| 1 |
791bcfd4
|
Bill Marquette
|
<?php
|
| 2 |
|
|
/*
|
| 3 |
ac24dc24
|
Renato Botelho
|
* upgrade_config.inc
|
| 4 |
|
|
*
|
| 5 |
|
|
* part of pfSense (https://www.pfsense.org)
|
| 6 |
81299b5c
|
Renato Botelho
|
* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
|
| 7 |
ac24dc24
|
Renato Botelho
|
* All rights reserved.
|
| 8 |
|
|
*
|
| 9 |
b12ea3fb
|
Renato Botelho
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
| 10 |
|
|
* you may not use this file except in compliance with the License.
|
| 11 |
|
|
* You may obtain a copy of the License at
|
| 12 |
ac24dc24
|
Renato Botelho
|
*
|
| 13 |
b12ea3fb
|
Renato Botelho
|
* http://www.apache.org/licenses/LICENSE-2.0
|
| 14 |
ac24dc24
|
Renato Botelho
|
*
|
| 15 |
b12ea3fb
|
Renato Botelho
|
* Unless required by applicable law or agreed to in writing, software
|
| 16 |
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
| 17 |
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 18 |
|
|
* See the License for the specific language governing permissions and
|
| 19 |
|
|
* limitations under the License.
|
| 20 |
995df6c3
|
Stephen Beaver
|
*/
|
| 21 |
791bcfd4
|
Bill Marquette
|
|
| 22 |
751533a2
|
Phil Davis
|
if (!function_exists("dump_rrd_to_xml")) {
|
| 23 |
c81ef6e2
|
Phil Davis
|
require_once("rrd.inc");
|
| 24 |
751533a2
|
Phil Davis
|
}
|
| 25 |
0b3613ef
|
Denny Page
|
if (!function_exists("read_altq_config")) {
|
| 26 |
c81ef6e2
|
Phil Davis
|
require_once("shaper.inc");
|
| 27 |
0b3613ef
|
Denny Page
|
}
|
| 28 |
901aa044
|
Scott Ullrich
|
|
| 29 |
791bcfd4
|
Bill Marquette
|
/* Upgrade functions must be named:
|
| 30 |
|
|
* upgrade_XXX_to_YYY
|
| 31 |
|
|
* where XXX == previous version, zero padded, and YYY == next version, zero padded
|
| 32 |
|
|
*/
|
| 33 |
|
|
function upgrade_010_to_011() {
|
| 34 |
|
|
global $config;
|
| 35 |
|
|
$opti = 1;
|
| 36 |
|
|
$ifmap = array('lan' => 'lan', 'wan' => 'wan', 'pptp' => 'pptp');
|
| 37 |
|
|
|
| 38 |
|
|
/* convert DMZ to optional, if necessary */
|
| 39 |
|
|
if (isset($config['interfaces']['dmz'])) {
|
| 40 |
|
|
|
| 41 |
|
|
$dmzcfg = &$config['interfaces']['dmz'];
|
| 42 |
|
|
|
| 43 |
|
|
if ($dmzcfg['if']) {
|
| 44 |
|
|
$config['interfaces']['opt' . $opti] = array();
|
| 45 |
|
|
$optcfg = &$config['interfaces']['opt' . $opti];
|
| 46 |
|
|
|
| 47 |
|
|
$optcfg['enable'] = $dmzcfg['enable'];
|
| 48 |
|
|
$optcfg['descr'] = "DMZ";
|
| 49 |
|
|
$optcfg['if'] = $dmzcfg['if'];
|
| 50 |
|
|
$optcfg['ipaddr'] = $dmzcfg['ipaddr'];
|
| 51 |
|
|
$optcfg['subnet'] = $dmzcfg['subnet'];
|
| 52 |
|
|
|
| 53 |
|
|
$ifmap['dmz'] = "opt" . $opti;
|
| 54 |
|
|
$opti++;
|
| 55 |
|
|
}
|
| 56 |
|
|
|
| 57 |
|
|
unset($config['interfaces']['dmz']);
|
| 58 |
|
|
}
|
| 59 |
|
|
|
| 60 |
|
|
/* convert WLAN1/2 to optional, if necessary */
|
| 61 |
|
|
for ($i = 1; isset($config['interfaces']['wlan' . $i]); $i++) {
|
| 62 |
|
|
|
| 63 |
|
|
if (!$config['interfaces']['wlan' . $i]['if']) {
|
| 64 |
|
|
unset($config['interfaces']['wlan' . $i]);
|
| 65 |
|
|
continue;
|
| 66 |
|
|
}
|
| 67 |
|
|
|
| 68 |
|
|
$wlancfg = &$config['interfaces']['wlan' . $i];
|
| 69 |
|
|
$config['interfaces']['opt' . $opti] = array();
|
| 70 |
|
|
$optcfg = &$config['interfaces']['opt' . $opti];
|
| 71 |
|
|
|
| 72 |
|
|
$optcfg['enable'] = $wlancfg['enable'];
|
| 73 |
|
|
$optcfg['descr'] = "WLAN" . $i;
|
| 74 |
|
|
$optcfg['if'] = $wlancfg['if'];
|
| 75 |
|
|
$optcfg['ipaddr'] = $wlancfg['ipaddr'];
|
| 76 |
|
|
$optcfg['subnet'] = $wlancfg['subnet'];
|
| 77 |
|
|
$optcfg['bridge'] = $wlancfg['bridge'];
|
| 78 |
|
|
|
| 79 |
|
|
$optcfg['wireless'] = array();
|
| 80 |
|
|
$optcfg['wireless']['mode'] = $wlancfg['mode'];
|
| 81 |
|
|
$optcfg['wireless']['ssid'] = $wlancfg['ssid'];
|
| 82 |
|
|
$optcfg['wireless']['channel'] = $wlancfg['channel'];
|
| 83 |
|
|
$optcfg['wireless']['wep'] = $wlancfg['wep'];
|
| 84 |
|
|
|
| 85 |
|
|
$ifmap['wlan' . $i] = "opt" . $opti;
|
| 86 |
|
|
|
| 87 |
|
|
unset($config['interfaces']['wlan' . $i]);
|
| 88 |
|
|
$opti++;
|
| 89 |
|
|
}
|
| 90 |
|
|
|
| 91 |
|
|
/* convert filter rules */
|
| 92 |
|
|
$n = count($config['filter']['rule']);
|
| 93 |
|
|
for ($i = 0; $i < $n; $i++) {
|
| 94 |
|
|
|
| 95 |
|
|
$fr = &$config['filter']['rule'][$i];
|
| 96 |
|
|
|
| 97 |
|
|
/* remap interface */
|
| 98 |
751533a2
|
Phil Davis
|
if (array_key_exists($fr['interface'], $ifmap)) {
|
| 99 |
791bcfd4
|
Bill Marquette
|
$fr['interface'] = $ifmap[$fr['interface']];
|
| 100 |
751533a2
|
Phil Davis
|
} else {
|
| 101 |
791bcfd4
|
Bill Marquette
|
/* remove the rule */
|
| 102 |
4b48d1b9
|
Carlos Eduardo Ramos
|
printf(gettext("%sWarning: filter rule removed " .
|
| 103 |
|
|
"(interface '%s' does not exist anymore)."), "\n", $fr['interface']);
|
| 104 |
791bcfd4
|
Bill Marquette
|
unset($config['filter']['rule'][$i]);
|
| 105 |
|
|
continue;
|
| 106 |
|
|
}
|
| 107 |
|
|
|
| 108 |
|
|
/* remap source network */
|
| 109 |
|
|
if (isset($fr['source']['network'])) {
|
| 110 |
751533a2
|
Phil Davis
|
if (array_key_exists($fr['source']['network'], $ifmap)) {
|
| 111 |
791bcfd4
|
Bill Marquette
|
$fr['source']['network'] = $ifmap[$fr['source']['network']];
|
| 112 |
751533a2
|
Phil Davis
|
} else {
|
| 113 |
791bcfd4
|
Bill Marquette
|
/* remove the rule */
|
| 114 |
4b48d1b9
|
Carlos Eduardo Ramos
|
printf(gettext("%sWarning: filter rule removed " .
|
| 115 |
|
|
"(source network '%s' does not exist anymore)."), "\n", $fr['source']['network']);
|
| 116 |
791bcfd4
|
Bill Marquette
|
unset($config['filter']['rule'][$i]);
|
| 117 |
|
|
continue;
|
| 118 |
|
|
}
|
| 119 |
|
|
}
|
| 120 |
|
|
|
| 121 |
|
|
/* remap destination network */
|
| 122 |
|
|
if (isset($fr['destination']['network'])) {
|
| 123 |
751533a2
|
Phil Davis
|
if (array_key_exists($fr['destination']['network'], $ifmap)) {
|
| 124 |
791bcfd4
|
Bill Marquette
|
$fr['destination']['network'] = $ifmap[$fr['destination']['network']];
|
| 125 |
751533a2
|
Phil Davis
|
} else {
|
| 126 |
791bcfd4
|
Bill Marquette
|
/* remove the rule */
|
| 127 |
4b48d1b9
|
Carlos Eduardo Ramos
|
printf(gettext("%sWarning: filter rule removed " .
|
| 128 |
|
|
"(destination network '%s' does not exist anymore)."), "\n", $fr['destination']['network']);
|
| 129 |
791bcfd4
|
Bill Marquette
|
unset($config['filter']['rule'][$i]);
|
| 130 |
|
|
continue;
|
| 131 |
|
|
}
|
| 132 |
|
|
}
|
| 133 |
|
|
}
|
| 134 |
|
|
|
| 135 |
|
|
/* convert shaper rules */
|
| 136 |
|
|
$n = count($config['pfqueueing']['rule']);
|
| 137 |
751533a2
|
Phil Davis
|
if (is_array($config['pfqueueing']['rule'])) {
|
| 138 |
|
|
for ($i = 0; $i < $n; $i++) {
|
| 139 |
791bcfd4
|
Bill Marquette
|
|
| 140 |
751533a2
|
Phil Davis
|
$fr = &$config['pfqueueing']['rule'][$i];
|
| 141 |
791bcfd4
|
Bill Marquette
|
|
| 142 |
751533a2
|
Phil Davis
|
/* remap interface */
|
| 143 |
|
|
if (array_key_exists($fr['interface'], $ifmap)) {
|
| 144 |
|
|
$fr['interface'] = $ifmap[$fr['interface']];
|
| 145 |
|
|
} else {
|
| 146 |
791bcfd4
|
Bill Marquette
|
/* remove the rule */
|
| 147 |
4d511e5b
|
Renato Botelho
|
printf(gettext("%sWarning: traffic shaper rule removed " .
|
| 148 |
751533a2
|
Phil Davis
|
"(interface '%s' does not exist anymore)."), "\n", $fr['interface']);
|
| 149 |
791bcfd4
|
Bill Marquette
|
unset($config['pfqueueing']['rule'][$i]);
|
| 150 |
|
|
continue;
|
| 151 |
|
|
}
|
| 152 |
|
|
|
| 153 |
751533a2
|
Phil Davis
|
/* remap source network */
|
| 154 |
|
|
if (isset($fr['source']['network'])) {
|
| 155 |
|
|
if (array_key_exists($fr['source']['network'], $ifmap)) {
|
| 156 |
|
|
$fr['source']['network'] = $ifmap[$fr['source']['network']];
|
| 157 |
|
|
} else {
|
| 158 |
|
|
/* remove the rule */
|
| 159 |
|
|
printf(gettext("%sWarning: traffic shaper rule removed " .
|
| 160 |
|
|
"(source network '%s' does not exist anymore)."), "\n", $fr['source']['network']);
|
| 161 |
|
|
unset($config['pfqueueing']['rule'][$i]);
|
| 162 |
|
|
continue;
|
| 163 |
|
|
}
|
| 164 |
|
|
}
|
| 165 |
|
|
|
| 166 |
|
|
/* remap destination network */
|
| 167 |
|
|
if (isset($fr['destination']['network'])) {
|
| 168 |
|
|
if (array_key_exists($fr['destination']['network'], $ifmap)) {
|
| 169 |
|
|
$fr['destination']['network'] = $ifmap[$fr['destination']['network']];
|
| 170 |
|
|
} else {
|
| 171 |
|
|
/* remove the rule */
|
| 172 |
|
|
printf(gettext("%sWarning: traffic shaper rule removed " .
|
| 173 |
|
|
"(destination network '%s' does not exist anymore)."), "\n", $fr['destination']['network']);
|
| 174 |
|
|
unset($config['pfqueueing']['rule'][$i]);
|
| 175 |
|
|
continue;
|
| 176 |
|
|
}
|
| 177 |
791bcfd4
|
Bill Marquette
|
}
|
| 178 |
|
|
}
|
| 179 |
|
|
}
|
| 180 |
|
|
}
|
| 181 |
|
|
|
| 182 |
|
|
|
| 183 |
|
|
function upgrade_011_to_012() {
|
| 184 |
|
|
global $config;
|
| 185 |
|
|
/* move LAN DHCP server config */
|
| 186 |
|
|
$tmp = $config['dhcpd'];
|
| 187 |
|
|
$config['dhcpd'] = array();
|
| 188 |
|
|
$config['dhcpd']['lan'] = $tmp;
|
| 189 |
|
|
|
| 190 |
|
|
/* encrypt password */
|
| 191 |
|
|
$config['system']['password'] = crypt($config['system']['password']);
|
| 192 |
|
|
}
|
| 193 |
|
|
|
| 194 |
|
|
|
| 195 |
|
|
function upgrade_012_to_013() {
|
| 196 |
|
|
global $config;
|
| 197 |
|
|
/* convert advanced outbound NAT config */
|
| 198 |
|
|
for ($i = 0; isset($config['nat']['advancedoutbound']['rule'][$i]); $i++) {
|
| 199 |
|
|
$curent = &$config['nat']['advancedoutbound']['rule'][$i];
|
| 200 |
|
|
$src = $curent['source'];
|
| 201 |
|
|
$curent['source'] = array();
|
| 202 |
|
|
$curent['source']['network'] = $src;
|
| 203 |
|
|
$curent['destination'] = array();
|
| 204 |
|
|
$curent['destination']['any'] = true;
|
| 205 |
|
|
}
|
| 206 |
|
|
|
| 207 |
|
|
/* add an explicit type="pass" to all filter rules to make things consistent */
|
| 208 |
|
|
for ($i = 0; isset($config['filter']['rule'][$i]); $i++) {
|
| 209 |
|
|
$config['filter']['rule'][$i]['type'] = "pass";
|
| 210 |
|
|
}
|
| 211 |
|
|
}
|
| 212 |
|
|
|
| 213 |
|
|
|
| 214 |
|
|
function upgrade_013_to_014() {
|
| 215 |
|
|
global $config;
|
| 216 |
|
|
/* convert shaper rules (make pipes) */
|
| 217 |
|
|
if (is_array($config['pfqueueing']['rule'])) {
|
| 218 |
|
|
$config['pfqueueing']['pipe'] = array();
|
| 219 |
|
|
|
| 220 |
|
|
for ($i = 0; isset($config['pfqueueing']['rule'][$i]); $i++) {
|
| 221 |
|
|
$curent = &$config['pfqueueing']['rule'][$i];
|
| 222 |
|
|
|
| 223 |
|
|
/* make new pipe and associate with this rule */
|
| 224 |
|
|
$newpipe = array();
|
| 225 |
|
|
$newpipe['descr'] = $curent['descr'];
|
| 226 |
|
|
$newpipe['bandwidth'] = $curent['bandwidth'];
|
| 227 |
|
|
$newpipe['delay'] = $curent['delay'];
|
| 228 |
|
|
$newpipe['mask'] = $curent['mask'];
|
| 229 |
|
|
$config['pfqueueing']['pipe'][$i] = $newpipe;
|
| 230 |
|
|
|
| 231 |
|
|
$curent['targetpipe'] = $i;
|
| 232 |
|
|
|
| 233 |
|
|
unset($curent['bandwidth']);
|
| 234 |
|
|
unset($curent['delay']);
|
| 235 |
|
|
unset($curent['mask']);
|
| 236 |
|
|
}
|
| 237 |
|
|
}
|
| 238 |
|
|
}
|
| 239 |
|
|
|
| 240 |
|
|
|
| 241 |
|
|
function upgrade_014_to_015() {
|
| 242 |
|
|
global $config;
|
| 243 |
|
|
/* Default route moved */
|
| 244 |
751533a2
|
Phil Davis
|
if (isset($config['interfaces']['wan']['gateway'])) {
|
| 245 |
|
|
if ($config['interfaces']['wan']['gateway'] <> "") {
|
| 246 |
839966e3
|
Phil Davis
|
$config['system']['gateway'] = $config['interfaces']['wan']['gateway'];
|
| 247 |
751533a2
|
Phil Davis
|
}
|
| 248 |
fa6e5ba5
|
Phil Davis
|
unset($config['interfaces']['wan']['gateway']);
|
| 249 |
751533a2
|
Phil Davis
|
}
|
| 250 |
791bcfd4
|
Bill Marquette
|
|
| 251 |
|
|
/* Queues are no longer interface specific */
|
| 252 |
751533a2
|
Phil Davis
|
if (isset($config['interfaces']['lan']['schedulertype'])) {
|
| 253 |
791bcfd4
|
Bill Marquette
|
unset($config['interfaces']['lan']['schedulertype']);
|
| 254 |
751533a2
|
Phil Davis
|
}
|
| 255 |
|
|
if (isset($config['interfaces']['wan']['schedulertype'])) {
|
| 256 |
791bcfd4
|
Bill Marquette
|
unset($config['interfaces']['wan']['schedulertype']);
|
| 257 |
751533a2
|
Phil Davis
|
}
|
| 258 |
791bcfd4
|
Bill Marquette
|
|
| 259 |
|
|
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
|
| 260 |
751533a2
|
Phil Davis
|
if (isset($config['interfaces']['opt' . $i]['schedulertype'])) {
|
| 261 |
791bcfd4
|
Bill Marquette
|
unset($config['interfaces']['opt' . $i]['schedulertype']);
|
| 262 |
751533a2
|
Phil Davis
|
}
|
| 263 |
791bcfd4
|
Bill Marquette
|
}
|
| 264 |
|
|
}
|
| 265 |
|
|
|
| 266 |
|
|
|
| 267 |
|
|
function upgrade_015_to_016() {
|
| 268 |
|
|
global $config;
|
| 269 |
|
|
/* Alternate firmware URL moved */
|
| 270 |
|
|
if (isset($config['system']['firmwareurl']) && isset($config['system']['firmwarename'])) { // Only convert if *both* are defined.
|
| 271 |
|
|
$config['system']['alt_firmware_url'] = array();
|
| 272 |
|
|
$config['system']['alt_firmware_url']['enabled'] = "";
|
| 273 |
|
|
$config['system']['alt_firmware_url']['firmware_base_url'] = $config['system']['firmwareurl'];
|
| 274 |
|
|
$config['system']['alt_firmware_url']['firmware_filename'] = $config['system']['firmwarename'];
|
| 275 |
fa6e5ba5
|
Phil Davis
|
}
|
| 276 |
|
|
if (isset($config['system']['firmwareurl'])) {
|
| 277 |
|
|
unset($config['system']['firmwareurl']);
|
| 278 |
|
|
}
|
| 279 |
|
|
if (isset($config['system']['firmwarename'])) {
|
| 280 |
|
|
unset($config['system']['firmwarename']);
|
| 281 |
791bcfd4
|
Bill Marquette
|
}
|
| 282 |
|
|
}
|
| 283 |
|
|
|
| 284 |
|
|
|
| 285 |
|
|
function upgrade_016_to_017() {
|
| 286 |
|
|
global $config;
|
| 287 |
|
|
/* wipe previous shaper configuration */
|
| 288 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['shaper']['queue'])) {
|
| 289 |
|
|
unset($config['shaper']['queue']);
|
| 290 |
|
|
}
|
| 291 |
|
|
if (isset($config['shaper']['rule'])) {
|
| 292 |
|
|
unset($config['shaper']['rule']);
|
| 293 |
|
|
}
|
| 294 |
|
|
if (isset($config['interfaces']['wan']['bandwidth'])) {
|
| 295 |
|
|
unset($config['interfaces']['wan']['bandwidth']);
|
| 296 |
|
|
}
|
| 297 |
|
|
if (isset($config['interfaces']['wan']['bandwidthtype'])) {
|
| 298 |
|
|
unset($config['interfaces']['wan']['bandwidthtype']);
|
| 299 |
|
|
}
|
| 300 |
|
|
if (isset($config['interfaces']['lan']['bandwidth'])) {
|
| 301 |
|
|
unset($config['interfaces']['lan']['bandwidth']);
|
| 302 |
|
|
}
|
| 303 |
|
|
if (isset($config['interfaces']['lan']['bandwidthtype'])) {
|
| 304 |
|
|
unset($config['interfaces']['lan']['bandwidthtype']);
|
| 305 |
|
|
}
|
| 306 |
791bcfd4
|
Bill Marquette
|
$config['shaper']['enable'] = FALSE;
|
| 307 |
|
|
}
|
| 308 |
|
|
|
| 309 |
|
|
|
| 310 |
|
|
function upgrade_017_to_018() {
|
| 311 |
|
|
global $config;
|
| 312 |
751533a2
|
Phil Davis
|
if (isset($config['proxyarp']) && is_array($config['proxyarp']['proxyarpnet'])) {
|
| 313 |
791bcfd4
|
Bill Marquette
|
$proxyarp = &$config['proxyarp']['proxyarpnet'];
|
| 314 |
751533a2
|
Phil Davis
|
foreach ($proxyarp as $arpent) {
|
| 315 |
791bcfd4
|
Bill Marquette
|
$vip = array();
|
| 316 |
|
|
$vip['mode'] = "proxyarp";
|
| 317 |
|
|
$vip['interface'] = $arpent['interface'];
|
| 318 |
|
|
$vip['descr'] = $arpent['descr'];
|
| 319 |
|
|
if (isset($arpent['range'])) {
|
| 320 |
|
|
$vip['range'] = $arpent['range'];
|
| 321 |
|
|
$vip['type'] = "range";
|
| 322 |
|
|
} else {
|
| 323 |
|
|
$subnet = explode('/', $arpent['network']);
|
| 324 |
|
|
$vip['subnet'] = $subnet[0];
|
| 325 |
|
|
if (isset($subnet[1])) {
|
| 326 |
|
|
$vip['subnet_bits'] = $subnet[1];
|
| 327 |
|
|
$vip['type'] = "network";
|
| 328 |
|
|
} else {
|
| 329 |
|
|
$vip['subnet_bits'] = "32";
|
| 330 |
|
|
$vip['type'] = "single";
|
| 331 |
|
|
}
|
| 332 |
|
|
}
|
| 333 |
|
|
$config['virtualip']['vip'][] = $vip;
|
| 334 |
|
|
}
|
| 335 |
|
|
unset($config['proxyarp']);
|
| 336 |
|
|
}
|
| 337 |
751533a2
|
Phil Davis
|
if (isset($config['installedpackages']) && isset($config['installedpackages']['carp']) && is_array($config['installedpackages']['carp']['config'])) {
|
| 338 |
791bcfd4
|
Bill Marquette
|
$carp = &$config['installedpackages']['carp']['config'];
|
| 339 |
751533a2
|
Phil Davis
|
foreach ($carp as $carpent) {
|
| 340 |
791bcfd4
|
Bill Marquette
|
$vip = array();
|
| 341 |
|
|
$vip['mode'] = "carp";
|
| 342 |
|
|
$vip['interface'] = "AUTO";
|
| 343 |
4d511e5b
|
Renato Botelho
|
$vip['descr'] = sprintf(gettext("CARP vhid %s"), $carpent['vhid']);
|
| 344 |
791bcfd4
|
Bill Marquette
|
$vip['type'] = "single";
|
| 345 |
|
|
$vip['vhid'] = $carpent['vhid'];
|
| 346 |
|
|
$vip['advskew'] = $carpent['advskew'];
|
| 347 |
|
|
$vip['password'] = $carpent['password'];
|
| 348 |
|
|
$vip['subnet'] = $carpent['ipaddress'];
|
| 349 |
|
|
$vip['subnet_bits'] = $carpent['netmask'];
|
| 350 |
|
|
$config['virtualip']['vip'][] = $vip;
|
| 351 |
|
|
}
|
| 352 |
|
|
unset($config['installedpackages']['carp']);
|
| 353 |
|
|
}
|
| 354 |
|
|
/* Server NAT is no longer needed */
|
| 355 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['nat']['servernat'])) {
|
| 356 |
|
|
unset($config['nat']['servernat']);
|
| 357 |
|
|
}
|
| 358 |
791bcfd4
|
Bill Marquette
|
|
| 359 |
|
|
/* enable SSH */
|
| 360 |
|
|
if ($config['version'] == "1.8") {
|
| 361 |
|
|
$config['system']['sshenabled'] = true;
|
| 362 |
|
|
}
|
| 363 |
|
|
}
|
| 364 |
|
|
|
| 365 |
|
|
|
| 366 |
|
|
function upgrade_018_to_019() {
|
| 367 |
|
|
global $config;
|
| 368 |
|
|
}
|
| 369 |
|
|
|
| 370 |
|
|
|
| 371 |
|
|
function upgrade_019_to_020() {
|
| 372 |
|
|
global $config;
|
| 373 |
751533a2
|
Phil Davis
|
if (is_array($config['ipsec']['tunnel'])) {
|
| 374 |
791bcfd4
|
Bill Marquette
|
reset($config['ipsec']['tunnel']);
|
| 375 |
|
|
while (list($index, $tunnel) = each($config['ipsec']['tunnel'])) {
|
| 376 |
|
|
/* Sanity check on required variables */
|
| 377 |
|
|
/* This fixes bogus <tunnel> entries - remnant of bug #393 */
|
| 378 |
|
|
if (!isset($tunnel['local-subnet']) && !isset($tunnel['remote-subnet'])) {
|
| 379 |
|
|
unset($config['ipsec']['tunnel'][$tunnel]);
|
| 380 |
|
|
}
|
| 381 |
|
|
}
|
| 382 |
|
|
}
|
| 383 |
|
|
}
|
| 384 |
|
|
|
| 385 |
|
|
function upgrade_020_to_021() {
|
| 386 |
|
|
global $config;
|
| 387 |
|
|
/* shaper scheduler moved */
|
| 388 |
751533a2
|
Phil Davis
|
if (isset($config['system']['schedulertype'])) {
|
| 389 |
791bcfd4
|
Bill Marquette
|
$config['shaper']['schedulertype'] = $config['system']['schedulertype'];
|
| 390 |
|
|
unset($config['system']['schedulertype']);
|
| 391 |
|
|
}
|
| 392 |
|
|
}
|
| 393 |
|
|
|
| 394 |
|
|
|
| 395 |
|
|
function upgrade_021_to_022() {
|
| 396 |
|
|
global $config;
|
| 397 |
|
|
/* move gateway to wan interface */
|
| 398 |
|
|
$config['interfaces']['wan']['gateway'] = $config['system']['gateway'];
|
| 399 |
|
|
}
|
| 400 |
|
|
|
| 401 |
|
|
function upgrade_022_to_023() {
|
| 402 |
|
|
global $config;
|
| 403 |
751533a2
|
Phil Davis
|
if (isset($config['shaper'])) {
|
| 404 |
791bcfd4
|
Bill Marquette
|
/* wipe previous shaper configuration */
|
| 405 |
|
|
unset($config['shaper']);
|
| 406 |
|
|
}
|
| 407 |
|
|
}
|
| 408 |
|
|
|
| 409 |
|
|
|
| 410 |
|
|
function upgrade_023_to_024() {
|
| 411 |
|
|
global $config;
|
| 412 |
|
|
}
|
| 413 |
|
|
|
| 414 |
|
|
|
| 415 |
|
|
function upgrade_024_to_025() {
|
| 416 |
|
|
global $config;
|
| 417 |
|
|
$config['interfaces']['wan']['use_rrd_gateway'] = $config['system']['use_rrd_gateway'];
|
| 418 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['system']['use_rrd_gateway'])) {
|
| 419 |
|
|
unset($config['system']['use_rrd_gateway']);
|
| 420 |
|
|
}
|
| 421 |
791bcfd4
|
Bill Marquette
|
}
|
| 422 |
|
|
|
| 423 |
|
|
|
| 424 |
|
|
function upgrade_025_to_026() {
|
| 425 |
|
|
global $config;
|
| 426 |
|
|
$cron_item = array();
|
| 427 |
|
|
$cron_item['minute'] = "0";
|
| 428 |
|
|
$cron_item['hour'] = "*";
|
| 429 |
|
|
$cron_item['mday'] = "*";
|
| 430 |
|
|
$cron_item['month'] = "*";
|
| 431 |
|
|
$cron_item['wday'] = "*";
|
| 432 |
|
|
$cron_item['who'] = "root";
|
| 433 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 newsyslog";
|
| 434 |
|
|
|
| 435 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 436 |
|
|
|
| 437 |
|
|
$cron_item = array();
|
| 438 |
|
|
$cron_item['minute'] = "1,31";
|
| 439 |
|
|
$cron_item['hour'] = "0-5";
|
| 440 |
|
|
$cron_item['mday'] = "*";
|
| 441 |
|
|
$cron_item['month'] = "*";
|
| 442 |
|
|
$cron_item['wday'] = "*";
|
| 443 |
|
|
$cron_item['who'] = "root";
|
| 444 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 adjkerntz -a";
|
| 445 |
|
|
|
| 446 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 447 |
|
|
|
| 448 |
|
|
$cron_item = array();
|
| 449 |
|
|
$cron_item['minute'] = "1";
|
| 450 |
|
|
$cron_item['hour'] = "*";
|
| 451 |
|
|
$cron_item['mday'] = "1";
|
| 452 |
|
|
$cron_item['month'] = "*";
|
| 453 |
|
|
$cron_item['wday'] = "*";
|
| 454 |
|
|
$cron_item['who'] = "root";
|
| 455 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /etc/rc.update_bogons.sh";
|
| 456 |
|
|
|
| 457 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 458 |
|
|
|
| 459 |
|
|
$cron_item = array();
|
| 460 |
|
|
$cron_item['minute'] = "*/60";
|
| 461 |
|
|
$cron_item['hour'] = "*";
|
| 462 |
|
|
$cron_item['mday'] = "*";
|
| 463 |
|
|
$cron_item['month'] = "*";
|
| 464 |
|
|
$cron_item['wday'] = "*";
|
| 465 |
|
|
$cron_item['who'] = "root";
|
| 466 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout";
|
| 467 |
|
|
|
| 468 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 469 |
|
|
|
| 470 |
|
|
$cron_item = array();
|
| 471 |
|
|
$cron_item['minute'] = "1";
|
| 472 |
|
|
$cron_item['hour'] = "1";
|
| 473 |
|
|
$cron_item['mday'] = "*";
|
| 474 |
|
|
$cron_item['month'] = "*";
|
| 475 |
|
|
$cron_item['wday'] = "*";
|
| 476 |
|
|
$cron_item['who'] = "root";
|
| 477 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /etc/rc.dyndns.update";
|
| 478 |
|
|
|
| 479 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 480 |
|
|
|
| 481 |
|
|
$cron_item = array();
|
| 482 |
|
|
$cron_item['minute'] = "*/60";
|
| 483 |
|
|
$cron_item['hour'] = "*";
|
| 484 |
|
|
$cron_item['mday'] = "*";
|
| 485 |
|
|
$cron_item['month'] = "*";
|
| 486 |
|
|
$cron_item['wday'] = "*";
|
| 487 |
|
|
$cron_item['who'] = "root";
|
| 488 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot";
|
| 489 |
|
|
|
| 490 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 491 |
|
|
|
| 492 |
|
|
$cron_item = array();
|
| 493 |
|
|
$cron_item['minute'] = "*/60";
|
| 494 |
|
|
$cron_item['hour'] = "*";
|
| 495 |
|
|
$cron_item['mday'] = "*";
|
| 496 |
|
|
$cron_item['month'] = "*";
|
| 497 |
|
|
$cron_item['wday'] = "*";
|
| 498 |
|
|
$cron_item['who'] = "root";
|
| 499 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 1800 snort2c";
|
| 500 |
|
|
|
| 501 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 502 |
|
|
}
|
| 503 |
|
|
|
| 504 |
|
|
|
| 505 |
|
|
function upgrade_026_to_027() {
|
| 506 |
|
|
global $config;
|
| 507 |
|
|
}
|
| 508 |
|
|
|
| 509 |
|
|
|
| 510 |
|
|
function upgrade_027_to_028() {
|
| 511 |
|
|
global $config;
|
| 512 |
|
|
}
|
| 513 |
|
|
|
| 514 |
|
|
|
| 515 |
|
|
function upgrade_028_to_029() {
|
| 516 |
|
|
global $config;
|
| 517 |
|
|
$rule_item = array();
|
| 518 |
|
|
$a_filter = &$config['filter']['rule'];
|
| 519 |
|
|
$rule_item['interface'] = "enc0";
|
| 520 |
|
|
$rule_item['type'] = "pass";
|
| 521 |
|
|
$rule_item['source']['any'] = true;
|
| 522 |
|
|
$rule_item['destination']['any'] = true;
|
| 523 |
4d511e5b
|
Renato Botelho
|
$rule_item['descr'] = gettext("Permit IPsec traffic.");
|
| 524 |
791bcfd4
|
Bill Marquette
|
$rule_item['statetype'] = "keep state";
|
| 525 |
|
|
$a_filter[] = $rule_item;
|
| 526 |
|
|
}
|
| 527 |
|
|
|
| 528 |
|
|
|
| 529 |
|
|
function upgrade_029_to_030() {
|
| 530 |
|
|
global $config;
|
| 531 |
|
|
/* enable the rrd config setting by default */
|
| 532 |
|
|
$config['rrd']['enable'] = true;
|
| 533 |
|
|
}
|
| 534 |
|
|
|
| 535 |
|
|
|
| 536 |
|
|
function upgrade_030_to_031() {
|
| 537 |
|
|
global $config;
|
| 538 |
|
|
/* Insert upgrade code here */
|
| 539 |
|
|
}
|
| 540 |
|
|
|
| 541 |
|
|
|
| 542 |
|
|
function upgrade_031_to_032() {
|
| 543 |
|
|
global $config;
|
| 544 |
|
|
/* Insert upgrade code here */
|
| 545 |
|
|
}
|
| 546 |
|
|
|
| 547 |
|
|
|
| 548 |
|
|
function upgrade_032_to_033() {
|
| 549 |
|
|
global $config;
|
| 550 |
|
|
/* Insert upgrade code here */
|
| 551 |
|
|
}
|
| 552 |
|
|
|
| 553 |
|
|
|
| 554 |
|
|
function upgrade_033_to_034() {
|
| 555 |
|
|
global $config;
|
| 556 |
|
|
/* Insert upgrade code here */
|
| 557 |
|
|
}
|
| 558 |
|
|
|
| 559 |
|
|
|
| 560 |
|
|
function upgrade_034_to_035() {
|
| 561 |
|
|
global $config;
|
| 562 |
|
|
/* Insert upgrade code here */
|
| 563 |
|
|
}
|
| 564 |
|
|
|
| 565 |
|
|
|
| 566 |
|
|
function upgrade_035_to_036() {
|
| 567 |
|
|
global $config;
|
| 568 |
|
|
/* Insert upgrade code here */
|
| 569 |
|
|
}
|
| 570 |
|
|
|
| 571 |
|
|
|
| 572 |
|
|
function upgrade_036_to_037() {
|
| 573 |
|
|
global $config;
|
| 574 |
|
|
/* Insert upgrade code here */
|
| 575 |
|
|
}
|
| 576 |
|
|
|
| 577 |
|
|
|
| 578 |
|
|
function upgrade_037_to_038() {
|
| 579 |
|
|
global $config;
|
| 580 |
db7f618b
|
Seth Mos
|
/* Insert upgrade code here */
|
| 581 |
791bcfd4
|
Bill Marquette
|
}
|
| 582 |
|
|
|
| 583 |
|
|
|
| 584 |
|
|
function upgrade_038_to_039() {
|
| 585 |
|
|
global $config;
|
| 586 |
ef026950
|
Ermal Lu?i
|
/* Insert upgrade code here */
|
| 587 |
791bcfd4
|
Bill Marquette
|
}
|
| 588 |
|
|
|
| 589 |
|
|
|
| 590 |
|
|
function upgrade_039_to_040() {
|
| 591 |
879f7db7
|
Erik Fonnesbeck
|
global $config, $g;
|
| 592 |
791bcfd4
|
Bill Marquette
|
$config['system']['webgui']['auth_method'] = "session";
|
| 593 |
|
|
$config['system']['webgui']['backing_method'] = "htpasswd";
|
| 594 |
|
|
|
| 595 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['system']['username'])) {
|
| 596 |
791bcfd4
|
Bill Marquette
|
$config['system']['group'] = array();
|
| 597 |
|
|
$config['system']['group'][0]['name'] = "admins";
|
| 598 |
4d511e5b
|
Renato Botelho
|
$config['system']['group'][0]['description'] = gettext("System Administrators");
|
| 599 |
791bcfd4
|
Bill Marquette
|
$config['system']['group'][0]['scope'] = "system";
|
| 600 |
ebcdcaaa
|
jim-p
|
$config['system']['group'][0]['priv'] = "page-all";
|
| 601 |
791bcfd4
|
Bill Marquette
|
$config['system']['group'][0]['home'] = "index.php";
|
| 602 |
|
|
$config['system']['group'][0]['gid'] = "110";
|
| 603 |
|
|
|
| 604 |
|
|
$config['system']['user'] = array();
|
| 605 |
|
|
$config['system']['user'][0]['name'] = "{$config['system']['username']}";
|
| 606 |
9ff73b79
|
jim-p
|
$config['system']['user'][0]['descr'] = "System Administrator";
|
| 607 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][0]['scope'] = "system";
|
| 608 |
|
|
$config['system']['user'][0]['groupname'] = "admins";
|
| 609 |
|
|
$config['system']['user'][0]['password'] = "{$config['system']['password']}";
|
| 610 |
|
|
$config['system']['user'][0]['uid'] = "0";
|
| 611 |
6d8e6b22
|
jim-p
|
/* Ensure that we follow what this new "admin" username should be in the session. */
|
| 612 |
|
|
$_SESSION["Username"] = "{$config['system']['username']}";
|
| 613 |
791bcfd4
|
Bill Marquette
|
|
| 614 |
|
|
$config['system']['user'][0]['priv'] = array();
|
| 615 |
|
|
$config['system']['user'][0]['priv'][0]['id'] = "lockwc";
|
| 616 |
|
|
$config['system']['user'][0]['priv'][0]['name'] = "Lock webConfigurator";
|
| 617 |
4d511e5b
|
Renato Botelho
|
$config['system']['user'][0]['priv'][0]['descr'] = gettext("Indicates whether this user will lock access to the webConfigurator for other users.");
|
| 618 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][0]['priv'][1]['id'] = "lock-ipages";
|
| 619 |
|
|
$config['system']['user'][0]['priv'][1]['name'] = "Lock individual pages";
|
| 620 |
4d511e5b
|
Renato Botelho
|
$config['system']['user'][0]['priv'][1]['descr'] = gettext("Indicates whether this user will lock individual HTML pages after having accessed a particular page (the lock will be freed if the user leaves or saves the page form).");
|
| 621 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][0]['priv'][2]['id'] = "hasshell";
|
| 622 |
|
|
$config['system']['user'][0]['priv'][2]['name'] = "Has shell access";
|
| 623 |
4d511e5b
|
Renato Botelho
|
$config['system']['user'][0]['priv'][2]['descr'] = gettext("Indicates whether this user is able to login for example via SSH.");
|
| 624 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][0]['priv'][3]['id'] = "copyfiles";
|
| 625 |
|
|
$config['system']['user'][0]['priv'][3]['name'] = "Is allowed to copy files";
|
| 626 |
99a3ce08
|
Renato Botelho
|
$config['system']['user'][0]['priv'][3]['descr'] = sprintf(gettext("Indicates whether this user is allowed to copy files onto the %s appliance via SCP/SFTP."), $g['product_name']);
|
| 627 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][0]['priv'][4]['id'] = "isroot";
|
| 628 |
|
|
$config['system']['user'][0]['priv'][4]['name'] = "Is root user";
|
| 629 |
530e4707
|
NOYB
|
$config['system']['user'][0]['priv'][4]['descr'] = gettext("This user is associated with the UNIX root user (this privilege should only be associated with one single user).");
|
| 630 |
791bcfd4
|
Bill Marquette
|
|
| 631 |
|
|
$config['system']['nextuid'] = "111";
|
| 632 |
|
|
$config['system']['nextgid'] = "111";
|
| 633 |
|
|
|
| 634 |
|
|
/* wipe previous auth configuration */
|
| 635 |
fa6e5ba5
|
Phil Davis
|
unset($config['system']['username']);
|
| 636 |
|
|
if (isset($config['system']['password'])) {
|
| 637 |
|
|
unset($config['system']['password']);
|
| 638 |
|
|
}
|
| 639 |
791bcfd4
|
Bill Marquette
|
}
|
| 640 |
|
|
}
|
| 641 |
|
|
|
| 642 |
|
|
function upgrade_040_to_041() {
|
| 643 |
|
|
global $config;
|
| 644 |
751533a2
|
Phil Davis
|
if (!$config['sysctl']) {
|
| 645 |
791bcfd4
|
Bill Marquette
|
$config['sysctl']['item'] = array();
|
| 646 |
|
|
|
| 647 |
|
|
$config['sysctl']['item'][0]['tunable'] = "net.inet.tcp.blackhole";
|
| 648 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][0]['descr'] = gettext("Drop packets to closed TCP ports without returning a RST");
|
| 649 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][0]['value'] = "default";
|
| 650 |
791bcfd4
|
Bill Marquette
|
|
| 651 |
|
|
$config['sysctl']['item'][1]['tunable'] = "net.inet.udp.blackhole";
|
| 652 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][1]['descr'] = gettext("Do not send ICMP port unreachable messages for closed UDP ports");
|
| 653 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][1]['value'] = "default";
|
| 654 |
791bcfd4
|
Bill Marquette
|
|
| 655 |
|
|
$config['sysctl']['item'][2]['tunable'] = "net.inet.ip.random_id";
|
| 656 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][2]['descr'] = gettext("Randomize the ID field in IP packets (default is 0: sequential IP IDs)");
|
| 657 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][2]['value'] = "default";
|
| 658 |
791bcfd4
|
Bill Marquette
|
|
| 659 |
|
|
$config['sysctl']['item'][3]['tunable'] = "net.inet.tcp.drop_synfin";
|
| 660 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][3]['descr'] = gettext("Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)");
|
| 661 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][3]['value'] = "default";
|
| 662 |
791bcfd4
|
Bill Marquette
|
|
| 663 |
|
|
$config['sysctl']['item'][4]['tunable'] = "net.inet.ip.redirect";
|
| 664 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][4]['descr'] = gettext("Sending of IPv4 ICMP redirects");
|
| 665 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][4]['value'] = "default";
|
| 666 |
791bcfd4
|
Bill Marquette
|
|
| 667 |
|
|
$config['sysctl']['item'][5]['tunable'] = "net.inet6.ip6.redirect";
|
| 668 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][5]['descr'] = gettext("Sending of IPv6 ICMP redirects");
