/etc/inc/interfaces.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/interfaces.inc @ a728d6f9

1	5b237745	Scott Ullrich	<?php
2	acc1e9d0	Scott Ullrich	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			interfaces.inc
5	eba938e3	Scott Ullrich	Copyright (C) 2004-2008 Scott Ullrich
6	58936a34	Ermal Lu?i	Copyright (C) 2008-2009 Ermal Lu?i
7	ac3f8318	Espen Johansen	All rights reserved.
8
9			function interfaces_wireless_configure is
10			Copyright (C) 2005 Espen Johansen
11	cfc707f7	Scott Ullrich	All rights reserved.
12
13			originally part of m0n0wall (http://m0n0.ch/wall)
14	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
15			All rights reserved.
16	cfc707f7	Scott Ullrich
17	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
18			modification, are permitted provided that the following conditions are met:
19	cfc707f7	Scott Ullrich
20	ac3f8318	Espen Johansen	1. Redistributions of source code must retain the above copyright notices,
21	5b237745	Scott Ullrich	this list of conditions and the following disclaimer.
22	cfc707f7	Scott Ullrich
23	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
24	ac3f8318	Espen Johansen	notices, this list of conditions and the following disclaimer in the
25	5b237745	Scott Ullrich	documentation and/or other materials provided with the distribution.
26	cfc707f7	Scott Ullrich
27	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
28			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
29			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
30			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
31			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36			POSSIBILITY OF SUCH DAMAGE.
37	523855b0	Scott Ullrich
38	abcb2bed	Ermal Lu?i	pfSense_BUILDER_BINARIES: /usr/sbin/pppd /sbin/dhclient /bin/sh /usr/bin/grep /usr/bin/xargs /usr/bin/awk /usr/local/sbin/choparp
39	89c52814	Ermal	pfSense_BUILDER_BINARIES: /sbin/ifconfig /sbin/route /usr/sbin/ngctl /usr/sbin/arp /bin/kill /usr/local/sbin/mpd5
40	523855b0	Scott Ullrich	pfSense_MODULE: interfaces
41
42	5b237745	Scott Ullrich	*/
43
44			/* include all configuration functions */
45	7387844e	Chris Buechler	require_once("globals.inc");
46	483e6de8	Scott Ullrich	require_once("cmd_chain.inc");
47	5b237745	Scott Ullrich
48	b5b957fe	Scott Ullrich	function interfaces_bring_up($interface) {
49			if(!$interface) {
50	ec054b7c	Scott Ullrich	log_error("interfaces_bring_up() was called but no variable defined.");
51			log_error( "Backtrace: " . debug_backtrace() );
52	b5b957fe	Scott Ullrich	return;
53			}
54			mwexec("/sbin/ifconfig " . escapeshellarg($interface) . " up");
55			}
56
57	52947718	Ermal Lu?i	/*
58			* Return the interface array
59			*/
60			function get_interface_arr($flush = false) {
61			global $interface_arr_cache;
62
63			/* If the cache doesn't exist, build it */
64			if (!isset($interface_arr_cache) or $flush)
65	a652187d	Ermal Lu?i	$interface_arr_cache = `/sbin/ifconfig -l`;
66	52947718	Ermal Lu?i
67			return $interface_arr_cache;
68			}
69
70			/*
71			* does_interface_exist($interface): return true or false if a interface is
72			* detected.
73			*/
74			function does_interface_exist($interface) {
75			global $config;
76
77			if(!$interface)
78			return false;
79
80			$ints = get_interface_arr();
81			if(stristr($ints, $interface) !== false)
82			return true;
83			else
84			return false;
85			}
86
87	eba938e3	Scott Ullrich	function interfaces_loopback_configure() {
88	7a6f7c55	Scott Ullrich	if($g['booting'])
89			echo "Configuring loopback interface...";
90	5b237745	Scott Ullrich	mwexec("/sbin/ifconfig lo0 127.0.0.1");
91	b5b957fe	Scott Ullrich	interfaces_bring_up("lo0");
92	0aca91d0	Scott Ullrich	exec("/sbin/route add 127.0.0.2 127.0.0.1");
93	7a6f7c55	Scott Ullrich	if($g['booting'])
94			echo "done.\n";
95	5b237745	Scott Ullrich	return 0;
96			}
97
98	eba938e3	Scott Ullrich	function interfaces_vlan_configure() {
99	7a6f7c55	Scott Ullrich	global $config, $g;
100	87519eb7	Scott Ullrich	if($g['booting'])
101	7a6f7c55	Scott Ullrich	echo "Configuring VLAN interfaces...";
102	5b6eac01	Scott Ullrich	if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) {
103	e1c449c0	Ermal Lu?i	foreach ($config['vlans']['vlan'] as $vlan) {
104	f620d00d	Ermal Luçi	if(empty($vlan['vlanif']))
105	48315e65	Ermal Luci	$vlan['vlanif'] = "{$vlan['if']}_vlan{$vlan['tag']}";
106	5b6eac01	Scott Ullrich	/* XXX: Maybe we should report any errors?! */
107	5f1e1d26	Ermal Lu?i	interface_vlan_configure($vlan);
108	517feb1c	Seth Mos	}
109	5b6eac01	Scott Ullrich	}
110	87519eb7	Scott Ullrich	if($g['booting'])
111	7a6f7c55	Scott Ullrich	echo "done.\n";
112	2075fadb	Ermal Luçi	}
113	cfc707f7	Scott Ullrich
114	abcb2bed	Ermal Lu?i	function interface_vlan_configure(&$vlan) {
115	2075fadb	Ermal Luçi	global $config, $g;
116	161040eb	Scott Ullrich
117	5f1e1d26	Ermal Lu?i	if (!is_array($vlan)) {
118			log_error("VLAN: called with wrong options. Problems with config!");
119			return;
120			}
121			$if = $vlan['if'];
122	48315e65	Ermal Luci	$vlanif = empty($vlan['vlanif']) ? "{$if}_vlan{$vlan['tag']}" : $vlan['vlanif'];
123	5f1e1d26	Ermal Lu?i	$tag = $vlan['tag'];
124
125	e1c449c0	Ermal Lu?i	if(empty($if)) {
126			log_error("interface_vlan_confgure called with if undefined.");
127	3ae4960c	Ermal Luçi	return;
128			}
129
130	37a53d16	Scott Ullrich	/* make sure the parent interface is up */
131	07101b63	Ermal Luçi	interfaces_bring_up($if);
132			/* Since we are going to add vlan(4) try to enable all that hardware supports. */
133			mwexec("/sbin/ifconfig {$if} vlanhwtag");
134			mwexec("/sbin/ifconfig {$if} vlanmtu");
135	f1c276a1	Ermal Lu?i	mwexec("/sbin/ifconfig {$if} vlanhwfilter");
136	cfc707f7	Scott Ullrich
137	4aca19b3	Scott Ullrich	if (!empty($vlanif) && does_interface_exist($vlanif)) {
138	37a53d16	Scott Ullrich	interface_bring_down($vlanif);
139	4aca19b3	Scott Ullrich	} else {
140	abcb2bed	Ermal Lu?i	$tmpvlanif = exec("/sbin/ifconfig vlan create");
141			mwexec("/sbin/ifconfig {$tmpvlanif} name {$vlanif}");
142	fe126e77	Ermal Lu?i	mwexec("/usr/sbin/ngctl name {$tmpvlanif}: {$vlanif}");
143	abcb2bed	Ermal Lu?i	}
144	67ee1ec5	Ermal Luçi
145	4aca19b3	Scott Ullrich	mwexec("/sbin/ifconfig {$vlanif} vlan " .
146			escapeshellarg($tag) . " vlandev " .
147			escapeshellarg($if));
148	2075fadb	Ermal Luçi
149	07101b63	Ermal Luçi	interfaces_bring_up($vlanif);
150	cfc707f7	Scott Ullrich
151	40b0b541	Ermal Lu?i	/* invalidate interface cache */
152			get_interface_arr(true);
153	3f7d2120	Bill Marquette
154	40b0b541	Ermal Lu?i	/* all vlans need to spoof their parent mac address, too. see
155			* ticket #1514: http://cvstrac.pfsense.com/tktview?tn=1514,33
156			*/
157			foreach($config['interfaces'] as $interfaces) {
158	4aca19b3	Scott Ullrich	if($interfaces['if'] == $if && $interfaces['spoofmac']) {
159			mwexec("/sbin/ifconfig " . escapeshellarg($vlanif) .
160			" link " . escapeshellarg($interfaces['spoofmac']));
161			}
162			}
163	cfc707f7	Scott Ullrich
164	4aca19b3	Scott Ullrich	/* XXX: ermal -- for now leave it here at the moment it does not hurt. */
165	07101b63	Ermal Luçi	interfaces_bring_up($if);
166	cfc707f7	Scott Ullrich
167	4aca19b3	Scott Ullrich	return $vlanif;
168	5b237745	Scott Ullrich	}
169
170	abcb2bed	Ermal Lu?i	function interface_qinq_configure(&$vlan, $fd = NULL) {
171	5f1e1d26	Ermal Lu?i	global $config, $g;
172
173	c1289cfd	Ermal Lu?i	if (!is_array($vlan)) {
174			log_error("QinQ compat VLAN: called with wrong options. Problems with config!\n");
175	5f1e1d26	Ermal Lu?i	return;
176			}
177
178	42bad812	Ermal Lu?i	$qinqif = $vlan['if'];
179	c1289cfd	Ermal Lu?i	$tag = $vlan['tag'];
180	a726c0e8	Ermal Lu?i	if(empty($qinqif)) {
181	c1289cfd	Ermal Lu?i	log_error("interface_qinq_confgure called with if undefined.\n");
182			return;
183			}
184	4400ad66	Ermal Lu?i	$vlanif = interface_vlan_configure($vlan);
185	5f1e1d26	Ermal Lu?i
186	c1289cfd	Ermal Lu?i	if ($fd == NULL) {
187			$exec = true;
188			$fd = fopen("{$g['tmp_path']}/netgraphcmd", "w");
189			} else
190			$exec = false;
191	5f1e1d26	Ermal Lu?i	/* make sure the parent is converted to ng_vlan(4) and is up */
192	42bad812	Ermal Lu?i	interfaces_bring_up($qinqif);
193	5f1e1d26	Ermal Lu?i
194	abcb2bed	Ermal Lu?i	if (!empty($vlanif) && does_interface_exist($vlanif)) {
195	42bad812	Ermal Lu?i	fwrite($fd, "shutdown {$qinqif}qinq:\n");
196			exec("/usr/sbin/ngctl msg {$qinqif}qinq: gettable", $result);
197	c1289cfd	Ermal Lu?i	if (empty($result)) {
198	42bad812	Ermal Lu?i	fwrite($fd, "mkpeer {$qinqif}: vlan lower downstream\n");
199	4400ad66	Ermal Lu?i	fwrite($fd, "name {$qinqif}:lower {$vlanif}qinq\n");
200			fwrite($fd, "connect {$qinqif}: {$vlanif}qinq: upper nomatch\n");
201	c1289cfd	Ermal Lu?i	}
202	5f1e1d26	Ermal Lu?i	} else {
203	42bad812	Ermal Lu?i	fwrite($fd, "mkpeer {$qinqif}: vlan lower downstream\n");
204	4400ad66	Ermal Lu?i	fwrite($fd, "name {$qinqif}:lower {$vlanif}qinq\n");
205			fwrite($fd, "connect {$qinqif}: {$vlanif}qinq: upper nomatch\n");
206	c1289cfd	Ermal Lu?i	}
207	5f1e1d26	Ermal Lu?i
208			/* invalidate interface cache */
209			get_interface_arr(true);
210
211	42bad812	Ermal Lu?i	if (!stristr($qinqif, "vlan"))
212			mwexec("/sbin/ifconfig {$qinqif} promisc\n");
213	5f1e1d26	Ermal Lu?i
214	4400ad66	Ermal Lu?i	$macaddr = get_interface_mac($qinqif);
215	c1289cfd	Ermal Lu?i	if (!empty($vlan['members'])) {
216			$members = explode(" ", $vlan['members']);
217			foreach ($members as $qtag) {
218			$qinq = array();
219	5f1e1d26	Ermal Lu?i	$qinq['tag'] = $qtag;
220			$qinq['if'] = $vlanif;
221	c1289cfd	Ermal Lu?i	interface_qinq2_configure($qinq, $fd, $macaddr);
222			}
223			}
224			if ($exec == true) {
225			fclose($fd);
226			mwexec("/usr/sbin/ngctl -f {$g['tmp_path']}/netgraphcmd");
227			}
228
229	42bad812	Ermal Lu?i	interfaces_bring_up($qinqif);
230	c1289cfd	Ermal Lu?i	if (!empty($vlan['members'])) {
231			$members = explode(" ", $vlan['members']);
232			foreach ($members as $qif)
233	4400ad66	Ermal Lu?i	interfaces_bring_up("{$vlanif}_{$qif}");
234	c1289cfd	Ermal Lu?i	}
235	5f1e1d26	Ermal Lu?i
236			return $vlanif;
237			}
238
239			function interfaces_qinq_configure() {
240	7a6f7c55	Scott Ullrich	global $config, $g;
241			if($g['booting'])
242			echo "Configuring QinQ interfaces...";
243			if (is_array($config['qinqs']['qinqentry']) && count($config['qinqs']['qinqentry'])) {
244			foreach ($config['qinqs']['qinqentry'] as $qinq) {
245			/* XXX: Maybe we should report any errors?! */
246	4400ad66	Ermal Lu?i	interface_qinq_configure($qinq);
247	7a6f7c55	Scott Ullrich	}
248	4400ad66	Ermal Lu?i	}
249			if($g['booting'])
250			echo "done.\n";
251	5f1e1d26	Ermal Lu?i	}
252
253	abcb2bed	Ermal Lu?i	function interface_qinq2_configure(&$qinq, $fd, $macaddr) {
254	c1289cfd	Ermal Lu?i	global $config, $g;
255	5f1e1d26	Ermal Lu?i
256			if (!is_array($qinq)) {
257	c1289cfd	Ermal Lu?i	log_error("QinQ compat VLAN: called with wrong options. Problems with config!\n");
258	5f1e1d26	Ermal Lu?i	return;
259			}
260
261			$if = $qinq['if'];
262			$tag = $qinq['tag'];
263	c1289cfd	Ermal Lu?i	$vlanif = "{$if}_{$tag}";
264	5f1e1d26	Ermal Lu?i	if(empty($if)) {
265	c1289cfd	Ermal Lu?i	log_error("interface_qinq_confgure called with if undefined.\n");
266	5f1e1d26	Ermal Lu?i	return;
267			}
268
269	4400ad66	Ermal Lu?i	fwrite($fd, "shutdown {$if}h{$tag}:\n");
270	c1289cfd	Ermal Lu?i	fwrite($fd, "mkpeer {$if}qinq: eiface {$if}{$tag} ether\n");
271			fwrite($fd, "name {$if}qinq:{$if}{$tag} {$if}h{$tag}\n");
272			fwrite($fd, "msg {$if}qinq: addfilter { vlan={$tag} hook=\"{$if}{$tag}\" }\n");
273			fwrite($fd, "msg {$if}h{$tag}: setifname \"{$vlanif}\"\n");
274	4400ad66	Ermal Lu?i	fwrite($fd, "msg {$if}h{$tag}: set {$macaddr}\n");
275	5f1e1d26	Ermal Lu?i
276	c1289cfd	Ermal Lu?i	/* invalidate interface cache */
277	5f1e1d26	Ermal Lu?i	get_interface_arr(true);
278
279			return $vlanif;
280			}
281
282	9f428275	Erik Fonnesbeck	function interfaces_create_wireless_clones() {
283			global $config;
284
285			if($g['booting'])
286			echo "Creating other wireless clone interfaces...";
287			if (is_array($config['wireless']['clone']) && count($config['wireless']['clone'])) {
288			foreach ($config['wireless']['clone'] as $clone) {
289			if(empty($clone['cloneif']))
290			continue;
291			if(does_interface_exist($clone['cloneif']))
292			continue;
293			/* XXX: Maybe we should report any errors?! */
294			if(interface_wireless_clone($clone['cloneif'], $clone))
295			if($g['booting'])
296			echo " " . $clone['cloneif'];
297			}
298			}
299			if($g['booting'])
300			echo " done.\n";
301			}
302
303	eba938e3	Scott Ullrich	function interfaces_bridge_configure() {
304	bad29bc6	Ermal Luçi	global $config;
305
306			$i = 0;
307	3134528d	Ermal Luçi	if (is_array($config['bridges']['bridged']) && count($config['bridges']['bridged'])) {
308			foreach ($config['bridges']['bridged'] as $bridge) {
309	f620d00d	Ermal Luçi	if(empty($bridge['bridgeif']))
310	bad29bc6	Ermal Luçi	$bridge['bridgeif'] = "bridge{$i}";
311			/* XXX: Maybe we should report any errors?! */
312			interface_bridge_configure($bridge);
313			$i++;
314			}
315			}
316			}
317
318	eba938e3	Scott Ullrich	function interface_bridge_configure(&$bridge) {
319	d7147b1c	Scott Ullrich	global $config, $g;
320	bad29bc6	Ermal Luçi
321	d7147b1c	Scott Ullrich	if (!is_array($bridge))
322			return -1;
323	bad29bc6	Ermal Luçi
324	dc97efaf	Ermal Luçi	if (empty($bridge['members'])) {
325			log_error("No members found on {$bridge['bridgeif']}");
326			return -1;
327			}
328
329	bad29bc6	Ermal Luçi	$members = explode(',', $bridge['members']);
330	70720671	Ermal Luçi	if (!count($members))
331	bad29bc6	Ermal Luçi	return -1;
332
333			$checklist = get_configured_interface_list();
334
335	fded24de	Ermal Luçi	if ($g['booting'] \|\| !empty($bridge['bridgeif'])) {
336	d7147b1c	Scott Ullrich	mwexec("/sbin/ifconfig {$bridge['bridgeif']} destroy");
337			mwexec("/sbin/ifconfig {$bridge['bridgeif']} create");
338			$bridgeif = $bridge['bridgeif'];
339			} else {
340			$bridgeif = exec("/sbin/ifconfig bridge create");
341			}
342	bad29bc6	Ermal Luçi
343	b64523c1	Ermal Luçi	/* Calculate smaller mtu and enforce it */
344	69e53ef0	Ermal Luçi	$smallermtu = 0;
345	b64523c1	Ermal Luçi	foreach ($members as $member) {
346			$realif = get_real_interface($member);
347			$mtu = get_interface_mtu($realif);
348	69e53ef0	Ermal Luçi	if ($smallermtu == 0 && !empty($mtu))
349			$smallermtu = $mtu;
350			else if (!empty($mtu) && $mtu < $smallermtu)
351	b64523c1	Ermal Luçi	$smallermtu = $mtu;
352			}
353
354	69e53ef0	Ermal Luçi	/* Just in case anything is not working well */
355			if ($smallermtu == 0)
356			$smallermtu = 1500;
357
358	bad29bc6	Ermal Luçi	/* Add interfaces to bridge */
359	31241000	Ermal Luçi	foreach ($members as $member) {
360	d7147b1c	Scott Ullrich	if (!array_key_exists($member, $checklist))
361			continue;
362	9ecce49f	Ermal Lu?i	$realif1 = get_real_interface($member);
363			$realif = escapeshellarg($realif1);
364	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
365	b64523c1	Ermal Luçi	mwexec("/sbin/ifconfig {$realif} mtu {$smallermtu}");
366	d7147b1c	Scott Ullrich	if(!$realif)
367			log_error("realif not defined in interfaces bridge - up");
368	9ecce49f	Ermal Lu?i	interfaces_bring_up($realif1);
369	31241000	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} addm {$realif}");
370	d7147b1c	Scott Ullrich	}
371	31241000	Ermal Luçi
372	bad29bc6	Ermal Luçi	if (isset($bridge['enablestp'])) {
373			/* Choose spanning tree proto */
374			mwexec("/sbin/ifconfig {$bridgeif} proto {$bridge['proto']}");
375
376	dc97efaf	Ermal Luçi	if (!empty($bridge['stp'])) {
377			$stpifs = explode(',', $bridge['stp']);
378			foreach ($stpifs as $stpif) {
379			$realif = get_real_interface($stpif);
380			mwexec("/sbin/ifconfig {$bridgeif} stp {$realif}");
381			}
382	bad29bc6	Ermal Luçi	}
383	dc97efaf	Ermal Luçi	if (!empty($bridge['maxage']))
384	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} maxage {$bridge['maxage']}");
385	dc97efaf	Ermal Luçi	if (!empty($brige['fwdelay']))
386	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} fwddelay {$bridge['fwdelay']}");
387	dc97efaf	Ermal Luçi	if (!empty($brige['hellotime']))
388	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} hellotime {$bridge['hellotime']}");
389	dc97efaf	Ermal Luçi	if (!empty($brige['priority']))
390	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} priority {$bridge['priority']}");
391	dc97efaf	Ermal Luçi	if (!empty($brige['holdcount']))
392	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} holdcnt {$bridge['holdcnt']}");
393	dc97efaf	Ermal Luçi	if (!empty($bridge['ifpriority'])) {
394			$pconfig = explode(",", $bridge['ifpriority']);
395			$ifpriority = array();
396			foreach ($pconfig as $cfg) {
397			$embcfg = explode(":", $cfg);
398			foreach ($embcfg as $key => $value)
399			$ifpriority[$key] = $value;
400			}
401			foreach ($ifpriority as $key => $value) {
402			$realif = get_real_interface($key);
403			mwexec("/sbin/ifconfig ${bridgeif} ifpriority {$realif} {$value}");
404			}
405	bad29bc6	Ermal Luçi	}
406	dc97efaf	Ermal Luçi	if (!empty($bridge['ifpathcost'])) {
407			$pconfig = explode(",", $bridges['ifpathcost']);
408			$ifpathcost = array();
409			foreach ($pconfig as $cfg) {
