/etc/inc/pfsense-utils.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/pfsense-utils.inc @ 9b1c39e3

-c51
+<?php
-becf
+/****h* pfSense/pfsense-utils
  * NAME
  *   pfsense-utils.inc - Utilities specific to pfSense
  * DESCRIPTION
  *   This include contains various pfSense specific functions.
  * HISTORY
  *   $Id$
  ******
+ *
-            69487053
+ * Copyright (C) 2004-2007 Scott Ullrich (sullrich@gmail.com)
-becf
+ * All rights reserved.
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
+ *
  * 1. Redistributions of source code must retain the above copyright notice,
  * this list of conditions and the following disclaimer.
+ *
  * 2. Redistributions in binary form must reproduce the above copyright
  * notice, this list of conditions and the following disclaimer in the
  * documentation and/or other materials provided with the distribution.
+ *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
  * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
  * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * RISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
+ *
  */
-            0397013a
+/****f* pfsense-utils/have_natonetooneruleint_access
  * NAME
  *   have_natonetooneruleint_access
  * INPUTS
  *	 none
  * RESULT
  *   returns true if user has access to edit a specific firewall nat one to one interface
  ******/
 function have_natonetooneruleint_access($if) {
 	$security_url = "firewall_nat_1to1_edit.php?if=". strtolower($if);
-ee90ed
+	if(isAllowedPage($security_url, $allowed))
-            0397013a
+		return true;
 	return false;
+}
 /****f* pfsense-utils/have_natpfruleint_access
  * NAME
  *   have_natpfruleint_access
  * INPUTS
  *	 none
  * RESULT
  *   returns true if user has access to edit a specific firewall nat port forward interface
  ******/
 function have_natpfruleint_access($if) {
 	$security_url = "firewall_nat_edit.php?if=". strtolower($if);
-ee90ed
+	if(isAllowedPage($security_url, $allowed))
-            0397013a
+		return true;
 	return false;
+}
-            b6742927
+/****f* pfsense-utils/have_ruleint_access
  * NAME
  *   have_ruleint_access
  * INPUTS
  *	 none
  * RESULT
  *   returns true if user has access to edit a specific firewall interface
  ******/
 function have_ruleint_access($if) {
 	$security_url = "firewall_rules.php?if=". strtolower($if);
-ee90ed
+	if(isAllowedPage($security_url))
 		return true;
-            b6742927
+	return false;
+}
-            10387862
+/****f* pfsense-utils/does_url_exist
  * NAME
  *   does_url_exist
  * INPUTS
  *	 none
  * RESULT
  *   returns true if a url is available
  ******/
 function does_url_exist($url) {
-c13b
+	$fd = fopen("$url","r");
-            10387862
+	if($fd) {
-cc6345e
+		fclose($fd);
-            10387862
+   		return true;
 	} else {
         return false;
+	}
+}
-bd75
+/****f* pfsense-utils/is_private_ip
  * NAME
  *   is_private_ip
  * INPUTS
  *	 none
  * RESULT
  *   returns true if an ip address is in a private range
  ******/
 function is_private_ip($iptocheck) {
         $isprivate = false;
         $ip_private_list=array(
                "10.0.0.0/8",
                "172.16.0.0/12",
                "192.168.0.0/16",
                "99.0.0.0/8"
         );
         foreach($ip_private_list as $private) {
                 if(ip_in_subnet($iptocheck,$private)==true)
                         $isprivate = true;
+        }
         return $isprivate;
+}
-cb370b9
+/****f* pfsense-utils/get_tmp_file
  * NAME
  *   get_tmp_file
  * INPUTS
  *	 none
  * RESULT
  *   returns a temporary filename
  ******/
-becf
+function get_tmp_file() {
 	return "/tmp/tmp-" . time();
+}
-cb370b9
+/****f* pfsense-utils/tdr_install_cron
  * NAME
  *   tdr_install_cron
  * INPUTS
  *   $should_install true if the cron entry should be installed, false
  *   if the entry should be removed if it is present
  * RESULT
  *   none
  ******/
-c0dd6a8
+function tdr_install_cron($should_install) {
-cf85dc
+	global $config, $g;
 	if($g['booting']==true)
 		return;
-c0dd6a8
+	$is_installed = false;
-e19ee66
+	if(!$config['cron']['item'])
 		return;
-a08bf6b
+	$x=0;
-c0dd6a8
+	foreach($config['cron']['item'] as $item) {
-            a0ff31f2
+		if(strstr($item['command'], "filter_configure_sync")) {
-c0dd6a8
+			$is_installed = true;
-            e85212d9
+			break;
-c0dd6a8
+            Scott Ullrich
-            e85212d9
+		$x++;
-c0dd6a8
+            Scott Ullrich
 	switch($should_install) {
 		case true:
 			if(!$is_installed) {
 				$cron_item = array();
 				$cron_item['minute'] = "0,15,30,45";
 				$cron_item['hour'] = "*";
 				$cron_item['mday'] = "*";
 				$cron_item['month'] = "*";
 				$cron_item['wday'] = "*";
 				$cron_item['who'] = "root";
-            a0ff31f2
+				$cron_item['command'] = "/etc/rc.filter_configure_sync";
-c0dd6a8
+				$config['cron']['item'][] = $cron_item;
 				write_config("Installed 15 minute filter reload for Time Based Rules");
 				configure_cron();
+			}
 		break;
 		case false:
-c7242ff
+			if($is_installed == true) {
 				if($x > 0) {
 					unset($config['cron']['item'][$x]);
 					write_config();
+				}
 				configure_cron();
-a08bf6b
+            Scott Ullrich
-c0dd6a8
+		break;
+	}
+}
-cce7
+/****f* pfsense-utils/tdr_create_ipfw_rule
  * NAME
  *   tdr_create_ipfw_rule
  * INPUTS
  *   $rule xml firewall rule array, $type allow or deny
  * RESULT
  *   text string with ipfw rule already formatted
  ******/
-d0177a4
+function tdr_create_ipfw_rule($rule, $type) {
-            ffecf891
+		global $config, $g, $tdr_get_next_ipfw_rule;
-d0177a4
+            Scott Ullrich
 		$wancfg = $config['interfaces']['wan'];
 		$lancfg = $config['interfaces']['lan'];
 		$pptpdcfg = $config['pptpd'];
 		$pppoecfg = $config['pppoe'];
 		$lanif = $lancfg['if'];
 		$wanif = get_real_wan_interface();
 		$lanip = $lancfg['ipaddr'];
 		$lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']);
 		$lansn = $lancfg['subnet'];
 		$int = "";
 		$optcfg = array();
 		generate_optcfg_array($optcfg);
 		$curwanip = get_current_wan_address();
 		/* don't include disabled rules */
 		if (isset($rule['disabled'])) {
 			return "";
+		}
 		$pptpdcfg = $config['pptpd'];
 		$pppoecfg = $config['pppoe'];
 		if ($pptpdcfg['mode'] == "server") {
 			$pptpip = $pptpdcfg['localip'];
 			$pptpsa = $pptpdcfg['remoteip'];
 			$pptpsn = $g['pptp_subnet'];
 			if($config['pptp']['pptp_subnet'] <> "")
 				$pptpsn = $config['pptp']['pptp_subnet'];
+		}
 		if ($pppoecfg['mode'] == "server") {
 			$pppoeip = $pppoecfg['localip'];
 			$pppoesa = $pppoecfg['remoteip'];
 			$pppoesn = $g['pppoe_subnet'];
 			if($config['pppoe']['pppoe_subnet'] <> "")
 				$pppoesn = $config['pppoe']['pppoe_subnet'];
+		}
 		/* does the rule deal with a PPTP interface? */
 		if ($rule['interface'] == "pptp") {
 			if ($pptpdcfg['mode'] != "server")
 				return "";
 			$nif = $g['n_pptp_units'];
 			if($config['pptp']['n_pptp_units'] <> "")
 				$nif = $config['pptp']['n_pptp_units'];
 			$ispptp = true;
 		} else if($rule['interface'] == "pppoe") {
 			if ($pppoecfg['mode'] != "server") {
 				return " # Error creating pppoe rule";
+			}
 			$nif = $g['n_pppoe_units'];
 			if($config['pppoe']['n_pppoe_units'] <> "")
 				$nif = $config['pppoe']['n_pppoe_units'];
 			$ispppoe = true;
 		} else {
 			/* Check to see if the interface is opt and in our opt list */
 			if (strstr($rule['interface'], "opt")) {
  				if (!array_key_exists($rule['interface'], $optcfg)) {
 					$item = "";
 					foreach($optcfg as $oc) $item .= $oc['if'];
 					return "# {$real_int} {$item} {$rule['interface']} array key does not exist for " . $rule['descr'];
+				}
+			}
 			$nif = 1;
 			$ispptp = false;
 			$ispppoe = false;
+		}
 		if ($pptpdcfg['mode'] != "server") {
 			if (($rule['source']['network'] == "pptp") ||
 				($rule['destination']['network'] == "pptp")) {
 					return "# source network or destination network == pptp on " . $rule['descr'];
+				}
+		}
 		if ($rule['source']['network'] && strstr($rule['source']['network'], "opt")) {
 			if (!array_key_exists($rule['source']['network'], $optcfg)) {
 				$optmatch = "";
 				if(preg_match("/opt([0-999])/", $rule['source']['network'], $optmatch)) {
 					$real_opt_int = convert_friendly_interface_to_real_interface_name("opt" . $optmatch[1]);
 					$opt_ip = find_interface_ip($real_opt_int);
 					if(!$opt_ip)
 						return "# unresolvable optarray $real_opt_int - $optmatch[0] - $opt_ip";
 				} else {
 					return "# {$rule['source']['network']} !array_key_exists source network " . $rule['descr'];
+				}
+			}
+		}
 		if ($rule['destination']['network'] && strstr($rule['destination']['network'], "opt")) {
 			if (!array_key_exists($rule['destination']['network'], $optcfg)) {
 				if(preg_match("/opt([0-999])/", $rule['destination']['network'], $optmatch)) {
 					$real_opt_int = convert_friendly_interface_to_real_interface_name("opt" . $optmatch[1]);
 					$opt_ip = find_interface_ip($real_opt_int);
 					if(!$opt_ip)
 						return "# unresolvable oparray $real_opt_int - $optmatch[0] - $opt_ip";
 				} else {
 					return "# {$item} {$rule['destination']['network']} !array_key_exists dest network " . $rule['descr'];
+				}
+			}
+		}
 		/* check for unresolvable aliases */
 		if ($rule['source']['address'] && !alias_expand($rule['source']['address'])) {
 			file_notice("Filter_Reload", "# unresolvable source aliases {$rule['descr']}");
 			return "# tdr unresolvable source aliases {$rule['descr']}";
+		}
 		if ($rule['destination']['address'] && !alias_expand($rule['destination']['address'])) {
 			file_notice("Filter_Reload", "# unresolvable dest aliases {$rule['descr']}");
 			return "# tdr unresolvable dest aliases {$rule['descr']}";
+		}
-a4ce87d
+		/* if list */
         	$ifdescrs = get_configured_interface_list();
-d0177a4
+            Scott Ullrich
 		for ($iif = 0; $iif < $nif; $iif++) {
 			if ($ispptp) {
-bc061
+				$aline['interface'] = "\$pptp ";
-d0177a4
+			} else if ($ispppoe) {
-bc061
+				$aline['interface'] = "\$pppoe ";
-d0177a4
+			} else {
 				// translate wan, man, lan, opt to real interface.
 				$interface = $rule['interface'];
-ee1ec5
+				$temp = $config['interfaces'][$interface]['descr'];
-d0177a4
+				if($temp <> "") $interface = $temp;
-bc061
+				$aline['interface'] = convert_friendly_interface_to_real_interface_name($rule['interface']) . " ";
-d0177a4
+            Scott Ullrich
 			if (isset($rule['protocol'])) {
 				if($rule['protocol'] == "tcp/udp")
 					$aline['prot'] = "ip ";
 				elseif($rule['protocol'] == "icmp")
 					$aline['prot'] = "icmp ";
 				else
 					$aline['prot'] = "{$rule['protocol']} ";
 			} else {
 				if($rule['source']['port'] <> "" || $rule['destination']['port'] <> "") {
 					$aline['prot'] = "tcp ";
+				}
+			}
 			/* source address */
 			if (isset($rule['source']['any'])) {
 				$src = "any";
 			} else if ($rule['source']['network']) {
 				if (strstr($rule['source']['network'], "opt")) {
 					$src = $optcfg[$rule['source']['network']]['sa'] . "/" .
 						$optcfg[$rule['source']['network']]['sn'];
-            a53c0219
+					if (isset($rule['source']['not'])) $src = " not {$src}";
-d0177a4
+					/* check for opt$NUMip here */
 					$matches = "";
 					if (preg_match("/opt([0-9999])ip/", $rule['source']['network'], $matches)) {
 						$optnum = $matches[1];
 						$real_int = convert_friendly_interface_to_real_interface_name("opt{$optnum}");
 						$src = find_interface_ip($real_int);
+					}
 				} else {
 					switch ($rule['source']['network']) {
 						case 'wanip':
 							$src = $curwanip;
 							break;
 						case 'lanip':
 							$src = $lanip;
 							break;
 						case 'lan':
 							$src = "{$lansa}/{$lansn}";
 							break;
 						case 'pptp':
 							$src = "{$pptpsa}/{$pptpsn}";
 							break;
 						case 'pppoe':
 							$src = "{$pppoesa}/{$pppoesn}";
 							break;
+					}
-            a53c0219
+					if (isset($rule['source']['not'])) $src = " not {$src}";
-d0177a4
+            Scott Ullrich
 			} else if ($rule['source']['address']) {
 				$expsrc = alias_expand_value($rule['source']['address']);
 				if(!$expsrc)
 					$expsrc = $rule['source']['address'];
 				if (isset($rule['source']['not']))
 					$not = " not";
 				else
 					$not = "";
 				if(alias_expand_value($rule['source']['address'])) {
 					$src = "{";
 					$first_item = true;
 					foreach(preg_split("/[\s]+/", alias_expand_value($rule['source']['address'])) as $item) {
 						if($item != "") {
 							if(!$first_item)
 								$src .= " or";
 							$src .= " {$not}{$item}";
 							$first_item = false;
+						}
+					}
 					$src .= " }";
 				} else {
 					$src = "{$not}" . $expsrc;
+				}
+			}
 			if (!$src || ($src == "/")) {
 				return "# tdr at the break!";
+			}
 			$aline['src'] = "from $src ";
-e17dc
+			$srcporta = "";
-d0177a4
+			if (in_array($rule['protocol'], array("tcp","udp","tcp/udp"))) {
 				if ($rule['source']['port']) {
 					$srcport = explode("-", $rule['source']['port']);
-e17dc
+					if(alias_expand($srcport[0])) {
 						$first_time = true;
 						foreach(preg_split("/[\s]+/", alias_expand_value($srcport[0])) as $item) {
 							if(!$first_time)
 								$srcporta .= ",";
 							$srcporta .= $item;
 							$first_time = false;
+						}
 					} else {
-d0177a4
+						$srcporta = $srcport[0];
-e17dc
+            Scott Ullrich
-d0177a4
+					if ((!$srcport[1]) || ($srcport[0] == $srcport[1])) {
 						if(alias_expand($srcport[0]))
 							$aline['srcport'] = "{$srcporta} ";
 						else
 							$aline['srcport'] = "{$srcporta} ";
 					} else if (($srcport[0] == 1) && ($srcport[1] == 65535)) {
 						/* no need for a port statement here */
 					} else if ($srcport[1] == 65535) {
-            e4913b90
+						$aline['srcport'] = ">={$srcport[0]} ";
-d0177a4
+					} else if ($srcport[0] == 1) {
-            e4913b90
+						$aline['srcport']= "<={$srcport[1]} ";
-d0177a4
+					} else {
-            e4913b90
+						$aline['srcport'] = "{$srcport[0]}-{$srcport[1]} ";
-d0177a4
+            Scott Ullrich
+				}
+			}
 			/* destination address */
 			if (isset($rule['destination']['any'])) {
 				$dst = "any";
 			} else if ($rule['destination']['network']) {
 				if (strstr($rule['destination']['network'], "opt")) {
 					$dst = $optcfg[$rule['destination']['network']]['sa'] . "/" .
 						$optcfg[$rule['destination']['network']]['sn'];
 					/* check for opt$NUMip here */
 					$matches = "";
 					if (preg_match("/opt([0-9999])ip/", $rule['destination']['network'], $matches)) {
 						$optnum = $matches[1];
 						$real_int = convert_friendly_interface_to_real_interface_name("opt{$optnum}");
 						$dst = find_interface_ip($real_int);
+					}
-            a53c0219
+					if (isset($rule['destination']['not'])) $dst = " not {$dst}";
-d0177a4
+				} else {
 					switch ($rule['destination']['network']) {
 						case 'wanip':
 							$dst = $curwanip;
 							break;
 						case 'lanip':
 							$dst = $lanip;
 							break;
 						case 'lan':
 							$dst = "{$lansa}/{$lansn}";
 							break;
 						case 'pptp':
 							$dst = "{$pptpsa}/{$pptpsn}";
 							break;
 						case 'pppoe':
 							$dst = "{$ppoesa}/{$pppoesn}";
 							break;
+					}
-            a53c0219
+					if (isset($rule['destination']['not'])) $dst = " not {$dst}";
-d0177a4
+            Scott Ullrich
 			} else if ($rule['destination']['address']) {
 				$expdst = alias_expand_value($rule['destination']['address']);
 				if(!$expdst)
 					$expdst = $rule['destination']['address'];
 				if (isset($rule['destination']['not']))
 					$not = " not ";
 				else
 					$not = "";
 				if(alias_expand_value($rule['destination']['address'])) {
 					$dst = "{";
 					$first_item = true;
 					foreach(preg_split("/[\s]+/", alias_expand_value($rule['destination']['address'])) as $item) {
 						if($item != "") {
 							if(!$first_item)
 								$dst .= " or";
 							$dst .= " {$not}{$item}";
 							$first_item = false;
+						}
+					}
 					$dst .= " }";
 				} else {
 					$dst = "{$not}" . $expdst;
+				}
+			}
 			if (!$dst || ($dst == "/")) {
 				return "# returning at dst $dst == \"/\"";
+			}
 			$aline['dst'] = "to $dst ";
-e17dc
+			$dstporta = "";
-d0177a4
+			if (in_array($rule['protocol'], array("tcp","udp","tcp/udp"))) {
 				if ($rule['destination']['port']) {
 					$dstport = explode("-", $rule['destination']['port']);
-e17dc
+					if(alias_expand($dstport[0])) {
 						$first_time = true;
 						foreach(preg_split("/[\s]+/", alias_expand_value($dstport[0])) as $item) {
 							if(!$first_time)
 							 	$dstporta .= ",";
 							$dstporta .= $item;
 							$first_time = false;
+						}
 					} else {
-d0177a4
+						$dstporta = $dstport[0];
-e17dc
+            Scott Ullrich
-d0177a4
+					if ((!$dstport[1]) || ($dstport[0] == $dstport[1])) {
 						if(alias_expand($dstport[0]))
 							$aline['dstport'] = "{$dstporta} ";
 						else
 							$aline['dstport'] = "{$dstporta} ";
 					} else if (($dstport[0] == 1) && ($dstport[1] == 65535)) {
 						/* no need for a port statement here */
 					} else if ($dstport[1] == 65535) {
-            e4913b90
+						$aline['dstport'] = ">= {$dstport[0]} ";
-d0177a4
+					} else if ($dstport[0] == 1) {
-            e4913b90
+						$aline['dstport'] = "<= {$dstport[1]} ";
-d0177a4
+					}  else {
-            e4913b90
+						$aline['dstport'] = "{$dstport[0]}-{$dstport[1]} ";
-d0177a4
+            Scott Ullrich
+				}
+			}
+	}
-bc061
+            Scott Ullrich
 	if($aline['prot'] == "")
 		$aline['prot'] = "ip ";
-            ffecf891
+            Scott Ullrich
 	tdr_get_next_ipfw_rule();
  	/* piece together the actual user rule */
-fbff
+	if($type == "skipto") {
-bbeb09d
+		$next_rule = tdr_get_next_ipfw_rule();
 		$next_rule = $next_rule+1;
-            ffecf891
+		$type = "skipto $next_rule";
+	}
-d0177a4
+	/* piece together the actual user rule */
-bc061
+	$line .= $type . " " . $aline['prot'] . $aline['src'] .