|
| 669 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][5]['value'] = "default";
|
| 670 |
791bcfd4
|
Bill Marquette
|
|
| 671 |
|
|
$config['sysctl']['item'][6]['tunable'] = "net.inet.tcp.syncookies";
|
| 672 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][6]['descr'] = gettext("Generate SYN cookies for outbound SYN-ACK packets");
|
| 673 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][6]['value'] = "default";
|
| 674 |
791bcfd4
|
Bill Marquette
|
|
| 675 |
|
|
$config['sysctl']['item'][7]['tunable'] = "net.inet.tcp.recvspace";
|
| 676 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][7]['descr'] = gettext("Maximum incoming TCP datagram size");
|
| 677 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][7]['value'] = "default";
|
| 678 |
791bcfd4
|
Bill Marquette
|
|
| 679 |
|
|
$config['sysctl']['item'][8]['tunable'] = "net.inet.tcp.sendspace";
|
| 680 |
4816e5ca
|
Renato Botelho
|
$config['sysctl']['item'][8]['descr'] = gettext("Maximum outgoing TCP datagram size");
|
| 681 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][8]['value'] = "default";
|
| 682 |
791bcfd4
|
Bill Marquette
|
|
| 683 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][9]['tunable'] = "net.inet.tcp.delayed_ack";
|
| 684 |
|
|
$config['sysctl']['item'][9]['descr'] = gettext("Do not delay ACK to try and piggyback it onto a data packet");
|
| 685 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][9]['value'] = "default";
|
| 686 |
791bcfd4
|
Bill Marquette
|
|
| 687 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][10]['tunable'] = "net.inet.udp.maxdgram";
|
| 688 |
|
|
$config['sysctl']['item'][10]['descr'] = gettext("Maximum outgoing UDP datagram size");
|
| 689 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][10]['value'] = "default";
|
| 690 |
791bcfd4
|
Bill Marquette
|
|
| 691 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][11]['tunable'] = "net.link.bridge.pfil_onlyip";
|
| 692 |
|
|
$config['sysctl']['item'][11]['descr'] = gettext("Handling of non-IP packets which are not passed to pfil (see if_bridge(4))");
|
| 693 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][11]['value'] = "default";
|
| 694 |
791bcfd4
|
Bill Marquette
|
|
| 695 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][12]['tunable'] = "net.link.tap.user_open";
|
| 696 |
|
|
$config['sysctl']['item'][12]['descr'] = gettext("Allow unprivileged access to tap(4) device nodes");
|
| 697 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][12]['value'] = "default";
|
| 698 |
791bcfd4
|
Bill Marquette
|
|
| 699 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][13]['tunable'] = "kern.randompid";
|
| 700 |
|
|
$config['sysctl']['item'][13]['descr'] = gettext("Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())");
|
| 701 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][13]['value'] = "default";
|
| 702 |
791bcfd4
|
Bill Marquette
|
|
| 703 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][14]['tunable'] = "net.inet.tcp.inflight.enable";
|
| 704 |
|
|
$config['sysctl']['item'][14]['descr'] = gettext("The system will attempt to calculate the bandwidth delay product for each connection and limit the amount of data queued to the network to just the amount required to maintain optimum throughput. ");
|
| 705 |
|
|
$config['sysctl']['item'][14]['value'] = "default";
|
| 706 |
|
|
|
| 707 |
|
|
$config['sysctl']['item'][15]['tunable'] = "net.inet.icmp.icmplim";
|
| 708 |
|
|
$config['sysctl']['item'][15]['descr'] = gettext("Set ICMP Limits");
|
| 709 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][15]['value'] = "default";
|
| 710 |
791bcfd4
|
Bill Marquette
|
|
| 711 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][16]['tunable'] = "net.inet.tcp.tso";
|
| 712 |
|
|
$config['sysctl']['item'][16]['descr'] = gettext("TCP Offload engine");
|
| 713 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][16]['value'] = "default";
|
| 714 |
791bcfd4
|
Bill Marquette
|
|
| 715 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][17]['tunable'] = "net.inet.ip.portrange.first";
|
| 716 |
|
|
$config['sysctl']['item'][17]['descr'] = "Set the ephemeral port range starting port";
|
| 717 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][17]['value'] = "default";
|
| 718 |
791bcfd4
|
Bill Marquette
|
|
| 719 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][18]['tunable'] = "hw.syscons.kbd_reboot";
|
| 720 |
|
|
$config['sysctl']['item'][18]['descr'] = "Enables ctrl+alt+delete";
|
| 721 |
908c4eea
|
sullrich
|
$config['sysctl']['item'][18]['value'] = "default";
|
| 722 |
2d563280
|
Renato Botelho
|
|
| 723 |
e2ff2b3f
|
Chris Buechler
|
$config['sysctl']['item'][19]['tunable'] = "kern.ipc.maxsockbuf";
|
| 724 |
|
|
$config['sysctl']['item'][19]['descr'] = "Maximum socket buffer size";
|
| 725 |
558dda01
|
Scott Ullrich
|
$config['sysctl']['item'][19]['value'] = "default";
|
| 726 |
908c4eea
|
sullrich
|
|
| 727 |
791bcfd4
|
Bill Marquette
|
}
|
| 728 |
|
|
}
|
| 729 |
|
|
|
| 730 |
|
|
|
| 731 |
|
|
function upgrade_041_to_042() {
|
| 732 |
|
|
global $config;
|
| 733 |
751533a2
|
Phil Davis
|
if (isset($config['shaper'])) {
|
| 734 |
791bcfd4
|
Bill Marquette
|
unset($config['shaper']);
|
| 735 |
751533a2
|
Phil Davis
|
}
|
| 736 |
|
|
if (isset($config['ezshaper'])) {
|
| 737 |
791bcfd4
|
Bill Marquette
|
unset($config['ezshaper']);
|
| 738 |
751533a2
|
Phil Davis
|
}
|
| 739 |
791bcfd4
|
Bill Marquette
|
}
|
| 740 |
|
|
|
| 741 |
|
|
|
| 742 |
|
|
function upgrade_042_to_043() {
|
| 743 |
|
|
global $config;
|
| 744 |
|
|
/* migrate old interface gateway to the new gateways config */
|
| 745 |
ab0eced7
|
Ermal
|
$iflist = get_configured_interface_list(false, true);
|
| 746 |
791bcfd4
|
Bill Marquette
|
$gateways = array();
|
| 747 |
|
|
$i = 0;
|
| 748 |
751533a2
|
Phil Davis
|
foreach ($iflist as $ifname => $interface) {
|
| 749 |
4de8f7ba
|
Phil Davis
|
if (!interface_has_gateway($ifname)) {
|
| 750 |
fc85edaf
|
Seth Mos
|
continue;
|
| 751 |
|
|
}
|
| 752 |
b314ab72
|
Ermal
|
$config['gateways']['gateway_item'][$i] = array();
|
| 753 |
751533a2
|
Phil Davis
|
if (is_ipaddr($config['interfaces'][$ifname]['gateway'])) {
|
| 754 |
3240836a
|
Seth Mos
|
$config['gateways']['gateway_item'][$i]['gateway'] = $config['interfaces'][$ifname]['gateway'];
|
| 755 |
4d511e5b
|
Renato Botelho
|
$config['gateways']['gateway_item'][$i]['descr'] = sprintf(gettext("Interface %s Static Gateway"), $ifname);
|
| 756 |
2328dcc5
|
Seth Mos
|
} else {
|
| 757 |
|
|
$config['gateways']['gateway_item'][$i]['gateway'] = "dynamic";
|
| 758 |
4d511e5b
|
Renato Botelho
|
$config['gateways']['gateway_item'][$i]['descr'] = sprintf(gettext("Interface %s Dynamic Gateway"), $ifname);
|
| 759 |
2328dcc5
|
Seth Mos
|
}
|
| 760 |
|
|
$config['gateways']['gateway_item'][$i]['interface'] = $ifname;
|
| 761 |
|
|
$config['gateways']['gateway_item'][$i]['name'] = "GW_" . strtoupper($ifname);
|
| 762 |
|
|
/* add default gateway bit for wan on upgrade */
|
| 763 |
751533a2
|
Phil Davis
|
if ($ifname == "wan") {
|
| 764 |
2d563280
|
Renato Botelho
|
$config['gateways']['gateway_item'][$i]['defaultgw'] = true;
|
| 765 |
2328dcc5
|
Seth Mos
|
}
|
| 766 |
751533a2
|
Phil Davis
|
if (is_ipaddr($config['interfaces'][$ifname]['use_rrd_gateway'])) {
|
| 767 |
2328dcc5
|
Seth Mos
|
$config['gateways']['gateway_item'][$i]['monitor'] = $config['interfaces'][$ifname]['use_rrd_gateway'];
|
| 768 |
|
|
unset($config['interfaces'][$ifname]['use_rrd_gateway']);
|
| 769 |
|
|
}
|
| 770 |
|
|
$config['interfaces'][$ifname]['gateway'] = $config['gateways']['gateway_item'][$i]['name'];
|
| 771 |
3240836a
|
Seth Mos
|
|
| 772 |
2328dcc5
|
Seth Mos
|
/* Update all filter rules which might reference this gateway */
|
| 773 |
|
|
$j = 0;
|
| 774 |
751533a2
|
Phil Davis
|
foreach ($config['filter']['rule'] as $rule) {
|
| 775 |
|
|
if (is_ipaddr($rule['gateway'])) {
|
| 776 |
|
|
if ($rule['gateway'] == $config['gateways']['gateway_item'][$i]['gateway']) {
|
| 777 |
6364b88b
|
Ermal
|
$config['filter']['rule'][$j]['gateway'] = $config['gateways']['gateway_item'][$i]['name'];
|
| 778 |
751533a2
|
Phil Davis
|
} else if ($rule['gateway'] == $ifname) {
|
| 779 |
6364b88b
|
Ermal
|
$config['filter']['rule'][$j]['gateway'] = $config['gateways']['gateway_item'][$i]['name'];
|
| 780 |
751533a2
|
Phil Davis
|
}
|
| 781 |
3240836a
|
Seth Mos
|
}
|
| 782 |
2328dcc5
|
Seth Mos
|
$j++;
|
| 783 |
791bcfd4
|
Bill Marquette
|
}
|
| 784 |
c9ba2835
|
smos
|
|
| 785 |
|
|
/* rename old Quality RRD files in the process */
|
| 786 |
|
|
$rrddbpath = "/var/db/rrd";
|
| 787 |
|
|
$gwname = "GW_" . strtoupper($ifname);
|
| 788 |
751533a2
|
Phil Davis
|
if (is_readable("{$rrddbpath}/{$ifname}-quality.rrd")) {
|
| 789 |
c9ba2835
|
smos
|
rename("{$rrddbpath}/{$ifname}-quality.rrd", "{$rrddbpath}/{$gwname}-quality.rrd");
|
| 790 |
|
|
}
|
| 791 |
2328dcc5
|
Seth Mos
|
$i++;
|
| 792 |
791bcfd4
|
Bill Marquette
|
}
|
| 793 |
|
|
}
|
| 794 |
|
|
|
| 795 |
|
|
|
| 796 |
|
|
function upgrade_043_to_044() {
|
| 797 |
|
|
global $config;
|
| 798 |
a842e988
|
Ermal
|
|
| 799 |
|
|
/* migrate static routes to the new gateways config */
|
| 800 |
|
|
$gateways = return_gateways_array(true);
|
| 801 |
6cae2c44
|
Ermal
|
$i = 0;
|
| 802 |
a842e988
|
Ermal
|
if (is_array($config['staticroutes']['route'])) {
|
| 803 |
323f3f9c
|
smos
|
$gwmap = array();
|
| 804 |
a842e988
|
Ermal
|
foreach ($config['staticroutes']['route'] as $idx => $sroute) {
|
| 805 |
|
|
$found = false;
|
| 806 |
|
|
foreach ($gateways as $gwname => $gw) {
|
| 807 |
|
|
if ($gw['gateway'] == $sroute['gateway']) {
|
| 808 |
|
|
$config['staticroutes']['route'][$idx]['gateway'] = $gwname;
|
| 809 |
|
|
$found = true;
|
| 810 |
|
|
break;
|
| 811 |
|
|
}
|
| 812 |
|
|
}
|
| 813 |
751533a2
|
Phil Davis
|
if ($gwmap[$sroute['gateway']]) {
|
| 814 |
323f3f9c
|
smos
|
/* We already added a gateway name for this IP */
|
| 815 |
|
|
$config['staticroutes']['route'][$idx]['gateway'] = "{$gwmap[$sroute['gateway']]}";
|
| 816 |
|
|
$found = true;
|
| 817 |
2d563280
|
Renato Botelho
|
}
|
| 818 |
|
|
|
| 819 |
a842e988
|
Ermal
|
if ($found == false) {
|
| 820 |
|
|
$gateway = array();
|
| 821 |
323f3f9c
|
smos
|
$gateway['name'] = "SROUTE{$i}";
|
| 822 |
|
|
$gwmap[$sroute['gateway']] = $gateway['name'];
|
| 823 |
a842e988
|
Ermal
|
$gateway['gateway'] = $sroute['gateway'];
|
| 824 |
|
|
$gateway['interface'] = $sroute['interface'];
|
| 825 |
4d511e5b
|
Renato Botelho
|
$gateway['descr'] = sprintf(gettext("Upgraded static route for %s"), $sroute['network']);
|
| 826 |
751533a2
|
Phil Davis
|
if (!is_array($config['gateways']['gateway_item'])) {
|
| 827 |
a842e988
|
Ermal
|
$config['gateways']['gateway_item'] = array();
|
| 828 |
751533a2
|
Phil Davis
|
}
|
| 829 |
a842e988
|
Ermal
|
$config['gateways']['gateway_item'][] = $gateway;
|
| 830 |
|
|
$config['staticroutes']['route'][$idx]['gateway'] = $gateway['name'];
|
| 831 |
6cae2c44
|
Ermal
|
$i++;
|
| 832 |
a842e988
|
Ermal
|
}
|
| 833 |
|
|
}
|
| 834 |
|
|
}
|
| 835 |
791bcfd4
|
Bill Marquette
|
}
|
| 836 |
|
|
|
| 837 |
|
|
|
| 838 |
|
|
function upgrade_044_to_045() {
|
| 839 |
|
|
global $config;
|
| 840 |
da74e673
|
Seth Mos
|
$iflist = get_configured_interface_list(false, true);
|
| 841 |
791bcfd4
|
Bill Marquette
|
if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) {
|
| 842 |
3d039701
|
smos
|
$i = 0;
|
| 843 |
da74e673
|
Seth Mos
|
foreach ($config['vlans']['vlan'] as $id => $vlan) {
|
| 844 |
|
|
/* Make sure to update the interfaces section with the right name */
|
| 845 |
62958eae
|
smos
|
$vlan_name = "{$vlan['if']}_vlan{$vlan['tag']}";
|
| 846 |
751533a2
|
Phil Davis
|
foreach ($iflist as $ifname) {
|
| 847 |
|
|
if ($config['interfaces'][$ifname]['if'] == "vlan{$i}") {
|
| 848 |
62958eae
|
smos
|
$config['interfaces'][$ifname]['if'] = $vlan_name;
|
| 849 |
|
|
continue;
|
| 850 |
da74e673
|
Seth Mos
|
}
|
| 851 |
|
|
}
|
| 852 |
62958eae
|
smos
|
$config['vlans']['vlan'][$i]['vlanif'] = "{$vlan_name}";
|
| 853 |
2d563280
|
Renato Botelho
|
$i++;
|
| 854 |
da74e673
|
Seth Mos
|
}
|
| 855 |
791bcfd4
|
Bill Marquette
|
}
|
| 856 |
|
|
}
|
| 857 |
|
|
|
| 858 |
|
|
|
| 859 |
|
|
function upgrade_045_to_046() {
|
| 860 |
|
|
global $config;
|
| 861 |
2d563280
|
Renato Botelho
|
/* Load up monitors that are in the default config for 2.0 but not in 1.2.3
|
| 862 |
506514e7
|
jim-p
|
thus wouldn't be in an upgraded config. */
|
| 863 |
|
|
$config['load_balancer']['monitor_type'] = array (
|
| 864 |
751533a2
|
Phil Davis
|
array ('name' => 'ICMP',
|
| 865 |
506514e7
|
jim-p
|
'type' => 'icmp',
|
| 866 |
|
|
'descr' => 'ICMP',
|
| 867 |
|
|
'options' => '',
|
| 868 |
|
|
),
|
| 869 |
751533a2
|
Phil Davis
|
array ('name' => 'TCP',
|
| 870 |
506514e7
|
jim-p
|
'type' => 'tcp',
|
| 871 |
|
|
'descr' => 'Generic TCP',
|
| 872 |
|
|
'options' => '',
|
| 873 |
|
|
),
|
| 874 |
751533a2
|
Phil Davis
|
array ('name' => 'HTTP',
|
| 875 |
506514e7
|
jim-p
|
'type' => 'http',
|
| 876 |
|
|
'descr' => 'Generic HTTP',
|
| 877 |
|
|
'options' =>
|
| 878 |
751533a2
|
Phil Davis
|
array ('path' => '/',
|
| 879 |
506514e7
|
jim-p
|
'host' => '',
|
| 880 |
|
|
'code' => '200',
|
| 881 |
|
|
),
|
| 882 |
|
|
),
|
| 883 |
751533a2
|
Phil Davis
|
array ('name' => 'HTTPS',
|
| 884 |
506514e7
|
jim-p
|
'type' => 'https',
|
| 885 |
|
|
'descr' => 'Generic HTTPS',
|
| 886 |
|
|
'options' =>
|
| 887 |
751533a2
|
Phil Davis
|
array ('path' => '/',
|
| 888 |
506514e7
|
jim-p
|
'host' => '',
|
| 889 |
|
|
'code' => '200',
|
| 890 |
|
|
),
|
| 891 |
|
|
),
|
| 892 |
751533a2
|
Phil Davis
|
array ('name' => 'SMTP',
|
| 893 |
506514e7
|
jim-p
|
'type' => 'send',
|
| 894 |
|
|
'descr' => 'Generic SMTP',
|
| 895 |
|
|
'options' =>
|
| 896 |
751533a2
|
Phil Davis
|
array ('send' => '',
|
| 897 |
520d4137
|
jim-p
|
'expect' => '220 *',
|
| 898 |
506514e7
|
jim-p
|
),
|
| 899 |
|
|
),
|
| 900 |
|
|
);
|
| 901 |
791bcfd4
|
Bill Marquette
|
/* Upgrade load balancer from slb to relayd */
|
| 902 |
|
|
if (is_array($config['load_balancer']['virtual_server']) && count($config['load_balancer']['virtual_server'])) {
|
| 903 |
|
|
$vs_a = &$config['load_balancer']['virtual_server'];
|
| 904 |
|
|
$pool_a = &$config['load_balancer']['lbpool'];
|
| 905 |
|
|
$pools = array();
|
| 906 |
25753b5b
|
sullrich
|
/* Index pools by name */
|
| 907 |
751533a2
|
Phil Davis
|
if (is_array($pool_a)) {
|
| 908 |
791bcfd4
|
Bill Marquette
|
for ($i = 0; isset($pool_a[$i]); $i++) {
|
| 909 |
751533a2
|
Phil Davis
|
if ($pool_a[$i]['type'] == "server") {
|
| 910 |
791bcfd4
|
Bill Marquette
|
$pools[$pool_a[$i]['name']] = $pool_a[$i];
|
| 911 |
|
|
}
|
| 912 |
|
|
}
|
| 913 |
|
|
}
|
| 914 |
|
|
/* Convert sitedown entries to pools and re-attach */
|
| 915 |
|
|
for ($i = 0; isset($vs_a[$i]); $i++) {
|
| 916 |
d30afa60
|
jim-p
|
/* Set mode while we're here. */
|
| 917 |
|
|
$vs_a[$i]['mode'] = "redirect_mode";
|
| 918 |
791bcfd4
|
Bill Marquette
|
if (isset($vs_a[$i]['sitedown'])) {
|
| 919 |
|
|
$pool = array();
|
| 920 |
|
|
$pool['type'] = 'server';
|
| 921 |
|
|
$pool['behaviour'] = 'balance';
|
| 922 |
|
|
$pool['name'] = "{$vs_a[$i]['name']}-sitedown";
|
| 923 |
4816e5ca
|
Renato Botelho
|
$pool['descr'] = sprintf(gettext("Sitedown pool for VS: %s"), $vs_a[$i]['name']);
|
| 924 |
751533a2
|
Phil Davis
|
if (is_array($vs_a[$i]['pool'])) {
|
| 925 |
6e9b046e
|
jim-p
|
$vs_a[$i]['pool'] = $vs_a[$i]['pool'][0];
|
| 926 |
751533a2
|
Phil Davis
|
}
|
| 927 |
791bcfd4
|
Bill Marquette
|
$pool['port'] = $pools[$vs_a[$i]['pool']]['port'];
|
| 928 |
|
|
$pool['servers'] = array();
|
| 929 |
|
|
$pool['servers'][] = $vs_a[$i]['sitedown'];
|
| 930 |
|
|
$pool['monitor'] = $pools[$vs_a[$i]['pool']]['monitor'];
|
| 931 |
|
|
$pool_a[] = $pool;
|
| 932 |
|
|
$vs_a[$i]['sitedown'] = $pool['name'];
|
| 933 |
|
|
}
|
| 934 |
|
|
}
|
| 935 |
|
|
}
|
| 936 |
751533a2
|
Phil Davis
|
if (count($config['load_balancer']) == 0) {
|
| 937 |
0b5b4f32
|
Seth Mos
|
unset($config['load_balancer']);
|
| 938 |
|
|
}
|
| 939 |
a09d8bfc
|
jim-p
|
mwexec('/usr/sbin/pw groupadd -n _relayd -g 913');
|
| 940 |
|
|
mwexec('/usr/sbin/pw useradd -n _relayd -c "Relay Daemon" -d /var/empty -s /usr/sbin/nologin -u 913 -g 913');
|
| 941 |
791bcfd4
|
Bill Marquette
|
}
|
| 942 |
|
|
|
| 943 |
|
|
|
| 944 |
|
|
function upgrade_046_to_047() {
|
| 945 |
|
|
global $config;
|
| 946 |
|
|
/* Upgrade IPsec from tunnel to phase1/phase2 */
|
| 947 |
|
|
|
| 948 |
751533a2
|
Phil Davis
|
if (is_array($config['ipsec']['tunnel'])) {
|
| 949 |
791bcfd4
|
Bill Marquette
|
|
| 950 |
|
|
$a_phase1 = array();
|
| 951 |
|
|
$a_phase2 = array();
|
| 952 |
|
|
$ikeid = 0;
|
| 953 |
|
|
|
| 954 |
|
|
foreach ($config['ipsec']['tunnel'] as $tunnel) {
|
| 955 |
|
|
|
| 956 |
|
|
unset($ph1ent);
|
| 957 |
|
|
unset($ph2ent);
|
| 958 |
|
|
|
| 959 |
|
|
/*
|
| 960 |
|
|
* attempt to locate an enabled phase1
|
| 961 |
|
|
* entry that matches the peer gateway
|
| 962 |
|
|
*/
|
| 963 |
|
|
|
| 964 |
|
|
if (!isset($tunnel['disabled'])) {
|
| 965 |
|
|
|
| 966 |
|
|
$remote_gateway = $tunnel['remote-gateway'];
|
| 967 |
|
|
|
| 968 |
|
|
foreach ($a_phase1 as $ph1tmp) {
|
| 969 |
|
|
if ($ph1tmp['remote-gateway'] == $remote_gateway) {
|
| 970 |
|
|
$ph1ent = $ph1tmp;
|
| 971 |
|
|
break;
|
| 972 |
|
|
}
|
| 973 |
|
|
}
|
| 974 |
|
|
}
|
| 975 |
|
|
|
| 976 |
|
|
/* none found, create a new one */
|
| 977 |
|
|
|
| 978 |
751533a2
|
Phil Davis
|
if (!isset($ph1ent)) {
|
| 979 |
791bcfd4
|
Bill Marquette
|
|
| 980 |
|
|
/* build new phase1 entry */
|
| 981 |
|
|
|
| 982 |
|
|
$ph1ent = array();
|
| 983 |
|
|
|
| 984 |
|
|
$ph1ent['ikeid'] = ++$ikeid;
|
| 985 |
|
|
|
| 986 |
751533a2
|
Phil Davis
|
if (isset($tunnel['disabled'])) {
|
| 987 |
791bcfd4
|
Bill Marquette
|
$ph1ent['disabled'] = $tunnel['disabled'];
|
| 988 |
751533a2
|
Phil Davis
|
}
|
| 989 |
791bcfd4
|
Bill Marquette
|
|
| 990 |
443f2e6e
|
smos
|
/* convert to the new vip[$vhid] name */
|
| 991 |
751533a2
|
Phil Davis
|
if (preg_match("/^carp/", $tunnel['interface'])) {
|
| 992 |
bc75a430
|
smos
|
$carpid = str_replace("carp", "", $tunnel['interface']);
|
| 993 |
4aa58d46
|
smos
|
$tunnel['interface'] = "vip" . $config['virtualip']['vip'][$carpid]['vhid'];
|
| 994 |
443f2e6e
|
smos
|
}
|
| 995 |
791bcfd4
|
Bill Marquette
|
$ph1ent['interface'] = $tunnel['interface'];
|
| 996 |
|
|
$ph1ent['remote-gateway'] = $tunnel['remote-gateway'];
|
| 997 |
|
|
$ph1ent['descr'] = $tunnel['descr'];
|
| 998 |
|
|
|
| 999 |
|
|
$ph1ent['mode'] = $tunnel['p1']['mode'];
|
| 1000 |
|
|
|
| 1001 |
751533a2
|
Phil Davis
|
if (isset($tunnel['p1']['myident']['myaddress'])) {
|
| 1002 |
791bcfd4
|
Bill Marquette
|
$ph1ent['myid_type'] = "myaddress";
|
| 1003 |
751533a2
|
Phil Davis
|
}
|
| 1004 |
791bcfd4
|
Bill Marquette
|
if (isset($tunnel['p1']['myident']['address'])) {
|
| 1005 |
|
|
$ph1ent['myid_type'] = "address";
|
| 1006 |
|
|
$ph1ent['myid_data'] = $tunnel['p1']['myident']['address'];
|
| 1007 |
|
|
}
|
| 1008 |
|
|
if (isset($tunnel['p1']['myident']['fqdn'])) {
|
| 1009 |
|
|
$ph1ent['myid_type'] = "fqdn";
|
| 1010 |
|
|
$ph1ent['myid_data'] = $tunnel['p1']['myident']['fqdn'];
|
| 1011 |
|
|
}
|
| 1012 |
dfa11031
|
jim-p
|
if (isset($tunnel['p1']['myident']['ufqdn'])) {
|
| 1013 |
791bcfd4
|
Bill Marquette
|
$ph1ent['myid_type'] = "user_fqdn";
|
| 1014 |
dfa11031
|
jim-p
|
$ph1ent['myid_data'] = $tunnel['p1']['myident']['ufqdn'];
|
| 1015 |
791bcfd4
|
Bill Marquette
|
}
|
| 1016 |
|
|
if (isset($tunnel['p1']['myident']['asn1dn'])) {
|
| 1017 |
|
|
$ph1ent['myid_type'] = "asn1dn";
|
| 1018 |
|
|
$ph1ent['myid_data'] = $tunnel['p1']['myident']['asn1dn'];
|
| 1019 |
|
|
}
|
| 1020 |
|
|
if (isset($tunnel['p1']['myident']['dyn_dns'])) {
|
| 1021 |
|
|
$ph1ent['myid_type'] = "dyn_dns";
|
| 1022 |
|
|
$ph1ent['myid_data'] = $tunnel['p1']['myident']['dyn_dns'];
|
| 1023 |
|
|
}
|
| 1024 |
|
|
|
| 1025 |
|
|
$ph1ent['peerid_type'] = "peeraddress";
|
| 1026 |
|
|
|
| 1027 |
|
|
switch ($tunnel['p1']['encryption-algorithm']) {
|
| 1028 |
|
|
case "des":
|
| 1029 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'des');
|
| 1030 |
|
|
break;
|
| 1031 |
791bcfd4
|
Bill Marquette
|
case "3des":
|
| 1032 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => '3des');
|
| 1033 |
|
|
break;
|
| 1034 |
791bcfd4
|
Bill Marquette
|
case "blowfish":
|
| 1035 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'blowfish', 'keylen' => '128');
|
| 1036 |
|
|
break;
|
| 1037 |
791bcfd4
|
Bill Marquette
|
case "cast128":
|
| 1038 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'cast128');
|
| 1039 |
|
|
break;
|
| 1040 |
791bcfd4
|
Bill Marquette
|
case "rijndael":
|
| 1041 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'aes', 'keylen' => '128');
|
| 1042 |
|
|
break;
|
| 1043 |
791bcfd4
|
Bill Marquette
|
case "rijndael 256":
|
| 1044 |
a5187d43
|
jim-p
|
case "aes 256":
|
| 1045 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'aes', 'keylen' => '256');
|
| 1046 |
|
|
break;
|
| 1047 |
791bcfd4
|
Bill Marquette
|
}
|
| 1048 |
|
|
|
| 1049 |
|
|
$ph1ent['encryption-algorithm'] = $ph1alg;
|
| 1050 |
|
|
$ph1ent['hash-algorithm'] = $tunnel['p1']['hash-algorithm'];
|
| 1051 |
|
|
$ph1ent['dhgroup'] = $tunnel['p1']['dhgroup'];
|
| 1052 |
|
|
$ph1ent['lifetime'] = $tunnel['p1']['lifetime'];
|
| 1053 |
|
|
$ph1ent['authentication_method'] = $tunnel['p1']['authentication_method'];
|
| 1054 |
|
|
|
| 1055 |
751533a2
|
Phil Davis
|
if (isset($tunnel['p1']['pre-shared-key'])) {
|
| 1056 |
791bcfd4
|
Bill Marquette
|
$ph1ent['pre-shared-key'] = $tunnel['p1']['pre-shared-key'];
|
| 1057 |
751533a2
|
Phil Davis
|
}
|
| 1058 |
|
|
if (isset($tunnel['p1']['cert'])) {
|
| 1059 |
791bcfd4
|
Bill Marquette
|
$ph1ent['cert'] = $tunnel['p1']['cert'];
|
| 1060 |
751533a2
|
Phil Davis
|
}
|
| 1061 |
|
|
if (isset($tunnel['p1']['peercert'])) {
|
| 1062 |
791bcfd4
|
Bill Marquette
|
$ph1ent['peercert'] = $tunnel['p1']['peercert'];
|
| 1063 |
751533a2
|
Phil Davis
|
}
|
| 1064 |
|
|
if (isset($tunnel['p1']['private-key'])) {
|
| 1065 |
791bcfd4
|
Bill Marquette
|
$ph1ent['private-key'] = $tunnel['p1']['private-key'];
|
| 1066 |
751533a2
|
Phil Davis
|
}
|
| 1067 |
791bcfd4
|
Bill Marquette
|
|
| 1068 |
|
|
$ph1ent['nat_traversal'] = "on";
|
| 1069 |
|
|
$ph1ent['dpd_enable'] = 1;
|
| 1070 |
|
|
$ph1ent['dpd_delay'] = 10;
|
| 1071 |
|
|
$ph1ent['dpd_maxfail'] = 5;
|
| 1072 |
|
|
|
| 1073 |
|
|
$a_phase1[] = $ph1ent;
|
| 1074 |
|
|
}
|
| 1075 |
|
|
|
| 1076 |
|
|
/* build new phase2 entry */
|
| 1077 |
|
|
|
| 1078 |
|
|
$ph2ent = array();
|
| 1079 |
|
|
|
| 1080 |
|
|
$ph2ent['ikeid'] = $ph1ent['ikeid'];
|
| 1081 |
|
|
|
| 1082 |
751533a2
|
Phil Davis
|
if (isset($tunnel['disabled'])) {
|
| 1083 |
791bcfd4
|
Bill Marquette
|
$ph1ent['disabled'] = $tunnel['disabled'];
|
| 1084 |
751533a2
|
Phil Davis
|
}
|
| 1085 |
791bcfd4
|
Bill Marquette
|
|
| 1086 |
4d511e5b
|
Renato Botelho
|
$ph2ent['descr'] = sprintf(gettext("phase2 for %s"), $tunnel['descr']);
|
| 1087 |
791bcfd4
|
Bill Marquette
|
|
| 1088 |
|
|
$type = "lan";
|
| 1089 |
751533a2
|
Phil Davis
|
if ($tunnel['local-subnet']['network']) {
|
| 1090 |
791bcfd4
|
Bill Marquette
|
$type = $tunnel['local-subnet']['network'];
|
| 1091 |
751533a2
|
Phil Davis
|
}
|
| 1092 |
791bcfd4
|
Bill Marquette
|
if ($tunnel['local-subnet']['address']) {
|
| 1093 |
4de8f7ba
|
Phil Davis
|
list($address, $netbits) = explode("/", $tunnel['local-subnet']['address']);
|
| 1094 |
751533a2
|
Phil Davis
|
if (is_null($netbits)) {
|
| 1095 |
791bcfd4
|
Bill Marquette
|
$type = "address";
|
| 1096 |
751533a2
|
Phil Davis
|
} else {
|
| 1097 |
791bcfd4
|
Bill Marquette
|
$type = "network";
|
| 1098 |
751533a2
|
Phil Davis
|
}
|
| 1099 |
791bcfd4
|
Bill Marquette
|
}
|
| 1100 |
|
|
|
| 1101 |
|
|
switch ($type) {
|
| 1102 |
|
|
case "address":
|
| 1103 |
4de8f7ba
|
Phil Davis
|
$ph2ent['localid'] = array('type' => $type, 'address' => $address);
|
| 1104 |
751533a2
|
Phil Davis
|
break;
|
| 1105 |
791bcfd4
|
Bill Marquette
|
case "network":
|
| 1106 |
4de8f7ba
|
Phil Davis
|
$ph2ent['localid'] = array('type' => $type, 'address' => $address, 'netbits' => $netbits);
|
| 1107 |
751533a2
|
Phil Davis
|
break;
|
| 1108 |
791bcfd4
|
Bill Marquette
|
default:
|
| 1109 |
751533a2
|
Phil Davis
|
$ph2ent['localid'] = array('type' => $type);
|
| 1110 |
|
|
break;
|
| 1111 |
791bcfd4
|
Bill Marquette
|
}
|
| 1112 |
|
|
|
| 1113 |
4de8f7ba
|
Phil Davis
|
list($address, $netbits) = explode("/", $tunnel['remote-subnet']);
|
| 1114 |
|
|
$ph2ent['remoteid'] = array('type' => 'network', 'address' => $address, 'netbits' => $netbits);
|
| 1115 |
791bcfd4
|
Bill Marquette
|
|
| 1116 |
|
|
$ph2ent['protocol'] = $tunnel['p2']['protocol'];
|
| 1117 |
|
|
|
| 1118 |
|
|
$aes_count = 0;
|
| 1119 |
751533a2
|
Phil Davis
|
foreach ($tunnel['p2']['encryption-algorithm-option'] as $tunalg) {
|
| 1120 |
791bcfd4
|
Bill Marquette
|
$aes_found = false;
|
| 1121 |
|
|
switch ($tunalg) {
|
| 1122 |
|
|
case "des":
|
| 1123 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'des');
|
| 1124 |
|
|
break;
|
| 1125 |
791bcfd4
|
Bill Marquette
|
case "3des":
|
| 1126 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => '3des');
|
| 1127 |
|
|
break;
|
| 1128 |
791bcfd4
|
Bill Marquette
|
case "blowfish":
|
| 1129 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'blowfish', 'keylen' => 'auto');
|
| 1130 |
|
|
break;
|
| 1131 |
791bcfd4
|
Bill Marquette
|
case "cast128":
|
| 1132 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'cast128');
|
| 1133 |
|
|
break;
|
| 1134 |
791bcfd4
|
Bill Marquette
|
case "rijndael":
|
| 1135 |
|
|
case "rijndael 256":
|
| 1136 |
a5187d43
|
jim-p
|
case "aes 256":
|
| 1137 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'aes', 'keylen' => 'auto');
|
| 1138 |
|
|
$aes_found = true;
|
| 1139 |
|
|
$aes_count++;
|
| 1140 |
|
|
break;
|
| 1141 |
791bcfd4
|
Bill Marquette
|
}
|
| 1142 |
|
|
|
| 1143 |
751533a2
|
Phil Davis
|
if (!$aes_found || ($aes_count < 2)) {
|
| 1144 |
791bcfd4
|
Bill Marquette
|
$ph2ent['encryption-algorithm-option'][] = $ph2alg;
|
| 1145 |
751533a2
|
Phil Davis
|
}
|
| 1146 |
791bcfd4
|
Bill Marquette
|
}
|
| 1147 |
|
|
|
| 1148 |
|
|
$ph2ent['hash-algorithm-option'] = $tunnel['p2']['hash-algorithm-option'];
|
| 1149 |
|
|
$ph2ent['pfsgroup'] = $tunnel['p2']['pfsgroup'];
|
| 1150 |
|
|
$ph2ent['lifetime'] = $tunnel['p2']['lifetime'];
|
| 1151 |
|
|
|
| 1152 |
751533a2
|
Phil Davis
|
if (isset($tunnel['pinghost']['pinghost'])) {
|
| 1153 |
87e07f52
|
mgrooms
|
$ph2ent['pinghost'] = $tunnel['pinghost'];
|
| 1154 |
751533a2
|
Phil Davis
|
}
|
| 1155 |
87e07f52
|
mgrooms
|
|
| 1156 |
791bcfd4
|
Bill Marquette
|
$a_phase2[] = $ph2ent;
|
| 1157 |
|
|
}
|
| 1158 |
|
|
|
| 1159 |
|
|
unset($config['ipsec']['tunnel']);
|
| 1160 |
|
|
$config['ipsec']['phase1'] = $a_phase1;
|
| 1161 |
|
|
$config['ipsec']['phase2'] = $a_phase2;
|
| 1162 |
|
|
}
|
| 1163 |
49bb5c07
|
jim-p
|
|
| 1164 |
|
|
/* Upgrade Mobile IPsec */
|
| 1165 |
751533a2
|
Phil Davis
|
if (isset($config['ipsec']['mobileclients']) &&
|
| 1166 |
|
|
is_array($config['ipsec']['mobileclients']) &&
|
| 1167 |
|
|
is_array($config['ipsec']['mobileclients']['p1']) &&
|
| 1168 |
|
|
is_array($config['ipsec']['mobileclients']['p2'])) {
|
| 1169 |
49bb5c07
|
jim-p
|
|
| 1170 |
|
|
if (isset($config['ipsec']['mobileclients']['enable'])) {
|
| 1171 |
|
|
$config['ipsec']['client']['enable'] = true;
|
| 1172 |
|
|
$config['ipsec']['client']['user_source'] = 'system';
|
| 1173 |
|
|
$config['ipsec']['client']['group_source'] = 'system';
|
| 1174 |
|
|
}
|
| 1175 |
|
|
|
| 1176 |
|
|
$mobilecfg = $config['ipsec']['mobileclients'];
|
| 1177 |
|
|
|
| 1178 |
|
|
$ph1ent = array();
|
| 1179 |
|
|
$ph1ent['ikeid'] = ++$ikeid;
|
| 1180 |
|
|
|
| 1181 |
751533a2
|
Phil Davis
|
if (!isset($mobilecfg['enable'])) {
|
| 1182 |
49bb5c07
|
jim-p
|
$ph1ent['disabled'] = true;
|
| 1183 |
751533a2
|
Phil Davis
|
}
|
| 1184 |
49bb5c07
|
jim-p
|
|
| 1185 |
|
|
/* Assume WAN since mobile tunnels couldn't be on a separate interface on 1.2.x */
|
| 1186 |
|
|
$ph1ent['interface'] = 'wan';
|
| 1187 |
|
|
$ph1ent['descr'] = "Mobile Clients (upgraded)";
|
| 1188 |
|
|
$ph1ent['mode'] = $mobilecfg['p1']['mode'];
|
| 1189 |
|
|
|
| 1190 |
751533a2
|
Phil Davis
|
if (isset($mobilecfg['p1']['myident']['myaddress'])) {
|
| 1191 |
49bb5c07
|
jim-p
|
$ph1ent['myid_type'] = "myaddress";
|
| 1192 |
751533a2
|
Phil Davis
|
}
|
| 1193 |
49bb5c07
|
jim-p
|
if (isset($mobilecfg['p1']['myident']['address'])) {
|
| 1194 |
|
|
$ph1ent['myid_type'] = "address";
|
| 1195 |
|
|
$ph1ent['myid_data'] = $mobilecfg['p1']['myident']['address'];
|
| 1196 |
|
|
}
|
| 1197 |
|
|
if (isset($mobilecfg['p1']['myident']['fqdn'])) {
|
| 1198 |
|
|
$ph1ent['myid_type'] = "fqdn";
|
| 1199 |
|
|
$ph1ent['myid_data'] = $mobilecfg['p1']['myident']['fqdn'];
|
| 1200 |
|
|
}
|
| 1201 |
|
|
if (isset($mobilecfg['p1']['myident']['ufqdn'])) {
|
| 1202 |
|
|
$ph1ent['myid_type'] = "user_fqdn";
|
| 1203 |
|
|
$ph1ent['myid_data'] = $mobilecfg['p1']['myident']['ufqdn'];
|
| 1204 |
|
|
}
|
| 1205 |
|
|
if (isset($mobilecfg['p1']['myident']['asn1dn'])) {
|
| 1206 |
|
|
$ph1ent['myid_type'] = "asn1dn";
|
| 1207 |
|
|
$ph1ent['myid_data'] = $mobilecfg['p1']['myident']['asn1dn'];
|
| 1208 |
|
|
}
|
| 1209 |
|
|
if (isset($mobilecfg['p1']['myident']['dyn_dns'])) {
|
| 1210 |
|
|
$ph1ent['myid_type'] = "dyn_dns";
|
| 1211 |
|
|
$ph1ent['myid_data'] = $mobilecfg['p1']['myident']['dyn_dns'];
|
| 1212 |
|
|
}
|
| 1213 |
|
|
$ph1ent['peerid_type'] = "fqdn";
|
| 1214 |
|
|
$ph1ent['peerid_data'] = "";
|
| 1215 |
|
|
|
| 1216 |
|
|
switch ($mobilecfg['p1']['encryption-algorithm']) {
|
| 1217 |
|
|
case "des":
|
| 1218 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'des');
|
| 1219 |
|
|
break;
|
| 1220 |
49bb5c07
|
jim-p
|
case "3des":
|
| 1221 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => '3des');
|
| 1222 |
|
|
break;
|
| 1223 |
49bb5c07
|
jim-p
|
case "blowfish":
|
| 1224 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'blowfish', 'keylen' => '128');
|
| 1225 |
|
|
break;
|
| 1226 |
49bb5c07
|
jim-p
|
case "cast128":
|
| 1227 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'cast128');
|
| 1228 |
|
|
break;
|
| 1229 |
49bb5c07
|
jim-p
|
case "rijndael":
|
| 1230 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'aes', 'keylen' => '128');
|
| 1231 |
|
|
break;
|
| 1232 |
49bb5c07
|
jim-p
|
case "rijndael 256":
|
| 1233 |
a5187d43
|
jim-p
|
case "aes 256":
|
| 1234 |
751533a2
|
Phil Davis
|
$ph1alg = array('name' => 'aes', 'keylen' => '256');
|
| 1235 |
|
|
break;
|
| 1236 |
49bb5c07
|
jim-p
|
}
|
| 1237 |
|
|
|
| 1238 |
|
|
$ph1ent['encryption-algorithm'] = $ph1alg;
|
| 1239 |
|
|
$ph1ent['hash-algorithm'] = $mobilecfg['p1']['hash-algorithm'];
|
| 1240 |
|
|
$ph1ent['dhgroup'] = $mobilecfg['p1']['dhgroup'];
|
| 1241 |
|
|
$ph1ent['lifetime'] = $mobilecfg['p1']['lifetime'];
|
| 1242 |
|
|
$ph1ent['authentication_method'] = $mobilecfg['p1']['authentication_method'];
|
| 1243 |
|
|
|
| 1244 |
751533a2
|
Phil Davis
|
if (isset($mobilecfg['p1']['cert'])) {
|
| 1245 |
49bb5c07
|
jim-p
|
$ph1ent['cert'] = $mobilecfg['p1']['cert'];
|
| 1246 |
751533a2
|
Phil Davis
|
}
|
| 1247 |
|
|
if (isset($mobilecfg['p1']['peercert'])) {
|
| 1248 |
49bb5c07
|
jim-p
|
$ph1ent['peercert'] = $mobilecfg['p1']['peercert'];
|
| 1249 |
751533a2
|
Phil Davis
|
}
|
| 1250 |
|
|
if (isset($mobilecfg['p1']['private-key'])) {
|
| 1251 |
49bb5c07
|
jim-p
|
$ph1ent['private-key'] = $mobilecfg['p1']['private-key'];
|
| 1252 |
751533a2
|
Phil Davis
|
}
|
| 1253 |
49bb5c07
|
jim-p
|
|
| 1254 |
|
|
$ph1ent['nat_traversal'] = "on";
|
| 1255 |
|
|
$ph1ent['dpd_enable'] = 1;
|
| 1256 |
|
|
$ph1ent['dpd_delay'] = 10;
|
| 1257 |
|
|
$ph1ent['dpd_maxfail'] = 5;
|
| 1258 |
|
|
$ph1ent['mobile'] = true;
|
| 1259 |
|
|
|
| 1260 |
|
|
$ph2ent = array();
