/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ a41c5253

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36	5ba5a8de	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55	f3c91cb5	Erik Fonnesbeck
56			if (isset($sysctls[$id]))
57			return $sysctls[$id];
58	3a35f55f	Scott Ullrich	}
59
60	6df9d7e3	Scott Ullrich	function activate_sysctls() {
61			global $config, $g;
62	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66	99e88aa0	Ermal Luçi
67	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
68	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
69	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
70			$value = get_default_sysctl_value($tunable['tunable']);
71			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
72			} else {
73	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
74	b2d0140c	Scott Ullrich	}
75	d0b461f5	sullrich	}
76			}
77	6df9d7e3	Scott Ullrich	}
78
79	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
80	c3f535c0	Seth Mos	global $config, $g;
81
82			if(isset($config['system']['developerspew'])) {
83			$mt = microtime();
84			echo "system_resolvconf_generate() being called $mt\n";
85			}
86	ef217c69	Scott Ullrich
87	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
88	ef217c69	Scott Ullrich
89	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
90	ef217c69	Scott Ullrich
91	30cee7b2	Scott Ullrich	$havedns = false;
92	ef217c69	Scott Ullrich
93	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
94	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
95	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
96			foreach($ns as $searchserver) {
97			if($searchserver) {
98			$resolvconf .= "search {$searchserver}\n";
99			$havedns = true;
100			}
101			}
102	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
103			foreach($ns as $nameserver) {
104			if($nameserver) {
105			$resolvconf .= "nameserver $nameserver\n";
106			$havedns = true;
107	e428c94d	Scott Ullrich	}
108	c3f535c0	Seth Mos	}
109	30cee7b2	Scott Ullrich	}
110			if (!$havedns && is_array($syscfg['dnsserver'])) {
111	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
112			if ($ns) {
113			$resolvconf .= "nameserver $ns\n";
114			$havedns = true;
115	e428c94d	Scott Ullrich	}
116	e180a6e3	Scott Ullrich	}
117	c3f535c0	Seth Mos	}
118	0f282d7a	Scott Ullrich
119	e1daff07	Ermal	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
120			if (!$fd) {
121			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
122			return 1;
123			}
124
125	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
126			fclose($fd);
127	0f282d7a	Scott Ullrich
128	30cee7b2	Scott Ullrich	if (!$g['booting']) {
129	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
130			if (!$dynupdate)
131			services_dhcpd_configure();
132	30cee7b2	Scott Ullrich	}
133	ef217c69	Scott Ullrich
134	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
135			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136			/* setup static routes for dns servers */
137			$dnsgw = "dns{$dnscounter}gwint";
138			if (isset($config['system'][$dnsgw])) {
139			$interface = $config['system'][$dnsgw];
140			if (($interface <> "") && ($interface <> "none")) {
141			$gatewayip = get_interface_gateway($interface);
142			if(is_ipaddr($gatewayip)) {
143			/* dns server array starts at 0 */
144	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
145	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
146	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
147	b875f306	Scott Ullrich	}
148			}
149	e180a6e3	Scott Ullrich	}
150	c3f535c0	Seth Mos	}
151
152			return 0;
153	5b237745	Scott Ullrich	}
154
155	86dcdfc9	Ermal	function get_searchdomains() {
156			global $config, $g;
157
158			$master_list = array();
159
160			// Read in dhclient nameservers
161	e1daff07	Ermal	$search_list = glob("/var/etc/searchdomain_*");
162	86dcdfc9	Ermal	if (is_array($search_lists)) {
163	807fd6cd	Ermal	foreach($search_lists as $fdns) {
164			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
165			if (!is_array($contents))
166			continue;
167			foreach ($contents as $dns) {
168			if(is_hostname($dns))
169			$master_list[] = $dns;
170			}
171	86dcdfc9	Ermal	}
172			}
173
174			return $master_list;
175			}
176
177	3d00ccaa	Scott Ullrich	function get_nameservers() {
178			global $config, $g;
179			$master_list = array();
180	30cee7b2	Scott Ullrich
181	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
182	e1daff07	Ermal	$dns_lists = glob("/var/etc/nameserver_*");
183	1033de74	Ermal	if (is_array($dns_lists)) {
184	807fd6cd	Ermal	foreach($dns_lists as $fdns) {
185			$contents = file($fdns, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
186			if (!is_array($contents))
187			continue;
188			foreach ($contents as $dns) {
189			if(is_ipaddr($dns))
190			$master_list[] = $dns;
191			}
192	60951398	Scott Ullrich	}
193	3d00ccaa	Scott Ullrich	}
194	2a1226ad	Scott Ullrich
195			// Read in any extra nameservers
196			if(file_exists("/var/etc/nameservers.conf")) {
197	33818198	Ermal	$dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
198	e1daff07	Ermal	if(is_array($dns_s)) {
199	2a1226ad	Scott Ullrich	foreach($dns_s as $dns)
200	1033de74	Ermal	if (is_ipaddr($dns))
201			$master_list[] = $dns;
202	e1daff07	Ermal	}
203	2a1226ad	Scott Ullrich	}
204
205	3d00ccaa	Scott Ullrich	return $master_list;
206			}
207
208	5b237745	Scott Ullrich	function system_hosts_generate() {
209	f19d3b7a	Scott Ullrich	global $config, $g;
210	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
211			$mt = microtime();
212	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
213	f19d3b7a	Scott Ullrich	}
214	0f282d7a	Scott Ullrich
215	5b237745	Scott Ullrich	$syscfg = $config['system'];
216			$dnsmasqcfg = $config['dnsmasq'];
217
218			if (!is_array($dnsmasqcfg['hosts'])) {
219			$dnsmasqcfg['hosts'] = array();
220			}
221			$hostscfg = $dnsmasqcfg['hosts'];
222	0f282d7a	Scott Ullrich
223	58db1fc4	Ermal	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
224	a55e9c70	Ermal Lu?i
225	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
226			$cfgip = get_interface_ip("lan");
227	f38f8062	Ermal	if (is_ipaddr($cfgip))
228			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
229	e5995f9d	Ermal	} else {
230			$sysiflist = get_configured_interface_list();
231			foreach ($sysiflist as $sysif) {
232			if (!interface_has_gateway($sysif)) {
233			$cfgip = get_interface_ip($sysif);
234			if (is_ipaddr($cfgip)) {
235			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
236			break;
237			}
238			}
239			}
240	f38f8062	Ermal	}
241	0f282d7a	Scott Ullrich
242	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
243			if ($host['host'])
244			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
245			else
246			$hosts .= "{$host['ip']} {$host['domain']}\n";
247			}
248	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
249	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
250			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
251	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
252	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
253			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
254	a56e787d	Scott Ullrich	}
255	58db1fc4	Ermal
256			/*
257			* Do not remove this because dhcpleases monitors with kqueue it needs to be
258			* killed before writing to hosts files.