-ae8a3ef
+	$aline['srcport'] . $aline['dst'] . $aline['dstport'] . " in recv " . $aline['interface'];
-d0177a4
+            Scott Ullrich
 	return $line;
+}
-cce7
+/****f* pfsense-utils/tdr_install_rule
  * NAME
  *   tdr_install_rule
  * INPUTS
  *   $rule - ascii string containing the ifpw rule to add
  * RESULT
  *   none
  ******/
-d0177a4
+function tdr_install_rule($rule) {
-            ffecf891
+	global $tdr_next_ipfw_rule;
 	mwexec("/sbin/ipfw -f add $tdr_next_ipfw_rule set 9 $rule");
 	$tdr_next_ipfw_rule++;
-d0177a4
+            Scott Ullrich
-            ffecf891
+/****f* pfsense-utils/tdr_get_next_ipfw_rule
  * NAME
  *   tdr_get_next_ipfw_rule
  * INPUTS
  *  none
  * RESULT
  *   returns the next available ipfw rule number
  ******/
 function tdr_get_next_ipfw_rule() {
 	global $tdr_next_ipfw_rule;
-            d1d16ec7
+	if(intval($tdr_next_ipfw_rule) < 2)
-            ffecf891
+		$tdr_next_ipfw_rule = 2;
 	return $tdr_next_ipfw_rule;
+ }
-cce7
+/****f* pfsense-utils/tdr_install_set
  * NAME
  *   tdr_install_set
  * INPUTS
  *  none
  * RESULT
  *   swaps in the temporary ipfw time based rule set
  ******/
-d0177a4
+function tdr_install_set() {
-            e78c0771
+	global $config;
-            b18e3f2e
+	mwexec("/sbin/ipfw delete 1");
-b7ea7db
+	mwexec("/sbin/ipfw add 1 check-state");
-            b18e3f2e
+	mwexec("/sbin/ipfw delete 65534");
 	mwexec("/sbin/ipfw add 1 allow all from me to any keep-state");
-            e78c0771
+	if (!isset ($config['system']['webgui']['noantilockout'])) {
 		/* lan ip lockout */
 		$lancfg = $config['interfaces']['lan'];
 		$lanip = $lancfg['ipaddr'];
 		$lansn = $lancfg['subnet'];
 		$lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']);
 		mwexec("/sbin/ipfw add 1 allow all from {$lansa}/{$lansn} to $lanip keep-state");
+	}
-            b18e3f2e
+	mwexec("/sbin/ipfw add 65534 check-state");
-            e78c0771
+	/* set 8 contains time based rules */
-d0177a4
+	mwexec("/sbin/ipfw -f delete set 8");
 	mwexec("/sbin/ipfw -f set swap 9 8");
+}
-            da32c14c
+/****f* pfsense-utils/get_time_based_rule_status
  * NAME
  *   get_time_based_rule_status
  * INPUTS
  *   xml schedule block
  * RESULT
  *   true/false - true if the rule should be installed
  ******/
 /*
  <schedules>
    <schedule>
      <name>ScheduleMultipleTime</name>
      <descr>main descr</descr>
      <time>
-            7568638b
+       <position>0,1,2</position>
-c913d2
+       <hour>0:0-24:0</hour>
-            da32c14c
+       <desc>time range 2</desc>
      </time>
      <time>
-            7568638b
+       <position>4,5,6</position>
-            da32c14c
+       <hour>0:0-24:0</hour>
        <desc>time range 1</desc>
      </time>
    </schedule>
  </schedules>
 */
 function get_time_based_rule_status($schedule) {
-e80ce90
+	$should_add_rule = false;
-c913d2
+	global $debug;
-            da32c14c
+	/* no schedule? rule should be installed */
 	if($schedule == "")
 		return true;
-c913d2
+	/*
 	 * iterate through time blocks and deterimine
 	 * if the rule should be installed or not.
 	 */
-            c2aefc7a
+	foreach($schedule['timerange'] as $timeday) {
 		if($timeday['month'])
 			$month = $timeday['month'];
-c913d2
+		else
 			$week = "";
-            da32c14c
+		if($timeday['day'])
 			$day = $timeday['day'];
 		else
 			$day = "";
 		if($timeday['hour'])
 			$hour = $timeday['hour'];
 		else
 			$hour = "";
-c913d2
+		if($timeday['position'])
 			$position = $timeday['position'];
 		else
 			$position = "";
-            da32c14c
+		if($timeday['desc'])
 			$desc = $timeday['desc'];
 		else
 			$desc = "";
-            c2aefc7a
+		if($month) {
 			$monthstatus = tdr_month($month);
-            dfa29ccc
+		} else {
-            c2aefc7a
+			$monthstatus = true;
-c913d2
+            Scott Ullrich
 		if($day) {
 			$daystatus = tdr_day($day);
-            dfa29ccc
+		} else {
 			$daystatus = true;
-c913d2
+            Scott Ullrich
 		if($hour) {
 			$hourstatus = tdr_hour($hour);
-            dfa29ccc
+		} else {
 			$hourstatus = true;
-c913d2
+            Scott Ullrich
 		if($position) {
 			$positionstatus = tdr_position($position);
-            dfa29ccc
+		} else {
 			$positionstatus = true;
+		}
-f6
+            Scott Ullrich
-            9865652e
+		if($monthstatus == true)
 			if($daystatus == true)
 				if($positionstatus == true)
 					if($hourstatus == true) {
 						$should_add_rule = true;
+					}
-            da32c14c
+            Scott Ullrich
-            9865652e
+            Scott Ullrich
-            da32c14c
+	return $should_add_rule;
+}
 function tdr_day($schedule) {
-c913d2
+	/*
 	 * Calculate day of month.
 	 * IE: 29th of may
 	 */
 	global $debug;
 	$weekday	= date("w");
-a6d2f63
+	if ($weekday == 0)
 		$weekday = 7;
-c913d2
+	$date	 	= date("d");
-            1394846f
+	$defined_days = split(",", $schedule);
-            ffecf891
+	log_error("[TDR DEBUG] tdr_day($schedule)");
-            1394846f
+	foreach($defined_days as $dd) {
-c247ed5
+		if($date == $dd) {
-            1394846f
+			return true;
-c247ed5
+            Scott Ullrich
-            1394846f
+            Scott Ullrich
-            da32c14c
+	return false;
+}
 function tdr_hour($schedule) {
-c913d2
+	/* $schedule should be a string such as 16:00-19:00 */
 	global $debug;
 	$tmp = split("-", $schedule);
 	$starting_time = strtotime($tmp[0]);
 	$ending_time = strtotime($tmp[1]);
 	$now = strtotime("now");
-            ffecf891
+	log_error("[TDR DEBUG] S: $starting_time E: $ending_time N: $now");
-c247ed5
+	if($now >= $starting_time and $now <= $ending_time) {
-c913d2
+		return true;
-c247ed5
+            Scott Ullrich
-            da32c14c
+	return false;
+}
 function tdr_position($schedule) {
-c913d2
+	/*
 	 * Calculate possition, ie: day of week.
-a6d2f63
+	 * Sunday = 7, Monday = 1, Tuesday = 2
-de1e8
+	 * Weds = 3, Thursday = 4, Friday = 5,
 	 * Saturday = 6
-c913d2
+	 * ...
 	 */
 	global $debug;
 	$weekday	= date("w");
-            ffecf891
+	log_error("[TDR DEBUG] tdr_position($schedule) $weekday");
-a6d2f63
+	if ($weekday == 0)
 		$weekday = 7;
-a3c91
+	$schedule_days = split(",", $schedule);
 	foreach($schedule_days as $day) {
-c247ed5
+		if($day == $weekday) {
-a3c91
+			return true;
-c247ed5
+            Scott Ullrich
-a3c91
+            Scott Ullrich
-            da32c14c
+	return false;
+}
-            c2aefc7a
+function tdr_month($schedule) {
-c913d2
+	/*
-            c2aefc7a
+	 * Calculate month
-c913d2
+	 */
 	global $debug;
-            c2aefc7a
+	$todays_month = date("n");
 	$months = split(",", $schedule);
-            ffecf891
+	log_error("[TDR DEBUG] tdr_month($schedule)");
-            c2aefc7a
+	foreach($months as $month) {
-c247ed5
+		if($month == $todays_month) {
-            cce81b9e
+			return true;
-c247ed5
+            Scott Ullrich
-            cce81b9e
+            Scott Ullrich
-            da32c14c
+	return false;
+}
-becf
+/****f* pfsense-utils/find_number_of_needed_carp_interfaces
  * NAME
  *   find_number_of_needed_carp_interfaces
  * INPUTS
  *   null
  * RESULT
  *   the number of needed carp interfacs
  ******/
 function find_number_of_needed_carp_interfaces() {
 	global $config, $g;
 	$carp_counter=0;
 	if(!$config['virtualip'])
 		return 0;
 	if(!$config['virtualip']['vip'])
 		return 0;
 	foreach($config['virtualip']['vip'] as $vip) {
 		if($vip['mode'] == "carp")
 			$carp_counter++;
+	}
 	return $carp_counter;
+}
 /****f* pfsense-utils/reset_carp
  * NAME
  *   reset_carp - resets carp after primary interface changes
  * INPUTS
  *   null
  * RESULT
  *   null
  ******/
 function reset_carp() {
 	$carp_counter=find_number_of_created_carp_interfaces();
 	$needed_carp_interfaces = find_number_of_needed_carp_interfaces();
 	mwexec("/sbin/sysctl net.inet.carp.allow=0");
 	for($x=0; $x<$carp_counter; $x++) {
 		mwexec("/sbin/ifconfig carp{$x} down");
-            cf79d727
+		usleep(1000);
-becf
+		mwexec("/sbin/ifconfig carp{$x} delete");
 		if($needed_carp_interfaces < $carp_counter) {
 			$needed_carp_interfaces--;
-cb54
+			//log_error("Destroying carp interface.");
 			//mwexec("/sbin/ifconfig carp{$x} destroy");
-becf
+            Scott Ullrich
+	}
 	find_number_of_created_carp_interfaces(true);
 	sleep(1);
 	mwexec("/sbin/sysctl net.inet.carp.allow=1");
 	interfaces_carp_configure();
+}
 /****f* pfsense-utils/get_dns_servers
  * NAME
  *   get_dns_servres - get system dns servers
  * INPUTS
  *   $dns_servers - an array of the dns servers
  * RESULT
  *   null
  ******/
 function get_dns_servers() {
 	$dns_servers = array();
 	$dns = `cat /etc/resolv.conf`;
 	$dns_s = split("\n", $dns);
 	foreach($dns_s as $dns) {
 		$matches = "";
 		if (preg_match("/nameserver (.*)/", $dns, $matches))
 			$dns_servers[] = $matches[1];
+	}
 	$dns_server_master = array();
 	$lastseen = "";
 	foreach($dns_servers as $t) {
 		if($t <> $lastseen)
 			if($t <> "")
 				$dns_server_master[] = $t;
 		$lastseen = $t;
+	}
 	return $dns_server_master;
+}
 /****f* pfsense-utils/log_error
 * NAME
 *   log_error  - Sends a string to syslog.
 * INPUTS
 *   $error     - string containing the syslog message.
 * RESULT
 *   null
 ******/
 function log_error($error) {
 	$page = $_SERVER['SCRIPT_NAME'];
 	syslog(LOG_WARNING, "$page: $error");
 	return;
+}
 /****f* pfsense-utils/get_interface_mac_address
  * NAME
  *   get_interface_mac_address - Return a interfaces mac address
  * INPUTS
  *   $interface	- interface to obtain mac address from
  * RESULT
  *   $mac - the mac address of the interface
  ******/
 function get_interface_mac_address($interface) {
 	$mac = exec("ifconfig {$interface} | awk '/ether/ {print $2}'");
 	if(is_macaddr($mac)) {
 		return trim($mac);
 	} else {
 		return "";
+	}
+}
 /****f* pfsense-utils/return_dir_as_array
  * NAME
  *   return_dir_as_array - Return a directory's contents as an array.
  * INPUTS
  *   $dir	- string containing the path to the desired directory.
  * RESULT
  *   $dir_array - array containing the directory's contents. This array will be empty if the path specified is invalid.
  ******/
 function return_dir_as_array($dir) {
 	$dir_array = array();
 	if (is_dir($dir)) {
 		if ($dh = opendir($dir)) {
 			while (($file = readdir($dh)) !== false) {
 				$canadd = 0;
 				if($file == ".") $canadd = 1;
 				if($file == "..") $canadd = 1;
 				if($canadd == 0)
 					array_push($dir_array, $file);
-da9fea0
+            Scott Ullrich
-becf
+			closedir($dh);
+		}
+	}
 	return $dir_array;
+}
 /****f* pfsense-utils/enable_hardware_offloading
  * NAME
  *   enable_hardware_offloading - Enable a NIC's supported hardware features.
  * INPUTS
  *   $interface	- string containing the physical interface to work on.
  * RESULT
  *   null
  * NOTES
  *   This function only supports the fxp driver's loadable microcode.
  ******/
 function enable_hardware_offloading($interface) {
 	global $g, $config;
 	if(stristr($interface,"lnc"))
-            d2eb5def
+		return;
-becf
+	if(isset($config['system']['do_not_use_nic_microcode']))
-c8c496e
+		return;
-becf
+            Scott Ullrich
 	if($g['booting']) {
 	/* translate wan, lan, opt -> real interface if needed */
 	$int = filter_translate_type_to_real_interface($interface);
 	if($int <> "") $interface = $int;
 	$int_family = preg_split("/[0-9]+/", $int);
 	$options = strtolower(`/sbin/ifconfig {$interface} | grep options`);
 	$supported_ints = array('fxp');
 	if (in_array($int_family, $supported_ints))
 		mwexec("/sbin/ifconfig {$interface} link0");
 	if($config['system']['disablechecksumoffloading'])
 		return;
 	if(stristr($options, "txcsum") == true)
 	    mwexec("/sbin/ifconfig {$interface} txcsum 2>/dev/null");
 	if(stristr($options, "rxcsum") == true)
 	    mwexec("/sbin/ifconfig {$interface} rxcsum 2>/dev/null");
 	if(stristr($options, "polling") == true)
 	    mwexec("/sbin/ifconfig {$interface} polling 2>/dev/null");
 	} else {
 		mwexec("sysctl kern.polling.enable=0");
+	}
 	return;
+}
 /****f* pfsense-utils/is_alias_inuse
  * NAME
  *   checks to see if an alias is currently in use by a rule
  * INPUTS
+ *
  * RESULT
  *   true or false
  * NOTES
+ *
  ******/
 function is_alias_inuse($alias) {
 	global $g, $config;
 	if($alias == "") return false;
 	/* loop through firewall rules looking for alias in use */
-e2e6b
+	if(is_array($config['filter']['rule']))
-becf
+		foreach($config['filter']['rule'] as $rule) {
-eee841
+			if($rule['source']['address'])
-becf
+				if($rule['source']['address'] == $alias)
-c8c496e
+					return true;
-eee841
+			if($rule['destination']['address'])
-becf
+				if($rule['destination']['address'] == $alias)
-c8c496e
+					return true;
+		}
-becf
+	/* loop through nat rules looking for alias in use */
 	if(is_array($config['nat']['rule']))
 		foreach($config['nat']['rule'] as $rule) {
 			if($rule['target'] == $alias)
 				return true;
 			if($rule['external-address'] == $alias)
 				return true;
+		}
 	return false;
+}
-b02
+/****f* pfsense-utils/is_schedule_inuse
  * NAME
  *   checks to see if a schedule is currently in use by a rule
  * INPUTS
+ *
  * RESULT
  *   true or false
  * NOTES
+ *
  ******/
 function is_schedule_inuse($schedule) {
 	global $g, $config;
 	if($schedule == "") return false;
 	/* loop through firewall rules looking for schedule in use */
 	if(is_array($config['filter']['rule']))
 		foreach($config['filter']['rule'] as $rule) {
-ceb32
+			if($rule['sched'] == $schedule)
 				return true;
-b02
+            Scott Dale
 	return false;
+}
-becf
+/****f* pfsense-utils/setup_polling_defaults
  * NAME
  *   sets up sysctls for pollingS
  * INPUTS
+ *
  * RESULT
  *   null
  * NOTES
+ *
  ******/
 function setup_polling_defaults() {
 	global $g, $config;
 	if($config['system']['polling_each_burst'])
 		mwexec("sysctl kern.polling.each_burst={$config['system']['polling_each_burst']}");
 	if($config['system']['polling_burst_max'])
 		mwexec("sysctl kern.polling.burst_max={$config['system']['polling_burst_max']}");
 	if($config['system']['polling_user_frac'])
 		mwexec("sysctl kern.polling.user_frac={$config['system']['polling_user_frac']}");
+}
 /****f* pfsense-utils/setup_polling
  * NAME
  *   sets up polling
  * INPUTS
+ *
  * RESULT
  *   null
  * NOTES
+ *
  ******/
 function setup_polling() {
 	global $g, $config;
 	setup_polling_defaults();
 	if(isset($config['system']['polling']))
 		$supported_ints = array('dc', 'em', 'fwe', 'fwip', 'fxp', 'ixgb', 'ste', 'nge', 're', 'rl', 'sf', 'sis', 'ste', 'vge', 'vr', 'xl');
 	else
 		$supported_ints = array();
-a4ce87d
+	/* if list */
         $iflist = get_configured_interface_list();
-becf
+            Scott Ullrich
 	foreach ($iflist as $ifent => $ifname) {
 		$real_interface = convert_friendly_interface_to_real_interface_name($ifname);
 		$supported = false;
 		foreach($supported_ints as $supported) {
 			if(stristr($real_interface, $supported)) {
 				$supported = true;
+			}
-c8c496e
+            Scott Ullrich
-becf
+		if ($supported == true) {
 			mwexec("/sbin/ifconfig {$real_interface} polling");
 		} else {
 			mwexec("/sbin/ifconfig {$real_interface} -polling");
+		}
+	}
+}
 /****f* pfsense-utils/setup_microcode
  * NAME
  *   enumerates all interfaces and calls enable_hardware_offloading which
  *   enables a NIC's supported hardware features.
