/etc/inc/system.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/system.inc @ da6155e0

1	5b237745	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			system.inc
5			part of m0n0wall (http://m0n0.ch/wall)
6	0f282d7a	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	0f282d7a	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	0f282d7a	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	0f282d7a	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	0f282d7a	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	523855b0	Scott Ullrich	/*
33			pfSense_BUILDER_BINARIES: /usr/sbin/powerd /usr/bin/killall /sbin/sysctl /sbin/route
34			pfSense_BUILDER_BINARIES: /bin/hostname /bin/ls /usr/bin/netstat /usr/sbin/syslogd
35			pfSense_BUILDER_BINARIES: /usr/sbin/pccardd /usr/local/sbin/lighttpd /bin/chmod /bin/mkdir
36			pfSense_BUILDER_BINARIES: /usr/bin/tar /bin/sync /usr/local/sbin/ntpd /usr/sbin/ntpdate
37	c3b13d60	jim-p	pfSense_BUILDER_BINARIES: /usr/bin/nohup /sbin/dmesg /usr/local/sbin/atareinit /sbin/kldload
38	523855b0	Scott Ullrich	pfSense_MODULE: utils
39			*/
40	0f282d7a	Scott Ullrich
41	8e9fa41d	Scott Ullrich	function activate_powerd() {
42			global $config, $g;
43			if(isset($config['system']['powerd_enable'])) {
44	c3b13d60	jim-p	if ($g["platform"] == "nanobsd")
45			exec("/sbin/kldload cpufreq");
46	8e9fa41d	Scott Ullrich	exec("/usr/sbin/powerd -b adp -a adp");
47			} else {
48	1e5c49aa	sullrich	if(is_process_running("powerd"))
49			exec("/usr/bin/killall powerd");
50	8e9fa41d	Scott Ullrich	}
51			}
52
53	3a35f55f	Scott Ullrich	function get_default_sysctl_value($id) {
54			global $sysctls;
55			foreach($sysctls as $sysctl => $value) {
56			if($sysctl == $id)
57			return $value;
58			}
59			}
60
61	6df9d7e3	Scott Ullrich	function activate_sysctls() {
62			global $config, $g;
63	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001");
64	ddcb7b8c	Bill Marquette	exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001");
65	08c7e2e3	Chris Buechler	exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002");
66	c0192947	Scott Ullrich	exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002");
67	99e88aa0	Ermal Luçi
68	3a35f55f	Scott Ullrich	if(is_array($config['sysctl'])) {
69	cac19f50	Scott Ullrich	foreach($config['sysctl']['item'] as $tunable) {
70	b2d0140c	Scott Ullrich	if($tunable['value'] == "default") {
71			$value = get_default_sysctl_value($tunable['tunable']);
72			mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $value . "\"");
73			} else {
74	09f82b11	Administrator	mwexec("/sbin/sysctl " . $tunable['tunable'] . "=\"" . $tunable['value'] . "\"");
75	b2d0140c	Scott Ullrich	}
76	d0b461f5	sullrich	}
77			}
78	6df9d7e3	Scott Ullrich	}
79
80	5b237745	Scott Ullrich	function system_resolvconf_generate($dynupdate = false) {
81	c3f535c0	Seth Mos	global $config, $g;
82
83			if(isset($config['system']['developerspew'])) {
84			$mt = microtime();
85			echo "system_resolvconf_generate() being called $mt\n";
86			}
87	ef217c69	Scott Ullrich
88	30cee7b2	Scott Ullrich	$syscfg = $config['system'];
89	ef217c69	Scott Ullrich
90	30cee7b2	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/resolv.conf", "w");
91			if (!$fd) {
92			printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n");
93			return 1;
94			}
95	ef217c69	Scott Ullrich
96	30cee7b2	Scott Ullrich	$resolvconf = "domain {$syscfg['domain']}\n";
97	ef217c69	Scott Ullrich
98	30cee7b2	Scott Ullrich	$havedns = false;
99	ef217c69	Scott Ullrich
100	30cee7b2	Scott Ullrich	if (isset($syscfg['dnsallowoverride'])) {
101	c3f535c0	Seth Mos	/* get dynamically assigned DNS servers (if any) */
102	86dcdfc9	Ermal	$ns = array_unique(get_searchdomains());
103			foreach($ns as $searchserver) {
104			if($searchserver) {
105			$resolvconf .= "search {$searchserver}\n";
106			$havedns = true;
107			}
108			}
109	c3f535c0	Seth Mos	$ns = array_unique(get_nameservers());
110			foreach($ns as $nameserver) {
111			if($nameserver) {
112			$resolvconf .= "nameserver $nameserver\n";
113			$havedns = true;
114	e428c94d	Scott Ullrich	}
115	c3f535c0	Seth Mos	}
116	30cee7b2	Scott Ullrich	}
117			if (!$havedns && is_array($syscfg['dnsserver'])) {
118	c3f535c0	Seth Mos	foreach ($syscfg['dnsserver'] as $ns) {
119			if ($ns) {
120			$resolvconf .= "nameserver $ns\n";
121			$havedns = true;
122	e428c94d	Scott Ullrich	}
123	e180a6e3	Scott Ullrich	}
124	c3f535c0	Seth Mos	}
125	0f282d7a	Scott Ullrich
126	30cee7b2	Scott Ullrich	fwrite($fd, $resolvconf);
127			fclose($fd);
128	0f282d7a	Scott Ullrich
129	30cee7b2	Scott Ullrich	if (!$g['booting']) {
130	c3f535c0	Seth Mos	/* restart dhcpd (nameservers may have changed) */
131			if (!$dynupdate)
132			services_dhcpd_configure();
133	30cee7b2	Scott Ullrich	}
134	ef217c69	Scott Ullrich
135	c3f535c0	Seth Mos	/* setup static routes for DNS servers. */
136			for ($dnscounter=1; $dnscounter<5; $dnscounter++) {
137			/* setup static routes for dns servers */
138			$dnsgw = "dns{$dnscounter}gwint";
139			if (isset($config['system'][$dnsgw])) {
140			$interface = $config['system'][$dnsgw];
141			if (($interface <> "") && ($interface <> "none")) {
142			$gatewayip = get_interface_gateway($interface);
143			if(is_ipaddr($gatewayip)) {
144			/* dns server array starts at 0 */
145	b875f306	Scott Ullrich	$dnscountermo = $dnscounter - 1;
146	84d07e67	Seth Mos	mwexec("route delete -host {$syscfg['dnsserver'][$dnscountermo]}", true);
147	c3f535c0	Seth Mos	mwexec("route add -host {$syscfg['dnsserver'][$dnscountermo]} {$gatewayip}");
148	b875f306	Scott Ullrich	}
149			}
150	e180a6e3	Scott Ullrich	}
151	c3f535c0	Seth Mos	}
152
153			return 0;
154	5b237745	Scott Ullrich	}
155
156	86dcdfc9	Ermal	function get_searchdomains() {
157			global $config, $g;
158
159			$master_list = array();
160
161			// Read in dhclient nameservers
162			$search_list = split("\n", `/bin/cat /var/etc/searchdomain_* 2>/dev/null`);
163			if (is_array($search_lists)) {
164			foreach($search_lists as $dns) {
165			if(is_hostname($dns))
166			$master_list[] = $dns;
167			}
168			}
169
170			return $master_list;
171			}
172
173	3d00ccaa	Scott Ullrich	function get_nameservers() {
174			global $config, $g;
175			$master_list = array();
176	30cee7b2	Scott Ullrich
177	2a1226ad	Scott Ullrich	// Read in dhclient nameservers
178	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameserver_* 2>/dev/null`);
179			if (is_array($dns_lists)) {
180	60951398	Scott Ullrich	foreach($dns_lists as $dns) {
181	1033de74	Ermal	if(is_ipaddr($dns))
182	ae9617ae	Ermal	$master_list[] = $dns;
183	60951398	Scott Ullrich	}
184	3d00ccaa	Scott Ullrich	}
185	2a1226ad	Scott Ullrich
186			// Read in any extra nameservers
187			if(file_exists("/var/etc/nameservers.conf")) {
188	1033de74	Ermal	$dns_lists = split("\n", `/bin/cat /var/etc/nameservers.conf`);
189	2a1226ad	Scott Ullrich	if(is_array($dns_s))
190			foreach($dns_s as $dns)
191	1033de74	Ermal	if (is_ipaddr($dns))
192			$master_list[] = $dns;
193	2a1226ad	Scott Ullrich	}
194
195	3d00ccaa	Scott Ullrich	return $master_list;
196			}
197
198	5b237745	Scott Ullrich	function system_hosts_generate() {
199	f19d3b7a	Scott Ullrich	global $config, $g;
200	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
201			$mt = microtime();
202	dcf0598e	Scott Ullrich	echo "system_hosts_generate() being called $mt\n";
203	f19d3b7a	Scott Ullrich	}
204	0f282d7a	Scott Ullrich
205	5b237745	Scott Ullrich	$syscfg = $config['system'];
206			$dnsmasqcfg = $config['dnsmasq'];
207
208			if (!is_array($dnsmasqcfg['hosts'])) {
209			$dnsmasqcfg['hosts'] = array();
210			}
211			$hostscfg = $dnsmasqcfg['hosts'];
212	0f282d7a	Scott Ullrich
213	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/hosts", "w");
