/src/usr/local/www/status.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/status.php @ 8f5dbb0c

1	5b237745	Scott Ullrich	<?php
2	919d91f9	Phil Davis	/*
3	ac24dc24	Renato Botelho	* status.php
4	5b237745	Scott Ullrich	*
5	ac24dc24	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	ac24dc24	Renato Botelho	* All rights reserved.
10	29aef6c4	Jim Thompson	*
11	ac24dc24	Renato Botelho	* originally based on m0n0wall (http://neon1.net/m0n0wall)
12			* Copyright (c) 2003 Jim McBeath <jimmc@macrovision.com>
13			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
14			* All rights reserved.
15	191cb31d	Stephen Beaver	*
16	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
17			* you may not use this file except in compliance with the License.
18			* You may obtain a copy of the License at
19	191cb31d	Stephen Beaver	*
20	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
21	191cb31d	Stephen Beaver	*
22	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
23			* distributed under the License is distributed on an "AS IS" BASIS,
24			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25			* See the License for the specific language governing permissions and
26			* limitations under the License.
27	191cb31d	Stephen Beaver	*/
28	6b07c15a	Matthew Grooms
29			##\|+PRIV
30			##\|*IDENT=page-hidden-detailedstatus
31	5230f468	jim-p	##\|*NAME=Hidden: Detailed Status
32	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'Hidden: Detailed Status' page.
33			##\|MATCH=status.php
34			##\|-PRIV
35	5b237745	Scott Ullrich
36			/* Execute a command, with a title, and generate an HTML table
37			* showing the results.
38			*/
39	1d169baa	Bill Marquette
40	6c17da07	jim-p	global $console;
41			global $show_output;
42
43			$console = false;
44			$show_output = !isset($_GET['archiveonly']);
45
46			if ((php_sapi_name() == 'cli') \|\| (defined('STDIN'))) {
47			/* Running from console/shell, not web */
48			$console = true;
49			$show_output = false;
50			parse_str($argv[1], $_GET);
51			}
52
53	1d169baa	Bill Marquette	/* include all configuration functions */
54	6c17da07	jim-p	if ($console) {
55			require_once("config.inc");
56			} else {
57			require_once("guiconfig.inc");
58			}
59	1d169baa	Bill Marquette	require_once("functions.inc");
60	84fe48d4	jim-p	require_once("gwlb.inc");
61	6f62e89f	jim-p	$output_path = "/tmp/status_output/";
62			$output_file = "/tmp/status_output.tgz";
63	1d169baa	Bill Marquette
64	9858a361	jim-p	$filtered_tags = array(
65	55cf9910	Renato Botelho do Couto	'accountkey', 'authorizedkeys', 'auth_pass',
66	fd33f774	Viktor G	'auth_server_shared_secret', 'auth_server_shared_secret2', 'auth_user',
67	405f04f7	Viktor G	'barnyard_dbpwd', 'bcrypt-hash', 'cert_key', 'community', 'crypto_password',
68	f1895d6a	Viktor G	'crypto_password2', 'dns_nsupdatensupdate_key', 'ddnsdomainkey', 'encryption_password',
69	24994f9a	jim-p	'etpro_code', 'etprocode', 'gold_encryption_password', 'gold_password',
70	787e634e	Viktor Gurov	'influx_pass', 'ipsecpsk', 'ldap_bindpw', 'ldapbindpass', 'ldap_pass',
71	50867e7d	Viktor G	'lighttpd_ls_password', 'maxmind_geoipdb_key', 'maxmind_key', 'md5-hash',
72	55cf9910	Renato Botelho do Couto	'md5password', 'md5sigkey', 'md5sigpass', 'nt-hash', 'oinkcode',
73			'oinkmastercode', 'passphrase', 'password', 'passwordagain',
74	c3c257e4	jim-p	'pkcs11pin', 'postgresqlpasswordenc', 'presharedkey', 'pre-shared-key', 'privatekey', 'proxypass',
