			foreach($interfaces as $interface) {
1194	015b7184	Scott Ullrich	$realinterface = convert_friendly_interface_to_real_interface_name($interface);
1195	c7f44ae0	Scott Ullrich	$olsr .= <<<EODAD
1196			Interface "{$realinterface}"
1197	80ce93c6	Scott Ullrich	{
1198
1199			# Hello interval in seconds(float)
1200	6d0433a5	Scott Ullrich	HelloInterval 2.0
1201	80ce93c6	Scott Ullrich
1202			# HELLO validity time
1203	6d0433a5	Scott Ullrich	HelloValidityTime 20.0
1204	80ce93c6	Scott Ullrich
1205			# TC interval in seconds(float)
1206	6d0433a5	Scott Ullrich	TcInterval 5.0
1207	80ce93c6	Scott Ullrich
1208			# TC validity time
1209	6d0433a5	Scott Ullrich	TcValidityTime 30.0
1210	80ce93c6	Scott Ullrich
1211			# MID interval in seconds(float)
1212	6d0433a5	Scott Ullrich	MidInterval 5.0
1213	80ce93c6	Scott Ullrich
1214			# MID validity time
1215	6d0433a5	Scott Ullrich	MidValidityTime 30.0
1216	80ce93c6	Scott Ullrich
1217			# HNA interval in seconds(float)
1218	6d0433a5	Scott Ullrich	HnaInterval 5.0
1219	80ce93c6	Scott Ullrich
1220			# HNA validity time
1221	6d0433a5	Scott Ullrich	HnaValidityTime 30.0
1222	80ce93c6	Scott Ullrich
1223			# When multiple links exist between hosts
1224			# the weight of interface is used to determine
1225			# the link to use. Normally the weight is
1226			# automatically calculated by olsrd based
1227			# on the characteristics of the interface,
1228			# but here you can specify a fixed value.
1229			# Olsrd will choose links with the lowest value.
1230
1231			# Weight 0
1232
1233
1234			}
1235	ac809adb	Scott Ullrich
1236	c7f44ae0	Scott Ullrich	EODAD;
1237	ac809adb	Scott Ullrich
1238			}
1239	d70f19da	Scott Ullrich	break;
1240	ac809adb	Scott Ullrich	}
1241	db5fbdb7	Scott Ullrich	fwrite($fd, $olsr);
1242			fclose($fd);
1243			}
1244	c7f44ae0	Scott Ullrich
1245	5b991209	Scott Ullrich	if(is_process_running("olsrd"))
1246	73239086	Seth Mos	mwexec("/usr/bin/killall olsrd", true);
1247	97fd5cb8	Scott Ullrich
1248			sleep(2);
1249
1250			mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
1251	c7f44ae0	Scott Ullrich
1252	eebeaf0d	Scott Ullrich	conf_mount_ro();
1253	80ce93c6	Scott Ullrich	}
1254
1255	1071e028	Scott Ullrich	/* configure cron service */
1256			function configure_cron() {
1257			global $g, $config;
1258	e7d3fc15	Ermal
1259	251ca022	Scott Ullrich	conf_mount_rw();
1260	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1261	e7d3fc15	Ermal	$crontab_contents = file("/etc/crontab", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
1262	1071e028	Scott Ullrich
1263	e7d3fc15	Ermal	for ($i = 0; $i < count($crontab_contents); $i++) {
1264			$cron_item =& $crontab_contents[$i];
1265			if (strpos($cron_item, "# pfSense specific crontab entries") !== false) {
1266			array_splice($crontab_contents, $i - 1);
1267	1071e028	Scott Ullrich	break;
1268			}
1269			}
1270	e7d3fc15	Ermal	$crontab_contents = implode("\n", $crontab_contents) . "\n";
1271	1071e028	Scott Ullrich
1272
1273			if (is_array($config['cron']['item'])) {
1274			$crontab_contents .= "#\n";
1275			$crontab_contents .= "# pfSense specific crontab entries\n";
1276			$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
1277			$crontab_contents .= "#\n";
1278
1279			foreach ($config['cron']['item'] as $item) {
1280			$crontab_contents .= "\n{$item['minute']}\t";
1281			$crontab_contents .= "{$item['hour']}\t";
1282			$crontab_contents .= "{$item['mday']}\t";