410			$embcfg = explode(":", $cfg);
411			foreach ($embcfg as $key => $value)
412			$ifpathcost[$key] = $value;
413			}
414			foreach ($ifpathcost as $key => $value) {
415			$realif = get_real_interface($key);
416			mwexec("/sbin/ifconfig ${bridgeif} ifpathcost {$realif} {$value}");
417			}
418	bad29bc6	Ermal Luçi	}
419			}
420
421			if ($bridge['maxaddr'] <> "")
422			mwexec("/sbin/ifconfig {$bridgeif} maxaddr {$bridge['maxaddr']}");
423			if ($bridge['timeout'] <> "")
424			mwexec("/sbin/ifconfig {$bridgeif} timeout {$bridge['timeout']}");
425			if ($bridge['span'] <> "") {
426	85a5da13	Ermal Luçi	$realif = get_real_interface($bridge['span']);
427	bad29bc6	Ermal Luçi	mwexec("/sbin/ifconfig {$bridgeif} span {$realif}");
428			}
429	a47a5798	Ermal Luçi	if (!empty($bridge['edge'])) {
430			$edgeifs = explode(',', $bridge['edge']);
431			foreach ($edgeifs as $edgeif) {
432			$realif = get_real_interface($edgeif);
433			mwexec("/sbin/ifconfig {$bridgeif} edge {$realif}");
434			}
435			}
436			if (!empty($bridge['autoedge'])) {
437			$edgeifs = explode(',', $bridge['autoedge']);
438			foreach ($edgeifs as $edgeif) {
439			$realif = get_real_interface($edgeif);
440			mwexec("/sbin/ifconfig {$bridgeif} -autoedge {$realif}");
441			}
442			}
443			if (!empty($bridge['ptp'])) {
444			$ptpifs = explode(',', $bridge['ptp']);
445			foreach ($ptpifs as $ptpif) {
446			$realif = get_real_interface($ptpif);
447			mwexec("/sbin/ifconfig {$bridgeif} ptp {$realif}");
448			}
449			}
450			if (!empty($bridge['autoptp'])) {
451			$ptpifs = explode(',', $bridge['autoptp']);
452			foreach ($ptpifs as $ptpif) {
453			$realif = get_real_interface($ptpif);
454			mwexec("/sbin/ifconfig {$bridgeif} -autoptp {$realif}");
455			}
456			}
457			if (!empty($bridge['static'])) {
458			$stickyifs = explode(',', $bridge['static']);
459			foreach ($stickyifs as $stickyif) {
460			$realif = get_real_interface($stickyif);
461			mwexec("/sbin/ifconfig {$bridgeif} sticky {$realif}");
462			}
463			}
464			if (!empty($bridge['private'])) {
465			$privateifs = explode(',', $bridge['private']);
466			foreach ($privateifs as $privateif) {
467			$realif = get_real_interface($privateif);
468			mwexec("/sbin/ifconfig {$bridgeif} private {$realif}");
469			}
470			}
471	bad29bc6	Ermal Luçi
472	d7147b1c	Scott Ullrich	if($bridgeif)
473	b5b957fe	Scott Ullrich	interfaces_bring_up($bridgeif);
474	d7147b1c	Scott Ullrich	else
475			log_error("bridgeif not defined -- could not bring interface up");
476	bad29bc6	Ermal Luçi
477	d7147b1c	Scott Ullrich	return $bridgeif;
478	bad29bc6	Ermal Luçi	}
479
480	fcd4a425	Ermal Lu?i	function interface_bridge_add_member($bridgeif, $interface) {
481
482			if (!does_interface_exist($bridgeif) \|\| !does_interface_exist($interface))
483			return;
484
485			$mtu = get_interface_mtu($brigeif);
486			$mtum = get_interface_mtu($interface);
487
488			if ($mtu != $mtum)
489			mwexec("/sbin/ifconfig {$interface} mtu {$mtu}");
490
491			interfaces_bring_up($interface);
492			mwexec("/sbin/ifconfig {$bridgeif} addm {$interface}");
493			}
494
495	f620d00d	Ermal Luçi	function interfaces_lagg_configure()
496			{
497	7a6f7c55	Scott Ullrich	global $config, $g;
498			if($g['booting'])
499			echo "Configuring LAGG interfaces...";
500	cccf624b	Ermal Luçi	$i = 0;
501	7a6f7c55	Scott Ullrich	if (is_array($config['laggs']['lagg']) && count($config['laggs']['lagg'])) {
502			foreach ($config['laggs']['lagg'] as $lagg) {
503			if(empty($lagg['laggif']))
504			$lagg['laggif'] = "lagg{$i}";
505			/* XXX: Maybe we should report any errors?! */
506			interface_lagg_configure($lagg);
507			$i++;
508			}
509			}
510			if($g['booting'])
511			echo "done.\n";
512	cccf624b	Ermal Luçi	}
513
514	eba938e3	Scott Ullrich	function interface_lagg_configure(&$lagg) {
515	cccf624b	Ermal Luçi	global $config, $g;
516
517			if (!is_array($lagg))
518			return -1;
519
520			$members = explode(',', $lagg['members']);
521			if (!count($members))
522			return -1;
523
524	fe281019	Ermal Luçi	$checklist = get_interface_list();
525	cccf624b	Ermal Luçi
526	b64523c1	Ermal Luçi	if ($g['booting'] \|\| !(empty($lagg['laggif']))) {
527			mwexec("/sbin/ifconfig {$lagg['laggif']} destroy");
528			mwexec("/sbin/ifconfig {$lagg['laggif']} create");
529			$laggif = $lagg['laggif'];
530			} else
531			$laggif = exec("/sbin/ifconfig lagg create");
532
533			/* Calculate smaller mtu and enforce it */
534	69e53ef0	Ermal Luçi	$smallermtu = 0;
535	b64523c1	Ermal Luçi	foreach ($members as $member) {
536	39fbee97	Ermal Lu?i	$mtu = get_interface_mtu($member);
537	69e53ef0	Ermal Luçi	if ($smallermtu == 0 && !empty($mtu))
538			$smallermtu = $mtu;
539			else if (!empty($mtu) && $mtu < $smallermtu)
540	b64523c1	Ermal Luçi	$smallermtu = $mtu;
541			}
542
543	69e53ef0	Ermal Luçi	/* Just in case anything is not working well */
544			if ($smallermtu == 0)
545			$smallermtu = 1500;
546
547	cccf624b	Ermal Luçi	foreach ($members as $member) {
548			if (!array_key_exists($member, $checklist))
549			continue;
550	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
551	39fbee97	Ermal Lu?i	mwexec("/sbin/ifconfig {$member} mtu {$smallermtu}");
552			interfaces_bring_up($member);
553	f421cbcc	Ermal Lu?i	mwexec("/sbin/ifconfig {$laggif} laggport {$member}");
554	cccf624b	Ermal Luçi	}
555	b5b957fe	Scott Ullrich
556	39fbee97	Ermal Lu?i	mwexec("/sbin/ifconfig {$laggif} laggproto {$lagg['proto']}");
557	acc1e9d0	Scott Ullrich
558	b5b957fe	Scott Ullrich	interfaces_bring_up($laggif);
559	cccf624b	Ermal Luçi
560	d7147b1c	Scott Ullrich	return $laggif;
561	cccf624b	Ermal Luçi	}
562
563	eba938e3	Scott Ullrich	function interfaces_gre_configure() {
564	582d2452	Ermal Luçi	global $config;
565
566			$i = 0;
567			if (is_array($config['gres']['gre']) && count($config['gres']['gre'])) {
568			foreach ($config['gres']['gre'] as $gre) {
569	f620d00d	Ermal Luçi	if(empty($gre['greif']))
570	582d2452	Ermal Luçi	$gre['greif'] = "gre{$i}";
571			/* XXX: Maybe we should report any errors?! */
572			interface_gre_configure($gre);
573			$i++;
574			}
575			}
576			}
577
578	eba938e3	Scott Ullrich	function interface_gre_configure(&$gre) {
579	582d2452	Ermal Luçi	global $config, $g;
580
581			if (!is_array($gre))
582			return -1;
583
584	85a5da13	Ermal Luçi	$realif = get_real_interface($gre['if']);
585			$realifip = get_interface_ip($gre['if']);
586	582d2452	Ermal Luçi
587	d7147b1c	Scott Ullrich	/* make sure the parent interface is up */
588	b5b957fe	Scott Ullrich	interfaces_bring_up($realif);
589	582d2452	Ermal Luçi
590	d7147b1c	Scott Ullrich	if ($g['booting'] \|\| !(empty($gre['greif']))) {
591			mwexec("/sbin/ifconfig {$gre['greif']} destroy");
592			mwexec("/sbin/ifconfig {$gre['greif']} create");
593	582d2452	Ermal Luçi	$greif = $gre['greif'];
594	d7147b1c	Scott Ullrich	} else {
595			$greif = exec("/sbin/ifconfig gre create");
596			}
597	582d2452	Ermal Luçi
598			/* Do not change the order here for more see gre(4) NOTES section. */
599			mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} {$gre['remote-addr']}");
600	bd33ee57	Ermal Luçi	mwexec("/sbin/ifconfig {$greif} {$gre['tunnel-local-addr']} {$gre['tunnel-remote-addr']} netmask " . gen_subnet_mask($gre['tunnel-remote-net']));
601	582d2452	Ermal Luçi	if (isset($gre['link0']) && $gre['link0'])
602			mwexec("/sbin/ifconfig {$greif} link0");
603	d7147b1c	Scott Ullrich	if (isset($gre['link1']) && $gre['link1'])
604			mwexec("/sbin/ifconfig {$greif} link1");
605			if (isset($gre['link2']) && $gre['link2'])
606			mwexec("/sbin/ifconfig {$greif} link2");
607
608			if($greif)
609	b5b957fe	Scott Ullrich	interfaces_bring_up($greif);
610	d7147b1c	Scott Ullrich	else
611			log_error("Could not bring greif up -- variable not defined.");
612	582d2452	Ermal Luçi
613	53b0d9d3	Ermal Lu?i	if (isset($gre['link1']) && $gre['link1'])
614	61b67ab3	Ermal Lu?i	mwexec("/sbin/route add {$gre['tunnel-remote-addr']}/{$gre['tunnel-remote-net']} {$gre['tunnel-local-addr']}");
615	da179181	Administrator	file_put_contents("{$g['tmp_path']}/{$greif}_router", $gre['tunnel-remote-addr']);
616	582d2452	Ermal Luçi
617			return $greif;
618			}
619
620	eba938e3	Scott Ullrich	function interfaces_gif_configure() {
621	9006e9f8	Scott Ullrich	global $config;
622			$i = 0;
623			if (is_array($config['gifs']['gif']) && count($config['gifs']['gif'])) {
624			foreach ($config['gifs']['gif'] as $gif) {
625			if(empty($gif['gifif']))
626			$gre['gifif'] = "gif{$i}";
627			/* XXX: Maybe we should report any errors?! */
628			interface_gif_configure($gif);
629			$i++;
630			}
631			}
632	582d2452	Ermal Luçi	}
633
634	eba938e3	Scott Ullrich	function interface_gif_configure(&$gif) {
635	9006e9f8	Scott Ullrich	global $config, $g;
636	582d2452	Ermal Luçi
637	9006e9f8	Scott Ullrich	if (!is_array($gif))
638			return -1;
639	582d2452	Ermal Luçi
640	9006e9f8	Scott Ullrich	$realif = get_real_interface($gif['if']);
641			$realifip = get_interface_ip($gif['if']);
642	582d2452	Ermal Luçi
643	9006e9f8	Scott Ullrich	/* make sure the parent interface is up */
644			if($realif)
645			interfaces_bring_up($realif);
646			else
647			log_error("could not bring realif up -- variable not defined -- interface_gif_configure()");
648	582d2452	Ermal Luçi
649	9006e9f8	Scott Ullrich	if ($g['booting'] \|\| !(empty($gif['gifif']))) {
650			mwexec("/sbin/ifconfig {$gif['gifif']} destroy");
651			mwexec("/sbin/ifconfig {$gif['gifif']} create");
652			$gifif = $gif['gifif'];
653			} else
654			$gifif = exec("/sbin/ifconfig gif create");
655
656			/* Do not change the order here for more see gif(4) NOTES section. */
657			mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} {$gif['remote-addr']}");
658			mwexec("/sbin/ifconfig {$gifif} {$gif['tunnel-local-addr']} {$gif['tunnel-remote-addr']} netmask " . gen_subnet_mask($gif['tunnel-remote-net']));
659			if (isset($gif['link0']) && $gif['link0'])
660			mwexec("/sbin/ifconfig {$gifif} link0");
661			if (isset($gif['link1']) && $gif['link1'])
662			mwexec("/sbin/ifconfig {$gifif} link1");
663			if($gifif)
664			interfaces_bring_up($gifif);
665			else
666			log_error("could not bring gifif up -- variable not defined");
667
668	53b0d9d3	Ermal Lu?i	/* XXX: Needed?! */
669			//mwexec("/sbin/route add {$gif['tunnel-remote-addr']}/{$gif['tunnel-remote-net']} -iface {$gifif}");
670	61b67ab3	Ermal Lu?i	file_put_contents("{$g['tmp_path']}/{$gifif}_router", $gif['tunnel-remote-addr']);
671	582d2452	Ermal Luçi
672	9006e9f8	Scott Ullrich	return $gifif;
673	582d2452	Ermal Luçi	}
674
675	eba938e3	Scott Ullrich	function interfaces_configure() {
676	9b1c39e3	Ermal Luçi	global $config, $g;
677
678	a5d6f60b	Ermal Lu?i	/* Set up our loopback interface */
679	4aca19b3	Scott Ullrich	interfaces_loopback_configure();
680	a5d6f60b	Ermal Lu?i
681	541b7c56	Scott Ullrich	/* set up LAGG virtual interfaces */
682			interfaces_lagg_configure();
683
684	acc1e9d0	Scott Ullrich	/* set up VLAN virtual interfaces */
685			interfaces_vlan_configure();
686
687	5f1e1d26	Ermal Lu?i	interfaces_qinq_configure();
688
689	67ee1ec5	Ermal Luçi	$iflist = get_configured_interface_with_descr();
690	9b1c39e3	Ermal Luçi	$delayed_list = array();
691			$bridge_list = array();
692	b6db9217	Ermal Luçi
693	67ee1ec5	Ermal Luçi	foreach($iflist as $if => $ifname) {
694	0dc702f3	Ermal Lu?i	$realif = $config['interfaces'][$if]['if'];
695	b55307bf	Ermal Luçi	if(is_array($realif['pppoe']) && isset($realif['pppoe']['pppoe-reset-type']))
696	53c82ef9	Scott Ullrich	setup_pppoe_reset_file($if, true);
697			else
698			setup_pppoe_reset_file($if, false);
699	9b1c39e3	Ermal Luçi	if (strstr($realif, "bridge"))
700			$bridge_list[$if] = $ifname;
701			else if (strstr($realif, "gre"))
702			$delayed_list[$if] = $ifname;
703			else if (strstr($realif, "gif"))
704			$delayed_list[$if] = $ifname;
705			else {
706			if ($g['booting'])
707	d7147b1c	Scott Ullrich	echo "Configuring {$ifname} interface...";
708	9006e9f8	Scott Ullrich	if($g['debug'])
709	d7147b1c	Scott Ullrich	log_error("Configuring {$ifname}");
710	a5d6f60b	Ermal Lu?i	interface_configure($if, true);
711	9b1c39e3	Ermal Luçi	if ($g['booting'])
712	53c82ef9	Scott Ullrich	echo "done.\n";
713	9b1c39e3	Ermal Luçi	}
714			}
715
716	9f428275	Erik Fonnesbeck	/* create the unconfigured wireless clones */
717			interfaces_create_wireless_clones();
718
719	d7147b1c	Scott Ullrich	/* set up GRE virtual interfaces */
720			interfaces_gre_configure();
721	9b1c39e3	Ermal Luçi
722	d7147b1c	Scott Ullrich	/* set up GIF virtual interfaces */
723			interfaces_gif_configure();
724	9b1c39e3	Ermal Luçi
725			foreach ($delayed_list as $if => $ifname) {
726			if ($g['booting'])
727	d7147b1c	Scott Ullrich	echo "Configuring {$ifname} interface...";
728	a5d6f60b	Ermal Lu?i	if ($g['debug'])
729			log_error("Configuring {$ifname}");
730	67ee1ec5	Ermal Luçi
731	a5d6f60b	Ermal Lu?i	interface_configure($if, true);
732	4476d447	Ermal Luçi
733	9b1c39e3	Ermal Luçi	if ($g['booting'])
734			echo "done.\n";
735	67ee1ec5	Ermal Luçi	}
736	cfc707f7	Scott Ullrich
737	d7147b1c	Scott Ullrich	/* set up BRIDGe virtual interfaces */
738			interfaces_bridge_configure();
739	9b1c39e3	Ermal Luçi
740	d7147b1c	Scott Ullrich	foreach ($bridge_list as $if => $ifname) {
741			if ($g['booting'])
742			echo "Configuring {$ifname} interface...";
743			if($g['debug'])
744			log_error("Configuring {$ifname}");
745	9b1c39e3	Ermal Luçi
746	a5d6f60b	Ermal Lu?i	interface_configure($if, true);
747	9b1c39e3	Ermal Luçi
748	d7147b1c	Scott Ullrich	if ($g['booting'])
749			echo "done.\n";
750			}
751	9b1c39e3	Ermal Luçi
752	abcb2bed	Ermal Lu?i	/* bring up vip interfaces */
753			interfaces_vips_configure();
754	9b1c39e3	Ermal Luçi
755	42753d25	Ermal Lu?i	/* configure interface groups */
756			interfaces_group_setup();
757
758	5b237745	Scott Ullrich	if (!$g['booting']) {
759			/* reconfigure static routes (kernel may have deleted them) */
760			system_routing_configure();
761	cfc707f7	Scott Ullrich
762	5b237745	Scott Ullrich	/* reload IPsec tunnels */
763			vpn_ipsec_configure();
764	cfc707f7	Scott Ullrich
765	f620d00d	Ermal Luçi	/* reload dhcpd (interface enabled/disabled status may have changed) */
766	5b237745	Scott Ullrich	services_dhcpd_configure();
767	cfc707f7	Scott Ullrich
768	5b237745	Scott Ullrich	/* restart dnsmasq */
769			services_dnsmasq_configure();
770	4d18de6a	Scott Ullrich
771	c597d50f	Scott Ullrich	/* reload captive portal */
772			captiveportal_configure();
773
774	4d18de6a	Scott Ullrich	/* set the reload filter dity flag */
775	be38535c	Ermal Luçi	filter_configure();
776	5b237745	Scott Ullrich	}
777	cfc707f7	Scott Ullrich
778	5b237745	Scott Ullrich	return 0;
779			}
780
781	eba938e3	Scott Ullrich	function interface_reconfigure($interface = "wan") {
782	80bf3f4a	Ermal Luçi	interface_bring_down($interface);
783			interface_configure($interface);
784			}
785
786	abcb2bed	Ermal Lu?i	function interface_vip_bring_down(&$vip) {
787			switch ($vip['mode']) {
788			case "proxyarp":
789	123f030c	Chris Buechler	interface_proxyarp_configure();
790	abcb2bed	Ermal Lu?i	break;
791			case "ipalias":
792	435f11c8	Ermal Lu?i	$vipif = get_real_interface($vip['interface']);
793			if(does_interface_exist($vipif))
794			mwexec("/sbin/ifconfig {$vipif} delete {$vip['subnet']}");
795	abcb2bed	Ermal Lu?i	break;
796			case "carp":
797	12fafaf7	Chris Buechler	$vipif = "vip" . $vip['vhid'];
798	cb58f26c	Ermal Lu?i	if(does_interface_exist($vipif))
799			mwexec("/sbin/ifconfig {$vipif} destroy");
800	12fafaf7	Chris Buechler	break;
801	abcb2bed	Ermal Lu?i	case "carpdev-dhcp":
802	9e01d6eb	Scott Ullrich	$vipif = "vip" . $vip['vhid'];
803	cb58f26c	Ermal Lu?i	if(does_interface_exist($vipif))
804			mwexec("/sbin/ifconfig {$vipif} destroy");
805	abcb2bed	Ermal Lu?i	break;
806			}
807			}
808
809	97973ed8	Ermal Luçi	function interface_bring_down($interface = "wan", $destroy = false) {
810	80bf3f4a	Ermal Luçi	global $config, $g;
811
812	99c2a28b	Ermal Luçi	if (!isset($config['interfaces'][$interface]))
813			return;
814
815	80bf3f4a	Ermal Luçi	$ifcfg = $config['interfaces'][$interface];
816
817	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
818	80bf3f4a	Ermal Luçi
819	adec6851	Ermal Luçi
820	37a53d16	Scott Ullrich	/* remove interface up file if it exists */
821			unlink_if_exists("{$g['tmp_path']}/{$realif}up");
822			unlink_if_exists("{$g['vardb_path']}/{$interface}ip");
823	6955830f	Ermal Lu?i	unlink_if_exists("{$g['tmp_path']}/{$realif}_router");
824	0c56453c	Ermal Luçi
825	80bf3f4a	Ermal Luçi	switch ($ifcfg['ipaddr']) {
826			case "pppoe":
827			killbypid("{$g['varrun_path']}/pppoe_{$interface}.pid");
828	9006e9f8	Scott Ullrich	sleep(2);
829			unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf");
830			unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.links");
831	80bf3f4a	Ermal Luçi	break;
832			case "pptp":
833			killbypid("{$g['varrun_path']}/pptp_{$interface}.pid");
834	9006e9f8	Scott Ullrich	sleep(2);
835			unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf");
836			unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.links");
837	80bf3f4a	Ermal Luçi	break;
838			case "carpdev-dhcp":
839			/*
840			* NB: When carpdev gets enabled it would be better to be handled as all
841	37a53d16	Scott Ullrich	* other interfaces!
