/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ b04eb23b

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34	0f282d7a	Scott Ullrich
35	8e9fa41d	Scott Ullrich	function activate_powerd() {
36			global $config, $g;
37			if(isset($config['system']['powerd_enable'])) {
38			exec("/usr/sbin/powerd -b adp -a adp");
39			} else {
40			exec("/usr/bin/killall powerd");
41			}
42			}
43
44	6df9d7e3	Scott Ullrich	function activate_sysctls() {
45			global $config, $g;
46	d36e6e3b	Ermal Luçi
47	68c3a264	Ermal Luçi	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000000");
48	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
49	68c3a264	Ermal Luçi	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000000");
50	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
51	99e88aa0	Ermal Luçi
52			if (is_array($config['sysctl']))
53			foreach ($config['sysctl']['item'] as $tunable)
54			mwexec("sysctl " . $tunable['tunable'] . "=\""
55			. $tunable['value'] . "\"");
56	6df9d7e3	Scott Ullrich	}
57
58	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
59	c3f535c0	Seth Mos	global $config, $g;
60
61			if(isset($config['system']['developerspew'])) {
62			$mt = microtime();
63			echo "system_resolvconf_generate() being called $mt\n";
64			}
65	ef217c69	Scott Ullrich
66			$syscfg = $config['system'];
67
68			$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
69			if (!$fd) {
70			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
71			return 1;
72			}
73
74			$resolvconf = "domain {$syscfg['domain']}\n";
75
76			$havedns = false;
77
78			if (isset($syscfg['dnsallowoverride'])) {
79	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
80			$ns = array_unique(get_nameservers());
81			foreach($ns as $nameserver) {
82			if($nameserver) {
83			$resolvconf .= "nameserver $nameserver\n";
84			$havedns = true;
85	e428c94d	Scott Ullrich	}
86	c3f535c0	Seth Mos	}
87	ef217c69	Scott Ullrich	}
88			if (!$havedns && is_array($syscfg['dnsserver'])) {
89	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
90			if ($ns) {
91			$resolvconf .= "nameserver $ns\n";
92			$havedns = true;
93	e428c94d	Scott Ullrich	}
94	e180a6e3	Scott Ullrich	}
95	c3f535c0	Seth Mos	}
96	0f282d7a	Scott Ullrich
97	ef217c69	Scott Ullrich	fwrite($fd, $resolvconf);
98			fclose($fd);
99	0f282d7a	Scott Ullrich
100	ef217c69	Scott Ullrich	if (!$g['booting']) {
101	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
102			if (!$dynupdate)
103			services_dhcpd_configure();
104	ef217c69	Scott Ullrich	}
105
106	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
107			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
108			/* setup static routes for dns servers */
109			$dnsgw = "dns{$dnscounter}gwint";
110			if (isset($config['system'][$dnsgw])) {
111			$interface = $config['system'][$dnsgw];
112			if (($interface <> "") && ($interface <> "none")) {
113			$gatewayip = get_interface_gateway($interface);
114			if(is_ipaddr($gatewayip)) {
115			/* dns server array starts at 0 */
116	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
117	c3f535c0	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}");
118			mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
119	b875f306	Scott Ullrich	}
120			}
121	e180a6e3	Scott Ullrich	}
122	c3f535c0	Seth Mos	}
123
124			return 0;
125	5b237745	Scott Ullrich	}
126
127	3d00ccaa	Scott Ullrich	function get_nameservers() {
128			global $config, $g;
129			$master_list = array();
130	cdd88d2f	Scott Ullrich	$dns_lists = split("\n", `ls /var/etc/nameserver_* 2>/dev/null`);
131	0cbcf355	Scott Ullrich	if(is_array($dns_lists)) {
132	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
133			if(!$dns)
134			continue;
135			$items = split("\n", file_get_contents($dns));
136			foreach($items as $item)
137			if($item <> "")
138			$master_list[] = $item;
139			}
140	3d00ccaa	Scott Ullrich	}
141	9ee93e3d	Scott Ullrich	if(!file_exists("/var/etc/nameservers.conf"))
142			return $master_list;
143			$dns = `cat /var/etc/nameservers.conf`;
144			$dns_s = split("\n", $dns);
145	0dbac999	Scott Ullrich	if(is_array($dns_s))
146			foreach($dns_s as $dns)
147			$master_list[] = $dns;
148	3d00ccaa	Scott Ullrich	return $master_list;
149			}
150
151	5b237745	Scott Ullrich	function system_hosts_generate() {
152	f19d3b7a	Scott Ullrich	global $config, $g;
153	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
154			$mt = microtime();
155	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
156	f19d3b7a	Scott Ullrich	}
157	0f282d7a	Scott Ullrich
158	5b237745	Scott Ullrich	$syscfg = $config['system'];
159			$lancfg = $config['interfaces']['lan'];
160	a55e9c70	Ermal Lu?i	$lancfgip = get_interface_ip("lan");
161	5b237745	Scott Ullrich	$dnsmasqcfg = $config['dnsmasq'];
162
163			if (!is_array($dnsmasqcfg['hosts'])) {
164			$dnsmasqcfg['hosts'] = array();
165			}
166			$hostscfg = $dnsmasqcfg['hosts'];
167	0f282d7a	Scott Ullrich
168	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
169			if (!$fd) {
170	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
