/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 8f5c3d8d

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36	5ba5a8de	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55	f3c91cb5	Erik Fonnesbeck
56			if (isset($sysctls[$id]))
57			return $sysctls[$id];
58	3a35f55f	Scott Ullrich	}
59
60	6df9d7e3	Scott Ullrich	function activate_sysctls() {
61			global $config, $g;
62	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66	99e88aa0	Ermal Luçi
67	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
68	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
69	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
70			$value = get_default_sysctl_value($tunable['tunable']);
71			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
72			} else {
73	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
74	b2d0140c	Scott Ullrich	}
75	d0b461f5	sullrich	}
76			}
77	6df9d7e3	Scott Ullrich	}
78
79	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
80	c3f535c0	Seth Mos	global $config, $g;
81
82			if(isset($config['system']['developerspew'])) {
83			$mt = microtime();
84			echo "system_resolvconf_generate() being called $mt\n";
85			}
86	ef217c69	Scott Ullrich
87	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
88	ef217c69	Scott Ullrich
89	30cee7b2	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
90			if (!$fd) {
91			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
92			return 1;
93			}
94	ef217c69	Scott Ullrich
95	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
96	ef217c69	Scott Ullrich
97	30cee7b2	Scott Ullrich	$havedns = false;
98	ef217c69	Scott Ullrich
99	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
100	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
101	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
102			foreach($ns as $searchserver) {
103			if($searchserver) {
104			$resolvconf .= "search {$searchserver}\n";
105			$havedns = true;
106			}
107			}
108	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
109			foreach($ns as $nameserver) {
110			if($nameserver) {
111			$resolvconf .= "nameserver $nameserver\n";
112			$havedns = true;
113	e428c94d	Scott Ullrich	}
114	c3f535c0	Seth Mos	}
115	30cee7b2	Scott Ullrich	}
116			if (!$havedns && is_array($syscfg['dnsserver'])) {
117	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
118			if ($ns) {
119			$resolvconf .= "nameserver $ns\n";
120			$havedns = true;
121	e428c94d	Scott Ullrich	}
122	e180a6e3	Scott Ullrich	}
123	c3f535c0	Seth Mos	}
124	0f282d7a	Scott Ullrich
125	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
126			fclose($fd);
127	0f282d7a	Scott Ullrich
128	30cee7b2	Scott Ullrich	if (!$g['booting']) {
129	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
130			if (!$dynupdate)
131			services_dhcpd_configure();
132	30cee7b2	Scott Ullrich	}
133	ef217c69	Scott Ullrich
134	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
135			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136			/* setup static routes for dns servers */
137			$dnsgw = "dns{$dnscounter}gwint";
138			if (isset($config['system'][$dnsgw])) {
139			$interface = $config['system'][$dnsgw];
140			if (($interface <> "") && ($interface <> "none")) {
141			$gatewayip = get_interface_gateway($interface);
142			if(is_ipaddr($gatewayip)) {
143			/* dns server array starts at 0 */
144	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
145	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
146	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
147	b875f306	Scott Ullrich	}
148			}
149	e180a6e3	Scott Ullrich	}
150	c3f535c0	Seth Mos	}
151
152			return 0;
153	5b237745	Scott Ullrich	}
154
155	86dcdfc9	Ermal	function get_searchdomains() {
156			global $config, $g;
157
158			$master_list = array();
159
160			// Read in dhclient nameservers
161			$search_list = split("\n", `/bin/cat /var/etc/searchdomain_* 2>/dev/null`);
162			if (is_array($search_lists)) {
163			foreach($search_lists as $dns) {
164			if(is_hostname($dns))
165			$master_list[] = $dns;
166			}
167			}
168
169			return $master_list;
170			}
171
172	3d00ccaa	Scott Ullrich	function get_nameservers() {
173			global $config, $g;
174			$master_list = array();
175	30cee7b2	Scott Ullrich
176	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
177	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameserver_* 2>/dev/null`);
178			if (is_array($dns_lists)) {
179	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
180	1033de74	Ermal	if(is_ipaddr($dns))
181	ae9617ae	Ermal	$master_list[] = $dns;
182	60951398	Scott Ullrich	}
183	3d00ccaa	Scott Ullrich	}
184	2a1226ad	Scott Ullrich
185			// Read in any extra nameservers
186			if(file_exists("/var/etc/nameservers.conf")) {
187	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameservers.conf`);
188	2a1226ad	Scott Ullrich	if(is_array($dns_s))
189			foreach($dns_s as $dns)
190	1033de74	Ermal	if (is_ipaddr($dns))
191			$master_list[] = $dns;
192	2a1226ad	Scott Ullrich	}
193
194	3d00ccaa	Scott Ullrich	return $master_list;
195			}
196
197	5b237745	Scott Ullrich	function system_hosts_generate() {
198	f19d3b7a	Scott Ullrich	global $config, $g;
199	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
200			$mt = microtime();
201	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
202	f19d3b7a	Scott Ullrich	}
203	0f282d7a	Scott Ullrich
204	5b237745	Scott Ullrich	$syscfg = $config['system'];
205			$dnsmasqcfg = $config['dnsmasq'];
206
207			if (!is_array($dnsmasqcfg['hosts'])) {
208			$dnsmasqcfg['hosts'] = array();
209			}
210			$hostscfg = $dnsmasqcfg['hosts'];
211	0f282d7a	Scott Ullrich
212	58db1fc4	Ermal	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
213	a55e9c70	Ermal Lu?i
214	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
215			$cfgip = get_interface_ip("lan");
216	f38f8062	Ermal	if (is_ipaddr($cfgip))
217			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
218	e5995f9d	Ermal	} else {
219			$sysiflist = get_configured_interface_list();
220			foreach ($sysiflist as $sysif) {
221			if (!interface_has_gateway($sysif)) {
222			$cfgip = get_interface_ip($sysif);
223			if (is_ipaddr($cfgip)) {
224			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
225			break;
226			}
227			}
228			}
229	f38f8062	Ermal	}
230	0f282d7a	Scott Ullrich
231	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
232			if ($host['host'])
233			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
234			else
235			$hosts .= "{$host['ip']} {$host['domain']}\n";
236			}
237	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
238	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
239			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
240	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
241	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
242			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
243	a56e787d	Scott Ullrich	}
244	58db1fc4	Ermal
245			/*
246			* Do not remove this because dhcpleases monitors with kqueue it needs to be
247			* killed before writing to hosts files.
