/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ 9b0c4cd7

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34	0f282d7a	Scott Ullrich
35	adf4b768	Scott Ullrich	function opcode_cache_configuration() {
36	4184c024	Scott Ullrich	global $g;
37			if($g['platform'] == "cdrom")
38			return;
39	e9624a0a	Scott Ullrich
40	adf4b768	Scott Ullrich	/* get system memory amount */
41			$memory = get_memory();
42			$avail = $memory[0];
43
44			/* disable apc for platforms less than 90 megs of ram */
45			if($memory > 90) {
46			$opcode_cacher = "extension=apc.so\n";
47			$opcode_cacher .= "apc.enabled=\"1\"\n";
48			$opcode_cacher .= "apc.enable_cli=\"1\"\n";
49	5b4a9528	Scott Ullrich	$opcode_cacher .= "apc.shm_size=\"8\"\n";
50	adf4b768	Scott Ullrich	} else {
51			$opcode_cacher = "";
52			}
53
54			/* create a php.ini variable */
55			$php_conf = file_get_contents("/usr/local/lib/php.ini");
56
57			$php_ini = <<<EOFF
58			output_buffering = "0"
59			implicit_flush = true
60			magic_quotes_gpc = Off
61			max_execution_time = 99999999
62			max_input_time = 99999999
63	ec7f0db2	Seth Mos	memory_limit = 32M
64	adf4b768	Scott Ullrich	register_argc_argv = On
65			file_uploads = On
66	afd5cfd7	Scott Ullrich	extension_dir=/usr/local/lib/php/extensions/no-debug-non-zts-20020429/
67	adf4b768	Scott Ullrich	upload_tmp_dir = /tmp
68			upload_max_filesize = 100M
69			post_max_size = 100M
70			html_errors = Off
71			include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg"
72			extension=radius.so
73			{$opcode_cacher}
74
75			EOFF;
76
77	e9624a0a	Scott Ullrich	config_lock();
78	adf4b768	Scott Ullrich	conf_mount_rw();
79
80			/* open up php.ini and write back out contents */
81			$fd = fopen("/usr/local/lib/php.ini","w");
82			fwrite($fd, $php_ini);
83			fclose($fd);
84
85	eb5814ae	Scott Ullrich	mwexec("sync");
86	adf4b768	Scott Ullrich	conf_mount_ro();
87	e9624a0a	Scott Ullrich	exec("sync");
88			config_unlock();
89	adf4b768	Scott Ullrich	}
90
91	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
92	f19d3b7a	Scott Ullrich	global $config, $g;
93	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
94			$mt = microtime();
95	dcf0598e	Scott Ullrich	echo "system_resolvconf_generate() being called $mt\n";
96	333f8ef0	Scott Ullrich	}
97	ef217c69	Scott Ullrich
98			$syscfg = $config['system'];
99
100			$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
101			if (!$fd) {
102			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
103			return 1;
104			}
105
106			$resolvconf = "domain {$syscfg['domain']}\n";
107
108			$havedns = false;
109
110			if (isset($syscfg['dnsallowoverride'])) {
111			/* get dynamically assigned DNS servers (if any) */
112	5c83df30	Scott Ullrich	$ns = array_unique(get_nameservers());
113	3d00ccaa	Scott Ullrich	foreach($ns as $nameserver) {
114	e428c94d	Scott Ullrich	if($nameserver) {
115			$resolvconf .= "nameserver $nameserver\n";
116			$havedns = true;
117			}
118	3d00ccaa	Scott Ullrich	}
119	ef217c69	Scott Ullrich	}
120			if (!$havedns && is_array($syscfg['dnsserver'])) {
121			foreach ($syscfg['dnsserver'] as $ns) {
122	e428c94d	Scott Ullrich	if ($ns) {
123	ef217c69	Scott Ullrich	$resolvconf .= "nameserver $ns\n";
124	e428c94d	Scott Ullrich	$havedns = true;
125			}
126	ef217c69	Scott Ullrich	}
127			}
128	0f282d7a	Scott Ullrich
129	ef217c69	Scott Ullrich	fwrite($fd, $resolvconf);
130			fclose($fd);
131	0f282d7a	Scott Ullrich
132	ef217c69	Scott Ullrich	if (!$g['booting']) {
133			/* restart dhcpd (nameservers may have changed) */
134			if (!$dynupdate)
135			services_dhcpd_configure();
136			}
137
138			return 0;
139	5b237745	Scott Ullrich	}
140
141	3d00ccaa	Scott Ullrich	function get_nameservers() {
142			global $config, $g;
143			$master_list = array();
144	cdd88d2f	Scott Ullrich	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
145	3d00ccaa	Scott Ullrich	foreach($dns_lists as $dns) {
146			$items = split("\n", file_get_contents($dns));
147			foreach($items as $item)
148			if($item <> "")
149			$master_list[] = $item;
150			}
151	9ee93e3d	Scott Ullrich	if(!file_exists("/var/etc/nameservers.conf"))
152			return $master_list;
153			$dns = `cat /var/etc/nameservers.conf`;
154			$dns_s = split("\n", $dns);
155	0dbac999	Scott Ullrich	if(is_array($dns_s))
156			foreach($dns_s as $dns)
157			$master_list[] = $dns;
158	3d00ccaa	Scott Ullrich	return $master_list;
159			}
160
161	5b237745	Scott Ullrich	function system_hosts_generate() {
162	f19d3b7a	Scott Ullrich	global $config, $g;
163	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
164			$mt = microtime();
165	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
166	f19d3b7a	Scott Ullrich	}
167	0f282d7a	Scott Ullrich
168	5b237745	Scott Ullrich	$syscfg = $config['system'];
169			$lancfg = $config['interfaces']['lan'];
170			$dnsmasqcfg = $config['dnsmasq'];
171
172			if (!is_array($dnsmasqcfg['hosts'])) {
173			$dnsmasqcfg['hosts'] = array();
174			}
175			$hostscfg = $dnsmasqcfg['hosts'];
176	0f282d7a	Scott Ullrich
177	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
178			if (!$fd) {
179	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
180	5b237745	Scott Ullrich	return 1;
181			}
182	0f282d7a	Scott Ullrich
183	5b237745	Scott Ullrich	$hosts = <<<EOD
184			127.0.0.1 localhost localhost.{$syscfg['domain']}
185			{$lancfg['ipaddr']} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
186
187			EOD;
188	0f282d7a	Scott Ullrich
189	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
190			if ($host['host'])
191			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
192			else
193			$hosts .= "{$host['ip']} {$host['domain']}\n";
194			}
195	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
196			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
197			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
198	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
199	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
200			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
201	a56e787d	Scott Ullrich	}
202	5b237745	Scott Ullrich	fwrite($fd, $hosts);
203			fclose($fd);
204	0f282d7a	Scott Ullrich
205	5b237745	Scott Ullrich	return 0;
206			}
207
208			function system_hostname_configure() {
209	f19d3b7a	Scott Ullrich	global $config, $g;
210	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
211			$mt = microtime();
212	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
213	333f8ef0	Scott Ullrich	}
214	0f282d7a	Scott Ullrich
215	5b237745	Scott Ullrich	$syscfg = $config['system'];
216	0f282d7a	Scott Ullrich
217	5b237745	Scott Ullrich	/* set hostname */
218			return mwexec("/bin/hostname " .
