/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ d64fa7f2

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36	5ba5a8de	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55	f3c91cb5	Erik Fonnesbeck
56			if (isset($sysctls[$id]))
57			return $sysctls[$id];
58	3a35f55f	Scott Ullrich	}
59
60	6df9d7e3	Scott Ullrich	function activate_sysctls() {
61			global $config, $g;
62	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
63	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
64	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
65	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
66	99e88aa0	Ermal Luçi
67	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
68	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
69	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
70			$value = get_default_sysctl_value($tunable['tunable']);
71			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
72			} else {
73	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
74	b2d0140c	Scott Ullrich	}
75	d0b461f5	sullrich	}
76			}
77	6df9d7e3	Scott Ullrich	}
78
79	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
80	c3f535c0	Seth Mos	global $config, $g;
81
82			if(isset($config['system']['developerspew'])) {
83			$mt = microtime();
84			echo "system_resolvconf_generate() being called $mt\n";
85			}
86	ef217c69	Scott Ullrich
87	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
88	ef217c69	Scott Ullrich
89	30cee7b2	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
90			if (!$fd) {
91			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
92			return 1;
93			}
94	ef217c69	Scott Ullrich
95	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
96	ef217c69	Scott Ullrich
97	30cee7b2	Scott Ullrich	$havedns = false;
98	ef217c69	Scott Ullrich
99	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
100	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
101	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
102			foreach($ns as $searchserver) {
103			if($searchserver) {
104			$resolvconf .= "search {$searchserver}\n";
105			$havedns = true;
106			}
107			}
108	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
109			foreach($ns as $nameserver) {
110			if($nameserver) {
111			$resolvconf .= "nameserver $nameserver\n";
112			$havedns = true;
113	e428c94d	Scott Ullrich	}
114	c3f535c0	Seth Mos	}
115	30cee7b2	Scott Ullrich	}
116			if (!$havedns && is_array($syscfg['dnsserver'])) {
117	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
118			if ($ns) {
119			$resolvconf .= "nameserver $ns\n";
120			$havedns = true;
121	e428c94d	Scott Ullrich	}
122	e180a6e3	Scott Ullrich	}
123	c3f535c0	Seth Mos	}
124	0f282d7a	Scott Ullrich
125	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
126			fclose($fd);
127	0f282d7a	Scott Ullrich
128	30cee7b2	Scott Ullrich	if (!$g['booting']) {
129	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
130			if (!$dynupdate)
131			services_dhcpd_configure();
132	30cee7b2	Scott Ullrich	}
133	ef217c69	Scott Ullrich
134	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
135			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
136			/* setup static routes for dns servers */
137			$dnsgw = "dns{$dnscounter}gwint";
138			if (isset($config['system'][$dnsgw])) {
139			$interface = $config['system'][$dnsgw];
140			if (($interface <> "") && ($interface <> "none")) {
141			$gatewayip = get_interface_gateway($interface);
142			if(is_ipaddr($gatewayip)) {
143			/* dns server array starts at 0 */
144	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
145	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
146	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
147	b875f306	Scott Ullrich	}
148			}
149	e180a6e3	Scott Ullrich	}
150	c3f535c0	Seth Mos	}
151
152			return 0;
153	5b237745	Scott Ullrich	}
154
155	86dcdfc9	Ermal	function get_searchdomains() {
156			global $config, $g;
157
158			$master_list = array();
159
160			// Read in dhclient nameservers
161			$search_list = split("\n", `/bin/cat /var/etc/searchdomain_* 2>/dev/null`);
162			if (is_array($search_lists)) {
163			foreach($search_lists as $dns) {
164			if(is_hostname($dns))
165			$master_list[] = $dns;
166			}
167			}
168
169			return $master_list;
170			}
171
172	3d00ccaa	Scott Ullrich	function get_nameservers() {
173			global $config, $g;
174			$master_list = array();
175	30cee7b2	Scott Ullrich
176	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
177	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameserver_* 2>/dev/null`);
178			if (is_array($dns_lists)) {
179	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
180	1033de74	Ermal	if(is_ipaddr($dns))
181	ae9617ae	Ermal	$master_list[] = $dns;
182	60951398	Scott Ullrich	}
183	3d00ccaa	Scott Ullrich	}
184	2a1226ad	Scott Ullrich
185			// Read in any extra nameservers
186			if(file_exists("/var/etc/nameservers.conf")) {
187	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameservers.conf`);
188	2a1226ad	Scott Ullrich	if(is_array($dns_s))
189			foreach($dns_s as $dns)
190	1033de74	Ermal	if (is_ipaddr($dns))
191			$master_list[] = $dns;
192	2a1226ad	Scott Ullrich	}
193
194	3d00ccaa	Scott Ullrich	return $master_list;
195			}
196
197	5b237745	Scott Ullrich	function system_hosts_generate() {
198	f19d3b7a	Scott Ullrich	global $config, $g;
199	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
200			$mt = microtime();
201	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
202	f19d3b7a	Scott Ullrich	}
203	0f282d7a	Scott Ullrich
204	5b237745	Scott Ullrich	$syscfg = $config['system'];
205			$dnsmasqcfg = $config['dnsmasq'];
206
207			if (!is_array($dnsmasqcfg['hosts'])) {
208			$dnsmasqcfg['hosts'] = array();
209			}
210			$hostscfg = $dnsmasqcfg['hosts'];
211	0f282d7a	Scott Ullrich
212	58db1fc4	Ermal	$hosts = "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
213	a55e9c70	Ermal Lu?i
214	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
215			$cfgip = get_interface_ip("lan");
216	f38f8062	Ermal	if (is_ipaddr($cfgip))
217			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
218	e5995f9d	Ermal	} else {
219			$sysiflist = get_configured_interface_list();
220			foreach ($sysiflist as $sysif) {
221			if (!interface_has_gateway($sysif)) {
222			$cfgip = get_interface_ip($sysif);
223			if (is_ipaddr($cfgip)) {
224			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
225			break;
226			}
227			}
228			}
229	f38f8062	Ermal	}
230	0f282d7a	Scott Ullrich
231	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
232			if ($host['host'])
233			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
234			else
235			$hosts .= "{$host['ip']} {$host['domain']}\n";
236			}
237	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
238	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
239			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
240	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
241	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
242			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
243	a56e787d	Scott Ullrich	}
244	58db1fc4	Ermal
245			/*
246			* Do not remove this because dhcpleases monitors with kqueue it needs to be
247			* killed before writing to hosts files.