248			*/
249			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
250			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
251			@unlink("{$g['varrun_path']}/dhcpleases.pid");
252			}
253			$fd = fopen("{$g['varetc_path']}/hosts", "w");
254			if (!$fd) {
255			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
256			return 1;
257			}
258	5b237745	Scott Ullrich	fwrite($fd, $hosts);
259			fclose($fd);
260	0f282d7a	Scott Ullrich
261	24d619f5	Ermal	system_dhcpleases_configure();
262
263			return 0;
264			}
265
266			function system_dhcpleases_configure() {
267	15d456b9	gnhb	global $config, $g;
268
269	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
270			if (isset($config['dnsmasq']['regdhcp'])) {
271			/* Make sure we do not error out */
272			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
273	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
274			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
275			else
276			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
277			} else {
278			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
279			@unlink("{$g['varrun_path']}/dhcpleases.pid");
280			}
281	5b237745	Scott Ullrich	}
282
283			function system_hostname_configure() {
284	f19d3b7a	Scott Ullrich	global $config, $g;
285	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
286			$mt = microtime();
287	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
288	333f8ef0	Scott Ullrich	}
289	0f282d7a	Scott Ullrich
290	5b237745	Scott Ullrich	$syscfg = $config['system'];
291	0f282d7a	Scott Ullrich
292	5b237745	Scott Ullrich	/* set hostname */
293	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
294	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
295	6bfccde7	Scott Ullrich
296			/* Setup host GUID ID. This is used by ZFS. */
297			mwexec("/etc/rc.d/hostid start");
298
299			return $status;
300	5b237745	Scott Ullrich	}
301
302	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
303	962625aa	Ermal	global $config, $g;
304	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
305			$mt = microtime();
306	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
307	58c7450e	Scott Ullrich	}
308	333f8ef0	Scott Ullrich
309	a529aced	Ermal	$gatewayip = "";
310			$interfacegw = "";
311	3cc07282	Ermal	$foundgw = false;
312	a529aced	Ermal	/* tack on all the hard defined gateways as well */
313			if (is_array($config['gateways']['gateway_item'])) {
314	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
315	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
316			if (isset($gateway['defaultgw'])) {
317			if ($gateway['gateway'] == "dynamic")
318			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
319			$gatewayip = $gateway['gateway'];
320			$interfacegw = $gateway['interface'];
321	924f202e	Ermal	if (!empty($interfacegw)) {
322			$defaultif = get_real_interface($gateway['interface']);
323			if ($defaultif)
324			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
325			}
326			$foundgw = true;
327	a529aced	Ermal	break;
328			}
329	6e17413e	Ermal Lu?i	}
330	b24bda08	Scott Ullrich	}
331	3cc07282	Ermal	if ($foundgw == false) {
332			$defaultif = get_real_interface("wan");
333			$interfacegw = "wan";
334			$gatewayip = get_interface_gateway("wan");
335			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
336			}
337	d173230c	Seth Mos	$dont_add_route = false;
338			/* if OLSRD is enabled, allow WAN to house DHCP. */
339			if($config['installedpackages']['olsrd']) {
340			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
341			if($olsrd['enabledyngw'] == "on") {
342			$dont_add_route = true;
343	6e17413e	Ermal Lu?i	break;
344	d173230c	Seth Mos	}
345			}
346			}
347	07b54e8c	smos	/* Create a array from the existing route table */
348			exec("/usr/bin/netstat -rnf inet", $route_str);
349			array_shift($route_str);
350			array_shift($route_str);
351			array_shift($route_str);
352			array_shift($route_str);
353			$route_arr = array();
354			foreach($route_str as $routeline) {
355			$items = preg_split("/[ ]+/i", $routeline);
356	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
357	07b54e8c	smos	}
358
359	1ea67f2e	Ermal	if ($dont_add_route == false ) {
360	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
361	1ea67f2e	Ermal	;
362			else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
363	b61154fb	smos	$action = "add";
364			if(isset($route_arr['default'])) {
365	07b54e8c	smos	$action = "change";
366			}
367	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
368	07b54e8c	smos	mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip));
369	d173230c	Seth Mos	}
370			}
371
372	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
373	a529aced	Ermal	$gateways_arr = return_gateways_array();
374	0f282d7a	Scott Ullrich
375	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
376	a529aced	Ermal	$gatewayip = "";
377	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
378	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
379	a529aced	Ermal	continue;
380			}
381	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
382			if ($interface == $gateway['friendlyiface'])
383			continue;
384			$gatewayip = $gateway['gateway'];
385			$interfacegw = $gateway['interface'];
386	a529aced	Ermal	$action = "add";
387	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
388	a529aced	Ermal	$action = "change";
389
390			if (is_ipaddr($gatewayip)) {
391			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
392	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
393	a529aced	Ermal	} else if (!empty($interfacegw)) {
394			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
395			" -iface " . escapeshellarg($interfacegw));
396	7a98edde	Seth Mos	}
397	5b237745	Scott Ullrich	}
398			}
399	67ee1ec5	Ermal Luçi
400	b9c501ea	Seth Mos	return 0;
401	5b237745	Scott Ullrich	}
402
403			function system_routing_enable() {
404	f19d3b7a	Scott Ullrich	global $config, $g;
405	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
406			$mt = microtime();
407	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
408	58c7450e	Scott Ullrich	}
409	0f282d7a	Scott Ullrich
410	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
411	5b237745	Scott Ullrich	}
412
413			function system_syslogd_start() {
414	f19d3b7a	Scott Ullrich	global $config, $g;
415	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
416			$mt = microtime();
417	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
418	58c7450e	Scott Ullrich	}
419	0f282d7a	Scott Ullrich
420	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
421
422	0f282d7a	Scott Ullrich	if ($g['booting'])
423	f05740c1	Scott Ullrich	echo "Starting syslog...";
424	5b237745	Scott Ullrich	else
425			killbypid("{$g['varrun_path']}/syslog.pid");
426	0f282d7a	Scott Ullrich
427	99f98b80	sullrich	if(is_process_running("syslogd"))
428			mwexec("/usr/bin/killall -9 syslogd");
429			if(is_process_running("fifolog_writer"))
430			mwexec("/usr/bin/killall -9 fifolog_writer");
431	7ee97cb3	Scott Ullrich
432			// Define carious commands for logging
433			$fifolog_create = "/usr/sbin/fifolog_create -s ";
434			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
435			$clog_create = "/usr/sbin/clog -i -s ";
436			$clog_log = "%";
437
438			// Which logging type are we using this week??
