/usr/local/www/diag_backup.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/diag_backup.php @ b5249aa3

1	8ccc8f1a	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			diag_backup.php
5	13d193c2	Scott Ullrich	Copyright (C) 2004-2009 Scott Ullrich
6	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
7	929db667	Scott Ullrich	All rights reserved.
8	8ccc8f1a	Scott Ullrich
9	929db667	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
10	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
11			All rights reserved.
12	8ccc8f1a	Scott Ullrich
13	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
14			modification, are permitted provided that the following conditions are met:
15	8ccc8f1a	Scott Ullrich
16	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
17			this list of conditions and the following disclaimer.
18	8ccc8f1a	Scott Ullrich
19	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
20			notice, this list of conditions and the following disclaimer in the
21			documentation and/or other materials provided with the distribution.
22	8ccc8f1a	Scott Ullrich
23	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32			POSSIBILITY OF SUCH DAMAGE.
33			*/
34
35	13d193c2	Scott Ullrich	/*
36			pfSense_BUILDER_BINARIES: /sbin/shutdown
37			pfSense_MODULE: backup
38			*/
39
40	6b07c15a	Matthew Grooms	##\|+PRIV
41			##\|*IDENT=page-diagnostics-backup/restore
42			##\|*NAME=Diagnostics: Backup/restore page
43			##\|*DESCR=Allow access to the 'Diagnostics: Backup/restore' page.
44			##\|MATCH=diag_backup.php
45			##\|-PRIV
46
47	47d11b79	Mark Crane	/* Allow additional execution time 0 = no limit. */
48	3420028c	Scott Ullrich	ini_set('max_execution_time', '0');
49			ini_set('max_input_time', '0');
50	47d11b79	Mark Crane
51	5b237745	Scott Ullrich	/* omit no-cache headers because it confuses IE with file downloads */
52			$omit_nocacheheaders = true;
53	99b1cc43	Scott Ullrich	$nocsrf = true;
54	8ccc8f1a	Scott Ullrich	require("guiconfig.inc");
55	7a927e67	Scott Ullrich	require_once("functions.inc");
56			require_once("filter.inc");
57			require_once("shaper.inc");
58	5b237745	Scott Ullrich
59	8bdb6879	Darren Embry	$rrddbpath = "/var/db/rrd";
60			$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
61
62			function rrd_data_xml() {
63			global $rrddbpath;
64			global $rrdtool;
65	73ed069b	Renato Botelho
66	8bdb6879	Darren Embry	$result = "\t<rrddata>\n";
67			$rrd_files = glob("{$rrddbpath}/*.rrd");
68			$xml_files = array();
69			foreach ($rrd_files as $rrd_file) {
70			$basename = basename($rrd_file);
71			$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
72			exec("$rrdtool dump '{$rrd_file}' '{$xml_file}'");
73			$xml_data = file_get_contents($xml_file);
74			unlink($xml_file);
75			if ($xml_data !== false) {
76			$result .= "\t\t<rrddatafile>\n";
77			$result .= "\t\t\t<filename>{$basename}</filename>\n";
78			$result .= "\t\t\t<xmldata>" . base64_encode(gzdeflate($xml_data)) . "</xmldata>\n";
79			$result .= "\t\t</rrddatafile>\n";
80			}
81			}
82			$result .= "\t</rrddata>\n";
83			return $result;
84			}
85
86	754b75d0	Darren Embry	function restore_rrddata() {
87	7eead1fc	Darren Embry	global $config, $g, $rrdtool, $input_errors;
88	754b75d0	Darren Embry	foreach($config['rrddata']['rrddatafile'] as $rrd) {
89			if ($rrd['xmldata']) {
90			$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
91			$xml_file = preg_replace('/\.rrd$/', ".xml", $rrd_file);
92	08877746	Darren Embry	if (file_put_contents($xml_file, gzinflate(base64_decode($rrd['xmldata']))) === false) {
93			log_error("Cannot write $xml_file");
94			continue;
95			}
96			$output = array();
97			$status = null;
98			exec("$rrdtool restore -f '{$xml_file}' '{$rrd_file}'", $output, $status);
99			if ($status) {
100	f757431d	Darren Embry	log_error("rrdtool restore -f '{$xml_file}' '{$rrd_file}' failed returning {$status}.");
101	08877746	Darren Embry	continue;
102			}
103	754b75d0	Darren Embry	unlink($xml_file);
104			}
105			else if ($rrd['data']) {