  * INPUTS
+ *
  * RESULT
  *   null
  * NOTES
  *   This function only supports the fxp driver's loadable microcode.
  ******/
 function setup_microcode() {
-a4ce87d
+	/* if list */
         $ifdescrs = get_configured_interface_list();
-            e8df4c2f
+            Scott Ullrich
-becf
+	foreach($ifdescrs as $if)
 		enable_hardware_offloading($if);
+}
 /****f* pfsense-utils/return_filename_as_array
  * NAME
  *   return_filename_as_array - Return a file's contents as an array.
  * INPUTS
  *   $filename	- string containing the path to the desired file.
  *   $strip	- array of characters to strip - default is '#'.
  * RESULT
  *   $file	- array containing the file's contents.
  * NOTES
  *   This function strips lines starting with '#' and leading/trailing whitespace by default.
  ******/
 function return_filename_as_array($filename, $strip = array('#')) {
 	if(file_exists($filename)) $file = file($filename);
 	if(is_array($file)) {
 		foreach($file as $line) $line = trim($line);
 		foreach($strip as $tostrip) $file = preg_grep("/^{$tostrip}/", $file, PREG_GREP_INVERT);
+	}
 	return $file;
+}
 /****f* pfsense-utils/file_put_contents
  * NAME
  *   file_put_contents - Wrapper for file_put_contents if it doesn't exist
  * RESULT
  *   none
  ******/
 if(!function_exists("file_put_contents")) {
 	function file_put_contents($filename, $data) {
 		$fd = fopen($filename,"w");
 		fwrite($fd, $data);
 		fclose($fd);
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
 /****f* pfsense-utils/get_carp_status
  * NAME
  *   get_carp_status - Return whether CARP is enabled or disabled.
  * RESULT
  *   boolean	- true if CARP is enabled, false if otherwise.
  ******/
 function get_carp_status() {
     /* grab the current status of carp */
     $status = `/sbin/sysctl net.inet.carp.allow | cut -d" " -f2`;
     if(intval($status) == "0") return false;
     return true;
+}
 /****f* pfsense-utils/is_carp_defined
  * NAME
  *   is_carp_defined - Return whether CARP is detected in the kernel.
  * RESULT
  *   boolean	- true if CARP is detected, false otherwise.
  ******/
 function is_carp_defined() {
 	/* is carp compiled into the kernel and userland? */
 	$command = "/sbin/sysctl -a | grep carp";
 	$fd = popen($command . " 2>&1 ", "r");
 	if(!$fd) {
 		log_error("Warning, could not execute command {$command}");
 		return 0;
+	}
 	while(!feof($fd)) {
 		$tmp .= fread($fd,49);
+	}
 	fclose($fd);
 	if($tmp == "")
 		return false;
 	else
 		return true;
+}
 /****f* pfsense-utils/get_interface_mtu
  * NAME
  *   get_interface_mtu - Return the mtu of an interface
  * RESULT
  *   $tmp	- Returns the mtu of an interface
  ******/
 function get_interface_mtu($interface) {
-ee1ec5
+	$mtu = `/sbin/ifconfig {$interface} | /usr/bin/grep mtu | /usr/bin/cut -d" " -f6`;
-becf
+	return $mtu;
+}
 /****f* pfsense-utils/is_interface_wireless
  * NAME
  *   is_interface_wireless - Returns if an interface is wireless
  * RESULT
  *   $tmp	- Returns if an interface is wireless
  ******/
 function is_interface_wireless($interface) {
 	global $config, $g;
-accecf
+	$friendly = convert_real_interface_to_friendly_interface_name($interface);
 	if (preg_match($g['wireless_regex'], $interface)) {
 		$config['interfaces'][$friendly]['wireless'] = array();
 	} else {
 		unset($config['interfaces'][$friendly]['wireless']);
+	}
 	if(isset($config['interfaces'][$friendly]['wireless'])) {
-becf
+		return true;
-accecf
+	} else {
-becf
+		return false;
-accecf
+            Seth Mos
-becf
+            Scott Ullrich
 /****f* pfsense-utils/find_number_of_created_carp_interfaces
  * NAME
  *   find_number_of_created_carp_interfaces - Return the number of CARP interfaces.
  * RESULT
  *   $tmp	- Number of currently created CARP interfaces.
  ******/
 function find_number_of_created_carp_interfaces($flush = false) {
 	global $carp_interface_count_cache;
 	if (!isset($carp_interface_count_cache) or $flush) {
 		$command = "/sbin/ifconfig | /usr/bin/grep \"carp*:\" | /usr/bin/wc -l";
-b2d4769
+		$fd = popen($command . " 2>&1 ", "r");
 		if(!$fd) {
 			log_error("Warning, could not execute command {$command}");
 			return 0;
+		}
 		while(!feof($fd)) {
 			$tmp .= fread($fd,49);
+		}
 		fclose($fd);
-becf
+		$carp_interface_count_cache = intval($tmp);
+	}
 	return $carp_interface_count_cache;
+}
 /****f* pfsense-utils/link_int_to_bridge_interface
  * NAME
  *   link_int_to_bridge_interface - Finds out a bridge group for an interface
  * INPUTS
  *   $ip
  * RESULT
  *   bridge[0-99]
  ******/
 function link_int_to_bridge_interface($int) {
-e60
+	global $config;
-aa4f4
+            Ermal Luçi
 	if (is_array($config['bridges']['bridged']))
 		foreach ($config['bridges']['bridged'] as $bridge)
 			if(stristr($bridge['members'], "{$int}"))
 				return "{$bridge['bridgeif']}";
-becf
+            Scott Ullrich
-cde41
+function link_carp_interface_to_parent($interface) {
 	global $config;
 	if($interface == "") return;
-a4ce87d
+	/* if list */
         $ifdescrs = get_configured_interface_list();
-cde41
+            Scott Ullrich
-b51b3
+	$carp_int = $interface;
 	$carp_ip = find_interface_ip($interface);
 	$carp_subnet = find_virtual_ip_netmask($carp_ip);
 	$starting_ip = gen_subnet("{$carp_ip}", "{$carp_subnet}");
-cde41
+	$carp_ints = "";
 	$num_carp_ints = find_number_of_created_carp_interfaces();
-b51b3
+            Seth Mos
-cde41
+	foreach ($ifdescrs as $ifdescr => $ifname) {
-b51b3
+		if(interface_has_gateway($ifname)) {
 			$interfaceip = $config['interfaces'][$ifname]['ipaddr'];
 			$subnet_bits = $config['interfaces'][$ifname]['subnet'];
 			$subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
 			if(ip_in_subnet($carp_ip, "{$subnet_ip}/{$subnet_bits}")) {
-cde41
+				return $ifname;
-b51b3
+            Seth Mos
+		}
-cde41
+            Scott Ullrich
 	return $carp_ints;
+}
-becf
+/****f* pfsense-utils/link_ip_to_carp_interface
  * NAME
  *   link_ip_to_carp_interface - Find where a CARP interface links to.
  * INPUTS
  *   $ip
  * RESULT
  *   $carp_ints
  ******/
 function link_ip_to_carp_interface($ip) {
 	global $config;
 	if($ip == "") return;
-a4ce87d
+	/* if list */
         $ifdescrs = get_configured_interface_list();
-becf
+            Scott Ullrich
 	$ft = split("\.", $ip);
 	$ft_ip = $ft[0] . "." . $ft[1] . "." . $ft[2] . ".";
 	$carp_ints = "";
 	$num_carp_ints = find_number_of_created_carp_interfaces();
 	foreach ($ifdescrs as $ifdescr => $ifname) {
 		for($x=0; $x<$num_carp_ints; $x++) {
 			$carp_int = "carp{$x}";
 			$carp_ip = find_interface_ip($carp_int);
-eb336c
+			$carp_subnet = find_virtual_ip_netmask($carp_ip);
-a871f19
+			$starting_ip = gen_subnet("{$carp_ip}", "{$carp_subnet}");
-becf
+			if(ip_in_subnet($ip, "{$starting_ip}/{$carp_subnet}"))
-eb336c
+				if(!stristr($carp_ints, $carp_int))
-becf
+					$carp_ints .= " " . $carp_int;
+		}
+	}
 	return $carp_ints;
+}
 /****f* pfsense-utils/find_virtual_ip_netmask
  * NAME
  *   find_virtual_ip_netmask - Finds a virtual ip's subnet mask'
  * INPUTS
  *   $ip - ip address to locate subnet mask of
  * RESULT
  *   String containing the command's result.
  * NOTES
  *   This function returns the command's stdout and stderr.
  ******/
 function find_virtual_ip_netmask($ip) {
         global $config;
         foreach($config['virtualip']['vip'] as $vip) {
                 if($ip == $vip['subnet'])
                         return $vip['subnet_bits'];
+        }
+}
 /****f* pfsense-utils/exec_command
  * NAME
  *   exec_command - Execute a command and return a string of the result.
  * INPUTS
  *   $command	- String of the command to be executed.
  * RESULT
  *   String containing the command's result.
  * NOTES
  *   This function returns the command's stdout and stderr.
  ******/
 function exec_command($command) {
 	$output = array();
 	exec($command . ' 2>&1 ', $output);
 	return(implode("\n", $output));
+}
 /****f* interfaces/is_jumbo_capable
  * NAME
  *   is_jumbo_capable - Test if interface is jumbo frame capable.  Useful for determining VLAN capability.
  * INPUTS
  *   $int             - string containing interface name
  * RESULT
  *   boolean          - true or false
  ******/
 function is_jumbo_capable($int) {
 	/* Per:
 	 * http://www.freebsd.org/cgi/man.cgi?query=vlan&manpath=FreeBSD+6.0-RELEASE&format=html
 	 * Only the following drivers support large frames
+         *
 	 * 'de' chipset purposely left out of this list
 	 * requires defining BIG_PACKET in the
 	 * /usr/src/sys/pci/if_de.c source file and rebuilding the
 	 * kernel or module.  The hack works only for the 21041,
 	 * 21140, and 21140A chips.
-c8c496e
+	 */
-becf
+	global $g;
 	$capable = $g['vlan_long_frame'];
 	$int_family = preg_split("/[0-9]+/", $int);
 	if (in_array($int_family[0], $capable))
 		return true;
 	else
-c8c496e
+		return false;
-becf
+            Scott Ullrich
 /*
  * Return the interface array
  */
 function get_interface_arr($flush = false) {
 	global $interface_arr_cache;
 	/* If the cache doesn't exist, build it */
 	if (!isset($interface_arr_cache) or $flush)
 		$interface_arr_cache = exec_command("/sbin/ifconfig -l");
 	return $interface_arr_cache;
+}
 /*
  * does_interface_exist($interface): return true or false if a interface is
  * detected.
  */
 function does_interface_exist($interface) {
-            bbcc5bcd
+	global $config;
-a7f82a
+            Scott Ullrich
 	if(!$interface)
 		return false;
-            bbcc5bcd
+	$ints = get_interface_arr();
-baa1e87
+	if(strtolower($interface) == "lan")
-            bbcc5bcd
+		if(!$config['interfaces']['lan'])
 			return false;
-becf
+            Scott Ullrich
 	if(stristr($ints, $interface) !== false)
 		return true;
 	else
 		return false;
+}
 /*
  * convert_ip_to_network_format($ip, $subnet): converts an ip address to network form
  */
 function convert_ip_to_network_format($ip, $subnet) {
 	$ipsplit = split('[.]', $ip);
 	$string = $ipsplit[0] . "." . $ipsplit[1] . "." . $ipsplit[2] . ".0/" . $subnet;
 	return $string;
+}
 /*
  * find_interface_ip($interface): return the interface ip (first found)
  */
 function find_interface_ip($interface, $flush = false) {
 	global $interface_ip_arr_cache;
 	$interface = str_replace("\n", "", $interface);
 	if(does_interface_exist($interface) == false) return;
 	/* Setup IP cache */
 	if (!isset($interface_ip_arr_cache[$interface]) or $flush) {
 		$interface_ip_arr_cache[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet\" | /usr/bin/cut -d\" \" -f 2| /usr/bin/head -1");
 		$interface_ip_arr_cache[$interface] = str_replace("\n", "", $interface_ip_arr_cache[$interface]);
+	}
 	return $interface_ip_arr_cache[$interface];
+}
 function guess_interface_from_ip($ipaddress) {
-            fa15ea86
+	$ret = exec_command("/sbin/route -n get {$ipaddress} | /usr/bin/grep interface | /usr/bin/awk '{ print \$2; };'");
-becf
+	return $ret;
+}
 /*
  * find_ip_interface($ip): return the interface where an ip is defined
  */
 function find_ip_interface($ip) {
-a4ce87d
+            Ermal Luçi
 	/* if list */
         $ifdescrs = get_configured_interface_list();
-becf
+	foreach ($ifdescrs as $ifdescr => $ifname) {
-ee1ec5
+		$int = convert_friendly_interface_to_real_interface_name($ifname);
-becf
+		$ifconfig = exec_command("/sbin/ifconfig {$int}");
-ee1ec5
+		if(stristr($ifconfig,$ip) <> false)
 			return $int;
-becf
+            Scott Ullrich
 	return false;
+}
 /*
  *  filter_translate_type_to_real_interface($interface): returns the real interface name
  *                                                       for a friendly interface.  ie: wan
  */
 function filter_translate_type_to_real_interface($interface) {
 	global $config;
-c4e80
+	if(isset($config['interfaces'][$interface]['pointtopoint']))
 		return "ppp0";
-becf
+	if($config['interfaces'][$interface]['if'] <> "") {
 		return $config['interfaces'][$interface]['if'];
 	} else {
 		return $interface;
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
 /*
  * get_carp_interface_status($carpinterface): returns the status of a carp ip
  */
 function get_carp_interface_status($carpinterface) {
 	/* basically cache the contents of ifconfig statement
 	to speed up this routine */
 	global $carp_query;
 	if($carp_query == "")
 	$carp_query = split("\n", `/sbin/ifconfig | /usr/bin/grep carp`);
 	$found_interface = 0;
 	foreach($carp_query as $int) {
 		if($found_interface == 1) {
 			if(stristr($int, "MASTER")) return "MASTER";
 			if(stristr($int, "BACKUP")) return "BACKUP";
 			if(stristr($int, "INIT")) return "INIT";
-c8c496e
+			return false;
+		}
-becf
+		if(stristr($int, $carpinterface) == true)
 		$found_interface=1;
+	}
 	return;
+}
 /*
  * get_pfsync_interface_status($pfsyncinterface): returns the status of a pfsync
  */
 function get_pfsync_interface_status($pfsyncinterface) {
     $result = does_interface_exist($pfsyncinterface);
     if($result <> true) return;
     $status = exec_command("/sbin/ifconfig {$pfsyncinterface} | /usr/bin/grep \"pfsync:\" | /usr/bin/cut -d\" \" -f5");
     return $status;
+}
 /*
  * find_carp_interface($ip): return the carp interface where an ip is defined
  */
 function find_carp_interface($ip) {
 	global $find_carp_ifconfig;
 	if($find_carp_ifconfig == "") {
 		$find_carp_ifconfig = array();
 		$num_carp_ints = find_number_of_created_carp_interfaces();
 		for($x=0; $x<$num_carp_ints; $x++) {
 			$find_carp_ifconfig[$x] = exec_command("/sbin/ifconfig carp{$x}");
+		}
+	}
 	$carps = 0;
 	foreach($find_carp_ifconfig as $fci) {
 		if(stristr($fci, $ip) == true)
 			return "carp{$carps}";
 		$carps++;
+	}
+}
 /*
  * add_rule_to_anchor($anchor, $rule): adds the specified rule to an anchor
  */
 function add_rule_to_anchor($anchor, $rule, $label) {
 	mwexec("echo " . $rule . " | /sbin/pfctl -a " . $anchor . ":" . $label . " -f -");
+}
 /*
  * remove_text_from_file
  * remove $text from file $file
  */
 function remove_text_from_file($file, $text) {
 	global $fd_log;
 	if($fd_log)
 		fwrite($fd_log, "Adding needed text items:\n");
 	$filecontents = file_get_contents($file);
 	$textTMP = str_replace($text, "", $filecontents);
 	$text = $textTMP;
 	if($fd_log)
 		fwrite($fd_log, $text);
 	$fd = fopen($file, "w");
 	fwrite($fd, $text);
 	fclose($fd);
+}
 /*
  * add_text_to_file($file, $text): adds $text to $file.
  * replaces the text if it already exists.
  */
-a6f3ca0
+function add_text_to_file($file, $text, $replace = false) {
-becf
+	if(file_exists($file) and is_writable($file)) {
-a6f3ca0
+		$filecontents = file($file);
-becf
+		$fout = fopen($file, "w");
-a6f3ca0
+            Scott Ullrich
 		$filecontents = array_map('rtrim', $filecontents);
 		array_push($filecontents, $text);
 		if ($replace)
 			$filecontents = array_unique($filecontents);
 		$file_text = implode("\n", $filecontents);
-becf
+		fwrite($fout, $file_text);
 		fclose($fout);
 		return true;
 	} else {
 		return false;
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
 /*
  *   after_sync_bump_adv_skew(): create skew values by 1S
  */
 function after_sync_bump_adv_skew() {
 	global $config, $g;
 	$processed_skew = 1;
 	$a_vip = &$config['virtualip']['vip'];
 	foreach ($a_vip as $vipent) {
 		if($vipent['advskew'] <> "") {
 			$processed_skew = 1;
 			$vipent['advskew'] = $vipent['advskew']+1;
+		}
+	}
 	if($processed_skew == 1)
 		write_config("After synch increase advertising skew");
+}
 /*
  * get_filename_from_url($url): converts a url to its filename.