171	5b237745	Scott Ullrich	return 1;
172			}
173	0f282d7a	Scott Ullrich
174	5b237745	Scott Ullrich	$hosts = <<<EOD
175			127.0.0.1 localhost localhost.{$syscfg['domain']}
176	a55e9c70	Ermal Lu?i
177			EOD;
178			if (is_ipaddr($lancfgip))
179			$hosts .= <<<EOD
180			{$lancfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}
181	5b237745	Scott Ullrich
182			EOD;
183	0f282d7a	Scott Ullrich
184	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
185			if ($host['host'])
186			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
187			else
188			$hosts .= "{$host['ip']} {$host['domain']}\n";
189			}
190	6a01ea44	Bill Marquette	if (isset($dnsmasqcfg['regdhcpstatic'])) {
191			foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
192			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
193	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
194	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
195			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
196	a56e787d	Scott Ullrich	}
197	5b237745	Scott Ullrich	fwrite($fd, $hosts);
198			fclose($fd);
199	0f282d7a	Scott Ullrich
200	5b237745	Scott Ullrich	return 0;
201			}
202
203			function system_hostname_configure() {
204	f19d3b7a	Scott Ullrich	global $config, $g;
205	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
206			$mt = microtime();
207	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
208	333f8ef0	Scott Ullrich	}
209	0f282d7a	Scott Ullrich
210	5b237745	Scott Ullrich	$syscfg = $config['system'];
211	0f282d7a	Scott Ullrich
212	5b237745	Scott Ullrich	/* set hostname */
213	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
214	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
215	6bfccde7	Scott Ullrich
216			/* Setup host GUID ID. This is used by ZFS. */
217			mwexec("/etc/rc.d/hostid start");
218
219			return $status;
220	5b237745	Scott Ullrich	}
221
222			function system_routing_configure() {
223	f19d3b7a	Scott Ullrich	global $config, $g;
224	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
225			$mt = microtime();
226	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
227	58c7450e	Scott Ullrich	}
228	333f8ef0	Scott Ullrich
229	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
230			if(isset($config['staticroutes']['enablefastrouting']))
231			mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
232
233	6e17413e	Ermal Lu?i	$route_str = exec_command("/usr/bin/netstat -rn");
234	e0b4e47f	Seth Mos
235	5b237745	Scott Ullrich	/* clear out old routes, if necessary */
236			if (file_exists("{$g['vardb_path']}/routes.db")) {
237			$fd = fopen("{$g['vardb_path']}/routes.db", "r");
238			if (!$fd) {
239			printf("Error: cannot open routes DB file in system_routing_configure().\n");
240	0f282d7a	Scott Ullrich	return 1;
241	5b237745	Scott Ullrich	}
242			while (!feof($fd)) {
243	b24bda08	Scott Ullrich	$oldrt = trim(fgets($fd));
244			if (($oldrt) && (stristr($route_str, $oldrt)))
245			mwexec("/sbin/route delete " . escapeshellarg($oldrt));
246	5b237745	Scott Ullrich	}
247			fclose($fd);
248			unlink("{$g['vardb_path']}/routes.db");
249			}
250	0f282d7a	Scott Ullrich
251	d173230c	Seth Mos	/* if list */
252	b6db9217	Ermal Luçi	$iflist = get_configured_interface_list();
253	d173230c	Seth Mos
254	b24bda08	Scott Ullrich	$dont_remove_route = false;
255			foreach ($iflist as $ifent => $ifname) {
256	6e17413e	Ermal Lu?i	/*
257			* XXX: The value of this is really when this function can take
258			* an interface as parameter.
259			*/
260	b24bda08	Scott Ullrich	/* do not process interfaces that will end up with gateways */
261	6e17413e	Ermal Lu?i	if (interface_has_gateway($ifent) \|\|
262			$config['interfaces'][$ifent]['ipaddr'] == "carpdev-dhcp") {
263	b24bda08	Scott Ullrich	$dont_remove_route = true;
264	6e17413e	Ermal Lu?i	break;
265			}
266	b24bda08	Scott Ullrich	}
267	d173230c	Seth Mos
268	6e17413e	Ermal Lu?i	if ($dont_remove_route == false) {
269	b24bda08	Scott Ullrich	/* remove default route */
270			mwexec("/sbin/route delete default", true);
271	d173230c	Seth Mos	}
272
273			$dont_add_route = false;
274			/* if OLSRD is enabled, allow WAN to house DHCP. */
275			if($config['installedpackages']['olsrd']) {
276			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
277			if($olsrd['enabledyngw'] == "on") {
278			$dont_add_route = true;
279	6e17413e	Ermal Lu?i	break;
280	d173230c	Seth Mos	}
281			}
282			}
283
284			if($dont_add_route == false) {
285	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
286	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
287			if(isset($gateway['defaultgw'])) {
288	b24bda08	Scott Ullrich	$gatewayip = $gateway['gateway'];
289			$interfacegw = $gateway['interface'];
290	3b9758de	Seth Mos	}
291	d173230c	Seth Mos	}
292	b24bda08	Scott Ullrich	if(($interfacegw <> "bgpd") && (is_ipaddr($gatewayip)))
293			mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
294	ef9ed4cd	Chris Buechler	} else {
295	69c8c66c	Seth Mos	/* FIXME */
296	ef9ed4cd	Chris Buechler	/* adding gateway for 1.2-style configs without the new
297			gateway setup configured.