248			*/
249			if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) {
250			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
251			@unlink("{$g['varrun_path']}/dhcpleases.pid");
252			}
253			$fd = fopen("{$g['varetc_path']}/hosts", "w");
254			if (!$fd) {
255			log_error("Error: cannot open hosts file in system_hosts_generate().\n");
256			return 1;
257			}
258	5b237745	Scott Ullrich	fwrite($fd, $hosts);
259			fclose($fd);
260	0f282d7a	Scott Ullrich
261	24d619f5	Ermal	system_dhcpleases_configure();
262
263			return 0;
264			}
265
266			function system_dhcpleases_configure() {
267	15d456b9	gnhb	global $config, $g;
268
269	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
270			if (isset($config['dnsmasq']['regdhcp'])) {
271			/* Make sure we do not error out */
272			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
273	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
274			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
275			else
276			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
277			} else {
278			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
279			@unlink("{$g['varrun_path']}/dhcpleases.pid");
280			}
281	5b237745	Scott Ullrich	}
282
283			function system_hostname_configure() {
284	f19d3b7a	Scott Ullrich	global $config, $g;
285	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
286			$mt = microtime();
287	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
288	333f8ef0	Scott Ullrich	}
289	0f282d7a	Scott Ullrich
290	5b237745	Scott Ullrich	$syscfg = $config['system'];
291	0f282d7a	Scott Ullrich
292	5b237745	Scott Ullrich	/* set hostname */
293	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
294	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
295	6bfccde7	Scott Ullrich
296			/* Setup host GUID ID. This is used by ZFS. */
297			mwexec("/etc/rc.d/hostid start");
298
299			return $status;
300	5b237745	Scott Ullrich	}
301
302	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
303	962625aa	Ermal	global $config, $g;
304	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
305			$mt = microtime();
306	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
307	58c7450e	Scott Ullrich	}
308	333f8ef0	Scott Ullrich
309	a529aced	Ermal	$gatewayip = "";
310			$interfacegw = "";
311	3cc07282	Ermal	$foundgw = false;
312	a529aced	Ermal	/* tack on all the hard defined gateways as well */
313			if (is_array($config['gateways']['gateway_item'])) {
314	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
315	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
316			if (isset($gateway['defaultgw'])) {
317			if ($gateway['gateway'] == "dynamic")
318			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
319			$gatewayip = $gateway['gateway'];
320			$interfacegw = $gateway['interface'];
321	924f202e	Ermal	if (!empty($interfacegw)) {
322			$defaultif = get_real_interface($gateway['interface']);
323			if ($defaultif)
324			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
325			}
326			$foundgw = true;
327	a529aced	Ermal	break;
328			}
329	6e17413e	Ermal Lu?i	}
330	b24bda08	Scott Ullrich	}
331	3cc07282	Ermal	if ($foundgw == false) {
332			$defaultif = get_real_interface("wan");
333			$interfacegw = "wan";
334			$gatewayip = get_interface_gateway("wan");
335			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
336			}
337	d173230c	Seth Mos	$dont_add_route = false;
338			/* if OLSRD is enabled, allow WAN to house DHCP. */
339			if($config['installedpackages']['olsrd']) {
340			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
341			if($olsrd['enabledyngw'] == "on") {
342			$dont_add_route = true;
343	6e17413e	Ermal Lu?i	break;
344	d173230c	Seth Mos	}
345			}
346			}
347	07b54e8c	smos	/* Create a array from the existing route table */
348			exec("/usr/bin/netstat -rnf inet", $route_str);
349			array_shift($route_str);
350			array_shift($route_str);
351			array_shift($route_str);
352			array_shift($route_str);
353			$route_arr = array();
354			foreach($route_str as $routeline) {
355			$items = preg_split("/[ ]+/i", $routeline);
356	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
357	07b54e8c	smos	}
358
359	1ea67f2e	Ermal	if ($dont_add_route == false ) {
360	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
361	1ea67f2e	Ermal	;
362			else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
363	b61154fb	smos	$action = "add";
364			if(isset($route_arr['default'])) {
365	07b54e8c	smos	$action = "change";
366			}
367	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
368	07b54e8c	smos	mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip));
369	d173230c	Seth Mos	}
370			}
371
372	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
373	a529aced	Ermal	$gateways_arr = return_gateways_array();
374	0f282d7a	Scott Ullrich
375	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
376	a529aced	Ermal	$gatewayip = "";
377	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
378	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
379	a529aced	Ermal	continue;
380			}
381	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
382			if ($interface == $gateway['friendlyiface'])
383			continue;
384			$gatewayip = $gateway['gateway'];
385			$interfacegw = $gateway['interface'];
386	a529aced	Ermal	$action = "add";
387	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
388	a529aced	Ermal	$action = "change";
389
390			if (is_ipaddr($gatewayip)) {
391			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
392	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
393	a529aced	Ermal	} else if (!empty($interfacegw)) {
394			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
395			" -iface " . escapeshellarg($interfacegw));
396	7a98edde	Seth Mos	}
397	5b237745	Scott Ullrich	}
398			}
399	67ee1ec5	Ermal Luçi
400	b9c501ea	Seth Mos	return 0;
401	5b237745	Scott Ullrich	}
402
403			function system_routing_enable() {
404	f19d3b7a	Scott Ullrich	global $config, $g;
405	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
406			$mt = microtime();
407	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
408	58c7450e	Scott Ullrich	}
409	0f282d7a	Scott Ullrich
410	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
411	5b237745	Scott Ullrich	}
412
413			function system_syslogd_start() {
414	f19d3b7a	Scott Ullrich	global $config, $g;
415	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
416			$mt = microtime();
417	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
418	58c7450e	Scott Ullrich	}
419	0f282d7a	Scott Ullrich
420	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
421
422	0f282d7a	Scott Ullrich	if ($g['booting'])
423	f05740c1	Scott Ullrich	echo "Starting syslog...";
424	5b237745	Scott Ullrich	else
425			killbypid("{$g['varrun_path']}/syslog.pid");
426	0f282d7a	Scott Ullrich
427	99f98b80	sullrich	if(is_process_running("syslogd"))
428			mwexec("/usr/bin/killall -9 syslogd");
429			if(is_process_running("fifolog_writer"))
430			mwexec("/usr/bin/killall -9 fifolog_writer");
431	7ee97cb3	Scott Ullrich
432			// Define carious commands for logging
433			$fifolog_create = "/usr/sbin/fifolog_create -s ";
434			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
435			$clog_create = "/usr/sbin/clog -i -s ";
436			$clog_log = "%";
437
438			// Which logging type are we using this week??