75	50867e7d	Viktor G	'proxy_passwd', 'proxyuser', 'proxy_user', 'prv', 'radius_secret',
76	51a34b1f	Viktor G	'redis_password', 'redis_passwordagain', 'rocommunity', 'secret', 'secret2', 'securiteinfo_id',
77			'serverauthkey', 'shared_key', 'stats_password', 'tls', 'tlspskidentity', 'tlspskfile',
78	e8bf78f2	Viktor G	'varclientpasswordinput', 'varclientsharedsecret', 'varsqlconfpassword',
79	50867e7d	Viktor G	'varsqlconf2password', 'varsyncpassword', 'varmodulesldappassword', 'varmodulesldap2password',
80			'varusersmotpinitsecret', 'varusersmotppin', 'varuserspassword', 'webrootftppassword'
81	9858a361	jim-p	);
82
83	6fee2381	Viktor G	$acme_filtered_tags = array('key', 'password', 'secret', 'token', 'pwd', 'pw');
84
85	f7a72733	jim-p	if ($_POST['submit'] == "DOWNLOAD" && file_exists($output_file)) {
86			session_cache_limiter('public');
87	ecb594d0	jim-p	send_user_download('file', $output_file);
88	f7a72733	jim-p	}
89
90	289b91c8	jim-p	if (is_dir($output_path)) {
91			unlink_if_exists("{$output_path}/*");
92			@rmdir($output_path);
93			}
94			unlink_if_exists($output_file);
95			mkdir($output_path);
96
97	84fe48d4	jim-p	function doCmdT($title, $command, $method) {
98	6fee2381	Viktor G	global $output_path, $output_file, $filtered_tags, $acme_filtered_tags, $show_output;
99	6f62e89f	jim-p	/* Fixup output directory */
100
101	6c17da07	jim-p	if ($show_output) {
102			$rubbish = array('\|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
103			echo "\n<a name=\"" . str_replace($rubbish, '', $title) . "\" id=\"" . str_replace($rubbish, '', $title) . "\"></a>\n";
104			print('<div class="panel panel-default">');
105			print('<div class="panel-heading"><h2 class="panel-title">' . $title . '</h2></div>');
106			print('<div class="panel-body">');
107			print('<pre>');
108			}
109	f997992b	Scott Ullrich
110	5b237745	Scott Ullrich	if ($command == "dumpconfigxml") {
111	6f62e89f	jim-p	$ofd = @fopen("{$output_path}/config-sanitized.xml", "w");
112	5b237745	Scott Ullrich	$fd = @fopen("/conf/config.xml", "r");
113			if ($fd) {
114			while (!feof($fd)) {
115			$line = fgets($fd);
116	70069758	Bill Marquette	/* remove sensitive contents */
117	9858a361	jim-p	foreach ($filtered_tags as $tag) {
118			$line = preg_replace("/<{$tag}>.*?<\\/{$tag}>/", "<{$tag}>xxxxx</{$tag}>", $line);
119			}
120	6fee2381	Viktor G	/* remove ACME pkg sensitive contents */
121			foreach ($acme_filtered_tags as $tag) {
122			$line = preg_replace("/<dns_(.+){$tag}>.*?<\\/dns_(.+){$tag}>/", "<dns_$1{$tag}>xxxxx</dns_$1{$tag}>", $line);
123			}
124	6c17da07	jim-p	if ($show_output) {
125			echo htmlspecialchars(str_replace("\t", " ", $line), ENT_NOQUOTES);
126			}
127	6f62e89f	jim-p	fwrite($ofd, $line);
128	5b237745	Scott Ullrich	}
129			}
130			fclose($fd);
131	6f62e89f	jim-p	fclose($ofd);
132	5b237745	Scott Ullrich	} else {
133	767a716e	Scott Ullrich	$execOutput = "";
134			$execStatus = "";
135	6c17da07	jim-p	$fn = "{$output_path}/{$title}.txt";
136	84fe48d4	jim-p	if ($method == "exec") {
137	6c17da07	jim-p	exec($command . " > " . escapeshellarg($fn) . " 2>&1", $execOutput, $execStatus);
138			if ($show_output) {
139			$ofd = @fopen($fn, "r");
140			if ($ofd) {
141			while (!feof($ofd)) {
142			echo htmlspecialchars(fgets($ofd), ENT_NOQUOTES);
143			}
144			}
145			fclose($ofd);
146			}
147	84fe48d4	jim-p	} elseif ($method == "php_func") {
148	6c17da07	jim-p	$execOutput = $command();
149			if ($show_output) {
150			echo htmlspecialchars($execOutput, ENT_NOQUOTES);
