Project

General

Profile

Download (43.2 KB) Statistics
| Branch: | Tag: | Revision:
1 5b237745 Scott Ullrich
<?php
2 307cd525 Bill Marquette
/* $Id$ */
3 5b237745 Scott Ullrich
/*
4
	system.inc
5
	part of m0n0wall (http://m0n0.ch/wall)
6 0f282d7a Scott Ullrich
7 5b237745 Scott Ullrich
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8
	All rights reserved.
9 0f282d7a Scott Ullrich
10 5b237745 Scott Ullrich
	Redistribution and use in source and binary forms, with or without
11
	modification, are permitted provided that the following conditions are met:
12 0f282d7a Scott Ullrich
13 5b237745 Scott Ullrich
	1. Redistributions of source code must retain the above copyright notice,
14
	   this list of conditions and the following disclaimer.
15 0f282d7a Scott Ullrich
16 5b237745 Scott Ullrich
	2. Redistributions in binary form must reproduce the above copyright
17
	   notice, this list of conditions and the following disclaimer in the
18
	   documentation and/or other materials provided with the distribution.
19 0f282d7a Scott Ullrich
20 5b237745 Scott Ullrich
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
	POSSIBILITY OF SUCH DAMAGE.
30
*/
31
32 523855b0 Scott Ullrich
/*
33
	pfSense_BUILDER_BINARIES:	/usr/sbin/powerd	/usr/bin/killall	/sbin/sysctl	/sbin/route
34 fb85533d Ermal
	pfSense_BUILDER_BINARIES:	/bin/hostname	/bin/ls	/usr/sbin/syslogd	
35 523855b0 Scott Ullrich
	pfSense_BUILDER_BINARIES:	/usr/sbin/pccardd	/usr/local/sbin/lighttpd	/bin/chmod 	/bin/mkdir
36 5ba5a8de Scott Ullrich
	pfSense_BUILDER_BINARIES:	/usr/bin/tar		/usr/local/sbin/ntpd	/usr/sbin/ntpdate
37 c3b13d60 jim-p
	pfSense_BUILDER_BINARIES:	/usr/bin/nohup	/sbin/dmesg	/usr/local/sbin/atareinit	/sbin/kldload
38 523855b0 Scott Ullrich
	pfSense_MODULE:	utils
39
*/
40 0f282d7a Scott Ullrich
41 8e9fa41d Scott Ullrich
function activate_powerd() {
42
	global $config, $g;
43
	if(isset($config['system']['powerd_enable'])) {
44 c3b13d60 jim-p
		if ($g["platform"] == "nanobsd")
45
			exec("/sbin/kldload cpufreq");
46 8e9fa41d Scott Ullrich
		exec("/usr/sbin/powerd -b adp -a adp");
47
	} else {
48 1e5c49aa sullrich
		if(is_process_running("powerd"))
49
			exec("/usr/bin/killall powerd");
50 8e9fa41d Scott Ullrich
	}
51
}
52
53 3a35f55f Scott Ullrich
function get_default_sysctl_value($id) {
54
	global $sysctls;
55 f3c91cb5 Erik Fonnesbeck
56
	if (isset($sysctls[$id]))
57
		return $sysctls[$id];
58 3a35f55f Scott Ullrich
}
59
60 6df9d7e3 Scott Ullrich
function activate_sysctls() {
61
	global $config, $g;
62 08c7e2e3 Chris Buechler
	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63 ddcb7b8c Bill Marquette
	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64 08c7e2e3 Chris Buechler
	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65 c0192947 Scott Ullrich
	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66 99e88aa0 Ermal Luçi
67 3a35f55f Scott Ullrich
	if(is_array($config['sysctl'])) {
68 cac19f50 Scott Ullrich
		foreach($config['sysctl']['item'] as $tunable) {
69 b2d0140c Scott Ullrich
			if($tunable['value'] == "default") {
70
				$value = get_default_sysctl_value($tunable['tunable']);
71
				mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value .  "\"");
72
			} else { 
73 09f82b11 Administrator
				mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] .  "\"");
74 b2d0140c Scott Ullrich
			}
75 d0b461f5 sullrich
		}
76
	}
77 6df9d7e3 Scott Ullrich
}
78
79 5b237745 Scott Ullrich
function system_resolvconf_generate($dynupdate = false) {
80 c3f535c0 Seth Mos
	global $config, $g;
81
82
	if(isset($config['system']['developerspew'])) {
83
		$mt = microtime();
84
		echo "system_resolvconf_generate() being called $mt\n";
85
	}
86 ef217c69 Scott Ullrich
87 30cee7b2 Scott Ullrich
	$syscfg = $config['system'];
88 ef217c69 Scott Ullrich
89 53bbbf04 Scott Ullrich
	// Do not create blank domain lines, it breaks tools like dig.
90
	if($syscfg['domain'])
91
		$resolvconf = "domain {$syscfg['domain']}\n";
92 ef217c69 Scott Ullrich
93 6a4ec785 jim-p
	if (isset($config['dnsmasq']['enable']) && !isset($config['system']['dnslocalhost']))
94 89289853 Ermal
		$resolvconf .= "nameserver 127.0.0.1\n";
95 6265b041 Ermal
96 30cee7b2 Scott Ullrich
	if (isset($syscfg['dnsallowoverride'])) {
97 c3f535c0 Seth Mos
		/* get dynamically assigned DNS servers (if any) */
98 86dcdfc9 Ermal
		$ns = array_unique(get_searchdomains());
99
		foreach($ns as $searchserver) {
100 b03bf7ab Ermal
			if($searchserver)
101 86dcdfc9 Ermal
				$resolvconf .= "search {$searchserver}\n";
102
		}
103 c3f535c0 Seth Mos
		$ns = array_unique(get_nameservers());
104
		foreach($ns as $nameserver) {
105 b03bf7ab Ermal
			if($nameserver)
106 c3f535c0 Seth Mos
				$resolvconf .= "nameserver $nameserver\n";
107
		}
108 30cee7b2 Scott Ullrich
	}
109 b03bf7ab Ermal
	if (is_array($syscfg['dnsserver'])) {
110 c3f535c0 Seth Mos
		foreach ($syscfg['dnsserver'] as $ns) {
111 b03bf7ab Ermal
			if ($ns)
112 c3f535c0 Seth Mos
				$resolvconf .= "nameserver $ns\n";
113 e180a6e3 Scott Ullrich
		}
114 c3f535c0 Seth Mos
	}
115 0f282d7a Scott Ullrich
116 d97ff036 Ermal
	$dnslock = lock('resolvconf', LOCK_EX);
117
118 e1daff07 Ermal
	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
119
	if (!$fd) {
120
		printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
121 d97ff036 Ermal
		unlock($dnslock);
122 e1daff07 Ermal
		return 1;
123
	}
124
125 30cee7b2 Scott Ullrich
	fwrite($fd, $resolvconf);
126
	fclose($fd);
127 0f282d7a Scott Ullrich
128 30cee7b2 Scott Ullrich
	if (!$g['booting']) {
129 c3f535c0 Seth Mos
		/* restart dhcpd (nameservers may have changed) */
130
		if (!$dynupdate)
131
			services_dhcpd_configure();
132 30cee7b2 Scott Ullrich
	}
133 ef217c69 Scott Ullrich
134 c3f535c0 Seth Mos
	/* setup static routes for DNS servers. */
135
	for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136
		/* setup static routes for dns servers */
137
		$dnsgw = "dns{$dnscounter}gwint";
138
		if (isset($config['system'][$dnsgw])) {
139
			$interface = $config['system'][$dnsgw];
140
			if (($interface <> "") && ($interface <> "none")) {
141
				$gatewayip = get_interface_gateway($interface);
142 b9f98526 Ermal
				if (is_ipaddr($gatewayip)) {
143 c3f535c0 Seth Mos
					/* dns server array starts at 0 */
144 b875f306 Scott Ullrich
					$dnscountermo = $dnscounter - 1;
145 b9f98526 Ermal
					mwexec("route change -host " . $syscfg['dnsserver'][$dnscountermo] . " {$gatewayip}");
146 b875f306 Scott Ullrich
				}
147
			}
148 e180a6e3 Scott Ullrich
		}
149 c3f535c0 Seth Mos
	}
150 d97ff036 Ermal
151
	unlock($dnslock);
152
153 c3f535c0 Seth Mos
	return 0;
154 5b237745 Scott Ullrich
}
155
156 86dcdfc9 Ermal
function get_searchdomains() {
157
	global $config, $g;
158
159
	$master_list = array();
160
	
161
	// Read in dhclient nameservers
162 e1daff07 Ermal
	$search_list = glob("/var/etc/searchdomain_*");
163 86dcdfc9 Ermal
	if (is_array($search_lists)) {
164 807fd6cd Ermal
		foreach($search_lists as $fdns) {
165
			$contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
166
			if (!is_array($contents))
167
				continue;
168
			foreach ($contents as $dns) {
169
				if(is_hostname($dns)) 
170
					$master_list[] = $dns;
171
			}
172 86dcdfc9 Ermal
		}
173
	}
174
175
	return $master_list;
176
}
177
178 3d00ccaa Scott Ullrich
function get_nameservers() {
179
	global $config, $g;
180
	$master_list = array();
181 30cee7b2 Scott Ullrich
	
