/etc/inc/services.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/etc/inc/services.inc @ e1daff07

1	17f6eafa	Scott Ullrich	<?php
2	307cd525	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			services.inc
5	417fc5c4	Scott Ullrich	part of the pfSense project (http://www.pfsense.com)
6	a25183c5	Scott Ullrich
7	417fc5c4	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
8	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
9	f64e8f99	Ermal	Copyright (C) 2010 Ermal Lu?i
10	5b237745	Scott Ullrich	All rights reserved.
11	a25183c5	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	a25183c5	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	a25183c5	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	a25183c5	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	523855b0	Scott Ullrich	/*
35			pfSense_BUILDER_BINARIES: /usr/bin/killall /bin/sh /usr/local/sbin/dhcpd /usr/local/sbin/igmpproxy
36			pfSense_BUILDER_BINARIES: /sbin/ifconfig /usr/sbin/arp /sbin/ifconfig /usr/local/sbin/dnsmasq
37	abcb2bed	Ermal Lu?i	pfSense_BUILDER_BINARIES: /usr/sbin/bsnmpd /sbin/route /usr/local/sbin/olsrd
38	523855b0	Scott Ullrich	pfSense_BUILDER_BINARIES: /usr/local/sbin/miniupnpd
39			pfSense_MODULE: utils
40			*/
41
42	5b237745	Scott Ullrich	function services_dhcpd_configure() {
43	f19d3b7a	Scott Ullrich	global $config, $g;
44	e3a13b00	Scott Ullrich
45			if($g['services_dhcp_server_enable'] == false)
46			return;
47
48	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
49	acd910bf	Scott Ullrich	$mt = microtime();
50	f19d3b7a	Scott Ullrich	echo "services_dhcpd_configure($if) being called $mt\n";
51	acd910bf	Scott Ullrich	}
52	af25d415	Chris Buechler
53			/* kill any running dhcpd */
54			if(is_process_running("dhcpd"))
55			mwexec("killall dhcpd", true);
56	a25183c5	Scott Ullrich
57	15be1722	Ermal Luçi	/* DHCP enabled on any interfaces? */
58			if (!is_dhcp_server_enabled())
59			return 0;
60
61	48ab0cd2	Scott Ullrich	/* if OLSRD is enabled, allow WAN to house DHCP. */
62	c7f44ae0	Scott Ullrich	if($config['installedpackages']['olsrd'])
63			foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
64			if($olsrd['enable'])
65	48ab0cd2	Scott Ullrich	$is_olsr_enabled = true;
66
67	68a0e4fc	Scott Ullrich	/* configure DHCPD chroot */
68	6955830f	Ermal Lu?i	$fd = fopen("{$g['tmp_path']}/dhcpd.sh","w");
69	1d023e00	Scott Ullrich	$status = `mount \| grep "{$g['dhcpd_chroot_path']}/dev"`;
70			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
71			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
72			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
73			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
74			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
75	ffdc499a	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n");
76	1d023e00	Scott Ullrich	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
77			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
78			fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
79			fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
80	aa1f476d	Scott Ullrich	fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
81	1d023e00	Scott Ullrich	fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
82			fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
83	c7f44ae0	Scott Ullrich	if(!trim($status))
84	b5848422	Scott Ullrich	fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
85	68a0e4fc	Scott Ullrich	fclose($fd);
86	6955830f	Ermal Lu?i	mwexec("/bin/sh {$g['tmp_path']}/dhcpd.sh");
87	68a0e4fc	Scott Ullrich
88	381e43e0	jim-p	if ($g['booting']) {
89			if ($g['platform'] != "pfSense") {
90			/* restore the leases, if we have them */
91			if (file_exists("{$g['cf_conf_path']}/dhcpleases.tgz")) {
92			$dhcprestore = "";
93			$dhcpreturn = "";
94			exec("cd /;LANG=C /usr/bin/tar -xzf {$g['cf_conf_path']}/dhcpleases.tgz 2>&1", $dhcprestore, $dhcpreturn);
95			$dhcprestore = implode(" ", $dhcprestore);
96			if($dhcpreturn <> 0) {
97			log_error("DHCP leases restore failed exited with $dhcpreturn, the error is: $dhcprestore\n");
98			}
99			}
100			}
101			}
102
103	5b237745	Scott Ullrich	$syscfg = $config['system'];
104			$dhcpdcfg = $config['dhcpd'];
105	6f9b8073	Ermal Luçi	$Iflist = get_configured_interface_list();
106	15be1722	Ermal Luçi
107	5b237745	Scott Ullrich	if ($g['booting'])
108	f05740c1	Scott Ullrich	echo "Starting DHCP service...";
109	5b237745	Scott Ullrich	else
110			sleep(1);
111	a25183c5	Scott Ullrich
112	5b237745	Scott Ullrich	/* write dhcpd.conf */
113	1d023e00	Scott Ullrich	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
114	5b237745	Scott Ullrich	if (!$fd) {
115			printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
116			return 1;
117			}
118	a25183c5	Scott Ullrich
119	518030b3	Scott Ullrich	$custoptions = "";
120			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
121	c71f5fcd	Ermal	if(is_array($dhcpifconf['numberoptions']) && is_array($dhcpifconf['numberoptions']['item'])) {
122	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
123	678dfd0f	Erik Fonnesbeck	if(!empty($item['type']))
124			$itemtype = $item['type'];
125			else
126			$itemtype = "text";
127			$custoptions .= "option custom-{$dhcpif}-{$itemidx} code {$item['number']} = {$itemtype};\n";
128	518030b3	Scott Ullrich	}
129			}
130			}
131	4cab31d0	Scott Ullrich
132	5b237745	Scott Ullrich	$dhcpdconf = <<<EOD
133	9c88328f	Scott Ullrich
134	5b237745	Scott Ullrich	option domain-name "{$syscfg['domain']}";
135	6c23757b	Martin Fuchs	option ldap-server code 95 = text;
136	9be23653	Martin Fuchs	option domain-search-list code 119 = text;
137	518030b3	Scott Ullrich	{$custoptions}
138	5b237745	Scott Ullrich	default-lease-time 7200;
139			max-lease-time 86400;
140			log-facility local7;
141			ddns-update-style none;
142	175fe82b	Scott Ullrich	one-lease-per-client true;
143	436a0f50	Scott Ullrich	deny duplicates;
144	9c88328f	Scott Ullrich	ping-check true;
145	5b237745	Scott Ullrich
146			EOD;
147	a25183c5	Scott Ullrich
148	d8912c6b	Chris Buechler	if(!isset($dhcpifconf['disableauthoritative']))
149			$dhcpdconf .= "authoritative;\n";
150
151	5252b98d	Scott Ullrich	if(isset($dhcpifconf['alwaysbroadcast']))
152			$dhcpdconf .= "always-broadcast on\n";
153
154	5b237745	Scott Ullrich	$dhcpdifs = array();
155	c7f44ae0	Scott Ullrich
156	4494cf6a	Chris Buechler	/* loop through and determine if we need to setup
157	8fa56d1f	Scott Ullrich	* failover peer "bleh" entries
158			*/
159			$dhcpnum = 0;
160			foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
161	53f32329	Scott Ullrich
162	09f11c71	jim-p	interfaces_staticarp_configure($dhcpif);
163
164	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']))
165			continue;
166
167	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
168	85b13495	jim-p	$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
169			$intip = find_interface_ip($int);
170			$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
171	8fa56d1f	Scott Ullrich	/*
172			* yep, failover peer is defined.
173			* does it match up to a defined vip?
