/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 8a47c190

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36			pfSense_BUILDER_BINARIES: /usr/bin/tar /bin/sync /usr/local/sbin/ntpd /usr/sbin/ntpdate
37			pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit
38			pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44			exec("/usr/sbin/powerd -b adp -a adp");
45			} else {
46	1e5c49aa	sullrich	if(is_process_running("powerd"))
47			exec("/usr/bin/killall powerd");
48	8e9fa41d	Scott Ullrich	}
49			}
50
51	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
52			global $sysctls;
53			foreach($sysctls as $sysctl => $value) {
54			if($sysctl == $id)
55			return $value;
56			}
57			}
58
59	6df9d7e3	Scott Ullrich	function activate_sysctls() {
60			global $config, $g;
61	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
62	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
63	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
64	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
65	99e88aa0	Ermal Luçi
66	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
67	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
68	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
69			$value = get_default_sysctl_value($tunable['tunable']);
70			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
71			} else {
72	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
73	b2d0140c	Scott Ullrich	}
74	d0b461f5	sullrich	}
75			}
76	6df9d7e3	Scott Ullrich	}
77
78	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
79	c3f535c0	Seth Mos	global $config, $g;
80
81			if(isset($config['system']['developerspew'])) {
82			$mt = microtime();
83			echo "system_resolvconf_generate() being called $mt\n";
84			}
85	ef217c69	Scott Ullrich
86	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
87	ef217c69	Scott Ullrich
88	30cee7b2	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
89			if (!$fd) {
90			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
91			return 1;
92			}
93	ef217c69	Scott Ullrich
94	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
95	ef217c69	Scott Ullrich
96	30cee7b2	Scott Ullrich	$havedns = false;
97	ef217c69	Scott Ullrich
98	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
99	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
100			$ns = array_unique(get_nameservers());
101			foreach($ns as $nameserver) {
102			if($nameserver) {
103			$resolvconf .= "nameserver $nameserver\n";
104			$havedns = true;
105	e428c94d	Scott Ullrich	}
106	c3f535c0	Seth Mos	}
107	30cee7b2	Scott Ullrich	}
108			if (!$havedns && is_array($syscfg['dnsserver'])) {
109	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
110			if ($ns) {
111			$resolvconf .= "nameserver $ns\n";
112			$havedns = true;
113	e428c94d	Scott Ullrich	}
114	e180a6e3	Scott Ullrich	}
115	c3f535c0	Seth Mos	}
116	0f282d7a	Scott Ullrich
117	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
118			fclose($fd);
119	0f282d7a	Scott Ullrich
120	30cee7b2	Scott Ullrich	if (!$g['booting']) {
121	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
122			if (!$dynupdate)
123			services_dhcpd_configure();
124	30cee7b2	Scott Ullrich	}
125	ef217c69	Scott Ullrich
126	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
127			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
128			/* setup static routes for dns servers */
129			$dnsgw = "dns{$dnscounter}gwint";
130			if (isset($config['system'][$dnsgw])) {
131			$interface = $config['system'][$dnsgw];
132			if (($interface <> "") && ($interface <> "none")) {
133			$gatewayip = get_interface_gateway($interface);
134			if(is_ipaddr($gatewayip)) {
135			/* dns server array starts at 0 */
136	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
137	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
138	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
139	b875f306	Scott Ullrich	}
140			}
141	e180a6e3	Scott Ullrich	}
142	c3f535c0	Seth Mos	}
143
144			return 0;
145	5b237745	Scott Ullrich	}
146
147	3d00ccaa	Scott Ullrich	function get_nameservers() {
148			global $config, $g;
149			$master_list = array();
150	30cee7b2	Scott Ullrich
151	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
152	cdd88d2f	Scott Ullrich	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
153	0cbcf355	Scott Ullrich	if(is_array($dns_lists)) {
154	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
155			if(!$dns)
156			continue;
157			$items = split("\n", file_get_contents($dns));
158			foreach($items as $item)
159			if($item <> "")
160			$master_list[] = $item;
161			}
162	3d00ccaa	Scott Ullrich	}
163	2a1226ad	Scott Ullrich
164			// Read in any extra nameservers
165			if(file_exists("/var/etc/nameservers.conf")) {
166			$dns = `cat /var/etc/nameservers.conf`;
167			$dns_s = split("\n", $dns);
168			if(is_array($dns_s))
169			foreach($dns_s as $dns)
170			$master_list[] = $dns;
171			}
172
173	3d00ccaa	Scott Ullrich	return $master_list;
174			}
175
176	5b237745	Scott Ullrich	function system_hosts_generate() {
177	f19d3b7a	Scott Ullrich	global $config, $g;
178	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
179			$mt = microtime();
180	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
181	f19d3b7a	Scott Ullrich	}
182	0f282d7a	Scott Ullrich
183	5b237745	Scott Ullrich	$syscfg = $config['system'];
184			$lancfg = $config['interfaces']['lan'];
185	a55e9c70	Ermal Lu?i	$lancfgip = get_interface_ip("lan");
186	5b237745	Scott Ullrich	$dnsmasqcfg = $config['dnsmasq'];
187
188			if (!is_array($dnsmasqcfg['hosts'])) {
189			$dnsmasqcfg['hosts'] = array();
190			}
191			$hostscfg = $dnsmasqcfg['hosts'];
192	0f282d7a	Scott Ullrich
193	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
194			if (!$fd) {
195	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
