/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ b5848422

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	a25183c5	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	a25183c5	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	a25183c5	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	a25183c5	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	a25183c5	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32			/* include all configuration functions */
33			require_once("functions.inc");
34
35	9534ea8b	Scott Ullrich	function load_balancer_use_sticky() {
36			global $config, $g;
37			if (isset ($config['system']['lb_use_sticky']))
38			touch("/var/etc/use_pf_pool__stickyaddr");
39			else
40			unlink_if_exists("/var/etc/use_pf_pool__stickyaddr");
41			}
42
43	5b237745	Scott Ullrich	function services_dhcpd_configure() {
44	f19d3b7a	Scott Ullrich	global $config, $g;
45	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
46	acd910bf	Scott Ullrich	$mt = microtime();
47	f19d3b7a	Scott Ullrich	echo "services_dhcpd_configure($if) being called $mt\n";
48	acd910bf	Scott Ullrich	}
49	a25183c5	Scott Ullrich
50	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
51	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
52			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
53			if($olsrd['enable'])
54	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
55
56	68a0e4fc	Scott Ullrich	/* configure DHCPD chroot */
57			$fd = fopen("/tmp/dhcpd.sh","w");
58	1d023e00	Scott Ullrich	$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
59			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
60			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
61			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
62			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
63			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
64			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
65			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
66			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
67			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
68	aa1f476d	Scott Ullrich	fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
69	1d023e00	Scott Ullrich	fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
70			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
71	c7f44ae0	Scott Ullrich	if(!trim($status))
72	b5848422	Scott Ullrich	fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
73	68a0e4fc	Scott Ullrich	fclose($fd);
74			mwexec("/bin/sh /tmp/dhcpd.sh");
75
76	5b237745	Scott Ullrich	/* kill any running dhcpd */
77	a3046c54	Scott Ullrich	if(is_process_running("dhcpd"))
78			mwexec("killall dhcpd");
79	a25183c5	Scott Ullrich
80	5b237745	Scott Ullrich	$syscfg = $config['system'];
81			$dhcpdcfg = $config['dhcpd'];
82	a25183c5	Scott Ullrich
83	5b237745	Scott Ullrich	/* DHCP enabled on any interfaces? */
84			$dhcpdenable = false;
85	de71373b	Scott Ullrich	if(is_array($dhcpdcfg))
86			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
87	af57ba5f	Scott Ullrich	if($dhcpif == "lan")
88			if(!$config['interfaces']['lan'])
89			continue;
90	de71373b	Scott Ullrich	if (isset($dhcpifconf['enable']) &&
91			(($dhcpif == "lan") \|\|
92			(isset($config['interfaces'][$dhcpif]['enable']) &&
93			$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
94			$dhcpdenable = true;
95			if (isset($dhcpifconf['enable']) &&
96			(($dhcpif == "wan") \|\| (isset($config['interfaces'][$dhcpif]['enable']) &&
97			$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
98			$dhcpdenable = true;
99			}
100	a25183c5	Scott Ullrich
101	5b237745	Scott Ullrich	if (!$dhcpdenable)
102			return 0;
103	a25183c5	Scott Ullrich
104	5b237745	Scott Ullrich	if ($g['booting'])
105	f05740c1	Scott Ullrich	echo "Starting DHCP service...";
106	5b237745	Scott Ullrich	else
107			sleep(1);
108	a25183c5	Scott Ullrich
109	5b237745	Scott Ullrich	/* write dhcpd.conf */
110	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
111	5b237745	Scott Ullrich	if (!$fd) {
112			printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
113			return 1;
114			}
115	a25183c5	Scott Ullrich
116	c7f44ae0	Scott Ullrich
117	4cab31d0	Scott Ullrich
118	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
119	9c88328f	Scott Ullrich
120	5b237745	Scott Ullrich	option domain-name "{$syscfg['domain']}";
121	6c23757b	Martin Fuchs	option ldap-server code 95 = text;
122	9be23653	Martin Fuchs	option domain-search-list code 119 = text;
123	5b237745	Scott Ullrich	default-lease-time 7200;
124			max-lease-time 86400;
125			log-facility local7;
126			ddns-update-style none;
127	175fe82b	Scott Ullrich	one-lease-per-client true;
128	436a0f50	Scott Ullrich	deny duplicates;
129	9c88328f	Scott Ullrich	ping-check true;
130	5b237745	Scott Ullrich
131			EOD;
132	a25183c5	Scott Ullrich
133	5b237745	Scott Ullrich	$dhcpdifs = array();
134	c7f44ae0	Scott Ullrich
135	8fa56d1f	Scott Ullrich	/* loop through and deterimine if we need to setup
136			* failover peer "bleh" entries
137			*/
138			$dhcpnum = 0;
139			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
140	53f32329	Scott Ullrich
141			if(!isset($dhcpifconf['disableauthoritative']))
142			$dhcpdconf .= "authoritative;\n";
143
144	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
145			/*
146			* yep, failover peer is defined.
147			* does it match up to a defined vip?