174			*/
175	d2edbd8a	Scott Ullrich	$skew = 110;
176	2d314e69	Scott Ullrich	$a_vip = &$config['virtualip']['vip'];
177	6181b36f	Scott Ullrich	if(is_array($a_vip)) {
178			foreach ($a_vip as $vipent) {
179			if($int == $real_dhcpif) {
180			/* this is the interface! */
181	ad487c48	jim-p	if(is_numeric($vipent['advskew']) && ($vipent['advskew'] < "20"))
182	6181b36f	Scott Ullrich	$skew = 0;
183			}
184	8fa56d1f	Scott Ullrich	}
185	25066204	Scott Ullrich	} else {
186			log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!");
187	8fa56d1f	Scott Ullrich	}
188	5e390f54	Scott Ullrich	if($skew > 10) {
189	8fa56d1f	Scott Ullrich	$type = "secondary";
190	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "mclt 600;\n";
191	0e93097a	Scott Ullrich	$my_port = "520";
192			$peer_port = "519";
193	8fa56d1f	Scott Ullrich	} else {
194	0e93097a	Scott Ullrich	$my_port = "519";
195			$peer_port = "520";
196	8fa56d1f	Scott Ullrich	$type = "primary";
197	4d3ff974	Scott Ullrich	$dhcpdconf_pri = "split 128;\n";
198	1a0bb737	Scott Ullrich	$dhcpdconf_pri .= " mclt 600;\n";
199	8fa56d1f	Scott Ullrich	}
200			$dhcpdconf .= <<<EOPP
201	c7f44ae0	Scott Ullrich	failover peer "dhcp{$dhcpnum}" {
202	8fa56d1f	Scott Ullrich	{$type};
203			address {$intip};
204	0e93097a	Scott Ullrich	port {$my_port};
205	8fa56d1f	Scott Ullrich	peer address {$dhcpifconf['failover_peerip']};
206	0e93097a	Scott Ullrich	peer port {$peer_port};
207	2cd5ce14	Scott Ullrich	max-response-delay 10;
208	b865d178	Scott Ullrich	max-unacked-updates 10;
209			{$dhcpdconf_pri}
210	b259d1c6	Scott Ullrich	load balance max seconds 3;
211	8fa56d1f	Scott Ullrich	}
212	c286d395	Scott Ullrich
213	8fa56d1f	Scott Ullrich	EOPP;
214			$dhcpnum++;
215			}
216			}
217
218			$dhcpnum = 0;
219
220	5b237745	Scott Ullrich	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
221	a25183c5	Scott Ullrich
222	5b237745	Scott Ullrich	$ifcfg = $config['interfaces'][$dhcpif];
223	a25183c5	Scott Ullrich
224	6f9b8073	Ermal Luçi	if (!isset($dhcpifconf['enable']) \|\| !isset($Iflist[$dhcpif]))
225	5b237745	Scott Ullrich	continue;
226	a55e9c70	Ermal Lu?i	$ifcfgip = get_interface_ip($dhcpif);
227			$ifcfgsn = get_interface_subnet($dhcpif);
228			$subnet = gen_subnet($ifcfgip, $ifcfgsn);
229			$subnetmask = gen_subnet_mask($ifcfgsn);
230	a25183c5	Scott Ullrich
231	48ab0cd2	Scott Ullrich	if($is_olsr_enabled == true)
232	c7f44ae0	Scott Ullrich	if($dhcpifconf['netmask'])
233	9a537862	Scott Ullrich	$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
234	48ab0cd2	Scott Ullrich
235	5b237745	Scott Ullrich	$dnscfg = "";
236	a25183c5	Scott Ullrich
237	5b237745	Scott Ullrich	if ($dhcpifconf['domain']) {
238			$dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n";
239			}
240	9be23653	Martin Fuchs
241	6f9b8073	Ermal Luçi	if($dhcpifconf['domainsearchlist'] <> "") {
242	9be23653	Martin Fuchs	$dnscfg .= " option domain-search-list \"{$dhcpifconf['domainsearchlist']}\";\n";
243	6f9b8073	Ermal Luçi	}
244	9be23653	Martin Fuchs
245	4e9cd828	Seth Mos	if (isset($dhcpifconf['ddnsupdate'])) {
246			if($dhcpifconf['ddnsdomain'] <> "") {
247			$dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
248			}
249			$dnscfg .= " ddns-update-style interim;\n";
250			}
251
252	aff9d6ab	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
253	8ee01642	Scott Ullrich	$dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
254	aff9d6ab	Scott Ullrich	} else if (isset($config['dnsmasq']['enable'])) {
255	a55e9c70	Ermal Lu?i	$dnscfg .= " option domain-name-servers {$ifcfgip};";
256	aff9d6ab	Scott Ullrich	} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
257			$dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
258			}
259
260			$dhcpdconf .= "subnet $subnet netmask $subnetmask {\n";
261			$dhcpdconf .= " pool {\n";
262
263	2589c9bd	Scott Ullrich	/* is failover dns setup? */
264	698f5500	Scott Ullrich	if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
265	aff9d6ab	Scott Ullrich	$dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
266	698f5500	Scott Ullrich	if($dhcpifconf['dnsserver'][1] <> "")
267			$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
268	e35dfd89	Scott Ullrich	$dhcpdconf .= ";\n";
269	5b237745	Scott Ullrich	}
270	c7f44ae0	Scott Ullrich
271			if($dhcpifconf['failover_peerip'] <> "")
272	aff9d6ab	Scott Ullrich	$dhcpdconf .= " deny dynamic bootp clients;\n";
273	c7f44ae0	Scott Ullrich
274	a25183c5	Scott Ullrich	if (isset($dhcpifconf['denyunknown']))
275	5b237745	Scott Ullrich	$dhcpdconf .= " deny unknown clients;\n";
276	a25183c5	Scott Ullrich
277	5b237745	Scott Ullrich	if ($dhcpifconf['gateway'])
278			$routers = $dhcpifconf['gateway'];
279			else
280	a55e9c70	Ermal Lu?i	$routers = $ifcfgip;
281	a25183c5	Scott Ullrich
282	8fa56d1f	Scott Ullrich	if($dhcpifconf['failover_peerip'] <> "") {
283			$dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n";
284			$dhcpnum++;
285			}
286
287	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
288			range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
289			}
290			option routers {$routers};
291			$dnscfg
292
293			EOD;
294	9be23653	Martin Fuchs
295	518030b3	Scott Ullrich	// default-lease-time
296			if ($dhcpifconf['defaultleasetime'])
297	5b237745	Scott Ullrich	$dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n";
298	518030b3	Scott Ullrich
299			// max-lease-time
300	5b237745	Scott Ullrich	if ($dhcpifconf['maxleasetime'])
301			$dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n";
302	a25183c5	Scott Ullrich
303	518030b3	Scott Ullrich	// netbios-name*
304	5b237745	Scott Ullrich	if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
305			$dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
306			$dhcpdconf .= " option netbios-node-type 8;\n";
307			}
308	a25183c5	Scott Ullrich
309	518030b3	Scott Ullrich	// ntp-servers
310	ad171999	Seth Mos	if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
311			$dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
312
313	518030b3	Scott Ullrich	// tftp-server-name
314	ee1b024e	Martin Fuchs	if ($dhcpifconf['tftp'] <> "")
315	6c23757b	Martin Fuchs	$dhcpdconf .= " option tftp-server-name \"{$dhcpifconf['tftp']}\";\n";
316
317	518030b3	Scott Ullrich	// Handle option, number rowhelper values
318			$dhcpdconf .= "\n";
319			if($dhcpifconf['numberoptions']['item']) {
320	5ac2f583	Ermal	foreach($dhcpifconf['numberoptions']['item'] as $itemidx => $item) {
321	678dfd0f	Erik Fonnesbeck	if(empty($item['type']) \|\| $item['type'] == "text")
322			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} \"{$item['value']}\";\n";
323			else
324			$dhcpdconf .= " option custom-{$dhcpif}-{$itemidx} {$item['value']};\n";
325	518030b3	Scott Ullrich	}
326			}
327
328			// ldap-server
329			if ($dhcpifconf['ldap'] <> "")
330	6c23757b	Martin Fuchs	$dhcpdconf .= " option ldap-server \"{$dhcpifconf['ldap']}\";\n";
331
332	518030b3	Scott Ullrich	// net boot information