151	5b237745	Scott Ullrich	}
152	6c17da07	jim-p	file_put_contents($fn, $execOutput);
153	5b237745	Scott Ullrich	}
154			}
155	454cec57	sbeaver
156	6c17da07	jim-p	if ($show_output) {
157			print('</pre>');
158			print('</div>');
159			print('</div>');
160			}
161	5b237745	Scott Ullrich	}
162
163			/* Define a command, with a title, to be executed later. */
164	84fe48d4	jim-p	function defCmdT($title, $command, $method = "exec") {
165	2151894c	Colin Fleming	global $commands;
166	6c07db48	Phil Davis	$title = htmlspecialchars($title, ENT_NOQUOTES);
167	84fe48d4	jim-p	$commands[] = array($title, $command, $method);
168	5b237745	Scott Ullrich	}
169
170			/* List all of the commands as an index. */
171			function listCmds() {
172	454cec57	sbeaver	global $currentDate;
173	2151894c	Colin Fleming	global $commands;
174	454cec57	sbeaver
175			$rubbish = array('\|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
176
177			print('<div class="panel panel-default">');
178	7f0d6ccf	Phil Davis	print('<div class="panel-heading"><h2 class="panel-title">' . sprintf(gettext("Firewall Status on %s"), $currentDate) . '</h2></div>');
179	abe98adb	Phil Davis	print('<div class="panel-body">');
180			print(' <div class="content">');
181	454cec57	sbeaver	print("\n<p>" . gettext("This status page includes the following information") . ":\n");
182			print("<ul>\n");
183	abe98adb	Phil Davis	for ($i = 0; isset($commands[$i]); $i++) {
184			print("\t<li><strong><a href=\"#" . str_replace($rubbish, '', $commands[$i][0]) . "\">" . $commands[$i][0] . "</a></strong></li>\n");
185	2151894c	Colin Fleming	}
186	454cec57	sbeaver
187			print("</ul>\n");
188	2ca4eec2	Jared Dillard	print(' </div>');
189	454cec57	sbeaver	print(' </div>');
190			print('</div>');
191	5b237745	Scott Ullrich	}
192
193			/* Execute all of the commands which were defined by a call to defCmd. */
194			function execCmds() {
195	2151894c	Colin Fleming	global $commands;
196	6c07db48	Phil Davis	for ($i = 0; isset($commands[$i]); $i++) {
197	84fe48d4	jim-p	doCmdT($commands[$i][0], $commands[$i][1], $commands[$i][2]);
198			}
199			}
200
201			function get_firewall_info() {
202			global $g, $output_path;
203			/* Firewall Platform/Serial */
204	573ec19d	Renato Botelho do Couto	$firewall_info = "Product Name: " . htmlspecialchars($g['product_label']);
205	84fe48d4	jim-p	$platform = system_identify_specific_platform();
206			if (!empty($platform['descr'])) {
207	a2da1706	jim-p	$firewall_info .= "<br/>Platform: " . htmlspecialchars($platform['descr']);
208	2151894c	Colin Fleming	}
209	fcc24426	jim-p
210			if (file_exists('/var/db/uniqueid')) {
211			$ngid = file_get_contents('/var/db/uniqueid');
212			if (!empty($ngid)) {
213			$firewall_info .= "<br/>Netgate Device ID: " . htmlspecialchars($ngid);
214			}
215			}
216
217	12cf8e3f	jim-p	if (function_exists("system_get_thothid") &&
218			(php_uname("m") == "arm64")) {
219	6c17da07	jim-p	$thothid = system_get_thothid();
220			if (!empty($thothid)) {
221			$firewall_info .= "<br/>Netgate Crypto ID: " . htmlspecialchars(chop($thothid));
222			}
223			}
224
225	84fe48d4	jim-p	$serial = system_get_serial();
226			if (!empty($serial)) {
227	df89ed3a	Renato Botelho	$firewall_info .= "<br/>Serial: " . htmlspecialchars($serial);
228	84fe48d4	jim-p	}
229	a2da1706	jim-p
230			if (!empty($g['product_version_string'])) {
231	573ec19d	Renato Botelho do Couto	$firewall_info .= "<br/>" . htmlspecialchars($g['product_label']) .