214			if (!$fd) {
215	8f525719	Scott Ullrich	log_error("Error: cannot open hosts file in system_hosts_generate().\n");
216	5b237745	Scott Ullrich	return 1;
217			}
218	0f282d7a	Scott Ullrich
219	f38f8062	Ermal	$hosts .= "127.0.0.1 localhost localhost.{$syscfg['domain']}\n";
220	a55e9c70	Ermal Lu?i
221	e5995f9d	Ermal	if ($config['interfaces']['lan']) {
222			$cfgip = get_interface_ip("lan");
223	f38f8062	Ermal	if (is_ipaddr($cfgip))
224			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
225	e5995f9d	Ermal	} else {
226			$sysiflist = get_configured_interface_list();
227			foreach ($sysiflist as $sysif) {
228			if (!interface_has_gateway($sysif)) {
229			$cfgip = get_interface_ip($sysif);
230			if (is_ipaddr($cfgip)) {
231			$hosts .= "{$cfgip} {$syscfg['hostname']}.{$syscfg['domain']} {$syscfg['hostname']}\n";
232			break;
233			}
234			}
235			}
236	f38f8062	Ermal	}
237	0f282d7a	Scott Ullrich
238	5b237745	Scott Ullrich	foreach ($hostscfg as $host) {
239			if ($host['host'])
240			$hosts .= "{$host['ip']} {$host['host']}.{$host['domain']} {$host['host']}\n";
241			else
242			$hosts .= "{$host['ip']} {$host['domain']}\n";
243			}
244	da6155e0	Erik Fonnesbeck	if (isset($dnsmasqcfg['regdhcpstatic']) && is_array($config['dhcpd'])) {
245	6a01ea44	Bill Marquette	foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
246			if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
247	a56e787d	Scott Ullrich	foreach ($dhcpifconf['staticmap'] as $host)
248	6a01ea44	Bill Marquette	if ($host['ipaddr'] && $host['hostname'])
249			$hosts .= "{$host['ipaddr']} {$host['hostname']}.{$syscfg['domain']} {$host['hostname']}\n";
250	a56e787d	Scott Ullrich	}
251	5b237745	Scott Ullrich	fwrite($fd, $hosts);
252			fclose($fd);
253	0f282d7a	Scott Ullrich
254	24d619f5	Ermal	system_dhcpleases_configure();
255
256			return 0;
257			}
258
259			function system_dhcpleases_configure() {
260	15d456b9	gnhb	global $config, $g;
261
262	956950de	Ermal	/* Start the monitoring process for dynamic dhcpclients. */
263			if (isset($config['dnsmasq']['regdhcp'])) {
264			/* Make sure we do not error out */
265			@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
266	15d456b9	gnhb	if (file_exists("{$g['varrun_path']}/dhcpleases.pid"))
267			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP");
268			else
269			mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts");
270			} else {
271			sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM");
272			@unlink("{$g['varrun_path']}/dhcpleases.pid");
273			}
274	5b237745	Scott Ullrich	}
275
276			function system_hostname_configure() {
277	f19d3b7a	Scott Ullrich	global $config, $g;
278	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
279			$mt = microtime();
280	dcf0598e	Scott Ullrich	echo "system_hostname_configure() being called $mt\n";
281	333f8ef0	Scott Ullrich	}
282	0f282d7a	Scott Ullrich
283	5b237745	Scott Ullrich	$syscfg = $config['system'];
284	0f282d7a	Scott Ullrich
285	5b237745	Scott Ullrich	/* set hostname */
286	6bfccde7	Scott Ullrich	$status = mwexec("/bin/hostname " .
287	5b237745	Scott Ullrich	escapeshellarg("{$syscfg['hostname']}.{$syscfg['domain']}"));
288	6bfccde7	Scott Ullrich
289			/* Setup host GUID ID. This is used by ZFS. */
290			mwexec("/etc/rc.d/hostid start");
291
292			return $status;
293	5b237745	Scott Ullrich	}
294
295	1ea67f2e	Ermal	function system_routing_configure($interface = "") {
296	962625aa	Ermal	global $config, $g;
297	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
298			$mt = microtime();
299	dcf0598e	Scott Ullrich	echo "system_routing_configure() being called $mt\n";
300	58c7450e	Scott Ullrich	}
301	333f8ef0	Scott Ullrich
302	0f282d7a	Scott Ullrich	/* Enable fast routing, if enabled */
303	a529aced	Ermal	/* XXX: More checks need to be done for subsystems that are not compatibel with fast routing. */
304	c64d5028	Ermal	if(isset($config['staticroutes']['enablefastrouting']) && !isset($config['ipsec']['enable']))
305	0f282d7a	Scott Ullrich	mwexec("/sbin/sysctl net.inet.ip.fastforwarding=1");
306
307	a529aced	Ermal	$gatewayip = "";
308			$interfacegw = "";
309	3cc07282	Ermal	$foundgw = false;
310	a529aced	Ermal	/* tack on all the hard defined gateways as well */
311			if (is_array($config['gateways']['gateway_item'])) {
312	d499c12b	Ermal	mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true);
313	a529aced	Ermal	foreach ($config['gateways']['gateway_item'] as $gateway) {
314			if (isset($gateway['defaultgw'])) {
315			if ($gateway['gateway'] == "dynamic")
316			$gateway['gateway'] = get_interface_gateway($gateway['interface']);
317			$gatewayip = $gateway['gateway'];
318			$interfacegw = $gateway['interface'];
319	924f202e	Ermal	if (!empty($interfacegw)) {
320			$defaultif = get_real_interface($gateway['interface']);
321			if ($defaultif)
322			@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip);
323			}
324			$foundgw = true;
325	a529aced	Ermal	break;
326			}
327	6e17413e	Ermal Lu?i	}
328	b24bda08	Scott Ullrich	}
329	3cc07282	Ermal	if ($foundgw == false) {
330			$defaultif = get_real_interface("wan");
331			$interfacegw = "wan";
332			$gatewayip = get_interface_gateway("wan");
333			@touch("{$g['tmp_path']}/{$defaultif}_defaultgw");
334			}
335	d173230c	Seth Mos	$dont_add_route = false;
336			/* if OLSRD is enabled, allow WAN to house DHCP. */
337			if($config['installedpackages']['olsrd']) {
338			foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
339			if($olsrd['enabledyngw'] == "on") {
340			$dont_add_route = true;
341	6e17413e	Ermal Lu?i	break;
342	d173230c	Seth Mos	}
343			}
344			}
345	07b54e8c	smos	/* Create a array from the existing route table */
346			exec("/usr/bin/netstat -rnf inet", $route_str);
347			array_shift($route_str);
348			array_shift($route_str);
349			array_shift($route_str);
350			array_shift($route_str);
351			$route_arr = array();
352			foreach($route_str as $routeline) {
353			$items = preg_split("/[ ]+/i", $routeline);
354	aceedad4	Ermal	$route_arr[$items[0]] = array($items[0], $items[1], $items[5]);
355	07b54e8c	smos	}
356
357	1ea67f2e	Ermal	if ($dont_add_route == false ) {
358	8d29cef4	Ermal	if (!empty($interface) && $interface != $interfacegw)
359	1ea67f2e	Ermal	;
360			else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
361	b61154fb	smos	$action = "add";
362			if(isset($route_arr['default'])) {
363	07b54e8c	smos	$action = "change";
364			}
365	b61154fb	smos	log_error("ROUTING: $action default route to $gatewayip");
366	07b54e8c	smos	mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip));
367	d173230c	Seth Mos	}
368			}
369
370	5b237745	Scott Ullrich	if (is_array($config['staticroutes']['route'])) {
371	a529aced	Ermal	$gateways_arr = return_gateways_array();
372	0f282d7a	Scott Ullrich
373	5b237745	Scott Ullrich	foreach ($config['staticroutes']['route'] as $rtent) {
374	a529aced	Ermal	$gatewayip = "";
375	a02708b1	Ermal	if (empty($gateways_arr[$rtent['gateway']])) {
376	24fb2263	Chris Buechler	log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
377	a529aced	Ermal	continue;
378			}
379	a02708b1	Ermal	$gateway = $gateways_arr[$rtent['gateway']];
380			if ($interface == $gateway['friendlyiface'])
381			continue;
382			$gatewayip = $gateway['gateway'];
383			$interfacegw = $gateway['interface'];
384	a529aced	Ermal	$action = "add";
385	b61154fb	smos	if (isset($route_arr[$rtent['network']]))
386	a529aced	Ermal	$action = "change";
387
388			if (is_ipaddr($gatewayip)) {
389			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
390	b24bda08	Scott Ullrich	" " . escapeshellarg($gatewayip));
391	a529aced	Ermal	} else if (!empty($interfacegw)) {
392			mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) .