182 2a1226ad Scott Ullrich
	// Read in dhclient nameservers
183 e1daff07 Ermal
	$dns_lists = glob("/var/etc/nameserver_*");
184 1033de74 Ermal
	if (is_array($dns_lists)) {
185 807fd6cd Ermal
		foreach($dns_lists as $fdns) {
186
			$contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
187
			if (!is_array($contents))
188
				continue;
189
			foreach ($contents as $dns) {
190
				if(is_ipaddr($dns)) 
191
					$master_list[] = $dns;
192
			}
193 60951398 Scott Ullrich
		}
194 3d00ccaa Scott Ullrich
	}
195 2a1226ad Scott Ullrich
196
	// Read in any extra nameservers
197
	if(file_exists("/var/etc/nameservers.conf")) {
198 33818198 Ermal
		$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
199 e1daff07 Ermal
		if(is_array($dns_s)) {
200 2a1226ad Scott Ullrich
			foreach($dns_s as $dns)
201 1033de74 Ermal
				if (is_ipaddr($dns))
202
					$master_list[] = $dns;
203 e1daff07 Ermal
		}
204 2a1226ad Scott Ullrich
	}
205
206 3d00ccaa Scott Ullrich
	return $master_list;
207
}
208
209 5b237745 Scott Ullrich
function system_hosts_generate() {
210 f19d3b7a Scott Ullrich
	global $config, $g;
211 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
212
		$mt = microtime();
213 dcf0598e Scott Ullrich
		echo "system_hosts_generate() being called $mt\n";
214 f19d3b7a Scott Ullrich
	}
215 0f282d7a Scott Ullrich
216 5b237745 Scott Ullrich
	$syscfg = $config['system'];
217
	$dnsmasqcfg = $config['dnsmasq'];
218
219
	if (!is_array($dnsmasqcfg['hosts'])) {
220
		$dnsmasqcfg['hosts'] = array();
221
	}
222
	$hostscfg = $dnsmasqcfg['hosts'];
223 0f282d7a Scott Ullrich
224 58db1fc4 Ermal
	$hosts = "127.0.0.1	localhost localhost.{$syscfg['domain']}\n";
225 f7c7eecb Andrew Thompson
	$lhosts = "";
226
	$dhosts = "";
227 a55e9c70 Ermal Lu?i
228 e5995f9d Ermal
	if ($config['interfaces']['lan']) {
229
		$cfgip = get_interface_ip("lan");
230 f38f8062 Ermal
		if (is_ipaddr($cfgip))
231
			$hosts .= "{$cfgip}	{$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
232 e5995f9d Ermal
	} else {
233
		$sysiflist = get_configured_interface_list();
234
		foreach ($sysiflist as $sysif) {
235
			if (!interface_has_gateway($sysif)) {
236
				$cfgip = get_interface_ip($sysif);
237
				if (is_ipaddr($cfgip)) {
238
					$hosts .= "{$cfgip}	{$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
239
					break;
240
				}
241
			}
242
		}
243 f38f8062 Ermal
	}
244 0f282d7a Scott Ullrich
245 5b237745 Scott Ullrich
	foreach ($hostscfg as $host) {
246
		if ($host['host'])
247 f7c7eecb Andrew Thompson
			$lhosts .= "{$host['ip']}	{$host['host']}.{$host['domain']} {$host['host']}\n";
248 5b237745 Scott Ullrich
		else
249 f7c7eecb Andrew Thompson
			$lhosts .= "{$host['ip']}	{$host['domain']}\n";
250 5b237745 Scott Ullrich
	}
251 da6155e0 Erik Fonnesbeck
	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
252 6a01ea44 Bill Marquette
		foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
253
			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
254 a56e787d Scott Ullrich
					foreach ($dhcpifconf['staticmap'] as $host)
255 6a01ea44 Bill Marquette
						if ($host['ipaddr'] && $host['hostname'])
256 f7c7eecb Andrew Thompson
							$dhosts .= "{$host['ipaddr']}	{$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
257 a56e787d Scott Ullrich
	}
258 58db1fc4 Ermal
259 f7c7eecb Andrew Thompson
	if (isset($dnsmasqcfg['dhcpfirst']))
260
		$hosts .= $dhosts . $lhosts;
261
	else
262
		$hosts .= $lhosts . $dhosts;
263
264 58db1fc4 Ermal
	/*
265
	 * Do not remove this because dhcpleases monitors with kqueue it needs to be 
266
	 * killed before writing to hosts files.
267
	 */
268
	if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
269
		sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
270
                @unlink("{$g['varrun_path']}/dhcpleases.pid");
271
	}
272
	$fd = fopen("{$g['varetc_path']}/hosts", "w");
273
	if (!$fd) {
274
		log_error("Error: cannot open hosts file in system_hosts_generate().\n");
275
		return 1;
276
	}
277 5b237745 Scott Ullrich
	fwrite($fd, $hosts);
278
	fclose($fd);
279 0f282d7a Scott Ullrich
280 24d619f5 Ermal
	system_dhcpleases_configure();
281
282
	return 0;
283
}
284
285
function system_dhcpleases_configure() {
286 15d456b9 gnhb
	global $config, $g;
287
	