|
| 1261 |
|
|
$ph2ent['ikeid'] = $ph1ent['ikeid'];
|
| 1262 |
|
|
$ph2ent['descr'] = "phase2 for ".$mobilecfg['descr'];
|
| 1263 |
|
|
$ph2ent['localid'] = array('type' => 'none');
|
| 1264 |
|
|
$ph2ent['remoteid'] = array('type' => 'mobile');
|
| 1265 |
|
|
$ph2ent['protocol'] = $mobilecfg['p2']['protocol'];
|
| 1266 |
|
|
|
| 1267 |
|
|
$aes_count = 0;
|
| 1268 |
751533a2
|
Phil Davis
|
foreach ($mobilecfg['p2']['encryption-algorithm-option'] as $tunalg) {
|
| 1269 |
49bb5c07
|
jim-p
|
$aes_found = false;
|
| 1270 |
|
|
switch ($tunalg) {
|
| 1271 |
|
|
case "des":
|
| 1272 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'des');
|
| 1273 |
|
|
break;
|
| 1274 |
49bb5c07
|
jim-p
|
case "3des":
|
| 1275 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => '3des');
|
| 1276 |
|
|
break;
|
| 1277 |
49bb5c07
|
jim-p
|
case "blowfish":
|
| 1278 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'blowfish', 'keylen' => 'auto');
|
| 1279 |
|
|
break;
|
| 1280 |
49bb5c07
|
jim-p
|
case "cast128":
|
| 1281 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'cast128');
|
| 1282 |
|
|
break;
|
| 1283 |
49bb5c07
|
jim-p
|
case "rijndael":
|
| 1284 |
|
|
case "rijndael 256":
|
| 1285 |
a5187d43
|
jim-p
|
case "aes 256":
|
| 1286 |
751533a2
|
Phil Davis
|
$ph2alg = array('name' => 'aes', 'keylen' => 'auto');
|
| 1287 |
|
|
$aes_found = true;
|
| 1288 |
|
|
$aes_count++;
|
| 1289 |
|
|
break;
|
| 1290 |
49bb5c07
|
jim-p
|
}
|
| 1291 |
|
|
|
| 1292 |
751533a2
|
Phil Davis
|
if (!$aes_found || ($aes_count < 2)) {
|
| 1293 |
49bb5c07
|
jim-p
|
$ph2ent['encryption-algorithm-option'][] = $ph2alg;
|
| 1294 |
751533a2
|
Phil Davis
|
}
|
| 1295 |
49bb5c07
|
jim-p
|
}
|
| 1296 |
|
|
$ph2ent['hash-algorithm-option'] = $mobilecfg['p2']['hash-algorithm-option'];
|
| 1297 |
|
|
$ph2ent['pfsgroup'] = $mobilecfg['p2']['pfsgroup'];
|
| 1298 |
|
|
$ph2ent['lifetime'] = $mobilecfg['p2']['lifetime'];
|
| 1299 |
|
|
$ph2ent['mobile'] = true;
|
| 1300 |
|
|
|
| 1301 |
|
|
$config['ipsec']['phase1'][] = $ph1ent;
|
| 1302 |
|
|
$config['ipsec']['phase2'][] = $ph2ent;
|
| 1303 |
|
|
unset($config['ipsec']['mobileclients']);
|
| 1304 |
|
|
}
|
| 1305 |
791bcfd4
|
Bill Marquette
|
}
|
| 1306 |
|
|
|
| 1307 |
|
|
|
| 1308 |
|
|
function upgrade_047_to_048() {
|
| 1309 |
|
|
global $config;
|
| 1310 |
e31c90fc
|
Ermal
|
if (!empty($config['dyndns'])) {
|
| 1311 |
|
|
$config['dyndnses'] = array();
|
| 1312 |
|
|
$config['dyndnses']['dyndns'] = array();
|
| 1313 |
751533a2
|
Phil Davis
|
if (isset($config['dyndns'][0]['host'])) {
|
| 1314 |
246aceaa
|
smos
|
$tempdyn = array();
|
| 1315 |
|
|
$tempdyn['enable'] = isset($config['dyndns'][0]['enable']);
|
| 1316 |
|
|
$tempdyn['type'] = $config['dyndns'][0]['type'];
|
| 1317 |
|
|
$tempdyn['wildcard'] = isset($config['dyndns'][0]['wildcard']);
|
| 1318 |
7d62c4c8
|
Ermal
|
$tempdyn['username'] = $config['dyndns'][0]['username'];
|
| 1319 |
|
|
$tempdyn['password'] = $config['dyndns'][0]['password'];
|
| 1320 |
246aceaa
|
smos
|
$tempdyn['host'] = $config['dyndns'][0]['host'];
|
| 1321 |
2d563280
|
Renato Botelho
|
$tempdyn['mx'] = $config['dyndns'][0]['mx'];
|
| 1322 |
246aceaa
|
smos
|
$tempdyn['interface'] = "wan";
|
| 1323 |
4d511e5b
|
Renato Botelho
|
$tempdyn['descr'] = sprintf(gettext("Upgraded Dyndns %s"), $tempdyn['type']);
|
| 1324 |
246aceaa
|
smos
|
$config['dyndnses']['dyndns'][] = $tempdyn;
|
| 1325 |
|
|
}
|
| 1326 |
791bcfd4
|
Bill Marquette
|
unset($config['dyndns']);
|
| 1327 |
2d563280
|
Renato Botelho
|
}
|
| 1328 |
e31c90fc
|
Ermal
|
if (!empty($config['dnsupdate'])) {
|
| 1329 |
2b1b78e6
|
jim-p
|
$pconfig = $config['dnsupdate'][0];
|
| 1330 |
751533a2
|
Phil Davis
|
if (!$pconfig['ttl']) {
|
| 1331 |
2b1b78e6
|
jim-p
|
$pconfig['ttl'] = 60;
|
| 1332 |
751533a2
|
Phil Davis
|
}
|
| 1333 |
|
|
if (!$pconfig['keytype']) {
|
| 1334 |
2b1b78e6
|
jim-p
|
$pconfig['keytype'] = "zone";
|
| 1335 |
751533a2
|
Phil Davis
|
}
|
| 1336 |
e31c90fc
|
Ermal
|
$pconfig['interface'] = "wan";
|
| 1337 |
791bcfd4
|
Bill Marquette
|
$config['dnsupdates']['dnsupdate'][] = $pconfig;
|
| 1338 |
|
|
unset($config['dnsupdate']);
|
| 1339 |
|
|
}
|
| 1340 |
|
|
|
| 1341 |
1f0c76cf
|
jim-p
|
if (is_array($config['pppoe']) && is_array($config['pppoe'][0])) {
|
| 1342 |
791bcfd4
|
Bill Marquette
|
$pconfig = array();
|
| 1343 |
1f0c76cf
|
jim-p
|
$pconfig['username'] = $config['pppoe'][0]['username'];
|
| 1344 |
|
|
$pconfig['password'] = $config['pppoe'][0]['password'];
|
| 1345 |
|
|
$pconfig['provider'] = $config['pppoe'][0]['provider'];
|
| 1346 |
|
|
$pconfig['ondemand'] = isset($config['pppoe'][0]['ondemand']);
|
| 1347 |
|
|
$pconfig['timeout'] = $config['pppoe'][0]['timeout'];
|
| 1348 |
791bcfd4
|
Bill Marquette
|
unset($config['pppoe']);
|
| 1349 |
|
|
$config['interfaces']['wan']['pppoe_username'] = $pconfig['username'];
|
| 1350 |
|
|
$config['interfaces']['wan']['pppoe_password'] = $pconfig['password'];
|
| 1351 |
|
|
$config['interfaces']['wan']['provider'] = $pconfig['provider'];
|
| 1352 |
|
|
$config['interfaces']['wan']['ondemand'] = isset($pconfig['ondemand']);
|
| 1353 |
|
|
$config['interfaces']['wan']['timeout'] = $pconfig['timeout'];
|
| 1354 |
|
|
}
|
| 1355 |
|
|
if (is_array($config['pptp'])) {
|
| 1356 |
|
|
$pconfig = array();
|
| 1357 |
|
|
$pconfig['username'] = $config['pptp']['username'];
|
| 1358 |
|
|
$pconfig['password'] = $config['pptp']['password'];
|
| 1359 |
|
|
$pconfig['provider'] = $config['pptp']['provider'];
|
| 1360 |
|
|
$pconfig['ondemand'] = isset($config['pptp']['ondemand']);
|
| 1361 |
|
|
$pconfig['timeout'] = $config['pptp']['timeout'];
|
| 1362 |
|
|
unset($config['pptp']);
|
| 1363 |
|
|
$config['interfaces']['wan']['pptp_username'] = $pconfig['username'];
|
| 1364 |
|
|
$config['interfaces']['wan']['pptp_password'] = $pconfig['password'];
|
| 1365 |
|
|
$config['interfaces']['wan']['provider'] = $pconfig['provider'];
|
| 1366 |
751533a2
|
Phil Davis
|
$config['interfaces']['wan']['ondemand'] = isset($pconfig['ondemand']);
|
| 1367 |
791bcfd4
|
Bill Marquette
|
$config['interfaces']['wan']['timeout'] = $pconfig['timeout'];
|
| 1368 |
|
|
}
|
| 1369 |
|
|
}
|
| 1370 |
|
|
|
| 1371 |
|
|
|
| 1372 |
|
|
function upgrade_048_to_049() {
|
| 1373 |
|
|
global $config;
|
| 1374 |
|
|
/* setup new all users group */
|
| 1375 |
|
|
$all = array();
|
| 1376 |
|
|
$all['name'] = "all";
|
| 1377 |
4d511e5b
|
Renato Botelho
|
$all['description'] = gettext("All Users");
|
| 1378 |
791bcfd4
|
Bill Marquette
|
$all['scope'] = "system";
|
| 1379 |
|
|
$all['gid'] = 1998;
|
| 1380 |
|
|
$all['member'] = array();
|
| 1381 |
|
|
|
| 1382 |
751533a2
|
Phil Davis
|
if (!is_array($config['system']['user'])) {
|
| 1383 |
84924e76
|
Ermal
|
$config['system']['user'] = array();
|
| 1384 |
751533a2
|
Phil Davis
|
}
|
| 1385 |
|
|
if (!is_array($config['system']['group'])) {
|
| 1386 |
791bcfd4
|
Bill Marquette
|
$config['system']['group'] = array();
|
| 1387 |
751533a2
|
Phil Davis
|
}
|
| 1388 |
791bcfd4
|
Bill Marquette
|
|
| 1389 |
|
|
/* work around broken uid assignments */
|
| 1390 |
|
|
$config['system']['nextuid'] = 2000;
|
| 1391 |
|
|
foreach ($config['system']['user'] as & $user) {
|
| 1392 |
751533a2
|
Phil Davis
|
if (isset($user['uid']) && !$user['uid']) {
|
| 1393 |
791bcfd4
|
Bill Marquette
|
continue;
|
| 1394 |
751533a2
|
Phil Davis
|
}
|
| 1395 |
791bcfd4
|
Bill Marquette
|
$user['uid'] = $config['system']['nextuid']++;
|
| 1396 |
|
|
}
|
| 1397 |
|
|
|
| 1398 |
|
|
/* work around broken gid assignments */
|
| 1399 |
|
|
$config['system']['nextgid'] = 2000;
|
| 1400 |
|
|
foreach ($config['system']['group'] as & $group) {
|
| 1401 |
751533a2
|
Phil Davis
|
if ($group['name'] == $g['admin_group']) {
|
| 1402 |
791bcfd4
|
Bill Marquette
|
$group['gid'] = 1999;
|
| 1403 |
751533a2
|
Phil Davis
|
} else {
|
| 1404 |
791bcfd4
|
Bill Marquette
|
$group['gid'] = $config['system']['nextgid']++;
|
| 1405 |
751533a2
|
Phil Davis
|
}
|
| 1406 |
791bcfd4
|
Bill Marquette
|
}
|
| 1407 |
|
|
|
| 1408 |
|
|
/* build group membership information */
|
| 1409 |
|
|
foreach ($config['system']['group'] as & $group) {
|
| 1410 |
|
|
$group['member'] = array();
|
| 1411 |
|
|
foreach ($config['system']['user'] as & $user) {
|
| 1412 |
|
|
$groupnames = explode(",", $user['groupname']);
|
| 1413 |
4de8f7ba
|
Phil Davis
|
if (in_array($group['name'], $groupnames)) {
|
| 1414 |
791bcfd4
|
Bill Marquette
|
$group['member'][] = $user['uid'];
|
| 1415 |
751533a2
|
Phil Davis
|
}
|
| 1416 |
791bcfd4
|
Bill Marquette
|
}
|
| 1417 |
|
|
}
|
| 1418 |
|
|
|
| 1419 |
|
|
/* reset user group information */
|
| 1420 |
|
|
foreach ($config['system']['user'] as & $user) {
|
| 1421 |
|
|
unset($user['groupname']);
|
| 1422 |
|
|
$all['member'][] = $user['uid'];
|
| 1423 |
|
|
}
|
| 1424 |
|
|
|
| 1425 |
|
|
/* reset group scope information */
|
| 1426 |
751533a2
|
Phil Davis
|
foreach ($config['system']['group'] as & $group) {
|
| 1427 |
|
|
if ($group['name'] != $g['admin_group']) {
|
| 1428 |
|
|
$group['scope'] = "user";
|
| 1429 |
|
|
}
|
| 1430 |
|
|
}
|
| 1431 |
791bcfd4
|
Bill Marquette
|
|
| 1432 |
|
|
/* insert new all group */
|
| 1433 |
|
|
$groups = Array();
|
| 1434 |
|
|
$groups[] = $all;
|
| 1435 |
4de8f7ba
|
Phil Davis
|
$groups = array_merge($config['system']['group'], $groups);
|
| 1436 |
791bcfd4
|
Bill Marquette
|
$config['system']['group'] = $groups;
|
| 1437 |
|
|
}
|
| 1438 |
|
|
|
| 1439 |
|
|
|
| 1440 |
|
|
function upgrade_049_to_050() {
|
| 1441 |
|
|
global $config;
|
| 1442 |
84924e76
|
Ermal
|
|
| 1443 |
751533a2
|
Phil Davis
|
if (!is_array($config['system']['user'])) {
|
| 1444 |
84924e76
|
Ermal
|
$config['system']['user'] = array();
|
| 1445 |
751533a2
|
Phil Davis
|
}
|
| 1446 |
791bcfd4
|
Bill Marquette
|
/* update user privileges */
|
| 1447 |
|
|
foreach ($config['system']['user'] as & $user) {
|
| 1448 |
|
|
$privs = array();
|
| 1449 |
|
|
if (!is_array($user['priv'])) {
|
| 1450 |
|
|
unset($user['priv']);
|
| 1451 |
|
|
continue;
|
| 1452 |
|
|
}
|
| 1453 |
|
|
foreach ($user['priv'] as $priv) {
|
| 1454 |
751533a2
|
Phil Davis
|
switch ($priv['id']) {
|
| 1455 |
791bcfd4
|
Bill Marquette
|
case "hasshell":
|
| 1456 |
751533a2
|
Phil Davis
|
$privs[] = "user-shell-access";
|
| 1457 |
|
|
break;
|
| 1458 |
791bcfd4
|
Bill Marquette
|
case "copyfiles":
|
| 1459 |
751533a2
|
Phil Davis
|
$privs[] = "user-copy-files";
|
| 1460 |
|
|
break;
|
| 1461 |
791bcfd4
|
Bill Marquette
|
}
|
| 1462 |
|
|
}
|
| 1463 |
|
|
$user['priv'] = $privs;
|
| 1464 |
|
|
}
|
| 1465 |
|
|
|
| 1466 |
|
|
/* update group privileges */
|
| 1467 |
|
|
foreach ($config['system']['group'] as & $group) {
|
| 1468 |
|
|
$privs = array();
|
| 1469 |
|
|
if (!is_array($group['pages'])) {
|
| 1470 |
|
|
unset($group['pages']);
|
| 1471 |
|
|
continue;
|
| 1472 |
|
|
}
|
| 1473 |
|
|
foreach ($group['pages'] as $page) {
|
| 1474 |
|
|
$priv = map_page_privname($page);
|
| 1475 |
751533a2
|
Phil Davis
|
if ($priv) {
|
| 1476 |
791bcfd4
|
Bill Marquette
|
$privs[] = $priv;
|
| 1477 |
751533a2
|
Phil Davis
|
}
|
| 1478 |
791bcfd4
|
Bill Marquette
|
}
|
| 1479 |
|
|
unset($group['pages']);
|
| 1480 |
|
|
$group['priv'] = $privs;
|
| 1481 |
|
|
}
|
| 1482 |
|
|
|
| 1483 |
|
|
/* sync all local account information */
|
| 1484 |
|
|
local_sync_accounts();
|
| 1485 |
|
|
}
|
| 1486 |
|
|
|
| 1487 |
|
|
|
| 1488 |
|
|
function upgrade_050_to_051() {
|
| 1489 |
|
|
global $config;
|
| 1490 |
|
|
$pconfig = array();
|
| 1491 |
15864861
|
jim-p
|
$pconfig['descr'] = "Set to 0 to disable filtering on the incoming and outgoing member interfaces.";
|
| 1492 |
791bcfd4
|
Bill Marquette
|
$pconfig['tunable'] = "net.link.bridge.pfil_member";
|
| 1493 |
|
|
$pconfig['value'] = "1";
|
| 1494 |
|
|
$config['sysctl']['item'][] = $pconfig;
|
| 1495 |
|
|
$pconfig = array();
|
| 1496 |
15864861
|
jim-p
|
$pconfig['descr'] = "Set to 1 to enable filtering on the bridge interface";
|
| 1497 |
791bcfd4
|
Bill Marquette
|
$pconfig['tunable'] = "net.link.bridge.pfil_bridge";
|
| 1498 |
|
|
$pconfig['value'] = "0";
|
| 1499 |
|
|
$config['sysctl']['item'][] = $pconfig;
|
| 1500 |
|
|
|
| 1501 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['bridge'])) {
|
| 1502 |
|
|
unset($config['bridge']);
|
| 1503 |
|
|
}
|
| 1504 |
791bcfd4
|
Bill Marquette
|
|
| 1505 |
|
|
$convert_bridges = false;
|
| 1506 |
751533a2
|
Phil Davis
|
foreach ($config['interfaces'] as $intf) {
|
| 1507 |
791bcfd4
|
Bill Marquette
|
if (isset($intf['bridge']) && $intf['bridge'] <> "") {
|
| 1508 |
|
|
$config['bridges'] = array();
|
| 1509 |
|
|
$config['bridges']['bridged'] = array();
|
| 1510 |
|
|
$convert_bridges = true;
|
| 1511 |
|
|
break;
|
| 1512 |
|
|
}
|
| 1513 |
|
|
}
|
| 1514 |
|
|
if ($convert_bridges == true) {
|
| 1515 |
|
|
$i = 0;
|
| 1516 |
|
|
foreach ($config['interfaces'] as $ifr => &$intf) {
|
| 1517 |
|
|
if (isset($intf['bridge']) && $intf['bridge'] <> "") {
|
| 1518 |
|
|
$nbridge = array();
|
| 1519 |
|
|
$nbridge['members'] = "{$ifr},{$intf['bridge']}";
|
| 1520 |
4d511e5b
|
Renato Botelho
|
$nbridge['descr'] = sprintf(gettext("Converted bridged %s"), $ifr);
|
| 1521 |
791bcfd4
|
Bill Marquette
|
$nbridge['bridgeif'] = "bridge{$i}";
|
| 1522 |
|
|
$config['bridges']['bridged'][] = $nbridge;
|
| 1523 |
|
|
unset($intf['bridge']);
|
| 1524 |
|
|
$i++;
|
| 1525 |
|
|
}
|
| 1526 |
|
|
}
|
| 1527 |
|
|
}
|
| 1528 |
|
|
}
|
| 1529 |
|
|
|
| 1530 |
|
|
|
| 1531 |
|
|
function upgrade_051_to_052() {
|
| 1532 |
|
|
global $config;
|
| 1533 |
|
|
$config['openvpn'] = array();
|
| 1534 |
751533a2
|
Phil Davis
|
if (!is_array($config['ca'])) {
|
| 1535 |
9ad72e5e
|
jim-p
|
$config['ca'] = array();
|
| 1536 |
751533a2
|
Phil Davis
|
}
|
| 1537 |
|
|
if (!is_array($config['cert'])) {
|
| 1538 |
9ad72e5e
|
jim-p
|
$config['cert'] = array();
|
| 1539 |
751533a2
|
Phil Davis
|
}
|
| 1540 |
791bcfd4
|
Bill Marquette
|
|
| 1541 |
|
|
$vpnid = 1;
|
| 1542 |
|
|
|
| 1543 |
|
|
/* openvpn server configurations */
|
| 1544 |
|
|
if (is_array($config['installedpackages']['openvpnserver'])) {
|
| 1545 |
|
|
$config['openvpn']['openvpn-server'] = array();
|
| 1546 |
|
|
|
| 1547 |
|
|
$index = 1;
|
| 1548 |
751533a2
|
Phil Davis
|
foreach ($config['installedpackages']['openvpnserver']['config'] as $server) {
|
| 1549 |
791bcfd4
|
Bill Marquette
|
|
| 1550 |
751533a2
|
Phil Davis
|
if (!is_array($server)) {
|
| 1551 |
791bcfd4
|
Bill Marquette
|
continue;
|
| 1552 |
751533a2
|
Phil Davis
|
}
|
| 1553 |
791bcfd4
|
Bill Marquette
|
|
| 1554 |
|
|
if ($server['auth_method'] == "pki") {
|
| 1555 |
|
|
|
| 1556 |
|
|
/* create ca entry */
|
| 1557 |
|
|
$ca = array();
|
| 1558 |
|
|
$ca['refid'] = uniqid();
|
| 1559 |
f2a86ca9
|
jim-p
|
$ca['descr'] = "OpenVPN Server CA #{$index}";
|
| 1560 |
791bcfd4
|
Bill Marquette
|
$ca['crt'] = $server['ca_cert'];
|
| 1561 |
9ad72e5e
|
jim-p
|
$config['ca'][] = $ca;
|
| 1562 |
791bcfd4
|
Bill Marquette
|
|
| 1563 |
|
|
/* create ca reference */
|
| 1564 |
|
|
unset($server['ca_cert']);
|
| 1565 |
|
|
$server['caref'] = $ca['refid'];
|
| 1566 |
|
|
|
| 1567 |
47319bfb
|
jim-p
|
/* create a crl entry if needed */
|
| 1568 |
ab75b4ee
|
jim-p
|
if (!empty($server['crl'][0])) {
|
| 1569 |
47319bfb
|
jim-p
|
$crl = array();
|
| 1570 |
|
|
$crl['refid'] = uniqid();
|
| 1571 |
|
|
$crl['descr'] = "Imported OpenVPN CRL #{$index}";
|
| 1572 |
|
|
$crl['caref'] = $ca['refid'];
|
| 1573 |
ab75b4ee
|
jim-p
|
$crl['text'] = $server['crl'][0];
|
| 1574 |
751533a2
|
Phil Davis
|
if (!is_array($config['crl'])) {
|
| 1575 |
90e64fad
|
Warren Baker
|
$config['crl'] = array();
|
| 1576 |
751533a2
|
Phil Davis
|
}
|
| 1577 |
fc3e88f1
|
jim-p
|
$config['crl'][] = $crl;
|
| 1578 |
47319bfb
|
jim-p
|
$server['crlref'] = $crl['refid'];
|
| 1579 |
|
|
}
|
| 1580 |
|
|
unset($server['crl']);
|
| 1581 |
|
|
|
| 1582 |
791bcfd4
|
Bill Marquette
|
/* create cert entry */
|
| 1583 |
|
|
$cert = array();
|
| 1584 |
|
|
$cert['refid'] = uniqid();
|
| 1585 |
f2a86ca9
|
jim-p
|
$cert['descr'] = "OpenVPN Server Certificate #{$index}";
|
| 1586 |
791bcfd4
|
Bill Marquette
|
$cert['crt'] = $server['server_cert'];
|
| 1587 |
|
|
$cert['prv'] = $server['server_key'];
|
| 1588 |
9ad72e5e
|
jim-p
|
$config['cert'][] = $cert;
|
| 1589 |
791bcfd4
|
Bill Marquette
|
|
| 1590 |
|
|
/* create cert reference */
|
| 1591 |
|
|
unset($server['server_cert']);
|
| 1592 |
|
|
unset($server['server_key']);
|
| 1593 |
|
|
$server['certref'] = $cert['refid'];
|
| 1594 |
|
|
|
| 1595 |
|
|
$index++;
|
| 1596 |
|
|
}
|
| 1597 |
|
|
|
| 1598 |
|
|
/* determine operational mode */
|
| 1599 |
|
|
if ($server['auth_method'] == 'pki') {
|
| 1600 |
751533a2
|
Phil Davis
|
if ($server['nopool']) {
|
| 1601 |
791bcfd4
|
Bill Marquette
|
$server['mode'] = "p2p_tls";
|
| 1602 |
|
|
} else {
|
| 1603 |
|
|
$server['mode'] = "server_tls";
|
| 1604 |
|
|
}
|
| 1605 |
|
|
} else {
|
| 1606 |
|
|
$server['mode'] = "p2p_shared_key";
|
| 1607 |
|
|
}
|
| 1608 |
|
|
unset($server['auth_method']);
|
| 1609 |
|
|
|
| 1610 |
|
|
/* modify configuration values */
|
| 1611 |
|
|
$server['dh_length'] = 1024;
|
| 1612 |
|
|
unset($server['dh_params']);
|
| 1613 |
751533a2
|
Phil Davis
|
if (!$server['interface']) {
|
| 1614 |
a15a7738
|
jim-p
|
$server['interface'] = 'any';
|
| 1615 |
751533a2
|
Phil Davis
|
}
|
| 1616 |
791bcfd4
|
Bill Marquette
|
$server['tunnel_network'] = $server['addresspool'];
|
| 1617 |
|
|
unset($server['addresspool']);
|
| 1618 |
a843870d
|
jim-p
|
if (isset($server['use_lzo']) && ($server['use_lzo'] == "on")) {
|
| 1619 |
8b666514
|
jim-p
|
$server['compression'] = "on";
|
| 1620 |
da831323
|
Ermal Lu?i
|
unset($server['use_lzo']);
|
| 1621 |
|
|
}
|
| 1622 |
751533a2
|
Phil Davis
|
if ($server['nopool']) {
|
| 1623 |
791bcfd4
|
Bill Marquette
|
$server['pool_enable'] = false;
|
| 1624 |
751533a2
|
Phil Davis
|
} else {
|
| 1625 |
791bcfd4
|
Bill Marquette
|
$server['pool_enable'] = "yes";
|
| 1626 |
751533a2
|
Phil Davis
|
}
|
| 1627 |
791bcfd4
|
Bill Marquette
|
unset($server['nopool']);
|
| 1628 |
|
|
$server['dns_domain'] = $server['dhcp_domainname'];
|
| 1629 |
|
|
unset($server['dhcp_domainname']);
|
| 1630 |
c3ae41e6
|
jim-p
|
|
| 1631 |
|
|
$tmparr = explode(";", $server['dhcp_dns'], 4);
|
| 1632 |
|
|
$d=1;
|
| 1633 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1634 |
|
|
$server["dns_server{$d}"] = $tmpa;
|
| 1635 |
|
|
$d++;
|
| 1636 |
|
|
}
|
| 1637 |
791bcfd4
|
Bill Marquette
|
unset($server['dhcp_dns']);
|
| 1638 |
c3ae41e6
|
jim-p
|
|
| 1639 |
|
|
$tmparr = explode(";", $server['dhcp_ntp'], 2);
|
| 1640 |
|
|
$d=1;
|
| 1641 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1642 |
|
|
$server["ntp_server{$d}"] = $tmpa;
|
| 1643 |
|
|
$d++;
|
| 1644 |
|
|
}
|
| 1645 |
791bcfd4
|
Bill Marquette
|
unset($server['dhcp_ntp']);
|
| 1646 |
c3ae41e6
|
jim-p
|
|
| 1647 |
751533a2
|
Phil Davis
|
if ($server['dhcp_nbtdisable']) {
|
| 1648 |
791bcfd4
|
Bill Marquette
|
$server['netbios_enable'] = false;
|
| 1649 |
751533a2
|
Phil Davis
|
} else {
|
| 1650 |
791bcfd4
|
Bill Marquette
|
$server['netbios_enable'] = "yes";
|
| 1651 |
751533a2
|
Phil Davis
|
}
|
| 1652 |
791bcfd4
|
Bill Marquette
|
unset($server['dhcp_nbtdisable']);
|
| 1653 |
|
|
$server['netbios_ntype'] = $server['dhcp_nbttype'];
|
| 1654 |
|
|
unset($server['dhcp_nbttype']);
|
| 1655 |
|
|
$server['netbios_scope'] = $server['dhcp_nbtscope'];
|
| 1656 |
|
|
unset($server['dhcp_nbtscope']);
|
| 1657 |
c3ae41e6
|
jim-p
|
|
| 1658 |
|
|
$tmparr = explode(";", $server['dhcp_nbdd'], 2);
|
| 1659 |
|
|
$d=1;
|
| 1660 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1661 |
|
|
$server["nbdd_server{$d}"] = $tmpa;
|
| 1662 |
|
|
$d++;
|
| 1663 |
|
|
}
|
| 1664 |
791bcfd4
|
Bill Marquette
|
unset($server['dhcp_nbdd']);
|
| 1665 |
c3ae41e6
|
jim-p
|
|
| 1666 |
|
|
$tmparr = explode(";", $server['dhcp_wins'], 2);
|
| 1667 |
|
|
$d=1;
|
| 1668 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1669 |
|
|
$server["wins_server{$d}"] = $tmpa;
|
| 1670 |
|
|
$d++;
|
| 1671 |
|
|
}
|
| 1672 |
791bcfd4
|
Bill Marquette
|
unset($server['dhcp_wins']);
|
| 1673 |
|
|
|
| 1674 |
751533a2
|
Phil Davis
|
if (!empty($server['disable'])) {
|
| 1675 |
763a1b52
|
jim-p
|
$server['disable'] = true;
|
| 1676 |
751533a2
|
Phil Davis
|
} else {
|
| 1677 |
763a1b52
|
jim-p
|
unset($server['disable']);
|
| 1678 |
751533a2
|
Phil Davis
|
}
|
| 1679 |
763a1b52
|
jim-p
|
|
| 1680 |
791bcfd4
|
Bill Marquette
|
/* allocate vpnid */
|
| 1681 |
|
|
$server['vpnid'] = $vpnid++;
|
| 1682 |
|
|
|
| 1683 |
4f1ebacb
|
Ermal
|
if (!empty($server['custom_options'])) {
|
| 1684 |
|
|
$cstmopts = array();
|
| 1685 |
|
|
$tmpcstmopts = explode(";", $server['custom_options']);
|
| 1686 |
48e24ada
|
jim-p
|
$assigned_if = "";
|
| 1687 |
4f1ebacb
|
Ermal
|
$tmpstr = "";
|
| 1688 |
|
|
foreach ($tmpcstmopts as $tmpcstmopt) {
|
| 1689 |
|
|
$tmpstr = str_replace(" ", "", $tmpcstmopt);
|
| 1690 |
4de8f7ba
|
Phil Davis
|
if (substr($tmpstr, 0, 6) == "devtun") {
|
| 1691 |
48e24ada
|
jim-p
|
$assigned_if = substr($tmpstr, 3);
|
| 1692 |
4f1ebacb
|
Ermal
|
continue;
|
| 1693 |
8fd0badd
|
Ermal
|
} else if (substr($tmpstr, 0, 5) == "local") {
|
| 1694 |
9bc27ae5
|
jim-p
|
$localip = substr($tmpstr, 5);
|
| 1695 |
8fd0badd
|
Ermal
|
$server['ipaddr'] = str_replace("\n", "", $localip);
|
| 1696 |
751533a2
|
Phil Davis
|
} else {
|
| 1697 |
4f1ebacb
|
Ermal
|
$cstmopts[] = $tmpcstmopt;
|
| 1698 |
751533a2
|
Phil Davis
|
}
|
| 1699 |
4f1ebacb
|
Ermal
|
}
|
| 1700 |
|
|
$server['custom_options'] = implode(";", $cstmopts);
|
| 1701 |
48e24ada
|
jim-p
|
if (!empty($assigned_if)) {
|
| 1702 |
4f1ebacb
|
Ermal
|
foreach ($config['interfaces'] as $iface => $cfgif) {
|
| 1703 |
48e24ada
|
jim-p
|
if ($cfgif['if'] == $assigned_if) {
|
| 1704 |
4f1ebacb
|
Ermal
|
$config['interfaces'][$iface]['if'] = "ovpns{$server['vpnid']}";
|
| 1705 |
|
|
break;
|
| 1706 |
|
|
}
|
| 1707 |
|
|
}
|
| 1708 |
|
|
}
|
| 1709 |
|
|
}
|
| 1710 |
|
|
|
| 1711 |
791bcfd4
|
Bill Marquette
|
$config['openvpn']['openvpn-server'][] = $server;
|
| 1712 |
|
|
}
|
| 1713 |
|
|
unset($config['installedpackages']['openvpnserver']);
|
| 1714 |
|
|
}
|
| 1715 |
|
|
|
| 1716 |
|
|
/* openvpn client configurations */
|
| 1717 |
|
|
if (is_array($config['installedpackages']['openvpnclient'])) {
|
| 1718 |
|
|
$config['openvpn']['openvpn-client'] = array();
|
| 1719 |
|
|
|
| 1720 |
|
|
$index = 1;
|
| 1721 |
751533a2
|
Phil Davis
|
foreach ($config['installedpackages']['openvpnclient']['config'] as $client) {
|
| 1722 |
791bcfd4
|
Bill Marquette
|
|
| 1723 |
751533a2
|
Phil Davis
|
if (!is_array($client)) {
|
| 1724 |
791bcfd4
|
Bill Marquette
|
continue;
|
| 1725 |
751533a2
|
Phil Davis
|
}
|
| 1726 |
791bcfd4
|
Bill Marquette
|
|
| 1727 |
|
|
if ($client['auth_method'] == "pki") {
|
| 1728 |
|
|
|
| 1729 |
|
|
/* create ca entry */
|
| 1730 |
|
|
$ca = array();
|
| 1731 |
|
|
$ca['refid'] = uniqid();
|
| 1732 |
f2a86ca9
|
jim-p
|
$ca['descr'] = "OpenVPN Client CA #{$index}";
|
| 1733 |
791bcfd4
|
Bill Marquette
|
$ca['crt'] = $client['ca_cert'];
|
| 1734 |
|
|
$ca['crl'] = $client['crl'];
|
| 1735 |
9ad72e5e
|
jim-p
|
$config['ca'][] = $ca;
|
| 1736 |
791bcfd4
|
Bill Marquette
|
|
| 1737 |
|
|
/* create ca reference */
|
| 1738 |
|
|
unset($client['ca_cert']);
|
| 1739 |
|
|
unset($client['crl']);
|
| 1740 |
|
|
$client['caref'] = $ca['refid'];
|
| 1741 |
|
|
|
| 1742 |
|
|
/* create cert entry */
|
| 1743 |
|
|
$cert = array();
|
| 1744 |
|
|
$cert['refid'] = uniqid();
|
| 1745 |
f2a86ca9
|
jim-p
|
$cert['descr'] = "OpenVPN Client Certificate #{$index}";
|
| 1746 |
791bcfd4
|
Bill Marquette
|
$cert['crt'] = $client['client_cert'];
|
| 1747 |
|
|
$cert['prv'] = $client['client_key'];
|
| 1748 |
9ad72e5e
|
jim-p
|
$config['cert'][] = $cert;
|
| 1749 |
791bcfd4
|
Bill Marquette
|
|
| 1750 |
|
|
/* create cert reference */
|
| 1751 |
|
|
unset($client['client_cert']);
|
| 1752 |
|
|
unset($client['client_key']);
|
| 1753 |
|
|
$client['certref'] = $cert['refid'];
|
| 1754 |
|
|
|
| 1755 |
|
|
$index++;
|
| 1756 |
|
|
}
|
| 1757 |
|
|
|
| 1758 |
|
|
/* determine operational mode */
|
| 1759 |
751533a2
|
Phil Davis
|
if ($client['auth_method'] == 'pki') {
|
| 1760 |
791bcfd4
|
Bill Marquette
|
$client['mode'] = "p2p_tls";
|
| 1761 |
751533a2
|
Phil Davis
|
} else {
|
| 1762 |
791bcfd4
|
Bill Marquette
|
$client['mode'] = "p2p_shared_key";
|
| 1763 |
751533a2
|
Phil Davis
|
}
|
| 1764 |
791bcfd4
|
Bill Marquette
|
unset($client['auth_method']);
|
| 1765 |
|
|
|
| 1766 |
|
|
/* modify configuration values */
|
| 1767 |
751533a2
|
Phil Davis
|
if (!$client['interface']) {
|
| 1768 |
791bcfd4
|
Bill Marquette
|
$client['interface'] = 'wan';
|
| 1769 |
751533a2
|
Phil Davis
|
}
|
| 1770 |
791bcfd4
|
Bill Marquette
|
$client['tunnel_network'] = $client['interface_ip'];
|
| 1771 |
|
|
unset($client['interface_ip']);
|
| 1772 |
|
|
$client['server_addr'] = $client['serveraddr'];
|
| 1773 |
|
|
unset($client['serveraddr']);
|
| 1774 |
|
|
$client['server_port'] = $client['serverport'];
|
| 1775 |
|
|
unset($client['serverport']);
|
| 1776 |
|
|
$client['proxy_addr'] = $client['poxy_hostname'];
|
| 1777 |
|
|
unset($client['proxy_addr']);
|
| 1778 |
a843870d
|
jim-p
|
if (isset($client['use_lzo']) && ($client['use_lzo'] == "on")) {
|
| 1779 |
8b666514
|
jim-p
|
$client['compression'] = "on";
|
| 1780 |
da831323
|
Ermal Lu?i
|
unset($client['use_lzo']);
|
| 1781 |
|
|
}
|
| 1782 |
791bcfd4
|
Bill Marquette
|
$client['resolve_retry'] = $client['infiniteresolvretry'];
|
| 1783 |
|
|
unset($client['infiniteresolvretry']);
|
| 1784 |
|
|
|
| 1785 |
|
|
/* allocate vpnid */
|
| 1786 |
|
|
$client['vpnid'] = $vpnid++;
|
| 1787 |
|
|
|
| 1788 |
4f1ebacb
|
Ermal
|
if (!empty($client['custom_options'])) {
|
| 1789 |
|
|
$cstmopts = array();
|
| 1790 |
|
|
$tmpcstmopts = explode(";", $client['custom_options']);
|
| 1791 |
48e24ada
|
jim-p
|
$assigned_if = "";
|
| 1792 |
4f1ebacb
|
Ermal
|
$tmpstr = "";
|
| 1793 |
|
|
foreach ($tmpcstmopts as $tmpcstmopt) {
|
| 1794 |
|
|
$tmpstr = str_replace(" ", "", $tmpcstmopt);
|
| 1795 |
4de8f7ba
|
Phil Davis
|
if (substr($tmpstr, 0, 6) == "devtun") {
|
| 1796 |
48e24ada
|
jim-p
|
$assigned_if = substr($tmpstr, 3);
|
| 1797 |
4f1ebacb
|
Ermal
|
continue;
|
| 1798 |
8fd0badd
|
Ermal
|
} else if (substr($tmpstr, 0, 5) == "local") {
|
| 1799 |
2d563280
|
Renato Botelho
|
$localip = substr($tmpstr, 5);
|
| 1800 |
|
|
$client['ipaddr'] = str_replace("\n", "", $localip);
|
| 1801 |
751533a2
|
Phil Davis
|
} else {
|
| 1802 |
4f1ebacb
|
Ermal
|
$cstmopts[] = $tmpcstmopt;
|
| 1803 |
751533a2
|
Phil Davis
|
}
|
| 1804 |
4f1ebacb
|
Ermal
|
}
|
| 1805 |
|
|
$client['custom_options'] = implode(";", $cstmopts);
|
| 1806 |
48e24ada
|
jim-p
|
if (!empty($assigned_if)) {
|
| 1807 |
4f1ebacb
|
Ermal
|
foreach ($config['interfaces'] as $iface => $cfgif) {
|
| 1808 |
48e24ada
|
jim-p
|
if ($cfgif['if'] == $assigned_if) {
|
| 1809 |
4f1ebacb
|
Ermal
|
$config['interfaces'][$iface]['if'] = "ovpnc{$client['vpnid']}";
|
| 1810 |
|
|
break;
|
| 1811 |
|
|
}
|
| 1812 |
|
|
}
|
| 1813 |
|
|
}
|
| 1814 |
|
|
}
|
| 1815 |
|
|
|
| 1816 |
751533a2
|
Phil Davis
|
if (!empty($client['disable'])) {
|
| 1817 |
763a1b52
|
jim-p
|
$client['disable'] = true;
|
| 1818 |
751533a2
|
Phil Davis
|
} else {
|
| 1819 |
763a1b52
|
jim-p
|
unset($client['disable']);
|
| 1820 |
751533a2
|
Phil Davis
|
}
|
| 1821 |
763a1b52
|
jim-p
|
|
| 1822 |
791bcfd4
|
Bill Marquette
|
$config['openvpn']['openvpn-client'][] = $client;
|
| 1823 |
|
|
}
|
| 1824 |
|
|
|
| 1825 |
|
|
unset($config['installedpackages']['openvpnclient']);
|
| 1826 |
|
|
}
|
| 1827 |
|
|
|
| 1828 |
|
|
/* openvpn client specific configurations */
|
| 1829 |
|
|
if (is_array($config['installedpackages']['openvpncsc'])) {
|
| 1830 |
|
|
$config['openvpn']['openvpn-csc'] = array();
|
| 1831 |
|
|
|
| 1832 |
751533a2
|
Phil Davis
|
foreach ($config['installedpackages']['openvpncsc']['config'] as $csc) {
|
| 1833 |
791bcfd4
|
Bill Marquette
|
|
| 1834 |
751533a2
|
Phil Davis
|
if (!is_array($csc)) {
|
| 1835 |
791bcfd4
|
Bill Marquette
|
continue;
|
| 1836 |
751533a2
|
Phil Davis
|
}
|
| 1837 |
791bcfd4
|
Bill Marquette
|
|
| 1838 |
|
|
/* modify configuration values */
|
| 1839 |
|
|
$csc['common_name'] = $csc['commonname'];
|
| 1840 |
|
|
unset($csc['commonname']);
|
| 1841 |
|
|
$csc['tunnel_network'] = $csc['ifconfig_push'];
|
| 1842 |
|
|
unset($csc['ifconfig_push']);
|
| 1843 |
|
|
$csc['dns_domain'] = $csc['dhcp_domainname'];
|
| 1844 |
|
|
unset($csc['dhcp_domainname']);
|
| 1845 |
c3ae41e6
|
jim-p
|
|
| 1846 |
|
|
$tmparr = explode(";", $csc['dhcp_dns'], 4);
|
| 1847 |
|
|
$d=1;
|
| 1848 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1849 |
|
|
$csc["dns_server{$d}"] = $tmpa;
|
| 1850 |
|
|
$d++;
|
| 1851 |
|
|
}
|
| 1852 |
791bcfd4
|
Bill Marquette
|
unset($csc['dhcp_dns']);
|
| 1853 |
c3ae41e6
|
jim-p
|
|
| 1854 |
|
|
$tmparr = explode(";", $csc['dhcp_ntp'], 2);
|
| 1855 |
|
|
$d=1;
|
| 1856 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1857 |
|
|
$csc["ntp_server{$d}"] = $tmpa;
|
| 1858 |
|
|
$d++;
|
| 1859 |
|
|
}
|
| 1860 |
791bcfd4
|
Bill Marquette
|
unset($csc['dhcp_ntp']);
|
| 1861 |
c3ae41e6
|
jim-p
|
|
| 1862 |
751533a2
|
Phil Davis
|
if ($csc['dhcp_nbtdisable']) {
|
| 1863 |
791bcfd4
|
Bill Marquette
|
$csc['netbios_enable'] = false;
|
| 1864 |
751533a2
|
Phil Davis
|
} else {
|
| 1865 |
791bcfd4
|
Bill Marquette
|
$csc['netbios_enable'] = "yes";
|
| 1866 |
751533a2
|
Phil Davis
|
}
|
| 1867 |
791bcfd4
|
Bill Marquette
|
unset($csc['dhcp_nbtdisable']);
|
| 1868 |
|
|
$csc['netbios_ntype'] = $csc['dhcp_nbttype'];
|
| 1869 |
|
|
unset($csc['dhcp_nbttype']);
|
| 1870 |
|
|
$csc['netbios_scope'] = $csc['dhcp_nbtscope'];
|
| 1871 |
|
|
unset($csc['dhcp_nbtscope']);
|
| 1872 |
c3ae41e6
|
jim-p
|
|
| 1873 |
|
|
$tmparr = explode(";", $csc['dhcp_nbdd'], 2);
|
| 1874 |
|
|
$d=1;
|
| 1875 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1876 |
|
|
$csc["nbdd_server{$d}"] = $tmpa;
|
| 1877 |
|
|
$d++;
|
| 1878 |
|
|
}
|
| 1879 |
791bcfd4
|
Bill Marquette
|
unset($csc['dhcp_nbdd']);
|
| 1880 |
c3ae41e6
|
jim-p
|
|
| 1881 |
|
|
$tmparr = explode(";", $csc['dhcp_wins'], 2);
|
| 1882 |
|
|
$d=1;
|
| 1883 |
|
|
foreach ($tmparr as $tmpa) {
|
| 1884 |
|
|
$csc["wins_server{$d}"] = $tmpa;
|
| 1885 |
|
|
$d++;
|
| 1886 |
|
|
}
|
| 1887 |
791bcfd4
|
Bill Marquette
|
unset($csc['dhcp_wins']);
|
| 1888 |
|
|
|
| 1889 |
751533a2
|
Phil Davis
|
if (!empty($csc['disable'])) {
|
| 1890 |
1e68a58b
|
jim-p
|
$csc['disable'] = true;
|
| 1891 |
751533a2
|
Phil Davis
|
} else {
|
| 1892 |
1e68a58b
|
jim-p
|
unset($csc['disable']);
|
| 1893 |
751533a2
|
Phil Davis
|
}
|
| 1894 |
1e68a58b
|
jim-p
|
|
| 1895 |
791bcfd4
|
Bill Marquette
|
$config['openvpn']['openvpn-csc'][] = $csc;
|
| 1896 |
|
|
}
|
| 1897 |
|
|
|
| 1898 |
|
|
unset($config['installedpackages']['openvpncsc']);
|
| 1899 |
|
|
}
|
| 1900 |
|
|
|
| 1901 |
c73bd8f0
|
Ermal Lu?i
|
if (count($config['openvpn']['openvpn-server']) > 0 ||
|
| 1902 |
751533a2
|
Phil Davis
|
count($config['openvpn']['openvpn-client']) > 0) {
|
| 1903 |
c73bd8f0
|
Ermal Lu?i
|
$ovpnrule = array();
|
| 1904 |
2d563280
|
Renato Botelho
|
$ovpnrule['type'] = "pass";
|
| 1905 |
|
|
$ovpnrule['interface'] = "openvpn";
|
| 1906 |
|
|
$ovpnrule['statetype'] = "keep state";
|
| 1907 |
|
|
$ovpnrule['source'] = array();
|
| 1908 |
|
|
$ovpnrule['destination'] = array();
|
| 1909 |
|
|
$ovpnrule['source']['any'] = true;
|
| 1910 |
|
|
$ovpnrule['destination']['any'] = true;
|
| 1911 |
|
|
$ovpnrule['descr'] = gettext("Auto added OpenVPN rule from config upgrade.");
|
| 1912 |
c73bd8f0
|
Ermal Lu?i
|
$config['filter']['rule'][] = $ovpnrule;
|
| 1913 |
|
|
}
|
| 1914 |
|
|
|
| 1915 |
791bcfd4
|
Bill Marquette
|
/*
|
| 1916 |
|
|
* FIXME: hack to keep things working with no installedpackages
|
| 1917 |
|
|
* or carp array in the configuration data.
