/etc/inc/interfaces.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/interfaces.inc @ a639bb91

1	5b237745	Scott Ullrich	<?php
2	acc1e9d0	Scott Ullrich	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			interfaces.inc
5	eba938e3	Scott Ullrich	Copyright (C) 2004-2008 Scott Ullrich
6	58936a34	Ermal Lu?i	Copyright (C) 2008-2009 Ermal Lu?i
7	ac3f8318	Espen Johansen	All rights reserved.
8
9			function interfaces_wireless_configure is
10			Copyright (C) 2005 Espen Johansen
11	cfc707f7	Scott Ullrich	All rights reserved.
12
13			originally part of m0n0wall (http://m0n0.ch/wall)
14	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
15			All rights reserved.
16	cfc707f7	Scott Ullrich
17	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
18			modification, are permitted provided that the following conditions are met:
19	cfc707f7	Scott Ullrich
20	ac3f8318	Espen Johansen	1. Redistributions of source code must retain the above copyright notices,
21	5b237745	Scott Ullrich	this list of conditions and the following disclaimer.
22	cfc707f7	Scott Ullrich
23	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
24	ac3f8318	Espen Johansen	notices, this list of conditions and the following disclaimer in the
25	5b237745	Scott Ullrich	documentation and/or other materials provided with the distribution.
26	cfc707f7	Scott Ullrich
27	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
28			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
29			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
30			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
31			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36			POSSIBILITY OF SUCH DAMAGE.
37	523855b0	Scott Ullrich
38	abcb2bed	Ermal Lu?i	pfSense_BUILDER_BINARIES: /usr/sbin/pppd /sbin/dhclient /bin/sh /usr/bin/grep /usr/bin/xargs /usr/bin/awk /usr/local/sbin/choparp
39	89c52814	Ermal	pfSense_BUILDER_BINARIES: /sbin/ifconfig /sbin/route /usr/sbin/ngctl /usr/sbin/arp /bin/kill /usr/local/sbin/mpd5
40	523855b0	Scott Ullrich	pfSense_MODULE: interfaces
41
42	5b237745	Scott Ullrich	*/
43
44			/* include all configuration functions */
45	7387844e	Chris Buechler	require_once("globals.inc");
46	483e6de8	Scott Ullrich	require_once("cmd_chain.inc");
47	5b237745	Scott Ullrich
48	b5b957fe	Scott Ullrich	function interfaces_bring_up($interface) {
49			if(!$interface) {
50	ec054b7c	Scott Ullrich	log_error("interfaces_bring_up() was called but no variable defined.");
51			log_error( "Backtrace: " . debug_backtrace() );
52	b5b957fe	Scott Ullrich	return;
53			}
54	871768cf	Ermal	pfSense_interface_flags($interface, IFF_UP);
55	b5b957fe	Scott Ullrich	}
56
57	52947718	Ermal Lu?i	/*
58			* Return the interface array
59			*/
60			function get_interface_arr($flush = false) {
61			global $interface_arr_cache;
62
63			/* If the cache doesn't exist, build it */
64			if (!isset($interface_arr_cache) or $flush)
65	8256f324	gnhb	$interface_arr_cache = explode(" ", trim(`/sbin/ifconfig -l`));
66	52947718	Ermal Lu?i
67			return $interface_arr_cache;
68			}
69
70			/*
71			* does_interface_exist($interface): return true or false if a interface is
72			* detected.
73			*/
74			function does_interface_exist($interface) {
75	8256f324	gnhb	global $config;
76
77			if(!$interface)
78			return false;
79	52947718	Ermal Lu?i
80	8256f324	gnhb	$ints = get_interface_arr();
81	6d5446a2	Ermal	if (in_array($interface, $ints))
82	8256f324	gnhb	return true;
83			else
84			return false;
85	52947718	Ermal Lu?i	}
86
87	eba938e3	Scott Ullrich	function interfaces_loopback_configure() {
88	7a6f7c55	Scott Ullrich	if($g['booting'])
89			echo "Configuring loopback interface...";
90	871768cf	Ermal	pfSense_interface_setaddress("lo0", "127.0.0.1");
91	b5b957fe	Scott Ullrich	interfaces_bring_up("lo0");
92	0aca91d0	Scott Ullrich	exec("/sbin/route add 127.0.0.2 127.0.0.1");
93	7a6f7c55	Scott Ullrich	if($g['booting'])
94			echo "done.\n";
95	5b237745	Scott Ullrich	return 0;
96			}
97
98	eba938e3	Scott Ullrich	function interfaces_vlan_configure() {
99	7a6f7c55	Scott Ullrich	global $config, $g;
100	87519eb7	Scott Ullrich	if($g['booting'])
101	7a6f7c55	Scott Ullrich	echo "Configuring VLAN interfaces...";
102	5b6eac01	Scott Ullrich	if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) {
103	e1c449c0	Ermal Lu?i	foreach ($config['vlans']['vlan'] as $vlan) {
104	f620d00d	Ermal Luçi	if(empty($vlan['vlanif']))
105	48315e65	Ermal Luci	$vlan['vlanif'] = "{$vlan['if']}_vlan{$vlan['tag']}";
106	5b6eac01	Scott Ullrich	/* XXX: Maybe we should report any errors?! */
107	5f1e1d26	Ermal Lu?i	interface_vlan_configure($vlan);
108	517feb1c	Seth Mos	}
109	5b6eac01	Scott Ullrich	}
110	87519eb7	Scott Ullrich	if($g['booting'])
111	7a6f7c55	Scott Ullrich	echo "done.\n";
112	2075fadb	Ermal Luçi	}
113	cfc707f7	Scott Ullrich
114	abcb2bed	Ermal Lu?i	function interface_vlan_configure(&$vlan) {
115	2075fadb	Ermal Luçi	global $config, $g;
116	161040eb	Scott Ullrich
117	5f1e1d26	Ermal Lu?i	if (!is_array($vlan)) {
118			log_error("VLAN: called with wrong options. Problems with config!");
119			return;
120			}
121			$if = $vlan['if'];
122	48315e65	Ermal Luci	$vlanif = empty($vlan['vlanif']) ? "{$if}_vlan{$vlan['tag']}" : $vlan['vlanif'];
123	5f1e1d26	Ermal Lu?i	$tag = $vlan['tag'];
124
125	871768cf	Ermal	if (empty($if)) {
126	e1c449c0	Ermal Lu?i	log_error("interface_vlan_confgure called with if undefined.");
127	3ae4960c	Ermal Luçi	return;
128			}
129
130	37a53d16	Scott Ullrich	/* make sure the parent interface is up */
131	07101b63	Ermal Luçi	interfaces_bring_up($if);
132			/* Since we are going to add vlan(4) try to enable all that hardware supports. */
133	871768cf	Ermal	pfSense_interface_capabilities($if, IFCAP_VLAN_HWTAGGING\|IFCAP_VLAN_MTU\|IFCAP_VLAN_HWFILTER);
134	cfc707f7	Scott Ullrich
135	4aca19b3	Scott Ullrich	if (!empty($vlanif) && does_interface_exist($vlanif)) {
136	37a53d16	Scott Ullrich	interface_bring_down($vlanif);
137	4aca19b3	Scott Ullrich	} else {
138	871768cf	Ermal	$tmpvlanif = pfSense_interface_create("vlan");
139			pfSense_interface_rename($tmpvlanif, $vlanif);
140			pfSense_ngctl_name("{$tmpvlanif}:", $vlanif);
141	abcb2bed	Ermal Lu?i	}
142	871768cf	Ermal
143			pfSense_vlan_create($vlanif, $if, $tag);
144	2075fadb	Ermal Luçi
145	07101b63	Ermal Luçi	interfaces_bring_up($vlanif);
146	cfc707f7	Scott Ullrich
147	40b0b541	Ermal Lu?i	/* invalidate interface cache */
148			get_interface_arr(true);
149	3f7d2120	Bill Marquette
150	4aca19b3	Scott Ullrich	/* XXX: ermal -- for now leave it here at the moment it does not hurt. */
151	07101b63	Ermal Luçi	interfaces_bring_up($if);
152	cfc707f7	Scott Ullrich
153	4aca19b3	Scott Ullrich	return $vlanif;
154	5b237745	Scott Ullrich	}
155
156	abcb2bed	Ermal Lu?i	function interface_qinq_configure(&$vlan, $fd = NULL) {
157	5f1e1d26	Ermal Lu?i	global $config, $g;
158
159	c1289cfd	Ermal Lu?i	if (!is_array($vlan)) {
160			log_error("QinQ compat VLAN: called with wrong options. Problems with config!\n");
161	5f1e1d26	Ermal Lu?i	return;
162			}
163
164	42bad812	Ermal Lu?i	$qinqif = $vlan['if'];
165	c1289cfd	Ermal Lu?i	$tag = $vlan['tag'];
166	a726c0e8	Ermal Lu?i	if(empty($qinqif)) {
167	c1289cfd	Ermal Lu?i	log_error("interface_qinq_confgure called with if undefined.\n");
168			return;
169			}
170	4400ad66	Ermal Lu?i	$vlanif = interface_vlan_configure($vlan);
171	5f1e1d26	Ermal Lu?i
172	c1289cfd	Ermal Lu?i	if ($fd == NULL) {
173			$exec = true;
174			$fd = fopen("{$g['tmp_path']}/netgraphcmd", "w");
175			} else
176			$exec = false;
177	5f1e1d26	Ermal Lu?i	/* make sure the parent is converted to ng_vlan(4) and is up */
178	42bad812	Ermal Lu?i	interfaces_bring_up($qinqif);
179	5f1e1d26	Ermal Lu?i
180	abcb2bed	Ermal Lu?i	if (!empty($vlanif) && does_interface_exist($vlanif)) {
181	42bad812	Ermal Lu?i	fwrite($fd, "shutdown {$qinqif}qinq:\n");
182			exec("/usr/sbin/ngctl msg {$qinqif}qinq: gettable", $result);
183	c1289cfd	Ermal Lu?i	if (empty($result)) {
184	42bad812	Ermal Lu?i	fwrite($fd, "mkpeer {$qinqif}: vlan lower downstream\n");
185	4400ad66	Ermal Lu?i	fwrite($fd, "name {$qinqif}:lower {$vlanif}qinq\n");
186			fwrite($fd, "connect {$qinqif}: {$vlanif}qinq: upper nomatch\n");
187	c1289cfd	Ermal Lu?i	}
188	5f1e1d26	Ermal Lu?i	} else {
189	42bad812	Ermal Lu?i	fwrite($fd, "mkpeer {$qinqif}: vlan lower downstream\n");
190	4400ad66	Ermal Lu?i	fwrite($fd, "name {$qinqif}:lower {$vlanif}qinq\n");
191			fwrite($fd, "connect {$qinqif}: {$vlanif}qinq: upper nomatch\n");
192	c1289cfd	Ermal Lu?i	}
193	5f1e1d26	Ermal Lu?i
194			/* invalidate interface cache */
195			get_interface_arr(true);
196
197	42bad812	Ermal Lu?i	if (!stristr($qinqif, "vlan"))
198			mwexec("/sbin/ifconfig {$qinqif} promisc\n");
199	5f1e1d26	Ermal Lu?i
200	4400ad66	Ermal Lu?i	$macaddr = get_interface_mac($qinqif);
201	c1289cfd	Ermal Lu?i	if (!empty($vlan['members'])) {
202			$members = explode(" ", $vlan['members']);
203			foreach ($members as $qtag) {
204			$qinq = array();
205	5f1e1d26	Ermal Lu?i	$qinq['tag'] = $qtag;
206			$qinq['if'] = $vlanif;
207	c1289cfd	Ermal Lu?i	interface_qinq2_configure($qinq, $fd, $macaddr);
208			}
209			}
210			if ($exec == true) {
211			fclose($fd);
212			mwexec("/usr/sbin/ngctl -f {$g['tmp_path']}/netgraphcmd");
213			}
214
215	42bad812	Ermal Lu?i	interfaces_bring_up($qinqif);
216	c1289cfd	Ermal Lu?i	if (!empty($vlan['members'])) {
217			$members = explode(" ", $vlan['members']);
218			foreach ($members as $qif)
219	4400ad66	Ermal Lu?i	interfaces_bring_up("{$vlanif}_{$qif}");
220	c1289cfd	Ermal Lu?i	}
221	5f1e1d26	Ermal Lu?i
222			return $vlanif;
223			}
224
225			function interfaces_qinq_configure() {
226	7a6f7c55	Scott Ullrich	global $config, $g;
227			if($g['booting'])
228			echo "Configuring QinQ interfaces...";
229			if (is_array($config['qinqs']['qinqentry']) && count($config['qinqs']['qinqentry'])) {
230			foreach ($config['qinqs']['qinqentry'] as $qinq) {
231			/* XXX: Maybe we should report any errors?! */
232	4400ad66	Ermal Lu?i	interface_qinq_configure($qinq);
233	7a6f7c55	Scott Ullrich	}
234	4400ad66	Ermal Lu?i	}
235			if($g['booting'])
236			echo "done.\n";
237	5f1e1d26	Ermal Lu?i	}
238
239	abcb2bed	Ermal Lu?i	function interface_qinq2_configure(&$qinq, $fd, $macaddr) {
240	c1289cfd	Ermal Lu?i	global $config, $g;
241	5f1e1d26	Ermal Lu?i
242			if (!is_array($qinq)) {
243	c1289cfd	Ermal Lu?i	log_error("QinQ compat VLAN: called with wrong options. Problems with config!\n");
244	5f1e1d26	Ermal Lu?i	return;
245			}
246
247			$if = $qinq['if'];
248			$tag = $qinq['tag'];
249	c1289cfd	Ermal Lu?i	$vlanif = "{$if}_{$tag}";
250	5f1e1d26	Ermal Lu?i	if(empty($if)) {
251	c1289cfd	Ermal Lu?i	log_error("interface_qinq_confgure called with if undefined.\n");
252	5f1e1d26	Ermal Lu?i	return;
253			}
254
255	4400ad66	Ermal Lu?i	fwrite($fd, "shutdown {$if}h{$tag}:\n");
256	c1289cfd	Ermal Lu?i	fwrite($fd, "mkpeer {$if}qinq: eiface {$if}{$tag} ether\n");
257			fwrite($fd, "name {$if}qinq:{$if}{$tag} {$if}h{$tag}\n");
258			fwrite($fd, "msg {$if}qinq: addfilter { vlan={$tag} hook=\"{$if}{$tag}\" }\n");
259			fwrite($fd, "msg {$if}h{$tag}: setifname \"{$vlanif}\"\n");
260	4400ad66	Ermal Lu?i	fwrite($fd, "msg {$if}h{$tag}: set {$macaddr}\n");
261	5f1e1d26	Ermal Lu?i
262	c1289cfd	Ermal Lu?i	/* invalidate interface cache */
263	5f1e1d26	Ermal Lu?i	get_interface_arr(true);
264
265			return $vlanif;
266			}
267
268	9f428275	Erik Fonnesbeck	function interfaces_create_wireless_clones() {
269			global $config;
270
271			if($g['booting'])
272			echo "Creating other wireless clone interfaces...";
273			if (is_array($config['wireless']['clone']) && count($config['wireless']['clone'])) {
274			foreach ($config['wireless']['clone'] as $clone) {
275			if(empty($clone['cloneif']))
276			continue;
277			if(does_interface_exist($clone['cloneif']))
278			continue;
279			/* XXX: Maybe we should report any errors?! */
280			if(interface_wireless_clone($clone['cloneif'], $clone))
281			if($g['booting'])
282			echo " " . $clone['cloneif'];
283			}
284			}
285			if($g['booting'])
286			echo " done.\n";
287			}
288
289	eba938e3	Scott Ullrich	function interfaces_bridge_configure() {
290	bad29bc6	Ermal Luçi	global $config;
291
292			$i = 0;
293	3134528d	Ermal Luçi	if (is_array($config['bridges']['bridged']) && count($config['bridges']['bridged'])) {
294			foreach ($config['bridges']['bridged'] as $bridge) {
295	f620d00d	Ermal Luçi	if(empty($bridge['bridgeif']))
296	bad29bc6	Ermal Luçi	$bridge['bridgeif'] = "bridge{$i}";
297			/* XXX: Maybe we should report any errors?! */
298			interface_bridge_configure($bridge);
299			$i++;
300			}
301			}
302			}
303
304	eba938e3	Scott Ullrich	function interface_bridge_configure(&$bridge) {
305	d7147b1c	Scott Ullrich	global $config, $g;
306	bad29bc6	Ermal Luçi
307	d7147b1c	Scott Ullrich	if (!is_array($bridge))
308			return -1;
309	bad29bc6	Ermal Luçi
310	dc97efaf	Ermal Luçi	if (empty($bridge['members'])) {
311			log_error("No members found on {$bridge['bridgeif']}");
312			return -1;
313			}
314
315	bad29bc6	Ermal Luçi	$members = explode(',', $bridge['members']);
316	70720671	Ermal Luçi	if (!count($members))
317	bad29bc6	Ermal Luçi	return -1;
318	ea5f6c95	Ermal
319	bad29bc6	Ermal Luçi	$checklist = get_configured_interface_list();
320
321	fded24de	Ermal Luçi	if ($g['booting'] \|\| !empty($bridge['bridgeif'])) {
322	871768cf	Ermal	pfSense_interface_destroy($bridge['bridgeif']);
323			pfSense_interface_create($bridge['bridgeif']);
324	d7147b1c	Scott Ullrich	$bridgeif = $bridge['bridgeif'];
325	871768cf	Ermal	} else
326			$bridgeif = pfSense_interface_create("bridge");
327	bad29bc6	Ermal Luçi
328	b64523c1	Ermal Luçi	/* Calculate smaller mtu and enforce it */
329	69e53ef0	Ermal Luçi	$smallermtu = 0;
330	b64523c1	Ermal Luçi	foreach ($members as $member) {
331			$realif = get_real_interface($member);
332			$mtu = get_interface_mtu($realif);
333	69e53ef0	Ermal Luçi	if ($smallermtu == 0 && !empty($mtu))
334			$smallermtu = $mtu;
335			else if (!empty($mtu) && $mtu < $smallermtu)
336	b64523c1	Ermal Luçi	$smallermtu = $mtu;
337			}
338
339	69e53ef0	Ermal Luçi	/* Just in case anything is not working well */
340			if ($smallermtu == 0)
341			$smallermtu = 1500;
342
343	bad29bc6	Ermal Luçi	/* Add interfaces to bridge */
344	31241000	Ermal Luçi	foreach ($members as $member) {
345	d7147b1c	Scott Ullrich	if (!array_key_exists($member, $checklist))
346			continue;
347	9ecce49f	Ermal Lu?i	$realif1 = get_real_interface($member);
348			$realif = escapeshellarg($realif1);
349	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
350	871768cf	Ermal	pfSense_interface_mtu($realif, $smallermtu);
351	d7147b1c	Scott Ullrich	if(!$realif)
352			log_error("realif not defined in interfaces bridge - up");
353	9ecce49f	Ermal Lu?i	interfaces_bring_up($realif1);
354	31241000	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} addm {$realif}");
355	d7147b1c	Scott Ullrich	}
356	31241000	Ermal Luçi
357	bad29bc6	Ermal Luçi	if (isset($bridge['enablestp'])) {
358			/* Choose spanning tree proto */
359			mwexec("/sbin/ifconfig {$bridgeif} proto {$bridge['proto']}");
360
361	dc97efaf	Ermal Luçi	if (!empty($bridge['stp'])) {
362			$stpifs = explode(',', $bridge['stp']);
363			foreach ($stpifs as $stpif) {
364			$realif = get_real_interface($stpif);
365			mwexec("/sbin/ifconfig {$bridgeif} stp {$realif}");
366			}
367	bad29bc6	Ermal Luçi	}
368	dc97efaf	Ermal Luçi	if (!empty($bridge['maxage']))
369	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} maxage {$bridge['maxage']}");
370	dc97efaf	Ermal Luçi	if (!empty($brige['fwdelay']))
371	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} fwddelay {$bridge['fwdelay']}");
372	dc97efaf	Ermal Luçi	if (!empty($brige['hellotime']))
373	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} hellotime {$bridge['hellotime']}");
374	dc97efaf	Ermal Luçi	if (!empty($brige['priority']))
375	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} priority {$bridge['priority']}");
376	dc97efaf	Ermal Luçi	if (!empty($brige['holdcount']))
377	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} holdcnt {$bridge['holdcnt']}");
378	dc97efaf	Ermal Luçi	if (!empty($bridge['ifpriority'])) {
379			$pconfig = explode(",", $bridge['ifpriority']);
380			$ifpriority = array();
381			foreach ($pconfig as $cfg) {
382			$embcfg = explode(":", $cfg);
383			foreach ($embcfg as $key => $value)
384			$ifpriority[$key] = $value;
385			}
386			foreach ($ifpriority as $key => $value) {
387			$realif = get_real_interface($key);
388			mwexec("/sbin/ifconfig ${bridgeif} ifpriority {$realif} {$value}");
389			}
390	bad29bc6	Ermal Luçi	}
391	dc97efaf	Ermal Luçi	if (!empty($bridge['ifpathcost'])) {
392			$pconfig = explode(",", $bridges['ifpathcost']);
393			$ifpathcost = array();
394			foreach ($pconfig as $cfg) {
395			$embcfg = explode(":", $cfg);
396			foreach ($embcfg as $key => $value)
397			$ifpathcost[$key] = $value;
398			}
399			foreach ($ifpathcost as $key => $value) {
400			$realif = get_real_interface($key);
401			mwexec("/sbin/ifconfig ${bridgeif} ifpathcost {$realif} {$value}");
402			}
403	bad29bc6	Ermal Luçi	}
404			}
405
406			if ($bridge['maxaddr'] <> "")
407			mwexec("/sbin/ifconfig {$bridgeif} maxaddr {$bridge['maxaddr']}");
408			if ($bridge['timeout'] <> "")