842	80bf3f4a	Ermal Luçi	*/
843			case "dhcp":
844	5d478ecc	Ermal Lu?i	$pid = find_dhclient_process($realif);
845	f07bee94	Scott Ullrich	if($pid)
846			mwexec("kill {$pid}");
847			sleep(1);
848			unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf");
849			if(does_interface_exist("$realif")) {
850	aef6d76f	Seth Mos	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true);
851	f07bee94	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " down");
852	5630c91c	Ermal Lu?i	mwexec("/usr/sbin/arp -d -i {$realif} -a");
853	f07bee94	Scott Ullrich	}
854	80bf3f4a	Ermal Luçi	break;
855	9ebe7028	gnhb	case "ppp":
856	c8b19dd3	Ermal	killbypid("{$g['varrun_path']}/ppp_{$interface}.pid");
857	9ebe7028	gnhb	break;
858	80bf3f4a	Ermal Luçi	default:
859	f07bee94	Scott Ullrich	if(does_interface_exist("$realif")) {
860	aef6d76f	Seth Mos	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true);
861	f07bee94	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " down");
862	5630c91c	Ermal Lu?i	mwexec("/usr/sbin/arp -d -i {$realif} -a");
863	f07bee94	Scott Ullrich	}
864	80bf3f4a	Ermal Luçi	break;
865			}
866	eb772abd	Scott Ullrich
867	b5582f49	Erik Fonnesbeck	/* hostapd and wpa_supplicant do not need to be running when the interface is down.
868			* They will also use 100% CPU if running after the wireless clone gets deleted. */
869			if (is_array($ifcfg['wireless'])) {
870			mwexec(kill_hostapd($realif));
871			mwexec(kill_wpasupplicant($realif));
872			}
873
874	97973ed8	Ermal Luçi	if ($destroy == true) {
875	c8b19dd3	Ermal	if (preg_match("/^tun\|^ovpn\|^gif\|^gre\|^lagg\|^bridge\|vlan/i", $realif))
876	f07bee94	Scott Ullrich	mwexec("/sbin/ifconfig {$realif} destroy");
877			}
878	9006e9f8	Scott Ullrich
879	80bf3f4a	Ermal Luçi	return;
880	5b237745	Scott Ullrich	}
881
882	611ae852	Ermal	function interface_ppp_configure($interface) {
883	7a6f7c55	Scott Ullrich	global $config, $g;
884	9ebe7028	gnhb
885	611ae852	Ermal	$wancfg =& $config['interfaces'][$interface];
886			if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
887			foreach ($config['ppps']['ppp'] as $ppp) {
888			if ($wancfg['if'] == basename($ppp['port']))
889			break;
890	064b183b	Scott Ullrich	}
891	611ae852	Ermal	}
892			if (!$ppp \|\| empty($ppp['port']))
893			return;
894
895	b28e0842	Ermal	if ($interface == "wan")
896	611ae852	Ermal	$pppid = "0";
897			else
898	b28e0842	Ermal	$pppid = substr($interface, 3);
899	611ae852	Ermal
900			$pppif = "ppp{$pppid}";
901
902	9ebe7028	gnhb	// mpd5 requires a /var/spool/lock directory
903			if(!is_dir("/var/spool/lock")) {
904			exec("/bin/mkdir -p /var/spool/lock");
905			exec("/bin/chmod a+rw /var/spool/lock/.");
906	4aca19b3	Scott Ullrich	}
907	9ebe7028	gnhb	if (!file_exists("{$g['varetc_path']}/mpd.script"))
908	611ae852	Ermal	mwexec("/bin/ln -s /usr/local/sbin/mpd.script {$g['varetc_path']}/.");
909	9ebe7028	gnhb
910	611ae852	Ermal	if($g['booting'])
911			echo " configuring PPP on {$pppif} interface...\n";
912	9b1c39e3	Ermal Luçi
913	611ae852	Ermal	/* generate mpd.conf */
914			$fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w");
915			if (!$fd) {
916			log_error("Error: cannot open mpd_{$interface}.conf in interface_ppp_configure().\n");
917			return 1;
918			}
919	3d8237f4	sullrich
920	611ae852	Ermal	// Construct the mpd.conf file
921			$mpdconf = <<<EOD
922	9ebe7028	gnhb	startup:
923			# configure mpd users
924			set user admin pfsense admin
925			set user user pfsense
926			# configure the console
927	f1123765	Ermal	set console self 127.0.0.1 500{$pppid}
928	9ebe7028	gnhb	set console open
929			# configure the web server
930	611ae852	Ermal	set web close
931	f1123765	Ermal	#set web self 127.0.0.1 550{$pppid}
932	9ebe7028	gnhb	#set web open
933
934	611ae852	Ermal	EOD;
935	9ebe7028	gnhb
936	611ae852	Ermal	if (is_ipaddr($ppp['localip']))
937			$localip = $ppp['localip'];
938			else
939			$localip = '0.0.0.0';
940			if (is_ipaddr($ppp['gateway']))
941			$localgw = $ppp['gateway'];
942			else
943			$localgw = "10.0.0.{$pppid}";
944
945			$mpdconf .= <<<EOD
946			default:
947			pppclient:
948			create bundle static {$interface}
949			set iface name {$pppif}
950			set iface up-script /usr/local/sbin/ppp-linkup
951			set iface down-script /usr/local/sbin/ppp-linkdown
952			set ipcp ranges {$localip}/0 {$localgw}/0
953	b28e0842	Ermal
954	9ebe7028	gnhb	EOD;
955
956	611ae852	Ermal	if (isset($config['system']['dnsallowoverride'])) {
957			$mpdconf .= <<<EOD
958	9ebe7028	gnhb	set ipcp yes req-pri-dns
959			set ipcp yes req-sec-dns
960
961			EOD;
962	611ae852	Ermal	}
963
964			if (isset($ppp['defaultgw'])) {
965			$mpdconf .= <<<EOD
966	9ebe7028	gnhb	set iface route default
967	4aca19b3	Scott Ullrich
968	9ebe7028	gnhb	EOD;
969	611ae852	Ermal	}
970
971			$mpdconf .= <<<EOD
972	9ebe7028	gnhb	# Create link.
973	611ae852	Ermal	create link static lnk{$interface} modem
974			# We expect to be authenticated by peer using any protocol.
975			set link disable chap pap
976			set link accept chap pap eap
977			set link enable no-orig-auth
978			# To make Ringback work we should specify how to handle incoming calls originated by it.
979			#set link enable incoming
980			set link action bundle {$interface}
981
982			EOD;
983
984			if (!empty($ppp['username'])) {
985			$mpdconf .= <<<EOD
986			# Configure the account name. Password will be taken from mpd.secret.
987			set auth authname "{$ppp['username']}"
988			set auth password "{$ppp['password']}"
989
990			EOD;
991			}
992
993			$mpdconf .= <<<EOD
994	9ebe7028	gnhb	set modem device {$ppp['port']}
995	611ae852	Ermal	set modem script DialPeer
996			set modem idle-script Ringback
997			set modem watch -cd
998	9ebe7028	gnhb	set modem var \$DialPrefix "DT"
999			set modem var \$Telephone "{$ppp['phone']}"
1000	bb992eb3	Scott Ullrich
1001	9ebe7028	gnhb	EOD;
1002	611ae852	Ermal	if (isset($ppp['connect-timeout'])) {
1003			$mpdconf .= <<<EOD
1004	9ebe7028	gnhb	set modem var \$ConnectTimeout "{$ppp['connect-timeout']}"
1005
1006			EOD;
1007	611ae852	Ermal	}
1008			if (isset($ppp['initstr'])) {
1009			$initstr = base64_decode($ppp['initstr']);
1010			$mpdconf .= <<<EOD
1011	9ebe7028	gnhb	set modem var \$InitString "{$initstr}"
1012
1013			EOD;
1014	611ae852	Ermal	}
1015			if (isset($ppp['simpin'])) {
1016			$mpdconf .= <<<EOD
1017	9ebe7028	gnhb	set modem var \$SimPin "{$ppp['simpin']}"
1018			set modem var \$PinWait "{$ppp['pin-wait']}"
1019
1020			EOD;
1021	611ae852	Ermal	}
1022			if (isset($ppp['apn'])) {
1023			$mpdconf .= <<<EOD
1024	9ebe7028	gnhb	set modem var \$APN "{$ppp['apn']}"
1025			set modem var \$APNum "{$ppp['apnum']}"
1026
1027			EOD;
1028	611ae852	Ermal	}
1029	9ebe7028	gnhb
1030	611ae852	Ermal	$mpdconf .= "\topen";
1031	9ebe7028	gnhb
1032	611ae852	Ermal	// Write out configuration for mpd_ppp.conf and mpd.secret
1033			fwrite($fd, $mpdconf);
1034			fclose($fd);
1035
1036			$fdlnkq = fopen("{$g['varetc_path']}/mpd_{$interface}.query", "w");
1037			if (!$fdlnkq) {
1038			/* NOTE: It is not fatal if we cannot write the query.");
1039			log_error("Error: cannot open mpd_{$interface}.query in interface_ppp_configure().\n");
1040			} else {
1041			$linkquery = <<<EOD
1042	9ebe7028	gnhb	admin
1043			pfsense
1044	611ae852	Ermal	link lnk{$interface}
1045	9ebe7028	gnhb	show iface
1046			exit
1047
1048			EOD;
1049
1050	611ae852	Ermal	// Write out linkquery file for each configured PPP interface.
1051			fwrite($fdlnkq, $linkquery);
1052			fclose($fdlnkq);
1053	3d8237f4	sullrich	}
1054	611ae852	Ermal
1055	4aca19b3	Scott Ullrich	// Launch specified ppp instance
1056	a728d6f9	Ermal	if (file_exists("{$ppp['port']}")) {
1057	9ebe7028	gnhb	/* fire up mpd */
1058	611ae852	Ermal	mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/ppp_{$interface}.pid -s {$interface} pppclient");
1059			} else
1060			log_error("Device {$ppp['port']} has disappeared.");
1061	860c4e80	Chris Buechler	}
1062
1063	abcb2bed	Ermal Lu?i	function interfaces_carp_setup() {
1064	87a2efd1	Ermal Luçi	global $g, $config;
1065	abcb2bed	Ermal Lu?i
1066	2b9747b9	Scott Ullrich	$balanacing = "";
1067			$pfsyncinterface = "";
1068			$pfsyncenabled = "";
1069	b932ef16	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1070			$mt = microtime();
1071	abcb2bed	Ermal Lu?i	echo "interfaces_carp_setup() being called $mt\n";
1072	b932ef16	Scott Ullrich	}
1073	abcb2bed	Ermal Lu?i
1074	e5d43d93	Scott Ullrich	// Prepare CmdCHAIN that will be used to execute commands.
1075			$cmdchain = new CmdCHAIN();
1076	abcb2bed	Ermal Lu?i
1077	b932ef16	Scott Ullrich	if ($g['booting']) {
1078	abcb2bed	Ermal Lu?i	echo "Configuring CARP settings...";
1079	7d0f4544	Scott Ullrich	mute_kernel_msgs();
1080	a5250ebc	Scott Ullrich	}
1081	abcb2bed	Ermal Lu?i
1082	b932ef16	Scott Ullrich	/* suck in configuration items */
1083	abcb2bed	Ermal Lu?i	if($config['installedpackages']['carpsettings']) {
1084	16ccd95c	Scott Ullrich	if($config['installedpackages']['carpsettings']['config']) {
1085	abcb2bed	Ermal Lu?i	foreach($config['installedpackages']['carpsettings']['config'] as $carp) {
1086			$pfsyncenabled = $carp['pfsyncenabled'];
1087			$balanacing = $carp['balancing'];
1088			$pfsyncinterface = $carp['pfsyncinterface'];
1089			$pfsyncpeerip = $carp['pfsyncpeerip'];
1090			}
1091	9f6b1429	Scott Ullrich	}
1092	b932ef16	Scott Ullrich	} else {
1093			unset($pfsyncinterface);
1094			unset($balanacing);
1095			unset($pfsyncenabled);
1096	6008210b	Scott Ullrich	}
1097	abcb2bed	Ermal Lu?i
1098	79d28f42	Scott Ullrich	$cmdchain->add("Allow CARP", "/sbin/sysctl net.inet.carp.allow=1", true);
1099	b932ef16	Scott Ullrich	if($balanacing) {
1100	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP ARP-balancing", "/sbin/sysctl net.inet.carp.arpbalance=1", true);
1101			$cmdchain->add("Disallow CARP preemption", "/sbin/sysctl net.inet.carp.preempt=0", true);
1102	abcb2bed	Ermal Lu?i	} else
1103	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP preemption", "/sbin/sysctl net.inet.carp.preempt=1", true);
1104	abcb2bed	Ermal Lu?i
1105	79d28f42	Scott Ullrich	$cmdchain->add("Enable CARP logging", "/sbin/sysctl net.inet.carp.log=2", true);
1106	abcb2bed	Ermal Lu?i	if (!empty($pfsyncinterface))
1107			$carp_sync_int = get_real_interface($pfsyncinterface);
1108
1109	b932ef16	Scott Ullrich	if($g['booting']) {
1110			/* install rules to alllow pfsync to sync up during boot
1111			* carp interfaces will remain down until the bootup sequence finishes
1112			*/
1113	a6726cf2	Ermal Lu?i	$fd = fopen("{$g['tmp_path']}/rules.boot", "w");
1114			if ($fd) {
1115	df9d4110	Ermal Lu?i	fwrite($fd, "pass quick proto carp all keep state\n");
1116			fwrite($fd, "pass quick proto pfsync all\n");
1117			fwrite($fd, "pass out quick from any to any keep state\n");
1118	a6726cf2	Ermal Lu?i	fclose($fd);
1119			mwexec("/sbin/pfctl -f {$g['tmp_path']}/rules.boot");
1120			} else
1121			log_error("Could not create rules.boot file!");
1122	eb772abd	Scott Ullrich	}
1123	abcb2bed	Ermal Lu?i
1124	b932ef16	Scott Ullrich	/* setup pfsync interface */
1125	b42ad736	Scott Ullrich	if($carp_sync_int and $pfsyncenabled) {
1126	abcb2bed	Ermal Lu?i	if (is_ipaddr($pfsyncpeerip))
1127	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0 syncpeer", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false);
1128	abcb2bed	Ermal Lu?i	else
1129	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0 syncdev", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false);
1130	abcb2bed	Ermal Lu?i	} else
1131	e5d43d93	Scott Ullrich	$cmdchain->add("Bring up pfsync0", "/sbin/ifconfig pfsync0 syncdev lo0 up", false);
1132	abcb2bed	Ermal Lu?i
1133			if($config['virtualip']['vip'])
1134	79d28f42	Scott Ullrich	$cmdchain->add("Allow CARP.", "/sbin/sysctl net.inet.carp.allow=1", true);
1135	abcb2bed	Ermal Lu?i	else
1136	79d28f42	Scott Ullrich	$cmdchain->add("Disallow CARP.", "/sbin/sysctl net.inet.carp.allow=0", true);
1137	e5d43d93	Scott Ullrich
1138	87a2efd1	Ermal Luçi	if($g['debug'])
1139	e5d43d93	Scott Ullrich	$cmdchain->setdebug(); // optional for verbose logging
1140	abcb2bed	Ermal Lu?i
1141	e5d43d93	Scott Ullrich	$cmdchain->execute();
1142			$cmdchain->clear();
1143
1144	abcb2bed	Ermal Lu?i	if ($g['booting']) {
1145			unmute_kernel_msgs();
1146			echo "done.\n";
1147			}
1148	67ee1ec5	Ermal Luçi	}
1149
1150	123f030c	Chris Buechler	function interface_proxyarp_configure() {
1151	9006e9f8	Scott Ullrich	global $config, $g;
1152			if(isset($config['system']['developerspew'])) {
1153			$mt = microtime();
1154			echo "interface_proxyarp_configure() being called $mt\n";
1155			}
1156	67ee1ec5	Ermal Luçi
1157	9006e9f8	Scott Ullrich	/* kill any running choparp */
1158			killbyname("choparp");
1159	1b58b513	Scott Ullrich
1160	9006e9f8	Scott Ullrich	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
1161			$paa = array();
1162	e5d43d93	Scott Ullrich
1163	9006e9f8	Scott Ullrich	/* group by interface */
1164			foreach ($config['virtualip']['vip'] as $vipent) {
1165			if ($vipent['mode'] === "proxyarp") {
1166			if ($vipent['interface'])
1167			$proxyif = $vipent['interface'];
1168			else
1169			$proxyif = "wan";
1170	abcb2bed	Ermal Lu?i
1171	9006e9f8	Scott Ullrich	if (!is_array($paa[$if]))
1172			$paa[$proxyif] = array();
1173	7b2d4769	Bill Marquette
1174	9006e9f8	Scott Ullrich	$paa[$proxyif][] = $vipent;
1175			}
1176			}
1177	e5d43d93	Scott Ullrich
1178	9006e9f8	Scott Ullrich	if (count($paa))
1179			foreach ($paa as $paif => $paents) {
1180			$paaifip = get_interface_ip($paif);
1181			if (!(is_ipaddr($paaifip)))
1182			continue;
1183			$args = get_real_interface($paif) . " auto";
1184			foreach ($paents as $paent) {
1185
1186			if (isset($paent['subnet']))
1187			$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
1188			else if (isset($paent['range']))
1189			$args .= " " . escapeshellarg($paent['range']['from'] . "-" .