259			*/
260			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
261			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
262			@unlink("{$g['varrun_path']}/dhcpleases.pid");
263			}
264			$fd = fopen("{$g['varetc_path']}/hosts", "w");
265			if (!$fd) {
266			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
267			return 1;
268			}
269	5b237745	Scott Ullrich	fwrite($fd, $hosts);
270			fclose($fd);
271	0f282d7a	Scott Ullrich
272	24d619f5	Ermal	system_dhcpleases_configure();
273
274			return 0;
275			}
276
277			function system_dhcpleases_configure() {
278	15d456b9	gnhb	global $config, $g;
279
280	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
281			if (isset($config['dnsmasq']['regdhcp'])) {
282			/* Make sure we do not error out */
283			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
284	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
285			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
286			else
287			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
288			} else {
289			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
290			@unlink("{$g['varrun_path']}/dhcpleases.pid");
291			}
292	5b237745	Scott Ullrich	}
293
294			function system_hostname_configure() {
295	f19d3b7a	Scott Ullrich	global $config, $g;
296	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
297			$mt = microtime();
298	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
299	333f8ef0	Scott Ullrich	}
300	0f282d7a	Scott Ullrich
301	5b237745	Scott Ullrich	$syscfg = $config['system'];
302	0f282d7a	Scott Ullrich
303	5b237745	Scott Ullrich	/* set hostname */
304	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
305	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
306	6bfccde7	Scott Ullrich
307			/* Setup host GUID ID. This is used by ZFS. */
308			mwexec("/etc/rc.d/hostid start");
309
310			return $status;
311	5b237745	Scott Ullrich	}
312
313	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
314	962625aa	Ermal	global $config, $g;
315	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
316			$mt = microtime();
317	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
318	58c7450e	Scott Ullrich	}
319	333f8ef0	Scott Ullrich
320	196b6749	Seth Mos	/* configure gif interfaces for ipv6 tunnels */
321			interfaces_gif_configure();
322
323	a529aced	Ermal	$gatewayip = "";
324			$interfacegw = "";
325	3cc07282	Ermal	$foundgw = false;
326	5a5413bb	Seth Mos	$gatewayipv6 = "";
327			$interfacegwv6 = "";
328			$foundgwv6 = false;
329	a529aced	Ermal	/* tack on all the hard defined gateways as well */
330			if (is_array($config['gateways']['gateway_item'])) {
331	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
332	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
333	5a5413bb	Seth Mos	if (isset($gateway['defaultgw']) && (is_ipaddrv4($gateway['gateway']))) {
334	911a262f	smos	if(strstr($gateway['gateway'], ":"))
335			break;
336	a529aced	Ermal	if ($gateway['gateway'] == "dynamic")
337			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
338			$gatewayip = $gateway['gateway'];
339			$interfacegw = $gateway['interface'];
340	924f202e	Ermal	if (!empty($interfacegw)) {
341			$defaultif = get_real_interface($gateway['interface']);
342			if ($defaultif)
343			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
344			}
345			$foundgw = true;
346	a529aced	Ermal	break;
347			}
348	6e17413e	Ermal Lu?i	}
349	5a5413bb	Seth Mos	foreach ($config['gateways']['gateway_item'] as $gateway) {
350			if (isset($gateway['defaultgw']) && (is_ipaddrv6($gateway['gateway']))) {
351			if ($gateway['gateway'] == "dynamic")
352			$gateway['gateway'] = get_interface_gateway_v6($gateway['interface']);
353			$gatewayipv6 = $gateway['gateway'];
354			$interfacegwv6 = $gateway['interface'];
355			if (!empty($interfacegwv6)) {
356	4f332466	Seth Mos	$defaultifv6 = get_real_interface($gateway['interface']);
357			if ($defaultifv6)
358	17a5b095	Seth Mos	@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gatewayipv6);
359	5a5413bb	Seth Mos	}
360			$foundgwv6 = true;
361			break;
362			}
363			}
364	b24bda08	Scott Ullrich	}
365	3cc07282	Ermal	if ($foundgw == false) {
366			$defaultif = get_real_interface("wan");
367			$interfacegw = "wan";
368			$gatewayip = get_interface_gateway("wan");
369			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
370			}
371	5a5413bb	Seth Mos	if ($foundgwv6 == false) {
372	4f332466	Seth Mos	$defaultifv6 = get_real_interface("wan");
373			$interfacegwv6 = "wan";
374			$gatewayipv6 = get_interface_gateway_v6("wan");
375	5a5413bb	Seth Mos	@touch("{$g['tmp_path']}/{$defaultif}_defaultgwv6");
376	17a5b095	Seth Mos	}
377	d173230c	Seth Mos	$dont_add_route = false;
378			/* if OLSRD is enabled, allow WAN to house DHCP. */
379			if($config['installedpackages']['olsrd']) {
380			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
381			if($olsrd['enabledyngw'] == "on") {
382			$dont_add_route = true;
383	6e17413e	Ermal Lu?i	break;
384	d173230c	Seth Mos	}
385			}
386			}
387	5a5413bb	Seth Mos	/* Create a array from the existing inet route table */
388	07b54e8c	smos	exec("/usr/bin/netstat -rnf inet", $route_str);
389			array_shift($route_str);
390			array_shift($route_str);
391			array_shift($route_str);
392			array_shift($route_str);
393			$route_arr = array();
394			foreach($route_str as $routeline) {
395			$items = preg_split("/[ ]+/i", $routeline);
396	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
397	07b54e8c	smos	}
398
399	1ea67f2e	Ermal	if ($dont_add_route == false ) {
400	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
401	1ea67f2e	Ermal	;
402	5a5413bb	Seth Mos	else if (($interfacegw <> "bgpd") && (is_ipaddrv4($gatewayip))) {
403	b61154fb	smos	$action = "add";
404			if(isset($route_arr['default'])) {
405	07b54e8c	smos	$action = "change";
406			}
407	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
408	96e889fc	smos	mwexec("/sbin/route {$action} -inet default " . escapeshellarg($gatewayip));
409	d173230c	Seth Mos	}
410			}
411
412	5a5413bb	Seth Mos	/* Create a array from the existing inet6 route table */
413			exec("/usr/bin/netstat -rnf inet6", $routev6_str);
414			array_shift($routev6_str);
415			array_shift($routev6_str);
416			array_shift($routev6_str);
417			array_shift($routev6_str);
418			$routev6_arr = array();
419			foreach($routev6_str as $routeline) {
420			$items = preg_split("/[ ]+/i", $routeline);
421	fe73e93f	Seth Mos	$routev6_arr[$items[0]] = array($items[0], $items[1], $items[5]);
422	5a5413bb	Seth Mos	}
423
424			if ($dont_add_route == false ) {
425	17a5b095	Seth Mos	if (!empty($interface) && $interface != $interfacegwv6)
426	5a5413bb	Seth Mos	;
427			else if (($interfacegwv6 <> "bgpd") && (is_ipaddrv6($gatewayipv6))) {
428			$action = "add";
429			if(isset($routev6_arr['default'])) {
430			$action = "change";
431			}
432			log_error("ROUTING: $action IPv6 default route to $gatewayipv6");
433			mwexec("/sbin/route {$action} -inet6 default " . escapeshellarg($gatewayipv6));
434			}
435			}
436
437	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
438	a529aced	Ermal	$gateways_arr = return_gateways_array();
439	0f282d7a	Scott Ullrich
440	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
441	a529aced	Ermal	$gatewayip = "";
442	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
443	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
444	a529aced	Ermal	continue;
445			}
446	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
447	1801c223	Ermal	if (!empty($interface) && $interface != $gateway['friendlyiface'])
448	a02708b1	Ermal	continue;
449	9740fad8	Seth Mos
450	a02708b1	Ermal	$gatewayip = $gateway['gateway'];
451			$interfacegw = $gateway['interface'];
452	a529aced	Ermal	$action = "add";
453	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
454	a529aced	Ermal	$action = "change";
455
456	5a5413bb	Seth Mos	if(is_ipaddrv6($gatewayip)) {
457	2db19fec	Seth Mos	$inetfamily = "-inet6";
458	5a5413bb	Seth Mos	} else {
459	2db19fec	Seth Mos	$inetfamily = "-inet";
460	5a5413bb	Seth Mos	}
461	a529aced	Ermal	if (is_ipaddr($gatewayip)) {
462	2db19fec	Seth Mos	mwexec("/sbin/route {$action} {$inetfamily} " . escapeshellarg($rtent['network']) .