  */
 function get_filename_from_url($url) {
 	return basename($url);
+}
 /*
  *   update_output_window: update bottom textarea dynamically.
  */
 function update_output_window($text) {
 	global $pkg_interface;
 	$log = ereg_replace("\n", "\\n", $text);
 	if($pkg_interface == "console") {
 		/* too chatty */
 	} else {
 		echo "\n<script language=\"JavaScript\">this.document.forms[0].output.value = \"" . $log . "\";</script>";
+	}
 	/* ensure that contents are written out */
 	ob_flush();
+}
 /*
  *   get_dir: return an array of $dir
  */
 function get_dir($dir) {
 	$dir_array = array();
 	$d = dir($dir);
 	while (false !== ($entry = $d->read())) {
 		array_push($dir_array, $entry);
+	}
 	$d->close();
 	return $dir_array;
+}
 /*
  *   update_output_window: update top textarea dynamically.
  */
 function update_status($status) {
 	global $pkg_interface;
 	if($pkg_interface == "console") {
 		echo $status . "\n";
 	} else {
 		echo "\n<script type=\"text/javascript\">document.forms[0].status.value=\"" . $status . "\";</script>";
+	}
 	/* ensure that contents are written out */
 	ob_flush();
+}
 /*
  *   exec_command_and_return_text_array: execute command and return output
  */
 function exec_command_and_return_text_array($command) {
 	$fd = popen($command . " 2>&1 ", "r");
 	while(!feof($fd)) {
 		$tmp .= fread($fd,49);
+	}
 	fclose($fd);
 	$temp_array = split("\n", $tmp);
 	return $temp_array;
+}
 /*
  *   exec_command_and_return_text: execute command and return output
  */
 function exec_command_and_return_text($command) {
 	return exec_command($command);
+}
 /*
-            fcfd5f4d
+ *   exec_command_and_return_output: execute command and update output window dynamically
-becf
+ */
 function execute_command_return_output($command) {
 	global $fd_log, $pkg_interface;
 	$fd = popen($command . " 2>&1 ", "r");
 	if($pkg_interface <> "console") {
 		echo "\n<script language=\"JavaScript\">this.document.forms[0].output.value = \"\";</script>";
+	}
 	$counter = 0;
 	$counter2 = 0;
 	while(!feof($fd)) {
 		$tmp = fread($fd, 50);
 		$tmp1 = ereg_replace("\n","\\n", $tmp);
 		$text = ereg_replace("\"","'", $tmp1);
 		$lasttext = "";
 		if($lasttext == "..") {
 			$text = "";
 			$lasttext = "";
 			$counter=$counter-2;
-da9fea0
+		} else {
-becf
+			$lasttext .= $text;
-            a5f0463a
+            Scott Ullrich
-becf
+		if($counter > 51) {
 			$counter = 0;
 			$extrabreak = "\\n";
-da9fea0
+		} else {
-becf
+	    $extrabreak = "";
 	    $counter++;
-c8c496e
+            Scott Ullrich
-becf
+		if($counter2 > 600) {
-c8c496e
+			if($pkg_interface <> "console") {
-becf
+				echo "\n<script language=\"JavaScript\">this.document.forms[0].output.value = \"\";</script>";
-af3ad5
+            Scott Ullrich
-becf
+			$counter2 = 0;
 		} else
 			$counter2++;
-c8c496e
+		if($pkg_interface <> "console") {
-becf
+			echo "\n<script language=\"JavaScript\">this.document.forms[0].output.value = this.document.forms[0].output.value + \"" . $text . $extrabreak .  "\"; f('output'); </script>";
+		}
+	}
 	fclose($fd);
+}
 /*
  * convert_friendly_interface_to_real_interface_name($interface): convert WAN to FXP0
  */
 function convert_friendly_interface_to_real_interface_name($interface) {
-e64aca
+	global $config;
-ee1ec5
+	$wanif = $interface;
 	switch ($interface) {
-            bb345bba
+		case "pptp":
 			$wanif = "pptp";
 			break;
 		case "pppoe":
 			$wanif = "pppoe";
 			break;
 		case "openvpn":
 			$wanif = "openvpn";
 			break;
 		case "enc0":
 			$wanif = "enc0";
 			break;
 		/* XXX: dial in support?!
 		case "ppp":
 			$wanif = "ppp";
 			break;
 		*/
 		default:
 			$iflist = get_configured_interface_with_descr(false,true);
-ee1ec5
+            Ermal Luçi
 		foreach ($iflist as $if => $ifdesc) {
 			if ($interface == $if || $interface == $ifdesc) {
 			$cfg = $config['interfaces'][$if];
 			switch ($cfg['ipaddr']) {
 			case "carpdev-dhcp":
 				$viparr = &$config['virtualip']['vip'];
 				$counter = 0;
 				if(is_array($viparr))
 				foreach ($viparr as $vip) {
 					if ($vip['mode'] == "carpdev-dhcp") {
 						if($vip['interface'] == $if) {
 							$wanif =  "carp{$counter}";
 							break;
+						}
 						$counter++;
 					} else if ($vip['mode'] = "carp")
 						$counter++;
+				}
 				break;
 			case "pppoe":
 				if ($if == "wan")
 					$wanif = "pppoe0";
 				else
 					$wanif = "pppoe" . substr($if,3);
 				break;
 			case "pptp":
 				if ($if == "wan")
 					$wanif = "pptp0";
 				else
 					$wanif = "pptp" . substr($if, 3);
 				break;
 			default:
 				if (isset($cfg['ispointtopoint']) && $cfg['pointtopoint'])
 					$wanif = "ppp0"; // XXX: PPP needs to convert to mpd
 				else
 					$wanif = $cfg['if'];
 				break;
+			}
 			break;
-a4ce87d
+            Ermal Luçi
-ee1ec5
+			break;
+			}
+		}
 		break;
+	}
     return $wanif;
-becf
+            Scott Ullrich
 /*
  * convert_real_interface_to_friendly_interface_name($interface): convert fxp0 -> wan, etc.
  */
-b0fad6
+function convert_real_interface_to_friendly_interface_name($interface = "wan") {
-becf
+	global $config;
-ee1ec5
+            Ermal Luçi
-b0fad6
+	if (stristr($interface, "pppoe")) {
-ee1ec5
+		$index = substr($interface, 5);
 		if (intval($index) > 0)
 			return "opt{$index}";
 		else
 			return "wan";
-b0fad6
+	} else if (stristr($interface, "pptp")) {
-ee1ec5
+		$index = substr($interface, 4);
                 if (intval($index) > 0)
                         return "opt{$index}";
                 else
                         return "wan";
-b0fad6
+	} else if (stristr($interface, "carp")) {
-ee1ec5
+		$index = substr($interface, 4);
 		$counter = 0;
 		foreach ($config['virtualip']['vip'] as $vip) {
 			if ($vip['mode'] == "carpdev-dhcp" || $vip['mode'] == "carp")  {
 				if (intval($index) == $counter)
 					return $vip['interface'];
 				$counter++;
+			}
+		}
+	}
-a4ce87d
+	/* if list */
         $ifdescrs = get_configured_interface_list();
-ee1ec5
+	foreach ($ifdescrs as $if => $ifname) {
 		if($config['interfaces'][$if]['if'] == $interface)
-becf
+			return $ifname;
-a4ce87d
+            Ermal Luçi
 		/* XXX: ermal - The 3 lines below are totally bogus code. */
-ee1ec5
+		$int = filter_translate_type_to_real_interface($if);
-a4ce87d
+		if($ifname == $interface)
 			return $ifname;
 		if($int == $interface)
 			return $ifname;
-becf
+            Scott Ullrich
-bf8bcda
+	return NULL;
-becf
+            Scott Ullrich
-ee1ec5
+/* attempt to resolve interface to friendly descr */
 function convert_friendly_interface_to_friendly_descr($interface) {
         global $config;
         switch ($interface) {
-            b3251a0c
+        	case "pptp":
 				$ifdesc = "PPTP";
 				break;
        		case "pppoe":
 				$ifdesc = "PPPoE";
 				break;
         	case "openvpn":
 				$ifdesc = "OpenVPN";
 				break;
         	case "enc0":
 			case "ipsec":
 				$ifdesc = "IPsec";
 				break;
-ee1ec5
+        default:
         	/* if list */
         	$ifdescrs = get_configured_interface_with_descr();
         	foreach ($ifdescrs as $if => $ifname) {
-            b3251a0c
+				if ($if == $interface || $ifname == $interface)
 					return $ifname;
-ee1ec5
+            Ermal Luçi
 		break;
+	}
         return $ifdesc;
+}
 function convert_real_interface_to_friendly_descr($interface) {
         global $config;
-b0fad6
+	$ifdesc = convert_real_interface_to_friendly_interface_name("{$interface}");
-ee1ec5
+            Ermal Luçi
-b0fad6
+	if ($ifdesc) {
 		$iflist = get_configured_interface_with_descr();
 		return $iflist[$ifdesc];
+	}
-ee1ec5
+        return $interface;
+}
-becf
+/*
  * update_progress_bar($percent): updates the javascript driven progress bar.
  */
 function update_progress_bar($percent) {
 	global $pkg_interface;
 	if($percent > 100) $percent = 1;
 	if($pkg_interface <> "console") {
 		echo "\n<script type=\"text/javascript\" language=\"javascript\">";
 		echo "\ndocument.progressbar.style.width='" . $percent . "%';";
 		echo "\n</script>";
 	} else {
 		echo " {$percent}%";
+	}
+}
 /****f* pfsense-utils/WakeOnLan
  * NAME
  *   WakeOnLan - Wake a machine up using the wake on lan format/protocol
  * RESULT
  *   true/false - true if the operation was successful
  ******/
 function WakeOnLan($addr, $mac)
+{
 	$addr_byte = explode(':', $mac);
 	$hw_addr = '';
 	for ($a=0; $a < 6; $a++)
 		$hw_addr .= chr(hexdec($addr_byte[$a]));
 	$msg = chr(255).chr(255).chr(255).chr(255).chr(255).chr(255);
 	for ($a = 1; $a <= 16; $a++)
 		$msg .= $hw_addr;
 	// send it to the broadcast address using UDP
 	$s = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
 	if ($s == false) {
 		log_error("Error creating socket!");
 		log_error("Error code is '".socket_last_error($s)."' - " . socket_strerror(socket_last_error($s)));
 	} else {
 		// setting a broadcast option to socket:
 		$opt_ret =  socket_set_option($s, 1, 6, TRUE);
 		if($opt_ret < 0)
 			log_error("setsockopt() failed, error: " . strerror($opt_ret));
 		$e = socket_sendto($s, $msg, strlen($msg), 0, $addr, 2050);
 		socket_close($s);
 		log_error("Magic Packet sent ({$e}) to {$addr} MAC={$mac}");
 		return true;
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
 	return false;
+}
 /*
  * gather_altq_queue_stats():  gather altq queue stats and return an array that
  *                             is queuename|qlength|measured_packets
  *                             NOTE: this command takes 5 seconds to run
  */
 function gather_altq_queue_stats($dont_return_root_queues) {
-            daaf143f
+	$stats = `/sbin/pfctl -vvsq & /bin/sleep 5`;
-becf
+	$stats_array = split("\n", $stats);
 	$queue_stats = array();
 	foreach ($stats_array as $stats_line) {
 		$match_array = "";
 		if (preg_match_all("/queue\s+(\w+)\s+/",$stats_line,$match_array))
 			$queue_name = $match_array[1][0];
 		if (preg_match_all("/measured:\s+.*packets\/s\,\s(.*)\s+\]/",$stats_line,$match_array))
 			$speed = $match_array[1][0];
 		if (preg_match_all("/borrows:\s+(.*)/",$stats_line,$match_array))
 			$borrows = $match_array[1][0];
 		if (preg_match_all("/suspends:\s+(.*)/",$stats_line,$match_array))
 			$suspends = $match_array[1][0];
 		if (preg_match_all("/dropped pkts:\s+(.*)/",$stats_line,$match_array))
 			$drops = $match_array[1][0];
 		if (preg_match_all("/measured:\s+(.*)packets/",$stats_line,$match_array)) {
 			$measured = $match_array[1][0];
 			if($dont_return_root_queues == true)
 				if(stristr($queue_name,"root_") == false)
 					array_push($queue_stats, "{$queue_name}|{$speed}|{$measured}|{$borrows}|{$suspends}|{$drops}");
+		}
+	}
 	return $queue_stats;
+}
 /*
  * reverse_strrchr($haystack, $needle):  Return everything in $haystack up to the *last* instance of $needle.
  *					 Useful for finding paths and stripping file extensions.
  */
 function reverse_strrchr($haystack, $needle) {
 	return strrpos($haystack, $needle) ? substr($haystack, 0, strrpos($haystack, $needle) +1 ) : false;
+}
 /*
  *  backup_config_section($section): returns as an xml file string of
  *                                   the configuration section
  */
 function backup_config_section($section) {
 	global $config;
 	$new_section = &$config[$section];
 	/* generate configuration XML */
 	$xmlconfig = dump_xml_config($new_section, $section);
 	$xmlconfig = str_replace("<?xml version=\"1.0\"?>", "", $xmlconfig);
 	return $xmlconfig;
+}
 /*
  *  backup_vip_config_section($section): returns as an xml file string of
  *                                   the configuration section
  */
 function backup_vip_config_section() {
 	global $config;
 	$new_section = &$config['virtualip'];
 	foreach($new_section['vip'] as $section) {
 		if($section['mode'] == "proxyarp") {
 			unset($section);
+		}
 		if($section['advskew'] <> "") {
 			$section_val = intval($section['advskew']);
 			$section_val=$section_val+100;
 			if($section_val > 255)
 				$section_val = 255;
 			$section['advskew'] = $section_val;
+		}
 		$temp['vip'][] = $section;
+   }
    return $temp;
+}
 /*
  *  restore_config_section($section, new_contents): restore a configuration section,
  *                                                  and write the configuration out
  *                                                  to disk/cf.
  */
 function restore_config_section($section, $new_contents) {
 	global $config, $g;
 	conf_mount_rw();
 	$fout = fopen("{$g['tmp_path']}/tmpxml","w");
 	fwrite($fout, $new_contents);
 	fclose($fout);
 	$section_xml = parse_xml_config($g['tmp_path'] . "/tmpxml", $section);
 	$config[$section] = &$section_xml;
 	unlink($g['tmp_path'] . "/tmpxml");
 	write_config("Restored {$section} of config file (maybe from CARP partner)");
 	conf_mount_ro();
 	return;
+}
 /*
  *  merge_config_section($section, new_contents):   restore a configuration section,
  *                                                  and write the configuration out
  *                                                  to disk/cf.  But preserve the prior
  * 													structure if needed
  */
 function merge_config_section($section, $new_contents) {
 	global $config;
 	conf_mount_rw();
 	$fname = get_tmp_filename();
 	$fout = fopen($fname, "w");
 	fwrite($fout, $new_contents);
 	fclose($fout);
 	$section_xml = parse_xml_config($fname, $section);
 	$config[$section] = $section_xml;
 	unlink($fname);
 	write_config("Restored {$section} of config file (maybe from CARP partner)");
 	conf_mount_ro();
 	return;
+}
 /*
  * http_post($server, $port, $url, $vars): does an http post to a web server
  *                                         posting the vars array.
  * written by nf@bigpond.net.au
  */
 function http_post($server, $port, $url, $vars) {
 	$user_agent = "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)";
 	$urlencoded = "";
 	while (list($key,$value) = each($vars))
 		$urlencoded.= urlencode($key) . "=" . urlencode($value) . "&";
 	$urlencoded = substr($urlencoded,0,-1);
 	$content_length = strlen($urlencoded);
 	$headers = "POST $url HTTP/1.1
 Accept: */*
 Accept-Language: en-au
 Content-Type: application/x-www-form-urlencoded
 User-Agent: $user_agent
 Host: $server
 Connection: Keep-Alive
 Cache-Control: no-cache
 Content-Length: $content_length
 ";
 	$errno = "";
 	$errstr = "";
 	$fp = fsockopen($server, $port, $errno, $errstr);
 	if (!$fp) {
-c8c496e
+		return false;
+	}
-becf
+            Scott Ullrich
 	fputs($fp, $headers);
 	fputs($fp, $urlencoded);
 	$ret = "";
 	while (!feof($fp))
 		$ret.= fgets($fp, 1024);
 	fclose($fp);
 	return $ret;
+}
 /*
  *  php_check_syntax($code_tocheck, $errormessage): checks $code_to_check for errors
  */
 if (!function_exists('php_check_syntax')){
 	function php_check_syntax($code_to_check, &$errormessage){
 		return false;
 		$fout = fopen("/tmp/codetocheck.php","w");
 		$code = $_POST['content'];
 		$code = str_replace("<?php", "", $code);
 		$code = str_replace("?>", "", $code);
 		fwrite($fout, "<?php\n\n");
 		fwrite($fout, $code_to_check);
 		fwrite($fout, "\n\n?>\n");
-c8c496e
+		fclose($fout);
-becf
+		$command = "/usr/local/bin/php -l /tmp/codetocheck.php";
 		$output = exec_command($command);
 		if (stristr($output, "Errors parsing") == false) {
 			echo "false\n";
 			$errormessage = '';
 			return(false);
 		} else {
 			$errormessage = $output;
 			return(true);
-c8c496e
+            Scott Ullrich
+	}
-becf
+            Scott Ullrich
 /*
  *  php_check_filename_syntax($filename, $errormessage): checks the file $filename for errors
  */
 if (!function_exists('php_check_syntax')){
 	function php_check_syntax($code_to_check, &$errormessage){
 		return false;
 		$command = "/usr/local/bin/php -l " . $code_to_check;
 		$output = exec_command($command);
 		if (stristr($output, "Errors parsing") == false) {
 			echo "false\n";
 			$errormessage = '';
 			return(false);
 		} else {
 			$errormessage = $output;
 			return(true);
+		}
+	}
+}
 /*
  * rmdir_recursive($path,$follow_links=false)
  * Recursively remove a directory tree (rm -rf path)
  * This is for directories _only_
  */
 function rmdir_recursive($path,$follow_links=false) {
 	$to_do = glob($path);
 	if(!is_array($to_do)) $to_do = array($to_do);
 	foreach($to_do as $workingdir) { // Handle wildcards by foreaching.
 		if(file_exists($workingdir)) {
 			if(is_dir($workingdir)) {
 				$dir = opendir($workingdir);
 				while ($entry = readdir($dir)) {
 					if (is_file("$workingdir/$entry") || ((!$follow_links) && is_link("$workingdir/$entry")))
 						unlink("$workingdir/$entry");
 					elseif (is_dir("$workingdir/$entry") && $entry!='.' && $entry!='..')
 						rmdir_recursive("$workingdir/$entry");
-a031
+            Scott Ullrich
-becf
+				closedir($dir);
 				rmdir($workingdir);
 			} elseif (is_file($workingdir)) {
 				unlink($workingdir);
+			}
+               	}
+	}
 	return;
+}
 /*
  *     get_memory()
  *     returns an array listing the amount of
  *     memory installed in the hardware
  *     [0]real and [1]available
  */
 function get_memory() {
 	if(file_exists("/var/log/dmesg.boot")) {
 		$mem = `cat /var/log/dmesg.boot | grep memory`;
 		$matches = "";
 		if (preg_match_all("/real memory  = .* \((.*) MB/", $mem, $matches))
 			$real = $matches[1];
 		if (preg_match_all("/avail memory = .* \((.*) MB/", $mem, $matches))
 			$avail = $matches[1];
 		return array($real[0],$avail[0]);
 	} else {
 		$mem = `dmesg -a`;
 		$matches = "";
 		if (preg_match_all("/real memory  = .* \((.*) MB/", $mem, $matches))
 			$real = $matches[1];
 		if (preg_match_all("/avail memory = .* \((.*) MB/", $mem, $matches))
 			$avail = $matches[1];
 		return array($real[0],$avail[0]);
+	}
+}
 /*
  *    safe_mkdir($path, $mode = 0755)
  *    create directory if it doesn't already exist and isn't a file!
