/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ b7475a81

1	17f6eafa	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5	417fc5c4	Scott Ullrich	part of the pfSense project (http://www.pfsense.com)
6	a25183c5	Scott Ullrich
7	417fc5c4	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
8	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9	f64e8f99	Ermal	Copyright (C) 2010 Ermal Lu?i
10	5b237745	Scott Ullrich	All rights reserved.
11	a25183c5	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	a25183c5	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	a25183c5	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	a25183c5	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	523855b0	Scott Ullrich	/*
35	05c4bfa0	Ermal	pfSense_BUILDER_BINARIES: /usr/bin/killall /bin/pgrep /bin/sh /usr/local/sbin/dhcpd /usr/local/sbin/igmpproxy
36	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /sbin/ifconfig /usr/sbin/arp /sbin/ifconfig /usr/local/sbin/dnsmasq
37	abcb2bed	Ermal Lu?i	pfSense_BUILDER_BINARIES: /usr/sbin/bsnmpd /sbin/route /usr/local/sbin/olsrd
38	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/local/sbin/miniupnpd
39			pfSense_MODULE: utils
40			*/
41
42	5b237745	Scott Ullrich	function services_dhcpd_configure() {
43	f19d3b7a	Scott Ullrich	global $config, $g;
44	e3a13b00	Scott Ullrich
45			if($g['services_dhcp_server_enable'] == false)
46			return;
47
48	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
49	acd910bf	Scott Ullrich	$mt = microtime();
50	f19d3b7a	Scott Ullrich	echo "services_dhcpd_configure($if) being called $mt\n";
51	acd910bf	Scott Ullrich	}
52	af25d415	Chris Buechler
53			/* kill any running dhcpd */
54			if(is_process_running("dhcpd"))
55			mwexec("killall dhcpd", true);
56	a25183c5	Scott Ullrich
57	15be1722	Ermal Luçi	/* DHCP enabled on any interfaces? */
58			if (!is_dhcp_server_enabled())
59			return 0;
60
61	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
62	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
63			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
64			if($olsrd['enable'])
65	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
66
67	68a0e4fc	Scott Ullrich	/* configure DHCPD chroot */
68	6955830f	Ermal Lu?i	$fd = fopen("{$g['tmp_path']}/dhcpd.sh","w");
69	1d023e00	Scott Ullrich	$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
70			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
71			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
72			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
73			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
74			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
75	ffdc499a	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n");
76	1d023e00	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
77			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
78			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
79			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
80	aa1f476d	Scott Ullrich	fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
81	1d023e00	Scott Ullrich	fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
82			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
83	c7f44ae0	Scott Ullrich	if(!trim($status))
84	b5848422	Scott Ullrich	fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
85	68a0e4fc	Scott Ullrich	fclose($fd);
86	6955830f	Ermal Lu?i	mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh");
87	68a0e4fc	Scott Ullrich
88	381e43e0	jim-p	if ($g['booting']) {
89			if ($g['platform'] != "pfSense") {
90			/* restore the leases, if we have them */
91			if (file_exists("{$g['cf_conf_path']}/dhcpleases.tgz")) {
92			$dhcprestore = "";
93			$dhcpreturn = "";
94			exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcpleases.tgz 2>&1", $dhcprestore, $dhcpreturn);
95			$dhcprestore = implode(" ", $dhcprestore);
96			if($dhcpreturn <> 0) {
97			log_error("DHCP leases restore failed exited with $dhcpreturn, the error is: $dhcprestore\n");
98			}
99			}
100			}
101			}
102
103	5b237745	Scott Ullrich	$syscfg = $config['system'];
104			$dhcpdcfg = $config['dhcpd'];
105	6f9b8073	Ermal Luçi	$Iflist = get_configured_interface_list();
106	15be1722	Ermal Luçi
107	5b237745	Scott Ullrich	if ($g['booting'])
108	f05740c1	Scott Ullrich	echo "Starting DHCP service...";
109	5b237745	Scott Ullrich	else
110			sleep(1);
111	a25183c5	Scott Ullrich
112	5b237745	Scott Ullrich	/* write dhcpd.conf */
113	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
114	5b237745	Scott Ullrich	if (!$fd) {
115			printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
116			return 1;
117			}
118	a25183c5	Scott Ullrich
119	518030b3	Scott Ullrich	$custoptions = "";
120			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
121	c71f5fcd	Ermal	if(is_array($dhcpifconf['numberoptions']) && is_array($dhcpifconf['numberoptions']['item'])) {
122	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
123	678dfd0f	Erik Fonnesbeck	if(!empty($item['type']))
124			$itemtype = $item['type'];
125			else
126			$itemtype = "text";
127			$custoptions .= "option custom-{$dhcpif}-{$itemidx} code {$item['number']} = {$itemtype};\n";
128	518030b3	Scott Ullrich	}
129			}
130			}
131	4cab31d0	Scott Ullrich
132	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
133	9c88328f	Scott Ullrich
134	5b237745	Scott Ullrich	option domain-name "{$syscfg['domain']}";
135	6c23757b	Martin Fuchs	option ldap-server code 95 = text;
136	9be23653	Martin Fuchs	option domain-search-list code 119 = text;
137	518030b3	Scott Ullrich	{$custoptions}
138	5b237745	Scott Ullrich	default-lease-time 7200;
139			max-lease-time 86400;
140			log-facility local7;
141			ddns-update-style none;
142	175fe82b	Scott Ullrich	one-lease-per-client true;
143	436a0f50	Scott Ullrich	deny duplicates;
144	9c88328f	Scott Ullrich	ping-check true;
145	5b237745	Scott Ullrich
146			EOD;
147	a25183c5	Scott Ullrich
148	d8912c6b	Chris Buechler	if(!isset($dhcpifconf['disableauthoritative']))
149			$dhcpdconf .= "authoritative;\n";
150
151	5252b98d	Scott Ullrich	if(isset($dhcpifconf['alwaysbroadcast']))
152			$dhcpdconf .= "always-broadcast on\n";
153
154	5b237745	Scott Ullrich	$dhcpdifs = array();
155	c7f44ae0	Scott Ullrich
156	4494cf6a	Chris Buechler	/* loop through and determine if we need to setup
157	8fa56d1f	Scott Ullrich	* failover peer "bleh" entries
158			*/
159			$dhcpnum = 0;
160			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
161	53f32329	Scott Ullrich
162	09f11c71	jim-p	interfaces_staticarp_configure($dhcpif);
163
164	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']))
165			continue;
166
167	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
168	85b13495	jim-p	$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
169			$intip = find_interface_ip($int);
170			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
171	8fa56d1f	Scott Ullrich	/*
172			* yep, failover peer is defined.
173			* does it match up to a defined vip?