333	4e9cd828	Seth Mos	if(isset($dhcpifconf['netboot'])) {
334			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
335			$dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n";
336			$dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n";
337			}
338	ca126e03	Martin Fuchs	if ($dhcpifconf['rootpath'] <> "") {
339			$dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n";
340	518030b3	Scott Ullrich	}
341	4e9cd828	Seth Mos	}
342	ee1b024e	Martin Fuchs
343	5b237745	Scott Ullrich	$dhcpdconf .= <<<EOD
344			}
345
346			EOD;
347
348			/* add static mappings */
349			if (is_array($dhcpifconf['staticmap'])) {
350	a25183c5	Scott Ullrich
351	5b237745	Scott Ullrich	$i = 0;
352			foreach ($dhcpifconf['staticmap'] as $sm) {
353			$dhcpdconf .= <<<EOD
354			host s_{$dhcpif}_{$i} {
355			hardware ethernet {$sm['mac']};
356
357			EOD;
358			if ($sm['ipaddr'])
359			$dhcpdconf .= " fixed-address {$sm['ipaddr']};\n";
360	a25183c5	Scott Ullrich
361	ad30055f	Ermal Lu?i	if ($sm['hostname']) {
362			$dhhostname = str_replace(" ", "_", $sm['hostname']);
363	46c5b763	pierrepomes	$dhhostname = str_replace(".", "_", $dhhostname);
364	ad30055f	Ermal Lu?i	$dhcpdconf .= " option host-name {$dhhostname};\n";
365			}
366	d6d50244	Ermal	if ($sm['netbootfile'])
367			$dhcpdconf .= " filename \"{$sm['netbootfile']}\";\n";
368	80717709	Martin Fuchs
369	5b237745	Scott Ullrich	$dhcpdconf .= "}\n";
370			$i++;
371			}
372			}
373	a25183c5	Scott Ullrich
374	6f9b8073	Ermal Luçi	$dhcpdifs[] = get_real_interface($dhcpif);
375	5b237745	Scott Ullrich	}
376
377			fwrite($fd, $dhcpdconf);
378			fclose($fd);
379
380			/* create an empty leases database */
381	1d023e00	Scott Ullrich	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
382	d8c3d46e	Scott Ullrich	touch("{$g['varrun_path']}/dhcpd.pid");
383
384	a25183c5	Scott Ullrich
385	68a0e4fc	Scott Ullrich	/* fire up dhcpd in a chroot */
386	de651e21	smos	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf /etc/dhcpd.conf " .
387	5b237745	Scott Ullrich	join(" ", $dhcpdifs));
388	a25183c5	Scott Ullrich
389	fc6b5a4d	Scott Ullrich	if ($g['booting']) {
390	68a0e4fc	Scott Ullrich	print "done.\n";
391	5c6d0f65	Colin Smith	}
392	a25183c5	Scott Ullrich
393	5b237745	Scott Ullrich	return 0;
394			}
395
396	41997fbb	Ermal Luci	function services_igmpproxy_configure() {
397			global $config, $g;
398
399			$iflist = get_configured_interface_list();
400
401			/* kill any running igmpproxy */
402			killbyname("igmpproxy");
403
404			if (!is_array($config['igmpproxy']['igmpentry']))
405			return 1;
406
407			$igmpconf = <<<EOD
408
409			##------------------------------------------------------
410			## Enable Quickleave mode (Sends Leave instantly)
411			##------------------------------------------------------
412			quickleave
413
414			EOD;
415
416			foreach ($config['igmpproxy']['igmpentry'] as $igmpcf) {
417			unset($iflist[$igmpcf['ifname']]);
418			$realif = get_real_interface($igmpcf['ifname']);
419			if (empty($igmpcf['threshold']))
420			$threshld = 1;
421			else
422			$threshld = $igmpcf['threshold'];
423			$igmpconf .= "phyint {$realif} {$igmpcf['type']} ratelimit 0 threshold {$threshld}\n";
424
425			if ($igmpcf['address'] <> "") {
426			$item = explode(" ", $igmpcf['address']);
427			foreach($item as $iww)
428			$igmpconf .= "altnet {$iww}\n";
429			}
430			$igmpconf .= "\n";
431			}
432			foreach ($iflist as $ifn) {
433			$realif = get_real_interface($ifn);
434			$igmpconf .= "phyint {$realif} disabled\n";
435			}
436
437			$igmpfl = fopen($g['tmp_path'] . "/igmpproxy.conf", "w");
438			if (!$igmpfl) {
439			log_error("Could not write Igmpproxy configuration file!");
440			return;
441			}
442			fwrite($igmpfl, $igmpconf);
443			fclose($igmpfl);
444
445			mwexec("/usr/local/sbin/igmpproxy -c " . $g['tmp_path'] . "/igmpproxy.conf");
446			log_error("Started Igmpproxy service sucsesfully.");
447
448			return 0;
449			}
450
451	80933129	Bill Marquette	function interfaces_staticarp_configure($if) {
452	f19d3b7a	Scott Ullrich	global $config, $g;
453	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
454	acd910bf	Scott Ullrich	$mt = microtime();
455	dcf0598e	Scott Ullrich	echo "interfaces_staticarp_configure($if) being called $mt\n";
456	acd910bf	Scott Ullrich	}
457	c7f44ae0	Scott Ullrich
458	80933129	Bill Marquette	$ifcfg = $config['interfaces'][$if];
459	5c0538e0	Bill Marquette
460	beeafd46	jim-p	if (empty($if) \|\| empty($ifcfg['if']))
461			return 0;
462
463	5c0538e0	Bill Marquette	/* Enable staticarp, if enabled */
464	80933129	Bill Marquette	if(isset($config['dhcpd'][$if]['staticarp'])) {
465			mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
466	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
467	80933129	Bill Marquette	if (is_array($config['dhcpd'][$if]['staticmap'])) {
468	5c0538e0	Bill Marquette
469	80933129	Bill Marquette	foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
470	5c0538e0	Bill Marquette	mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
471
472			}
473	c7f44ae0	Scott Ullrich
474	5c0538e0	Bill Marquette	}
475			} else {
476	80933129	Bill Marquette	mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
477	7ea8e45d	jim-p	mwexec("/usr/sbin/arp -d -i " . escapeshellarg($ifcfg['if']) . " -a > /dev/null 2>&1 ");
478	5c0538e0	Bill Marquette	}
479
480			return 0;
481			}
482
483	5b237745	Scott Ullrich	function services_dhcrelay_configure() {
484	f19d3b7a	Scott Ullrich	global $config, $g;
485	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
486	acd910bf	Scott Ullrich	$mt = microtime();
487	f19d3b7a	Scott Ullrich	echo "services_dhcrelay_configure() being called $mt\n";
488	acd910bf	Scott Ullrich	}
489	a25183c5	Scott Ullrich
490	5b237745	Scott Ullrich	/* kill any running dhcrelay */
491			killbypid("{$g['varrun_path']}/dhcrelay.pid");
492	a25183c5	Scott Ullrich
493	2f06cc3f	Ermal	$dhcrelaycfg =& $config['dhcrelay'];
494	a25183c5	Scott Ullrich
495	5b237745	Scott Ullrich	/* DHCPRelay enabled on any interfaces? */
496	2f06cc3f	Ermal	if (!isset($dhcrelaycfg['enable']))
497	5b237745	Scott Ullrich	return 0;
498	a25183c5	Scott Ullrich
499	5b237745	Scott Ullrich	if ($g['booting'])
500	f05740c1	Scott Ullrich	echo "Starting DHCP relay service...";
501	5b237745	Scott Ullrich	else
502			sleep(1);
503	a25183c5	Scott Ullrich
504	2f06cc3f	Ermal	$iflist = get_configured_interface_list();
505	a25183c5	Scott Ullrich
506	2f06cc3f	Ermal	$dhcifaces = explode(",", $dhcrelaycfg['interface']);
507			foreach ($dhcifaces as $dhcrelayif) {
508			if (!isset($iflist[$dhcrelayif]) \|\|
509			link_interface_to_bridge($dhcrelayif))
510	5b237745	Scott Ullrich	continue;
511	a25183c5	Scott Ullrich
512	2f06cc3f	Ermal	if (is_ipaddr(get_interface_ip($dhcrelayif)))
513			$dhcrelayifs[] = get_real_interface($dhcrelayif);
514	5b237745	Scott Ullrich	}
515
516	2f06cc3f	Ermal	/*
517			* In order for the relay to work, it needs to be active
518			* on the interface in which the destination server sits.