288 956950de Ermal
	/* Start the monitoring process for dynamic dhcpclients. */
289
	if (isset($config['dnsmasq']['regdhcp'])) {
290
		/* Make sure we do not error out */
291
		@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
292 15d456b9 gnhb
		if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
293
				sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
294
		else
295
			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
296
	} else {
297
		sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
298
		@unlink("{$g['varrun_path']}/dhcpleases.pid");
299
	}
300 5b237745 Scott Ullrich
}
301
302
function system_hostname_configure() {
303 f19d3b7a Scott Ullrich
	global $config, $g;
304 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
305
		$mt = microtime();
306 dcf0598e Scott Ullrich
		echo "system_hostname_configure() being called $mt\n";
307 333f8ef0 Scott Ullrich
	}
308 0f282d7a Scott Ullrich
309 5b237745 Scott Ullrich
	$syscfg = $config['system'];
310 0f282d7a Scott Ullrich
311 5b237745 Scott Ullrich
	/* set hostname */
312 6bfccde7 Scott Ullrich
	$status = mwexec("/bin/hostname " .
313 5b237745 Scott Ullrich
		escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
314 6bfccde7 Scott Ullrich
315
    /* Setup host GUID ID.  This is used by ZFS. */
316
	mwexec("/etc/rc.d/hostid start");
317
318
	return $status;
319 5b237745 Scott Ullrich
}
320
321 1ea67f2e Ermal
function system_routing_configure($interface = "") {
322 962625aa Ermal
	global $config, $g;
323 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
324
		$mt = microtime();
325 dcf0598e Scott Ullrich
		echo "system_routing_configure() being called $mt\n";
326 58c7450e Scott Ullrich
	}
327 333f8ef0 Scott Ullrich
328 a529aced Ermal
	$gatewayip = "";
329
	$interfacegw = "";
330 3cc07282 Ermal
	$foundgw = false;
331 a529aced Ermal
	/* tack on all the hard defined gateways as well */
332
	if (is_array($config['gateways']['gateway_item'])) {
333 d499c12b Ermal
		mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
334 a529aced Ermal
		foreach	($config['gateways']['gateway_item'] as $gateway) {
335
			if (isset($gateway['defaultgw'])) {
336 911a262f smos
				if(strstr($gateway['gateway'], ":"))
337
					break;
338 a529aced Ermal
				if ($gateway['gateway'] == "dynamic")
339
					$gateway['gateway'] = get_interface_gateway($gateway['interface']);
340
				$gatewayip = $gateway['gateway'];
341
				$interfacegw = $gateway['interface'];
342 924f202e Ermal
				if (!empty($interfacegw)) {
343
					$defaultif = get_real_interface($gateway['interface']);
344
					if ($defaultif)
345
						@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
346
				}
347
				$foundgw = true;
348 a529aced Ermal
				break;
349
			}
350 6e17413e Ermal Lu?i
		}
351 b24bda08 Scott Ullrich
	}
352 3cc07282 Ermal
	if ($foundgw == false) {
353
		$defaultif = get_real_interface("wan");
354
		$interfacegw = "wan";
355
		$gatewayip = get_interface_gateway("wan");
356
		@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
357
	}	
358 d173230c Seth Mos
	$dont_add_route = false;
359
	/* if OLSRD is enabled, allow WAN to house DHCP. */
360
	if($config['installedpackages']['olsrd']) {
361
		foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
362 ced52898 Chris Buechler
			if(($olsrd['enabledyngw'] == "on") && ($olsrd['enable'] == "on")) {
363 d173230c Seth Mos
				$dont_add_route = true;
364 8d2a614b Ermal
				log_error("Not adding default route because OLSR dynamic gateway is enabled.");
365 6e17413e Ermal Lu?i
				break;
366 d173230c Seth Mos
			}
367
		}
368
	}
369 07b54e8c smos
370 1ea67f2e Ermal
	if ($dont_add_route == false ) {
371 8d29cef4 Ermal
		if (!empty($interface) && $interface != $interfacegw)
372 1ea67f2e Ermal
			;
373
		else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
374 fb85533d Ermal
			log_error("ROUTING: setting default route to $gatewayip");
375
			mwexec("/sbin/route change -inet default " . escapeshellarg($gatewayip));
376 d173230c Seth Mos
		}
377
	}
378
379 5b237745 Scott Ullrich
	if (is_array($config['staticroutes']['route'])) {
380 a529aced Ermal
		$gateways_arr = return_gateways_array();
381 0f282d7a Scott Ullrich
382 5b237745 Scott Ullrich
		foreach ($config['staticroutes']['route'] as $rtent) {
383 a529aced Ermal
			$gatewayip = "";
384 a02708b1 Ermal
			if (empty($gateways_arr[$rtent['gateway']])) {
385 24fb2263 Chris Buechler
				log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
386 a529aced Ermal
				continue;
387
			}
388 a02708b1 Ermal
			$gateway = $gateways_arr[$rtent['gateway']];
389 1801c223 Ermal
			if (!empty($interface) && $interface != $gateway['friendlyiface'])
390 a02708b1 Ermal
				continue;
391
			$gatewayip = $gateway['gateway'];
392
			$interfacegw = $gateway['interface'];
393 a529aced Ermal
394
			if (is_ipaddr($gatewayip)) {
395 fb85533d Ermal
				mwexec("/sbin/route change -inet " . escapeshellarg($rtent['network']) .
396 b24bda08 Scott Ullrich
					" " . escapeshellarg($gatewayip));
397 a529aced Ermal
			} else if (!empty($interfacegw)) {
398 fb85533d Ermal
				mwexec("/sbin/route change -inet " . escapeshellarg($rtent['network']) .
399 a529aced Ermal
					" -iface " . escapeshellarg($interfacegw));
400 7a98edde Seth Mos
			}
401 5b237745 Scott Ullrich
		}
402
	}
403 67ee1ec5 Ermal Luçi
404 b9c501ea Seth Mos
	return 0;
405 5b237745 Scott Ullrich
}
406
407
function system_routing_enable() {
408 f19d3b7a Scott Ullrich
	global $config, $g;
409 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
410
		$mt = microtime();
411 dcf0598e Scott Ullrich
		echo "system_routing_enable() being called $mt\n";
412 58c7450e Scott Ullrich
	}
413 0f282d7a Scott Ullrich
414 5e041d5f Scott Ullrich
	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
415 5b237745 Scott Ullrich
}
416
417 4659f856 jim-p
function system_syslogd_get_remote_servers($syslogcfg, $facility = "*.*") {
418
	// Rather than repeatedly use the same code, use this function to build a list of remote servers.
419
	$facility .= " ".
420
	$remote_servers = "";
421
	$pad_to  = 56;
422
	$padding = ceil(($pad_to - strlen($facility))/8)+1;
423
	if($syslogcfg['remoteserver'])
424
		$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@{$syslogcfg['remoteserver']}\n";
425
	if($syslogcfg['remoteserver2'])
426
		$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@{$syslogcfg['remoteserver2']}\n";
427
	if($syslogcfg['remoteserver3'])
428
		$remote_servers .= "{$facility}" . str_repeat("\t", $padding) . "@{$syslogcfg['remoteserver3']}\n";
429
	return $remote_servers;
430
}
431
432 5b237745 Scott Ullrich
function system_syslogd_start() {
433 f19d3b7a Scott Ullrich
	global $config, $g;
434 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
435
		$mt = microtime();
436 dcf0598e Scott Ullrich
		echo "system_syslogd_start() being called $mt\n";
437 58c7450e Scott Ullrich
	}
438 0f282d7a Scott Ullrich
439 6ecb52bd Scott Ullrich
	mwexec("/etc/rc.d/hostid start");
440
441 5b237745 Scott Ullrich
	$syslogcfg = $config['syslog'];
442
443 0f282d7a Scott Ullrich
	if ($g['booting'])
444 f05740c1 Scott Ullrich
		echo "Starting syslog...";
445 5b237745 Scott Ullrich
	else
446
		killbypid("{$g['varrun_path']}/syslog.pid");
447 0f282d7a Scott Ullrich
448 99f98b80 sullrich
	if(is_process_running("syslogd"))
449 4659f856 jim-p
		mwexec('/bin/pkill syslogd');
450 99f98b80 sullrich
	if(is_process_running("fifolog_writer"))
451 4659f856 jim-p
		mwexec('/bin/pkill fifolog_writer');
452 7ee97cb3 Scott Ullrich
	
453
	// Define carious commands for logging
454
	$fifolog_create = "/usr/sbin/fifolog_create -s ";
455
	$fifolog_log = "|/usr/sbin/fifolog_writer ";
456
	$clog_create = "/usr/sbin/clog -i -s ";
457
	$clog_log = "%";
458
459
	// Which logging type are we using this week??
460
	if(isset($config['system']['usefifolog'])) {
461
		$log_directive = $fifolog_log;
462 4659f856 jim-p
		$log_create_directive = $fifolog_create;
463 7ee97cb3 Scott Ullrich
	} else { // Defaults to CLOG
464
		$log_directive = $clog_log;
465
		$log_create_directive = $clog_create;
466
	}
467
	