219			escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
220			}
221
222			function system_routing_configure() {
223	f19d3b7a	Scott Ullrich	global $config, $g;
224	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
225			$mt = microtime();
226	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
227	58c7450e	Scott Ullrich	}
228	333f8ef0	Scott Ullrich
229	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
230			if(isset($config['staticroutes']['enablefastrouting']))
231			mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
232
233	5b237745	Scott Ullrich	/* clear out old routes, if necessary */
234	6e867889	Seth Mos	exec("/usr/bin/netstat -rn", $route_arr, $retval);
235	da7c792a	Seth Mos	$route_str = implode("\n", $route_arr);
236
237	5b237745	Scott Ullrich	if (file_exists("{$g['vardb_path']}/routes.db")) {
238			$fd = fopen("{$g['vardb_path']}/routes.db", "r");
239			if (!$fd) {
240			printf("Error: cannot open routes DB file in system_routing_configure().\n");
241	0f282d7a	Scott Ullrich	return 1;
242	5b237745	Scott Ullrich	}
243			while (!feof($fd)) {
244	b0e48077	Seth Mos	$oldrt = trim(fgets($fd));
245	cfec5019	Seth Mos	if (($oldrt) && (stristr($route_str, $oldrt)))
246	5b237745	Scott Ullrich	mwexec("/sbin/route delete " . escapeshellarg($oldrt));
247			}
248			fclose($fd);
249			unlink("{$g['vardb_path']}/routes.db");
250			}
251	0f282d7a	Scott Ullrich
252	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
253	0f282d7a	Scott Ullrich
254	5b237745	Scott Ullrich	$fd = fopen("{$g['vardb_path']}/routes.db", "w");
255			if (!$fd) {
256			printf("Error: cannot open routes DB file in system_routing_configure().\n");
257	0f282d7a	Scott Ullrich	return 1;
258	5b237745	Scott Ullrich	}
259	0f282d7a	Scott Ullrich
260	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
261	fef3a8ef	Scott Ullrich	if(isset($rtent['interfacegateway'])) {
262			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
263	333f8ef0	Scott Ullrich	" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($rtent['interface'])));
264	fef3a8ef	Scott Ullrich	} else {
265			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
266			" " . escapeshellarg($rtent['gateway']));
267			}
268	5b237745	Scott Ullrich	/* record route so it can be easily removed later (if necessary) */
269			fwrite($fd, $rtent['network'] . "\n");
270			}
271	0f282d7a	Scott Ullrich
272			fclose($fd);
273	5b237745	Scott Ullrich	}
274	0f282d7a	Scott Ullrich
275	9b0c4cd7	Scott Ullrich	/* Make sure default gateway is present */
276			$result = `/usr/bin/netstat -rn \| grep default`;
277			if(!$result)
278			if($config['interfaces']['wan']['gateway'])
279			mwexec("/sbin/route add default " . escapeshellarg($config['interfaces']['wan']['gateway']));
280
281	5b237745	Scott Ullrich	return 0;
282			}
283
284			function system_routing_enable() {
285	f19d3b7a	Scott Ullrich	global $config, $g;
286	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
287			$mt = microtime();
288	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
289	58c7450e	Scott Ullrich	}
290	0f282d7a	Scott Ullrich
291	5b237745	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
292			}
293
294			function system_syslogd_start() {
295	f19d3b7a	Scott Ullrich	global $config, $g;
296	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
297			$mt = microtime();
298	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
299	58c7450e	Scott Ullrich	}
300	0f282d7a	Scott Ullrich
301	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
302
303	0f282d7a	Scott Ullrich	if ($g['booting'])
304	f05740c1	Scott Ullrich	echo "Starting syslog...";
305	5b237745	Scott Ullrich	else
306			killbypid("{$g['varrun_path']}/syslog.pid");
307	0f282d7a	Scott Ullrich
308	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
309	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
310	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
311			foreach($config['installedpackages']['package'] as $package) {
312	333f8ef0	Scott Ullrich	if($package['logging']) {
313	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
314	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
315	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
316			mwexec("clog -i -s 10000 {$g['varlog_path']}/{$package['logging']['logfilename']}");
317	d2834563	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t%{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
318	a728d2ea	Colin Smith	}
319			}
320			}
321	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
322	5b237745	Scott Ullrich	/* write syslog.conf */
323			$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
324			if (!$fd) {
325			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
326			return 1;
327			}
328	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
329	18330d38	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
330			$syslogconf .= <<<EOD
331			. %{$g['varlog_path']}/ntpd.log
332
333			EOD;
334			}
335	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
336	1cdec603	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
337	0260caec	Scott Ullrich	$syslogconf .= <<<EOD
338	bc7f52e2	Colin Smith	. %{$g['varlog_path']}/ipsec.log
339	0260caec	Scott Ullrich
340			EOD;
341			}
342			if (isset($syslogcfg['vpn'])) {
343			$syslogconf .= <<<EOD
344			. @{$syslogcfg['remoteserver']}
345