148			*/
149	d2edbd8a	Scott Ullrich	$skew = 110;
150	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
151	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
152			foreach ($a_vip as $vipent) {
153			$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
154			$intip = find_interface_ip($int);
155			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
156			if($int == $real_dhcpif) {
157			/* this is the interface! */
158	54c47ec5	Scott Ullrich	if($vipent['advskew'] < "20")
159	6181b36f	Scott Ullrich	$skew = 0;
160			}
161	8fa56d1f	Scott Ullrich	}
162	25066204	Scott Ullrich	} else {
163			log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!");
164	8fa56d1f	Scott Ullrich	}
165	5e390f54	Scott Ullrich	if($skew > 10) {
166	8fa56d1f	Scott Ullrich	$type = "secondary";
167	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
168	0e93097a	Scott Ullrich	$my_port = "520";
169			$peer_port = "519";
170	8fa56d1f	Scott Ullrich	} else {
171	0e93097a	Scott Ullrich	$my_port = "519";
172			$peer_port = "520";
173	8fa56d1f	Scott Ullrich	$type = "primary";
174	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
175	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
176	8fa56d1f	Scott Ullrich	}
177			$dhcpdconf .= <<<EOPP
178	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
179	8fa56d1f	Scott Ullrich	{$type};
180			address {$intip};
181	0e93097a	Scott Ullrich	port {$my_port};
182	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
183	0e93097a	Scott Ullrich	peer port {$peer_port};
184	2cd5ce14	Scott Ullrich	max-response-delay 10;
185	b865d178	Scott Ullrich	max-unacked-updates 10;
186			{$dhcpdconf_pri}
187	b259d1c6	Scott Ullrich	load balance max seconds 3;
188	8fa56d1f	Scott Ullrich	}
189	c286d395	Scott Ullrich
190	8fa56d1f	Scott Ullrich	EOPP;
191			$dhcpnum++;
192			}
193			}
194
195			$dhcpnum = 0;
196
197	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
198	a25183c5	Scott Ullrich
199	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
200	a25183c5	Scott Ullrich
201	5b237745	Scott Ullrich	if (!isset($dhcpifconf['enable']) \|\|
202	2d5614de	Seth Mos	($ifcfg['ipaddr'] == "dhcp") \|\|
203	5b237745	Scott Ullrich	(($dhcpif != "lan") &&
204			(!isset($ifcfg['enable']) \|\| !$ifcfg['if'] \|\| $ifcfg['bridge'])))
205			continue;
206	d254fe7b	Scott Ullrich
207			if($dhcpif == "lan" && $ifcfg['bridge'])
208	bcc49d35	Scott Ullrich	log_error("NOTE: DHCP Server on LAN is enabled.");
209	a25183c5	Scott Ullrich
210	5b237745	Scott Ullrich	$subnet = gen_subnet($ifcfg['ipaddr'], $ifcfg['subnet']);
211			$subnetmask = gen_subnet_mask($ifcfg['subnet']);
212	a25183c5	Scott Ullrich
213	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
214	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
215	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
216	48ab0cd2	Scott Ullrich
217	5b237745	Scott Ullrich	$dnscfg = "";
218	a25183c5	Scott Ullrich
219	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
220			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
221			}
222	9be23653	Martin Fuchs
223			if($dhcpifconf['domainsearchlist'] <> "") {
224			$dnscfg .= " option domain-search-list \"{$dhcpifconf['domainsearchlist']}\";\n";
225			}
226
227	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
228			if($dhcpifconf['ddnsdomain'] <> "") {
229			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
230			}
231			$dnscfg .= " ddns-update-style interim;\n";
232			}
233
234	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
235	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
236	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
237			$dnscfg .= " option domain-name-servers " . $ifcfg['ipaddr'] . ";";
238			} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
239			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
240			}
241
242			$dhcpdconf .= "subnet $subnet netmask $subnetmask {\n";
243			$dhcpdconf .= " pool {\n";
244
245	2589c9bd	Scott Ullrich	/* is failover dns setup? */
246	698f5500	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
247	aff9d6ab	Scott Ullrich	$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
248	698f5500	Scott Ullrich	if($dhcpifconf['dnsserver'][1] <> "")
249			$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
250	e35dfd89	Scott Ullrich	$dhcpdconf .= ";\n";
251	5b237745	Scott Ullrich	}
252	c7f44ae0	Scott Ullrich
253			if($dhcpifconf['failover_peerip'] <> "")
254	aff9d6ab	Scott Ullrich	$dhcpdconf .= " deny dynamic bootp clients;\n";
255	c7f44ae0	Scott Ullrich
256	a25183c5	Scott Ullrich	if (isset($dhcpifconf['denyunknown']))
257	5b237745	Scott Ullrich	$dhcpdconf .= " deny unknown clients;\n";
258	a25183c5	Scott Ullrich
259	5b237745	Scott Ullrich	if ($dhcpifconf['gateway'])
260			$routers = $dhcpifconf['gateway'];
261			else
262			$routers = $ifcfg['ipaddr'];
263	a25183c5	Scott Ullrich
264	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
265			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
266			$dhcpnum++;
267			}
268
269	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
270			range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
271			}
272			option routers {$routers};
273			$dnscfg
274
275			EOD;
276	9be23653	Martin Fuchs
277			if ($dhcpifconf['defaultleasetime'])
278	5b237745	Scott Ullrich	$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
279			if ($dhcpifconf['maxleasetime'])
280			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
281	a25183c5	Scott Ullrich
282	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
283			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
284			$dhcpdconf .= " option netbios-node-type 8;\n";
285			}
286	a25183c5	Scott Ullrich
287	ad171999	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
288			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
289
290	ee1b024e	Martin Fuchs	if ($dhcpifconf['tftp'] <> "")
291	6c23757b	Martin Fuchs	$dhcpdconf .= " option tftp-server-name \"{$dhcpifconf['tftp']}\";\n";
292
293	ee1b024e	Martin Fuchs	if ($dhcpifconf['ldap'] <> "")
294	6c23757b	Martin Fuchs	$dhcpdconf .= " option ldap-server \"{$dhcpifconf['ldap']}\";\n";
295
296	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
297			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
298			$dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n";
299			$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
300			}
301	ca126e03	Martin Fuchs	if ($dhcpifconf['rootpath'] <> "") {
302			$dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n";
303	ee1b024e	Martin Fuchs	}
304	4e9cd828	Seth Mos	}
305	ee1b024e	Martin Fuchs
306	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
307			}
308
309			EOD;
310
311			/* add static mappings */
312			if (is_array($dhcpifconf['staticmap'])) {
313	a25183c5	Scott Ullrich
314	5b237745	Scott Ullrich	$i = 0;
315			foreach ($dhcpifconf['staticmap'] as $sm) {
316			$dhcpdconf .= <<<EOD
317			host s_{$dhcpif}_{$i} {
318			hardware ethernet {$sm['mac']};
319
320			EOD;
321			if ($sm['ipaddr'])
322			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
323	a25183c5	Scott Ullrich
324	80717709	Martin Fuchs	if ($sm['hostname'])
325			$dhcpdconf .= " option host-name {$sm['hostname']};\n";
326
327	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
328			$i++;
329			}
330			}
331	a25183c5	Scott Ullrich
332	5b237745	Scott Ullrich	$dhcpdifs[] = $ifcfg['if'];
333			}
334
335			fwrite($fd, $dhcpdconf);
336			fclose($fd);
337
338			/* create an empty leases database */
339	1d023e00	Scott Ullrich	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
340	a25183c5	Scott Ullrich
341	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
342	1d023e00	Scott Ullrich	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf {$g['dhcpd_chroot_path']}/etc/dhcpd.conf " .
