/etc/inc/globals.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/globals.inc @ 986e77a2

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	9ba87997	Phil Davis	globals.inc
5			part of pfSense (https://www.pfsense.org)
6			Copyright (C) 2004-2010 Scott Ullrich
7
8			Originally Part of m0n0wall
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11
12			Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14
15			1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17
18			2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21
22			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	523855b0	Scott Ullrich
33			pfSense_MODULE: utils
34
35	5b237745	Scott Ullrich	*/
36
37	8346b5c4	jim-p	global $g;
38	5b237745	Scott Ullrich	$g = array(
39	9ba87997	Phil Davis	"base_packages" => "siproxd",
40	0ae6daf8	Ermal	"event_address" => "unix:///var/run/check_reload_status",
41	4b96b367	mgrooms	"factory_shipped_username" => "admin",
42	46974905	Chris Buechler	"factory_shipped_password" => "pfsense",
43	1ef7b568	Scott Ullrich	"upload_path" => "/root",
44	e9e7d501	Matthew Grooms	"dhcpd_chroot_path" => "/var/dhcpd",
45	6671b7cd	Warren Baker	"unbound_chroot_path" => "/var/unbound",
46	e9e7d501	Matthew Grooms	"varrun_path" => "/var/run",
47			"varetc_path" => "/var/etc",
48			"vardb_path" => "/var/db",
49			"varlog_path" => "/var/log",
50			"etc_path" => "/etc",
51			"tmp_path" => "/tmp",
52			"conf_path" => "/conf",
53			"ftmp_path" => "/ftmp",
54			"conf_default_path" => "/conf.default",
55			"cf_path" => "/cf",
56			"cf_conf_path" => "/cf/conf",
57			"www_path" => "/usr/local/www",
58			"xml_rootobj" => "pfsense",
59			"admin_group" => "admins",
60	36d0358b	Scott Ullrich	"product_name" => "pfSense",
61	90a27e64	Chris Buechler	"product_copyright" => "Electric Sheep Fencing LLC",
62			"product_copyright_url" => "http://www.electricsheepfencing.com",
63	2bb93345	Tuyan Ozipek	"product_copyright_years" => "2004 - ".date("Y"),
64	73113ce9	Ermal Luci	"product_website" => "www.pfsense.org",
65	ef459eb7	Chris Buechler	"product_website_footer" => "https://www.pfsense.org/?gui22",
66	c57e9f90	Chris Buechler	"product_email" => "coreteam@pfsense.org",
67	3d7639eb	Scott Ullrich	"hideplatform" => false,
68	3ff39566	Scott Ullrich	"hidedownloadbackup" => false,
69	9beebb5e	Renato Botelho	"hidebackupbeforeupgrade" => false,
70	8b289232	Chris Buechler	"disablethemeselection" => false,
71	3b29612f	Chris Buechler	"disablehelpmenu" => false,
72	28181237	Renato Botelho	"disablehelpicon" => false,
73	36365f49	Scott Ullrich	"disablecrashreporter" => false,
74	f3109fac	Chris Buechler	"crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php",
75	e9e7d501	Matthew Grooms	"debug" => false,
76	877740ee	Renato Botelho	"latest_config" => "11.8",
77	e9e7d501	Matthew Grooms	"nopkg_platforms" => array("cdrom"),
78	67b0ed57	Chris Buechler	"minimum_ram_warning" => "101",
79	9f274393	Chris Buechler	"minimum_ram_warning_text" => "128 MB",
80	9ba87997	Phil Davis	"wan_interface_name" => "wan",