393			" -iface " . escapeshellarg($interfacegw));
394	7a98edde	Seth Mos	}
395	5b237745	Scott Ullrich	}
396			}
397	67ee1ec5	Ermal Luçi
398	b9c501ea	Seth Mos	return 0;
399	5b237745	Scott Ullrich	}
400
401			function system_routing_enable() {
402	f19d3b7a	Scott Ullrich	global $config, $g;
403	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
404			$mt = microtime();
405	dcf0598e	Scott Ullrich	echo "system_routing_enable() being called $mt\n";
406	58c7450e	Scott Ullrich	}
407	0f282d7a	Scott Ullrich
408	5e041d5f	Scott Ullrich	return mwexec("/sbin/sysctl net.inet.ip.forwarding=1");
409	5b237745	Scott Ullrich	}
410
411			function system_syslogd_start() {
412	f19d3b7a	Scott Ullrich	global $config, $g;
413	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
414			$mt = microtime();
415	dcf0598e	Scott Ullrich	echo "system_syslogd_start() being called $mt\n";
416	58c7450e	Scott Ullrich	}
417	0f282d7a	Scott Ullrich
418	5b237745	Scott Ullrich	$syslogcfg = $config['syslog'];
419
420	0f282d7a	Scott Ullrich	if ($g['booting'])
421	f05740c1	Scott Ullrich	echo "Starting syslog...";
422	5b237745	Scott Ullrich	else
423			killbypid("{$g['varrun_path']}/syslog.pid");
424	0f282d7a	Scott Ullrich
425	99f98b80	sullrich	if(is_process_running("syslogd"))
426			mwexec("/usr/bin/killall -9 syslogd");
427			if(is_process_running("fifolog_writer"))
428			mwexec("/usr/bin/killall -9 fifolog_writer");
429	7ee97cb3	Scott Ullrich
430			// Define carious commands for logging
431			$fifolog_create = "/usr/sbin/fifolog_create -s ";
432			$fifolog_log = "\|/usr/sbin/fifolog_writer ";
433			$clog_create = "/usr/sbin/clog -i -s ";
434			$clog_log = "%";
435
436			// Which logging type are we using this week??
437			if(isset($config['system']['usefifolog'])) {
438			$log_directive = $fifolog_log;
439			$log_create_directive = $fifolog_create;
440			} else { // Defaults to CLOG
441			$log_directive = $clog_log;
442			$log_create_directive = $clog_create;
443			}
444
445	88ebd635	Scott Ullrich	if (isset($syslogcfg)) {
446	8fbd88cd	Seth Mos	$separatelogfacilities = array('ntpd','racoon','openvpn');
447	a728d2ea	Colin Smith	if($config['installedpackages']['package']) {
448	0d9d2a1b	Scott Ullrich	foreach($config['installedpackages']['package'] as $package) {
449			if($package['logging']) {
450	a728d2ea	Colin Smith	$pkgfacilities[] = $package['logging']['facilityname'];
451	d2834563	Scott Ullrich	$separatelogfacilities = $separatelogfacilities + $pkgfacilities;
452	84e86846	Colin Smith	$facilitylist = implode(',', $pkgfacilities);
453	7ee97cb3	Scott Ullrich	mwexec("{$log_create_directive} 10240 {$g['varlog_path']}/{$package['logging']['logfilename']}");
454	fe5f3b38	Scott Ullrich	$syslogconf .= "!{$facilitylist}\n.\t\t\t\t\t\t {$log_directive}{$g['varlog_path']}/{$package['logging']['logfilename']}\n";
455	a728d2ea	Colin Smith	}
456	0d9d2a1b	Scott Ullrich	}
457			}
458	d2834563	Scott Ullrich	$facilitylist = implode(',', array_unique($separatelogfacilities));
459	0d9d2a1b	Scott Ullrich	/* write syslog.conf */
460	5b237745	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/syslog.conf", "w");
461			if (!$fd) {
462			printf("Error: cannot open syslog.conf in system_syslogd_start().\n");
463			return 1;
464			}
465	8fbd88cd	Seth Mos	$syslogconf .= "!ntpdate,!ntpd\n";
466	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
467	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ntpd.log\n";
468	295e19dd	Scott Ullrich	$syslogconf .= "!ppp\n";
469			if (!isset($syslogcfg['disablelocallogging']))
470			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ppp.log\n";
471	328efaba	Ermal	$syslogconf .= "!pptp\n";
472			if (!isset($syslogcfg['disablelocallogging']))
473			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pptp.log\n";
474			$syslogconf .= "!pppoe\n";
475			if (!isset($syslogcfg['disablelocallogging']))
476			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/pppoe.log\n";
477			$syslogconf .= "!l2tp\n";
478			if (!isset($syslogcfg['disablelocallogging']))
479	bedd946f	Ermal	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/l2tp.log\n";
480	0260caec	Scott Ullrich	$syslogconf .= "!racoon\n";
481	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
482	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/ipsec.log\n";
483	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
484			if($syslogcfg['remoteserver'])
485			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
486			if($syslogcfg['remoteserver2'])
487			$syslogconf .= ". @{$syslogcfg['remoteserver2']}\n";
488			if($syslogcfg['remoteserver3'])
489			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
490			}
491	d2834563	Scott Ullrich	$syslogconf .= "!openvpn\n";
492	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
493	fe5f3b38	Scott Ullrich	$syslogconf .= ". {$log_directive}{$g['varlog_path']}/openvpn.log\n";
494	be5d59d7	Scott Ullrich	if (isset($syslogcfg['vpn'])) {
495			if($syslogcfg['remoteserver'])
496			$syslogconf .= ". @{$syslogcfg['remoteserver']}\n";
497			if($syslogcfg['remoteserver2'])
498			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
499			if($syslogcfg['remoteserver3'])
500			$syslogconf .= ". @{$syslogcfg['remoteserver3']}\n";
501			}
502	7bc41b19	jim-p	$syslogconf .= "!apinger\n";
503			if (!isset($syslogcfg['disablelocallogging']))
504			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/apinger.log\n";
505	087a89f8	Chris Buechler	$syslogconf .= "!relayd\n";
506			$syslogconf .= ". {$log_directive}{$g['varlog_path']}/relayd.log\n";
507	d2834563	Scott Ullrich	$syslogconf .= "!-{$facilitylist}\n";
508	0d9d2a1b	Scott Ullrich	if (!isset($syslogcfg['disablelocallogging']))
509	5b237745	Scott Ullrich	$syslogconf .= <<<EOD
510	fe5f3b38	Scott Ullrich	local0.* {$log_directive}{$g['varlog_path']}/filter.log
511	4f7ead45	Scott Ullrich	local3.* {$log_directive}{$g['varlog_path']}/vpn.log
512	fe5f3b38	Scott Ullrich	local4.* {$log_directive}{$g['varlog_path']}/portalauth.log
513			local7.* {$log_directive}{$g['varlog_path']}/dhcpd.log
514			*.notice;kern.debug;lpr.info;mail.crit; {$log_directive}{$g['varlog_path']}/system.log
515			news.err;local0.none;local3.none;local4.none; {$log_directive}{$g['varlog_path']}/system.log
516			local7.none {$log_directive}{$g['varlog_path']}/system.log
517			security.* {$log_directive}{$g['varlog_path']}/system.log
518			auth.info;authpriv.info;daemon.info {$log_directive}{$g['varlog_path']}/system.log
519	9dac9942	Scott Ullrich	auth.info;authpriv.info \|exec /usr/local/sbin/sshlockout_pf
520			.emerg
521	0a123b4c	Scott Ullrich
522	5b237745	Scott Ullrich	EOD;
523	be5d59d7	Scott Ullrich	if (isset($syslogcfg['filter'])) {
524			if($syslogcfg['remoteserver'])
525			$syslogconf .= "local0.* @{$syslogcfg['remoteserver']}\n";
526			if($syslogcfg['remoteserver2'])
527			$syslogconf .= "local0.* @{$syslogcfg['remoteserver2']}\n";
528			if($syslogcfg['remoteserver3'])
