Project

General

Profile

Download (11.5 KB) Statistics
| Branch: | Tag: | Revision:
1
#!/usr/local/bin/php-cgi -f
2
<?php
3
/*
4
	rc.bootup
5
	part of pfSense by Scott Ullrich
6
	originally based on m0n0wall (http://m0n0.ch/wall)
7
	Copyright (C) 2004-2009 Scott Ullrich <sullrich@pfsense.org>.
8
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9
	Copyright (C) 2009 Erik Kristensen
10
	All rights reserved.
11

    
12
	Redistribution and use in source and binary forms, with or without
13
	modification, are permitted provided that the following conditions are met:
14

    
15
	1. Redistributions of source code must retain the above copyright notice,
16
	   this list of conditions and the following disclaimer.
17

    
18
	2. Redistributions in binary form must reproduce the above copyright
19
	   notice, this list of conditions and the following disclaimer in the
20
	   documentation and/or other materials provided with the distribution.
21

    
22
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31
	POSSIBILITY OF SUCH DAMAGE.
32
*/
33

    
34
function rescue_detect_keypress() {
35
	// How long do you want the script to wait before moving on (in seconds)
36
	$timeout=9;
37
	echo "\n";
38
	echo "[ Press R to enter recovery mode or ]\n";
39
	echo "[  press I to launch the installer  ]\n\n";
40
	echo "(R)ecovery mode can assist by rescuing config.xml\n";
41
	echo "from a broken hard disk installation, etc.\n\n";
42
	echo "(I)nstaller will be invoked\n\n";
43
	echo "Timeout before auto boot continues (seconds): {$timeout}";
44
	$key = null;
45
	exec("/bin/stty erase " . chr(8));
46
	while (!in_array($key, array("r", "R", "i", "I"))) {
47
		echo chr(8) . "{$timeout}";
48
		`/bin/stty -icanon min 0 time 25`;
49
		$key = trim(`KEY=\`dd count=1 2>/dev/null\`; echo \$KEY`);
50
		`/bin/stty icanon`;
51
		// Decrement our timeout value
52
		$timeout--;
53
		// If we have reached 0 exit and continue on
54
		if ($timeout == 0) {
55
			break;
56
		}
57
	}
58
	// If R or I was pressed do our logic here
59
	if (in_array($key, array("r", "R"))) {
60
		putenv("TERM=cons25");
61
		echo "\n\nRecovery mode selected...\n";
62
		passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer rescue");
63
	} else {
64
		putenv("TERM=cons25");
65
		echo "\n\nInstaller mode selected...\n";
66
		passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer");
67
	}
68

    
69
	passthru("/etc/rc.reboot");
70
	exit;
71
}
72

    
73
echo " done.\n";
74

    
75
echo "Initializing...";
76
echo ".";
77
require_once("/etc/inc/globals.inc");
78
echo ".";
79
require_once("/etc/inc/led.inc");
80
led_normalize();
81
echo ".";
82
if (led_count() >= 3) {
83
	led_kitt();
84
}
85

    
86
/* let the other functions know we're booting */
87
$pkg_interface = 'console';
88
$g['booting'] = true;
89

    
90
/* parse the configuration and include all functions used below */
91
require_once("/etc/inc/config.inc");
92
echo ".";
93
require_once("/etc/inc/config.console.inc");
94
echo ".";
95
require_once("/etc/inc/auth.inc");
96
echo ".";
97
require_once("/etc/inc/functions.inc");
98
echo ".";
99
require_once("/etc/inc/filter.inc");
100
echo ".";
101
require_once("/etc/inc/shaper.inc");
102
echo ".";
103
require_once("/etc/inc/ipsec.inc");
104
echo ".";
105
require_once("/etc/inc/vpn.inc");
106
echo ".";
107
require_once("/etc/inc/openvpn.inc");
108
echo ".";
109
require_once("/etc/inc/captiveportal.inc");
110
echo ".";
111
require_once("/etc/inc/rrd.inc");
112
echo ".";
113
require_once("/etc/inc/pfsense-utils.inc");
114
echo ".";
115

    
116
/* get system memory amount */
117
$memory = get_memory();
118
$physmem = $memory[0];
119
$realmem = $memory[1];
120
echo " done.\n";
121

    
122
conf_mount_rw();
123

    
124
/* save dmesg output to file */
125
system_dmesg_save();
126

    
127
/* check whether config reset is desired (via hardware button on WRAP/ALIX) */
128
system_check_reset_button();
129

    
130
/* remove previous firmware upgrade if present */
131
if (file_exists("/root/firmware.tgz")) {
132
	unlink("/root/firmware.tgz");
133
}
134

    
135
/* Reinstall of packages after reboot has been requested */
136
if (file_exists('/conf/needs_package_sync_after_reboot')) {
137
	touch('/conf/needs_package_sync');
138
	@unlink('/conf/needs_package_sync_after_reboot');
139
}
140