174			*/
175	d2edbd8a	Scott Ullrich	$skew = 110;
176	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
177	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
178			foreach ($a_vip as $vipent) {
179			if($int == $real_dhcpif) {
180			/* this is the interface! */
181	ad487c48	jim-p	if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20"))
182	6181b36f	Scott Ullrich	$skew = 0;
183			}
184	8fa56d1f	Scott Ullrich	}
185	25066204	Scott Ullrich	} else {
186			log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!");
187	8fa56d1f	Scott Ullrich	}
188	5e390f54	Scott Ullrich	if($skew > 10) {
189	8fa56d1f	Scott Ullrich	$type = "secondary";
190	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
191	0e93097a	Scott Ullrich	$my_port = "520";
192			$peer_port = "519";
193	8fa56d1f	Scott Ullrich	} else {
194	0e93097a	Scott Ullrich	$my_port = "519";
195			$peer_port = "520";
196	8fa56d1f	Scott Ullrich	$type = "primary";
197	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
198	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
199	8fa56d1f	Scott Ullrich	}
200			$dhcpdconf .= <<<EOPP
201	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
202	8fa56d1f	Scott Ullrich	{$type};
203			address {$intip};
204	0e93097a	Scott Ullrich	port {$my_port};
205	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
206	0e93097a	Scott Ullrich	peer port {$peer_port};
207	2cd5ce14	Scott Ullrich	max-response-delay 10;
208	b865d178	Scott Ullrich	max-unacked-updates 10;
209			{$dhcpdconf_pri}
210	b259d1c6	Scott Ullrich	load balance max seconds 3;
211	8fa56d1f	Scott Ullrich	}
212	c286d395	Scott Ullrich
213	8fa56d1f	Scott Ullrich	EOPP;
214			$dhcpnum++;
215			}
216			}
217
218			$dhcpnum = 0;
219
220	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
221	a25183c5	Scott Ullrich
222	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
223	a25183c5	Scott Ullrich
224	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']) \|\| !isset($Iflist[$dhcpif]))
225	5b237745	Scott Ullrich	continue;
226	a55e9c70	Ermal Lu?i	$ifcfgip = get_interface_ip($dhcpif);
227			$ifcfgsn = get_interface_subnet($dhcpif);
228			$subnet = gen_subnet($ifcfgip, $ifcfgsn);
229			$subnetmask = gen_subnet_mask($ifcfgsn);
230	a25183c5	Scott Ullrich
231	85e3f445	Ermal	if (!is_ipaddr($subnet))
232			continue;
233
234	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
235	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
236	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
237	48ab0cd2	Scott Ullrich
238	5b237745	Scott Ullrich	$dnscfg = "";
239	a25183c5	Scott Ullrich
240	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
241			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
242			}
243	9be23653	Martin Fuchs
244	6f9b8073	Ermal Luçi	if($dhcpifconf['domainsearchlist'] <> "") {
245	9be23653	Martin Fuchs	$dnscfg .= " option domain-search-list \"{$dhcpifconf['domainsearchlist']}\";\n";
246	6f9b8073	Ermal Luçi	}
247	9be23653	Martin Fuchs
248	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
249			if($dhcpifconf['ddnsdomain'] <> "") {
250			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
251			}
252			$dnscfg .= " ddns-update-style interim;\n";
253			}
254
255	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
256	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
257	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
258	a55e9c70	Ermal Lu?i	$dnscfg .= " option domain-name-servers {$ifcfgip};";
259	aff9d6ab	Scott Ullrich	} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
260			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
261			}
262
263	85e3f445	Ermal	$dhcpdconf .= "subnet {$subnet} netmask {$subnetmask} {\n";
264	aff9d6ab	Scott Ullrich	$dhcpdconf .= " pool {\n";
265
266	2589c9bd	Scott Ullrich	/* is failover dns setup? */
267	698f5500	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
268	aff9d6ab	Scott Ullrich	$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
269	698f5500	Scott Ullrich	if($dhcpifconf['dnsserver'][1] <> "")
270			$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
271	e35dfd89	Scott Ullrich	$dhcpdconf .= ";\n";
272	5b237745	Scott Ullrich	}
273	c7f44ae0	Scott Ullrich
274			if($dhcpifconf['failover_peerip'] <> "")
275	aff9d6ab	Scott Ullrich	$dhcpdconf .= " deny dynamic bootp clients;\n";
276	c7f44ae0	Scott Ullrich
277	a25183c5	Scott Ullrich	if (isset($dhcpifconf['denyunknown']))
278	5b237745	Scott Ullrich	$dhcpdconf .= " deny unknown clients;\n";
279	a25183c5	Scott Ullrich
280	5b237745	Scott Ullrich	if ($dhcpifconf['gateway'])
281			$routers = $dhcpifconf['gateway'];
282			else
283	a55e9c70	Ermal Lu?i	$routers = $ifcfgip;
284	a25183c5	Scott Ullrich
285	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
286			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
287			$dhcpnum++;
288			}
289
290	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
291			range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
292			}
293			option routers {$routers};
294			$dnscfg
295
296			EOD;
297	9be23653	Martin Fuchs
298	518030b3	Scott Ullrich	// default-lease-time
299			if ($dhcpifconf['defaultleasetime'])
300	5b237745	Scott Ullrich	$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
301	518030b3	Scott Ullrich
302			// max-lease-time
303	5b237745	Scott Ullrich	if ($dhcpifconf['maxleasetime'])
304			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
305	a25183c5	Scott Ullrich
306	518030b3	Scott Ullrich	// netbios-name*
307	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
308			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
309			$dhcpdconf .= " option netbios-node-type 8;\n";
310			}
311	a25183c5	Scott Ullrich
312	518030b3	Scott Ullrich	// ntp-servers
313	ad171999	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
314			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
315
316	518030b3	Scott Ullrich	// tftp-server-name
317	ee1b024e	Martin Fuchs	if ($dhcpifconf['tftp'] <> "")
318	6c23757b	Martin Fuchs	$dhcpdconf .= " option tftp-server-name \"{$dhcpifconf['tftp']}\";\n";
319
320	518030b3	Scott Ullrich	// Handle option, number rowhelper values
321			$dhcpdconf .= "\n";
322			if($dhcpifconf['numberoptions']['item']) {
323	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
324	678dfd0f	Erik Fonnesbeck	if(empty($item['type']) \|\| $item['type'] == "text")
325			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} \"{$item['value']}\";\n";
326			else
327			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} {$item['value']};\n";
328	518030b3	Scott Ullrich	}
329			}
330
331			// ldap-server
332			if ($dhcpifconf['ldap'] <> "")
333	6c23757b	Martin Fuchs	$dhcpdconf .= " option ldap-server \"{$dhcpifconf['ldap']}\";\n";
334
335	518030b3	Scott Ullrich	// net boot information
336	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
337			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
338			$dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n";
339			$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
340			}
341	ca126e03	Martin Fuchs	if ($dhcpifconf['rootpath'] <> "") {
342			$dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n";
343	518030b3	Scott Ullrich	}
344	4e9cd828	Seth Mos	}
345	ee1b024e	Martin Fuchs
346	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
347			}
348
349			EOD;
350
351			/* add static mappings */
352			if (is_array($dhcpifconf['staticmap'])) {
353	a25183c5	Scott Ullrich
354	5b237745	Scott Ullrich	$i = 0;
355			foreach ($dhcpifconf['staticmap'] as $sm) {
356			$dhcpdconf .= <<<EOD
357			host s_{$dhcpif}_{$i} {
358			hardware ethernet {$sm['mac']};
359
360			EOD;
361			if ($sm['ipaddr'])
362			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
363	a25183c5	Scott Ullrich
364	ad30055f	Ermal Lu?i	if ($sm['hostname']) {
365			$dhhostname = str_replace(" ", "_", $sm['hostname']);
366	46c5b763	pierrepomes	$dhhostname = str_replace(".", "_", $dhhostname);
367	ad30055f	Ermal Lu?i	$dhcpdconf .= " option host-name {$dhhostname};\n";
368			}
369	d6d50244	Ermal	if ($sm['netbootfile'])
370			$dhcpdconf .= " filename \"{$sm['netbootfile']}\";\n";
371	80717709	Martin Fuchs
372	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
373			$i++;
374			}
375			}
376	a25183c5	Scott Ullrich
377	6f9b8073	Ermal Luçi	$dhcpdifs[] = get_real_interface($dhcpif);
378	5b237745	Scott Ullrich	}
379
380			fwrite($fd, $dhcpdconf);
381			fclose($fd);
382
383			/* create an empty leases database */
384	1d023e00	Scott Ullrich	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
385	d8c3d46e	Scott Ullrich	touch("{$g['varrun_path']}/dhcpd.pid");
386
387	a25183c5	Scott Ullrich
388	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
389	de651e21	smos	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf " .
390	5b237745	Scott Ullrich	join(" ", $dhcpdifs));
391	a25183c5	Scott Ullrich
392	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
393	68a0e4fc	Scott Ullrich	print "done.\n";
394	5c6d0f65	Colin Smith	}
395	a25183c5	Scott Ullrich
396	5b237745	Scott Ullrich	return 0;
397			}
398
399	41997fbb	Ermal Luci	function services_igmpproxy_configure() {
400			global $config, $g;
401
402			/* kill any running igmpproxy */
403			killbyname("igmpproxy");
404
405			if (!is_array($config['igmpproxy']['igmpentry']))
406			return 1;
407
408	f206afb5	Ermal	$iflist = get_configured_interface_list();
409
410	41997fbb	Ermal Luci	$igmpconf = <<<EOD
411
412			##------------------------------------------------------
413			## Enable Quickleave mode (Sends Leave instantly)
414			##------------------------------------------------------
415			quickleave
416
417			EOD;
418
419			foreach ($config['igmpproxy']['igmpentry'] as $igmpcf) {
420			unset($iflist[$igmpcf['ifname']]);
421			$realif = get_real_interface($igmpcf['ifname']);
422			if (empty($igmpcf['threshold']))
423			$threshld = 1;
424			else
425			$threshld = $igmpcf['threshold'];
426			$igmpconf .= "phyint {$realif} {$igmpcf['type']} ratelimit 0 threshold {$threshld}\n";
427
428			if ($igmpcf['address'] <> "") {
429			$item = explode(" ", $igmpcf['address']);
430			foreach($item as $iww)
431			$igmpconf .= "altnet {$iww}\n";
432			}
433			$igmpconf .= "\n";
434			}
435			foreach ($iflist as $ifn) {
436			$realif = get_real_interface($ifn);
437			$igmpconf .= "phyint {$realif} disabled\n";
438			}
439	3bae60be	Ermal	$igmpconf .= "\n";
440	41997fbb	Ermal Luci
441			$igmpfl = fopen($g['tmp_path'] . "/igmpproxy.conf", "w");
442			if (!$igmpfl) {
443			log_error("Could not write Igmpproxy configuration file!");
444			return;
445			}
446			fwrite($igmpfl, $igmpconf);
447			fclose($igmpfl);
448
449			mwexec("/usr/local/sbin/igmpproxy -c " . $g['tmp_path'] . "/igmpproxy.conf");
450			log_error("Started Igmpproxy service sucsesfully.");
451
452			return 0;
453			}
454
455	80933129	Bill Marquette	function interfaces_staticarp_configure($if) {
456	f19d3b7a	Scott Ullrich	global $config, $g;
457	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
458	acd910bf	Scott Ullrich	$mt = microtime();
459	dcf0598e	Scott Ullrich	echo "interfaces_staticarp_configure($if) being called $mt\n";
460	acd910bf	Scott Ullrich	}
461	c7f44ae0	Scott Ullrich
462	80933129	Bill Marquette	$ifcfg = $config['interfaces'][$if];
463	5c0538e0	Bill Marquette
464	beeafd46	jim-p	if (empty($if) \|\| empty($ifcfg['if']))
465			return 0;
466
467	5c0538e0	Bill Marquette	/* Enable staticarp, if enabled */
468	80933129	Bill Marquette	if(isset($config['dhcpd'][$if]['staticarp'])) {
469			mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
470	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
471	80933129	Bill Marquette	if (is_array($config['dhcpd'][$if]['staticmap'])) {
472	5c0538e0	Bill Marquette
473	80933129	Bill Marquette	foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
474	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
475
476			}
477	c7f44ae0	Scott Ullrich
478	5c0538e0	Bill Marquette	}
479			} else {
480	80933129	Bill Marquette	mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
481	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
482	5c0538e0	Bill Marquette	}
483
484			return 0;
485			}
486
487	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
488	f19d3b7a	Scott Ullrich	global $config, $g;
489	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
490	acd910bf	Scott Ullrich	$mt = microtime();
491	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
492	acd910bf	Scott Ullrich	}
493	a25183c5	Scott Ullrich
494	5b237745	Scott Ullrich	/* kill any running dhcrelay */
495			killbypid("{$g['varrun_path']}/dhcrelay.pid");
496	a25183c5	Scott Ullrich
497	2f06cc3f	Ermal	$dhcrelaycfg =& $config['dhcrelay'];
498	a25183c5	Scott Ullrich
499	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
500	2f06cc3f	Ermal	if (!isset($dhcrelaycfg['enable']))
501	5b237745	Scott Ullrich	return 0;
502	a25183c5	Scott Ullrich
503	5b237745	Scott Ullrich	if ($g['booting'])
504	f05740c1	Scott Ullrich	echo "Starting DHCP relay service...";
505	5b237745	Scott Ullrich	else
506			sleep(1);
507	a25183c5	Scott Ullrich
508	2f06cc3f	Ermal	$iflist = get_configured_interface_list();
509	a25183c5	Scott Ullrich
510	2f06cc3f	Ermal	$dhcifaces = explode(",", $dhcrelaycfg['interface']);
511			foreach ($dhcifaces as $dhcrelayif) {
512			if (!isset($iflist[$dhcrelayif]) \|\|
513			link_interface_to_bridge($dhcrelayif))
514	5b237745	Scott Ullrich	continue;
515	a25183c5	Scott Ullrich
516	2f06cc3f	Ermal	if (is_ipaddr(get_interface_ip($dhcrelayif)))
517			$dhcrelayifs[] = get_real_interface($dhcrelayif);
518	5b237745	Scott Ullrich	}
519
520	2f06cc3f	Ermal	/*
521			* In order for the relay to work, it needs to be active
522			* on the interface in which the destination server sits.