|
| 1918 |
|
|
*/
|
| 1919 |
751533a2
|
Phil Davis
|
if (!is_array($config['installedpackages'])) {
|
| 1920 |
791bcfd4
|
Bill Marquette
|
$config['installedpackages'] = array();
|
| 1921 |
751533a2
|
Phil Davis
|
}
|
| 1922 |
|
|
if (!is_array($config['installedpackages']['carp'])) {
|
| 1923 |
791bcfd4
|
Bill Marquette
|
$config['installedpackages']['carp'] = array();
|
| 1924 |
751533a2
|
Phil Davis
|
}
|
| 1925 |
791bcfd4
|
Bill Marquette
|
|
| 1926 |
|
|
}
|
| 1927 |
|
|
|
| 1928 |
|
|
|
| 1929 |
|
|
function upgrade_052_to_053() {
|
| 1930 |
|
|
global $config;
|
| 1931 |
751533a2
|
Phil Davis
|
if (!is_array($config['ca'])) {
|
| 1932 |
9ad72e5e
|
jim-p
|
$config['ca'] = array();
|
| 1933 |
751533a2
|
Phil Davis
|
}
|
| 1934 |
|
|
if (!is_array($config['cert'])) {
|
| 1935 |
9ad72e5e
|
jim-p
|
$config['cert'] = array();
|
| 1936 |
751533a2
|
Phil Davis
|
}
|
| 1937 |
791bcfd4
|
Bill Marquette
|
|
| 1938 |
f416763b
|
Phil Davis
|
/* migrate advanced admin page webui ssl to certificate manager */
|
| 1939 |
791bcfd4
|
Bill Marquette
|
if ($config['system']['webgui']['certificate'] &&
|
| 1940 |
751533a2
|
Phil Davis
|
$config['system']['webgui']['private-key']) {
|
| 1941 |
791bcfd4
|
Bill Marquette
|
|
| 1942 |
|
|
/* create cert entry */
|
| 1943 |
|
|
$cert = array();
|
| 1944 |
|
|
$cert['refid'] = uniqid();
|
| 1945 |
f2a86ca9
|
jim-p
|
$cert['descr'] = "webConfigurator SSL Certificate";
|
| 1946 |
791bcfd4
|
Bill Marquette
|
$cert['crt'] = $config['system']['webgui']['certificate'];
|
| 1947 |
|
|
$cert['prv'] = $config['system']['webgui']['private-key'];
|
| 1948 |
9ad72e5e
|
jim-p
|
$config['cert'][] = $cert;
|
| 1949 |
791bcfd4
|
Bill Marquette
|
|
| 1950 |
|
|
/* create cert reference */
|
| 1951 |
|
|
unset($config['system']['webgui']['certificate']);
|
| 1952 |
|
|
unset($config['system']['webgui']['private-key']);
|
| 1953 |
|
|
$config['system']['webgui']['ssl-certref'] = $cert['refid'];
|
| 1954 |
|
|
}
|
| 1955 |
|
|
|
| 1956 |
|
|
/* migrate advanced admin page ssh keys to user manager */
|
| 1957 |
|
|
if ($config['system']['ssh']['authorizedkeys']) {
|
| 1958 |
|
|
$admin_user =& getUserEntryByUID(0);
|
| 1959 |
|
|
$admin_user['authorizedkeys'] = $config['system']['ssh']['authorizedkeys'];
|
| 1960 |
|
|
unset($config['system']['ssh']['authorizedkeys']);
|
| 1961 |
|
|
}
|
| 1962 |
|
|
}
|
| 1963 |
|
|
|
| 1964 |
|
|
|
| 1965 |
|
|
function upgrade_053_to_054() {
|
| 1966 |
|
|
global $config;
|
| 1967 |
751533a2
|
Phil Davis
|
if (is_array($config['load_balancer']['lbpool'])) {
|
| 1968 |
38b5beaf
|
sullrich
|
$lbpool_arr = $config['load_balancer']['lbpool'];
|
| 1969 |
791bcfd4
|
Bill Marquette
|
$lbpool_srv_arr = array();
|
| 1970 |
|
|
$gateway_group_arr = array();
|
| 1971 |
816a5aff
|
Seth Mos
|
$gateways = return_gateways_array();
|
| 1972 |
ce107ca5
|
jim-p
|
$group_name_changes = array();
|
| 1973 |
4de8f7ba
|
Phil Davis
|
if (!is_array($config['gateways']['gateway_item'])) {
|
| 1974 |
bf02c784
|
Ermal
|
$config['gateways']['gateway_item'] = array();
|
| 1975 |
751533a2
|
Phil Davis
|
}
|
| 1976 |
d827f9cc
|
smos
|
|
| 1977 |
bf02c784
|
Ermal
|
$a_gateways =& $config['gateways']['gateway_item'];
|
| 1978 |
751533a2
|
Phil Davis
|
foreach ($lbpool_arr as $lbpool) {
|
| 1979 |
|
|
if ($lbpool['type'] == "gateway") {
|
| 1980 |
ce107ca5
|
jim-p
|
// Gateway Groups have to have valid names in pf, old lb pools did not. Clean them up.
|
| 1981 |
751533a2
|
Phil Davis
|
$group_name = preg_replace("/[^A-Za-z0-9]/", "", $lbpool['name']);
|
| 1982 |
ce107ca5
|
jim-p
|
// If we made and changes, check for collisions and note the change.
|
| 1983 |
|
|
if ($group_name != $lbpool['name']) {
|
| 1984 |
|
|
// Make sure the name isn't already in use.
|
| 1985 |
|
|
foreach ($gateway_group_arr as $gwg) {
|
| 1986 |
|
|
// If the name is in use, add some random bits to avoid collision.
|
| 1987 |
751533a2
|
Phil Davis
|
if ($gwg['name'] == $group_name) {
|
| 1988 |
ce107ca5
|
jim-p
|
$group_name .= uniqid();
|
| 1989 |
751533a2
|
Phil Davis
|
}
|
| 1990 |
ce107ca5
|
jim-p
|
}
|
| 1991 |
|
|
$group_name_changes[$lbpool['name']] = $group_name;
|
| 1992 |
|
|
}
|
| 1993 |
|
|
$gateway_group['name'] = $group_name;
|
| 1994 |
e988813d
|
jim-p
|
$gateway_group['descr'] = $lbpool['descr'];
|
| 1995 |
791bcfd4
|
Bill Marquette
|
$gateway_group['trigger'] = "down";
|
| 1996 |
|
|
$gateway_group['item'] = array();
|
| 1997 |
cb945ced
|
sullrich
|
$i = 0;
|
| 1998 |
751533a2
|
Phil Davis
|
foreach ($lbpool['servers'] as $member) {
|
| 1999 |
2ce660ad
|
smos
|
$split = explode("|", $member);
|
| 2000 |
791bcfd4
|
Bill Marquette
|
$interface = $split[0];
|
| 2001 |
d9d4c637
|
Seth Mos
|
$monitor = $split[1];
|
| 2002 |
2328dcc5
|
Seth Mos
|
/* on static upgraded configuration we automatically prepend GW_ */
|
| 2003 |
|
|
$static_name = "GW_" . strtoupper($interface);
|
| 2004 |
751533a2
|
Phil Davis
|
if (is_ipaddr($monitor)) {
|
| 2005 |
|
|
foreach ($a_gateways as & $gw) {
|
| 2006 |
|
|
if ($gw['name'] == $static_name) {
|
| 2007 |
d2b20ab6
|
jim-p
|
$gw['monitor'] = $monitor;
|
| 2008 |
751533a2
|
Phil Davis
|
}
|
| 2009 |
|
|
}
|
| 2010 |
|
|
}
|
| 2011 |
d2b20ab6
|
jim-p
|
|
| 2012 |
6ee1b7eb
|
Seth Mos
|
/* on failover increment tier. Else always assign 1 */
|
| 2013 |
751533a2
|
Phil Davis
|
if ($lbpool['behaviour'] == "failover") {
|
| 2014 |
6ee1b7eb
|
Seth Mos
|
$i++;
|
| 2015 |
|
|
} else {
|
| 2016 |
|
|
$i = 1;
|
| 2017 |
|
|
}
|
| 2018 |
685a26fc
|
smos
|
$gateway_group['item'][] = "$static_name|$i";
|
| 2019 |
791bcfd4
|
Bill Marquette
|
}
|
| 2020 |
|
|
$gateway_group_arr[] = $gateway_group;
|
| 2021 |
|
|
} else {
|
| 2022 |
|
|
$lbpool_srv_arr[] = $lbpool;
|
| 2023 |
|
|
}
|
| 2024 |
|
|
}
|
| 2025 |
38b5beaf
|
sullrich
|
$config['load_balancer']['lbpool'] = $lbpool_srv_arr;
|
| 2026 |
791bcfd4
|
Bill Marquette
|
$config['gateways']['gateway_group'] = $gateway_group_arr;
|
| 2027 |
|
|
}
|
| 2028 |
|
|
// Unset lbpool if we no longer have any server pools
|
| 2029 |
|
|
if (count($lbpool_srv_arr) == 0) {
|
| 2030 |
751533a2
|
Phil Davis
|
if (empty($config['load_balancer'])) {
|
| 2031 |
0b5b4f32
|
Seth Mos
|
unset($config['load_balancer']);
|
| 2032 |
92a2ceae
|
Seth Mos
|
} else {
|
| 2033 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['load_balancer']['lbpool'])) {
|
| 2034 |
|
|
unset($config['load_balancer']['lbpool']);
|
| 2035 |
|
|
}
|
| 2036 |
0b5b4f32
|
Seth Mos
|
}
|
| 2037 |
791bcfd4
|
Bill Marquette
|
} else {
|
| 2038 |
|
|
$config['load_balancer']['lbpool'] = $lbpool_srv_arr;
|
| 2039 |
|
|
}
|
| 2040 |
|
|
// Only set the gateway group array if we converted any
|
| 2041 |
|
|
if (count($gateway_group_arr) != 0) {
|
| 2042 |
|
|
$config['gateways']['gateway_group'] = $gateway_group_arr;
|
| 2043 |
ce107ca5
|
jim-p
|
// Update any rules that had a gateway change, if any.
|
| 2044 |
751533a2
|
Phil Davis
|
if (count($group_name_changes) > 0) {
|
| 2045 |
|
|
foreach ($config['filter']['rule'] as & $rule) {
|
| 2046 |
|
|
if (!empty($rule["gateway"]) && array_key_exists($rule["gateway"], $group_name_changes)) {
|
| 2047 |
ce107ca5
|
jim-p
|
$rule["gateway"] = $group_name_changes[$rule["gateway"]];
|
| 2048 |
751533a2
|
Phil Davis
|
}
|
| 2049 |
|
|
}
|
| 2050 |
|
|
}
|
| 2051 |
791bcfd4
|
Bill Marquette
|
}
|
| 2052 |
|
|
}
|
| 2053 |
|
|
|
| 2054 |
|
|
|
| 2055 |
|
|
function upgrade_054_to_055() {
|
| 2056 |
|
|
global $config;
|
| 2057 |
54f8bad0
|
Seth Mos
|
global $g;
|
| 2058 |
|
|
|
| 2059 |
791bcfd4
|
Bill Marquette
|
/* RRD files changed for quality, traffic and packets graphs */
|
| 2060 |
59cfe65d
|
Ermal
|
//ini_set("max_execution_time", "1800");
|
| 2061 |
791bcfd4
|
Bill Marquette
|
/* convert traffic RRD file */
|
| 2062 |
|
|
global $parsedcfg, $listtags;
|
| 2063 |
|
|
$listtags = array("ds", "v", "rra", "row");
|
| 2064 |
|
|
|
| 2065 |
|
|
$rrddbpath = "/var/db/rrd/";
|
| 2066 |
|
|
$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
|
| 2067 |
dc61252a
|
Renato Botelho
|
if (isset($config['system']['use_mfs_tmpvar'])) {
|
| 2068 |
e34cf1f6
|
smos
|
/* restore the databases, if we have one */
|
| 2069 |
8bdb6879
|
Darren Embry
|
if (restore_rrd()) {
|
| 2070 |
e34cf1f6
|
smos
|
/* Make sure to move the rrd backup out of the way. We will make a new one after converting. */
|
| 2071 |
8560c756
|
jim-p
|
@rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup/rrd.tgz");
|
| 2072 |
e34cf1f6
|
smos
|
}
|
| 2073 |
|
|
}
|
| 2074 |
791bcfd4
|
Bill Marquette
|
|
| 2075 |
|
|
$rrdinterval = 60;
|
| 2076 |
|
|
$valid = $rrdinterval * 2;
|
| 2077 |
|
|
|
| 2078 |
|
|
/* Asume GigE for now */
|
| 2079 |
|
|
$downstream = 125000000;
|
| 2080 |
|
|
$upstream = 125000000;
|
| 2081 |
|
|
|
| 2082 |
|
|
/* build a list of quality databases */
|
| 2083 |
|
|
/* roundtrip has become delay */
|
| 2084 |
|
|
function divide_delay($delayval) {
|
| 2085 |
|
|
$delayval = floatval($delayval);
|
| 2086 |
|
|
$delayval = ($delayval / 1000);
|
| 2087 |
|
|
$delayval = " ". sprintf("%1.10e", $delayval) ." ";
|
| 2088 |
|
|
return $delayval;
|
| 2089 |
|
|
}
|
| 2090 |
|
|
/* the roundtrip times need to be divided by 1000 to get seconds, really */
|
| 2091 |
|
|
$databases = array();
|
| 2092 |
751533a2
|
Phil Davis
|
if (!file_exists($rrddbpath)) {
|
| 2093 |
af0b07d3
|
jim-p
|
@mkdir($rrddbpath);
|
| 2094 |
751533a2
|
Phil Davis
|
}
|
| 2095 |
4cb9abc3
|
jim-p
|
chdir($rrddbpath);
|
| 2096 |
|
|
$databases = glob("*-quality.rrd");
|
| 2097 |
791bcfd4
|
Bill Marquette
|
rsort($databases);
|
| 2098 |
751533a2
|
Phil Davis
|
foreach ($databases as $database) {
|
| 2099 |
791bcfd4
|
Bill Marquette
|
$xmldump = "{$database}.old.xml";
|
| 2100 |
|
|
$xmldumpnew = "{$database}.new.xml";
|
| 2101 |
|
|
|
| 2102 |
751533a2
|
Phil Davis
|
if (platform_booting()) {
|
| 2103 |
9bc8b6b6
|
Seth Mos
|
echo "Migrate RRD database {$database} to new format for IPv6 \n";
|
| 2104 |
751533a2
|
Phil Davis
|
}
|
| 2105 |
791bcfd4
|
Bill Marquette
|
mwexec("$rrdtool tune {$rrddbpath}{$database} -r roundtrip:delay 2>&1");
|
| 2106 |
|
|
|
| 2107 |
|
|
dump_rrd_to_xml("{$rrddbpath}/{$database}", "{$g['tmp_path']}/{$xmldump}");
|
| 2108 |
1005d4bf
|
Seth Mos
|
$rrdold = xml2array(file_get_contents("{$g['tmp_path']}/{$xmldump}"), 1, "tag");
|
| 2109 |
791bcfd4
|
Bill Marquette
|
$rrdold = $rrdold['rrd'];
|
| 2110 |
|
|
|
| 2111 |
|
|
$i = 0;
|
| 2112 |
751533a2
|
Phil Davis
|
foreach ($rrdold['rra'] as $rra) {
|
| 2113 |
791bcfd4
|
Bill Marquette
|
$l = 0;
|
| 2114 |
751533a2
|
Phil Davis
|
foreach ($rra['database']['row'] as $row) {
|
| 2115 |
791bcfd4
|
Bill Marquette
|
$vnew = divide_delay($row['v'][1]);
|
| 2116 |
|
|
$rrdold['rra'][$i]['database']['row'][$l]['v'][1] = $vnew;
|
| 2117 |
|
|
$l++;
|
| 2118 |
|
|
}
|
| 2119 |
|
|
$i++;
|
| 2120 |
|
|
}
|
| 2121 |
|
|
|
| 2122 |
56ee96ed
|
smos
|
file_put_contents("{$g['tmp_path']}/{$xmldumpnew}", dump_xml_config_raw($rrdold, "rrd"));
|
| 2123 |
791bcfd4
|
Bill Marquette
|
mwexec("$rrdtool restore -f {$g['tmp_path']}/{$xmldumpnew} {$rrddbpath}/{$database} 2>&1");
|
| 2124 |
|
|
|
| 2125 |
1005d4bf
|
Seth Mos
|
unset($rrdold);
|
| 2126 |
7ceff68a
|
Ermal LUÇI
|
@unlink("{$g['tmp_path']}/{$xmldump}");
|
| 2127 |
|
|
@unlink("{$g['tmp_path']}/{$xmldumpnew}");
|
| 2128 |
791bcfd4
|
Bill Marquette
|
}
|
| 2129 |
|
|
|
| 2130 |
|
|
/* build a list of traffic and packets databases */
|
| 2131 |
84683e42
|
Renato Botelho
|
$databases = return_dir_as_array($rrddbpath, '/-(traffic|packets)\.rrd$/');
|
| 2132 |
791bcfd4
|
Bill Marquette
|
rsort($databases);
|
| 2133 |
751533a2
|
Phil Davis
|
foreach ($databases as $database) {
|
| 2134 |
791bcfd4
|
Bill Marquette
|
$databasetmp = "{$database}.tmp";
|
| 2135 |
|
|
$xmldump = "{$database}.old.xml";
|
| 2136 |
|
|
$xmldumptmp = "{$database}.tmp.xml";
|
| 2137 |
|
|
$xmldumpnew = "{$database}.new.xml";
|
| 2138 |
|
|
|
| 2139 |
751533a2
|
Phil Davis
|
if (platform_booting()) {
|
| 2140 |
34834e7e
|
jim-p
|
echo "Migrate RRD database {$database} to new format \n";
|
| 2141 |
751533a2
|
Phil Davis
|
}
|
| 2142 |
791bcfd4
|
Bill Marquette
|
/* rename DS source */
|
| 2143 |
|
|
mwexec("$rrdtool tune {$rrddbpath}/{$database} -r in:inpass 2>&1");
|
| 2144 |
|
|
mwexec("$rrdtool tune {$rrddbpath}/{$database} -r out:outpass 2>71");
|
| 2145 |
|
|
|
| 2146 |
|
|
/* dump contents to xml and move database out of the way */
|
| 2147 |
|
|
dump_rrd_to_xml("{$rrddbpath}/{$database}", "{$g['tmp_path']}/{$xmldump}");
|
| 2148 |
|
|
|
| 2149 |
|
|
/* create new rrd database file */
|
| 2150 |
|
|
$rrdcreate = "$rrdtool create {$g['tmp_path']}/{$databasetmp} --step $rrdinterval ";
|
| 2151 |
|
|
$rrdcreate .= "DS:inpass:COUNTER:$valid:0:$downstream ";
|
| 2152 |
|
|
$rrdcreate .= "DS:outpass:COUNTER:$valid:0:$upstream ";
|
| 2153 |
|
|
$rrdcreate .= "DS:inblock:COUNTER:$valid:0:$downstream ";
|
| 2154 |
|
|
$rrdcreate .= "DS:outblock:COUNTER:$valid:0:$upstream ";
|
| 2155 |
|
|
$rrdcreate .= "RRA:AVERAGE:0.5:1:1000 ";
|
| 2156 |
|
|
$rrdcreate .= "RRA:AVERAGE:0.5:5:1000 ";
|
| 2157 |
|
|
$rrdcreate .= "RRA:AVERAGE:0.5:60:1000 ";
|
| 2158 |
eb346e0b
|
Seth Mos
|
$rrdcreate .= "RRA:AVERAGE:0.5:720:1000 ";
|
| 2159 |
791bcfd4
|
Bill Marquette
|
|
| 2160 |
|
|
create_new_rrd("$rrdcreate");
|
| 2161 |
|
|
/* create temporary xml from new RRD */
|
| 2162 |
|
|
dump_rrd_to_xml("{$g['tmp_path']}/{$databasetmp}", "{$g['tmp_path']}/{$xmldumptmp}");
|
| 2163 |
|
|
|
| 2164 |
1005d4bf
|
Seth Mos
|
$rrdold = xml2array(file_get_contents("{$g['tmp_path']}/{$xmldump}"), 1, "tag");
|
| 2165 |
791bcfd4
|
Bill Marquette
|
$rrdold = $rrdold['rrd'];
|
| 2166 |
|
|
|
| 2167 |
1005d4bf
|
Seth Mos
|
$rrdnew = xml2array(file_get_contents("{$g['tmp_path']}/{$xmldumptmp}"), 1, "tag");
|
| 2168 |
791bcfd4
|
Bill Marquette
|
$rrdnew = $rrdnew['rrd'];
|
| 2169 |
|
|
|
| 2170 |
|
|
/* remove any MAX RRA's. Not needed for traffic. */
|
| 2171 |
|
|
$i = 0;
|
| 2172 |
|
|
foreach ($rrdold['rra'] as $rra) {
|
| 2173 |
751533a2
|
Phil Davis
|
if (trim($rra['cf']) == "MAX") {
|
| 2174 |
791bcfd4
|
Bill Marquette
|
unset($rrdold['rra'][$i]);
|
| 2175 |
|
|
}
|
| 2176 |
|
|
$i++;
|
| 2177 |
|
|
}
|
| 2178 |
|
|
|
| 2179 |
56ee96ed
|
smos
|
file_put_contents("{$g['tmp_path']}/{$xmldumpnew}", dump_xml_config_raw(migrate_rrd_format($rrdold, $rrdnew), "rrd"));
|
| 2180 |
791bcfd4
|
Bill Marquette
|
mwexec("$rrdtool restore -f {$g['tmp_path']}/{$xmldumpnew} {$rrddbpath}/{$database} 2>&1");
|
| 2181 |
eb346e0b
|
Seth Mos
|
/* we now have the rrd with the new fields, adjust the size now. */
|
| 2182 |
|
|
/* RRA 2 is 60 minutes, RRA 3 is 720 minutes */
|
| 2183 |
|
|
mwexec("/bin/sync");
|
| 2184 |
12a2f395
|
Seth Mos
|
mwexec("$rrdtool resize {$rrddbpath}/{$database} 2 GROW 2000;/bin/mv resize.rrd {$rrddbpath}/{$database} 2>&1");
|
| 2185 |
eb346e0b
|
Seth Mos
|
mwexec("/bin/sync");
|
| 2186 |
12a2f395
|
Seth Mos
|
mwexec("$rrdtool resize {$rrddbpath}/{$database} 3 GROW 2000;/bin/mv resize.rrd {$rrddbpath}/{$database} 2>&1");
|
| 2187 |
1005d4bf
|
Seth Mos
|
unset($rrdxmlarray);
|
| 2188 |
7ceff68a
|
Ermal LUÇI
|
@unlink("{$g['tmp_path']}/{$xmldump}");
|
| 2189 |
|
|
@unlink("{$g['tmp_path']}/{$xmldumpnew}");
|
| 2190 |
791bcfd4
|
Bill Marquette
|
}
|
| 2191 |
751533a2
|
Phil Davis
|
if (!platform_booting()) {
|
| 2192 |
e546d2d1
|
Ermal LUÇI
|
enable_rrd_graphing();
|
| 2193 |
751533a2
|
Phil Davis
|
}
|
| 2194 |
e34cf1f6
|
smos
|
/* Let's save the RRD graphs after we run enable RRD graphing */
|
| 2195 |
|
|
/* The function will restore the rrd.tgz so we will save it after */
|
| 2196 |
1289c0c1
|
Renato Botelho
|
exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh");
|
| 2197 |
e7f65689
|
Renato Botelho
|
unlink_if_exists("{$g['vardb_path']}/rrd/*.xml");
|
| 2198 |
751533a2
|
Phil Davis
|
if (platform_booting()) {
|
| 2199 |
34834e7e
|
jim-p
|
echo "Updating configuration...";
|
| 2200 |
751533a2
|
Phil Davis
|
}
|
| 2201 |
791bcfd4
|
Bill Marquette
|
}
|
| 2202 |
|
|
|
| 2203 |
|
|
|
| 2204 |
|
|
function upgrade_055_to_056() {
|
| 2205 |
|
|
global $config;
|
| 2206 |
|
|
|
| 2207 |
751533a2
|
Phil Davis
|
if (!is_array($config['ca'])) {
|
| 2208 |
9ad72e5e
|
jim-p
|
$config['ca'] = array();
|
| 2209 |
751533a2
|
Phil Davis
|
}
|
| 2210 |
|
|
if (!is_array($config['cert'])) {
|
| 2211 |
9ad72e5e
|
jim-p
|
$config['cert'] = array();
|
| 2212 |
751533a2
|
Phil Davis
|
}
|
| 2213 |
791bcfd4
|
Bill Marquette
|
|
| 2214 |
|
|
/* migrate ipsec ca's to cert manager */
|
| 2215 |
|
|
if (is_array($config['ipsec']['cacert'])) {
|
| 2216 |
751533a2
|
Phil Davis
|
foreach ($config['ipsec']['cacert'] as & $cacert) {
|
| 2217 |
791bcfd4
|
Bill Marquette
|
$ca = array();
|
| 2218 |
|
|
$ca['refid'] = uniqid();
|
| 2219 |
751533a2
|
Phil Davis
|
if (is_array($cacert['cert'])) {
|
| 2220 |
791bcfd4
|
Bill Marquette
|
$ca['crt'] = $cacert['cert'][0];
|
| 2221 |
751533a2
|
Phil Davis
|
} else {
|
| 2222 |
791bcfd4
|
Bill Marquette
|
$ca['crt'] = $cacert['cert'];
|
| 2223 |
751533a2
|
Phil Davis
|
}
|
| 2224 |
f2a86ca9
|
jim-p
|
$ca['descr'] = $cacert['ident'];
|
| 2225 |
9ad72e5e
|
jim-p
|
$config['ca'][] = $ca;
|
| 2226 |
791bcfd4
|
Bill Marquette
|
}
|
| 2227 |
|
|
unset($config['ipsec']['cacert']);
|
| 2228 |
|
|
}
|
| 2229 |
|
|
|
| 2230 |
|
|
/* migrate phase1 certificates to cert manager */
|
| 2231 |
|
|
if (is_array($config['ipsec']['phase1'])) {
|
| 2232 |
751533a2
|
Phil Davis
|
foreach ($config['ipsec']['phase1'] as & $ph1ent) {
|
| 2233 |
791bcfd4
|
Bill Marquette
|
$cert = array();
|
| 2234 |
|
|
$cert['refid'] = uniqid();
|
| 2235 |
f2a86ca9
|
jim-p
|
$cert['descr'] = "IPsec Peer {$ph1ent['remote-gateway']} Certificate";
|
| 2236 |
751533a2
|
Phil Davis
|
if (is_array($ph1ent['cert'])) {
|
| 2237 |
791bcfd4
|
Bill Marquette
|
$cert['crt'] = $ph1ent['cert'][0];
|
| 2238 |
751533a2
|
Phil Davis
|
} else {
|
| 2239 |
791bcfd4
|
Bill Marquette
|
$cert['crt'] = $ph1ent['cert'];
|
| 2240 |
751533a2
|
Phil Davis
|
}
|
| 2241 |
791bcfd4
|
Bill Marquette
|
$cert['prv'] = $ph1ent['private-key'];
|
| 2242 |
9ad72e5e
|
jim-p
|
$config['cert'][] = $cert;
|
| 2243 |
791bcfd4
|
Bill Marquette
|
$ph1ent['certref'] = $cert['refid'];
|
| 2244 |
751533a2
|
Phil Davis
|
if ($ph1ent['cert']) {
|
| 2245 |
791bcfd4
|
Bill Marquette
|
unset($ph1ent['cert']);
|
| 2246 |
751533a2
|
Phil Davis
|
}
|
| 2247 |
|
|
if ($ph1ent['private-key']) {
|
| 2248 |
791bcfd4
|
Bill Marquette
|
unset($ph1ent['private-key']);
|
| 2249 |
751533a2
|
Phil Davis
|
}
|
| 2250 |
|
|
if ($ph1ent['peercert']) {
|
| 2251 |
791bcfd4
|
Bill Marquette
|
unset($ph1ent['peercert']);
|
| 2252 |
751533a2
|
Phil Davis
|
}
|
| 2253 |
791bcfd4
|
Bill Marquette
|
}
|
| 2254 |
|
|
}
|
| 2255 |
|
|
}
|
| 2256 |
|
|
|
| 2257 |
|
|
|
| 2258 |
|
|
function upgrade_056_to_057() {
|
| 2259 |
|
|
global $config;
|
| 2260 |
84924e76
|
Ermal
|
|
| 2261 |
751533a2
|
Phil Davis
|
if (!is_array($config['system']['user'])) {
|
| 2262 |
4830e56a
|
Erik Fonnesbeck
|
$config['system']['user'] = array();
|
| 2263 |
751533a2
|
Phil Davis
|
}
|
| 2264 |
791bcfd4
|
Bill Marquette
|
/* migrate captivate portal to user manager */
|
| 2265 |
|
|
if (is_array($config['captiveportal']['user'])) {
|
| 2266 |
751533a2
|
Phil Davis
|
foreach ($config['captiveportal']['user'] as $user) {
|
| 2267 |
791bcfd4
|
Bill Marquette
|
// avoid user conflicts
|
| 2268 |
4830e56a
|
Erik Fonnesbeck
|
$found = false;
|
| 2269 |
|
|
foreach ($config['system']['user'] as $userent) {
|
| 2270 |
|
|
if ($userent['name'] == $user['name']) {
|
| 2271 |
|
|
$found = true;
|
| 2272 |
|
|
break;
|
| 2273 |
|
|
}
|
| 2274 |
|
|
}
|
| 2275 |
751533a2
|
Phil Davis
|
if ($found) {
|
| 2276 |
791bcfd4
|
Bill Marquette
|
continue;
|
| 2277 |
751533a2
|
Phil Davis
|
}
|
| 2278 |
791bcfd4
|
Bill Marquette
|
$user['scope'] = "user";
|
| 2279 |
|
|
if (isset($user['expirationdate'])) {
|
| 2280 |
|
|
$user['expires'] = $user['expirationdate'];
|
| 2281 |
|
|
unset($user['expirationdate']);
|
| 2282 |
|
|
}
|
| 2283 |
|
|
if (isset($user['password'])) {
|
| 2284 |
|
|
$user['md5-hash'] = $user['password'];
|
| 2285 |
|
|
unset($user['password']);
|
| 2286 |
|
|
}
|
| 2287 |
4830e56a
|
Erik Fonnesbeck
|
$user['uid'] = $config['system']['nextuid']++;
|
| 2288 |
791bcfd4
|
Bill Marquette
|
$config['system']['user'][] = $user;
|
| 2289 |
|
|
}
|
| 2290 |
|
|
unset($config['captiveportal']['user']);
|
| 2291 |
|
|
}
|
| 2292 |
|
|
}
|
| 2293 |
4b96b367
|
mgrooms
|
|
| 2294 |
|
|
function upgrade_057_to_058() {
|
| 2295 |
|
|
global $config;
|
| 2296 |
|
|
/* set all phase2 entries to tunnel mode */
|
| 2297 |
751533a2
|
Phil Davis
|
if (is_array($config['ipsec']['phase2'])) {
|
| 2298 |
|
|
foreach ($config['ipsec']['phase2'] as & $ph2ent) {
|
| 2299 |
4b96b367
|
mgrooms
|
$ph2ent['mode'] = 'tunnel';
|
| 2300 |
751533a2
|
Phil Davis
|
}
|
| 2301 |
|
|
}
|
| 2302 |
4b96b367
|
mgrooms
|
}
|
| 2303 |
60120e37
|
Ermal Lu?i
|
|
| 2304 |
|
|
function upgrade_058_to_059() {
|
| 2305 |
|
|
global $config;
|
| 2306 |
|
|
|
| 2307 |
|
|
if (is_array($config['schedules']['schedule'])) {
|
| 2308 |
751533a2
|
Phil Davis
|
foreach ($config['schedules']['schedule'] as & $schedl) {
|
| 2309 |
60120e37
|
Ermal Lu?i
|
$schedl['schedlabel'] = uniqid();
|
| 2310 |
751533a2
|
Phil Davis
|
}
|
| 2311 |
60120e37
|
Ermal Lu?i
|
}
|
| 2312 |
|
|
}
|
| 2313 |
2523c923
|
Seth Mos
|
|
| 2314 |
|
|
function upgrade_059_to_060() {
|
| 2315 |
fcf5afa0
|
Seth Mos
|
global $config;
|
| 2316 |
a0588fad
|
Scott Ullrich
|
require_once("/etc/inc/certs.inc");
|
| 2317 |
9ad72e5e
|
jim-p
|
if (is_array($config['ca'])) {
|
| 2318 |
2cf6ddcb
|
Nigel Graham
|
/* Locate issuer for all CAs */
|
| 2319 |
9ad72e5e
|
jim-p
|
foreach ($config['ca'] as & $ca) {
|
| 2320 |
2cf6ddcb
|
Nigel Graham
|
$subject = cert_get_subject($ca['crt']);
|
| 2321 |
|
|
$issuer = cert_get_issuer($ca['crt']);
|
| 2322 |
751533a2
|
Phil Davis
|
if ($issuer <> $subject) {
|
| 2323 |
2cf6ddcb
|
Nigel Graham
|
$issuer_crt =& lookup_ca_by_subject($issuer);
|
| 2324 |
751533a2
|
Phil Davis
|
if ($issuer_crt) {
|
| 2325 |
2cf6ddcb
|
Nigel Graham
|
$ca['caref'] = $issuer_crt['refid'];
|
| 2326 |
751533a2
|
Phil Davis
|
}
|
| 2327 |
2cf6ddcb
|
Nigel Graham
|
}
|
| 2328 |
|
|
}
|
| 2329 |
2d563280
|
Renato Botelho
|
|
| 2330 |
2cf6ddcb
|
Nigel Graham
|
/* Locate issuer for all certificates */
|
| 2331 |
9ad72e5e
|
jim-p
|
if (is_array($config['cert'])) {
|
| 2332 |
|
|
foreach ($config['cert'] as & $cert) {
|
| 2333 |
2cf6ddcb
|
Nigel Graham
|
$subject = cert_get_subject($cert['crt']);
|
| 2334 |
|
|
$issuer = cert_get_issuer($cert['crt']);
|
| 2335 |
751533a2
|
Phil Davis
|
if ($issuer <> $subject) {
|
| 2336 |
2cf6ddcb
|
Nigel Graham
|
$issuer_crt =& lookup_ca_by_subject($issuer);
|
| 2337 |
751533a2
|
Phil Davis
|
if ($issuer_crt) {
|
| 2338 |
2cf6ddcb
|
Nigel Graham
|
$cert['caref'] = $issuer_crt['refid'];
|
| 2339 |
751533a2
|
Phil Davis
|
}
|
| 2340 |
2cf6ddcb
|
Nigel Graham
|
}
|
| 2341 |
|
|
}
|
| 2342 |
9d3dab70
|
Scott Ullrich
|
}
|
| 2343 |
2cf6ddcb
|
Nigel Graham
|
}
|
| 2344 |
|
|
}
|
| 2345 |
d43ad788
|
Scott Ullrich
|
|
| 2346 |
6a688547
|
Ermal
|
function upgrade_060_to_061() {
|
| 2347 |
|
|
global $config;
|
| 2348 |
3cfa11c2
|
Scott Ullrich
|
|
| 2349 |
751533a2
|
Phil Davis
|
if (is_array($config['interfaces']['wan'])) {
|
| 2350 |
6a688547
|
Ermal
|
$config['interfaces']['wan']['enable'] = true;
|
| 2351 |
751533a2
|
Phil Davis
|
}
|
| 2352 |
|
|
if (is_array($config['interfaces']['lan'])) {
|
| 2353 |
6a688547
|
Ermal
|
$config['interfaces']['lan']['enable'] = true;
|
| 2354 |
751533a2
|
Phil Davis
|
}
|
| 2355 |
1cad6f6c
|
jim-p
|
|
| 2356 |
|
|
/* On 1.2.3 the "mtu" field adjusted MSS.