409			mwexec("/sbin/ifconfig {$bridgeif} timeout {$bridge['timeout']}");
410			if ($bridge['span'] <> "") {
411	85a5da13	Ermal Luçi	$realif = get_real_interface($bridge['span']);
412	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} span {$realif}");
413			}
414	a47a5798	Ermal Luçi	if (!empty($bridge['edge'])) {
415			$edgeifs = explode(',', $bridge['edge']);
416			foreach ($edgeifs as $edgeif) {
417			$realif = get_real_interface($edgeif);
418			mwexec("/sbin/ifconfig {$bridgeif} edge {$realif}");
419			}
420			}
421			if (!empty($bridge['autoedge'])) {
422			$edgeifs = explode(',', $bridge['autoedge']);
423			foreach ($edgeifs as $edgeif) {
424			$realif = get_real_interface($edgeif);
425			mwexec("/sbin/ifconfig {$bridgeif} -autoedge {$realif}");
426			}
427			}
428			if (!empty($bridge['ptp'])) {
429			$ptpifs = explode(',', $bridge['ptp']);
430			foreach ($ptpifs as $ptpif) {
431			$realif = get_real_interface($ptpif);
432			mwexec("/sbin/ifconfig {$bridgeif} ptp {$realif}");
433			}
434			}
435			if (!empty($bridge['autoptp'])) {
436			$ptpifs = explode(',', $bridge['autoptp']);
437			foreach ($ptpifs as $ptpif) {
438			$realif = get_real_interface($ptpif);
439			mwexec("/sbin/ifconfig {$bridgeif} -autoptp {$realif}");
440			}
441			}
442			if (!empty($bridge['static'])) {
443			$stickyifs = explode(',', $bridge['static']);
444			foreach ($stickyifs as $stickyif) {
445			$realif = get_real_interface($stickyif);
446			mwexec("/sbin/ifconfig {$bridgeif} sticky {$realif}");
447			}
448			}
449			if (!empty($bridge['private'])) {
450			$privateifs = explode(',', $bridge['private']);
451			foreach ($privateifs as $privateif) {
452			$realif = get_real_interface($privateif);
453			mwexec("/sbin/ifconfig {$bridgeif} private {$realif}");
454			}
455			}
456	bad29bc6	Ermal Luçi
457	d7147b1c	Scott Ullrich	if($bridgeif)
458	b5b957fe	Scott Ullrich	interfaces_bring_up($bridgeif);
459	d7147b1c	Scott Ullrich	else
460			log_error("bridgeif not defined -- could not bring interface up");
461	bad29bc6	Ermal Luçi
462	d7147b1c	Scott Ullrich	return $bridgeif;
463	bad29bc6	Ermal Luçi	}
464
465	fcd4a425	Ermal Lu?i	function interface_bridge_add_member($bridgeif, $interface) {
466
467			if (!does_interface_exist($bridgeif) \|\| !does_interface_exist($interface))
468			return;
469
470			$mtu = get_interface_mtu($brigeif);
471			$mtum = get_interface_mtu($interface);
472
473			if ($mtu != $mtum)
474	871768cf	Ermal	pfSense_interface_mtu($interface, $mtu);
475	fcd4a425	Ermal Lu?i
476	ea5f6c95	Ermal	pfSense_get_interface_addresses($bridgeif);
477			if (isset($options['encaps']['txcsum']))
478			pfSense_interface_capabilities($interface, IFCAP_TXCSUM);
479	a639bb91	Ermal	else
480			pfSense_interface_capabilities($interface, -IFCAP_TXCSUM);
481	ea5f6c95	Ermal
482	fcd4a425	Ermal Lu?i	interfaces_bring_up($interface);
483			mwexec("/sbin/ifconfig {$bridgeif} addm {$interface}");
484			}
485
486	f620d00d	Ermal Luçi	function interfaces_lagg_configure()
487			{
488	7a6f7c55	Scott Ullrich	global $config, $g;
489			if($g['booting'])
490			echo "Configuring LAGG interfaces...";
491	cccf624b	Ermal Luçi	$i = 0;
492	7a6f7c55	Scott Ullrich	if (is_array($config['laggs']['lagg']) && count($config['laggs']['lagg'])) {
493			foreach ($config['laggs']['lagg'] as $lagg) {
494			if(empty($lagg['laggif']))
495			$lagg['laggif'] = "lagg{$i}";
496			/* XXX: Maybe we should report any errors?! */
497			interface_lagg_configure($lagg);
498			$i++;
499			}
500			}
501			if($g['booting'])
502			echo "done.\n";
503	cccf624b	Ermal Luçi	}
504
505	eba938e3	Scott Ullrich	function interface_lagg_configure(&$lagg) {
506	cccf624b	Ermal Luçi	global $config, $g;
507
508			if (!is_array($lagg))
509			return -1;
510
511			$members = explode(',', $lagg['members']);
512			if (!count($members))
513			return -1;
514
515	fe281019	Ermal Luçi	$checklist = get_interface_list();
516	cccf624b	Ermal Luçi
517	b64523c1	Ermal Luçi	if ($g['booting'] \|\| !(empty($lagg['laggif']))) {
518	871768cf	Ermal	pfSense_interface_destroy($lagg['laggif']);
519			pfSense_interface_create($lagg['laggif']);
520	b64523c1	Ermal Luçi	$laggif = $lagg['laggif'];
521			} else
522	871768cf	Ermal	$laggif = pfSense_interface_create("lagg");
523	b64523c1	Ermal Luçi
524			/* Calculate smaller mtu and enforce it */
525	69e53ef0	Ermal Luçi	$smallermtu = 0;
526	b64523c1	Ermal Luçi	foreach ($members as $member) {
527	39fbee97	Ermal Lu?i	$mtu = get_interface_mtu($member);
528	69e53ef0	Ermal Luçi	if ($smallermtu == 0 && !empty($mtu))
529			$smallermtu = $mtu;
530			else if (!empty($mtu) && $mtu < $smallermtu)
531	b64523c1	Ermal Luçi	$smallermtu = $mtu;
532			}
533
534	69e53ef0	Ermal Luçi	/* Just in case anything is not working well */
535			if ($smallermtu == 0)
536			$smallermtu = 1500;
537
538	cccf624b	Ermal Luçi	foreach ($members as $member) {
539			if (!array_key_exists($member, $checklist))
540			continue;
541	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
542	871768cf	Ermal	pfSense_interface_mtu($member, $smallermtu);
543	39fbee97	Ermal Lu?i	interfaces_bring_up($member);
544	f421cbcc	Ermal Lu?i	mwexec("/sbin/ifconfig {$laggif} laggport {$member}");
545	cccf624b	Ermal Luçi	}
546	b5b957fe	Scott Ullrich
547	39fbee97	Ermal Lu?i	mwexec("/sbin/ifconfig {$laggif} laggproto {$lagg['proto']}");
548	acc1e9d0	Scott Ullrich
549	b5b957fe	Scott Ullrich	interfaces_bring_up($laggif);
550	cccf624b	Ermal Luçi
551	d7147b1c	Scott Ullrich	return $laggif;
552	cccf624b	Ermal Luçi	}
553
554	eba938e3	Scott Ullrich	function interfaces_gre_configure() {
555	582d2452	Ermal Luçi	global $config;
556
557			$i = 0;
558			if (is_array($config['gres']['gre']) && count($config['gres']['gre'])) {
559			foreach ($config['gres']['gre'] as $gre) {
560	f620d00d	Ermal Luçi	if(empty($gre['greif']))
561	582d2452	Ermal Luçi	$gre['greif'] = "gre{$i}";
562			/* XXX: Maybe we should report any errors?! */
563			interface_gre_configure($gre);
564			$i++;
565			}
566			}
567			}
568
569	eba938e3	Scott Ullrich	function interface_gre_configure(&$gre) {
570	582d2452	Ermal Luçi	global $config, $g;
571
572			if (!is_array($gre))
573			return -1;
574
575	85a5da13	Ermal Luçi	$realif = get_real_interface($gre['if']);
576			$realifip = get_interface_ip($gre['if']);
577	582d2452	Ermal Luçi
578	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
579	b5b957fe	Scott Ullrich	interfaces_bring_up($realif);
580	582d2452	Ermal Luçi
581	d7147b1c	Scott Ullrich	if ($g['booting'] \|\| !(empty($gre['greif']))) {
582	871768cf	Ermal	pfSense_interface_destroy($gre['greif']);
583			pfSense_interface_create($gre['greif']);
584	582d2452	Ermal Luçi	$greif = $gre['greif'];
585	871768cf	Ermal	} else
586			$greif = pfSense_interface_create("gre");
587	582d2452	Ermal Luçi
588			/* Do not change the order here for more see gre(4) NOTES section. */
589			mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} {$gre['remote-addr']}");
590	bd33ee57	Ermal Luçi	mwexec("/sbin/ifconfig {$greif} {$gre['tunnel-local-addr']} {$gre['tunnel-remote-addr']} netmask " . gen_subnet_mask($gre['tunnel-remote-net']));
591	582d2452	Ermal Luçi	if (isset($gre['link0']) && $gre['link0'])
592	871768cf	Ermal	pfSense_interface_flags($greif, IFF_LINK0);
593	d7147b1c	Scott Ullrich	if (isset($gre['link1']) && $gre['link1'])
594	871768cf	Ermal	pfSense_interface_flags($greif, IFF_LINK1);
595	d7147b1c	Scott Ullrich	if (isset($gre['link2']) && $gre['link2'])
596	871768cf	Ermal	pfSense_interface_flags($greif, IFF_LINK2);
597	d7147b1c	Scott Ullrich
598			if($greif)
599	b5b957fe	Scott Ullrich	interfaces_bring_up($greif);
600	d7147b1c	Scott Ullrich	else
601			log_error("Could not bring greif up -- variable not defined.");
602	582d2452	Ermal Luçi
603	53b0d9d3	Ermal Lu?i	if (isset($gre['link1']) && $gre['link1'])
604	61b67ab3	Ermal Lu?i	mwexec("/sbin/route add {$gre['tunnel-remote-addr']}/{$gre['tunnel-remote-net']} {$gre['tunnel-local-addr']}");
605	da179181	Administrator	file_put_contents("{$g['tmp_path']}/{$greif}_router", $gre['tunnel-remote-addr']);
606	582d2452	Ermal Luçi
607			return $greif;
608			}
609
610	eba938e3	Scott Ullrich	function interfaces_gif_configure() {
611	9006e9f8	Scott Ullrich	global $config;
612			$i = 0;
613			if (is_array($config['gifs']['gif']) && count($config['gifs']['gif'])) {
614			foreach ($config['gifs']['gif'] as $gif) {
615			if(empty($gif['gifif']))
616			$gre['gifif'] = "gif{$i}";
617			/* XXX: Maybe we should report any errors?! */
618			interface_gif_configure($gif);
619			$i++;
620			}
621			}
622	582d2452	Ermal Luçi	}
623
624	eba938e3	Scott Ullrich	function interface_gif_configure(&$gif) {
625	9006e9f8	Scott Ullrich	global $config, $g;
626	582d2452	Ermal Luçi
627	9006e9f8	Scott Ullrich	if (!is_array($gif))
628			return -1;
629	582d2452	Ermal Luçi
630	9006e9f8	Scott Ullrich	$realif = get_real_interface($gif['if']);
631			$realifip = get_interface_ip($gif['if']);
632	582d2452	Ermal Luçi
633	9006e9f8	Scott Ullrich	/* make sure the parent interface is up */
634			if($realif)
635			interfaces_bring_up($realif);
636			else
637			log_error("could not bring realif up -- variable not defined -- interface_gif_configure()");
638	582d2452	Ermal Luçi
639	9006e9f8	Scott Ullrich	if ($g['booting'] \|\| !(empty($gif['gifif']))) {
640	871768cf	Ermal	pfSense_interface_destroy($gif['gifif']);
641			pfSense_interface_create($gif['gifif']);
642	9006e9f8	Scott Ullrich	$gifif = $gif['gifif'];
643			} else
644	871768cf	Ermal	$gifif = pfSense_interface_create("gif");
645	9006e9f8	Scott Ullrich
646			/* Do not change the order here for more see gif(4) NOTES section. */
647			mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} {$gif['remote-addr']}");
648			mwexec("/sbin/ifconfig {$gifif} {$gif['tunnel-local-addr']} {$gif['tunnel-remote-addr']} netmask " . gen_subnet_mask($gif['tunnel-remote-net']));
649			if (isset($gif['link0']) && $gif['link0'])
650	871768cf	Ermal	pfSense_interface_flags($gifif, IFF_LINK0);
651	9006e9f8	Scott Ullrich	if (isset($gif['link1']) && $gif['link1'])
652	871768cf	Ermal	pfSense_interface_flags($gifif, IFF_LINK1);
653	9006e9f8	Scott Ullrich	if($gifif)
654			interfaces_bring_up($gifif);
655			else
656			log_error("could not bring gifif up -- variable not defined");
657
658	53b0d9d3	Ermal Lu?i	/* XXX: Needed?! */
659			//mwexec("/sbin/route add {$gif['tunnel-remote-addr']}/{$gif['tunnel-remote-net']} -iface {$gifif}");
660	61b67ab3	Ermal Lu?i	file_put_contents("{$g['tmp_path']}/{$gifif}_router", $gif['tunnel-remote-addr']);
661	582d2452	Ermal Luçi
662	9006e9f8	Scott Ullrich	return $gifif;
663	582d2452	Ermal Luçi	}
664
665	eba938e3	Scott Ullrich	function interfaces_configure() {
666	9b1c39e3	Ermal Luçi	global $config, $g;
667
668	a5d6f60b	Ermal Lu?i	/* Set up our loopback interface */
669	4aca19b3	Scott Ullrich	interfaces_loopback_configure();
670	a5d6f60b	Ermal Lu?i
671	541b7c56	Scott Ullrich	/* set up LAGG virtual interfaces */
672			interfaces_lagg_configure();
673
674	acc1e9d0	Scott Ullrich	/* set up VLAN virtual interfaces */
675			interfaces_vlan_configure();
676
677	5f1e1d26	Ermal Lu?i	interfaces_qinq_configure();
678
679	67ee1ec5	Ermal Luçi	$iflist = get_configured_interface_with_descr();
680	9b1c39e3	Ermal Luçi	$delayed_list = array();
681			$bridge_list = array();
682	b6db9217	Ermal Luçi
683	871768cf	Ermal	/* This is needed to speedup interfaces on bootup. */
684			$reload = false;
685			if ($g['booting'])
686			$reload = true;
687
688	67ee1ec5	Ermal Luçi	foreach($iflist as $if => $ifname) {
689	0dc702f3	Ermal Lu?i	$realif = $config['interfaces'][$if]['if'];
690	9b1c39e3	Ermal Luçi	if (strstr($realif, "bridge"))
691			$bridge_list[$if] = $ifname;
692			else if (strstr($realif, "gre"))
693			$delayed_list[$if] = $ifname;
694			else if (strstr($realif, "gif"))
695			$delayed_list[$if] = $ifname;
696			else {
697			if ($g['booting'])
698	d7147b1c	Scott Ullrich	echo "Configuring {$ifname} interface...";
699	9006e9f8	Scott Ullrich	if($g['debug'])
700	d7147b1c	Scott Ullrich	log_error("Configuring {$ifname}");
701	871768cf	Ermal	interface_configure($if, $reload);
702	9b1c39e3	Ermal Luçi	if ($g['booting'])
703	53c82ef9	Scott Ullrich	echo "done.\n";
704	9b1c39e3	Ermal Luçi	}
705			}
706
707	9f428275	Erik Fonnesbeck	/* create the unconfigured wireless clones */
708			interfaces_create_wireless_clones();
709
710	d7147b1c	Scott Ullrich	/* set up GRE virtual interfaces */
711			interfaces_gre_configure();
712	9b1c39e3	Ermal Luçi
713	d7147b1c	Scott Ullrich	/* set up GIF virtual interfaces */
714			interfaces_gif_configure();
715	9b1c39e3	Ermal Luçi
716			foreach ($delayed_list as $if => $ifname) {
717			if ($g['booting'])
718	d7147b1c	Scott Ullrich	echo "Configuring {$ifname} interface...";
719	a5d6f60b	Ermal Lu?i	if ($g['debug'])
720			log_error("Configuring {$ifname}");
721	67ee1ec5	Ermal Luçi
722	871768cf	Ermal	interface_configure($if, $reload);
723	4476d447	Ermal Luçi
724	9b1c39e3	Ermal Luçi	if ($g['booting'])
725			echo "done.\n";
726	67ee1ec5	Ermal Luçi	}
727	cfc707f7	Scott Ullrich
728	d7147b1c	Scott Ullrich	/* set up BRIDGe virtual interfaces */
729			interfaces_bridge_configure();
730	9b1c39e3	Ermal Luçi
731	d7147b1c	Scott Ullrich	foreach ($bridge_list as $if => $ifname) {
732			if ($g['booting'])
733			echo "Configuring {$ifname} interface...";
734			if($g['debug'])
735			log_error("Configuring {$ifname}");
736	9b1c39e3	Ermal Luçi
737	871768cf	Ermal	interface_configure($if, $reload);
738	9b1c39e3	Ermal Luçi
739	d7147b1c	Scott Ullrich	if ($g['booting'])
740			echo "done.\n";
741			}
742	9b1c39e3	Ermal Luçi
743	abcb2bed	Ermal Lu?i	/* bring up vip interfaces */
744			interfaces_vips_configure();
745	9b1c39e3	Ermal Luçi
746	42753d25	Ermal Lu?i	/* configure interface groups */
747			interfaces_group_setup();
748
749	5b237745	Scott Ullrich	if (!$g['booting']) {
750			/* reconfigure static routes (kernel may have deleted them) */
751			system_routing_configure();
752	cfc707f7	Scott Ullrich
753	5b237745	Scott Ullrich	/* reload IPsec tunnels */
754			vpn_ipsec_configure();
755	cfc707f7	Scott Ullrich
756	f620d00d	Ermal Luçi	/* reload dhcpd (interface enabled/disabled status may have changed) */
757	5b237745	Scott Ullrich	services_dhcpd_configure();
758	cfc707f7	Scott Ullrich
759	5b237745	Scott Ullrich	/* restart dnsmasq */
760			services_dnsmasq_configure();
761	4d18de6a	Scott Ullrich
762	c597d50f	Scott Ullrich	/* reload captive portal */
763	769e254e	Ermal	captiveportal_init_rules();
764	c597d50f	Scott Ullrich
765	4d18de6a	Scott Ullrich	/* set the reload filter dity flag */
766	be38535c	Ermal Luçi	filter_configure();
767	5b237745	Scott Ullrich	}
768	cfc707f7	Scott Ullrich
769	5b237745	Scott Ullrich	return 0;
770			}
771
772	eba938e3	Scott Ullrich	function interface_reconfigure($interface = "wan") {
773	80bf3f4a	Ermal Luçi	interface_bring_down($interface);
774	871768cf	Ermal	interface_configure($interface, true);
775	80bf3f4a	Ermal Luçi	}
776
777	abcb2bed	Ermal Lu?i	function interface_vip_bring_down(&$vip) {
778	962fd685	Ermal	global $g;
779
780	abcb2bed	Ermal Lu?i	switch ($vip['mode']) {
781			case "proxyarp":
782	962fd685	Ermal	$vipif = get_real_interface($vip['interface']);
783	ca942829	Ermal	if (file_exists("{$g['varrun_path']}/choparp_{$vipif}.pid"))
784			killbypid("{$g['varrun_path']}/choparp_{$vipif}.pid");
785	abcb2bed	Ermal Lu?i	break;
786			case "ipalias":
787	435f11c8	Ermal Lu?i	$vipif = get_real_interface($vip['interface']);
788			if(does_interface_exist($vipif))
789	871768cf	Ermal	pfSense_interface_deladdress($vipif, $vip['subnet']);
790	abcb2bed	Ermal Lu?i	break;
791			case "carp":
792	12fafaf7	Chris Buechler	$vipif = "vip" . $vip['vhid'];
793	cb58f26c	Ermal Lu?i	if(does_interface_exist($vipif))
794	871768cf	Ermal	pfSense_interface_destroy($vipif);
795	12fafaf7	Chris Buechler	break;
796	abcb2bed	Ermal Lu?i	case "carpdev-dhcp":
797	9e01d6eb	Scott Ullrich	$vipif = "vip" . $vip['vhid'];
798	cb58f26c	Ermal Lu?i	if(does_interface_exist($vipif))
799	871768cf	Ermal	pfSense_interface_destroy($vipif);
800	abcb2bed	Ermal Lu?i	break;
801			}
802			}
803
804	97973ed8	Ermal Luçi	function interface_bring_down($interface = "wan", $destroy = false) {
805	80bf3f4a	Ermal Luçi	global $config, $g;
806
807	99c2a28b	Ermal Luçi	if (!isset($config['interfaces'][$interface]))
808			return;
809
810	80bf3f4a	Ermal Luçi	$ifcfg = $config['interfaces'][$interface];
811
812	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
813	80bf3f4a	Ermal Luçi
814			switch ($ifcfg['ipaddr']) {
815	0810c115	gnhb	case "ppp":
816	80bf3f4a	Ermal Luçi	case "pppoe":
817			case "pptp":
818	39f750b5	gnhb	case "l2tp":
819	a138f4fb	Ermal	if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
820			foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
821			if ($realif == $ppp['if']) {
822	64e6490a	Ermal	killbypid("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid");
823			sleep(2);
824			unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf");
825	5c49cf58	Ermal	if (isset($ppp['ondemand']) && !$destroy) {
826	64e6490a	Ermal	interface_configure("wan");
827	a138f4fb	Ermal	}
828			break;
829			}
830			}
831			}
832	80bf3f4a	Ermal Luçi	break;
833			case "carpdev-dhcp":
834			/*
835			* NB: When carpdev gets enabled it would be better to be handled as all
836	37a53d16	Scott Ullrich	* other interfaces!