519			*/
520			$srvips = explode(",", $dhcrelaycfg['server']);
521			foreach ($srvips as $srcidx => $srvip) {
522			unset($destif);
523			foreach ($iflist as $ifname) {
524			$subnet = get_interface_ip($ifname);
525			if (!is_ipaddr($subnet))
526			continue;
527			$subnet .= "/" . get_interface_subnet($ifname);
528			if (ip_in_subnet($srvip, $subnet)) {
529			$destif = get_real_interface($ifname);
530			break;
531			}
532	6f9b154b	Ermal	}
533	2f06cc3f	Ermal	if (!isset($destif)) {
534			if (is_array($config['staticroutes']['route'])) {
535			foreach ($config['staticroutes']['route'] as $rtent) {
536			if (ip_in_subnet($srvip, $rtent['network'])) {
537			$a_gateways = return_gateways_array(true);
538			$destif = $a_gateways[$rtent['gateway']]['interface'];
539			break;
540			}
541	6f9b154b	Ermal	}
542			}
543			}
544	a25183c5	Scott Ullrich
545	2f06cc3f	Ermal	if (!isset($destif)) {
546			/* Create a array from the existing route table */
547			exec("/usr/bin/netstat -rnWf inet", $route_str);
548			array_shift($route_str);
549			array_shift($route_str);
550			array_shift($route_str);
551			array_shift($route_str);
552			$route_arr = array();
553			foreach($route_str as $routeline) {
554			$items = preg_split("/[ ]+/i", $routeline);
555			if (ip_in_subnet($srvip, $items[0])) {
556			$destif = trim($items[2]);
557	c935eb77	Ermal	break;
558	2f06cc3f	Ermal	}
559			}
560			}
561
562			if (!isset($destif)) {
563			if (is_array($config['gateways']['gateway_item'])) {
564			foreach ($config['gateways']['gateway_item'] as $gateway) {
565			if (isset($gateway['defaultgw'])) {
566			$a_gateways = return_gateways_array(true);
567			$destif = $a_gateways[$rtent['gateway']]['interface'];
568			break;
569			}
570			}
571			} else
572			$destif = get_real_interface("wan");
573			}
574	a25183c5	Scott Ullrich
575	24997966	Ermal	if (!empty($destif))
576			$dhcrelayifs[] = $destif;
577	2f06cc3f	Ermal	}
578	5b237745	Scott Ullrich	$dhcrelayifs = array_unique($dhcrelayifs);
579
580			/* fire up dhcrelay */
581	24997966	Ermal	if (empty($dhcrelayifs)) {
582	5a171fb7	Warren Baker	log_error("No suitable interface found for running dhcrelay!");
583	24997966	Ermal	return; /* XXX */
584			}
585
586			$cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);
587	5b237745	Scott Ullrich
588	a25183c5	Scott Ullrich	if (isset($dhcrelaycfg['agentoption']))
589	5b237745	Scott Ullrich	$cmd .= " -a -m replace";
590
591	2f06cc3f	Ermal	$cmd .= " " . implode(" ", $srvips);
592	5b237745	Scott Ullrich	mwexec($cmd);
593	a25183c5	Scott Ullrich
594	5b237745	Scott Ullrich	return 0;
595			}
596
597	181d7c95	Ermal Luçi	function services_dyndns_configure_client($conf) {
598
599	d2946062	Ermal	if (!isset($conf['enable']))
600	65996399	Ermal	return;
601	d2946062	Ermal
602	181d7c95	Ermal Luçi	/* load up the dyndns.class */
603			require_once("dyndns.class");
604
605			log_error("DynDns: Running updatedns()");
606
607			$dns = new updatedns($dnsService = $conf['type'],
608			$dnsHost = $conf['host'],
609			$dnsUser = $conf['username'],
610			$dnsPass = $conf['password'],
611			$dnsWilcard = $conf['wildcard'],
612	9c38bcea	sullrich	$dnsMX = $conf['mx'],
613			$dnsIf = "{$conf['interface']}");
614	181d7c95	Ermal Luçi	}
615
616	0be93267	Ermal Lu?i	function services_dyndns_configure($int = "") {
617	f19d3b7a	Scott Ullrich	global $config, $g;
618	59a63553	Scott Ullrich	if(isset($config['system']['developerspew'])) {
619			$mt = microtime();
620			echo "services_dyndns_configure() being called $mt\n";
621			}
622
623	67ee1ec5	Ermal Luçi	$dyndnscfg = $config['dyndnses']['dyndns'];
624
625			if (is_array($dyndnscfg)) {
626	181d7c95	Ermal Luçi	if ($g['booting'])
627			echo "Starting DynDNS clients...";
628
629	67ee1ec5	Ermal Luçi	foreach ($dyndnscfg as $dyndns) {
630	0be93267	Ermal Lu?i	if (!empty($int) && $int != $dyndns['interface'])
631			continue;
632
633	181d7c95	Ermal Luçi	services_dyndns_configure_client($dyndns);
634	67ee1ec5	Ermal Luçi
635	181d7c95	Ermal Luçi	sleep(1);
636	67ee1ec5	Ermal Luçi	}
637	59a63553	Scott Ullrich
638			if ($g['booting'])
639			echo "done.\n";
640			}
641
642			return 0;
643			}
644
645	5b237745	Scott Ullrich	function services_dnsmasq_configure() {
646	f19d3b7a	Scott Ullrich	global $config, $g;
647	6a01ea44	Bill Marquette	$return = 0;
648
649	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
650	acd910bf	Scott Ullrich	$mt = microtime();
651	f19d3b7a	Scott Ullrich	echo "services_dnsmasq_configure() being called $mt\n";
652	acd910bf	Scott Ullrich	}
653
654	5b237745	Scott Ullrich	/* kill any running dnsmasq */
655			sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
656
657			if (isset($config['dnsmasq']['enable'])) {
658	a25183c5	Scott Ullrich
659	5b237745	Scott Ullrich	if ($g['booting'])
660	f05740c1	Scott Ullrich	echo "Starting DNS forwarder...";
661	5b237745	Scott Ullrich	else
662			sleep(1);
663
664			/* generate hosts file */
665	6a01ea44	Bill Marquette	if(system_hosts_generate()!=0)
666			$return = 1;
667	a25183c5	Scott Ullrich
668	5b237745	Scott Ullrich	$args = "";
669	a25183c5	Scott Ullrich
670	0261381a	Ermal	if (isset($config['dnsmasq']['regdhcp'])) {