463	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
464	a529aced	Ermal	} else if (!empty($interfacegw)) {
465	2db19fec	Seth Mos	mwexec("/sbin/route {$action} {$inetfamily} " . escapeshellarg($rtent['network']) .
466	a529aced	Ermal	" -iface " . escapeshellarg($interfacegw));
467	7a98edde	Seth Mos	}
468	5b237745	Scott Ullrich	}
469			}
470	67ee1ec5	Ermal Luçi
471	b9c501ea	Seth Mos	return 0;
472	5b237745	Scott Ullrich	}
473
474			function system_routing_enable() {
475	f19d3b7a	Scott Ullrich	global $config, $g;
476	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
477			$mt = microtime();
478	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
479	58c7450e	Scott Ullrich	}
480	0f282d7a	Scott Ullrich
481	6da3df4e	Seth Mos	mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
482			mwexec("/sbin/sysctl net.inet6.ip6.forwarding=1");
483			return;
484	5b237745	Scott Ullrich	}
485
486			function system_syslogd_start() {
487	f19d3b7a	Scott Ullrich	global $config, $g;
488	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
489			$mt = microtime();
490	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
491	58c7450e	Scott Ullrich	}
492	0f282d7a	Scott Ullrich
493	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
494
495	0f282d7a	Scott Ullrich	if ($g['booting'])
496	f05740c1	Scott Ullrich	echo "Starting syslog...";
497	5b237745	Scott Ullrich	else
498			killbypid("{$g['varrun_path']}/syslog.pid");
499	0f282d7a	Scott Ullrich
500	99f98b80	sullrich	if(is_process_running("syslogd"))
501			mwexec("/usr/bin/killall -9 syslogd");
502			if(is_process_running("fifolog_writer"))
503			mwexec("/usr/bin/killall -9 fifolog_writer");
504	7ee97cb3	Scott Ullrich
505			// Define carious commands for logging
506			$fifolog_create = "/usr/sbin/fifolog_create -s ";
507			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
508			$clog_create = "/usr/sbin/clog -i -s ";
509			$clog_log = "%";
510
511			// Which logging type are we using this week??
512			if(isset($config['system']['usefifolog'])) {
513			$log_directive = $fifolog_log;
514			$log_create_directive = $fifolog_create;
515			} else { // Defaults to CLOG
516			$log_directive = $clog_log;
517			$log_create_directive = $clog_create;
518			}
519
520	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
521	a6607b5f	jim-p	$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps');
522	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
523	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
524			if($package['logging']) {
525	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
526	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
527	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
528	a728d2ea	Colin Smith	}
529	0d9d2a1b	Scott Ullrich	}
530			}
531	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
532	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
533	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
534			if (!$fd) {
535			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
536			return 1;
537			}
538	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
539	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
540	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
541	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
542			if (!isset($syslogcfg['disablelocallogging']))
543			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
544	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
545	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
546	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
547			$syslogconf .= "!poes\n";
548	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
549	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
550			$syslogconf .= "!l2tps\n";
551	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
552	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
553	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
554	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
555	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
556	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
557			if($syslogcfg['remoteserver'])
558			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
559			if($syslogcfg['remoteserver2'])
560			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
561			if($syslogcfg['remoteserver3'])
562			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
563			}
564	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
565	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
566	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
567	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
568			if($syslogcfg['remoteserver'])
569			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
570			if($syslogcfg['remoteserver2'])
571			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
572			if($syslogcfg['remoteserver3'])
573			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
574			}
575	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
576			if (!isset($syslogcfg['disablelocallogging']))
577			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
578	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
579			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
580	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
581	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
582	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
583	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
584	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
585	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
586			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
587			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
588			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
589			local7.none {$log_directive}{$g['varlog_path']}/system.log
590			security.* {$log_directive}{$g['varlog_path']}/system.log
591			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
592	6d8ff5e9	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
593	9dac9942	Scott Ullrich	.emerg
594	0a123b4c	Scott Ullrich
595	5b237745	Scott Ullrich	EOD;
596	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
597			if($syslogcfg['remoteserver'])
598			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
599			if($syslogcfg['remoteserver2'])
600			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
601			if($syslogcfg['remoteserver3'])
602			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
603
604			}
605			if (isset($syslogcfg['vpn'])) {
606			if($syslogcfg['remoteserver'])