298			Force WAN to be default gateway because that is the
299			1.2 behavior.
300			*/
301			if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
302			$gatewayip = $config['interfaces']['wan']['gateway'];
303	4e7a2819	Seth Mos	mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
304	ef9ed4cd	Chris Buechler	}
305	d173230c	Seth Mos	}
306			}
307
308	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
309	0f282d7a	Scott Ullrich
310	5b237745	Scott Ullrich	$fd = fopen("{$g['vardb_path']}/routes.db", "w");
311			if (!$fd) {
312			printf("Error: cannot open routes DB file in system_routing_configure().\n");
313	0f282d7a	Scott Ullrich	return 1;
314	5b237745	Scott Ullrich	}
315	0f282d7a	Scott Ullrich
316	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
317	0721c4f8	Chris Buechler	if(is_array($config['gateways']['gateway_item'])) {
318	3b9758de	Seth Mos	foreach($config['gateways']['gateway_item'] as $gateway) {
319			if($rtent['gateway'] == $gateway['name']) {
320			$gatewayip = $gateway['gateway'];
321			$interfacegw = $gateway['interface'];
322			}
323	d173230c	Seth Mos	}
324			}
325	b24bda08	Scott Ullrich	if((is_ipaddr($rtent['gateway'])) && ($gatewayip == "")) {
326			$gatewayip = $rtent['gateway'];
327			$interfacegw = $rtent['interface'];
328			}
329			if(isset($rtent['interfacegateway'])) {
330			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
331			" -iface " . escapeshellarg(convert_friendly_interface_to_real_interface_name($interfacegw)));
332			} else {
333			mwexec("/sbin/route add " . escapeshellarg($rtent['network']) .
334			" " . escapeshellarg($gatewayip));
335	7a98edde	Seth Mos	}
336	b24bda08	Scott Ullrich	/* record route so it can be easily removed later (if necessary) */
337			fwrite($fd, $rtent['network'] . "\n");
338	5b237745	Scott Ullrich	}
339	0f282d7a	Scott Ullrich	fclose($fd);
340	5b237745	Scott Ullrich	}
341	67ee1ec5	Ermal Luçi
342	b9c501ea	Seth Mos	return 0;
343	5b237745	Scott Ullrich	}
344
345	b24bda08	Scott Ullrich
346	5b237745	Scott Ullrich	function system_routing_enable() {
347	f19d3b7a	Scott Ullrich	global $config, $g;
348	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
349			$mt = microtime();
350	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
351	58c7450e	Scott Ullrich	}
352	0f282d7a	Scott Ullrich
353	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
354	5b237745	Scott Ullrich	}
355
356			function system_syslogd_start() {
357	f19d3b7a	Scott Ullrich	global $config, $g;
358	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
359			$mt = microtime();
360	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
361	58c7450e	Scott Ullrich	}
362	0f282d7a	Scott Ullrich
363	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
364
365	0f282d7a	Scott Ullrich	if ($g['booting'])
366	f05740c1	Scott Ullrich	echo "Starting syslog...";
367	5b237745	Scott Ullrich	else
368			killbypid("{$g['varrun_path']}/syslog.pid");
369	0f282d7a	Scott Ullrich
370	fa60d6f7	Scott Ullrich	mwexec("/usr/bin/killall -9 syslogd");
371			mwexec("/usr/bin/killall -9 fifolog_writer");
372	7ee97cb3	Scott Ullrich
373			// Define carious commands for logging
374			$fifolog_create = "/usr/sbin/fifolog_create -s ";
375			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
376			$clog_create = "/usr/sbin/clog -i -s ";
377			$clog_log = "%";
378
379			// Which logging type are we using this week??