671			$args .= " --dhcp-hostsfile={$g['varetc_path']}/hosts ";
672			}
673	2c46f11f	Scott Ullrich
674			/* Setup forwarded domains */
675	739b97d9	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
676			foreach($config['dnsmasq']['domainoverrides'] as $override) {
677			$args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
678			}
679			}
680	0c2b5df7	Scott Ullrich
681	2c46f11f	Scott Ullrich	/* Allow DNS Rebind for forwarded domains */
682	29721fe6	Scott Ullrich	if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
683	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
684			foreach($config['dnsmasq']['domainoverrides'] as $override) {
685			$args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
686			}
687	2c46f11f	Scott Ullrich	}
688			}
689	91adc5c1	Scott Ullrich
690	30d20e7d	Scott Ullrich	if(!isset($config['system']['webgui']['nodnsrebindcheck']))
691			$dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
692
693	5b237745	Scott Ullrich	/* run dnsmasq */
694	30d20e7d	Scott Ullrich	mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
695	5b237745	Scott Ullrich
696			if ($g['booting'])
697	5c6d0f65	Colin Smith	echo "done.\n";
698	5b237745	Scott Ullrich	}
699	a25183c5	Scott Ullrich
700	5b237745	Scott Ullrich	if (!$g['booting']) {
701	6a01ea44	Bill Marquette	if(services_dhcpd_configure()!=0)
702			$return = 1;
703	5b237745	Scott Ullrich	}
704
705	6a01ea44	Bill Marquette	return $return;
706	5b237745	Scott Ullrich	}
707
708			function services_snmpd_configure() {
709	f19d3b7a	Scott Ullrich	global $config, $g;
710	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
711	acd910bf	Scott Ullrich	$mt = microtime();
712	f19d3b7a	Scott Ullrich	echo "services_snmpd_configure() being called $mt\n";
713			}
714	5b237745	Scott Ullrich
715			/* kill any running snmpd */
716			sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
717	dd18038e	Ermal	sleep(2);
718	bc95f193	Scott Ullrich	if(is_process_running("bsnmpd"))
719	a976fa82	Scott Ullrich	mwexec("/usr/bin/killall bsnmpd", true);
720	5b237745	Scott Ullrich
721			if (isset($config['snmpd']['enable'])) {
722	a25183c5	Scott Ullrich
723	5b237745	Scott Ullrich	if ($g['booting'])
724	5c6d0f65	Colin Smith	echo "Starting SNMP daemon... ";
725	5b237745	Scott Ullrich
726			/* generate snmpd.conf */
727			$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
728			if (!$fd) {
729			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
730			return 1;
731			}
732	a25183c5	Scott Ullrich
733	142da8f7	John Fleming
734	5b237745	Scott Ullrich	$snmpdconf = <<<EOD
735	d47a8a69	Scott Ullrich	location := "{$config['snmpd']['syslocation']}"
736			contact := "{$config['snmpd']['syscontact']}"
737			read := "{$config['snmpd']['rocommunity']}"
738	142da8f7	John Fleming
739			EOD;
740
741			/* No docs on what write strings do there for disable for now.
742			if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
743			$snmpdconf .= <<<EOD
744			# write string
745			write := "{$config['snmpd']['rwcommunity']}"
746
747			EOD;
748			}
749			*/
750
751
752			if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
753			$snmpdconf .= <<<EOD
754			# SNMP Trap support.
755	dbeeb008	John Fleming	traphost := {$config['snmpd']['trapserver']}
756			trapport := {$config['snmpd']['trapserverport']}
757			trap := "{$config['snmpd']['trapstring']}"
758	142da8f7	John Fleming
759
760			EOD;
761			}
762
763
764			$snmpdconf .= <<<EOD
765	d47a8a69	Scott Ullrich	system := 1 # pfSense
766			%snmpd
767			begemotSnmpdDebugDumpPdus = 2
768			begemotSnmpdDebugSyslogPri = 7
769			begemotSnmpdCommunityString.0.1 = $(read)
770	142da8f7	John Fleming
771			EOD;
772
773			/* No docs on what write strings do there for disable for now.
774			if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
775			$snmpdconf .= <<<EOD
776			begemotSnmpdCommunityString.0.2 = $(write)
777
778			EOD;
779			}
780			*/
781
782	c7f44ae0	Scott Ullrich
783	142da8f7	John Fleming	if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
784			$snmpdconf .= <<<EOD
785			begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
786			begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
787			begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
788
789			EOD;
790			}
791
792
793			$snmpdconf .= <<<EOD
794	d47a8a69	Scott Ullrich	begemotSnmpdCommunityDisable = 1
795	03ba7a0f	John Fleming
796			EOD;
797
798	7cbad422	Scott Ullrich	if(isset($config['snmpd']['bindlan'])) {
799	a55e9c70	Ermal Lu?i	$bind_to_ip = get_interface_ip("lan");
800	7cbad422	Scott Ullrich	} else {
801			$bind_to_ip = "0.0.0.0";
802			}
803
804	03ba7a0f	John Fleming	if(is_port( $config['snmpd']['pollport'] )) {
805			$snmpdconf .= <<<EOD
806	7cbad422	Scott Ullrich	begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
807	03ba7a0f	John Fleming
808			EOD;
809
810			}
811
812			$snmpdconf .= <<<EOD
813	d47a8a69	Scott Ullrich	begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
814			begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
815	142da8f7	John Fleming
816	03ba7a0f	John Fleming	# These are bsnmp macros not php vars.