81	e9e7d501	Matthew Grooms	"nopccard_platforms" => array("wrap", "net48xx"),
82	4db99d5b	Chris Buechler	"xmlrpcbaseurl" => "https://packages.pfsense.org",
83	e9e7d501	Matthew Grooms	"captiveportal_path" => "/usr/local/captiveportal",
84			"captiveportal_element_path" => "/var/db/cpelements",
85	c2d0699f	Scott Ullrich	"captiveportal_element_sizelimit" => 1048576,
86	4db99d5b	Chris Buechler	"xmlrpcpath" => "/xmlrpc.php",
87	e9e7d501	Matthew Grooms	"embeddedbootupslice" => "/dev/ad0a",
88	e3a13b00	Scott Ullrich	"services_dhcp_server_enable" => true,
89	8c62fa48	jim-p	"wireless_regex" => "/^(ndis\|wi\|ath\|an\|ral\|ural\|iwi\|wlan\|rum\|run\|bwn\|zyd\|mwl\|bwi\|ipw\|iwn\|malo\|uath\|upgt\|urtw\|wpi)/",
90	462c4a27	jim-p	"help_base_url" => "/help.php"
91	5b237745	Scott Ullrich	);
92
93	a03e3c1f	Bill Marquette	/* IP TOS flags */
94	ec6adc21	Bill Marquette	$iptos = array("lowdelay", "throughput", "reliability");
95	a03e3c1f	Bill Marquette
96			/* TCP flags */
97	79cc9e6b	bcyrill	$tcpflags = array("syn", "ack", "fin", "rst", "psh", "urg", "ece", "cwr");
98	a03e3c1f	Bill Marquette
99	9ba87997	Phil Davis	if (file_exists("/etc/platform")) {
100	9a7f6731	Ermal	$arch = php_uname("m");
101	f5b23288	Renato Botelho	$current_version = trim(file_get_contents("{$g['etc_path']}/version"));
102	9633e518	jim-p
103	f5b23288	Renato Botelho	if (strstr($current_version, "-RELEASE")) {
104			/* This is only necessary for RELEASE */
105			$arch = ($arch == "i386") ? "" : '/' . $arch;
106			/* Full installs and NanoBSD use the same update directory and manifest in 2.x */
107			$g['update_url']="https://updates.pfsense.org/_updaters{$arch}";
108			$g['update_manifest']="https://updates.pfsense.org/manifest";
109			} else {
110			/* Full installs and NanoBSD use the same update directory and manifest in 2.x */
111			$g['update_url']="https://snapshots.pfsense.org/FreeBSD_releng/10.1/{$arch}/pfSense_HEAD/.updaters/";
112			$g['update_manifest']="https://updates.pfSense.org/manifest";
113			}
114	9633e518	jim-p
115	03cc2016	Erik	$g['platform'] = trim(file_get_contents("/etc/platform"));
116	9ba87997	Phil Davis	if ($g['platform'] == "nanobsd") {
117	b4a9785a	jim-p	$g['firmware_update_text']="pfSense-*.img.gz";
118	9beebb5e	Renato Botelho	$g['hidedownloadbackup'] = true;
119			$g['hidebackupbeforeupgrade'] = true;
120	fdcd8ac7	jim-p
121	aadf2c9f	Scott Ullrich	} else {
122	b4a9785a	jim-p	$g['firmware_update_text']="pfSense-*.tgz";
123	aadf2c9f	Scott Ullrich	}
124	b24a7390	Scott Ullrich	}
125
126	3a35f55f	Scott Ullrich	/* Default sysctls */
127	9ba87997	Phil Davis	$sysctls = array("net.inet.ip.portrange.first" => "1024",
128			"net.inet.tcp.blackhole" => "2",
129			"net.inet.udp.blackhole" => "1",
130			"net.inet.ip.random_id" => "1",
131			"net.inet.tcp.drop_synfin" => "1",
132			"net.inet.ip.redirect" => "1",
133			"net.inet6.ip6.redirect" => "1",
134	20a3b436	Renato Botelho	"net.inet6.ip6.use_tempaddr" => "0",
135			"net.inet6.ip6.prefer_tempaddr" => "0",