343	5b237745	Scott Ullrich	join(" ", $dhcpdifs));
344	a25183c5	Scott Ullrich
345	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
346	68a0e4fc	Scott Ullrich	print "done.\n";
347	5c6d0f65	Colin Smith	}
348	a25183c5	Scott Ullrich
349	5b237745	Scott Ullrich	return 0;
350			}
351
352	80933129	Bill Marquette	function interfaces_staticarp_configure($if) {
353	f19d3b7a	Scott Ullrich	global $config, $g;
354	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
355	acd910bf	Scott Ullrich	$mt = microtime();
356	dcf0598e	Scott Ullrich	echo "interfaces_staticarp_configure($if) being called $mt\n";
357	acd910bf	Scott Ullrich	}
358	c7f44ae0	Scott Ullrich
359	80933129	Bill Marquette	$ifcfg = $config['interfaces'][$if];
360	5c0538e0	Bill Marquette
361			/* Enable staticarp, if enabled */
362	80933129	Bill Marquette	if(isset($config['dhcpd'][$if]['staticarp'])) {
363			mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
364	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -ad > /dev/null 2>&1 ");
365	80933129	Bill Marquette	if (is_array($config['dhcpd'][$if]['staticmap'])) {
366	5c0538e0	Bill Marquette
367	80933129	Bill Marquette	foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
368	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
369
370			}
371	c7f44ae0	Scott Ullrich
372	5c0538e0	Bill Marquette	}
373			} else {
374	80933129	Bill Marquette	mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
375	d4d6caab	Scott Ullrich	mwexec("/usr/sbin/arp -da > /dev/null 2>&1 ");
376	5c0538e0	Bill Marquette	}
377
378			return 0;
379			}
380
381	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
382	f19d3b7a	Scott Ullrich	global $config, $g;
383	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
384	acd910bf	Scott Ullrich	$mt = microtime();
385	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
386	acd910bf	Scott Ullrich	}
387	a25183c5	Scott Ullrich
388	5b237745	Scott Ullrich	/* kill any running dhcrelay */
389			killbypid("{$g['varrun_path']}/dhcrelay.pid");
390	a25183c5	Scott Ullrich
391	5b237745	Scott Ullrich	$dhcrelaycfg = $config['dhcrelay'];
392	a25183c5	Scott Ullrich
393	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
394			$dhcrelayenable = false;
395	0ab19c0e	Scott Ullrich	if(is_array($dhcrelaycfg)) {
396			foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
397			if (isset($dhcrelayifconf['enable']) &&
398			(($dhcrelayif == "lan") \|\|
399			(isset($config['interfaces'][$dhcrelayif]['enable']) &&
400			$config['interfaces'][$dhcrelayif]['if'] && (!$config['interfaces'][$dhcrelayif]['bridge']))))
401			$dhcrelayenable = true;
402			}
403	5b237745	Scott Ullrich	}
404	a25183c5	Scott Ullrich
405	5b237745	Scott Ullrich	if (!$dhcrelayenable)
406			return 0;
407	a25183c5	Scott Ullrich
408	5b237745	Scott Ullrich	if ($g['booting'])
409	f05740c1	Scott Ullrich	echo "Starting DHCP relay service...";
410	5b237745	Scott Ullrich	else
411			sleep(1);
412	a25183c5	Scott Ullrich
413	5b237745	Scott Ullrich	$dhcrelayifs = array();
414			foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
415	a25183c5	Scott Ullrich
416	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcrelayif];
417	a25183c5	Scott Ullrich
418	5b237745	Scott Ullrich	if (!isset($dhcrelayifconf['enable']) \|\|
419			(($dhcrelayif != "lan") &&
420			(!isset($ifcfg['enable']) \|\| !$ifcfg['if'] \|\| $ifcfg['bridge'])))
421			continue;
422	a25183c5	Scott Ullrich
423	5b237745	Scott Ullrich	$dhcrelayifs[] = $ifcfg['if'];
424			}
425
426	a25183c5	Scott Ullrich	/* In order for the relay to work, it needs to be active on the
427	5b237745	Scott Ullrich	interface in which the destination server sits */
428			foreach ($config['interfaces'] as $ifname) {
429			$subnet = $ifname['ipaddr'] . "/" . $ifname['subnet'];
430	a25183c5	Scott Ullrich	if (ip_in_subnet($dhcrelaycfg['server'],$subnet))
431			$destif = $ifname['if'];
432	5b237745	Scott Ullrich	}
433	a25183c5	Scott Ullrich
434			if (!isset($destif))
435	5b237745	Scott Ullrich	$destif = $config['interfaces']['wan']['if'];
436	a25183c5	Scott Ullrich
437	5b237745	Scott Ullrich	$dhcrelayifs[] = $destif;
438			$dhcrelayifs = array_unique($dhcrelayifs);
439
440			/* fire up dhcrelay */
441			$cmd = "/usr/local/sbin/dhcrelay -i " . join(" -i ", $dhcrelayifs);
442
443	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
444	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
445
446			$cmd .= " {$dhcrelaycfg['server']}";
447			mwexec($cmd);
448	a25183c5	Scott Ullrich
449	5b237745	Scott Ullrich	if (!$g['booting']) {
450	e239df5a	Scott Ullrich	/* set the reload filter dity flag */
451	f229e20f	Scott Ullrich	touch("{$g['tmp_path']}/filter_dirty");
452	5c6d0f65	Colin Smith	}
453	a25183c5	Scott Ullrich
454	5b237745	Scott Ullrich	return 0;
455			}
456
457			function services_dyndns_reset() {
458	f19d3b7a	Scott Ullrich	global $config, $g;
459	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
460			$mt = microtime();
461			echo "services_dyndns_reset() being called $mt\n";
462			}
463	5b237745	Scott Ullrich
464			if (file_exists("{$g['vardb_path']}/ez-ipupdate.cache")) {
465	59a63553	Scott Ullrich	conf_mount_rw();
466	5b237745	Scott Ullrich	unlink("{$g['vardb_path']}/ez-ipupdate.cache");
467	59a63553	Scott Ullrich	conf_mount_ro();
468			}
469
470	5b237745	Scott Ullrich	if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
471			conf_mount_rw();
472			unlink("{$g['conf_path']}/ez-ipupdate.cache");
473			conf_mount_ro();
474			}
475	05030ab8	Chris Buechler
476			if (file_exists("{$g['conf_path']}/dyndns.cache")) {
477			conf_mount_rw();
478			unlink("{$g['conf_path']}/dyndns.cache");