196	5b237745	Scott Ullrich	return 1;
197			}
198	0f282d7a	Scott Ullrich
199	5b237745	Scott Ullrich	$hosts = <<<EOD
200			127.0.0.1 localhost localhost.{$syscfg['domain']}
201	a55e9c70	Ermal Lu?i
202			EOD;
203			if (is_ipaddr($lancfgip))
204			$hosts .= <<<EOD
205			{$lancfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
206	5b237745	Scott Ullrich
207			EOD;
208	0f282d7a	Scott Ullrich
209	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
210			if ($host['host'])
211			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
212			else
213			$hosts .= "{$host['ip']} {$host['domain']}\n";
214			}
215	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
216			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
217			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
218	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
219	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
220			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
221	a56e787d	Scott Ullrich	}
222	5b237745	Scott Ullrich	fwrite($fd, $hosts);
223			fclose($fd);
224	0f282d7a	Scott Ullrich
225	5b237745	Scott Ullrich	return 0;
226			}
227
228			function system_hostname_configure() {
229	f19d3b7a	Scott Ullrich	global $config, $g;
230	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
231			$mt = microtime();
232	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
233	333f8ef0	Scott Ullrich	}
234	0f282d7a	Scott Ullrich
235	5b237745	Scott Ullrich	$syscfg = $config['system'];
236	0f282d7a	Scott Ullrich
237	5b237745	Scott Ullrich	/* set hostname */
238	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
239	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
240	6bfccde7	Scott Ullrich
241			/* Setup host GUID ID. This is used by ZFS. */
242			mwexec("/etc/rc.d/hostid start");
243
244			return $status;
245	5b237745	Scott Ullrich	}
246
247			function system_routing_configure() {
248	f19d3b7a	Scott Ullrich	global $config, $g;
249	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
250			$mt = microtime();
251	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
252	58c7450e	Scott Ullrich	}
253	333f8ef0	Scott Ullrich
254	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
255			if(isset($config['staticroutes']['enablefastrouting']))
256			mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
257
258	6e17413e	Ermal Lu?i	$route_str = exec_command("/usr/bin/netstat -rn");
259	e0b4e47f	Seth Mos
260	5b237745	Scott Ullrich	/* clear out old routes, if necessary */
261			if (file_exists("{$g['vardb_path']}/routes.db")) {
262			$fd = fopen("{$g['vardb_path']}/routes.db", "r");
263			if (!$fd) {
264			printf("Error: cannot open routes DB file in system_routing_configure().\n");
265	0f282d7a	Scott Ullrich	return 1;
266	5b237745	Scott Ullrich	}
267			while (!feof($fd)) {
268	b24bda08	Scott Ullrich	$oldrt = trim(fgets($fd));
269			if (($oldrt) && (stristr($route_str, $oldrt)))
270			mwexec("/sbin/route delete " . escapeshellarg($oldrt));
271	5b237745	Scott Ullrich	}
272			fclose($fd);
273			unlink("{$g['vardb_path']}/routes.db");
274			}
275	0f282d7a	Scott Ullrich
276	d1892212	Ermal Lu?i	if (false) {
277	d173230c	Seth Mos	/* if list */
278	b6db9217	Ermal Luçi	$iflist = get_configured_interface_list();
279	d173230c	Seth Mos
280	b24bda08	Scott Ullrich	$dont_remove_route = false;
281			foreach ($iflist as $ifent => $ifname) {
282	6e17413e	Ermal Lu?i	/*
283			* XXX: The value of this is really when this function can take
284			* an interface as parameter.
285			*/
286	b24bda08	Scott Ullrich	/* do not process interfaces that will end up with gateways */
287	6e17413e	Ermal Lu?i	if (interface_has_gateway($ifent) \|\|
288			$config['interfaces'][$ifent]['ipaddr'] == "carpdev-dhcp") {
289	b24bda08	Scott Ullrich	$dont_remove_route = true;
290	6e17413e	Ermal Lu?i	break;
291			}
292	b24bda08	Scott Ullrich	}
293	d173230c	Seth Mos
294	6e17413e	Ermal Lu?i	if ($dont_remove_route == false) {
295	b24bda08	Scott Ullrich	/* remove default route */
296			mwexec("/sbin/route delete default", true);
297	d173230c	Seth Mos	}
298	d1892212	Ermal Lu?i	}
299	d173230c	Seth Mos
300			$dont_add_route = false;
301			/* if OLSRD is enabled, allow WAN to house DHCP. */
302			if($config['installedpackages']['olsrd']) {
303			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
304			if($olsrd['enabledyngw'] == "on") {
305			$dont_add_route = true;
306	6e17413e	Ermal Lu?i	break;
307	d173230c	Seth Mos	}
308			}
309			}
310
311			if($dont_add_route == false) {
312	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
313	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
314			if(isset($gateway['defaultgw'])) {
315	b24bda08	Scott Ullrich	$gatewayip = $gateway['gateway'];
316			$interfacegw = $gateway['interface'];
317	c0f5182c	Ermal Lu?i	/* This handles the case where a dynamic gateway is choosen as default. */
318			if (!is_ipaddr($gatewayip))
319			$gatewayip = get_interface_gateway($interfacegw);
320			break;
321	3b9758de	Seth Mos	}
322	d173230c	Seth Mos	}
323	d68e299b	Seth Mos	if(($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
324	035a5e01	Seth Mos	preg_match("/default[ ]+([0-9].*?)[ ]+/i", $route_str, $elements);
325			if(trim($elements[1]) != "$gatewayip") {
326			mwexec("/sbin/route delete default " . escapeshellarg($gatewayip), false);
327			}
328	b24bda08	Scott Ullrich	mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
329	d68e299b	Seth Mos	}
330	ef9ed4cd	Chris Buechler	} else {
331	d68e299b	Seth Mos	log_error("SYSTEM: We do not have a gateways array in our XML. Is this configuration damaged?");
332	ef9ed4cd	Chris Buechler	/* adding gateway for 1.2-style configs without the new
333			gateway setup configured.
334			Force WAN to be default gateway because that is the
335			1.2 behavior.