232	a2da1706	jim-p	" version: " . htmlspecialchars($g['product_version_string']);
233			}
234
235			if (file_exists('/etc/version.buildtime')) {
236			$build_time = file_get_contents('/etc/version.buildtime');
237			if (!empty($build_time)) {
238			$firewall_info .= "<br/>Built On: " . htmlspecialchars($build_time);
239			}
240			}
241			if (file_exists('/etc/version.lastcommit')) {
242			$build_commit = file_get_contents('/etc/version.lastcommit');
243			if (!empty($build_commit)) {
244			$firewall_info .= "<br/>Last Commit: " . htmlspecialchars($build_commit);
245			}
246			}
247
248			if (file_exists('/etc/version.gitsync')) {
249			$gitsync = file_get_contents('/etc/version.gitsync');
250			if (!empty($gitsync)) {
251			$firewall_info .= "<br/>A gitsync was performed at " .
252			date("D M j G:i:s T Y", filemtime('/etc/version.gitsync')) .
253			" to commit " . htmlspecialchars($gitsync);
254			}
255			}
256
257	2309b26a	jim-p	file_put_contents("{$output_path}/Product-Info.txt", str_replace("<br/>", "\n", $firewall_info) . "\n");
258	84fe48d4	jim-p	return $firewall_info;
259			}
260
261			function get_gateway_status() {
262			return return_gateways_status_text(true, false);
263	5b237745	Scott Ullrich	}
264
265	58f2f42a	Renato Botelho	global $g, $config;
266	1d169baa	Bill Marquette
267	5b237745	Scott Ullrich	/* Set up all of the commands we want to execute. */
268	289b91c8	jim-p
269	84fe48d4	jim-p	/* OS stats/info */
270	12cf8e3f	jim-p	if (function_exists("system_get_thothid") &&
271			(php_uname("m") == "arm64")) {
272	2309b26a	jim-p	$thothid = system_get_thothid();
273			if (!empty($thothid)) {
274	80e50918	jim-p	defCmdT("Product-Public Key", "/usr/local/sbin/ping-auth -p");
275	2309b26a	jim-p	}
276			}
277
278	84fe48d4	jim-p	defCmdT("OS-Uptime", "/usr/bin/uptime");
279	c3c257e4	jim-p	defCmdT("Network-Interfaces", '/sbin/ifconfig -vvvvvam \| /usr/bin/sed "s/$[[:blank:]]private-key: $.*/\1<redacted>/"');
280	84fe48d4	jim-p	defCmdT("Network-Interface Statistics", "/usr/bin/netstat -nWi");
281			defCmdT("Process-Top Usage", "/usr/bin/top \| /usr/bin/head -n5");
282			defCmdT("Process-List", "/bin/ps xauwwd");
283			defCmdT("Disk-Mounted Filesystems", "/sbin/mount");
284			defCmdT("Disk-Free Space", "/bin/df -hi");
285			defCmdT("Network-Routing tables", "/usr/bin/netstat -nWr");
286			defCmdT("Network-Gateway Status", 'get_gateway_status', "php_func");
287			defCmdT("Network-Mbuf Usage", "/usr/bin/netstat -mb");
288			defCmdT("Network-Protocol Statistics", "/usr/bin/netstat -s");
289	6252b470	jim-p	defCmdT("Network-Buffer and Timer Statistics", "/usr/bin/netstat -nWx");
290	6c17da07	jim-p	defCmdT("Network-Listen Queues", "/usr/bin/netstat -LaAn");
291	84fe48d4	jim-p	defCmdT("Network-Sockets", "/usr/bin/sockstat");
292			defCmdT("Network-ARP Table", "/usr/sbin/arp -an");