380			if(isset($config['system']['usefifolog'])) {
381			$log_directive = $fifolog_log;
382			$log_create_directive = $fifolog_create;
383			} else { // Defaults to CLOG
384			$log_directive = $clog_log;
385			$log_create_directive = $clog_create;
386			}
387
388	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
389	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
390	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
391	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
392			if($package['logging']) {
393	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
394	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
395	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
396	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
397	fe5f3b38	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
398	a728d2ea	Colin Smith	}
399	0d9d2a1b	Scott Ullrich	}
400			}
401	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
402	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
403	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
404			if (!$fd) {
405			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
406			return 1;
407			}
408	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
409	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
410	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
411	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
412	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
413	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
414	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['vpn']))
415	9dac9942	Scott Ullrich	$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
416	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
417	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
418	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
419	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['vpn']))
420	9dac9942	Scott Ullrich	$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
421	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
422	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
423	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
424	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
425			local3.* {$log_directive}{$g['varlog_path']}/vpn.log
426			local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
427			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
428			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
429			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
430			local7.none {$log_directive}{$g['varlog_path']}/system.log
431			security.* {$log_directive}{$g['varlog_path']}/system.log
432			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
433			local1.* {$log_directive}{$g['varlog_path']}/relayd.log
434	9dac9942	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
435			.emerg
436	0a123b4c	Scott Ullrich
437	5b237745	Scott Ullrich	EOD;
438	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['filter']))
439	9dac9942	Scott Ullrich	$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
440	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['vpn']))
441	9dac9942	Scott Ullrich	$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
442	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['portalauth']))
443	9dac9942	Scott Ullrich	$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
444	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['dhcp']))
445	9dac9942	Scott Ullrich	$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
446	0d9d2a1b	Scott Ullrich	if (isset($syslogcfg['system']))
447	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
448	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
449			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
450			security.* @{$syslogcfg['remoteserver']}
451			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
452			*.emerg @{$syslogcfg['remoteserver']}
453	d2834563	Scott Ullrich
454	5b237745	Scott Ullrich	EOD;
455			fwrite($fd, $syslogconf);
456			fclose($fd);
457	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
458			if(strpos($syslogconf, "@") != false)
459	0d9d2a1b	Scott Ullrich	$retval = system("/usr/sbin/syslogd -f {$g['varetc_path']}/syslog.conf");
460	6a638a89	Scott Ullrich	else
461	0d9d2a1b	Scott Ullrich	$retval = system("/usr/sbin/syslogd -f {$g['varetc_path']}/syslog.conf");
462	5b237745	Scott Ullrich
463			} else {
464	2ccad09a	Scott Ullrich	$retval = mwexec("/usr/sbin/syslogd");
465	5b237745	Scott Ullrich	}
466	0f282d7a	Scott Ullrich
467	5b237745	Scott Ullrich	if ($g['booting'])
468	5c6d0f65	Colin Smith	echo "done.\n";
469	0f282d7a	Scott Ullrich
470	5b237745	Scott Ullrich	return $retval;
471			}
472
473			function system_pccard_start() {
474	f19d3b7a	Scott Ullrich	global $config, $g;
475	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
476			$mt = microtime();
477	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
478	58c7450e	Scott Ullrich	}
479	0f282d7a	Scott Ullrich
480	5b237745	Scott Ullrich	if ($g['booting'])
481	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
482	0f282d7a	Scott Ullrich
483	5b237745	Scott Ullrich	/* kill any running pccardd */
484			killbypid("{$g['varrun_path']}/pccardd.pid");
485	0f282d7a	Scott Ullrich
486	5b237745	Scott Ullrich	/* fire up pccardd */
487			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
488	0f282d7a	Scott Ullrich
489	5b237745	Scott Ullrich	if ($g['booting']) {
490			if ($res == 0)
491	5c6d0f65	Colin Smith	echo "done.\n";
492	5b237745	Scott Ullrich	else
493	5c6d0f65	Colin Smith	echo "failed!\n";
494	5b237745	Scott Ullrich	}
495	0f282d7a	Scott Ullrich
496	5b237745	Scott Ullrich	return $res;
497			}
498
499	819197a8	Scott Ullrich
500	5b237745	Scott Ullrich	function system_webgui_start() {
501	f19d3b7a	Scott Ullrich	global $config, $g;
502	877ac35d	Scott Ullrich
503			if ($g['booting'])
504	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
505	877ac35d	Scott Ullrich
506	383a4439	Scott Ullrich	/* kill any running lighttpd */