837	80bf3f4a	Ermal Luçi	*/
838			case "dhcp":
839	5d478ecc	Ermal Lu?i	$pid = find_dhclient_process($realif);
840	f07bee94	Scott Ullrich	if($pid)
841			mwexec("kill {$pid}");
842			sleep(1);
843			unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf");
844			if(does_interface_exist("$realif")) {
845	aef6d76f	Seth Mos	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true);
846	871768cf	Ermal	pfSense_interface_flags($realif, -IFF_UP);
847	5630c91c	Ermal Lu?i	mwexec("/usr/sbin/arp -d -i {$realif} -a");
848	f07bee94	Scott Ullrich	}
849	80bf3f4a	Ermal Luçi	break;
850			default:
851	f07bee94	Scott Ullrich	if(does_interface_exist("$realif")) {
852	aef6d76f	Seth Mos	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true);
853	871768cf	Ermal	pfSense_interface_flags($realif, -IFF_UP);
854	5630c91c	Ermal Lu?i	mwexec("/usr/sbin/arp -d -i {$realif} -a");
855	f07bee94	Scott Ullrich	}
856	80bf3f4a	Ermal Luçi	break;
857			}
858	eb772abd	Scott Ullrich
859	73ee49f2	gnhb	/* remove interface up file if it exists */
860			unlink_if_exists("{$g['tmp_path']}/{$realif}up");
861			unlink_if_exists("{$g['vardb_path']}/{$interface}ip");
862			unlink_if_exists("{$g['tmp_path']}/{$realif}_router");
863
864	b5582f49	Erik Fonnesbeck	/* hostapd and wpa_supplicant do not need to be running when the interface is down.
865			* They will also use 100% CPU if running after the wireless clone gets deleted. */
866			if (is_array($ifcfg['wireless'])) {
867			mwexec(kill_hostapd($realif));
868			mwexec(kill_wpasupplicant($realif));
869			}
870
871	97973ed8	Ermal Luçi	if ($destroy == true) {
872	bd414316	jim-p	if (preg_match("/^vip\|^tun\|^ovpn\|^gif\|^gre\|^lagg\|^bridge\|vlan/i", $realif))
873	871768cf	Ermal	pfSense_interface_destroy($realif);
874	f07bee94	Scott Ullrich	}
875	9006e9f8	Scott Ullrich
876	80bf3f4a	Ermal Luçi	return;
877	5b237745	Scott Ullrich	}
878
879	e5d558bf	gnhb	function interfaces_ptpid_used($ptpid) {
880			global $config;
881
882			if (is_array($config['ppps']['ppp']))
883			foreach ($config['ppps']['ppp'] as & $settings)
884			if ($ptpid == $settings['ptpid'])
885			return true;
886
887			return false;
888			}
889
890			function interfaces_ptpid_next() {
891
892			$ptpid = 0;
893			while(interfaces_ptpid_used($ptpid))
894			$ptpid++;
895
896			return $ptpid;
897			}
898
899			function getMPDCRONSettings($pppif_) {
900			global $config;
901	1d7e1d6c	gnhb	$cron_cmd_file = "{$g['varetc_path']}/pppoe_restart_";
902	e5d558bf	gnhb	if (is_array($config['cron']['item'])) {
903			for ($i = 0; $i < count($config['cron']['item']); $i++) {
904			$item = $config['cron']['item'][$i];
905	1d7e1d6c	gnhb	if (strpos($item['command'], $cron_cmd_file.$pppif_) !== false) {
906	e5d558bf	gnhb	return array("ID" => $i, "ITEM" => $item);
907			}
908			}
909			}
910			return NULL;
911			}
912
913			function handle_pppoe_reset($post_array) {
914			global $config, $g;
915
916	5c8e8a17	gnhb	$cron_cmd_file = "{$g['varetc_path']}/pppoe_restart_";
917
918	e5d558bf	gnhb	$pppif = $post_array['type'].$post_array['ptpid'];
919			if (!is_array($config['cron']['item']))
920			$config['cron']['item'] = array();
921	1d7e1d6c	gnhb	$itemhash = getMPDCRONSettings($pppif);
922	e5d558bf	gnhb	$item = $itemhash['ITEM'];
923
924			// reset cron items if necessary and return
925			if (empty($post_array['pppoe-reset-type'])) {
926			if (isset($item))
927			unset($config['cron']['item'][$itemhash['ID']]);
928			sigkillbypid("{$g['varrun_path']}/cron.pid", "HUP");
929			return;
930			}
931
932			if (empty($item))
933			$item = array();
934			if (isset($post_array['pppoe-reset-type']) && $post_array['pppoe-reset-type'] == "custom") {
935			$item['minute'] = $post_array['pppoe_resetminute'];
936			$item['hour'] = $post_array['pppoe_resethour'];
937			if (isset($post_array['pppoe_resetdate']) && $post_array['pppoe_resetdate'] <> "") {
938			$date = explode("/", $post_array['pppoe_resetdate']);
939			$item['mday'] = $date[1];
940			$item['month'] = $date[0];
941			} else {
942			$item['mday'] = "*";
943			$item['month'] = "*";
944			}
945			$item['wday'] = "*";
946			$item['who'] = "root";
947	5c8e8a17	gnhb	$item['command'] = $cron_cmd_file.$pppif;
948	e5d558bf	gnhb	} else if (isset($post_array['pppoe-reset-type']) && $post_array['pppoe-reset-type'] == "preset") {
949			switch ($post_array['pppoe_pr_preset_val']) {
950			case "monthly":
951			$item['minute'] = "0";
952			$item['hour'] = "0";
953			$item['mday'] = "1";
954			$item['month'] = "*";
955			$item['wday'] = "*";
956			$item['who'] = "root";
957	5c8e8a17	gnhb	$item['command'] = $cron_cmd_file.$pppif;
958	e5d558bf	gnhb	break;
959			case "weekly":
960			$item['minute'] = "0";
961			$item['hour'] = "0";
962			$item['mday'] = "*";
963			$item['month'] = "*";
964			$item['wday'] = "0";
965			$item['who'] = "root";
966	5c8e8a17	gnhb	$item['command'] = $cron_cmd_file.$pppif;
967	e5d558bf	gnhb	break;
968			case "daily":
969			$item['minute'] = "0";
970			$item['hour'] = "0";
971			$item['mday'] = "*";
972			$item['month'] = "*";
973			$item['wday'] = "*";
974			$item['who'] = "root";
975	5c8e8a17	gnhb	$item['command'] = $cron_cmd_file.$pppif;
976	e5d558bf	gnhb	break;
977			case "hourly":
978			$item['minute'] = "0";
979			$item['hour'] = "*";
980			$item['mday'] = "*";
981			$item['month'] = "*";
982			$item['wday'] = "*";
983			$item['who'] = "root";
984	5c8e8a17	gnhb	$item['command'] = $cron_cmd_file.$pppif;
985	e5d558bf	gnhb	break;
986			} // end switch
987	5c8e8a17	gnhb	} else {
988			/* test whether a cron item exists and unset() it if necessary */
989	1d7e1d6c	gnhb	$itemhash = getMPDCRONSettings($pppif);
990	5c8e8a17	gnhb	$item = $itemhash['ITEM'];
991			if (isset($item))
992			unset($config['cron']['item'][$itemhash['ID']]);
993	e5d558bf	gnhb	}// end if
994			if (isset($itemhash['ID']))
995			$config['cron']['item'][$itemhash['ID']] = $item;
996			else
997			$config['cron']['item'][] = $item;
998			}
999
1000	cb37d8fa	gnhb	/* This function can configure PPPoE, MLPPP (PPPoE), PPtP.
1001	8256f324	gnhb	* It writes the mpd config file to /var/etc every time the link is opened.
1002	cb37d8fa	gnhb	*/
1003
1004			function interface_ppps_configure($interface) {
1005			global $config, $g;
1006
1007	3a906378	gnhb	// mpd5 requires a /var/spool/lock directory for PPP modem links.
1008			if(!is_dir("/var/spool/lock")) {
1009			exec("/bin/mkdir -p /var/spool/lock");
1010			exec("/bin/chmod a+rw /var/spool/lock/.");
1011			}
1012			// mpd5 modem chat script expected in the same directory as the mpd_xxx.conf files
1013			if (!file_exists("{$g['varetc_path']}/mpd.script"))
1014			mwexec("/bin/ln -s /usr/local/sbin/mpd.script {$g['varetc_path']}/.");
1015
1016			$ifcfg = &$config['interfaces'][$interface];
1017	0bca02ca	Ermal	if (!isset($ifcfg['enable']))
1018			return 0;
1019	cb37d8fa	gnhb	if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
1020			foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
1021	f7480829	gnhb	if ($ifcfg['if'] == $ppp['if'])
1022	cb37d8fa	gnhb	break;
1023			}
1024			}
1025	f7480829	gnhb	if (!$ppp \|\| $ifcfg['if'] != $ppp['if']){
1026			log_error("Can't find PPP config for {$ifcfg['if']} in interface_ppps_configure().");
1027	3a906378	gnhb	return 0;
1028	cb37d8fa	gnhb	}
1029	3a906378	gnhb	$pppif = $ifcfg['if'];
1030	cb37d8fa	gnhb	if ($ppp['type'] == "ppp")
1031			$type = "modem";
1032			else
1033			$type = $ppp['type'];
1034	3a906378	gnhb	$upper_type = strtoupper($ppp['type']);
1035	cb37d8fa	gnhb
1036	3a906378	gnhb	if($g['booting']) {
1037	bfbb9bc0	Ermal	$descr = isset($ifcfg['descr']) ? $ifcfg['descr'] : strtoupper($interface);
1038			echo " configuring {$upper_type} on {$descr} interface...\n";
1039	3a906378	gnhb	// Do not re-configure the interface if we are booting and it's already been started
1040			if(file_exists("{$g['varrun_path']}/{$ppp['type']}_{$interface}.pid"))
1041			return 0;
1042			}
1043
1044			$ports = explode(',',$ppp['ports']);
1045	bfbb9bc0	Ermal	if ($type != "modem") {
1046			foreach ($ports as $pid => $port)
1047			$ports[$pid] = get_real_interface($port);
1048			}
1049	3a906378	gnhb	$localips = explode(',',$ppp['localip']);
1050			$gateways = explode(',',$ppp['gateway']);
1051			$subnets = explode(',',$ppp['subnet']);
1052
1053			/* We bring up the parent interface first because if DHCP is configured on the parent we need
1054			to obtain an address first so we can write it in the mpd .conf file for PPtP and L2tP configs
1055			*/
1056			foreach($ports as $pid => $port){
1057	23721285	gnhb	switch ($ppp['type']) {
1058	3a906378	gnhb	case "pppoe":
1059			/* Bring the parent interface up */
1060			interfaces_bring_up($port);
1061			break;
1062			case "pptp":
1063			case "l2tp":
1064			/* configure interface */
1065	69c1b043	gnhb	if(is_ipaddr($localips[$pid])){
1066	3a906378	gnhb	// Manually configure interface IP/subnet
1067	bfbb9bc0	Ermal	pfSense_interface_setaddress($port, "{$localips[$pid]}/{$subnets[$pid]}");
1068			interfaces_bring_up($port);
1069	69c1b043	gnhb	} else if (empty($localips[$pid]))
1070			$localips[$pid] = get_interface_ip($port); // try to get the interface IP from the port
1071
1072			if(!is_ipaddr($localips[$pid])){
1073			log_error("Could not get a Local IP address for PPtP/L2tP link on {$port} in interfaces_ppps_configure.");
1074			return 0;
1075	3a906378	gnhb	}
1076	69c1b043	gnhb	/* XXX: This needs to go away soon! [It's commented out!] */
1077			/* Configure the gateway (remote IP ) */
1078	bfbb9bc0	Ermal	if (!$g['booting'] && !is_ipaddr($gateways[$pid]) && is_hostname($gateways[$pid])) {
1079	69c1b043	gnhb	/* XXX: Fix later
1080	765664a4	gnhb	$gateways[$pid] = gethostbyname($gateways[$pid]);
1081			if(!is_ipaddr($gateways[$pid])) {
1082			log_error("Could not get a valid Gateway IP from {$port} via DNS in interfaces_ppps_configure.");
1083	23721285	gnhb	return 0;
1084	743994a6	gnhb	}
1085	69c1b043	gnhb	*/
1086			}
1087			if(!is_ipaddr($gateways[$pid])){
1088			log_error("Could not get a PPtP/L2tP Remote IP address from {$dhcp_gateway} for {$gway} in interfaces_ppps_configure.");
1089			return 0;
1090	3a906378	gnhb	}
1091			break;
1092			case "ppp":
1093			if (!file_exists("{$port}")) {
1094			log_error("Device {$port} does not exist. PPP link cannot start without the modem device.");
1095	23721285	gnhb	return 0;
1096	3a906378	gnhb	}
1097			break;
1098			default:
1099	bfbb9bc0	Ermal	log_error("Unkown {$type} configured as ppp interface.");
1100	3a906378	gnhb	break;
1101			}
1102			}
1103	cb37d8fa	gnhb
1104			/* generate mpd.conf */
1105			$fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w");
1106			if (!$fd) {
1107			log_error("Error: cannot open mpd_{$interface}.conf in interface_ppps_configure().\n");
1108	23721285	gnhb	return 0;
1109	cb37d8fa	gnhb	}
1110	00b702cc	gnhb
1111	cb37d8fa	gnhb	if (is_array($ports) && count($ports) > 1)
1112			$multilink = "enable";
1113			else
1114			$multilink = "disable";
1115
1116			if ($type == "modem"){
1117			if (is_ipaddr($ppp['localip']))
1118			$localip = $ppp['localip'];
1119			else
1120			$localip = '0.0.0.0';
1121
1122			if (is_ipaddr($ppp['gateway']))
1123			$gateway = $ppp['gateway'];
1124			else
1125	23721285	gnhb	$gateway = "10.64.64.{$pppid}";
1126	cb37d8fa	gnhb	$ranges = "{$localip}/0 {$gateway}/0";
1127	3a906378	gnhb
1128			if (empty($ppp['apnum']))
1129			$ppp['apnum'] = 1;
1130	23721285	gnhb	} else
1131	cb37d8fa	gnhb	$ranges = "0.0.0.0/0 0.0.0.0/0";
1132	0661b194	gnhb
1133	cb37d8fa	gnhb	if (isset($ppp['ondemand']))
1134			$ondemand = "enable";
1135			else
1136			$ondemand = "disable";
1137			if (!isset($ppp['idletimeout']))
1138			$ppp['idletimeout'] = 0;
1139	64d124c5	gnhb
1140	cb37d8fa	gnhb	if (empty($ppp['username']) && $type == "modem"){
1141			$ppp['username'] = "user";
1142			$ppp['password'] = "none";
1143			}
1144			if (empty($ppp['password']) && $type == "modem")
1145	00b702cc	gnhb	$passwd = "none";
1146			else
1147			$passwd = base64_decode($ppp['password']);
1148	0661b194	gnhb
1149			$bandwidths = explode(',',$ppp['bandwidth']);
1150			$mtus = explode(',',$ppp['mtu']);
1151			$mrus = explode(',',$ppp['mru']);
1152
1153	c1cc447c	gnhb	if (isset($ppp['mrru']))
1154	0661b194	gnhb	$mrrus = explode(',',$ppp['mrru']);
1155	c1cc447c	gnhb
1156	cb37d8fa	gnhb	// Construct the mpd.conf file
1157			$mpdconf = <<<EOD
1158			startup:
1159			# configure the console
1160			set console close
1161			# configure the web server
1162			set web close
1163
1164			default:
1165			{$ppp['type']}client:
1166			create bundle static {$interface}
1167			set iface name {$pppif}
1168
1169			EOD;
1170	0661b194	gnhb	$setdefaultgw = false;
1171			$founddefaultgw = false;
1172			if (is_array($config['gateways']['gateway_item'])) {
1173			foreach($config['gateways']['gateway_item'] as $gateway) {
1174			if($interface == $gateway['interface'] && isset($gateway['defaultgw'])) {
1175			$setdefaultgw = true;
1176			break;
1177			} else if (isset($gateway['defaultgw']) && !empty($gateway['interface'])) {
1178			$founddefaultgw = true;
1179			break;
1180			}
1181			}
1182			}
1183	82effddb	gnhb
1184			if (($interface == "wan" && $founddefaultgw == false) \|\| $setdefaultgw == true){
1185			$setdefaultgw = true;
1186	cb37d8fa	gnhb	$mpdconf .= <<<EOD
1187			set iface route default
1188
1189			EOD;
1190	82effddb	gnhb	}
1191	cb37d8fa	gnhb	$mpdconf .= <<<EOD
1192			set iface {$ondemand} on-demand
1193			set iface idle {$ppp['idletimeout']}
1194
1195			EOD;
1196
1197	0661b194	gnhb	if (isset($ppp['ondemand']))
1198	cb37d8fa	gnhb	$mpdconf .= <<<EOD
1199	55f3ca1d	gnhb	set iface addrs 10.10.1.1 10.10.1.2
1200	cb37d8fa	gnhb
1201			EOD;
1202	0661b194	gnhb
1203			if (isset($ppp['tcpmssfix']))
1204	8adc1e49	gnhb	$tcpmss = "disable";
1205			else
1206			$tcpmss = "enable";
1207	64d124c5	gnhb	$mpdconf .= <<<EOD
1208	8adc1e49	gnhb	set iface {$tcpmss} tcpmssfix
1209	64d124c5	gnhb
1210			EOD;
1211	0661b194	gnhb
1212	cb37d8fa	gnhb	$mpdconf .= <<<EOD
1213			set iface up-script /usr/local/sbin/ppp-linkup
1214			set iface down-script /usr/local/sbin/ppp-linkdown
1215			set ipcp ranges {$ranges}
1216
1217			EOD;
1218	0661b194	gnhb	if (isset($ppp['vjcomp']))
1219	cb37d8fa	gnhb	$mpdconf .= <<<EOD
1220	64d124c5	gnhb	set ipcp no vjcomp
1221	cb37d8fa	gnhb
1222			EOD;
1223
1224	bfbb9bc0	Ermal	if (isset($config['system']['dnsallowoverride']))
1225	64d124c5	gnhb	$mpdconf .= <<<EOD
1226			set ipcp enable req-pri-dns
1227			set ipcp enable req-sec-dns
1228
1229			EOD;
1230	23721285	gnhb	if (!isset($ppp['verbose_log']))
1231			$mpdconf .= <<<EOD
1232	5d9d443a	gnhb	#log -bund -ccp -chat -iface -ipcp -lcp -link
1233	0661b194	gnhb
1234	23721285	gnhb	EOD;
1235	64d124c5	gnhb	foreach($ports as $pid => $port){
1236	bfbb9bc0	Ermal	$port = get_real_interface($port);
1237	00b702cc	gnhb	$mpdconf .= <<<EOD
1238	cb37d8fa	gnhb
1239	0661b194	gnhb	create link static {$interface}_link{$pid} {$type}
1240	cb37d8fa	gnhb	set link action bundle {$interface}
1241			set link {$multilink} multilink
1242			set link keep-alive 10 60
1243			set link max-redial 0
1244	64d124c5	gnhb
1245			EOD;
1246	0661b194	gnhb	if (isset($ppp['shortseq']))
1247	00b702cc	gnhb	$mpdconf .= <<<EOD
1248	64d124c5	gnhb	set link no shortseq
1249
1250			EOD;
1251	0661b194	gnhb
1252			if (isset($ppp['acfcomp']))
1253	00b702cc	gnhb	$mpdconf .= <<<EOD
1254	64d124c5	gnhb	set link no acfcomp
1255
1256			EOD;
1257	0661b194	gnhb
1258			if (isset($ppp['protocomp']))
1259	00b702cc	gnhb	$mpdconf .= <<<EOD
1260	64d124c5	gnhb	set link no protocomp
1261
1262			EOD;
1263	0661b194	gnhb
1264	00b702cc	gnhb	$mpdconf .= <<<EOD
1265	cb37d8fa	gnhb	set link disable chap pap
1266			set link accept chap pap eap
1267	64d124c5	gnhb	set link disable incoming
1268	cb37d8fa	gnhb
1269			EOD;
1270	00b702cc	gnhb
1271
1272	0661b194	gnhb	if (!empty($bandwidths[$pid]))
1273	00b702cc	gnhb	$mpdconf .= <<<EOD
1274			set link bandwidth {$bandwidths[$pid]}
1275	cb37d8fa	gnhb
1276			EOD;
1277	0661b194	gnhb
1278	8adc1e49	gnhb	if (empty($mtus[$pid]))
1279			$mtus[$pid] = "1492";
1280	00b702cc	gnhb	$mpdconf .= <<<EOD
1281			set link mtu {$mtus[$pid]}
1282	cb37d8fa	gnhb
1283			EOD;
1284	0661b194	gnhb
1285			if (!empty($mrus[$pid]))
1286	00b702cc	gnhb	$mpdconf .= <<<EOD
1287			set link mru {$mrus[$pid]}
1288
1289			EOD;
1290	0661b194	gnhb
1291	00b702cc	gnhb	$mpdconf .= <<<EOD
1292	cb37d8fa	gnhb	set auth authname "{$ppp['username']}"
1293			set auth password {$passwd}
1294
1295			EOD;
1296	00b702cc	gnhb	if ($type == "modem") {
1297			$mpdconf .= <<<EOD
1298	cb37d8fa	gnhb	set modem device {$ppp['ports']}
1299			set modem script DialPeer
1300			set modem idle-script Ringback
1301			set modem watch -cd
1302			set modem var \$DialPrefix "DT"
1303			set modem var \$Telephone "{$ppp['phone']}"
1304
1305			EOD;
1306	00b702cc	gnhb	}
1307			if (isset($ppp['connect-timeout']) && $type == "modem") {
1308			$mpdconf .= <<<EOD
1309	cb37d8fa	gnhb	set modem var \$ConnectTimeout "{$ppp['connect-timeout']}"
1310
1311			EOD;
1312	00b702cc	gnhb	}
1313			if (isset($ppp['initstr']) && $type == "modem") {