817	9cc8c59e	Scott Ullrich	sysContact = $(contact)
818			sysLocation = $(location)
819			sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
820	142da8f7	John Fleming
821	d47a8a69	Scott Ullrich	snmpEnableAuthenTraps = 2
822	03ba7a0f	John Fleming
823			EOD;
824
825			if (is_array( $config['snmpd']['modules'] )) {
826			if(isset($config['snmpd']['modules']['mibii'])) {
827			$snmpdconf .= <<<EOD
828	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so"
829	03ba7a0f	John Fleming
830			EOD;
831			}
832
833			if(isset($config['snmpd']['modules']['netgraph'])) {
834			$snmpdconf .= <<<EOD
835	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
836			%netgraph
837			begemotNgControlNodeName = "snmpd"
838	03ba7a0f	John Fleming
839			EOD;
840			}
841
842			if(isset($config['snmpd']['modules']['pf'])) {
843			$snmpdconf .= <<<EOD
844	d47a8a69	Scott Ullrich	begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
845	95fb49e8	Seth Mos
846			EOD;
847			}
848
849			if(isset($config['snmpd']['modules']['hostres'])) {
850			$snmpdconf .= <<<EOD
851			begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
852
853			EOD;
854			}
855			if(isset($config['snmpd']['modules']['bridge'])) {
856			$snmpdconf .= <<<EOD
857			begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
858	d47a8a69	Scott Ullrich	# config must end with blank line
859	5b237745	Scott Ullrich
860	03ba7a0f	John Fleming
861	5b237745	Scott Ullrich	EOD;
862	03ba7a0f	John Fleming	}
863			}
864	5b237745	Scott Ullrich
865			fwrite($fd, $snmpdconf);
866			fclose($fd);
867
868	7cbad422	Scott Ullrich	if (isset($config['snmpd']['bindlan'])) {
869			$bindlan = "";
870			}
871
872	853e003a	Scott Ullrich	/* run bsnmpd */
873			mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
874	7cbad422	Scott Ullrich	"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
875	5b237745	Scott Ullrich
876			if ($g['booting'])
877	5c6d0f65	Colin Smith	echo "done.\n";
878	5b237745	Scott Ullrich	}
879
880			return 0;
881			}
882
883	2ec2a374	Ermal Lu?i	function services_dnsupdate_process($int = "") {
884	f19d3b7a	Scott Ullrich	global $config, $g;
885	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
886	acd910bf	Scott Ullrich	$mt = microtime();
887	f19d3b7a	Scott Ullrich	echo "services_dnsupdate_process() being called $mt\n";
888	acd910bf	Scott Ullrich	}
889	f19d3b7a	Scott Ullrich
890	a23d7248	Scott Ullrich	/* Dynamic DNS updating active? */
891	67ee1ec5	Ermal Luçi	if (is_array($config['dnsupdates']['dnsupdate'])) {
892			foreach ($config['dnsupdates']['dnsupdate'] as $i => $dnsupdate) {
893	26586f7a	Ermal Lu?i	if (!isset($dnsupdate['enable']))
894	2ec2a374	Ermal Lu?i	continue;
895	26586f7a	Ermal Lu?i	if (!empty($int) && $int != $dnsupdate['interface'])
896	67ee1ec5	Ermal Luçi	continue;
897
898	2ec2a374	Ermal Lu?i	/* determine interface name */
899	26586f7a	Ermal Lu?i	$if = get_real_interface($dnsupdate['interface']);
900			$wanip = get_interface_ip($dnsupdate['interface']);
901	67ee1ec5	Ermal Luçi	if ($wanip) {
902
903			$keyname = $dnsupdate['keyname'];
904			/* trailing dot */
905			if (substr($keyname, -1) != ".")
906			$keyname .= ".";
907
908			$hostname = $dnsupdate['host'];
909			/* trailing dot */
910			if (substr($hostname, -1) != ".")
911			$hostname .= ".";
912
913			/* write private key file
914			this is dumb - public and private keys are the same for HMAC-MD5,
915			but nsupdate insists on having both */
916			$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.private", "w");
917			$privkey .= <<<EOD
918	a23d7248	Scott Ullrich	Private-key-format: v1.2
919			Algorithm: 157 (HMAC)
920	67ee1ec5	Ermal Luçi	Key: {$dnsupdate['keydata']}
921	a23d7248	Scott Ullrich
922			EOD;
923	67ee1ec5	Ermal Luçi	fwrite($fd, $privkey);
924			fclose($fd);
925
926			/* write public key file */
927			if ($dnsupdate['keytype'] == "zone") {
928			$flags = 257;
929			$proto = 3;
930			} else if ($dnsupdate['keytype'] == "host") {
931			$flags = 513;
932			$proto = 3;
933			} else if ($dnsupdate['keytype'] == "user") {
934			$flags = 0;
935			$proto = 2;
936			}
937	c7f44ae0	Scott Ullrich
938	26586f7a	Ermal Lu?i	$fd = fopen("{$g['varetc_path']}/K{$i}{$keyname}+157+00000.key", "w");
939	67ee1ec5	Ermal Luçi	fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$dnsupdate['keydata']}\n");
940			fclose($fd);
941
942			/* generate update instructions */
943			$upinst = "";
944			if (!empty($dnsupdate['server']))
945			$upinst .= "server {$dnsupdate['server']}\n";
946			$upinst .= "update delete {$dnsupdate['host']} A\n";
947			$upinst .= "update add {$dnsupdate['host']} {$dnsupdate['ttl']} A {$wanip}\n";
948			$upinst .= "\n"; /* mind that trailing newline! */
949
950			$fd = fopen("{$g['varetc_path']}/nsupdatecmds{$i}", "w");
951			fwrite($fd, $upinst);
952			fclose($fd);
953
954			/* invoke nsupdate */
955	f6d0ad0f	Chris Buechler	$cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$i}{$keyname}+157+00000.key";
956	67ee1ec5	Ermal Luçi	if (isset($dnsupdate['usetcp']))
957			$cmd .= " -v";
958			$cmd .= " {$g['varetc_path']}/nsupdatecmds{$i}";
959
960			mwexec_bg($cmd);
961			}
962	a23d7248	Scott Ullrich	}
963			}
964	c7f44ae0	Scott Ullrich
965	a23d7248	Scott Ullrich	return 0;
966	5b237745	Scott Ullrich	}
967
968	ac809adb	Scott Ullrich	function setup_wireless_olsr() {
969	f19d3b7a	Scott Ullrich	global $config, $g;
970	834c3bbd	Scott Ullrich	if(!$config['installedpackages']['olsrd'] \|\| !$config['installedpackages'])
971	c7f44ae0	Scott Ullrich	return;
972	58c7450e	Scott Ullrich	if(isset($config['system']['developerspew'])) {
973	acd910bf	Scott Ullrich	$mt = microtime();
974	f19d3b7a	Scott Ullrich	echo "setup_wireless_olsr($interface) being called $mt\n";
975	acd910bf	Scott Ullrich	}
976	eebeaf0d	Scott Ullrich	conf_mount_rw();
977	78e07da7	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
978	8fb40409	Scott Ullrich	$olsr_enable = $olsrd['enable'];
979			if($olsr_enable <> "on")
980	c7f44ae0	Scott Ullrich	return;
981	ac809adb	Scott Ullrich	$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
982	48ab0cd2	Scott Ullrich
983	dad93b75	Scott Ullrich	if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
984			$enableannounce .= "\nHna4\n";
985			$enableannounce .= "{\n";
986	bdd25a82	Scott Ullrich	if($olsrd['announcedynamicroute'])
987			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
988			if($olsrd['enableannounce'] == "on")
989			$enableannounce .= "0.0.0.0 0.0.0.0";
990	dad93b75	Scott Ullrich	$enableannounce .= "\n}\n";
991			} else {
992	48ab0cd2	Scott Ullrich	$enableannounce = "";
993	dad93b75	Scott Ullrich	}
994	48ab0cd2	Scott Ullrich
995	db5fbdb7	Scott Ullrich	$olsr .= <<<EODA
996	80ce93c6	Scott Ullrich	#
997			# olsr.org OLSR daemon config file
998			#
999			# Lines starting with a # are discarded
1000			#
1001	ac809adb	Scott Ullrich	# This file was generated by setup_wireless_olsr() in services.inc
1002	80ce93c6	Scott Ullrich	#
1003
1004	6d0433a5	Scott Ullrich	# This file is an example of a typical
1005			# configuration for a mostly static
1006			# network(regarding mobility) using
1007			# the LQ extention
1008
1009	80ce93c6	Scott Ullrich	# Debug level(0-9)
1010			# If set to 0 the daemon runs in the background
1011
1012	6d0433a5	Scott Ullrich	DebugLevel 2
1013	80ce93c6	Scott Ullrich
1014			# IP version to use (4 or 6)
1015
1016	6d0433a5	Scott Ullrich	IpVersion 4
1017	80ce93c6	Scott Ullrich
1018			# Clear the screen each time the internal state changes
1019
1020			ClearScreen yes
1021
1022	fa4a6253	Scott Ullrich	{$enableannounce}
1023	80ce93c6	Scott Ullrich
1024			# Should olsrd keep on running even if there are
1025			# no interfaces available? This is a good idea
1026			# for a PCMCIA/USB hotswap environment.