346			EOD;
347			}
348	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
349	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
350			$syslogconf .= <<<EOD
351			. %{$g['varlog_path']}/openvpn.log
352
353			EOD;
354			}
355			if (isset($syslogcfg['vpn'])) {
356			$syslogconf .= <<<EOD
357			. @{$syslogcfg['remoteserver']}
358
359			EOD;
360			}
361	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
362	0260caec	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging'])) {
363			$syslogconf .= <<<EOD
364	bc328042	Bill Marquette	local0.* %{$g['varlog_path']}/filter.log
365			local3.* %{$g['varlog_path']}/vpn.log
366			local4.* %{$g['varlog_path']}/portalauth.log
367			local7.* %{$g['varlog_path']}/dhcpd.log
368	d2834563	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; %{$g['varlog_path']}/system.log
369	f3b064aa	Scott Ullrich	news.err;local0.none;local3.none;local4.none; %{$g['varlog_path']}/system.log
370	7e77107f	Scott Ullrich	local7.none %{$g['varlog_path']}/system.log
371	bc328042	Bill Marquette	security.* %{$g['varlog_path']}/system.log
372			auth.info;authpriv.info;daemon.info %{$g['varlog_path']}/system.log
373	a5dba545	Scott Ullrich	local1.* %{$g['varlog_path']}/slbd.log
374	d2834563	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
375	5b237745	Scott Ullrich	.emerg
376
377			EOD;
378	e1c0c35a	Scott Ullrich	}
379	5b237745	Scott Ullrich
380			if (isset($syslogcfg['filter'])) {
381			$syslogconf .= <<<EOD
382			local0.* @{$syslogcfg['remoteserver']}
383
384			EOD;
385			}
386	0f282d7a	Scott Ullrich
387	5b237745	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
388			$syslogconf .= <<<EOD
389			local3.* @{$syslogcfg['remoteserver']}
390	0a123b4c	Scott Ullrich
391	3f2b92d2	Scott Ullrich	EOD;
392			}
393
394	5b237745	Scott Ullrich
395	3f2b92d2	Scott Ullrich	if (isset($syslogcfg['portalauth'])) {
396			$syslogconf .= <<<EOD
397			local4.* @{$syslogcfg['remoteserver']}
398	0a123b4c	Scott Ullrich
399	5b237745	Scott Ullrich	EOD;
400			}
401
402	3f2b92d2	Scott Ullrich
403	5b237745	Scott Ullrich	if (isset($syslogcfg['dhcp'])) {
404			$syslogconf .= <<<EOD
405			local7.* @{$syslogcfg['remoteserver']}
406	0a123b4c	Scott Ullrich
407	5b237745	Scott Ullrich	EOD;
408			}
409
410			if (isset($syslogcfg['system'])) {
411			$syslogconf .= <<<EOD
412	7e77107f	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
413			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
414	5b237745	Scott Ullrich	security.* @{$syslogcfg['remoteserver']}
415			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
416			*.emerg @{$syslogcfg['remoteserver']}
417	d2834563	Scott Ullrich
418	5b237745	Scott Ullrich	EOD;
419			}
420			fwrite($fd, $syslogconf);
421			fclose($fd);
422	0f282d7a	Scott Ullrich
423	9f5b217f	Scott Ullrich	// Are we logging to a least one remote server ?
424			if(strpos($syslogconf, "@") != false)
425			$retval = mwexec("/usr/sbin/syslogd -s -f {$g['varetc_path']}/syslog.conf");
426			else
427			$retval = mwexec("/usr/sbin/syslogd -ss -f {$g['varetc_path']}/syslog.conf");
428	5b237745	Scott Ullrich
429			} else {
430			$retval = mwexec("/usr/sbin/syslogd -ss");
431			}
432	0f282d7a	Scott Ullrich
433	5b237745	Scott Ullrich	if ($g['booting'])
434	5c6d0f65	Colin Smith	echo "done.\n";
435	0f282d7a	Scott Ullrich
436	5b237745	Scott Ullrich	return $retval;
437			}
438
439			function system_pccard_start() {
440	f19d3b7a	Scott Ullrich	global $config, $g;
441	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
442			$mt = microtime();
443	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
444	58c7450e	Scott Ullrich	}
445	0f282d7a	Scott Ullrich
446	5b237745	Scott Ullrich	if ($g['booting'])
447	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
448	0f282d7a	Scott Ullrich
449	5b237745	Scott Ullrich	/* kill any running pccardd */
450			killbypid("{$g['varrun_path']}/pccardd.pid");
451	0f282d7a	Scott Ullrich
452	5b237745	Scott Ullrich	/* fire up pccardd */
453			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
454	0f282d7a	Scott Ullrich
455	5b237745	Scott Ullrich	if ($g['booting']) {
456			if ($res == 0)
457	5c6d0f65	Colin Smith	echo "done.\n";
458	5b237745	Scott Ullrich	else
459	5c6d0f65	Colin Smith	echo "failed!\n";
460	5b237745	Scott Ullrich	}
461	0f282d7a	Scott Ullrich
462	5b237745	Scott Ullrich	return $res;
463			}
464
465	819197a8	Scott Ullrich
466	5b237745	Scott Ullrich	function system_webgui_start() {
467	f19d3b7a	Scott Ullrich	global $config, $g;
468	877ac35d	Scott Ullrich
469			if ($g['booting'])
470	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
471	877ac35d	Scott Ullrich
472	383a4439	Scott Ullrich	/* kill any running lighttpd */
473	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
474
475	e9d0bf64	Scott Ullrich	sleep(1);
476
477	877ac35d	Scott Ullrich	/* generate password file */
478			system_password_configure();
479
480			chdir($g['www_path']);
481
482			/* non-standard port? */
483			if ($config['system']['webgui']['port'])
484	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
485	877ac35d	Scott Ullrich	else
486			$portarg = "";
487
488			if ($config['system']['webgui']['protocol'] == "https") {
489
490	1b2db323	Scott Ullrich	if(!$config['system']['webgui']['port'])
491			$portarg = "443";
492
493	877ac35d	Scott Ullrich	if ($config['system']['webgui']['certificate'] && $config['system']['webgui']['private-key']) {