1190			$paent['range']['to']);
1191			}
1192			mwexec_bg("/usr/local/sbin/choparp " . $args);
1193			}
1194			}
1195	abcb2bed	Ermal Lu?i
1196	9f6b1429	Scott Ullrich	}
1197
1198	e5ac67ed	Ermal Lu?i	function interfaces_vips_configure($interface = "") {
1199	87a2efd1	Ermal Luçi	global $g, $config;
1200	a04de17f	Chris Buechler	if(isset($config['system']['developerspew'])) {
1201			$mt = microtime();
1202	123f030c	Chris Buechler	echo "interfaces_vips_configure() being called $mt\n";
1203	a04de17f	Chris Buechler	}
1204	abcb2bed	Ermal Lu?i	$paa = array();
1205			if(is_array($config['virtualip']['vip'])) {
1206			$carp_setuped = false;
1207	e5ac67ed	Ermal Lu?i	$anyproxyarp = false;
1208	abcb2bed	Ermal Lu?i	foreach ($config['virtualip']['vip'] as $vip) {
1209			switch ($vip['mode']) {
1210			case "proxyarp":
1211	123f030c	Chris Buechler	/* nothing it is handled on interface_proxyarp_configure() */
1212	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1213			continue;
1214			$anyproxyarp = true;
1215	abcb2bed	Ermal Lu?i	break;
1216			case "ipalias":
1217	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1218			continue;
1219	abcb2bed	Ermal Lu?i	interface_ipalias_configure(&$vip);
1220			break;
1221			case "carp":
1222	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1223			continue;
1224	abcb2bed	Ermal Lu?i	if ($carp_setuped == false) {
1225			interfaces_carp_setup();
1226			$carp_setuped = true;
1227			}
1228			interface_carp_configure($vip);
1229			break;
1230			case "carpdev-dhcp":
1231	e5ac67ed	Ermal Lu?i	if ($interface <> "" && $vip['interface'] <> $interface)
1232			continue;
1233	abcb2bed	Ermal Lu?i	interface_carpdev_configure($vip);
1234			break;
1235	6a74c90e	Scott Ullrich	}
1236	a04de17f	Chris Buechler	}
1237	abcb2bed	Ermal Lu?i
1238	e5ac67ed	Ermal Lu?i	if ($anyproxyarp == true)
1239			interface_proxyarp_configure();
1240	abcb2bed	Ermal Lu?i	}
1241			}
1242
1243			function interface_ipalias_configure(&$vip) {
1244
1245			if ($vip['mode'] == "ipalias") {
1246			$if = get_real_interface($vip['interface']);
1247			mwexec("/sbin/ifconfig " . escapeshellarg($if) . " " . $vip['subnet'] . "/" . escapeshellarg($vip['subnet_bits']) . " alias");
1248	a04de17f	Chris Buechler	}
1249			}
1250
1251	abcb2bed	Ermal Lu?i	function interface_reload_carps($cif) {
1252			global $config;
1253
1254			$carpifs = link_ip_to_carp_interface(find_interface_ip($cif));
1255	9006e9f8	Scott Ullrich	if (empty($carpifs))
1256	abcb2bed	Ermal Lu?i	return;
1257
1258			$carps = explode(" ", $carpifs);
1259			if(is_array($config['virtualip']['vip'])) {
1260	9006e9f8	Scott Ullrich	$viparr = &$config['virtualip']['vip'];
1261			foreach ($viparr as $vip) {
1262	abcb2bed	Ermal Lu?i	if (in_array($vip['carpif'], $carps)) {
1263	9006e9f8	Scott Ullrich	switch ($vip['mode']) {
1264			case "carp":
1265	abcb2bed	Ermal Lu?i	interface_vip_bring_down($vip);
1266			sleep(1);
1267	9006e9f8	Scott Ullrich	interface_carp_configure($vip);
1268			break;
1269			case "carpdev-dhcp":
1270	abcb2bed	Ermal Lu?i	interface_vip_bring_down($vip);
1271			sleep(1);
1272	9006e9f8	Scott Ullrich	interface_carpdev_configure($vip);
1273			break;
1274	abcb2bed	Ermal Lu?i	}
1275	9006e9f8	Scott Ullrich	}
1276			}
1277			}
1278	abcb2bed	Ermal Lu?i	}
1279
1280			function interface_carp_configure(&$vip) {
1281			global $config, $g;
1282			if(isset($config['system']['developerspew'])) {
1283	58ebf6bb	Scott Ullrich	$mt = microtime();
1284	0a595d84	Ermal Lu?i	echo "interface_carp_configure() being called $mt\n";
1285	58ebf6bb	Scott Ullrich	}
1286	abcb2bed	Ermal Lu?i
1287			if ($vip['mode'] != "carp")
1288			return;
1289
1290			$vip_password = $vip['password'];
1291	942fdd55	jim-p	$vip_password = escapeshellarg(addslashes(str_replace(" ", "", $vip_password)));
1292	abcb2bed	Ermal Lu?i	if ($vip['password'] != "")
1293	942fdd55	jim-p	$password = " pass {$vip_password}";
1294	58ebf6bb	Scott Ullrich
1295	12fafaf7	Chris Buechler	// set the vip interface to the vhid
1296			$vipif = "vip{$vip['vhid']}";
1297	58ebf6bb	Scott Ullrich
1298	abcb2bed	Ermal Lu?i	$interface = interface_translate_type_to_real($vip['interface']);
1299			/*
1300			* ensure the interface containing the VIP really exists
1301	58ebf6bb	Scott Ullrich	* prevents a panic if the interface is missing or invalid
1302			*/
1303			$realif = get_real_interface($vip['interface']);
1304			if (!does_interface_exist($realif)) {
1305			file_notice("CARP", "Interface specified for the virtual IP address {$vip['subnet']} does not exist. Skipping this VIP.", "Firewall: Virtual IP", "");
1306			return;
1307			}
1308	abcb2bed	Ermal Lu?i
1309			/* ensure CARP IP really exists prior to loading up */
1310			/* XXX: this can be bound to only the interface choosen in the carp creation. Not yet since upgrade is needed! */
1311			$found = false;
1312			$iflist = get_configured_interface_list();
1313			foreach($iflist as $if) {
1314			$ww_subnet_ip = get_interface_ip($if);
1315			$ww_subnet_bits = get_interface_subnet($if);
1316			if (ip_in_subnet($vip['subnet'], gen_subnet($ww_subnet_ip, $ww_subnet_bits) . "/" . $ww_subnet_bits)) {
1317			$found = true;
1318			break;
1319			}
1320			}
1321			if($found == false) {
1322			file_notice("CARP", "Sorry but we could not find a matching real interface subnet for the virtual IP address {$vip['subnet']}.", "Firewall: Virtual IP", "");
1323			return;
1324			}
1325
1326			/* invalidate interface cache */
1327			get_interface_arr(true);
1328
1329			/* create the carp interface and setup */
1330	37a53d16	Scott Ullrich	if (does_interface_exist($vipif)) {
1331			interface_bring_down($vipif);
1332			} else {
1333	abcb2bed	Ermal Lu?i	$carpif = exec("/sbin/ifconfig carp create");
1334			mwexec("/sbin/ifconfig {$carpif} name {$vipif}");
1335	fe126e77	Ermal Lu?i	mwexec("/usr/sbin/ngctl name {$carpif}: {$vipif}");
1336	abcb2bed	Ermal Lu?i	}
1337
1338			/* invalidate interface cache */
1339			get_interface_arr(true);
1340
1341			$broadcast_address = gen_subnet_max($vip['subnet'], $vip['subnet_bits']);
1342	290d312d	Ermal Lu?i	mwexec("/sbin/ifconfig {$vipif} {$vip['subnet']}/{$vip['subnet_bits']} vhid {$vip['vhid']} advskew {$vip['advskew']} {$password}");
1343	abcb2bed	Ermal Lu?i
1344			interfaces_bring_up($vipif);
1345
1346			return $vipif;
1347			}
1348
1349			function interface_carpdev_configure(&$vip) {
1350			global $g;
1351
1352			if ($vip['mode'] != "carpdev-dhcp")
1353	9006e9f8	Scott Ullrich	return;
1354	abcb2bed	Ermal Lu?i
1355	9006e9f8	Scott Ullrich	$vip_password = $vip['password'];
1356			$vip_password = str_replace(" ", "", $vip_password);
1357			if($vip['password'] != "")
1358			$password = " pass \"" . $vip_password . "\"";
1359	abcb2bed	Ermal Lu?i
1360			log_error("Found carpdev interface {$vip['interface']} on top of interface {$interface}");
1361			if (empty($vip['interface']))
1362			return;
1363
1364			$vipif = "vip" . $vip['vhid'];
1365			$realif = interface_translate_type_to_real($vip['interface']);
1366	ec054b7c	Scott Ullrich	interfaces_bring_up($realif);
1367	9006e9f8	Scott Ullrich	/*
1368			* ensure the interface containing the VIP really exists
1369			* prevents a panic if the interface is missing or invalid
1370			*/
1371			if (!does_interface_exist($realif)) {
1372			file_notice("CARP", "Interface specified for the virtual IP address {$vip['subnet']} does not exist. Skipping this VIP.", "Firewall: Virtual IP", "");
1373			return;
1374			}
1375	abcb2bed	Ermal Lu?i
1376	f07bee94	Scott Ullrich	if (does_interface_exist($vipif)) {
1377	37a53d16	Scott Ullrich	interface_bring_down($vipif);
1378	f07bee94	Scott Ullrich	} else {
1379	abcb2bed	Ermal Lu?i	$carpdevif = exec("/sbin/ifconfig carp create");
1380			mwexec("/sbin/ifconfig {$carpdevif} name {$vipif}");
1381	fe126e77	Ermal Lu?i	mwexec("/usr/sbin/ngctl name {$carpdevif}: {$vipif}");
1382	abcb2bed	Ermal Lu?i	}
1383
1384			mwexec("/sbin/ifconfig {$vipif} carpdev {$realif} vhid {$vip['vhid']} advskew {$vip['advskew']} {$password}");
1385	ec054b7c	Scott Ullrich	interfaces_bring_up($vipif);
1386	abcb2bed	Ermal Lu?i
1387			/*
1388			* XXX: BIG HACK but carpdev needs ip services active
1389			* before even starting something as dhclient.
1390			* I do not know if this is a feature or a bug
1391			* but better than track it make it work ;) .
1392			*/
1393			//$fakeiptouse = "10.254.254." . ($carp_instances_counter+1);
1394			//$cmdchain->add("CarpDEV hack", "/sbin/ifconfig {$carpint} inet {$fakeiptouse}", false);
1395
1396			/* generate dhclient_wan.conf */
1397			$fd = fopen("{$g['varetc_path']}/dhclient_{$vipif}.conf", "w");
1398			if ($fd) {
1399			$dhclientconf = "";
1400
1401			$dhclientconf .= <<<EOD
1402			interface "{$vipif}" {
1403			timeout 60;
1404			retry 1;
1405			select-timeout 0;
1406			initial-interval 1;
1407			script "/sbin/dhclient-script";
1408			}
1409
1410			EOD;
1411
1412			fwrite($fd, $dhclientconf);
1413			fclose($fd);
1414
1415			/* fire up dhclient */
1416	6955830f	Ermal Lu?i	mwexec("/sbin/dhclient -c {$g['varetc_path']}/dhclient_{$vipif}.conf {$vipif} > {$g['tmp_path']}/{$vipif}_output > {$g['tmp_path']}/{$vipif}_error_output", false);
1417	abcb2bed	Ermal Lu?i	} else {
1418			log_error("Error: cannot open dhclient_{$vipif}.conf in interfaces_carpdev_configure() for writing.\n");
1419			mwexec("/sbin/dhclient -b {$vipif}");
1420			}
1421
1422			return $vipif;
1423			}
1424
1425	854aed18	Ermal Lu?i	function interface_wireless_clone($realif, $wlcfg) {
1426	568b1358	Scott Ullrich	global $config, $g;
1427	88157f66	Scott Ullrich	/* Check to see if interface has been cloned as of yet.
1428			* If it has not been cloned then go ahead and clone it.
1429			*/
1430	2a203afd	Seth Mos	$needs_clone = false;
1431	9f428275	Erik Fonnesbeck	if(is_array($wlcfg['wireless']))
1432			$wlcfg_mode = $wlcfg['wireless']['mode'];
1433			else
1434			$wlcfg_mode = $wlcfg['mode'];
1435			switch($wlcfg_mode) {
1436	2a203afd	Seth Mos	case "hostap":
1437			$mode = "wlanmode hostap";
1438			break;
1439			case "adhoc":
1440			$mode = "wlanmode adhoc";
1441			break;
1442			default:
1443			$mode = "";
1444			break;
1445			}
1446	34808d4e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($wlcfg['if']);
1447	854aed18	Ermal Lu?i	if(does_interface_exist($realif)) {
1448			exec("/sbin/ifconfig {$realif}", $output, $ret);
1449	2a203afd	Seth Mos	$ifconfig_str = implode($output);
1450	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "hostap") && (! preg_match("/hostap/si", $ifconfig_str))) {
1451	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to hostap mode");
1452	2a203afd	Seth Mos	$needs_clone = true;
1453			}
1454	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "adhoc") && (! preg_match("/adhoc/si", $ifconfig_str))) {
1455	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to adhoc mode");
1456	2a203afd	Seth Mos	$needs_clone = true;
1457			}
1458	9f428275	Erik Fonnesbeck	if(($wlcfg_mode == "bss") && (preg_match("/hostap\|adhoc/si", $ifconfig_str))) {
1459	fa71a9b6	Erik Fonnesbeck	log_error("Interface {$realif} changed to infrastructure mode");
1460	2a203afd	Seth Mos	$needs_clone = true;
1461			}
1462			} else {
1463			$needs_clone = true;
1464	88157f66	Scott Ullrich	}
1465	2a203afd	Seth Mos
1466	19e83210	Scott Ullrich	if($needs_clone == true) {
1467	2a203afd	Seth Mos	/* remove previous instance if it exists */
1468	854aed18	Ermal Lu?i	if(does_interface_exist($realif))
1469	1b773d20	Ermal Lu?i	mwexec("/sbin/ifconfig {$realif} destroy");
1470	854aed18	Ermal Lu?i
1471			log_error("Cloning new wireless interface {$realif}");
1472	b99256c1	Scott Ullrich	// Create the new wlan interface. FreeBSD returns the new interface name.
1473			// example: wlan2
1474	6d54e865	Erik Fonnesbeck	exec("/sbin/ifconfig wlan create wlandev {$baseif} {$mode} bssid 2>&1", $out, $ret);
1475	2a203afd	Seth Mos	if($ret <> 0) {
1476	fa71a9b6	Erik Fonnesbeck	log_error("Failed to clone interface {$baseif} with error code {$ret}, output {$out[0]}");
1477	9f428275	Erik Fonnesbeck	return false;
1478	2a203afd	Seth Mos	}
1479			$newif = trim($out[0]);
1480			// Rename the interface to {$parentnic}_wlan{$number}#: EX: ath0_wlan0
1481	854aed18	Ermal Lu?i	mwexec("/sbin/ifconfig {$newif} name {$realif} 2>&1", false);
1482	2a203afd	Seth Mos	// FIXME: not sure what ngctl is for. Doesn't work.
1483	fa71a9b6	Erik Fonnesbeck	// mwexec("/usr/sbin/ngctl name {$newif}: {$realif}", false);
1484	88157f66	Scott Ullrich	}
1485	9f428275	Erik Fonnesbeck	return true;
1486	88157f66	Scott Ullrich	}
1487
1488	8f0289e7	Erik Fonnesbeck	function interface_sync_wireless_clones(&$ifcfg, $sync_changes = false) {
1489			global $config, $g;
1490
1491	20f09b3b	Erik Fonnesbeck	$shared_settings = array('standard', 'turbo', 'protmode', 'txpower', 'channel', 'distance', 'regdomain', 'regcountry', 'reglocation');
1492	8f0289e7	Erik Fonnesbeck
1493	263e2b7e	Erik Fonnesbeck	if(!is_interface_wireless($ifcfg['if']))
1494	7de319a1	Erik Fonnesbeck	return;
1495
1496	34808d4e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($ifcfg['if']);
1497	8f0289e7	Erik Fonnesbeck
1498	38b7d47d	Erik Fonnesbeck	$iflist = get_configured_interface_list(false, true);
1499	8f0289e7	Erik Fonnesbeck	foreach ($iflist as $if) {
1500	34808d4e	Erik Fonnesbeck	if ($baseif == interface_get_wireless_base($config['interfaces'][$if]['if']) && $ifcfg['if'] != $config['interfaces'][$if]['if']) {
1501	8f0289e7	Erik Fonnesbeck	if (isset($config['interfaces'][$if]['wireless']['standard']) \|\| $sync_changes) {
1502			foreach ($shared_settings as $setting) {
1503			if ($sync_changes) {
1504			$config['interfaces'][$if]['wireless'][$setting] = $ifcfg['wireless'][$setting];
1505			} else {
1506			$ifcfg['wireless'][$setting] = $config['interfaces'][$if]['wireless'][$setting];
1507			}
1508			}
1509			if (!$sync_changes)
1510			break;
1511			}
1512			}
1513			}
1514	263e2b7e	Erik Fonnesbeck
1515			if (interface_is_wireless_clone($ifcfg['if'])) {
1516			foreach ($config['wireless']['clone'] as &$clone) {
1517			if ($clone['cloneif'] == $ifcfg['if']) {
1518			if ($sync_changes) {
1519			$clone['mode'] = $ifcfg['wireless']['mode'];
1520			} else {
1521			$ifcfg['wireless']['mode'] = $clone['mode'];
1522			}
1523			break;
1524			}
1525			}
1526	867d444b	Erik Fonnesbeck	unset($clone);
1527	263e2b7e	Erik Fonnesbeck	}
1528	8f0289e7	Erik Fonnesbeck	}
1529
1530	19e83210	Scott Ullrich	function interface_wireless_configure($if, &$wl, &$wlcfg) {
1531	ac3f8318	Espen Johansen	global $config, $g;
1532	eb772abd	Scott Ullrich
1533	4742e927	Scott Ullrich	/* open up a shell script that will be used to output the commands.