529			$syslogconf .= "local0.* @{$syslogcfg['remoteserver3']}\n";
530
531			}
532			if (isset($syslogcfg['vpn'])) {
533			if($syslogcfg['remoteserver'])
534			$syslogconf .= "local3.* @{$syslogcfg['remoteserver']}\n";
535			if($syslogcfg['remoteserver2'])
536			$syslogconf .= "local3.* @{$syslogcfg['remoteserver2']}\n";
537			if($syslogcfg['remoteserver3'])
538			$syslogconf .= "local3.* @{$syslogcfg['remoteserver3']}\n";
539			}
540			if (isset($syslogcfg['portalauth'])) {
541			if($syslogcfg['remoteserver'])
542			$syslogconf .= "local4.* @{$syslogcfg['remoteserver']}\n";
543			if($syslogcfg['remoteserver2'])
544			$syslogconf .= "local4.* @{$syslogcfg['remoteserver2']}\n";
545			if($syslogcfg['remoteserver3'])
546			$syslogconf .= "local4.* @{$syslogcfg['remoteserver3']}\n";
547			}
548			if (isset($syslogcfg['dhcp'])) {
549			if($syslogcfg['remoteserver'])
550			$syslogconf .= "local7.* @{$syslogcfg['remoteserver']}\n";
551			if($syslogcfg['remoteserver2'])
552			$syslogconf .= "local7.* @{$syslogcfg['remoteserver2']}\n";
553			if($syslogcfg['remoteserver3'])
554			$syslogconf .= "local7.* @{$syslogcfg['remoteserver3']}\n";
555			}
556			if (isset($syslogcfg['system'])) {
557			if($syslogcfg['remoteserver'])
558			$syslogconf .= <<<EOD
559	9dac9942	Scott Ullrich	*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver']}
560			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']}
561			security.* @{$syslogcfg['remoteserver']}
562			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']}
563			*.emerg @{$syslogcfg['remoteserver']}
564	d2834563	Scott Ullrich
565	5b237745	Scott Ullrich	EOD;
566	be5d59d7	Scott Ullrich
567	07bdaacd	pierrepomes	}
568
569	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
570			if($syslogcfg['remoteserver2'])
571			$syslogconf .= <<<EOD
572			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver2']}
573			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver2']}
574			security.* @{$syslogcfg['remoteserver2']}
575			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver2']}
576			*.emerg @{$syslogcfg['remoteserver2']}
577
578			EOD;
579
580	07bdaacd	pierrepomes	}
581
582	be5d59d7	Scott Ullrich	if (isset($syslogcfg['system'])) {
583			if($syslogcfg['remoteserver3'])
584			$syslogconf .= <<<EOD
585			*.notice;kern.debug;lpr.info;mail.crit; @{$syslogcfg['remoteserver3']}
586			news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver3']}
587			security.* @{$syslogcfg['remoteserver3']}
588			auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver3']}
589			*.emerg @{$syslogcfg['remoteserver3']}
590
591			EOD;
592
593			}
594	4ef2d703	Chris Buechler	if (isset($syslogcfg['logall'])) {
595	be5d59d7	Scott Ullrich	if($syslogcfg['remoteserver'])
596			$syslogconf .= <<<EOD
597	4ef2d703	Chris Buechler	. @{$syslogcfg['remoteserver']}
598
599			EOD;
600	be5d59d7	Scott Ullrich
601			if($syslogcfg['remoteserver2'])
602			$syslogconf .= <<<EOD
603			. @{$syslogcfg['remoteserver2']}
604
605			EOD;
606
607			if($syslogcfg['remoteserver3'])
608			$syslogconf .= <<<EOD
609			. @{$syslogcfg['remoteserver3']}
610
611			EOD;
612
613			}
614	5b237745	Scott Ullrich	fwrite($fd, $syslogconf);
615			fclose($fd);
616	6a638a89	Scott Ullrich	// Are we logging to a least one remote server ?
617			if(strpos($syslogconf, "@") != false)
618	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
619	6a638a89	Scott Ullrich	else
620	c9f8d4f5	Ermal Lu?i	$retval = system("/usr/sbin/syslogd -c -f {$g['varetc_path']}/syslog.conf");
621	5b237745	Scott Ullrich
622			} else {
623	c9f8d4f5	Ermal Lu?i	$retval = mwexec("/usr/sbin/syslogd -c");
624	5b237745	Scott Ullrich	}
625	0f282d7a	Scott Ullrich
626	5b237745	Scott Ullrich	if ($g['booting'])
627	5c6d0f65	Colin Smith	echo "done.\n";
628	0f282d7a	Scott Ullrich
629	5b237745	Scott Ullrich	return $retval;
630			}
631
632			function system_pccard_start() {
633	f19d3b7a	Scott Ullrich	global $config, $g;
634	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
635			$mt = microtime();
636	dcf0598e	Scott Ullrich	echo "system_pccard_start() being called $mt\n";
637	58c7450e	Scott Ullrich	}
638	0f282d7a	Scott Ullrich
639	5b237745	Scott Ullrich	if ($g['booting'])
640	f05740c1	Scott Ullrich	echo "Initializing PCMCIA...";
641	0f282d7a	Scott Ullrich
642	5b237745	Scott Ullrich	/* kill any running pccardd */
643			killbypid("{$g['varrun_path']}/pccardd.pid");
644	0f282d7a	Scott Ullrich
645	5b237745	Scott Ullrich	/* fire up pccardd */
646			$res = mwexec("/usr/sbin/pccardd -z -f {$g['etc_path']}/pccard.conf");
647	0f282d7a	Scott Ullrich
648	5b237745	Scott Ullrich	if ($g['booting']) {
649			if ($res == 0)
650	5c6d0f65	Colin Smith	echo "done.\n";
651	5b237745	Scott Ullrich	else
652	5c6d0f65	Colin Smith	echo "failed!\n";
653	5b237745	Scott Ullrich	}
654	0f282d7a	Scott Ullrich
655	5b237745	Scott Ullrich	return $res;
656			}
657
658	819197a8	Scott Ullrich
659	5b237745	Scott Ullrich	function system_webgui_start() {
660	f19d3b7a	Scott Ullrich	global $config, $g;
661	877ac35d	Scott Ullrich
662			if ($g['booting'])
663	f05740c1	Scott Ullrich	echo "Starting webConfigurator...";
664	877ac35d	Scott Ullrich
665	383a4439	Scott Ullrich	/* kill any running lighttpd */
666	877ac35d	Scott Ullrich	killbypid("{$g['varrun_path']}/lighty-webConfigurator.pid");
667
668	e9d0bf64	Scott Ullrich	sleep(1);
669
670	877ac35d	Scott Ullrich	chdir($g['www_path']);
671
672	fb1266d3	Matthew Grooms	/* defaults */
673			$portarg = "80";
674			$crt = "";
675			$key = "";
676	2cf6ddcb	Nigel Graham	$ca = "";
677	fb1266d3	Matthew Grooms
678	877ac35d	Scott Ullrich	/* non-standard port? */
679	f4875d35	Ermal Lu?i	if (isset($config['system']['webgui']['port']) && $config['system']['webgui']['port'] <> "")
680	528df9a7	Scott Ullrich	$portarg = "{$config['system']['webgui']['port']}";
681	877ac35d	Scott Ullrich
682			if ($config['system']['webgui']['protocol'] == "https") {
683	02b383fe	sullrich	// Ensure that we have a webConfigurator CERT
684	fb1266d3	Matthew Grooms	$cert =& lookup_cert($config['system']['webgui']['ssl-certref']);
685	02b383fe	sullrich	if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
686	1e332e98	jim-p	if (!is_array($config['ca']))
687			$config['ca'] = array();
688			$a_ca =& $config['ca'];
689			if (!is_array($config['cert']))
690			$config['cert'] = array();
691			$a_cert =& $config['cert'];
692	0cdaaa8e	Chris Buechler	echo "Creating SSL Certificate... ";
693	aab4ca82	Scott Ullrich	$cert = array();
694			$cert['refid'] = uniqid();
695			$cert['name'] = "webConfigurator default";
696	6955830f	Ermal Lu?i	mwexec("/usr/bin/openssl genrsa 1024 > {$g['tmp_path']}/ssl.key");
697			mwexec("/usr/bin/openssl req -new -x509 -nodes -sha1 -days 2000 -key {$g['tmp_path']}/ssl.key > {$g['tmp_path']}/ssl.crt");
698			$crt = file_get_contents("{$g['tmp_path']}/ssl.crt");
699			$key = file_get_contents("{$g['tmp_path']}/ssl.key");
700			unlink("{$g['tmp_path']}/ssl.key");