136	9ba87997	Phil Davis	"net.inet.tcp.syncookies" => "1",
137			"net.inet.tcp.recvspace" => "65228",
138			"net.inet.tcp.sendspace" => "65228",
139			"net.inet.ip.fastforwarding" => "0",
140			"net.inet.tcp.delayed_ack" => "0",
141			"net.inet.udp.maxdgram" => "57344",
142			"net.link.bridge.pfil_onlyip" => "0",
143			"net.link.bridge.pfil_member" => "1",
144			"net.link.bridge.pfil_bridge" => "0",
145			"net.link.tap.user_open" => "1",
146			"kern.randompid" => "347",
147			"net.inet.ip.intr_queue_maxlen" => "1000",
148			"hw.syscons.kbd_reboot" => "0",
149			"net.inet.tcp.log_debug" => "0",
150			"net.inet.tcp.tso" => "1",
151	feae85bc	Scott Ullrich	"net.inet.icmp.icmplim" => "0",
152	abe7607f	Scott Ullrich	"vfs.read_max" => "32",
153	2b7ca9b2	Ermal	"kern.ipc.maxsockbuf" => "4262144",
154	d8e73863	Ermal	"debug.pfftpproxy" => "0",
155	c06240db	Ermal	"net.inet.ip.process_options" => 0,
156	b2b002cd	Ermal	"kern.random.sys.harvest.interrupt" => 0,
157			"kern.random.sys.harvest.point_to_point" => 0,
158	f06ce79d	Ermal	"kern.random.sys.harvest.ethernet" => 0,
159	7d8b75ab	Ermal	"net.route.netisr_maxqlen" => 1024,
160	a3a1b24e	Ermal	"net.inet.udp.checksum" => 1,
161	415b71f1	Ermal	"net.bpf.zerocopy_enable" => 1,
162	2f5488df	Ermal	"net.inet.icmp.reply_from_interface" => 1,
163	c46f9695	Ermal	"vfs.forcesync" => "0",
164	ec5753e7	Ermal LUÇI	"net.inet6.ip6.rfc6204w3" => 1,
165	c46f9695	Ermal	"net.enc.out.ipsec_bpf_mask" => "0x0001",
166			"net.enc.out.ipsec_filter_mask" => "0x0001",
167			"net.enc.in.ipsec_bpf_mask" => "0x0002",
168	24ad8e26	jim-p	"net.enc.in.ipsec_filter_mask" => "0x0002",
169	62dc93d1	Chris Buechler	"net.key.preferred_oldsa" => "0",
170	1dbe220c	jim-p	"net.inet.carp.senderr_demotion_factor" => 0, /* Do not demote CARP for interface send errors */
171			"net.pfsync.carp_demotion_factor" => 0 /* Do not demote CARP for pfsync errors */
172	feae85bc	Scott Ullrich	);
173	3a35f55f	Scott Ullrich
174	8346b5c4	jim-p	/* Include override values for the above if needed. If the file doesn't exist, don't try to load it. */
175	9ba87997	Phil Davis	if (file_exists("/etc/inc/globals_override.inc")) {
176	8346b5c4	jim-p	@include("globals_override.inc");
177	9ba87997	Phil Davis	}
178	8346b5c4	jim-p
179	16d6c1df	Renato Botelho	function platform_booting($on_console = false) {
180	285ef132	Ermal LUÇI	global $g;
181
182	9ba87997	Phil Davis	if ($g['booting'] \|\| file_exists("{$g['varrun_path']}/booting")) {
183			if ($on_console == false \|\| php_sapi_name() != 'fpm-fcgi') {
184	16d6c1df	Renato Botelho	return true;
185	9ba87997	Phil Davis	}
186			}
187	285ef132	Ermal LUÇI
188			return false;
189			}
190	b8d09280	Ermal LUÇI
191	9ba87997	Phil Davis	if (file_exists("{$g['cf_conf_path']}/enableserial_force")) {
192	719db60e	Ermal LUÇI	$g['enableserial_force'] = true;
193	9ba87997	Phil Davis	}
194	719db60e	Ermal LUÇI
195	1883455a	Ermal	$config_parsed = false;
196	9734b054	Scott Ullrich
197	2b7ca9b2	Ermal	?>

Project

General

Profile

pfSense