439			if(isset($config['system']['usefifolog'])) {
440			$log_directive = $fifolog_log;
441			$log_create_directive = $fifolog_create;
442			} else { // Defaults to CLOG
443			$log_directive = $clog_log;
444			$log_create_directive = $clog_create;
445			}
446
447	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
448	a6607b5f	jim-p	$separatelogfacilities = array('ntpd','racoon','openvpn','pptps','poes','l2tps');
449	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
450	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
451			if($package['logging']) {
452	d589cccf	Warren Baker	array_push($separatelogfacilities, $package['logging']['facilityname']);
453	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
454	eeb52fea	Warren Baker	$syslogconf .= "!{$package['logging']['facilityname']}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
455	a728d2ea	Colin Smith	}
456	0d9d2a1b	Scott Ullrich	}
457			}
458	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
459	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
460	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
461			if (!$fd) {
462			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
463			return 1;
464			}
465	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
466	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
467	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
468	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
469			if (!isset($syslogcfg['disablelocallogging']))
470			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
471	a6607b5f	jim-p	$syslogconf .= "!pptps\n";
472	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
473	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptps.log\n";
474			$syslogconf .= "!poes\n";
475	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
476	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/poes.log\n";
477			$syslogconf .= "!l2tps\n";
478	328efaba	Ermal	if (!isset($syslogcfg['disablelocallogging']))
479	a6607b5f	jim-p	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tps.log\n";
480	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
481	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
482	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
483	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
484			if($syslogcfg['remoteserver'])
485			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
486			if($syslogcfg['remoteserver2'])
487			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
488			if($syslogcfg['remoteserver3'])
489			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
490			}
491	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
492	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
493	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
494	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
495			if($syslogcfg['remoteserver'])
496			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
497			if($syslogcfg['remoteserver2'])
498			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
499			if($syslogcfg['remoteserver3'])
500			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
501			}
502	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
503			if (!isset($syslogcfg['disablelocallogging']))
504			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
505	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
506			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
507	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
508	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
509	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
510	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
511	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
512	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
513			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
514			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
515			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
516			local7.none {$log_directive}{$g['varlog_path']}/system.log
517			security.* {$log_directive}{$g['varlog_path']}/system.log
518			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
519	6d8ff5e9	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf 15
520	9dac9942	Scott Ullrich	.emerg
521	0a123b4c	Scott Ullrich
522	5b237745	Scott Ullrich	EOD;
523	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
524			if($syslogcfg['remoteserver'])
525			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
526			if($syslogcfg['remoteserver2'])
527			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
528			if($syslogcfg['remoteserver3'])
529			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
530
531			}
532			if (isset($syslogcfg['vpn'])) {
533			if($syslogcfg['remoteserver'])
534			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
535			if($syslogcfg['remoteserver2'])
536			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
537			if($syslogcfg['remoteserver3'])
538			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
539			}
540			if (isset($syslogcfg['portalauth'])) {
541			if($syslogcfg['remoteserver'])
542			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
543			if($syslogcfg['remoteserver2'])
544			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
545			if($syslogcfg['remoteserver3'])
546			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
547			}
548			if (isset($syslogcfg['dhcp'])) {
549			if($syslogcfg['remoteserver'])
550			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
551			if($syslogcfg['remoteserver2'])
552			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
553			if($syslogcfg['remoteserver3'])
554			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
555			}
556			if (isset($syslogcfg['system'])) {
557			if($syslogcfg['remoteserver'])
558			$syslogconf .= <<<EOD
559	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
560			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
561			security.* @{$syslogcfg['remoteserver']}
562			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
563			*.emerg @{$syslogcfg['remoteserver']}
564	d2834563	Scott Ullrich
565	5b237745	Scott Ullrich	EOD;
566	be5d59d7	Scott Ullrich
567	07bdaacd	pierrepomes	}
568
569	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
570			if($syslogcfg['remoteserver2'])
571			$syslogconf .= <<<EOD
572			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
573			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
574			security.* @{$syslogcfg['remoteserver2']}