106	7eead1fc	Darren Embry	$rrd_file = "{$g['vardb_path']}/rrd/{$rrd['filename']}";
107			$rrd_fd = fopen($rrd_file, "w");
108	08877746	Darren Embry	if (!$rrd_fd) {
109			log_error("Cannot write $rrd_file");
110			continue;
111			}
112	754b75d0	Darren Embry	$data = base64_decode($rrd['data']);
113			/* Try to decompress the data. */
114			$dcomp = @gzinflate($data);
115			if ($dcomp) {
116			/* If the decompression worked, write the decompressed data */
117	08877746	Darren Embry	if (fwrite($rrd_fd, $dcomp) === false) {
118			log_error("fwrite $rrd_file failed");
119			continue;
120			}
121	754b75d0	Darren Embry	} else {
122			/* If the decompression failed, it wasn't compressed, so write raw data */
123	08877746	Darren Embry	if (fwrite($rrd_fd, $data) === false) {
124			log_error("fwrite $rrd_file failed");
125			continue;
126			}
127			}
128			if (fclose($rrd_fd) === false) {
129			log_error("fclose $rrd_file failed");
130			continue;
131	754b75d0	Darren Embry	}
132			}
133			}
134			}
135
136	3420028c	Scott Ullrich	function add_base_packages_menu_items() {
137			global $g, $config;
138	52c7f0d4	jim-p	$base_packages = explode(",", $g['base_packages']);
139	3420028c	Scott Ullrich	$modified_config = false;
140			foreach($base_packages as $bp) {
141	da17d77e	Ermal Lu?i	$basepkg_path = "/usr/local/pkg/{$bp}";
142	a250f179	Renato Botelho	$tmpinfo = pathinfo($basepkg_path, PATHINFO_EXTENSION);
143	da17d77e	Ermal Lu?i	if($tmpinfo['extension'] == "xml" && file_exists($basepkg_path)) {
144			$pkg_config = parse_xml_config_pkg($basepkg_path, "packagegui");
145	3420028c	Scott Ullrich	if($pkg_config['menu'] != "") {
146			if(is_array($pkg_config['menu'])) {
147			foreach($pkg_config['menu'] as $menu) {
148			if(is_array($config['installedpackages']['menu']))
149			foreach($config['installedpackages']['menu'] as $amenu)
150			if($amenu['name'] == $menu['name'])
151			continue;
152			$config['installedpackages']['menu'][] = $menu;
153			$modified_config = true;
154			}
155			}
156			$static_output .= "done.\n";
157			update_output_window($static_output);
158			}
159			}
160			}
161			if($modified_config) {
162	f3ceee6e	Vinicius Coque	write_config(gettext("Restored base_package menus after configuration restore."));
163	3420028c	Scott Ullrich	$config = parse_config(true);
164			}
165			}
166
167	645ec835	Scott Ullrich	function remove_bad_chars($string) {
168	0e1619be	Erik Fonnesbeck	return preg_replace('/[^a-z_0-9]/i','',$string);
169	645ec835	Scott Ullrich	}
170
171	b3277798	Scott Ullrich	function check_and_returnif_section_exists($section) {
172			global $config;
173			if(is_array($config[$section]))
174			return true;
175			return false;
176			}
177
178	7eead1fc	Darren Embry	function spit_out_select_items($name, $showall) {
179	b3277798	Scott Ullrich	global $config;
180	73ed069b	Renato Botelho
181	7d5b007c	Sjon Hortensius	$areas = array(
182			"aliases" => gettext("Aliases"),
183			"captiveportal" => gettext("Captive Portal"),
184			"voucher" => gettext("Captive Portal Vouchers"),
185			"dnsmasq" => gettext("DNS Forwarder"),
186			"dhcpd" => gettext("DHCP Server"),
187			"dhcpdv6" => gettext("DHCPv6 Server"),
188			"filter" => gettext("Firewall Rules"),
189			"interfaces" => gettext("Interfaces"),
190			"ipsec" => gettext("IPSEC"),
191			"nat" => gettext("NAT"),
192			"openvpn" => gettext("OpenVPN"),
193			"installedpackages" => gettext("Package Manager"),
194			"pptpd" => gettext("PPTP Server"),
195			"rrddata" => gettext("RRD Data"),
196			"cron" => gettext("Scheduled Tasks"),
197			"syslog" => gettext("Syslog"),
198			"system" => gettext("System"),
199			"staticroutes" => gettext("Static routes"),
200			"sysctl" => gettext("System tunables"),
201			"snmpd" => gettext("SNMP Server"),
202			"shaper" => gettext("Traffic Shaper"),
203			"vlans" => gettext("VLANS"),
204			"wol" => gettext("Wake on LAN")
205			);
206
207	7eead1fc	Darren Embry	$select = "<select name=\"{$name}\" id=\"{$name}\">";
208	fc82e8b6	Colin Fleming	$select .= "<option value=\"\">" . gettext("ALL") . "</option>";
209	73ed069b	Renato Botelho