1027			# "yes" OR "no"
1028
1029	6d0433a5	Scott Ullrich	AllowNoInt yes
1030	80ce93c6	Scott Ullrich
1031			# TOS(type of service) value for
1032			# the IP header of control traffic.
1033			# If not set it will default to 16
1034
1035	6d0433a5	Scott Ullrich	#TosValue 16
1036	80ce93c6	Scott Ullrich
1037			# The fixed willingness to use(0-7)
1038			# If not set willingness will be calculated
1039			# dynamically based on battery/power status
1040			# if such information is available
1041
1042	6d0433a5	Scott Ullrich	#Willingness 4
1043	80ce93c6	Scott Ullrich
1044			# Allow processes like the GUI front-end
1045			# to connect to the daemon.
1046
1047			IpcConnect
1048			{
1049			# Determines how many simultaneously
1050			# IPC connections that will be allowed
1051			# Setting this to 0 disables IPC
1052
1053			MaxConnections 0
1054
1055			# By default only 127.0.0.1 is allowed
1056			# to connect. Here allowed hosts can
1057			# be added
1058
1059			Host 127.0.0.1
1060			#Host 10.0.0.5
1061
1062	c7f44ae0	Scott Ullrich	# You can also specify entire net-ranges
1063	80ce93c6	Scott Ullrich	# that are allowed to connect. Multiple
1064			# entries are allowed
1065
1066	c7f44ae0	Scott Ullrich	#Net 192.168.1.0 255.255.255.0
1067	80ce93c6	Scott Ullrich	}
1068
1069			# Wether to use hysteresis or not
1070			# Hysteresis adds more robustness to the
1071			# link sensing but delays neighbor registration.
1072			# Used by default. 'yes' or 'no'
1073
1074	6d0433a5	Scott Ullrich	UseHysteresis no
1075	80ce93c6	Scott Ullrich
1076			# Hysteresis parameters
1077	c7f44ae0	Scott Ullrich	# Do not alter these unless you know
1078	80ce93c6	Scott Ullrich	# what you are doing!
1079			# Set to auto by default. Allowed
1080			# values are floating point values
1081			# in the interval 0,1
1082			# THR_LOW must always be lower than
1083			# THR_HIGH.
1084
1085	6d0433a5	Scott Ullrich	#HystScaling 0.50
1086			#HystThrHigh 0.80
1087			#HystThrLow 0.30
1088	80ce93c6	Scott Ullrich
1089
1090			# Link quality level
1091			# 0 = do not use link quality
1092			# 1 = use link quality for MPR selection
1093			# 2 = use link quality for MPR selection and routing
1094			# Defaults to 0
1095
1096	11bc553c	Scott Ullrich	LinkQualityLevel {$olsrd['enablelqe']}
1097	80ce93c6	Scott Ullrich
1098			# Link quality window size
1099			# Defaults to 10
1100
1101	6d0433a5	Scott Ullrich	LinkQualityWinSize 10
1102	80ce93c6	Scott Ullrich
1103	c7f44ae0	Scott Ullrich	# Polling rate in seconds(float).
1104	80ce93c6	Scott Ullrich	# Default value 0.05 sec
1105
1106	6d0433a5	Scott Ullrich	Pollrate 0.05
1107	80ce93c6	Scott Ullrich
1108
1109			# TC redundancy
1110			# Specifies how much neighbor info should
1111			# be sent in TC messages
1112			# Possible values are:
1113			# 0 - only send MPR selectors
1114			# 1 - send MPR selectors and MPRs
1115			# 2 - send all neighbors
1116			#
1117			# defaults to 0
1118
1119	6d0433a5	Scott Ullrich	TcRedundancy 2
1120	80ce93c6	Scott Ullrich
1121			#
1122			# MPR coverage
1123			# Specifies how many MPRs a node should
1124			# try select to reach every 2 hop neighbor
1125			#
1126			# Can be set to any integer >0
1127			#
1128			# defaults to 1
1129
1130	6d0433a5	Scott Ullrich	MprCoverage 3
1131	80ce93c6	Scott Ullrich
1132	db5fbdb7	Scott Ullrich	# Example plugin entry with parameters:
1133	80ce93c6	Scott Ullrich
1134	db5fbdb7	Scott Ullrich	EODA;
1135	80ce93c6	Scott Ullrich
1136	1a2369f4	Scott Ullrich	if($olsrd['enablehttpinfo'] == "on") {
1137	db5fbdb7	Scott Ullrich	$olsr .= <<<EODB
1138
1139			LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
1140			{
1141	78e07da7	Scott Ullrich	PlParam "port" "{$olsrd['port']}"
1142			PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
1143	db5fbdb7	Scott Ullrich	}
1144	80ce93c6	Scott Ullrich
1145	db5fbdb7	Scott Ullrich	EODB;
1146
1147			}
1148
1149	aac0e00c	Scott Ullrich	if($olsrd['enabledsecure'] == "on") {
1150	db5fbdb7	Scott Ullrich	$olsr .= <<<EODC
1151
1152	e2894d7f	Scott Ullrich	LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
1153	db5fbdb7	Scott Ullrich	{
1154			PlParam "Keyfile" "/usr/local/etc/olsrkey.txt"
1155			}
1156	80ce93c6	Scott Ullrich
1157	db5fbdb7	Scott Ullrich	EODC;
1158
1159			}
1160
1161	1a2369f4	Scott Ullrich	if($olsrd['enabledyngw'] == "on") {
1162	10c6e7a8	Scott Ullrich
1163			/* unset default route, olsr auto negotiates */
1164			mwexec("/sbin/route delete default");
1165	c7f44ae0	Scott Ullrich
1166	db5fbdb7	Scott Ullrich	$olsr .= <<<EODE
1167
1168			LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
1169			{
1170			# how often to look for a inet gw, in seconds
1171			# defaults to 5 secs, if commented out
1172	78e07da7	Scott Ullrich	PlParam "Interval" "{$olsrd['polling']}"
1173	80ce93c6	Scott Ullrich
1174			# if one or more IPv4 addresses are given, do a ping on these in
1175			# descending order to validate that there is not only an entry in
1176			# routing table, but also a real internet connection. If any of
1177			# these addresses could be pinged successfully, the test was
1178			# succesful, i.e. if the ping on the 1st address was successful,the
1179			# 2nd won't be pinged
1180	78e07da7	Scott Ullrich	PlParam "Ping" "{$olsrd['ping']}"
1181	db5fbdb7	Scott Ullrich	#PlParam "HNA" "192.168.81.0 255.255.255.0"
1182			}
1183	80ce93c6	Scott Ullrich
1184	db5fbdb7	Scott Ullrich	EODE;
1185	80ce93c6	Scott Ullrich
1186	db5fbdb7	Scott Ullrich	}
1187	80ce93c6	Scott Ullrich
1188	a4904847	Scott Ullrich	foreach($config['installedpackages']['olsrd']['config'] as $conf) {
1189	c7f44ae0	Scott Ullrich	$interfaces = explode(',', $conf['iface_array']);
1190			foreach($interfaces as $interface) {
1191	015b7184	Scott Ullrich	$realinterface = convert_friendly_interface_to_real_interface_name($interface);
1192	c7f44ae0	Scott Ullrich	$olsr .= <<<EODAD
1193			Interface "{$realinterface}"
1194	80ce93c6	Scott Ullrich	{
1195
1196			# Hello interval in seconds(float)
1197	6d0433a5	Scott Ullrich	HelloInterval 2.0
1198	80ce93c6	Scott Ullrich
1199			# HELLO validity time
1200	6d0433a5	Scott Ullrich	HelloValidityTime 20.0
1201	80ce93c6	Scott Ullrich
1202			# TC interval in seconds(float)
1203	6d0433a5	Scott Ullrich	TcInterval 5.0
1204	80ce93c6	Scott Ullrich
1205			# TC validity time
1206	6d0433a5	Scott Ullrich	TcValidityTime 30.0
1207	80ce93c6	Scott Ullrich
1208			# MID interval in seconds(float)
1209	6d0433a5	Scott Ullrich	MidInterval 5.0
1210	80ce93c6	Scott Ullrich
1211			# MID validity time
1212	6d0433a5	Scott Ullrich	MidValidityTime 30.0
1213	80ce93c6	Scott Ullrich
1214			# HNA interval in seconds(float)
1215	6d0433a5	Scott Ullrich	HnaInterval 5.0
1216	80ce93c6	Scott Ullrich
1217			# HNA validity time
1218	6d0433a5	Scott Ullrich	HnaValidityTime 30.0
1219	80ce93c6	Scott Ullrich
1220			# When multiple links exist between hosts
1221			# the weight of interface is used to determine
1222			# the link to use. Normally the weight is
1223			# automatically calculated by olsrd based
1224			# on the characteristics of the interface,
1225			# but here you can specify a fixed value.