439			if(isset($config['system']['usefifolog'])) {
440			$log_directive = $fifolog_log;
441			$log_create_directive = $fifolog_create;
442			} else { // Defaults to CLOG
443			$log_directive = $clog_log;
444			$log_create_directive = $clog_create;
445			}
446
447	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
448	a6607b5f	jim-p	$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps');
449	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
450	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
451			if($package['logging']) {
452	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
453	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
454	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
455	a728d2ea	Colin Smith	}
456	0d9d2a1b	Scott Ullrich	}
457			}
458	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
459	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
460	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
461			if (!$fd) {
462			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
463			return 1;
464			}
465	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
466	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
467	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
468	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
469			if (!isset($syslogcfg['disablelocallogging']))
470			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
471	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
472	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
473	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
474			$syslogconf .= "!poes\n";
475	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
476	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
477			$syslogconf .= "!l2tps\n";
478	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
479	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
480	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
481	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
482	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
483	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
484			if($syslogcfg['remoteserver'])
485			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
486			if($syslogcfg['remoteserver2'])
487			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
488			if($syslogcfg['remoteserver3'])
489			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
490			}
491	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
492	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
493	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
494	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
495			if($syslogcfg['remoteserver'])
496			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
497			if($syslogcfg['remoteserver2'])
498			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
499			if($syslogcfg['remoteserver3'])
500			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
501			}
502	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
503			if (!isset($syslogcfg['disablelocallogging']))
504			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
505	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
506			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
507	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
508	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
509	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
510	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
511	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
512	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
513			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
514			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
515			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
516			local7.none {$log_directive}{$g['varlog_path']}/system.log
517			security.* {$log_directive}{$g['varlog_path']}/system.log
518			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
519	6d8ff5e9	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
520	9dac9942	Scott Ullrich	.emerg
521	0a123b4c	Scott Ullrich
522	5b237745	Scott Ullrich	EOD;
523	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
524			if($syslogcfg['remoteserver'])
525			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
526			if($syslogcfg['remoteserver2'])
527			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
528			if($syslogcfg['remoteserver3'])
529			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
530
531			}
532			if (isset($syslogcfg['vpn'])) {
533			if($syslogcfg['remoteserver'])
534			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
535			if($syslogcfg['remoteserver2'])
536			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
537			if($syslogcfg['remoteserver3'])
538			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
539			}
540			if (isset($syslogcfg['portalauth'])) {
541			if($syslogcfg['remoteserver'])
542			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
543			if($syslogcfg['remoteserver2'])
544			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
545			if($syslogcfg['remoteserver3'])
546			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
547			}
548			if (isset($syslogcfg['dhcp'])) {
549			if($syslogcfg['remoteserver'])
550			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
551			if($syslogcfg['remoteserver2'])
552			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
553			if($syslogcfg['remoteserver3'])
554			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
555			}
556			if (isset($syslogcfg['system'])) {
557			if($syslogcfg['remoteserver'])
558			$syslogconf .= <<<EOD
559	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
560			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
561			security.* @{$syslogcfg['remoteserver']}
562			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
563			*.emerg @{$syslogcfg['remoteserver']}
564	d2834563	Scott Ullrich
565	5b237745	Scott Ullrich	EOD;
566	be5d59d7	Scott Ullrich
567	07bdaacd	pierrepomes	}
568
569	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
570			if($syslogcfg['remoteserver2'])
571			$syslogconf .= <<<EOD
572			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
573			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
574			security.* @{$syslogcfg['remoteserver2']}
575			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
576			*.emerg @{$syslogcfg['remoteserver2']}
577
578			EOD;
579
580	07bdaacd	pierrepomes	}
581