507	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
508
509	e9d0bf64	Scott Ullrich	sleep(1);
510
511	877ac35d	Scott Ullrich	chdir($g['www_path']);
512
513	fb1266d3	Matthew Grooms	/* defaults */
514			$portarg = "80";
515			$crt = "";
516			$key = "";
517
518	877ac35d	Scott Ullrich	/* non-standard port? */
519			if ($config['system']['webgui']['port'])
520	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
521	877ac35d	Scott Ullrich
522			if ($config['system']['webgui']['protocol'] == "https") {
523
524	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
525			if(is_array($cert) && $cert['crt'] && $cert['prv']) {
526			$crt = base64_decode($cert['crt']);
527			$key = base64_decode($cert['prv']);
528			if(!$config['system']['webgui']['port'])
529			$portarg = "443";
530			} else
531			log_error("Invalid webConfigurator https certificate, defaulting to http");
532	877ac35d	Scott Ullrich	}
533
534			/* generate lighttpd configuration */
535			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
536	fb1266d3	Matthew Grooms	$crt, $key, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
537	877ac35d	Scott Ullrich
538			/* attempt to start lighthttpd */
539			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
540
541			if ($g['booting']) {
542			if ($res == 0)
543			echo "done.\n";
544			else
545			echo "failed!\n";
546			}
547
548			return $res;
549			}
550
551	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
552			$cert,
553			$key,
554			$pid_file,
555			$port = 80,
556			$document_root = "/usr/local/www/",
557			$cert_location = "cert.pem",
558	b5317d07	Scott Ullrich	$max_procs = 2,
559	eb0f441c	Scott Ullrich	$max_requests = "1",
560			$fast_cgi_enable = true,
561			$captive_portal = false) {
562	58c7450e	Scott Ullrich
563	f19d3b7a	Scott Ullrich	global $config, $g;
564
565	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
566			$mt = microtime();
567	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
568	58c7450e	Scott Ullrich	}
569
570	eb0f441c	Scott Ullrich	if($captive_portal == true) {
571			$captiveportal = ",\"mod_rewrite\"";
572	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
573	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
574			$maxprocperip = $config['captiveportal']['maxprocperip'];
575	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
576			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
577			else
578			$captive_portal_mod_evasive = "";
579	3306a341	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"/tmp/captiveportal/\" )\n";
580			exec("mkdir -p /tmp/captiveportal");
581			exec("chmod a-w /tmp/captiveportal");
582	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
583	b0bdc06e	Scott Ullrich	} else {
584			$captive_portal_module = "";
585			$captive_portal_mod_evasive = "";
586	3306a341	Scott Ullrich	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n";
587	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
588	eb0f441c	Scott Ullrich	}
589	3306a341	Scott Ullrich
590	28cae949	Scott Ullrich	if($port <> "")
591			$lighty_port = $port;
592			else
593			$lighty_port = "80";
594	3d77d4c4	Scott Ullrich
595			$memory = get_memory();
596			$avail = $memory[0];
597
598	b0bdc06e	Scott Ullrich	if($avail > 0 and $avail < 98) {
599	f994f4d6	Scott Ullrich	$max_procs = 1;
600			$max_requests = 1;
601	52624d2c	Scott Ullrich	}
602	1a043fa7	Scott Ullrich
603	b0bdc06e	Scott Ullrich	if($avail > 97 and $avail < 128) {
604	04f4a116	Ermal Luçi	$max_procs = 1;
605			$max_requests = 3;
606	b0bdc06e	Scott Ullrich	}
607
608			if($avail > 127 and $avail < 256) {
609	04f4a116	Ermal Luçi	$max_procs = 1;
610	6e337a84	Scott Ullrich	$max_requests = 5;
611	b0bdc06e	Scott Ullrich	}
612
613			if($avail > 255 and $avail < 384) {
614			$max_procs = 3;
615	6e337a84	Scott Ullrich	$max_requests = 10;
616	b0bdc06e	Scott Ullrich	}
617
618	8cd294de	Chris Buechler	if($avail > 383) {
619	b0bdc06e	Scott Ullrich	$max_procs = 4;
620	6e337a84	Scott Ullrich	$max_requests = 16;
621	b0bdc06e	Scott Ullrich	}
622
623	6e337a84	Scott Ullrich	if($captive_portal == true) {
624			$bin_environment = <<<EOC
625	5e041d5f	Scott Ullrich	"bin-environment" => (
626			"PHP_FCGI_CHILDREN" => "16",
627			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
628	6e337a84	Scott Ullrich	),
629			EOC;
630
631	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
632			$bin_environment = <<<EOC
633			"bin-environment" => (
634			"PHP_FCGI_CHILDREN" => "1",
635			"PHP_FCGI_MAX_REQUESTS" => "{$max_requests}"
636			),
637
638			EOC;
639			} else
640	6e337a84	Scott Ullrich	$bin_environment = "";
641
642	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
643	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
644	4edb490d	Scott Ullrich	$cgi_config = "";
645			$fastcgi_config = <<<EOD
646			#### fastcgi module
647			## read fastcgi.txt for more info
648	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
649			( "localhost" =>
650			(
651			"socket" => "/tmp/php-fastcgi.socket",
652	5e041d5f	Scott Ullrich	"min-procs" => 1,
653	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
654	6e337a84	Scott Ullrich	{$bin_environment}
655	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
656			)
657			)
658			)
659	4edb490d	Scott Ullrich
660	dde4f60c	Scott Ullrich	#### CGI module
661	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
662	dde4f60c	Scott Ullrich
663	4edb490d	Scott Ullrich	EOD;
664			} else {
665			$fastcgi_config = "";
666			$module = "\"mod_cgi\"";
667			$cgi_config = <<<EOD
668			#### CGI module
669			cgi.assign = ( ".php" => "/usr/local/bin/php",
670	d4302f46	Espen Johansen	".cgi" => "" )
671	333f8ef0	Scott Ullrich
672	4edb490d	Scott Ullrich	EOD;
673			}
674	333f8ef0	Scott Ullrich
675	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
676	28cae949	Scott Ullrich	#
677	a632cf43	Scott Ullrich	# lighttpd configuration file
678			#
679			# use a it as base for lighttpd 1.0.0 and above
680	28cae949	Scott Ullrich	#
681	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
682
683	770b4b9c	Scott Ullrich	## FreeBSD!