523			*/
524			$srvips = explode(",", $dhcrelaycfg['server']);
525			foreach ($srvips as $srcidx => $srvip) {
526			unset($destif);
527			foreach ($iflist as $ifname) {
528			$subnet = get_interface_ip($ifname);
529			if (!is_ipaddr($subnet))
530			continue;
531			$subnet .= "/" . get_interface_subnet($ifname);
532			if (ip_in_subnet($srvip, $subnet)) {
533			$destif = get_real_interface($ifname);
534			break;
535			}
536	6f9b154b	Ermal	}
537	2f06cc3f	Ermal	if (!isset($destif)) {
538			if (is_array($config['staticroutes']['route'])) {
539			foreach ($config['staticroutes']['route'] as $rtent) {
540			if (ip_in_subnet($srvip, $rtent['network'])) {
541			$a_gateways = return_gateways_array(true);
542			$destif = $a_gateways[$rtent['gateway']]['interface'];
543			break;
544			}
545	6f9b154b	Ermal	}
546			}
547			}
548	a25183c5	Scott Ullrich
549	2f06cc3f	Ermal	if (!isset($destif)) {
550			/* Create a array from the existing route table */
551			exec("/usr/bin/netstat -rnWf inet", $route_str);
552			array_shift($route_str);
553			array_shift($route_str);
554			array_shift($route_str);
555			array_shift($route_str);
556			$route_arr = array();
557			foreach($route_str as $routeline) {
558			$items = preg_split("/[ ]+/i", $routeline);
559			if (ip_in_subnet($srvip, $items[0])) {
560	5e80046a	Ermal	$destif = trim($items[6]);
561	c935eb77	Ermal	break;
562	2f06cc3f	Ermal	}
563			}
564			}
565
566			if (!isset($destif)) {
567			if (is_array($config['gateways']['gateway_item'])) {
568			foreach ($config['gateways']['gateway_item'] as $gateway) {
569			if (isset($gateway['defaultgw'])) {
570			$a_gateways = return_gateways_array(true);
571			$destif = $a_gateways[$rtent['gateway']]['interface'];
572			break;
573			}
574			}
575			} else
576			$destif = get_real_interface("wan");
577			}
578	a25183c5	Scott Ullrich
579	24997966	Ermal	if (!empty($destif))
580			$dhcrelayifs[] = $destif;
581	2f06cc3f	Ermal	}
582	5b237745	Scott Ullrich	$dhcrelayifs = array_unique($dhcrelayifs);
583
584			/* fire up dhcrelay */
585	24997966	Ermal	if (empty($dhcrelayifs)) {
586	5a171fb7	Warren Baker	log_error("No suitable interface found for running dhcrelay!");
587	24997966	Ermal	return; /* XXX */
588			}
589
590			$cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);
591	5b237745	Scott Ullrich
592	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
593	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
594
595	2f06cc3f	Ermal	$cmd .= " " . implode(" ", $srvips);
596	5b237745	Scott Ullrich	mwexec($cmd);
597	a25183c5	Scott Ullrich
598	5b237745	Scott Ullrich	return 0;
599			}
600
601	181d7c95	Ermal Luçi	function services_dyndns_configure_client($conf) {
602
603	d2946062	Ermal	if (!isset($conf['enable']))
604	65996399	Ermal	return;
605	d2946062	Ermal
606	181d7c95	Ermal Luçi	/* load up the dyndns.class */
607			require_once("dyndns.class");
608
609			log_error("DynDns: Running updatedns()");
610
611			$dns = new updatedns($dnsService = $conf['type'],
612			$dnsHost = $conf['host'],
613			$dnsUser = $conf['username'],
614			$dnsPass = $conf['password'],
615			$dnsWilcard = $conf['wildcard'],
616	9c38bcea	sullrich	$dnsMX = $conf['mx'],
617			$dnsIf = "{$conf['interface']}");
618	181d7c95	Ermal Luçi	}
619
620	0be93267	Ermal Lu?i	function services_dyndns_configure($int = "") {
621	f19d3b7a	Scott Ullrich	global $config, $g;
622	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
623			$mt = microtime();
624			echo "services_dyndns_configure() being called $mt\n";
625			}
626
627	67ee1ec5	Ermal Luçi	$dyndnscfg = $config['dyndnses']['dyndns'];
628
629			if (is_array($dyndnscfg)) {
630	181d7c95	Ermal Luçi	if ($g['booting'])
631			echo "Starting DynDNS clients...";
632
633	67ee1ec5	Ermal Luçi	foreach ($dyndnscfg as $dyndns) {
634	0be93267	Ermal Lu?i	if (!empty($int) && $int != $dyndns['interface'])
635			continue;
636
637	181d7c95	Ermal Luçi	services_dyndns_configure_client($dyndns);
638	67ee1ec5	Ermal Luçi
639	181d7c95	Ermal Luçi	sleep(1);
640	67ee1ec5	Ermal Luçi	}
641	59a63553	Scott Ullrich
642			if ($g['booting'])
643			echo "done.\n";
644			}
645
646			return 0;
647			}
648
649	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
650	f19d3b7a	Scott Ullrich	global $config, $g;
651	6a01ea44	Bill Marquette	$return = 0;
652
653	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
654	acd910bf	Scott Ullrich	$mt = microtime();
655	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
656	acd910bf	Scott Ullrich	}
657
658	5b237745	Scott Ullrich	/* kill any running dnsmasq */
659			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
660
661			if (isset($config['dnsmasq']['enable'])) {
662	a25183c5	Scott Ullrich
663	5b237745	Scott Ullrich	if ($g['booting'])
664	f05740c1	Scott Ullrich	echo "Starting DNS forwarder...";
665	5b237745	Scott Ullrich	else
666			sleep(1);
667
668			/* generate hosts file */
669	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
670			$return = 1;
671	a25183c5	Scott Ullrich
672	5b237745	Scott Ullrich	$args = "";
673	a25183c5	Scott Ullrich
674	0261381a	Ermal	if (isset($config['dnsmasq']['regdhcp'])) {
675			$args .= " --dhcp-hostsfile={$g['varetc_path']}/hosts ";
676			}
677	2c46f11f	Scott Ullrich
678			/* Setup forwarded domains */
679	739b97d9	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
680			foreach($config['dnsmasq']['domainoverrides'] as $override) {
681			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
682			}
683			}
684	0c2b5df7	Scott Ullrich
685	2c46f11f	Scott Ullrich	/* Allow DNS Rebind for forwarded domains */
686	29721fe6	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
687	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
688			foreach($config['dnsmasq']['domainoverrides'] as $override) {
689			$args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
690			}
691	2c46f11f	Scott Ullrich	}
692			}
693	91adc5c1	Scott Ullrich
694	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck']))
695			$dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
696
697	5b237745	Scott Ullrich	/* run dnsmasq */
698	30d20e7d	Scott Ullrich	mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
699	5b237745	Scott Ullrich
700			if ($g['booting'])
701	5c6d0f65	Colin Smith	echo "done.\n";
702	5b237745	Scott Ullrich	}
703	a25183c5	Scott Ullrich
704	5b237745	Scott Ullrich	if (!$g['booting']) {
705	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
706			$return = 1;
707	5b237745	Scott Ullrich	}
708
709	6a01ea44	Bill Marquette	return $return;
710	5b237745	Scott Ullrich	}
711
712			function services_snmpd_configure() {
713	f19d3b7a	Scott Ullrich	global $config, $g;
714	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
715	acd910bf	Scott Ullrich	$mt = microtime();
716	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
717			}
718	5b237745	Scott Ullrich
719			/* kill any running snmpd */
720			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
721	dd18038e	Ermal	sleep(2);
722	bc95f193	Scott Ullrich	if(is_process_running("bsnmpd"))
723	a976fa82	Scott Ullrich	mwexec("/usr/bin/killall bsnmpd", true);
724	5b237745	Scott Ullrich
725			if (isset($config['snmpd']['enable'])) {
726	a25183c5	Scott Ullrich
727	5b237745	Scott Ullrich	if ($g['booting'])
728	5c6d0f65	Colin Smith	echo "Starting SNMP daemon... ";
729	5b237745	Scott Ullrich
730			/* generate snmpd.conf */
731			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
732			if (!$fd) {
733			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
734			return 1;
735			}
736	a25183c5	Scott Ullrich
737	142da8f7	John Fleming
738	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
739	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
740			contact := "{$config['snmpd']['syscontact']}"
741			read := "{$config['snmpd']['rocommunity']}"
742	142da8f7	John Fleming
743			EOD;
744
745			/* No docs on what write strings do there for disable for now.