1534			* since wireless is changing a lot, these series of commands are fragile
1535			* and will sometimes need to be verified by a operator by executing the command
1536			* and returning the output of the command to the developers for inspection. please
1537			* do not change this routine from a shell script to individul exec commands. -sullrich
1538			*/
1539	eb772abd	Scott Ullrich
1540	b99256c1	Scott Ullrich	// Remove script file
1541	490b8b2a	Scott Ullrich	unlink_if_exists("{$g['tmp_path']}/{$if}_setup.sh");
1542	eb772abd	Scott Ullrich
1543	b99256c1	Scott Ullrich	// Clone wireless nic if needed.
1544	19e83210	Scott Ullrich	interface_wireless_clone($if, $wl);
1545	2a203afd	Seth Mos
1546	8f0289e7	Erik Fonnesbeck	// Reject inadvertent changes to shared settings in case the interface hasn't been configured.
1547			interface_sync_wireless_clones($wl, false);
1548
1549	6955830f	Ermal Lu?i	$fd_set = fopen("{$g['tmp_path']}/{$if}_setup.sh","w");
1550	4742e927	Scott Ullrich	fwrite($fd_set, "#!/bin/sh\n");
1551	36d0358b	Scott Ullrich	fwrite($fd_set, "# {$g['product_name']} wireless configuration script.\n\n");
1552	eb772abd	Scott Ullrich
1553	2ac908dd	Espen Johansen	/* set values for /path/program */
1554			$hostapd = "/usr/sbin/hostapd";
1555			$wpa_supplicant = "/usr/sbin/wpa_supplicant";
1556	4742e927	Scott Ullrich	$ifconfig = "/sbin/ifconfig";
1557			$killall = "/usr/bin/killall";
1558	2ac908dd	Espen Johansen
1559	a59abc65	Scott Ullrich	/* Set all wireless ifconfig variables (splitt up to get rid of needed checking) */
1560	5508cf57	Scott Ullrich
1561	2a203afd	Seth Mos	$wlcmd = array();
1562			/* Make sure it's up */
1563			$wlcmd[] = "up";
1564	ac3f8318	Espen Johansen	/* Set a/b/g standard */
1565	9be20928	Erik Fonnesbeck	$standard = str_replace(" Turbo", "", $wlcfg['standard']);
1566			$wlcmd[] = "mode " . escapeshellarg($standard);
1567	2a203afd	Seth Mos
1568	5030b5eb	Erik Fonnesbeck	/* XXX: Disable ampdu for now on mwl when running in 11n mode
1569			* to prevent massive packet loss under certain conditions. */
1570	9be20928	Erik Fonnesbeck	if(preg_match("/^mwl/i", $if) && ($standard == "11ng" \|\| $standard == "11na"))
1571	5030b5eb	Erik Fonnesbeck	$wlcmd[] = "-ampdu";
1572
1573	2a203afd	Seth Mos	/* Set ssid */
1574			if($wlcfg['ssid'])
1575			$wlcmd[] = "ssid " .escapeshellarg($wlcfg['ssid']);
1576	5508cf57	Scott Ullrich
1577	0856c4ac	Scott Ullrich	/* Set 802.11g protection mode */
1578	2a203afd	Seth Mos	$wlcmd[] = "protmode " . escapeshellarg($wlcfg['protmode']);
1579	0856c4ac	Scott Ullrich
1580	ac3f8318	Espen Johansen	/* set wireless channel value */
1581	2a203afd	Seth Mos	if(isset($wlcfg['channel'])) {
1582			if($wlcfg['channel'] == "0") {
1583			$wlcmd[] = "channel any";
1584			} else {
1585			$wlcmd[] = "channel " . escapeshellarg($wlcfg['channel']);
1586			}
1587			}
1588	2ac908dd	Espen Johansen
1589	f134033e	Scott Ullrich	/* set Distance value */
1590	eb772abd	Scott Ullrich	if($wlcfg['distance'])
1591	f134033e	Scott Ullrich	$distance = escapeshellarg($wlcfg['distance']);
1592
1593	ac3f8318	Espen Johansen	/* Set wireless hostap mode */
1594	2a203afd	Seth Mos	if ($wlcfg['mode'] == "hostap") {
1595			$wlcmd[] = "mediaopt hostap";
1596			} else {
1597			$wlcmd[] = "-mediaopt hostap";
1598			}
1599	ac3f8318	Espen Johansen
1600			/* Set wireless adhoc mode */
1601	2a203afd	Seth Mos	if ($wlcfg['mode'] == "adhoc") {
1602			$wlcmd[] = "mediaopt adhoc";
1603			} else {
1604			$wlcmd[] = "-mediaopt adhoc";
1605			}
1606	ac3f8318	Espen Johansen
1607			/* Not neccesary to set BSS mode as this is default if adhoc and/or hostap is NOT set */
1608
1609			/* handle hide ssid option */
1610	2a203afd	Seth Mos	if(isset($wlcfg['hidessid']['enable'])) {
1611			$wlcmd[] = "hidessid";
1612			} else {
1613			$wlcmd[] = "-hidessid";
1614			}
1615	ac3f8318	Espen Johansen
1616			/* handle pureg (802.11g) only option */
1617	2a203afd	Seth Mos	if(isset($wlcfg['pureg']['enable'])) {
1618			$wlcmd[] = "mode 11g pureg";
1619			} else {
1620			$wlcmd[] = "-pureg";
1621			}
1622	ac3f8318	Espen Johansen
1623	ed459692	Erik Fonnesbeck	/* handle puren (802.11n) only option */
1624			if(isset($wlcfg['puren']['enable'])) {
1625			$wlcmd[] = "puren";
1626			} else {
1627			$wlcmd[] = "-puren";
1628			}
1629
1630	ac3f8318	Espen Johansen	/* enable apbridge option */
1631	2a203afd	Seth Mos	if(isset($wlcfg['apbridge']['enable'])) {
1632			$wlcmd[] = "apbridge";
1633			} else {
1634			$wlcmd[] = "-apbridge";
1635			}
1636	ac3f8318	Espen Johansen
1637			/* handle turbo option */
1638	2a203afd	Seth Mos	if(isset($wlcfg['turbo']['enable'])) {
1639			$wlcmd[] = "mediaopt turbo";
1640			} else {
1641			$wlcmd[] = "-mediaopt turbo";
1642			}
1643	ac3f8318	Espen Johansen
1644			/* handle txpower setting */
1645	2a203afd	Seth Mos	/* if($wlcfg['txpower'] <> "")
1646			$wlcmd[] = "txpower " . escapeshellarg($wlcfg['txpower']);
1647			*/
1648	ac3f8318	Espen Johansen	/* handle wme option */
1649	2a203afd	Seth Mos	if(isset($wlcfg['wme']['enable'])) {
1650			$wlcmd[] = "wme";
1651			} else {
1652			$wlcmd[] = "-wme";
1653			}
1654	eb772abd	Scott Ullrich
1655	ac3f8318	Espen Johansen	/* set up wep if enabled */
1656	2a203afd	Seth Mos	$wepset = "";
1657			if (isset($wlcfg['wep']['enable']) && is_array($wlcfg['wep']['key'])) {
1658			switch($wlcfg['wpa']['auth_algs']) {
1659			case "1":
1660			$wepset .= "authmode open wepmode on ";
1661			break;
1662			case "2":
1663			$wepset .= "authmode shared wepmode on ";
1664			break;
1665			case "3":
1666			$wepset .= "authmode mixed wepmode on ";
1667			}
1668	2f19fa14	Scott Ullrich	$i = 1;
1669			foreach ($wlcfg['wep']['key'] as $wepkey) {
1670			$wepset .= "wepkey " . escapeshellarg("{$i}:{$wepkey['value']}") . " ";
1671	2a203afd	Seth Mos	if (isset($wepkey['txkey'])) {
1672			$wlcmd[] = "weptxkey {$i} ";
1673			}
1674	2f19fa14	Scott Ullrich	$i++;
1675			}
1676	2a203afd	Seth Mos	$wlcmd[] = $wepset;
1677			} else {
1678			$wlcmd[] = "authmode open wepmode off ";
1679	ac3f8318	Espen Johansen	}
1680
1681	c8178bb7	Erik Fonnesbeck	mwexec(kill_hostapd("{$if}"));
1682			mwexec(kill_wpasupplicant("{$if}"));
1683
1684	ac3f8318	Espen Johansen	/* generate wpa_supplicant/hostap config if wpa is enabled */
1685	2a203afd	Seth Mos	conf_mount_rw();
1686	ac3f8318	Espen Johansen
1687			switch ($wlcfg['mode']) {
1688	b67d192d	Scott Ullrich	case 'bss':
1689	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
1690			$wpa .= <<<EOD
1691	454756b9	Scott Ullrich	ctrl_interface={$g['varrun_path']}/wpa_supplicant
1692	50ad3b7c	Scott Ullrich	ctrl_interface_group=0
1693			ap_scan=1
1694	2ac908dd	Espen Johansen	#fast_reauth=1
1695	249558a2	Scott Ullrich	network={
1696	454756b9	Scott Ullrich	ssid="{$wlcfg['ssid']}"
1697			scan_ssid=1
1698	2ac908dd	Espen Johansen	priority=5
1699			key_mgmt={$wlcfg['wpa']['wpa_key_mgmt']}
1700	454756b9	Scott Ullrich	psk="{$wlcfg['wpa']['passphrase']}"
1701	2ac908dd	Espen Johansen	pairwise={$wlcfg['wpa']['wpa_pairwise']}
1702			group={$wlcfg['wpa']['wpa_pairwise']}
1703	50ad3b7c	Scott Ullrich	}
1704			EOD;
1705
1706	80ec5eaa	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/wpa_supplicant_{$if}.conf", "w");
1707	ac3f8318	Espen Johansen	fwrite($fd, "{$wpa}");
1708			fclose($fd);
1709			}
1710	2a203afd	Seth Mos	break;
1711	ac3f8318	Espen Johansen	case 'hostap':
1712	7eadaa9c	Scott Ullrich	if($wlcfg['wpa']['passphrase'])
1713			$wpa_passphrase = "wpa_passphrase={$wlcfg['wpa']['passphrase']}\n";
1714	abfd0c9b	Scott Ullrich	else
1715			$wpa_passphrase = "";
1716	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
1717			$wpa .= <<<EOD
1718	459d6351	Scott Ullrich	interface={$if}
1719			driver=bsd
1720			logger_syslog=-1
1721			logger_syslog_level=0
1722			logger_stdout=-1
1723			logger_stdout_level=0
1724	2ac908dd	Espen Johansen	dump_file={$g['tmp_path']}/hostapd_{$if}.dump
1725			ctrl_interface={$g['varrun_path']}/hostapd
1726	459d6351	Scott Ullrich	ctrl_interface_group=wheel
1727	2ac908dd	Espen Johansen	#accept_mac_file={$g['tmp_path']}/hostapd_{$if}.accept
1728			#deny_mac_file={$g['tmp_path']}/hostapd_{$if}.deny
1729	b67d192d	Scott Ullrich	#macaddr_acl={$wlcfg['wpa']['macaddr_acl']}
1730	459d6351	Scott Ullrich	ssid={$wlcfg['ssid']}
1731	2ac908dd	Espen Johansen	debug={$wlcfg['wpa']['debug_mode']}
1732			auth_algs={$wlcfg['wpa']['auth_algs']}
1733			wpa={$wlcfg['wpa']['wpa_mode']}
1734			wpa_key_mgmt={$wlcfg['wpa']['wpa_key_mgmt']}
1735			wpa_pairwise={$wlcfg['wpa']['wpa_pairwise']}
1736	ac3f8318	Espen Johansen	wpa_group_rekey={$wlcfg['wpa']['wpa_group_rekey']}
1737			wpa_gmk_rekey={$wlcfg['wpa']['wpa_gmk_rekey']}
1738			wpa_strict_rekey={$wlcfg['wpa']['wpa_strict_rekey']}
1739	7eadaa9c	Scott Ullrich	{$wpa_passphrase}
1740	53dfd34e	Espen Johansen	#Enable the next lines for preauth when roaming. Interface = wired or wireless interface talking to the AP you want to roam from/to
1741			#rsn_preauth=1
1742			#rsn_preauth_interfaces=eth0
1743	525d565b	Scott Ullrich
1744	459d6351	Scott Ullrich	EOD;
1745	2ac908dd	Espen Johansen
1746	5949124c	Scott Ullrich	if($wlcfg['auth_server_addr'] && $wlcfg['auth_server_shared_secret']) {
1747			$auth_server_port = "1812";
1748			if($wlcfg['auth_server_port'])
1749			$auth_server_port = $wlcfg['auth_server_port'];
1750			$wpa .= <<<EOD
1751	525d565b	Scott Ullrich
1752	5949124c	Scott Ullrich	ieee8021x=1
1753			auth_server_addr={$wlcfg['auth_server_addr']}
1754			auth_server_port={$auth_server_port}
1755			auth_server_shared_secret={$wlcfg['auth_server_shared_secret']}
1756	525d565b	Scott Ullrich
1757	459d6351	Scott Ullrich	EOD;
1758	5949124c	Scott Ullrich	} else {
1759			$wpa .= "ieee8021x={$wlcfg['wpa']['ieee8021x']}\n";
1760			}
1761	2ac908dd	Espen Johansen
1762	80ec5eaa	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hostapd_{$if}.conf", "w");
1763	ac3f8318	Espen Johansen	fwrite($fd, "{$wpa}");
1764			fclose($fd);
1765	2ac908dd	Espen Johansen
1766	ac3f8318	Espen Johansen	}
1767	2a203afd	Seth Mos	break;
1768	eb772abd	Scott Ullrich	}
1769	ac3f8318	Espen Johansen
1770	4742e927	Scott Ullrich	/*
1771			* all variables are set, lets start up everything
1772	2a203afd	Seth Mos	*/
1773	eb772abd	Scott Ullrich
1774	bbfc810e	Erik Fonnesbeck	$baseif = interface_get_wireless_base($if);
1775
1776	78922914	Scott Ullrich	/* set ack timers according to users preference (if he/she has any) */
1777			if($distance) {
1778	4742e927	Scott Ullrich	fwrite($fd_set, "# Enable ATH distance settings\n");
1779	e327021d	Erik Fonnesbeck	fwrite($fd_set, "/sbin/athctrl.sh -i {$baseif} -d {$distance}\n");
1780	78922914	Scott Ullrich	}
1781	eb772abd	Scott Ullrich
1782	ac3f8318	Espen Johansen	if (isset($wlcfg['wpa']['enable'])) {
1783	2a203afd	Seth Mos	if ($wlcfg['mode'] == "bss") {
1784	4742e927	Scott Ullrich	fwrite($fd_set, "{$wpa_supplicant} -B -i {$if} -c {$g['varetc_path']}/wpa_supplicant_{$if}.conf\n");
1785	2a203afd	Seth Mos	}
1786			if ($wlcfg['mode'] == "hostap") {
1787	4742e927	Scott Ullrich	fwrite($fd_set, "{$hostapd} -B {$g['varetc_path']}/hostapd_{$if}.conf\n");
1788	2a203afd	Seth Mos	}
1789	ac3f8318	Espen Johansen	}
1790	191a8175	Scott Ullrich
1791	4742e927	Scott Ullrich	fclose($fd_set);
1792	8a958125	Scott Ullrich	conf_mount_ro();
1793
1794	bbfc810e	Erik Fonnesbeck	/* Making sure regulatory settings have actually changed
1795			* before applying, because changing them requires bringing
1796			* down all wireless networks on the interface. */
1797			exec("{$ifconfig} " . escapeshellarg($if), $output);
1798			$ifconfig_str = implode($output);
1799			unset($output);
1800			$reg_changing = false;
1801
1802			if ($wlcfg['regdomain'] && !preg_match("/\sregdomain\s+{$wlcfg['regdomain']}\s/si", $ifconfig_str))
1803			$reg_changing = true;
1804			else if ($wlcfg['regcountry'] && !preg_match("/\scountry\s+{$wlcfg['regcountry']}\s/si", $ifconfig_str))
1805			$reg_changing = true;
1806			/* anywhere needs a special case, since it is not included in the ifconfig output.
1807			* Do not combine this if with the one inside. */
1808			else if ($wlcfg['reglocation'] == 'anywhere') {
1809			if (preg_match("/\s(indoor\|outdoor)\s/si", $ifconfig_str))
1810			$reg_changing = true;
1811			} else if ($wlcfg['reglocation'] && !preg_match("/\s{$wlcfg['reglocation']}\s/si", $ifconfig_str))
1812			$reg_changing = true;
1813
1814			/* special case for the debug country code */
1815			if ($wlcfg['regcountry'] == 'DEBUG' && preg_match("/\sregdomain\s+DEBUG\s/si", $ifconfig_str))
1816			$reg_changing = false;
1817
1818			if ($reg_changing) {
1819			/* set regulatory domain */
1820			if($wlcfg['regdomain'])
1821			$wlregcmd[] = "regdomain " . escapeshellarg($wlcfg['regdomain']);
1822
1823			/* set country */
1824			if($wlcfg['regcountry'])
1825			$wlregcmd[] = "country " . escapeshellarg($wlcfg['regcountry']);
1826
1827			/* set location */
1828			if($wlcfg['reglocation'])
1829			$wlregcmd[] = escapeshellarg($wlcfg['reglocation']);
1830
1831			$wlregcmd_args = implode(" ", $wlregcmd);
1832
1833			/* build a complete list of the wireless clones for this interface */
1834			$clone_list = array();
1835			if (does_interface_exist(interface_get_wireless_clone($baseif)))
1836			$clone_list[] = interface_get_wireless_clone($baseif);
1837			if (is_array($config['wireless']['clone'])) {
1838			foreach ($config['wireless']['clone'] as $clone) {
1839			if ($clone['if'] == $baseif)
1840			$clone_list[] = $clone['cloneif'];
1841			}
1842			}
1843
1844			/* find which clones are up and bring them down */
1845			$clones_up = array();
1846			foreach ($clone_list as $clone_if) {
1847			$clone_status = pfSense_get_interface_stats($clone_if);
1848			if ($clone_status['status'] == 'up') {
1849			$clones_up[] = $clone_if;
1850			mwexec("{$ifconfig} " . escapeshellarg($clone_if) . " down");
1851			}
1852			}
1853
1854			/* apply the regulatory settings */
1855			mwexec("{$ifconfig} " . escapeshellarg($if) . " {$wlregcmd_args}");
1856
1857			/* bring the clones back up that were previously up */
1858			foreach ($clones_up as $clone_if) {
1859			mwexec("{$ifconfig} " . escapeshellarg($clone_if) . " up");
1860			}
1861			}
1862
1863	23fdc06e	Erik Fonnesbeck	/* The mode must be specified in a separate command before ifconfig
1864			* will allow the mode and channel at the same time in the next. */
1865	9be20928	Erik Fonnesbeck	mwexec("/sbin/ifconfig {$if} mode " . escapeshellarg($standard));
1866	23fdc06e	Erik Fonnesbeck
1867	2a48a885	Erik Fonnesbeck	/* configure wireless */
1868			$wlcmd_args = implode(" ", $wlcmd);
1869			mwexec("/sbin/ifconfig {$if} $wlcmd_args", false);
1870
1871	2a203afd	Seth Mos
1872			sleep(1);
1873			/* execute hostapd and wpa_supplicant if required in shell */
1874	6955830f	Ermal Lu?i	mwexec("/bin/sh {$g['tmp_path']}/{$if}_setup.sh");
1875	191a8175	Scott Ullrich
1876	ac3f8318	Espen Johansen	return 0;
1877	cfc707f7	Scott Ullrich
1878	5b237745	Scott Ullrich	}
1879
1880	eba938e3	Scott Ullrich	function kill_hostapd($interface) {
1881	6f76920c	thompsa	return "/bin/pkill -f \"hostapd .*{$interface}\"\n";
1882	4b2a6180	Scott Ullrich	}
1883
1884	eba938e3	Scott Ullrich	function kill_wpasupplicant($interface) {
1885	6f76920c	thompsa	return "/bin/pkill -f \"wpa_supplicant .*{$interface}\"\n";
1886	4b2a6180	Scott Ullrich	}
1887
1888	eba938e3	Scott Ullrich	function find_dhclient_process($interface) {
1889	79d3a7cf	Ermal Lu?i	if($interface) {
1890	6f76920c	thompsa	$pid = `/bin/pgrep -xf "dhclient: {$interface}"`;
1891	79d3a7cf	Ermal Lu?i	}
1892	0311dbd5	Scott Ullrich	return $pid;
1893			}
1894
1895	a5d6f60b	Ermal Lu?i	function interface_configure($interface = "wan", $reloadall = false) {
1896	675aac3d	Ermal Luçi	global $config, $g;
1897	31b24870	Ermal Luçi	global $interface_sn_arr_cache, $interface_ip_arr_cache;
1898	cfc707f7	Scott Ullrich
1899	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
1900
1901	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
1902	cfc707f7	Scott Ullrich
1903	28d22199	Scott Ullrich	if (!$g['booting']) {
1904	acc1e9d0	Scott Ullrich	/* remove all IPv4 addresses */
1905	332683cb	Seth Mos	while (mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " -alias", true) == 0);
1906	28d22199	Scott Ullrich	interface_bring_down($interface);
1907			}
1908	acc1e9d0	Scott Ullrich
1909	5b237745	Scott Ullrich	/* wireless configuration? */
1910			if (is_array($wancfg['wireless']))
1911	19e83210	Scott Ullrich	interface_wireless_configure($realif, $wancfg, $wancfg['wireless']);
1912	cfc707f7	Scott Ullrich
1913	f36d4bd2	Scott Ullrich	if ($wancfg['spoofmac']) {
1914	b99256c1	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg($realif) .