607			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
608			if($syslogcfg['remoteserver2'])
609			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
610			if($syslogcfg['remoteserver3'])
611			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
612			}
613			if (isset($syslogcfg['portalauth'])) {
614			if($syslogcfg['remoteserver'])
615			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
616			if($syslogcfg['remoteserver2'])
617			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
618			if($syslogcfg['remoteserver3'])
619			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
620			}
621			if (isset($syslogcfg['dhcp'])) {
622			if($syslogcfg['remoteserver'])
623			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
624			if($syslogcfg['remoteserver2'])
625			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
626			if($syslogcfg['remoteserver3'])
627			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
628			}
629			if (isset($syslogcfg['system'])) {
630			if($syslogcfg['remoteserver'])
631			$syslogconf .= <<<EOD
632	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
633			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
634			security.* @{$syslogcfg['remoteserver']}
635			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
636			*.emerg @{$syslogcfg['remoteserver']}
637	d2834563	Scott Ullrich
638	5b237745	Scott Ullrich	EOD;
639	be5d59d7	Scott Ullrich
640	07bdaacd	pierrepomes	}
641
642	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
643			if($syslogcfg['remoteserver2'])
644			$syslogconf .= <<<EOD
645			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
646			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
647			security.* @{$syslogcfg['remoteserver2']}
648			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
649			*.emerg @{$syslogcfg['remoteserver2']}
650
651			EOD;
652
653	07bdaacd	pierrepomes	}
654
655	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
656			if($syslogcfg['remoteserver3'])
657			$syslogconf .= <<<EOD
658			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
659			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
660			security.* @{$syslogcfg['remoteserver3']}
661			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
662			*.emerg @{$syslogcfg['remoteserver3']}
663
664			EOD;
665
666			}
667	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
668	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
669			$syslogconf .= <<<EOD
670	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
671
672			EOD;
673	be5d59d7	Scott Ullrich
674			if($syslogcfg['remoteserver2'])
675			$syslogconf .= <<<EOD
676			. @{$syslogcfg['remoteserver2']}
677
678			EOD;
679
680			if($syslogcfg['remoteserver3'])
681			$syslogconf .= <<<EOD
682			. @{$syslogcfg['remoteserver3']}
683
684			EOD;
685
686			}
687	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
688			fclose($fd);
689	42ee8bde	Scott Ullrich
690			// Ensure that the log directory exists
691	81868072	Scott Ullrich	if(!is_dir("{$g['dhcpd_chroot_path']}/var/run"))
692	42ee8bde	Scott Ullrich	exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run");
693
694	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
695			if(strpos($syslogconf, "@") != false)
696	f8895161	jim-p	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
697	6a638a89	Scott Ullrich	else
698	65f7fba8	Scott Ullrich	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
699	5b237745	Scott Ullrich
700			} else {
701	65f7fba8	Scott Ullrich	$retval = mwexec("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
702	5b237745	Scott Ullrich	}
703	0f282d7a	Scott Ullrich
704	5b237745	Scott Ullrich	if ($g['booting'])
705	5c6d0f65	Colin Smith	echo "done.\n";
706	0f282d7a	Scott Ullrich
707	5b237745	Scott Ullrich	return $retval;
708			}
709
710			function system_pccard_start() {
711	f19d3b7a	Scott Ullrich	global $config, $g;
712	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
713			$mt = microtime();
714	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
715	58c7450e	Scott Ullrich	}
716	0f282d7a	Scott Ullrich
717	5b237745	Scott Ullrich	if ($g['booting'])
718	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
719	0f282d7a	Scott Ullrich
720	5b237745	Scott Ullrich	/* kill any running pccardd */
721			killbypid("{$g['varrun_path']}/pccardd.pid");
722	0f282d7a	Scott Ullrich
723	5b237745	Scott Ullrich	/* fire up pccardd */
724			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
725	0f282d7a	Scott Ullrich
726	5b237745	Scott Ullrich	if ($g['booting']) {
727			if ($res == 0)
728	5c6d0f65	Colin Smith	echo "done.\n";
729	5b237745	Scott Ullrich	else
730	5c6d0f65	Colin Smith	echo "failed!\n";
731	5b237745	Scott Ullrich	}
732	0f282d7a	Scott Ullrich
733	5b237745	Scott Ullrich	return $res;
734			}
735
736	819197a8	Scott Ullrich
737	5b237745	Scott Ullrich	function system_webgui_start() {
738	f19d3b7a	Scott Ullrich	global $config, $g;
739	877ac35d	Scott Ullrich
740			if ($g['booting'])
741	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
742	877ac35d	Scott Ullrich
743	383a4439	Scott Ullrich	/* kill any running lighttpd */
744	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
745
746	e9d0bf64	Scott Ullrich	sleep(1);
747
748	877ac35d	Scott Ullrich	chdir($g['www_path']);
749
750	fb1266d3	Matthew Grooms	/* defaults */
751			$portarg = "80";
752			$crt = "";
753			$key = "";
754	2cf6ddcb	Nigel Graham	$ca = "";
755	fb1266d3	Matthew Grooms
756	877ac35d	Scott Ullrich	/* non-standard port? */
757	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
758	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
759	877ac35d	Scott Ullrich
760			if ($config['system']['webgui']['protocol'] == "https") {
761	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
762	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
763	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
764	1e332e98	jim-p	if (!is_array($config['ca']))
765			$config['ca'] = array();
766			$a_ca =& $config['ca'];
767			if (!is_array($config['cert']))
768			$config['cert'] = array();
769			$a_cert =& $config['cert'];
770	e9954aef	Scott Ullrich	log_error("Creating SSL Certificate for this host");
771	aab4ca82	Scott Ullrich	$cert = array();
772			$cert['refid'] = uniqid();
773	f2a86ca9	jim-p	$cert['descr'] = "webConfigurator default";
774	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
775			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
776			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