701			unlink("{$g['tmp_path']}/ssl.crt");
702	aab4ca82	Scott Ullrich	cert_import($cert, $crt, $key);
703			$a_cert[] = $cert;
704			$config['system']['webgui']['ssl-certref'] = $cert['refid'];
705			write_config("Importing HTTPS certificate");
706			if(!$config['system']['webgui']['port'])
707			$portarg = "443";
708			$ca = ca_chain($cert);
709	edc8a9f8	jim-p	} else {
710	fb1266d3	Matthew Grooms	$crt = base64_decode($cert['crt']);
711			$key = base64_decode($cert['prv']);
712			if(!$config['system']['webgui']['port'])
713			$portarg = "443";
714	2cf6ddcb	Nigel Graham	$ca = ca_chain($cert);
715	edc8a9f8	jim-p	}
716	877ac35d	Scott Ullrich	}
717
718			/* generate lighttpd configuration */
719			system_generate_lighty_config("{$g['varetc_path']}/lighty-webConfigurator.conf",
720	2cf6ddcb	Nigel Graham	$crt, $key, $ca, "lighty-webConfigurator.pid", $portarg, "/usr/local/www/");
721	877ac35d	Scott Ullrich
722			/* attempt to start lighthttpd */
723			$res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-webConfigurator.conf");
724
725	cc093472	sullrich	/* fetch page to preload apc cache */
726	eb0f4fc6	Ermal Lu?i	$proto = "http";
727			if ($config['system']['webgui']['protocol'])
728			$proto = $config['system']['webgui']['protocol'];
729	bd96ff65	Ermal Lu?i	mwexec_bg("/usr/bin/fetch -o /dev/null -q {$proto}://localhost:{$portarg}/preload.php");
730	cc093472	sullrich
731	877ac35d	Scott Ullrich	if ($g['booting']) {
732			if ($res == 0)
733			echo "done.\n";
734			else
735			echo "failed!\n";
736			}
737
738			return $res;
739			}
740
741	eb0f441c	Scott Ullrich	function system_generate_lighty_config($filename,
742			$cert,
743			$key,
744	2cf6ddcb	Nigel Graham	$ca,
745	eb0f441c	Scott Ullrich	$pid_file,
746			$port = 80,
747			$document_root = "/usr/local/www/",
748			$cert_location = "cert.pem",
749	2cf6ddcb	Nigel Graham	$ca_location = "ca.pem",
750	1b666ae2	Scott Ullrich	$max_procs = 2,
751	280b75d9	Scott Ullrich	$max_requests = "2",
752	eb0f441c	Scott Ullrich	$fast_cgi_enable = true,
753			$captive_portal = false) {
754	58c7450e	Scott Ullrich
755	f19d3b7a	Scott Ullrich	global $config, $g;
756
757	6955830f	Ermal Lu?i	if(!is_dir("{$g['tmp_path']}/lighttpdcompress"))
758			mkdir("{$g['tmp_path']}/lighttpdcompress");
759	570ef08c	sullrich
760	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
761			$mt = microtime();
762	dcf0598e	Scott Ullrich	echo "system_generate_lighty_config() being called $mt\n";
763	58c7450e	Scott Ullrich	}
764
765	eb0f441c	Scott Ullrich	if($captive_portal == true) {
766			$captiveportal = ",\"mod_rewrite\"";
767	6bef50b3	Scott Ullrich	$captive_portal_rewrite = "url.rewrite-once = ( \"(.captiveportal.)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n";
768	b0bdc06e	Scott Ullrich	$captive_portal_module = "\"mod_accesslog\", ";
769			$maxprocperip = $config['captiveportal']['maxprocperip'];
770	632e8d54	Scott Ullrich	if(!$maxprocperip and $maxprocperip > 0)
771			$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
772			else
773			$captive_portal_mod_evasive = "";
774	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
775			exec("mkdir -p {$g['tmp_path']}/captiveportal");
776			exec("chmod a-w {$g['tmp_path']}/captiveportal");
777	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 384";
778	b0bdc06e	Scott Ullrich	} else {
779	3435dc35	Ermal Lu?i	$captiveportal = "";
780			$captive_portal_rewrite = "";
781	b0bdc06e	Scott Ullrich	$captive_portal_module = "";
782			$captive_portal_mod_evasive = "";
783	6955830f	Ermal Lu?i	$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
784	775556ab	Scott Ullrich	$server_max_request_size = "server.max-request-size = 2097152";
785	eb0f441c	Scott Ullrich	}
786	3306a341	Scott Ullrich
787	28cae949	Scott Ullrich	if($port <> "")
788			$lighty_port = $port;
789			else
790			$lighty_port = "80";
791	3d77d4c4	Scott Ullrich
792			$memory = get_memory();
793			$avail = $memory[0];
794
795	f4ebc84a	Scott Ullrich	if($avail > 0 and $avail < 65) {
796			$fast_cgi_enable = false;
797			}
798
799	70cc6249	Scott Ullrich	// Ramp up captive portal max procs
800			if($captive_portal == true) {
801			if($avail > 65 and $avail < 98) {
802			$max_procs = 1;
803			}
804			if($avail > 97 and $avail < 128) {
805			$max_procs = 2;
806			}
807			if($avail > 127 and $avail < 256) {
808			$max_procs = 3;
809			}
810			if($avail > 255 and $avail < 384) {
811			$max_procs = 4;
812			}
813			if($avail > 383) {
814			$max_procs = 5;
815			}
816	b0bdc06e	Scott Ullrich	}
817
818	6e337a84	Scott Ullrich	if($captive_portal == true) {
819			$bin_environment = <<<EOC
820	5e041d5f	Scott Ullrich	"bin-environment" => (
821	e59dd448	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
822			"PHP_FCGI_MAX_REQUESTS" => "500"
823	6e337a84	Scott Ullrich	),
824			EOC;
825
826	04f4a116	Ermal Luçi	} else if ($avail > 0 and $avail < 128) {
827			$bin_environment = <<<EOC
828	980df75c	Scott Ullrich	"bin-environment" => (
829	effecc51	Scott Ullrich	"PHP_FCGI_CHILDREN" => "$max_procs",
830	980df75c	Scott Ullrich	"PHP_FCGI_MAX_REQUESTS" => "2",
831	04f4a116	Ermal Luçi	),
832
833			EOC;
834			} else
835	980df75c	Scott Ullrich	$bin_environment = <<<EOC
836			"bin-environment" => (
837			"PHP_FCGI_CHILDREN" => "$max_procs",
838			"PHP_FCGI_MAX_REQUESTS" => "500"
839			),
840			EOC;
841
842	4edb490d	Scott Ullrich	if($fast_cgi_enable == true) {
843	dde4f60c	Scott Ullrich	$module = "\"mod_fastcgi\", \"mod_cgi\"";
844	4edb490d	Scott Ullrich	$cgi_config = "";
845			$fastcgi_config = <<<EOD
846			#### fastcgi module
847			## read fastcgi.txt for more info
848	b0bdc06e	Scott Ullrich	fastcgi.server = ( ".php" =>
849			( "localhost" =>
850			(
851	6955830f	Ermal Lu?i	"socket" => "{$g['tmp_path']}/php-fastcgi.socket",
852	980df75c	Scott Ullrich	"min-procs" => 0,
853	b0bdc06e	Scott Ullrich	"max-procs" => {$max_procs},
854	6e337a84	Scott Ullrich	{$bin_environment}
855	b0bdc06e	Scott Ullrich	"bin-path" => "/usr/local/bin/php"
856			)
857			)
858			)
859	4edb490d	Scott Ullrich
860	dde4f60c	Scott Ullrich	#### CGI module
861	5999dd9c	Scott Ullrich	cgi.assign = ( ".cgi" => "" )
862	dde4f60c	Scott Ullrich
863	4edb490d	Scott Ullrich	EOD;
864			} else {
865			$fastcgi_config = "";
866			$module = "\"mod_cgi\"";
867			$cgi_config = <<<EOD
868			#### CGI module
869			cgi.assign = ( ".php" => "/usr/local/bin/php",
870	d4302f46	Espen Johansen	".cgi" => "" )
871	333f8ef0	Scott Ullrich
872	4edb490d	Scott Ullrich	EOD;
873			}
874	333f8ef0	Scott Ullrich
875	3435dc35	Ermal Lu?i	$lighty_config = "";
876	a84b65dc	Scott Ullrich	$lighty_config .= <<<EOD
877	28cae949	Scott Ullrich	#
878	a632cf43	Scott Ullrich	# lighttpd configuration file
879			#
880			# use a it as base for lighttpd 1.0.0 and above
881	28cae949	Scott Ullrich	#
882	a632cf43	Scott Ullrich	############ Options you really have to take care of ####################
883
884	770b4b9c	Scott Ullrich	## FreeBSD!