1915	5b237745	Scott Ullrich	" link " . escapeshellarg($wancfg['spoofmac']));
1916	f36d4bd2	Scott Ullrich	} else {
1917	3ad5fd63	Ermal	$mac = get_interface_mac(get_real_interface($wancfg['if']));
1918	f36d4bd2	Scott Ullrich	if($mac == "ff:ff:ff:ff:ff:ff") {
1919			/* this is not a valid mac address. generate a
1920			* temporary mac address so the machine can get online.
1921			*/
1922	9315ef83	Scott Ullrich	echo "Generating new MAC address.";
1923	f36d4bd2	Scott Ullrich	$random_mac = generate_random_mac_address();
1924	b99256c1	Scott Ullrich	mwexec("/sbin/ifconfig " . escapeshellarg(get_real_interface($wancfg['if'])) .
1925	f36d4bd2	Scott Ullrich	" link " . escapeshellarg($random_mac));
1926			$wancfg['spoofmac'] = $random_mac;
1927			write_config();
1928	571f89fa	Ermal Luçi	file_notice("MAC Address altered", "The INVALID MAC address (ff:ff:ff:ff:ff:ff) on interface {$realif} has been automatically replaced with {$random_mac}", "Interfaces");
1929	f36d4bd2	Scott Ullrich	}
1930			}
1931	cfc707f7	Scott Ullrich
1932	5b237745	Scott Ullrich	/* media */
1933			if ($wancfg['media'] \|\| $wancfg['mediaopt']) {
1934	b99256c1	Scott Ullrich	$cmd = "/sbin/ifconfig " . escapeshellarg(get_real_interface($wancfg['if']));
1935	5b237745	Scott Ullrich	if ($wancfg['media'])
1936			$cmd .= " media " . escapeshellarg($wancfg['media']);
1937			if ($wancfg['mediaopt'])
1938			$cmd .= " mediaopt " . escapeshellarg($wancfg['mediaopt']);
1939			mwexec($cmd);
1940			}
1941	e57a441e	Ermal Lu?i	if (!empty($wancfg['mtu']))
1942			mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " mtu {$wancfg['mtu']}");
1943	cfc707f7	Scott Ullrich
1944	31b24870	Ermal Luçi	/* invalidate interface/ip/sn cache */
1945	eba938e3	Scott Ullrich	get_interface_arr(true);
1946	31b24870	Ermal Luçi	unset($interface_ip_arr_cache[$realif]);
1947			unset($interface_sn_arr_cache[$realif]);
1948	ccbd2447	Ermal Luçi
1949	5b237745	Scott Ullrich	switch ($wancfg['ipaddr']) {
1950	cfc707f7	Scott Ullrich
1951	d5d00b83	Scott Ullrich	case 'carpdev-dhcp':
1952	1fb7c265	Ermal Luçi	interface_carpdev_dhcp_configure($interface);
1953	d5d00b83	Scott Ullrich	break;
1954	5b237745	Scott Ullrich	case 'dhcp':
1955	1fb7c265	Ermal Luçi	interface_dhcp_configure($interface);
1956	5b237745	Scott Ullrich	break;
1957			case 'pppoe':
1958	1fb7c265	Ermal Luçi	interface_pppoe_configure($interface);
1959	5b237745	Scott Ullrich	break;
1960			case 'pptp':
1961	1fb7c265	Ermal Luçi	interface_pptp_configure($interface);
1962	5b237745	Scott Ullrich	break;
1963	9ebe7028	gnhb	case 'ppp':
1964	611ae852	Ermal	interface_ppp_configure($interface);
1965	9ebe7028	gnhb	break;
1966	5b237745	Scott Ullrich	default:
1967	4b176ed2	Ermal Luçi	if ($wancfg['ipaddr'] <> "" && $wancfg['subnet'] <> "") {
1968	611ae852	Ermal	if($wancfg['ipaddr'] && $wancfg['subnet'])
1969			mwexec("/sbin/ifconfig " . escapeshellarg($realif) .
1970			" " . escapeshellarg($wancfg['ipaddr'] . "/" .
1971			$wancfg['subnet']));
1972	acc1e9d0	Scott Ullrich	}
1973
1974	5e041d5f	Scott Ullrich	if (is_ipaddr($wancfg['gateway']))
1975	6955830f	Ermal Lu?i	file_put_contents("{$g['tmp_path']}/{$realif}_router", $wancfg['gateway']);
1976	5b237745	Scott Ullrich	}
1977	ffeb5acf	Scott Ullrich
1978	435f11c8	Ermal Lu?i	if(does_interface_exist($wancfg['if']))
1979	7284d850	Scott Ullrich	interfaces_bring_up($wancfg['if']);
1980	3d8237f4	sullrich
1981	f700f8da	Ermal Lu?i	if (!$g['booting'])
1982			interface_reload_carps($realif);
1983	3d8237f4	sullrich
1984	5b237745	Scott Ullrich	if (!$g['booting']) {
1985	ccbd2447	Ermal Luçi	if (link_interface_to_gre($interface)) {
1986			foreach ($config['gres']['gre'] as $gre)
1987			if ($gre['if'] == $interface)
1988			interface_gre_configure($gre);
1989			}
1990			if (link_interface_to_gif($interface)) {
1991			foreach ($config['gifs']['gif'] as $gif)
1992			if ($gif['if'] == $interface)
1993	c0481e1c	Ermal Lu?i	interface_gif_configure($gif);
1994	ccbd2447	Ermal Luçi	}
1995			if (link_interface_to_bridge($interface)) {
1996			foreach ($config['bridges']['bridged'] as $bridge)
1997			if (stristr($bridge['members'], "{$interface}"))
1998	fcd4a425	Ermal Lu?i	interface_bridge_add_member($bridge['bridgeif'], $realif);
1999	ccbd2447	Ermal Luçi	}
2000
2001	7850de1c	Ermal Lu?i	link_interface_to_vips($interface, "update");
2002	e5ac67ed	Ermal Lu?i
2003	a5d6f60b	Ermal Lu?i	if ($interface == "lan")
2004	4476d447	Ermal Luçi	/* make new hosts file */
2005	ffeb5acf	Scott Ullrich	system_hosts_generate();
2006	4476d447	Ermal Luçi
2007	a5d6f60b	Ermal Lu?i	if ($reloadall == true) {
2008	cfc707f7	Scott Ullrich
2009	a5d6f60b	Ermal Lu?i	/* reconfigure static routes (kernel may have deleted them) */
2010			system_routing_configure();
2011	cfc707f7	Scott Ullrich
2012	a5d6f60b	Ermal Lu?i	/* reload ipsec tunnels */
2013			vpn_ipsec_configure();
2014	cfc707f7	Scott Ullrich
2015	a5d6f60b	Ermal Lu?i	/* update dyndns */
2016	2ec2a374	Ermal Lu?i	services_dyndns_configure($interface);
2017	cfc707f7	Scott Ullrich
2018	a5d6f60b	Ermal Lu?i	/* force DNS update */
2019	2ec2a374	Ermal Lu?i	services_dnsupdate_process($interface);
2020	a23d7248	Scott Ullrich
2021	a5d6f60b	Ermal Lu?i	/* restart dnsmasq */
2022			services_dnsmasq_configure();
2023	eb772abd	Scott Ullrich
2024	a5d6f60b	Ermal Lu?i	/* reload captive portal */
2025			captiveportal_configure();
2026
2027			/* set the reload filter dity flag */
2028			filter_configure();
2029			}
2030	5b237745	Scott Ullrich	}
2031	cfc707f7	Scott Ullrich
2032	c1627786	Scott Ullrich	unmute_kernel_msgs();
2033
2034	5b237745	Scott Ullrich	return 0;
2035			}
2036
2037	eba938e3	Scott Ullrich	function interface_carpdev_dhcp_configure($interface = "wan") {
2038	d5d00b83	Scott Ullrich	global $config, $g;
2039
2040	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2041	499994ff	Scott Ullrich	$wanif = $wancfg['if'];
2042	d5d00b83	Scott Ullrich	/* bring wan interface up before starting dhclient */
2043	d7147b1c	Scott Ullrich	if($wanif)
2044	b5b957fe	Scott Ullrich	interfaces_bring_up($wanif);
2045	d7147b1c	Scott Ullrich	else
2046			log_error("Could not bring wanif up in terface_carpdev_dhcp_configure()");
2047	d5d00b83	Scott Ullrich
2048			return 0;
2049			}
2050
2051	eba938e3	Scott Ullrich	function interface_dhcp_configure($interface = "wan") {
2052	5b237745	Scott Ullrich	global $config, $g;
2053	cfc707f7	Scott Ullrich
2054	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2055	5b237745	Scott Ullrich
2056	0311dbd5	Scott Ullrich	/* generate dhclient_wan.conf */
2057	67ee1ec5	Ermal Luçi	$fd = fopen("{$g['varetc_path']}/dhclient_{$interface}.conf", "w");
2058	5b237745	Scott Ullrich	if (!$fd) {
2059	67ee1ec5	Ermal Luçi	printf("Error: cannot open dhclient_{$interface}.conf in interfaces_wan_dhcp_configure() for writing.\n");
2060	5b237745	Scott Ullrich	return 1;
2061			}
2062	eb772abd	Scott Ullrich
2063	2305d4c5	Scott Ullrich	if ($wancfg['dhcphostname']) {
2064			$dhclientconf_hostname = "send dhcp-client-identifier \"{$wancfg['dhcphostname']}\";\n";
2065			$dhclientconf_hostname .= "\tsend host-name \"{$wancfg['dhcphostname']}\";\n";
2066			} else {
2067			$dhclientconf_hostname = "";
2068			}
2069
2070	85a5da13	Ermal Luçi	$wanif = get_real_interface($interface);
2071	cfc707f7	Scott Ullrich
2072	67ee1ec5	Ermal Luçi	$dhclientconf = "";
2073
2074	6d76590c	Scott Ullrich	$dhclientconf .= <<<EOD
2075	67ee1ec5	Ermal Luçi	interface "{$wanif}" {
2076	76d3b9a3	Chris Buechler	timeout 60;
2077	ce69a638	Scott Ullrich	retry 1;
2078			select-timeout 0;
2079			initial-interval 1;
2080	2305d4c5	Scott Ullrich	{$dhclientconf_hostname}
2081			script "/sbin/dhclient-script";
2082	5b237745	Scott Ullrich	}
2083
2084			EOD;
2085
2086	bc40d758	Seth Mos	if(is_ipaddr($wancfg['alias-address'])) {
2087			$subnetmask = gen_subnet_mask($wancfg['alias-subnet']);
2088			$dhclientconf .= <<<EOD
2089			alias {
2090	67ee1ec5	Ermal Luçi	interface "{$wanif}";
2091	bc40d758	Seth Mos	fixed-address {$wancfg['alias-address']};
2092			option subnet-mask {$subnetmask};
2093			}
2094
2095			EOD;
2096			}
2097	5b237745	Scott Ullrich	fwrite($fd, $dhclientconf);
2098			fclose($fd);
2099	eb772abd	Scott Ullrich
2100	974ff781	Chris Buechler	$realwanif = $wancfg['if'];
2101	eb772abd	Scott Ullrich
2102	d7147b1c	Scott Ullrich	/* bring wan interface up before starting dhclient */
2103			if($realwanif)
2104	7284d850	Scott Ullrich	interfaces_bring_up($realwanif);
2105	b5b957fe	Scott Ullrich	else
2106			log_error("Could not bring realwanif up in interface_dhcp_configure()");
2107	eacc8c14	Scott Ullrich
2108	d7147b1c	Scott Ullrich	/* fire up dhclient */
2109	6955830f	Ermal Lu?i	mwexec("/sbin/dhclient -c {$g['varetc_path']}/dhclient_{$interface}.conf {$wanif} > {$g['tmp_path']}/{$wanif}_output > {$g['tmp_path']}/{$wanif}_error_output");
2110	0119d2f7	Scott Ullrich
2111	5b237745	Scott Ullrich	return 0;
2112			}
2113
2114	ffeb5acf	Scott Ullrich	function interface_pppoe_configure($interface = "wan") {
2115	5b237745	Scott Ullrich	global $config, $g;
2116	cfc707f7	Scott Ullrich
2117	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2118	cfc707f7	Scott Ullrich
2119	5b237745	Scott Ullrich	/* generate mpd.conf */
2120	67ee1ec5	Ermal Luçi	$fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w");
2121	5b237745	Scott Ullrich	if (!$fd) {
2122	1fb7c265	Ermal Luçi	printf("Error: cannot open mpd_{$interface}.conf in interface_pppoe_configure().\n");
2123	5b237745	Scott Ullrich	return 1;
2124			}
2125	cfc707f7	Scott Ullrich
2126	5b237745	Scott Ullrich	$idle = 0;
2127	cfc707f7	Scott Ullrich
2128	67ee1ec5	Ermal Luçi	if (isset($wancfg['ondemand'])) {
2129	5b237745	Scott Ullrich	$ondemand = "enable";
2130	67ee1ec5	Ermal Luçi	if ($wancfg['timeout'])
2131			$idle = $wancfg['timeout'];
2132	5b237745	Scott Ullrich	} else {
2133			$ondemand = "disable";
2134			}
2135	cfc707f7	Scott Ullrich
2136	5b237745	Scott Ullrich	$mpdconf = <<<EOD
2137	07cae4b2	Scott Ullrich	startup:
2138	65a82e32	Ermal	# configure the web server
2139			set console close
2140			set web close
2141
2142			default:
2143	07cae4b2	Scott Ullrich	pppoeclient:
2144	cc936773	Scott Ullrich
2145	5b237745	Scott Ullrich	EOD;
2146	389741e5	Scott Ullrich
2147	67ee1ec5	Ermal Luçi	if ($interface == "wan")
2148			$realif = "pppoe0";
2149			else {
2150			// Here code assumes only that strings of form "opt#" will be passed.
2151			$realif = "pppoe" . substr($interface, 3);
2152			}
2153
2154			$mpdconf .= <<<EOD
2155	768f4c0e	Ermal Lu?i	create bundle static {$interface}
2156			set iface name {$realif}
2157	67ee1ec5	Ermal Luçi
2158			EOD;
2159	c0f5182c	Ermal Lu?i	$setdefaultgw = false;
2160			$founddefaultgw = false;
2161			if (is_array($config['gateways']['gateway_item'])) {
2162			foreach($config['gateways']['gateway_item'] as $gateway) {
2163			if($interface == $gateway['interface'] && isset($gateway['defaultgw'])) {
2164			$setdefaultgw = true;
2165			break;
2166	7554ab8c	Ermal	} else if (isset($gateway['defaultgw']) && !empty($gateway['interface'])) {
2167	c0f5182c	Ermal Lu?i	$founddefaultgw = true;
2168			break;
2169			}
2170			}
2171			}
2172			if (($interface == "wan" && $founddefaultgw == false) \|\| $setdefaultgw == true)
2173	389741e5	Scott Ullrich	$mpdconf .= <<<EOD
2174	67ee1ec5	Ermal Luçi	set iface route default
2175
2176			EOD;
2177
2178			$mpdconf .= <<<EOD
2179			set iface {$ondemand} on-demand
2180			set iface idle {$idle}
2181	0750014f	Ermal Luçi	set iface enable tcpmssfix
2182	67ee1ec5	Ermal Luçi	set iface up-script /usr/local/sbin/ppp-linkup
2183	389741e5	Scott Ullrich	set iface down-script /usr/local/sbin/ppp-linkdown
2184
2185			EOD;
2186
2187	67ee1ec5	Ermal Luçi	if (isset($wancfg['ondemand'])) {
2188			if (isset($wancfg['local-ip']) && isset($wancfg['remote-ip'])) {
2189	41404ef1	Scott Ullrich	$mpdconf .= <<<EOD
2190	67ee1ec5	Ermal Luçi	set iface addrs {$wancfg['local-ip']} {$wancfg['remote-ip']}
2191	5b237745	Scott Ullrich
2192			EOD;
2193	41404ef1	Scott Ullrich	} else {
2194			$mpdconf .= <<<EOD
2195			set iface addrs 192.0.2.112 192.0.2.113
2196
2197			EOD;
2198			}
2199	5b237745	Scott Ullrich	}
2200	cfc707f7	Scott Ullrich
2201	768f4c0e	Ermal Lu?i	if (isset($config['system']['dnsallowoverride'])) {
2202			$mpdconf .= <<<EOD
2203			set ipcp enable req-pri-dns
2204
2205			EOD;
2206			}
2207
2208			if (!isset($wancfg['dnsnosec']) && isset($config['system']['dnsallowoverride'])) {
2209			$mpdconf .= <<<EOD
2210			set ipcp enable req-sec-dns
2211
2212			EOD;
2213			}
2214
2215	5b237745	Scott Ullrich	$mpdconf .= <<<EOD
2216	768f4c0e	Ermal Lu?i	set ipcp yes vjcomp
2217			set ipcp ranges 0.0.0.0/0 0.0.0.0/0
2218			create link static {$interface}L1 pppoe
2219	5217b018	Ermal	set link disable incoming
2220	768f4c0e	Ermal Lu?i	set link action bundle {$interface}
2221	8da53af8	Ermal Luçi	set auth authname "{$wancfg['pppoe_username']}"
2222			set auth password "{$wancfg['pppoe_password']}"
2223	5b237745	Scott Ullrich	set link keep-alive 10 60
2224			set link max-redial 0
2225			set link no acfcomp protocomp
2226			set link disable pap chap
2227			set link accept chap
2228	768f4c0e	Ermal Lu?i	set pppoe iface {$wancfg['if']}
2229			set pppoe service "{$wancfg['provider']}"
2230	b28e0842	Ermal
2231	b4914b78	Ermal Luçi	EOD;
2232			if (empty($wancfg['mtu']))
2233			$mpdmtu = "1492";
2234			else
2235			$mpdmtu = "{$wancfg['mtu']}";
2236
2237			$mpdconf .= <<<EOD
2238			set link mtu {$mpdmtu}
2239	07cae4b2	Scott Ullrich	open
2240	5b237745	Scott Ullrich
2241			EOD;
2242
2243			fwrite($fd, $mpdconf);
2244			fclose($fd);
2245	eb772abd	Scott Ullrich
2246	67ee1ec5	Ermal Luçi	if(file_exists("{$g['varrun_path']}/pppoe_{$interface}.pid") and $g['booting']) {
2247	d7a6517a	Scott Ullrich	/* if we are booting and mpd has already been started then don't start again. */
2248			} else {
2249	571f89fa	Ermal Luçi	/* Bring the parent interface up */
2250	d7147b1c	Scott Ullrich	if($wancfg['if'])
2251	7284d850	Scott Ullrich	interfaces_bring_up($wancfg['if']);
2252	d7147b1c	Scott Ullrich	else
2253			log_error("Could not bring wancfg['if'] up in interface_pppoe_configure()");
2254	571f89fa	Ermal Luçi
2255	eb772abd	Scott Ullrich	/* fire up mpd */
2256	611ae852	Ermal	mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/pppoe_{$interface}.pid -s {$interface} pppoeclient");
2257	ec11a1ad	Scott Ullrich	}
2258
2259	b5b957fe	Scott Ullrich	/* sleep until wan is up - or 30 seconds, whichever comes first */
2260	a205d904	Scott Ullrich	for ($count = 0; $count < 30; $count++) {
2261	faab50d4	Ermal Luçi	if(file_exists("{$g['tmp_path']}/{$realif}up")) {
2262	a205d904	Scott Ullrich	break;
2263			}
2264			sleep(1);
2265			}
2266	d7a6517a	Scott Ullrich
2267	faab50d4	Ermal Luçi	unlink_if_exists("{$g['tmp_path']}/{$realif}up");
2268	e1c8cdf5	Scott Ullrich
2269	5b237745	Scott Ullrich	return 0;
2270			}
2271
2272	eba938e3	Scott Ullrich	function interface_pptp_configure($interface) {
2273	5b237745	Scott Ullrich	global $config, $g;
2274	cfc707f7	Scott Ullrich
2275	67ee1ec5	Ermal Luçi	$wancfg = $config['interfaces'][$interface];
2276	cfc707f7	Scott Ullrich
2277	5b237745	Scott Ullrich	/* generate mpd.conf */
2278	67ee1ec5	Ermal Luçi	$fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w");
2279	5b237745	Scott Ullrich	if (!$fd) {
2280	1fb7c265	Ermal Luçi	printf("Error: cannot open mpd_{$interface}.conf in interface_pptp_configure().\n");
2281	5b237745	Scott Ullrich	return 1;
2282			}
2283	cfc707f7	Scott Ullrich
2284	5b237745	Scott Ullrich	$idle = 0;
2285	cfc707f7	Scott Ullrich
2286	67ee1ec5	Ermal Luçi	if (isset($wancfg['ondemand'])) {
2287	5b237745	Scott Ullrich	$ondemand = "enable";
2288	67ee1ec5	Ermal Luçi	if ($wancfg['timeout'])
2289			$idle = $wancfg['timeout'];
2290	5b237745	Scott Ullrich	} else {
2291			$ondemand = "disable";
2292			}
2293	cfc707f7	Scott Ullrich
2294	5b237745	Scott Ullrich	$mpdconf = <<<EOD
2295	67ee1ec5	Ermal Luçi	startup:
2296	65a82e32	Ermal	# configure the web server
2297			set console close
2298			set web close
2299
2300			default:
2301			pptpclient:
2302	5b237745	Scott Ullrich
2303			EOD;
2304	cfc707f7	Scott Ullrich
2305	67ee1ec5	Ermal Luçi	if ($interface == "wan")
2306			$realif = "pptp0";
2307			else {
2308			// Here code assumes only that strings of form "opt#" will be passed.