210	a250f179	Renato Botelho	if($showall == true)
211	eef938b5	Scott Ullrich	foreach($areas as $area => $areaname)
212	fc82e8b6	Colin Fleming	$select .= "<option value=\"{$area}\">{$areaname}</option>\n";
213	a250f179	Renato Botelho	else
214	3244aa21	Scott Ullrich	foreach($areas as $area => $areaname)
215	7eead1fc	Darren Embry	if($area === "rrddata" \|\| check_and_returnif_section_exists($area) == true)
216	fc82e8b6	Colin Fleming	$select .= "<option value=\"{$area}\">{$areaname}</option>\n";
217	7eead1fc	Darren Embry
218	b3277798	Scott Ullrich	$select .= "</select>\n";
219	7eead1fc	Darren Embry
220	8e35abee	Scott Ullrich	echo $select;
221			}
222
223	da17d77e	Ermal Lu?i	if ($_POST['apply']) {
224	73ed069b	Renato Botelho	ob_flush();
225			flush();
226	c9a19238	Darren Embry	conf_mount_rw();
227			clear_subsystem_dirty("restore");
228			conf_mount_ro();
229	73ed069b	Renato Botelho	exit;
230	da17d77e	Ermal Lu?i	}
231
232	5b237745	Scott Ullrich	if ($_POST) {
233			unset($input_errors);
234	8246efa6	Renato Botelho	if (stristr($_POST['Submit'], gettext("Restore configuration")))
235	5b237745	Scott Ullrich	$mode = "restore";
236	8246efa6	Renato Botelho	else if (stristr($_POST['Submit'], gettext("Reinstall")))
237	8ccc8f1a	Scott Ullrich	$mode = "reinstallpackages";
238	039cb920	jim-p	else if (stristr($_POST['Submit'], gettext("Clear Package Lock")))
239			$mode = "clearpackagelock";
240	8246efa6	Renato Botelho	else if (stristr($_POST['Submit'], gettext("Download")))
241	5b237745	Scott Ullrich	$mode = "download";
242	8246efa6	Renato Botelho	else if (stristr($_POST['Submit'], gettext("Restore version")))
243	7cf03119	Bill Marquette	$mode = "restore_ver";
244	73ed069b	Renato Botelho
245	aab57926	Scott Ullrich	if ($_POST["nopackages"] <> "")
246	528cad39	Colin Smith	$options = "nopackages";
247	73ed069b	Renato Botelho
248	7cf03119	Bill Marquette	if ($_POST["ver"] <> "")
249			$ver2restore = $_POST["ver"];
250	73ed069b	Renato Botelho
251	5b237745	Scott Ullrich	if ($mode) {
252	73ed069b	Renato Botelho
253	5b237745	Scott Ullrich	if ($mode == "download") {
254	73ed069b	Renato Botelho
255	8ff5ffcc	Matthew Grooms	if ($_POST['encrypt']) {
256			if(!$_POST['encrypt_password'] \|\| !$_POST['encrypt_passconf'])
257	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You must supply and confirm the password for encryption.");
258	8ff5ffcc	Matthew Grooms	if($_POST['encrypt_password'] != $_POST['encrypt_passconf'])
259	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
260	528cad39	Colin Smith	}
261	73ed069b	Renato Botelho
262	8ff5ffcc	Matthew Grooms	if (!$input_errors) {
263	73ed069b	Renato Botelho
264	07b1797b	sullrich	//$lockbckp = lock('config');
265	73ed069b	Renato Botelho
266	8ff5ffcc	Matthew Grooms	$host = "{$config['system']['hostname']}.{$config['system']['domain']}";
267			$name = "config-{$host}-".date("YmdHis").".xml";
268			$data = "";
269	73ed069b	Renato Botelho
270	8ff5ffcc	Matthew Grooms	if($options == "nopackages") {
271	4195c967	sullrich	if(!$_POST['backuparea']) {
272			/* backup entire configuration */
273			$data = file_get_contents("{$g['conf_path']}/config.xml");
274			} else {
275			/* backup specific area of configuration */
276			$data = backup_config_section($_POST['backuparea']);
277			$name = "{$_POST['backuparea']}-{$name}";
278			}
279	da17d77e	Ermal Lu?i	$sfn = "{$g['tmp_path']}/config.xml.nopkg";
280	4195c967	sullrich	file_put_contents($sfn, $data);
281			exec("sed '/<installedpackages>/,/<\/installedpackages>/d' {$sfn} > {$sfn}-new");
282	a250f179	Renato Botelho	$data = file_get_contents($sfn . "-new");
283	8ff5ffcc	Matthew Grooms	} else {
284			if(!$_POST['backuparea']) {
285			/* backup entire configuration */
286			$data = file_get_contents("{$g['conf_path']}/config.xml");
287	7eead1fc	Darren Embry	} else if ($_POST['backuparea'] === "rrddata") {
288			$data = rrd_data_xml();
289			$name = "{$_POST['backuparea']}-{$name}";
290	8ff5ffcc	Matthew Grooms	} else {
291			/* backup specific area of configuration */
292			$data = backup_config_section($_POST['backuparea']);