494			$cert = base64_decode($config['system']['webgui']['certificate']);
495			$key = base64_decode($config['system']['webgui']['private-key']);
496			} else {
497			/* default certificate/key */
498			$cert = <<<EOD
499			-----BEGIN CERTIFICATE-----
500	6e0f3899	Scott Ullrich	MIIDEzCCAnygAwIBAgIJAJM91W+s6qptMA0GCSqGSIb3DQEBBAUAMGUxCzAJBgNV
501			BAYTAlVTMQswCQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UE
502			ChMHcGZTZW5zZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZTAe
503			Fw0wNjAzMTAyMzQ1MTlaFw0xNjAzMDcyMzQ1MTlaMGUxCzAJBgNVBAYTAlVTMQsw
504			CQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UEChMHcGZTZW5z
505			ZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZTCBnzANBgkqhkiG
506			9w0BAQEFAAOBjQAwgYkCgYEA3lPNTFH6qge/ygaqe/BS4oH59O6KvAesWcRzSu5N
507			21lyVE5tBbL0zqOSXmlLyReMSbtAMZqt1P8EPYFoOcaEQHIWm2VQF80Z18+8Gh4O
508			UQGjHq88OeaLqyk3OLpSKzSpXuCFrSN7q9Kez8zp5dQEu7sIW30da3pAbdqYOimA
509			1VsCAwEAAaOByjCBxzAdBgNVHQ4EFgQUAnx+ggC4SzJ0CK+rhPhJ2ZpyunEwgZcG
510			A1UdIwSBjzCBjIAUAnx+ggC4SzJ0CK+rhPhJ2ZpyunGhaaRnMGUxCzAJBgNVBAYT
511			AlVTMQswCQYDVQQIEwJLWTETMBEGA1UEBxMKTG91aXN2aWxsZTEQMA4GA1UEChMH
512			cGZTZW5zZTEQMA4GA1UECxMHcGZTZW5zZTEQMA4GA1UEAxMHcGZTZW5zZYIJAJM9
513			1W+s6qptMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAAviQpdoeabL8
514			1HSZiD7Yjx82pdLpyQOdXvAu3jEAYz53ckx0zSMrzsQ5r7Vae6AE7Xd7Pj+1Yihs
515			AJZzOQujnmsuim7qu6YSxzP34xonKwd1C9tZUlyNRNnEmtXOEDupn05bih1ugtLG
516			kqfPIgDbDLXuPtEAA6QDUypaunI6+1E=
517	877ac35d	Scott Ullrich	-----END CERTIFICATE-----
518	6e0f3899	Scott Ullrich
519	877ac35d	Scott Ullrich	EOD;
520
521			$key = <<<EOD
522			-----BEGIN RSA PRIVATE KEY-----
523	6e0f3899	Scott Ullrich	MIICXgIBAAKBgQDeU81MUfqqB7/KBqp78FLigfn07oq8B6xZxHNK7k3bWXJUTm0F
524			svTOo5JeaUvJF4xJu0Axmq3U/wQ9gWg5xoRAchabZVAXzRnXz7waHg5RAaMerzw5
525			5ourKTc4ulIrNKle4IWtI3ur0p7PzOnl1AS7uwhbfR1rekBt2pg6KYDVWwIDAQAB
526			AoGAP7E0VFP8Aq/7os3sE1uS8y8XQ7L+7cUo/AKKoQHKLjfeyAY7t3FALt6vdPqn
527			anGjkA/j4RIWELoKJfCnwj17703NDCPwB7klcmZvmTx5Om1ZrRyZdQ6RJs0pOOO1
528			r2wOnZNaNWStXE9Afpw3dj20Gh0V/Ioo5HXn3sHfxZm8dnkCQQDwv8OaUdp2Hl8t
529			FDfXB1CMvUG1hEAvbQvZK1ODkE7na2/ChKjVPddEI3DvfzG+nLrNuTrAyVWgRLte
530			r8qX5PQHAkEA7GlKx0S18LdiKo6wy2QeGu6HYkPncaHNFOWX8cTpvGGtQoWYSh0J
531			tjCt1/mz4/XkvZWuZyTNx2FdkVlNF5nHDQJBAIRWVTZqEjVlwpmsCHnp6mxCyHD4
532			DrRDNAUfnNuwIr9xPlDlzUzSnpc1CCqOd5C45LKbRGGfCrN7tKd66FmQoFcCQQCy
533			Kvw3R1pTCvHJnvYwoshphaC0dvaDVeyINiwYAk4hMf/wpVxLZqz+CJvLrB1dzOBR
534			3O+uPjdzbrakpweJpNQ1AkEA3ZtlgEj9eWsLAJP8aKlwB8VqD+EtG9OJSUMnCDiQ
535			WFFNj/t3Ze3IVuAyL/yMpiv3JNEnZhIxCta42eDFpIZAKw==
536	877ac35d	Scott Ullrich	-----END RSA PRIVATE KEY-----
537	6e0f3899	Scott Ullrich
538	877ac35d	Scott Ullrich	EOD;
539			}
540			} else {
541			$cert = "";
542			$key = "";
543			}
544
545			/* generate lighttpd configuration */
546			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
547	1b2db323	Scott Ullrich	$cert, $key, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
548	877ac35d	Scott Ullrich
549			/* attempt to start lighthttpd */
550			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
551
552			if ($g['booting']) {
553			if ($res == 0)
554			echo "done.\n";
555			else
556			echo "failed!\n";
557			}
558
559			return $res;
560			}
561
562			function system_webgui_start_old() {
563			global $config, $g;
564	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
565			$mt = microtime();
566	dcf0598e	Scott Ullrich	echo "system_webgui_start() being called $mt\n";
567	58c7450e	Scott Ullrich	}
568	0f282d7a	Scott Ullrich
569	819197a8	Scott Ullrich	if ($g['booting'])
570	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
571	0f282d7a	Scott Ullrich
572	819197a8	Scott Ullrich	/* kill any running mini_httpd */
573			killbypid("{$g['varrun_path']}/mini_httpd.pid");
574	0f282d7a	Scott Ullrich
575	819197a8	Scott Ullrich	/* generate password file */
576			system_password_configure();
577	0f282d7a	Scott Ullrich
578	819197a8	Scott Ullrich	chdir($g['www_path']);
579	0f282d7a	Scott Ullrich
580	819197a8	Scott Ullrich	/* non-standard port? */
581			if ($config['system']['webgui']['port'])
582			$portarg = "-p {$config['system']['webgui']['port']}";
583			else
584			$portarg = "";
585	0f282d7a	Scott Ullrich
586	819197a8	Scott Ullrich	if ($config['system']['webgui']['protocol'] == "https") {
587	0f282d7a	Scott Ullrich
588	819197a8	Scott Ullrich	if ($config['system']['webgui']['certificate'] && $config['system']['webgui']['private-key']) {
589			$cert = base64_decode($config['system']['webgui']['certificate']);
590	7aae518a	Scott Ullrich	$key = base64_decode($config['system']['webgui']['private-key']);
591	819197a8	Scott Ullrich	} else {
592			/* default certificate/key */
593			$cert = <<<EOD
594	5b237745	Scott Ullrich	-----BEGIN CERTIFICATE-----
595	819197a8	Scott Ullrich	MIIBlDCB/gIBADANBgkqhkiG9w0BAQQFADATMREwDwYDVQQKEwhtMG4wd2FsbDAe
596			Fw0wNTA1MTAxMjI0NDRaFw0wNzA1MTAxMjI0NDRaMBMxETAPBgNVBAoTCG0wbjB3
597			YWxsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAShszhFz+o8lsMWTGgTxs
598			TMPR+v4+qL5jXDyY97MLTGFK7aqQOtpIQc+TcTc4jklgOVlHoR7oBXrsi8YrbCd+
599			83LPQmQoSPC0VqhfU3uYf3NzxiK8r97aPCsmWgwT2pQ6TcESTm6sF7nLprOf/zFP
600			C4jE2fvjkbzyVolPywBuewIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAFR962c4R5tV