1314			$initstr = base64_decode($ppp['initstr']);
1315			$mpdconf .= <<<EOD
1316	cb37d8fa	gnhb	set modem var \$InitString "{$initstr}"
1317
1318			EOD;
1319	00b702cc	gnhb	}
1320			if (isset($ppp['simpin']) && $type == "modem") {
1321			$mpdconf .= <<<EOD
1322	cb37d8fa	gnhb	set modem var \$SimPin "{$ppp['simpin']}"
1323			set modem var \$PinWait "{$ppp['pin-wait']}"
1324
1325			EOD;
1326	00b702cc	gnhb	}
1327			if (isset($ppp['apn']) && $type == "modem") {
1328			$mpdconf .= <<<EOD
1329	cb37d8fa	gnhb	set modem var \$APN "{$ppp['apn']}"
1330			set modem var \$APNum "{$ppp['apnum']}"
1331
1332			EOD;
1333	00b702cc	gnhb	}
1334			if (isset($ppp['provider']) && $type == "pppoe") {
1335			$mpdconf .= <<<EOD
1336	64d124c5	gnhb	set pppoe service "{$ppp['provider']}"
1337	cb37d8fa	gnhb
1338			EOD;
1339	00b702cc	gnhb	}
1340	0661b194	gnhb	if ($type == "pppoe")
1341	00b702cc	gnhb	$mpdconf .= <<<EOD
1342	64d124c5	gnhb	set pppoe iface {$port}
1343	cb37d8fa	gnhb
1344			EOD;
1345	0661b194	gnhb
1346	39f750b5	gnhb	if ($type == "pptp" \|\| $type == "l2tp") {
1347	00b702cc	gnhb	$mpdconf .= <<<EOD
1348	0661b194	gnhb	set pptp self {$localips[$pid]}
1349			set pptp peer {$gateways[$pid]}
1350	cb37d8fa	gnhb	set pptp disable windowing
1351
1352			EOD;
1353	00b702cc	gnhb	}
1354	23721285	gnhb
1355	00b702cc	gnhb	$mpdconf .= "\topen\r\n";
1356	cb37d8fa	gnhb	} //end foreach($port)
1357
1358	c1cc447c	gnhb	// Write out mpd_ppp.conf
1359	cb37d8fa	gnhb	fwrite($fd, $mpdconf);
1360			fclose($fd);
1361
1362			// Create the uptime log if requested and if it doesn't exist already, or delete it if it is no longer requested.
1363			if (isset($ppp['uptime'])) {
1364			if (!file_exists("/conf/{$pppif}.log")) {
1365			conf_mount_rw();
1366			mwexec("echo /dev/null > /conf/{$pppif}.log");
1367			conf_mount_ro();
1368			}
1369			} else {
1370			if (file_exists("/conf/{$pppif}.log")) {
1371			conf_mount_rw();
1372			mwexec("rm -f /conf/{$pppif}.log");
1373			conf_mount_ro();
1374			}
1375			}
1376	3a906378	gnhb
1377			/* fire up mpd */
1378			mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/{$ppp['type']}_{$interface}.pid -s ppp {$ppp['type']}client");
1379
1380	55f3ca1d	gnhb	// Check for PPPoE periodic reset request
1381	bfbb9bc0	Ermal	if ($type == "pppoe") {
1382	766bd6d0	gnhb	if (isset($ppp['pppoe-reset-type']))
1383	5c8e8a17	gnhb	setup_pppoe_reset_file($ppp['if'], $interface);
1384	766bd6d0	gnhb	else
1385	5c8e8a17	gnhb	setup_pppoe_reset_file($ppp['if']);
1386	cb37d8fa	gnhb	}
1387
1388	23721285	gnhb	return 1;
1389	cb37d8fa	gnhb	}
1390
1391	abcb2bed	Ermal Lu?i	function interfaces_carp_setup() {
1392	87a2efd1	Ermal Luçi	global $g, $config;
1393	abcb2bed	Ermal Lu?i
1394	2b9747b9	Scott Ullrich	$balanacing = "";
1395			$pfsyncinterface = "";
1396			$pfsyncenabled = "";
1397	b932ef16	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1398			$mt = microtime();
1399	abcb2bed	Ermal Lu?i	echo "interfaces_carp_setup() being called $mt\n";
1400	b932ef16	Scott Ullrich	}
1401	abcb2bed	Ermal Lu?i
1402	e5d43d93	Scott Ullrich	// Prepare CmdCHAIN that will be used to execute commands.
1403			$cmdchain = new CmdCHAIN();
1404	abcb2bed	Ermal Lu?i
1405	b932ef16	Scott Ullrich	if ($g['booting']) {
1406	abcb2bed	Ermal Lu?i	echo "Configuring CARP settings...";
1407	7d0f4544	Scott Ullrich	mute_kernel_msgs();
1408	a5250ebc	Scott Ullrich	}
1409	abcb2bed	Ermal Lu?i
1410	b932ef16	Scott Ullrich	/* suck in configuration items */
1411	abcb2bed	Ermal Lu?i	if($config['installedpackages']['carpsettings']) {
1412	16ccd95c	Scott Ullrich	if($config['installedpackages']['carpsettings']['config']) {
1413	abcb2bed	Ermal Lu?i	foreach($config['installedpackages']['carpsettings']['config'] as $carp) {
1414			$pfsyncenabled = $carp['pfsyncenabled'];
1415			$balanacing = $carp['balancing'];
1416			$pfsyncinterface = $carp['pfsyncinterface'];
1417			$pfsyncpeerip = $carp['pfsyncpeerip'];
1418			}
1419	9f6b1429	Scott Ullrich	}
1420	b932ef16	Scott Ullrich	} else {
1421			unset($pfsyncinterface);
1422			unset($balanacing);
1423			unset($pfsyncenabled);
1424	6008210b	Scott Ullrich	}
1425	abcb2bed	Ermal Lu?i
1426	79d28f42	Scott Ullrich	$cmdchain->add("Allow CARP", "/sbin/sysctl net.inet.carp.allow=1", true);
1427	b932ef16	Scott Ullrich	if($balanacing) {
1428	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP ARP-balancing", "/sbin/sysctl net.inet.carp.arpbalance=1", true);
1429			$cmdchain->add("Disallow CARP preemption", "/sbin/sysctl net.inet.carp.preempt=0", true);
1430	abcb2bed	Ermal Lu?i	} else
1431	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP preemption", "/sbin/sysctl net.inet.carp.preempt=1", true);
1432	abcb2bed	Ermal Lu?i
1433	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP logging", "/sbin/sysctl net.inet.carp.log=2", true);
1434	abcb2bed	Ermal Lu?i	if (!empty($pfsyncinterface))
1435			$carp_sync_int = get_real_interface($pfsyncinterface);
1436
1437	b932ef16	Scott Ullrich	if($g['booting']) {
1438			/* install rules to alllow pfsync to sync up during boot
1439			* carp interfaces will remain down until the bootup sequence finishes
1440			*/
1441	a6726cf2	Ermal Lu?i	$fd = fopen("{$g['tmp_path']}/rules.boot", "w");
1442			if ($fd) {
1443	df9d4110	Ermal Lu?i	fwrite($fd, "pass quick proto carp all keep state\n");
1444			fwrite($fd, "pass quick proto pfsync all\n");
1445			fwrite($fd, "pass out quick from any to any keep state\n");
1446	a6726cf2	Ermal Lu?i	fclose($fd);
1447			mwexec("/sbin/pfctl -f {$g['tmp_path']}/rules.boot");
1448			} else
1449			log_error("Could not create rules.boot file!");
1450	eb772abd	Scott Ullrich	}
1451	abcb2bed	Ermal Lu?i
1452	b932ef16	Scott Ullrich	/* setup pfsync interface */
1453	b42ad736	Scott Ullrich	if($carp_sync_int and $pfsyncenabled) {
1454	abcb2bed	Ermal Lu?i	if (is_ipaddr($pfsyncpeerip))
1455	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0 syncpeer", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false);
1456	abcb2bed	Ermal Lu?i	else
1457	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0 syncdev", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false);
1458	abcb2bed	Ermal Lu?i	} else
1459	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0", "/sbin/ifconfig pfsync0 syncdev lo0 up", false);
1460	abcb2bed	Ermal Lu?i
1461			if($config['virtualip']['vip'])
1462	79d28f42	Scott Ullrich	$cmdchain->add("Allow CARP.", "/sbin/sysctl net.inet.carp.allow=1", true);
1463	abcb2bed	Ermal Lu?i	else
1464	79d28f42	Scott Ullrich	$cmdchain->add("Disallow CARP.", "/sbin/sysctl net.inet.carp.allow=0", true);
1465	e5d43d93	Scott Ullrich
1466	87a2efd1	Ermal Luçi	if($g['debug'])
1467	e5d43d93	Scott Ullrich	$cmdchain->setdebug(); // optional for verbose logging
1468	abcb2bed	Ermal Lu?i
1469	e5d43d93	Scott Ullrich	$cmdchain->execute();
1470			$cmdchain->clear();
1471
1472	abcb2bed	Ermal Lu?i	if ($g['booting']) {
1473			unmute_kernel_msgs();
1474			echo "done.\n";
1475			}
1476	67ee1ec5	Ermal Luçi	}
1477
1478	962fd685	Ermal	function interface_proxyarp_configure($interface = "") {
1479	9006e9f8	Scott Ullrich	global $config, $g;
1480			if(isset($config['system']['developerspew'])) {
1481			$mt = microtime();
1482			echo "interface_proxyarp_configure() being called $mt\n";
1483			}
1484	67ee1ec5	Ermal Luçi
1485	9006e9f8	Scott Ullrich	/* kill any running choparp */
1486	962fd685	Ermal	if (empty($interface))
1487			killbyname("choparp");
1488	1b58b513	Scott Ullrich
1489	9006e9f8	Scott Ullrich	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
1490			$paa = array();
1491	e5d43d93	Scott Ullrich
1492	9006e9f8	Scott Ullrich	/* group by interface */
1493			foreach ($config['virtualip']['vip'] as $vipent) {
1494			if ($vipent['mode'] === "proxyarp") {
1495			if ($vipent['interface'])
1496			$proxyif = $vipent['interface'];
1497			else
1498			$proxyif = "wan";
1499	abcb2bed	Ermal Lu?i
1500	9006e9f8	Scott Ullrich	if (!is_array($paa[$if]))
1501			$paa[$proxyif] = array();
1502	7b2d4769	Bill Marquette
1503	9006e9f8	Scott Ullrich	$paa[$proxyif][] = $vipent;
1504			}
1505	962fd685	Ermal	}
1506	9006e9f8	Scott Ullrich	}
1507	e5d43d93	Scott Ullrich
1508	962fd685	Ermal	if (!empty($interface)) {
1509			if (is_array($paa[$interface])) {
1510			$paaifip = get_interface_ip($interface);
1511			if (!is_ipaddr($paaifip))
1512			return;
1513			$args = get_real_interface($interface) . " auto";
1514			foreach ($paa[$interface] as $paent) {
1515			if (isset($paent['subnet']))
1516			$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
1517			else if (isset($paent['range']))
1518			$args .= " " . escapeshellarg($paent['range']['from'] . "-" . $paent['range']['to']);
1519			}
1520			mwexec_bg("/usr/local/sbin/choparp " . $args);
1521			}
1522			} else if (count($paa)) {
1523	9006e9f8	Scott Ullrich	foreach ($paa as $paif => $paents) {
1524			$paaifip = get_interface_ip($paif);
1525			if (!(is_ipaddr($paaifip)))
1526			continue;
1527			$args = get_real_interface($paif) . " auto";
1528			foreach ($paents as $paent) {
1529			if (isset($paent['subnet']))
1530			$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
1531			else if (isset($paent['range']))
1532	962fd685	Ermal	$args .= " " . escapeshellarg($paent['range']['from'] . "-" . $paent['range']['to']);
1533	9006e9f8	Scott Ullrich	}
1534			mwexec_bg("/usr/local/sbin/choparp " . $args);
1535			}
1536			}
1537	9f6b1429	Scott Ullrich	}
1538
1539	e5ac67ed	Ermal Lu?i	function interfaces_vips_configure($interface = "") {
1540	87a2efd1	Ermal Luçi	global $g, $config;
1541	a04de17f	Chris Buechler	if(isset($config['system']['developerspew'])) {
1542			$mt = microtime();
1543	123f030c	Chris Buechler	echo "interfaces_vips_configure() being called $mt\n";
1544	a04de17f	Chris Buechler	}
1545	abcb2bed	Ermal Lu?i	$paa = array();
1546			if(is_array($config['virtualip']['vip'])) {
1547			$carp_setuped = false;
1548	e5ac67ed	Ermal Lu?i	$anyproxyarp = false;
1549	abcb2bed	Ermal Lu?i	foreach ($config['virtualip']['vip'] as $vip) {
1550			switch ($vip['mode']) {
1551			case "proxyarp":
1552	123f030c	Chris Buechler	/* nothing it is handled on interface_proxyarp_configure() */
1553	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1554			continue;
1555			$anyproxyarp = true;
1556	abcb2bed	Ermal Lu?i	break;
1557			case "ipalias":
1558	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1559			continue;
1560	abcb2bed	Ermal Lu?i	interface_ipalias_configure(&$vip);
1561			break;
1562			case "carp":
1563	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1564			continue;
1565	abcb2bed	Ermal Lu?i	if ($carp_setuped == false) {
1566			interfaces_carp_setup();
1567			$carp_setuped = true;
1568			}
1569			interface_carp_configure($vip);
1570			break;
1571			case "carpdev-dhcp":
1572	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1573			continue;
1574	abcb2bed	Ermal Lu?i	interface_carpdev_configure($vip);
1575			break;
1576	6a74c90e	Scott Ullrich	}
1577	a04de17f	Chris Buechler	}
1578	abcb2bed	Ermal Lu?i
1579	e5ac67ed	Ermal Lu?i	if ($anyproxyarp == true)
1580			interface_proxyarp_configure();
1581	abcb2bed	Ermal Lu?i	}
1582			}
1583
1584			function interface_ipalias_configure(&$vip) {
1585
1586			if ($vip['mode'] == "ipalias") {
1587			$if = get_real_interface($vip['interface']);
1588			mwexec("/sbin/ifconfig " . escapeshellarg($if) . " " . $vip['subnet'] . "/" . escapeshellarg($vip['subnet_bits']) . " alias");
1589	a04de17f	Chris Buechler	}
1590			}
1591
1592	abcb2bed	Ermal Lu?i	function interface_reload_carps($cif) {
1593			global $config;
1594
1595			$carpifs = link_ip_to_carp_interface(find_interface_ip($cif));
1596	9006e9f8	Scott Ullrich	if (empty($carpifs))
1597	abcb2bed	Ermal Lu?i	return;
1598
1599			$carps = explode(" ", $carpifs);
1600			if(is_array($config['virtualip']['vip'])) {
1601	9006e9f8	Scott Ullrich	$viparr = &$config['virtualip']['vip'];
1602			foreach ($viparr as $vip) {
1603	abcb2bed	Ermal Lu?i	if (in_array($vip['carpif'], $carps)) {
1604	9006e9f8	Scott Ullrich	switch ($vip['mode']) {
1605			case "carp":
1606	abcb2bed	Ermal Lu?i	interface_vip_bring_down($vip);
1607			sleep(1);
1608	9006e9f8	Scott Ullrich	interface_carp_configure($vip);
1609			break;
1610			case "carpdev-dhcp":
1611	abcb2bed	Ermal Lu?i	interface_vip_bring_down($vip);
1612			sleep(1);
1613	9006e9f8	Scott Ullrich	interface_carpdev_configure($vip);
1614			break;
1615	abcb2bed	Ermal Lu?i	}
1616	9006e9f8	Scott Ullrich	}
1617			}
1618			}
1619	abcb2bed	Ermal Lu?i	}
1620
1621			function interface_carp_configure(&$vip) {
1622			global $config, $g;
1623			if(isset($config['system']['developerspew'])) {
1624	58ebf6bb	Scott Ullrich	$mt = microtime();
1625	0a595d84	Ermal Lu?i	echo "interface_carp_configure() being called $mt\n";
1626	58ebf6bb	Scott Ullrich	}
1627	abcb2bed	Ermal Lu?i
1628			if ($vip['mode'] != "carp")
1629			return;
1630
1631			$vip_password = $vip['password'];
1632	942fdd55	jim-p	$vip_password = escapeshellarg(addslashes(str_replace(" ", "", $vip_password)));
1633	abcb2bed	Ermal Lu?i	if ($vip['password'] != "")
1634	942fdd55	jim-p	$password = " pass {$vip_password}";
1635	58ebf6bb	Scott Ullrich
1636	12fafaf7	Chris Buechler	// set the vip interface to the vhid
1637			$vipif = "vip{$vip['vhid']}";
1638	58ebf6bb	Scott Ullrich
1639	abcb2bed	Ermal Lu?i	$interface = interface_translate_type_to_real($vip['interface']);
1640			/*
1641			* ensure the interface containing the VIP really exists
1642	58ebf6bb	Scott Ullrich	* prevents a panic if the interface is missing or invalid
1643			*/
1644			$realif = get_real_interface($vip['interface']);
1645			if (!does_interface_exist($realif)) {
1646			file_notice("CARP", "Interface specified for the virtual IP address {$vip['subnet']} does not exist. Skipping this VIP.", "Firewall: Virtual IP", "");
1647			return;
1648			}
1649	abcb2bed	Ermal Lu?i
1650	7de83e03	Ermal	/* Ensure CARP IP really exists prior to loading up. */
1651			$ww_subnet_ip = find_interface_ip($realif);
1652			$ww_subnet_bits = find_interface_subnet($realif);
1653			if (!ip_in_subnet($vip['subnet'], gen_subnet($ww_subnet_ip, $ww_subnet_bits) . "/" . $ww_subnet_bits)) {
1654	abcb2bed	Ermal Lu?i	file_notice("CARP", "Sorry but we could not find a matching real interface subnet for the virtual IP address {$vip['subnet']}.", "Firewall: Virtual IP", "");
1655			return;
1656			}
1657
1658			/* create the carp interface and setup */
1659	37a53d16	Scott Ullrich	if (does_interface_exist($vipif)) {
1660	871768cf	Ermal	pfSense_interface_flags($vipif, -IFF_UP);
1661	37a53d16	Scott Ullrich	} else {
1662	871768cf	Ermal	$carpif = pfSense_interface_create("carp");
1663			pfSense_interface_rename($carpif, $vipif);
1664			pfSense_ngctl_name("{$carpif}:", $vipif);
1665	abcb2bed	Ermal Lu?i	}
1666
1667			/* invalidate interface cache */
1668			get_interface_arr(true);
1669
1670			$broadcast_address = gen_subnet_max($vip['subnet'], $vip['subnet_bits']);
1671	290d312d	Ermal Lu?i	mwexec("/sbin/ifconfig {$vipif} {$vip['subnet']}/{$vip['subnet_bits']} vhid {$vip['vhid']} advskew {$vip['advskew']} {$password}");
1672	abcb2bed	Ermal Lu?i
1673			interfaces_bring_up($vipif);
1674
1675			return $vipif;
1676			}
1677
1678			function interface_carpdev_configure(&$vip) {
1679			global $g;
1680
1681			if ($vip['mode'] != "carpdev-dhcp")
1682	9006e9f8	Scott Ullrich	return;
1683	abcb2bed	Ermal Lu?i
1684	9006e9f8	Scott Ullrich	$vip_password = $vip['password'];
1685			$vip_password = str_replace(" ", "", $vip_password);
1686			if($vip['password'] != "")
1687			$password = " pass \"" . $vip_password . "\"";
1688	abcb2bed	Ermal Lu?i
1689			log_error("Found carpdev interface {$vip['interface']} on top of interface {$interface}");
1690			if (empty($vip['interface']))
1691			return;
1692
1693			$vipif = "vip" . $vip['vhid'];
1694			$realif = interface_translate_type_to_real($vip['interface']);
1695	ec054b7c	Scott Ullrich	interfaces_bring_up($realif);
1696	9006e9f8	Scott Ullrich	/*
1697			* ensure the interface containing the VIP really exists
1698			* prevents a panic if the interface is missing or invalid
1699			*/
1700			if (!does_interface_exist($realif)) {
1701			file_notice("CARP", "Interface specified for the virtual IP address {$vip['subnet']} does not exist. Skipping this VIP.", "Firewall: Virtual IP", "");
1702			return;
1703			}
1704	abcb2bed	Ermal Lu?i
1705	f07bee94	Scott Ullrich	if (does_interface_exist($vipif)) {
1706	37a53d16	Scott Ullrich	interface_bring_down($vipif);
1707	f07bee94	Scott Ullrich	} else {
1708	abcb2bed	Ermal Lu?i	$carpdevif = exec("/sbin/ifconfig carp create");
1709			mwexec("/sbin/ifconfig {$carpdevif} name {$vipif}");
1710	871768cf	Ermal	pfSense_ngctl_name("{$carpdevif}:", $vipif);
1711	abcb2bed	Ermal Lu?i	}
1712
1713			mwexec("/sbin/ifconfig {$vipif} carpdev {$realif} vhid {$vip['vhid']} advskew {$vip['advskew']} {$password}");
1714	ec054b7c	Scott Ullrich	interfaces_bring_up($vipif);
1715	abcb2bed	Ermal Lu?i
1716			/*
1717			* XXX: BIG HACK but carpdev needs ip services active
1718			* before even starting something as dhclient.