468 88ebd635 Scott Ullrich
	if (isset($syslogcfg)) {
469 44b3a75c jim-p
		$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps','relayd','hostapd');
470 a728d2ea Colin Smith
		if($config['installedpackages']['package']) {
471 0d9d2a1b Scott Ullrich
			foreach($config['installedpackages']['package'] as $package) {
472
				if($package['logging']) {
473 d589cccf Warren Baker
					array_push($separatelogfacilities, $package['logging']['facilityname']);
474 7ee97cb3 Scott Ullrich
					mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
475 eeb52fea Warren Baker
					$syslogconf .= "!{$package['logging']['facilityname']}\n*.*\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
476 a728d2ea Colin Smith
				}
477 0d9d2a1b Scott Ullrich
			}
478
		}
479 d2834563 Scott Ullrich
		$facilitylist = implode(',', array_unique($separatelogfacilities));
480 0d9d2a1b Scott Ullrich
		/* write syslog.conf */		
481 5b237745 Scott Ullrich
		$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
482
		if (!$fd) {
483
			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
484
			return 1;
485
		}
486 d5294248 Ermal
		$syslogconf .= "!ntpdate,ntpd\n";
487 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
488 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/ntpd.log\n";
489
490 295e19dd Scott Ullrich
		$syslogconf .= "!ppp\n";
491
		if (!isset($syslogcfg['disablelocallogging'])) 
492 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/ppp.log\n";
493
494 a6607b5f jim-p
		$syslogconf .= "!pptps\n";
495 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
496 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/pptps.log\n";
497
498 a6607b5f jim-p
		$syslogconf .= "!poes\n";
499 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
500 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/poes.log\n";
501
502 a6607b5f jim-p
		$syslogconf .= "!l2tps\n";
503 328efaba Ermal
		if (!isset($syslogcfg['disablelocallogging'])) 
504 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/l2tps.log\n";
505
506 0260caec Scott Ullrich
		$syslogconf .= "!racoon\n";
507 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
508 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/ipsec.log\n";
509
		if (isset($syslogcfg['vpn']))
510
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
511
512 d2834563 Scott Ullrich
		$syslogconf .= "!openvpn\n";
513 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
514 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/openvpn.log\n";
515
		if (isset($syslogcfg['vpn']))
516
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
517
518 7bc41b19 jim-p
		$syslogconf .= "!apinger\n";
519
		if (!isset($syslogcfg['disablelocallogging']))
520 4659f856 jim-p
			$syslogconf .= "*.*								{$log_directive}{$g['varlog_path']}/apinger.log\n";
521
		if (isset($syslogcfg['apinger']))
522
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
523
524 087a89f8 Chris Buechler
		$syslogconf .= "!relayd\n";
525 4659f856 jim-p
		if (!isset($syslogcfg['disablelocallogging']))
526
			$syslogconf .= "*.* 								{$log_directive}{$g['varlog_path']}/relayd.log\n";
527
		if (isset($syslogcfg['relayd']))
528
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
529
530 44b3a75c jim-p
		$syslogconf .= "!hostapd\n";
531 4659f856 jim-p
		if (!isset($syslogcfg['disablelocallogging']))
532
			$syslogconf .= "*.* 								{$log_directive}{$g['varlog_path']}/wireless.log\n";
533
		if (isset($syslogcfg['hostapd']))
534
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
535
536 d2834563 Scott Ullrich
		$syslogconf .= "!-{$facilitylist}\n";
537 0d9d2a1b Scott Ullrich
		if (!isset($syslogcfg['disablelocallogging'])) 
538 5b237745 Scott Ullrich
			$syslogconf .= <<<EOD
539 4659f856 jim-p
local0.*							{$log_directive}{$g['varlog_path']}/filter.log
540
local3.*							{$log_directive}{$g['varlog_path']}/vpn.log
541
local4.*							{$log_directive}{$g['varlog_path']}/portalauth.log
542
local7.*							{$log_directive}{$g['varlog_path']}/dhcpd.log
543
*.notice;kern.debug;lpr.info;mail.crit;				{$log_directive}{$g['varlog_path']}/system.log
544
news.err;local0.none;local3.none;local4.none;			{$log_directive}{$g['varlog_path']}/system.log
545
local7.none							{$log_directive}{$g['varlog_path']}/system.log
546
security.*							{$log_directive}{$g['varlog_path']}/system.log
547
auth.info;authpriv.info;daemon.info				{$log_directive}{$g['varlog_path']}/system.log
548
auth.info;authpriv.info 					|exec /usr/local/sbin/sshlockout_pf 15
549
*.emerg								*
550 be5d59d7 Scott Ullrich
551
EOD;
552 4659f856 jim-p
		if (isset($syslogcfg['filter']))
553
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local0.*");
554
		if (isset($syslogcfg['vpn']))
555
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local3.*");
556
		if (isset($syslogcfg['portalauth']))
557
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local4.*");
558
		if (isset($syslogcfg['dhcp']))
559
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "local7.*");
560 be5d59d7 Scott Ullrich
		if (isset($syslogcfg['system'])) {
561 4659f856 jim-p
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.notice;kern.debug;lpr.info;mail.crit;");
562
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "news.err;local0.none;local3.none;local7.none");
563
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "security.*");
564
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "auth.info;authpriv.info;daemon.info");
565
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.emerg");
566
		}
567 4ef2d703 Chris Buechler
		if (isset($syslogcfg['logall'])) {
568 4659f856 jim-p
			// Make everything mean everything, including facilities excluded above.
569
			$syslogconf .= "!*\n";
570
			$syslogconf .= system_syslogd_get_remote_servers($syslogcfg, "*.*");
571
		}
572 be5d59d7 Scott Ullrich
573 427fa49c Andrew Thompson
		if (isset($syslogcfg['zmqserver'])) {
574
				$syslogconf .= <<<EOD
575
*.*								^{$syslogcfg['zmqserver']}
576
577
EOD;
578
		}
579 5b237745 Scott Ullrich
		fwrite($fd, $syslogconf);
580
		fclose($fd);
581 42ee8bde Scott Ullrich
582
		// Ensure that the log directory exists
583 81868072 Scott Ullrich
		if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
584 42ee8bde Scott Ullrich
			exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
585
586 6a638a89 Scott Ullrich
		// Are we logging to a least one remote server ?
587
		if(strpos($syslogconf, "@") != false)
588 8de52525 jim-p
			$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
589
		else {
590
			$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
591
		}
592 5b237745 Scott Ullrich
593
	} else {
594 8de52525 jim-p
		$retval = mwexec_bg("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
595 5b237745 Scott Ullrich
	}
596 0f282d7a Scott Ullrich
597 5b237745 Scott Ullrich
	if ($g['booting'])
598 5c6d0f65 Colin Smith
		echo "done.\n";
599 0f282d7a Scott Ullrich