  */
 function safe_mkdir($path, $mode=0755) {
 	global $g;
-            b3251a0c
+	if (!is_file($path) && !is_dir($path)) {
 		return @mkdir($path, $mode);
 	} else {
-becf
+		return false;
-            b3251a0c
+            Scott Ullrich
-becf
+            Scott Ullrich
 /*
  * make_dirs($path, $mode = 0755)
  * create directory tree recursively (mkdir -p)
  */
 function make_dirs($path, $mode = 0755) {
 	$base = '';
 	foreach (explode('/', $path) as $dir) {
 		$base .= "/$dir";
 		if (!is_dir($base)) {
 			if (!@mkdir($base, $mode))
 				return false;
-c8c496e
+            Scott Ullrich
+	}
-becf
+	return true;
+}
 /*
  * call_pfsense_method(): Call a method exposed by the pfsense.com XMLRPC server.
  */
 function call_pfsense_method($method, $params, $timeout = 0) {
-            cfceefc6
+	global $g, $config;
-d0358b
+	$ip = gethostbyname($g['product_website']);
 	if($ip == $g['product_website'])
-becf
+		return false;
 	global $g, $config;
 	$xmlrpc_base_url = $g['xmlrpcbaseurl'];
 	$xmlrpc_path = $g['xmlrpcpath'];
 	$msg = new XML_RPC_Message($method, array(XML_RPC_Encode($params)));
 	$cli = new XML_RPC_Client($xmlrpc_path, $xmlrpc_base_url);
 	$resp = $cli->send($msg, $timeout);
 	if(!$resp) {
 		log_error("XMLRPC communication error: " . $cli->errstr);
 		return false;
 	} elseif($resp->faultCode()) {
 		log_error("XMLRPC request failed with error " . $resp->faultCode() . ": " . $resp->faultString());
 		return false;
 	} else {
 		return XML_RPC_Decode($resp->value());
+	}
+}
 /*
  * check_firmware_version(): Check whether the current firmware installed is the most recently released.
  */
 function check_firmware_version($tocheck = "all", $return_php = true) {
 	global $g, $config;
-d0358b
+	$ip = gethostbyname($g['product_website']);
 	if($ip == $g['product_website'])
-becf
+		return false;
 	$rawparams = array("firmware" => array("version" => trim(file_get_contents('/etc/version'))),
 		"kernel"   => array("version" => trim(file_get_contents('/etc/version_kernel'))),
 		"base"     => array("version" => trim(file_get_contents('/etc/version_base'))),
 		"platform" => trim(file_get_contents('/etc/platform'))
 		);
 	if($tocheck == "all") {
 		$params = $rawparams;
 	} else {
 		foreach($tocheck as $check) {
 			$params['check'] = $rawparams['check'];
 			$params['platform'] = $rawparams['platform'];
+		}
+	}
 	if($config['system']['firmware']['branch']) {
 		$params['branch'] = $config['system']['firmware']['branch'];
+	}
 	if(!$versions = call_pfsense_method('pfsense.get_firmware_version', $params)) {
 		return false;
 	} else {
 		$versions["current"] = $params;
+	}
 	return $versions;
+}
 function get_disk_info() {
 	$diskout = "";
 	exec("/bin/df -h | /usr/bin/grep -w '/' | /usr/bin/awk '{ print $2, $3, $4, $5 }'", $diskout);
 	return explode(' ', $diskout[0]);
 	// $size, $used, $avail, $cap
+}
 /****f* pfsense-utils/display_top_tabs
  * NAME
  *   display_top_tabs - display tabs with rounded edges
  * INPUTS
-adfb2df
+ *   $text      - array of tabs
-becf
+ * RESULT
  *   null
  ******/
-adfb2df
+function display_top_tabs(& $tab_array) {
 	global $HTTP_SERVER_VARS;
 	global $config;
-aae364d
+	global $g;
-adfb2df
+            Scott Ullrich
-ee90ed
+	/*  does the user have access to this tab?
 	 *  master user has access to everything.
 	 *  if the user does not have access, simply
 	 *  unset the tab item.
 	 */
 	$tab_temp = array ();
 	foreach ($tab_array as $ta)
 		if(isAllowedPage($ta[2]))
 			$tab_temp[] = $ta;
 	/*
 		// FIXME :	if the checks are not good enough
 		//			in isAllowedPage, it needs to be
 		//			fixed instead of kludging here
 		// TODO: humm what shall we do with pkg_edit.php and pkg.php?
 		if ((strpos($link, "pkg.php")) !== false || (strpos($link, "pkg_edit.php")) !== false) {
 			$pos_equal = strpos($link, "=");
 			$pos_xmlsuffix = strpos($link, ".xml");
 			// do we match an absolute url including ?xml= foo
 			if(!isAllowedPage($link, $allowed))
 				$link = substr($link, $pos_equal +1, ($pos_xmlsuffix - $pos_equal +3));
-adfb2df
+            Scott Ullrich
-ee90ed
+		// next check - what if the basename contains a query string?
 		if ((strpos($link, "?")) !== false) {
 			$pos_qmark = strpos($link, "?");
 			$link = substr($link, 0, $pos_qmark);
+		}
 		$authorized_text = print_r($allowed, true);
 		if(is_array($authorized))
 			if (in_array(basename($link), $authorized))
 	*/
 	unset ($tab_array);
 	$tab_array = & $tab_temp;
-adfb2df
+            Scott Ullrich
-becf
+	echo "<table cellpadding='0' cellspacing='0'>\n";
-adfb2df
+	echo " <tr>\n";
-becf
+	$tabscounter = 0;
 	foreach ($tab_array as $ta) {
-adfb2df
+		if ($ta[1] == true) {
-becf
+			echo "  <td bgcolor='#EEEEEE' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"><div id='tabactive'></div></td>\n";
-c8c496e
+		} else {
-becf
+			echo "  <td bgcolor='#777777' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"><div id='tabdeactive{$tabscounter}'></div></td>\n";
-c8c496e
+            Scott Ullrich
-becf
+		$tabscounter++;
-c8c496e
+            Scott Ullrich
-becf
+	echo "</tr>\n<tr>\n";
 	foreach ($tab_array as $ta) {
-adfb2df
+		if ($ta[1] == true) {
 			echo "  <td height=\"15\" valign=\"middle\" bgcolor='#EEEEEE' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"><B>&nbsp;&nbsp;&nbsp;{$ta[0]}";
-becf
+			echo "&nbsp;&nbsp;&nbsp;";
-adfb2df
+			echo "<font size='-12'>&nbsp;</font></B></td>\n";
-c8c496e
+		} else {
-adfb2df
+			echo "  <td height=\"15\" valign=\"middle\" bgcolor='#777777' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"><B>&nbsp;&nbsp;&nbsp;<a href='{$ta[2]}'>";
 			echo "<font color='white'>{$ta[0]}</font></a>&nbsp;&nbsp;&nbsp;";
 			echo "<font size='-12'>&nbsp;</font></B></td>\n";
-c8c496e
+            Scott Ullrich
+	}
-adfb2df
+	echo "</tr>\n<tr>\n";
-becf
+	foreach ($tab_array as $ta) {
-adfb2df
+		if ($ta[1] == true) {
-becf
+			echo "  <td bgcolor='#EEEEEE' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"></td>\n";
-c8c496e
+		} else {
-becf
+			echo "  <td bgcolor='#777777' onClick=\"document.location='{$ta[2]}'\" style=\"cursor: pointer;\"></td>\n";
+		}
 		$tabscounter++;
+	}
 	echo " </tr>\n";
 	echo "</table>\n";
 	echo "<script type=\"text/javascript\">";
 	echo "NiftyCheck();\n";
 	echo "Rounded(\"div#tabactive\",\"top\",\"#FFF\",\"#EEEEEE\",\"smooth\");\n";
-adfb2df
+	for ($x = 0; $x < $tabscounter; $x++)
-becf
+		echo "Rounded(\"div#tabdeactive{$x}\",\"top\",\"#FFF\",\"#777777\",\"smooth\");\n";
 	echo "</script>";
+}
 /****f* pfsense-utils/display_topbar
  * NAME
  *   display_topbar - top a table off with rounded edges
  * INPUTS
  *   $text	- (optional) Text to include in bar
  * RESULT
  *   null
  ******/
 function display_topbar($text = "", $bg_color="#990000", $replace_color="#FFFFFF", $rounding_style="smooth") {
 	echo "     <table width='100%' cellpadding='0' cellspacing='0'>\n";
 	echo "       <tr height='1'>\n";
 	echo "         <td width='100%' valign='top' color='{$bg_color}' bgcolor='{$bg_color}'>";
 	echo "		<div id='topbar'></div></td>\n";
 	echo "       </tr>\n";
 	echo "       <tr height='1'>\n";
 	if ($text != "")
 		echo "         <td height='1' class='listtopic'>{$text}</td>\n";
 	else
 		echo "         <td height='1' class='listtopic'></td>\n";
 	echo "       </tr>\n";
 	echo "     </table>";
 	echo "<script type=\"text/javascript\">";
 	echo "NiftyCheck();\n";
 	echo "Rounded(\"div#topbar\",\"top\",\"{$replace_color}\",\"{$bg_color}\",\"{$rounding_style}\");\n";
 	echo "</script>";
+}
 /****f* pfsense-utils/generate_random_mac_address
  * NAME
  *   generate_random_mac - generates a random mac address
  * INPUTS
  *   none
  * RESULT
  *   $mac - a random mac address
  ******/
 function generate_random_mac_address() {
 	$mac = "02";
 	for($x=0; $x<5; $x++)
 		$mac .= ":" . dechex(rand(16, 255));
 	return $mac;
+}
 /****f* pfsense-utils/strncpy
  * NAME
  *   strncpy - copy strings
  * INPUTS
  *   &$dst, $src, $length
  * RESULT
  *   none
  ******/
 function strncpy(&$dst, $src, $length) {
 	if (strlen($src) > $length) {
 		$dst = substr($src, 0, $length);
 	} else {
 		$dst = $src;
+	}
+}
 /****f* pfsense-utils/reload_interfaces_sync
  * NAME
  *   reload_interfaces - reload all interfaces
  * INPUTS
  *   none
  * RESULT
  *   none
  ******/
 function reload_interfaces_sync() {
 	global $config, $g, $debug;
 	$shutdown_webgui_needed = false;
 	touch("{$g['tmp_path']}/reloading_all");
 	if($debug)
 		log_error("reload_interfaces_sync() is starting.");
 	if(file_exists("{$g['tmp_path']}/config.cache"))
 		unlink("{$g['tmp_path']}/config.cache");
 	/* parse config.xml again */
 	$config = parse_config(true);
 	$wan_if = $config['interfaces']['wan']['if'];
 	$lan_if = $config['interfaces']['lan']['if'];
 	if($debug)
 		log_error("Cleaning up Interfaces");
-a4ce87d
+	/* if list */
-ee1ec5
+        $iflist = get_configured_interface_list(true);
-becf
+            Scott Ullrich
 	foreach ($iflist as $ifent => $ifname) {
 		$ifname_real = convert_friendly_interface_to_real_interface_name($ifname);
-a4ce87d
+            Ermal Luçi
-becf
+		if(stristr($ifname, "lo0") == true)
 			continue;
 		/* do not process wan interface, its mandatory */
-ee1ec5
+                if(stristr($ifname, "$wan_if") == true)
                         continue;
                 /* do not process lan interface, its mandatory */
                 if(stristr($ifname, "$lan_if") == true)
                         continue;
-becf
+		if($debug)
 			log_error("Downing and deleting $ifname_real - $ifname");
 		mwexec("/sbin/ifconfig {$ifname_real} down");
 		mwexec("/sbin/ifconfig {$ifname_real} delete");
+	}
-ee1ec5
+	/* set up interfaces */
 	interfaces_configure();
-becf
+            Scott Ullrich
 	/* set up static routes */
 	if($debug)
 		log_error("Configuring system Routing");
 	system_routing_configure();
 	/* enable routing */
 	if($debug)
 		log_error("Enabling system routing");
 	system_routing_enable();
 	/* setup captive portal if needed */
 	if($debug)
 		log_error("Configuring Captive portal");
 	captiveportal_configure();
 	/* restart webConfigurator if needed */
 	if($shutdown_webgui_needed == true)
 		touch("/tmp/restart_webgui");
 	/* start devd back up */
 	mwexec("/bin/rm /tmp/reload*");
 	/* remove reloading_all trigger */
 	if($debug)
 		log_error("Removing {$g['tmp_path']}/reloading_all");
 	unlink_if_exists("{$g['tmp_path']}/reloading_all");
+}
 /****f* pfsense-utils/reload_all
  * NAME
  *   reload_all - triggers a reload of all settings
  *   * INPUTS
  *   none
  * RESULT
  *   none
  ******/
 function reload_all() {
 	touch("/tmp/reload_all");
+}
 /****f* pfsense-utils/reload_interfaces
  * NAME
  *   reload_interfaces - triggers a reload of all interfaces
  * INPUTS
  *   none
  * RESULT
  *   none
  ******/
 function reload_interfaces() {
 	touch("/tmp/reload_interfaces");
+}
 /****f* pfsense-utils/reload_all_sync
  * NAME
  *   reload_all - reload all settings
  *   * INPUTS
  *   none
  * RESULT
  *   none
  ******/
 function reload_all_sync() {
 	global $config, $g;
 	$g['booting'] = false;
 	touch("{$g['tmp_path']}/reloading_all");
 	$shutdown_webgui_needed = false;
 	if(file_exists("{$g['tmp_path']}/config.cache"))
 		unlink("{$g['tmp_path']}/config.cache");
 	/* parse config.xml again */
 	$config = parse_config(true);
 	/* set up our timezone */
 	system_timezone_configure();
 	/* set up our hostname */
 	system_hostname_configure();
 	/* make hosts file */
 	system_hosts_generate();
 	/* generate resolv.conf */
 	system_resolvconf_generate();
-            ae84328e
+	/* Set up our loopback interface */
 	interfaces_loopback_configure();
-becf
+	/* delete all old interface information */
 	$iflist = split(" ", str_replace("\n", "", `/sbin/ifconfig -l`));
 	$wan_if = $config['interfaces']['wan']['if'];
 	$lan_if = $config['interfaces']['lan']['if'];
-a4ce87d
+	/* if list */
 	$iflist = get_configured_interface_list();
-becf
+            Scott Ullrich
 	foreach ($iflist as $ifent => $ifname) {
 		$ifname_real = convert_friendly_interface_to_real_interface_name($ifname);
 		if(stristr($ifname, "lo0") == true)
 			continue;
 		/* do not process wan interface, its mandatory */
 		if($wan_if == $ifname_real)
 			continue;
 		/* do not process lan interface, its mandatory */
 		if($lan_if == $ifname_real)
 			continue;
 		mwexec("/sbin/ifconfig {$ifname_real} down");
 		mwexec("/sbin/ifconfig {$ifname_real} delete");
+	}
-ee1ec5
+	/* set up interfaces */
 	interfaces_configure();
-becf
+            Scott Ullrich
 	/* set up static routes */
 	system_routing_configure();
 	/* enable routing */
 	system_routing_enable();
 	/* ensure passwords are sync'd */
-fa7f2
+//	system_password_configure();
-becf
+            Scott Ullrich
 	/* start dnsmasq service */
 	services_dnsmasq_configure();
 	/* start dyndns service */
 	services_dyndns_configure();
 	/* start DHCP service */
 	services_dhcpd_configure();
 	/* configure cron service */
 	configure_cron();
 	/* start the NTP client */
 	system_ntp_configure();
 	/* start ftp proxy helpers if they are enabled */
 	system_start_ftp_helpers();
 	/* start the captive portal */
 	captiveportal_configure();
         /* reload the filter */
 	filter_configure_sync();
 	/* sync pw database */
 	conf_mount_rw();
 	mwexec("/usr/sbin/pwd_mkdb -d /etc/ /etc/master.passwd");
 	conf_mount_ro();
 	/* restart sshd */
 	touch("/tmp/start_sshd");
 	/* restart webConfigurator if needed */
 	if($shutdown_webgui_needed == true)
 		touch("/tmp/restart_webgui");
 	mwexec("/bin/rm /tmp/reload*");
 	unlink_if_exists("{$g['tmp_path']}/reloading_all");
+}
 function auto_login($status) {
 	$gettytab = file_get_contents("/etc/gettytab");
 	$getty_split = split("\n", $gettytab);
 	conf_mount_rw();
 	$fd = fopen("/etc/gettytab", "w");
 	foreach($getty_split as $gs) {
 		if(stristr($gs, ":ht:np:sp#115200") ) {
 			if($status == true) {
 				fwrite($fd, "	:ht:np:sp#115200:al=root:\n");
 			} else {
 				fwrite($fd, "	:ht:np:sp#115200:\n");
-            ca8e4ed2
+            Scott Ullrich
-c8c496e
+		} else {
-becf
+			fwrite($fd, "{$gs}\n");
+		}
+	}
 	fclose($fd);
 	conf_mount_ro();
+}
 function setup_serial_port() {
 	global $g, $config;
 	conf_mount_rw();
 	/* serial console - write out /boot.config */
 	if(file_exists("/boot.config"))
 		$boot_config = file_get_contents("/boot.config");
 	else
 		$boot_config = "";
 	if($g['platform'] <> "cdrom") {