746			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
747			$snmpdconf .= <<<EOD
748			# write string
749			write := "{$config['snmpd']['rwcommunity']}"
750
751			EOD;
752			}
753			*/
754
755
756			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
757			$snmpdconf .= <<<EOD
758			# SNMP Trap support.
759	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
760			trapport := {$config['snmpd']['trapserverport']}
761			trap := "{$config['snmpd']['trapstring']}"
762	142da8f7	John Fleming
763
764			EOD;
765			}
766
767
768			$snmpdconf .= <<<EOD
769	d47a8a69	Scott Ullrich	system := 1 # pfSense
770			%snmpd
771			begemotSnmpdDebugDumpPdus = 2
772			begemotSnmpdDebugSyslogPri = 7
773			begemotSnmpdCommunityString.0.1 = $(read)
774	142da8f7	John Fleming
775			EOD;
776
777			/* No docs on what write strings do there for disable for now.
778			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
779			$snmpdconf .= <<<EOD
780			begemotSnmpdCommunityString.0.2 = $(write)
781
782			EOD;
783			}
784			*/
785
786	c7f44ae0	Scott Ullrich
787	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
788			$snmpdconf .= <<<EOD
789			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
790			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
791			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
792
793			EOD;
794			}
795
796
797			$snmpdconf .= <<<EOD
798	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
799	03ba7a0f	John Fleming
800			EOD;
801
802	7cbad422	Scott Ullrich	if(isset($config['snmpd']['bindlan'])) {
803	a55e9c70	Ermal Lu?i	$bind_to_ip = get_interface_ip("lan");
804	7cbad422	Scott Ullrich	} else {
805			$bind_to_ip = "0.0.0.0";
806			}
807
808	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
809			$snmpdconf .= <<<EOD
810	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
811	03ba7a0f	John Fleming
812			EOD;
813
814			}
815
816			$snmpdconf .= <<<EOD
817	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
818			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
819	142da8f7	John Fleming
820	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
821	9cc8c59e	Scott Ullrich	sysContact = $(contact)
822			sysLocation = $(location)
823			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
824	142da8f7	John Fleming
825	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
826	03ba7a0f	John Fleming
827			EOD;
828
829			if (is_array( $config['snmpd']['modules'] )) {
830			if(isset($config['snmpd']['modules']['mibii'])) {
831			$snmpdconf .= <<<EOD
832	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
833	03ba7a0f	John Fleming
834			EOD;
835			}
836
837			if(isset($config['snmpd']['modules']['netgraph'])) {
838			$snmpdconf .= <<<EOD
839	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
840			%netgraph
841			begemotNgControlNodeName = "snmpd"
842	03ba7a0f	John Fleming
843			EOD;
844			}
845
846			if(isset($config['snmpd']['modules']['pf'])) {
847			$snmpdconf .= <<<EOD
848	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
849	95fb49e8	Seth Mos
850			EOD;
851			}
852
853			if(isset($config['snmpd']['modules']['hostres'])) {
854			$snmpdconf .= <<<EOD
855			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
856
857			EOD;
858			}
859			if(isset($config['snmpd']['modules']['bridge'])) {
860			$snmpdconf .= <<<EOD
861			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
862	d47a8a69	Scott Ullrich	# config must end with blank line
863	5b237745	Scott Ullrich
864	03ba7a0f	John Fleming
865	5b237745	Scott Ullrich	EOD;
866	03ba7a0f	John Fleming	}
867			}
868	5b237745	Scott Ullrich
869			fwrite($fd, $snmpdconf);
870			fclose($fd);
871
872	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
873			$bindlan = "";
874			}
875
876	853e003a	Scott Ullrich	/* run bsnmpd */
877			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
878	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
879	5b237745	Scott Ullrich
880			if ($g['booting'])
881	5c6d0f65	Colin Smith	echo "done.\n";
882	5b237745	Scott Ullrich	}
883
884			return 0;
885			}
886
887	2ec2a374	Ermal Lu?i	function services_dnsupdate_process($int = "") {
888	f19d3b7a	Scott Ullrich	global $config, $g;
889	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
890	acd910bf	Scott Ullrich	$mt = microtime();
891	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
892	acd910bf	Scott Ullrich	}
893	f19d3b7a	Scott Ullrich
894	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
895	67ee1ec5	Ermal Luçi	if (is_array($config['dnsupdates']['dnsupdate'])) {
896			foreach ($config['dnsupdates']['dnsupdate'] as $i => $dnsupdate) {
897	26586f7a	Ermal Lu?i	if (!isset($dnsupdate['enable']))
898	2ec2a374	Ermal Lu?i	continue;
899	26586f7a	Ermal Lu?i	if (!empty($int) && $int != $dnsupdate['interface'])
900	67ee1ec5	Ermal Luçi	continue;
901
902	2ec2a374	Ermal Lu?i	/* determine interface name */
903	26586f7a	Ermal Lu?i	$if = get_real_interface($dnsupdate['interface']);
904			$wanip = get_interface_ip($dnsupdate['interface']);
905	67ee1ec5	Ermal Luçi	if ($wanip) {
906
907			$keyname = $dnsupdate['keyname'];
908			/* trailing dot */
909			if (substr($keyname, -1) != ".")