600 5b237745 Scott Ullrich
	return $retval;
601
}
602
603
function system_pccard_start() {
604 f19d3b7a Scott Ullrich
	global $config, $g;
605 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
606
		$mt = microtime();
607 dcf0598e Scott Ullrich
		echo "system_pccard_start() being called $mt\n";
608 58c7450e Scott Ullrich
	}
609 0f282d7a Scott Ullrich
610 5b237745 Scott Ullrich
	if ($g['booting'])
611 f05740c1 Scott Ullrich
		echo "Initializing PCMCIA...";
612 0f282d7a Scott Ullrich
613 5b237745 Scott Ullrich
	/* kill any running pccardd */
614
	killbypid("{$g['varrun_path']}/pccardd.pid");
615 0f282d7a Scott Ullrich
616 5b237745 Scott Ullrich
	/* fire up pccardd */
617
	$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
618 0f282d7a Scott Ullrich
619 5b237745 Scott Ullrich
	if ($g['booting']) {
620
		if ($res == 0)
621 5c6d0f65 Colin Smith
			echo "done.\n";
622 5b237745 Scott Ullrich
		else
623 5c6d0f65 Colin Smith
			echo "failed!\n";
624 5b237745 Scott Ullrich
	}
625 0f282d7a Scott Ullrich
626 5b237745 Scott Ullrich
	return $res;
627
}
628
629 819197a8 Scott Ullrich
630 5b237745 Scott Ullrich
function system_webgui_start() {
631 f19d3b7a Scott Ullrich
	global $config, $g;
632 877ac35d Scott Ullrich
633
	if ($g['booting'])
634 f05740c1 Scott Ullrich
		echo "Starting webConfigurator...";
635 877ac35d Scott Ullrich
636 383a4439 Scott Ullrich
	/* kill any running lighttpd */
637 877ac35d Scott Ullrich
	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
638
639 e9d0bf64 Scott Ullrich
	sleep(1);
640
641 877ac35d Scott Ullrich
	chdir($g['www_path']);
642
643 fb1266d3 Matthew Grooms
	/* defaults */
644
	$portarg = "80";
645
	$crt = "";
646
	$key = "";
647 2cf6ddcb Nigel Graham
	$ca = "";
648 fb1266d3 Matthew Grooms
649 877ac35d Scott Ullrich
	/* non-standard port? */
650 f4875d35 Ermal Lu?i
	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
651 528df9a7 Scott Ullrich
		$portarg = "{$config['system']['webgui']['port']}";
652 877ac35d Scott Ullrich
653
	if ($config['system']['webgui']['protocol'] == "https") {
654 02b383fe sullrich
		// Ensure that we have a webConfigurator CERT
655 fb1266d3 Matthew Grooms
		$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
656 02b383fe sullrich
		if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
657 1e332e98 jim-p
			if (!is_array($config['ca']))
658
				$config['ca'] = array();
659
			$a_ca =& $config['ca'];
660
			if (!is_array($config['cert']))
661
				$config['cert'] = array();
662
			$a_cert =& $config['cert'];
663 e9954aef Scott Ullrich
			log_error("Creating SSL Certificate for this host");
664 aab4ca82 Scott Ullrich
			$cert = array();
665
			$cert['refid'] = uniqid();
666 f2a86ca9 jim-p
			$cert['descr'] = "webConfigurator default";
667 6955830f Ermal Lu?i
			mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
668
			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
669
			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
670
			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
671
			unlink("{$g['tmp_path']}/ssl.key");
672
			unlink("{$g['tmp_path']}/ssl.crt");
673 aab4ca82 Scott Ullrich
			cert_import($cert, $crt, $key);
674
			$a_cert[] = $cert;
675
			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
676
			write_config("Importing HTTPS certificate");
677
			if(!$config['system']['webgui']['port'])
678
				$portarg = "443";
679
			$ca = ca_chain($cert);
680 edc8a9f8 jim-p
		} else {
681 fb1266d3 Matthew Grooms
			$crt = base64_decode($cert['crt']);
682
			$key = base64_decode($cert['prv']);
683
			if(!$config['system']['webgui']['port'])
684
				$portarg = "443";
685 2cf6ddcb Nigel Graham
			$ca = ca_chain($cert);
686 edc8a9f8 jim-p
		}
687 877ac35d Scott Ullrich
	}
688
689
	/* generate lighttpd configuration */
690 c41602e1 jim-p
	$max_procs = ($config['system']['webgui']['max_procs']) ? $config['system']['webgui']['max_procs'] : 2;
691 877ac35d Scott Ullrich
	system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
692 c41602e1 jim-p
		$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/",
693
		"cert.pem", "ca.pem", $max_procs);
694 877ac35d Scott Ullrich
695
	/* attempt to start lighthttpd */
696
	$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
697
698 cc093472 sullrich
	/* fetch page to preload apc cache */
699 eb0f4fc6 Ermal Lu?i
	$proto = "http";
700
	if ($config['system']['webgui']['protocol'])
701
		$proto = $config['system']['webgui']['protocol'];
702 bd96ff65 Ermal Lu?i
	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
703 cc093472 sullrich
704 877ac35d Scott Ullrich
	if ($g['booting']) {
705
		if ($res == 0)
706
			echo "done.\n";
707
		else
708
			echo "failed!\n";
709
	}
710
711
	return $res;
712
}
713
714 eb0f441c Scott Ullrich
function system_generate_lighty_config($filename,
715
	$cert,
716
	$key,
717 2cf6ddcb Nigel Graham
	$ca,
718 eb0f441c Scott Ullrich
	$pid_file,
719
	$port = 80,
720
	$document_root = "/usr/local/www/",
721
	$cert_location = "cert.pem",
722 2cf6ddcb Nigel Graham
	$ca_location = "ca.pem",
723 94436824 Scott Ullrich
	$max_procs = 1,
724 280b75d9 Scott Ullrich
	$max_requests = "2",
725 eb0f441c Scott Ullrich
	$fast_cgi_enable = true,
726
	$captive_portal = false) {
727 58c7450e Scott Ullrich
728 f19d3b7a Scott Ullrich
	global $config, $g;
729
730 6955830f Ermal Lu?i
	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
731
		mkdir("{$g['tmp_path']}/lighttpdcompress");
732 570ef08c sullrich
733 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
734
		$mt = microtime();
735 dcf0598e Scott Ullrich
		echo "system_generate_lighty_config() being called $mt\n";
736 58c7450e Scott Ullrich
	}
737
738 eb0f441c Scott Ullrich
	if($captive_portal == true)  {
739
		$captiveportal = ",\"mod_rewrite\"";
740 6bef50b3 Scott Ullrich
		$captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
741 ec192fe5 Scott Ullrich
		$captive_portal_module = "";
742 b0bdc06e Scott Ullrich
		$maxprocperip = $config['captiveportal']['maxprocperip'];
743 8b618d91 Ermal
		if($maxprocperip and $maxprocperip > 0)
744 632e8d54 Scott Ullrich
			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
745
		else
746
			$captive_portal_mod_evasive = "";
747 6955830f Ermal Lu?i
		$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
748
		exec("mkdir -p {$g['tmp_path']}/captiveportal");
749
		exec("chmod a-w {$g['tmp_path']}/captiveportal");
750 775556ab Scott Ullrich
		$server_max_request_size = "server.max-request-size    = 384";
751 b0bdc06e Scott Ullrich
	} else {
752 3435dc35 Ermal Lu?i
		$captiveportal = "";
753
		$captive_portal_rewrite = "";
754 b0bdc06e Scott Ullrich
		$captive_portal_module = "";
755
		$captive_portal_mod_evasive = "";
756 6955830f Ermal Lu?i
		$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
757 775556ab Scott Ullrich
		$server_max_request_size = "server.max-request-size    = 2097152";
758 eb0f441c Scott Ullrich
	}
759 3306a341 Scott Ullrich
	