777			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
778			unlink("{$g['tmp_path']}/ssl.key");
779			unlink("{$g['tmp_path']}/ssl.crt");
780	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
781			$a_cert[] = $cert;
782			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
783			write_config("Importing HTTPS certificate");
784			if(!$config['system']['webgui']['port'])
785			$portarg = "443";
786			$ca = ca_chain($cert);
787	edc8a9f8	jim-p	} else {
788	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
789			$key = base64_decode($cert['prv']);
790			if(!$config['system']['webgui']['port'])
791			$portarg = "443";
792	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
793	edc8a9f8	jim-p	}
794	877ac35d	Scott Ullrich	}
795
796			/* generate lighttpd configuration */
797			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
798	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
799	877ac35d	Scott Ullrich
800			/* attempt to start lighthttpd */
801			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
802
803	cc093472	sullrich	/* fetch page to preload apc cache */
804	eb0f4fc6	Ermal Lu?i	$proto = "http";
805			if ($config['system']['webgui']['protocol'])
806			$proto = $config['system']['webgui']['protocol'];
807	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
808	cc093472	sullrich
809	877ac35d	Scott Ullrich	if ($g['booting']) {
810			if ($res == 0)
811			echo "done.\n";
812			else
813			echo "failed!\n";
814			}
815
816			return $res;
817			}
818
819	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
820			$cert,
821			$key,
822	2cf6ddcb	Nigel Graham	$ca,
823	eb0f441c	Scott Ullrich	$pid_file,
824			$port = 80,
825			$document_root = "/usr/local/www/",
826			$cert_location = "cert.pem",
827	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
828	1b666ae2	Scott Ullrich	$max_procs = 2,
829	280b75d9	Scott Ullrich	$max_requests = "2",
830	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
831			$captive_portal = false) {
832	58c7450e	Scott Ullrich
833	f19d3b7a	Scott Ullrich	global $config, $g;
834
835	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
836			mkdir("{$g['tmp_path']}/lighttpdcompress");
837	570ef08c	sullrich
838	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
839			$mt = microtime();
840	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
841	58c7450e	Scott Ullrich	}
842
843	eb0f441c	Scott Ullrich	if($captive_portal == true) {
844			$captiveportal = ",\"mod_rewrite\"";
845	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
846	ec192fe5	Scott Ullrich	$captive_portal_module = "";
847	b0bdc06e	Scott Ullrich	$maxprocperip = $config['captiveportal']['maxprocperip'];
848	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
849			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
850			else
851			$captive_portal_mod_evasive = "";
852	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
853			exec("mkdir -p {$g['tmp_path']}/captiveportal");
854			exec("chmod a-w {$g['tmp_path']}/captiveportal");
855	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
856	b0bdc06e	Scott Ullrich	} else {
857	3435dc35	Ermal Lu?i	$captiveportal = "";
858			$captive_portal_rewrite = "";
859	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
860			$captive_portal_mod_evasive = "";
861	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
862	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
863	eb0f441c	Scott Ullrich	}
864	3306a341	Scott Ullrich
865	28cae949	Scott Ullrich	if($port <> "")
866			$lighty_port = $port;
867			else
868			$lighty_port = "80";
869	3d77d4c4	Scott Ullrich
870			$memory = get_memory();
871			$avail = $memory[0];
872
873	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
874			$fast_cgi_enable = false;
875			}
876
877	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
878			if($captive_portal == true) {
879			if($avail > 65 and $avail < 98) {
880			$max_procs = 1;
881			}
882			if($avail > 97 and $avail < 128) {
883			$max_procs = 2;
884			}
885			if($avail > 127 and $avail < 256) {
886			$max_procs = 3;
887			}
888			if($avail > 255 and $avail < 384) {
889			$max_procs = 4;
890			}
891			if($avail > 383) {
892			$max_procs = 5;
893			}
894	b0bdc06e	Scott Ullrich	}
895
896	6e337a84	Scott Ullrich	if($captive_portal == true) {
897			$bin_environment = <<<EOC
898	5e041d5f	Scott Ullrich	"bin-environment" => (
899	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
900			"PHP_FCGI_MAX_REQUESTS" => "500"
901	6e337a84	Scott Ullrich	),
902			EOC;
903
904	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
905			$bin_environment = <<<EOC
906	980df75c	Scott Ullrich	"bin-environment" => (
907	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
908	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
909	04f4a116	Ermal Luçi	),
910
911			EOC;
912			} else
913	980df75c	Scott Ullrich	$bin_environment = <<<EOC
914			"bin-environment" => (
915			"PHP_FCGI_CHILDREN" => "$max_procs",
916			"PHP_FCGI_MAX_REQUESTS" => "500"
917			),
918			EOC;
919
920	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
921	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
922	4edb490d	Scott Ullrich	$cgi_config = "";
923			$fastcgi_config = <<<EOD
924			#### fastcgi module
925			## read fastcgi.txt for more info
926	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
927			( "localhost" =>
928			(
929	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
930	980df75c	Scott Ullrich	"min-procs" => 0,
931	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
932	6e337a84	Scott Ullrich	{$bin_environment}
933	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
934			)
935			)
936			)
937	4edb490d	Scott Ullrich
938	dde4f60c	Scott Ullrich	#### CGI module
939	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
940	dde4f60c	Scott Ullrich
941	4edb490d	Scott Ullrich	EOD;
942			} else {
943			$fastcgi_config = "";
944			$module = "\"mod_cgi\"";
945			$cgi_config = <<<EOD
946			#### CGI module
947			cgi.assign = ( ".php" => "/usr/local/bin/php",
948	d4302f46	Espen Johansen	".cgi" => "" )
949	333f8ef0	Scott Ullrich
950	4edb490d	Scott Ullrich	EOD;
951			}
952	333f8ef0	Scott Ullrich
953	3435dc35	Ermal Lu?i	$lighty_config = "";
954	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
955	28cae949	Scott Ullrich	#
956	a632cf43	Scott Ullrich	# lighttpd configuration file
957			#
958			# use a it as base for lighttpd 1.0.0 and above
959	28cae949	Scott Ullrich	#
960	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
961
962	770b4b9c	Scott Ullrich	## FreeBSD!