910			$keyname .= ".";
911
912			$hostname = $dnsupdate['host'];
913			/* trailing dot */
914			if (substr($hostname, -1) != ".")
915			$hostname .= ".";
916
917			/* write private key file
918			this is dumb - public and private keys are the same for HMAC-MD5,
919			but nsupdate insists on having both */
920			$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.private", "w");
921			$privkey .= <<<EOD
922	a23d7248	Scott Ullrich	Private-key-format: v1.2
923			Algorithm: 157 (HMAC)
924	67ee1ec5	Ermal Luçi	Key: {$dnsupdate['keydata']}
925	a23d7248	Scott Ullrich
926			EOD;
927	67ee1ec5	Ermal Luçi	fwrite($fd, $privkey);
928			fclose($fd);
929
930			/* write public key file */
931			if ($dnsupdate['keytype'] == "zone") {
932			$flags = 257;
933			$proto = 3;
934			} else if ($dnsupdate['keytype'] == "host") {
935			$flags = 513;
936			$proto = 3;
937			} else if ($dnsupdate['keytype'] == "user") {
938			$flags = 0;
939			$proto = 2;
940			}
941	c7f44ae0	Scott Ullrich
942	26586f7a	Ermal Lu?i	$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.key", "w");
943	67ee1ec5	Ermal Luçi	fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
944			fclose($fd);
945
946			/* generate update instructions */
947			$upinst = "";
948			if (!empty($dnsupdate['server']))
949			$upinst .= "server {$dnsupdate['server']}\n";
950			$upinst .= "update delete {$dnsupdate['host']} A\n";
951			$upinst .= "update add {$dnsupdate['host']} {$dnsupdate['ttl']} A {$wanip}\n";
952			$upinst .= "\n"; /* mind that trailing newline! */
953
954			$fd = fopen("{$g['varetc_path']}/nsupdatecmds{$i}", "w");
955			fwrite($fd, $upinst);
956			fclose($fd);
957
958			/* invoke nsupdate */
959	f6d0ad0f	Chris Buechler	$cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
960	67ee1ec5	Ermal Luçi	if (isset($dnsupdate['usetcp']))
961			$cmd .= " -v";
962			$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
963
964			mwexec_bg($cmd);
965			}
966	a23d7248	Scott Ullrich	}
967			}
968	c7f44ae0	Scott Ullrich
969	a23d7248	Scott Ullrich	return 0;
970	5b237745	Scott Ullrich	}
971
972	ac809adb	Scott Ullrich	function setup_wireless_olsr() {
973	f19d3b7a	Scott Ullrich	global $config, $g;
974	834c3bbd	Scott Ullrich	if(!$config['installedpackages']['olsrd'] \|\| !$config['installedpackages'])
975	c7f44ae0	Scott Ullrich	return;
976	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
977	acd910bf	Scott Ullrich	$mt = microtime();
978	f19d3b7a	Scott Ullrich	echo "setup_wireless_olsr($interface) being called $mt\n";
979	acd910bf	Scott Ullrich	}
980	eebeaf0d	Scott Ullrich	conf_mount_rw();
981	78e07da7	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
982	8fb40409	Scott Ullrich	$olsr_enable = $olsrd['enable'];
983			if($olsr_enable <> "on")
984	c7f44ae0	Scott Ullrich	return;
985	ac809adb	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
986	48ab0cd2	Scott Ullrich
987	dad93b75	Scott Ullrich	if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
988			$enableannounce .= "\nHna4\n";
989			$enableannounce .= "{\n";
990	bdd25a82	Scott Ullrich	if($olsrd['announcedynamicroute'])
991			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
992			if($olsrd['enableannounce'] == "on")
993			$enableannounce .= "0.0.0.0 0.0.0.0";
994	dad93b75	Scott Ullrich	$enableannounce .= "\n}\n";
995			} else {
996	48ab0cd2	Scott Ullrich	$enableannounce = "";
997	dad93b75	Scott Ullrich	}
998	48ab0cd2	Scott Ullrich
999	db5fbdb7	Scott Ullrich	$olsr .= <<<EODA
1000	80ce93c6	Scott Ullrich	#
1001			# olsr.org OLSR daemon config file
1002			#
1003			# Lines starting with a # are discarded
1004			#
1005	ac809adb	Scott Ullrich	# This file was generated by setup_wireless_olsr() in services.inc
1006	80ce93c6	Scott Ullrich	#
1007
1008	6d0433a5	Scott Ullrich	# This file is an example of a typical
1009			# configuration for a mostly static
1010			# network(regarding mobility) using
1011			# the LQ extention
1012
1013	80ce93c6	Scott Ullrich	# Debug level(0-9)
1014			# If set to 0 the daemon runs in the background
1015
1016	6d0433a5	Scott Ullrich	DebugLevel 2
1017	80ce93c6	Scott Ullrich
1018			# IP version to use (4 or 6)
1019
1020	6d0433a5	Scott Ullrich	IpVersion 4
1021	80ce93c6	Scott Ullrich
1022			# Clear the screen each time the internal state changes
1023
1024			ClearScreen yes
1025
1026	fa4a6253	Scott Ullrich	{$enableannounce}
1027	80ce93c6	Scott Ullrich
1028			# Should olsrd keep on running even if there are
1029			# no interfaces available? This is a good idea
1030			# for a PCMCIA/USB hotswap environment.
1031			# "yes" OR "no"
1032
1033	6d0433a5	Scott Ullrich	AllowNoInt yes
1034	80ce93c6	Scott Ullrich
1035			# TOS(type of service) value for
1036			# the IP header of control traffic.
1037			# If not set it will default to 16
1038
1039	6d0433a5	Scott Ullrich	#TosValue 16
1040	80ce93c6	Scott Ullrich
1041			# The fixed willingness to use(0-7)
1042			# If not set willingness will be calculated
1043			# dynamically based on battery/power status
1044			# if such information is available
1045
1046	6d0433a5	Scott Ullrich	#Willingness 4
1047	80ce93c6	Scott Ullrich
1048			# Allow processes like the GUI front-end
1049			# to connect to the daemon.
1050
1051			IpcConnect
1052			{
1053			# Determines how many simultaneously
1054			# IPC connections that will be allowed
1055			# Setting this to 0 disables IPC
1056
1057			MaxConnections 0
1058
1059			# By default only 127.0.0.1 is allowed
1060			# to connect. Here allowed hosts can
1061			# be added
1062
1063			Host 127.0.0.1
1064			#Host 10.0.0.5
1065
1066	c7f44ae0	Scott Ullrich	# You can also specify entire net-ranges
1067	80ce93c6	Scott Ullrich	# that are allowed to connect. Multiple
1068			# entries are allowed
1069
1070	c7f44ae0	Scott Ullrich	#Net 192.168.1.0 255.255.255.0
1071	80ce93c6	Scott Ullrich	}
1072
1073			# Wether to use hysteresis or not
1074			# Hysteresis adds more robustness to the
1075			# link sensing but delays neighbor registration.