760 28cae949 Scott Ullrich
	if($port <> "")
761
		$lighty_port = $port;
762
	else
763
		$lighty_port = "80";
764 3d77d4c4 Scott Ullrich
765
	$memory = get_memory();
766
	$avail = $memory[0];
767
768 f4ebc84a Scott Ullrich
	if($avail > 0 and $avail < 65) {
769
		$fast_cgi_enable = false;
770
	}
771
772 70cc6249 Scott Ullrich
	// Ramp up captive portal max procs
773 c41602e1 jim-p
	//  Work relative to the default of 2, for values that would be >2.
774 70cc6249 Scott Ullrich
	if($captive_portal == true)  {
775
		if($avail > 65 and $avail < 98) {
776
			$max_procs = 1;
777
		}
778
		if($avail > 97 and $avail < 128) {
779
			$max_procs = 2;
780
		}
781
		if($avail > 127 and $avail < 256) {
782 c41602e1 jim-p
			$max_procs += 1;
783 70cc6249 Scott Ullrich
		}
784
		if($avail > 255 and $avail < 384) {
785 c41602e1 jim-p
			$max_procs += 2;
786 70cc6249 Scott Ullrich
		}
787
		if($avail > 383) {
788 c41602e1 jim-p
			$max_procs += 3;
789 70cc6249 Scott Ullrich
		}
790 b0bdc06e Scott Ullrich
	}
791
792 6e337a84 Scott Ullrich
	if($captive_portal == true)  {	
793
		$bin_environment =  <<<EOC
794 5d2e5116 jim-p
			"bin-environment" => (
795
				"PHP_FCGI_CHILDREN" => "$max_procs",
796
				"PHP_FCGI_MAX_REQUESTS" => "500"
797
			),
798 6e337a84 Scott Ullrich
EOC;
799
800 04f4a116 Ermal Luçi
	} else if ($avail > 0 and $avail < 128) {
801
		$bin_environment = <<<EOC
802 5d2e5116 jim-p
			"bin-environment" => (
803
				"PHP_FCGI_CHILDREN" => "$max_procs",
804
				"PHP_FCGI_MAX_REQUESTS" => "2",
805
			),
806 04f4a116 Ermal Luçi
807
EOC;
808
	} else
809 980df75c Scott Ullrich
		$bin_environment =  <<<EOC
810 5d2e5116 jim-p
			"bin-environment" => (
811
				"PHP_FCGI_CHILDREN" => "$max_procs",
812
				"PHP_FCGI_MAX_REQUESTS" => "500"
813
			),
814 980df75c Scott Ullrich
EOC;
815
816 4edb490d Scott Ullrich
	if($fast_cgi_enable == true) {
817 dde4f60c Scott Ullrich
		$module = "\"mod_fastcgi\", \"mod_cgi\"";
818 4edb490d Scott Ullrich
		$cgi_config = "";
819
		$fastcgi_config = <<<EOD
820
#### fastcgi module
821
## read fastcgi.txt for more info
822 b0bdc06e Scott Ullrich
fastcgi.server = ( ".php" =>
823
	( "localhost" =>
824
		(
825 6955830f Ermal Lu?i
			"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
826 980df75c Scott Ullrich
			"min-procs" => 0,
827 b0bdc06e Scott Ullrich
			"max-procs" => {$max_procs},
828 5d2e5116 jim-p
{$bin_environment}
829 b0bdc06e Scott Ullrich
			"bin-path" => "/usr/local/bin/php"
830
		)
831
	)
832
)
833 4edb490d Scott Ullrich
834 dde4f60c Scott Ullrich
#### CGI module
835 5999dd9c Scott Ullrich
cgi.assign                 = ( ".cgi" => "" )
836 dde4f60c Scott Ullrich
837 4edb490d Scott Ullrich
EOD;
838
	} else {
839
		$fastcgi_config = "";
840
		$module = "\"mod_cgi\"";
841
		$cgi_config = <<<EOD
842
#### CGI module
843
cgi.assign                 = ( ".php"  => "/usr/local/bin/php",
844 d4302f46 Espen Johansen
                               ".cgi" => "" )
845 333f8ef0 Scott Ullrich
846 4edb490d Scott Ullrich
EOD;
847
	}
848 333f8ef0 Scott Ullrich
849 3435dc35 Ermal Lu?i
	$lighty_config = "";
850 a84b65dc Scott Ullrich
	$lighty_config .= <<<EOD
851 28cae949 Scott Ullrich
#
852 a632cf43 Scott Ullrich
# lighttpd configuration file
853
#
854
# use a it as base for lighttpd 1.0.0 and above
855 28cae949 Scott Ullrich
#
856 a632cf43 Scott Ullrich
############ Options you really have to take care of ####################
857
858 770b4b9c Scott Ullrich
## FreeBSD!
859 60ff6204 Scott Ullrich
server.event-handler	= "freebsd-kqueue"
860
server.network-backend 	= "writev"
861 096261af Scott Ullrich
862 a632cf43 Scott Ullrich
## modules to load
863 4edb490d Scott Ullrich
server.modules              =   (
864 c93ad789 Scott Ullrich
									{$captive_portal_module}
865 d7e230ae Chris Buechler
									"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
866 c93ad789 Scott Ullrich
									{$module}{$captiveportal}
867
								)
868 28cae949 Scott Ullrich
869
## Unused modules
870 6a019c11 Scott Ullrich
#                               "mod_setenv",
871
#                               "mod_rewrite",
872 28cae949 Scott Ullrich
#                               "mod_ssi",
873
#                               "mod_usertrack",
874
#                               "mod_expire",
875
#                               "mod_secdownload",
876
#                               "mod_rrdtool",
877 a632cf43 Scott Ullrich
#                               "mod_auth",
878
#                               "mod_status",
879 28cae949 Scott Ullrich
#                               "mod_alias",
880 a632cf43 Scott Ullrich
#                               "mod_proxy",
881
#                               "mod_simple_vhost",
882
#                               "mod_evhost",
883
#                               "mod_userdir",
884 28cae949 Scott Ullrich
#                               "mod_cgi",
885 a632cf43 Scott Ullrich
886 d9acea75 Scott Ullrich
server.max-keep-alive-requests = 15
887
server.max-keep-alive-idle = 30
888
889 a632cf43 Scott Ullrich
## a static document-root, for virtual-hosting take look at the
890
## server.virtual-* options
891 332b4ac0 Scott Ullrich
server.document-root        = "{$document_root}"
892 eb0f441c Scott Ullrich
{$captive_portal_rewrite}
893 a632cf43 Scott Ullrich
894 38a9a1ab Scott Ullrich
# Maximum idle time with nothing being written (php downloading)
895
server.max-write-idle = 999
896
897 a632cf43 Scott Ullrich
## where to send error-messages to
898 ee959dc4 Scott Ullrich
server.errorlog             = "/var/log/lighttpd.error.log"
899 a632cf43 Scott Ullrich
900
# files to check for if .../ is requested
901
server.indexfiles           = ( "index.php", "index.html",
902
                                "index.htm", "default.htm" )
903
904
# mimetype mapping
905
mimetype.assign             = (
906
  ".pdf"          =>      "application/pdf",
907
  ".sig"          =>      "application/pgp-signature",
908
  ".spl"          =>      "application/futuresplash",
909
  ".class"        =>      "application/octet-stream",
910
  ".ps"           =>      "application/postscript",
911
  ".torrent"      =>      "application/x-bittorrent",
912
  ".dvi"          =>      "application/x-dvi",
913
  ".gz"           =>      "application/x-gzip",
914
  ".pac"          =>      "application/x-ns-proxy-autoconfig",
915
  ".swf"          =>      "application/x-shockwave-flash",
916
  ".tar.gz"       =>      "application/x-tgz",
917
  ".tgz"          =>      "application/x-tgz",
918
  ".tar"          =>      "application/x-tar",
919
  ".zip"          =>      "application/zip",
920
  ".mp3"          =>      "audio/mpeg",
921
  ".m3u"          =>      "audio/x-mpegurl",
922
  ".wma"          =>      "audio/x-ms-wma",
923
  ".wax"          =>      "audio/x-ms-wax",
924
  ".ogg"          =>      "audio/x-wav",
925
  ".wav"          =>      "audio/x-wav",
926
  ".gif"          =>      "image/gif",
927
  ".jpg"          =>      "image/jpeg",
928
  ".jpeg"         =>      "image/jpeg",
929
  ".png"          =>      "image/png",
930
  ".xbm"          =>      "image/x-xbitmap",
931
  ".xpm"          =>      "image/x-xpixmap",
932
  ".xwd"          =>      "image/x-xwindowdump",
933
  ".css"          =>      "text/css",
934
  ".html"         =>      "text/html",
935
  ".htm"          =>      "text/html",
936
  ".js"           =>      "text/javascript",
937
  ".asc"          =>      "text/plain",
938
  ".c"            =>      "text/plain",
939
  ".conf"         =>      "text/plain",
940
  ".text"         =>      "text/plain",
941
  ".txt"          =>      "text/plain",
942
  ".dtd"          =>      "text/xml",
943
  ".xml"          =>      "text/xml",
944
  ".mpeg"         =>      "video/mpeg",
945
  ".mpg"          =>      "video/mpeg",
946
  ".mov"          =>      "video/quicktime",
947
  ".qt"           =>      "video/quicktime",
948
  ".avi"          =>      "video/x-msvideo",
949
  ".asf"          =>      "video/x-ms-asf",
950
  ".asx"          =>      "video/x-ms-asf",
951
  ".wmv"          =>      "video/x-ms-wmv",
952
  ".bz2"          =>      "application/x-bzip",
953
  ".tbz"          =>      "application/x-bzip-compressed-tar",
954
  ".tar.bz2"      =>      "application/x-bzip-compressed-tar"
955
 )
956
957
# Use the "Content-Type" extended attribute to obtain mime type if possible
958
#mimetypes.use-xattr        = "enable"
959
960
#### accesslog module
961 6a019c11 Scott Ullrich