 		$boot_config_split = split("\n", $boot_config);
 		$fd = fopen("/boot.config","w");
 		if($fd) {
 			foreach($boot_config_split as $bcs) {
 				if(stristr($bcs, "-D")) {
 					/* DONT WRITE OUT, WE'LL DO IT LATER */
 				} else {
 					if($bcs <> "")
 						fwrite($fd, "{$bcs}\n");
+				}
-c8c496e
+            Scott Ullrich
-becf
+			if(isset($config['system']['enableserial'])) {
 				fwrite($fd, "-D");
-c8c496e
+            Scott Ullrich
-becf
+			fclose($fd);
-c8c496e
+            Scott Ullrich
-becf
+		/* serial console - write out /boot/loader.conf */
 		$boot_config = file_get_contents("/boot/loader.conf");
 		$boot_config_split = split("\n", $boot_config);
 		$fd = fopen("/boot/loader.conf","w");
 		if($fd) {
 			foreach($boot_config_split as $bcs) {
 				if(stristr($bcs, "console")) {
 					/* DONT WRITE OUT, WE'LL DO IT LATER */
 				} else {
 					if($bcs <> "")
 						fwrite($fd, "{$bcs}\n");
+				}
-c8c496e
+            Scott Ullrich
-becf
+			if(isset($config['system']['enableserial'])) {
 				fwrite($fd, "console=\"comconsole\"\n");
-            ca8e4ed2
+            Scott Ullrich
-becf
+			fclose($fd);
-c8c496e
+            Scott Ullrich
+	}
-becf
+	$ttys = file_get_contents("/etc/ttys");
 	$ttys_split = split("\n", $ttys);
 	$fd = fopen("/etc/ttys", "w");
 	foreach($ttys_split as $tty) {
 		if(stristr($tty, "ttyd0")) {
 			if(isset($config['system']['enableserial'])) {
 				fwrite($fd, "ttyd0	\"/usr/libexec/getty bootupcli\"	dialup	on	secure\n");
 			} else {
 				fwrite($fd, "ttyd0	\"/usr/libexec/getty bootupcli\"	dialup	off	secure\n");
-            ca8e4ed2
+            Scott Ullrich
-becf
+		} else {
 			fwrite($fd, $tty . "\n");
+		}
+	}
 	fclose($fd);
 	if(isset($config['system']['disableconsolemenu'])) {
 		auto_login(false);
 	} else {
 		auto_login(true);
+	}
 	conf_mount_ro();
 	return;
+}
 function print_value_list($list, $count = 10, $separator = ",") {
 	$list = implode($separator, array_slice($list, 0, $count));
 	if(count($list) < $count) {
 		$list .= ".";
 	} else {
 		$list .= "...";
+	}
 	return $list;
+}
 function enable_rrd_graphing() {
-a0464c
+	global $config, $g, $altq_list_queues;
-becf
+            Scott Ullrich
 	if($g['booting'])
 		echo "Generating RRD graphs...";
 	$rrddbpath = "/var/db/rrd/";
 	$rrdgraphpath = "/usr/local/www/rrd";
 	$traffic = "-traffic.rrd";
 	$packets = "-packets.rrd";
 	$states = "-states.rrd";
 	$quality = "-quality.rrd";
-            c8cf69f3
+	$wireless = "-wireless.rrd";
-becf
+	$queues = "-queues.rrd";
-a0464c
+	$queuesdrop = "-queuedrops.rrd";
-becf
+	$spamd = "-spamd.rrd";
 	$proc = "-processor.rrd";
-            f8e70893
+	$mem = "-memory.rrd";
-becf
+            Scott Ullrich
 	$rrdtool = "/usr/local/bin/rrdtool";
 	$netstat = "/usr/bin/netstat";
 	$awk = "/usr/bin/awk";
 	$tar = "/usr/bin/tar";
 	$pfctl = "/sbin/pfctl";
-            f8e70893
+	$sysctl = "/sbin/sysctl";
-becf
+	$php = "/usr/local/bin/php";
 	$top = "/usr/bin/top";
 	$spamd_gather = "/usr/local/bin/spamd_gather_stats.php";
-            ee5f368f
+	$ifconfig = "/sbin/ifconfig";
-becf
+            Scott Ullrich
 	$rrdtrafficinterval = 60;
 	$rrdqualityinterval = 60;
-            e9698453
+	$rrdwirelessinterval = 60;
-becf
+	$rrdqueuesinterval = 60;
 	$rrdqueuesdropinterval = 60;
 	$rrdpacketsinterval = 60;
 	$rrdstatesinterval = 60;
 	$rrdspamdinterval = 60;
 	$rrdlbpoolinterval = 60;
 	$rrdprocinterval = 60;
-            f8e70893
+	$rrdmeminterval = 60;
-becf
+            Scott Ullrich
 	$trafficvalid = $rrdtrafficinterval * 2;
 	$qualityvalid = $rrdqualityinterval * 2;
-            e9698453
+	$wirelessvalid = $rrdwirelessinterval * 2;
-becf
+	$queuesvalid = $rrdqueuesinterval * 2;
 	$queuesdropvalid = $rrdqueuesdropinterval * 2;
 	$packetsvalid = $rrdpacketsinterval * 2;
 	$statesvalid = $rrdstatesinterval*2;
 	$spamdvalid = $rrdspamdinterval * 2;
 	$lbpoolvalid = $rrdlbpoolinterval * 2;
 	$procvalid = $rrdlbpoolinterval * 2;
-            f8e70893
+	$memvalid = $rrdmeminterval * 2;
-becf
+            Scott Ullrich
 	/* Asume GigE for now */
 	$downstream = 125000000;
 	$upstream = 125000000;
-a0464c
+	/* read the shaper config */
 	read_altq_config();
-becf
+	$rrdrestore = "";
 	$rrdreturn = "";
 	if (isset ($config['rrd']['enable'])) {
 		/* create directory if needed */
 		if (!is_dir("$rrddbpath")) {
 			mkdir("$rrddbpath", 0755);
+		}
 		if ($g['booting']) {
 			if ($g['platform'] != "pfSense") {
 				/* restore the databases, if we have one */
 				if (file_exists("{$g['cf_conf_path']}/rrd.tgz")) {
 					exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/rrd.tgz", $rrdrestore, $rrdreturn);
 					if((int)$rrdrestore <> 0) {
 						log_error("RRD restore failed exited with $rrdreturn, the error is: $rrdrestore[0]\n");
+					}
+				}
-d12935
+            Scott Ullrich
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
 		/* db update script */
 		$rrdupdatesh = "#!/bin/sh\n";
 		$rrdupdatesh .= "\n";
 		$rrdupdatesh .= "counter=1\n";
 		$rrdupdatesh .= "while [ \"\$counter\" -ne 0 ]\n";
 		$rrdupdatesh .= "do\n";
 		$rrdupdatesh .= "";
 		$i = 0;
 		$vfaces = array (
 			"vlan.?*",
 			"enc.?*"
 		);
 		$ifdescrs = get_interface_list(true, true, $vfaces);
 		$ifdescrs['enc0']['friendly'] = "ipsec";
-fc2f163
+		$ifdescrs['enc0']['descr'] = "IPsec";
-becf
+		$ifdescrs['enc0']['up'] = true;
 		foreach ($ifdescrs as $realif => $ifdescr) {
 			$ifname = $ifdescr['friendly'];
 			$state = $ifdescr['up'];
 			/* skip interfaces that do not have a friendly name */
 			if ("$ifname" == "") {
-c8c496e
+				continue;
-becf
+            Scott Ullrich
 			/* or are down */
 			if (!$state) {
-c8c496e
+				continue;
-            eea34015
+            Seth Mos
-becf
+            Scott Ullrich
 			/* TRAFFIC, set up the rrd file */
 			if (!file_exists("$rrddbpath$ifname$traffic")) {
 				/* create rrd file if it does not exist */
 				log_error("Create RRD database $rrddbpath$ifname$traffic");
 				$rrdcreate = "$rrdtool create $rrddbpath$ifname$traffic --step $rrdtrafficinterval ";
 				$rrdcreate .= "DS:in:COUNTER:$trafficvalid:0:$downstream ";
 				$rrdcreate .= "DS:out:COUNTER:$trafficvalid:0:$upstream ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
-fd5b
+				$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
 				$rrdcreateoutput = array();
 				$rrdcreatereturn = "";
 				$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 				if ($rrdcreatereturn != 0) {
 					log_error("RRD create failed exited with $rrdcreatereturn, the
 							error is: $rrdcreateoutput[0]\n");
-c8c496e
+            Scott Ullrich
-            f818fdea
+            Scott Ullrich
-becf
+            Scott Ullrich
 			/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 			if($g['booting']) {
 				exec("$rrdtool update $rrddbpath$ifname$traffic N:U:U");
-d12935
+            Scott Ullrich
-becf
+            Scott Ullrich
 			$rrdupdatesh .= "\n";
 			$rrdupdatesh .= "# polling traffic for interface $ifname $realif \n";
 			$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$traffic N:\\\n";
 			if(! is_macaddr(get_interface_mac($realif))) {
 				$rrdupdatesh .= "`$netstat -nbf link -I {$realif} | $awk '{getline 2;print \$6 \":\" \$9}'`\n";
-            eea34015
+			} else {
-becf
+				$rrdupdatesh .= "`$netstat -nbf link -I {$realif} | $awk '{getline 2;print \$7 \":\" \$10}'`\n";
-            eea34015
+            Seth Mos
-becf
+            Scott Ullrich
 			/* PACKETS, set up the rrd file */
 			if (!file_exists("$rrddbpath$ifname$packets")) {
 				/* create rrd file if it does not exist */
 				log_error("Create RRD database $rrddbpath$ifname$packets");
 				$rrdcreate = "$rrdtool create $rrddbpath$ifname$packets --step $rrdpacketsinterval ";
 				$rrdcreate .= "DS:in:COUNTER:$packetsvalid:0:$downstream ";
 				$rrdcreate .= "DS:out:COUNTER:$packetsvalid:0:$upstream ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
-fd5b
+				$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
 				$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 				if ($rrdcreatereturn != 0) {
 					log_error("RRD create failed exited with $rrdcreatereturn, the
 							error is: $rrdcreateoutput[0]\n");
-c8c496e
+            Scott Ullrich
+			}
-becf
+            Scott Ullrich
 			/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 			if($g['booting']) {
 				exec("$rrdtool update $rrddbpath$ifname$packets N:U:U");
+			}
-c8c496e
+			$rrdupdatesh .= "\n";
-becf
+			$rrdupdatesh .= "# polling packets for interface $ifname $realif \n";
 			$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$packets N:\\\n";
 			if(! is_macaddr(get_interface_mac($realif))) {
 				$rrdupdatesh .= "`$netstat -nbf link -I {$realif} | $awk '{getline 2;print \$4 \":\" \$7}'`\n";
 			} else {
 				$rrdupdatesh .= "`$netstat -nbf link -I {$realif} | $awk '{getline 2;print \$5 \":\" \$8}'`\n";
+			}
-fa1d0
+			/* QUALITY, create link quality database */
 			/* if the interface has a gateway defined, use it */
 			if(interface_has_gateway($ifname)) {
-becf
+				if (!file_exists("$rrddbpath$ifname$quality")) {
-            ca8e4ed2
+					/* create rrd file if it does not exist */
-becf
+					log_error("Create RRD database $rrddbpath$ifname$quality");
 					$rrdcreate = "$rrdtool create $rrddbpath$ifname$quality --step $rrdqualityinterval ";
 					$rrdcreate .= "DS:loss:GAUGE:$qualityvalid:0:100 ";
 					$rrdcreate .= "DS:roundtrip:GAUGE:$qualityvalid:0:10000 ";
-            f9ba50da
+					$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
-fd5b
+					$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
-e043c4a
+					$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
-ab7ae50
+					if ($rrdcreatereturn != 0) {
-becf
+						log_error("RRD create failed exited with $rrdcreatereturn, the error is: $rrdcreateoutput[0]\n");
-e043c4a
+            Scott Ullrich
-            ca8e4ed2
+            Scott Ullrich
-becf
+            Scott Ullrich
-ab7ae50
+				/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 				if($g['booting']) {
-becf
+					exec("$rrdtool update $rrddbpath$ifname$quality N:U:U");
-ab7ae50
+            Seth Mos
-fa1d0
+            Seth Mos
 				$numpings = 5;
 				$monitorip = lookup_gateway_monitor_ip_by_name($config['interfaces'][$ifname]['gateway']);
-becf
+				/* the ping test function. We call this on the last line */
-c3acb76
+				$rrdupdatesh .= "# Quality collector for {$ifname}\n";
-becf
+				$rrdupdatesh .= "get_quality_stats_{$ifname} () {\n";
 				$rrdupdatesh .= "	packetloss_{$ifname}=100\n";
 				$rrdupdatesh .= "	roundtrip_{$ifname}=0\n";
 				$rrdupdatesh .= "	local out_{$ifname}\n";
-c3acb76
+				$rrdupdatesh .= "	out_{$ifname}=`ping -c $numpings -q $monitorip`\n";
-becf
+				$rrdupdatesh .= "	if [ $? -eq 0 ]; then\n";
-c3acb76
+				$rrdupdatesh .= "		packetloss_{$ifname}=`echo \$out_{$ifname} | cut -f18 -d' ' | cut -c -1`\n";
 				$rrdupdatesh .= "		roundtrip_{$ifname}=`echo \$out_{$ifname} | cut -f24 -d' ' | cut -f2 -d'/'`\n";
-becf
+				$rrdupdatesh .= "	fi\n";
 				$rrdupdatesh .= "	$rrdtool update $rrddbpath$ifname$quality N:\$packetloss_{$ifname}:\$roundtrip_{$ifname}\n";
 				$rrdupdatesh .= "}\n\n";
 				$rrdupdatesh .= "get_quality_stats_{$ifname} &\n\n";
+			}
-            e9698453
+			/* WIRELESS, set up the rrd file */
 			if($config['interfaces'][$ifname]['wireless']['mode'] == "bss") {
 				if (!file_exists("$rrddbpath$ifname$wireless")) {
 					/* create rrd file if it does not exist */
 					log_error("Create RRD database $rrddbpath$ifname$wireless");
-d99b1
+					$rrdcreate = "$rrdtool create $rrddbpath$ifname$wireless --step $rrdwirelessinterval ";
-            e9698453
+					$rrdcreate .= "DS:snr:GAUGE:$wirelessvalid:0:1000 ";
 					$rrdcreate .= "DS:rate:GAUGE:$wirelessvalid:0:1000 ";
 					$rrdcreate .= "DS:channel:GAUGE:$wirelessvalid:0:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
 					$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
 					$rrdcreateoutput = array();
 					$rrdcreatereturn = "";
 					$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 					if ($rrdcreatereturn != 0) {
 						log_error("RRD create failed exited with $rrdcreatereturn, the
 								error is: $rrdcreateoutput[0]\n");
+					}
+				}
 				/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 				if($g['booting']) {
 					exec("$rrdtool update $rrddbpath$ifname$wireless N:U:U:U");
+				}
 				$rrdupdatesh .= "\n";
 				$rrdupdatesh .= "# polling wireless for interface $ifname $realif \n";
 				$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$wireless N:\\\n";
-d99b1
+				$rrdupdatesh .= "`$ifconfig {$realif} list ap| $awk 'gsub(\"M\", \"\") {getline 2;print substr(\$5, 0, length(\$5)-2) \":\" $4 \":\" $3}'`\n";
-            e9698453
+            Seth Mos
-becf
+				/* QUEUES, set up the queues databases */
-a0464c
+				if ($altq_list_queues[$ifname]) {
 					$altq =& $altq_list_queues[$ifname];
 					/* NOTE: Is it worth as its own function?! */
 					switch ($altq->GetBwscale()) {
                                         case "Gb":
                                         	$factor = 1000 * 1000 * 1000;
                                                 break;
                                         case "Mb":
                                                 $factor = 1000 * 1000;
                                                 break;
                                         case "Kb":
                                                 $factor = 1000;
                                                 break;
                                         case "b":
                                         default:
                                                 $factor = 1;
                                                 break;
+                                        }
-be6078b
+					$qbandwidth = $altq->GetBandwidth() * $factor;
-c2b556c
+					if ($qbandwidth <=0)
 						$qbandwidth = 100 * 1000 * 1000; /* 100Mbit */
-a0464c
+					$qlist =& $altq->get_queue_list($notused);
-becf
+					if (!file_exists("$rrddbpath$ifname$queues")) {
 						/* create rrd file if it does not exist */
 						log_error("Create RRD database $rrddbpath$ifname$queues");
 						$rrdcreate = "$rrdtool create $rrddbpath$ifname$queues --step $rrdqueuesinterval ";
 						/* loop list of shaper queues */
 						$q = 0;
-a0464c
+						foreach ($qlist as $qname => $q) {
 							$rrdcreate .= "DS:$qname:COUNTER:$queuesvalid:0:$qbandwidth ";