1226			# Olsrd will choose links with the lowest value.
1227
1228			# Weight 0
1229
1230
1231			}
1232	ac809adb	Scott Ullrich
1233	c7f44ae0	Scott Ullrich	EODAD;
1234	ac809adb	Scott Ullrich
1235			}
1236	d70f19da	Scott Ullrich	break;
1237	ac809adb	Scott Ullrich	}
1238	db5fbdb7	Scott Ullrich	fwrite($fd, $olsr);
1239			fclose($fd);
1240			}
1241	c7f44ae0	Scott Ullrich
1242	5b991209	Scott Ullrich	if(is_process_running("olsrd"))
1243	73239086	Seth Mos	mwexec("/usr/bin/killall olsrd", true);
1244	97fd5cb8	Scott Ullrich
1245			sleep(2);
1246
1247			mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
1248	c7f44ae0	Scott Ullrich
1249	eebeaf0d	Scott Ullrich	conf_mount_ro();
1250	80ce93c6	Scott Ullrich	}
1251
1252	1071e028	Scott Ullrich	/* configure cron service */
1253			function configure_cron() {
1254			global $g, $config;
1255	e7d3fc15	Ermal
1256	251ca022	Scott Ullrich	conf_mount_rw();
1257	1071e028	Scott Ullrich	/* preserve existing crontab entries */
1258	e7d3fc15	Ermal	$crontab_contents = file("/etc/crontab", FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
1259	1071e028	Scott Ullrich
1260	e7d3fc15	Ermal	for ($i = 0; $i < count($crontab_contents); $i++) {
1261			$cron_item =& $crontab_contents[$i];
1262			if (strpos($cron_item, "# pfSense specific crontab entries") !== false) {
1263			array_splice($crontab_contents, $i - 1);
1264	1071e028	Scott Ullrich	break;
1265			}
1266			}
1267	e7d3fc15	Ermal	$crontab_contents = implode("\n", $crontab_contents) . "\n";
1268	1071e028	Scott Ullrich
1269
1270			if (is_array($config['cron']['item'])) {
1271			$crontab_contents .= "#\n";
1272			$crontab_contents .= "# pfSense specific crontab entries\n";
1273			$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
1274			$crontab_contents .= "#\n";
1275
1276			foreach ($config['cron']['item'] as $item) {
1277			$crontab_contents .= "\n{$item['minute']}\t";
1278			$crontab_contents .= "{$item['hour']}\t";
1279			$crontab_contents .= "{$item['mday']}\t";
1280			$crontab_contents .= "{$item['month']}\t";
1281			$crontab_contents .= "{$item['wday']}\t";
1282			$crontab_contents .= "{$item['who']}\t";
1283			$crontab_contents .= "{$item['command']}";
1284			}
1285
1286			$crontab_contents .= "\n#\n";
1287			$crontab_contents .= "# If possible do not add items to this file manually.\n";
1288			$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
1289			$crontab_contents .= "#\n\n";
1290			}
1291
1292			/* please maintain the newline at the end of file */
1293			file_put_contents("/etc/crontab", $crontab_contents);
1294	41d507a5	Scott Ullrich
1295			/* do a HUP kill to force sync changes */
1296	a147b1e0	jim-p	exec('/bin/pkill -HUP cron');
1297	41d507a5	Scott Ullrich
1298	6d6bca27	Ermal Lu?i	conf_mount_ro();
1299	1071e028	Scott Ullrich	}
1300
1301	431484c8	Ryan Wagoner	function upnp_action ($action) {
1302			switch($action) {
1303			case "start":
1304			if(file_exists('/var/etc/miniupnpd.conf'))
1305	ce94b839	Scott Ullrich	mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf');
1306	431484c8	Ryan Wagoner	break;
1307			case "stop":
1308			while((int)exec("pgrep miniupnpd \| wc -l") > 0)
1309	73239086	Seth Mos	mwexec('killall miniupnpd 2>/dev/null', true);
1310	431484c8	Ryan Wagoner	mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
1311			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
1312			break;
1313			case "restart":
1314			upnp_action('stop');
1315			upnp_action('start');
1316			break;
1317			}
1318			}
1319
1320	6f20377b	Scott Ullrich	function upnp_start() {
1321	431484c8	Ryan Wagoner	global $config, $g;
1322	0c331f1e	Ermal Lu?i
1323			if(!isset($config['installedpackages']['miniupnpd']['config']))
1324			return;
1325
1326	431484c8	Ryan Wagoner	if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
1327			if($g['booting']) {
1328			echo "Starting UPnP service... ";
1329	a7503d91	jim-p	require_once('/usr/local/pkg/miniupnpd.inc');
1330	431484c8	Ryan Wagoner	sync_package_miniupnpd();
1331			echo "done.\n";
1332			}
1333			else {
1334			upnp_action('start');
1335			}
1336	6f20377b	Scott Ullrich	}
1337			}
1338
1339	85405c11	jim-p	function install_cron_job($command, $active=false, $minute="0", $hour="", $monthday="", $month="", $weekday="", $who="root") {
1340			global $config, $g;
1341
1342			$is_installed = false;
1343
1344			if(!$config['cron']['item'])
1345			return;
1346
1347			$x=0;
1348			foreach($config['cron']['item'] as $item) {
1349			if(strstr($item['command'], $command)) {
1350			$is_installed = true;
1351			break;
1352			}
1353			$x++;
1354			}
1355
1356			if($active) {
1357			$cron_item = array();
1358			$cron_item['minute'] = $minute;
1359			$cron_item['hour'] = $hour;
1360			$cron_item['mday'] = $monthday;
1361			$cron_item['month'] = $month;
1362			$cron_item['wday'] = $weekday;
1363			$cron_item['who'] = $who;
1364			$cron_item['command'] = $command;
1365			if(!$is_installed) {
1366			$config['cron']['item'][] = $cron_item;
1367			write_config("Installed cron job for {$command}");
1368			} else {
1369			$config['cron']['item'][$x] = $cron_item;
1370			write_config("Updated cron job for {$command}");
1371			}
1372			} else {
1373			if(($is_installed == true) && ($x > 0)) {
1374			unset($config['cron']['item'][$x]);
1375			write_config("Remvoed cron job for {$command}");
1376			}
1377			}
1378			configure_cron();
1379			}
1380
1381	fedab998	Scott Ullrich	?>

Project

General

Profile

pfSense