601			cTn0OQcszYoW6WC+ini9tQQh5ku5jYDAiC+00atawJEVLnL3lwAcpSKTIWlTkD20
602			tl3lz5br1qFgYky+Rd0kwS2nk9jRbkxSXxd6KJVnNRCKre28aw3ENzZfCSurPQsX
603			UPp5er+NtwMT1g7s/JDmKTC4w1rGr5/c
604	5b237745	Scott Ullrich	-----END CERTIFICATE-----
605	819197a8	Scott Ullrich
606	5b237745	Scott Ullrich	EOD;
607
608	819197a8	Scott Ullrich	$key = <<<EOD
609	5b237745	Scott Ullrich	-----BEGIN RSA PRIVATE KEY-----
610	819197a8	Scott Ullrich	MIICXQIBAAKBgQDAShszhFz+o8lsMWTGgTxsTMPR+v4+qL5jXDyY97MLTGFK7aqQ
611			OtpIQc+TcTc4jklgOVlHoR7oBXrsi8YrbCd+83LPQmQoSPC0VqhfU3uYf3NzxiK8
612			r97aPCsmWgwT2pQ6TcESTm6sF7nLprOf/zFPC4jE2fvjkbzyVolPywBuewIDAQAB
613			AoGAbJJrQW9fQrggJuLMz/hwsYW2m31oyOBmf5u463YQtjRuSuxe/gj87weZuNqY
614			H2rXq2k2K+ehl8hgW+egASyUL3L7kCkEAsVREujKTEyhSqqIRDPWTxo9S/YA9Gvn
615			2ZnJvkrcKjqCO9aHX3rvJOK/ErYI6akctgI3KmgkYw5XNmECQQDuZU97RTWH9rmP
616			aQr57ysNXxgFsyhetOOqeYkPtIVwpOiNbfwE1zi5RGdtO4Ku3fG1lV4J2UoWJ9yD
617			awdoyYIHAkEAzn0xJ90IjPsHk+8SODEj5JGdHSZPNu1tgtrbjEi9sfGWg4K7XTxr
618			QW90pWb1bKKU1uh5FzW6OhnFfuQXt1kC7QJAPSthqY+onKqCEnoxhtAHi/bKgyvl
619			P+fKQwPMV2tKkgy+XwvJjrRqqZ8TqsOKVLQ+QQmCh6RpjiXMPyxHSmvqIQJBAKLR
620			HF1ucDuaBROkwx0DwmWMW/KMLpIFDQDNSaiIAuu4rxHrl4mhBoGGPNffI04RtILw
621			s+qVNs5xW8T+XaT4ztECQQDFHPnZeoPWE5z+AX/UUQIUWaDExz3XRzmIxRbOrlFi
622			CsF1s0TdJLi/wzNQRAL37A8vqCeVFR/ng3Xpg96Yg+8Z
623	5b237745	Scott Ullrich	-----END RSA PRIVATE KEY-----
624	208e9a9c	Scott Ullrich
625	819197a8	Scott Ullrich	EOD;
626			}
627	333f8ef0	Scott Ullrich
628	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
629			$key = str_replace("\r", "", $key);
630	333f8ef0	Scott Ullrich
631	819197a8	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/cert.pem", "w");
632			if (!$fd) {
633			printf("Error: cannot open cert.pem in system_webgui_start().\n");
634			return 1;
635			}
636			chmod("{$g['varetc_path']}/cert.pem", 0600);
637			fwrite($fd, $cert);
638			fwrite($fd, "\n");
639			fwrite($fd, $key);
640			fclose($fd);
641
642			$res = mwexec("/usr/local/sbin/mini_httpd -S -E {$g['varetc_path']}/cert.pem" .
643			" -c \".php\|.cgi\" -u root -maxproc 16 $portarg" .
644			" -i {$g['varrun_path']}/mini_httpd.pid");
645			} else {
646			$res = mwexec("/usr/local/sbin/mini_httpd -c \".php\|.cgi\" -u root" .
647			" -maxproc 16 $portarg -i {$g['varrun_path']}/mini_httpd.pid");
648			}
649	0f282d7a	Scott Ullrich
650	819197a8	Scott Ullrich	if ($g['booting']) {
651			if ($res == 0)
652			echo "done\n";
653			else
654			echo "failed\n";
655			}
656	a632cf43	Scott Ullrich
657	819197a8	Scott Ullrich	return $res;
658	a632cf43	Scott Ullrich	}
659
660	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
661			$cert,
662			$key,
663			$pid_file,
664			$port = 80,
665			$document_root = "/usr/local/www/",
666			$cert_location = "cert.pem",
667	b5317d07	Scott Ullrich	$max_procs = 2,
668	eb0f441c	Scott Ullrich	$max_requests = "1",
669			$fast_cgi_enable = true,
670			$captive_portal = false) {
671	58c7450e	Scott Ullrich
672	f19d3b7a	Scott Ullrich	global $config, $g;
673
674	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
675			$mt = microtime();
676	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
677	58c7450e	Scott Ullrich	}
678
679	eb0f441c	Scott Ullrich	if($captive_portal == true) {
680			$captiveportal = ",\"mod_rewrite\"";
681	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
682	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
683			$maxprocperip = $config['captiveportal']['maxprocperip'];
684	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
685			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
686			else
687			$captive_portal_mod_evasive = "";
688	9db733ca	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"/tmp/captiveportal/\" )\n";
689			exec("mkdir -p /tmp/captiveportal");
690			exec("chmod a-w /tmp/captiveportal");
691	5a244130	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
692	b0bdc06e	Scott Ullrich	} else {
693			$captive_portal_module = "";
694			$captive_portal_mod_evasive = "";
695	9db733ca	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n";
696	5a244130	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
697	eb0f441c	Scott Ullrich	}
698
699	28cae949	Scott Ullrich	if($port <> "")
700			$lighty_port = $port;
701			else
702			$lighty_port = "80";
703	3d77d4c4	Scott Ullrich
704			$memory = get_memory();
705			$avail = $memory[0];
706
707	b0bdc06e	Scott Ullrich	if($avail > 0 and $avail < 98) {
708	f994f4d6	Scott Ullrich	$max_procs = 1;
709			$max_requests = 1;
710	52624d2c	Scott Ullrich	}
711	1a043fa7	Scott Ullrich
712	b0bdc06e	Scott Ullrich	if($avail > 97 and $avail < 128) {
713	b858851d	Scott Ullrich	$max_procs = 1;
714			$max_requests = 3;
715	b0bdc06e	Scott Ullrich	}
716
717	b858851d	Scott Ullrich	if($avail > 127 and $avail < 256) {
718			$max_procs = 1;
719			$max_requests = 5;
720			}
721	b0bdc06e	Scott Ullrich
722	b858851d	Scott Ullrich	if($avail > 255 and $avail < 384) {
723			$max_procs = 3;
724			$max_requests = 10;
725			}
726	b0bdc06e	Scott Ullrich
727	b858851d	Scott Ullrich	if($avail > 383 and $avail < 512) {
728			$max_procs = 4;
729			$max_requests = 16;
730			}
731	b0bdc06e	Scott Ullrich
732	e4397563	Scott Ullrich	if($captive_portal == true) {
733			$bin_environment = <<<EOC
734			"bin-environment" => (
735			"PHP_FCGI_CHILDREN" => "16",
736			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