|
| 2357 |
|
|
On 2.x the "mtu" field is actually the MTU. Rename accordingly.
|
| 2358 |
|
|
See redmine ticket #1886
|
| 2359 |
|
|
*/
|
| 2360 |
|
|
foreach ($config['interfaces'] as $ifr => &$intf) {
|
| 2361 |
|
|
if (isset($intf['mtu']) && is_numeric($intf['mtu'])) {
|
| 2362 |
|
|
$intf['mss'] = $intf['mtu'];
|
| 2363 |
|
|
unset($intf['mtu']);
|
| 2364 |
|
|
}
|
| 2365 |
|
|
}
|
| 2366 |
6a688547
|
Ermal
|
}
|
| 2367 |
3cfa11c2
|
Scott Ullrich
|
|
| 2368 |
59ecde49
|
Renato Botelho
|
function upgrade_061_to_062() {
|
| 2369 |
|
|
global $config;
|
| 2370 |
|
|
|
| 2371 |
|
|
/* Convert NAT port forwarding rules */
|
| 2372 |
|
|
if (is_array($config['nat']['rule'])) {
|
| 2373 |
|
|
$a_nat = &$config['nat']['rule'];
|
| 2374 |
|
|
|
| 2375 |
|
|
foreach ($a_nat as &$natent) {
|
| 2376 |
|
|
$natent['disabled'] = false;
|
| 2377 |
|
|
$natent['nordr'] = false;
|
| 2378 |
|
|
|
| 2379 |
|
|
$natent['source'] = array(
|
| 2380 |
|
|
"not" => false,
|
| 2381 |
|
|
"any" => true,
|
| 2382 |
|
|
"port" => ""
|
| 2383 |
|
|
);
|
| 2384 |
|
|
|
| 2385 |
|
|
$natent['destination'] = array(
|
| 2386 |
|
|
"not" => false,
|
| 2387 |
|
|
"address" => $natent['external-address'],
|
| 2388 |
|
|
"port" => $natent['external-port']
|
| 2389 |
|
|
);
|
| 2390 |
|
|
|
| 2391 |
743ce9f8
|
Erik Fonnesbeck
|
if (empty($natent['destination']['address'])) {
|
| 2392 |
fcf4e8cd
|
Erik Fonnesbeck
|
unset($natent['destination']['address']);
|
| 2393 |
|
|
$natent['destination']['network'] = $natent['interface'] . 'ip';
|
| 2394 |
743ce9f8
|
Erik Fonnesbeck
|
} else if ($natent['destination']['address'] == 'any') {
|
| 2395 |
|
|
unset($natent['destination']['address']);
|
| 2396 |
|
|
$natent['destination']['any'] = true;
|
| 2397 |
|
|
}
|
| 2398 |
|
|
|
| 2399 |
59ecde49
|
Renato Botelho
|
unset($natent['external-address']);
|
| 2400 |
|
|
unset($natent['external-port']);
|
| 2401 |
|
|
}
|
| 2402 |
|
|
|
| 2403 |
|
|
unset($natent);
|
| 2404 |
|
|
}
|
| 2405 |
|
|
}
|
| 2406 |
|
|
|
| 2407 |
0f8266ed
|
smos
|
function upgrade_062_to_063() {
|
| 2408 |
168a1e48
|
smos
|
/* Upgrade legacy Themes to the new pfsense_ng */
|
| 2409 |
995df6c3
|
Stephen Beaver
|
// Not supported in 2.3+
|
| 2410 |
2d563280
|
Renato Botelho
|
|
| 2411 |
168a1e48
|
smos
|
}
|
| 2412 |
c2b2b571
|
gnhb
|
|
| 2413 |
|
|
function upgrade_063_to_064() {
|
| 2414 |
|
|
global $config;
|
| 2415 |
4de8f7ba
|
Phil Davis
|
$j = 0;
|
| 2416 |
d09ca87e
|
gnhb
|
$ifcfg = &$config['interfaces'];
|
| 2417 |
2d563280
|
Renato Botelho
|
|
| 2418 |
|
|
if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
|
| 2419 |
c2b2b571
|
gnhb
|
foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
|
| 2420 |
d09ca87e
|
gnhb
|
$config['ppps']['ppp'][$pppid]['if'] = "ppp".$j;
|
| 2421 |
|
|
$config['ppps']['ppp'][$pppid]['ptpid'] = $j;
|
| 2422 |
|
|
$j++;
|
| 2423 |
751533a2
|
Phil Davis
|
if (isset($ppp['port'])) {
|
| 2424 |
c2b2b571
|
gnhb
|
$config['ppps']['ppp'][$pppid]['ports'] = $ppp['port'];
|
| 2425 |
|
|
unset($config['ppps']['ppp'][$pppid]['port']);
|
| 2426 |
|
|
}
|
| 2427 |
751533a2
|
Phil Davis
|
if (!isset($ppp['type'])) {
|
| 2428 |
c2b2b571
|
gnhb
|
$config['ppps']['ppp'][$pppid]['type'] = "ppp";
|
| 2429 |
|
|
}
|
| 2430 |
751533a2
|
Phil Davis
|
if (isset($ppp['defaultgw'])) {
|
| 2431 |
6fdfa8fb
|
gnhb
|
unset($config['ppps']['ppp'][$pppid]['defaultgw']);
|
| 2432 |
751533a2
|
Phil Davis
|
}
|
| 2433 |
c2b2b571
|
gnhb
|
}
|
| 2434 |
|
|
}
|
| 2435 |
2d563280
|
Renato Botelho
|
|
| 2436 |
751533a2
|
Phil Davis
|
if (!is_array($config['ppps']['ppp'])) {
|
| 2437 |
c2b2b571
|
gnhb
|
$config['ppps']['ppp'] = array();
|
| 2438 |
751533a2
|
Phil Davis
|
}
|
| 2439 |
c2b2b571
|
gnhb
|
$a_ppps = &$config['ppps']['ppp'];
|
| 2440 |
|
|
|
| 2441 |
|
|
foreach ($ifcfg as $ifname => $ifinfo) {
|
| 2442 |
|
|
$ppp = array();
|
| 2443 |
|
|
// For pppoe conversion
|
| 2444 |
751533a2
|
Phil Davis
|
if ($ifinfo['ipaddr'] == "pppoe" || $ifinfo['ipaddr'] == "pptp") {
|
| 2445 |
|
|
if (isset($ifinfo['ptpid'])) {
|
| 2446 |
c2b2b571
|
gnhb
|
continue;
|
| 2447 |
751533a2
|
Phil Davis
|
}
|
| 2448 |
4de8f7ba
|
Phil Davis
|
$ppp['ptpid'] = $j;
|
| 2449 |
c2b2b571
|
gnhb
|
$ppp['type'] = $ifinfo['ipaddr'];
|
| 2450 |
d09ca87e
|
gnhb
|
$ppp['if'] = $ifinfo['ipaddr'].$j;
|
| 2451 |
c2b2b571
|
gnhb
|
$ppp['ports'] = $ifinfo['if'];
|
| 2452 |
751533a2
|
Phil Davis
|
if ($ifinfo['ipaddr'] == "pppoe") {
|
| 2453 |
c2b2b571
|
gnhb
|
$ppp['username'] = $ifinfo['pppoe_username'];
|
| 2454 |
|
|
$ppp['password'] = base64_encode($ifinfo['pppoe_password']);
|
| 2455 |
|
|
}
|
| 2456 |
751533a2
|
Phil Davis
|
if ($ifinfo['ipaddr'] == "pptp") {
|
| 2457 |
c2b2b571
|
gnhb
|
$ppp['username'] = $ifinfo['pptp_username'];
|
| 2458 |
|
|
$ppp['password'] = base64_encode($ifinfo['pptp_password']);
|
| 2459 |
|
|
}
|
| 2460 |
2d563280
|
Renato Botelho
|
|
| 2461 |
751533a2
|
Phil Davis
|
if (isset($ifinfo['provider'])) {
|
| 2462 |
c2b2b571
|
gnhb
|
$ppp['provider'] = $ifinfo['provider'];
|
| 2463 |
751533a2
|
Phil Davis
|
}
|
| 2464 |
|
|
if (isset($ifinfo['ondemand'])) {
|
| 2465 |
c2b2b571
|
gnhb
|
$ppp['ondemand'] = true;
|
| 2466 |
751533a2
|
Phil Davis
|
}
|
| 2467 |
|
|
if (isset($ifinfo['timeout'])) {
|
| 2468 |
c2b2b571
|
gnhb
|
$ppp['idletimeout'] = $ifinfo['timeout'];
|
| 2469 |
751533a2
|
Phil Davis
|
}
|
| 2470 |
|
|
if (isset($ifinfo['pppoe']['pppoe-reset-type'])) {
|
| 2471 |
c2b2b571
|
gnhb
|
$ppp['pppoe-reset-type'] = $ifinfo['pppoe']['pppoe-reset-type'];
|
| 2472 |
|
|
if (is_array($config['cron']['item'])) {
|
| 2473 |
|
|
for ($i = 0; $i < count($config['cron']['item']); $i++) {
|
| 2474 |
|
|
$item = $config['cron']['item'][$i];
|
| 2475 |
751533a2
|
Phil Davis
|
if (strpos($item['command'], "/conf/pppoe{$ifname}restart") !== false) {
|
| 2476 |
f7480829
|
gnhb
|
$config['cron']['item'][$i]['command'] = "/var/etc/pppoe_restart_" . $ppp['if'];
|
| 2477 |
751533a2
|
Phil Davis
|
}
|
| 2478 |
c2b2b571
|
gnhb
|
}
|
| 2479 |
|
|
}
|
| 2480 |
|
|
}
|
| 2481 |
751533a2
|
Phil Davis
|
if (isset($ifinfo['local'])) {
|
| 2482 |
c2b2b571
|
gnhb
|
$ppp['localip'] = $ifinfo['local'];
|
| 2483 |
751533a2
|
Phil Davis
|
}
|
| 2484 |
|
|
if (isset($ifinfo['subnet'])) {
|
| 2485 |
c2b2b571
|
gnhb
|
$ppp['subnet'] = $ifinfo['subnet'];
|
| 2486 |
751533a2
|
Phil Davis
|
}
|
| 2487 |
|
|
if (isset($ifinfo['remote'])) {
|
| 2488 |
c2b2b571
|
gnhb
|
$ppp['gateway'] = $ifinfo['remote'];
|
| 2489 |
751533a2
|
Phil Davis
|
}
|
| 2490 |
f7480829
|
gnhb
|
|
| 2491 |
d09ca87e
|
gnhb
|
$ifcfg[$ifname]['if'] = $ifinfo['ipaddr'].$j;
|
| 2492 |
|
|
$j++;
|
| 2493 |
2d563280
|
Renato Botelho
|
|
| 2494 |
c2b2b571
|
gnhb
|
unset($ifcfg[$ifname]['pppoe_username']);
|
| 2495 |
|
|
unset($ifcfg[$ifname]['pppoe_password']);
|
| 2496 |
|
|
unset($ifcfg[$ifname]['provider']);
|
| 2497 |
|
|
unset($ifcfg[$ifname]['ondemand']);
|
| 2498 |
|
|
unset($ifcfg[$ifname]['timeout']);
|
| 2499 |
|
|
unset($ifcfg[$ifname]['pppoe_reset']);
|
| 2500 |
|
|
unset($ifcfg[$ifname]['pppoe_preset']);
|
| 2501 |
|
|
unset($ifcfg[$ifname]['pppoe']);
|
| 2502 |
|
|
unset($ifcfg[$ifname]['pptp_username']);
|
| 2503 |
|
|
unset($ifcfg[$ifname]['pptp_password']);
|
| 2504 |
|
|
unset($ifcfg[$ifname]['local']);
|
| 2505 |
|
|
unset($ifcfg[$ifname]['subnet']);
|
| 2506 |
|
|
unset($ifcfg[$ifname]['remote']);
|
| 2507 |
2d563280
|
Renato Botelho
|
|
| 2508 |
c2b2b571
|
gnhb
|
$a_ppps[] = $ppp;
|
| 2509 |
2d563280
|
Renato Botelho
|
|
| 2510 |
c2b2b571
|
gnhb
|
}
|
| 2511 |
|
|
}
|
| 2512 |
|
|
}
|
| 2513 |
|
|
|
| 2514 |
56a5a0ab
|
jim-p
|
function upgrade_064_to_065() {
|
| 2515 |
|
|
/* Disable TSO and LRO in upgraded configs */
|
| 2516 |
|
|
global $config;
|
| 2517 |
|
|
$config['system']['disablesegmentationoffloading'] = true;
|
| 2518 |
|
|
$config['system']['disablelargereceiveoffloading'] = true;
|
| 2519 |
|
|
}
|
| 2520 |
|
|
|
| 2521 |
2f06cc3f
|
Ermal
|
function upgrade_065_to_066() {
|
| 2522 |
|
|
global $config;
|
| 2523 |
|
|
|
| 2524 |
|
|
$dhcrelaycfg =& $config['dhcrelay'];
|
| 2525 |
|
|
|
| 2526 |
2d563280
|
Renato Botelho
|
if (is_array($dhcrelaycfg)) {
|
| 2527 |
|
|
$dhcrelayifs = array();
|
| 2528 |
2f06cc3f
|
Ermal
|
$foundifs = false;
|
| 2529 |
2d563280
|
Renato Botelho
|
/* DHCPRelay enabled on any interfaces? */
|
| 2530 |
|
|
foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
|
| 2531 |
|
|
if (isset($dhcrelayifconf['enable'])) {
|
| 2532 |
2f06cc3f
|
Ermal
|
$dhcrelayifs[] = $dhcrelayif;
|
| 2533 |
|
|
unset($dhcrelaycfg['dhcrelayif']);
|
| 2534 |
|
|
$foundifs = true;
|
| 2535 |
|
|
}
|
| 2536 |
2d563280
|
Renato Botelho
|
}
|
| 2537 |
751533a2
|
Phil Davis
|
if ($foundifs == true) {
|
| 2538 |
2f06cc3f
|
Ermal
|
$dhcrelaycfg['interface'] = implode(",", $dhcrelayifs);
|
| 2539 |
751533a2
|
Phil Davis
|
}
|
| 2540 |
2d563280
|
Renato Botelho
|
}
|
| 2541 |
2f06cc3f
|
Ermal
|
}
|
| 2542 |
|
|
|
| 2543 |
9ad72e5e
|
jim-p
|
function upgrade_066_to_067() {
|
| 2544 |
|
|
global $config;
|
| 2545 |
|
|
if (isset($config['system']['ca'])) {
|
| 2546 |
|
|
$config['ca'] = $config['system']['ca'];
|
| 2547 |
661de3e7
|
Phil Davis
|
unset($config['system']['ca']);
|
| 2548 |
9ad72e5e
|
jim-p
|
}
|
| 2549 |
|
|
if (isset($config['system']['cert'])) {
|
| 2550 |
|
|
$config['cert'] = $config['system']['cert'];
|
| 2551 |
661de3e7
|
Phil Davis
|
unset($config['system']['cert']);
|
| 2552 |
9ad72e5e
|
jim-p
|
}
|
| 2553 |
|
|
}
|
| 2554 |
|
|
|
| 2555 |
6ae9f9b7
|
Ermal
|
function upgrade_067_to_068() {
|
| 2556 |
|
|
global $config;
|
| 2557 |
|
|
|
| 2558 |
|
|
if (!empty($config['pppoe'])) {
|
| 2559 |
|
|
$config['pppoes'] = array();
|
| 2560 |
|
|
$config['pppoes']['pppoe'] = array();
|
| 2561 |
|
|
$config['pppoes']['pppoe'][] = $config['pppoe'][0];
|
| 2562 |
ce968051
|
Ermal
|
|
| 2563 |
|
|
if (is_array($config['pppoe']['user'])) {
|
| 2564 |
2d563280
|
Renato Botelho
|
$username = array();
|
| 2565 |
ce968051
|
Ermal
|
foreach ($config['pppoe']['user'] as $user) {
|
| 2566 |
2fc29020
|
Ermal
|
$usr = $user['name'] . ":" . base64_encode($user['password']);
|
| 2567 |
751533a2
|
Phil Davis
|
if ($user['ip']) {
|
| 2568 |
ce968051
|
Ermal
|
$usr .= ":{$user['ip']}";
|
| 2569 |
751533a2
|
Phil Davis
|
}
|
| 2570 |
ce968051
|
Ermal
|
$username[] = $usr;
|
| 2571 |
|
|
}
|
| 2572 |
|
|
$config['pppoes']['pppoe'][0]['username'] = implode(" ", $username);
|
| 2573 |
|
|
}
|
| 2574 |
6ae9f9b7
|
Ermal
|
unset($config['pppoe']);
|
| 2575 |
|
|
}
|
| 2576 |
|
|
}
|
| 2577 |
|
|
|
| 2578 |
18de0728
|
Ermal
|
function upgrade_068_to_069() {
|
| 2579 |
8fefb9dd
|
jim-p
|
global $config;
|
| 2580 |
751533a2
|
Phil Davis
|
if (!is_array($config['system']['user'])) {
|
| 2581 |
8fefb9dd
|
jim-p
|
return;
|
| 2582 |
751533a2
|
Phil Davis
|
}
|
| 2583 |
8fefb9dd
|
jim-p
|
foreach ($config['system']['user'] as & $user) {
|
| 2584 |
751533a2
|
Phil Davis
|
if (!is_array($user['cert'])) {
|
| 2585 |
8fefb9dd
|
jim-p
|
continue;
|
| 2586 |
751533a2
|
Phil Davis
|
}
|
| 2587 |
8fefb9dd
|
jim-p
|
$rids = array();
|
| 2588 |
|
|
foreach ($user['cert'] as $id => $cert) {
|
| 2589 |
751533a2
|
Phil Davis
|
if (!isset($cert['descr'])) {
|
| 2590 |
8fefb9dd
|
jim-p
|
continue;
|
| 2591 |
751533a2
|
Phil Davis
|
}
|
| 2592 |
8fefb9dd
|
jim-p
|
$tcert = $cert;
|
| 2593 |
|
|
// Make sure each cert gets a refid
|
| 2594 |
751533a2
|
Phil Davis
|
if (!isset($tcert['refid'])) {
|
| 2595 |
8fefb9dd
|
jim-p
|
$tcert['refid'] = uniqid();
|
| 2596 |
751533a2
|
Phil Davis
|
}
|
| 2597 |
8fefb9dd
|
jim-p
|
// Keep the cert references for this user
|
| 2598 |
|
|
$rids[] = $tcert['refid'];
|
| 2599 |
|
|
$config['cert'][] = $tcert;
|
| 2600 |
|
|
}
|
| 2601 |
|
|
// Replace user certs with cert references instead.
|
| 2602 |
751533a2
|
Phil Davis
|
if (count($rids) > 0) {
|
| 2603 |
8fefb9dd
|
jim-p
|
$user['cert'] = $rids;
|
| 2604 |
751533a2
|
Phil Davis
|
}
|
| 2605 |
8fefb9dd
|
jim-p
|
}
|
| 2606 |
|
|
}
|
| 2607 |
|
|
|
| 2608 |
4c5b8653
|
Erik Fonnesbeck
|
function upgrade_069_to_070() {
|
| 2609 |
|
|
global $config;
|
| 2610 |
|
|
|
| 2611 |
|
|
/* Convert NAT 1:1 rules */
|
| 2612 |
|
|
if (is_array($config['nat']['onetoone'])) {
|
| 2613 |
a3bac4ce
|
Ermal
|
foreach ($config['nat']['onetoone'] as $nidx => $natent) {
|
| 2614 |
751533a2
|
Phil Davis
|
if ($natent['subnet'] == 32) {
|
| 2615 |
a3bac4ce
|
Ermal
|
$config['nat']['onetoone'][$nidx]['source'] = array("address" => $natent['internal']);
|
| 2616 |
751533a2
|
Phil Davis
|
} else {
|
| 2617 |
a3bac4ce
|
Ermal
|
$config['nat']['onetoone'][$nidx]['source'] = array("address" => $natent['internal'] . "/" . $natent['subnet']);
|
| 2618 |
751533a2
|
Phil Davis
|
}
|
| 2619 |
4c5b8653
|
Erik Fonnesbeck
|
|
| 2620 |
a3bac4ce
|
Ermal
|
$config['nat']['onetoone'][$nidx]['destination'] = array("any" => true);
|
| 2621 |
4c5b8653
|
Erik Fonnesbeck
|
|
| 2622 |
a3bac4ce
|
Ermal
|
unset($config['nat']['onetoone'][$nidx]['internal']);
|
| 2623 |
|
|
unset($config['nat']['onetoone'][$nidx]['subnet']);
|
| 2624 |
4c5b8653
|
Erik Fonnesbeck
|
}
|
| 2625 |
|
|
|
| 2626 |
|
|
unset($natent);
|
| 2627 |
|
|
}
|
| 2628 |
|
|
}
|
| 2629 |
|
|
|
| 2630 |
65167fcc
|
Ermal
|
function upgrade_070_to_071() {
|
| 2631 |
|
|
global $config;
|
| 2632 |
|
|
|
| 2633 |
|
|
if (is_array($config['cron']['item'])) {
|
| 2634 |
751533a2
|
Phil Davis
|
foreach ($config['cron']['item'] as $idx => $cronitem) {
|
| 2635 |
|
|
if (stristr($cronitem['command'], "checkreload.sh")) {
|
| 2636 |
65167fcc
|
Ermal
|
unset($config['cron']['item'][$idx]);
|
| 2637 |
|
|
break;
|
| 2638 |
|
|
}
|
| 2639 |
|
|
}
|
| 2640 |
|
|
}
|
| 2641 |
|
|
}
|
| 2642 |
15864861
|
jim-p
|
|
| 2643 |
6751b3e7
|
jim-p
|
function rename_field(& $section, $oldname, $newname) {
|
| 2644 |
e988813d
|
jim-p
|
if (is_array($section)) {
|
| 2645 |
751533a2
|
Phil Davis
|
foreach ($section as & $item) {
|
| 2646 |
|
|
if (is_array($item) && !empty($item[$oldname])) {
|
| 2647 |
6751b3e7
|
jim-p
|
$item[$newname] = $item[$oldname];
|
| 2648 |
751533a2
|
Phil Davis
|
}
|
| 2649 |
|
|
if (is_array($item) && isset($item[$oldname])) {
|
| 2650 |
6751b3e7
|
jim-p
|
unset($item[$oldname]);
|
| 2651 |
751533a2
|
Phil Davis
|
}
|
| 2652 |
e988813d
|
jim-p
|
}
|
| 2653 |
|
|
}
|
| 2654 |
|
|
}
|
| 2655 |
|
|
|
| 2656 |
6751b3e7
|
jim-p
|
function upgrade_071_to_072() {
|
| 2657 |
|
|
global $config;
|
| 2658 |
751533a2
|
Phil Davis
|
if (is_array($config['sysctl']) && is_array($config['sysctl']['item'])) {
|
| 2659 |
6bef0554
|
jim-p
|
rename_field($config['sysctl']['item'], 'desc', 'descr');
|
| 2660 |
751533a2
|
Phil Davis
|
}
|
| 2661 |
6751b3e7
|
jim-p
|
}
|
| 2662 |
|
|
|
| 2663 |
e988813d
|
jim-p
|
function upgrade_072_to_073() {
|
| 2664 |
|
|
global $config;
|
| 2665 |
751533a2
|
Phil Davis
|
if (!is_array($config['load_balancer'])) {
|
| 2666 |
6bef0554
|
jim-p
|
return;
|
| 2667 |
751533a2
|
Phil Davis
|
}
|
| 2668 |
|
|
if (is_array($config['load_balancer']['monitor_type'])) {
|
| 2669 |
6bef0554
|
jim-p
|
rename_field($config['load_balancer']['monitor_type'], 'desc', 'descr');
|
| 2670 |
751533a2
|
Phil Davis
|
}
|
| 2671 |
|
|
if (is_array($config['load_balancer']['lbpool'])) {
|
| 2672 |
6bef0554
|
jim-p
|
rename_field($config['load_balancer']['lbpool'], 'desc', 'descr');
|
| 2673 |
751533a2
|
Phil Davis
|
}
|
| 2674 |
|
|
if (is_array($config['load_balancer']['lbaction'])) {
|
| 2675 |
6bef0554
|
jim-p
|
rename_field($config['load_balancer']['lbaction'], 'desc', 'descr');
|
| 2676 |
751533a2
|
Phil Davis
|
}
|
| 2677 |
|
|
if (is_array($config['load_balancer']['lbprotocol'])) {
|
| 2678 |
6bef0554
|
jim-p
|
rename_field($config['load_balancer']['lbprotocol'], 'desc', 'descr');
|
| 2679 |
751533a2
|
Phil Davis
|
}
|
| 2680 |
|
|
if (is_array($config['load_balancer']['virtual_server'])) {
|
| 2681 |
6bef0554
|
jim-p
|
rename_field($config['load_balancer']['virtual_server'], 'desc', 'descr');
|
| 2682 |
751533a2
|
Phil Davis
|
}
|
| 2683 |
e988813d
|
jim-p
|
}
|
| 2684 |
9ff73b79
|
jim-p
|
|
| 2685 |
|
|
function upgrade_073_to_074() {
|
| 2686 |
|
|
global $config;
|
| 2687 |
6751b3e7
|
jim-p
|
rename_field($config['system']['user'], 'fullname', 'descr');
|
| 2688 |
9ff73b79
|
jim-p
|
}
|
| 2689 |
f2a86ca9
|
jim-p
|
|
| 2690 |
|
|
function upgrade_074_to_075() {
|
| 2691 |
|
|
global $config;
|
| 2692 |
751533a2
|
Phil Davis
|
if (is_array($config['ca'])) {
|
| 2693 |
6bef0554
|
jim-p
|
rename_field($config['ca'], 'name', 'descr');
|
| 2694 |
751533a2
|
Phil Davis
|
}
|
| 2695 |
|
|
if (is_array($config['cert'])) {
|
| 2696 |
6bef0554
|
jim-p
|
rename_field($config['cert'], 'name', 'descr');
|
| 2697 |
751533a2
|
Phil Davis
|
}
|
| 2698 |
|
|
if (is_array($config['crl'])) {
|
| 2699 |
6bef0554
|
jim-p
|
rename_field($config['crl'], 'name', 'descr');
|
| 2700 |
751533a2
|
Phil Davis
|
}
|
| 2701 |
f2a86ca9
|
jim-p
|
}
|
| 2702 |
9734b054
|
Scott Ullrich
|
|
| 2703 |
d0dc2fd1
|
jim-p
|
function upgrade_075_to_076() {
|
| 2704 |
7d9b3d5e
|
jim-p
|
global $config;
|
| 2705 |
|
|
$cron_item = array();
|
| 2706 |
|
|
$cron_item['minute'] = "30";
|
| 2707 |
|
|
$cron_item['hour'] = "12";
|
| 2708 |
|
|
$cron_item['mday'] = "*";
|
| 2709 |
|
|
$cron_item['month'] = "*";
|
| 2710 |
|
|
$cron_item['wday'] = "*";
|
| 2711 |
|
|
$cron_item['who'] = "root";
|
| 2712 |
|
|
$cron_item['command'] = "/usr/bin/nice -n20 /etc/rc.update_urltables";
|
| 2713 |
|
|
$config['cron']['item'][] = $cron_item;
|
| 2714 |
d0dc2fd1
|
jim-p
|
}
|
| 2715 |
|
|
|
| 2716 |
9bc8b6b6
|
Seth Mos
|
function upgrade_076_to_077() {
|
| 2717 |
9956b38a
|
Seth Mos
|
global $config;
|
| 2718 |
751533a2
|
Phil Davis
|
foreach ($config['filter']['rule'] as & $rule) {
|
| 2719 |
|
|
if (isset($rule['protocol']) && !empty($rule['protocol'])) {
|
| 2720 |
|
|
$rule['protocol'] = strtolower($rule['protocol']);
|
| 2721 |
|
|
}
|
| 2722 |
9956b38a
|
Seth Mos
|
}
|
| 2723 |
|
|
}
|
| 2724 |
|
|
|
| 2725 |
|
|
function upgrade_077_to_078() {
|
| 2726 |
f33030aa
|
jim-p
|
global $config;
|
| 2727 |
751533a2
|
Phil Davis
|
if (is_array($config['pptpd']) && is_array($config['pptpd']['radius']) &&
|
| 2728 |
|
|
!is_array($config['pptpd']['radius']['server'])) {
|
| 2729 |
7171b7b6
|
jim-p
|
$radarr = array();
|
| 2730 |
|
|
$radsvr = array();
|
| 2731 |
|
|
$radsvr['ip'] = $config['pptpd']['radius']['server'];
|
| 2732 |
|
|
$radsvr['secret'] = $config['pptpd']['radius']['secret'];
|
| 2733 |
|
|
$radsvr['port'] = 1812;
|
| 2734 |
|
|
$radsvr['acctport'] = 1813;
|
| 2735 |
|
|
$radsvr['enable'] = isset($config['pptpd']['radius']['enable']);
|
| 2736 |
|
|
$radarr['accounting'] = isset($config['pptpd']['radius']['accounting']);
|
| 2737 |
751533a2
|
Phil Davis
|
if ($radarr['accounting']) {
|
| 2738 |
7171b7b6
|
jim-p
|
$radarr['acct_update'] = $radsvr['ip'];
|
| 2739 |
751533a2
|
Phil Davis
|
}
|
| 2740 |
7171b7b6
|
jim-p
|
$radarr['server'] = $radsvr;
|
| 2741 |
|
|
$config['pptpd']['radius'] = $radarr;
|
| 2742 |
|
|
}
|
| 2743 |
f7c8f633
|
jim-p
|
if (is_array($config['pptpd'])) {
|
| 2744 |
|
|
$config['pptpd']['n_pptp_units'] = empty($config['pptpd']['n_pptp_units']) ? 16 : $config['pptpd']['n_pptp_units'];
|
| 2745 |
|
|
}
|
| 2746 |
7171b7b6
|
jim-p
|
}
|
| 2747 |
27d0722d
|
jim-p
|
function upgrade_078_to_079() {
|
| 2748 |
838e4eb8
|
Warren Baker
|
global $g;
|
| 2749 |
5c723d9f
|
Warren Baker
|
/* Delete old and unused RRD file */
|
| 2750 |
838e4eb8
|
Warren Baker
|
unlink_if_exists("{$g['vardb_path']}/rrd/captiveportal-totalusers.rrd");
|
| 2751 |
5c723d9f
|
Warren Baker
|
}
|
| 2752 |
|
|
|
| 2753 |
58005e52
|
jim-p
|
function upgrade_079_to_080() {
|
| 2754 |
9bc8b6b6
|
Seth Mos
|
global $config;
|
| 2755 |
e6ee8fc6
|
Ermal
|
|
| 2756 |
f416763b
|
Phil Davis
|
/* Upgrade config in 1.2.3 specifying a username other than admin for syncing. */
|
| 2757 |
e6ee8fc6
|
Ermal
|
if (!empty($config['system']['username']) && is_array($config['installedpackages']['carpsettings']) &&
|
| 2758 |
751533a2
|
Phil Davis
|
is_array($config['installedpackages']['carpsettings']['config'])) {
|
| 2759 |
e6ee8fc6
|
Ermal
|
$config['installedpackages']['carpsettings']['config'][0]['username'] = $config['system']['username'];
|
| 2760 |
|
|
unset($config['system']['username']);
|
| 2761 |
|
|
}
|
| 2762 |
|
|
}
|
| 2763 |
|
|
|
| 2764 |
e49d4564
|
jim-p
|
function upgrade_080_to_081() {
|
| 2765 |
|
|
global $config;
|
| 2766 |
9bc8b6b6
|
Seth Mos
|
global $g;
|
| 2767 |
ff6677cf
|
smos
|
/* Welcome to the 2.1 migration path */
|
| 2768 |
|
|
|
| 2769 |
|
|
/* tag all the existing gateways as being IPv4 */
|
| 2770 |
|
|
$i = 0;
|
| 2771 |
751533a2
|
Phil Davis
|
if (is_array($config['gateways']['gateway_item'])) {
|
| 2772 |
|
|
foreach ($config['gateways']['gateway_item'] as $gw) {
|
| 2773 |
ff6677cf
|
smos
|
$config['gateways']['gateway_item'][$i]['ipprotocol'] = "inet";
|
| 2774 |
|
|
$i++;
|
| 2775 |
|
|
}
|
| 2776 |
|
|
}
|
| 2777 |
9bc8b6b6
|
Seth Mos
|
|
| 2778 |
|
|
/* RRD files changed for quality, traffic and packets graphs */
|
| 2779 |
|
|
/* convert traffic RRD file */
|
| 2780 |
|
|
global $parsedcfg, $listtags;
|
| 2781 |
|
|
$listtags = array("ds", "v", "rra", "row");
|
| 2782 |
|
|
|
| 2783 |
|
|
$rrddbpath = "/var/db/rrd/";
|
| 2784 |
|
|
$rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool";
|
| 2785 |
|
|
|
| 2786 |
dc61252a
|
Renato Botelho
|
if (isset($config['system']['use_mfs_tmpvar'])) {
|
| 2787 |
42ec9337
|
Renato Botelho
|
/* restore the databases, if we have one */
|
| 2788 |
|
|
if (restore_rrd()) {
|
| 2789 |
|
|
/* Make sure to move the rrd backup out of the way. We will make a new one after converting. */
|
| 2790 |
e1854cad
|
jim-p
|
@rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup/rrd.tgz");
|
| 2791 |
42ec9337
|
Renato Botelho
|
}
|
| 2792 |
|
|
}
|
| 2793 |
|
|
|
| 2794 |
9bc8b6b6
|
Seth Mos
|
$rrdinterval = 60;
|
| 2795 |
|
|
$valid = $rrdinterval * 2;
|
| 2796 |
|
|
|
| 2797 |
|
|
/* Asume GigE for now */
|
| 2798 |
|
|
$downstream = 125000000;
|
| 2799 |
|
|
$upstream = 125000000;
|
| 2800 |
|
|
|
| 2801 |
|
|
/* build a list of traffic and packets databases */
|
| 2802 |
84683e42
|
Renato Botelho
|
$databases = return_dir_as_array($rrddbpath, '/-(traffic|packets)\.rrd$/');
|
| 2803 |
9bc8b6b6
|
Seth Mos
|
rsort($databases);
|
| 2804 |
751533a2
|
Phil Davis
|
foreach ($databases as $database) {
|
| 2805 |
9bc8b6b6
|
Seth Mos
|
$xmldump = "{$database}.old.xml";
|
| 2806 |
|
|
$xmldumpnew = "{$database}.new.xml";
|
| 2807 |
|
|
|
| 2808 |
751533a2
|
Phil Davis
|
if (platform_booting()) {
|
| 2809 |
d55ea970
|
Seth Mos
|
echo "Migrate RRD database {$database} to new format for IPv6.\n";
|
| 2810 |
751533a2
|
Phil Davis
|
}
|
| 2811 |
9bc8b6b6
|
Seth Mos
|
|
| 2812 |
|
|
/* dump contents to xml and move database out of the way */
|
| 2813 |
|
|
dump_rrd_to_xml("{$rrddbpath}/{$database}", "{$g['tmp_path']}/{$xmldump}");
|
| 2814 |
|
|
|
| 2815 |
fcaa56b1
|
smos
|
/* search and replace tags to add data sources */
|
| 2816 |
|
|
$ds_search = "<!-- Round Robin Archives -->";
|
| 2817 |
|
|
$ds_arr = array();
|
| 2818 |
|
|
$ds_arr[] = " <ds>
|
| 2819 |
|
|
<name> inpass6 </name>
|
| 2820 |
|
|
<type> COUNTER </type>
|
| 2821 |
|
|
<minimal_heartbeat> {$valid} </minimal_heartbeat>
|
| 2822 |
|
|
<min> 0.0000000000e+00 </min>
|
| 2823 |
|
|
<max> 1.2500000000e+08 </max>
|
| 2824 |
|
|
|
| 2825 |
|
|
<!-- PDP Status -->
|
| 2826 |
|
|
<last_ds> 0 </last_ds>
|
| 2827 |
|
|
<value> NaN </value>
|
| 2828 |
|
|
<unknown_sec> 3 </unknown_sec>
|
| 2829 |
|
|
</ds>
|
| 2830 |
|
|
";
|
| 2831 |
|
|
$ds_arr[] = " <ds>
|
| 2832 |
|
|
<name> outpass6 </name>
|
| 2833 |
|
|
<type> COUNTER </type>
|
| 2834 |
|
|
<minimal_heartbeat> {$valid} </minimal_heartbeat>
|
| 2835 |
|
|
<min> 0.0000000000e+00 </min>
|
| 2836 |
|
|
<max> 1.2500000000e+08 </max>
|
| 2837 |
|
|
|
| 2838 |
|
|
<!-- PDP Status -->
|
| 2839 |
|
|
<last_ds> 0 </last_ds>
|
| 2840 |
|
|
<value> NaN </value>
|
| 2841 |
|
|
<unknown_sec> 3 </unknown_sec>
|
| 2842 |
|
|
</ds>
|
| 2843 |
|
|
";
|
| 2844 |
|
|
$ds_arr[] = " <ds>
|
| 2845 |
|
|
<name> inblock6 </name>
|
| 2846 |
|
|
<type> COUNTER </type>
|
| 2847 |
|
|
<minimal_heartbeat> {$valid} </minimal_heartbeat>
|
| 2848 |
|
|
<min> 0.0000000000e+00 </min>
|
| 2849 |
|
|
<max> 1.2500000000e+08 </max>
|
| 2850 |
|
|
|
| 2851 |
|
|
<!-- PDP Status -->
|
| 2852 |
|
|
<last_ds> 0 </last_ds>
|
| 2853 |
|
|
<value> NaN </value>
|
| 2854 |
|
|
<unknown_sec> 3 </unknown_sec>
|
| 2855 |
|
|
</ds>
|
| 2856 |
|
|
";
|
| 2857 |
|
|
$ds_arr[] = " <ds>
|
| 2858 |
|
|
<name> outblock6 </name>
|
| 2859 |
|
|
<type> COUNTER </type>
|
| 2860 |
|
|
<minimal_heartbeat> {$valid} </minimal_heartbeat>
|
| 2861 |
|
|
<min> 0.0000000000e+00 </min>
|
| 2862 |
|
|
<max> 1.2500000000e+08 </max>
|
| 2863 |
|
|
|
| 2864 |
|
|
<!-- PDP Status -->
|
| 2865 |
|
|
<last_ds> 0 </last_ds>
|
| 2866 |
|
|
<value> NaN </value>
|
| 2867 |
|
|
<unknown_sec> 3 </unknown_sec>
|
| 2868 |
|
|
</ds>
|
| 2869 |
|
|
";
|
| 2870 |
|
|
|
| 2871 |
|
|
$cdp_search = "<\/cdp_prep>";
|
| 2872 |
|
|
$cdp_replace = "</cdp_prep>";
|
| 2873 |
|
|
$cdp_arr = array();
|
| 2874 |
|
|
$cdp_arr[] = " <ds>
|
| 2875 |
|
|
<primary_value> NaN </primary_value>
|
| 2876 |
|
|
<secondary_value> 0.0000000000e+00 </secondary_value>
|
| 2877 |
|
|
<value> NaN </value>
|
| 2878 |
|
|
<unknown_datapoints> 0 </unknown_datapoints>
|
| 2879 |
|
|
</ds>
|
| 2880 |
|
|
";
|
| 2881 |
|
|
$cdp_arr[] = " <ds>
|
| 2882 |
|
|
<primary_value> NaN </primary_value>
|
| 2883 |
|
|
<secondary_value> 0.0000000000e+00 </secondary_value>
|
| 2884 |
|
|
<value> NaN </value>
|
| 2885 |
|
|
<unknown_datapoints> 0 </unknown_datapoints>
|
| 2886 |
|
|
</ds>
|
| 2887 |
|
|
";
|
| 2888 |
|
|
$cdp_arr[] = " <ds>
|
| 2889 |
|
|
<primary_value> NaN </primary_value>
|
| 2890 |
|
|
<secondary_value> 0.0000000000e+00 </secondary_value>
|
| 2891 |
|
|
<value> NaN </value>
|
| 2892 |
|
|
<unknown_datapoints> 0 </unknown_datapoints>
|
| 2893 |
|
|
</ds>
|
| 2894 |
|
|
";
|
| 2895 |
|
|
$cdp_arr[] = " <ds>
|
| 2896 |
|
|
<primary_value> NaN </primary_value>
|
| 2897 |
|
|
<secondary_value> 0.0000000000e+00 </secondary_value>
|
| 2898 |
|
|
<value> NaN </value>
|
| 2899 |
|
|
<unknown_datapoints> 0 </unknown_datapoints>
|
| 2900 |
|
|
</ds>
|
| 2901 |
|
|
";
|
| 2902 |
|
|
|
| 2903 |
|
|
$value_search = "<\/row>";
|
| 2904 |
|
|
$value_replace = "</row>";
|
| 2905 |
|
|
$value = "<v> NaN </v>";
|
| 2906 |
|
|
|
| 2907 |
|
|
$xml = file_get_contents("{$g['tmp_path']}/{$xmldump}");
|
| 2908 |
751533a2
|
Phil Davis
|
foreach ($ds_arr as $ds) {
|
| 2909 |
fcaa56b1
|
smos
|
$xml = preg_replace("/$ds_search/s", "$ds{$ds_search}", $xml);
|
| 2910 |
|
|
}
|
| 2911 |
751533a2
|
Phil Davis
|
foreach ($cdp_arr as $cdp) {
|
| 2912 |
fcaa56b1
|
smos
|
$xml = preg_replace("/$cdp_search/s", "$cdp{$cdp_replace}", $xml);
|
| 2913 |
|
|
}
|
| 2914 |
751533a2
|