575			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
576			*.emerg @{$syslogcfg['remoteserver2']}
577
578			EOD;
579
580	07bdaacd	pierrepomes	}
581
582	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
583			if($syslogcfg['remoteserver3'])
584			$syslogconf .= <<<EOD
585			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
586			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
587			security.* @{$syslogcfg['remoteserver3']}
588			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
589			*.emerg @{$syslogcfg['remoteserver3']}
590
591			EOD;
592
593			}
594	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
595	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
596			$syslogconf .= <<<EOD
597	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
598
599			EOD;
600	be5d59d7	Scott Ullrich
601			if($syslogcfg['remoteserver2'])
602			$syslogconf .= <<<EOD
603			. @{$syslogcfg['remoteserver2']}
604
605			EOD;
606
607			if($syslogcfg['remoteserver3'])
608			$syslogconf .= <<<EOD
609			. @{$syslogcfg['remoteserver3']}
610
611			EOD;
612
613			}
614	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
615			fclose($fd);
616	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
617			if(strpos($syslogconf, "@") != false)
618	f8895161	jim-p	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
619	6a638a89	Scott Ullrich	else
620	65f7fba8	Scott Ullrich	$retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf");
621	5b237745	Scott Ullrich
622			} else {
623	65f7fba8	Scott Ullrich	$retval = mwexec("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log");
624	5b237745	Scott Ullrich	}
625	0f282d7a	Scott Ullrich
626	5b237745	Scott Ullrich	if ($g['booting'])
627	5c6d0f65	Colin Smith	echo "done.\n";
628	0f282d7a	Scott Ullrich
629	5b237745	Scott Ullrich	return $retval;
630			}
631
632			function system_pccard_start() {
633	f19d3b7a	Scott Ullrich	global $config, $g;
634	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
635			$mt = microtime();
636	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
637	58c7450e	Scott Ullrich	}
638	0f282d7a	Scott Ullrich
639	5b237745	Scott Ullrich	if ($g['booting'])
640	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
641	0f282d7a	Scott Ullrich
642	5b237745	Scott Ullrich	/* kill any running pccardd */
643			killbypid("{$g['varrun_path']}/pccardd.pid");
644	0f282d7a	Scott Ullrich
645	5b237745	Scott Ullrich	/* fire up pccardd */
646			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
647	0f282d7a	Scott Ullrich
648	5b237745	Scott Ullrich	if ($g['booting']) {
649			if ($res == 0)
650	5c6d0f65	Colin Smith	echo "done.\n";
651	5b237745	Scott Ullrich	else
652	5c6d0f65	Colin Smith	echo "failed!\n";
653	5b237745	Scott Ullrich	}
654	0f282d7a	Scott Ullrich
655	5b237745	Scott Ullrich	return $res;
656			}
657
658	819197a8	Scott Ullrich
659	5b237745	Scott Ullrich	function system_webgui_start() {
660	f19d3b7a	Scott Ullrich	global $config, $g;
661	877ac35d	Scott Ullrich
662			if ($g['booting'])
663	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
664	877ac35d	Scott Ullrich
665	383a4439	Scott Ullrich	/* kill any running lighttpd */
666	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
667
668	e9d0bf64	Scott Ullrich	sleep(1);
669
670	877ac35d	Scott Ullrich	chdir($g['www_path']);
671
672	fb1266d3	Matthew Grooms	/* defaults */
673			$portarg = "80";
674			$crt = "";
675			$key = "";
676	2cf6ddcb	Nigel Graham	$ca = "";
677	fb1266d3	Matthew Grooms
678	877ac35d	Scott Ullrich	/* non-standard port? */
679	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
680	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
681	877ac35d	Scott Ullrich
682			if ($config['system']['webgui']['protocol'] == "https") {
683	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
684	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
685	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
686	1e332e98	jim-p	if (!is_array($config['ca']))
687			$config['ca'] = array();
688			$a_ca =& $config['ca'];
689			if (!is_array($config['cert']))
690			$config['cert'] = array();
691			$a_cert =& $config['cert'];
692	0cdaaa8e	Chris Buechler	echo "Creating SSL Certificate... ";
693	aab4ca82	Scott Ullrich	$cert = array();
694			$cert['refid'] = uniqid();
695	f2a86ca9	jim-p	$cert['descr'] = "webConfigurator default";
696	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
697			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
698			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
699			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
700			unlink("{$g['tmp_path']}/ssl.key");
701			unlink("{$g['tmp_path']}/ssl.crt");
702	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
703			$a_cert[] = $cert;
704			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
705			write_config("Importing HTTPS certificate");
706			if(!$config['system']['webgui']['port'])
707			$portarg = "443";
708			$ca = ca_chain($cert);
709	edc8a9f8	jim-p	} else {
710	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
711			$key = base64_decode($cert['prv']);
712			if(!$config['system']['webgui']['port'])
713			$portarg = "443";
714	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
715	edc8a9f8	jim-p	}
716	877ac35d	Scott Ullrich	}
717
718			/* generate lighttpd configuration */
719			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
720	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
721	877ac35d	Scott Ullrich
722			/* attempt to start lighthttpd */
723			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
724
725	cc093472	sullrich	/* fetch page to preload apc cache */
726	eb0f4fc6	Ermal Lu?i	$proto = "http";
727			if ($config['system']['webgui']['protocol'])
728			$proto = $config['system']['webgui']['protocol'];
729	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
730	cc093472	sullrich
731	877ac35d	Scott Ullrich	if ($g['booting']) {
732			if ($res == 0)
733			echo "done.\n";
734			else
735			echo "failed!\n";
736			}
737
738			return $res;
739			}
740
741	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
742			$cert,
743			$key,
744	2cf6ddcb	Nigel Graham	$ca,
745	eb0f441c	Scott Ullrich	$pid_file,
746			$port = 80,
747			$document_root = "/usr/local/www/",
748			$cert_location = "cert.pem",
749	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
750	1b666ae2	Scott Ullrich	$max_procs = 2,
751	280b75d9	Scott Ullrich	$max_requests = "2",
752	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