885	60ff6204	Scott Ullrich	server.event-handler = "freebsd-kqueue"
886			server.network-backend = "writev"
887	096261af	Scott Ullrich
888	a632cf43	Scott Ullrich	## modules to load
889	4edb490d	Scott Ullrich	server.modules = (
890	c93ad789	Scott Ullrich	{$captive_portal_module}
891	d7e230ae	Chris Buechler	"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect",
892	c93ad789	Scott Ullrich	{$module}{$captiveportal}
893			)
894	28cae949	Scott Ullrich
895			## Unused modules
896	6a019c11	Scott Ullrich	# "mod_setenv",
897			# "mod_rewrite",
898	28cae949	Scott Ullrich	# "mod_ssi",
899			# "mod_usertrack",
900			# "mod_expire",
901			# "mod_secdownload",
902			# "mod_rrdtool",
903	a632cf43	Scott Ullrich	# "mod_auth",
904			# "mod_status",
905	28cae949	Scott Ullrich	# "mod_alias",
906	a632cf43	Scott Ullrich	# "mod_proxy",
907			# "mod_simple_vhost",
908			# "mod_evhost",
909			# "mod_userdir",
910	28cae949	Scott Ullrich	# "mod_cgi",
911	a632cf43	Scott Ullrich
912	d9acea75	Scott Ullrich	server.max-keep-alive-requests = 15
913			server.max-keep-alive-idle = 30
914
915	a632cf43	Scott Ullrich	## a static document-root, for virtual-hosting take look at the
916			## server.virtual-* options
917	332b4ac0	Scott Ullrich	server.document-root = "{$document_root}"
918	eb0f441c	Scott Ullrich	{$captive_portal_rewrite}
919	a632cf43	Scott Ullrich
920	38a9a1ab	Scott Ullrich	# Maximum idle time with nothing being written (php downloading)
921			server.max-write-idle = 999
922
923	a632cf43	Scott Ullrich	## where to send error-messages to
924	ee959dc4	Scott Ullrich	server.errorlog = "/var/log/lighttpd.error.log"
925	a632cf43	Scott Ullrich
926			# files to check for if .../ is requested
927			server.indexfiles = ( "index.php", "index.html",
928			"index.htm", "default.htm" )
929
930			# mimetype mapping
931			mimetype.assign = (
932			".pdf" => "application/pdf",
933			".sig" => "application/pgp-signature",
934			".spl" => "application/futuresplash",
935			".class" => "application/octet-stream",
936			".ps" => "application/postscript",
937			".torrent" => "application/x-bittorrent",
938			".dvi" => "application/x-dvi",
939			".gz" => "application/x-gzip",
940			".pac" => "application/x-ns-proxy-autoconfig",
941			".swf" => "application/x-shockwave-flash",
942			".tar.gz" => "application/x-tgz",
943			".tgz" => "application/x-tgz",
944			".tar" => "application/x-tar",
945			".zip" => "application/zip",
946			".mp3" => "audio/mpeg",
947			".m3u" => "audio/x-mpegurl",
948			".wma" => "audio/x-ms-wma",
949			".wax" => "audio/x-ms-wax",
950			".ogg" => "audio/x-wav",
951			".wav" => "audio/x-wav",
952			".gif" => "image/gif",
953			".jpg" => "image/jpeg",
954			".jpeg" => "image/jpeg",
955			".png" => "image/png",
956			".xbm" => "image/x-xbitmap",
957			".xpm" => "image/x-xpixmap",
958			".xwd" => "image/x-xwindowdump",
959			".css" => "text/css",
960			".html" => "text/html",
961			".htm" => "text/html",
962			".js" => "text/javascript",
963			".asc" => "text/plain",
964			".c" => "text/plain",
965			".conf" => "text/plain",
966			".text" => "text/plain",
967			".txt" => "text/plain",
968			".dtd" => "text/xml",
969			".xml" => "text/xml",
970			".mpeg" => "video/mpeg",
971			".mpg" => "video/mpeg",
972			".mov" => "video/quicktime",
973			".qt" => "video/quicktime",
974			".avi" => "video/x-msvideo",
975			".asf" => "video/x-ms-asf",
976			".asx" => "video/x-ms-asf",
977			".wmv" => "video/x-ms-wmv",
978			".bz2" => "application/x-bzip",
979			".tbz" => "application/x-bzip-compressed-tar",
980			".tar.bz2" => "application/x-bzip-compressed-tar"
981			)
982
983			# Use the "Content-Type" extended attribute to obtain mime type if possible
984			#mimetypes.use-xattr = "enable"
985
986			#### accesslog module
987	6a019c11	Scott Ullrich	#accesslog.filename = "/dev/null"
988	a632cf43	Scott Ullrich
989			## deny access the file-extensions
990			#
991			# ~ is for backupfiles from vi, emacs, joe, ...
992			# .inc is often used for code includes which should in general not be part
993			# of the document-root
994			url.access-deny = ( "~", ".inc" )
995
996
997			######### Options that are good to be but not neccesary to be changed #######
998
999			## bind to port (default: 80)
1000	28cae949	Scott Ullrich	server.port = {$lighty_port}
1001	a632cf43	Scott Ullrich
1002			## error-handler for status 404
1003			#server.error-handler-404 = "/error-handler.html"
1004			#server.error-handler-404 = "/error-handler.php"
1005
1006			## to help the rc.scripts
1007			server.pid-file = "/var/run/{$pid_file}"
1008
1009			## virtual directory listings
1010	28cae949	Scott Ullrich	server.dir-listing = "disable"
1011	a632cf43	Scott Ullrich
1012			## enable debugging
1013	28cae949	Scott Ullrich	debug.log-request-header = "disable"
1014			debug.log-response-header = "disable"
1015			debug.log-request-handling = "disable"
1016			debug.log-file-not-found = "disable"
1017	a632cf43	Scott Ullrich
1018	570ef08c	sullrich	# gzip compression
1019	6955830f	Ermal Lu?i	compress.cache-dir = "{$g['tmp_path']}/lighttpdcompress/"
1020	570ef08c	sullrich	compress.filetype = ("text/plain","text/css", "text/xml", "text/javascript" )
1021
1022	3306a341	Scott Ullrich	{$server_upload_dirs}
1023	1ef7b568	Scott Ullrich
1024	a6e8af9c	Scott Ullrich	{$server_max_request_size}
1025	ee959dc4	Scott Ullrich
1026	4edb490d	Scott Ullrich	{$fastcgi_config}
1027
1028			{$cgi_config}
1029	a632cf43	Scott Ullrich
1030	b0bdc06e	Scott Ullrich	{$captive_portal_mod_evasive}
1031
1032	569f47e9	Scott Ullrich	expire.url = (
1033	05a5e5c5	Scott Ullrich	"" => "access 50 hours",
1034	569f47e9	Scott Ullrich	)
1035
1036	a632cf43	Scott Ullrich	EOD;
1037
1038	7aae518a	Scott Ullrich	$cert = str_replace("\r", "", $cert);
1039	333f8ef0	Scott Ullrich	$key = str_replace("\r", "", $key);
1040	2cf6ddcb	Nigel Graham	$ca = str_replace("\r", "", $ca);
1041	7aae518a	Scott Ullrich
1042			$cert = str_replace("\n\n", "\n", $cert);
1043	333f8ef0	Scott Ullrich	$key = str_replace("\n\n", "\n", $key);
1044	2cf6ddcb	Nigel Graham	$ca = str_replace("\n\n", "\n", $ca);
1045	7aae518a	Scott Ullrich
1046	a632cf43	Scott Ullrich	if($cert <> "" and $key <> "") {
1047	3a66b621	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/{$cert_location}", "w");
1048	5b237745	Scott Ullrich	if (!$fd) {
1049			printf("Error: cannot open cert.pem in system_webgui_start().\n");
1050			return 1;
1051			}
1052	3a66b621	Scott Ullrich	chmod("{$g['varetc_path']}/{$cert_location}", 0600);
1053	5b237745	Scott Ullrich	fwrite($fd, $cert);
1054			fwrite($fd, "\n");
1055			fwrite($fd, $key);
1056			fclose($fd);
1057	2cf6ddcb	Nigel Graham	if($ca <> "") {
1058			$fd = fopen("{$g['varetc_path']}/{$ca_location}", "w");
1059			if (!$fd) {
1060			printf("Error: cannot open ca.pem in system_webgui_start().\n");
1061			return 1;
1062			}
1063			chmod("{$g['varetc_path']}/{$ca_location}", 0600);
1064			fwrite($fd, $ca);
1065			fclose($fd);
1066			}
1067	5e041d5f	Scott Ullrich	$lighty_config .= "\n";
1068	9f0cbb16	Scott Ullrich	$lighty_config .= "## ssl configuration\n";
1069	a632cf43	Scott Ullrich	$lighty_config .= "ssl.engine = \"enable\"\n";
1070	333f8ef0	Scott Ullrich	$lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n";
1071	2cf6ddcb	Nigel Graham	if($ca <> "")
1072			$lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n";
1073	5b237745	Scott Ullrich	}
1074	a978a0ff	Chris Buechler
1075			// Add HTTP to HTTPS redirect
1076			if ($captive_portal == false && $config['system']['webgui']['protocol'] == "https" && !isset($config['system']['webgui']['disablehttpredirect'])) {
1077	7921e8e5	Chris Buechler	if($lighty_port != "443")
1078			$redirectport = ":{$lighty_port}";
1079	d7e230ae	Chris Buechler	$lighty_config .= <<<EOD
1080			\$SERVER["socket"] == ":80" {
1081			\$HTTP["host"] =~ "(.*)" {
1082	7921e8e5	Chris Buechler	url.redirect = ( "^/(.*)" => "https://%1{$redirectport}/$1" )
1083	d7e230ae	Chris Buechler	}
1084			}
1085			EOD;
1086			}
1087	0f282d7a	Scott Ullrich
1088	4f3756f3	Scott Ullrich	$fd = fopen("{$filename}", "w");
1089	a632cf43	Scott Ullrich	if (!$fd) {
1090	4f3756f3	Scott Ullrich	printf("Error: cannot open {$filename} in system_generate_lighty_config().\n");
1091	a632cf43	Scott Ullrich	return 1;
1092	5b237745	Scott Ullrich	}
1093	a632cf43	Scott Ullrich	fwrite($fd, $lighty_config);
1094			fclose($fd);
1095
1096			return 0;
1097	0f282d7a	Scott Ullrich
1098	5b237745	Scott Ullrich	}
1099
1100			function system_timezone_configure() {
1101	f19d3b7a	Scott Ullrich	global $config, $g;
1102	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1103			$mt = microtime();
1104	dcf0598e	Scott Ullrich	echo "system_timezone_configure() being called $mt\n";
1105	333f8ef0	Scott Ullrich	}
1106	5b237745	Scott Ullrich
1107			$syscfg = $config['system'];
1108
1109			if ($g['booting'])
1110	f05740c1	Scott Ullrich	echo "Setting timezone...";
1111	5b237745	Scott Ullrich
1112			/* extract appropriate timezone file */
1113			$timezone = $syscfg['timezone'];
1114			if (!$timezone)
1115			$timezone = "Etc/UTC";
1116	0f282d7a	Scott Ullrich
1117	34febcde	Scott Ullrich	conf_mount_rw();
1118
1119	029d1a71	Scott Ullrich	exec("LANG=C /usr/bin/tar xzfO /usr/share/zoneinfo.tgz " .