1719			* I do not know if this is a feature or a bug
1720			* but better than track it make it work ;) .
1721			*/
1722			//$fakeiptouse = "10.254.254." . ($carp_instances_counter+1);
1723			//$cmdchain->add("CarpDEV hack", "/sbin/ifconfig {$carpint} inet {$fakeiptouse}", false);
1724
1725			/* generate dhclient_wan.conf */
1726			$fd = fopen("{$g['varetc_path']}/dhclient_{$vipif}.conf", "w");
1727			if ($fd) {
1728			$dhclientconf = "";
1729
1730			$dhclientconf .= <<<EOD
1731			interface "{$vipif}" {
1732			timeout 60;
1733			retry 1;
1734			select-timeout 0;
1735			initial-interval 1;
1736			script "/sbin/dhclient-script";
1737			}
1738
1739			EOD;
1740
1741			fwrite($fd, $dhclientconf);
1742			fclose($fd);
1743
1744			/* fire up dhclient */
1745	6955830f	Ermal Lu?i	mwexec("/sbin/dhclient -c {$g['varetc_path']}/dhclient_{$vipif}.conf {$vipif} > {$g['tmp_path']}/{$vipif}_output > {$g['tmp_path']}/{$vipif}_error_output", false);
1746	abcb2bed	Ermal Lu?i	} else {
1747			log_error("Error: cannot open dhclient_{$vipif}.conf in interfaces_carpdev_configure() for writing.\n");
1748			mwexec("/sbin/dhclient -b {$vipif}");
1749			}
1750
1751			return $vipif;
1752			}
1753
1754	854aed18	Ermal Lu?i	function interface_wireless_clone($realif, $wlcfg) {
1755	568b1358	Scott Ullrich	global $config, $g;
1756	88157f66	Scott Ullrich	/* Check to see if interface has been cloned as of yet.
1757			* If it has not been cloned then go ahead and clone it.
1758			*/
1759	2a203afd	Seth Mos	$needs_clone = false;
1760	9f428275	Erik Fonnesbeck	if(is_array($wlcfg['wireless']))
1761			$wlcfg_mode = $wlcfg['wireless']['mode'];
1762			else
1763			$wlcfg_mode = $wlcfg['mode'];
1764			switch($wlcfg_mode) {
1765	2a203afd	Seth Mos	case "hostap":
1766			$mode = "wlanmode hostap";
1767			break;
1768			case "adhoc":
1769			$mode = "wlanmode adhoc";
1770			break;
1771			default:
1772			$mode = "";
1773			break;
1774			}
1775	34808d4e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($wlcfg['if']);
1776	854aed18	Ermal Lu?i	if(does_interface_exist($realif)) {
1777			exec("/sbin/ifconfig {$realif}", $output, $ret);
1778	2a203afd	Seth Mos	$ifconfig_str = implode($output);
1779	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "hostap") && (! preg_match("/hostap/si", $ifconfig_str))) {
1780	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to hostap mode");
1781	2a203afd	Seth Mos	$needs_clone = true;
1782			}
1783	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "adhoc") && (! preg_match("/adhoc/si", $ifconfig_str))) {
1784	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to adhoc mode");
1785	2a203afd	Seth Mos	$needs_clone = true;
1786			}
1787	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "bss") && (preg_match("/hostap\|adhoc/si", $ifconfig_str))) {
1788	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to infrastructure mode");
1789	2a203afd	Seth Mos	$needs_clone = true;
1790			}
1791			} else {
1792			$needs_clone = true;
1793	88157f66	Scott Ullrich	}
1794	2a203afd	Seth Mos
1795	19e83210	Scott Ullrich	if($needs_clone == true) {
1796	2a203afd	Seth Mos	/* remove previous instance if it exists */
1797	854aed18	Ermal Lu?i	if(does_interface_exist($realif))
1798	871768cf	Ermal	pfSense_interface_destroy($realif);
1799	854aed18	Ermal Lu?i
1800			log_error("Cloning new wireless interface {$realif}");
1801	b99256c1	Scott Ullrich	// Create the new wlan interface. FreeBSD returns the new interface name.
1802			// example: wlan2
1803	6d54e865	Erik Fonnesbeck	exec("/sbin/ifconfig wlan create wlandev {$baseif} {$mode} bssid 2>&1", $out, $ret);
1804	2a203afd	Seth Mos	if($ret <> 0) {
1805	fa71a9b6	Erik Fonnesbeck	log_error("Failed to clone interface {$baseif} with error code {$ret}, output {$out[0]}");
1806	9f428275	Erik Fonnesbeck	return false;
1807	2a203afd	Seth Mos	}
1808			$newif = trim($out[0]);
1809			// Rename the interface to {$parentnic}_wlan{$number}#: EX: ath0_wlan0
1810	871768cf	Ermal	pfSense_interface_rename($newif, $realif);
1811	2a203afd	Seth Mos	// FIXME: not sure what ngctl is for. Doesn't work.
1812	fa71a9b6	Erik Fonnesbeck	// mwexec("/usr/sbin/ngctl name {$newif}: {$realif}", false);
1813	88157f66	Scott Ullrich	}
1814	9f428275	Erik Fonnesbeck	return true;
1815	88157f66	Scott Ullrich	}
1816
1817	8f0289e7	Erik Fonnesbeck	function interface_sync_wireless_clones(&$ifcfg, $sync_changes = false) {
1818			global $config, $g;
1819
1820	20f09b3b	Erik Fonnesbeck	$shared_settings = array('standard', 'turbo', 'protmode', 'txpower', 'channel', 'distance', 'regdomain', 'regcountry', 'reglocation');
1821	8f0289e7	Erik Fonnesbeck
1822	263e2b7e	Erik Fonnesbeck	if(!is_interface_wireless($ifcfg['if']))
1823	7de319a1	Erik Fonnesbeck	return;
1824
1825	34808d4e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($ifcfg['if']);
1826	8f0289e7	Erik Fonnesbeck
1827	062023a5	Erik Fonnesbeck	// Sync shared settings for assigned clones
1828	38b7d47d	Erik Fonnesbeck	$iflist = get_configured_interface_list(false, true);
1829	8f0289e7	Erik Fonnesbeck	foreach ($iflist as $if) {
1830	34808d4e	Erik Fonnesbeck	if ($baseif == interface_get_wireless_base($config['interfaces'][$if]['if']) && $ifcfg['if'] != $config['interfaces'][$if]['if']) {
1831	8f0289e7	Erik Fonnesbeck	if (isset($config['interfaces'][$if]['wireless']['standard']) \|\| $sync_changes) {
1832			foreach ($shared_settings as $setting) {
1833			if ($sync_changes) {
1834			$config['interfaces'][$if]['wireless'][$setting] = $ifcfg['wireless'][$setting];
1835			} else {
1836			$ifcfg['wireless'][$setting] = $config['interfaces'][$if]['wireless'][$setting];
1837			}
1838			}
1839			if (!$sync_changes)
1840			break;
1841			}
1842			}
1843			}
1844	263e2b7e	Erik Fonnesbeck
1845	062023a5	Erik Fonnesbeck	// Read or write settings at shared area
1846	f62c44d8	Erik Fonnesbeck	if (isset($config['wireless']['interfaces'][$baseif])) {
1847			foreach ($shared_settings as $setting) {
1848			if ($sync_changes) {
1849			$config['wireless']['interfaces'][$baseif][$setting] = $ifcfg['wireless'][$setting];
1850			} else if (isset($config['wireless']['interfaces'][$baseif][$setting])) {
1851			$ifcfg['wireless'][$setting] = $config['wireless']['interfaces'][$baseif][$setting];
1852			}
1853	062023a5	Erik Fonnesbeck	}
1854			}
1855
1856			// Sync the mode on the clone creation page with the configured mode on the interface
1857	263e2b7e	Erik Fonnesbeck	if (interface_is_wireless_clone($ifcfg['if'])) {
1858			foreach ($config['wireless']['clone'] as &$clone) {
1859			if ($clone['cloneif'] == $ifcfg['if']) {
1860			if ($sync_changes) {
1861			$clone['mode'] = $ifcfg['wireless']['mode'];
1862			} else {
1863			$ifcfg['wireless']['mode'] = $clone['mode'];
1864			}
1865			break;
1866			}
1867			}
1868	867d444b	Erik Fonnesbeck	unset($clone);
1869	263e2b7e	Erik Fonnesbeck	}
1870	8f0289e7	Erik Fonnesbeck	}
1871
1872	19e83210	Scott Ullrich	function interface_wireless_configure($if, &$wl, &$wlcfg) {
1873	ac3f8318	Espen Johansen	global $config, $g;
1874	eb772abd	Scott Ullrich
1875	4742e927	Scott Ullrich	/* open up a shell script that will be used to output the commands.
1876			* since wireless is changing a lot, these series of commands are fragile
1877			* and will sometimes need to be verified by a operator by executing the command
1878			* and returning the output of the command to the developers for inspection. please
1879			* do not change this routine from a shell script to individul exec commands. -sullrich
1880			*/
1881	eb772abd	Scott Ullrich
1882	b99256c1	Scott Ullrich	// Remove script file
1883	490b8b2a	Scott Ullrich	unlink_if_exists("{$g['tmp_path']}/{$if}_setup.sh");
1884	eb772abd	Scott Ullrich
1885	b99256c1	Scott Ullrich	// Clone wireless nic if needed.
1886	19e83210	Scott Ullrich	interface_wireless_clone($if, $wl);
1887	2a203afd	Seth Mos
1888	8f0289e7	Erik Fonnesbeck	// Reject inadvertent changes to shared settings in case the interface hasn't been configured.