582	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
583			if($syslogcfg['remoteserver3'])
584			$syslogconf .= <<<EOD
585			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
586			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
587			security.* @{$syslogcfg['remoteserver3']}
588			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
589			*.emerg @{$syslogcfg['remoteserver3']}
590
591			EOD;
592
593			}
594	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
595	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
596			$syslogconf .= <<<EOD
597	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
598
599			EOD;
600	be5d59d7	Scott Ullrich
601			if($syslogcfg['remoteserver2'])
602			$syslogconf .= <<<EOD
603			. @{$syslogcfg['remoteserver2']}
604
605			EOD;
606
607			if($syslogcfg['remoteserver3'])
608			$syslogconf .= <<<EOD
609			. @{$syslogcfg['remoteserver3']}
610
611			EOD;
612
613			}
614	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
615			fclose($fd);
616	42ee8bde	Scott Ullrich
617			// Ensure that the log directory exists
618	81868072	Scott Ullrich	if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
619	42ee8bde	Scott Ullrich	exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
620
621	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
622			if(strpos($syslogconf, "@") != false)
623	f8895161	jim-p	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
624	6a638a89	Scott Ullrich	else
625	65f7fba8	Scott Ullrich	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
626	5b237745	Scott Ullrich
627			} else {
628	65f7fba8	Scott Ullrich	$retval = mwexec("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
629	5b237745	Scott Ullrich	}
630	0f282d7a	Scott Ullrich
631	5b237745	Scott Ullrich	if ($g['booting'])
632	5c6d0f65	Colin Smith	echo "done.\n";
633	0f282d7a	Scott Ullrich
634	5b237745	Scott Ullrich	return $retval;
635			}
636
637			function system_pccard_start() {
638	f19d3b7a	Scott Ullrich	global $config, $g;
639	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
640			$mt = microtime();
641	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
642	58c7450e	Scott Ullrich	}
643	0f282d7a	Scott Ullrich
644	5b237745	Scott Ullrich	if ($g['booting'])
645	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
646	0f282d7a	Scott Ullrich
647	5b237745	Scott Ullrich	/* kill any running pccardd */
648			killbypid("{$g['varrun_path']}/pccardd.pid");
649	0f282d7a	Scott Ullrich
650	5b237745	Scott Ullrich	/* fire up pccardd */
651			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
652	0f282d7a	Scott Ullrich
653	5b237745	Scott Ullrich	if ($g['booting']) {
654			if ($res == 0)
655	5c6d0f65	Colin Smith	echo "done.\n";
656	5b237745	Scott Ullrich	else
657	5c6d0f65	Colin Smith	echo "failed!\n";
658	5b237745	Scott Ullrich	}
659	0f282d7a	Scott Ullrich
660	5b237745	Scott Ullrich	return $res;
661			}
662
663	819197a8	Scott Ullrich
664	5b237745	Scott Ullrich	function system_webgui_start() {
665	f19d3b7a	Scott Ullrich	global $config, $g;
666	877ac35d	Scott Ullrich
667			if ($g['booting'])
668	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
669	877ac35d	Scott Ullrich
670	383a4439	Scott Ullrich	/* kill any running lighttpd */
671	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
672
673	e9d0bf64	Scott Ullrich	sleep(1);
674
675	877ac35d	Scott Ullrich	chdir($g['www_path']);
676
677	fb1266d3	Matthew Grooms	/* defaults */
678			$portarg = "80";
679			$crt = "";
680			$key = "";
681	2cf6ddcb	Nigel Graham	$ca = "";
682	fb1266d3	Matthew Grooms
683	877ac35d	Scott Ullrich	/* non-standard port? */
684	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
685	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
686	877ac35d	Scott Ullrich
687			if ($config['system']['webgui']['protocol'] == "https") {
688	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
689	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
690	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
691	1e332e98	jim-p	if (!is_array($config['ca']))
692			$config['ca'] = array();
693			$a_ca =& $config['ca'];
694			if (!is_array($config['cert']))
695			$config['cert'] = array();
696			$a_cert =& $config['cert'];
697	e9954aef	Scott Ullrich	log_error("Creating SSL Certificate for this host");
698	aab4ca82	Scott Ullrich	$cert = array();
699			$cert['refid'] = uniqid();
700	f2a86ca9	jim-p	$cert['descr'] = "webConfigurator default";
701	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
702			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
703			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
704			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
705			unlink("{$g['tmp_path']}/ssl.key");
706			unlink("{$g['tmp_path']}/ssl.crt");
707	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
708			$a_cert[] = $cert;
709			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
710			write_config("Importing HTTPS certificate");
711			if(!$config['system']['webgui']['port'])
712			$portarg = "443";
713			$ca = ca_chain($cert);
714	edc8a9f8	jim-p	} else {
715	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
716			$key = base64_decode($cert['prv']);
717			if(!$config['system']['webgui']['port'])
718			$portarg = "443";
719	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
720	edc8a9f8	jim-p	}
721	877ac35d	Scott Ullrich	}
722
723			/* generate lighttpd configuration */
724			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
725	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
726	877ac35d	Scott Ullrich
727			/* attempt to start lighthttpd */
728			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
729
730	cc093472	sullrich	/* fetch page to preload apc cache */
731	eb0f4fc6	Ermal Lu?i	$proto = "http";
732			if ($config['system']['webgui']['protocol'])
733			$proto = $config['system']['webgui']['protocol'];
734	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
735	cc093472	sullrich
736	877ac35d	Scott Ullrich	if ($g['booting']) {
737			if ($res == 0)
738			echo "done.\n";
739			else
740			echo "failed!\n";
741			}
742
743			return $res;
744			}
745
746	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
747			$cert,
748			$key,
749	2cf6ddcb	Nigel Graham	$ca,
750	eb0f441c	Scott Ullrich	$pid_file,
751			$port = 80,
752			$document_root = "/usr/local/www/",
753			$cert_location = "cert.pem",
754	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
755	1b666ae2	Scott Ullrich	$max_procs = 2,
756	280b75d9	Scott Ullrich	$max_requests = "2",