753			$captive_portal = false) {
754	58c7450e	Scott Ullrich
755	f19d3b7a	Scott Ullrich	global $config, $g;
756
757	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
758			mkdir("{$g['tmp_path']}/lighttpdcompress");
759	570ef08c	sullrich
760	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
761			$mt = microtime();
762	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
763	58c7450e	Scott Ullrich	}
764
765	eb0f441c	Scott Ullrich	if($captive_portal == true) {
766			$captiveportal = ",\"mod_rewrite\"";
767	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
768	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
769			$maxprocperip = $config['captiveportal']['maxprocperip'];
770	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
771			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
772			else
773			$captive_portal_mod_evasive = "";
774	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
775			exec("mkdir -p {$g['tmp_path']}/captiveportal");
776			exec("chmod a-w {$g['tmp_path']}/captiveportal");
777	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
778	b0bdc06e	Scott Ullrich	} else {
779	3435dc35	Ermal Lu?i	$captiveportal = "";
780			$captive_portal_rewrite = "";
781	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
782			$captive_portal_mod_evasive = "";
783	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
784	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
785	eb0f441c	Scott Ullrich	}
786	3306a341	Scott Ullrich
787	28cae949	Scott Ullrich	if($port <> "")
788			$lighty_port = $port;
789			else
790			$lighty_port = "80";
791	3d77d4c4	Scott Ullrich
792			$memory = get_memory();
793			$avail = $memory[0];
794
795	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
796			$fast_cgi_enable = false;
797			}
798
799	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
800			if($captive_portal == true) {
801			if($avail > 65 and $avail < 98) {
802			$max_procs = 1;
803			}
804			if($avail > 97 and $avail < 128) {
805			$max_procs = 2;
806			}
807			if($avail > 127 and $avail < 256) {
808			$max_procs = 3;
809			}
810			if($avail > 255 and $avail < 384) {
811			$max_procs = 4;
812			}
813			if($avail > 383) {
814			$max_procs = 5;
815			}
816	b0bdc06e	Scott Ullrich	}
817
818	6e337a84	Scott Ullrich	if($captive_portal == true) {
819			$bin_environment = <<<EOC
820	5e041d5f	Scott Ullrich	"bin-environment" => (
821	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
822			"PHP_FCGI_MAX_REQUESTS" => "500"
823	6e337a84	Scott Ullrich	),
824			EOC;
825
826	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
827			$bin_environment = <<<EOC
828	980df75c	Scott Ullrich	"bin-environment" => (
829	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
830	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
831	04f4a116	Ermal Luçi	),
832
833			EOC;
834			} else
835	980df75c	Scott Ullrich	$bin_environment = <<<EOC
836			"bin-environment" => (
837			"PHP_FCGI_CHILDREN" => "$max_procs",
838			"PHP_FCGI_MAX_REQUESTS" => "500"
839			),
840			EOC;
841
842	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
843	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
844	4edb490d	Scott Ullrich	$cgi_config = "";
845			$fastcgi_config = <<<EOD
846			#### fastcgi module
847			## read fastcgi.txt for more info
848	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
849			( "localhost" =>
850			(
851	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
852	980df75c	Scott Ullrich	"min-procs" => 0,
853	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
854	6e337a84	Scott Ullrich	{$bin_environment}
855	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
856			)
857			)
858			)
859	4edb490d	Scott Ullrich
860	dde4f60c	Scott Ullrich	#### CGI module
861	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
862	dde4f60c	Scott Ullrich
863	4edb490d	Scott Ullrich	EOD;
864			} else {
865			$fastcgi_config = "";
866			$module = "\"mod_cgi\"";
867			$cgi_config = <<<EOD
868			#### CGI module
869			cgi.assign = ( ".php" => "/usr/local/bin/php",
870	d4302f46	Espen Johansen	".cgi" => "" )
871	333f8ef0	Scott Ullrich
872	4edb490d	Scott Ullrich	EOD;
873			}
874	333f8ef0	Scott Ullrich
875	3435dc35	Ermal Lu?i	$lighty_config = "";
876	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
877	28cae949	Scott Ullrich	#
878	a632cf43	Scott Ullrich	# lighttpd configuration file
879			#
880			# use a it as base for lighttpd 1.0.0 and above
881	28cae949	Scott Ullrich	#
882	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
883
884	770b4b9c	Scott Ullrich	## FreeBSD!
885	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
886			server.network-backend = "writev"
887	096261af	Scott Ullrich
888	a632cf43	Scott Ullrich	## modules to load
889	4edb490d	Scott Ullrich	server.modules = (
890	c93ad789	Scott Ullrich	{$captive_portal_module}
891	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
892	c93ad789	Scott Ullrich	{$module}{$captiveportal}
893			)
894	28cae949	Scott Ullrich
895			## Unused modules
896	6a019c11	Scott Ullrich	# "mod_setenv",
897			# "mod_rewrite",
898	28cae949	Scott Ullrich	# "mod_ssi",
899			# "mod_usertrack",
900			# "mod_expire",
901			# "mod_secdownload",
902			# "mod_rrdtool",
903	a632cf43	Scott Ullrich	# "mod_auth",
904			# "mod_status",
905	28cae949	Scott Ullrich	# "mod_alias",
906	a632cf43	Scott Ullrich	# "mod_proxy",
907			# "mod_simple_vhost",
908			# "mod_evhost",
909			# "mod_userdir",
910	28cae949	Scott Ullrich	# "mod_cgi",
911	a632cf43	Scott Ullrich
912	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
913			server.max-keep-alive-idle = 30
914
915	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
916			## server.virtual-* options
917	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
918	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
919	a632cf43	Scott Ullrich
920	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
921			server.max-write-idle = 999
922
923	a632cf43	Scott Ullrich	## where to send error-messages to
924	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
925	a632cf43	Scott Ullrich
926			# files to check for if .../ is requested
927			server.indexfiles = ( "index.php", "index.html",
928			"index.htm", "default.htm" )
929
930			# mimetype mapping
931			mimetype.assign = (
932			".pdf" => "application/pdf",
933			".sig" => "application/pgp-signature",
934			".spl" => "application/futuresplash",
935			".class" => "application/octet-stream",
936			".ps" => "application/postscript",