293			$name = "{$_POST['backuparea']}-{$name}";
294			}
295	181462b5	Scott Ullrich	}
296	73ed069b	Renato Botelho
297	07b1797b	sullrich	//unlock($lockbckp);
298	73ed069b	Renato Botelho
299	a250f179	Renato Botelho	/*
300	1390b049	Scott Ullrich	* Backup RRD Data
301			*/
302	7eead1fc	Darren Embry	if ($_POST['backuparea'] !== "rrddata" && !$_POST['donotbackuprrd']) {
303	8bdb6879	Darren Embry	$rrd_data_xml = rrd_data_xml();
304			$closing_tag = "</" . $g['xml_rootobj'] . ">";
305			$data = str_replace($closing_tag, $rrd_data_xml . $closing_tag, $data);
306	1390b049	Scott Ullrich	}
307	73ed069b	Renato Botelho
308	4cfd2390	Renato Botelho	if ($_POST['encrypt']) {
309			$data = encrypt_data($data, $_POST['encrypt_password']);
310			tagfile_reformat($data, $data, "config.xml");
311			}
312
313	8ff5ffcc	Matthew Grooms	$size = strlen($data);
314			header("Content-Type: application/octet-stream");
315			header("Content-Disposition: attachment; filename={$name}");
316	a8c35980	Scott Ullrich	header("Content-Length: $size");
317	e77ea573	jim-p	if (isset($_SERVER['HTTPS'])) {
318			header('Pragma: ');
319			header('Cache-Control: ');
320			} else {
321			header("Pragma: private");
322			header("Cache-Control: private, must-revalidate");
323			}
324	8ff5ffcc	Matthew Grooms	echo $data;
325	73ed069b	Renato Botelho
326	8ff5ffcc	Matthew Grooms	exit;
327			}
328			}
329	73ed069b	Renato Botelho
330	8ff5ffcc	Matthew Grooms	if ($mode == "restore") {
331	73ed069b	Renato Botelho
332	8ff5ffcc	Matthew Grooms	if ($_POST['decrypt']) {
333			if(!$_POST['decrypt_password'] \|\| !$_POST['decrypt_passconf'])
334	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You must supply and confirm the password for decryption.");
335	8ff5ffcc	Matthew Grooms	if($_POST['decrypt_password'] != $_POST['decrypt_passconf'])
336	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
337	8ff5ffcc	Matthew Grooms	}
338	73ed069b	Renato Botelho
339	8ff5ffcc	Matthew Grooms	if (!$input_errors) {
340	73ed069b	Renato Botelho
341	8ff5ffcc	Matthew Grooms	if (is_uploaded_file($_FILES['conffile']['tmp_name'])) {
342	73ed069b	Renato Botelho
343	8ff5ffcc	Matthew Grooms	/* read the file contents */
344			$data = file_get_contents($_FILES['conffile']['tmp_name']);
345			if(!$data) {
346	dae4c487	Carlos Eduardo Ramos	log_error(sprintf(gettext("Warning, could not read file %s"), $_FILES['conffile']['tmp_name']));
347	8ff5ffcc	Matthew Grooms	return 1;
348	9fd18b1f	Scott Ullrich	}
349	73ed069b	Renato Botelho
350	8ff5ffcc	Matthew Grooms	if ($_POST['decrypt']) {
351			if (!tagfile_deformat($data, $data, "config.xml")) {
352	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The uploaded file does not appear to contain an encrypted pfsense configuration.");
353	8ff5ffcc	Matthew Grooms	return 1;
354			}
355			$data = decrypt_data($data, $_POST['decrypt_password']);
356			}
357	73ed069b	Renato Botelho
358	1d683793	sullrich	if(stristr($data, "<m0n0wall>")) {
359	205da5a0	Neriberto C.Prado	log_error(gettext("Upgrading m0n0wall configuration to pfsense."));
360	8ff5ffcc	Matthew Grooms	/* m0n0wall was found in config. convert it. */
361			$data = str_replace("m0n0wall", "pfsense", $data);
362			$m0n0wall_upgrade = true;
363			}
364			if($_POST['restorearea']) {
365			/* restore a specific area of the configuration */
366	8dcca9b5	Darren Embry	if(!stristr($data, "<" . $_POST['restorearea'] . ">")) {
367	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
368	8ff5ffcc	Matthew Grooms	} else {
369	8dcca9b5	Darren Embry	if (!restore_config_section($_POST['restorearea'], $data)) {
370			$input_errors[] = gettext("You have selected to restore an area but we could not locate the correct xml tag.");
371			} else {
372			if ($config['rrddata']) {
373			restore_rrddata();
374			unset($config['rrddata']);
375			unlink_if_exists("{$g['tmp_path']}/config.cache");
376			write_config();
377			add_base_packages_menu_items();
378			convert_config();
379			conf_mount_ro();
380			}
381			filter_configure();