336			*/
337			if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
338			$gatewayip = $config['interfaces']['wan']['gateway'];
339	4e7a2819	Seth Mos	mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
340	ef9ed4cd	Chris Buechler	}
341	d173230c	Seth Mos	}
342			}
343
344	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
345	0f282d7a	Scott Ullrich
346	5b237745	Scott Ullrich	$fd = fopen("{$g['vardb_path']}/routes.db", "w");
347			if (!$fd) {
348			printf("Error: cannot open routes DB file in system_routing_configure().\n");
349	0f282d7a	Scott Ullrich	return 1;
350	5b237745	Scott Ullrich	}
351	0f282d7a	Scott Ullrich
352	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
353	c66f54e4	Seth Mos	unset($gatewayip);
354			unset($interfacegw);
355	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
356	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
357			if($rtent['gateway'] == $gateway['name']) {
358			$gatewayip = $gateway['gateway'];
359			$interfacegw = $gateway['interface'];
360	c0f5182c	Ermal Lu?i	/* This handles the case where a dynamic gateway is choosen. */
361			if (!is_ipaddr($gatewayip))
362			$gatewayip = get_interface_gateway($interfacegw);
363			break;
364	3b9758de	Seth Mos	}
365	d173230c	Seth Mos	}
366			}
367	c0f5182c	Ermal Lu?i	if((is_ipaddr($rtent['gateway'])) && empty($gatewayip)) {
368	b24bda08	Scott Ullrich	$gatewayip = $rtent['gateway'];
369			$interfacegw = $rtent['interface'];
370	c0f5182c	Ermal Lu?i	}
371	c0481e1c	Ermal Lu?i	if((isset($rtent['interfacegateway'])) && (! is_ipaddr($gatewayip))) {
372	b24bda08	Scott Ullrich	mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
373			" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($interfacegw)));
374			} else {
375			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
376			" " . escapeshellarg($gatewayip));
377	7a98edde	Seth Mos	}
378	b24bda08	Scott Ullrich	/* record route so it can be easily removed later (if necessary) */
379			fwrite($fd, $rtent['network'] . "\n");
380	5b237745	Scott Ullrich	}
381	0f282d7a	Scott Ullrich	fclose($fd);
382	5b237745	Scott Ullrich	}
383	67ee1ec5	Ermal Luçi
384	b9c501ea	Seth Mos	return 0;
385	5b237745	Scott Ullrich	}
386
387	b24bda08	Scott Ullrich
388	5b237745	Scott Ullrich	function system_routing_enable() {
389	f19d3b7a	Scott Ullrich	global $config, $g;
390	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
391			$mt = microtime();
392	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
393	58c7450e	Scott Ullrich	}
394	0f282d7a	Scott Ullrich
395	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
396	5b237745	Scott Ullrich	}
397
398			function system_syslogd_start() {
399	f19d3b7a	Scott Ullrich	global $config, $g;
400	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
401			$mt = microtime();
402	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
403	58c7450e	Scott Ullrich	}
404	0f282d7a	Scott Ullrich
405	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
406
407	0f282d7a	Scott Ullrich	if ($g['booting'])
408	f05740c1	Scott Ullrich	echo "Starting syslog...";
409	5b237745	Scott Ullrich	else
410			killbypid("{$g['varrun_path']}/syslog.pid");
411	0f282d7a	Scott Ullrich
412	99f98b80	sullrich	if(is_process_running("syslogd"))
413			mwexec("/usr/bin/killall -9 syslogd");
414			if(is_process_running("fifolog_writer"))
415			mwexec("/usr/bin/killall -9 fifolog_writer");
416	7ee97cb3	Scott Ullrich
417			// Define carious commands for logging
418			$fifolog_create = "/usr/sbin/fifolog_create -s ";
419			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
420			$clog_create = "/usr/sbin/clog -i -s ";
421			$clog_log = "%";
422
423			// Which logging type are we using this week??
424			if(isset($config['system']['usefifolog'])) {
425			$log_directive = $fifolog_log;
426			$log_create_directive = $fifolog_create;
427			} else { // Defaults to CLOG
428			$log_directive = $clog_log;
429			$log_create_directive = $clog_create;
430			}
431
432	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
433	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
434	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
435	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
436			if($package['logging']) {
437	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
438	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
439	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
440	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
441	fe5f3b38	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
442	a728d2ea	Colin Smith	}
443	0d9d2a1b	Scott Ullrich	}
444			}
445	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
446	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
447	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
448			if (!$fd) {
449			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
450			return 1;
451			}
452	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
453	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
454	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
455	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
456			if (!isset($syslogcfg['disablelocallogging']))
457			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
458	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
459	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
460	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
461	a164029f	Seth Mos	$syslogconf .= "!apinger\n";
462			if (!isset($syslogcfg['disablelocallogging']))
463			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/slbd.log\n";
464	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
465			if($syslogcfg['remoteserver'])
466			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
467			if($syslogcfg['remoteserver2'])
468			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
469			if($syslogcfg['remoteserver3'])
470			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
471			}
472	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
473	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
474	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
475	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
476			if($syslogcfg['remoteserver'])
477			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
478			if($syslogcfg['remoteserver2'])
479			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
480			if($syslogcfg['remoteserver3'])
481			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
482			}
483	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
484	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
485	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
486	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
487	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
488	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
489			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