937			".torrent" => "application/x-bittorrent",
938			".dvi" => "application/x-dvi",
939			".gz" => "application/x-gzip",
940			".pac" => "application/x-ns-proxy-autoconfig",
941			".swf" => "application/x-shockwave-flash",
942			".tar.gz" => "application/x-tgz",
943			".tgz" => "application/x-tgz",
944			".tar" => "application/x-tar",
945			".zip" => "application/zip",
946			".mp3" => "audio/mpeg",
947			".m3u" => "audio/x-mpegurl",
948			".wma" => "audio/x-ms-wma",
949			".wax" => "audio/x-ms-wax",
950			".ogg" => "audio/x-wav",
951			".wav" => "audio/x-wav",
952			".gif" => "image/gif",
953			".jpg" => "image/jpeg",
954			".jpeg" => "image/jpeg",
955			".png" => "image/png",
956			".xbm" => "image/x-xbitmap",
957			".xpm" => "image/x-xpixmap",
958			".xwd" => "image/x-xwindowdump",
959			".css" => "text/css",
960			".html" => "text/html",
961			".htm" => "text/html",
962			".js" => "text/javascript",
963			".asc" => "text/plain",
964			".c" => "text/plain",
965			".conf" => "text/plain",
966			".text" => "text/plain",
967			".txt" => "text/plain",
968			".dtd" => "text/xml",
969			".xml" => "text/xml",
970			".mpeg" => "video/mpeg",
971			".mpg" => "video/mpeg",
972			".mov" => "video/quicktime",
973			".qt" => "video/quicktime",
974			".avi" => "video/x-msvideo",
975			".asf" => "video/x-ms-asf",
976			".asx" => "video/x-ms-asf",
977			".wmv" => "video/x-ms-wmv",
978			".bz2" => "application/x-bzip",
979			".tbz" => "application/x-bzip-compressed-tar",
980			".tar.bz2" => "application/x-bzip-compressed-tar"
981			)
982
983			# Use the "Content-Type" extended attribute to obtain mime type if possible
984			#mimetypes.use-xattr = "enable"
985
986			#### accesslog module
987	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
988	a632cf43	Scott Ullrich
989			## deny access the file-extensions
990			#
991			# ~ is for backupfiles from vi, emacs, joe, ...
992			# .inc is often used for code includes which should in general not be part
993			# of the document-root
994			url.access-deny = ( "~", ".inc" )
995
996
997			######### Options that are good to be but not neccesary to be changed #######
998
999			## bind to port (default: 80)
1000	28cae949	Scott Ullrich	server.port = {$lighty_port}
1001	a632cf43	Scott Ullrich
1002			## error-handler for status 404
1003			#server.error-handler-404 = "/error-handler.html"
1004			#server.error-handler-404 = "/error-handler.php"
1005
1006			## to help the rc.scripts
1007			server.pid-file = "/var/run/{$pid_file}"
1008
1009			## virtual directory listings
1010	28cae949	Scott Ullrich	server.dir-listing = "disable"
1011	a632cf43	Scott Ullrich
1012			## enable debugging
1013	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1014			debug.log-response-header = "disable"
1015			debug.log-request-handling = "disable"
1016			debug.log-file-not-found = "disable"
1017	a632cf43	Scott Ullrich
1018	570ef08c	sullrich	# gzip compression
1019	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1020	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1021
1022	3306a341	Scott Ullrich	{$server_upload_dirs}
1023	1ef7b568	Scott Ullrich
1024	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1025	ee959dc4	Scott Ullrich
1026	4edb490d	Scott Ullrich	{$fastcgi_config}
1027
1028			{$cgi_config}
1029	a632cf43	Scott Ullrich
1030	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1031
1032	569f47e9	Scott Ullrich	expire.url = (
1033	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1034	569f47e9	Scott Ullrich	)
1035
1036	a632cf43	Scott Ullrich	EOD;
1037
1038	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1039	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1040	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1041	7aae518a	Scott Ullrich
1042			$cert = str_replace("\n\n", "\n", $cert);
1043	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1044	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1045	7aae518a	Scott Ullrich
1046	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1047	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1048	5b237745	Scott Ullrich	if (!$fd) {
1049			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1050			return 1;
1051			}
1052	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1053	5b237745	Scott Ullrich	fwrite($fd, $cert);
1054			fwrite($fd, "\n");
1055			fwrite($fd, $key);
1056			fclose($fd);
1057	2cf6ddcb	Nigel Graham	if($ca <> "") {
1058			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1059			if (!$fd) {
1060			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1061			return 1;
1062			}
1063			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1064			fwrite($fd, $ca);
1065			fclose($fd);
1066			}
1067	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1068	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1069	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1070	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1071	2cf6ddcb	Nigel Graham	if($ca <> "")
1072			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1073	5b237745	Scott Ullrich	}
1074	a978a0ff	Chris Buechler
1075			// Add HTTP to HTTPS redirect
1076			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1077	7921e8e5	Chris Buechler	if($lighty_port != "443")
1078			$redirectport = ":{$lighty_port}";
1079	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1080			\$SERVER["socket"] == ":80" {
1081			\$HTTP["host"] =~ "(.*)" {
1082	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1083	d7e230ae	Chris Buechler	}
1084			}
1085			EOD;
1086			}
1087	0f282d7a	Scott Ullrich
1088	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1089	a632cf43	Scott Ullrich	if (!$fd) {
1090	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1091	a632cf43	Scott Ullrich	return 1;
1092	5b237745	Scott Ullrich	}
1093	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1094			fclose($fd);
1095
1096			return 0;
1097	0f282d7a	Scott Ullrich
1098	5b237745	Scott Ullrich	}
1099
1100			function system_timezone_configure() {
1101	f19d3b7a	Scott Ullrich	global $config, $g;
1102	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1103			$mt = microtime();
1104	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1105	333f8ef0	Scott Ullrich	}
1106	5b237745	Scott Ullrich
1107			$syscfg = $config['system'];
1108
1109			if ($g['booting'])
1110	f05740c1	Scott Ullrich	echo "Setting timezone...";
1111	5b237745	Scott Ullrich
1112			/* extract appropriate timezone file */
1113			$timezone = $syscfg['timezone'];