1120	5b237745	Scott Ullrich	escapeshellarg($timezone) . " > /etc/localtime");
1121
1122	4efd4885	Scott Ullrich	mwexec("sync");
1123	27150275	Scott Ullrich	conf_mount_ro();
1124	34febcde	Scott Ullrich
1125	5b237745	Scott Ullrich	if ($g['booting'])
1126	5c6d0f65	Colin Smith	echo "done.\n";
1127	5b237745	Scott Ullrich	}
1128
1129			function system_ntp_configure() {
1130	f19d3b7a	Scott Ullrich	global $config, $g;
1131	5b237745	Scott Ullrich
1132	c8960970	Ermal	$syscfg =& $config['system'];
1133	5b237745	Scott Ullrich
1134	20b90e0a	Scott Ullrich	/* open configuration for wrting or bail */
1135			$fd = fopen("{$g['varetc_path']}/ntpd.conf","w");
1136			if(!$fd) {
1137	5f3e1f12	Scott Ullrich	log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing");
1138	20b90e0a	Scott Ullrich	return;
1139	5b237745	Scott Ullrich	}
1140
1141	20b90e0a	Scott Ullrich	fwrite($fd, "# \n");
1142			fwrite($fd, "# pfSense OpenNTPD configuration file \n");
1143			fwrite($fd, "# \n\n");
1144	0f282d7a	Scott Ullrich
1145	20b90e0a	Scott Ullrich	/* foreach through servers and write out to ntpd.conf */
1146			foreach (explode(' ', $syscfg['timeservers']) as $ts)
1147			fwrite($fd, "servers {$ts}\n");
1148	0f282d7a	Scott Ullrich
1149	5b6210e3	Bill Marquette	/* Setup listener(s) if the user has configured one */
1150	67ee1ec5	Ermal Luçi	if ($config['installedpackages']['openntpd']) {
1151			/* server config is in coregui1 */
1152	5b6210e3	Bill Marquette	$xmlsettings = $config['installedpackages']['openntpd']['config'][0];
1153			if ($xmlsettings['enable'] == 'on') {
1154			$ifaces = explode(',', $xmlsettings['interface']);
1155	435f11c8	Ermal Lu?i	$ifaces = array_map('get_real_interface', $ifaces);
1156	5b6210e3	Bill Marquette	$ifaces = array_filter($ifaces, 'does_interface_exist');
1157			$ips = array_map('find_interface_ip', $ifaces);
1158			foreach ($ips as $ip) {
1159	5e041d5f	Scott Ullrich	if (is_ipaddr($ip))
1160	5b6210e3	Bill Marquette	fwrite($fd, "listen on $ip\n");
1161			}
1162	95594e5a	Scott Ullrich	}
1163			}
1164
1165	20b90e0a	Scott Ullrich	fwrite($fd, "\n");
1166	0f282d7a	Scott Ullrich
1167	20b90e0a	Scott Ullrich	/* slurp! */
1168			fclose($fd);
1169
1170			/* if openntpd is running, kill it */
1171	5f3e1f12	Scott Ullrich	while(is_process_running("ntpd")) {
1172	c8960970	Ermal	killbyname("ntpd");
1173	5f3e1f12	Scott Ullrich	}
1174
1175			/* if /var/empty does not exist, create it */
1176			if(!is_dir("/var/empty"))
1177			exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/.");
1178
1179	401a6674	Ermal	if ($g['booting'])
1180			return;
1181
1182	20b90e0a	Scott Ullrich	/* start opentpd, set time now and use /var/etc/ntpd.conf */
1183			exec("/usr/local/sbin/ntpd -s -f {$g['varetc_path']}/ntpd.conf");
1184	83eb4567	Scott Ullrich
1185			// Note that we are starting up
1186			exec("echo 'OpenNTPD is starting up' >> {$g['varlog_path']}/ntpd.log");
1187	0f282d7a	Scott Ullrich
1188	5b237745	Scott Ullrich	}
1189
1190	652cf082	Seth Mos	function sync_system_time() {
1191			global $config, $g;
1192
1193			$syscfg = $config['system'];
1194
1195			if ($g['booting'])
1196	4582b281	Scott Ullrich	echo "Syncing system time before startup...";
1197	652cf082	Seth Mos
1198			/* foreach through servers and write out to ntpd.conf */
1199			foreach (explode(' ', $syscfg['timeservers']) as $ts) {
1200			mwexec("/usr/sbin/ntpdate -s $ts");
1201			}
1202	4582b281	Scott Ullrich
1203			if ($g['booting'])
1204			echo "done.\n";
1205
1206	652cf082	Seth Mos	}
1207
1208	405e5de0	Scott Ullrich	function system_halt() {
1209			global $g;
1210
1211			system_reboot_cleanup();
1212
1213	523855b0	Scott Ullrich	mwexec("/usr/bin/nohup /etc/rc.halt > /dev/null 2>&1 &");
1214	405e5de0	Scott Ullrich	}
1215
1216	5b237745	Scott Ullrich	function system_reboot() {
1217			global $g;
1218	0f282d7a	Scott Ullrich
1219	5b237745	Scott Ullrich	system_reboot_cleanup();
1220	0f282d7a	Scott Ullrich
1221	5b237745	Scott Ullrich	mwexec("nohup /etc/rc.reboot > /dev/null 2>&1 &");
1222			}
1223
1224			function system_reboot_sync() {
1225			global $g;
1226	0f282d7a	Scott Ullrich
1227	5b237745	Scott Ullrich	system_reboot_cleanup();
1228	0f282d7a	Scott Ullrich
1229	5b237745	Scott Ullrich	mwexec("/etc/rc.reboot > /dev/null 2>&1");
1230			}
1231
1232			function system_reboot_cleanup() {
1233	97d4e30b	Seth Mos	mwexec("/usr/local/bin/beep.sh stop");
1234	04967d99	jim-p	require_once("captiveportal.inc");
1235	5b237745	Scott Ullrich	captiveportal_radius_stop_all();
1236	336e3c1c	Charlie	require_once("voucher.inc");
1237			voucher_save_db_to_config();
1238	5b237745	Scott Ullrich	}
1239
1240			function system_do_shell_commands($early = 0) {
1241	f19d3b7a	Scott Ullrich	global $config, $g;
1242	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1243			$mt = microtime();
1244	dcf0598e	Scott Ullrich	echo "system_do_shell_commands() being called $mt\n";
1245	58c7450e	Scott Ullrich	}
1246	0f282d7a	Scott Ullrich
1247	5b237745	Scott Ullrich	if ($early)
1248			$cmdn = "earlyshellcmd";
1249			else
1250			$cmdn = "shellcmd";
1251	0f282d7a	Scott Ullrich
1252	5b237745	Scott Ullrich	if (is_array($config['system'][$cmdn])) {
1253	333f8ef0	Scott Ullrich
1254	245388b4	Scott Ullrich	/* cmd is an array, loop through /
1255	5b237745	Scott Ullrich	foreach ($config['system'][$cmdn] as $cmd) {
1256			exec($cmd);
1257			}
1258	245388b4	Scott Ullrich
1259			} elseif($config['system'][$cmdn] <> "") {
1260	333f8ef0	Scott Ullrich
1261	245388b4	Scott Ullrich	/* execute single item */
1262			exec($config['system'][$cmdn]);
1263
1264	5b237745	Scott Ullrich	}
1265			}
1266
1267			function system_console_configure() {
1268	f19d3b7a	Scott Ullrich	global $config, $g;
1269	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1270			$mt = microtime();
1271	dcf0598e	Scott Ullrich	echo "system_console_configure() being called $mt\n";
1272	333f8ef0	Scott Ullrich	}
1273	0f282d7a	Scott Ullrich
1274	5b237745	Scott Ullrich	if (isset($config['system']['disableconsolemenu'])) {
1275			touch("{$g['varetc_path']}/disableconsole");
1276			} else {
1277			unlink_if_exists("{$g['varetc_path']}/disableconsole");
1278			}
1279			}
1280
1281			function system_dmesg_save() {
1282	f19d3b7a	Scott Ullrich	global $g;
1283	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1284			$mt = microtime();
1285	dcf0598e	Scott Ullrich	echo "system_dmesg_save() being called $mt\n";
1286	f19d3b7a	Scott Ullrich	}
1287	0f282d7a	Scott Ullrich
1288	767a716e	Scott Ullrich	$dmesg = "";
1289	5b237745	Scott Ullrich	exec("/sbin/dmesg", $dmesg);
1290	0f282d7a	Scott Ullrich
1291	5b237745	Scott Ullrich	/* find last copyright line (output from previous boots may be present) */
1292			$lastcpline = 0;
1293	0f282d7a	Scott Ullrich
1294	5b237745	Scott Ullrich	for ($i = 0; $i < count($dmesg); $i++) {
1295			if (strstr($dmesg[$i], "Copyright (c) 1992-"))
1296			$lastcpline = $i;
1297			}
1298	0f282d7a	Scott Ullrich