1889			interface_sync_wireless_clones($wl, false);
1890
1891	6955830f	Ermal Lu?i	$fd_set = fopen("{$g['tmp_path']}/{$if}_setup.sh","w");
1892	4742e927	Scott Ullrich	fwrite($fd_set, "#!/bin/sh\n");
1893	36d0358b	Scott Ullrich	fwrite($fd_set, "# {$g['product_name']} wireless configuration script.\n\n");
1894	eb772abd	Scott Ullrich
1895	2ac908dd	Espen Johansen	/* set values for /path/program */
1896			$hostapd = "/usr/sbin/hostapd";
1897			$wpa_supplicant = "/usr/sbin/wpa_supplicant";
1898	4742e927	Scott Ullrich	$ifconfig = "/sbin/ifconfig";
1899			$killall = "/usr/bin/killall";
1900	2ac908dd	Espen Johansen
1901	a59abc65	Scott Ullrich	/* Set all wireless ifconfig variables (splitt up to get rid of needed checking) */
1902	5508cf57	Scott Ullrich
1903	2a203afd	Seth Mos	$wlcmd = array();
1904			/* Make sure it's up */
1905			$wlcmd[] = "up";
1906	ac3f8318	Espen Johansen	/* Set a/b/g standard */
1907	9be20928	Erik Fonnesbeck	$standard = str_replace(" Turbo", "", $wlcfg['standard']);
1908			$wlcmd[] = "mode " . escapeshellarg($standard);
1909	2a203afd	Seth Mos
1910	5030b5eb	Erik Fonnesbeck	/* XXX: Disable ampdu for now on mwl when running in 11n mode
1911			* to prevent massive packet loss under certain conditions. */
1912	9be20928	Erik Fonnesbeck	if(preg_match("/^mwl/i", $if) && ($standard == "11ng" \|\| $standard == "11na"))
1913	5030b5eb	Erik Fonnesbeck	$wlcmd[] = "-ampdu";
1914
1915	2a203afd	Seth Mos	/* Set ssid */
1916			if($wlcfg['ssid'])
1917			$wlcmd[] = "ssid " .escapeshellarg($wlcfg['ssid']);
1918	5508cf57	Scott Ullrich
1919	0856c4ac	Scott Ullrich	/* Set 802.11g protection mode */
1920	2a203afd	Seth Mos	$wlcmd[] = "protmode " . escapeshellarg($wlcfg['protmode']);
1921	0856c4ac	Scott Ullrich
1922	ac3f8318	Espen Johansen	/* set wireless channel value */
1923	2a203afd	Seth Mos	if(isset($wlcfg['channel'])) {
1924			if($wlcfg['channel'] == "0") {
1925			$wlcmd[] = "channel any";
1926			} else {
1927			$wlcmd[] = "channel " . escapeshellarg($wlcfg['channel']);
1928			}
1929			}
1930	2ac908dd	Espen Johansen
1931	f134033e	Scott Ullrich	/* set Distance value */
1932	eb772abd	Scott Ullrich	if($wlcfg['distance'])
1933	f134033e	Scott Ullrich	$distance = escapeshellarg($wlcfg['distance']);
1934
1935	ac3f8318	Espen Johansen	/* Set wireless hostap mode */
1936	2a203afd	Seth Mos	if ($wlcfg['mode'] == "hostap") {
1937			$wlcmd[] = "mediaopt hostap";
1938			} else {
1939			$wlcmd[] = "-mediaopt hostap";
1940			}
1941	ac3f8318	Espen Johansen
1942			/* Set wireless adhoc mode */
1943	2a203afd	Seth Mos	if ($wlcfg['mode'] == "adhoc") {
1944			$wlcmd[] = "mediaopt adhoc";
1945			} else {
1946			$wlcmd[] = "-mediaopt adhoc";
1947			}
1948	ac3f8318	Espen Johansen
1949			/* Not neccesary to set BSS mode as this is default if adhoc and/or hostap is NOT set */
1950
1951			/* handle hide ssid option */
1952	2a203afd	Seth Mos	if(isset($wlcfg['hidessid']['enable'])) {
1953			$wlcmd[] = "hidessid";
1954			} else {
1955			$wlcmd[] = "-hidessid";
1956			}
1957	ac3f8318	Espen Johansen
1958			/* handle pureg (802.11g) only option */
1959	2a203afd	Seth Mos	if(isset($wlcfg['pureg']['enable'])) {
1960			$wlcmd[] = "mode 11g pureg";
1961			} else {
1962			$wlcmd[] = "-pureg";
1963			}
1964	ac3f8318	Espen Johansen
1965	ed459692	Erik Fonnesbeck	/* handle puren (802.11n) only option */
1966			if(isset($wlcfg['puren']['enable'])) {
1967			$wlcmd[] = "puren";
1968			} else {
1969			$wlcmd[] = "-puren";
1970			}
1971
1972	ac3f8318	Espen Johansen	/* enable apbridge option */
1973	2a203afd	Seth Mos	if(isset($wlcfg['apbridge']['enable'])) {
1974			$wlcmd[] = "apbridge";
1975			} else {
1976			$wlcmd[] = "-apbridge";
1977			}
1978	ac3f8318	Espen Johansen
1979			/* handle turbo option */
1980	2a203afd	Seth Mos	if(isset($wlcfg['turbo']['enable'])) {
1981			$wlcmd[] = "mediaopt turbo";
1982			} else {
1983			$wlcmd[] = "-mediaopt turbo";
1984			}
1985	ac3f8318	Espen Johansen
1986			/* handle txpower setting */
1987	2a203afd	Seth Mos	/* if($wlcfg['txpower'] <> "")
1988			$wlcmd[] = "txpower " . escapeshellarg($wlcfg['txpower']);
1989			*/
1990	ac3f8318	Espen Johansen	/* handle wme option */
1991	2a203afd	Seth Mos	if(isset($wlcfg['wme']['enable'])) {
1992			$wlcmd[] = "wme";
1993			} else {
1994			$wlcmd[] = "-wme";
1995			}
1996	eb772abd	Scott Ullrich
1997	ac3f8318	Espen Johansen	/* set up wep if enabled */
1998	2a203afd	Seth Mos	$wepset = "";
1999			if (isset($wlcfg['wep']['enable']) && is_array($wlcfg['wep']['key'])) {
2000			switch($wlcfg['wpa']['auth_algs']) {
2001			case "1":
2002			$wepset .= "authmode open wepmode on ";
2003			break;
2004			case "2":
2005			$wepset .= "authmode shared wepmode on ";
2006			break;
2007			case "3":
2008			$wepset .= "authmode mixed wepmode on ";
2009			}
2010	2f19fa14	Scott Ullrich	$i = 1;
2011			foreach ($wlcfg['wep']['key'] as $wepkey) {
2012			$wepset .= "wepkey " . escapeshellarg("{$i}:{$wepkey['value']}") . " ";
2013	2a203afd	Seth Mos	if (isset($wepkey['txkey'])) {
2014			$wlcmd[] = "weptxkey {$i} ";
2015			}
2016	2f19fa14	Scott Ullrich	$i++;
2017			}
2018	2a203afd	Seth Mos	$wlcmd[] = $wepset;
2019			} else {
2020			$wlcmd[] = "authmode open wepmode off ";
2021	ac3f8318	Espen Johansen	}
2022
2023	c8178bb7	Erik Fonnesbeck	mwexec(kill_hostapd("{$if}"));
2024			mwexec(kill_wpasupplicant("{$if}"));
2025
2026	ac3f8318	Espen Johansen	/* generate wpa_supplicant/hostap config if wpa is enabled */
2027	2a203afd	Seth Mos	conf_mount_rw();
2028	ac3f8318	Espen Johansen
2029			switch ($wlcfg['mode']) {
2030	b67d192d	Scott Ullrich	case 'bss':
2031	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
2032			$wpa .= <<<EOD
2033	454756b9	Scott Ullrich	ctrl_interface={$g['varrun_path']}/wpa_supplicant
2034	50ad3b7c	Scott Ullrich	ctrl_interface_group=0
2035			ap_scan=1
2036	2ac908dd	Espen Johansen	#fast_reauth=1
2037	249558a2	Scott Ullrich	network={
2038	454756b9	Scott Ullrich	ssid="{$wlcfg['ssid']}"
2039			scan_ssid=1
2040	2ac908dd	Espen Johansen	priority=5
2041			key_mgmt={$wlcfg['wpa']['wpa_key_mgmt']}
2042	454756b9	Scott Ullrich	psk="{$wlcfg['wpa']['passphrase']}"
2043	2ac908dd	Espen Johansen	pairwise={$wlcfg['wpa']['wpa_pairwise']}
2044			group={$wlcfg['wpa']['wpa_pairwise']}
2045	50ad3b7c	Scott Ullrich	}
2046			EOD;
2047
2048	80ec5eaa	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/wpa_supplicant_{$if}.conf", "w");
2049	ac3f8318	Espen Johansen	fwrite($fd, "{$wpa}");
2050			fclose($fd);
2051			}
2052	2a203afd	Seth Mos	break;
2053	ac3f8318	Espen Johansen	case 'hostap':
2054	7eadaa9c	Scott Ullrich	if($wlcfg['wpa']['passphrase'])
2055			$wpa_passphrase = "wpa_passphrase={$wlcfg['wpa']['passphrase']}\n";
2056	abfd0c9b	Scott Ullrich	else
2057			$wpa_passphrase = "";
2058	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
2059			$wpa .= <<<EOD
2060	459d6351	Scott Ullrich	interface={$if}
2061			driver=bsd
2062			logger_syslog=-1
2063			logger_syslog_level=0
2064			logger_stdout=-1
2065			logger_stdout_level=0
2066	2ac908dd	Espen Johansen	dump_file={$g['tmp_path']}/hostapd_{$if}.dump
2067			ctrl_interface={$g['varrun_path']}/hostapd
2068	459d6351	Scott Ullrich	ctrl_interface_group=wheel
2069	2ac908dd	Espen Johansen	#accept_mac_file={$g['tmp_path']}/hostapd_{$if}.accept
2070			#deny_mac_file={$g['tmp_path']}/hostapd_{$if}.deny
2071	b67d192d	Scott Ullrich	#macaddr_acl={$wlcfg['wpa']['macaddr_acl']}
2072	459d6351	Scott Ullrich	ssid={$wlcfg['ssid']}
2073	2ac908dd	Espen Johansen	debug={$wlcfg['wpa']['debug_mode']}
2074			auth_algs={$wlcfg['wpa']['auth_algs']}
2075			wpa={$wlcfg['wpa']['wpa_mode']}
2076			wpa_key_mgmt={$wlcfg['wpa']['wpa_key_mgmt']}
2077			wpa_pairwise={$wlcfg['wpa']['wpa_pairwise']}
2078	ac3f8318	Espen Johansen	wpa_group_rekey={$wlcfg['wpa']['wpa_group_rekey']}
2079			wpa_gmk_rekey={$wlcfg['wpa']['wpa_gmk_rekey']}
2080			wpa_strict_rekey={$wlcfg['wpa']['wpa_strict_rekey']}
2081	7eadaa9c	Scott Ullrich	{$wpa_passphrase}
2082	53dfd34e	Espen Johansen	#Enable the next lines for preauth when roaming. Interface = wired or wireless interface talking to the AP you want to roam from/to
2083			#rsn_preauth=1
2084			#rsn_preauth_interfaces=eth0
2085	525d565b	Scott Ullrich
2086	459d6351	Scott Ullrich	EOD;
2087	2ac908dd	Espen Johansen
2088	5949124c	Scott Ullrich	if($wlcfg['auth_server_addr'] && $wlcfg['auth_server_shared_secret']) {
2089			$auth_server_port = "1812";
2090			if($wlcfg['auth_server_port'])
2091			$auth_server_port = $wlcfg['auth_server_port'];
2092			$wpa .= <<<EOD
2093	525d565b	Scott Ullrich
2094	5949124c	Scott Ullrich	ieee8021x=1
2095			auth_server_addr={$wlcfg['auth_server_addr']}
2096			auth_server_port={$auth_server_port}
2097			auth_server_shared_secret={$wlcfg['auth_server_shared_secret']}
2098	525d565b	Scott Ullrich
2099	459d6351	Scott Ullrich	EOD;
2100	5949124c	Scott Ullrich	} else {
2101			$wpa .= "ieee8021x={$wlcfg['wpa']['ieee8021x']}\n";
2102			}
2103	2ac908dd	Espen Johansen
2104	80ec5eaa	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hostapd_{$if}.conf", "w");
2105	ac3f8318	Espen Johansen	fwrite($fd, "{$wpa}");
2106			fclose($fd);
2107	2ac908dd	Espen Johansen
2108	ac3f8318	Espen Johansen	}
2109	2a203afd	Seth Mos	break;
2110	eb772abd	Scott Ullrich	}
2111	ac3f8318	Espen Johansen
2112	4742e927	Scott Ullrich	/*
2113			* all variables are set, lets start up everything
2114	2a203afd	Seth Mos	*/
2115	eb772abd	Scott Ullrich
2116	bbfc810e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($if);
2117
2118	78922914	Scott Ullrich	/* set ack timers according to users preference (if he/she has any) */
2119			if($distance) {
2120	4742e927	Scott Ullrich	fwrite($fd_set, "# Enable ATH distance settings\n");
2121	e327021d	Erik Fonnesbeck	fwrite($fd_set, "/sbin/athctrl.sh -i {$baseif} -d {$distance}\n");
2122	78922914	Scott Ullrich	}
2123	eb772abd	Scott Ullrich
2124	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
2125	2a203afd	Seth Mos	if ($wlcfg['mode'] == "bss") {
2126	4742e927	Scott Ullrich	fwrite($fd_set, "{$wpa_supplicant} -B -i {$if} -c {$g['varetc_path']}/wpa_supplicant_{$if}.conf\n");
2127	2a203afd	Seth Mos	}
2128			if ($wlcfg['mode'] == "hostap") {
2129	4742e927	Scott Ullrich	fwrite($fd_set, "{$hostapd} -B {$g['varetc_path']}/hostapd_{$if}.conf\n");
2130	2a203afd	Seth Mos	}
2131	ac3f8318	Espen Johansen	}
2132	191a8175	Scott Ullrich
2133	4742e927	Scott Ullrich	fclose($fd_set);
2134	8a958125	Scott Ullrich	conf_mount_ro();
2135
2136	bbfc810e	Erik Fonnesbeck	/* Making sure regulatory settings have actually changed
2137			* before applying, because changing them requires bringing
2138			* down all wireless networks on the interface. */
2139			exec("{$ifconfig} " . escapeshellarg($if), $output);
2140			$ifconfig_str = implode($output);
2141			unset($output);
2142			$reg_changing = false;
2143
2144	89e7778f	Erik Fonnesbeck	/* special case for the debug country code */
2145			if ($wlcfg['regcountry'] == 'DEBUG' && !preg_match("/\sregdomain\s+DEBUG\s/si", $ifconfig_str))
2146			$reg_changing = true;
2147			else if ($wlcfg['regdomain'] && !preg_match("/\sregdomain\s+{$wlcfg['regdomain']}\s/si", $ifconfig_str))
2148	bbfc810e	Erik Fonnesbeck	$reg_changing = true;
2149			else if ($wlcfg['regcountry'] && !preg_match("/\scountry\s+{$wlcfg['regcountry']}\s/si", $ifconfig_str))
2150			$reg_changing = true;
2151	89e7778f	Erik Fonnesbeck	else if ($wlcfg['reglocation'] == 'anywhere' && preg_match("/\s(indoor\|outdoor)\s/si", $ifconfig_str))
2152			$reg_changing = true;
2153	06cb2656	Erik Fonnesbeck	else if ($wlcfg['reglocation'] && $wlcfg['reglocation'] != 'anywhere' && !preg_match("/\s{$wlcfg['reglocation']}\s/si", $ifconfig_str))
2154	bbfc810e	Erik Fonnesbeck	$reg_changing = true;
2155
2156			if ($reg_changing) {
2157			/* set regulatory domain */
2158			if($wlcfg['regdomain'])
2159			$wlregcmd[] = "regdomain " . escapeshellarg($wlcfg['regdomain']);
2160
2161			/* set country */
2162			if($wlcfg['regcountry'])
2163			$wlregcmd[] = "country " . escapeshellarg($wlcfg['regcountry']);
2164
2165			/* set location */
2166			if($wlcfg['reglocation'])
2167			$wlregcmd[] = escapeshellarg($wlcfg['reglocation']);
2168
2169			$wlregcmd_args = implode(" ", $wlregcmd);
2170
2171			/* build a complete list of the wireless clones for this interface */
2172			$clone_list = array();
2173			if (does_interface_exist(interface_get_wireless_clone($baseif)))
2174			$clone_list[] = interface_get_wireless_clone($baseif);
2175			if (is_array($config['wireless']['clone'])) {
2176			foreach ($config['wireless']['clone'] as $clone) {
2177			if ($clone['if'] == $baseif)
2178			$clone_list[] = $clone['cloneif'];
2179			}
2180			}
2181
2182			/* find which clones are up and bring them down */
2183			$clones_up = array();
2184			foreach ($clone_list as $clone_if) {
2185	1cf76394	Erik Fonnesbeck	$clone_status = pfSense_get_interface_addresses($clone_if);
2186	bbfc810e	Erik Fonnesbeck	if ($clone_status['status'] == 'up') {
2187			$clones_up[] = $clone_if;
2188			mwexec("{$ifconfig} " . escapeshellarg($clone_if) . " down");
2189			}
2190			}
2191
2192			/* apply the regulatory settings */
2193			mwexec("{$ifconfig} " . escapeshellarg($if) . " {$wlregcmd_args}");
2194
2195			/* bring the clones back up that were previously up */
2196			foreach ($clones_up as $clone_if) {
2197			mwexec("{$ifconfig} " . escapeshellarg($clone_if) . " up");
2198			}
2199			}
2200
2201	23fdc06e	Erik Fonnesbeck	/* The mode must be specified in a separate command before ifconfig
2202			* will allow the mode and channel at the same time in the next. */
2203	9be20928	Erik Fonnesbeck	mwexec("/sbin/ifconfig {$if} mode " . escapeshellarg($standard));
2204	23fdc06e	Erik Fonnesbeck
2205	2a48a885	Erik Fonnesbeck	/* configure wireless */
2206			$wlcmd_args = implode(" ", $wlcmd);
2207			mwexec("/sbin/ifconfig {$if} $wlcmd_args", false);
2208
2209	2a203afd	Seth Mos
2210			sleep(1);
2211			/* execute hostapd and wpa_supplicant if required in shell */
2212	6955830f	Ermal Lu?i	mwexec("/bin/sh {$g['tmp_path']}/{$if}_setup.sh");
2213	191a8175	Scott Ullrich
2214	ac3f8318	Espen Johansen	return 0;
2215	cfc707f7	Scott Ullrich
2216	5b237745	Scott Ullrich	}
2217
2218	eba938e3	Scott Ullrich	function kill_hostapd($interface) {
2219	6f76920c	thompsa	return "/bin/pkill -f \"hostapd .*{$interface}\"\n";
2220	4b2a6180	Scott Ullrich	}
2221
2222	eba938e3	Scott Ullrich	function kill_wpasupplicant($interface) {
2223	6f76920c	thompsa	return "/bin/pkill -f \"wpa_supplicant .*{$interface}\"\n";
2224	4b2a6180	Scott Ullrich	}
2225
2226	eba938e3	Scott Ullrich	function find_dhclient_process($interface) {
2227	79d3a7cf	Ermal Lu?i	if($interface) {
2228	6f76920c	thompsa	$pid = `/bin/pgrep -xf "dhclient: {$interface}"`;
2229	79d3a7cf	Ermal Lu?i	}
2230	0311dbd5	Scott Ullrich	return $pid;
2231			}
2232
2233	a5d6f60b	Ermal Lu?i	function interface_configure($interface = "wan", $reloadall = false) {
2234	675aac3d	Ermal Luçi	global $config, $g;
2235	31b24870	Ermal Luçi	global $interface_sn_arr_cache, $interface_ip_arr_cache;
2236	cfc707f7	Scott Ullrich
2237	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2238
2239	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
2240	cfc707f7	Scott Ullrich
2241	28d22199	Scott Ullrich	if (!$g['booting']) {
2242	acc1e9d0	Scott Ullrich	/* remove all IPv4 addresses */
2243	332683cb	Seth Mos	while (mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " -alias", true) == 0);
2244	5c49cf58	Ermal	interface_bring_down($interface, true);
2245	28d22199	Scott Ullrich	}
2246	acc1e9d0	Scott Ullrich
2247	5b237745	Scott Ullrich	/* wireless configuration? */
2248			if (is_array($wancfg['wireless']))
2249	19e83210	Scott Ullrich	interface_wireless_configure($realif, $wancfg, $wancfg['wireless']);
2250	cfc707f7	Scott Ullrich
2251	f36d4bd2	Scott Ullrich	if ($wancfg['spoofmac']) {
2252	b99256c1	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg($realif) .
2253	5b237745	Scott Ullrich	" link " . escapeshellarg($wancfg['spoofmac']));
2254	ac8ff0a4	Ermal
2255	871768cf	Ermal	/*
2256			* All vlans need to spoof their parent mac address, too. see
2257			* ticket #1514: http://cvstrac.pfsense.com/tktview?tn=1514,33
2258			*/
2259			if (is_array($config['vlans']['vlan'])) {
2260			foreach ($config['vlans']['vlan'] as $vlan) {
2261			if ($vlan['if'] == $realif)
2262			mwexec("/sbin/ifconfig " . escapeshellarg($vlan['vlanif']) .
2263			" link " . escapeshellarg($wancfg['spoofmac']));
2264			}
2265			}
2266	f36d4bd2	Scott Ullrich	} else {
2267	3ad5fd63	Ermal	$mac = get_interface_mac(get_real_interface($wancfg['if']));
2268	f36d4bd2	Scott Ullrich	if($mac == "ff:ff:ff:ff:ff:ff") {
2269			/* this is not a valid mac address. generate a
2270			* temporary mac address so the machine can get online.
2271			*/
2272	9315ef83	Scott Ullrich	echo "Generating new MAC address.";
2273	f36d4bd2	Scott Ullrich	$random_mac = generate_random_mac_address();
2274	b99256c1	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg(get_real_interface($wancfg['if'])) .