    
141
/* start devd (dhclient now uses it) */
142
echo "Starting device manager (devd)...";
143
mute_kernel_msgs();
144
start_devd();
145
set_device_perms();
146
unmute_kernel_msgs();
147
echo "done.\n";
148

    
149
// Display rescue configuration option
150
if ($g['platform'] == "cdrom") {
151
	rescue_detect_keypress();
152
}
153

    
154
echo "Loading configuration...";
155
parse_config_bootup();
156
echo "done.\n";
157

    
158
/* run any early shell commands specified in config.xml */
159
system_do_shell_commands(1);
160

    
161
if (file_exists("/conf/trigger_initial_wizard")) {
162
	check_for_alternate_interfaces();
163
}
164

    
165
/*
166
 *	Determine if we need to throw a interface exception
167
 *	and ask the user to reassign interfaces.  This will
168
 *	avoid a reboot and that is a good thing.
169
 */
170
while (is_interface_mismatch() == true) {
171
	led_assigninterfaces();
172
	if (isset($config['revision'])) {
173
		if (file_exists("{$g['tmp_path']}/missing_interfaces")) {
174
			echo "Warning: Configuration references interfaces that do not exist: " . file_get_contents("{$g['tmp_path']}/missing_interfaces") . "\n";
175
		}
176
		echo "\nNetwork interface mismatch -- Running interface assignment option.\n";
177
	} else {
178
		echo "\nDefault interfaces not found -- Running interface assignment option.\n";
179
	}
180
	$ifaces = get_interface_list();
181
	if (is_array($ifaces)) {
182
		foreach ($ifaces as $iface => $ifdata) {
183
			interfaces_bring_up($iface);
184
		}
185
	}
186
	set_networking_interfaces_ports();
187
	led_kitt();
188
}
189

    
190
/* convert config and clean backups */
191
echo "Updating configuration...";
192
convert_config();
193
echo "done.\n";
194

    
195
echo "Cleaning backup cache...";
196
cleanup_backupcache(true);
197
echo "done.\n";
198

    
199
/* read in /etc/sysctl.conf and set values if needed */
200
echo "Setting up extended sysctls...";
201
system_setup_sysctl();
202
echo "done.\n";
203

    
204
/* enable optional crypto modules */
205
load_crypto();
206

    
207
/* enable optional thermal sensor modules */
208
load_thermal_hardware();
209

    
210
/* set up our timezone */
211
system_timezone_configure();
212

    
213
/* set up our hostname */
214
system_hostname_configure();
215

    
216
/* make hosts file */
217
system_hosts_generate();
218

    
219
/* configure loopback interface */
220
interfaces_loopback_configure();
221

    
222
/* start syslogd */
223
system_syslogd_start();
224

    
225
echo "Starting Secure Shell Services...";
226
send_event("service reload sshd");
227
echo "done.\n";
228

    
229
/* setup polling */
230
echo "Setting up polling defaults...";
231
setup_polling();
232
echo "done.\n";
233

    
234
/* setup interface microcode which improves tcp/ip speed */
235
echo "Setting up interfaces microcode...";
236
setup_microcode();
237
echo "done.\n";
238

    
239
/* set up interfaces */
240
if (!$debugging) {
241
	mute_kernel_msgs();
242
}
243
interfaces_configure();
244
interfaces_sync_setup();
245
if (!$debugging) {
246
	unmute_kernel_msgs();
247
}
248

    
249
/* re-make hosts file after configuring interfaces */
250
system_hosts_generate();
251

    
252
/* start OpenVPN server & clients */
253
echo "Syncing OpenVPN settings...";
254
openvpn_resync_all();
255
echo "done.\n";
256

    
257
/* generate resolv.conf */
258
system_resolvconf_generate();
259

    
260
/* setup altq + pf */
261
filter_configure_sync();
262

    
263
/* start pflog */
264
echo "Starting PFLOG...";
265
filter_pflog_start();
266
echo "done.\n";
267

    
268
/* reconfigure our gateway monitor */
269
echo "Setting up gateway monitors...";
270
setup_gateways_monitor();
271
echo "done.\n";
272

    
273
echo "Synchronizing user settings...";
274
local_sync_accounts();
275
echo "done.\n";
276

    
277
if ($realmem > 0 and $realmem < 65) {
278
	echo "System has less than 65 megabytes of ram {$realmem}.  Delaying webConfigurator startup.\n";
279
	/* start webConfigurator up on final pass */
280
	mwexec("/usr/local/sbin/pfSctl -c 'service restart webgui'");
281
} else {
282
	/* start web server */
283
	system_webgui_start();
284
}
285

    
286
/* configure cron service */
287
echo "Configuring CRON...";
288
configure_cron();
289
echo "done.\n";
290