757	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
758			$captive_portal = false) {
759	58c7450e	Scott Ullrich
760	f19d3b7a	Scott Ullrich	global $config, $g;
761
762	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
763			mkdir("{$g['tmp_path']}/lighttpdcompress");
764	570ef08c	sullrich
765	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
766			$mt = microtime();
767	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
768	58c7450e	Scott Ullrich	}
769
770	eb0f441c	Scott Ullrich	if($captive_portal == true) {
771			$captiveportal = ",\"mod_rewrite\"";
772	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
773	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
774			$maxprocperip = $config['captiveportal']['maxprocperip'];
775	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
776			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
777			else
778			$captive_portal_mod_evasive = "";
779	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
780			exec("mkdir -p {$g['tmp_path']}/captiveportal");
781			exec("chmod a-w {$g['tmp_path']}/captiveportal");
782	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
783	b0bdc06e	Scott Ullrich	} else {
784	3435dc35	Ermal Lu?i	$captiveportal = "";
785			$captive_portal_rewrite = "";
786	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
787			$captive_portal_mod_evasive = "";
788	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
789	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
790	eb0f441c	Scott Ullrich	}
791	3306a341	Scott Ullrich
792	28cae949	Scott Ullrich	if($port <> "")
793			$lighty_port = $port;
794			else
795			$lighty_port = "80";
796	3d77d4c4	Scott Ullrich
797			$memory = get_memory();
798			$avail = $memory[0];
799
800	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
801			$fast_cgi_enable = false;
802			}
803
804	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
805			if($captive_portal == true) {
806			if($avail > 65 and $avail < 98) {
807			$max_procs = 1;
808			}
809			if($avail > 97 and $avail < 128) {
810			$max_procs = 2;
811			}
812			if($avail > 127 and $avail < 256) {
813			$max_procs = 3;
814			}
815			if($avail > 255 and $avail < 384) {
816			$max_procs = 4;
817			}
818			if($avail > 383) {
819			$max_procs = 5;
820			}
821	b0bdc06e	Scott Ullrich	}
822
823	6e337a84	Scott Ullrich	if($captive_portal == true) {
824			$bin_environment = <<<EOC
825	5e041d5f	Scott Ullrich	"bin-environment" => (
826	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
827			"PHP_FCGI_MAX_REQUESTS" => "500"
828	6e337a84	Scott Ullrich	),
829			EOC;
830
831	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
832			$bin_environment = <<<EOC
833	980df75c	Scott Ullrich	"bin-environment" => (
834	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
835	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
836	04f4a116	Ermal Luçi	),
837
838			EOC;
839			} else
840	980df75c	Scott Ullrich	$bin_environment = <<<EOC
841			"bin-environment" => (
842			"PHP_FCGI_CHILDREN" => "$max_procs",
843			"PHP_FCGI_MAX_REQUESTS" => "500"
844			),
845			EOC;
846
847	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
848	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
849	4edb490d	Scott Ullrich	$cgi_config = "";
850			$fastcgi_config = <<<EOD
851			#### fastcgi module
852			## read fastcgi.txt for more info
853	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
854			( "localhost" =>
855			(
856	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
857	980df75c	Scott Ullrich	"min-procs" => 0,
858	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
859	6e337a84	Scott Ullrich	{$bin_environment}
860	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
861			)
862			)
863			)
864	4edb490d	Scott Ullrich
865	dde4f60c	Scott Ullrich	#### CGI module
866	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
867	dde4f60c	Scott Ullrich
868	4edb490d	Scott Ullrich	EOD;
869			} else {
870			$fastcgi_config = "";
871			$module = "\"mod_cgi\"";
872			$cgi_config = <<<EOD
873			#### CGI module
874			cgi.assign = ( ".php" => "/usr/local/bin/php",
875	d4302f46	Espen Johansen	".cgi" => "" )
876	333f8ef0	Scott Ullrich
877	4edb490d	Scott Ullrich	EOD;
878			}
879	333f8ef0	Scott Ullrich
880	3435dc35	Ermal Lu?i	$lighty_config = "";
881	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
882	28cae949	Scott Ullrich	#
883	a632cf43	Scott Ullrich	# lighttpd configuration file
884			#
885			# use a it as base for lighttpd 1.0.0 and above
886	28cae949	Scott Ullrich	#
887	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
888
889	770b4b9c	Scott Ullrich	## FreeBSD!
890	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
891			server.network-backend = "writev"
892	096261af	Scott Ullrich
893	a632cf43	Scott Ullrich	## modules to load
894	4edb490d	Scott Ullrich	server.modules = (
895	c93ad789	Scott Ullrich	{$captive_portal_module}
896	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
897	c93ad789	Scott Ullrich	{$module}{$captiveportal}
898			)
899	28cae949	Scott Ullrich
900			## Unused modules
901	6a019c11	Scott Ullrich	# "mod_setenv",
902			# "mod_rewrite",
903	28cae949	Scott Ullrich	# "mod_ssi",
904			# "mod_usertrack",
905			# "mod_expire",
906			# "mod_secdownload",
907			# "mod_rrdtool",
908	a632cf43	Scott Ullrich	# "mod_auth",
909			# "mod_status",
910	28cae949	Scott Ullrich	# "mod_alias",
911	a632cf43	Scott Ullrich	# "mod_proxy",
912			# "mod_simple_vhost",
913			# "mod_evhost",
914			# "mod_userdir",
915	28cae949	Scott Ullrich	# "mod_cgi",
916	a632cf43	Scott Ullrich
917	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
918			server.max-keep-alive-idle = 30
919
920	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
921			## server.virtual-* options
922	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
923	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
924	a632cf43	Scott Ullrich
925	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
926			server.max-write-idle = 999
927
928	a632cf43	Scott Ullrich	## where to send error-messages to
929	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
930	a632cf43	Scott Ullrich
931			# files to check for if .../ is requested
932			server.indexfiles = ( "index.php", "index.html",
933			"index.htm", "default.htm" )
934
935			# mimetype mapping
936			mimetype.assign = (
937			".pdf" => "application/pdf",
938			".sig" => "application/pgp-signature",
939			".spl" => "application/futuresplash",
940			".class" => "application/octet-stream",