#accesslog.filename          = "/dev/null"
962 a632cf43 Scott Ullrich
963
## deny access the file-extensions
964
#
965
# ~    is for backupfiles from vi, emacs, joe, ...
966
# .inc is often used for code includes which should in general not be part
967
#      of the document-root
968
url.access-deny             = ( "~", ".inc" )
969
970
971
######### Options that are good to be but not neccesary to be changed #######
972
973
## bind to port (default: 80)
974 28cae949 Scott Ullrich
server.port                = {$lighty_port}
975 a632cf43 Scott Ullrich
976
## error-handler for status 404
977
#server.error-handler-404   = "/error-handler.html"
978
#server.error-handler-404   = "/error-handler.php"
979
980
## to help the rc.scripts
981
server.pid-file            = "/var/run/{$pid_file}"
982
983
## virtual directory listings
984 28cae949 Scott Ullrich
server.dir-listing         = "disable"
985 a632cf43 Scott Ullrich
986
## enable debugging
987 28cae949 Scott Ullrich
debug.log-request-header   = "disable"
988
debug.log-response-header  = "disable"
989
debug.log-request-handling = "disable"
990
debug.log-file-not-found   = "disable"
991 a632cf43 Scott Ullrich
992 570ef08c sullrich
# gzip compression
993 6955830f Ermal Lu?i
compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
994 570ef08c sullrich
compress.filetype  = ("text/plain","text/css", "text/xml", "text/javascript" )
995
996 3306a341 Scott Ullrich
{$server_upload_dirs}
997 1ef7b568 Scott Ullrich
998 a6e8af9c Scott Ullrich
{$server_max_request_size}
999 ee959dc4 Scott Ullrich
1000 4edb490d Scott Ullrich
{$fastcgi_config}
1001
1002
{$cgi_config}
1003 a632cf43 Scott Ullrich
1004 b0bdc06e Scott Ullrich
{$captive_portal_mod_evasive}
1005
1006 569f47e9 Scott Ullrich
expire.url = (
1007 05a5e5c5 Scott Ullrich
				"" => "access 50 hours",	
1008 569f47e9 Scott Ullrich
        )
1009
1010 a632cf43 Scott Ullrich
EOD;
1011
1012 7aae518a Scott Ullrich
	$cert = str_replace("\r", "", $cert);
1013 333f8ef0 Scott Ullrich
	$key = str_replace("\r", "", $key);
1014 2cf6ddcb Nigel Graham
	$ca = str_replace("\r", "", $ca);
1015 7aae518a Scott Ullrich
1016
	$cert = str_replace("\n\n", "\n", $cert);
1017 333f8ef0 Scott Ullrich
	$key = str_replace("\n\n", "\n", $key);
1018 2cf6ddcb Nigel Graham
	$ca = str_replace("\n\n", "\n", $ca);
1019 7aae518a Scott Ullrich
1020 a632cf43 Scott Ullrich
	if($cert <> "" and $key <> "") {
1021 3a66b621 Scott Ullrich
		$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1022 5b237745 Scott Ullrich
		if (!$fd) {
1023
			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1024
			return 1;
1025
		}
1026 3a66b621 Scott Ullrich
		chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1027 5b237745 Scott Ullrich
		fwrite($fd, $cert);
1028
		fwrite($fd, "\n");
1029
		fwrite($fd, $key);
1030
		fclose($fd);
1031 546f30ca jim-p
		if(!(empty($ca) || (strlen(trim($ca)) == 0))) {
1032 2cf6ddcb Nigel Graham
			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1033
			if (!$fd) {
1034
				printf("Error: cannot open ca.pem in system_webgui_start().\n");
1035
				return 1;
1036
			}
1037
			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1038
			fwrite($fd, $ca);
1039
			fclose($fd);
1040
		}
1041 5e041d5f Scott Ullrich
		$lighty_config .= "\n";
1042 9f0cbb16 Scott Ullrich
		$lighty_config .= "## ssl configuration\n";
1043 a632cf43 Scott Ullrich
		$lighty_config .= "ssl.engine = \"enable\"\n";
1044 333f8ef0 Scott Ullrich
		$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1045 673ee7b1 Scott Ullrich
1046
		// Harden SSL a bit for PCI conformance testing
1047
		$lighty_config .= "ssl.use-sslv2 = \"disable\"\n";
1048
		$lighty_config .= "ssl.cipher-list = \"TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH\"\n";
1049
1050 75e9ed89 jim-p
		if(!(empty($ca) || (strlen(trim($ca)) == 0)))
1051 2cf6ddcb Nigel Graham
			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1052 5b237745 Scott Ullrich
	}
1053 a978a0ff Chris Buechler
1054
	// Add HTTP to HTTPS redirect	
1055
	if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1056 7921e8e5 Chris Buechler
		if($lighty_port != "443") 
1057
			$redirectport = ":{$lighty_port}";
1058 d7e230ae Chris Buechler
		$lighty_config .= <<<EOD
1059
\$SERVER["socket"] == ":80" {
1060
	\$HTTP["host"] =~ "(.*)" {
1061 7921e8e5 Chris Buechler
		url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1062 d7e230ae Chris Buechler
	}
1063
}
1064
EOD;
1065
	}
1066 0f282d7a Scott Ullrich
1067 4f3756f3 Scott Ullrich
	$fd = fopen("{$filename}", "w");
1068 a632cf43 Scott Ullrich
	if (!$fd) {
1069 4f3756f3 Scott Ullrich
		printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1070 a632cf43 Scott Ullrich
		return 1;
1071 5b237745 Scott Ullrich
	}
1072 a632cf43 Scott Ullrich
	fwrite($fd, $lighty_config);
1073
	fclose($fd);
1074
1075
	return 0;
1076 0f282d7a Scott Ullrich
1077 5b237745 Scott Ullrich
}
1078
1079
function system_timezone_configure() {
1080 f19d3b7a Scott Ullrich
	global $config, $g;
1081 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1082
		$mt = microtime();
1083 dcf0598e Scott Ullrich
		echo "system_timezone_configure() being called $mt\n";
1084 333f8ef0 Scott Ullrich
	}
1085 5b237745 Scott Ullrich
1086
	$syscfg = $config['system'];
1087
1088
	if ($g['booting'])
1089 f05740c1 Scott Ullrich
		echo "Setting timezone...";
1090 5b237745 Scott Ullrich
1091
	/* extract appropriate timezone file */
1092
	$timezone = $syscfg['timezone'];
1093
	if (!$timezone)
1094
		$timezone = "Etc/UTC";
1095 0f282d7a Scott Ullrich
1096 34febcde Scott Ullrich
	conf_mount_rw();
1097
1098 029d1a71 Scott Ullrich
	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1099 5b237745 Scott Ullrich
		escapeshellarg($timezone) . " > /etc/localtime");
1100
1101 4efd4885 Scott Ullrich
	mwexec("sync");
1102 27150275 Scott Ullrich
	conf_mount_ro();
1103 34febcde Scott Ullrich
1104 5b237745 Scott Ullrich
	if ($g['booting'])
1105 5c6d0f65 Colin Smith
		echo "done.\n";
1106 5b237745 Scott Ullrich
}
1107
1108
function system_ntp_configure() {
1109 f19d3b7a Scott Ullrich
	global $config, $g;
1110 5b237745 Scott Ullrich
1111 b2305621 Ermal
	$ntpcfg = "# \n";
1112
	$ntpcfg .= "# pfSense OpenNTPD configuration file \n";
1113
	$ntpcfg .= "# \n\n";
1114 0f282d7a Scott Ullrich
1115 20b90e0a Scott Ullrich
	/* foreach through servers and write out to ntpd.conf */
1116 b2305621 Ermal
	foreach (explode(' ', $config['system']['timeservers']) as $ts)
1117
		$ntpcfg .= "servers {$ts}\n";
1118 0f282d7a Scott Ullrich
1119 5b6210e3 Bill Marquette
	/* Setup listener(s) if the user has configured one */
1120 67ee1ec5 Ermal Luçi
        if ($config['installedpackages']['openntpd']) {
1121
    		/* server config is in coregui1 */
1122 5b6210e3 Bill Marquette
		$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1123
		if ($xmlsettings['enable'] == 'on') {
1124
			$ifaces = explode(',', $xmlsettings['interface']);
1125 7401c8c4 jim-p
			$ips = array();
1126
			foreach ($ifaces as $if) {
1127
				if (is_ipaddr($if)) {
1128
					$ips[] = $if;
1129
				} else {
1130
					$if = get_real_interface($if);
1131
					if (does_interface_exist($if))
1132
						$ips[] = find_interface_ip($if);
1133
				}
1134
			}
1135 5b6210e3 Bill Marquette
			foreach ($ips as $ip) {
1136 5e041d5f Scott Ullrich
				if (is_ipaddr($ip))
1137 5b64e336 jim-p
					$ntpcfg .= "listen on $ip\n";
1138 5b6210e3 Bill Marquette
			}
1139 95594e5a Scott Ullrich
		}
1140
	}
1141 5b64e336 jim-p
	$ntpcfg .= "\n";
1142 95594e5a Scott Ullrich
1143 b2305621 Ermal
	/* open configuration for wrting or bail */
1144
	$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1145
	if(!$fd) {
1146
		log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1147
		return;
1148
	}
1149
	fwrite($fd, $ntpcfg);
1150 0f282d7a Scott Ullrich
1151 20b90e0a Scott Ullrich
	/* slurp! */
1152
	fclose($fd);
1153
1154
	/* if openntpd is running, kill it */
1155 5f3e1f12 Scott Ullrich
	while(is_process_running("ntpd")) {
1156 c8960970 Ermal
		killbyname("ntpd");
1157 5f3e1f12 Scott Ullrich
	}
1158
1159
	/* if /var/empty does not exist, create it */
1160
	if(!is_dir("/var/empty"))
1161
		exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1162
1163 20b90e0a Scott Ullrich
	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1164 9281c9c6 jim-p
	mwexec_bg("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1165 83eb4567 Scott Ullrich
	