737			),
738			EOC;
739
740			} else {
741			$bin_environment = "";
742			}
743
744	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
745	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
746	4edb490d	Scott Ullrich	$cgi_config = "";
747			$fastcgi_config = <<<EOD
748			#### fastcgi module
749			## read fastcgi.txt for more info
750	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
751			( "localhost" =>
752			(
753			"socket" => "/tmp/php-fastcgi.socket",
754			"min-procs" => 1,
755			"max-procs" => {$max_procs},
756	e4397563	Scott Ullrich	{$bin_environment}
757	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
758			)
759			)
760			)
761	4edb490d	Scott Ullrich
762	dde4f60c	Scott Ullrich	#### CGI module
763	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
764	dde4f60c	Scott Ullrich
765	4edb490d	Scott Ullrich	EOD;
766			} else {
767			$fastcgi_config = "";
768			$module = "\"mod_cgi\"";
769			$cgi_config = <<<EOD
770			#### CGI module
771			cgi.assign = ( ".php" => "/usr/local/bin/php",
772	d4302f46	Espen Johansen	".cgi" => "" )
773	333f8ef0	Scott Ullrich
774	4edb490d	Scott Ullrich	EOD;
775			}
776	333f8ef0	Scott Ullrich
777	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
778	28cae949	Scott Ullrich	#
779	a632cf43	Scott Ullrich	# lighttpd configuration file
780			#
781			# use a it as base for lighttpd 1.0.0 and above
782	28cae949	Scott Ullrich	#
783	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
784
785	770b4b9c	Scott Ullrich	## FreeBSD!
786			server.event-handler = "freebsd-kqueue"
787	e4397563	Scott Ullrich	server.network-backend = "writev" ## Fixes 7.x upload issues
788	770b4b9c	Scott Ullrich
789	d25b4a55	Scott Ullrich	{$network_handler}
790	096261af	Scott Ullrich
791	a632cf43	Scott Ullrich	## modules to load
792	4edb490d	Scott Ullrich	server.modules = (
793	b0bdc06e	Scott Ullrich	{$captive_portal_module}
794	ee959dc4	Scott Ullrich	"mod_access", "mod_accesslog",
795	eb0f441c	Scott Ullrich	{$module}{$captiveportal}
796	4edb490d	Scott Ullrich	)
797	28cae949	Scott Ullrich
798			## Unused modules
799	6a019c11	Scott Ullrich	# "mod_setenv",
800			# "mod_compress"
801			# "mod_redirect",
802			# "mod_rewrite",
803	28cae949	Scott Ullrich	# "mod_ssi",
804			# "mod_usertrack",
805			# "mod_expire",
806			# "mod_secdownload",
807			# "mod_rrdtool",
808	a632cf43	Scott Ullrich	# "mod_auth",
809			# "mod_status",
810	28cae949	Scott Ullrich	# "mod_alias",
811	a632cf43	Scott Ullrich	# "mod_proxy",
812			# "mod_simple_vhost",
813			# "mod_evhost",
814			# "mod_userdir",
815	28cae949	Scott Ullrich	# "mod_cgi",
816			# "mod_accesslog"
817	a632cf43	Scott Ullrich
818			## a static document-root, for virtual-hosting take look at the
819			## server.virtual-* options
820	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
821	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
822	a632cf43	Scott Ullrich
823			## where to send error-messages to
824	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
825	a632cf43	Scott Ullrich
826			# files to check for if .../ is requested
827			server.indexfiles = ( "index.php", "index.html",
828			"index.htm", "default.htm" )
829
830			# mimetype mapping
831			mimetype.assign = (
832			".pdf" => "application/pdf",
833			".sig" => "application/pgp-signature",
834			".spl" => "application/futuresplash",
835			".class" => "application/octet-stream",
836			".ps" => "application/postscript",
837			".torrent" => "application/x-bittorrent",
838			".dvi" => "application/x-dvi",
839			".gz" => "application/x-gzip",
840			".pac" => "application/x-ns-proxy-autoconfig",
841			".swf" => "application/x-shockwave-flash",
842			".tar.gz" => "application/x-tgz",
843			".tgz" => "application/x-tgz",
844			".tar" => "application/x-tar",
845			".zip" => "application/zip",
846			".mp3" => "audio/mpeg",
847			".m3u" => "audio/x-mpegurl",
848			".wma" => "audio/x-ms-wma",
849			".wax" => "audio/x-ms-wax",
850			".ogg" => "audio/x-wav",
851			".wav" => "audio/x-wav",
852			".gif" => "image/gif",
853			".jpg" => "image/jpeg",
854			".jpeg" => "image/jpeg",
855			".png" => "image/png",
856			".xbm" => "image/x-xbitmap",
857			".xpm" => "image/x-xpixmap",
858			".xwd" => "image/x-xwindowdump",
859			".css" => "text/css",
860			".html" => "text/html",
861			".htm" => "text/html",
862			".js" => "text/javascript",
863			".asc" => "text/plain",
864			".c" => "text/plain",
865			".conf" => "text/plain",
866			".text" => "text/plain",
867			".txt" => "text/plain",
868			".dtd" => "text/xml",
869			".xml" => "text/xml",
870			".mpeg" => "video/mpeg",
871			".mpg" => "video/mpeg",
872			".mov" => "video/quicktime",
873			".qt" => "video/quicktime",
874			".avi" => "video/x-msvideo",
875			".asf" => "video/x-ms-asf",
876			".asx" => "video/x-ms-asf",
877			".wmv" => "video/x-ms-wmv",
878			".bz2" => "application/x-bzip",
879			".tbz" => "application/x-bzip-compressed-tar",
880			".tar.bz2" => "application/x-bzip-compressed-tar"
881			)
882
883			# Use the "Content-Type" extended attribute to obtain mime type if possible
884			#mimetypes.use-xattr = "enable"
885
886			#### accesslog module
887	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
888	a632cf43	Scott Ullrich
889			## deny access the file-extensions
890			#
891			# ~ is for backupfiles from vi, emacs, joe, ...