1114			if (!$timezone)
1115			$timezone = "Etc/UTC";
1116	0f282d7a	Scott Ullrich
1117	34febcde	Scott Ullrich	conf_mount_rw();
1118
1119	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1120	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1121
1122	4efd4885	Scott Ullrich	mwexec("sync");
1123	27150275	Scott Ullrich	conf_mount_ro();
1124	34febcde	Scott Ullrich
1125	5b237745	Scott Ullrich	if ($g['booting'])
1126	5c6d0f65	Colin Smith	echo "done.\n";
1127	5b237745	Scott Ullrich	}
1128
1129			function system_ntp_configure() {
1130	f19d3b7a	Scott Ullrich	global $config, $g;
1131	5b237745	Scott Ullrich
1132	c8960970	Ermal	$syscfg =& $config['system'];
1133	5b237745	Scott Ullrich
1134	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1135			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1136			if(!$fd) {
1137	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1138	20b90e0a	Scott Ullrich	return;
1139	5b237745	Scott Ullrich	}
1140
1141	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1142			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1143			fwrite($fd, "# \n\n");
1144	0f282d7a	Scott Ullrich
1145	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1146			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1147			fwrite($fd, "servers {$ts}\n");
1148	0f282d7a	Scott Ullrich
1149	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1150	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1151			/* server config is in coregui1 */
1152	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1153			if ($xmlsettings['enable'] == 'on') {
1154			$ifaces = explode(',', $xmlsettings['interface']);
1155	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1156	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1157			$ips = array_map('find_interface_ip', $ifaces);
1158			foreach ($ips as $ip) {
1159	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1160	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1161			}
1162	95594e5a	Scott Ullrich	}
1163			}
1164
1165	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1166	0f282d7a	Scott Ullrich
1167	20b90e0a	Scott Ullrich	/* slurp! */
1168			fclose($fd);
1169
1170			/* if openntpd is running, kill it */
1171	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1172	c8960970	Ermal	killbyname("ntpd");
1173	5f3e1f12	Scott Ullrich	}
1174
1175			/* if /var/empty does not exist, create it */
1176			if(!is_dir("/var/empty"))
1177			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1178
1179	401a6674	Ermal	if ($g['booting'])
1180			return;
1181
1182	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1183			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1184	83eb4567	Scott Ullrich
1185			// Note that we are starting up
1186			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1187	0f282d7a	Scott Ullrich
1188	5b237745	Scott Ullrich	}
1189
1190	652cf082	Seth Mos	function sync_system_time() {
1191			global $config, $g;
1192
1193			$syscfg = $config['system'];
1194
1195			if ($g['booting'])
1196	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1197	652cf082	Seth Mos
1198			/* foreach through servers and write out to ntpd.conf */
1199			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1200			mwexec("/usr/sbin/ntpdate -s $ts");
1201			}
1202	4582b281	Scott Ullrich
1203			if ($g['booting'])
1204			echo "done.\n";
1205
1206	652cf082	Seth Mos	}
1207
1208	405e5de0	Scott Ullrich	function system_halt() {
1209			global $g;
1210
1211			system_reboot_cleanup();
1212
1213	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1214	405e5de0	Scott Ullrich	}
1215
1216	5b237745	Scott Ullrich	function system_reboot() {
1217			global $g;
1218	0f282d7a	Scott Ullrich
1219	5b237745	Scott Ullrich	system_reboot_cleanup();
1220	0f282d7a	Scott Ullrich
1221	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1222			}
1223
1224			function system_reboot_sync() {
1225			global $g;
1226	0f282d7a	Scott Ullrich
1227	5b237745	Scott Ullrich	system_reboot_cleanup();
1228	0f282d7a	Scott Ullrich
1229	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1230			}
1231
1232			function system_reboot_cleanup() {
1233	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1234	04967d99	jim-p	require_once("captiveportal.inc");
1235	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1236	336e3c1c	Charlie	require_once("voucher.inc");
1237			voucher_save_db_to_config();
1238	5b237745	Scott Ullrich	}
1239
1240			function system_do_shell_commands($early = 0) {
1241	f19d3b7a	Scott Ullrich	global $config, $g;
1242	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1243			$mt = microtime();
1244	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1245	58c7450e	Scott Ullrich	}
1246	0f282d7a	Scott Ullrich
1247	5b237745	Scott Ullrich	if ($early)
1248			$cmdn = "earlyshellcmd";
1249			else
1250			$cmdn = "shellcmd";
1251	0f282d7a	Scott Ullrich
1252	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1253	333f8ef0	Scott Ullrich
1254	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1255	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1256			exec($cmd);
1257			}
1258	245388b4	Scott Ullrich
1259			} elseif($config['system'][$cmdn] <> "") {
1260	333f8ef0	Scott Ullrich
1261	245388b4	Scott Ullrich	/* execute single item */
1262			exec($config['system'][$cmdn]);
1263
1264	5b237745	Scott Ullrich	}
1265			}
1266
1267			function system_console_configure() {
1268	f19d3b7a	Scott Ullrich	global $config, $g;
1269	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1270			$mt = microtime();
1271	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1272	333f8ef0	Scott Ullrich	}
1273	0f282d7a	Scott Ullrich
1274	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1275			touch("{$g['varetc_path']}/disableconsole");
1276			} else {
1277			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1278			}
1279			}
1280
1281			function system_dmesg_save() {
1282	f19d3b7a	Scott Ullrich	global $g;
1283	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1284			$mt = microtime();
1285	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1286	f19d3b7a	Scott Ullrich	}
1287	0f282d7a	Scott Ullrich
1288	767a716e	Scott Ullrich	$dmesg = "";
1289	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1290	0f282d7a	Scott Ullrich
1291	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1292			$lastcpline = 0;
1293	0f282d7a	Scott Ullrich
1294	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1295			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1296			$lastcpline = $i;