479			conf_mount_ro();
480			}
481	59a63553	Scott Ullrich
482	5b237745	Scott Ullrich	return 0;
483			}
484
485			function services_dyndns_configure() {
486	f19d3b7a	Scott Ullrich	global $config, $g;
487	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
488			$mt = microtime();
489			echo "services_dyndns_configure() being called $mt\n";
490			}
491
492	5b237745	Scott Ullrich	$dyndnscfg = $config['dyndns'];
493	9cc8c59e	Scott Ullrich	$wancfg = $config['interfaces']['wan'];
494	59a63553	Scott Ullrich
495	5b237745	Scott Ullrich	if (isset($dyndnscfg['enable'])) {
496	59a63553	Scott Ullrich
497			if ($g['booting']) {
498	f05740c1	Scott Ullrich	echo "Starting DynDNS client...";
499	59a63553	Scott Ullrich	if(isset($config['system']['use_old_dyndns'])) {
500			echo " [Using ez-ipupdate] ";
501			services_dyndns_configure_old();
502			return;
503	c7f44ae0	Scott Ullrich	}
504	59a63553	Scott Ullrich	} else {
505	5b237745	Scott Ullrich	sleep(1);
506	59a63553	Scott Ullrich	if(isset($config['system']['use_old_dyndns'])) {
507			services_dyndns_configure_old();
508			return;
509	c7f44ae0	Scott Ullrich	}
510	5e2f59ed	Scott Ullrich	}
511	c7f44ae0	Scott Ullrich
512	59a63553	Scott Ullrich	/* load up the dyndns.class */
513			require_once("dyndns.class");
514
515			log_error("DynDns: Running updatedns()");
516
517	6b35646f	Scott Ullrich	/* determine WAN interface name */
518			$wanif = get_real_wan_interface();
519			/* get ip */
520			$ip = find_interface_ip($wanif);
521
522	59a63553	Scott Ullrich	$dns = new updatedns($dnsService = $config['dyndns']['type'],
523			$dnsHost = $config['dyndns']['host'],
524			$dnsUser = $config['dyndns']['username'],
525			$dnsPass = $config['dyndns']['password'],
526			$dnsWilcard = $config['dyndns']['wildcard'],
527			$dnsMX = $config['dyndns']['mx']);
528
529			if ($g['booting'])
530			echo "done.\n";
531			}
532
533			return 0;
534			}
535
536			function services_dyndns_configure_old() {
537			global $config, $g;
538			if(isset($config['system']['developerspew'])) {
539			$mt = microtime();
540			echo "services_dyndns_configure_old() being called $mt\n";
541			}
542
543			/* kill any running ez-ipupdate */
544			/* ez-ipupdate needs SIGQUIT instead of SIGTERM */
545			sigkillbypid("{$g['varrun_path']}/ez-ipupdate.pid", "QUIT");
546
547			$dyndnscfg = $config['dyndns'];
548			$wancfg = $config['interfaces']['wan'];
549
550			if (isset($dyndnscfg['enable'])) {
551
552			if ($g['booting'])
553	f05740c1	Scott Ullrich	echo "Starting DynDNS client...";
554	59a63553	Scott Ullrich	else
555			sleep(1);
556
557			/* determine WAN interface name */
558			$wanif = get_real_wan_interface();
559
560			/* write ez-ipupdate.conf */
561			$fd = fopen("{$g['varetc_path']}/ez-ipupdate.conf", "w");
562			if (!$fd) {
563			printf("Error: cannot open ez-ipupdate.conf in services_dyndns_configure().\n");
564			return 1;
565			}
566
567			$ezipupdateconf = <<<EOD
568	0d5f2f3e	Scott Ullrich	service-type={$dyndnscfg['type']}
569			user={$dyndnscfg['username']}:{$dyndnscfg['password']}
570			host={$dyndnscfg['host']}
571	59a63553	Scott Ullrich	interface={$wanif}
572	0d5f2f3e	Scott Ullrich	max-interval=2073600
573			pid-file={$g['varrun_path']}/ez-ipupdate.pid
574			cache-file={$g['vardb_path']}/ez-ipupdate.cache
575			execute=/etc/rc.dyndns.storecache
576			daemon
577
578			EOD;
579
580	59a63553	Scott Ullrich	/* enable server[:port]? */
581			if ($dyndnscfg['server']) {
582			if ($dyndnscfg['port'])
583			$ezipupdateconf .= "server={$dyndnscfg['server']}:{$dyndnscfg['port']}\n";
584			else
585			$ezipupdateconf .= "server={$dyndnscfg['server']}\n";
586			}
587	0d5f2f3e	Scott Ullrich
588	59a63553	Scott Ullrich	/* enable MX? */
589			if ($dyndnscfg['mx']) {
590			$ezipupdateconf .= "mx={$dyndnscfg['mx']}\n";
591			}
592	0d5f2f3e	Scott Ullrich
593	59a63553	Scott Ullrich	/* enable wildcards? */
594			if (isset($dyndnscfg['wildcard'])) {
595			$ezipupdateconf .= "wildcard\n";
596			}
597
598			fwrite($fd, $ezipupdateconf);
599			fclose($fd);
600
601			/* if we're booting, copy the cache file from /conf */
602			if ($g['booting']) {
603			if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
604			copy("{$g['conf_path']}/ez-ipupdate.cache", "{$g['vardb_path']}/ez-ipupdate.cache");
605			}
606			}
607
608			/* run ez-ipupdate */
609			mwexec("/usr/local/bin/ez-ipupdate -c {$g['varetc_path']}/ez-ipupdate.conf");
610
611			if ($g['booting'])
612			echo "done\n";
613			}
614
615			return 0;
616	0d5f2f3e	Scott Ullrich	}
617
618	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
619	f19d3b7a	Scott Ullrich	global $config, $g;
620	6a01ea44	Bill Marquette	$return = 0;
621
622	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
623	acd910bf	Scott Ullrich	$mt = microtime();
624	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
625	acd910bf	Scott Ullrich	}
626
627	5b237745	Scott Ullrich	/* kill any running dnsmasq */
628			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
629
630			if (isset($config['dnsmasq']['enable'])) {
631	a25183c5	Scott Ullrich
632	5b237745	Scott Ullrich	if ($g['booting'])
633	f05740c1	Scott Ullrich	echo "Starting DNS forwarder...";
634	5b237745	Scott Ullrich	else
635			sleep(1);
636
637			/* generate hosts file */
638	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
639			$return = 1;
640	a25183c5	Scott Ullrich
641	5b237745	Scott Ullrich	$args = "";
642	a25183c5	Scott Ullrich
643	5b237745	Scott Ullrich	if (isset($config['dnsmasq']['regdhcp'])) {
644	a25183c5	Scott Ullrich
645	d097bb38	Scott Ullrich	$args .= " -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases" .