963	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
964			server.network-backend = "writev"
965	543ecd59	Seth Mos	#server.use-ipv6 = "enable"
966	096261af	Scott Ullrich
967	a632cf43	Scott Ullrich	## modules to load
968	4edb490d	Scott Ullrich	server.modules = (
969	a41c5253	Seth Mos	{$captive_portal_module}
970			"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
971			{$module}{$captiveportal}
972			)
973	28cae949	Scott Ullrich
974			## Unused modules
975	6a019c11	Scott Ullrich	# "mod_setenv",
976			# "mod_rewrite",
977	28cae949	Scott Ullrich	# "mod_ssi",
978			# "mod_usertrack",
979			# "mod_expire",
980			# "mod_secdownload",
981			# "mod_rrdtool",
982	a632cf43	Scott Ullrich	# "mod_auth",
983			# "mod_status",
984	28cae949	Scott Ullrich	# "mod_alias",
985	a632cf43	Scott Ullrich	# "mod_proxy",
986			# "mod_simple_vhost",
987			# "mod_evhost",
988			# "mod_userdir",
989	28cae949	Scott Ullrich	# "mod_cgi",
990	a632cf43	Scott Ullrich
991	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
992			server.max-keep-alive-idle = 30
993
994	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
995			## server.virtual-* options
996	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
997	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
998	a632cf43	Scott Ullrich
999	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
1000			server.max-write-idle = 999
1001
1002	a632cf43	Scott Ullrich	## where to send error-messages to
1003	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
1004	a632cf43	Scott Ullrich
1005			# files to check for if .../ is requested
1006			server.indexfiles = ( "index.php", "index.html",
1007			"index.htm", "default.htm" )
1008
1009			# mimetype mapping
1010			mimetype.assign = (
1011			".pdf" => "application/pdf",
1012			".sig" => "application/pgp-signature",
1013			".spl" => "application/futuresplash",
1014			".class" => "application/octet-stream",
1015			".ps" => "application/postscript",
1016			".torrent" => "application/x-bittorrent",
1017			".dvi" => "application/x-dvi",
1018			".gz" => "application/x-gzip",
1019			".pac" => "application/x-ns-proxy-autoconfig",
1020			".swf" => "application/x-shockwave-flash",
1021			".tar.gz" => "application/x-tgz",
1022			".tgz" => "application/x-tgz",
1023			".tar" => "application/x-tar",
1024			".zip" => "application/zip",
1025			".mp3" => "audio/mpeg",
1026			".m3u" => "audio/x-mpegurl",
1027			".wma" => "audio/x-ms-wma",
1028			".wax" => "audio/x-ms-wax",
1029			".ogg" => "audio/x-wav",
1030			".wav" => "audio/x-wav",
1031			".gif" => "image/gif",
1032			".jpg" => "image/jpeg",
1033			".jpeg" => "image/jpeg",
1034			".png" => "image/png",
1035			".xbm" => "image/x-xbitmap",
1036			".xpm" => "image/x-xpixmap",
1037			".xwd" => "image/x-xwindowdump",
1038			".css" => "text/css",
1039			".html" => "text/html",
1040			".htm" => "text/html",
1041			".js" => "text/javascript",
1042			".asc" => "text/plain",
1043			".c" => "text/plain",
1044			".conf" => "text/plain",
1045			".text" => "text/plain",
1046			".txt" => "text/plain",
1047			".dtd" => "text/xml",
1048			".xml" => "text/xml",
1049			".mpeg" => "video/mpeg",
1050			".mpg" => "video/mpeg",
1051			".mov" => "video/quicktime",
1052			".qt" => "video/quicktime",
1053			".avi" => "video/x-msvideo",
1054			".asf" => "video/x-ms-asf",
1055			".asx" => "video/x-ms-asf",
1056			".wmv" => "video/x-ms-wmv",
1057			".bz2" => "application/x-bzip",
1058			".tbz" => "application/x-bzip-compressed-tar",
1059			".tar.bz2" => "application/x-bzip-compressed-tar"
1060			)
1061
1062			# Use the "Content-Type" extended attribute to obtain mime type if possible
1063			#mimetypes.use-xattr = "enable"
1064
1065			#### accesslog module
1066	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
1067	a632cf43	Scott Ullrich
1068			## deny access the file-extensions
1069			#
1070			# ~ is for backupfiles from vi, emacs, joe, ...
1071			# .inc is often used for code includes which should in general not be part
1072			# of the document-root
1073			url.access-deny = ( "~", ".inc" )
1074
1075
1076			######### Options that are good to be but not neccesary to be changed #######
1077
1078			## bind to port (default: 80)
1079	9cb94dd4	Ermal
1080			EOD;
1081
1082	543ecd59	Seth Mos	if($captive_portal == true) {
1083	9cb94dd4	Ermal	$lighty_config .= "server.bind = \"127.0.0.1\"\n";
1084	543ecd59	Seth Mos	$lighty_config .= "server.port = {$lighty_port}\n";
1085	a41c5253	Seth Mos	$lighty_config .= "\$SERVER[\"socket\"] == \"127.0.0.1:{$lighty_port}\" { }\n";
1086			$lighty_config .= "\$SERVER[\"socket\"] == \"[::1]:{$lighty_port}\" { \n";
1087	293079d1	Seth Mos	if($cert <> "" and $key <> "") {
1088			$lighty_config .= "\n";
1089			$lighty_config .= "## ssl configuration\n";
1090			$lighty_config .= "ssl.engine = \"enable\"\n";
1091			$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1092			if($ca <> "")
1093			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1094			}
1095			$lighty_config .= " }\n";
1096	543ecd59	Seth Mos	} else {
1097	5b6661d8	Seth Mos	$lighty_config .= "server.bind = \"0.0.0.0\"\n";
1098	543ecd59	Seth Mos	$lighty_config .= "server.port = {$lighty_port}\n";
1099	a41c5253	Seth Mos	$lighty_config .= "\$SERVER[\"socket\"] == \"0.0.0.0:{$lighty_port}\" { }\n";
1100			$lighty_config .= "\$SERVER[\"socket\"] == \"[::]:{$lighty_port}\" { \n";
1101	293079d1	Seth Mos	if($cert <> "" and $key <> "") {
1102			$lighty_config .= "\n";
1103			$lighty_config .= "## ssl configuration\n";
1104			$lighty_config .= "ssl.engine = \"enable\"\n";
1105			$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1106			if($ca <> "")
1107			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1108			}
1109			$lighty_config .= " }\n";
1110	543ecd59	Seth Mos	}
1111
1112	9cb94dd4	Ermal
1113			$lighty_config .= <<<EOD
1114
1115	a632cf43	Scott Ullrich	## error-handler for status 404
1116			#server.error-handler-404 = "/error-handler.html"
1117			#server.error-handler-404 = "/error-handler.php"
1118
1119			## to help the rc.scripts
1120			server.pid-file = "/var/run/{$pid_file}"
1121
1122			## virtual directory listings
1123	28cae949	Scott Ullrich	server.dir-listing = "disable"
1124	a632cf43	Scott Ullrich
1125			## enable debugging
1126	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1127			debug.log-response-header = "disable"
1128			debug.log-request-handling = "disable"
1129			debug.log-file-not-found = "disable"
1130	a632cf43	Scott Ullrich
1131	570ef08c	sullrich	# gzip compression
1132	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1133	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1134
1135	3306a341	Scott Ullrich	{$server_upload_dirs}
1136	1ef7b568	Scott Ullrich
1137	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1138	ee959dc4	Scott Ullrich
1139	4edb490d	Scott Ullrich	{$fastcgi_config}
1140
1141			{$cgi_config}
1142	a632cf43	Scott Ullrich
1143	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1144
1145	569f47e9	Scott Ullrich	expire.url = (
1146	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1147	569f47e9	Scott Ullrich	)
1148
1149	a632cf43	Scott Ullrich	EOD;
1150
1151	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1152	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1153	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1154	7aae518a	Scott Ullrich
1155			$cert = str_replace("\n\n", "\n", $cert);
1156	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1157	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1158	7aae518a	Scott Ullrich
1159	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1160	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1161	5b237745	Scott Ullrich	if (!$fd) {