2275	f36d4bd2	Scott Ullrich	" link " . escapeshellarg($random_mac));
2276			$wancfg['spoofmac'] = $random_mac;
2277			write_config();
2278	571f89fa	Ermal Luçi	file_notice("MAC Address altered", "The INVALID MAC address (ff:ff:ff:ff:ff:ff) on interface {$realif} has been automatically replaced with {$random_mac}", "Interfaces");
2279	f36d4bd2	Scott Ullrich	}
2280			}
2281	cfc707f7	Scott Ullrich
2282	5b237745	Scott Ullrich	/* media */
2283			if ($wancfg['media'] \|\| $wancfg['mediaopt']) {
2284	b99256c1	Scott Ullrich	$cmd = "/sbin/ifconfig " . escapeshellarg(get_real_interface($wancfg['if']));
2285	5b237745	Scott Ullrich	if ($wancfg['media'])
2286			$cmd .= " media " . escapeshellarg($wancfg['media']);
2287			if ($wancfg['mediaopt'])
2288			$cmd .= " mediaopt " . escapeshellarg($wancfg['mediaopt']);
2289			mwexec($cmd);
2290			}
2291	e57a441e	Ermal Lu?i	if (!empty($wancfg['mtu']))
2292	871768cf	Ermal	pfSense_interface_mtu($realif, $wancfg['mtu']);
2293	cfc707f7	Scott Ullrich
2294	31b24870	Ermal Luçi	/* invalidate interface/ip/sn cache */
2295	eba938e3	Scott Ullrich	get_interface_arr(true);
2296	31b24870	Ermal Luçi	unset($interface_ip_arr_cache[$realif]);
2297			unset($interface_sn_arr_cache[$realif]);
2298	ccbd2447	Ermal Luçi
2299	5b237745	Scott Ullrich	switch ($wancfg['ipaddr']) {
2300	d5d00b83	Scott Ullrich	case 'carpdev-dhcp':
2301	1fb7c265	Ermal Luçi	interface_carpdev_dhcp_configure($interface);
2302	d5d00b83	Scott Ullrich	break;
2303	5b237745	Scott Ullrich	case 'dhcp':
2304	1fb7c265	Ermal Luçi	interface_dhcp_configure($interface);
2305	5b237745	Scott Ullrich	break;
2306			case 'pppoe':
2307	8af6c46d	gnhb	case 'l2tp':
2308	5b237745	Scott Ullrich	case 'pptp':
2309	9ebe7028	gnhb	case 'ppp':
2310	64d124c5	gnhb	interface_ppps_configure($interface);
2311	9ebe7028	gnhb	break;
2312	5b237745	Scott Ullrich	default:
2313	4b176ed2	Ermal Luçi	if ($wancfg['ipaddr'] <> "" && $wancfg['subnet'] <> "") {
2314	871768cf	Ermal	pfSense_interface_setaddress($realif, "{$wancfg['ipaddr']}/{$wancfg['subnet']}");
2315	d1eea523	Ermal	} else if (substr($realif, 0, 3) == "gre") {
2316			if (is_array($config['gres']['gre'])) {
2317			foreach ($config['gres']['gre'] as $gre)
2318			if ($gre['greif'] == $realif)
2319			interface_gre_configure($gre);
2320			}
2321			} else if (substr($realif, 0, 3) == "gif") {
2322			if (is_array($config['gifs']['gif'])) {
2323			foreach ($config['gifs']['gif'] as $gif)
2324			if($gif['gifif'] == $interface)
2325			interface_gif_configure($gif);
2326			}
2327			} else if (substr($realif, 0, 4) == "ovpn") {
2328			/* XXX: Should be done anything?! */
2329	acc1e9d0	Scott Ullrich	}
2330
2331	5e041d5f	Scott Ullrich	if (is_ipaddr($wancfg['gateway']))
2332	6955830f	Ermal Lu?i	file_put_contents("{$g['tmp_path']}/{$realif}_router", $wancfg['gateway']);
2333	d1eea523	Ermal	break;
2334	5b237745	Scott Ullrich	}
2335	ffeb5acf	Scott Ullrich
2336	435f11c8	Ermal Lu?i	if(does_interface_exist($wancfg['if']))
2337	7284d850	Scott Ullrich	interfaces_bring_up($wancfg['if']);
2338	3d8237f4	sullrich
2339	f700f8da	Ermal Lu?i	if (!$g['booting'])
2340			interface_reload_carps($realif);
2341	3d8237f4	sullrich
2342	5b237745	Scott Ullrich	if (!$g['booting']) {
2343	a639bb91	Ermal	unset($gre);
2344			$gre = link_interface_to_gre($interface);
2345			if (!empty($gre))
2346			interface_gre_configure($gre);
2347
2348			unset($gif);
2349			$gif = link_interface_to_gif($interface);
2350			if (!empty($gif))
2351			interface_gif_configure($gif);
2352
2353			unset($bridgetmp);
2354			$bridgetmp = link_interface_to_bridge($interface);
2355			if (!empty($bridgetmp))
2356			interface_bridge_add_member($bridgetmp, $realif);
2357	ccbd2447	Ermal Luçi
2358	7850de1c	Ermal Lu?i	link_interface_to_vips($interface, "update");
2359	e5ac67ed	Ermal Lu?i
2360	a5d6f60b	Ermal Lu?i	if ($interface == "lan")
2361	4476d447	Ermal Luçi	/* make new hosts file */
2362	ffeb5acf	Scott Ullrich	system_hosts_generate();
2363	4476d447	Ermal Luçi
2364	a5d6f60b	Ermal Lu?i	if ($reloadall == true) {
2365	cfc707f7	Scott Ullrich
2366	a5d6f60b	Ermal Lu?i	/* reconfigure static routes (kernel may have deleted them) */
2367	1ea67f2e	Ermal	system_routing_configure($interface);
2368	cfc707f7	Scott Ullrich
2369	a5d6f60b	Ermal Lu?i	/* reload ipsec tunnels */
2370			vpn_ipsec_configure();
2371	cfc707f7	Scott Ullrich
2372	a5d6f60b	Ermal Lu?i	/* update dyndns */
2373	2ec2a374	Ermal Lu?i	services_dyndns_configure($interface);
2374	cfc707f7	Scott Ullrich
2375	a5d6f60b	Ermal Lu?i	/* force DNS update */
2376	2ec2a374	Ermal Lu?i	services_dnsupdate_process($interface);
2377	a23d7248	Scott Ullrich
2378	a5d6f60b	Ermal Lu?i	/* restart dnsmasq */
2379			services_dnsmasq_configure();
2380	eb772abd	Scott Ullrich
2381	a5d6f60b	Ermal Lu?i	/* reload captive portal */
2382	769e254e	Ermal	captiveportal_init_rules();
2383	a5d6f60b	Ermal Lu?i
2384			/* set the reload filter dity flag */
2385			filter_configure();
2386			}
2387	5b237745	Scott Ullrich	}
2388	cfc707f7	Scott Ullrich
2389	5b237745	Scott Ullrich	return 0;
2390			}
2391
2392	eba938e3	Scott Ullrich	function interface_carpdev_dhcp_configure($interface = "wan") {
2393	d5d00b83	Scott Ullrich	global $config, $g;
2394
2395	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2396	499994ff	Scott Ullrich	$wanif = $wancfg['if'];
2397	d5d00b83	Scott Ullrich	/* bring wan interface up before starting dhclient */
2398	d7147b1c	Scott Ullrich	if($wanif)
2399	b5b957fe	Scott Ullrich	interfaces_bring_up($wanif);
2400	d7147b1c	Scott Ullrich	else
2401			log_error("Could not bring wanif up in terface_carpdev_dhcp_configure()");
2402	d5d00b83	Scott Ullrich
2403			return 0;
2404			}
2405
2406	eba938e3	Scott Ullrich	function interface_dhcp_configure($interface = "wan") {
2407	5b237745	Scott Ullrich	global $config, $g;
2408	cfc707f7	Scott Ullrich
2409	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2410	df9e93f0	Ermal	if (empty($wancfg))
2411			$wancfg = array();
2412	5b237745	Scott Ullrich
2413	0311dbd5	Scott Ullrich	/* generate dhclient_wan.conf */
2414	67ee1ec5	Ermal Luçi	$fd = fopen("{$g['varetc_path']}/dhclient_{$interface}.conf", "w");
2415	5b237745	Scott Ullrich	if (!$fd) {
2416	67ee1ec5	Ermal Luçi	printf("Error: cannot open dhclient_{$interface}.conf in interfaces_wan_dhcp_configure() for writing.\n");
2417	5b237745	Scott Ullrich	return 1;
2418			}
2419	eb772abd	Scott Ullrich
2420	2305d4c5	Scott Ullrich	if ($wancfg['dhcphostname']) {
2421			$dhclientconf_hostname = "send dhcp-client-identifier \"{$wancfg['dhcphostname']}\";\n";
2422			$dhclientconf_hostname .= "\tsend host-name \"{$wancfg['dhcphostname']}\";\n";
2423			} else {
2424			$dhclientconf_hostname = "";
2425			}
2426
2427	85a5da13	Ermal Luçi	$wanif = get_real_interface($interface);
2428	df9e93f0	Ermal	if (empty($wanif)) {
2429			log_error("Invalid interface \"{$interface}\" in interface_dhcp_configure()");
2430	c1cc447c	gnhb	return 0;
2431	3a906378	gnhb	}
2432	67ee1ec5	Ermal Luçi	$dhclientconf = "";
2433
2434	6d76590c	Scott Ullrich	$dhclientconf .= <<<EOD
2435	67ee1ec5	Ermal Luçi	interface "{$wanif}" {
2436	76d3b9a3	Chris Buechler	timeout 60;
2437	ce69a638	Scott Ullrich	retry 1;
2438			select-timeout 0;
2439			initial-interval 1;
2440	2305d4c5	Scott Ullrich	{$dhclientconf_hostname}
2441			script "/sbin/dhclient-script";
2442	5b237745	Scott Ullrich	}
2443
2444			EOD;
2445
2446	bc40d758	Seth Mos	if(is_ipaddr($wancfg['alias-address'])) {
2447			$subnetmask = gen_subnet_mask($wancfg['alias-subnet']);
2448			$dhclientconf .= <<<EOD
2449			alias {
2450	67ee1ec5	Ermal Luçi	interface "{$wanif}";
2451	bc40d758	Seth Mos	fixed-address {$wancfg['alias-address']};
2452			option subnet-mask {$subnetmask};
2453			}
2454
2455			EOD;
2456			}
2457	5b237745	Scott Ullrich	fwrite($fd, $dhclientconf);
2458			fclose($fd);
2459	eb772abd	Scott Ullrich
2460	d7147b1c	Scott Ullrich	/* bring wan interface up before starting dhclient */
2461	3a906378	gnhb	if($wanif)
2462			interfaces_bring_up($wanif);
2463	b5b957fe	Scott Ullrich	else
2464	3a906378	gnhb	log_error("Could not bring up {$wanif} interface in interface_dhcp_configure()");
2465	eacc8c14	Scott Ullrich
2466	d7147b1c	Scott Ullrich	/* fire up dhclient */
2467	6955830f	Ermal Lu?i	mwexec("/sbin/dhclient -c {$g['varetc_path']}/dhclient_{$interface}.conf {$wanif} > {$g['tmp_path']}/{$wanif}_output > {$g['tmp_path']}/{$wanif}_error_output");
2468	0119d2f7	Scott Ullrich
2469	5b237745	Scott Ullrich	return 0;
2470			}
2471
2472	42753d25	Ermal Lu?i	function interfaces_group_setup() {
2473			global $config;
2474
2475			if (!is_array($config['ifgroups']['ifgroupentry']))
2476			return;
2477
2478	482961e3	Ermal Lu?i	foreach ($config['ifgroups']['ifgroupentry'] as $groupar)
2479	42753d25	Ermal Lu?i	interface_group_setup($groupar);
2480
2481			return;
2482			}
2483
2484	abcb2bed	Ermal Lu?i	function interface_group_setup(&$groupname /* The parameter is an array */) {
2485	42753d25	Ermal Lu?i	global $config;
2486
2487			if (!is_array($groupname))
2488			return;
2489			$members = explode(" ", $groupname['members']);
2490			foreach($members as $ifs) {
2491			$realif = get_real_interface($ifs);
2492			if ($realif)
2493			mwexec("/sbin/ifconfig {$realif} group {$groupname['ifname']}");
2494			}
2495
2496			return;
2497			}
2498	f6b761fb	Scott Ullrich
2499	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2500	afb2de1b	Ermal Lu?i	function convert_friendly_interface_to_real_interface_name($interface) {
2501			return get_real_interface($interface);
2502			}
2503
2504	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2505	eba938e3	Scott Ullrich	function get_real_wan_interface($interface = "wan") {
2506	abb31ea4	Ermal Luçi	return get_real_interface($interface);
2507			}
2508	afb2de1b	Ermal Lu?i
2509	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2510	eba938e3	Scott Ullrich	function get_current_wan_address($interface = "wan") {
2511	abb31ea4	Ermal Luçi	return get_interface_ip($interface);
2512			}
2513
2514	afb2de1b	Ermal Lu?i	/*
2515			* convert_real_interface_to_friendly_interface_name($interface): convert fxp0 -> wan, etc.
2516			*/
2517			function convert_real_interface_to_friendly_interface_name($interface = "wan") {
2518			global $config;
2519
2520	bfbb9bc0	Ermal	if (stristr($interface, "vip")) {
2521	6d5446a2	Ermal	$index = intval(substr($interface, 3));
2522			foreach ($config['virtualip']['vip'] as $counter => $vip) {
2523	564df7c2	Ermal Lu?i	if ($vip['mode'] == "carpdev-dhcp" \|\| $vip['mode'] == "carp") {
2524	6d5446a2	Ermal	if ($index == $counter)
2525	564df7c2	Ermal Lu?i	return $vip['interface'];
2526			}
2527			}
2528	afb2de1b	Ermal Lu?i	} else if (stristr($interface, "carp")) {
2529	6d5446a2	Ermal	$index = intval(substr($interface, 4));
2530			foreach ($config['virtualip']['vip'] as $counter => $vip) {
2531	afb2de1b	Ermal Lu?i	if ($vip['mode'] == "carpdev-dhcp" \|\| $vip['mode'] == "carp") {
2532	6d5446a2	Ermal	if ($index == $counter)
2533	afb2de1b	Ermal Lu?i	return $vip['interface'];
2534			}
2535			}
2536			}
2537
2538	6d5446a2	Ermal	/* XXX: For speed reasons reference directly the interface array */
2539			$ifdescrs = $config['interfaces'];
2540			//$ifdescrs = get_configured_interface_list(false, true);
2541	afb2de1b	Ermal Lu?i
2542			foreach ($ifdescrs as $if => $ifname) {
2543	6d5446a2	Ermal	if ($config['interfaces'][$if]['if'] == $interface)
2544			return $if;
2545	afb2de1b	Ermal Lu?i
2546			/* XXX: ermal - The 3 lines below are totally bogus code. */
2547	532b0fb8	Ermal Lu?i	$int = interface_translate_type_to_real($if);
2548	6d5446a2	Ermal	if ($int == $interface)
2549	afb2de1b	Ermal Lu?i	return $ifname;
2550			}
2551			return NULL;
2552			}
2553
2554			/* attempt to resolve interface to friendly descr */
2555			function convert_friendly_interface_to_friendly_descr($interface) {
2556			global $config;
2557
2558			switch ($interface) {
2559			case "l2tp":
2560			$ifdesc = "L2TP";
2561			break;
2562			case "pptp":
2563			$ifdesc = "pptp";
2564			break;
2565			case "pppoe":
2566			$ifdesc = "pppoe";
2567			break;
2568			case "openvpn":
2569			$ifdesc = "OpenVPN";
2570			break;
2571			case "enc0":
2572			case "ipsec":
2573			$ifdesc = "IPsec";
2574			break;
2575			default:
2576			/* if list */
2577			$ifdescrs = get_configured_interface_with_descr(false, true);
2578			foreach ($ifdescrs as $if => $ifname) {
2579			if ($if == $interface \|\| $ifname == $interface)
2580			return $ifname;
2581			}
2582			break;
2583			}
2584
2585			return $ifdesc;
2586			}
2587
2588			function convert_real_interface_to_friendly_descr($interface) {
2589			global $config;
2590
2591			$ifdesc = convert_real_interface_to_friendly_interface_name("{$interface}");
2592
2593			if ($ifdesc) {
2594	c795339e	Ermal Lu?i	$iflist = get_configured_interface_with_descr(false, true);
2595	afb2de1b	Ermal Lu?i	return $iflist[$ifdesc];
2596			}
2597
2598			return $interface;
2599			}
2600
2601	532b0fb8	Ermal Lu?i	/*
2602			* interface_translate_type_to_real($interface):
2603			* returns the real hardware interface name for a friendly interface. ie: wan
2604			*/
2605			function interface_translate_type_to_real($interface) {
2606			global $config;
2607
2608			if ($config['interfaces'][$interface]['if'] <> "")
2609			return $config['interfaces'][$interface]['if'];
2610			else
2611			return $interface;
2612			}
2613
2614	263e2b7e	Erik Fonnesbeck	function interface_is_wireless_clone($wlif) {
2615			if(!stristr($wlif, "_wlan")) {
2616			return false;
2617			} else {
2618			return true;
2619			}
2620			}
2621
2622	1d072761	Erik Fonnesbeck	function interface_get_wireless_base($wlif) {
2623	34808d4e	Erik Fonnesbeck	if(!stristr($wlif, "_wlan")) {
2624			return $wlif;
2625			} else {
2626			return substr($wlif, 0, stripos($wlif, "_wlan"));
2627			}
2628			}
2629
2630	1d072761	Erik Fonnesbeck	function interface_get_wireless_clone($wlif) {
2631	34808d4e	Erik Fonnesbeck	if(!stristr($wlif, "_wlan")) {
2632			return $wlif . "_wlan0";
2633			} else {
2634			return $wlif;
2635			}
2636			}
2637
2638	df9e93f0	Ermal	function get_real_interface($interface = "wan") {
2639	67ee1ec5	Ermal Luçi	global $config;
2640	cfc707f7	Scott Ullrich
2641	521cfa2f	Ermal Lu?i	$wanif = NULL;
2642	c515ea57	Scott Ullrich
2643	67ee1ec5	Ermal Luçi	switch ($interface) {
2644	acc1e9d0	Scott Ullrich	case "l2tp":
2645			$wanif = "l2tp";
2646			break;
2647	67ee1ec5	Ermal Luçi	case "pptp":
2648			$wanif = "pptp";
2649			break;
2650			case "pppoe":
2651			$wanif = "pppoe";
2652			break;
2653			case "openvpn":
2654			$wanif = "openvpn";
2655			break;
2656	4563d12f	Seth Mos	case "ipsec":
2657	67ee1ec5	Ermal Luçi	case "enc0":
2658			$wanif = "enc0";
2659			break;
2660			case "ppp":
2661			$wanif = "ppp";
2662			break;
2663			default:
2664	6d5446a2	Ermal	// If a real interface was alread passed simply
2665			// pass the real interface back. This encourages
2666			// the usage of this function in more cases so that
2667			// we can combine logic for more flexibility.
2668			if(does_interface_exist($interface)) {
2669			$wanif = $interface;
2670			break;
2671			}
2672			if (empty($config['interfaces'][$interface]))
2673			break;
2674	568b1358	Scott Ullrich
2675	6d5446a2	Ermal	$cfg =& $config['interfaces'][$interface];
2676	2ebf3945	Scott Ullrich
2677	6d5446a2	Ermal	// Wireless cloned NIC support (FreeBSD 8+)
2678			// interface name format: $parentnic_wlanparentnic#
2679			// example: ath0_wlan0
2680			if (is_interface_wireless($cfg['if'])) {
2681			$wanif = interface_get_wireless_clone($cfg['if']);
2682			break;
2683			}
2684			/*
2685			if (empty($cfg['if'])) {
2686			$wancfg = $cfg['if'];
2687			break;
2688			}
2689			*/
2690	e7693c09	Ermal Lu?i
2691	6d5446a2	Ermal	switch ($cfg['ipaddr']) {
2692			case "carpdev-dhcp":
2693			$viparr = &$config['virtualip']['vip'];
2694			if(is_array($viparr))
2695			foreach ($viparr as $counter => $vip) {
2696			if ($vip['mode'] == "carpdev-dhcp") {
2697			if($vip['interface'] == $interface) {
2698			$wanif = "carp{$counter}";
2699			break;
2700	3a906378	gnhb	}
2701			}
2702			}
2703	b99256c1	Scott Ullrich	break;
2704	6d5446a2	Ermal	case "pppoe":
2705			case "pptp":
2706			case "l2tp":
2707			case "ppp":
2708	277d0250	gnhb	$wanif = $cfg['if'];
2709	6d5446a2	Ermal	break;
2710			default:
2711			$wanif = $cfg['if'];
2712			break;
2713	c515ea57	Scott Ullrich	}
2714	67ee1ec5	Ermal Luçi	break;
2715	c515ea57	Scott Ullrich	}
2716
2717	67ee1ec5	Ermal Luçi	return $wanif;
2718	5b237745	Scott Ullrich	}
2719
2720	9ff8c299	Seth Mos	/* Guess the physical interface by providing a IP address */
2721	afb2de1b	Ermal Lu?i	function guess_interface_from_ip($ipaddress) {
2722	80a2c1e6	Seth Mos	if(! is_ipaddr($ipaddress)) {
2723	9ff8c299	Seth Mos	return false;
2724			}
2725			/* create a route table we can search */
2726	629208a2	Ermal Lu?i	exec("netstat -rnW", $output, $ret);
2727	9ff8c299	Seth Mos	foreach($output as $line) {
2728			if(preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/[0-9]+[ ]+link[#]/", $line)) {
2729			$fields = preg_split("/[ ]+/", $line);
2730			if(ip_in_subnet($ipaddress, $fields[0])) {
2731	629208a2	Ermal Lu?i	return $fields[6];
2732	9ff8c299	Seth Mos	}
2733			}
2734			}
2735			$ret = exec_command("/sbin/route -n get {$ipaddress} \| /usr/bin/awk '/interface/ { print \$2; };'");
2736			if(empty($ret)) {
2737			return false;
2738			}
2739			return $ret;
2740	afb2de1b	Ermal Lu?i	}
2741
2742			/*
2743			* find_ip_interface($ip): return the interface where an ip is defined
2744			*/
2745			function find_ip_interface($ip)
2746			{
2747			/* if list */
2748			$ifdescrs = get_configured_interface_list();
2749
2750			foreach ($ifdescrs as $ifdescr => $ifname) {
2751	abcb2bed	Ermal Lu?i	if ($ip == get_interface_ip($ifname)) {
2752			$int = get_real_interface($ifname);
2753			return $int;
2754			}
2755	afb2de1b	Ermal Lu?i	}
2756			return false;
2757			}
2758
2759	a71b32d2	Scott Ullrich	/*
2760			* find_number_of_created_carp_interfaces: return the number of carp interfaces
2761			*/
2762			function find_number_of_created_carp_interfaces() {
2763			return `/sbin/ifconfig \| grep "carp:" \| wc -l`;
2764			}
2765
2766			function get_all_carp_interfaces() {
2767			$ints = str_replace("\n", " ", `ifconfig \| grep "carp:" -B2 \| grep ": flag" \| cut -d: -f1`);
2768	81c64284	Chris Buechler	$ints = explode(" ", $ints);
2769	a71b32d2	Scott Ullrich	return $ints;
2770			}
2771
2772	abcb2bed	Ermal Lu?i	/*
2773			* find_carp_interface($ip): return the carp interface where an ip is defined
2774			*/
2775			function find_carp_interface($ip) {
2776	27625b39	Scott Ullrich	global $config;
2777	abcb2bed	Ermal Lu?i	if (is_array($config['virtualip']['vip'])) {
2778			foreach ($config['virtualip']['vip'] as $vip) {
2779			if ($vip['mode'] == "carp" \|\| $vip['mode'] == "carpdev") {
2780	564df7c2	Ermal Lu?i	$carp_ip = get_interface_ip($vip['interface']);
2781	c55e4580	Chris Buechler	$if = `ifconfig \| grep '$ip ' -B1 \| head -n1 \| cut -d: -f1`;
2782	27625b39	Scott Ullrich	if ($if)
2783			return $if;
2784	abcb2bed	Ermal Lu?i	}
2785			}
2786			}
2787			}
2788
2789			function link_carp_interface_to_parent($interface) {
2790			global $config;
2791
2792			if ($interface == "")
2793			return;
2794
2795	564df7c2	Ermal Lu?i	$carp_ip = get_interface_ip($interface);
2796	abcb2bed	Ermal Lu?i	if (!is_ipaddr($carp_ip))
2797			return;
2798
2799			/* if list */
2800			$ifdescrs = get_configured_interface_list();
2801			foreach ($ifdescrs as $ifdescr => $ifname) {
2802			$interfaceip = get_interface_ip($ifname);
2803			$subnet_bits = get_interface_subnet($ifname);
2804			$subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
2805			if(ip_in_subnet($carp_ip, "{$subnet_ip}/{$subnet_bits}"))
2806			return $ifname;
2807			}
2808
2809			return "";
2810			}
2811
2812			/***f interfaces/link_ip_to_carp_interface
2813			* NAME
2814			* link_ip_to_carp_interface - Find where a CARP interface links to.