646	5b237745	Scott Ullrich	" -s {$config['system']['domain']}";
647			}
648
649	0c2b5df7	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
650			foreach($config['dnsmasq']['domainoverrides'] as $override) {
651			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
652			}
653			}
654
655	91adc5c1	Scott Ullrich	/* suppose that dnsmasq handles our domain and don't send
656			requests for our local domain to upstream servers */
657	a704b650	Scott Ullrich	//if (!empty($config['system']['domain'])) {
658			// $args .= sprintf(' --local=/%s/', $config['system']['domain']);
659			//}
660	91adc5c1	Scott Ullrich
661	5b237745	Scott Ullrich	/* run dnsmasq */
662	c147cd0e	Scott Ullrich	mwexec("/usr/local/sbin/dnsmasq --cache-size=5000 {$args}");
663	5b237745	Scott Ullrich
664			if ($g['booting'])
665	5c6d0f65	Colin Smith	echo "done.\n";
666	5b237745	Scott Ullrich	}
667	a25183c5	Scott Ullrich
668	5b237745	Scott Ullrich	if (!$g['booting']) {
669	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
670			$return = 1;
671	5b237745	Scott Ullrich	}
672
673	6a01ea44	Bill Marquette	return $return;
674	5b237745	Scott Ullrich	}
675
676			function services_snmpd_configure() {
677	f19d3b7a	Scott Ullrich	global $config, $g;
678	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
679	acd910bf	Scott Ullrich	$mt = microtime();
680	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
681			}
682	5b237745	Scott Ullrich
683			/* kill any running snmpd */
684			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
685	bc95f193	Scott Ullrich	if(is_process_running("bsnmpd"))
686			exec("/usr/bin/killall bsnmpd");
687	5b237745	Scott Ullrich
688			if (isset($config['snmpd']['enable'])) {
689	a25183c5	Scott Ullrich
690	5b237745	Scott Ullrich	if ($g['booting'])
691	5c6d0f65	Colin Smith	echo "Starting SNMP daemon... ";
692	5b237745	Scott Ullrich
693			/* generate snmpd.conf */
694			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
695			if (!$fd) {
696			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
697			return 1;
698			}
699	a25183c5	Scott Ullrich
700	142da8f7	John Fleming
701	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
702	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
703			contact := "{$config['snmpd']['syscontact']}"
704			read := "{$config['snmpd']['rocommunity']}"
705	142da8f7	John Fleming
706			EOD;
707
708			/* No docs on what write strings do there for disable for now.
709			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
710			$snmpdconf .= <<<EOD
711			# write string
712			write := "{$config['snmpd']['rwcommunity']}"
713
714			EOD;
715			}
716			*/
717
718
719			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
720			$snmpdconf .= <<<EOD
721			# SNMP Trap support.
722	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
723			trapport := {$config['snmpd']['trapserverport']}
724			trap := "{$config['snmpd']['trapstring']}"
725	142da8f7	John Fleming
726
727			EOD;
728			}
729
730
731			$snmpdconf .= <<<EOD
732	d47a8a69	Scott Ullrich	system := 1 # pfSense
733			%snmpd
734			begemotSnmpdDebugDumpPdus = 2
735			begemotSnmpdDebugSyslogPri = 7
736			begemotSnmpdCommunityString.0.1 = $(read)
737	142da8f7	John Fleming
738			EOD;
739
740			/* No docs on what write strings do there for disable for now.
741			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
742			$snmpdconf .= <<<EOD
743			begemotSnmpdCommunityString.0.2 = $(write)
744
745			EOD;
746			}
747			*/
748
749	c7f44ae0	Scott Ullrich
750	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
751			$snmpdconf .= <<<EOD
752			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
753			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
754			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
755
756			EOD;
757			}
758
759
760			$snmpdconf .= <<<EOD
761	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
762	03ba7a0f	John Fleming
763			EOD;
764
765	7cbad422	Scott Ullrich	if(isset($config['snmpd']['bindlan'])) {
766			$bind_to_ip = $config['interfaces']['lan']['ipaddr'];
767			} else {
768			$bind_to_ip = "0.0.0.0";
769			}
770
771	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
772			$snmpdconf .= <<<EOD
773	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
774	03ba7a0f	John Fleming
775			EOD;
776
777			}
778
779			$snmpdconf .= <<<EOD
780	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
781			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
782	142da8f7	John Fleming
783	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
784	9cc8c59e	Scott Ullrich	sysContact = $(contact)
785			sysLocation = $(location)
786			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
787	142da8f7	John Fleming
788	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
789	03ba7a0f	John Fleming
790			EOD;
791
792			if (is_array( $config['snmpd']['modules'] )) {
793			if(isset($config['snmpd']['modules']['mibii'])) {
794			$snmpdconf .= <<<EOD
795	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
796	03ba7a0f	John Fleming
797			EOD;
798			}
799
800			if(isset($config['snmpd']['modules']['netgraph'])) {
801			$snmpdconf .= <<<EOD
802	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
803			%netgraph
804			begemotNgControlNodeName = "snmpd"
805	03ba7a0f	John Fleming
806			EOD;
807			}
808
809			if(isset($config['snmpd']['modules']['pf'])) {
810			$snmpdconf .= <<<EOD
811	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
812	95fb49e8	Seth Mos
813			EOD;
814			}
815
816			if(isset($config['snmpd']['modules']['hostres'])) {
817			$snmpdconf .= <<<EOD
818			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
819
820			EOD;
821			}
822			if(isset($config['snmpd']['modules']['bridge'])) {
823			$snmpdconf .= <<<EOD
824			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
825	d47a8a69	Scott Ullrich	# config must end with blank line
826	5b237745	Scott Ullrich
827	03ba7a0f	John Fleming
828	5b237745	Scott Ullrich	EOD;
829	03ba7a0f	John Fleming	}
830			}
831	5b237745	Scott Ullrich
832			fwrite($fd, $snmpdconf);
833			fclose($fd);
834
835	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
836			$bindlan = "";
837			}
838
839	853e003a	Scott Ullrich	/* run bsnmpd */
840			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
841	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
842	5b237745	Scott Ullrich
843			if ($g['booting'])
844	5c6d0f65	Colin Smith	echo "done.\n";
845	5b237745	Scott Ullrich	}
846
847			return 0;
848			}
849
850	f19d3b7a	Scott Ullrich	function services_proxyarp_configure() {
851			global $config, $g;
852	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
853	acd910bf	Scott Ullrich	$mt = microtime();
854	f19d3b7a	Scott Ullrich	echo "services_proxyarp_configure() being called $mt\n";
855	acd910bf	Scott Ullrich	}
856
857	5b237745	Scott Ullrich	/* kill any running choparp */
858			killbyname("choparp");
859	a25183c5	Scott Ullrich
860	1425e067	Bill Marquette	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
861	a23d7248	Scott Ullrich	$paa = array();
862	a25183c5	Scott Ullrich
863	a23d7248	Scott Ullrich	/* group by interface */
864	1425e067	Bill Marquette	foreach ($config['virtualip']['vip'] as $vipent) {
865			if ($vipent['mode'] === "proxyarp") {
866			if ($vipent['interface'])
867			$if = $vipent['interface'];
868			else
869			$if = "wan";
870	a23d7248	Scott Ullrich
871	1425e067	Bill Marquette	if (!is_array($paa[$if]))
872			$paa[$if] = array();
873	a23d7248	Scott Ullrich
874	1425e067	Bill Marquette	$paa[$if][] = $vipent;
875			}
876	e4b7e011	Bill Marquette	}
877	a23d7248	Scott Ullrich
878	1425e067	Bill Marquette	if (count($paa))
879	e4b7e011	Bill Marquette	foreach ($paa as $paif => $paents) {
880			if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) \|\|
881	a23d7248	Scott Ullrich	($config['interfaces']['wan']['ipaddr'] == "dhcp") \|\|
882			($config['interfaces']['wan']['ipaddr'] == "bigpond")))
883			continue;
884
885	e4b7e011	Bill Marquette	$args = $config['interfaces'][$paif]['if'] . " auto";
886	a23d7248	Scott Ullrich
887	e4b7e011	Bill Marquette	foreach ($paents as $paent) {
888	a23d7248	Scott Ullrich
889	1425e067	Bill Marquette	if (isset($paent['subnet']))
890			$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
891	e4b7e011	Bill Marquette	else if (isset($paent['range']))
892			$args .= " " . escapeshellarg($paent['range']['from'] . "-" .