490			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
491			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
492			local7.none {$log_directive}{$g['varlog_path']}/system.log
493			security.* {$log_directive}{$g['varlog_path']}/system.log
494			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
495			local1.* {$log_directive}{$g['varlog_path']}/relayd.log
496	9dac9942	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
497			.emerg
498	0a123b4c	Scott Ullrich
499	5b237745	Scott Ullrich	EOD;
500	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
501			if($syslogcfg['remoteserver'])
502			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
503			if($syslogcfg['remoteserver2'])
504			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
505			if($syslogcfg['remoteserver3'])
506			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
507
508			}
509			if (isset($syslogcfg['vpn'])) {
510			if($syslogcfg['remoteserver'])
511			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
512			if($syslogcfg['remoteserver2'])
513			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
514			if($syslogcfg['remoteserver3'])
515			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
516			}
517			if (isset($syslogcfg['portalauth'])) {
518			if($syslogcfg['remoteserver'])
519			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
520			if($syslogcfg['remoteserver2'])
521			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
522			if($syslogcfg['remoteserver3'])
523			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
524			}
525			if (isset($syslogcfg['dhcp'])) {
526			if($syslogcfg['remoteserver'])
527			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
528			if($syslogcfg['remoteserver2'])
529			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
530			if($syslogcfg['remoteserver3'])
531			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
532			}
533			if (isset($syslogcfg['system'])) {
534			if($syslogcfg['remoteserver'])
535			$syslogconf .= <<<EOD
536	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
537			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
538			security.* @{$syslogcfg['remoteserver']}
539			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
540			*.emerg @{$syslogcfg['remoteserver']}
541	d2834563	Scott Ullrich
542	5b237745	Scott Ullrich	EOD;
543	be5d59d7	Scott Ullrich
544			if (isset($syslogcfg['system'])) {
545			if($syslogcfg['remoteserver2'])
546			$syslogconf .= <<<EOD
547			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
548			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
549			security.* @{$syslogcfg['remoteserver2']}
550			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
551			*.emerg @{$syslogcfg['remoteserver2']}
552
553			EOD;
554
555			if (isset($syslogcfg['system'])) {
556			if($syslogcfg['remoteserver3'])
557			$syslogconf .= <<<EOD
558			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
559			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
560			security.* @{$syslogcfg['remoteserver3']}
561			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
562			*.emerg @{$syslogcfg['remoteserver3']}
563
564			EOD;
565
566			}
567	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
568	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
569			$syslogconf .= <<<EOD
570	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
571
572			EOD;
573	be5d59d7	Scott Ullrich
574			}
575			if($syslogcfg['remoteserver2'])
576			$syslogconf .= <<<EOD
577			. @{$syslogcfg['remoteserver2']}
578
579			EOD;
580
581			}
582			if($syslogcfg['remoteserver3'])
583			$syslogconf .= <<<EOD
584			. @{$syslogcfg['remoteserver3']}
585
586			EOD;
587
588			}
589	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
590			fclose($fd);
591	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
592			if(strpos($syslogconf, "@") != false)
593	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
594	6a638a89	Scott Ullrich	else
595	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
596	5b237745	Scott Ullrich
597			} else {
598	c9f8d4f5	Ermal Lu?i	$retval = mwexec("/usr/sbin/syslogd -c");
599	5b237745	Scott Ullrich	}
600	0f282d7a	Scott Ullrich
601	5b237745	Scott Ullrich	if ($g['booting'])
602	5c6d0f65	Colin Smith	echo "done.\n";
603	0f282d7a	Scott Ullrich
604	5b237745	Scott Ullrich	return $retval;
605			}
606
607			function system_pccard_start() {
608	f19d3b7a	Scott Ullrich	global $config, $g;
609	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
610			$mt = microtime();
611	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
612	58c7450e	Scott Ullrich	}
613	0f282d7a	Scott Ullrich
614	5b237745	Scott Ullrich	if ($g['booting'])
615	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
616	0f282d7a	Scott Ullrich
617	5b237745	Scott Ullrich	/* kill any running pccardd */
618			killbypid("{$g['varrun_path']}/pccardd.pid");
619	0f282d7a	Scott Ullrich
620	5b237745	Scott Ullrich	/* fire up pccardd */
621			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
622	0f282d7a	Scott Ullrich
623	5b237745	Scott Ullrich	if ($g['booting']) {
624			if ($res == 0)
625	5c6d0f65	Colin Smith	echo "done.\n";
626	5b237745	Scott Ullrich	else
627	5c6d0f65	Colin Smith	echo "failed!\n";
628	5b237745	Scott Ullrich	}
629	0f282d7a	Scott Ullrich
630	5b237745	Scott Ullrich	return $res;
631			}
632
633	819197a8	Scott Ullrich
634	5b237745	Scott Ullrich	function system_webgui_start() {
635	f19d3b7a	Scott Ullrich	global $config, $g;
636	877ac35d	Scott Ullrich
637			if ($g['booting'])
638	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
639	877ac35d	Scott Ullrich
640	383a4439	Scott Ullrich	/* kill any running lighttpd */
641	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
642
643	e9d0bf64	Scott Ullrich	sleep(1);
644
645	877ac35d	Scott Ullrich	chdir($g['www_path']);
646
647	fb1266d3	Matthew Grooms	/* defaults */
648			$portarg = "80";
649			$crt = "";
650			$key = "";
651	2cf6ddcb	Nigel Graham	$ca = "";
652	fb1266d3	Matthew Grooms
653	877ac35d	Scott Ullrich	/* non-standard port? */
654	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
655	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
656	877ac35d	Scott Ullrich
657			if ($config['system']['webgui']['protocol'] == "https") {
658	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
659	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
660	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
661	f8a36d95	sullrich	if (!is_array($config['system']['ca']))
662			$config['system']['ca'] = array();
663			$a_ca =& $config['system']['ca'];
664			if (!is_array($config['system']['cert']))
665			$config['system']['cert'] = array();
666			$a_cert =& $config['system']['cert'];
667	0cdaaa8e	Chris Buechler	echo "Creating SSL Certificate... ";
668	aab4ca82	Scott Ullrich	$cert = array();
669			$cert['refid'] = uniqid();