2309			$realif = "pptp" . substr($interface, 3);
2310			}
2311
2312			$mpdconf .= <<<EOD
2313	768f4c0e	Ermal Lu?i	create bundle static {$interface}
2314			set iface name {$realif}
2315	67ee1ec5	Ermal Luçi
2316			EOD;
2317	c0f5182c	Ermal Lu?i	$setdefaultgw = false;
2318			$founddefaultgw = false;
2319			if (is_array($config['gateways']['gateway_item'])) {
2320			foreach($config['gateways']['gateway_item'] as $gateway) {
2321			if($interface == $gateway['interface'] && isset($gateway['defaultgw'])) {
2322			$setdefaultgw = true;
2323			break;
2324			} else if (isset($gateway['defaultgw'])) {
2325			$founddefaultgw = true;
2326			break;
2327			}
2328			}
2329			}
2330			if (($interface == "wan" && $founddefaultgw == false) \|\| $setdefaultgw == true)
2331	67ee1ec5	Ermal Luçi	$mpdconf .= <<<EOD
2332			set iface route default
2333
2334			EOD;
2335
2336			$mpdconf .= <<<EOD
2337			set iface {$ondemand} on-demand
2338			set iface idle {$idle}
2339			set iface up-script /usr/local/sbin/ppp-linkup
2340	389741e5	Scott Ullrich	set iface down-script /usr/local/sbin/ppp-linkdown
2341
2342			EOD;
2343
2344	67ee1ec5	Ermal Luçi	if (isset($wanfg['ondemand'])) {
2345	5b237745	Scott Ullrich	$mpdconf .= <<<EOD
2346	a23d7248	Scott Ullrich	set iface addrs 10.0.0.1 10.0.0.2
2347	5b237745	Scott Ullrich
2348			EOD;
2349			}
2350	cfc707f7	Scott Ullrich
2351	768f4c0e	Ermal Lu?i	if (isset($config['system']['dnsallowoverride'])) {
2352			$mpdconf .= <<<EOD
2353			set ipcp enable req-pri-dns
2354
2355			EOD;
2356			}
2357
2358			if (!isset($wancfg['dnsnosec']) && isset($config['system']['dnsallowoverride'])) {
2359			$mpdconf .= <<<EOD
2360			set ipcp enable req-sec-dns
2361
2362			EOD;
2363			}
2364
2365	5b237745	Scott Ullrich	$mpdconf .= <<<EOD
2366	768f4c0e	Ermal Lu?i	set ipcp no vjcomp
2367			set ipcp ranges 0.0.0.0/0 0.0.0.0/0
2368			create link static {$interface}L1 pptp
2369	acc1e9d0	Scott Ullrich	set auth authname "{$wancfg['pptp_username']}"
2370			set auth password "{$wancfg['pptp_password']}"
2371	58384045	Chris Buechler	set bundle no noretry
2372	5217b018	Ermal	set link disable incoming
2373	5b237745	Scott Ullrich	set link keep-alive 10 60
2374			set link max-redial 0
2375			set link no acfcomp protocomp
2376			set link disable pap chap
2377			set link accept chap
2378	768f4c0e	Ermal Lu?i	set pptp self {$wancfg['local']}
2379			set pptp peer {$wancfg['remote']}
2380			set pptp disable windowing
2381	5b237745	Scott Ullrich	open
2382
2383			EOD;
2384
2385			fwrite($fd, $mpdconf);
2386			fclose($fd);
2387	cfc707f7	Scott Ullrich
2388	5b237745	Scott Ullrich	/* configure interface */
2389	d7147b1c	Scott Ullrich	if($wancfg['if'])
2390			mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " .
2391			escapeshellarg($wancfg['local'] . "/" . $wancfg['subnet']) . " up");
2392			else
2393			log_error("Could not bring interface wancfg['if'] up in interface_pptp_configure()");
2394	5b237745	Scott Ullrich	/* fire up mpd */
2395	65a82e32	Ermal	mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/pptp_{$interface}.pid -s {$interface} pptpclient");
2396	cfc707f7	Scott Ullrich
2397	5b237745	Scott Ullrich	return 0;
2398			}
2399	42753d25	Ermal Lu?i
2400			function interfaces_group_setup() {
2401			global $config;
2402
2403			if (!is_array($config['ifgroups']['ifgroupentry']))
2404			return;
2405
2406	482961e3	Ermal Lu?i	foreach ($config['ifgroups']['ifgroupentry'] as $groupar)
2407	42753d25	Ermal Lu?i	interface_group_setup($groupar);
2408
2409			return;
2410			}
2411
2412	abcb2bed	Ermal Lu?i	function interface_group_setup(&$groupname /* The parameter is an array */) {
2413	42753d25	Ermal Lu?i	global $config;
2414
2415			if (!is_array($groupname))
2416			return;
2417			$members = explode(" ", $groupname['members']);
2418			foreach($members as $ifs) {
2419			$realif = get_real_interface($ifs);
2420			if ($realif)
2421			mwexec("/sbin/ifconfig {$realif} group {$groupname['ifname']}");
2422			}
2423
2424			return;
2425			}
2426	f6b761fb	Scott Ullrich
2427	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2428	afb2de1b	Ermal Lu?i	function convert_friendly_interface_to_real_interface_name($interface) {
2429			return get_real_interface($interface);
2430			}
2431
2432	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2433	eba938e3	Scott Ullrich	function get_real_wan_interface($interface = "wan") {
2434	abb31ea4	Ermal Luçi	return get_real_interface($interface);
2435			}
2436	afb2de1b	Ermal Lu?i
2437	e8910ad4	Ermal Lu?i	/* COMPAT Function */
2438	eba938e3	Scott Ullrich	function get_current_wan_address($interface = "wan") {
2439	abb31ea4	Ermal Luçi	return get_interface_ip($interface);
2440			}
2441
2442	afb2de1b	Ermal Lu?i	/*
2443			* convert_real_interface_to_friendly_interface_name($interface): convert fxp0 -> wan, etc.
2444			*/
2445			function convert_real_interface_to_friendly_interface_name($interface = "wan") {
2446			global $config;
2447
2448			if (stristr($interface, "pppoe")) {
2449			$index = substr($interface, 5);
2450			if (intval($index) > 0)
2451			return "opt{$index}";
2452			else
2453			return "wan";
2454			} else if (stristr($interface, "pptp")) {
2455			$index = substr($interface, 4);
2456			if (intval($index) > 0)
2457			return "opt{$index}";
2458			else
2459			return "wan";
2460	564df7c2	Ermal Lu?i	} else if (stristr($interface, "vip")) {
2461			$index = substr($interface, 3);
2462			$counter = 0;
2463			foreach ($config['virtualip']['vip'] as $vip) {
2464			if ($vip['mode'] == "carpdev-dhcp" \|\| $vip['mode'] == "carp") {
2465			if (intval($index) == $counter)
2466			return $vip['interface'];
2467			$counter++;
2468			}
2469			}
2470	afb2de1b	Ermal Lu?i	} else if (stristr($interface, "carp")) {
2471			$index = substr($interface, 4);
2472			$counter = 0;
2473			foreach ($config['virtualip']['vip'] as $vip) {
2474			if ($vip['mode'] == "carpdev-dhcp" \|\| $vip['mode'] == "carp") {
2475			if (intval($index) == $counter)
2476			return $vip['interface'];
2477			$counter++;
2478			}
2479			}
2480			}
2481
2482			/* if list */
2483			$ifdescrs = get_configured_interface_list(false, true);
2484
2485			foreach ($ifdescrs as $if => $ifname) {
2486			if($config['interfaces'][$if]['if'] == $interface)
2487			return $ifname;
2488
2489			/* XXX: ermal - The 3 lines below are totally bogus code. */
2490	532b0fb8	Ermal Lu?i	$int = interface_translate_type_to_real($if);
2491	afb2de1b	Ermal Lu?i	if($ifname == $interface)
2492			return $ifname;
2493
2494			if($int == $interface)
2495			return $ifname;
2496			}
2497			return NULL;
2498			}
2499
2500			/* attempt to resolve interface to friendly descr */
2501			function convert_friendly_interface_to_friendly_descr($interface) {
2502			global $config;
2503
2504			switch ($interface) {
2505			case "l2tp":
2506			$ifdesc = "L2TP";
2507			break;
2508			case "pptp":
2509			$ifdesc = "pptp";
2510			break;
2511			case "pppoe":
2512			$ifdesc = "pppoe";
2513			break;
2514			case "openvpn":
2515			$ifdesc = "OpenVPN";
2516			break;
2517			case "enc0":
2518			case "ipsec":
2519			$ifdesc = "IPsec";
2520			break;
2521			default:
2522			/* if list */
2523			$ifdescrs = get_configured_interface_with_descr(false, true);
2524			foreach ($ifdescrs as $if => $ifname) {
2525			if ($if == $interface \|\| $ifname == $interface)
2526			return $ifname;
2527			}
2528			break;
2529			}
2530
2531			return $ifdesc;
2532			}
2533
2534			function convert_real_interface_to_friendly_descr($interface) {
2535			global $config;
2536
2537			$ifdesc = convert_real_interface_to_friendly_interface_name("{$interface}");
2538
2539			if ($ifdesc) {
2540	c795339e	Ermal Lu?i	$iflist = get_configured_interface_with_descr(false, true);
2541	afb2de1b	Ermal Lu?i	return $iflist[$ifdesc];
2542			}
2543
2544			return $interface;
2545			}
2546
2547	532b0fb8	Ermal Lu?i	/*
2548			* interface_translate_type_to_real($interface):
2549			* returns the real hardware interface name for a friendly interface. ie: wan
2550			*/
2551			function interface_translate_type_to_real($interface) {
2552			global $config;
2553
2554			if ($config['interfaces'][$interface]['if'] <> "")
2555			return $config['interfaces'][$interface]['if'];
2556			else
2557			return $interface;
2558			}
2559
2560	263e2b7e	Erik Fonnesbeck	function interface_is_wireless_clone($wlif) {
2561			if(!stristr($wlif, "_wlan")) {
2562			return false;
2563			} else {
2564			return true;
2565			}
2566			}
2567
2568	1d072761	Erik Fonnesbeck	function interface_get_wireless_base($wlif) {
2569	34808d4e	Erik Fonnesbeck	if(!stristr($wlif, "_wlan")) {
2570			return $wlif;
2571			} else {
2572			return substr($wlif, 0, stripos($wlif, "_wlan"));
2573			}
2574			}
2575
2576	1d072761	Erik Fonnesbeck	function interface_get_wireless_clone($wlif) {
2577	34808d4e	Erik Fonnesbeck	if(!stristr($wlif, "_wlan")) {
2578			return $wlif . "_wlan0";
2579			} else {
2580			return $wlif;
2581			}
2582			}
2583
2584	eba938e3	Scott Ullrich	function get_real_interface($interface = "wan") {
2585	67ee1ec5	Ermal Luçi	global $config;
2586	cfc707f7	Scott Ullrich
2587	521cfa2f	Ermal Lu?i	$wanif = NULL;
2588	c515ea57	Scott Ullrich
2589	67ee1ec5	Ermal Luçi	switch ($interface) {
2590	acc1e9d0	Scott Ullrich	case "l2tp":
2591			$wanif = "l2tp";
2592			break;
2593	67ee1ec5	Ermal Luçi	case "pptp":
2594			$wanif = "pptp";
2595			break;
2596			case "pppoe":
2597			$wanif = "pppoe";
2598			break;
2599			case "openvpn":
2600			$wanif = "openvpn";
2601			break;
2602	4563d12f	Seth Mos	case "ipsec":
2603	67ee1ec5	Ermal Luçi	case "enc0":
2604			$wanif = "enc0";
2605			break;
2606			case "ppp":
2607			$wanif = "ppp";
2608			break;
2609			default:
2610	008760d0	Ermal Luçi	$iflist = get_configured_interface_with_descr(false, true);
2611	67ee1ec5	Ermal Luçi
2612			foreach ($iflist as $if => $ifdesc) {
2613	568b1358	Scott Ullrich	// If a real interface was alread passed simply
2614			// pass the real interface back. This encourages
2615			// the usage of this function in more cases so that
2616			// we can combine logic for more flexibility.
2617			if($config['interfaces'][$if]['if'] == $interface) {
2618	2ebf3945	Scott Ullrich	if(does_interface_exist($interface)) {
2619			$wanif = $interface;
2620			break;
2621			}
2622	568b1358	Scott Ullrich	}
2623
2624	2ebf3945	Scott Ullrich	if ($interface == $if \|\| $interface == $ifdesc) {
2625
2626	67ee1ec5	Ermal Luçi	$cfg = $config['interfaces'][$if];
2627
2628	b99256c1	Scott Ullrich	// Wireless cloned NIC support (FreeBSD 8+)
2629			// interface name format: $parentnic_wlanparentnic#
2630			// example: ath0_wlan0
2631	6c0bf7fe	Ermal Lu?i	if(is_interface_wireless($cfg['if'])) {
2632	34808d4e	Erik Fonnesbeck	$wanif = interface_get_wireless_clone($cfg['if']);
2633	10394059	Scott Ullrich	break;
2634			}
2635
2636	e7693c09	Ermal Lu?i	if (empty($cfg['ipaddr'])) {
2637			$wanif = $cfg['if'];
2638			break;
2639			}
2640
2641	67ee1ec5	Ermal Luçi	switch ($cfg['ipaddr']) {
2642	b99256c1	Scott Ullrich	case "carpdev-dhcp":
2643			$viparr = &$config['virtualip']['vip'];
2644			$counter = 0;
2645			if(is_array($viparr))
2646			foreach ($viparr as $vip) {
2647			if ($vip['mode'] == "carpdev-dhcp") {
2648			if($vip['interface'] == $if) {
2649			$wanif = "carp{$counter}";
2650			break;
2651			}
2652			$counter++;
2653			} else if ($vip['mode'] = "carp")
2654			$counter++;
2655			}
2656			break;
2657			case "pppoe":
2658			if ($if == "wan")
2659			$wanif = "pppoe0";
2660			else
2661			$wanif = "pppoe" . substr($if,3);
2662			break;
2663			case "pptp":
2664			if ($if == "wan")
2665			$wanif = "pptp0";
2666			else
2667			$wanif = "pptp" . substr($if, 3);
2668			break;
2669	9ebe7028	gnhb	case "ppp":
2670	611ae852	Ermal	if ($if == "wan")
2671			$wanif = "ppp0";
2672			else
2673			$wanif = "ppp" . substr($if, 3);
2674	9ebe7028	gnhb	break;
2675	b99256c1	Scott Ullrich	default:
2676			$wanif = $cfg['if'];
2677			break;
2678	c515ea57	Scott Ullrich	}
2679	67ee1ec5	Ermal Luçi
2680	b99256c1	Scott Ullrich	break;
2681	c515ea57	Scott Ullrich	}
2682			}
2683	67ee1ec5	Ermal Luçi	break;
2684	c515ea57	Scott Ullrich	}
2685
2686	67ee1ec5	Ermal Luçi	return $wanif;
2687	5b237745	Scott Ullrich	}
2688
2689	9ff8c299	Seth Mos	/* Guess the physical interface by providing a IP address */
2690	afb2de1b	Ermal Lu?i	function guess_interface_from_ip($ipaddress) {
2691	80a2c1e6	Seth Mos	if(! is_ipaddr($ipaddress)) {
2692	9ff8c299	Seth Mos	return false;
2693			}
2694			/* create a route table we can search */
2695	629208a2	Ermal Lu?i	exec("netstat -rnW", $output, $ret);
2696	9ff8c299	Seth Mos	foreach($output as $line) {
2697			if(preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\/[0-9]+[ ]+link[#]/", $line)) {
2698			$fields = preg_split("/[ ]+/", $line);
2699			if(ip_in_subnet($ipaddress, $fields[0])) {
2700	629208a2	Ermal Lu?i	return $fields[6];
2701	9ff8c299	Seth Mos	}
2702			}
2703			}
2704			$ret = exec_command("/sbin/route -n get {$ipaddress} \| /usr/bin/awk '/interface/ { print \$2; };'");
2705			if(empty($ret)) {
2706			return false;
2707			}
2708			return $ret;
2709	afb2de1b	Ermal Lu?i	}
2710
2711			/*
2712			* find_ip_interface($ip): return the interface where an ip is defined
2713			*/
2714			function find_ip_interface($ip)
2715			{
2716			/* if list */
2717			$ifdescrs = get_configured_interface_list();
2718
2719			foreach ($ifdescrs as $ifdescr => $ifname) {
2720	abcb2bed	Ermal Lu?i	if ($ip == get_interface_ip($ifname)) {
2721			$int = get_real_interface($ifname);
2722			return $int;
2723			}
2724	afb2de1b	Ermal Lu?i	}
2725			return false;
2726			}
2727
2728	a71b32d2	Scott Ullrich	/*
2729			* find_number_of_created_carp_interfaces: return the number of carp interfaces
2730			*/
2731			function find_number_of_created_carp_interfaces() {
2732			return `/sbin/ifconfig \| grep "carp:" \| wc -l`;
2733			}
2734
2735			function get_all_carp_interfaces() {
2736			$ints = str_replace("\n", " ", `ifconfig \| grep "carp:" -B2 \| grep ": flag" \| cut -d: -f1`);
2737			return $ints;
2738			}
2739
2740	abcb2bed	Ermal Lu?i	/*
2741			* find_carp_interface($ip): return the carp interface where an ip is defined
2742			*/
2743			function find_carp_interface($ip) {
2744	27625b39	Scott Ullrich	global $config;
2745	abcb2bed	Ermal Lu?i	if (is_array($config['virtualip']['vip'])) {
2746			foreach ($config['virtualip']['vip'] as $vip) {
2747			if ($vip['mode'] == "carp" \|\| $vip['mode'] == "carpdev") {
2748	564df7c2	Ermal Lu?i	$carp_ip = get_interface_ip($vip['interface']);
2749	27625b39	Scott Ullrich	$if = `ifconfig \| grep '$ip' -B1 \| head -n1 \| cut -d: -f1`;
2750			if ($if)
2751			return $if;
2752	abcb2bed	Ermal Lu?i	}
2753			}
2754			}
2755			}
2756
2757			function link_carp_interface_to_parent($interface) {
2758			global $config;
2759
2760			if ($interface == "")
2761			return;
2762
2763	564df7c2	Ermal Lu?i	$carp_ip = get_interface_ip($interface);
2764	abcb2bed	Ermal Lu?i	if (!is_ipaddr($carp_ip))
2765			return;
2766
2767			/* if list */
2768			$ifdescrs = get_configured_interface_list();
2769			foreach ($ifdescrs as $ifdescr => $ifname) {
2770			$interfaceip = get_interface_ip($ifname);
2771			$subnet_bits = get_interface_subnet($ifname);
2772			$subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
2773			if(ip_in_subnet($carp_ip, "{$subnet_ip}/{$subnet_bits}"))
2774			return $ifname;
2775			}
2776
2777			return "";
2778			}
2779
2780			/***f interfaces/link_ip_to_carp_interface
2781			* NAME
2782			* link_ip_to_carp_interface - Find where a CARP interface links to.