1297			}
1298	0f282d7a	Scott Ullrich
1299	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1300			if (!$fd) {
1301			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1302			return 1;
1303			}
1304	0f282d7a	Scott Ullrich
1305	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1306			fwrite($fd, $dmesg[$i] . "\n");
1307	0f282d7a	Scott Ullrich
1308	5b237745	Scott Ullrich	fclose($fd);
1309	0f282d7a	Scott Ullrich
1310	5b237745	Scott Ullrich	return 0;
1311			}
1312
1313			function system_set_harddisk_standby() {
1314	f19d3b7a	Scott Ullrich	global $g, $config;
1315	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1316			$mt = microtime();
1317	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1318	58c7450e	Scott Ullrich	}
1319	5b237745	Scott Ullrich
1320			if (isset($config['system']['harddiskstandby'])) {
1321			if ($g['booting']) {
1322	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1323	5b237745	Scott Ullrich	}
1324
1325			$standby = $config['system']['harddiskstandby'];
1326			// Check for a numeric value
1327			if (is_numeric($standby)) {
1328			// Sync the disk(s)
1329	5ba5a8de	Scott Ullrich	pfSense_sync();
1330	5b237745	Scott Ullrich	if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1331			// Reinitialize ATA-drives
1332			mwexec('/usr/local/sbin/atareinit');
1333			if ($g['booting']) {
1334	5c6d0f65	Colin Smith	echo "done.\n";
1335	5b237745	Scott Ullrich	}
1336			} else if ($g['booting']) {
1337	5c6d0f65	Colin Smith	echo "failed!\n";
1338	5b237745	Scott Ullrich	}
1339			} else if ($g['booting']) {
1340	5c6d0f65	Colin Smith	echo "failed!\n";
1341	5b237745	Scott Ullrich	}
1342			}
1343			}
1344
1345	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1346	f19d3b7a	Scott Ullrich	global $config;
1347	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1348			$mt = microtime();
1349	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1350	58c7450e	Scott Ullrich	}
1351	243aa7b9	Scott Ullrich
1352	6df9d7e3	Scott Ullrich	activate_sysctls();
1353
1354	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1355			system_disable_arp_wrong_if();
1356			}
1357			}
1358
1359			function system_disable_arp_wrong_if() {
1360	f19d3b7a	Scott Ullrich	global $config;
1361	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1362			$mt = microtime();
1363	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1364	333f8ef0	Scott Ullrich	}
1365	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1366	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1367	3ff9d424	Scott Ullrich	}
1368
1369	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1370	f19d3b7a	Scott Ullrich	global $config;
1371	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1372			$mt = microtime();
1373	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1374	58c7450e	Scott Ullrich	}
1375	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1376	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1377	243aa7b9	Scott Ullrich	}
1378
1379	a199b93e	Scott Ullrich	function enable_watchdog() {
1380			global $config;
1381	1a479479	Scott Ullrich	return;
1382	a199b93e	Scott Ullrich	$install_watchdog = false;
1383			$supported_watchdogs = array("Geode");
1384			$file = file_get_contents("/var/log/dmesg.boot");
1385			foreach($supported_watchdogs as $sd) {
1386			if(stristr($file, "Geode")) {
1387			$install_watchdog = true;
1388			}
1389			}
1390			if($install_watchdog == true) {
1391	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1392	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1393	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1394	a199b93e	Scott Ullrich	}
1395			}
1396	15f14889	Scott Ullrich
1397			function system_check_reset_button() {
1398	fa83737d	Scott Ullrich	global $g;
1399	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1400	fa83737d	Scott Ullrich	return 0;
1401	15f14889	Scott Ullrich
1402	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1403
1404	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1405			return 0;
1406
1407			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1408
1409			if ($retval == 99) {
1410			/* user has pressed reset button for 2 seconds -
1411			reset to factory defaults */
1412			echo <<<EOD
1413
1414			***********************************************************************
1415			* Reset button pressed - resetting configuration to factory defaults. *
1416			* The system will reboot after this completes. *
1417			***********************************************************************
1418
1419
1420			EOD;
1421
1422			reset_factory_defaults();
1423			system_reboot_sync();
1424			exit(0);
1425			}
1426
1427			return 0;
1428			}
1429
1430	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1431			Returns an array with two elements:
1432			name => platform string (e.g. 'wrap', 'alix' etc.)
1433			descr => human-readable description (e.g. "PC Engines WRAP")
1434			*/
1435			function system_identify_specific_platform() {
1436			global $g;
1437
1438			if ($g['platform'] == 'generic-pc')
1439			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1440
1441			if ($g['platform'] == 'generic-pc-cdrom')
1442			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1443
1444			/* the rest of the code only deals with 'embedded' platforms */
1445	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1446	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1447
1448			$dmesg = system_get_dmesg_boot();
1449
1450			if (strpos($dmesg, "PC Engines WRAP") !== false)
1451			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1452
1453			if (strpos($dmesg, "PC Engines ALIX") !== false)
1454			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1455
1456			if (preg_match("/Soekris net45../", $dmesg, $matches))
1457			return array('name' => 'net45xx', 'descr' => $matches[0]);
1458
1459			if (preg_match("/Soekris net48../", $dmesg, $matches))
1460			return array('name' => 'net48xx', 'descr' => $matches[0]);
1461
1462			if (preg_match("/Soekris net55../", $dmesg, $matches))
1463			return array('name' => 'net55xx', 'descr' => $matches[0]);
1464
1465			/* unknown embedded platform */
1466			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1467			}
1468
1469			function system_get_dmesg_boot() {
1470			global $g;
1471	d16af75d	Scott Ullrich
1472	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1473			}
1474
1475	65f7fba8	Scott Ullrich	?>

Project

General

Profile

pfSense