892			# .inc is often used for code includes which should in general not be part
893			# of the document-root
894			url.access-deny = ( "~", ".inc" )
895
896
897			######### Options that are good to be but not neccesary to be changed #######
898
899			## bind to port (default: 80)
900	28cae949	Scott Ullrich	server.port = {$lighty_port}
901	a632cf43	Scott Ullrich
902			## error-handler for status 404
903			#server.error-handler-404 = "/error-handler.html"
904			#server.error-handler-404 = "/error-handler.php"
905
906			## to help the rc.scripts
907			server.pid-file = "/var/run/{$pid_file}"
908
909			## virtual directory listings
910	28cae949	Scott Ullrich	server.dir-listing = "disable"
911	a632cf43	Scott Ullrich
912			## enable debugging
913	28cae949	Scott Ullrich	debug.log-request-header = "disable"
914			debug.log-response-header = "disable"
915			debug.log-request-handling = "disable"
916			debug.log-file-not-found = "disable"
917	a632cf43	Scott Ullrich
918			#### compress module
919			#compress.cache-dir = "/tmp/lighttpd/cache/compress/"
920			#compress.filetype = ("text/plain", "text/html")
921
922	ee959dc4	Scott Ullrich	#server.network-backend = "writev"
923
924	9db733ca	Scott Ullrich	{$server_upload_dirs}
925	1ef7b568	Scott Ullrich
926	4604d1e7	Scott Ullrich	{$server_max_request_size}
927	ee959dc4	Scott Ullrich
928	4edb490d	Scott Ullrich	{$fastcgi_config}
929
930			{$cgi_config}
931	a632cf43	Scott Ullrich
932	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
933
934	a632cf43	Scott Ullrich	EOD;
935
936	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
937	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
938	7aae518a	Scott Ullrich
939			$cert = str_replace("\n\n", "\n", $cert);
940	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
941	7aae518a	Scott Ullrich
942	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
943	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
944	5b237745	Scott Ullrich	if (!$fd) {
945			printf("Error: cannot open cert.pem in system_webgui_start().\n");
946			return 1;
947			}
948	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
949	5b237745	Scott Ullrich	fwrite($fd, $cert);
950			fwrite($fd, "\n");
951			fwrite($fd, $key);
952			fclose($fd);
953	a632cf43	Scott Ullrich	$lighty_config .= "\n";
954	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
955	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
956	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
957	5b237745	Scott Ullrich	}
958	0f282d7a	Scott Ullrich
959	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
960	a632cf43	Scott Ullrich	if (!$fd) {
961	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
962	a632cf43	Scott Ullrich	return 1;
963	5b237745	Scott Ullrich	}
964	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
965			fclose($fd);
966
967			return 0;
968	0f282d7a	Scott Ullrich
969	5b237745	Scott Ullrich	}
970
971			function system_password_configure() {
972	f19d3b7a	Scott Ullrich	global $config, $g;
973	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
974			$mt = microtime();
975	dcf0598e	Scott Ullrich	echo "system_password_configure() being called $mt\n";
976	f19d3b7a	Scott Ullrich	}
977
978	0d174c5f	Scott Ullrich	/* sync passwords */
979			sync_webgui_passwords();
980
981			/* !NOTE! conf_mount_ro is done by sync_webgui_passwords() */
982	0f282d7a	Scott Ullrich
983	5b237745	Scott Ullrich	return 0;
984			}
985
986			function system_timezone_configure() {
987	f19d3b7a	Scott Ullrich	global $config, $g;
988	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
989			$mt = microtime();
990	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
991	333f8ef0	Scott Ullrich	}
992	5b237745	Scott Ullrich
993			$syscfg = $config['system'];
994
995			if ($g['booting'])
996	f05740c1	Scott Ullrich	echo "Setting timezone...";
997	5b237745	Scott Ullrich
998			/* extract appropriate timezone file */
999			$timezone = $syscfg['timezone'];
1000			if (!$timezone)
1001			$timezone = "Etc/UTC";
1002	0f282d7a	Scott Ullrich
1003	34febcde	Scott Ullrich	conf_mount_rw();
1004
1005	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1006	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1007
1008	eb5814ae	Scott Ullrich	mwexec("sync");
1009	27150275	Scott Ullrich	conf_mount_ro();
1010	34febcde	Scott Ullrich
1011	5b237745	Scott Ullrich	if ($g['booting'])
1012	5c6d0f65	Colin Smith	echo "done.\n";
1013	5b237745	Scott Ullrich	}
1014
1015			function system_ntp_configure() {
1016	f19d3b7a	Scott Ullrich	global $config, $g;
1017	5b237745	Scott Ullrich
1018			$syscfg = $config['system'];
1019
1020	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1021			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1022			if(!$fd) {
1023	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1024	20b90e0a	Scott Ullrich	return;
1025	5b237745	Scott Ullrich	}
1026
1027	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1028			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1029			fwrite($fd, "# \n\n");
1030	0f282d7a	Scott Ullrich
1031	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1032			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1033			fwrite($fd, "servers {$ts}\n");
1034	0f282d7a	Scott Ullrich
1035	95594e5a	Scott Ullrich	/* server config is in coregui1 */
1036			$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1037			if ($xmlsettings['enable'] == 'on') {
1038			$ifaces = explode(',', $xmlsettings['interface']);
1039			$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
1040			$ifaces = array_filter($ifaces, 'does_interface_exist');
1041			$ips = array_map('find_interface_ip', $ifaces);
1042			foreach ($ips as $ip) {
1043			if (is_ipaddr($ip))
1044			fwrite($fd, "listen on $ip\n");
1045			}
1046			}
1047
1048	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1049	0f282d7a	Scott Ullrich
1050	20b90e0a	Scott Ullrich	/* slurp! */
1051			fclose($fd);
1052
1053			/* if openntpd is running, kill it */
1054	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1055	ba1e7572	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
1056	5f3e1f12	Scott Ullrich	}
1057
1058			/* if /var/empty does not exist, create it */
1059			if(!is_dir("/var/empty"))
1060			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1061
1062	4f46cd86	Scott Ullrich	if($g['booting'])
1063			return;
1064	20b90e0a	Scott Ullrich
1065			/* start opentpd, set time now and use /var/etc/ntpd.conf */
1066			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1067	0f282d7a	Scott Ullrich
1068	5b237745	Scott Ullrich	}
1069
1070	652cf082	Seth Mos	function sync_system_time() {
1071			global $config, $g;
1072
1073			$syscfg = $config['system'];
1074
1075			if ($g['booting'])
1076	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1077	652cf082	Seth Mos
1078			/* foreach through servers and write out to ntpd.conf */
1079			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1080			mwexec("/usr/sbin/ntpdate -s $ts");