382			$savemsg = gettext("The configuration area has been restored. You may need to reboot the firewall.");
383	7eead1fc	Darren Embry	}
384	8ff5ffcc	Matthew Grooms	}
385	181462b5	Scott Ullrich	} else {
386	6819b7f6	Renato Botelho	if(!stristr($data, "<" . $g['xml_rootobj'] . ">")) {
387	dae4c487	Carlos Eduardo Ramos	$input_errors[] = sprintf(gettext("You have selected to restore the full configuration but we could not locate a %s tag."), $g['xml_rootobj']);
388	8ff5ffcc	Matthew Grooms	} else {
389			/* restore the entire configuration */
390			file_put_contents($_FILES['conffile']['tmp_name'], $data);
391			if (config_install($_FILES['conffile']['tmp_name']) == 0) {
392			/* this will be picked up by /index.php */
393			conf_mount_rw();
394	da17d77e	Ermal Lu?i	mark_subsystem_dirty("restore");
395	09821234	Scott Ullrich	touch("/conf/needs_package_sync");
396	8ff5ffcc	Matthew Grooms	/* remove cache, we will force a config reboot */
397	da17d77e	Ermal Lu?i	if(file_exists("{$g['tmp_path']}/config.cache"))
398			unlink("{$g['tmp_path']}/config.cache");
399	8ff5ffcc	Matthew Grooms	$config = parse_config(true);
400	0174c480	Ermal LUÇI	if (file_exists("/boot/loader.conf")) {
401			$loaderconf = file_get_contents("/boot/loader.conf");
402	08af94cb	Chris Buechler	if (strpos($loaderconf, "console=\"comconsole")) {
403	0174c480	Ermal LUÇI	$config['system']['enableserial'] = true;
404			write_config("Restore serial console enabling in configuration.");
405			}
406	5d4b8830	Ermal LUÇI	unset($loaderconf);
407	0174c480	Ermal LUÇI	}
408	67bc955d	Chris Buechler	/* extract out rrd items, unset from $config when done */
409	1390b049	Scott Ullrich	if($config['rrddata']) {
410	754b75d0	Darren Embry	restore_rrddata();
411	a2b8f7b2	Scott Ullrich	unset($config['rrddata']);
412	da17d77e	Ermal Lu?i	unlink_if_exists("{$g['tmp_path']}/config.cache");
413	a2b8f7b2	Scott Ullrich	write_config();
414	3420028c	Scott Ullrich	add_base_packages_menu_items();
415	d442e4e2	Scott Ullrich	convert_config();
416	a2b8f7b2	Scott Ullrich	conf_mount_ro();
417	1390b049	Scott Ullrich	}
418	8ff5ffcc	Matthew Grooms	if($m0n0wall_upgrade == true) {
419			if($config['system']['gateway'] <> "")
420			$config['interfaces']['wan']['gateway'] = $config['system']['gateway'];
421			unset($config['shaper']);
422			/* optional if list */
423			$ifdescrs = get_configured_interface_list(true, true);
424			/* remove special characters from interface descriptions */
425			if(is_array($ifdescrs))
426			foreach($ifdescrs as $iface)
427			$config['interfaces'][$iface]['descr'] = remove_bad_chars($config['interfaces'][$iface]['descr']);
428	b6db8ea3	sullrich	/* check for interface names with an alias */
429			if(is_array($ifdescrs)) {
430			foreach($ifdescrs as $iface) {
431			if(is_alias($config['interfaces'][$iface]['descr'])) {
432			// Firewall rules
433			$origname = $config['interfaces'][$iface]['descr'];
434			$newname = $config['interfaces'][$iface]['descr'] . "Alias";
435	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('filter', 'rule'), array('source', 'address'), $newname, $origname);
436			update_alias_names_upon_change(array('filter', 'rule'), array('destination', 'address'), $newname, $origname);
437	b6db8ea3	sullrich	// NAT Rules
438	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('nat', 'rule'), array('source', 'address'), $newname, $origname);
439			update_alias_names_upon_change(array('nat', 'rule'), array('destination', 'address'), $newname, $origname);
440			update_alias_names_upon_change(array('nat', 'rule'), array('target'), $newname, $origname);
441	b6db8ea3	sullrich	// Alias in an alias
442	f1ac1733	Erik Fonnesbeck	update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $newname, $origname);
443	b6db8ea3	sullrich	}
444			}
445			}
446	da17d77e	Ermal Lu?i	unlink_if_exists("{$g['tmp_path']}/config.cache");
447	888e7a27	Scott Ullrich	// Reset configuration version to something low
448	a250f179	Renato Botelho	// in order to force the config upgrade code to
449	888e7a27	Scott Ullrich	// run through with all steps that are required.