670			$cert['name'] = "webConfigurator default";
671	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
672			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
673			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
674			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
675			unlink("{$g['tmp_path']}/ssl.key");
676			unlink("{$g['tmp_path']}/ssl.crt");
677	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
678			$a_cert[] = $cert;
679			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
680			write_config("Importing HTTPS certificate");
681			if(!$config['system']['webgui']['port'])
682			$portarg = "443";
683			$ca = ca_chain($cert);
684	edc8a9f8	jim-p	} else {
685	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
686			$key = base64_decode($cert['prv']);
687			if(!$config['system']['webgui']['port'])
688			$portarg = "443";
689	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
690	edc8a9f8	jim-p	}
691	877ac35d	Scott Ullrich	}
692
693			/* generate lighttpd configuration */
694			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
695	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
696	877ac35d	Scott Ullrich
697			/* attempt to start lighthttpd */
698			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
699
700	cc093472	sullrich	/* fetch page to preload apc cache */
701	eb0f4fc6	Ermal Lu?i	$proto = "http";
702			if ($config['system']['webgui']['protocol'])
703			$proto = $config['system']['webgui']['protocol'];
704	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
705	cc093472	sullrich
706	877ac35d	Scott Ullrich	if ($g['booting']) {
707			if ($res == 0)
708			echo "done.\n";
709			else
710			echo "failed!\n";
711			}
712
713			return $res;
714			}
715
716	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
717			$cert,
718			$key,
719	2cf6ddcb	Nigel Graham	$ca,
720	eb0f441c	Scott Ullrich	$pid_file,
721			$port = 80,
722			$document_root = "/usr/local/www/",
723			$cert_location = "cert.pem",
724	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
725	b5317d07	Scott Ullrich	$max_procs = 2,
726	eb0f441c	Scott Ullrich	$max_requests = "1",
727			$fast_cgi_enable = true,
728			$captive_portal = false) {
729	58c7450e	Scott Ullrich
730	f19d3b7a	Scott Ullrich	global $config, $g;
731
732	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
733			mkdir("{$g['tmp_path']}/lighttpdcompress");
734	570ef08c	sullrich
735	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
736			$mt = microtime();
737	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
738	58c7450e	Scott Ullrich	}
739
740	eb0f441c	Scott Ullrich	if($captive_portal == true) {
741			$captiveportal = ",\"mod_rewrite\"";
742	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
743	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
744			$maxprocperip = $config['captiveportal']['maxprocperip'];
745	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
746			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
747			else
748			$captive_portal_mod_evasive = "";
749	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
750			exec("mkdir -p {$g['tmp_path']}/captiveportal");
751			exec("chmod a-w {$g['tmp_path']}/captiveportal");
752	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
753	b0bdc06e	Scott Ullrich	} else {
754	3435dc35	Ermal Lu?i	$captiveportal = "";
755			$captive_portal_rewrite = "";
756	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
757			$captive_portal_mod_evasive = "";
758	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
759	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
760	eb0f441c	Scott Ullrich	}
761	3306a341	Scott Ullrich
762	28cae949	Scott Ullrich	if($port <> "")
763			$lighty_port = $port;
764			else
765			$lighty_port = "80";
766	3d77d4c4	Scott Ullrich
767			$memory = get_memory();
768			$avail = $memory[0];
769
770	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
771			$fast_cgi_enable = false;
772			}
773
774			if($avail > 65 and $avail < 98) {
775	f994f4d6	Scott Ullrich	$max_procs = 1;
776	52624d2c	Scott Ullrich	}
777	1a043fa7	Scott Ullrich
778	b0bdc06e	Scott Ullrich	if($avail > 97 and $avail < 128) {
779	4cda5fb7	Scott Ullrich	$max_procs = 2;
780	b0bdc06e	Scott Ullrich	}
781
782			if($avail > 127 and $avail < 256) {
783	4cda5fb7	Scott Ullrich	$max_procs = 3;
784	b0bdc06e	Scott Ullrich	}
785
786			if($avail > 255 and $avail < 384) {
787	4cda5fb7	Scott Ullrich	$max_procs = 4;
788	b0bdc06e	Scott Ullrich	}
789
790	8cd294de	Chris Buechler	if($avail > 383) {
791	4cda5fb7	Scott Ullrich	$max_procs = 5;
792	b0bdc06e	Scott Ullrich	}
793
794	6e337a84	Scott Ullrich	if($captive_portal == true) {
795			$bin_environment = <<<EOC
796	5e041d5f	Scott Ullrich	"bin-environment" => (
797	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
798			"PHP_FCGI_MAX_REQUESTS" => "500"
799	6e337a84	Scott Ullrich	),
800			EOC;
801
802	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
803			$bin_environment = <<<EOC
804	980df75c	Scott Ullrich	"bin-environment" => (
805	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
806	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
807	04f4a116	Ermal Luçi	),
808
809			EOC;
810			} else
811	980df75c	Scott Ullrich	$bin_environment = <<<EOC
812			"bin-environment" => (
813			"PHP_FCGI_CHILDREN" => "$max_procs",
814			"PHP_FCGI_MAX_REQUESTS" => "500"
815			),
816			EOC;
817
818	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
819	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
820	4edb490d	Scott Ullrich	$cgi_config = "";
821			$fastcgi_config = <<<EOD
822			#### fastcgi module
823			## read fastcgi.txt for more info
824	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
825			( "localhost" =>
826			(
827	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
828	980df75c	Scott Ullrich	"min-procs" => 0,
829	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
830	6e337a84	Scott Ullrich	{$bin_environment}
831	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
832			)
833			)
834			)
835	4edb490d	Scott Ullrich
836	dde4f60c	Scott Ullrich	#### CGI module
837	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
838	dde4f60c	Scott Ullrich
839	4edb490d	Scott Ullrich	EOD;
840			} else {
841			$fastcgi_config = "";
842			$module = "\"mod_cgi\"";
843			$cgi_config = <<<EOD
844			#### CGI module
845			cgi.assign = ( ".php" => "/usr/local/bin/php",
846	d4302f46	Espen Johansen	".cgi" => "" )
847	333f8ef0	Scott Ullrich
848	4edb490d	Scott Ullrich	EOD;
849			}
850	333f8ef0	Scott Ullrich
851	3435dc35	Ermal Lu?i	$lighty_config = "";
852	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
853	28cae949	Scott Ullrich	#
854	a632cf43	Scott Ullrich	# lighttpd configuration file
855			#
856			# use a it as base for lighttpd 1.0.0 and above
857	28cae949	Scott Ullrich	#
858	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
859
860	770b4b9c	Scott Ullrich	## FreeBSD!