1166
	// Note that we are starting up
1167 0b9d02f3 jim-p
	log_error("OpenNTPD is starting up.");
1168 0f282d7a Scott Ullrich
1169 5b237745 Scott Ullrich
}
1170
1171 652cf082 Seth Mos
function sync_system_time() {
1172
	global $config, $g;
1173
1174
	if ($g['booting'])
1175 4582b281 Scott Ullrich
		echo "Syncing system time before startup...";
1176 652cf082 Seth Mos
1177
	/* foreach through servers and write out to ntpd.conf */
1178 b2305621 Ermal
	foreach (explode(' ', $config['system']['timeservers']) as $ts) {
1179 652cf082 Seth Mos
		mwexec("/usr/sbin/ntpdate -s $ts");
1180
	}
1181 4582b281 Scott Ullrich
	
1182
	if ($g['booting'])
1183
		echo "done.\n";
1184
	
1185 652cf082 Seth Mos
}
1186
1187 405e5de0 Scott Ullrich
function system_halt() {
1188
	global $g;
1189
1190
	system_reboot_cleanup();
1191
1192 523855b0 Scott Ullrich
	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1193 405e5de0 Scott Ullrich
}
1194
1195 5b237745 Scott Ullrich
function system_reboot() {
1196
	global $g;
1197 0f282d7a Scott Ullrich
1198 5b237745 Scott Ullrich
	system_reboot_cleanup();
1199 0f282d7a Scott Ullrich
1200 5b237745 Scott Ullrich
	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1201
}
1202
1203
function system_reboot_sync() {
1204
	global $g;
1205 0f282d7a Scott Ullrich
1206 5b237745 Scott Ullrich
	system_reboot_cleanup();
1207 0f282d7a Scott Ullrich
1208 5b237745 Scott Ullrich
	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1209
}
1210
1211
function system_reboot_cleanup() {
1212 97d4e30b Seth Mos
	mwexec("/usr/local/bin/beep.sh stop");
1213 04967d99 jim-p
	require_once("captiveportal.inc");
1214 5b237745 Scott Ullrich
	captiveportal_radius_stop_all();
1215 336e3c1c Charlie
	require_once("voucher.inc");
1216
	voucher_save_db_to_config();
1217 3e8fad13 jim-p
	mwexec("/etc/rc.stop_packages");
1218 5b237745 Scott Ullrich
}
1219
1220
function system_do_shell_commands($early = 0) {
1221 f19d3b7a Scott Ullrich
	global $config, $g;
1222 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1223
		$mt = microtime();
1224 dcf0598e Scott Ullrich
		echo "system_do_shell_commands() being called $mt\n";
1225 58c7450e Scott Ullrich
	}
1226 0f282d7a Scott Ullrich
1227 5b237745 Scott Ullrich
	if ($early)
1228
		$cmdn = "earlyshellcmd";
1229
	else
1230
		$cmdn = "shellcmd";
1231 0f282d7a Scott Ullrich
1232 5b237745 Scott Ullrich
	if (is_array($config['system'][$cmdn])) {
1233 333f8ef0 Scott Ullrich
1234 245388b4 Scott Ullrich
		/* *cmd is an array, loop through */
1235 5b237745 Scott Ullrich
		foreach ($config['system'][$cmdn] as $cmd) {
1236
			exec($cmd);
1237
		}
1238 245388b4 Scott Ullrich
1239
	} elseif($config['system'][$cmdn] <> "") {
1240 333f8ef0 Scott Ullrich
1241 245388b4 Scott Ullrich
		/* execute single item */
1242
		exec($config['system'][$cmdn]);
1243
1244 5b237745 Scott Ullrich
	}
1245
}
1246
1247
function system_console_configure() {
1248 f19d3b7a Scott Ullrich
	global $config, $g;
1249 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1250
		$mt = microtime();
1251 dcf0598e Scott Ullrich
		echo "system_console_configure() being called $mt\n";
1252 333f8ef0 Scott Ullrich
	}
1253 0f282d7a Scott Ullrich
1254 5b237745 Scott Ullrich
	if (isset($config['system']['disableconsolemenu'])) {
1255
		touch("{$g['varetc_path']}/disableconsole");
1256
	} else {
1257
		unlink_if_exists("{$g['varetc_path']}/disableconsole");
1258
	}
1259
}
1260
1261
function system_dmesg_save() {
1262 f19d3b7a Scott Ullrich
	global $g;
1263 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1264
		$mt = microtime();
1265 dcf0598e Scott Ullrich
		echo "system_dmesg_save() being called $mt\n";
1266 f19d3b7a Scott Ullrich
	}
1267 0f282d7a Scott Ullrich
1268 767a716e Scott Ullrich
	$dmesg = "";
1269 5b237745 Scott Ullrich
	exec("/sbin/dmesg", $dmesg);
1270 0f282d7a Scott Ullrich
1271 5b237745 Scott Ullrich
	/* find last copyright line (output from previous boots may be present) */
1272
	$lastcpline = 0;
1273 0f282d7a Scott Ullrich
1274 5b237745 Scott Ullrich
	for ($i = 0; $i < count($dmesg); $i++) {
1275
		if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1276
			$lastcpline = $i;
1277
	}
1278 0f282d7a Scott Ullrich
1279 5b237745 Scott Ullrich
	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1280
	if (!$fd) {
1281
		printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1282
		return 1;
1283
	}
1284 0f282d7a Scott Ullrich
1285 5b237745 Scott Ullrich
	for ($i = $lastcpline; $i < count($dmesg); $i++)
1286
		fwrite($fd, $dmesg[$i] . "\n");
1287 0f282d7a Scott Ullrich
1288 5b237745 Scott Ullrich
	fclose($fd);
1289 0f282d7a Scott Ullrich
1290 5b237745 Scott Ullrich
	return 0;
1291
}
1292
1293
function system_set_harddisk_standby() {
1294 f19d3b7a Scott Ullrich
	global $g, $config;
1295 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1296
		$mt = microtime();
1297 dcf0598e Scott Ullrich
		echo "system_set_harddisk_standby() being called $mt\n";
1298 58c7450e Scott Ullrich
	}
1299 5b237745 Scott Ullrich
1300
	if (isset($config['system']['harddiskstandby'])) {
1301
		if ($g['booting']) {
1302 5c6d0f65 Colin Smith
			echo 'Setting hard disk standby... ';
1303 5b237745 Scott Ullrich
		}
1304
1305
		$standby = $config['system']['harddiskstandby'];
1306
		// Check for a numeric value
1307
		if (is_numeric($standby)) {
1308
			// Sync the disk(s)
1309 5ba5a8de Scott Ullrich
			pfSense_sync();
1310 5b237745 Scott Ullrich
			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1311
				// Reinitialize ATA-drives
1312
				mwexec('/usr/local/sbin/atareinit');
1313
				if ($g['booting']) {
1314 5c6d0f65 Colin Smith
					echo "done.\n";
1315 5b237745 Scott Ullrich
				}
1316
			} else if ($g['booting']) {
1317 5c6d0f65 Colin Smith
				echo "failed!\n";
1318 5b237745 Scott Ullrich
			}
1319
		} else if ($g['booting']) {
1320 5c6d0f65 Colin Smith
			echo "failed!\n";
1321 5b237745 Scott Ullrich
		}
1322
	}
1323
}
1324
1325 3ff9d424 Scott Ullrich
function system_setup_sysctl() {
1326 f19d3b7a Scott Ullrich
	global $config;
1327 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1328
		$mt = microtime();
1329 dcf0598e Scott Ullrich
		echo "system_setup_sysctl() being called $mt\n";
1330 58c7450e Scott Ullrich
	}
1331 243aa7b9 Scott Ullrich
1332 6df9d7e3 Scott Ullrich
	activate_sysctls();	
1333
1334 243aa7b9 Scott Ullrich
	if (isset($config['system']['sharednet'])) {
1335
		system_disable_arp_wrong_if();
1336
	}
1337
}
1338
1339
function system_disable_arp_wrong_if() {
1340 f19d3b7a Scott Ullrich
	global $config;
1341 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1342
		$mt = microtime();
1343 dcf0598e Scott Ullrich
		echo "system_disable_arp_wrong_if() being called $mt\n";
1344 333f8ef0 Scott Ullrich
	}
1345 6cb438cf Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1346 89f4b6a3 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1347 3ff9d424 Scott Ullrich
}
1348
1349 243aa7b9 Scott Ullrich
function system_enable_arp_wrong_if() {
1350 f19d3b7a Scott Ullrich
	global $config;
1351 58c7450e Scott Ullrich
	if(isset($config['system']['developerspew'])) {
1352
		$mt = microtime();
1353 dcf0598e Scott Ullrich
		echo "system_enable_arp_wrong_if() being called $mt\n";
1354 58c7450e Scott Ullrich
	}
1355 243aa7b9 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1356 89f4b6a3 Scott Ullrich
	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1357 243aa7b9 Scott Ullrich
}
1358
1359 a199b93e Scott Ullrich
function enable_watchdog() {
1360
	global $config;
1361 1a479479 Scott Ullrich
	return;
1362 a199b93e Scott Ullrich
	$install_watchdog = false;
1363
	$supported_watchdogs = array("Geode");
1364
	$file = file_get_contents("/var/log/dmesg.boot");
1365
	foreach($supported_watchdogs as $sd) {
1366
		if(stristr($file, "Geode")) {
1367
			$install_watchdog = true;
1368
		}
1369
	}
1370
	if($install_watchdog == true) {
1371 2e44fb05 Scott Ullrich
		if(is_process_running("watchdogd"))
1372 e0b4e47f Seth Mos
			mwexec("/usr/bin/killall watchdogd", true);
1373 333f8ef0 Scott Ullrich
		exec("/usr/sbin/watchdogd");
1374 a199b93e Scott Ullrich
	}
1375
}
1376 15f14889 Scott Ullrich
1377
function system_check_reset_button() {
1378 fa83737d Scott Ullrich
	global $g;
1379 223ef06a Scott Ullrich
	if($g['platform'] != "nanobsd")
1380 fa83737d Scott Ullrich
		return 0;
1381 15f14889 Scott Ullrich
1382 31c9379c Scott Ullrich
	$specplatform = system_identify_specific_platform();
1383
1384 15f14889 Scott Ullrich
	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1385
		return 0;
1386
1387
	$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1388
1389
	if ($retval == 99) {
1390
		/* user has pressed reset button for 2 seconds - 
1391
		   reset to factory defaults */
1392
		echo <<<EOD
1393
1394
***********************************************************************
1395
* Reset button pressed - resetting configuration to factory defaults. *
1396
* The system will reboot after this completes.                        *
1397
***********************************************************************
1398
1399
1400
EOD;
1401
		
1402
		reset_factory_defaults();
1403
		system_reboot_sync();
1404
		exit(0);
1405
	}
1406
1407
	return 0;
1408
}
1409
1410 31c9379c Scott Ullrich
/* attempt to identify the specific platform (for embedded systems)
1411
   Returns an array with two elements:
1412
	name => platform string (e.g. 'wrap', 'alix' etc.)
1413
	descr => human-readable description (e.g. "PC Engines WRAP")
1414
*/
1415
function system_identify_specific_platform() {
1416
	global $g;
1417
	
1418
	if ($g['platform'] == 'generic-pc')
1419
		return array('name' => 'generic-pc', 'descr' => "Generic PC");
1420
	
1421
	if ($g['platform'] == 'generic-pc-cdrom')
1422
		return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1423
	
1424
	/* the rest of the code only deals with 'embedded' platforms */
1425 1a2911a7 Scott Ullrich
	if ($g['platform'] != 'nanobsd')
1426 31c9379c Scott Ullrich
		return array('name' => $g['platform'], 'descr' => $g['platform']);
1427
	
1428
	$dmesg = system_get_dmesg_boot();
1429
	
1430
	if (strpos($dmesg, "PC Engines WRAP") !== false)
1431
		return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1432
	
1433
	if (strpos($dmesg, "PC Engines ALIX") !== false)
1434
		return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1435
1436
	if (preg_match("/Soekris net45../", $dmesg, $matches))
1437
		return array('name' => 'net45xx', 'descr' => $matches[0]);
1438
	
1439
	if (preg_match("/Soekris net48../", $dmesg, $matches))
1440
		return array('name' => 'net48xx', 'descr' => $matches[0]);
1441
		
1442
	if (preg_match("/Soekris net55../", $dmesg, $matches))
1443
		return array('name' => 'net55xx', 'descr' => $matches[0]);
1444
	
1445
	/* unknown embedded platform */
1446
	return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1447
}
1448
1449
function system_get_dmesg_boot() {
1450
	global $g;
1451 d16af75d Scott Ullrich
		
1452 31c9379c Scott Ullrich
	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1453
}
1454
1455 18d4d360 jim-p
function get_possible_listen_ips() {
1456 7401c8c4 jim-p
	$interfaces = get_configured_interface_with_descr();
1457
	$carplist = get_configured_carp_interface_list();
1458
	$listenips = array();
1459
	foreach ($carplist as $cif => $carpip)
1460
		$interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")";
1461
	$aliaslist = get_configured_ip_aliases_list();
1462
	foreach ($aliaslist as $aliasip => $aliasif)
1463
		$interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
1464
	foreach ($interfaces as $iface => $ifacename) {
1465
		$tmp["name"]  = $ifacename;
1466
		$tmp["value"] = $iface;
1467
		$listenips[] = $tmp;
1468
	}
1469
	$tmp["name"]  = "Localhost";
1470
	$tmp["value"] = "lo0";
1471
	$listenips[] = $tmp;
1472
	return $listenips;
1473
}
1474 8d2a614b Ermal
?>