1162			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1163			return 1;
1164			}
1165	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1166	5b237745	Scott Ullrich	fwrite($fd, $cert);
1167			fwrite($fd, "\n");
1168			fwrite($fd, $key);
1169			fclose($fd);
1170	546f30ca	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0))) {
1171	2cf6ddcb	Nigel Graham	$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1172			if (!$fd) {
1173			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1174			return 1;
1175			}
1176			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1177			fwrite($fd, $ca);
1178			fclose($fd);
1179			}
1180	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1181	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1182	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1183	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1184	75e9ed89	jim-p	if(!(empty($ca) \|\| (strlen(trim($ca)) == 0)))
1185	2cf6ddcb	Nigel Graham	$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1186	5b237745	Scott Ullrich	}
1187	a978a0ff	Chris Buechler
1188			// Add HTTP to HTTPS redirect
1189			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1190	7921e8e5	Chris Buechler	if($lighty_port != "443")
1191			$redirectport = ":{$lighty_port}";
1192	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1193			\$SERVER["socket"] == ":80" {
1194			\$HTTP["host"] =~ "(.*)" {
1195	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1196	d7e230ae	Chris Buechler	}
1197			}
1198			EOD;
1199			}
1200	0f282d7a	Scott Ullrich
1201	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1202	a632cf43	Scott Ullrich	if (!$fd) {
1203	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1204	a632cf43	Scott Ullrich	return 1;
1205	5b237745	Scott Ullrich	}
1206	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1207			fclose($fd);
1208
1209			return 0;
1210	0f282d7a	Scott Ullrich
1211	5b237745	Scott Ullrich	}
1212
1213			function system_timezone_configure() {
1214	f19d3b7a	Scott Ullrich	global $config, $g;
1215	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1216			$mt = microtime();
1217	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1218	333f8ef0	Scott Ullrich	}
1219	5b237745	Scott Ullrich
1220			$syscfg = $config['system'];
1221
1222			if ($g['booting'])
1223	f05740c1	Scott Ullrich	echo "Setting timezone...";
1224	5b237745	Scott Ullrich
1225			/* extract appropriate timezone file */
1226			$timezone = $syscfg['timezone'];
1227			if (!$timezone)
1228			$timezone = "Etc/UTC";
1229	0f282d7a	Scott Ullrich
1230	34febcde	Scott Ullrich	conf_mount_rw();
1231
1232	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1233	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1234
1235	4efd4885	Scott Ullrich	mwexec("sync");
1236	27150275	Scott Ullrich	conf_mount_ro();
1237	34febcde	Scott Ullrich
1238	5b237745	Scott Ullrich	if ($g['booting'])
1239	5c6d0f65	Colin Smith	echo "done.\n";
1240	5b237745	Scott Ullrich	}
1241
1242			function system_ntp_configure() {
1243	f19d3b7a	Scott Ullrich	global $config, $g;
1244	5b237745	Scott Ullrich
1245	c8960970	Ermal	$syscfg =& $config['system'];
1246	5b237745	Scott Ullrich
1247	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1248			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1249			if(!$fd) {
1250	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1251	20b90e0a	Scott Ullrich	return;
1252	5b237745	Scott Ullrich	}
1253
1254	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1255			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1256			fwrite($fd, "# \n\n");
1257	0f282d7a	Scott Ullrich
1258	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1259			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1260			fwrite($fd, "servers {$ts}\n");
1261	0f282d7a	Scott Ullrich
1262	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1263	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1264			/* server config is in coregui1 */
1265	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1266			if ($xmlsettings['enable'] == 'on') {
1267			$ifaces = explode(',', $xmlsettings['interface']);
1268	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1269	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1270			$ips = array_map('find_interface_ip', $ifaces);
1271			foreach ($ips as $ip) {
1272	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1273	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1274			}
1275	95594e5a	Scott Ullrich	}
1276			}
1277
1278	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1279	0f282d7a	Scott Ullrich
1280	20b90e0a	Scott Ullrich	/* slurp! */
1281			fclose($fd);
1282
1283			/* if openntpd is running, kill it */
1284	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1285	c8960970	Ermal	killbyname("ntpd");
1286	5f3e1f12	Scott Ullrich	}
1287
1288			/* if /var/empty does not exist, create it */
1289			if(!is_dir("/var/empty"))
1290			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1291
1292	401a6674	Ermal	if ($g['booting'])
1293			return;
1294
1295	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1296			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1297	83eb4567	Scott Ullrich
1298			// Note that we are starting up
1299			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1300	0f282d7a	Scott Ullrich
1301	5b237745	Scott Ullrich	}
1302
1303	652cf082	Seth Mos	function sync_system_time() {
1304			global $config, $g;
1305
1306			$syscfg = $config['system'];
1307
1308			if ($g['booting'])
1309	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1310	652cf082	Seth Mos
1311			/* foreach through servers and write out to ntpd.conf */
1312			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1313			mwexec("/usr/sbin/ntpdate -s $ts");
1314			}
1315	4582b281	Scott Ullrich
1316			if ($g['booting'])
1317			echo "done.\n";
1318
1319	652cf082	Seth Mos	}
1320
1321	405e5de0	Scott Ullrich	function system_halt() {
1322			global $g;
1323
1324			system_reboot_cleanup();
1325
1326	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1327	405e5de0	Scott Ullrich	}
1328
1329	5b237745	Scott Ullrich	function system_reboot() {
1330			global $g;
1331	0f282d7a	Scott Ullrich
1332	5b237745	Scott Ullrich	system_reboot_cleanup();
1333	0f282d7a	Scott Ullrich
1334	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1335			}
1336
1337			function system_reboot_sync() {
1338			global $g;
1339	0f282d7a	Scott Ullrich
1340	5b237745	Scott Ullrich	system_reboot_cleanup();
1341	0f282d7a	Scott Ullrich
1342	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1343			}
1344
1345			function system_reboot_cleanup() {
1346	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1347	04967d99	jim-p	require_once("captiveportal.inc");
1348	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1349	336e3c1c	Charlie	require_once("voucher.inc");
1350			voucher_save_db_to_config();
1351	5b237745	Scott Ullrich	}
1352
1353			function system_do_shell_commands($early = 0) {
1354	f19d3b7a	Scott Ullrich	global $config, $g;
1355	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1356			$mt = microtime();
1357	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1358	58c7450e	Scott Ullrich	}
1359	0f282d7a	Scott Ullrich
1360	5b237745	Scott Ullrich	if ($early)
1361			$cmdn = "earlyshellcmd";
1362			else
1363			$cmdn = "shellcmd";
1364	0f282d7a	Scott Ullrich
1365	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1366	333f8ef0	Scott Ullrich
1367	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1368	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1369			exec($cmd);
1370			}
1371	245388b4	Scott Ullrich
1372			} elseif($config['system'][$cmdn] <> "") {
1373	333f8ef0	Scott Ullrich
1374	245388b4	Scott Ullrich	/* execute single item */