861	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
862			server.network-backend = "writev"
863	096261af	Scott Ullrich
864	a632cf43	Scott Ullrich	## modules to load
865	4edb490d	Scott Ullrich	server.modules = (
866	c93ad789	Scott Ullrich	{$captive_portal_module}
867	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
868	c93ad789	Scott Ullrich	{$module}{$captiveportal}
869			)
870	28cae949	Scott Ullrich
871			## Unused modules
872	6a019c11	Scott Ullrich	# "mod_setenv",
873			# "mod_rewrite",
874	28cae949	Scott Ullrich	# "mod_ssi",
875			# "mod_usertrack",
876			# "mod_expire",
877			# "mod_secdownload",
878			# "mod_rrdtool",
879	a632cf43	Scott Ullrich	# "mod_auth",
880			# "mod_status",
881	28cae949	Scott Ullrich	# "mod_alias",
882	a632cf43	Scott Ullrich	# "mod_proxy",
883			# "mod_simple_vhost",
884			# "mod_evhost",
885			# "mod_userdir",
886	28cae949	Scott Ullrich	# "mod_cgi",
887	a632cf43	Scott Ullrich
888	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
889			server.max-keep-alive-idle = 30
890
891	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
892			## server.virtual-* options
893	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
894	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
895	a632cf43	Scott Ullrich
896	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
897			server.max-write-idle = 999
898
899	a632cf43	Scott Ullrich	## where to send error-messages to
900	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
901	a632cf43	Scott Ullrich
902			# files to check for if .../ is requested
903			server.indexfiles = ( "index.php", "index.html",
904			"index.htm", "default.htm" )
905
906			# mimetype mapping
907			mimetype.assign = (
908			".pdf" => "application/pdf",
909			".sig" => "application/pgp-signature",
910			".spl" => "application/futuresplash",
911			".class" => "application/octet-stream",
912			".ps" => "application/postscript",
913			".torrent" => "application/x-bittorrent",
914			".dvi" => "application/x-dvi",
915			".gz" => "application/x-gzip",
916			".pac" => "application/x-ns-proxy-autoconfig",
917			".swf" => "application/x-shockwave-flash",
918			".tar.gz" => "application/x-tgz",
919			".tgz" => "application/x-tgz",
920			".tar" => "application/x-tar",
921			".zip" => "application/zip",
922			".mp3" => "audio/mpeg",
923			".m3u" => "audio/x-mpegurl",
924			".wma" => "audio/x-ms-wma",
925			".wax" => "audio/x-ms-wax",
926			".ogg" => "audio/x-wav",
927			".wav" => "audio/x-wav",
928			".gif" => "image/gif",
929			".jpg" => "image/jpeg",
930			".jpeg" => "image/jpeg",
931			".png" => "image/png",
932			".xbm" => "image/x-xbitmap",
933			".xpm" => "image/x-xpixmap",
934			".xwd" => "image/x-xwindowdump",
935			".css" => "text/css",
936			".html" => "text/html",
937			".htm" => "text/html",
938			".js" => "text/javascript",
939			".asc" => "text/plain",
940			".c" => "text/plain",
941			".conf" => "text/plain",
942			".text" => "text/plain",
943			".txt" => "text/plain",
944			".dtd" => "text/xml",
945			".xml" => "text/xml",
946			".mpeg" => "video/mpeg",
947			".mpg" => "video/mpeg",
948			".mov" => "video/quicktime",
949			".qt" => "video/quicktime",
950			".avi" => "video/x-msvideo",
951			".asf" => "video/x-ms-asf",
952			".asx" => "video/x-ms-asf",
953			".wmv" => "video/x-ms-wmv",
954			".bz2" => "application/x-bzip",
955			".tbz" => "application/x-bzip-compressed-tar",
956			".tar.bz2" => "application/x-bzip-compressed-tar"
957			)
958
959			# Use the "Content-Type" extended attribute to obtain mime type if possible
960			#mimetypes.use-xattr = "enable"
961
962			#### accesslog module
963	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
964	a632cf43	Scott Ullrich
965			## deny access the file-extensions
966			#
967			# ~ is for backupfiles from vi, emacs, joe, ...