1081			}
1082	4582b281	Scott Ullrich
1083			if ($g['booting'])
1084			echo "done.\n";
1085
1086	652cf082	Seth Mos	}
1087
1088	405e5de0	Scott Ullrich	function system_halt() {
1089			global $g;
1090
1091			system_reboot_cleanup();
1092
1093			mwexec("nohup /etc/rc.halt > /dev/null 2>&1 &");
1094			}
1095
1096	5b237745	Scott Ullrich	function system_reboot() {
1097			global $g;
1098	0f282d7a	Scott Ullrich
1099	5b237745	Scott Ullrich	system_reboot_cleanup();
1100	0f282d7a	Scott Ullrich
1101	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1102			}
1103
1104			function system_reboot_sync() {
1105			global $g;
1106	0f282d7a	Scott Ullrich
1107	5b237745	Scott Ullrich	system_reboot_cleanup();
1108	0f282d7a	Scott Ullrich
1109	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1110			}
1111
1112			function system_reboot_cleanup() {
1113	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1114	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1115			}
1116
1117			function system_do_shell_commands($early = 0) {
1118	f19d3b7a	Scott Ullrich	global $config, $g;
1119	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1120			$mt = microtime();
1121	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1122	58c7450e	Scott Ullrich	}
1123	0f282d7a	Scott Ullrich
1124	5b237745	Scott Ullrich	if ($early)
1125			$cmdn = "earlyshellcmd";
1126			else
1127			$cmdn = "shellcmd";
1128	0f282d7a	Scott Ullrich
1129	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1130	333f8ef0	Scott Ullrich
1131	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1132	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1133			exec($cmd);
1134			}
1135	245388b4	Scott Ullrich
1136			} elseif($config['system'][$cmdn] <> "") {
1137	333f8ef0	Scott Ullrich
1138	245388b4	Scott Ullrich	/* execute single item */
1139			exec($config['system'][$cmdn]);
1140
1141	5b237745	Scott Ullrich	}
1142			}
1143
1144			function system_console_configure() {
1145	f19d3b7a	Scott Ullrich	global $config, $g;
1146	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1147			$mt = microtime();
1148	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1149	333f8ef0	Scott Ullrich	}
1150	0f282d7a	Scott Ullrich
1151	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1152			touch("{$g['varetc_path']}/disableconsole");
1153			} else {
1154			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1155			}
1156			}
1157
1158			function system_dmesg_save() {
1159	f19d3b7a	Scott Ullrich	global $g;
1160	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1161			$mt = microtime();
1162	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1163	f19d3b7a	Scott Ullrich	}
1164	0f282d7a	Scott Ullrich
1165	767a716e	Scott Ullrich	$dmesg = "";
1166	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1167	0f282d7a	Scott Ullrich
1168	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1169			$lastcpline = 0;
1170	0f282d7a	Scott Ullrich
1171	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1172			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1173			$lastcpline = $i;
1174			}
1175	0f282d7a	Scott Ullrich
1176	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1177			if (!$fd) {
1178			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1179			return 1;
1180			}
1181	0f282d7a	Scott Ullrich
1182	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1183			fwrite($fd, $dmesg[$i] . "\n");
1184	0f282d7a	Scott Ullrich
1185	5b237745	Scott Ullrich	fclose($fd);
1186	0f282d7a	Scott Ullrich
1187	5b237745	Scott Ullrich	return 0;
1188			}
1189
1190			function system_set_harddisk_standby() {
1191	f19d3b7a	Scott Ullrich	global $g, $config;
1192	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1193			$mt = microtime();
1194	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1195	58c7450e	Scott Ullrich	}
1196	5b237745	Scott Ullrich
1197			if (isset($config['system']['harddiskstandby'])) {
1198			if ($g['booting']) {
1199	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1200	5b237745	Scott Ullrich	}
1201
1202			$standby = $config['system']['harddiskstandby'];
1203			// Check for a numeric value
1204			if (is_numeric($standby)) {
1205			// Sync the disk(s)
1206			mwexec('/bin/sync');
1207			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1208			// Reinitialize ATA-drives
1209			mwexec('/usr/local/sbin/atareinit');
1210			if ($g['booting']) {
1211	5c6d0f65	Colin Smith	echo "done.\n";
1212	5b237745	Scott Ullrich	}
1213			} else if ($g['booting']) {
1214	5c6d0f65	Colin Smith	echo "failed!\n";
1215	5b237745	Scott Ullrich	}
1216			} else if ($g['booting']) {
1217	5c6d0f65	Colin Smith	echo "failed!\n";
1218	5b237745	Scott Ullrich	}
1219			}
1220			}
1221
1222	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1223	f19d3b7a	Scott Ullrich	global $config;
1224	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1225			$mt = microtime();
1226	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1227	58c7450e	Scott Ullrich	}
1228	243aa7b9	Scott Ullrich
1229	3ff9d424	Scott Ullrich	$sysctl = return_filename_as_array("/etc/sysctl.conf");
1230			foreach($sysctl as $sysc) {
1231	73a80049	Chris Buechler	$sysc = rtrim($sysc);
1232	89f7e23c	Scott Ullrich	if($sysc <> "")
1233	beae8857	Scott Ullrich	mwexec("sysctl {$sysc} 2>/dev/null");
1234	3ff9d424	Scott Ullrich	}
1235	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1236			system_disable_arp_wrong_if();
1237			}
1238			}
1239
1240			function system_disable_arp_wrong_if() {
1241	f19d3b7a	Scott Ullrich	global $config;
1242	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1243			$mt = microtime();
1244	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1245	333f8ef0	Scott Ullrich	}
1246	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1247	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1248	3ff9d424	Scott Ullrich	}
1249
1250	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1251	f19d3b7a	Scott Ullrich	global $config;
1252	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1253			$mt = microtime();
1254	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1255	58c7450e	Scott Ullrich	}
1256	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1257	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1258	243aa7b9	Scott Ullrich	}
1259
1260	a199b93e	Scott Ullrich	function enable_watchdog() {
1261			global $config;
1262			$install_watchdog = false;
1263			$supported_watchdogs = array("Geode");
1264			$file = file_get_contents("/var/log/dmesg.boot");
1265			foreach($supported_watchdogs as $sd) {
1266			if(stristr($file, "Geode")) {
1267			$install_watchdog = true;
1268			}
1269			}
1270			if($install_watchdog == true) {
1271	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1272	ba1e7572	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1273	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1274	a199b93e	Scott Ullrich	}
1275			}
1276	243aa7b9	Scott Ullrich
1277	f44fe780	Scott Ullrich	?>

Project

General

Profile

pfSense