893			$paent['range']['to']);
894			}
895	a25183c5	Scott Ullrich
896	e4b7e011	Bill Marquette	mwexec_bg("/usr/local/sbin/choparp " . $args);
897			}
898	a23d7248	Scott Ullrich	}
899			}
900
901			function services_dnsupdate_process() {
902	f19d3b7a	Scott Ullrich	global $config, $g;
903	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
904	acd910bf	Scott Ullrich	$mt = microtime();
905	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
906	acd910bf	Scott Ullrich	}
907	f19d3b7a	Scott Ullrich
908	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
909			if (isset($config['dnsupdate']['enable'])) {
910	c7f44ae0	Scott Ullrich
911	a23d7248	Scott Ullrich	$wanip = get_current_wan_address();
912			if ($wanip) {
913	c7f44ae0	Scott Ullrich
914	a23d7248	Scott Ullrich	$keyname = $config['dnsupdate']['keyname'];
915			/* trailing dot */
916			if (substr($keyname, -1) != ".")
917			$keyname .= ".";
918	c7f44ae0	Scott Ullrich
919	a23d7248	Scott Ullrich	$hostname = $config['dnsupdate']['host'];
920			/* trailing dot */
921			if (substr($hostname, -1) != ".")
922			$hostname .= ".";
923	c7f44ae0	Scott Ullrich
924	a23d7248	Scott Ullrich	/* write private key file
925			this is dumb - public and private keys are the same for HMAC-MD5,
926			but nsupdate insists on having both */
927			$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w");
928			$privkey .= <<<EOD
929			Private-key-format: v1.2
930			Algorithm: 157 (HMAC)
931			Key: {$config['dnsupdate']['keydata']}
932
933			EOD;
934			fwrite($fd, $privkey);
935			fclose($fd);
936	c7f44ae0	Scott Ullrich
937	a23d7248	Scott Ullrich	/* write public key file */
938			if ($config['dnsupdate']['keytype'] == "zone") {
939			$flags = 257;
940			$proto = 3;
941			} else if ($config['dnsupdate']['keytype'] == "host") {
942			$flags = 513;
943			$proto = 3;
944			} else if ($config['dnsupdate']['keytype'] == "user") {
945			$flags = 0;
946			$proto = 2;
947			}
948	c7f44ae0	Scott Ullrich
949	a23d7248	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w");
950			fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n");
951			fclose($fd);
952	c7f44ae0	Scott Ullrich
953	a23d7248	Scott Ullrich	/* generate update instructions */
954	f9b5d5e5	Scott Ullrich	$upinst = "";
955			if (!empty($config['dnsupdate']['server']))
956			$upinst .= "server {$config['dnsupdate']['server']}\n";
957			$upinst .= "update delete {$config['dnsupdate']['host']} A\n";
958	a23d7248	Scott Ullrich	$upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n";
959			$upinst .= "\n"; /* mind that trailing newline! */
960	c7f44ae0	Scott Ullrich
961	a23d7248	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w");
962			fwrite($fd, $upinst);
963			fclose($fd);
964	c7f44ae0	Scott Ullrich
965	a23d7248	Scott Ullrich	/* invoke nsupdate */
966	2c9b965a	Scott Ullrich	$cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}/K{$keyname}+157+00000.key";
967	a23d7248	Scott Ullrich	if (isset($config['dnsupdate']['usetcp']))
968			$cmd .= " -v";
969			$cmd .= " {$g['varetc_path']}/nsupdatecmds";
970	c7f44ae0	Scott Ullrich
971	a23d7248	Scott Ullrich	mwexec_bg($cmd);
972			}
973			}
974	c7f44ae0	Scott Ullrich
975	a23d7248	Scott Ullrich	return 0;
976	5b237745	Scott Ullrich	}
977
978	ac809adb	Scott Ullrich	function setup_wireless_olsr() {
979	f19d3b7a	Scott Ullrich	global $config, $g;
980	834c3bbd	Scott Ullrich	if(!$config['installedpackages']['olsrd'] \|\| !$config['installedpackages'])
981	c7f44ae0	Scott Ullrich	return;
982	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
983	acd910bf	Scott Ullrich	$mt = microtime();
984	f19d3b7a	Scott Ullrich	echo "setup_wireless_olsr($interface) being called $mt\n";
985	acd910bf	Scott Ullrich	}
986	eebeaf0d	Scott Ullrich	conf_mount_rw();
987	78e07da7	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
988	8fb40409	Scott Ullrich	$olsr_enable = $olsrd['enable'];
989			if($olsr_enable <> "on")
990	c7f44ae0	Scott Ullrich	return;
991	ac809adb	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
992	48ab0cd2	Scott Ullrich
993	dad93b75	Scott Ullrich	if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
994			$enableannounce .= "\nHna4\n";
995			$enableannounce .= "{\n";
996	bdd25a82	Scott Ullrich	if($olsrd['announcedynamicroute'])
997			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
998			if($olsrd['enableannounce'] == "on")
999			$enableannounce .= "0.0.0.0 0.0.0.0";
1000	dad93b75	Scott Ullrich	$enableannounce .= "\n}\n";
1001			} else {
1002	48ab0cd2	Scott Ullrich	$enableannounce = "";
1003	dad93b75	Scott Ullrich	}
1004	48ab0cd2	Scott Ullrich
1005	db5fbdb7	Scott Ullrich	$olsr .= <<<EODA
1006	80ce93c6	Scott Ullrich	#
1007			# olsr.org OLSR daemon config file
1008			#
1009			# Lines starting with a # are discarded
1010			#
1011	ac809adb	Scott Ullrich	# This file was generated by setup_wireless_olsr() in services.inc
1012	80ce93c6	Scott Ullrich	#
1013
1014	6d0433a5	Scott Ullrich	# This file is an example of a typical
1015			# configuration for a mostly static
1016			# network(regarding mobility) using
1017			# the LQ extention
1018
1019	80ce93c6	Scott Ullrich	# Debug level(0-9)
1020			# If set to 0 the daemon runs in the background
1021
1022	6d0433a5	Scott Ullrich	DebugLevel 2
1023	80ce93c6	Scott Ullrich
1024			# IP version to use (4 or 6)
1025
1026	6d0433a5	Scott Ullrich	IpVersion 4
1027	80ce93c6	Scott Ullrich
1028			# Clear the screen each time the internal state changes
1029
1030			ClearScreen yes
1031
1032	fa4a6253	Scott Ullrich	{$enableannounce}
1033	80ce93c6	Scott Ullrich
1034			# Should olsrd keep on running even if there are
1035			# no interfaces available? This is a good idea
1036			# for a PCMCIA/USB hotswap environment.