450			$config['system']['version'] = "1.0";
451	798cb31a	Scott Ullrich	// Deal with descriptions longer than 63 characters
452			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
453			if(count($config['filter']['rule'][$i]['descr']) > 63)
454			$config['filter']['rule'][$i]['descr'] = substr($config['filter']['rule'][$i]['descr'], 0, 63);
455			}
456			// Move interface from ipsec to enc0
457			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
458			if($config['filter']['rule'][$i]['interface'] == "ipsec")
459			$config['filter']['rule'][$i]['interface'] = "enc0";
460			}
461			// Convert icmp types
462			// http://www.openbsd.org/cgi-bin/man.cgi?query=icmp&sektion=4&arch=i386&apropos=0&manpath=OpenBSD+Current
463			for ($i = 0; isset($config["filter"]["rule"][$i]); $i++) {
464			if($config["filter"]["rule"][$i]['icmptype']) {
465			switch($config["filter"]["rule"][$i]['icmptype']) {
466	c9a19238	Darren Embry	case "echo":
467			$config["filter"]["rule"][$i]['icmptype'] = "echoreq";
468			break;
469			case "unreach":
470			$config["filter"]["rule"][$i]['icmptype'] = "unreach";
471			break;
472			case "echorep":
473			$config["filter"]["rule"][$i]['icmptype'] = "echorep";
474			break;
475			case "squench":
476			$config["filter"]["rule"][$i]['icmptype'] = "squench";
477			break;
478			case "redir":
479			$config["filter"]["rule"][$i]['icmptype'] = "redir";
480			break;
481			case "timex":
482			$config["filter"]["rule"][$i]['icmptype'] = "timex";
483			break;
484			case "paramprob":
485			$config["filter"]["rule"][$i]['icmptype'] = "paramprob";
486			break;
487			case "timest":
488			$config["filter"]["rule"][$i]['icmptype'] = "timereq";
489			break;
490			case "timestrep":
491			$config["filter"]["rule"][$i]['icmptype'] = "timerep";
492			break;
493			case "inforeq":
494			$config["filter"]["rule"][$i]['icmptype'] = "inforeq";
495			break;
496			case "inforep":
497			$config["filter"]["rule"][$i]['icmptype'] = "inforep";
498			break;
499			case "maskreq":
500			$config["filter"]["rule"][$i]['icmptype'] = "maskreq";
501			break;
502			case "maskrep":
503			$config["filter"]["rule"][$i]['icmptype'] = "maskrep";
504			break;
505	798cb31a	Scott Ullrich	}
506			}
507	dec5cb85	Scott Ullrich	}
508			$config['diag']['ipv6nat'] = true;
509	8ff5ffcc	Matthew Grooms	write_config();
510	a250f179	Renato Botelho	add_base_packages_menu_items();
511	d442e4e2	Scott Ullrich	convert_config();
512	8ff5ffcc	Matthew Grooms	conf_mount_ro();
513	205da5a0	Neriberto C.Prado	$savemsg = gettext("The m0n0wall configuration has been restored and upgraded to pfSense.");
514	da17d77e	Ermal Lu?i	mark_subsystem_dirty("restore");
515	8ff5ffcc	Matthew Grooms	}
516	2e19a683	Renato Botelho	if(is_array($config['captiveportal'])) {
517			foreach($config['captiveportal'] as $cp) {
518			if (isset($cp['enable'])) {
519			/* for some reason ipfw doesn't init correctly except on bootup sequence */
520			mark_subsystem_dirty("restore");
521			break;
522			}
523			}
524	8ff5ffcc	Matthew Grooms	}
525			setup_serial_port();
526			if(is_interface_mismatch() == true) {
527			touch("/var/run/interface_mismatch_reboot_needed");
528	da17d77e	Ermal Lu?i	clear_subsystem_dirty("restore");
529	f5a57bb0	Scott Ullrich	convert_config();
530	8ff5ffcc	Matthew Grooms	header("Location: interfaces_assign.php");
531	bafaf123	Scott Ullrich	exit;
532	8ff5ffcc	Matthew Grooms	}
533	66bcba1b	Ermal	if (is_interface_vlan_mismatch() == true) {
534			touch("/var/run/interface_mismatch_reboot_needed");
535			clear_subsystem_dirty("restore");
536			convert_config();
537			header("Location: interfaces_assign.php");
538			exit;
539			}
540	8ff5ffcc	Matthew Grooms	} else {
541	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The configuration could not be restored.");
542	db3996df	Scott Ullrich	}
543	9c72b993	Scott Ullrich	}
544	181462b5	Scott Ullrich	}
545	8ff5ffcc	Matthew Grooms	} else {
546	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("The configuration could not be restored (file upload error).");
547	db3996df	Scott Ullrich	}
548	5b237745	Scott Ullrich	}
549	8ff5ffcc	Matthew Grooms	}
550	73ed069b	Renato Botelho