1375			exec($config['system'][$cmdn]);
1376
1377	5b237745	Scott Ullrich	}
1378			}
1379
1380			function system_console_configure() {
1381	f19d3b7a	Scott Ullrich	global $config, $g;
1382	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1383			$mt = microtime();
1384	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1385	333f8ef0	Scott Ullrich	}
1386	0f282d7a	Scott Ullrich
1387	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1388			touch("{$g['varetc_path']}/disableconsole");
1389			} else {
1390			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1391			}
1392			}
1393
1394			function system_dmesg_save() {
1395	f19d3b7a	Scott Ullrich	global $g;
1396	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1397			$mt = microtime();
1398	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1399	f19d3b7a	Scott Ullrich	}
1400	0f282d7a	Scott Ullrich
1401	767a716e	Scott Ullrich	$dmesg = "";
1402	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1403	0f282d7a	Scott Ullrich
1404	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1405			$lastcpline = 0;
1406	0f282d7a	Scott Ullrich
1407	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1408			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1409			$lastcpline = $i;
1410			}
1411	0f282d7a	Scott Ullrich
1412	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1413			if (!$fd) {
1414			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1415			return 1;
1416			}
1417	0f282d7a	Scott Ullrich
1418	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1419			fwrite($fd, $dmesg[$i] . "\n");
1420	0f282d7a	Scott Ullrich
1421	5b237745	Scott Ullrich	fclose($fd);
1422	0f282d7a	Scott Ullrich
1423	5b237745	Scott Ullrich	return 0;
1424			}
1425
1426			function system_set_harddisk_standby() {
1427	f19d3b7a	Scott Ullrich	global $g, $config;
1428	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1429			$mt = microtime();
1430	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1431	58c7450e	Scott Ullrich	}
1432	5b237745	Scott Ullrich
1433			if (isset($config['system']['harddiskstandby'])) {
1434			if ($g['booting']) {
1435	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1436	5b237745	Scott Ullrich	}
1437
1438			$standby = $config['system']['harddiskstandby'];
1439			// Check for a numeric value
1440			if (is_numeric($standby)) {
1441			// Sync the disk(s)
1442	5ba5a8de	Scott Ullrich	pfSense_sync();
1443	5b237745	Scott Ullrich	if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1444			// Reinitialize ATA-drives
1445			mwexec('/usr/local/sbin/atareinit');
1446			if ($g['booting']) {
1447	5c6d0f65	Colin Smith	echo "done.\n";
1448	5b237745	Scott Ullrich	}
1449			} else if ($g['booting']) {
1450	5c6d0f65	Colin Smith	echo "failed!\n";
1451	5b237745	Scott Ullrich	}
1452			} else if ($g['booting']) {
1453	5c6d0f65	Colin Smith	echo "failed!\n";
1454	5b237745	Scott Ullrich	}
1455			}
1456			}
1457
1458	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1459	f19d3b7a	Scott Ullrich	global $config;
1460	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1461			$mt = microtime();
1462	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1463	58c7450e	Scott Ullrich	}
1464	243aa7b9	Scott Ullrich
1465	6df9d7e3	Scott Ullrich	activate_sysctls();
1466
1467	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1468			system_disable_arp_wrong_if();
1469			}
1470			}
1471
1472			function system_disable_arp_wrong_if() {
1473	f19d3b7a	Scott Ullrich	global $config;
1474	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1475			$mt = microtime();
1476	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1477	333f8ef0	Scott Ullrich	}
1478	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1479	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1480	3ff9d424	Scott Ullrich	}
1481
1482	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1483	f19d3b7a	Scott Ullrich	global $config;
1484	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1485			$mt = microtime();
1486	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1487	58c7450e	Scott Ullrich	}
1488	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1489	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1490	243aa7b9	Scott Ullrich	}
1491
1492	a199b93e	Scott Ullrich	function enable_watchdog() {
1493			global $config;
1494	1a479479	Scott Ullrich	return;
1495	a199b93e	Scott Ullrich	$install_watchdog = false;
1496			$supported_watchdogs = array("Geode");
1497			$file = file_get_contents("/var/log/dmesg.boot");
1498			foreach($supported_watchdogs as $sd) {
1499			if(stristr($file, "Geode")) {
1500			$install_watchdog = true;
1501			}
1502			}
1503			if($install_watchdog == true) {
1504	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1505	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1506	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1507	a199b93e	Scott Ullrich	}
1508			}
1509	15f14889	Scott Ullrich
1510			function system_check_reset_button() {
1511	fa83737d	Scott Ullrich	global $g;
1512	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1513	fa83737d	Scott Ullrich	return 0;
1514	15f14889	Scott Ullrich
1515	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1516
1517	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1518			return 0;
1519
1520			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1521
1522			if ($retval == 99) {
1523			/* user has pressed reset button for 2 seconds -
1524			reset to factory defaults */
1525			echo <<<EOD
1526
1527			***********************************************************************
1528			* Reset button pressed - resetting configuration to factory defaults. *
1529			* The system will reboot after this completes. *
1530			***********************************************************************
1531
1532
1533			EOD;
1534
1535			reset_factory_defaults();
1536			system_reboot_sync();
1537			exit(0);
1538			}
1539
1540			return 0;
1541			}
1542
1543	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1544			Returns an array with two elements:
1545			name => platform string (e.g. 'wrap', 'alix' etc.)
1546			descr => human-readable description (e.g. "PC Engines WRAP")
1547			*/
1548			function system_identify_specific_platform() {
1549			global $g;
1550
1551			if ($g['platform'] == 'generic-pc')
1552			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1553
1554			if ($g['platform'] == 'generic-pc-cdrom')
1555			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1556
1557			/* the rest of the code only deals with 'embedded' platforms */
1558	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1559	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1560
1561			$dmesg = system_get_dmesg_boot();
1562
1563			if (strpos($dmesg, "PC Engines WRAP") !== false)
1564			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1565
1566			if (strpos($dmesg, "PC Engines ALIX") !== false)
1567			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1568
1569			if (preg_match("/Soekris net45../", $dmesg, $matches))
1570			return array('name' => 'net45xx', 'descr' => $matches[0]);
1571
1572			if (preg_match("/Soekris net48../", $dmesg, $matches))
1573			return array('name' => 'net48xx', 'descr' => $matches[0]);
1574
1575			if (preg_match("/Soekris net55../", $dmesg, $matches))
1576			return array('name' => 'net55xx', 'descr' => $matches[0]);
1577
1578			/* unknown embedded platform */
1579			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1580			}
1581
1582			function system_get_dmesg_boot() {
1583			global $g;
1584	d16af75d	Scott Ullrich
1585	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1586			}
1587
1588	3cc07282	Ermal	?>

Project

General

Profile

pfSense