293			defCmdT("Network-NDP Table", "/usr/sbin/ndp -na");
294	b943d20d	jim-p	defCmdT("OS-Kernel Modules", "/sbin/kldstat -v");
295	84fe48d4	jim-p	defCmdT("OS-Kernel VMStat", "/usr/bin/vmstat -afimsz");
296	37502a4a	Scott Ullrich
297	03ce1107	jim-p	/* If a device has a switch, put the switch configuration in the status output */
298			if (file_exists("/dev/etherswitch0")) {
299			defCmdT("Network-Switch Configuration", "/sbin/etherswitchcfg -f /dev/etherswitch0 info");
300			}
301
302	289b91c8	jim-p	/* Firewall rules and info */
303	84fe48d4	jim-p	defCmdT("Firewall-Generated Ruleset", "/bin/cat {$g['tmp_path']}/rules.debug");
304			defCmdT("Firewall-Generated Ruleset Limiters", "/bin/cat {$g['tmp_path']}/rules.limiter");
305			defCmdT("Firewall-Generated Ruleset Limits", "/bin/cat {$g['tmp_path']}/rules.limits");
306			defCmdT("Firewall-pf NAT Rules", "/sbin/pfctl -vvsn");
307			defCmdT("Firewall-pf Firewall Rules", "/sbin/pfctl -vvsr");
308			defCmdT("Firewall-pf Tables", "/sbin/pfctl -vs Tables");
309			defCmdT("Firewall-pf State Table Contents", "/sbin/pfctl -vvss");
310			defCmdT("Firewall-pf Info", "/sbin/pfctl -si");
311			defCmdT("Firewall-pf Show All", "/sbin/pfctl -sa");
312			defCmdT("Firewall-pf Queues", "/sbin/pfctl -s queue -v");
313			defCmdT("Firewall-pf OSFP", "/sbin/pfctl -s osfp");
314			defCmdT("Firewall-pftop Default", "/usr/local/sbin/pftop -a -b");
315			defCmdT("Firewall-pftop Long", "/usr/local/sbin/pftop -w 150 -a -b -v long");
316			defCmdT("Firewall-pftop Queue", "/usr/local/sbin/pftop -w 150 -a -b -v queue");
317			defCmdT("Firewall-pftop Rules", "/usr/local/sbin/pftop -w 150 -a -b -v rules");
318			defCmdT("Firewall-pftop Size", "/usr/local/sbin/pftop -w 150 -a -b -v size");
319			defCmdT("Firewall-pftop Speed", "/usr/local/sbin/pftop -w 150 -a -b -v speed");
320			defCmdT("Firewall-IPFW Rules for Captive Portal", "/sbin/ipfw show");
321			defCmdT("Firewall-IPFW Limiter Info", "/sbin/ipfw pipe show");
322			defCmdT("Firewall-IPFW Queue Info", "/sbin/ipfw queue show");
323	47f555e2	jim-p	defCmdT("Firewall-IPFW Tables", "/sbin/ipfw table all list");
324	84fe48d4	jim-p
325	6f62e89f	jim-p	/* Configuration Files */
326	84fe48d4	jim-p	defCmdT("Disk-Contents of var run", "/bin/ls /var/run");
327			defCmdT("Disk-Contents of conf", "/bin/ls /conf");
328	abe98adb	Phil Davis	defCmdT("config.xml", "dumpconfigxml");
329	84fe48d4	jim-p	defCmdT("DNS-Resolution Configuration", "/bin/cat /etc/resolv.conf");
330	9edd02bb	Viktor G	defCmdT("DNS-Resolver Access Lists", "/bin/cat /var/unbound/access_lists.conf");
331			defCmdT("DNS-Resolver Configuration", "/bin/cat /var/unbound/unbound.conf");
332			defCmdT("DNS-Resolver Domain Overrides", "/bin/cat /var/unbound/domainoverrides.conf");
333			defCmdT("DNS-Resolver Host Overrides", "/bin/cat /var/unbound/host_entries.conf");