968			# .inc is often used for code includes which should in general not be part
969			# of the document-root
970			url.access-deny = ( "~", ".inc" )
971
972
973			######### Options that are good to be but not neccesary to be changed #######
974
975			## bind to port (default: 80)
976	28cae949	Scott Ullrich	server.port = {$lighty_port}
977	a632cf43	Scott Ullrich
978			## error-handler for status 404
979			#server.error-handler-404 = "/error-handler.html"
980			#server.error-handler-404 = "/error-handler.php"
981
982			## to help the rc.scripts
983			server.pid-file = "/var/run/{$pid_file}"
984
985			## virtual directory listings
986	28cae949	Scott Ullrich	server.dir-listing = "disable"
987	a632cf43	Scott Ullrich
988			## enable debugging
989	28cae949	Scott Ullrich	debug.log-request-header = "disable"
990			debug.log-response-header = "disable"
991			debug.log-request-handling = "disable"
992			debug.log-file-not-found = "disable"
993	a632cf43	Scott Ullrich
994	570ef08c	sullrich	# gzip compression
995	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
996	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
997
998	3306a341	Scott Ullrich	{$server_upload_dirs}
999	1ef7b568	Scott Ullrich
1000	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1001	ee959dc4	Scott Ullrich
1002	4edb490d	Scott Ullrich	{$fastcgi_config}
1003
1004			{$cgi_config}
1005	a632cf43	Scott Ullrich
1006	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1007
1008	569f47e9	Scott Ullrich	expire.url = (
1009	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1010	569f47e9	Scott Ullrich	)
1011
1012	a632cf43	Scott Ullrich	EOD;
1013
1014	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1015	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1016	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1017	7aae518a	Scott Ullrich
1018			$cert = str_replace("\n\n", "\n", $cert);
1019	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1020	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1021	7aae518a	Scott Ullrich
1022	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1023	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1024	5b237745	Scott Ullrich	if (!$fd) {
1025			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1026			return 1;
1027			}
1028	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1029	5b237745	Scott Ullrich	fwrite($fd, $cert);
1030			fwrite($fd, "\n");
1031			fwrite($fd, $key);
1032			fclose($fd);
1033	2cf6ddcb	Nigel Graham	if($ca <> "") {
1034			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1035			if (!$fd) {
1036			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1037			return 1;
1038			}
1039			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1040			fwrite($fd, $ca);
1041			fclose($fd);
1042			}
1043	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1044	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1045	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1046	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1047	2cf6ddcb	Nigel Graham	if($ca <> "")
1048			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1049	5b237745	Scott Ullrich	}
1050	a978a0ff	Chris Buechler
1051			// Add HTTP to HTTPS redirect
1052			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1053	7921e8e5	Chris Buechler	if($lighty_port != "443")
1054			$redirectport = ":{$lighty_port}";
1055	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1056			\$SERVER["socket"] == ":80" {
1057			\$HTTP["host"] =~ "(.*)" {
1058	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1059	d7e230ae	Chris Buechler	}
1060			}
1061			EOD;
1062			}
1063	0f282d7a	Scott Ullrich
1064	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1065	a632cf43	Scott Ullrich	if (!$fd) {
1066	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1067	a632cf43	Scott Ullrich	return 1;
1068	5b237745	Scott Ullrich	}
1069	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1070			fclose($fd);
1071
1072			return 0;
1073	0f282d7a	Scott Ullrich
1074	5b237745	Scott Ullrich	}
1075
1076			function system_timezone_configure() {
1077	f19d3b7a	Scott Ullrich	global $config, $g;
1078	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1079			$mt = microtime();
1080	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1081	333f8ef0	Scott Ullrich	}
1082	5b237745	Scott Ullrich
1083			$syscfg = $config['system'];
1084
1085			if ($g['booting'])
1086	f05740c1	Scott Ullrich	echo "Setting timezone...";
1087	5b237745	Scott Ullrich
1088			/* extract appropriate timezone file */
1089			$timezone = $syscfg['timezone'];
1090			if (!$timezone)
1091			$timezone = "Etc/UTC";
1092	0f282d7a	Scott Ullrich
1093	34febcde	Scott Ullrich	conf_mount_rw();
1094
1095	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1096	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1097
1098	4efd4885	Scott Ullrich	mwexec("sync");
1099	27150275	Scott Ullrich	conf_mount_ro();
1100	34febcde	Scott Ullrich
1101	5b237745	Scott Ullrich	if ($g['booting'])
1102	5c6d0f65	Colin Smith	echo "done.\n";
1103	5b237745	Scott Ullrich	}
1104
1105			function system_ntp_configure() {
1106	f19d3b7a	Scott Ullrich	global $config, $g;
1107	5b237745	Scott Ullrich
1108			$syscfg = $config['system'];
1109
1110	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1111			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1112			if(!$fd) {
1113	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1114	20b90e0a	Scott Ullrich	return;
1115	5b237745	Scott Ullrich	}
1116
1117	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1118			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1119			fwrite($fd, "# \n\n");
1120	0f282d7a	Scott Ullrich
1121	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1122			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1123			fwrite($fd, "servers {$ts}\n");
1124	0f282d7a	Scott Ullrich
1125	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1126	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1127			/* server config is in coregui1 */
1128	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1129			if ($xmlsettings['enable'] == 'on') {
1130			$ifaces = explode(',', $xmlsettings['interface']);
1131	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1132	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1133			$ips = array_map('find_interface_ip', $ifaces);
1134			foreach ($ips as $ip) {
1135	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1136	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1137			}
1138	95594e5a	Scott Ullrich	}
1139			}
1140
1141	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1142	0f282d7a	Scott Ullrich
1143	20b90e0a	Scott Ullrich	/* slurp! */
1144			fclose($fd);
1145
1146			/* if openntpd is running, kill it */
1147	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1148	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
1149	5f3e1f12	Scott Ullrich	}
1150
1151			/* if /var/empty does not exist, create it */
1152			if(!is_dir("/var/empty"))
1153			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1154
1155	4a40de3c	Scott Ullrich	if($g['booting'])
1156			return;
1157
1158	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1159			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1160	83eb4567	Scott Ullrich
1161			// Note that we are starting up
1162			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1163	0f282d7a	Scott Ullrich