551	8ff5ffcc	Matthew Grooms	if ($mode == "reinstallpackages") {
552	73ed069b	Renato Botelho
553	8ccc8f1a	Scott Ullrich	header("Location: pkg_mgr_install.php?mode=reinstallall");
554			exit;
555	039cb920	jim-p	} else if ($mode == "clearpackagelock") {
556			clear_subsystem_dirty('packagelock');
557			$savemsg = "Package Lock Cleared";
558	73ed069b	Renato Botelho	} else if ($mode == "restore_ver") {
559	205da5a0	Neriberto C.Prado	$input_errors[] = gettext("XXX - this feature may hose your config (do NOT backrev configs!) - billm");
560	7cf03119	Bill Marquette	if ($ver2restore <> "") {
561			$conf_file = "{$g['cf_conf_path']}/bak/config-" . strtotime($ver2restore) . ".xml";
562	343bb325	sullrich	if (config_install($conf_file) == 0) {
563	c9a19238	Darren Embry	mark_subsystem_dirty("restore");
564			} else {
565			$input_errors[] = gettext("The configuration could not be restored.");
566			}
567			} else {
568			$input_errors[] = gettext("No version selected.");
569			}
570	5b237745	Scott Ullrich	}
571			}
572			}
573	6a1e6651	Bill Marquette
574	02e1170d	Scott Ullrich	$id = rand() . '.' . time();
575
576			$mth = ini_get('upload_progress_meter.store_method');
577			$dir = ini_get('upload_progress_meter.file.filename_template');
578
579	205da5a0	Neriberto C.Prado	$pgtitle = array(gettext("Diagnostics"),gettext("Backup/restore"));
580	b63695db	Scott Ullrich	include("head.inc");
581
582	5b237745	Scott Ullrich	?>
583	7d5b007c	Sjon Hortensius	<?php if ($input_errors) print_input_errors($input_errors)?>
584			<?php if ($savemsg) print_info_box($savemsg)?>
585			<?php if (is_subsystem_dirty('restore')):?><br/>
586			<form action="reboot.php" method="post">
587			<input name="Submit" type="hidden" value="Yes" />
588			<?php print_info_box(gettext("The firewall configuration has been changed.") . "<br />" . gettext("The firewall is now rebooting."))?><br />
589			</form>
590			<?php endif?>
591			<?php
592			$tab_array = array();
593			$tab_array[0] = array(gettext("Config History"), false, "diag_confbak.php");
594			$tab_array[1] = array(gettext("Backup/Restore"), true, "diag_backup.php");
595			display_top_tabs($tab_array);
596			?>
597			<div id="container">
598			<form class="form-horizontal" action="diag_backup.php" method="post" name="iform" enctype="multipart/form-data">
599			<h2><?=gettext("Backup configuration"); ?></h2>
600			<div class="form-group">
601			<label for="backuparea" class="col-sm-2 control-label"><?=gettext("Backup area"); ?></label>
602			<div class="col-sm-10">
603			<?php spit_out_select_items("backuparea", false)?>
604			</div>
605			</div>
606	5b237745	Scott Ullrich
607	7d5b007c	Sjon Hortensius	<div class="form-group">
608	f79f9497	Sjon Hortensius	<label for="nopackages" class="col-sm-2 control-label"><?=gettext("Skip packages")?></label>
609	7d5b007c	Sjon Hortensius	<div class="col-sm-10">
610	f79f9497	Sjon Hortensius	<input name="nopackages" type="checkbox" /> <?=gettext("Do not backup package information.")?>
611	7d5b007c	Sjon Hortensius	</div>
612			</div>
613	8ff5ffcc	Matthew Grooms
614	7d5b007c	Sjon Hortensius	<div class="form-group">
615	f79f9497	Sjon Hortensius	<label for="donotbackuprrd" class="col-sm-2 control-label"><?=gettext("Skip RRD data")?></label>
616	7d5b007c	Sjon Hortensius	<div class="col-sm-10">
617	f79f9497	Sjon Hortensius	<input name="donotbackuprrd" type="checkbox" checked="checked" /> <?=gettext("Do not backup RRD data (NOTE: RRD Data can consume 4+ megabytes of config.xml space!)")?>
618	7d5b007c	Sjon Hortensius	</div>
619			</div>
620	8ff5ffcc	Matthew Grooms
621	7d5b007c	Sjon Hortensius	<div class="form-group">
622	f79f9497	Sjon Hortensius	<label for="encrypt" class="col-sm-2 control-label"><?=gettext("Encryption")?></label>
623	7d5b007c	Sjon Hortensius	<div class="col-sm-10">
624			<input name="encrypt" type="checkbox" data-toggle="collapse" href="#encryptOptions" aria-expanded="false" aria-controls="encryptOptions" />
625	f79f9497	Sjon Hortensius	<?=gettext("Encrypt this configuration file.")?>
626			</div>
627			</div>
628	8ff5ffcc	Matthew Grooms
629	f79f9497	Sjon Hortensius	<div class="form-group collapse" id="encryptOptions">