-becf
+            Scott Ullrich
 						$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
-fd5b
+						$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
 						$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 						if ($rrdcreatereturn != 0) {
 							log_error("RRD create failed exited with $rrdcreatereturn, the
 									error is: $rrdcreateoutput[0]\n");
+						}
-ab7ae50
+            Seth Mos
-becf
+            Scott Ullrich
 					if (!file_exists("$rrddbpath$ifname$queuesdrop")) {
-ab7ae50
+						/* create rrd file if it does not exist */
-becf
+						log_error("Create RRD database $rrddbpath$ifname$queuesdrop");
 						$rrdcreate = "$rrdtool create $rrddbpath$ifname$queuesdrop --step $rrdqueuesdropinterval ";
 						/* loop list of shaper queues */
 						$q = 0;
-a0464c
+						foreach ($qlist as $qname => $q) {
 							$rrdcreate .= "DS:$qname:COUNTER:$queuesdropvalid:0:$qbandwidth ";
-becf
+            Scott Ullrich
-            f9ba50da
+						$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
-fd5b
+						$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
-e043c4a
+						$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
-ab7ae50
+						if ($rrdcreatereturn != 0) {
 							log_error("RRD create failed exited with $rrdcreatereturn, the error is: $rrdcreateoutput[0]\n");
-e043c4a
+            Scott Ullrich
-            f818fdea
+            Scott Ullrich
-becf
+            Scott Ullrich
-d12935
+					if($g['booting']) {
-becf
+						$rrdqcommand = "-t ";
 						$rrducommand = "N";
 						$q = 0;
-be6078b
+						foreach ($qlist as $qname => $q) {
-becf
+							if($q == 0) {
-be6078b
+								$rrdqcommand .= "{$qname}";
-becf
+							} else {
-be6078b
+								$rrdqcommand .= ":{$qname}";
-ab7ae50
+            Seth Mos
-becf
+							$q++;
 							$rrducommand .= ":U";
-d12935
+            Scott Ullrich
-becf
+						exec("$rrdtool update $rrddbpath$ifname$queues $rrdqcommand $rrducommand");
 						exec("$rrdtool update $rrddbpath$ifname$queuesdrop $rrdqcommand $rrducommand");
-d12935
+            Scott Ullrich
-becf
+            Scott Ullrich
 					/* awk function to gather shaper data */
 					/* yes, it's special */
-a0464c
+					$rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queues \" } ";
-becf
+					$rrdupdatesh .= "{ ";
 					$rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
 					$rrdupdatesh .= "dsname = dsname \":\" \$2 ; ";
 					$rrdupdatesh .= "q=1; ";
 					$rrdupdatesh .= "} ";
 					$rrdupdatesh .= "else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
 					$rrdupdatesh .= "dsdata = dsdata \":\" \$5 ; ";
 					$rrdupdatesh .= "q=0; ";
 					$rrdupdatesh .= "} ";
 					$rrdupdatesh .= "} END { ";
 					$rrdupdatesh .= "dsname = substr(dsname,2); ";
 					$rrdupdatesh .= "dsdata = substr(dsdata,2); ";
 					$rrdupdatesh .= "printf \"-t \" dsname \" N:\" dsdata }' ";
 					$rrdupdatesh .= "dsname=\"\" dsdata=\"\"`\n\n";
-a0464c
+					$rrdupdatesh .= "` pfctl -vsq -i {$realif} | awk 'BEGIN {printf \"$rrdtool update $rrddbpath$ifname$queuesdrop \" } ";
-becf
+					$rrdupdatesh .= "{ ";
 					$rrdupdatesh .= "if ((\$1 == \"queue\") && ( \$2 ~ /^q/ )) { ";
 					$rrdupdatesh .= "dsname = dsname \":\" \$2 ; ";
 					$rrdupdatesh .= "q=1; ";
 					$rrdupdatesh .= "} ";
 					$rrdupdatesh .= "else if ((\$4 == \"bytes:\") && ( q == 1 ) ) { ";
 					$rrdupdatesh .= "dsdata = dsdata \":\" \$8 ; ";
 					$rrdupdatesh .= "q=0; ";
 					$rrdupdatesh .= "} ";
 					$rrdupdatesh .= "} END { ";
 					$rrdupdatesh .= "dsname = substr(dsname,2); ";
 					$rrdupdatesh .= "dsdata = substr(dsdata,2); ";
 					$rrdupdatesh .= "printf \"-t \" dsname \" N:\" dsdata }' ";
 					$rrdupdatesh .= "dsname=\"\" dsdata=\"\"`\n\n";
-            c2f40a7d
+            Scott Ullrich
-becf
+            Scott Ullrich
 		$i++;
 		/* System only statistics */
 		$ifname = "system";
 			/* STATES, create pf states database */
 			if(! file_exists("$rrddbpath$ifname$states")) {
 				/* create rrd file if it does not exist */
 				log_error("Create RRD database $rrddbpath$ifname$states");
 				$rrdcreate = "$rrdtool create $rrddbpath$ifname$states --step $rrdstatesinterval ";
 				$rrdcreate .= "DS:pfrate:GAUGE:$statesvalid:0:10000000 ";
 				$rrdcreate .= "DS:pfstates:GAUGE:$statesvalid:0:10000000 ";
 				$rrdcreate .= "DS:pfnat:GAUGE:$statesvalid:0:10000000 ";
 				$rrdcreate .= "DS:srcip:GAUGE:$statesvalid:0:10000000 ";
 				$rrdcreate .= "DS:dstip:GAUGE:$statesvalid:0:10000000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
-baaf2f
+				$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
-fd5b
+				$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
 				$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 				if($rrdcreatereturn != 0) {
 			                log_error("RRD create failed exited with $rrdcreatereturn, the
 						error is: $rrdcreateoutput[0]\n");
-ab7ae50
+            Seth Mos
-becf
+            Scott Ullrich
 			/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 			if($g['booting']) {
 				exec("$rrdtool update $rrddbpath$ifname$states N:U:U:U:U:U");
+			}
  			/* the pf states gathering function. */
  			$rrdupdatesh .= "\n";
-            3760690c
+			$rrdupdatesh .= "pfctl_si_out=\"` $pfctl -si > /tmp/pfctl_si_out `\"\n";
 			$rrdupdatesh .= "pfctl_ss_out=\"` $pfctl -ss > /tmp/pfctl_ss_out`\"\n";
 			$rrdupdatesh .= "pfrate=\"` cat /tmp/pfctl_si_out | egrep \"inserts|removals\" | awk '{ pfrate = \$3 + pfrate } {print pfrate}'|tail -1 `\"\n";
  			$rrdupdatesh .= "pfstates=\"` cat /tmp/pfctl_ss_out | egrep -v \"<\\-.*?<\\-|\\->.*?\\->\" | wc -l|sed 's/ //g'`\"\n";
 			$rrdupdatesh .= "pfnat=\"` cat /tmp/pfctl_ss_out | egrep '<\\-.*?<\\-|\\->.*?\\->' | wc -l|sed 's/ //g' `\"\n";
  			$rrdupdatesh .= "srcip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '\\->' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
  			$rrdupdatesh .= "dstip=\"` cat /tmp/pfctl_ss_out | egrep -v '<\\-.*?<\\-|\\->.*?\\->' | grep '<\\-' | awk '{print \$3}' | awk -F: '{print \$1}' | sort -u|wc -l|sed 's/ //g' `\"\n";
-becf
+			$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$states N:\$pfrate:\$pfstates:\$pfnat:\$srcip:\$dstip\n\n";
 			/* End pf states statistics */
 			/* CPU, create CPU statistics database */
 			if(! file_exists("$rrddbpath$ifname$proc")) {
 				/* create rrd file if it does not exist */
 				log_error("Create RRD database $rrddbpath$ifname$proc");
 				$rrdcreate = "$rrdtool create $rrddbpath$ifname$proc --step $rrdprocinterval ";
 				$rrdcreate .= "DS:user:GAUGE:$procvalid:0:10000000 ";
 				$rrdcreate .= "DS:nice:GAUGE:$procvalid:0:10000000 ";
 				$rrdcreate .= "DS:system:GAUGE:$procvalid:0:10000000 ";
 				$rrdcreate .= "DS:interrupt:GAUGE:$procvalid:0:10000000 ";
 				$rrdcreate .= "DS:processes:GAUGE:$procvalid:0:10000000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
-baaf2f
+				$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
-fd5b
+				$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+            Scott Ullrich
 				$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 				if($rrdcreatereturn != 0) {
 			                log_error("RRD create failed exited with $rrdcreatereturn, the
 						error is: $rrdcreateoutput[0]\n");
-e043c4a
+            Scott Ullrich
-becf
+            Scott Ullrich
 			/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 			if($g['booting']) {
 				exec("$rrdtool update $rrddbpath$ifname$proc N:U:U:U:U:U");
+			}
  			/* the CPU stats gathering function. */
  			$rrdupdatesh .= "`$top -d 2 -s 1 0 | $awk '{gsub(/%/, \"\")} BEGIN { ";
 			$rrdupdatesh .= "printf \"$rrdtool update $rrddbpath$ifname$proc \" } ";
 			$rrdupdatesh .= "{ if ( \$2 == \"processes:\" ) { ";
 			$rrdupdatesh .= "processes = \$1; ";
 			$rrdupdatesh .= "} ";
 			$rrdupdatesh .= "else if ( \$1 == \"CPU\" ) { ";
 			$rrdupdatesh .= "user = \$3; ";
 			$rrdupdatesh .= "nice = \$5; ";
 			$rrdupdatesh .= "sys = \$7; ";
 			$rrdupdatesh .= "interrupt = \$9; ";
 			$rrdupdatesh .= "} ";
 			$rrdupdatesh .= "} END { ";
 			$rrdupdatesh .= "printf \"N:\"user\":\"nice\":\"sys\":\"interrupt\":\"processes ";
 			$rrdupdatesh .= "}'`\n\n";
 			/* End CPU statistics */
-            f8e70893
+			/* Memory, create Memory statistics database */
 			if(! file_exists("$rrddbpath$ifname$mem")) {
 				/* create rrd file if it does not exist */
 				log_error("Create RRD database $rrddbpath$ifname$mem");
 				$rrdcreate = "$rrdtool create $rrddbpath$ifname$mem --step $rrdmeminterval ";
 				$rrdcreate .= "DS:active:GAUGE:$memvalid:0:10000000 ";
 				$rrdcreate .= "DS:inactive:GAUGE:$memvalid:0:10000000 ";
 				$rrdcreate .= "DS:free:GAUGE:$memvalid:0:10000000 ";
 				$rrdcreate .= "DS:cache:GAUGE:$memvalid:0:10000000 ";
 				$rrdcreate .= "DS:wire:GAUGE:$memvalid:0:10000000 ";
 				$rrdcreate .= "RRA:MIN:0.5:1:1000 ";
 				$rrdcreate .= "RRA:MIN:0.5:5:1000 ";
 				$rrdcreate .= "RRA:MIN:0.5:60:1000 ";
 				$rrdcreate .= "RRA:MIN:0.5:720:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
 				$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
 				$rrdcreate .= "RRA:MAX:0.5:1:1000 ";
 				$rrdcreate .= "RRA:MAX:0.5:5:1000 ";
 				$rrdcreate .= "RRA:MAX:0.5:60:1000 ";
 				$rrdcreate .= "RRA:MAX:0.5:720:1000";
 				$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
 				if($rrdcreatereturn != 0) {
 			                log_error("RRD create failed exited with $rrdcreatereturn, the
 						error is: $rrdcreateoutput[0]\n");
+				}
+			}
 			/* enter UNKNOWN values in the RRD so it knows we rebooted. */
 			if($g['booting']) {
 				exec("$rrdtool update $rrddbpath$ifname$mem N:U:U:U:U:U");
+			}
  			/* the Memory stats gathering function. */
  			$rrdupdatesh .= "`$sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_active_count vm.stats.vm.v_inactive_count vm.stats.vm.v_free_count vm.stats.vm.v_cache_count vm.stats.vm.v_wire_count | ";
 			$rrdupdatesh .= " $awk '{getline active;getline inactive;getline free;getline cache;getline wire;printf \"$rrdtool update $rrddbpath$ifname$mem N:\"";
 			$rrdupdatesh .= "((active/$0) * 100)\":\"((inactive/$0) * 100)\":\"((free/$0) * 100)\":\"((cache/$0) * 100)\":\"(wire/$0 * 100)}'`\n\n";
 			/* End Memory statistics */
-becf
+			/* SPAMD, set up the spamd rrd file */
 			if (isset($config['installedpackages']['spamdsettings']) &&
 				 isset ($config['installedpackages']['spamdsettings']['config'][0]['enablerrd'])) {
 				/* set up the spamd rrd file */
 				if (!file_exists("$rrddbpath$ifname$spamd")) {
 						/* create rrd file if it does not exist */
 						log_error("Create RRD database $rrddbpath$ifname$spamd");
 						$rrdcreate = "$rrdtool create $rrddbpath$ifname$spamd --step $rrdspamdinterval ";
 						$rrdcreate .= "DS:conn:GAUGE:$spamdvalid:0:10000 ";
 						$rrdcreate .= "DS:time:GAUGE:$spamdvalid:0:86400 ";
 						$rrdcreate .= "RRA:MIN:0.5:1:1000 ";
 						$rrdcreate .= "RRA:MIN:0.5:5:1000 ";
 						$rrdcreate .= "RRA:MIN:0.5:60:1000 ";
 						$rrdcreate .= "RRA:MIN:0.5:720:1000 ";
-fd5b
+						$rrdcreate .= "RRA:MIN:0.5:1440:1500 ";
-becf
+						$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
 						$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
-fd5b
+						$rrdcreate .= "RRA:AVERAGE:0.5:1440:1500 ";
-becf
+						$rrdcreate .= "RRA:MAX:0.5:1:1000 ";
 						$rrdcreate .= "RRA:MAX:0.5:5:1000 ";
 						$rrdcreate .= "RRA:MAX:0.5:60:1000 ";
-fd5b
+						$rrdcreate .= "RRA:MAX:0.5:720:1000 ";
 						$rrdcreate .= "RRA:MAX:0.5:1440:1500 ";
-becf
+            Scott Ullrich
-ab7ae50
+					$rrdcreatel = exec("$rrdcreate 2>&1", $rrdcreateoutput, $rrdcreatereturn);
-becf
+					if ($rrdcreatereturn != 0) {
 						log_error("RRD create failed exited with $rrdcreatereturn, the
-ab7ae50
+							error is: $rrdcreateoutput[0]\n");
+					}
+				}
-becf
+            Scott Ullrich
 				$rrdupdatesh .= "\n";
 				$rrdupdatesh .= "# polling spamd for connections and tarpitness \n";
 				$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$spamd \\\n";
 				$rrdupdatesh .= "`$php -q $spamd_gather`\n";
-c8c496e
+            Scott Ullrich
-becf
+		/* End System statistics */
 		$rrdupdatesh .= "sleep 60\n";
 		$rrdupdatesh .= "done\n";
 		log_error("Creating rrd update script");
 		/* write the rrd update script */
 		$updaterrdscript = "{$g['vardb_path']}/rrd/updaterrd.sh";
 		$fd = fopen("$updaterrdscript", "w");
 		fwrite($fd, "$rrdupdatesh");
 		fclose($fd);
 		/* kill off traffic collectors */
 		kill_traffic_collector();
 		/* start traffic collector */
 		mwexec_bg("/usr/bin/nice -n20 /bin/sh $updaterrdscript");
 	} else {
 		/* kill off traffic collectors */
 		kill_traffic_collector();
+	}
 	if($g['booting'])
 		echo "done.\n";
+}
 function kill_traffic_collector() {
 		mwexec("ps awwwux | grep '/[u]pdaterrd.sh' | awk '{print $2}' | xargs kill");
+}
 function update_filter_reload_status($text) {
 	global $g;
 	config_lock();
 	$fd = fopen("{$g['varrun_path']}/filter_reload_status", "w");
 	fwrite($fd, $text);
 	fclose($fd);
 	config_unlock();
+}
 function get_interface_gateway($interface) {
-ac4e8d
+        global $config, $g;
-ee1ec5
+            Ermal Luçi
         /* if wan is requested, return it */
         if($interface == "wan")
                 return str_replace("\n", "", `route -n get default | grep gateway | awk '{ print $2 }'`);
 	$iflist = get_configured_interface_with_descr();
 	/*
 	 * XXX: This is silly at first, but we may be called with the interface
 	 *	descr for no apparent reason!!!
-becf
+	 */
-ee1ec5
+	foreach ($iflist as $ifent => $ifdesc) {
 		if ($ifent == $interface || $ifdesc == $interface) {
 			$interface = $ifent;
 			break;
-            d173230c
+            Seth Mos
-becf
+            Scott Ullrich
-ee1ec5
+            Ermal Luçi
 	$gw = NULL;
 	$gwcfg = $config['interfaces'][$interface];
         if (is_ipaddr($gwcfg['gateway']))
         	$gw = $gwcfg['gateway'];
         else if ($gwcfg['gateway'] <> "") {
         	if (is_array($config['gateways']['gateway_item']))
                 	foreach($config['gateways']['gateway_item'] as $gateway) {
                                 if($gateway['name'] == $gwcfg['gateway']) {
                                         $gw = $gateway['gateway'];
                         		break;
+                		}
+        		}
+        }
-ac4e8d
+	// for dynamic interfaces we handle them through the $interface_router file.