684	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
685			server.network-backend = "writev"
686	096261af	Scott Ullrich
687	a632cf43	Scott Ullrich	## modules to load
688	4edb490d	Scott Ullrich	server.modules = (
689	c93ad789	Scott Ullrich	{$captive_portal_module}
690			"mod_access", "mod_accesslog", "mod_expire", "mod_compress",
691			{$module}{$captiveportal}
692			)
693	28cae949	Scott Ullrich
694			## Unused modules
695	6a019c11	Scott Ullrich	# "mod_setenv",
696			# "mod_compress"
697			# "mod_redirect",
698			# "mod_rewrite",
699	28cae949	Scott Ullrich	# "mod_ssi",
700			# "mod_usertrack",
701			# "mod_expire",
702			# "mod_secdownload",
703			# "mod_rrdtool",
704	a632cf43	Scott Ullrich	# "mod_auth",
705			# "mod_status",
706	28cae949	Scott Ullrich	# "mod_alias",
707	a632cf43	Scott Ullrich	# "mod_proxy",
708			# "mod_simple_vhost",
709			# "mod_evhost",
710			# "mod_userdir",
711	28cae949	Scott Ullrich	# "mod_cgi",
712			# "mod_accesslog"
713	a632cf43	Scott Ullrich
714	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
715			server.max-keep-alive-idle = 30
716
717	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
718			## server.virtual-* options
719	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
720	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
721	a632cf43	Scott Ullrich
722	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
723			server.max-write-idle = 999
724
725	a632cf43	Scott Ullrich	## where to send error-messages to
726	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
727	a632cf43	Scott Ullrich
728			# files to check for if .../ is requested
729			server.indexfiles = ( "index.php", "index.html",
730			"index.htm", "default.htm" )
731
732			# mimetype mapping
733			mimetype.assign = (
734			".pdf" => "application/pdf",
735			".sig" => "application/pgp-signature",
736			".spl" => "application/futuresplash",
737			".class" => "application/octet-stream",
738			".ps" => "application/postscript",
739			".torrent" => "application/x-bittorrent",
740			".dvi" => "application/x-dvi",
741			".gz" => "application/x-gzip",
742			".pac" => "application/x-ns-proxy-autoconfig",
743			".swf" => "application/x-shockwave-flash",
744			".tar.gz" => "application/x-tgz",
745			".tgz" => "application/x-tgz",
746			".tar" => "application/x-tar",
747			".zip" => "application/zip",
748			".mp3" => "audio/mpeg",
749			".m3u" => "audio/x-mpegurl",
750			".wma" => "audio/x-ms-wma",
751			".wax" => "audio/x-ms-wax",
752			".ogg" => "audio/x-wav",
753			".wav" => "audio/x-wav",
754			".gif" => "image/gif",
755			".jpg" => "image/jpeg",
756			".jpeg" => "image/jpeg",
757			".png" => "image/png",
758			".xbm" => "image/x-xbitmap",
759			".xpm" => "image/x-xpixmap",
760			".xwd" => "image/x-xwindowdump",
761			".css" => "text/css",
762			".html" => "text/html",
763			".htm" => "text/html",
764			".js" => "text/javascript",
765			".asc" => "text/plain",
766			".c" => "text/plain",
767			".conf" => "text/plain",
768			".text" => "text/plain",
769			".txt" => "text/plain",
770			".dtd" => "text/xml",
771			".xml" => "text/xml",
772			".mpeg" => "video/mpeg",
773			".mpg" => "video/mpeg",
774			".mov" => "video/quicktime",
775			".qt" => "video/quicktime",
776			".avi" => "video/x-msvideo",
777			".asf" => "video/x-ms-asf",
778			".asx" => "video/x-ms-asf",
779			".wmv" => "video/x-ms-wmv",
780			".bz2" => "application/x-bzip",
781			".tbz" => "application/x-bzip-compressed-tar",
782			".tar.bz2" => "application/x-bzip-compressed-tar"
783			)
784
785			# Use the "Content-Type" extended attribute to obtain mime type if possible
786			#mimetypes.use-xattr = "enable"
787
788			#### accesslog module
789	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
790	a632cf43	Scott Ullrich
791			## deny access the file-extensions
792			#
793			# ~ is for backupfiles from vi, emacs, joe, ...
794			# .inc is often used for code includes which should in general not be part
795			# of the document-root
796			url.access-deny = ( "~", ".inc" )
797
798
799			######### Options that are good to be but not neccesary to be changed #######
800
801			## bind to port (default: 80)
802	28cae949	Scott Ullrich	server.port = {$lighty_port}
803	a632cf43	Scott Ullrich
804			## error-handler for status 404
805			#server.error-handler-404 = "/error-handler.html"
806			#server.error-handler-404 = "/error-handler.php"
807
808			## to help the rc.scripts
809			server.pid-file = "/var/run/{$pid_file}"
810
811			## virtual directory listings
812	28cae949	Scott Ullrich	server.dir-listing = "disable"
813	a632cf43	Scott Ullrich
814			## enable debugging
815	28cae949	Scott Ullrich	debug.log-request-header = "disable"
816			debug.log-response-header = "disable"
817			debug.log-request-handling = "disable"
818			debug.log-file-not-found = "disable"
819	a632cf43	Scott Ullrich
820	3306a341	Scott Ullrich	{$server_upload_dirs}
821	1ef7b568	Scott Ullrich
822	a6e8af9c	Scott Ullrich	{$server_max_request_size}
823	ee959dc4	Scott Ullrich
824	4edb490d	Scott Ullrich	{$fastcgi_config}
825
826			{$cgi_config}
827	a632cf43	Scott Ullrich
828	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
829
830	569f47e9	Scott Ullrich	# Turn on Lighty caching directives
831			compress.cache-dir = "/tmp/"
832			compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css")
833
834			expire.url = (
835	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
836	569f47e9	Scott Ullrich	)
837
838	a632cf43	Scott Ullrich	EOD;
839
840	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
841	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
842	7aae518a	Scott Ullrich
843			$cert = str_replace("\n\n", "\n", $cert);
844	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