630			<label for="donotbackuprrd" class="col-sm-2 control-label"><?=gettext("Password")?></label>
631			<div class="col-sm-10">
632			<input name="encrypt_password" type="password" class="form-control" placeholder="Password" /><br/>
633			<input name="encrypt_passconf" type="password" class="form-control" placeholder="Confirm password" />
634	7d5b007c	Sjon Hortensius	</div>
635			</div>
636	8ff5ffcc	Matthew Grooms
637	f79f9497	Sjon Hortensius	<div class="form-group">
638			<div class="col-sm-offset-2 col-sm-10">
639			<input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Download configuration as XML")?>" />
640			</div>
641			</div>
642			</form>
643
644			<form class="form-horizontal" action="diag_backup.php" method="post" name="iform" enctype="multipart/form-data">
645			<h2><?=gettext("Restore configuration"); ?></h2>
646			<?=gettext("Open a")?><?=$g['[product_name']?><?=gettext("configuration XML file and click the button below to restore the configuration.")?>
647
648			<div class="form-group">
649			<label for="restorearea" class="col-sm-2 control-label"><?=gettext("Restore area"); ?></label>
650			<div class="col-sm-10">
651			<?php spit_out_select_items("restorearea", false)?>
652			</div>
653			</div>
654
655			<div class="form-group">
656			<label for="conffile" class="col-sm-2 control-label"><?=gettext("Configuration file"); ?></label>
657			<div class="col-sm-10">
658			<input name="conffile" type="file" class="form-control" />
659			</div>
660	9e2a4fce	Erik Kristensen	</div>
661
662	f79f9497	Sjon Hortensius	<div class="form-group">
663			<label for="encrypt" class="col-sm-2 control-label"><?=gettext("Encryption")?></label>
664			<div class="col-sm-10">
665			<input name="encrypt" type="checkbox" data-toggle="collapse" href="#decryptOptions" aria-expanded="false" aria-controls="decryptOptions" />
666			<?=gettext("Decrypt this configuration file.")?>
667			</div>
668			</div>
669
670			<div class="form-group collapse" id="decryptOptions">
671			<label for="decrypt_password" class="col-sm-2 control-label"><?=gettext("Password")?></label>
672			<div class="col-sm-10">
673			<input name="decrypt_password" type="password" class="form-control" placeholder="Password" /><br/>
674			<input name="decrypt_passconf" type="password" class="form-control" placeholder="Confirm password" />
675			</div>
676			</div>
677
678			<div class="form-group">
679			<div class="col-sm-offset-2 col-sm-10">
680			<input name="Submit" type="submit" class="btn btn-danger" value="<?=gettext("Restore configuration")?>" />
681			<p><?=gettext("Note:")?><br /><?=gettext("The firewall will reboot after restoring the configuration.")?></p>
682			</div>
683			</div>
684			</form>
685
686			<?php if (($config['installedpackages']['package'] != "") \|\| (is_subsystem_dirty("packagelock"))) {?>
687			<form class="form-horizontal" action="diag_backup.php" method="post" name="iform" enctype="multipart/form-data">
688			<h2><?=gettext("Package Functions")?></h2>
689
690			<?php if ($config['installedpackages']['package'] != ""): ?>
691			<div class="form-group">
692			<div class="col-sm-offset-2 col-sm-10">
693			<input name="Submit" type="submit" class="formbtn" id="reinstallpackages" value="<?=gettext("Reinstall packages")?>" />
694			<p><?=gettext("Click this button to reinstall all system packages. This may take a while.")?><br /><br />
695			</div>
696			</div>
697			<?php endif; ?>
698
699			<?php if (is_subsystem_dirty("packagelock")): ?>
700			<div class="form-group">
701			<div class="col-sm-offset-2 col-sm-10">
702			<input name="Submit" type="submit" class="formbtn" id="clearpackagelock" value="<?=gettext("Clear Package Lock")?>" />
703			<p><?=gettext("Click this button to clear the package lock if a package fails to reinstall properly after an upgrade.")?><br /><br />
704			</div>
705			</div>
706			<?php endif; ?>
707			</form>
708			<?php }?>
709			</div>
710	31f03b6c	Sjon Hortensius	<?php include("foot.inc")?>
711	7a7f3af1	sullrich	<?php
712
713			if (is_subsystem_dirty('restore'))
714	cf9a4467	jim-p	system_reboot();
715	7d5b007c	Sjon Hortensius	?>

Project

General

Profile

pfSense