-ee1ec5
+	if (!is_ipaddr($gw)) {
-ac4e8d
+        	$realif = get_real_wan_interface($interface);
-ee1ec5
+        	if (file_exists("{$g['tmp_path']}/{$realif}_router")) {
                 	$gw = file_get_contents("{$g['tmp_path']}/{$realif}_router");
                 	$gw = rtrim($gw);
+        	}
+	}
         /* return gateway */
         return $gw;
-becf
+            Scott Ullrich
-            bfe776f0
+/* DHCP enabled on any interfaces? */
 function is_dhcp_server_enabled()
+{
-becf
+	global $config, $g;
-            bfe776f0
+            Ermal Luçi
-becf
+	$dhcpdenable = false;
-            bfe776f0
+            Ermal Luçi
 	if (!is_array($config['dhcpd']))
 		return false;
 	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) {
-            ca572204
+		if (isset ($dhcpifconf['enable']) && (($dhcpif == "lan") || (isset ($config['interfaces'][$dhcpif]['enable']) && $config['interfaces'][$dhcpif]['if'] && (!link_int_to_bridge_interface($dhcpif)))))
-becf
+			$dhcpdenable = true;
-            ca572204
+		if (isset ($dhcpifconf['enable']) && (($dhcpif == "wan") || (isset ($config['interfaces'][$dhcpif]['enable']) && $config['interfaces'][$dhcpif]['if'] && (!link_int_to_bridge_interface($dhcpif)))))
-becf
+			$dhcpdenable = true;
+	}
-            bfe776f0
+            Ermal Luçi
-becf
+	return $dhcpdenable;
+}
 /* return outside interfaces with a gateway */
 function get_interfaces_with_gateway() {
 	global $config;
 	$ints = array();
-ce38409
+	$vfaces = array(
 			'bridge.?*',
 			'ppp.?*',
 			'sl.?*',
 			'gif.?*',
 			'faith.?*',
 			'lo.?*',
 			'ng.?*',
 			'vlan.?*',
 			'pflog.?*',
 			'pfsync.?*',
 			'enc.?*',
 			'tun.?*',
 			'carp.?*'
 		);
 	$ifdescrs = get_interface_list("active","physical",$vfaces);
-becf
+            Scott Ullrich
 	/* loop interfaces, check config for outbound */
 	foreach ($ifdescrs as $ifdescr => $ifname) {
 		$friendly = $ifname['friendly'];
-ee1ec5
+		switch ($config['interfaces'][$friendly]['ipaddr']) {
 		case "dhcp":
 		case "carpdev-dhcp":
 		case "pppoe":
 		case "pptp":
-becf
+			$ints[] = $friendly;
-ee1ec5
+			break;
 		default:
 			if ($config['interfaces'][$friendly]['pointtopoint'])
 				$ints[] = $friendly;
 			else if ($config['interfaces'][$friendly]['gateway'] <> "")
 				$ints[] = $friendly;
 			break;
-            df544efa
+            Scott Ullrich
-becf
+            Scott Ullrich
 	return $ints;
+}
 /* return true if interface has a gateway */
 function interface_has_gateway($friendly) {
 	$friendly = strtolower($friendly);
 	if(in_array($friendly, get_interfaces_with_gateway())) {
 		return true;
 	} else {
 		/* extra check for real interface names if it falls through */
 		$friendly = convert_real_interface_to_friendly_interface_name($friendly);
 		return(in_array($friendly, get_interfaces_with_gateway()));
-c8c496e
+            Scott Ullrich
-becf
+            Scott Ullrich
-            fab7ff44
+/****f* pfsense-utils/isAjax
  * NAME
  *   isAjax - reports if the request is driven from prototype
  * INPUTS
  *   none
  * RESULT
  *   true/false
  ******/
 function isAjax() {
 	return isset ($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest';
+}
-            6189988d
+//returns interface information
 function get_interface_info($ifdescr) {
 	global $config, $linkinfo, $netstatrninfo;
 	$ifinfo = array();
-ee1ec5
+	/* if list */
 	$iflist = get_configured_interface_with_descr(false,true);
 	$found = false;
     	foreach ($iflist as $if => $ifname) {
     	if ($ifdescr == $if || $ifdescr == $ifname) {
 			$ifinfo['hwif'] = $config['interfaces'][$if]['if'];
 			$ifinfo['if'] = get_real_wan_interface($if);
 			$found = true;
 			break;
+		}
+	}
 	if ($found == false)
 		return;
-            6189988d
+            Scott Dale
 	/* run netstat to determine link info */
 	unset($linkinfo);
 	exec("/usr/bin/netstat -I " . $ifinfo['hwif'] . " -nWb -f link", $linkinfo);
 	$linkinfo = preg_split("/\s+/", $linkinfo[1]);
 	if (preg_match("/\*$/", $linkinfo[0])) {
 		$ifinfo['status'] = "down";
 	} else {
 		$ifinfo['status'] = "up";
+	}
-b3f
+	if (!strstr($ifinfo['if'],'ovpn')) {
-            6189988d
+		$ifinfo['macaddr'] = $linkinfo[3];
 		$ifinfo['inpkts'] = $linkinfo[4];
 		$ifinfo['inerrs'] = $linkinfo[5];
 		$ifinfo['inbytes'] = $linkinfo[6];
 		$ifinfo['outpkts'] = $linkinfo[7];
 		$ifinfo['outerrs'] = $linkinfo[8];
 		$ifinfo['outbytes'] = $linkinfo[9];
 		$ifinfo['collisions'] = $linkinfo[10];
 	} else {
 		$ifinfo['inpkts'] = $linkinfo[3];
 		$ifinfo['inbytes'] = $linkinfo[5];
 		$ifinfo['outpkts'] = $linkinfo[6];
 		$ifinfo['outbytes'] = $linkinfo[8];
+	}
-b3f
+	$ifconfiginfo = "";
 	unset($ifconfiginfo);
 	exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo);
 	foreach ($ifconfiginfo as $ici) {
 		if (preg_match("/inet (\S+)/", $ici, $matches))
 			$ifinfo['ipaddr'] = $matches[1];
 		if (preg_match("/netmask (\S+)/", $ici, $matches))
 			if (preg_match("/^0x/", $matches[1]))
 				$ifinfo['subnet'] = long2ip(hexdec($matches[1]));
+	}
-ee1ec5
+	switch ($config['interfaces'][$if]['ipaddr']) {
-            6189988d
+	/* DHCP? -> see if dhclient is up */
-ee1ec5
+	case "dhcp":
 	case "carpdev-dhcp":
         /* see if dhclient is up */
         if (is_dhcp_running($ifinfo['if']) == true)
         	$ifinfo['dhcplink'] = "up";
         else
             $ifinfo['dhcplink'] = "down";
-b3f
+            Ermal Luçi
-ee1ec5
+		break;
-            6189988d
+	/* PPPoE interface? -> get status from virtual interface */
-ee1ec5
+	case "pppoe":
-            6189988d
+		unset($linkinfo);
 		exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo);
 		$linkinfo = preg_split("/\s+/", $linkinfo[1]);
 		if (preg_match("/\*$/", $linkinfo[0])) {
 			$ifinfo['pppoelink'] = "down";
 		} else {
 			/* get PPPoE link status for dial on demand */
 			$ifinfo['pppoelink'] = "up";
 			foreach ($ifconfiginfo as $ici) {
 				if (strpos($ici, 'LINK0') !== false)
 					$ifinfo['pppoelink'] = "down";
+			}
+		}
-ee1ec5
+		break;
-            6189988d
+	/* PPTP interface? -> get status from virtual interface */
-ee1ec5
+	case "pptp":
-            6189988d
+		unset($linkinfo);
 		exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo);
 		$linkinfo = preg_split("/\s+/", $linkinfo[1]);
 		if (preg_match("/\*$/", $linkinfo[0])) {
 			$ifinfo['pptplink'] = "down";
 		} else {
 			/* get PPTP link status for dial on demand */
 			$ifinfo['pptplink'] = "up";
 			foreach ($ifconfiginfo as $ici) {
 				if (strpos($ici, 'LINK0') !== false)
 					$ifinfo['pptplink'] = "down";
+			}
+		}
-ee1ec5
+		break;
-b3f
+	default:
 		break;
-            6189988d
+            Scott Dale
 	if ($ifinfo['status'] == "up") {
 		/* try to determine media with ifconfig */
 		unset($ifconfiginfo);
 		exec("/sbin/ifconfig " . $ifinfo['hwif'], $ifconfiginfo);
 		$matches = "";
 		foreach ($ifconfiginfo as $ici) {
 			/* don't list media/speed for wireless cards, as it always
 			   displays 2 Mbps even though clients can connect at 11 Mbps */
 			if (preg_match("/media: .*? \((.*?)\)/", $ici, $matches)) {
 				$ifinfo['media'] = $matches[1];
 			} else if (preg_match("/media: Ethernet (.*)/", $ici, $matches)) {
 				$ifinfo['media'] = $matches[1];
 			} else if (preg_match("/media: IEEE 802.11 Wireless Ethernet (.*)/", $ici, $matches)) {
 				$ifinfo['media'] = $matches[1];
+			}
 			if (preg_match("/status: (.*)$/", $ici, $matches)) {
 				if ($matches[1] != "active")
 					$ifinfo['status'] = $matches[1];
+			}
 			if (preg_match("/channel (\S*)/", $ici, $matches)) {
 				$ifinfo['channel'] = $matches[1];
+			}
 			if (preg_match("/ssid (\".*?\"|\S*)/", $ici, $matches)) {
 				if ($matches[1][0] == '"')
 					$ifinfo['ssid'] = substr($matches[1], 1, -1);
 				else
 					$ifinfo['ssid'] = $matches[1];
+			}
+		}
-ee1ec5
+		/* lookup the gateway */
 		if (interface_has_gateway($if))
 			$ifinfo['gateway'] = get_interface_gateway($if);
-            6189988d
+            Scott Dale
 	$bridge = "";
-e60
+	$bridge = link_int_to_bridge_interface($ifdescr);
-            6189988d
+	if($bridge) {
 		$bridge_text = `/sbin/ifconfig {$bridge}`;
 		if(stristr($bridge_text, "blocking") <> false) {
 			$ifinfo['bridge'] = "<b><font color='red'>blocking</font></b> - check for ethernet loops";
 			$ifinfo['bridgeint'] = $bridge;
 		} else if(stristr($bridge_text, "learning") <> false) {
 			$ifinfo['bridge'] = "learning";
 			$ifinfo['bridgeint'] = $bridge;
 		} else if(stristr($bridge_text, "forwarding") <> false) {
 			$ifinfo['bridge'] = "forwarding";
 			$ifinfo['bridgeint'] = $bridge;
+		}
+	}
 	return $ifinfo;
+}
 //returns cpu speed of processor. Good for determining capabilities of machine
 function get_cpu_speed() {
 	 return exec("sysctl hw.clockrate | awk '{ print $2 }'");
+}
-            fab7ff44
+            Bill Marquette
-            fe80446f
+/* check if the wan interface is up
  * Wait for a maximum of 10 seconds
  * If the interface is up before then continue
  */
 function is_wan_interface_up($interface) {
 	global $g;
 	global $config;
 	$i = 0;
 	while($i < 10) {
 		if(get_interface_gateway($interface)) {
 			return true;
 		} else {
 			sleep(1);
+		}
 		$i++;
+	}
 	return false;
+}
-            a5f94f14
+            Scott Ullrich
 function add_hostname_to_watch($hostname) {
-            c941ea1c
+	if(!is_dir("/var/db/dnscache")) {
 		mkdir("/var/db/dnscache");
+	}
-f31bf01
+	if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) {
-e772e
+		$domrecords = array();
 		$domips = array();
 		exec("host -t A $hostname", $domrecords, $rethost);
 		if($rethost == 0) {
 			foreach($domrecords as $domr) {
 				$doml = explode(" ", $domr);
 				$domip = $doml[3];
 				/* fill array with domain ip addresses */
 				if(is_ipaddr($domip)) {
 					$domips[] = $domip;
+				}
+			}
+		}
 		sort($domips);
 		$contents = "";
 		if(! empty($domips)) {
-c059e
+			foreach($domips as $ip) {
 				$contents .= "$ip\n";
+			}
-e772e
+            Seth Mos
 		file_put_contents("/var/db/dnscache/$hostname", $contents);
-            a5f94f14
+            Scott Ullrich
+}
-cb6ca6
+function find_dns_aliases() {
 	global $config, $g;
-            aa0b6f36
+	foreach((array) $config['aliases']['alias'] as $alias) {
-ba905
+		$alias_value = $alias['address'];
 		$alias_name = $alias['name'];
 		if(stristr($alias_value, " ")) {
 			$alias_split = split(" ", $alias_value);
-cb6ca6
+			foreach($alias_split as $as) {
-            f79f62d0
+				if(is_fqdn($as))
-cb6ca6
+					add_hostname_to_watch($as);
+			}
 		} else {
-            f79f62d0
+			if(is_fqdn($alias_value))
-ba905
+				add_hostname_to_watch($alias_value);
-cb6ca6
+            Scott Ullrich
+	}
+}
-ed54b93
+function is_fqdn($fqdn) {
 	$hostname = false;
 	if(preg_match("/[-A-Z0-9\.]+\.[-A-Z0-9\.]+/i", $fqdn)) {
 		$hostname = true;
+	}
 	if(preg_match("/\.\./", $fqdn)) {
 		$hostname = false;
+	}
-aae364d
+	if(preg_match("/^\./i", $fqdn)) {
-ed54b93
+		$hostname = false;
+	}
-            c941ea1c
+	if(preg_match("/\//i", $fqdn)) {
 		$hostname = false;
+	}
-ed54b93
+	return($hostname);
+}
-aaa95
+function pfsense_default_state_size() {
   /* get system memory amount */
   $memory = get_memory();
   $avail = $memory[0];
   /* Be cautious and only allocate 10% of system memory to the state table */
   $max_states = (int) ($avail/10)*1000;
   return $max_states;
+}
-a813b
+function lookup_gateway_ip_by_name($name) {
 	global $config;
 	if(is_array($config['gateways'])) {
 		foreach($config['gateways']['gateway_item'] as $gateway) {
-ee1ec5
+			if($gateway['name'] == $name) {
-a813b
+				$gatewayip = $gateway['gateway'];
 				$interfacegw = $gateway['interface'];
 				return($gatewayip);
+			}
+		}
 	} else {
-fa1d0
+		return(false);
+	}
+}
 function lookup_gateway_monitor_ip_by_name($name) {
 	global $config;
 	if(is_array($config['gateways'])) {
 		foreach($config['gateways']['gateway_item'] as $gateway) {
 			if($gateway['name'] == "$name") {
 				$monitorip = $gateway['monitor'];
 				if($monitorip == "")
 					$monitorip = $gateway['gateway'];
 				return($monitorip);
+			}
+		}
 	} else {
-a813b
+		return(false);
+	}
+}
-fca7c11
+function lookup_gateway_interface_by_name($name) {
 	global $config;
 	if(is_array($config['gateways'])) {
 		foreach($config['gateways']['gateway_item'] as $gateway) {
 			if($gateway['name'] == "$name") {
 				$gatewayip = $gateway['gateway'];
 				$interfacegw = $gateway['interface'];
 				return($interfacegw);
+			}
+		}
 	} else {
 		return(false);
+	}
+}
-            ed5db5ed
+/****f* pfsense-utils/safe_write_file
  * NAME
  *   safe_write_file - Write a file out atomically
  * DESCRIPTION
  *   safe_write_file() Writes a file out atomically by first writing to a
  *   temporary file of the same name but ending with the pid of the current
  *   process, them renaming the temporary file over the original.
  * INPUTS
  *   $filename  - string containing the filename of the file to write
  *   $content   - string containing the file content to write to file
  *   $force_binary      - boolean denoting whether we should force binary
  *   mode writing.
  * RESULT
  *   boolean - true if successful, false if not
  ******/
 function safe_write_file($file, $content, $force_binary) {
         $tmp_file = $file . "." . getmypid();
         $write_mode = $force_binary ? "wb" : "w";
         $fd = fopen($tmp_file, $write_mode);
         if (!$fd) {
                 // Unable to open temporary file for writing
                 return false;
+        }
         if (!fwrite($fd, $content)) {
                 // Unable to write to temporary file
                 fclose($fd);
                 return false;
+        }
         fclose($fd);
         if (!rename($tmp_file, $file)) {
                 // Unable to move temporary file to original
                 unlink($tmp_file);
                 return false;
+        }
         return true;
+}
-a9db752
+function rule_popup($src,$srcport,$dst,$dstport){
 global $config;
 $aliases_array = array();
 if($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias']))
+{
 $span_begin = "";
 		$alias_src_span_begin = "";
 		$alias_src_span_end = "";
 		$alias_src_port_span_begin = "";
 		$alias_src_port_span_end = "";
 		$alias_dst_span_begin = "";
 		$alias_dst_span_end = "";
 		$alias_dst_port_span_begin = "";
 		$alias_dst_port_span_end = "";
 		$alias_content_text = "";
 	foreach($config['aliases']['alias'] as $alias_name)
+	{
 	 	$alias_addresses = explode (" ", $alias_name['address']);
 	 	$alias_details = explode ("||", $alias_name['detail']);
 	 	$alias_objects_with_details = "";
 	 	$counter = 0;
 	 	foreach($alias_addresses as $alias_ports_address)
+	 	{
 			$alias_objects_with_details .= $alias_addresses[$counter];
 			$alias_detail_default = strpos ($alias_details[$counter],"Entry added");
 			if ($alias_details[$counter] != "" && $alias_detail_default === False){
 				$alias_objects_with_details .=" - " . $alias_details[$counter];
+			}
 			$alias_objects_with_details .= "<br>";
 			$counter++;
+		}
 		//max character length for caption field
 		$maxlength = 60;
 		$alias_descr_substr = $alias_name['descr'];
 		$alias_content_text = htmlspecialchars($alias_objects_with_details);
 		$alias_caption = htmlspecialchars($alias_descr_substr . ":");
 		$strlength = strlen ($alias_caption);
 		if ($strlength >= $maxlength)
 			$alias_caption = substr($alias_caption, 0, $maxlength) . "...";
 		$span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$alias_caption</h1><p>$alias_content_text</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
 		if ($alias_name['name'] == $src)
+	 	{
 			$alias_src_span_begin = $span_begin;
+		}
 	 	if ($alias_name['name'] == $srcport)
+	 	{
 			$alias_src_port_span_begin = $span_begin;
+		}
 		if ($alias_name['name'] == $dst)
+	 	{
 			$alias_dst_span_begin = $span_begin;
+		}
 		if ($alias_name['name'] == $dstport)
+	 	{
 			$alias_dst_port_span_begin = $span_begin;
+		}
+	}
 	$descriptions = array ();
 	$descriptions['src'] = $alias_src_span_begin;
 	$descriptions['srcport'] = $alias_src_port_span_begin;
 	$descriptions['dst'] = $alias_dst_span_begin;
 	$descriptions['dstport'] = $alias_dst_port_span_begin;
 	return $descriptions;
+  }
+}
-            9140757d
+function download_file_with_progress_bar($url_file, $destination_file, $readbody = 'read_body') {
 	global $ch, $fout, $file_size, $downloaded;
 	$file_size  = 1;
 	$downloaded = 1;
 	/* open destination file */
 	$fout = fopen($destination_file, "wb");
 	/*
 	 *	Originally by Author: Keyvan Minoukadeh
 	 *	Modified by Scott Ullrich to return Content-Length size
          */
 	$ch = curl_init();
 	curl_setopt($ch, CURLOPT_URL, $url_file);
 	curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header');
 	curl_setopt($ch, CURLOPT_WRITEFUNCTION, $readbody);
 	curl_setopt($ch, CURLOPT_NOPROGRESS, '1');
 	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '5');
 	curl_exec($ch);
 	$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
 	if($fout)
 		fclose($fout);
 	curl_close($ch);
 	return ($http_code == 200) ? true : $http_code;
+}
 function read_header($ch, $string) {
 	global $file_size, $fout;
 	$length = strlen($string);
 	$regs = "";
 	ereg("(Content-Length:) (.*)", $string, $regs);
 	if($regs[2] <> "") {
 		$file_size = intval($regs[2]);
+	}
 	ob_flush();
 	return $length;
+}
 function read_body($ch, $string) {
 	global $fout, $file_size, $downloaded, $sendto, $static_status, $static_output, $lastseen;
 	$length = strlen($string);
 	$downloaded += intval($length);
 	$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
 	$downloadProgress = 100 - $downloadProgress;
 	if($lastseen <> $downloadProgress and $downloadProgress < 101) {
 		if($sendto == "status") {
 			$tostatus = $static_status . $downloadProgress . "%";
 			update_status($tostatus);
 		} else {
 			$tooutput = $static_output . $downloadProgress . "%";
 			update_output_window($tooutput);
+		}
 		update_progress_bar($downloadProgress);
 		$lastseen = $downloadProgress;
+	}
 	if($fout)
 		fwrite($fout, $string);
 	ob_flush();
 	return $length;
+}
-            bb345bba
+?>

Project

General

Profile

pfSense