845	7aae518a	Scott Ullrich
846	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
847	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
848	5b237745	Scott Ullrich	if (!$fd) {
849			printf("Error: cannot open cert.pem in system_webgui_start().\n");
850			return 1;
851			}
852	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
853	5b237745	Scott Ullrich	fwrite($fd, $cert);
854			fwrite($fd, "\n");
855			fwrite($fd, $key);
856			fclose($fd);
857	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
858	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
859	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
860	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
861	5b237745	Scott Ullrich	}
862	0f282d7a	Scott Ullrich
863	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
864	a632cf43	Scott Ullrich	if (!$fd) {
865	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
866	a632cf43	Scott Ullrich	return 1;
867	5b237745	Scott Ullrich	}
868	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
869			fclose($fd);
870
871			return 0;
872	0f282d7a	Scott Ullrich
873	5b237745	Scott Ullrich	}
874
875			function system_timezone_configure() {
876	f19d3b7a	Scott Ullrich	global $config, $g;
877	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
878			$mt = microtime();
879	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
880	333f8ef0	Scott Ullrich	}
881	5b237745	Scott Ullrich
882			$syscfg = $config['system'];
883
884			if ($g['booting'])
885	f05740c1	Scott Ullrich	echo "Setting timezone...";
886	5b237745	Scott Ullrich
887			/* extract appropriate timezone file */
888			$timezone = $syscfg['timezone'];
889			if (!$timezone)
890			$timezone = "Etc/UTC";
891	0f282d7a	Scott Ullrich
892	34febcde	Scott Ullrich	conf_mount_rw();
893
894	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
895	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
896
897	4efd4885	Scott Ullrich	mwexec("sync");
898	27150275	Scott Ullrich	conf_mount_ro();
899	34febcde	Scott Ullrich
900	5b237745	Scott Ullrich	if ($g['booting'])
901	5c6d0f65	Colin Smith	echo "done.\n";
902	5b237745	Scott Ullrich	}
903
904			function system_ntp_configure() {
905	f19d3b7a	Scott Ullrich	global $config, $g;
906	5b237745	Scott Ullrich
907			$syscfg = $config['system'];
908
909	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
910			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
911			if(!$fd) {
912	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
913	20b90e0a	Scott Ullrich	return;
914	5b237745	Scott Ullrich	}
915
916	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
917			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
918			fwrite($fd, "# \n\n");
919	0f282d7a	Scott Ullrich
920	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
921			foreach (explode(' ', $syscfg['timeservers']) as $ts)
922			fwrite($fd, "servers {$ts}\n");
923	0f282d7a	Scott Ullrich
924	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
925	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
926			/* server config is in coregui1 */
927	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
928			if ($xmlsettings['enable'] == 'on') {
929			$ifaces = explode(',', $xmlsettings['interface']);
930			$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
931			$ifaces = array_filter($ifaces, 'does_interface_exist');
932			$ips = array_map('find_interface_ip', $ifaces);
933			foreach ($ips as $ip) {
934	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
935	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
936			}
937	95594e5a	Scott Ullrich	}
938			}
939
940	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
941	0f282d7a	Scott Ullrich
942	20b90e0a	Scott Ullrich	/* slurp! */
943			fclose($fd);
944
945			/* if openntpd is running, kill it */
946	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
947	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall ntpd", true);
948	5f3e1f12	Scott Ullrich	}
949
950			/* if /var/empty does not exist, create it */
951			if(!is_dir("/var/empty"))
952			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
953
954	4a40de3c	Scott Ullrich	if($g['booting'])
955			return;
956
957	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
958			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
959	0f282d7a	Scott Ullrich
960	5b237745	Scott Ullrich	}
961
962	652cf082	Seth Mos	function sync_system_time() {
963			global $config, $g;
964
965			$syscfg = $config['system'];
966
967			if ($g['booting'])
968	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
969	652cf082	Seth Mos
970			/* foreach through servers and write out to ntpd.conf */
971			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
972			mwexec("/usr/sbin/ntpdate -s $ts");
973			}
974	4582b281	Scott Ullrich
975			if ($g['booting'])
976			echo "done.\n";
977
978	652cf082	Seth Mos	}
979
980	405e5de0	Scott Ullrich	function system_halt() {
981			global $g;
982
983			system_reboot_cleanup();
984
985			mwexec("nohup /etc/rc.halt > /dev/null 2>&1 &");
986			}
987
988	5b237745	Scott Ullrich	function system_reboot() {
989			global $g;
990	0f282d7a	Scott Ullrich
991	5b237745	Scott Ullrich	system_reboot_cleanup();
992	0f282d7a	Scott Ullrich
993	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
994			}
995
996			function system_reboot_sync() {
997			global $g;
998	0f282d7a	Scott Ullrich
999	5b237745	Scott Ullrich	system_reboot_cleanup();
1000	0f282d7a	Scott Ullrich
1001	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1002			}
1003
1004			function system_reboot_cleanup() {
1005	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1006	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1007			}
1008