334	f1895d6a	Viktor G	defCmdT("DHCP-IPv4 Configuration", '/usr/bin/sed "s/$[[:blank:]]secret $.*/\1<redacted>/" /var/dhcpd/etc/dhcpd.conf');
335			defCmdT("DHCP-IPv6-Configuration", '/usr/bin/sed "s/$[[:blank:]]secret $.*/\1<redacted>/" /var/dhcpd/etc/dhcpdv6.conf');
336	6c665431	jim-p	defCmdT("IPsec-strongSwan Configuration", '/usr/bin/sed "s/$[[:blank:]]secret = $.*/\1<redacted>/" /var/etc/ipsec/strongswan.conf');
337	ab9a819b	Viktor G	defCmdT("IPsec-Configuration", '/usr/bin/sed -E "s/([[:blank:]](secret\|pin) = )./\1<redacted>/" /var/etc/ipsec/swanctl.conf');
338	c6220dcf	jim-p	defCmdT("IPsec-Status-Statistics", "/usr/local/sbin/swanctl --stats --pretty");
339			defCmdT("IPsec-Status-Connections", "/usr/local/sbin/swanctl --list-conns");
340			defCmdT("IPsec-Status-Active SAs", "/usr/local/sbin/swanctl --list-sas");
341			defCmdT("IPsec-Status-Policies", "/usr/local/sbin/swanctl --list-pols");
342			defCmdT("IPsec-Status-Certificates", "/usr/local/sbin/swanctl --list-certs --utc");
343			defCmdT("IPsec-Status-Pools", "/usr/local/sbin/swanctl --list-pools --leases");
344	84fe48d4	jim-p	defCmdT("IPsec-SPD", "/sbin/setkey -DP");
345			defCmdT("IPsec-SAD", "/sbin/setkey -D");
346	6f62e89f	jim-p	if (file_exists("/cf/conf/upgrade_log.txt")) {
347	84fe48d4	jim-p	defCmdT("OS-Upgrade Log", "/bin/cat /cf/conf/upgrade_log.txt");
348	6f62e89f	jim-p	}
349	6c773de2	Viktor Gurov	if (file_exists("/cf/conf/upgrade_log.latest.txt")) {
350			defCmdT("OS-Upgrade Log Latest", "/bin/cat /cf/conf/upgrade_log.latest.txt");
351			}
352	6f62e89f	jim-p	if (file_exists("/boot/loader.conf")) {
353	84fe48d4	jim-p	defCmdT("OS-Boot Loader Configuration", "/bin/cat /boot/loader.conf");
354	6f62e89f	jim-p	}
355			if (file_exists("/boot/loader.conf.local")) {
356	84fe48d4	jim-p	defCmdT("OS-Boot Loader Configuration (Local)", "/bin/cat /boot/loader.conf.local");
357	6f62e89f	jim-p	}
358			if (file_exists("/var/etc/filterdns.conf")) {
359	84fe48d4	jim-p	defCmdT("DNS-filterdns Daemon Configuration", "/bin/cat /var/etc/filterdns.conf");
360	6f62e89f	jim-p	}
361	84fe48d4	jim-p
362	edc7e81f	jim-p	if (is_dir("/var/etc/openvpn")) {
363			foreach(glob('/var/etc/openvpn/*/config.ovpn') as $file) {
364			$ovpnfile = explode('/', $file);
365			if (!count($ovpnfile) \|\| (count($ovpnfile) < 6)) {
366			continue;
367			}
368			defCmdT("OpenVPN-Configuration {$ovpnfile[4]}", "/bin/cat " . escapeshellarg($file));
369			}
370			}
371
372	c3c257e4	jim-p	if (is_dir("/etc/wg")) {
373			foreach(glob('/etc/wg/*.conf') as $file) {
374			$wgfile = explode('/', $file);
375			if (!count($wgfile) \|\| (count($wgfile) < 4)) {
376			continue;
377			}
378	294bb15c	Viktor G	defCmdT("WireGuard-Configuration File {$wgfile[3]}", '/usr/bin/sed -E "s/([[:blank:]]((PrivateKey\|PresharedKey) = ))./\1<redacted>/" ' . escapeshellarg($file) );