    
291
/* set up static routes */
292
system_routing_configure();
293

    
294
/* enable routing */
295
system_routing_enable();
296

    
297
/* start dnsmasq service */
298
services_dnsmasq_configure();
299

    
300
/* start unbound service */
301
services_unbound_configure();
302

    
303
/* Do an initial time sync */
304
echo "Starting NTP time client...";
305
/* At bootup this will just write the config, ntpd will launch from ntpdate_sync_once.sh */
306
system_ntp_configure(false);
307
mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true);
308
echo "done.\n";
309

    
310
/* start load balancer daemon */
311
relayd_configure();
312

    
313
/* configure console menu */
314
system_console_configure();
315

    
316
/* start DHCP service */
317
services_dhcpd_configure();
318

    
319
/* start dhcpleases dhcp hosts leases program */
320
system_dhcpleases_configure();
321

    
322
/* start DHCP relay */
323
services_dhcrelay_configure();
324

    
325
/* start DHCP6 relay */
326
services_dhcrelay6_configure();
327

    
328
/* dyndns service updates */
329
send_event("service reload dyndnsall");
330

    
331
/* Run a filter configure now that most all services have started */
332
filter_configure_sync();
333

    
334
/* setup pppoe and pptp */
335
vpn_setup();
336

    
337
/* start the captive portal */
338
captiveportal_configure();
339

    
340
/* start Voucher support */
341
voucher_configure();
342

    
343
/* run any shell commands specified in config.xml */
344
system_do_shell_commands();
345

    
346
/* start IPsec tunnels */
347
$ipsec_dynamic_hosts = vpn_ipsec_configure();
348

    
349
/* start SNMP service */
350
services_snmpd_configure();
351

    
352
/* power down hard drive if needed/set */
353
system_set_harddisk_standby();
354

    
355
/* lock down console if necessary */
356
reload_ttys();
357

    
358
/* load graphing functions */
359
enable_rrd_graphing();
360

    
361
/* enable watchdog if supported */
362
enable_watchdog();
363

    
364
/* if <system><afterbootupshellcmd> exists, execute the command */
365
if ($config['system']['afterbootupshellcmd'] <> "") {
366
	echo "Running afterbootupshellcmd {$config['system']['afterbootupshellcmd']}\n";
367
	mwexec($config['system']['afterbootupshellcmd']);
368
}
369

    
370
if ($physmem < $g['minimum_ram_warning']) {
371
	require_once("/etc/inc/notices.inc");
372
	file_notice("{$g['product_name']}MemoryRequirements", "{$g['product_name']} requires at least {$g['minimum_ram_warning_text']} of RAM.  Expect unusual performance.  This platform is not supported.", "Memory", "", 1);
373
	set_sysctl(array(
374
		"net.inet.tcp.recvspace" => "4096",
375
		"net.inet.tcp.sendspace" => "4096"
376
	));
377
}
378

    
379
/* if we are operating at 1000 then increase timeouts.
380
   this was never accounted for after moving to 1000 hz */
381
$kern_hz = get_single_sysctl('kern.clockrate');
382
$kern_hz = substr($kern_hz, strpos($kern_hz, "hz = ") + 5);
383
$kern_hz = substr($kern_hz, 0, strpos($kern_hz, ","));
384
if ($kern_hz == "1000") {
385
	set_single_sysctl("net.inet.tcp.rexmit_min" , "30");
386
}
387

    
388
/* start the igmpproxy daemon */
389
services_igmpproxy_configure();
390

    
391
/* start the upnp daemon if it is enabled */
392
upnp_start();
393

    
394
/* If powerd is enabled, lets launch it */
395
activate_powerd();
396

    
397
/* Set preferred protocol */
398
prefer_ipv4_or_ipv6();
399

    
400
/* Remove the old shutdown binary if we kept it. */
401
if (file_exists("/sbin/shutdown.old")) {
402
	@unlink("/sbin/shutdown.old");
403
}
404

    
405
/* Resync / Reinstall packages if need be */
406
if (file_exists('/conf/needs_package_sync') &&
407
    ($g['platform'] == $g['product_name'] || $g['platform'] == "nanobsd")) {
408
	require_once("pkg-utils.inc");
409
	mark_subsystem_dirty('packagelock');
410
	if (package_reinstall_all()) {
411
		@unlink('/conf/needs_package_sync');
412
	}
413
	clear_subsystem_dirty('packagelock');
414
}
415

    
416
/* Give syslogd a kick after everything else has been initialized, otherwise it can occasionally
417
   fail to route syslog messages properly on both IPv4 and IPv6 */
418
system_syslogd_start();
419

    
420
/* done */
421
unset($g['booting']);
422
@unlink("{$g['varrun_path']}/booting");
423

    
424
/* If there are ipsec dynamic hosts try again to reload the tunnels as rc.newipsecdns does */
425
if ($ipsec_dynamic_hosts) {
426
	vpn_ipsec_configure();
427
}
428
if ($ipsec_dynamic_hosts || !empty($filterdns)) {
429
	filter_configure();
430
}
431

    
432
led_normalize();
433

    
434
conf_mount_ro();
435

    
436
?>
(33-33/102)