1037			# "yes" OR "no"
1038
1039	6d0433a5	Scott Ullrich	AllowNoInt yes
1040	80ce93c6	Scott Ullrich
1041			# TOS(type of service) value for
1042			# the IP header of control traffic.
1043			# If not set it will default to 16
1044
1045	6d0433a5	Scott Ullrich	#TosValue 16
1046	80ce93c6	Scott Ullrich
1047			# The fixed willingness to use(0-7)
1048			# If not set willingness will be calculated
1049			# dynamically based on battery/power status
1050			# if such information is available
1051
1052	6d0433a5	Scott Ullrich	#Willingness 4
1053	80ce93c6	Scott Ullrich
1054			# Allow processes like the GUI front-end
1055			# to connect to the daemon.
1056
1057			IpcConnect
1058			{
1059			# Determines how many simultaneously
1060			# IPC connections that will be allowed
1061			# Setting this to 0 disables IPC
1062
1063			MaxConnections 0
1064
1065			# By default only 127.0.0.1 is allowed
1066			# to connect. Here allowed hosts can
1067			# be added
1068
1069			Host 127.0.0.1
1070			#Host 10.0.0.5
1071
1072	c7f44ae0	Scott Ullrich	# You can also specify entire net-ranges
1073	80ce93c6	Scott Ullrich	# that are allowed to connect. Multiple
1074			# entries are allowed
1075
1076	c7f44ae0	Scott Ullrich	#Net 192.168.1.0 255.255.255.0
1077	80ce93c6	Scott Ullrich	}
1078
1079			# Wether to use hysteresis or not
1080			# Hysteresis adds more robustness to the
1081			# link sensing but delays neighbor registration.
1082			# Used by default. 'yes' or 'no'
1083
1084	6d0433a5	Scott Ullrich	UseHysteresis no
1085	80ce93c6	Scott Ullrich
1086			# Hysteresis parameters
1087	c7f44ae0	Scott Ullrich	# Do not alter these unless you know
1088	80ce93c6	Scott Ullrich	# what you are doing!
1089			# Set to auto by default. Allowed
1090			# values are floating point values
1091			# in the interval 0,1
1092			# THR_LOW must always be lower than
1093			# THR_HIGH.
1094
1095	6d0433a5	Scott Ullrich	#HystScaling 0.50
1096			#HystThrHigh 0.80
1097			#HystThrLow 0.30
1098	80ce93c6	Scott Ullrich
1099
1100			# Link quality level
1101			# 0 = do not use link quality
1102			# 1 = use link quality for MPR selection
1103			# 2 = use link quality for MPR selection and routing
1104			# Defaults to 0
1105
1106	11bc553c	Scott Ullrich	LinkQualityLevel {$olsrd['enablelqe']}
1107	80ce93c6	Scott Ullrich
1108			# Link quality window size
1109			# Defaults to 10
1110
1111	6d0433a5	Scott Ullrich	LinkQualityWinSize 10
1112	80ce93c6	Scott Ullrich
1113	c7f44ae0	Scott Ullrich	# Polling rate in seconds(float).
1114	80ce93c6	Scott Ullrich	# Default value 0.05 sec
1115
1116	6d0433a5	Scott Ullrich	Pollrate 0.05
1117	80ce93c6	Scott Ullrich
1118
1119			# TC redundancy
1120			# Specifies how much neighbor info should
1121			# be sent in TC messages
1122			# Possible values are:
1123			# 0 - only send MPR selectors
1124			# 1 - send MPR selectors and MPRs
1125			# 2 - send all neighbors
1126			#
1127			# defaults to 0
1128
1129	6d0433a5	Scott Ullrich	TcRedundancy 2
1130	80ce93c6	Scott Ullrich
1131			#
1132			# MPR coverage
1133			# Specifies how many MPRs a node should
1134			# try select to reach every 2 hop neighbor
1135			#
1136			# Can be set to any integer >0
1137			#
1138			# defaults to 1
1139
1140	6d0433a5	Scott Ullrich	MprCoverage 3
1141	80ce93c6	Scott Ullrich
1142	db5fbdb7	Scott Ullrich	# Example plugin entry with parameters:
1143	80ce93c6	Scott Ullrich
1144	db5fbdb7	Scott Ullrich	EODA;
1145	80ce93c6	Scott Ullrich
1146	1a2369f4	Scott Ullrich	if($olsrd['enablehttpinfo'] == "on") {
1147	db5fbdb7	Scott Ullrich	$olsr .= <<<EODB
1148
1149			LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
1150			{
1151	78e07da7	Scott Ullrich	PlParam "port" "{$olsrd['port']}"
1152			PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
1153	db5fbdb7	Scott Ullrich	}
1154	80ce93c6	Scott Ullrich
1155	db5fbdb7	Scott Ullrich	EODB;
1156
1157			}
1158
1159	aac0e00c	Scott Ullrich	if($olsrd['enabledsecure'] == "on") {
1160	db5fbdb7	Scott Ullrich	$olsr .= <<<EODC
1161
1162	e2894d7f	Scott Ullrich	LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
1163	db5fbdb7	Scott Ullrich	{
1164			PlParam "Keyfile" "/usr/local/etc/olsrkey.txt"
1165			}
1166	80ce93c6	Scott Ullrich
1167	db5fbdb7	Scott Ullrich	EODC;
1168
1169			}
1170
1171	1a2369f4	Scott Ullrich	if($olsrd['enabledyngw'] == "on") {
1172	10c6e7a8	Scott Ullrich
1173			/* unset default route, olsr auto negotiates */
1174			mwexec("/sbin/route delete default");
1175	c7f44ae0	Scott Ullrich
1176	db5fbdb7	Scott Ullrich	$olsr .= <<<EODE
1177
1178			LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
1179			{
1180			# how often to look for a inet gw, in seconds
1181			# defaults to 5 secs, if commented out
1182	78e07da7	Scott Ullrich	PlParam "Interval" "{$olsrd['polling']}"
1183	80ce93c6	Scott Ullrich
1184			# if one or more IPv4 addresses are given, do a ping on these in
1185			# descending order to validate that there is not only an entry in
1186			# routing table, but also a real internet connection. If any of
1187			# these addresses could be pinged successfully, the test was
1188			# succesful, i.e. if the ping on the 1st address was successful,the
1189			# 2nd won't be pinged
1190	78e07da7	Scott Ullrich	PlParam "Ping" "{$olsrd['ping']}"
1191	db5fbdb7	Scott Ullrich	#PlParam "HNA" "192.168.81.0 255.255.255.0"
1192			}
1193	80ce93c6	Scott Ullrich