941			".ps" => "application/postscript",
942			".torrent" => "application/x-bittorrent",
943			".dvi" => "application/x-dvi",
944			".gz" => "application/x-gzip",
945			".pac" => "application/x-ns-proxy-autoconfig",
946			".swf" => "application/x-shockwave-flash",
947			".tar.gz" => "application/x-tgz",
948			".tgz" => "application/x-tgz",
949			".tar" => "application/x-tar",
950			".zip" => "application/zip",
951			".mp3" => "audio/mpeg",
952			".m3u" => "audio/x-mpegurl",
953			".wma" => "audio/x-ms-wma",
954			".wax" => "audio/x-ms-wax",
955			".ogg" => "audio/x-wav",
956			".wav" => "audio/x-wav",
957			".gif" => "image/gif",
958			".jpg" => "image/jpeg",
959			".jpeg" => "image/jpeg",
960			".png" => "image/png",
961			".xbm" => "image/x-xbitmap",
962			".xpm" => "image/x-xpixmap",
963			".xwd" => "image/x-xwindowdump",
964			".css" => "text/css",
965			".html" => "text/html",
966			".htm" => "text/html",
967			".js" => "text/javascript",
968			".asc" => "text/plain",
969			".c" => "text/plain",
970			".conf" => "text/plain",
971			".text" => "text/plain",
972			".txt" => "text/plain",
973			".dtd" => "text/xml",
974			".xml" => "text/xml",
975			".mpeg" => "video/mpeg",
976			".mpg" => "video/mpeg",
977			".mov" => "video/quicktime",
978			".qt" => "video/quicktime",
979			".avi" => "video/x-msvideo",
980			".asf" => "video/x-ms-asf",
981			".asx" => "video/x-ms-asf",
982			".wmv" => "video/x-ms-wmv",
983			".bz2" => "application/x-bzip",
984			".tbz" => "application/x-bzip-compressed-tar",
985			".tar.bz2" => "application/x-bzip-compressed-tar"
986			)
987
988			# Use the "Content-Type" extended attribute to obtain mime type if possible
989			#mimetypes.use-xattr = "enable"
990
991			#### accesslog module
992	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
993	a632cf43	Scott Ullrich
994			## deny access the file-extensions
995			#
996			# ~ is for backupfiles from vi, emacs, joe, ...
997			# .inc is often used for code includes which should in general not be part
998			# of the document-root
999			url.access-deny = ( "~", ".inc" )
1000
1001
1002			######### Options that are good to be but not neccesary to be changed #######
1003
1004			## bind to port (default: 80)
1005	28cae949	Scott Ullrich	server.port = {$lighty_port}
1006	a632cf43	Scott Ullrich
1007			## error-handler for status 404
1008			#server.error-handler-404 = "/error-handler.html"
1009			#server.error-handler-404 = "/error-handler.php"
1010
1011			## to help the rc.scripts
1012			server.pid-file = "/var/run/{$pid_file}"
1013
1014			## virtual directory listings
1015	28cae949	Scott Ullrich	server.dir-listing = "disable"
1016	a632cf43	Scott Ullrich
1017			## enable debugging
1018	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1019			debug.log-response-header = "disable"
1020			debug.log-request-handling = "disable"
1021			debug.log-file-not-found = "disable"
1022	a632cf43	Scott Ullrich
1023	570ef08c	sullrich	# gzip compression
1024	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1025	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1026
1027	3306a341	Scott Ullrich	{$server_upload_dirs}
1028	1ef7b568	Scott Ullrich
1029	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1030	ee959dc4	Scott Ullrich
1031	4edb490d	Scott Ullrich	{$fastcgi_config}
1032
1033			{$cgi_config}
1034	a632cf43	Scott Ullrich
1035	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1036
1037	569f47e9	Scott Ullrich	expire.url = (
1038	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1039	569f47e9	Scott Ullrich	)
1040
1041	a632cf43	Scott Ullrich	EOD;
1042
1043	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1044	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1045	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1046	7aae518a	Scott Ullrich
1047			$cert = str_replace("\n\n", "\n", $cert);
1048	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1049	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1050	7aae518a	Scott Ullrich
1051	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1052	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1053	5b237745	Scott Ullrich	if (!$fd) {
1054			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1055			return 1;
1056			}
1057	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1058	5b237745	Scott Ullrich	fwrite($fd, $cert);
1059			fwrite($fd, "\n");
1060			fwrite($fd, $key);
1061			fclose($fd);
1062	2cf6ddcb	Nigel Graham	if($ca <> "") {
1063			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1064			if (!$fd) {
1065			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1066			return 1;
1067			}
1068			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1069			fwrite($fd, $ca);
1070			fclose($fd);
1071			}
1072	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1073	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1074	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1075	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1076	2cf6ddcb	Nigel Graham	if($ca <> "")
1077			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1078	5b237745	Scott Ullrich	}
1079	a978a0ff	Chris Buechler
1080			// Add HTTP to HTTPS redirect
1081			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1082	7921e8e5	Chris Buechler	if($lighty_port != "443")
1083			$redirectport = ":{$lighty_port}";
1084	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1085			\$SERVER["socket"] == ":80" {
1086			\$HTTP["host"] =~ "(.*)" {
1087	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1088	d7e230ae	Chris Buechler	}
1089			}
1090			EOD;
1091			}
1092	0f282d7a	Scott Ullrich
1093	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1094	a632cf43	Scott Ullrich	if (!$fd) {
1095	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1096	a632cf43	Scott Ullrich	return 1;
1097	5b237745	Scott Ullrich	}
1098	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1099			fclose($fd);
1100
1101			return 0;
1102	0f282d7a	Scott Ullrich
1103	5b237745	Scott Ullrich	}
1104
1105			function system_timezone_configure() {
1106	f19d3b7a	Scott Ullrich	global $config, $g;
1107	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1108			$mt = microtime();
1109	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1110	333f8ef0	Scott Ullrich	}
1111	5b237745	Scott Ullrich
1112			$syscfg = $config['system'];
1113
1114			if ($g['booting'])
1115	f05740c1	Scott Ullrich	echo "Setting timezone...";
1116	5b237745	Scott Ullrich
1117			/* extract appropriate timezone file */