1283			$crontab_contents .= "{$item['month']}\t";
1284			$crontab_contents .= "{$item['wday']}\t";
1285			$crontab_contents .= "{$item['who']}\t";
1286			$crontab_contents .= "{$item['command']}";
1287			}
1288
1289			$crontab_contents .= "\n#\n";
1290			$crontab_contents .= "# If possible do not add items to this file manually.\n";
1291			$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
1292			$crontab_contents .= "#\n\n";
1293			}
1294
1295			/* please maintain the newline at the end of file */
1296			file_put_contents("/etc/crontab", $crontab_contents);
1297	41d507a5	Scott Ullrich
1298			/* do a HUP kill to force sync changes */
1299	a147b1e0	jim-p	exec('/bin/pkill -HUP cron');
1300	41d507a5	Scott Ullrich
1301	6d6bca27	Ermal Lu?i	conf_mount_ro();
1302	1071e028	Scott Ullrich	}
1303
1304	431484c8	Ryan Wagoner	function upnp_action ($action) {
1305			switch($action) {
1306			case "start":
1307			if(file_exists('/var/etc/miniupnpd.conf'))
1308	ce94b839	Scott Ullrich	mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf');
1309	431484c8	Ryan Wagoner	break;
1310			case "stop":
1311			while((int)exec("pgrep miniupnpd \| wc -l") > 0)
1312	73239086	Seth Mos	mwexec('killall miniupnpd 2>/dev/null', true);
1313	431484c8	Ryan Wagoner	mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1314			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1315			break;
1316			case "restart":
1317			upnp_action('stop');
1318			upnp_action('start');
1319			break;
1320			}
1321			}
1322
1323	6f20377b	Scott Ullrich	function upnp_start() {
1324	431484c8	Ryan Wagoner	global $config, $g;
1325	0c331f1e	Ermal Lu?i
1326			if(!isset($config['installedpackages']['miniupnpd']['config']))
1327			return;
1328
1329	431484c8	Ryan Wagoner	if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1330			if($g['booting']) {
1331			echo "Starting UPnP service... ";
1332	a7503d91	jim-p	require_once('/usr/local/pkg/miniupnpd.inc');
1333	431484c8	Ryan Wagoner	sync_package_miniupnpd();
1334			echo "done.\n";
1335			}
1336			else {
1337			upnp_action('start');
1338			}
1339	6f20377b	Scott Ullrich	}
1340			}
1341
1342	85405c11	jim-p	function install_cron_job($command, $active=false, $minute="0", $hour="", $monthday="", $month="", $weekday="", $who="root") {
1343			global $config, $g;
1344
1345			$is_installed = false;
1346
1347			if(!$config['cron']['item'])
1348			return;
1349
1350			$x=0;
1351			foreach($config['cron']['item'] as $item) {
1352			if(strstr($item['command'], $command)) {
1353			$is_installed = true;
1354			break;
1355			}
1356			$x++;
1357			}
1358
1359			if($active) {
1360			$cron_item = array();
1361			$cron_item['minute'] = $minute;
1362			$cron_item['hour'] = $hour;
1363			$cron_item['mday'] = $monthday;
1364			$cron_item['month'] = $month;
1365			$cron_item['wday'] = $weekday;
1366			$cron_item['who'] = $who;
1367			$cron_item['command'] = $command;
1368			if(!$is_installed) {
1369			$config['cron']['item'][] = $cron_item;
1370			write_config("Installed cron job for {$command}");
1371			} else {
1372			$config['cron']['item'][$x] = $cron_item;
1373			write_config("Updated cron job for {$command}");
1374			}
1375			} else {
1376			if(($is_installed == true) && ($x > 0)) {
1377			unset($config['cron']['item'][$x]);
1378			write_config("Remvoed cron job for {$command}");
1379			}
1380			}
1381			configure_cron();
1382			}
1383
1384	85e3f445	Ermal	?>

Project

General

Profile

pfSense