1299	5b237745	Scott Ullrich	$fd = fopen("{$g['varlog_path']}/dmesg.boot", "w");
1300			if (!$fd) {
1301			printf("Error: cannot open dmesg.boot in system_dmesg_save().\n");
1302			return 1;
1303			}
1304	0f282d7a	Scott Ullrich
1305	5b237745	Scott Ullrich	for ($i = $lastcpline; $i < count($dmesg); $i++)
1306			fwrite($fd, $dmesg[$i] . "\n");
1307	0f282d7a	Scott Ullrich
1308	5b237745	Scott Ullrich	fclose($fd);
1309	0f282d7a	Scott Ullrich
1310	5b237745	Scott Ullrich	return 0;
1311			}
1312
1313			function system_set_harddisk_standby() {
1314	f19d3b7a	Scott Ullrich	global $g, $config;
1315	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1316			$mt = microtime();
1317	dcf0598e	Scott Ullrich	echo "system_set_harddisk_standby() being called $mt\n";
1318	58c7450e	Scott Ullrich	}
1319	5b237745	Scott Ullrich
1320			if (isset($config['system']['harddiskstandby'])) {
1321			if ($g['booting']) {
1322	5c6d0f65	Colin Smith	echo 'Setting hard disk standby... ';
1323	5b237745	Scott Ullrich	}
1324
1325			$standby = $config['system']['harddiskstandby'];
1326			// Check for a numeric value
1327			if (is_numeric($standby)) {
1328			// Sync the disk(s)
1329			mwexec('/bin/sync');
1330			if (!mwexec('/sbin/sysctl hw.ata.standby=' . ((int)$standby))) {
1331			// Reinitialize ATA-drives
1332			mwexec('/usr/local/sbin/atareinit');
1333			if ($g['booting']) {
1334	5c6d0f65	Colin Smith	echo "done.\n";
1335	5b237745	Scott Ullrich	}
1336			} else if ($g['booting']) {
1337	5c6d0f65	Colin Smith	echo "failed!\n";
1338	5b237745	Scott Ullrich	}
1339			} else if ($g['booting']) {
1340	5c6d0f65	Colin Smith	echo "failed!\n";
1341	5b237745	Scott Ullrich	}
1342			}
1343			}
1344
1345	3ff9d424	Scott Ullrich	function system_setup_sysctl() {
1346	f19d3b7a	Scott Ullrich	global $config;
1347	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1348			$mt = microtime();
1349	dcf0598e	Scott Ullrich	echo "system_setup_sysctl() being called $mt\n";
1350	58c7450e	Scott Ullrich	}
1351	243aa7b9	Scott Ullrich
1352	6df9d7e3	Scott Ullrich	activate_sysctls();
1353
1354	243aa7b9	Scott Ullrich	if (isset($config['system']['sharednet'])) {
1355			system_disable_arp_wrong_if();
1356			}
1357			}
1358
1359			function system_disable_arp_wrong_if() {
1360	f19d3b7a	Scott Ullrich	global $config;
1361	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1362			$mt = microtime();
1363	dcf0598e	Scott Ullrich	echo "system_disable_arp_wrong_if() being called $mt\n";
1364	333f8ef0	Scott Ullrich	}
1365	6cb438cf	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=0");
1366	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=0");
1367	3ff9d424	Scott Ullrich	}
1368
1369	243aa7b9	Scott Ullrich	function system_enable_arp_wrong_if() {
1370	f19d3b7a	Scott Ullrich	global $config;
1371	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
1372			$mt = microtime();
1373	dcf0598e	Scott Ullrich	echo "system_enable_arp_wrong_if() being called $mt\n";
1374	58c7450e	Scott Ullrich	}
1375	243aa7b9	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_wrong_iface=1");
1376	89f4b6a3	Scott Ullrich	mwexec("/sbin/sysctl -n net.link.ether.inet.log_arp_movements=1");
1377	243aa7b9	Scott Ullrich	}
1378
1379	a199b93e	Scott Ullrich	function enable_watchdog() {
1380			global $config;
1381	1a479479	Scott Ullrich	return;
1382	a199b93e	Scott Ullrich	$install_watchdog = false;
1383			$supported_watchdogs = array("Geode");
1384			$file = file_get_contents("/var/log/dmesg.boot");
1385			foreach($supported_watchdogs as $sd) {
1386			if(stristr($file, "Geode")) {
1387			$install_watchdog = true;
1388			}
1389			}
1390			if($install_watchdog == true) {
1391	2e44fb05	Scott Ullrich	if(is_process_running("watchdogd"))
1392	e0b4e47f	Seth Mos	mwexec("/usr/bin/killall watchdogd", true);
1393	333f8ef0	Scott Ullrich	exec("/usr/sbin/watchdogd");
1394	a199b93e	Scott Ullrich	}
1395			}
1396	15f14889	Scott Ullrich
1397			function system_check_reset_button() {
1398	fa83737d	Scott Ullrich	global $g;
1399	223ef06a	Scott Ullrich	if($g['platform'] != "nanobsd")
1400	fa83737d	Scott Ullrich	return 0;
1401	15f14889	Scott Ullrich
1402	31c9379c	Scott Ullrich	$specplatform = system_identify_specific_platform();
1403
1404	15f14889	Scott Ullrich	if ($specplatform['name'] != "wrap" && $specplatform['name'] != "alix")
1405			return 0;
1406
1407			$retval = mwexec("/usr/local/sbin/" . $specplatform['name'] . "resetbtn");
1408
1409			if ($retval == 99) {
1410			/* user has pressed reset button for 2 seconds -
1411			reset to factory defaults */
1412			echo <<<EOD
1413
1414			***********************************************************************
1415			* Reset button pressed - resetting configuration to factory defaults. *
1416			* The system will reboot after this completes. *
1417			***********************************************************************
1418
1419
1420			EOD;
1421
1422			reset_factory_defaults();
1423			system_reboot_sync();
1424			exit(0);
1425			}
1426
1427			return 0;
1428			}
1429
1430	31c9379c	Scott Ullrich	/* attempt to identify the specific platform (for embedded systems)
1431			Returns an array with two elements:
1432			name => platform string (e.g. 'wrap', 'alix' etc.)
1433			descr => human-readable description (e.g. "PC Engines WRAP")
1434			*/
1435			function system_identify_specific_platform() {
1436			global $g;
1437
1438			if ($g['platform'] == 'generic-pc')
1439			return array('name' => 'generic-pc', 'descr' => "Generic PC");
1440
1441			if ($g['platform'] == 'generic-pc-cdrom')
1442			return array('name' => 'generic-pc-cdrom', 'descr' => "Generic PC (CD-ROM)");
1443
1444			/* the rest of the code only deals with 'embedded' platforms */
1445	1a2911a7	Scott Ullrich	if ($g['platform'] != 'nanobsd')
1446	31c9379c	Scott Ullrich	return array('name' => $g['platform'], 'descr' => $g['platform']);
1447
1448			$dmesg = system_get_dmesg_boot();
1449
1450			if (strpos($dmesg, "PC Engines WRAP") !== false)
1451			return array('name' => 'wrap', 'descr' => 'PC Engines WRAP');
1452
1453			if (strpos($dmesg, "PC Engines ALIX") !== false)
1454			return array('name' => 'alix', 'descr' => 'PC Engines ALIX');
1455
1456			if (preg_match("/Soekris net45../", $dmesg, $matches))
1457			return array('name' => 'net45xx', 'descr' => $matches[0]);
1458
1459			if (preg_match("/Soekris net48../", $dmesg, $matches))
1460			return array('name' => 'net48xx', 'descr' => $matches[0]);
1461
1462			if (preg_match("/Soekris net55../", $dmesg, $matches))
1463			return array('name' => 'net55xx', 'descr' => $matches[0]);
1464
1465			/* unknown embedded platform */
1466			return array('name' => 'embedded', 'descr' => 'embedded (unknown)');
1467			}
1468
1469			function system_get_dmesg_boot() {
1470			global $g;
1471	d16af75d	Scott Ullrich
1472	31c9379c	Scott Ullrich	return file_get_contents("{$g['varlog_path']}/dmesg.boot");
1473			}
1474
1475	3cc07282	Ermal	?>

Project

General

Profile

pfSense