1076			# Used by default. 'yes' or 'no'
1077
1078	6d0433a5	Scott Ullrich	UseHysteresis no
1079	80ce93c6	Scott Ullrich
1080			# Hysteresis parameters
1081	c7f44ae0	Scott Ullrich	# Do not alter these unless you know
1082	80ce93c6	Scott Ullrich	# what you are doing!
1083			# Set to auto by default. Allowed
1084			# values are floating point values
1085			# in the interval 0,1
1086			# THR_LOW must always be lower than
1087			# THR_HIGH.
1088
1089	6d0433a5	Scott Ullrich	#HystScaling 0.50
1090			#HystThrHigh 0.80
1091			#HystThrLow 0.30
1092	80ce93c6	Scott Ullrich
1093
1094			# Link quality level
1095			# 0 = do not use link quality
1096			# 1 = use link quality for MPR selection
1097			# 2 = use link quality for MPR selection and routing
1098			# Defaults to 0
1099
1100	11bc553c	Scott Ullrich	LinkQualityLevel {$olsrd['enablelqe']}
1101	80ce93c6	Scott Ullrich
1102			# Link quality window size
1103			# Defaults to 10
1104
1105	6d0433a5	Scott Ullrich	LinkQualityWinSize 10
1106	80ce93c6	Scott Ullrich
1107	c7f44ae0	Scott Ullrich	# Polling rate in seconds(float).
1108	80ce93c6	Scott Ullrich	# Default value 0.05 sec
1109
1110	6d0433a5	Scott Ullrich	Pollrate 0.05
1111	80ce93c6	Scott Ullrich
1112
1113			# TC redundancy
1114			# Specifies how much neighbor info should
1115			# be sent in TC messages
1116			# Possible values are:
1117			# 0 - only send MPR selectors
1118			# 1 - send MPR selectors and MPRs
1119			# 2 - send all neighbors
1120			#
1121			# defaults to 0
1122
1123	6d0433a5	Scott Ullrich	TcRedundancy 2
1124	80ce93c6	Scott Ullrich
1125			#
1126			# MPR coverage
1127			# Specifies how many MPRs a node should
1128			# try select to reach every 2 hop neighbor
1129			#
1130			# Can be set to any integer >0
1131			#
1132			# defaults to 1
1133
1134	6d0433a5	Scott Ullrich	MprCoverage 3
1135	80ce93c6	Scott Ullrich
1136	db5fbdb7	Scott Ullrich	# Example plugin entry with parameters:
1137	80ce93c6	Scott Ullrich
1138	db5fbdb7	Scott Ullrich	EODA;
1139	80ce93c6	Scott Ullrich
1140	1a2369f4	Scott Ullrich	if($olsrd['enablehttpinfo'] == "on") {
1141	db5fbdb7	Scott Ullrich	$olsr .= <<<EODB
1142
1143			LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
1144			{
1145	78e07da7	Scott Ullrich	PlParam "port" "{$olsrd['port']}"
1146			PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
1147	db5fbdb7	Scott Ullrich	}
1148	80ce93c6	Scott Ullrich
1149	db5fbdb7	Scott Ullrich	EODB;
1150
1151			}
1152
1153	aac0e00c	Scott Ullrich	if($olsrd['enabledsecure'] == "on") {
1154	db5fbdb7	Scott Ullrich	$olsr .= <<<EODC
1155
1156	e2894d7f	Scott Ullrich	LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
1157	db5fbdb7	Scott Ullrich	{
1158			PlParam "Keyfile" "/usr/local/etc/olsrkey.txt"
1159			}
1160	80ce93c6	Scott Ullrich
1161	db5fbdb7	Scott Ullrich	EODC;
1162
1163			}
1164
1165	1a2369f4	Scott Ullrich	if($olsrd['enabledyngw'] == "on") {
1166	10c6e7a8	Scott Ullrich
1167			/* unset default route, olsr auto negotiates */
1168			mwexec("/sbin/route delete default");
1169	c7f44ae0	Scott Ullrich
1170	db5fbdb7	Scott Ullrich	$olsr .= <<<EODE
1171
1172			LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
1173			{
1174			# how often to look for a inet gw, in seconds
1175			# defaults to 5 secs, if commented out
1176	78e07da7	Scott Ullrich	PlParam "Interval" "{$olsrd['polling']}"
1177	80ce93c6	Scott Ullrich
1178			# if one or more IPv4 addresses are given, do a ping on these in
1179			# descending order to validate that there is not only an entry in
1180			# routing table, but also a real internet connection. If any of
1181			# these addresses could be pinged successfully, the test was
1182			# succesful, i.e. if the ping on the 1st address was successful,the
1183			# 2nd won't be pinged
1184	78e07da7	Scott Ullrich	PlParam "Ping" "{$olsrd['ping']}"
1185	db5fbdb7	Scott Ullrich	#PlParam "HNA" "192.168.81.0 255.255.255.0"
1186			}
1187	80ce93c6	Scott Ullrich
1188	db5fbdb7	Scott Ullrich	EODE;
1189	80ce93c6	Scott Ullrich
1190	db5fbdb7	Scott Ullrich	}
1191	80ce93c6	Scott Ullrich
1192	a4904847	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $conf) {
1193	c7f44ae0	Scott Ullrich	$interfaces = explode(',', $conf['iface_array']);
1194			foreach($interfaces as $interface) {
1195	015b7184	Scott Ullrich	$realinterface = convert_friendly_interface_to_real_interface_name($interface);
1196	c7f44ae0	Scott Ullrich	$olsr .= <<<EODAD
1197			Interface "{$realinterface}"
1198	80ce93c6	Scott Ullrich	{
1199
1200			# Hello interval in seconds(float)
1201	6d0433a5	Scott Ullrich	HelloInterval 2.0
1202	80ce93c6	Scott Ullrich
1203			# HELLO validity time
1204	6d0433a5	Scott Ullrich	HelloValidityTime 20.0
1205	80ce93c6	Scott Ullrich
1206			# TC interval in seconds(float)
1207	6d0433a5	Scott Ullrich	TcInterval 5.0
1208	80ce93c6	Scott Ullrich
1209			# TC validity time
1210	6d0433a5	Scott Ullrich	TcValidityTime 30.0
1211	80ce93c6	Scott Ullrich
1212			# MID interval in seconds(float)
1213	6d0433a5	Scott Ullrich	MidInterval 5.0
1214	80ce93c6	Scott Ullrich
1215			# MID validity time
1216	6d0433a5	Scott Ullrich	MidValidityTime 30.0
1217	80ce93c6	Scott Ullrich
1218			# HNA interval in seconds(float)
1219	6d0433a5	Scott Ullrich	HnaInterval 5.0
1220	80ce93c6	Scott Ullrich
1221			# HNA validity time
1222	6d0433a5	Scott Ullrich	HnaValidityTime 30.0
1223	80ce93c6	Scott Ullrich
1224			# When multiple links exist between hosts
1225			# the weight of interface is used to determine
1226			# the link to use. Normally the weight is
1227			# automatically calculated by olsrd based
1228			# on the characteristics of the interface,
1229			# but here you can specify a fixed value.