379	c3c257e4	jim-p	}
380			}
381			defCmdT("WireGuard-Active Configuration", "/usr/local/bin/wg");
382
383	ef1bc81d	Viktor G	if (file_exists("/var/etc/l2tp-vpn/mpd.conf")) {
384			defCmdT("L2TP-Configuration", '/usr/bin/sed -E "s/([[:blank:]](secret\|radius server .) )./\1<redacted>/" /var/etc/l2tp-vpn/mpd.conf');
385			}
386
387	db95baf1	Viktor G	/* Config History */
388			$confvers = get_backups();
389			unset($confvers['versions']);
390			if (count($confvers) != 0) {
391			for ($c = count($confvers)-1; $c >= 0; $c--) {
392			$conf_history .= backup_info($confvers[$c], $c+1);
393			$conf_history .= "\n";
394			}
395			defCmdT("Config History", "echo " . escapeshellarg($conf_history));
396			}
397
398	84fe48d4	jim-p	/* Logs */
399	03cdd6ad	jim-p	function status_add_log($name, $logfile, $number = 1000) {
400			if (!file_exists($logfile)) {
401			return;
402			}
403			$descr = "Log-{$name}";
404			$tail = '';
405			if ($number != "all") {
406			$descr .= "-Last {$number} entries";
407			$tail = ' \| tail -n ' . escapeshellarg($number);
408			}
409			defCmdT($descr, system_log_get_cat() . ' ' . sort_related_log_files($logfile, true, true) . $tail);
410	6f62e89f	jim-p	}
411	03cdd6ad	jim-p
412			status_add_log("System", '/var/log/system.log');
413			status_add_log("DHCP", '/var/log/dhcpd.log');
414			status_add_log("Filter", '/var/log/filter.log');
415			status_add_log("Gateways", '/var/log/gateways.log');
416			status_add_log("IPsec", '/var/log/ipsec.log');
417			status_add_log("L2TP", '/var/log/l2tps.log');
418			status_add_log("NTP", '/var/log/ntpd.log');
419			status_add_log("OpenVPN", '/var/log/openvpn.log');
420			status_add_log("Captive Portal Authentication", '/var/log/portalauth.log');
421			status_add_log("PPP", '/var/log/ppp.log');
422			status_add_log("PPPoE Server", '/var/log/poes.log');
423			status_add_log("DNS", '/var/log/resolver.log');
424			status_add_log("Routing", '/var/log/routing.log');
425			status_add_log("Wireless", '/var/log/wireless.log');
426			status_add_log("PHP Errors", '/tmp/PHP_errors.log', 'all');
427
428	84fe48d4	jim-p	defCmdT("OS-Message Buffer", "/sbin/dmesg -a");
429			defCmdT("OS-Message Buffer (Boot)", "/bin/cat /var/log/dmesg.boot");
430
431			/* OS/Hardware Status */
432	3c44c845	Luiz Souza	defCmdT("OS-sysctl values", "/sbin/sysctl -aq");
433	84fe48d4	jim-p	defCmdT("OS-Kernel Environment", "/bin/kenv");
434	df586293	jim-p	defCmdT("OS-Kernel Memory Usage", "/usr/local/sbin/kmemusage.sh");
435	b943d20d	jim-p	defCmdT("OS-Installed Packages", "/usr/local/sbin/pkg-static info");
436			defCmdT("OS-Package Manager Configuration", "/usr/local/sbin/pkg-static -vv");
437	84fe48d4	jim-p	defCmdT("Hardware-PCI Devices", "/usr/sbin/pciconf -lvb");