1118			$timezone = $syscfg['timezone'];
1119			if (!$timezone)
1120			$timezone = "Etc/UTC";
1121	0f282d7a	Scott Ullrich
1122	34febcde	Scott Ullrich	conf_mount_rw();
1123
1124	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1125	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1126
1127	4efd4885	Scott Ullrich	mwexec("sync");
1128	27150275	Scott Ullrich	conf_mount_ro();
1129	34febcde	Scott Ullrich
1130	5b237745	Scott Ullrich	if ($g['booting'])
1131	5c6d0f65	Colin Smith	echo "done.\n";
1132	5b237745	Scott Ullrich	}
1133
1134			function system_ntp_configure() {
1135	f19d3b7a	Scott Ullrich	global $config, $g;
1136	5b237745	Scott Ullrich
1137	c8960970	Ermal	$syscfg =& $config['system'];
1138	5b237745	Scott Ullrich
1139	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1140			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1141			if(!$fd) {
1142	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1143	20b90e0a	Scott Ullrich	return;
1144	5b237745	Scott Ullrich	}
1145
1146	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1147			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1148			fwrite($fd, "# \n\n");
1149	0f282d7a	Scott Ullrich
1150	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1151			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1152			fwrite($fd, "servers {$ts}\n");
1153	0f282d7a	Scott Ullrich
1154	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1155	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1156			/* server config is in coregui1 */
1157	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1158			if ($xmlsettings['enable'] == 'on') {
1159			$ifaces = explode(',', $xmlsettings['interface']);
1160	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1161	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1162			$ips = array_map('find_interface_ip', $ifaces);
1163			foreach ($ips as $ip) {
1164	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1165	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1166			}
1167	95594e5a	Scott Ullrich	}
1168			}
1169
1170	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1171	0f282d7a	Scott Ullrich
1172	20b90e0a	Scott Ullrich	/* slurp! */
1173			fclose($fd);
1174
1175			/* if openntpd is running, kill it */
1176	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1177	c8960970	Ermal	killbyname("ntpd");
1178	5f3e1f12	Scott Ullrich	}
1179
1180			/* if /var/empty does not exist, create it */
1181			if(!is_dir("/var/empty"))
1182			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1183
1184	401a6674	Ermal	if ($g['booting'])
1185			return;
1186
1187	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1188			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1189	83eb4567	Scott Ullrich
1190			// Note that we are starting up
1191			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1192	0f282d7a	Scott Ullrich
1193	5b237745	Scott Ullrich	}
1194
1195	652cf082	Seth Mos	function sync_system_time() {
1196			global $config, $g;
1197
1198			$syscfg = $config['system'];
1199
1200			if ($g['booting'])
1201	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1202	652cf082	Seth Mos
1203			/* foreach through servers and write out to ntpd.conf */
1204			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1205			mwexec("/usr/sbin/ntpdate -s $ts");
1206			}
1207	4582b281	Scott Ullrich
1208			if ($g['booting'])
1209			echo "done.\n";
1210
1211	652cf082	Seth Mos	}
1212
1213	405e5de0	Scott Ullrich	function system_halt() {
1214			global $g;
1215
1216			system_reboot_cleanup();
1217
1218	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1219	405e5de0	Scott Ullrich	}
1220
1221	5b237745	Scott Ullrich	function system_reboot() {
1222			global $g;
1223	0f282d7a	Scott Ullrich
1224	5b237745	Scott Ullrich	system_reboot_cleanup();
1225	0f282d7a	Scott Ullrich
1226	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1227			}
1228
1229			function system_reboot_sync() {
1230			global $g;
1231	0f282d7a	Scott Ullrich
1232	5b237745	Scott Ullrich	system_reboot_cleanup();
1233	0f282d7a	Scott Ullrich
1234	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1235			}
1236
1237			function system_reboot_cleanup() {
1238	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1239	04967d99	jim-p	require_once("captiveportal.inc");
1240	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1241	336e3c1c	Charlie	require_once("voucher.inc");
1242			voucher_save_db_to_config();
1243	5b237745	Scott Ullrich	}
1244
1245			function system_do_shell_commands($early = 0) {
1246	f19d3b7a	Scott Ullrich	global $config, $g;
1247	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1248			$mt = microtime();
1249	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1250	58c7450e	Scott Ullrich	}
1251	0f282d7a	Scott Ullrich
1252	5b237745	Scott Ullrich	if ($early)
1253			$cmdn = "earlyshellcmd";
1254			else
1255			$cmdn = "shellcmd";
1256	0f282d7a	Scott Ullrich
1257	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1258	333f8ef0	Scott Ullrich
1259	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1260	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1261			exec($cmd);
1262			}
1263	245388b4	Scott Ullrich
1264			} elseif($config['system'][$cmdn] <> "") {
1265	333f8ef0	Scott Ullrich
1266	245388b4	Scott Ullrich	/* execute single item */
1267			exec($config['system'][$cmdn]);
1268
1269	5b237745	Scott Ullrich	}
1270			}
1271
1272			function system_console_configure() {
1273	f19d3b7a	Scott Ullrich	global $config, $g;
1274	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1275			$mt = microtime();
1276	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1277	333f8ef0	Scott Ullrich	}
1278	0f282d7a	Scott Ullrich
1279	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1280			touch("{$g['varetc_path']}/disableconsole");
1281			} else {
1282			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1283			}
1284			}
1285
1286			function system_dmesg_save() {
1287	f19d3b7a	Scott Ullrich	global $g;
1288	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1289			$mt = microtime();
1290	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1291	f19d3b7a	Scott Ullrich	}
1292	0f282d7a	Scott Ullrich
1293	767a716e	Scott Ullrich	$dmesg = "";
1294	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1295	0f282d7a	Scott Ullrich
1296	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1297			$lastcpline = 0;
1298	0f282d7a	Scott Ullrich
1299	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1300			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1301			$lastcpline = $i;