1009			function system_do_shell_commands($early = 0) {
1010	f19d3b7a	Scott Ullrich	global $config, $g;
1011	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1012			$mt = microtime();
1013	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1014	58c7450e	Scott Ullrich	}
1015	0f282d7a	Scott Ullrich
1016	5b237745	Scott Ullrich	if ($early)
1017			$cmdn = "earlyshellcmd";
1018			else
1019			$cmdn = "shellcmd";
1020	0f282d7a	Scott Ullrich
1021	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1022	333f8ef0	Scott Ullrich
1023	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1024	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1025			exec($cmd);
1026			}
1027	245388b4	Scott Ullrich
1028			} elseif($config['system'][$cmdn] <> "") {
1029	333f8ef0	Scott Ullrich
1030	245388b4	Scott Ullrich	/* execute single item */
1031			exec($config['system'][$cmdn]);
1032
1033	5b237745	Scott Ullrich	}
1034			}
1035
1036			function system_console_configure() {
1037	f19d3b7a	Scott Ullrich	global $config, $g;
1038	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1039			$mt = microtime();
1040	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1041	333f8ef0	Scott Ullrich	}
1042	0f282d7a	Scott Ullrich
1043	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1044			touch("{$g['varetc_path']}/disableconsole");
1045			} else {
1046			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1047			}
1048			}
1049
1050			function system_dmesg_save() {
1051	f19d3b7a	Scott Ullrich	global $g;
1052	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1053			$mt = microtime();
1054	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1055	f19d3b7a	Scott Ullrich	}
1056	0f282d7a	Scott Ullrich
1057	767a716e	Scott Ullrich	$dmesg = "";
1058	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1059	0f282d7a	Scott Ullrich
1060	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1061			$lastcpline = 0;
1062	0f282d7a	Scott Ullrich
1063	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1064			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1065			$lastcpline = $i;
1066			}
1067	0f282d7a	Scott Ullrich
1068	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1069			if (!$fd) {
1070			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1071			return 1;
1072			}
1073	0f282d7a	Scott Ullrich
1074	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1075			fwrite($fd, $dmesg[$i] . "\n");
1076	0f282d7a	Scott Ullrich
1077	5b237745	Scott Ullrich	fclose($fd);
1078	0f282d7a	Scott Ullrich
1079	5b237745	Scott Ullrich	return 0;
1080			}
1081
1082			function system_set_harddisk_standby() {
1083	f19d3b7a	Scott Ullrich	global $g, $config;
1084	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1085			$mt = microtime();
1086	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1087	58c7450e	Scott Ullrich	}
1088	5b237745	Scott Ullrich
1089			if (isset($config['system']['harddiskstandby'])) {
1090			if ($g['booting']) {
1091	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1092	5b237745	Scott Ullrich	}
1093
1094			$standby = $config['system']['harddiskstandby'];
1095			// Check for a numeric value
1096			if (is_numeric($standby)) {
1097			// Sync the disk(s)
1098			mwexec('/bin/sync');
1099			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1100			// Reinitialize ATA-drives
1101			mwexec('/usr/local/sbin/atareinit');
1102			if ($g['booting']) {
1103	5c6d0f65	Colin Smith	echo "done.\n";
1104	5b237745	Scott Ullrich	}
1105			} else if ($g['booting']) {
1106	5c6d0f65	Colin Smith	echo "failed!\n";
1107	5b237745	Scott Ullrich	}
1108			} else if ($g['booting']) {
1109	5c6d0f65	Colin Smith	echo "failed!\n";
1110	5b237745	Scott Ullrich	}
1111			}
1112			}
1113
1114	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1115	f19d3b7a	Scott Ullrich	global $config;
1116	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1117			$mt = microtime();
1118	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1119	58c7450e	Scott Ullrich	}
1120	243aa7b9	Scott Ullrich
1121	6df9d7e3	Scott Ullrich	activate_sysctls();
1122
1123	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1124			system_disable_arp_wrong_if();
1125			}
1126			}
1127
1128			function system_disable_arp_wrong_if() {
1129	f19d3b7a	Scott Ullrich	global $config;
1130	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1131			$mt = microtime();
1132	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1133	333f8ef0	Scott Ullrich	}
1134	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1135	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1136	3ff9d424	Scott Ullrich	}
1137
1138	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1139	f19d3b7a	Scott Ullrich	global $config;
1140	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1141			$mt = microtime();
1142	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1143	58c7450e	Scott Ullrich	}
1144	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1145	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1146	243aa7b9	Scott Ullrich	}
1147
1148	a199b93e	Scott Ullrich	function enable_watchdog() {
1149			global $config;
1150			$install_watchdog = false;
1151			$supported_watchdogs = array("Geode");
1152			$file = file_get_contents("/var/log/dmesg.boot");
1153			foreach($supported_watchdogs as $sd) {
1154			if(stristr($file, "Geode")) {
1155			$install_watchdog = true;
1156			}
1157			}
1158			if($install_watchdog == true) {
1159	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1160	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1161	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1162	a199b93e	Scott Ullrich	}
1163			}
1164	243aa7b9	Scott Ullrich
1165	a55e9c70	Ermal Lu?i	?>

Project

General

Profile

pfSense