2783			* INPUTS
2784			* $ip
2785			* RESULT
2786			* $carp_ints
2787			******/
2788			function link_ip_to_carp_interface($ip) {
2789			global $config;
2790
2791			if (!is_ipaddr($ip))
2792			return;
2793
2794			$carp_ints = "";
2795			if (is_array($config['virtualip']['vip'])) {
2796			foreach ($config['virtualip']['vip'] as $vip) {
2797			if ($vip['mode'] == "carp" \|\| $vip['mode'] == "carpdev") {
2798	6b060a2f	Scott Ullrich	$carp_ip = $vip['subnet'];
2799	abcb2bed	Ermal Lu?i	$carp_sn = $vip['subnet_bits'];
2800			$carp_nw = gen_subnet($carp_ip, $carp_sn);
2801			if (ip_in_subnet($ip, "{$carp_nw}/{$carp_sn}")) {
2802			if (!stristr($carp_ints, $carp_int))
2803			$carp_ints .= " {$carp_int}";
2804			}
2805			}
2806			}
2807			}
2808
2809			return $carp_ints;
2810			}
2811
2812	7850de1c	Ermal Lu?i	function link_interface_to_vlans($int, $action = "") {
2813			global $config;
2814
2815			if (empty($int))
2816			return;
2817
2818			$real_if = get_real_interface($int);
2819			if (is_array($config['vlans']['vlan'])) {
2820			foreach ($config['vlans']['vlan'] as $vlan) {
2821	2eac3af4	Ermal Lu?i	if ($real_if == $vlan['if']) {
2822	7850de1c	Ermal Lu?i	if ($action == "update") {
2823	bedd9bdb	Chris Buechler	foreach ($config['interfaces'] as $ifname => $ifcfg) {
2824	7850de1c	Ermal Lu?i	if ($ifcfg['if'] == $vlan['vlanif'])
2825			interface_vlan_configure($vlan);
2826			interface_configure($ifname);
2827			}
2828			} else if ($action == "")
2829			return $vlan;
2830			}
2831			}
2832			}
2833			}
2834
2835			function link_interface_to_vips($int, $action = "") {
2836	e5ac67ed	Ermal Lu?i	global $config;
2837
2838			if (is_array($config['virtualip']['vip']))
2839			foreach ($config['virtualip']['vip'] as $vip)
2840	7850de1c	Ermal Lu?i	if ($int == $vip['interface']) {
2841			if ($action == "update")
2842			interfaces_vips_configure($int);
2843			else
2844			return $vip;
2845			}
2846	e5ac67ed	Ermal Lu?i	}
2847
2848	afb2de1b	Ermal Lu?i	/***f interfaces/link_interface_to_bridge
2849			* NAME
2850			* link_interface_to_bridge - Finds out a bridge group for an interface
2851			* INPUTS
2852			* $ip
2853			* RESULT
2854			* bridge[0-99]
2855			******/
2856			function link_interface_to_bridge($int) {
2857			global $config;
2858
2859			if (is_array($config['bridges']['bridged']))
2860			foreach ($config['bridges']['bridged'] as $bridge)
2861			if(stristr($bridge['members'], "{$int}"))
2862			return "{$bridge['bridgeif']}";
2863			}
2864
2865			function link_interface_to_gre($interface) {
2866			global $config;
2867
2868			if (is_array($config['gres']['gre']))
2869			foreach ($config['gres']['gre'] as $gre)
2870			if($gre['if'] == $interface)
2871			return "{$gre['greif']}";
2872			}
2873
2874			function link_interface_to_gif($interface) {
2875			global $config;
2876
2877			if (is_array($config['gifs']['gif']))
2878			foreach ($config['gifs']['gif'] as $gif)
2879			if($gif['if'] == $interface)
2880			return "{$gif['gifif']}";
2881			}
2882
2883			/*
2884			* find_interface_ip($interface): return the interface ip (first found)
2885			*/
2886			function find_interface_ip($interface, $flush = false)
2887			{
2888			global $interface_ip_arr_cache;
2889
2890			$interface = str_replace("\n", "", $interface);
2891	00380613	Scott Ullrich
2892	afb2de1b	Ermal Lu?i	if (does_interface_exist($interface) == false)
2893			return;
2894
2895			/* Setup IP cache */
2896			if (!isset($interface_ip_arr_cache[$interface]) or $flush) {
2897	3f70e618	Ermal Lu?i	$ifinfo = pfSense_get_interface_addresses($interface);
2898			$interface_ip_arr_cache[$interface] = $ifinfo['ipaddr'];
2899	afb2de1b	Ermal Lu?i	}
2900
2901			return $interface_ip_arr_cache[$interface];
2902			}
2903
2904			function find_interface_subnet($interface, $flush = false)
2905			{
2906			global $interface_sn_arr_cache;
2907
2908			$interface = str_replace("\n", "", $interface);
2909			if (does_interface_exist($interface) == false)
2910			return;
2911
2912			if (!isset($interface_sn_arr_cache[$interface]) or $flush) {
2913	bd96e1fe	Ermal Lu?i	$ifinfo = pfSense_get_interface_addresses($interface);
2914			$interface_sn_arr_cache[$interface] = $ifinfo['subnetbits'];
2915	afb2de1b	Ermal Lu?i	}
2916
2917			return $interface_sn_arr_cache[$interface];
2918			}
2919
2920	e88fbe50	Ermal Lu?i	function get_interface_ip($interface = "wan")
2921			{
2922	85a5da13	Ermal Luçi	$realif = get_real_interface($interface);
2923	afb2de1b	Ermal Lu?i	if (!$realif) {
2924			if (preg_match("/^carp/i", $interface))
2925			$realif = $interface;
2926	564df7c2	Ermal Lu?i	else if (preg_match("/^vip/i", $interface))
2927			$realif = $interface;
2928	afb2de1b	Ermal Lu?i	else
2929			return null;
2930			}
2931
2932	67ee1ec5	Ermal Luçi	/* Do we really come here for these interfaces ?! */
2933	acc1e9d0	Scott Ullrich	if (in_array($realif, array("pptp", "pppoe", "l2tp", "openvpn", "enc0" /* , "ppp" */)))
2934	67ee1ec5	Ermal Luçi	return "";
2935	cfc707f7	Scott Ullrich
2936	5e041d5f	Scott Ullrich	$curip = find_interface_ip($realif);
2937			if ($curip && is_ipaddr($curip) && ($curip != "0.0.0.0"))
2938			return $curip;
2939	67ee1ec5	Ermal Luçi
2940	85a5da13	Ermal Luçi	return null;
2941	5b237745	Scott Ullrich	}
2942
2943	e88fbe50	Ermal Lu?i	function get_interface_subnet($interface = "wan")
2944			{
2945	31b24870	Ermal Luçi	$realif = get_real_interface($interface);
2946	e88fbe50	Ermal Lu?i	if (!$realif) {
2947			if (preg_match("/^carp/i", $interface))
2948			$realif = $interface;
2949	564df7c2	Ermal Lu?i	else if (preg_match("/^vip/i", $interface))
2950			$realif = $interface;
2951	e88fbe50	Ermal Lu?i	else
2952			return null;
2953			}
2954
2955	31b24870	Ermal Luçi	/* Do we really come here for these interfaces ?! */
2956	87d7a566	Ermal Lu?i	if (in_array($realif, array("pptp", "pppoe", "l2tp", "openvpn", "enc0" /* , "ppp" */)))
2957	31b24870	Ermal Luçi	return "";
2958
2959	5e041d5f	Scott Ullrich	$cursn = find_interface_subnet($realif);
2960			if (!empty($cursn))
2961	31b24870	Ermal Luçi	return $cursn;
2962
2963			return null;
2964			}
2965
2966	52947718	Ermal Lu?i	/* return outside interfaces with a gateway */
2967			function get_interfaces_with_gateway() {
2968	77ccab82	Scott Ullrich	global $config;
2969	52947718	Ermal Lu?i
2970			$ints = array();
2971
2972			/* loop interfaces, check config for outbound */
2973	77ccab82	Scott Ullrich	foreach($config['interfaces'] as $ifdescr => $ifname) {
2974	9ebe7028	gnhb
2975	77ccab82	Scott Ullrich	switch ($ifname['ipaddr']) {
2976			case "dhcp":
2977			case "carpdev-dhcp":
2978			case "pppoe":
2979			case "pptp":
2980	9ebe7028	gnhb	case "ppp";
2981			$ints[] = $ifdescr;
2982	77ccab82	Scott Ullrich	break;
2983			default:
2984	611ae852	Ermal	if (!empty($ifname['gateway']))
2985			$ints[] = $ifdescr;
2986	77ccab82	Scott Ullrich	break;
2987			}
2988			}
2989			return $ints;
2990	52947718	Ermal Lu?i	}
2991
2992			/* return true if interface has a gateway */
2993			function interface_has_gateway($friendly) {
2994
2995			$friendly = strtolower($friendly);
2996			if (in_array($friendly, get_interfaces_with_gateway()))
2997			return true;
2998
2999			return false;
3000			}
3001
3002	a57b119e	Bill Marquette	/***f interfaces/is_altq_capable
3003			* NAME
3004			* is_altq_capable - Test if interface is capable of using ALTQ
3005			* INPUTS
3006			* $int - string containing interface name
3007			* RESULT
3008			* boolean - true or false
3009			******/
3010
3011	eba938e3	Scott Ullrich	function is_altq_capable($int) {
3012	a57b119e	Bill Marquette	/* Per:
3013	64fe3233	Seth Mos	* http://www.freebsd.org/cgi/man.cgi?query=altq&manpath=FreeBSD+7.2-current&format=html
3014	a57b119e	Bill Marquette	* Only the following drivers have ALTQ support
3015			*/
3016	64fe3233	Seth Mos	$capable = array("age", "ale", "an", "ath", "aue", "awi", "bce",
3017			"bfe", "bge", "dc", "de", "ed", "em", "ep", "fxp", "gem",
3018			"hme", "ipw", "iwi", "jme", "le", "msk", "mxge", "my", "nfe",
3019			"npe", "nve", "ral", "re", "rl", "rum", "sf", "sis", "sk",
3020			"ste", "stge", "txp", "udav", "ural", "vge", "vr", "wi", "xl",
3021	58507f89	Ermal Lu?i	"ndis", "tun", "ovpns", "ovpnc", "vlan", "pppoe", "pptp", "ng", "ppp");
3022	a57b119e	Bill Marquette
3023			$int_family = preg_split("/[0-9]+/", $int);
3024
3025			if (in_array($int_family[0], $capable))
3026			return true;
3027	2f3446db	Ermal Lu?i	else if (stristr($int_family, "vlan")) /* VLANs are name $parent.$vlan now */
3028			return true;
3029	a57b119e	Bill Marquette	else
3030			return false;
3031			}
3032
3033	52947718	Ermal Lu?i	/***f interfaces/is_interface_wireless
3034			* NAME
3035			* is_interface_wireless - Returns if an interface is wireless
3036			* RESULT
3037			* $tmp - Returns if an interface is wireless
3038			******/
3039			function is_interface_wireless($interface) {
3040			global $config, $g;
3041
3042			$friendly = convert_real_interface_to_friendly_interface_name($interface);
3043	10394059	Scott Ullrich	if(!isset($config['interfaces'][$friendly]['wireless'])) {
3044	52947718	Ermal Lu?i	if (preg_match($g['wireless_regex'], $interface)) {
3045			$config['interfaces'][$friendly]['wireless'] = array();
3046			return true;
3047			}
3048			unset($config['interfaces'][$friendly]['wireless']);
3049			return false;
3050			} else
3051			return true;
3052			}
3053
3054	eba938e3	Scott Ullrich	function get_wireless_modes($interface) {
3055	d8c67d69	Scott Ullrich	/* return wireless modes and channels */
3056	92f7d37d	Ermal Luçi	$wireless_modes = array();
3057
3058	1b773d20	Ermal Lu?i	$wlif = interface_translate_type_to_real($interface);
3059
3060			if(is_interface_wireless($wlif)) {
3061	10394059	Scott Ullrich	$cloned_interface = get_real_interface($interface);
3062	d8c67d69	Scott Ullrich	$wi = 1;
3063	1b773d20	Ermal Lu?i	$chan_list = "/sbin/ifconfig {$cloned_interface} list chan";
3064			$stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'";
3065	1de74081	Ermal Lu?i	$format_list = "/usr/bin/awk '{print \$5 \" \" \$6 \",\" \$1}'";
3066	d8c67d69	Scott Ullrich
3067	4b0e71db	Scott Ullrich	$interface_channels = "";
3068	d8c67d69	Scott Ullrich	exec("$chan_list \| $stack_list \| sort -u \| $format_list 2>&1", $interface_channels);
3069			$interface_channel_count = count($interface_channels);
3070
3071			$c = 0;
3072			while ($c < $interface_channel_count)
3073			{
3074			$channel_line = explode(",", $interface_channels["$c"]);
3075			$wireless_mode = trim($channel_line[0]);
3076			$wireless_channel = trim($channel_line[1]);
3077	4066776d	Scott Ullrich	if(trim($wireless_mode) != "") {
3078			/* if we only have 11g also set 11b channels */
3079			if($wireless_mode == "11g") {
3080	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11b"]))
3081			$wireless_modes["11b"] = array();
3082	39c1349c	Erik Fonnesbeck	} else if($wireless_mode == "11g ht") {
3083	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11b"]))
3084			$wireless_modes["11b"] = array();
3085			if(!isset($wireless_modes["11g"]))
3086			$wireless_modes["11g"] = array();
3087	39c1349c	Erik Fonnesbeck	$wireless_mode = "11ng";
3088			} else if($wireless_mode == "11a ht") {
3089	1ae54336	Erik Fonnesbeck	if(!isset($wireless_modes["11a"]))
3090			$wireless_modes["11a"] = array();
3091	39c1349c	Erik Fonnesbeck	$wireless_mode = "11na";
3092	4066776d	Scott Ullrich	}
3093			$wireless_modes["$wireless_mode"]["$c"] = $wireless_channel;
3094			}
3095	d8c67d69	Scott Ullrich	$c++;
3096			}
3097			}
3098	4066776d	Scott Ullrich	return($wireless_modes);
3099	d8c67d69	Scott Ullrich	}
3100
3101	52947718	Ermal Lu?i	/***f interfaces/get_interface_mtu
3102			* NAME
3103			* get_interface_mtu - Return the mtu of an interface
3104			* RESULT
3105			* $tmp - Returns the mtu of an interface
3106			******/
3107			function get_interface_mtu($interface) {
3108	bd96e1fe	Ermal Lu?i	$mtu = pfSense_get_interface_addresses($interface);
3109			return $mtu['mtu'];
3110	52947718	Ermal Lu?i	}
3111
3112	eba938e3	Scott Ullrich	function get_interface_mac($interface) {
3113	7d6076f3	Ermal Lu?i
3114	3f70e618	Ermal Lu?i	$macinfo = pfSense_get_interface_addresses($interface);
3115			return $macinfo["macaddr"];
3116	f2ba47f8	Ermal Lu?i	}
3117
3118			/***f pfsense-utils/generate_random_mac_address
3119			* NAME
3120			* generate_random_mac - generates a random mac address
3121			* INPUTS
3122			* none
3123			* RESULT
3124			* $mac - a random mac address
3125			******/
3126			function generate_random_mac_address() {
3127			$mac = "02";
3128			for($x=0; $x<5; $x++)
3129			$mac .= ":" . dechex(rand(16, 255));
3130			return $mac;
3131	53c82ef9	Scott Ullrich	}
3132	b7ec2b9e	Scott Ullrich
3133	52947718	Ermal Lu?i	/***f interfaces/is_jumbo_capable
3134			* NAME
3135			* is_jumbo_capable - Test if interface is jumbo frame capable. Useful for determining VLAN capability.
3136			* INPUTS
3137			* $int - string containing interface name
3138			* RESULT
3139			* boolean - true or false
3140			******/
3141			function is_jumbo_capable($int) {
3142			global $g;
3143
3144			$int_family = preg_split("/[0-9]+/", $int);
3145
3146			if (in_array($int_family[0], $g['vlan_long_frame']))
3147			return true;
3148			else
3149			return false;
3150			}
3151
3152	53c82ef9	Scott Ullrich	function setup_pppoe_reset_file($interface, $status) {
3153			define("CRON_PPPOE_CMD_FILE", "/conf/pppoe{$interface}restart");
3154	a5d6f60b	Ermal Lu?i	define("CRON_PPPOE_CMD", "#!/bin/sh\necho '<?php require(\"config.inc\"); require(\"interfaces.inc\"); interface_reconfigure({$interface}); ?>' \| /usr/local/bin/php -q");
3155			if ($status == true) {
3156			if (!file_exists(CRON_PPPOE_CMD_FILE)) {
3157	53c82ef9	Scott Ullrich	file_put_contents(CRON_PPPOE_CMD_FILE, CRON_PPPOE_CMD);
3158			chmod(CRON_PPPOE_CMD_FILE, 0700);
3159			}
3160	a5d6f60b	Ermal Lu?i	} else
3161	53c82ef9	Scott Ullrich	unlink_if_exists(CRON_PPPOE_CMD_FILE);
3162	b7ec2b9e	Scott Ullrich	}
3163
3164	b15ae348	Seth Mos	?>

Project

General

Profile

pfSense