Phil Davis
|
foreach ($ds_arr as $ds) {
|
| 2915 |
fcaa56b1
|
smos
|
$xml = preg_replace("/$value_search/s", "$value{$value_replace}", $xml);
|
| 2916 |
|
|
}
|
| 2917 |
751533a2
|
Phil Davis
|
|
| 2918 |
fcaa56b1
|
smos
|
file_put_contents("{$g['tmp_path']}/{$xmldumpnew}", $xml);
|
| 2919 |
|
|
mwexec("$rrdtool restore -f {$g['tmp_path']}/{$xmldumpnew} {$rrddbpath}/{$database} 2>&1");
|
| 2920 |
|
|
unset($xml);
|
| 2921 |
73c569ea
|
Xon
|
# Default /tmp tmpfs is ~40mb, do not leave temp files around
|
| 2922 |
48047e3f
|
Renato Botelho
|
unlink_if_exists("{$g['tmp_path']}/{$xmldump}");
|
| 2923 |
|
|
unlink_if_exists("{$g['tmp_path']}/{$xmldumpnew}");
|
| 2924 |
9bc8b6b6
|
Seth Mos
|
}
|
| 2925 |
751533a2
|
Phil Davis
|
if (!platform_booting()) {
|
| 2926 |
e546d2d1
|
Ermal LUÇI
|
enable_rrd_graphing();
|
| 2927 |
751533a2
|
Phil Davis
|
}
|
| 2928 |
42ec9337
|
Renato Botelho
|
/* Let's save the RRD graphs after we run enable RRD graphing */
|
| 2929 |
|
|
/* The function will restore the rrd.tgz so we will save it after */
|
| 2930 |
1289c0c1
|
Renato Botelho
|
exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh");
|
| 2931 |
751533a2
|
Phil Davis
|
if (platform_booting()) {
|
| 2932 |
9bc8b6b6
|
Seth Mos
|
echo "Updating configuration...";
|
| 2933 |
751533a2
|
Phil Davis
|
}
|
| 2934 |
|
|
foreach ($config['filter']['rule'] as & $rule) {
|
| 2935 |
|
|
if (isset($rule['protocol']) && !empty($rule['protocol'])) {
|
| 2936 |
1c1a74fa
|
jim-p
|
$rule['protocol'] = strtolower($rule['protocol']);
|
| 2937 |
751533a2
|
Phil Davis
|
}
|
| 2938 |
7ec0e6e2
|
jim-p
|
}
|
| 2939 |
17640b28
|
Ermal
|
unset($rule);
|
| 2940 |
9bc8b6b6
|
Seth Mos
|
}
|
| 2941 |
|
|
|
| 2942 |
e49d4564
|
jim-p
|
function upgrade_081_to_082() {
|
| 2943 |
4cdf35a4
|
Chris Buechler
|
/* don't enable the allow IPv6 toggle */
|
| 2944 |
1f116988
|
Seth Mos
|
}
|
| 2945 |
b4792bf8
|
Ermal
|
|
| 2946 |
|
|
function upgrade_082_to_083() {
|
| 2947 |
|
|
global $config;
|
| 2948 |
7b47bd4c
|
Ermal
|
|
| 2949 |
b4792bf8
|
Ermal
|
/* Upgrade captiveportal config */
|
| 2950 |
|
|
if (!empty($config['captiveportal'])) {
|
| 2951 |
|
|
$tmpcp = $config['captiveportal'];
|
| 2952 |
|
|
$config['captiveportal'] = array();
|
| 2953 |
17640b28
|
Ermal
|
$config['captiveportal']['cpzone'] = array();
|
| 2954 |
|
|
$config['captiveportal']['cpzone'] = $tmpcp;
|
| 2955 |
|
|
$config['captiveportal']['cpzone']['zoneid'] = 8000;
|
| 2956 |
26b6e758
|
jim-p
|
$config['captiveportal']['cpzone']['zone'] = "cpzone";
|
| 2957 |
751533a2
|
Phil Davis
|
if ($config['captiveportal']['cpzone']['auth_method'] == "radius") {
|
| 2958 |
2d72659a
|
Renato Botelho
|
$config['captiveportal']['cpzone']['radius_protocol'] = "PAP";
|
| 2959 |
751533a2
|
Phil Davis
|
}
|
| 2960 |
b4792bf8
|
Ermal
|
}
|
| 2961 |
67e73dcd
|
Ermal
|
if (!empty($config['voucher'])) {
|
| 2962 |
|
|
$tmpcp = $config['voucher'];
|
| 2963 |
|
|
$config['voucher'] = array();
|
| 2964 |
17640b28
|
Ermal
|
$config['voucher']['cpzone'] = array();
|
| 2965 |
|
|
$config['voucher']['cpzone'] = $tmpcp;
|
| 2966 |
67e73dcd
|
Ermal
|
}
|
| 2967 |
b4792bf8
|
Ermal
|
}
|
| 2968 |
67e73dcd
|
Ermal
|
|
| 2969 |
f97a5b04
|
Darren Embry
|
function upgrade_083_to_084() {
|
| 2970 |
|
|
global $config;
|
| 2971 |
|
|
if (!isset($config['hasync'])) {
|
| 2972 |
|
|
if (!empty($config['installedpackages']) &&
|
| 2973 |
|
|
!empty($config['installedpackages']['carpsettings']) &&
|
| 2974 |
|
|
!empty($config['installedpackages']['carpsettings']['config'])) {
|
| 2975 |
|
|
$config['hasync'] = $config['installedpackages']['carpsettings']['config'][0];
|
| 2976 |
|
|
unset($config['installedpackages']['carpsettings']);
|
| 2977 |
|
|
}
|
| 2978 |
fa6e5ba5
|
Phil Davis
|
if (empty($config['installedpackages']['carpsettings']) && isset($config['installedpackages']['carpsettings'])) {
|
| 2979 |
f97a5b04
|
Darren Embry
|
unset($config['installedpackages']['carpsettings']);
|
| 2980 |
|
|
}
|
| 2981 |
fa6e5ba5
|
Phil Davis
|
if (empty($config['installedpackages']) && isset($config['installedpackages'])) {
|
| 2982 |
f97a5b04
|
Darren Embry
|
unset($config['installedpackages']);
|
| 2983 |
|
|
}
|
| 2984 |
|
|
}
|
| 2985 |
|
|
}
|
| 2986 |
|
|
|
| 2987 |
c3ce2ece
|
smos
|
function upgrade_084_to_085() {
|
| 2988 |
|
|
global $config;
|
| 2989 |
|
|
|
| 2990 |
|
|
$gateway_group_arr = array();
|
| 2991 |
|
|
$gateways = return_gateways_array();
|
| 2992 |
|
|
$oldnames = array();
|
| 2993 |
|
|
/* setup translation array */
|
| 2994 |
751533a2
|
Phil Davis
|
foreach ($gateways as $name => $gw) {
|
| 2995 |
|
|
if (isset($gw['dynamic'])) {
|
| 2996 |
c3ce2ece
|
smos
|
$oldname = strtoupper($config['interfaces'][$gw['friendlyiface']]['descr']);
|
| 2997 |
2d563280
|
Renato Botelho
|
$oldnames[$oldname] = $name;
|
| 2998 |
c3ce2ece
|
smos
|
} else {
|
| 2999 |
|
|
$oldnames[$name] = $name;
|
| 3000 |
|
|
}
|
| 3001 |
|
|
}
|
| 3002 |
|
|
|
| 3003 |
|
|
/* process the old array */
|
| 3004 |
751533a2
|
Phil Davis
|
if (is_array($config['gateways']['gateway_group'])) {
|
| 3005 |
c3ce2ece
|
smos
|
$group_array_new = array();
|
| 3006 |
751533a2
|
Phil Davis
|
foreach ($config['gateways']['gateway_group'] as $name => $group) {
|
| 3007 |
|
|
if (is_array($group['item'])) {
|
| 3008 |
c3ce2ece
|
smos
|
$newlist = array();
|
| 3009 |
751533a2
|
Phil Davis
|
foreach ($group['item'] as $entry) {
|
| 3010 |
c3ce2ece
|
smos
|
$elements = explode("|", $entry);
|
| 3011 |
751533a2
|
Phil Davis
|
if ($oldnames[$elements[0]] <> "") {
|
| 3012 |
c3ce2ece
|
smos
|
$newlist[] = "{$oldnames[$elements[0]]}|{$elements[1]}";
|
| 3013 |
da12a8a4
|
smos
|
} else {
|
| 3014 |
|
|
$newlist[] = "{$elements[0]}|{$elements[1]}";
|
| 3015 |
c3ce2ece
|
smos
|
}
|
| 3016 |
|
|
}
|
| 3017 |
|
|
$group['item'] = $newlist;
|
| 3018 |
|
|
$group_array_new[$name] = $group;
|
| 3019 |
|
|
}
|
| 3020 |
|
|
}
|
| 3021 |
|
|
$config['gateways']['gateway_group'] = $group_array_new;
|
| 3022 |
|
|
}
|
| 3023 |
d4d5f7b4
|
smos
|
/* rename old Quality RRD files in the process */
|
| 3024 |
|
|
$rrddbpath = "/var/db/rrd";
|
| 3025 |
751533a2
|
Phil Davis
|
foreach ($oldnames as $old => $new) {
|
| 3026 |
|
|
if (is_readable("{$rrddbpath}/{$old}-quality.rrd")) {
|
| 3027 |
17640b28
|
Ermal
|
@rename("{$rrddbpath}/{$old}-quality.rrd", "{$rrddbpath}/{$new}-quality.rrd");
|
| 3028 |
d4d5f7b4
|
smos
|
}
|
| 3029 |
|
|
}
|
| 3030 |
17640b28
|
Ermal
|
unset($gateways, $oldnames, $gateway_group_arr);
|
| 3031 |
c3ce2ece
|
smos
|
}
|
| 3032 |
|
|
|
| 3033 |
b22fc825
|
jim-p
|
function upgrade_085_to_086() {
|
| 3034 |
879f7db7
|
Erik Fonnesbeck
|
global $config, $g;
|
| 3035 |
b22fc825
|
jim-p
|
|
| 3036 |
|
|
/* XXX: Gross hacks in sight */
|
| 3037 |
12766374
|
Erik Fonnesbeck
|
if (is_array($config['virtualip']['vip'])) {
|
| 3038 |
b22fc825
|
jim-p
|
$vipchg = array();
|
| 3039 |
12766374
|
Erik Fonnesbeck
|
foreach ($config['virtualip']['vip'] as $vip) {
|
| 3040 |
751533a2
|
Phil Davis
|
if ($vip['mode'] != "carp") {
|
| 3041 |
fbda07b9
|
Ermal
|
continue;
|
| 3042 |
751533a2
|
Phil Davis
|
}
|
| 3043 |
f2cc3344
|
Renato Botelho
|
$config = array_replace_values_recursive(
|
| 3044 |
|
|
$config,
|
| 3045 |
|
|
'^vip' . $vip['vhid'] . '$',
|
| 3046 |
|
|
"{$vip['interface']}_vip{$vip['vhid']}"
|
| 3047 |
|
|
);
|
| 3048 |
fe47f1f2
|
Erik Fonnesbeck
|
}
|
| 3049 |
b22fc825
|
jim-p
|
}
|
| 3050 |
|
|
}
|
| 3051 |
|
|
|
| 3052 |
85a236e9
|
Ermal
|
function upgrade_086_to_087() {
|
| 3053 |
|
|
global $config, $dummynet_pipe_list;
|
| 3054 |
|
|
|
| 3055 |
751533a2
|
Phil Davis
|
if (!is_array($config['dnshaper']) || !is_array($config['dnshaper']['queue'])) {
|
| 3056 |
85a236e9
|
Ermal
|
return;
|
| 3057 |
751533a2
|
Phil Davis
|
}
|
| 3058 |
85a236e9
|
Ermal
|
|
| 3059 |
|
|
$dnqueue_number = 1;
|
| 3060 |
|
|
$dnpipe_number = 1;
|
| 3061 |
|
|
|
| 3062 |
|
|
foreach ($config['dnshaper']['queue'] as $idx => $dnpipe) {
|
| 3063 |
|
|
$config['dnshaper']['queue'][$idx]['number'] = $dnpipe_number;
|
| 3064 |
|
|
$dnpipe_number++;
|
| 3065 |
|
|
if (is_array($dnpipe['queue'])) {
|
| 3066 |
|
|
foreach ($dnpipe['queue'] as $qidx => $dnqueue) {
|
| 3067 |
|
|
$config['dnshaper']['queue'][$idx]['queue'][$qidx]['number'] = $dnqueue_number;
|
| 3068 |
|
|
$dnqueue_number++;
|
| 3069 |
|
|
}
|
| 3070 |
|
|
}
|
| 3071 |
|
|
}
|
| 3072 |
|
|
|
| 3073 |
|
|
unset($dnqueue_number, $dnpipe_number, $qidx, $idx, $dnpipe, $dnqueue);
|
| 3074 |
|
|
|
| 3075 |
34823356
|
Phil Davis
|
if (!is_array($config['filter']) || !is_array($config['filter']['rule'])) {
|
| 3076 |
|
|
return;
|
| 3077 |
|
|
}
|
| 3078 |
|
|
|
| 3079 |
85a236e9
|
Ermal
|
require_once("shaper.inc");
|
| 3080 |
|
|
read_dummynet_config();
|
| 3081 |
|
|
|
| 3082 |
628306af
|
Ermal
|
$dn_list = array();
|
| 3083 |
2d563280
|
Renato Botelho
|
if (is_array($dummynet_pipe_list)) {
|
| 3084 |
|
|
foreach ($dummynet_pipe_list as $dn) {
|
| 3085 |
|
|
$tmplist =& $dn->get_queue_list();
|
| 3086 |
|
|
foreach ($tmplist as $qname => $link) {
|
| 3087 |
|
|
$dn_list[$link] = $qname;
|
| 3088 |
|
|
}
|
| 3089 |
|
|
}
|
| 3090 |
17640b28
|
Ermal
|
unset($dummynet_pipe_list);
|
| 3091 |
2d563280
|
Renato Botelho
|
}
|
| 3092 |
628306af
|
Ermal
|
|
| 3093 |
85a236e9
|
Ermal
|
foreach ($config['filter']['rule'] as $idx => $rule) {
|
| 3094 |
|
|
if (!empty($rule['dnpipe'])) {
|
| 3095 |
751533a2
|
Phil Davis
|
if (!empty($dn_list[$rule['dnpipe']])) {
|
| 3096 |
628306af
|
Ermal
|
$config['filter']['rule'][$idx]['dnpipe'] = $dn_list[$rule['dnpipe']];
|
| 3097 |
751533a2
|
Phil Davis
|
}
|
| 3098 |
85a236e9
|
Ermal
|
}
|
| 3099 |
|
|
if (!empty($rule['pdnpipe'])) {
|
| 3100 |
751533a2
|
Phil Davis
|
if (!empty($dn_list[$rule['pdnpipe']])) {
|
| 3101 |
628306af
|
Ermal
|
$config['filter']['rule'][$idx]['pdnpipe'] = $dn_list[$rule['pdnpipe']];
|
| 3102 |
751533a2
|
Phil Davis
|
}
|
| 3103 |
85a236e9
|
Ermal
|
}
|
| 3104 |
|
|
}
|
| 3105 |
|
|
}
|
| 3106 |
7530177c
|
jim-p
|
function upgrade_087_to_088() {
|
| 3107 |
|
|
global $config;
|
| 3108 |
|
|
if (isset($config['system']['glxsb_enable'])) {
|
| 3109 |
|
|
unset($config['system']['glxsb_enable']);
|
| 3110 |
|
|
$config['system']['crypto_hardware'] = "glxsb";
|
| 3111 |
|
|
}
|
| 3112 |
|
|
}
|
| 3113 |
36f6ed35
|
bcyrill
|
|
| 3114 |
|
|
function upgrade_088_to_089() {
|
| 3115 |
2d563280
|
Renato Botelho
|
global $config;
|
| 3116 |
751533a2
|
Phil Davis
|
if (!is_array($config['ca'])) {
|
| 3117 |
2d563280
|
Renato Botelho
|
$config['ca'] = array();
|
| 3118 |
751533a2
|
Phil Davis
|
}
|
| 3119 |
|
|
if (!is_array($config['cert'])) {
|
| 3120 |
2d563280
|
Renato Botelho
|
$config['cert'] = array();
|
| 3121 |
751533a2
|
Phil Davis
|
}
|
| 3122 |
2d563280
|
Renato Botelho
|
|
| 3123 |
f416763b
|
Phil Davis
|
/* migrate captive portal ssl to certificate manager */
|
| 3124 |
2d563280
|
Renato Botelho
|
if (is_array($config['captiveportal'])) {
|
| 3125 |
|
|
foreach ($config['captiveportal'] as $id => &$setting) {
|
| 3126 |
|
|
if (isset($setting['httpslogin'])) {
|
| 3127 |
|
|
/* create cert entry */
|
| 3128 |
|
|
$cert = array();
|
| 3129 |
|
|
$cert['refid'] = uniqid();
|
| 3130 |
|
|
$cert['descr'] = "Captive Portal Cert - {$setting['zone']}";
|
| 3131 |
|
|
$cert['crt'] = $setting['certificate'];
|
| 3132 |
|
|
$cert['prv'] = $setting['private-key'];
|
| 3133 |
|
|
|
| 3134 |
|
|
if (!empty($setting['cacertificate'])) {
|
| 3135 |
|
|
/* create ca entry */
|
| 3136 |
|
|
$ca = array();
|
| 3137 |
|
|
$ca['refid'] = uniqid();
|
| 3138 |
|
|
$ca['descr'] = "Captive Portal CA - {$setting['zone']}";
|
| 3139 |
|
|
$ca['crt'] = $setting['cacertificate'];
|
| 3140 |
|
|
$config['ca'][] = $ca;
|
| 3141 |
|
|
|
| 3142 |
|
|
/* add ca reference to certificate */
|
| 3143 |
|
|
$cert['caref'] = $ca['refid'];
|
| 3144 |
|
|
}
|
| 3145 |
|
|
|
| 3146 |
|
|
$config['cert'][] = $cert;
|
| 3147 |
|
|
|
| 3148 |
|
|
/* create cert reference */
|
| 3149 |
|
|
$setting['certref'] = $cert['refid'];
|
| 3150 |
|
|
|
| 3151 |
|
|
unset($setting['certificate']);
|
| 3152 |
|
|
unset($setting['private-key']);
|
| 3153 |
|
|
unset($setting['cacertificate']);
|
| 3154 |
|
|
|
| 3155 |
|
|
}
|
| 3156 |
|
|
}
|
| 3157 |
|
|
}
|
| 3158 |
36f6ed35
|
bcyrill
|
}
|
| 3159 |
2d563280
|
Renato Botelho
|
|
| 3160 |
6e9b046e
|
jim-p
|
function upgrade_089_to_090() {
|
| 3161 |
|
|
global $config;
|
| 3162 |
|
|
if (is_array($config['load_balancer']['virtual_server']) && count($config['load_balancer']['virtual_server'])) {
|
| 3163 |
|
|
$vs_a = &$config['load_balancer']['virtual_server'];
|
| 3164 |
|
|
for ($i = 0; isset($vs_a[$i]); $i++) {
|
| 3165 |
|
|
if (is_array($vs_a[$i]['pool'])) {
|
| 3166 |
|
|
$vs_a[$i]['poolname'] = $vs_a[$i]['pool'][0];
|
| 3167 |
|
|
unset($vs_a[$i]['pool']);
|
| 3168 |
|
|
} elseif (!empty($vs_a[$i]['pool'])) {
|
| 3169 |
|
|
$vs_a[$i]['poolname'] = $vs_a[$i]['pool'];
|
| 3170 |
|
|
unset($vs_a[$i]['pool']);
|
| 3171 |
|
|
}
|
| 3172 |
|
|
}
|
| 3173 |
|
|
}
|
| 3174 |
|
|
}
|
| 3175 |
c9ba2f8a
|
Ermal
|
|
| 3176 |
|
|
function upgrade_090_to_091() {
|
| 3177 |
|
|
global $config;
|
| 3178 |
|
|
|
| 3179 |
|
|
if (is_array($config['dnshaper']) && is_array($config['dnshaper']['queue'])) {
|
| 3180 |
|
|
foreach ($config['dnshaper']['queue'] as $idx => $dnqueue) {
|
| 3181 |
|
|
if (!empty($dnqueue['bandwidth'])) {
|
| 3182 |
|
|
$bw = array();
|
| 3183 |
|
|
$bw['bw'] = $dnqueue['bandwidth'];
|
| 3184 |
|
|
$bw['bwscale'] = $dnqueue['bandwidthtype'];
|
| 3185 |
|
|
$bw['bwsched'] = "none";
|
| 3186 |
|
|
$config['dnshaper']['queue'][$idx]['bandwidth'] = array();
|
| 3187 |
|
|
$config['dnshaper']['queue'][$idx]['bandwidth']['item'] = array();
|
| 3188 |
|
|
$config['dnshaper']['queue'][$idx]['bandwidth']['item'][] = $bw;
|
| 3189 |
|
|
}
|
| 3190 |
|
|
}
|
| 3191 |
|
|
}
|
| 3192 |
|
|
}
|
| 3193 |
e99ba2d6
|
Renato Botelho
|
|
| 3194 |
|
|
function upgrade_091_to_092() {
|
| 3195 |
|
|
global $config;
|
| 3196 |
|
|
|
| 3197 |
|
|
if (is_array($config['nat']['advancedoutbound']) && is_array($config['nat']['advancedoutbound']['rule'])) {
|
| 3198 |
|
|
$nat_rules = &$config['nat']['advancedoutbound']['rule'];
|
| 3199 |
|
|
for ($i = 0; isset($nat_rules[$i]); $i++) {
|
| 3200 |
|
|
if (empty($nat_rules[$i]['interface'])) {
|
| 3201 |
|
|
$nat_rules[$i]['interface'] = 'wan';
|
| 3202 |
|
|
}
|
| 3203 |
|
|
}
|
| 3204 |
|
|
}
|
| 3205 |
|
|
}
|
| 3206 |
2d563280
|
Renato Botelho
|
|
| 3207 |
cba9d7d9
|
Renato Botelho
|
function upgrade_092_to_093() {
|
| 3208 |
|
|
global $g;
|
| 3209 |
|
|
|
| 3210 |
|
|
$suffixes = array("concurrent", "loggedin");
|
| 3211 |
|
|
|
| 3212 |
751533a2
|
Phil Davis
|
foreach ($suffixes as $suffix) {
|
| 3213 |
|
|
if (file_exists("{$g['vardb_path']}/rrd/captiveportal-{$suffix}.rrd")) {
|
| 3214 |
cba9d7d9
|
Renato Botelho
|
rename("{$g['vardb_path']}/rrd/captiveportal-{$suffix}.rrd",
|
| 3215 |
|
|
"{$g['vardb_path']}/rrd/captiveportal-cpZone-{$suffix}.rrd");
|
| 3216 |
751533a2
|
Phil Davis
|
}
|
| 3217 |
|
|
}
|
| 3218 |
cba9d7d9
|
Renato Botelho
|
|
| 3219 |
751533a2
|
Phil Davis
|
if (!platform_booting()) {
|
| 3220 |
e546d2d1
|
Ermal LUÇI
|
enable_rrd_graphing();
|
| 3221 |
751533a2
|
Phil Davis
|
}
|
| 3222 |
cba9d7d9
|
Renato Botelho
|
}
|
| 3223 |
|
|
|
| 3224 |
6015f75b
|
N0YB
|
function upgrade_093_to_094() {
|
| 3225 |
|
|
global $config;
|
| 3226 |
|
|
|
| 3227 |
|
|
if (isset($config['system']['powerd_mode'])) {
|
| 3228 |
|
|
$config['system']['powerd_ac_mode'] = $config['system']['powerd_mode'];
|
| 3229 |
|
|
$config['system']['powerd_battery_mode'] = $config['system']['powerd_mode'];
|
| 3230 |
|
|
unset($config['system']['powerd_mode']);
|
| 3231 |
|
|
}
|
| 3232 |
|
|
}
|
| 3233 |
|
|
|
| 3234 |
02203e6d
|
Renato Botelho
|
function upgrade_094_to_095() {
|
| 3235 |
|
|
global $config;
|
| 3236 |
|
|
|
| 3237 |
751533a2
|
Phil Davis
|
if (!isset($config['interfaces']) || !is_array($config['interfaces'])) {
|
| 3238 |
02203e6d
|
Renato Botelho
|
return;
|
| 3239 |
751533a2
|
Phil Davis
|
}
|
| 3240 |
02203e6d
|
Renato Botelho
|
|
| 3241 |
751533a2
|
Phil Davis
|
foreach ($config['interfaces'] as $iface => $cfg) {
|
| 3242 |
|
|
if (isset($cfg['ipaddrv6']) && ($cfg['ipaddrv6'] == "track6")) {
|
| 3243 |
|
|
if (!isset($cfg['track6-prefix-id']) || ($cfg['track6-prefix-id'] == "")) {
|
| 3244 |
02203e6d
|
Renato Botelho
|
$config['interfaces'][$iface]['track6-prefix-id'] = 0;
|
| 3245 |
751533a2
|
Phil Davis
|
}
|
| 3246 |
|
|
}
|
| 3247 |
|
|
}
|
| 3248 |
02203e6d
|
Renato Botelho
|
}
|
| 3249 |
|
|
|
| 3250 |
fa3b33a5
|
Renato Botelho
|
function upgrade_095_to_096() {
|
| 3251 |
|
|
global $config, $g;
|
| 3252 |
|
|
|
| 3253 |
|
|
$names = array("inpass", "outpass", "inblock", "outblock",
|
| 3254 |
|
|
"inpass6", "outpass6", "inblock6", "outblock6");
|
| 3255 |
|
|
$rrddbpath = "/var/db/rrd";
|
| 3256 |
|
|
$rrdtool = "/usr/local/bin/rrdtool";
|
| 3257 |
|
|
|
| 3258 |
dc61252a
|
Renato Botelho
|
if (isset($config['system']['use_mfs_tmpvar'])) {
|
| 3259 |
42ec9337
|
Renato Botelho
|
/* restore the databases, if we have one */
|
| 3260 |
|
|
if (restore_rrd()) {
|
| 3261 |
|
|
/* Make sure to move the rrd backup out of the way. We will make a new one after converting. */
|
| 3262 |
8560c756
|
jim-p
|
@rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup/rrd.tgz");
|
| 3263 |
42ec9337
|
Renato Botelho
|
}
|
| 3264 |
|
|
}
|
| 3265 |
|
|
|
| 3266 |
fa3b33a5
|
Renato Botelho
|
/* Assume 2*10GigE for now */
|
| 3267 |
|
|
$stream = 2500000000;
|
| 3268 |
|
|
|
| 3269 |
|
|
/* build a list of traffic and packets databases */
|
| 3270 |
|
|
$databases = return_dir_as_array($rrddbpath, '/-(traffic|packets)\.rrd$/');
|
| 3271 |
|
|
rsort($databases);
|
| 3272 |
751533a2
|
Phil Davis
|
foreach ($databases as $database) {
|
| 3273 |
|
|
if (platform_booting()) {
|
| 3274 |
fa3b33a5
|
Renato Botelho
|
echo "Update RRD database {$database}.\n";
|
| 3275 |
751533a2
|
Phil Davis
|
}
|
| 3276 |
fa3b33a5
|
Renato Botelho
|
|
| 3277 |
|
|
$cmd = "{$rrdtool} tune {$rrddbpath}/{$database}";
|
| 3278 |
751533a2
|
Phil Davis
|
foreach ($names as $name) {
|
| 3279 |
fa3b33a5
|
Renato Botelho
|
$cmd .= " -a {$name}:{$stream}";
|
| 3280 |
751533a2
|
Phil Davis
|
}
|
| 3281 |
fa3b33a5
|
Renato Botelho
|
mwexec("{$cmd} 2>&1");
|
| 3282 |
|
|
|
| 3283 |
|
|
}
|
| 3284 |
751533a2
|
Phil Davis
|
if (!platform_booting()) {
|
| 3285 |
e546d2d1
|
Ermal LUÇI
|
enable_rrd_graphing();
|
| 3286 |
751533a2
|
Phil Davis
|
}
|
| 3287 |
42ec9337
|
Renato Botelho
|
/* Let's save the RRD graphs after we run enable RRD graphing */
|
| 3288 |
|
|
/* The function will restore the rrd.tgz so we will save it after */
|
| 3289 |
1289c0c1
|
Renato Botelho
|
exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh");
|
| 3290 |
fa3b33a5
|
Renato Botelho
|
}
|
| 3291 |
|
|
|
| 3292 |
1cf24f0a
|
jim-p
|
function upgrade_096_to_097() {
|
| 3293 |
|
|
global $config, $g;
|
| 3294 |
|
|
/* If the user had disabled default block rule logging before, then bogon/private network logging was already off, so respect their choice. */
|
| 3295 |
|
|
if (isset($config['syslog']['nologdefaultblock'])) {
|
| 3296 |
|
|
$config['syslog']['nologbogons'] = true;
|
| 3297 |
|
|
$config['syslog']['nologprivatenets'] = true;
|
| 3298 |
|
|
}
|
| 3299 |
|
|
}
|
| 3300 |
af0a477a
|
Renato Botelho
|
|
| 3301 |
|
|
function upgrade_097_to_098() {
|
| 3302 |
3756fd86
|
Chris Buechler
|
// no longer used (used to set kill_states)
|
| 3303 |
|
|
return;
|
| 3304 |
af0a477a
|
Renato Botelho
|
}
|
| 3305 |
67e5e3c6
|
Renato Botelho
|
|
| 3306 |
|
|
function upgrade_098_to_099() {
|
| 3307 |
a3cc1409
|
jim-p
|
global $config;
|
| 3308 |
759a6fcf
|
Ermal
|
|
| 3309 |
751533a2
|
Phil Davis
|
if (empty($config['dhcpd']) || !is_array($config['dhcpd'])) {
|
| 3310 |
759a6fcf
|
Ermal
|
return;
|
| 3311 |
751533a2
|
Phil Davis
|
}
|
| 3312 |
759a6fcf
|
Ermal
|
|
| 3313 |
a3cc1409
|
jim-p
|
foreach ($config['dhcpd'] as & $dhcpifconf) {
|
| 3314 |
|
|
if (isset($dhcpifconf['next-server'])) {
|
| 3315 |
|
|
$dhcpifconf['nextserver'] = $dhcpifconf['next-server'];
|
| 3316 |
aa0753e3
|
jim-p
|
unset($dhcpifconf['next-server']);
|
| 3317 |
a3cc1409
|
jim-p
|
}
|
| 3318 |
|
|
}
|
| 3319 |
|
|
}
|
| 3320 |
|
|
|
| 3321 |
|
|
function upgrade_099_to_100() {
|
| 3322 |
|
|
require_once("/etc/inc/services.inc");
|
| 3323 |
|
|
install_cron_job("/usr/bin/nice -n20 newsyslog", false);
|
| 3324 |
|
|
}
|
| 3325 |
|
|
|
| 3326 |
20dad315
|
Ermal
|
function upgrade_100_to_101() {
|
| 3327 |
|
|
global $config, $g;
|
| 3328 |
|
|
|
| 3329 |
751533a2
|
Phil Davis
|
if (!is_array($config['voucher'])) {
|
| 3330 |
20dad315
|
Ermal
|
return;
|
| 3331 |
751533a2
|
Phil Davis
|
}
|
| 3332 |
20dad315
|
Ermal
|
|
| 3333 |
|
|
foreach ($config['voucher'] as $cpzone => $cp) {
|
| 3334 |
751533a2
|
Phil Davis
|
if (!is_array($cp['roll'])) {
|
| 3335 |
20dad315
|
Ermal
|
continue;
|
| 3336 |
751533a2
|
Phil Davis
|
}
|
| 3337 |
20dad315
|
Ermal
|
foreach ($cp['roll'] as $ridx => $rcfg) {
|
| 3338 |
751533a2
|
Phil Davis
|
if (!empty($rcfg['comment'])) {
|
| 3339 |
20dad315
|
Ermal
|
$config['voucher'][$cpzone]['roll'][$ridx]['descr'] = $rcfg['comment'];
|
| 3340 |
751533a2
|
Phil Davis
|
}
|
| 3341 |
20dad315
|
Ermal
|
}
|
| 3342 |
|
|
}
|
| 3343 |
|
|
}
|
| 3344 |
|
|
|
| 3345 |
eae91304
|
Ermal
|
function upgrade_101_to_102() {
|
| 3346 |
67e5e3c6
|
Renato Botelho
|
global $config, $g;
|
| 3347 |
|
|
|
| 3348 |
ee34e137
|
Phil Davis
|
if (is_array($config['captiveportal'])) {
|
| 3349 |
|
|
foreach ($config['captiveportal'] as $cpzone => $cp) {
|
| 3350 |
751533a2
|
Phil Davis
|
if (!is_array($cp['passthrumac'])) {
|
| 3351 |
ee34e137
|
Phil Davis
|
continue;
|
| 3352 |
751533a2
|
Phil Davis
|
}
|
| 3353 |
67e5e3c6
|
Renato Botelho
|
|
| 3354 |
751533a2
|
Phil Davis
|
foreach ($cp['passthrumac'] as $idx => $passthrumac) {
|
| 3355 |
ee34e137
|
Phil Davis
|
$config['captiveportal'][$cpzone]['passthrumac'][$idx]['action'] = 'pass';
|
| 3356 |
751533a2
|
Phil Davis
|
}
|
| 3357 |
ee34e137
|
Phil Davis
|
}
|
| 3358 |
67e5e3c6
|
Renato Botelho
|
}
|
| 3359 |
edba1982
|
jim-p
|
|
| 3360 |
eae91304
|
Ermal
|
/* Convert OpenVPN Compression option to the new style */
|
| 3361 |
edba1982
|
jim-p
|
// Nothing to do if there is no OpenVPN tag
|
| 3362 |
ee34e137
|
Phil Davis
|
if (isset($config['openvpn']) && is_array($config['openvpn'])) {
|
| 3363 |
|
|
if (is_array($config['openvpn']['openvpn-server'])) {
|
| 3364 |
|
|
foreach ($config['openvpn']['openvpn-server'] as &$vpn) {
|
| 3365 |
751533a2
|
Phil Davis
|
if (!empty($vpn['compression'])) {
|
| 3366 |
ee34e137
|
Phil Davis
|
$vpn['compression'] = "adaptive";
|
| 3367 |
751533a2
|
Phil Davis
|
}
|
| 3368 |
ee34e137
|
Phil Davis
|
}
|
| 3369 |
edba1982
|
jim-p
|
}
|
| 3370 |
ee34e137
|
Phil Davis
|
if (is_array($config['openvpn']['openvpn-client'])) {
|
| 3371 |
|
|
foreach ($config['openvpn']['openvpn-client'] as &$vpn) {
|
| 3372 |
751533a2
|
Phil Davis
|
if (!empty($vpn['compression'])) {
|
| 3373 |
ee34e137
|
Phil Davis
|
$vpn['compression'] = "adaptive";
|
| 3374 |
751533a2
|
Phil Davis
|
}
|
| 3375 |
ee34e137
|
Phil Davis
|
}
|
| 3376 |
edba1982
|
jim-p
|
}
|
| 3377 |
|
|
}
|
| 3378 |
|
|
}
|
| 3379 |
eef01b14
|
Renato Botelho
|
|
| 3380 |
|
|
function upgrade_102_to_103() {
|
| 3381 |
|
|
global $config;
|
| 3382 |
|
|
|
| 3383 |
|
|
if (isset($config['nat']['advancedoutbound']['enable'])) {
|
| 3384 |
|
|
$config['nat']['advancedoutbound']['mode'] = "advanced";
|
| 3385 |
|
|
unset($config['nat']['advancedoutbound']['enable']);
|
| 3386 |
751533a2
|
Phil Davis
|
} else {
|
| 3387 |
eef01b14
|
Renato Botelho
|
$config['nat']['advancedoutbound']['mode'] = "automatic";
|
| 3388 |
751533a2
|
Phil Davis
|
}
|
| 3389 |
eef01b14
|
Renato Botelho
|
|
| 3390 |
|
|
$config['nat']['outbound'] = $config['nat']['advancedoutbound'];
|
| 3391 |
|
|
|
| 3392 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['nat']['ipsecpassthru'])) {
|
| 3393 |
|
|
unset($config['nat']['ipsecpassthru']);
|
| 3394 |
|
|
}
|
| 3395 |
|
|
if (isset($config['nat']['advancedoutbound'])) {
|
| 3396 |
|
|
unset($config['nat']['advancedoutbound']);
|
| 3397 |
|
|
}
|
| 3398 |
eef01b14
|
Renato Botelho
|
}
|
| 3399 |
|
|
|
| 3400 |
7997ed44
|
Renato Botelho
|
function upgrade_103_to_104() {
|
| 3401 |
|
|
global $config;
|
| 3402 |
|
|
|
| 3403 |
|
|
$changed_privs = array(
|
| 3404 |
|
|
"page-diag-system-activity" => "page-diagnostics-system-activity",
|
| 3405 |
|
|
"page-interfacess-groups" => "page-interfaces-groups",
|
| 3406 |
|
|
"page-interfacess-lagg" => "page-interfaces-lagg",
|
| 3407 |
|
|
"page-interfacess-qinq" => "page-interfaces-qinq"
|
| 3408 |
|
|
);
|
| 3409 |
|
|
|
| 3410 |
|
|
/* update user privileges */
|
| 3411 |
|
|
foreach ($config['system']['user'] as & $user) {
|
| 3412 |
751533a2
|
Phil Davis
|
if (!is_array($user['priv'])) {
|
| 3413 |
7997ed44
|
Renato Botelho
|
continue;
|
| 3414 |
751533a2
|
Phil Davis
|
}
|
| 3415 |
7997ed44
|
Renato Botelho
|
foreach ($user['priv'] as & $priv) {
|
| 3416 |
751533a2
|
Phil Davis
|
if (array_key_exists($priv, $changed_privs)) {
|
| 3417 |
7997ed44
|
Renato Botelho
|
$priv = $changed_privs[$priv];
|
| 3418 |
751533a2
|
Phil Davis
|
}
|
| 3419 |
7997ed44
|
Renato Botelho
|
}
|
| 3420 |
|
|
}
|
| 3421 |
|
|
|
| 3422 |
|
|
/* update group privileges */
|
| 3423 |
|
|
foreach ($config['system']['group'] as & $group) {
|
| 3424 |
751533a2
|
Phil Davis
|
if (!is_array($group['priv'])) {
|
| 3425 |
7997ed44
|
Renato Botelho
|
continue;
|
| 3426 |
751533a2
|
Phil Davis
|
}
|
| 3427 |
7997ed44
|
Renato Botelho
|
foreach ($group['priv'] as & $priv) {
|
| 3428 |
751533a2
|
Phil Davis
|
if (array_key_exists($priv, $changed_privs)) {
|
| 3429 |
7997ed44
|
Renato Botelho
|
$priv = $changed_privs[$priv];
|
| 3430 |
751533a2
|
Phil Davis
|
}
|
| 3431 |
7997ed44
|
Renato Botelho
|
}
|
| 3432 |
|
|
}
|
| 3433 |
|
|
|
| 3434 |
|
|
/* sync all local account information */
|
| 3435 |
|
|
local_sync_accounts();
|
| 3436 |
|
|
}
|
| 3437 |
|
|
|
| 3438 |
0a806969
|
Ermal
|
function upgrade_104_to_105() {
|
| 3439 |
|
|
global $config;
|
| 3440 |
|
|
|
| 3441 |
|
|
if (is_array($config['captiveportal'])) {
|
| 3442 |
|
|
$zoneid = 2;
|
| 3443 |
|
|
foreach ($config['captiveportal'] as $cpzone => $cpcfg) {
|
| 3444 |
55fae310
|
Phil Davis
|
if (empty($cpcfg['zoneid'])) {
|
| 3445 |
0a806969
|
Ermal
|
$config['captiveportal'][$cpzone]['zoneid'] = $zoneid;
|
| 3446 |
|
|
$zoneid += 2;
|
| 3447 |
|
|
} else if ($cpcfg['zoneid'] > 4000) {
|
| 3448 |
|
|
$config['captiveportal'][$cpzone]['zoneid'] = $zoneid;
|
| 3449 |
|
|
$zoneid += 2;
|
| 3450 |
|
|
}
|
| 3451 |
|
|
}
|
| 3452 |
|
|
}
|
| 3453 |
|
|
}
|
| 3454 |
|
|
|
| 3455 |
e7d35d84
|
Ermal
|
function upgrade_105_to_106() {
|
| 3456 |
374f8c51
|
NewEraCracker
|
/* NOTE: This upgrade code was reverted. See redmine ticket #3967 and