1302			}
1303	0f282d7a	Scott Ullrich
1304	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1305			if (!$fd) {
1306			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1307			return 1;
1308			}
1309	0f282d7a	Scott Ullrich
1310	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1311			fwrite($fd, $dmesg[$i] . "\n");
1312	0f282d7a	Scott Ullrich
1313	5b237745	Scott Ullrich	fclose($fd);
1314	0f282d7a	Scott Ullrich
1315	5b237745	Scott Ullrich	return 0;
1316			}
1317
1318			function system_set_harddisk_standby() {
1319	f19d3b7a	Scott Ullrich	global $g, $config;
1320	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1321			$mt = microtime();
1322	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1323	58c7450e	Scott Ullrich	}
1324	5b237745	Scott Ullrich
1325			if (isset($config['system']['harddiskstandby'])) {
1326			if ($g['booting']) {
1327	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1328	5b237745	Scott Ullrich	}
1329
1330			$standby = $config['system']['harddiskstandby'];
1331			// Check for a numeric value
1332			if (is_numeric($standby)) {
1333			// Sync the disk(s)
1334	5ba5a8de	Scott Ullrich	pfSense_sync();
1335	5b237745	Scott Ullrich	if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1336			// Reinitialize ATA-drives
1337			mwexec('/usr/local/sbin/atareinit');
1338			if ($g['booting']) {
1339	5c6d0f65	Colin Smith	echo "done.\n";
1340	5b237745	Scott Ullrich	}
1341			} else if ($g['booting']) {
1342	5c6d0f65	Colin Smith	echo "failed!\n";
1343	5b237745	Scott Ullrich	}
1344			} else if ($g['booting']) {
1345	5c6d0f65	Colin Smith	echo "failed!\n";
1346	5b237745	Scott Ullrich	}
1347			}
1348			}
1349
1350	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1351	f19d3b7a	Scott Ullrich	global $config;
1352	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1353			$mt = microtime();
1354	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1355	58c7450e	Scott Ullrich	}
1356	243aa7b9	Scott Ullrich
1357	6df9d7e3	Scott Ullrich	activate_sysctls();
1358
1359	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1360			system_disable_arp_wrong_if();
1361			}
1362			}
1363
1364			function system_disable_arp_wrong_if() {
1365	f19d3b7a	Scott Ullrich	global $config;
1366	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1367			$mt = microtime();
1368	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1369	333f8ef0	Scott Ullrich	}
1370	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1371	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1372	3ff9d424	Scott Ullrich	}
1373
1374	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1375	f19d3b7a	Scott Ullrich	global $config;
1376	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1377			$mt = microtime();
1378	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1379	58c7450e	Scott Ullrich	}
1380	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1381	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1382	243aa7b9	Scott Ullrich	}
1383
1384	a199b93e	Scott Ullrich	function enable_watchdog() {
1385			global $config;
1386	1a479479	Scott Ullrich	return;
1387	a199b93e	Scott Ullrich	$install_watchdog = false;
1388			$supported_watchdogs = array("Geode");
1389			$file = file_get_contents("/var/log/dmesg.boot");
1390			foreach($supported_watchdogs as $sd) {
1391			if(stristr($file, "Geode")) {
1392			$install_watchdog = true;
1393			}
1394			}
1395			if($install_watchdog == true) {
1396	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1397	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1398	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1399	a199b93e	Scott Ullrich	}
1400			}
1401	15f14889	Scott Ullrich
1402			function system_check_reset_button() {
1403	fa83737d	Scott Ullrich	global $g;
1404	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1405	fa83737d	Scott Ullrich	return 0;
1406	15f14889	Scott Ullrich
1407	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1408
1409	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1410			return 0;
1411
1412			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1413
1414			if ($retval == 99) {
1415			/* user has pressed reset button for 2 seconds -
1416			reset to factory defaults */
1417			echo <<<EOD
1418
1419			***********************************************************************
1420			* Reset button pressed - resetting configuration to factory defaults. *
1421			* The system will reboot after this completes. *
1422			***********************************************************************
1423
1424
1425			EOD;
1426
1427			reset_factory_defaults();
1428			system_reboot_sync();
1429			exit(0);
1430			}
1431
1432			return 0;
1433			}
1434
1435	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1436			Returns an array with two elements:
1437			name => platform string (e.g. 'wrap', 'alix' etc.)
1438			descr => human-readable description (e.g. "PC Engines WRAP")
1439			*/
1440			function system_identify_specific_platform() {
1441			global $g;
1442
1443			if ($g['platform'] == 'generic-pc')
1444			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1445
1446			if ($g['platform'] == 'generic-pc-cdrom')
1447			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1448
1449			/* the rest of the code only deals with 'embedded' platforms */
1450	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1451	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1452
1453			$dmesg = system_get_dmesg_boot();
1454
1455			if (strpos($dmesg, "PC Engines WRAP") !== false)
1456			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1457
1458			if (strpos($dmesg, "PC Engines ALIX") !== false)
1459			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1460
1461			if (preg_match("/Soekris net45../", $dmesg, $matches))
1462			return array('name' => 'net45xx', 'descr' => $matches[0]);
1463
1464			if (preg_match("/Soekris net48../", $dmesg, $matches))
1465			return array('name' => 'net48xx', 'descr' => $matches[0]);
1466
1467			if (preg_match("/Soekris net55../", $dmesg, $matches))
1468			return array('name' => 'net55xx', 'descr' => $matches[0]);
1469
1470			/* unknown embedded platform */
1471			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1472			}
1473
1474			function system_get_dmesg_boot() {
1475			global $g;
1476	d16af75d	Scott Ullrich
1477	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1478			}
1479
1480	673e8095	Scott Ullrich	?>

Project

General

Profile

pfSense