1164	5b237745	Scott Ullrich	}
1165
1166	652cf082	Seth Mos	function sync_system_time() {
1167			global $config, $g;
1168
1169			$syscfg = $config['system'];
1170
1171			if ($g['booting'])
1172	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1173	652cf082	Seth Mos
1174			/* foreach through servers and write out to ntpd.conf */
1175			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1176			mwexec("/usr/sbin/ntpdate -s $ts");
1177			}
1178	4582b281	Scott Ullrich
1179			if ($g['booting'])
1180			echo "done.\n";
1181
1182	652cf082	Seth Mos	}
1183
1184	405e5de0	Scott Ullrich	function system_halt() {
1185			global $g;
1186
1187			system_reboot_cleanup();
1188
1189	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1190	405e5de0	Scott Ullrich	}
1191
1192	5b237745	Scott Ullrich	function system_reboot() {
1193			global $g;
1194	0f282d7a	Scott Ullrich
1195	5b237745	Scott Ullrich	system_reboot_cleanup();
1196	0f282d7a	Scott Ullrich
1197	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1198			}
1199
1200			function system_reboot_sync() {
1201			global $g;
1202	0f282d7a	Scott Ullrich
1203	5b237745	Scott Ullrich	system_reboot_cleanup();
1204	0f282d7a	Scott Ullrich
1205	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1206			}
1207
1208			function system_reboot_cleanup() {
1209	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1210	04967d99	jim-p	require_once("captiveportal.inc");
1211	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1212	336e3c1c	Charlie	require_once("voucher.inc");
1213			voucher_save_db_to_config();
1214	5b237745	Scott Ullrich	}
1215
1216			function system_do_shell_commands($early = 0) {
1217	f19d3b7a	Scott Ullrich	global $config, $g;
1218	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1219			$mt = microtime();
1220	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1221	58c7450e	Scott Ullrich	}
1222	0f282d7a	Scott Ullrich
1223	5b237745	Scott Ullrich	if ($early)
1224			$cmdn = "earlyshellcmd";
1225			else
1226			$cmdn = "shellcmd";
1227	0f282d7a	Scott Ullrich
1228	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1229	333f8ef0	Scott Ullrich
1230	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1231	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1232			exec($cmd);
1233			}
1234	245388b4	Scott Ullrich
1235			} elseif($config['system'][$cmdn] <> "") {
1236	333f8ef0	Scott Ullrich
1237	245388b4	Scott Ullrich	/* execute single item */
1238			exec($config['system'][$cmdn]);
1239
1240	5b237745	Scott Ullrich	}
1241			}
1242
1243			function system_console_configure() {
1244	f19d3b7a	Scott Ullrich	global $config, $g;
1245	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1246			$mt = microtime();
1247	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1248	333f8ef0	Scott Ullrich	}
1249	0f282d7a	Scott Ullrich
1250	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1251			touch("{$g['varetc_path']}/disableconsole");
1252			} else {
1253			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1254			}
1255			}
1256
1257			function system_dmesg_save() {
1258	f19d3b7a	Scott Ullrich	global $g;
1259	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1260			$mt = microtime();
1261	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1262	f19d3b7a	Scott Ullrich	}
1263	0f282d7a	Scott Ullrich
1264	767a716e	Scott Ullrich	$dmesg = "";
1265	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1266	0f282d7a	Scott Ullrich
1267	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1268			$lastcpline = 0;
1269	0f282d7a	Scott Ullrich
1270	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1271			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1272			$lastcpline = $i;
1273			}
1274	0f282d7a	Scott Ullrich
1275	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1276			if (!$fd) {
1277			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1278			return 1;
1279			}
1280	0f282d7a	Scott Ullrich
1281	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1282			fwrite($fd, $dmesg[$i] . "\n");
1283	0f282d7a	Scott Ullrich
1284	5b237745	Scott Ullrich	fclose($fd);
1285	0f282d7a	Scott Ullrich
1286	5b237745	Scott Ullrich	return 0;
1287			}
1288
1289			function system_set_harddisk_standby() {
1290	f19d3b7a	Scott Ullrich	global $g, $config;
1291	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1292			$mt = microtime();
1293	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1294	58c7450e	Scott Ullrich	}
1295	5b237745	Scott Ullrich
1296			if (isset($config['system']['harddiskstandby'])) {
1297			if ($g['booting']) {
1298	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1299	5b237745	Scott Ullrich	}
1300
1301			$standby = $config['system']['harddiskstandby'];
1302			// Check for a numeric value
1303			if (is_numeric($standby)) {
1304			// Sync the disk(s)
1305			mwexec('/bin/sync');
1306			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1307			// Reinitialize ATA-drives
1308			mwexec('/usr/local/sbin/atareinit');
1309			if ($g['booting']) {
1310	5c6d0f65	Colin Smith	echo "done.\n";
1311	5b237745	Scott Ullrich	}
1312			} else if ($g['booting']) {
1313	5c6d0f65	Colin Smith	echo "failed!\n";
1314	5b237745	Scott Ullrich	}
1315			} else if ($g['booting']) {
1316	5c6d0f65	Colin Smith	echo "failed!\n";
1317	5b237745	Scott Ullrich	}
1318			}
1319			}
1320
1321	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1322	f19d3b7a	Scott Ullrich	global $config;
1323	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1324			$mt = microtime();
1325	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1326	58c7450e	Scott Ullrich	}
1327	243aa7b9	Scott Ullrich
1328	6df9d7e3	Scott Ullrich	activate_sysctls();
1329
1330	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1331			system_disable_arp_wrong_if();
1332			}
1333			}
1334
1335			function system_disable_arp_wrong_if() {
1336	f19d3b7a	Scott Ullrich	global $config;
1337	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1338			$mt = microtime();
1339	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1340	333f8ef0	Scott Ullrich	}
1341	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1342	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1343	3ff9d424	Scott Ullrich	}
1344
1345	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1346	f19d3b7a	Scott Ullrich	global $config;
1347	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1348			$mt = microtime();
1349	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1350	58c7450e	Scott Ullrich	}
1351	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1352	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1353	243aa7b9	Scott Ullrich	}
1354
1355	a199b93e	Scott Ullrich	function enable_watchdog() {
1356			global $config;
1357	1a479479	Scott Ullrich	return;
1358	a199b93e	Scott Ullrich	$install_watchdog = false;
1359			$supported_watchdogs = array("Geode");
1360			$file = file_get_contents("/var/log/dmesg.boot");
1361			foreach($supported_watchdogs as $sd) {
1362			if(stristr($file, "Geode")) {
1363			$install_watchdog = true;
1364			}
1365			}
1366			if($install_watchdog == true) {
1367	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1368	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1369	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1370	a199b93e	Scott Ullrich	}
1371			}
1372	c0481e1c	Ermal Lu?i	?>

Project

General

Profile

pfSense