|
| 3457 |
|
|
https://github.com/pfsense/pfsense/commit/6f55af1c25f5232ffe905a90f5f97aad4c87bdfa */
|
| 3458 |
e7d35d84
|
Ermal
|
}
|
| 3459 |
|
|
|
| 3460 |
31dce430
|
Ermal
|
function upgrade_106_to_107() {
|
| 3461 |
|
|
global $config;
|
| 3462 |
|
|
|
| 3463 |
|
|
if (is_array($config['filter']) && is_array($config['filter']['rule'])) {
|
| 3464 |
|
|
$tracker = (int)microtime(true);
|
| 3465 |
|
|
foreach ($config['filter']['rule'] as $ridx => $rule) {
|
| 3466 |
|
|
if (empty($rule['tracker'])) {
|
| 3467 |
|
|
$config['filter']['rule'][$ridx]['tracker'] = $tracker;
|
| 3468 |
|
|
$tracker++;
|
| 3469 |
|
|
}
|
| 3470 |
|
|
}
|
| 3471 |
|
|
unset($tracker, $ridx);
|
| 3472 |
|
|
}
|
| 3473 |
|
|
if (is_array($config['nat']) && is_array($config['nat']['rule'])) {
|
| 3474 |
|
|
$tracker = (int)microtime(true);
|
| 3475 |
|
|
foreach ($config['nat']['rule'] as $ridx => $rule) {
|
| 3476 |
|
|
if (empty($rule['tracker'])) {
|
| 3477 |
|
|
$config['nat']['rule'][$ridx]['tracker'] = $tracker;
|
| 3478 |
|
|
$tracker++;
|
| 3479 |
|
|
}
|
| 3480 |
|
|
}
|
| 3481 |
|
|
unset($tracker, $ridx);
|
| 3482 |
|
|
}
|
| 3483 |
|
|
}
|
| 3484 |
|
|
|
| 3485 |
08f30320
|
Renato Botelho
|
function upgrade_107_to_108() {
|
| 3486 |
|
|
global $config;
|
| 3487 |
|
|
|
| 3488 |
751533a2
|
Phil Davis
|
if (isset($config['system']['webgui']['noautocomplete'])) {
|
| 3489 |
08f30320
|
Renato Botelho
|
unset($config['system']['webgui']['noautocomplete']);
|
| 3490 |
751533a2
|
Phil Davis
|
} else {
|
| 3491 |
08f30320
|
Renato Botelho
|
$config['system']['webgui']['loginautocomplete'] = true;
|
| 3492 |
751533a2
|
Phil Davis
|
}
|
| 3493 |
08f30320
|
Renato Botelho
|
}
|
| 3494 |
|
|
|
| 3495 |
c15b5ed8
|
Renato Botelho
|
function upgrade_108_to_109() {
|
| 3496 |
|
|
global $config;
|
| 3497 |
|
|
|
| 3498 |
751533a2
|
Phil Davis
|
if (!isset($config['filter']['rule']) || !is_array($config['filter']['rule'])) {
|
| 3499 |
c15b5ed8
|
Renato Botelho
|
return;
|
| 3500 |
751533a2
|
Phil Davis
|
}
|
| 3501 |
c15b5ed8
|
Renato Botelho
|
|
| 3502 |
|
|
foreach ($config['filter']['rule'] as &$rule) {
|
| 3503 |
751533a2
|
Phil Davis
|
if (!isset($rule['dscp']) || empty($rule['dscp'])) {
|
| 3504 |
c15b5ed8
|
Renato Botelho
|
continue;
|
| 3505 |
751533a2
|
Phil Davis
|
}
|
| 3506 |
c15b5ed8
|
Renato Botelho
|
|
| 3507 |
|
|
$pos = strpos($rule['dscp'], ' ');
|
| 3508 |
751533a2
|
Phil Davis
|
if ($pos !== false) {
|
| 3509 |
c15b5ed8
|
Renato Botelho
|
$rule['dscp'] = substr($rule['dscp'], 0, $pos);
|
| 3510 |
751533a2
|
Phil Davis
|
}
|
| 3511 |
c15b5ed8
|
Renato Botelho
|
unset($pos);
|
| 3512 |
|
|
}
|
| 3513 |
|
|
}
|
| 3514 |
|
|
|
| 3515 |
9b915686
|
Ermal
|
function upgrade_109_to_110() {
|
| 3516 |
|
|
global $config;
|
| 3517 |
|
|
|
| 3518 |
751533a2
|
Phil Davis
|
if (!is_array($config['ipsec']) || !is_array($config['ipsec']['phase2'])) {
|
| 3519 |
9b915686
|
Ermal
|
return;
|
| 3520 |
751533a2
|
Phil Davis
|
}
|
| 3521 |
9b915686
|
Ermal
|
|
| 3522 |
|
|
foreach ($config['ipsec']['phase2'] as &$rule) {
|
| 3523 |
751533a2
|
Phil Davis
|
if (!empty($rule['uniqid'])) {
|
| 3524 |
9b915686
|
Ermal
|
continue;
|
| 3525 |
751533a2
|
Phil Davis
|
}
|
| 3526 |
9b915686
|
Ermal
|
|
| 3527 |
|
|
$rule['uniqid'] = uniqid();
|
| 3528 |
|
|
}
|
| 3529 |
|
|
}
|
| 3530 |
|
|
|
| 3531 |
3f257101
|
Renato Botelho
|
function upgrade_110_to_111() {
|
| 3532 |
|
|
global $config;
|
| 3533 |
|
|
|
| 3534 |
bdbb4dba
|
Renato Botelho
|
/* Make sure unbound user exist */
|
| 3535 |
|
|
mwexec('/usr/sbin/pw groupadd -n unbound -g 59', true);
|
| 3536 |
|
|
mwexec('/usr/sbin/pw useradd -n unbound -c "Unbound DNS Resolver" -d /var/unbound -s /usr/sbin/nologin -u 59 -g 59', true);
|
| 3537 |
|
|
|
| 3538 |
c11b7ffe
|
Renato Botelho
|
/* cleanup old unbound package stuffs */
|
| 3539 |
|
|
unlink_if_exists("/usr/local/pkg/unbound.xml");
|
| 3540 |
|
|
unlink_if_exists("/usr/local/pkg/unbound.inc");
|
| 3541 |
|
|
unlink_if_exists("/usr/local/pkg/unbound_advanced.xml");
|
| 3542 |
|
|
unlink_if_exists("/usr/local/www/unbound_status.php");
|
| 3543 |
|
|
unlink_if_exists("/usr/local/www/unbound_acls.php");
|
| 3544 |
|
|
unlink_if_exists("/usr/local/bin/unbound_monitor.sh");
|
| 3545 |
b4db2d0e
|
Renato Botelho
|
unlink_if_exists("/usr/local/etc/rc.d/unbound.sh");
|
| 3546 |
c11b7ffe
|
Renato Botelho
|
|
| 3547 |
|
|
/* Remove old menu and service entries */
|
| 3548 |
|
|
if (isset($config['installedpackages']['menu']) && is_array($config['installedpackages']['menu'])) {
|
| 3549 |
|
|
foreach ($config['installedpackages']['menu'] as $idx => $menu) {
|
| 3550 |
751533a2
|
Phil Davis
|
if ($menu['name'] != 'Unbound DNS') {
|
| 3551 |
c11b7ffe
|
Renato Botelho
|
continue;
|
| 3552 |
751533a2
|
Phil Davis
|
}
|
| 3553 |
c11b7ffe
|
Renato Botelho
|
|
| 3554 |
|
|
unset($config['installedpackages']['menu'][$idx]);
|
| 3555 |
|
|
break;
|
| 3556 |
|
|
}
|
| 3557 |
|
|
}
|
| 3558 |
|
|
|
| 3559 |
|
|
if (isset($config['installedpackages']['service']) && is_array($config['installedpackages']['service'])) {
|
| 3560 |
|
|
foreach ($config['installedpackages']['service'] as $idx => $service) {
|
| 3561 |
751533a2
|
Phil Davis
|
if ($service['name'] != 'unbound') {
|
| 3562 |
c11b7ffe
|
Renato Botelho
|
continue;
|
| 3563 |
751533a2
|
Phil Davis
|
}
|
| 3564 |
c11b7ffe
|
Renato Botelho
|
unset($config['installedpackages']['service'][$idx]);
|
| 3565 |
|
|
break;
|
| 3566 |
|
|
}
|
| 3567 |
|
|
}
|
| 3568 |
|
|
|
| 3569 |
751533a2
|
Phil Davis
|
if (!isset($config['installedpackages']['unbound']['config'][0])) {
|
| 3570 |
3f257101
|
Renato Botelho
|
return;
|
| 3571 |
751533a2
|
Phil Davis
|
}
|
| 3572 |
3f257101
|
Renato Botelho
|
|
| 3573 |
|
|
$pkg = $config['installedpackages']['unbound']['config'][0];
|
| 3574 |
|
|
|
| 3575 |
751533a2
|
Phil Davis
|
if (isset($config['installedpackages']['unboundadvanced']['config'][0])) {
|
| 3576 |
3f257101
|
Renato Botelho
|
$pkg = array_merge($pkg, $config['installedpackages']['unboundadvanced']['config'][0]);
|
| 3577 |
751533a2
|
Phil Davis
|
}
|
| 3578 |
3f257101
|
Renato Botelho
|
|
| 3579 |
|
|
$new = array();
|
| 3580 |
|
|
|
| 3581 |
|
|
/* deal first with boolean fields */
|
| 3582 |
|
|
$fields = array(
|
| 3583 |
|
|
"enable" => "enable",
|
| 3584 |
|
|
"dnssec_status" => "dnssec",
|
| 3585 |
|
|
"forwarding_mode" => "forwarding",
|
| 3586 |
|
|
"regdhcp" => "regdhcp",
|
| 3587 |
|
|
"regdhcpstatic" => "regdhcpstatic",
|
| 3588 |
|
|
"txtsupport" => "txtsupport",
|
| 3589 |
|
|
"hide_id" => "hideidentity",
|
| 3590 |
|
|
"hide_version" => "hideversion",
|
| 3591 |
|
|
"prefetch" => "prefetch",
|
| 3592 |
|
|
"prefetch_key" => "prefetchkey",
|
| 3593 |
|
|
"harden_glue" => "hardenglue",
|
| 3594 |
|
|
"harden_dnssec_stripped" => "dnssec_stripped");
|
| 3595 |
|
|
|
| 3596 |
|
|
foreach ($fields as $oldk => $newk) {
|
| 3597 |
|
|
if (isset($pkg[$oldk])) {
|
| 3598 |
751533a2
|
Phil Davis
|
if ($pkg[$oldk] == 'on') {
|
| 3599 |
3f257101
|
Renato Botelho
|
$new[$newk] = true;
|
| 3600 |
751533a2
|
Phil Davis
|
}
|
| 3601 |
3f257101
|
Renato Botelho
|
unset($pkg[$oldk]);
|
| 3602 |
|
|
}
|
| 3603 |
|
|
}
|
| 3604 |
|
|
|
| 3605 |
|
|
$fields = array(
|
| 3606 |
|
|
"active_interface" => "network_interface",
|
| 3607 |
|
|
"query_interface" => "outgoing_interface",
|
| 3608 |
|
|
"unbound_verbosity" => "log_verbosity",
|
| 3609 |
|
|
"msg_cache_size" => "msgcachesize",
|
| 3610 |
|
|
"outgoing_num_tcp" => "outgoing_num_tcp",
|
| 3611 |
|
|
"incoming_num_tcp" => "incoming_num_tcp",
|
| 3612 |
|
|
"edns_buffer_size" => "edns_buffer_size",
|
| 3613 |
|
|
"num_queries_per_thread" => "num_queries_per_thread",
|
| 3614 |
|
|
"jostle_timeout" => "jostle_timeout",
|
| 3615 |
|
|
"cache_max_ttl" => "cache_max_ttl",
|
| 3616 |
|
|
"cache_min_ttl" => "cache_min_ttl",
|
| 3617 |
|
|
"infra_host_ttl" => "infra_host_ttl",
|
| 3618 |
|
|
"infra_cache_numhosts" => "infra_cache_numhosts",
|
| 3619 |
|
|
"unwanted_reply_threshold" => "unwanted_reply_threshold",
|
| 3620 |
|
|
"custom_options" => "custom_options");
|
| 3621 |
|
|
|
| 3622 |
|
|
foreach ($fields as $oldk => $newk) {
|
| 3623 |
|
|
if (isset($pkg[$oldk])) {
|
| 3624 |
|
|
$new[$newk] = $pkg[$oldk];
|
| 3625 |
|
|
unset($pkg[$oldk]);
|
| 3626 |
|
|
}
|
| 3627 |
|
|
}
|
| 3628 |
|
|
|
| 3629 |
751533a2
|
Phil Davis
|
if (isset($new['custom_options']) && !empty($new['custom_options'])) {
|
| 3630 |
fbf3d06e
|
Renato Botelho
|
$new['custom_options'] = str_replace("\r\n", "\n", $new['custom_options']);
|
| 3631 |
751533a2
|
Phil Davis
|
}
|
| 3632 |
c23f4d8f
|
Renato Botelho
|
|
| 3633 |
3f257101
|
Renato Botelho
|
/* Following options were removed, bring them as custom_options */
|
| 3634 |
|
|
if (isset($pkg['stats']) && $pkg['stats'] == "on") {
|
| 3635 |
751533a2
|
Phil Davis
|
if (isset($pkg['stats_interval'])) {
|
| 3636 |
387ab31a
|
Renato Botelho
|
$new['custom_options'] .= (empty($new['custom_options']) ? "" : "\n") . "statistics-interval: {$pkg['stats_interval']}";
|
| 3637 |
751533a2
|
Phil Davis
|
}
|
| 3638 |
|
|
if (isset($pkg['cumulative_stats'])) {
|
| 3639 |
387ab31a
|
Renato Botelho
|
$new['custom_options'] .= (empty($new['custom_options']) ? "" : "\n") . "statistics-cumulative: {$pkg['cumulative_stats']}";
|
| 3640 |
751533a2
|
Phil Davis
|
}
|
| 3641 |
|
|
if (isset($pkg['extended_stats']) && $pkg['extended_stats'] == "on") {
|
| 3642 |
387ab31a
|
Renato Botelho
|
$new['custom_options'] .= (empty($new['custom_options']) ? "" : "\n") . "extended-statistics: yes";
|
| 3643 |
751533a2
|
Phil Davis
|
} else {
|
| 3644 |
387ab31a
|
Renato Botelho
|
$new['custom_options'] .= (empty($new['custom_options']) ? "" : "\n") . "extended-statistics: no";
|
| 3645 |
751533a2
|
Phil Davis
|
}
|
| 3646 |
3f257101
|
Renato Botelho
|
}
|
| 3647 |
|
|
|
| 3648 |
|
|
$new['acls'] = array();
|
| 3649 |
|
|
if (isset($config['installedpackages']['unboundacls']['config']) &&
|
| 3650 |
|
|
is_array($config['installedpackages']['unboundacls']['config'])) {
|
| 3651 |
751533a2
|
Phil Davis
|
foreach ($config['installedpackages']['unboundacls']['config'] as $acl) {
|
| 3652 |
3f257101
|
Renato Botelho
|
$new['acls'][] = $acl;
|
| 3653 |
751533a2
|
Phil Davis
|
}
|
| 3654 |
3f257101
|
Renato Botelho
|
}
|
| 3655 |
|
|
|
| 3656 |
|
|
$config['unbound'] = $new;
|
| 3657 |
|
|
|
| 3658 |
751533a2
|
Phil Davis
|
if (isset($config['installedpackages']['unbound'])) {
|
| 3659 |
3f257101
|
Renato Botelho
|
unset($config['installedpackages']['unbound']);
|
| 3660 |
751533a2
|
Phil Davis
|
}
|
| 3661 |
|
|
if (isset($config['installedpackages']['unboundadvanced'])) {
|
| 3662 |
3f257101
|
Renato Botelho
|
unset($config['installedpackages']['unboundadvanced']);
|
| 3663 |
751533a2
|
Phil Davis
|
}
|
| 3664 |
|
|
if (isset($config['installedpackages']['unboundacls'])) {
|
| 3665 |
3f257101
|
Renato Botelho
|
unset($config['installedpackages']['unboundacls']);
|
| 3666 |
751533a2
|
Phil Davis
|
}
|
| 3667 |
3f257101
|
Renato Botelho
|
|
| 3668 |
|
|
unset($pkg, $new);
|
| 3669 |
|
|
}
|
| 3670 |
|
|
|
| 3671 |
b0885c5a
|
Renato Botelho
|
function upgrade_111_to_112() {
|
| 3672 |
|
|
global $config;
|
| 3673 |
|
|
|
| 3674 |
|
|
$config['cron']['item'][] = array(
|
| 3675 |
|
|
'minute' => '*/60',
|
| 3676 |
|
|
'hour' => '*',
|
| 3677 |
|
|
'mday' => '*',
|
| 3678 |
|
|
'month' => '*',
|
| 3679 |
|
|
'wday' => '*',
|
| 3680 |
|
|
'who' => 'root',
|
| 3681 |
|
|
'command' => '/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 webConfiguratorlockout'
|
| 3682 |
|
|
);
|
| 3683 |
|
|
}
|
| 3684 |
|
|
|
| 3685 |
ccf30846
|
Renato Botelho
|
function upgrade_112_to_113() {
|
| 3686 |
|
|
global $config;
|
| 3687 |
|
|
|
| 3688 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['notifications']['smtp']['ssl'])) {
|
| 3689 |
|
|
if ($config['notifications']['smtp']['ssl'] == "checked") {
|
| 3690 |
|
|
$config['notifications']['smtp']['ssl'] = true;
|
| 3691 |
|
|
} else {
|
| 3692 |
|
|
unset($config['notifications']['smtp']['ssl']);
|
| 3693 |
|
|
}
|
| 3694 |
751533a2
|
Phil Davis
|
}
|
| 3695 |
ccf30846
|
Renato Botelho
|
|
| 3696 |
fa6e5ba5
|
Phil Davis
|
if (isset($config['notifications']['smtp']['tls'])) {
|
| 3697 |
|
|
if ($config['notifications']['smtp']['tls'] == "checked") {
|
| 3698 |
|
|
$config['notifications']['smtp']['tls'] = true;
|
| 3699 |
|
|
} else {
|
| 3700 |
|
|
unset($config['notifications']['smtp']['tls']);
|
| 3701 |
|
|
}
|
| 3702 |
751533a2
|
Phil Davis
|
}
|
| 3703 |
ccf30846
|
Renato Botelho
|
}
|
| 3704 |
|
|
|
| 3705 |
368d4910
|
Renato Botelho
|
function upgrade_113_to_114() {
|
| 3706 |
|
|
global $config;
|
| 3707 |
|
|
|
| 3708 |
|
|
if (!isset($config['ipsec']['phase1']) ||
|
| 3709 |
751533a2
|
Phil Davis
|
!is_array($config['ipsec']['phase1'])) {
|
| 3710 |
368d4910
|
Renato Botelho
|
return;
|
| 3711 |
751533a2
|
Phil Davis
|
}
|
| 3712 |
368d4910
|
Renato Botelho
|
|
| 3713 |
751533a2
|
Phil Davis
|
foreach ($config['ipsec']['phase1'] as &$ph1ent) {
|
| 3714 |
|
|
if (!isset($ph1ent['iketype'])) {
|
| 3715 |
368d4910
|
Renato Botelho
|
$ph1ent['iketype'] = 'ikev1';
|
| 3716 |
751533a2
|
Phil Davis
|
}
|
| 3717 |
|
|
}
|
| 3718 |
368d4910
|
Renato Botelho
|
}
|
| 3719 |
|
|
|
| 3720 |
cfb5073f
|
Renato Botelho
|
function upgrade_114_to_115() {
|
| 3721 |
|
|
global $config;
|
| 3722 |
|
|
|
| 3723 |
751533a2
|
Phil Davis
|
if (isset($config['unbound']['custom_options'])) {
|
| 3724 |
cfb5073f
|
Renato Botelho
|
$config['unbound']['custom_options'] = base64_encode($config['unbound']['custom_options']);
|
| 3725 |
751533a2
|
Phil Davis
|
}
|
| 3726 |
cfb5073f
|
Renato Botelho
|
}
|
| 3727 |
|
|
|
| 3728 |
1fe208ec
|
Ermal LUÇI
|
function upgrade_115_to_116() {
|
| 3729 |
|
|
global $config;
|
| 3730 |
|
|
|
| 3731 |
751533a2
|
Phil Davis
|
if (!is_array($config['ipsec']) || !is_array($config['ipsec']['phase2'])) {
|
| 3732 |
|
|
return;
|
| 3733 |
|
|
}
|
| 3734 |
1fe208ec
|
Ermal LUÇI
|
|
| 3735 |
751533a2
|
Phil Davis
|
$keyid = 1;
|
| 3736 |
|
|
foreach ($config['ipsec']['phase2'] as $idx => $ph2) {
|
| 3737 |
|
|
$config['ipsec']['phase2'][$idx]['reqid'] = $keyid;
|
| 3738 |
1fe208ec
|
Ermal LUÇI
|
$keyid++;
|
| 3739 |
|
|
}
|
| 3740 |
|
|
}
|
| 3741 |
|
|
|
| 3742 |
b997da8b
|
xbipin
|
function upgrade_116_to_117() {
|
| 3743 |
751533a2
|
Phil Davis
|
global $config;
|
| 3744 |
b997da8b
|
xbipin
|
|
| 3745 |
877740ee
|
Renato Botelho
|
if (!isset($config['ipsec']['client']) ||
|
| 3746 |
|
|
!isset($config['ipsec']['client']['dns_split']) ||
|
| 3747 |
|
|
empty($config['ipsec']['client']['dns_split'])) {
|
| 3748 |
|
|
return;
|
| 3749 |
|
|
}
|
| 3750 |
|
|
|
| 3751 |
|
|
$config['ipsec']['client']['dns_split'] =
|
| 3752 |
|
|
preg_replace('/\s*,\s*/', ' ', trim($config['ipsec']['client']['dns_split']));
|
| 3753 |
74eaabbb
|
Ermal LUÇI
|
|
| 3754 |
877740ee
|
Renato Botelho
|
}
|
| 3755 |
|
|
|
| 3756 |
|
|
function upgrade_117_to_118() {
|
| 3757 |
|
|
global $config;
|
| 3758 |
|
|
|
| 3759 |
564f1356
|
Phil Davis
|
// Unset any old CA and Cert in the system section that might still be there from when upgrade_066_to_067 did not unset them.
|
| 3760 |
|
|
if (isset($config['system']['ca'])) {
|
| 3761 |
|
|
unset($config['system']['ca']);
|
| 3762 |
|
|
}
|
| 3763 |
|
|
if (isset($config['system']['cert'])) {
|
| 3764 |
|
|
unset($config['system']['cert']);
|
| 3765 |
|
|
}
|
| 3766 |
|
|
|
| 3767 |
faaab088
|
Renato Botelho
|
if (!isset($config['ipsec']['phase1'])) {
|
| 3768 |
|
|
return;
|
| 3769 |
|
|
}
|
| 3770 |
|
|
|
| 3771 |
|
|
$a_phase1 =& $config['ipsec']['phase1'];
|
| 3772 |
|
|
|
| 3773 |
|
|
foreach ($a_phase1 as &$ph1_entry) {
|
| 3774 |
6990ad35
|
Phil Davis
|
// update asn1dn strings from racoon's format to strongswan's
|
| 3775 |
faaab088
|
Renato Botelho
|
if (isset($ph1_entry['myid_type']) && $ph1_entry['myid_type'] == 'asn1dn') {
|
| 3776 |
|
|
$ph1_entry['myid_data'] =
|
| 3777 |
|
|
preg_replace('/\/\s*emailAddress\s*=\s*/', ', E=', $ph1_entry['myid_data']);
|
| 3778 |
|
|
}
|
| 3779 |
|
|
if (isset($ph1_entry['peerid_type']) && $ph1_entry['peerid_type'] == 'asn1dn') {
|
| 3780 |
|
|
$ph1_entry['peerid_data'] =
|
| 3781 |
|
|
preg_replace('/\/\s*emailAddress\s*=\s*/', ', E=', $ph1_entry['peerid_data']);
|
| 3782 |
|
|
}
|
| 3783 |
|
|
}
|
| 3784 |
|
|
}
|
| 3785 |
|
|
|
| 3786 |
|
|
function upgrade_118_to_119() {
|
| 3787 |
|
|
global $config;
|
| 3788 |
|
|
|
| 3789 |
0538cfa2
|
jim-p
|
if (!isset($config['ipsec']['phase1'])) {
|
| 3790 |
|
|
return;
|
| 3791 |
|
|
}
|
| 3792 |
2da055f0
|
Chris Buechler
|
|
| 3793 |
8691632c
|
Chris Buechler
|
// change peerid_type to 'any' for EAP types to retain previous behavior of omitting rightid
|
| 3794 |
|
|
$a_phase1 =& $config['ipsec']['phase1'];
|
| 3795 |
|
|
|
| 3796 |
|
|
foreach ($a_phase1 as &$ph1_entry) {
|
| 3797 |
|
|
if (strstr($ph1_entry['authentication_method'], 'eap')) {
|
| 3798 |
6990ad35
|
Phil Davis
|
$ph1_entry['peerid_type'] = "any";
|
| 3799 |
8691632c
|
Chris Buechler
|
}
|
| 3800 |
|
|
}
|
| 3801 |
|
|
}
|
| 3802 |
|
|
|
| 3803 |
|
|
function upgrade_119_to_120() {
|
| 3804 |
5d714d9c
|
jim-p
|
require_once("ipsec.inc");
|
| 3805 |
c53e411f
|
Matt Smith
|
global $config, $ipsec_log_cats;
|
| 3806 |
|
|
|
| 3807 |
|
|
if (!is_array($config['ipsec'])) {
|
| 3808 |
|
|
return;
|
| 3809 |
|
|
}
|
| 3810 |
|
|
|
| 3811 |
|
|
// add 1 to configured log levels as part of redmine #5340
|
| 3812 |
|
|
foreach ($ipsec_log_cats as $lkey => $ldescr) {
|
| 3813 |
|
|
if (isset($config['ipsec']["ipsec_{$lkey}"])) {
|
| 3814 |
|
|
$config['ipsec']["ipsec_{$lkey}"] = $config['ipsec']["ipsec_{$lkey}"] + 1;
|
| 3815 |
|
|
}
|
| 3816 |
|
|
}
|
| 3817 |
|
|
|
| 3818 |
|
|
}
|
| 3819 |
|
|
|
| 3820 |
|
|
|
| 3821 |
|
|
function upgrade_120_to_121() {
|
| 3822 |
8691632c
|
Chris Buechler
|
global $config;
|
| 3823 |
|
|
|
| 3824 |
751533a2
|
Phil Davis
|
if (!isset($config['installedpackages']['miniupnpd']['config'][0])) {
|
| 3825 |
ee874f47
|
xbipin
|
return;
|
| 3826 |
751533a2
|
Phil Davis
|
}
|
| 3827 |
b997da8b
|
xbipin
|
|
| 3828 |
ee874f47
|
xbipin
|
$miniupnpd =& $config['installedpackages']['miniupnpd']['config'][0];
|
| 3829 |
b997da8b
|
xbipin
|
|
| 3830 |
ee874f47
|
xbipin
|
$miniupnpd['row'] = array();
|
| 3831 |
b997da8b
|
xbipin
|
|
| 3832 |
ee874f47
|
xbipin
|
for ($i = 1; $i <= 4; $i++) {
|
| 3833 |
751533a2
|
Phil Davis
|
if (isset($miniupnpd["permuser{$i}"]) && !empty($miniupnpd["permuser{$i}"])) {
|
| 3834 |
ee874f47
|
xbipin
|
$miniupnpd['row'][] = array('permuser' => $miniupnpd["permuser{$i}"]);
|
| 3835 |
751533a2
|
Phil Davis
|
}
|
| 3836 |
ee874f47
|
xbipin
|
unset($miniupnpd["permuser{$i}"]);
|
| 3837 |
|
|
}
|
| 3838 |
b997da8b
|
xbipin
|
}
|
| 3839 |
751533a2
|
Phil Davis
|
|
| 3840 |
c53e411f
|
Matt Smith
|
function upgrade_121_to_122() {
|
| 3841 |
8e717058
|
Jim Thompson
|
global $config;
|
| 3842 |
|
|
foreach ($config['system']['user'] as &$user) {
|
| 3843 |
|
|
if (isset($user['nt-hash'])) {
|
| 3844 |
|
|
unset($user['nt-hash']);
|
| 3845 |
|
|
}
|
| 3846 |
|
|
}
|
| 3847 |
|
|
}
|
| 3848 |
|
|
|
| 3849 |
c53e411f
|
Matt Smith
|
function upgrade_122_to_123() {
|
| 3850 |
c9d46a8e
|
Renato Botelho
|
global $config;
|
| 3851 |
|
|
|
| 3852 |
|
|
// PPTP server was removed
|
| 3853 |
|
|
if (isset($config['pptpd'])) {
|
| 3854 |
|
|
unset($config['pptpd']);
|
| 3855 |
|
|
}
|
| 3856 |
|
|
|
| 3857 |
|
|
// Cleanup firewall rules
|
| 3858 |
|
|
if (isset($config['filter']['rule']) && is_array($config['filter']['rule'])) {
|
| 3859 |
2975a608
|
Renato Botelho
|
$rules =& $config['filter']['rule'];
|
| 3860 |
c9d46a8e
|
Renato Botelho
|
$last_rule = count($rules) - 1;
|
| 3861 |
|
|
// Process in reverse order to be able to unset items
|
| 3862 |
|
|
for ($i = $last_rule; $i >= 0; $i--) {
|
| 3863 |
2975a608
|
Renato Botelho
|
if (isset($rules[$i]['interface']) && $rules[$i]['interface'] == 'pptp') {
|
| 3864 |
|
|
unset($config['filter']['rule'][$i]);
|
| 3865 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3866 |
|
|
}
|
| 3867 |
2975a608
|
Renato Botelho
|
if (isset($rules[$i]['source']['network']) && $rules[$i]['source']['network'] == 'pptp') {
|
| 3868 |
|
|
unset($config['filter']['rule'][$i]);
|
| 3869 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3870 |
|
|
}
|
| 3871 |
2975a608
|
Renato Botelho
|
if (isset($rules[$i]['destination']['network']) && $rules[$i]['destination']['network'] == 'pptp') {
|
| 3872 |
|
|
unset($config['filter']['rule'][$i]);
|
| 3873 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3874 |
|
|
}
|
| 3875 |
|
|
}
|
| 3876 |
|
|
}
|
| 3877 |
|
|
|
| 3878 |
|
|
// Cleanup 1:1 NAT rules
|
| 3879 |
|
|
if (isset($config['nat']['onetoone']) && is_array($config['nat']['onetoone'])) {
|
| 3880 |
|
|
$onetoone =& $config['nat']['onetoone'];
|
| 3881 |
2975a608
|
Renato Botelho
|
$last_rule = count($onetoone) - 1;
|
| 3882 |
c9d46a8e
|
Renato Botelho
|
// Process in reverse order to be able to unset items
|
| 3883 |
|
|
for ($i = $last_rule; $i >= 0; $i--) {
|
| 3884 |
2975a608
|
Renato Botelho
|
if (isset($onetoone[$i]['interface']) && $onetoone[$i]['interface'] == 'pptp') {
|
| 3885 |
|
|
unset($config['nat']['onetoone'][$i]);
|
| 3886 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3887 |
|
|
}
|
| 3888 |
2975a608
|
Renato Botelho
|
if (isset($onetoone[$i]['source']['network']) && $onetoone[$i]['source']['network'] == 'pptp') {
|
| 3889 |
|
|
unset($config['nat']['onetoone'][$i]);
|
| 3890 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3891 |
|
|
}
|
| 3892 |
2975a608
|
Renato Botelho
|
if (isset($onetoone[$i]['destination']['network']) && $onetoone[$i]['destination']['network'] == 'pptp') {
|
| 3893 |
|
|
unset($config['nat']['onetoone'][$i]);
|
| 3894 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3895 |
|
|
}
|
| 3896 |
|
|
}
|
| 3897 |
|
|
}
|
| 3898 |
|
|
|
| 3899 |
|
|
// Cleanup npt NAT rules
|
| 3900 |
|
|
if (isset($config['nat']['npt']) && is_array($config['nat']['npt'])) {
|
| 3901 |
|
|
$npt =& $config['nat']['npt'];
|
| 3902 |
|
|
$last_rule = count($npt) - 1;
|
| 3903 |
|
|
// Process in reverse order to be able to unset items
|
| 3904 |
|
|
for ($i = $last_rule; $i >= 0; $i--) {
|
| 3905 |
2975a608
|
Renato Botelho
|
if (isset($npt[$i]['interface']) && $npt[$i]['interface'] == 'pptp') {
|
| 3906 |
|
|
unset($config['nat']['npt'][$i]);
|
| 3907 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3908 |
|
|
}
|
| 3909 |
|
|
}
|
| 3910 |
|
|
}
|
| 3911 |
|
|
|
| 3912 |
|
|
// Cleanup Port-forward NAT rules
|
| 3913 |
|
|
if (isset($config['nat']['rule']) && is_array($config['nat']['rule'])) {
|
| 3914 |
2975a608
|
Renato Botelho
|
$nat_rules =& $config['nat']['rule'];
|
| 3915 |
c9d46a8e
|
Renato Botelho
|
$last_rule = count($nat_rules) - 1;
|
| 3916 |
|
|
// Process in reverse order to be able to unset items
|
| 3917 |
|
|
for ($i = $last_rule; $i >= 0; $i--) {
|
| 3918 |
2975a608
|
Renato Botelho
|
if (isset($nat_rules[$i]['interface']) && $nat_rules[$i]['interface'] == 'pptp') {
|
| 3919 |
|
|
unset($config['nat']['rule'][$i]);
|
| 3920 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3921 |
|
|
}
|
| 3922 |
2975a608
|
Renato Botelho
|
if (isset($nat_rules[$i]['source']['network']) && $nat_rules[$i]['source']['network'] == 'pptp') {
|
| 3923 |
|
|
unset($config['nat']['rule'][$i]);
|
| 3924 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3925 |
|
|
}
|
| 3926 |
2975a608
|
Renato Botelho
|
if (isset($nat_rules[$i]['destination']['network']) && $nat_rules[$i]['destination']['network'] == 'pptp') {
|
| 3927 |
|
|
unset($config['nat']['rule'][$i]);
|
| 3928 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3929 |
|
|
}
|
| 3930 |
|
|
}
|
| 3931 |
|
|
}
|
| 3932 |
|
|
|
| 3933 |
|
|
// Cleanup Port-forward NAT rules
|
| 3934 |
|
|
if (isset($config['nat']['outbound']['rule']) && is_array($config['nat']['outbound']['rule'])) {
|
| 3935 |
2975a608
|
Renato Botelho
|
$out_rules =& $config['nat']['outbound']['rule'];
|
| 3936 |
c9d46a8e
|
Renato Botelho
|
$last_rule = count($out_rules) - 1;
|
| 3937 |
|
|
// Process in reverse order to be able to unset items
|
| 3938 |
|
|
for ($i = $last_rule; $i >= 0; $i--) {
|
| 3939 |
2975a608
|
Renato Botelho
|
if (isset($out_rules[$i]['interface']) && $out_rules[$i]['interface'] == 'pptp') {
|
| 3940 |
|
|
unset($config['nat']['outbound']['rule'][$i]);
|
| 3941 |
c9d46a8e
|
Renato Botelho
|
continue;
|
| 3942 |
|
|
}
|
| 3943 |
|
|
}
|
| 3944 |
|
|
}
|
| 3945 |
|
|
}
|
| 3946 |
|
|
|
| 3947 |
c53e411f
|
Matt Smith
|
function upgrade_123_to_124() {
|
| 3948 |
0cdb94e1
|
Renato Botelho
|
if (isset($config['system']['altpkgrepo'])) {
|
| 3949 |
|
|
unset($config['system']['altpkgrepo']);
|
| 3950 |
|
|
}
|
| 3951 |
cf093b35
|
Renato Botelho
|
|
| 3952 |
|
|
if (isset($config['theme'])) {
|
| 3953 |
|
|
unset($config['theme']);
|
| 3954 |
|
|
}
|
| 3955 |
0cdb94e1
|
Renato Botelho
|
}
|
| 3956 |
|
|
|
| 3957 |
c53e411f
|
Matt Smith
|
function upgrade_124_to_125() {
|
| 3958 |
b061a3c6
|
Matt Smith
|
global $config;
|
| 3959 |
|
|
|
| 3960 |
|
|
/* Find interfaces with WEP configured. */
|
| 3961 |
|
|
foreach ($config['interfaces'] as $ifname => $intf) {
|
| 3962 |
|
|
if (!is_array($intf['wireless'])) {
|
| 3963 |
|
|
continue;
|
| 3964 |
|
|
}
|
| 3965 |
|
|
|
| 3966 |
|
|
/* Generate a notice, disable interface, remove WEP settings */
|
| 3967 |
|
|
if (isset($intf['wireless']['wep']['enable'])) {
|
| 3968 |
5679253c
|
Renato Botelho
|
if (!function_exists("file_notice")) {
|
| 3969 |
|
|
require_once("notices.inc");
|
| 3970 |
|
|
}
|
| 3971 |
51a14c58
|
Phil Davis
|
file_notice("WirelessSettings", sprintf(gettext("WEP is no longer supported. It will be disabled on the %s interface and the interface will be disabled. Please reconfigure the interface."), $ifname));
|
| 3972 |
b37b4034
|
Phil Davis
|
unset($config['interfaces'][$ifname]['wireless']['wep']);
|
| 3973 |
b061a3c6
|
Matt Smith
|
if (isset($intf['enable'])) {
|
| 3974 |
|
|
unset($config['interfaces'][$ifname]['enable']);
|
| 3975 |
|
|
}
|
| 3976 |
|
|
}
|
| 3977 |
|
|
}
|
| 3978 |
|
|
}
|
| 3979 |
b37b4034
|
Phil Davis
|
|
| 3980 |
c53e411f
|
Matt Smith
|
function upgrade_125_to_126() {
|
| 3981 |
4df73fa0
|
Matt Smith
|
require_once("ipsec.inc");
|
| 3982 |
c53e411f
|
Matt Smith
|
global $config, $ipsec_log_cats, $ipsec_log_sevs;
|
| 3983 |
|
|
|
| 3984 |
|
|
$def_loglevel = 1;
|
| 3985 |
|
|
if (!is_array($config['ipsec'])) {
|
| 3986 |
|
|
return;
|
| 3987 |
|
|
}
|
| 3988 |
|
|
|
| 3989 |
|
|
if (!isset($config['ipsec']['logging']) || !is_array($config['ipsec']['logging'])) {
|
| 3990 |
|
|
$config['ipsec']['logging'] = array();
|
| 3991 |
|
|
}
|
| 3992 |
|
|
|
| 3993 |
|
|
/* subtract 2 from ipsec log levels. the value stored in the config.xml
|
| 3994 |
|
|
* will now match the strongswan level exactly.