1194	db5fbdb7	Scott Ullrich	EODE;
1195	80ce93c6	Scott Ullrich
1196	db5fbdb7	Scott Ullrich	}
1197	80ce93c6	Scott Ullrich
1198	a4904847	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $conf) {
1199	c7f44ae0	Scott Ullrich	$interfaces = explode(',', $conf['iface_array']);
1200			foreach($interfaces as $interface) {
1201	015b7184	Scott Ullrich	$realinterface = convert_friendly_interface_to_real_interface_name($interface);
1202	c7f44ae0	Scott Ullrich	$olsr .= <<<EODAD
1203			Interface "{$realinterface}"
1204	80ce93c6	Scott Ullrich	{
1205
1206			# Hello interval in seconds(float)
1207	6d0433a5	Scott Ullrich	HelloInterval 2.0
1208	80ce93c6	Scott Ullrich
1209			# HELLO validity time
1210	6d0433a5	Scott Ullrich	HelloValidityTime 20.0
1211	80ce93c6	Scott Ullrich
1212			# TC interval in seconds(float)
1213	6d0433a5	Scott Ullrich	TcInterval 5.0
1214	80ce93c6	Scott Ullrich
1215			# TC validity time
1216	6d0433a5	Scott Ullrich	TcValidityTime 30.0
1217	80ce93c6	Scott Ullrich
1218			# MID interval in seconds(float)
1219	6d0433a5	Scott Ullrich	MidInterval 5.0
1220	80ce93c6	Scott Ullrich
1221			# MID validity time
1222	6d0433a5	Scott Ullrich	MidValidityTime 30.0
1223	80ce93c6	Scott Ullrich
1224			# HNA interval in seconds(float)
1225	6d0433a5	Scott Ullrich	HnaInterval 5.0
1226	80ce93c6	Scott Ullrich
1227			# HNA validity time
1228	6d0433a5	Scott Ullrich	HnaValidityTime 30.0
1229	80ce93c6	Scott Ullrich
1230			# When multiple links exist between hosts
1231			# the weight of interface is used to determine
1232			# the link to use. Normally the weight is
1233			# automatically calculated by olsrd based
1234			# on the characteristics of the interface,
1235			# but here you can specify a fixed value.
1236			# Olsrd will choose links with the lowest value.
1237
1238			# Weight 0
1239
1240
1241			}
1242	ac809adb	Scott Ullrich
1243	c7f44ae0	Scott Ullrich	EODAD;
1244	ac809adb	Scott Ullrich
1245			}
1246	d70f19da	Scott Ullrich	break;
1247	ac809adb	Scott Ullrich	}
1248	db5fbdb7	Scott Ullrich	fwrite($fd, $olsr);
1249			fclose($fd);
1250			}
1251	c7f44ae0	Scott Ullrich
1252	5b991209	Scott Ullrich	if(is_process_running("olsrd"))
1253	97fd5cb8	Scott Ullrich	mwexec("/usr/bin/killall olsrd");
1254
1255			sleep(2);
1256
1257			mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
1258	c7f44ae0	Scott Ullrich
1259	eebeaf0d	Scott Ullrich	conf_mount_ro();
1260	80ce93c6	Scott Ullrich	}
1261
1262	1071e028	Scott Ullrich	/* configure cron service */
1263			function configure_cron() {
1264			global $g, $config;
1265	251ca022	Scott Ullrich	conf_mount_rw();
1266	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1267			$crontab_contents = file_get_contents("/etc/crontab");
1268			$crontab_contents_a = split("\n", $crontab_contents);
1269
1270			for ($i = 0; $i < count($crontab_contents_a); $i++) {
1271			$item =& $crontab_contents_a[$i];
1272			if (strpos($item, "# pfSense specific crontab entries") !== false) {
1273			array_splice($crontab_contents_a, $i - 1);
1274			break;
1275			}
1276			}
1277			$crontab_contents = implode("\n", $crontab_contents_a) . "\n";
1278
1279
1280			if (is_array($config['cron']['item'])) {
1281			$crontab_contents .= "#\n";
1282			$crontab_contents .= "# pfSense specific crontab entries\n";
1283			$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
1284			$crontab_contents .= "#\n";
1285
1286			foreach ($config['cron']['item'] as $item) {
1287			$crontab_contents .= "\n{$item['minute']}\t";
1288			$crontab_contents .= "{$item['hour']}\t";
1289			$crontab_contents .= "{$item['mday']}\t";
1290			$crontab_contents .= "{$item['month']}\t";
1291			$crontab_contents .= "{$item['wday']}\t";
1292			$crontab_contents .= "{$item['who']}\t";
1293			$crontab_contents .= "{$item['command']}";
1294			}
1295
1296			$crontab_contents .= "\n#\n";
1297			$crontab_contents .= "# If possible do not add items to this file manually.\n";
1298			$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
1299			$crontab_contents .= "#\n\n";
1300			}
1301
1302			/* please maintain the newline at the end of file */
1303			file_put_contents("/etc/crontab", $crontab_contents);
1304
1305			if (!$g['booting'])
1306			conf_mount_ro();
1307			}
1308
1309	431484c8	Ryan Wagoner	function upnp_action ($action) {
1310			switch($action) {
1311			case "start":
1312			if(file_exists('/var/etc/miniupnpd.conf'))
1313			mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf');
1314			break;
1315			case "stop":
1316			while((int)exec("pgrep miniupnpd \| wc -l") > 0)
1317			mwexec('killall miniupnpd 2>/dev/null');
1318			mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1319			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1320			break;
1321			case "restart":
1322			upnp_action('stop');
1323			upnp_action('start');
1324			break;
1325			}
1326			}
1327
1328	6f20377b	Scott Ullrich	function upnp_start() {
1329	431484c8	Ryan Wagoner	global $config, $g;
1330			if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1331			if($g['booting']) {
1332			echo "Starting UPnP service... ";
1333			include('/usr/local/pkg/miniupnpd.inc');
1334			sync_package_miniupnpd();
1335			echo "done.\n";
1336			}
1337			else {
1338			upnp_action('start');
1339			}
1340	6f20377b	Scott Ullrich	}
1341			}
1342
1343	de71373b	Scott Ullrich	?>

Project

General

Profile

pfSense