2815			* INPUTS
2816			* $ip
2817			* RESULT
2818			* $carp_ints
2819			******/
2820			function link_ip_to_carp_interface($ip) {
2821			global $config;
2822
2823			if (!is_ipaddr($ip))
2824			return;
2825
2826			$carp_ints = "";
2827			if (is_array($config['virtualip']['vip'])) {
2828	1d002dc9	Ermal	$first = 0;
2829	3fbc3487	Ermal	$carp_int = array();
2830	abcb2bed	Ermal Lu?i	foreach ($config['virtualip']['vip'] as $vip) {
2831			if ($vip['mode'] == "carp" \|\| $vip['mode'] == "carpdev") {
2832	6b060a2f	Scott Ullrich	$carp_ip = $vip['subnet'];
2833	abcb2bed	Ermal Lu?i	$carp_sn = $vip['subnet_bits'];
2834			$carp_nw = gen_subnet($carp_ip, $carp_sn);
2835	3fbc3487	Ermal	if (ip_in_subnet($ip, "{$carp_nw}/{$carp_sn}"))
2836			$carp_int[] = "vip{$vip['vhid']}";
2837	abcb2bed	Ermal Lu?i	}
2838			}
2839	3fbc3487	Ermal	if (!empty($carp_int))
2840			$carp_ints = implode(" ", array_unique($carp_int));
2841	abcb2bed	Ermal Lu?i	}
2842
2843			return $carp_ints;
2844			}
2845
2846	7850de1c	Ermal Lu?i	function link_interface_to_vlans($int, $action = "") {
2847			global $config;
2848
2849			if (empty($int))
2850			return;
2851
2852			if (is_array($config['vlans']['vlan'])) {
2853			foreach ($config['vlans']['vlan'] as $vlan) {
2854	fa4a331f	Ermal	if ($int == $vlan['if']) {
2855	7850de1c	Ermal Lu?i	if ($action == "update") {
2856	fa4a331f	Ermal	interfaces_bring_up($int);
2857	7850de1c	Ermal Lu?i	} else if ($action == "")
2858			return $vlan;
2859			}
2860			}
2861			}
2862			}
2863
2864			function link_interface_to_vips($int, $action = "") {
2865	e5ac67ed	Ermal Lu?i	global $config;
2866
2867			if (is_array($config['virtualip']['vip']))
2868			foreach ($config['virtualip']['vip'] as $vip)
2869	7850de1c	Ermal Lu?i	if ($int == $vip['interface']) {
2870			if ($action == "update")
2871			interfaces_vips_configure($int);
2872			else
2873			return $vip;
2874			}
2875	e5ac67ed	Ermal Lu?i	}
2876
2877	afb2de1b	Ermal Lu?i	/***f interfaces/link_interface_to_bridge
2878			* NAME
2879			* link_interface_to_bridge - Finds out a bridge group for an interface
2880			* INPUTS
2881			* $ip
2882			* RESULT
2883			* bridge[0-99]
2884			******/
2885			function link_interface_to_bridge($int) {
2886			global $config;
2887
2888	a639bb91	Ermal	if (is_array($config['bridges']['bridged'])) {
2889			foreach ($config['bridges']['bridged'] as $bridge) {
2890			if (in_array($int, explode(',', $bridge['members'])))
2891	afb2de1b	Ermal Lu?i	return "{$bridge['bridgeif']}";
2892	a639bb91	Ermal	}
2893			}
2894	afb2de1b	Ermal Lu?i	}
2895
2896			function link_interface_to_gre($interface) {
2897			global $config;
2898
2899			if (is_array($config['gres']['gre']))
2900			foreach ($config['gres']['gre'] as $gre)
2901			if($gre['if'] == $interface)
2902	a639bb91	Ermal	return $gre;
2903	afb2de1b	Ermal Lu?i	}
2904
2905			function link_interface_to_gif($interface) {
2906			global $config;
2907
2908			if (is_array($config['gifs']['gif']))
2909			foreach ($config['gifs']['gif'] as $gif)
2910			if($gif['if'] == $interface)
2911	a639bb91	Ermal	return $gif;
2912	afb2de1b	Ermal Lu?i	}
2913
2914			/*
2915			* find_interface_ip($interface): return the interface ip (first found)
2916			*/
2917			function find_interface_ip($interface, $flush = false)
2918			{
2919			global $interface_ip_arr_cache;
2920
2921			$interface = str_replace("\n", "", $interface);
2922	00380613	Scott Ullrich
2923	8256f324	gnhb	if (!does_interface_exist($interface))
2924	afb2de1b	Ermal Lu?i	return;
2925
2926			/* Setup IP cache */
2927			if (!isset($interface_ip_arr_cache[$interface]) or $flush) {
2928	3f70e618	Ermal Lu?i	$ifinfo = pfSense_get_interface_addresses($interface);
2929			$interface_ip_arr_cache[$interface] = $ifinfo['ipaddr'];
2930	afb2de1b	Ermal Lu?i	}
2931
2932			return $interface_ip_arr_cache[$interface];
2933			}
2934
2935			function find_interface_subnet($interface, $flush = false)
2936			{
2937			global $interface_sn_arr_cache;
2938
2939			$interface = str_replace("\n", "", $interface);
2940			if (does_interface_exist($interface) == false)
2941			return;
2942
2943			if (!isset($interface_sn_arr_cache[$interface]) or $flush) {
2944	bd96e1fe	Ermal Lu?i	$ifinfo = pfSense_get_interface_addresses($interface);
2945			$interface_sn_arr_cache[$interface] = $ifinfo['subnetbits'];
2946	afb2de1b	Ermal Lu?i	}
2947
2948			return $interface_sn_arr_cache[$interface];
2949			}
2950
2951	e88fbe50	Ermal Lu?i	function get_interface_ip($interface = "wan")
2952			{
2953	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
2954	afb2de1b	Ermal Lu?i	if (!$realif) {
2955			if (preg_match("/^carp/i", $interface))
2956			$realif = $interface;
2957	564df7c2	Ermal Lu?i	else if (preg_match("/^vip/i", $interface))
2958			$realif = $interface;
2959	afb2de1b	Ermal Lu?i	else
2960			return null;
2961			}
2962
2963	5e041d5f	Scott Ullrich	$curip = find_interface_ip($realif);
2964			if ($curip && is_ipaddr($curip) && ($curip != "0.0.0.0"))
2965			return $curip;
2966	8256f324	gnhb	else
2967			return null;
2968	5b237745	Scott Ullrich	}
2969
2970	e88fbe50	Ermal Lu?i	function get_interface_subnet($interface = "wan")
2971			{
2972	31b24870	Ermal Luçi	$realif = get_real_interface($interface);
2973	e88fbe50	Ermal Lu?i	if (!$realif) {
2974			if (preg_match("/^carp/i", $interface))
2975			$realif = $interface;
2976	564df7c2	Ermal Lu?i	else if (preg_match("/^vip/i", $interface))
2977			$realif = $interface;
2978	e88fbe50	Ermal Lu?i	else
2979			return null;
2980			}
2981
2982	5e041d5f	Scott Ullrich	$cursn = find_interface_subnet($realif);
2983			if (!empty($cursn))
2984	31b24870	Ermal Luçi	return $cursn;
2985
2986			return null;
2987			}
2988
2989	52947718	Ermal Lu?i	/* return outside interfaces with a gateway */
2990			function get_interfaces_with_gateway() {
2991	77ccab82	Scott Ullrich	global $config;
2992	52947718	Ermal Lu?i
2993			$ints = array();
2994
2995			/* loop interfaces, check config for outbound */
2996	77ccab82	Scott Ullrich	foreach($config['interfaces'] as $ifdescr => $ifname) {
2997	9c43432a	Ermal	if (substr($ifdescr, 0, 5) == "ovpnc")
2998	7970b622	Ermal	return true;
2999	9ebe7028	gnhb
3000	77ccab82	Scott Ullrich	switch ($ifname['ipaddr']) {
3001			case "dhcp":
3002			case "carpdev-dhcp":
3003	39f750b5	gnhb	case "ppp";
3004	77ccab82	Scott Ullrich	case "pppoe":
3005			case "pptp":
3006	6d5446a2	Ermal	case "l2tp":
3007	9ebe7028	gnhb	case "ppp";
3008	6d5446a2	Ermal	$ints[$ifdescr] = $ifdescr;
3009	77ccab82	Scott Ullrich	break;
3010			default:
3011	611ae852	Ermal	if (!empty($ifname['gateway']))
3012	6d5446a2	Ermal	$ints[$ifdescr] = $ifdescr;
3013	77ccab82	Scott Ullrich	break;
3014			}
3015			}
3016			return $ints;
3017	52947718	Ermal Lu?i	}
3018
3019			/* return true if interface has a gateway */
3020			function interface_has_gateway($friendly) {
3021	6d5446a2	Ermal	global $config;
3022	52947718	Ermal Lu?i
3023	6d5446a2	Ermal	if (!empty($config['interfaces'][$friendly])) {
3024	9c43432a	Ermal	if (substr($friendly, 0, 5) == "ovpnc")
3025	7970b622	Ermal	return true;
3026	6d5446a2	Ermal	$ifname =& $config['interfaces'][$friendly];
3027			switch ($ifname['ipaddr']) {
3028			case "dhcp":
3029			case "carpdev-dhcp":
3030			case "pppoe":
3031			case "pptp":
3032			case "l2tp":
3033			case "ppp";
3034			return true;
3035			break;
3036			default:
3037			if (!empty($ifname['gateway']))
3038			return true;
3039			break;
3040			}
3041			}
3042	52947718	Ermal Lu?i
3043			return false;
3044			}
3045
3046	a57b119e	Bill Marquette	/***f interfaces/is_altq_capable
3047			* NAME
3048			* is_altq_capable - Test if interface is capable of using ALTQ
3049			* INPUTS
3050			* $int - string containing interface name
3051			* RESULT
3052			* boolean - true or false
3053			******/
3054
3055	eba938e3	Scott Ullrich	function is_altq_capable($int) {
3056	a57b119e	Bill Marquette	/* Per:
3057	64fe3233	Seth Mos	* http://www.freebsd.org/cgi/man.cgi?query=altq&manpath=FreeBSD+7.2-current&format=html
3058	a57b119e	Bill Marquette	* Only the following drivers have ALTQ support
3059			*/
3060	64fe3233	Seth Mos	$capable = array("age", "ale", "an", "ath", "aue", "awi", "bce",
3061			"bfe", "bge", "dc", "de", "ed", "em", "ep", "fxp", "gem",
3062			"hme", "ipw", "iwi", "jme", "le", "msk", "mxge", "my", "nfe",
3063			"npe", "nve", "ral", "re", "rl", "rum", "sf", "sis", "sk",
3064			"ste", "stge", "txp", "udav", "ural", "vge", "vr", "wi", "xl",
3065	58507f89	Ermal Lu?i	"ndis", "tun", "ovpns", "ovpnc", "vlan", "pppoe", "pptp", "ng", "ppp");
3066	a57b119e	Bill Marquette
3067			$int_family = preg_split("/[0-9]+/", $int);
3068
3069			if (in_array($int_family[0], $capable))
3070			return true;
3071	2f3446db	Ermal Lu?i	else if (stristr($int_family, "vlan")) /* VLANs are name $parent.$vlan now */
3072			return true;
3073	a57b119e	Bill Marquette	else
3074			return false;
3075			}
3076
3077	52947718	Ermal Lu?i	/***f interfaces/is_interface_wireless
3078			* NAME
3079			* is_interface_wireless - Returns if an interface is wireless
3080			* RESULT
3081			* $tmp - Returns if an interface is wireless
3082			******/
3083			function is_interface_wireless($interface) {
3084			global $config, $g;
3085
3086			$friendly = convert_real_interface_to_friendly_interface_name($interface);
3087	10394059	Scott Ullrich	if(!isset($config['interfaces'][$friendly]['wireless'])) {
3088	52947718	Ermal Lu?i	if (preg_match($g['wireless_regex'], $interface)) {
3089			$config['interfaces'][$friendly]['wireless'] = array();
3090			return true;
3091			}
3092			unset($config['interfaces'][$friendly]['wireless']);
3093			return false;
3094			} else
3095			return true;
3096			}
3097
3098	eba938e3	Scott Ullrich	function get_wireless_modes($interface) {
3099	d8c67d69	Scott Ullrich	/* return wireless modes and channels */
3100	92f7d37d	Ermal Luçi	$wireless_modes = array();
3101
3102	1b773d20	Ermal Lu?i	$wlif = interface_translate_type_to_real($interface);
3103
3104			if(is_interface_wireless($wlif)) {
3105	10394059	Scott Ullrich	$cloned_interface = get_real_interface($interface);
3106	1b773d20	Ermal Lu?i	$chan_list = "/sbin/ifconfig {$cloned_interface} list chan";
3107			$stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'";
3108	1de74081	Ermal Lu?i	$format_list = "/usr/bin/awk '{print \$5 \" \" \$6 \",\" \$1}'";
3109	d8c67d69	Scott Ullrich
3110	4b0e71db	Scott Ullrich	$interface_channels = "";
3111	d8c67d69	Scott Ullrich	exec("$chan_list \| $stack_list \| sort -u \| $format_list 2>&1", $interface_channels);
3112			$interface_channel_count = count($interface_channels);
3113
3114			$c = 0;
3115			while ($c < $interface_channel_count)
3116			{
3117			$channel_line = explode(",", $interface_channels["$c"]);
3118			$wireless_mode = trim($channel_line[0]);
3119			$wireless_channel = trim($channel_line[1]);
3120	4066776d	Scott Ullrich	if(trim($wireless_mode) != "") {
3121			/* if we only have 11g also set 11b channels */
3122			if($wireless_mode == "11g") {
3123	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11b"]))
3124			$wireless_modes["11b"] = array();
3125	39c1349c	Erik Fonnesbeck	} else if($wireless_mode == "11g ht") {
3126	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11b"]))
3127			$wireless_modes["11b"] = array();
3128			if(!isset($wireless_modes["11g"]))
3129			$wireless_modes["11g"] = array();
3130	39c1349c	Erik Fonnesbeck	$wireless_mode = "11ng";
3131			} else if($wireless_mode == "11a ht") {
3132	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11a"]))
3133			$wireless_modes["11a"] = array();
3134	39c1349c	Erik Fonnesbeck	$wireless_mode = "11na";
3135	4066776d	Scott Ullrich	}
3136			$wireless_modes["$wireless_mode"]["$c"] = $wireless_channel;
3137			}
3138	d8c67d69	Scott Ullrich	$c++;
3139			}
3140			}
3141	4066776d	Scott Ullrich	return($wireless_modes);
3142	d8c67d69	Scott Ullrich	}
3143
3144	f4094f0d	Erik Fonnesbeck	/* return channel numbers, frequency, max txpower, and max regulation txpower */
3145			function get_wireless_channel_info($interface) {
3146			$wireless_channels = array();
3147
3148			$wlif = interface_translate_type_to_real($interface);
3149
3150			if(is_interface_wireless($wlif)) {
3151			$cloned_interface = get_real_interface($interface);
3152			$chan_list = "/sbin/ifconfig {$cloned_interface} list txpower";
3153			$stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'";
3154			$format_list = "/usr/bin/awk '{print \$1 \",\" \$3 \" \" \$4 \",\" \$5 \",\" \$7}'";
3155
3156			$interface_channels = "";
3157			exec("$chan_list \| $stack_list \| sort -u \| $format_list 2>&1", $interface_channels);
3158
3159			foreach ($interface_channels as $channel_line) {
3160			$channel_line = explode(",", $channel_line);
3161			if(!isset($wireless_channels[$channel_line[0]]))
3162			$wireless_channels[$channel_line[0]] = $channel_line;
3163			}
3164			}
3165			return($wireless_channels);
3166			}
3167
3168	52947718	Ermal Lu?i	/***f interfaces/get_interface_mtu
3169			* NAME
3170			* get_interface_mtu - Return the mtu of an interface
3171			* RESULT
3172			* $tmp - Returns the mtu of an interface
3173			******/
3174			function get_interface_mtu($interface) {
3175	bd96e1fe	Ermal Lu?i	$mtu = pfSense_get_interface_addresses($interface);
3176			return $mtu['mtu'];
3177	52947718	Ermal Lu?i	}
3178
3179	eba938e3	Scott Ullrich	function get_interface_mac($interface) {
3180	7d6076f3	Ermal Lu?i
3181	3f70e618	Ermal Lu?i	$macinfo = pfSense_get_interface_addresses($interface);
3182			return $macinfo["macaddr"];
3183	f2ba47f8	Ermal Lu?i	}
3184
3185			/***f pfsense-utils/generate_random_mac_address
3186			* NAME
3187			* generate_random_mac - generates a random mac address
3188			* INPUTS
3189			* none
3190			* RESULT
3191			* $mac - a random mac address
3192			******/
3193			function generate_random_mac_address() {
3194			$mac = "02";
3195			for($x=0; $x<5; $x++)
3196			$mac .= ":" . dechex(rand(16, 255));
3197			return $mac;
3198	53c82ef9	Scott Ullrich	}
3199	b7ec2b9e	Scott Ullrich
3200	52947718	Ermal Lu?i	/***f interfaces/is_jumbo_capable
3201			* NAME
3202			* is_jumbo_capable - Test if interface is jumbo frame capable. Useful for determining VLAN capability.
3203			* INPUTS
3204			* $int - string containing interface name
3205			* RESULT
3206			* boolean - true or false
3207			******/
3208			function is_jumbo_capable($int) {
3209			global $g;
3210
3211			$int_family = preg_split("/[0-9]+/", $int);
3212
3213			if (in_array($int_family[0], $g['vlan_long_frame']))
3214			return true;
3215			else
3216			return false;
3217			}
3218
3219	5c8e8a17	gnhb	function setup_pppoe_reset_file($pppif, $iface="") {
3220	55f3ca1d	gnhb	global $g;
3221	5c8e8a17	gnhb	$cron_file = "{$g['varetc_path']}/pppoe_restart_{$pppif}";
3222	766bd6d0	gnhb
3223	5c8e8a17	gnhb	if(!empty($iface) && !empty($pppif)){
3224	766bd6d0	gnhb	$cron_cmd = "#!/bin/sh\necho '<?php require(\"config.inc\"); require(\"interfaces.inc\"); interface_reconfigure({$iface}); log_error(\"PPPoE periodic reset executed on {$iface}\"); ?>' \| /usr/local/bin/php -q";
3225			file_put_contents($cron_file, $cron_cmd);
3226			chmod($cron_file, 0700);
3227	55f3ca1d	gnhb	sigkillbypid("{$g['varrun_path']}/cron.pid", "HUP");
3228	a5d6f60b	Ermal Lu?i	} else
3229	766bd6d0	gnhb	unlink_if_exists($cron_file);
3230	b7ec2b9e	Scott Ullrich	}
3231
3232	7970b622	Ermal	?>

Project

General

Profile

pfSense