438			defCmdT("Hardware-USB Devices", "/usr/sbin/usbconfig dump_device_desc");
439	387dbe43	jim-p
440			if (is_module_loaded("zfs.ko")) {
441			defCmdT("Disk-ZFS List", "/sbin/zfs list");
442			defCmdT("Disk-ZFS Properties", "/sbin/zfs get all");
443			defCmdT("Disk-ZFS Pool List", "/sbin/zpool list");
444			defCmdT("Disk-ZFS Pool Status", "/sbin/zpool status");
445			}
446	a2da1706	jim-p	defCmdT("Disk-GEOM Mirror Status", "/sbin/gmirror status");
447	9cd0b618	Scott Ullrich
448	5b237745	Scott Ullrich	exec("/bin/date", $dateOutput, $dateStatus);
449			$currentDate = $dateOutput[0];
450
451	573ec19d	Renato Botelho do Couto	$pgtitle = array($g['product_label'], "Status");
452	6c17da07	jim-p
453			if (!$console):
454	f7a72733	jim-p	include("head.inc"); ?>
455
456			<form action="status.php" method="post">
457	4df96eff	Scott Ullrich
458	f7a72733	jim-p	<?php print_info_box(
459	6c17da07	jim-p	gettext("Make sure all sensitive information is removed! (Passwords, etc.) before posting information from this page in public places such as forum or social media sites.") .
460	7f0d6ccf	Phil Davis	'<br />' .
461	6c17da07	jim-p	gettext("Common password and other private fields in config.xml have been automatically redacted.") .
462	7f0d6ccf	Phil Davis	'<br />' .
463	f7a72733	jim-p	sprintf(gettext('When the page has finished loading, the output is stored in %1$s. It may be downloaded via scp or using this button: '), $output_file) .
464			' <button name="submit" type="submit" class="btn btn-primary btn-sm" id="download" value="DOWNLOAD">' .
465			'<i class="fa fa-download icon-embed-btn"></i>' .
466			gettext("Download") .
467			'</button>'); ?>
468
469			</form>
470	5b237745	Scott Ullrich
471	f7a72733	jim-p	<?php print_info_box(get_firewall_info(), 'info', false);
472	84fe48d4	jim-p
473	6c17da07	jim-p	if ($show_output) {
474			listCmds();
475			} else {
476			print_info_box(gettext("Status output suppressed. Download archive to view."), 'info', false);
477			}
478
479			endif;
480
481			if ($console) {
482			print(gettext("Gathering status data...") . "\n");
483	2309b26a	jim-p	get_firewall_info();
484	6c17da07	jim-p	}
485	454cec57	sbeaver	execCmds();
486	5b237745	Scott Ullrich
487	6543ffa4	Stephen Beaver	print(gettext("Saving output to archive..."));
488
489			if (is_dir($output_path)) {
490			mwexec("/usr/bin/tar czpf " . escapeshellarg($output_file) . " -C " . escapeshellarg(dirname($output_path)) . " " . escapeshellarg(basename($output_path)));
491	6c17da07	jim-p
492			if (!isset($_GET["nocleanup"])) {
493			unlink_if_exists("{$output_path}/*");
494			@rmdir($output_path);
495			}
496	6543ffa4	Stephen Beaver	}
497
498	6c17da07	jim-p	print(gettext("Done.") . "\n");
499	6543ffa4	Stephen Beaver
500	6c17da07	jim-p	if (!$console) {
501			include("foot.inc");
502			}

Project

General

Profile

pfSense