1230			# Olsrd will choose links with the lowest value.
1231
1232			# Weight 0
1233
1234
1235			}
1236	ac809adb	Scott Ullrich
1237	c7f44ae0	Scott Ullrich	EODAD;
1238	ac809adb	Scott Ullrich
1239			}
1240	d70f19da	Scott Ullrich	break;
1241	ac809adb	Scott Ullrich	}
1242	db5fbdb7	Scott Ullrich	fwrite($fd, $olsr);
1243			fclose($fd);
1244			}
1245	c7f44ae0	Scott Ullrich
1246	5b991209	Scott Ullrich	if(is_process_running("olsrd"))
1247	73239086	Seth Mos	mwexec("/usr/bin/killall olsrd", true);
1248	97fd5cb8	Scott Ullrich
1249			sleep(2);
1250
1251			mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
1252	c7f44ae0	Scott Ullrich
1253	eebeaf0d	Scott Ullrich	conf_mount_ro();
1254	80ce93c6	Scott Ullrich	}
1255
1256	1071e028	Scott Ullrich	/* configure cron service */
1257			function configure_cron() {
1258			global $g, $config;
1259	e7d3fc15	Ermal
1260	251ca022	Scott Ullrich	conf_mount_rw();
1261	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1262	e7d3fc15	Ermal	$crontab_contents = file("/etc/crontab", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
1263	1071e028	Scott Ullrich
1264	e7d3fc15	Ermal	for ($i = 0; $i < count($crontab_contents); $i++) {
1265			$cron_item =& $crontab_contents[$i];
1266			if (strpos($cron_item, "# pfSense specific crontab entries") !== false) {
1267			array_splice($crontab_contents, $i - 1);
1268	1071e028	Scott Ullrich	break;
1269			}
1270			}
1271	e7d3fc15	Ermal	$crontab_contents = implode("\n", $crontab_contents) . "\n";
1272	1071e028	Scott Ullrich
1273
1274			if (is_array($config['cron']['item'])) {
1275			$crontab_contents .= "#\n";
1276			$crontab_contents .= "# pfSense specific crontab entries\n";
1277			$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
1278			$crontab_contents .= "#\n";
1279
1280			foreach ($config['cron']['item'] as $item) {
1281			$crontab_contents .= "\n{$item['minute']}\t";
1282			$crontab_contents .= "{$item['hour']}\t";
1283			$crontab_contents .= "{$item['mday']}\t";
1284			$crontab_contents .= "{$item['month']}\t";
1285			$crontab_contents .= "{$item['wday']}\t";
1286			$crontab_contents .= "{$item['who']}\t";
1287			$crontab_contents .= "{$item['command']}";
1288			}
1289
1290			$crontab_contents .= "\n#\n";
1291			$crontab_contents .= "# If possible do not add items to this file manually.\n";
1292			$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
1293			$crontab_contents .= "#\n\n";
1294			}
1295
1296			/* please maintain the newline at the end of file */
1297			file_put_contents("/etc/crontab", $crontab_contents);
1298	41d507a5	Scott Ullrich
1299			/* do a HUP kill to force sync changes */
1300	a147b1e0	jim-p	exec('/bin/pkill -HUP cron');
1301	41d507a5	Scott Ullrich
1302	6d6bca27	Ermal Lu?i	conf_mount_ro();
1303	1071e028	Scott Ullrich	}
1304
1305	431484c8	Ryan Wagoner	function upnp_action ($action) {
1306			switch($action) {
1307			case "start":
1308	c1ac2424	Ermal	if (file_exists('/var/etc/miniupnpd.conf')) {
1309			@unlink("{$g['varrun_path']}/miniupnpd.pid");
1310			mwexec_bg("/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf -P {$g['varrun_path']}/miniupnpd.pid");
1311			}
1312	431484c8	Ryan Wagoner	break;
1313			case "stop":
1314	c1ac2424	Ermal	killbypid("{$g['varrun_path']}/miniupnpd.pid");
1315	05c4bfa0	Ermal	while((int)exec("/bin/pgrep -a miniupnpd \| wc -l") > 0)
1316	73239086	Seth Mos	mwexec('killall miniupnpd 2>/dev/null', true);
1317	431484c8	Ryan Wagoner	mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1318			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1319			break;
1320			case "restart":
1321			upnp_action('stop');
1322			upnp_action('start');
1323			break;
1324			}
1325			}
1326
1327	6f20377b	Scott Ullrich	function upnp_start() {
1328	dcc897e5	Ermal	global $config;
1329	0c331f1e	Ermal Lu?i
1330			if(!isset($config['installedpackages']['miniupnpd']['config']))
1331			return;
1332
1333	431484c8	Ryan Wagoner	if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1334	dcc897e5	Ermal	echo "Starting UPnP service... ";
1335			require_once('/usr/local/pkg/miniupnpd.inc');
1336			sync_package_miniupnpd();
1337			echo "done.\n";
1338	6f20377b	Scott Ullrich	}
1339			}
1340
1341	85405c11	jim-p	function install_cron_job($command, $active=false, $minute="0", $hour="", $monthday="", $month="", $weekday="", $who="root") {
1342			global $config, $g;
1343
1344			$is_installed = false;
1345
1346			if(!$config['cron']['item'])
1347			return;
1348
1349			$x=0;
1350			foreach($config['cron']['item'] as $item) {
1351			if(strstr($item['command'], $command)) {
1352			$is_installed = true;
1353			break;
1354			}
1355			$x++;
1356			}
1357
1358			if($active) {
1359			$cron_item = array();
1360			$cron_item['minute'] = $minute;
1361			$cron_item['hour'] = $hour;
1362			$cron_item['mday'] = $monthday;
1363			$cron_item['month'] = $month;
1364			$cron_item['wday'] = $weekday;
1365			$cron_item['who'] = $who;
1366			$cron_item['command'] = $command;
1367			if(!$is_installed) {
1368			$config['cron']['item'][] = $cron_item;
1369			write_config("Installed cron job for {$command}");
1370			} else {
1371			$config['cron']['item'][$x] = $cron_item;
1372			write_config("Updated cron job for {$command}");
1373			}
1374			} else {
1375			if(($is_installed == true) && ($x > 0)) {
1376			unset($config['cron']['item'][$x]);
1377			write_config("Remvoed cron job for {$command}");
1378			}
1379			}
1380			configure_cron();
1381			}
1382
1383	85e3f445	Ermal	?>

Project

General

Profile

pfSense