|
| 3995 |
|
|
*/
|
| 3996 |
4e322e2c
|
Phil Davis
|
foreach (array_keys($ipsec_log_cats) as $cat) {
|
| 3997 |
c53e411f
|
Matt Smith
|
if (!isset($config['ipsec']["ipsec_{$cat}"])) {
|
| 3998 |
|
|
$new_level = $def_loglevel;
|
| 3999 |
|
|
} else {
|
| 4000 |
|
|
$new_level = intval($config['ipsec']["ipsec_{$cat}"]) - 2;
|
| 4001 |
|
|
}
|
| 4002 |
|
|
|
| 4003 |
|
|
if (in_array($new_level, array_keys($ipsec_log_sevs))) {
|
| 4004 |
|
|
$config['ipsec']['logging'][$cat] = $new_level;
|
| 4005 |
|
|
} else {
|
| 4006 |
|
|
$config['ipsec']['logging'][$cat] = $def_loglevel;
|
| 4007 |
|
|
}
|
| 4008 |
|
|
unset($config['ipsec']["ipsec_{$cat}"]);
|
| 4009 |
|
|
}
|
| 4010 |
|
|
}
|
| 4011 |
|
|
|
| 4012 |
1fd9322b
|
Stephen Beaver
|
// prior to v2.3 <widgets><sequence> contains a list of widgets with display types:
|
| 4013 |
|
|
// none, close, hide, & show
|
| 4014 |
|
|
// v2.3 & later uses:
|
| 4015 |
|
|
// close & open
|
| 4016 |
|
|
// widgets not in use are simply not in the list
|
| 4017 |
|
|
function upgrade_126_to_127() {
|
| 4018 |
|
|
global $config;
|
| 4019 |
|
|
|
| 4020 |
|
|
if (!isset($config['widgets']['sequence'])) {
|
| 4021 |
|
|
return;
|
| 4022 |
|
|
}
|
| 4023 |
|
|
|
| 4024 |
|
|
$cur_widgets = explode(',', trim($config['widgets']['sequence']));
|
| 4025 |
|
|
$new_widgets = array();
|
| 4026 |
|
|
|
| 4027 |
|
|
foreach ($cur_widgets as $widget) {
|
| 4028 |
|
|
list($file, $col, $display) = explode(':', $widget);
|
| 4029 |
|
|
|
| 4030 |
|
|
switch ($display) {
|
| 4031 |
153e3ac2
|
Stephen Beaver
|
case 'hide':
|
| 4032 |
|
|
$display = 'close';
|
| 4033 |
|
|
break;
|
| 4034 |
|
|
case 'show':
|
| 4035 |
|
|
$display = 'open';
|
| 4036 |
|
|
break;
|
| 4037 |
c8b0a653
|
Stephen Beaver
|
case 'open':
|
| 4038 |
|
|
break;
|
| 4039 |
153e3ac2
|
Stephen Beaver
|
default:
|
| 4040 |
|
|
continue 2;
|
| 4041 |
1fd9322b
|
Stephen Beaver
|
}
|
| 4042 |
|
|
|
| 4043 |
|
|
/* Remove '-container' from widget name */
|
| 4044 |
|
|
$file = preg_replace('/-container$/', '', $file);
|
| 4045 |
|
|
|
| 4046 |
|
|
$new_widgets[] = "{$file}:{$col}:{$display}";
|
| 4047 |
|
|
}
|
| 4048 |
|
|
|
| 4049 |
|
|
$config['widgets']['sequence'] = implode(',', $new_widgets);
|
| 4050 |
|
|
|
| 4051 |
|
|
}
|
| 4052 |
b061a3c6
|
Matt Smith
|
|
| 4053 |
2073c2d5
|
Phil Davis
|
function upgrade_127_to_128() {
|
| 4054 |
|
|
global $config;
|
| 4055 |
|
|
|
| 4056 |
|
|
// If bindip is not already specified then migrate the old SNMP bindlan flag to a bindip setting
|
| 4057 |
|
|
if (isset($config['snmpd']['bindlan'])) {
|
| 4058 |
|
|
if (!isset($config['snmpd']['bindip'])) {
|
| 4059 |
|
|
$config['snmpd']['bindip'] = 'lan';
|
| 4060 |
|
|
}
|
| 4061 |
|
|
unset($config['snmpd']['bindlan']);
|
| 4062 |
|
|
}
|
| 4063 |
|
|
}
|
| 4064 |
|
|
|
| 4065 |
da6f8482
|
Renato Botelho
|
function upgrade_128_to_129() {
|
| 4066 |
|
|
global $config;
|
| 4067 |
|
|
|
| 4068 |
|
|
/* net.inet.ip.fastforwarding does not exist in 2.3. */
|
| 4069 |
5540759e
|
Renato Botelho
|
if (!isset($config['sysctl']['item']) ||
|
| 4070 |
|
|
!is_array($config['sysctl']['item'])) {
|
| 4071 |
|
|
return;
|
| 4072 |
|
|
}
|
| 4073 |
|
|
|
| 4074 |
|
|
foreach ($config['sysctl']['item'] as $idx => $sysctl) {
|
| 4075 |
|
|
if ($sysctl['tunable'] == "net.inet.ip.fastforwarding") {
|
| 4076 |
|
|
unset($config['sysctl']['item'][$idx]);
|
| 4077 |
da6f8482
|
Renato Botelho
|
}
|
| 4078 |
c71d37a7
|
Chris Buechler
|
if ($sysctl['tunable'] == "net.inet.ipsec.debug") {
|
| 4079 |
|
|
$config['sysctl']['item'][$idx]['value'] = "0";
|
| 4080 |
|
|
}
|
| 4081 |
da6f8482
|
Renato Botelho
|
}
|
| 4082 |
efef9c1b
|
Renato Botelho
|
|
| 4083 |
|
|
/* IPSEC is always on in 2.3. */
|
| 4084 |
4e322e2c
|
Phil Davis
|
if (isset($config['ipsec']['enable'])) {
|
| 4085 |
efef9c1b
|
Renato Botelho
|
unset($config['ipsec']['enable']);
|
| 4086 |
33baf237
|
Renato Botelho
|
} else if (is_array($config['ipsec']['phase1'])) {
|
| 4087 |
|
|
/*
|
| 4088 |
|
|
* If IPsec was globally disabled, disable all
|
| 4089 |
|
|
* phase1 entries
|
| 4090 |
|
|
*/
|
| 4091 |
|
|
foreach ($config['ipsec']['phase1'] as $idx => $p1) {
|
| 4092 |
|
|
$config['ipsec']['phase1'][$idx]['disabled'] = true;
|
| 4093 |
|
|
}
|
| 4094 |
4e322e2c
|
Phil Davis
|
}
|
| 4095 |
da6f8482
|
Renato Botelho
|
}
|
| 4096 |
|
|
|
| 4097 |
9555dd35
|
jim-p
|
function upgrade_129_to_130() {
|
| 4098 |
|
|
global $config;
|
| 4099 |
|
|
|
| 4100 |
|
|
/* Change OpenVPN topology_subnet checkbox into topology multi-select #5526 */
|
| 4101 |
|
|
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) {
|
| 4102 |
|
|
foreach ($config['openvpn']['openvpn-server'] as & $serversettings) {
|
| 4103 |
ccefcb00
|
jim-p
|
if (strtolower($serversettings['topology_subnet']) == "yes") {
|
| 4104 |
9555dd35
|
jim-p
|
unset($serversettings['topology_subnet']);
|
| 4105 |
|
|
$serversettings['topology'] = "subnet";
|
| 4106 |
|
|
} else {
|
| 4107 |
|
|
$serversettings['topology'] = "net30";
|
| 4108 |
|
|
}
|
| 4109 |
|
|
}
|
| 4110 |
|
|
}
|
| 4111 |
|
|
}
|
| 4112 |
|
|
|
| 4113 |
b1c2bb34
|
Renato Botelho
|
function upgrade_130_to_131() {
|
| 4114 |
|
|
global $config;
|
| 4115 |
|
|
|
| 4116 |
21300959
|
Phil Davis
|
// Default dpinger parameters at time of this upgrade (2.3)
|
| 4117 |
|
|
$default_interval = 500;
|
| 4118 |
|
|
$default_alert_interval = 1000;
|
| 4119 |
|
|
$default_loss_interval = 2000;
|
| 4120 |
|
|
$default_time_period = 60000;
|
| 4121 |
|
|
|
| 4122 |
b1c2bb34
|
Renato Botelho
|
if (isset($config['syslog']['apinger'])) {
|
| 4123 |
|
|
$config['syslog']['dpinger'] = true;
|
| 4124 |
|
|
unset($config['syslog']['apinger']);
|
| 4125 |
|
|
}
|
| 4126 |
|
|
|
| 4127 |
|
|
if (isset($config['system']['apinger_debug'])) {
|
| 4128 |
|
|
unset($config['system']['apinger_debug']);
|
| 4129 |
|
|
}
|
| 4130 |
|
|
|
| 4131 |
|
|
if (!isset($config['gateways']['gateway_item']) ||
|
| 4132 |
|
|
!is_array($config['gateways']['gateway_item'])) {
|
| 4133 |
|
|
return;
|
| 4134 |
|
|
}
|
| 4135 |
|
|
|
| 4136 |
be09e9e8
|
Phil Davis
|
if (is_array($config['gateways']['gateway_item'])) {
|
| 4137 |
|
|
foreach ($config['gateways']['gateway_item'] as &$gw) {
|
| 4138 |
|
|
// dpinger uses milliseconds
|
| 4139 |
|
|
if (isset($gw['interval']) &&
|
| 4140 |
|
|
is_numeric($gw['interval'])) {
|
| 4141 |
|
|
$gw['interval'] = $gw['interval'] * 1000;
|
| 4142 |
|
|
}
|
| 4143 |
21300959
|
Phil Davis
|
|
| 4144 |
be09e9e8
|
Phil Davis
|
if (isset($gw['interval'])) {
|
| 4145 |
|
|
$effective_interval = $gw['interval'];
|
| 4146 |
|
|
} else {
|
| 4147 |
|
|
$effective_interval = $default_interval;
|
| 4148 |
|
|
}
|
| 4149 |
21300959
|
Phil Davis
|
|
| 4150 |
be09e9e8
|
Phil Davis
|
if (isset($gw['down']) &&
|
| 4151 |
|
|
is_numeric($gw['down'])) {
|
| 4152 |
|
|
$gw['time_period'] = $gw['down'] * 1000;
|
| 4153 |
|
|
unset($gw['down']);
|
| 4154 |
|
|
}
|
| 4155 |
b1c2bb34
|
Renato Botelho
|
|
| 4156 |
be09e9e8
|
Phil Davis
|
if (isset($gw['time_period'])) {
|
| 4157 |
|
|
$effective_time_period = $gw['time_period'];
|
| 4158 |
|
|
} else {
|
| 4159 |
|
|
$effective_time_period = $default_time_period;
|
| 4160 |
|
|
}
|
| 4161 |
21300959
|
Phil Davis
|
|
| 4162 |
be09e9e8
|
Phil Davis
|
if (isset($gw['latencyhigh'])) {
|
| 4163 |
|
|
// Default loss_interval is 2000, but must be set
|
| 4164 |
|
|
// higher if latencyhigh is higher.
|
| 4165 |
|
|
if ($gw['latencyhigh'] > $default_loss_interval) {
|
| 4166 |
|
|
$gw['loss_interval'] = $gw['latencyhigh'];
|
| 4167 |
|
|
}
|
| 4168 |
21300959
|
Phil Davis
|
}
|
| 4169 |
|
|
|
| 4170 |
be09e9e8
|
Phil Davis
|
if (isset($gw['loss_interval'])) {
|
| 4171 |
|
|
$effective_loss_interval = $gw['loss_interval'];
|
| 4172 |
|
|
} else {
|
| 4173 |
|
|
$effective_loss_interval = $default_loss_interval;
|
| 4174 |
|
|
}
|
| 4175 |
21300959
|
Phil Davis
|
|
| 4176 |
be09e9e8
|
Phil Davis
|
if (isset($gw['interval'])) {
|
| 4177 |
|
|
// Default alert_interval is 1000, but must be set
|
| 4178 |
|
|
// higher if interval is higher.
|
| 4179 |
|
|
if ($gw['interval'] > $default_alert_interval) {
|
| 4180 |
|
|
$gw['alert_interval'] = $gw['interval'];
|
| 4181 |
|
|
}
|
| 4182 |
21300959
|
Phil Davis
|
}
|
| 4183 |
|
|
|
| 4184 |
be09e9e8
|
Phil Davis
|
if ((($effective_interval * 2) + $effective_loss_interval) >= $effective_time_period) {
|
| 4185 |
|
|
$gw['time_period'] = ($effective_interval * 2) + $effective_loss_interval + 1;
|
| 4186 |
|
|
}
|
| 4187 |
21300959
|
Phil Davis
|
|
| 4188 |
be09e9e8
|
Phil Davis
|
if (isset($gw['avg_delay_samples'])) {
|
| 4189 |
|
|
unset($gw['avg_delay_samples']);
|
| 4190 |
|
|
}
|
| 4191 |
|
|
if (isset($gw['avg_delay_samples_calculated'])) {
|
| 4192 |
|
|
unset($gw['avg_delay_samples_calculated']);
|
| 4193 |
|
|
}
|
| 4194 |
|
|
if (isset($gw['avg_loss_samples'])) {
|
| 4195 |
|
|
unset($gw['avg_loss_samples']);
|
| 4196 |
|
|
}
|
| 4197 |
|
|
if (isset($gw['avg_loss_samples_calculated'])) {
|
| 4198 |
|
|
unset($gw['avg_loss_samples_calculated']);
|
| 4199 |
|
|
}
|
| 4200 |
|
|
if (isset($gw['avg_loss_delay_samples'])) {
|
| 4201 |
|
|
unset($gw['avg_loss_delay_samples']);
|
| 4202 |
|
|
}
|
| 4203 |
|
|
if (isset($gw['avg_loss_delay_samples_calculated'])) {
|
| 4204 |
|
|
unset($gw['avg_loss_delay_samples_calculated']);
|
| 4205 |
|
|
}
|
| 4206 |
b1c2bb34
|
Renato Botelho
|
}
|
| 4207 |
|
|
}
|
| 4208 |
|
|
}
|
| 4209 |
|
|
|
| 4210 |
41df62c1
|
jim-p
|
function upgrade_131_to_132() {
|
| 4211 |
|
|
global $config;
|
| 4212 |
|
|
if (isset($config['system']['usefifolog'])) {
|
| 4213 |
|
|
unset($config['system']['usefifolog']);
|
| 4214 |
|
|
clear_all_log_files(false);
|
| 4215 |
|
|
}
|
| 4216 |
|
|
}
|
| 4217 |
f1b7a0b1
|
Renato Botelho
|
|
| 4218 |
|
|
function upgrade_132_to_133() {
|
| 4219 |
|
|
global $config;
|
| 4220 |
|
|
|
| 4221 |
|
|
if (isset($config['ipsec']['phase1']) &&
|
| 4222 |
|
|
is_array($config['ipsec']['phase1'])) {
|
| 4223 |
|
|
foreach ($config['ipsec']['phase1'] as &$p1) {
|
| 4224 |
|
|
if (isset($p1['encryption-algorithm']['name']) &&
|
| 4225 |
|
|
$p1['encryption-algorithm']['name'] == 'des') {
|
| 4226 |
|
|
$p1['disabled'] = true;
|
| 4227 |
|
|
file_notice("IPsec",
|
| 4228 |
51a14c58
|
Phil Davis
|
sprintf(gettext("DES is no longer supported, IPsec phase 1 item '%s' is being disabled."), $p1['descr']));
|
| 4229 |
f1b7a0b1
|
Renato Botelho
|
}
|
| 4230 |
|
|
}
|
| 4231 |
|
|
}
|
| 4232 |
|
|
|
| 4233 |
|
|
if (isset($config['ipsec']['phase2']) &&
|
| 4234 |
|
|
is_array($config['ipsec']['phase2'])) {
|
| 4235 |
|
|
foreach ($config['ipsec']['phase2'] as &$p2) {
|
| 4236 |
|
|
if (!isset($p2['encryption-algorithm-option']) ||
|
| 4237 |
|
|
!is_array($p2['encryption-algorithm-option'])) {
|
| 4238 |
|
|
continue;
|
| 4239 |
|
|
}
|
| 4240 |
|
|
|
| 4241 |
|
|
foreach ($p2['encryption-algorithm-option'] as $ealgo) {
|
| 4242 |
|
|
if ($ealgo['name'] == 'des') {
|
| 4243 |
|
|
$p2['disabled'] = true;
|
| 4244 |
|
|
file_notice("IPsec",
|
| 4245 |
51a14c58
|
Phil Davis
|
sprintf(gettext("DES is no longer supported, IPsec phase 2 item '%s' is being disabled."), $p2['descr']));
|
| 4246 |
f1b7a0b1
|
Renato Botelho
|
}
|
| 4247 |
|
|
}
|
| 4248 |
|
|
}
|
| 4249 |
|
|
}
|
| 4250 |
|
|
}
|
| 4251 |
29c0d920
|
Stephen Beaver
|
|
| 4252 |
|
|
// Determine the highest column number in use and set dashboardcolumns accordingly
|
| 4253 |
|
|
function upgrade_133_to_134() {
|
| 4254 |
|
|
global $config;
|
| 4255 |
|
|
|
| 4256 |
|
|
if (!isset($config['widgets']['sequence']) || isset($config['system']['webgui']['dashboardcolumns'])) {
|
| 4257 |
|
|
return;
|
| 4258 |
|
|
}
|
| 4259 |
|
|
|
| 4260 |
|
|
$cur_widgets = explode(',', trim($config['widgets']['sequence']));
|
| 4261 |
|
|
$maxcols = 2;
|
| 4262 |
|
|
|
| 4263 |
|
|
foreach ($cur_widgets as $widget) {
|
| 4264 |
|
|
list($file, $col, $display) = explode(':', $widget);
|
| 4265 |
|
|
|
| 4266 |
|
|
if (($display != 'none') && ($display != 'hide')) {
|
| 4267 |
|
|
preg_match('#[0-9]+$#', $col, $column);
|
| 4268 |
|
|
if ($column[0] > $maxcols) {
|
| 4269 |
|
|
$maxcols = $column[0];
|
| 4270 |
|
|
}
|
| 4271 |
|
|
}
|
| 4272 |
|
|
}
|
| 4273 |
|
|
|
| 4274 |
|
|
$config['system']['webgui']['dashboardcolumns'] = $maxcols % 10;
|
| 4275 |
|
|
}
|
| 4276 |
c4104141
|
Chris Buechler
|
|
| 4277 |
|
|
function upgrade_134_to_135() {
|
| 4278 |
|
|
global $config;
|
| 4279 |
|
|
|
| 4280 |
|
|
if (isset($config['syslog']['nologlighttpd'])) {
|
| 4281 |
|
|
unset($config['syslog']['nologlighttpd']);
|
| 4282 |
|
|
$config['syslog']['nolognginx'] = true;
|
| 4283 |
|
|
}
|
| 4284 |
|
|
}
|
| 4285 |
1ac4e6ae
|
Chris Buechler
|
|
| 4286 |
|
|
function upgrade_135_to_136() {
|
| 4287 |
|
|
global $config;
|
| 4288 |
|
|
|
| 4289 |
ad9b77f9
|
Chris Buechler
|
$l7_active = false;
|
| 4290 |
1ac4e6ae
|
Chris Buechler
|
if (isset($config['l7shaper'])) {
|
| 4291 |
|
|
unset($config['l7shaper']);
|
| 4292 |
|
|
if (is_array($config['filter']['rule'])) {
|
| 4293 |
|
|
foreach ($config['filter']['rule'] as $idx => $rule) {
|
| 4294 |
|
|
if (isset($rule['l7container'])) {
|
| 4295 |
|
|
unset($config['filter']['rule'][$idx]['l7container']);
|
| 4296 |
ad9b77f9
|
Chris Buechler
|
$l7_active = true;
|
| 4297 |
1ac4e6ae
|
Chris Buechler
|
}
|
| 4298 |
|
|
}
|
| 4299 |
|
|
}
|
| 4300 |
ad9b77f9
|
Chris Buechler
|
if ($l7_active) {
|
| 4301 |
|
|
file_notice("L7shaper", gettext("Layer 7 shaping is no longer supported. Its configuration has been removed."));
|
| 4302 |
|
|
}
|
| 4303 |
1ac4e6ae
|
Chris Buechler
|
}
|
| 4304 |
|
|
}
|
| 4305 |
65cce9d7
|
Renato Botelho
|
|
| 4306 |
|
|
function upgrade_136_to_137() {
|
| 4307 |
|
|
global $config;
|
| 4308 |
|
|
|
| 4309 |
|
|
if (is_array($config['dhcpd'])) {
|
| 4310 |
|
|
foreach ($config['dhcpd'] as &$dhcpd) {
|
| 4311 |
|
|
if (!is_array($dhcpd['numberoptions']['item'])) {
|
| 4312 |
|
|
continue;
|
| 4313 |
|
|
}
|
| 4314 |
|
|
|
| 4315 |
|
|
foreach ($dhcpd['numberoptions']['item'] as &$item) {
|
| 4316 |
|
|
$item['value'] = base64_encode($item['value']);
|
| 4317 |
|
|
}
|
| 4318 |
|
|
}
|
| 4319 |
|
|
}
|
| 4320 |
|
|
|
| 4321 |
|
|
if (is_array($config['dhcpdv6'])) {
|
| 4322 |
|
|
foreach ($config['dhcpdv6'] as &$dhcpdv6) {
|
| 4323 |
|
|
if (!is_array($dhcpdv6['numberoptions']['item'])) {
|
| 4324 |
|
|
continue;
|
| 4325 |
|
|
}
|
| 4326 |
|
|
|
| 4327 |
|
|
foreach ($dhcpdv6['numberoptions']['item'] as &$item) {
|
| 4328 |
|
|
$item['value'] = base64_encode($item['value']);
|
| 4329 |
|
|
}
|
| 4330 |
|
|
}
|
| 4331 |
|
|
}
|
| 4332 |
|
|
}
|
| 4333 |
|
|
|
| 4334 |
d9a17eaf
|
Chris Buechler
|
function upgrade_137_to_138() {
|
| 4335 |
|
|
global $config;
|
| 4336 |
|
|
|
| 4337 |
|
|
// the presence of unityplugin tag used to disable loading of unity plugin
|
| 4338 |
b76cc978
|
Stephen Beaver
|
// it's now disabled by default, and config tag is to enable. Unset accordingly.
|
| 4339 |
d9a17eaf
|
Chris Buechler
|
if (is_array($config['ipsec'])) {
|
| 4340 |
|
|
if (isset($config['ipsec']['unityplugin'])) {
|
| 4341 |
|
|
unset($config['ipsec']['unityplugin']);
|
| 4342 |
|
|
}
|
| 4343 |
|
|
}
|
| 4344 |
|
|
}
|
| 4345 |
|
|
|
| 4346 |
3756fd86
|
Chris Buechler
|
function upgrade_138_to_139() {
|
| 4347 |
|
|
global $config;
|
| 4348 |
|
|
|
| 4349 |
|
|
// clean up state killing on gateway failure. having kill_states set used to mean it was disabled
|
| 4350 |
b76cc978
|
Stephen Beaver
|
// now set gw_down_kill_states if enabled.
|
| 4351 |
3756fd86
|
Chris Buechler
|
if (!isset($config['system']['kill_states'])) {
|
| 4352 |
|
|
$config['system']['gw_down_kill_states'] = true;
|
| 4353 |
|
|
} else {
|
| 4354 |
|
|
unset($config['system']['kill_states']);
|
| 4355 |
|
|
}
|
| 4356 |
|
|
}
|
| 4357 |
|
|
|
| 4358 |
a34c263b
|
Chris Buechler
|
function upgrade_139_to_140() {
|
| 4359 |
|
|
global $config;
|
| 4360 |
|
|
|
| 4361 |
|
|
if (is_array($config['virtualip']['vip'])) {
|
| 4362 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4363 |
|
|
if ($vip['mode'] == "carp") {
|
| 4364 |
|
|
if (!isset($vip['uniqid'])) {
|
| 4365 |
|
|
$config['virtualip']['vip'][$idx]['uniqid'] = uniqid();
|
| 4366 |
|
|
}
|
| 4367 |
|
|
}
|
| 4368 |
|
|
}
|
| 4369 |
|
|
}
|
| 4370 |
|
|
}
|
| 4371 |
|
|
|
| 4372 |
1c1ca39b
|
Chris Buechler
|
function upgrade_140_to_141() {
|
| 4373 |
b76cc978
|
Stephen Beaver
|
global $config;
|
| 4374 |
1c1ca39b
|
Chris Buechler
|
|
| 4375 |
68e82ecb
|
Chris Buechler
|
// retain OpenVPN's net30 default topology for upgraded client configs so they still work
|
| 4376 |
ccefcb00
|
jim-p
|
// This is for 2.3 ALPHA to a later 2.3, not 2.2.x upgrades, which had no topology setting on clients
|
| 4377 |
1968fe40
|
Chris Buechler
|
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'])) {
|
| 4378 |
1c1ca39b
|
Chris Buechler
|
foreach ($config['openvpn']['openvpn-client'] as $idx => $ovpnclient) {
|
| 4379 |
|
|
if (!isset($ovpnclient['topology'])) {
|
| 4380 |
|
|
$config['openvpn']['openvpn-client'][$idx]['topology'] = "net30";
|
| 4381 |
|
|
}
|
| 4382 |
|
|
}
|
| 4383 |
|
|
}
|
| 4384 |
1968fe40
|
Chris Buechler
|
|
| 4385 |
|
|
// repeat addition of filter tracker IDs from 106_to_107 where missing since associated filter rules were missing them
|
| 4386 |
|
|
if (is_array($config['filter']) && is_array($config['filter']['rule'])) {
|
| 4387 |
|
|
$tracker = (int)microtime(true);
|
| 4388 |
|
|
foreach ($config['filter']['rule'] as $ridx => $rule) {
|
| 4389 |
|
|
if (empty($rule['tracker'])) {
|
| 4390 |
|
|
$config['filter']['rule'][$ridx]['tracker'] = $tracker;
|
| 4391 |
|
|
$tracker++;
|
| 4392 |
|
|
}
|
| 4393 |
|
|
}
|
| 4394 |
|
|
unset($tracker, $ridx);
|
| 4395 |
|
|
}
|
| 4396 |
|
|
|
| 4397 |
1c1ca39b
|
Chris Buechler
|
}
|
| 4398 |
|
|
|
| 4399 |
6635aa0f
|
jim-p
|
function upgrade_141_to_142() {
|
| 4400 |
|
|
global $config;
|
| 4401 |
|
|
/* Convert Namecheap type DynDNS entries to the new split hostname and domain format */
|
| 4402 |
|
|
|
| 4403 |
|
|
if (!is_array($config['dyndnses'])) {
|
| 4404 |
|
|
$config['dyndnses'] = array();
|
| 4405 |
|
|
}
|
| 4406 |
|
|
if (!is_array($config['dyndnses']['dyndns'])) {
|
| 4407 |
|
|
$config['dyndnses']['dyndns'] = array();
|
| 4408 |
|
|
}
|
| 4409 |
|
|
$a_dyndns = &$config['dyndnses']['dyndns'];
|
| 4410 |
|
|
|
| 4411 |
|
|
foreach ($a_dyndns as &$dyndns) {
|
| 4412 |
|
|
if ($dyndns['type'] == "namecheap") {
|
| 4413 |
|
|
/* Use the old style logic to split the host and domain one last time. */
|
| 4414 |
|
|
$dparts = explode(".", trim($dyndns['host']));
|
| 4415 |
|
|
$domain_part_count = ($dparts[count($dparts)-1] == "uk") ? 3 : 2;
|
| 4416 |
|
|
$domain_offset = count($dparts) - $domain_part_count;
|
| 4417 |
|
|
$dyndns['host'] = implode(".", array_slice($dparts, 0, $domain_offset));
|
| 4418 |
|
|
$dyndns['domainname'] = implode(".", array_slice($dparts, $domain_offset));
|
| 4419 |
|
|
}
|
| 4420 |
|
|
}
|
| 4421 |
a2b813bf
|
Chris Buechler
|
|
| 4422 |
|
|
/* unset old pppoerestart cron job if it exists. redmine 1905 */
|
| 4423 |
|
|
if (is_array($config['cron']['item'])) {
|
| 4424 |
|
|
foreach ($config['cron']['item'] as $idx => $cronitem) {
|
| 4425 |
|
|
if ($cronitem['command'] == "/etc/pppoerestart") {
|
| 4426 |
|
|
unset($config['cron']['item'][$idx]);
|
| 4427 |
|
|
}
|
| 4428 |
|
|
}
|
| 4429 |
|
|
}
|
| 4430 |
6635aa0f
|
jim-p
|
}
|
| 4431 |
a2b813bf
|
Chris Buechler
|
|
| 4432 |
032def61
|
Stephen Beaver
|
// Updated to check for empty separator definitions via is_array()
|
| 4433 |
fdb83ce0
|
NOYB
|
function upgrade_142_to_143() {
|
| 4434 |
|
|
global $config;
|
| 4435 |
|
|
|
| 4436 |
8f561183
|
NOYB
|
/* Re-index firewall rule separators per interface */
|
| 4437 |
032def61
|
Stephen Beaver
|
if (is_array($config['filter']['separator'])) {
|
| 4438 |
8f561183
|
NOYB
|
foreach ($config['filter']['separator'] as $interface => $separators) {
|
| 4439 |
fdb83ce0
|
NOYB
|
|
| 4440 |
9d3e8723
|
Phil Davis
|
if (is_array($separators)) {
|
| 4441 |
032def61
|
Stephen Beaver
|
foreach ($separators as $sepn => $separator) {
|
| 4442 |
fdb83ce0
|
NOYB
|
|
| 4443 |
032def61
|
Stephen Beaver
|
$seprow = substr($separator['row']['0'], 2);
|
| 4444 |
|
|
$sepif = $separator['if'];
|
| 4445 |
fdb83ce0
|
NOYB
|
|
| 4446 |
032def61
|
Stephen Beaver
|
// Determine position of separator within the interface rules.
|
| 4447 |
|
|
$i = -1; $j = 0;
|
| 4448 |
|
|
foreach ($config['filter']['rule'] as $rulen => $filterent) {
|
| 4449 |
fdb83ce0
|
NOYB
|
|
| 4450 |
032def61
|
Stephen Beaver
|
if ($i == $seprow) {
|
| 4451 |
|
|
// Set separator row to it's position within the interface rules.
|
| 4452 |
|
|
$config['filter']['separator'][$sepif][$sepn]['row'] = 'fr' . $j;
|
| 4453 |
|
|
continue 2; // Advance to next separator
|
| 4454 |
|
|
}
|
| 4455 |
fdb83ce0
|
NOYB
|
|
| 4456 |
032def61
|
Stephen Beaver
|
// Position within the interface rules.
|
| 4457 |
|
|
if (($filterent['interface'] == $sepif && !isset($filterent['floating'])) || (isset($filterent['floating']) && "floatingrules" == $sepif)) {
|
| 4458 |
|
|
$j++;
|
| 4459 |
|
|
}
|
| 4460 |
|
|
$i++;
|
| 4461 |
8f561183
|
NOYB
|
}
|
| 4462 |
fdb83ce0
|
NOYB
|
}
|
| 4463 |
|
|
}
|
| 4464 |
|
|
}
|
| 4465 |
|
|
}
|
| 4466 |
8f561183
|
NOYB
|
|
| 4467 |
|
|
/* Re-index nat rule separators */
|
| 4468 |
032def61
|
Stephen Beaver
|
if (is_array($config['nat']['separator'])) {
|
| 4469 |
8f561183
|
NOYB
|
foreach ($config['nat']['separator'] as $sepn => $separator) {
|
| 4470 |
032def61
|
Stephen Beaver
|
if (is_array($separator)) {
|
| 4471 |
|
|
$seprow = substr($separator['row']['0'], 2);
|
| 4472 |
|
|
$config['nat']['separator'][$sepn]['row'] = 'fr' . ($seprow + 1);
|
| 4473 |
|
|
}
|
| 4474 |
8f561183
|
NOYB
|
}
|
| 4475 |
|
|
}
|
| 4476 |
fdb83ce0
|
NOYB
|
}
|
| 4477 |
|
|
|
| 4478 |
b1567b5b
|
Luiz Otavio O Souza
|
function get_vip_from_ip_alias($ipalias) {
|
| 4479 |
|
|
global $config;
|
| 4480 |
|
|
|
| 4481 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4482 |
d9901ff4
|
Chris Buechler
|
if ($vip['mode'] != "ipalias") {
|
| 4483 |
b1567b5b
|
Luiz Otavio O Souza
|
continue;
|
| 4484 |
d9901ff4
|
Chris Buechler
|
}
|
| 4485 |
|
|
if ($ipalias == $vip['subnet']) {
|
| 4486 |
b1567b5b
|
Luiz Otavio O Souza
|
return ("_vip{$vip['uniqid']}");
|
| 4487 |
d9901ff4
|
Chris Buechler
|
}
|
| 4488 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4489 |
|
|
|
| 4490 |
|
|
return ($ipalias);
|
| 4491 |
|
|
}
|
| 4492 |
|
|
|
| 4493 |
|
|
function get_vip_from_oldcarp($carp) {
|
| 4494 |
|
|
global $config;
|
| 4495 |
|
|
|
| 4496 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4497 |
d9901ff4
|
Chris Buechler
|
if ($vip['mode'] != "carp") {
|
| 4498 |
b1567b5b
|
Luiz Otavio O Souza
|
continue;
|
| 4499 |
d9901ff4
|
Chris Buechler
|
}
|
| 4500 |
|
|
if ($carp == "{$vip['interface']}_vip{$vip['vhid']}") {
|
| 4501 |
b1567b5b
|
Luiz Otavio O Souza
|
return ("_vip{$vip['uniqid']}");
|
| 4502 |
d9901ff4
|
Chris Buechler
|
}
|
| 4503 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4504 |
|
|
|
| 4505 |
|
|
return ($carp);
|
| 4506 |
|
|
}
|
| 4507 |
|
|
|
| 4508 |
|
|
function upgrade_143_to_144() {
|
| 4509 |
|
|
global $config;
|
| 4510 |
|
|
|
| 4511 |
|
|
if (is_array($config['virtualip']['vip'])) {
|
| 4512 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4513 |
|
|
if ($vip['mode'] == "ipalias") {
|
| 4514 |
|
|
if (!isset($vip['uniqid'])) {
|
| 4515 |
|
|
$config['virtualip']['vip'][$idx]['uniqid'] = uniqid();
|
| 4516 |
|
|
}
|
| 4517 |
|
|
}
|
| 4518 |
|
|
}
|
| 4519 |
|
|
}
|
| 4520 |
|
|
|
| 4521 |
|
|
/* Convert IPsec phase 1 entries. */
|
| 4522 |
|
|
if (is_array($config['ipsec']['phase1'])) {
|
| 4523 |
|
|
foreach ($config['ipsec']['phase1'] as $idx => $ph1ent) {
|
| 4524 |
d9901ff4
|
Chris Buechler
|
if (is_ipaddr($ph1ent['interface']) || is_ipaddrv6($ph1ent['interface'])) {
|
| 4525 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['ipsec']['phase1'][$idx]['interface'] = get_vip_from_ip_alias($ph1ent['interface']);
|
| 4526 |
d9901ff4
|
Chris Buechler
|
} else if (strpos($ph1ent['interface'], "_vip")) {
|
| 4527 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['ipsec']['phase1'][$idx]['interface'] = get_vip_from_oldcarp($ph1ent['interface']);
|
| 4528 |
d9901ff4
|
Chris Buechler
|
}
|
| 4529 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4530 |
|
|
}
|
| 4531 |
|
|
|
| 4532 |
|
|
/* Convert openvpn. */
|
| 4533 |
|
|
if (is_array($config['openvpn']['openvpn-server'])) {
|
| 4534 |
|
|
foreach ($config['openvpn']['openvpn-server'] as $idx => $ovpn) {
|
| 4535 |
d9901ff4
|
Chris Buechler
|
if (empty($ovpn['interface'])) {
|
| 4536 |
b1567b5b
|
Luiz Otavio O Souza
|
continue;
|
| 4537 |
d9901ff4
|
Chris Buechler
|
}
|
| 4538 |
|
|
if (is_ipaddr($ovpn['interface']) || is_ipaddrv6($ovpn['interface'])) {
|
| 4539 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['openvpn']['openvpn-server'][$idx]['interface'] = get_vip_from_ip_alias($ovpn['interface']);
|
| 4540 |
d9901ff4
|
Chris Buechler
|
} else if (strpos($ovpn['interface'], "_vip")) {
|
| 4541 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['openvpn']['openvpn-server'][$idx]['interface'] = get_vip_from_oldcarp($ovpn['interface']);
|
| 4542 |
d9901ff4
|
Chris Buechler
|
}
|
| 4543 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4544 |
|
|
}
|
| 4545 |
|
|
if (is_array($config['openvpn']['openvpn-client'])) {
|
| 4546 |
|
|
foreach ($config['openvpn']['openvpn-client'] as $idx => $ovpn) {
|
| 4547 |
d9901ff4
|
Chris Buechler
|
if (empty($ovpn['interface'])) {
|
| 4548 |
b1567b5b
|
Luiz Otavio O Souza
|
continue;
|
| 4549 |
d9901ff4
|
Chris Buechler
|
}
|
| 4550 |
|
|
if (is_ipaddr($ovpn['interface']) || is_ipaddrv6($ovpn['interface'])) {
|
| 4551 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['openvpn']['openvpn-client'][$idx]['interface'] = get_vip_from_ip_alias($ovpn['interface']);
|
| 4552 |
d9901ff4
|
Chris Buechler
|
} else if (strpos($ovpn['interface'], "_vip")) {
|
| 4553 |
b1567b5b
|
Luiz Otavio O Souza
|
$config['openvpn']['openvpn-client'][$idx]['interface'] = get_vip_from_oldcarp($ovpn['interface']);
|
| 4554 |
d9901ff4
|
Chris Buechler
|
}
|
| 4555 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4556 |
|
|
}
|
| 4557 |
|
|
|
| 4558 |
|
|
/* Convert unbound. */
|
| 4559 |
|
|
if (is_array($config['unbound']) && !empty($config['unbound']['active_interface'])) {
|
| 4560 |
|
|
$active_ifs = explode(",", $config['unbound']['active_interface']);
|
| 4561 |
|
|
$ifs = array();
|
| 4562 |
|
|
foreach ($active_ifs as $if) {
|
| 4563 |
d9901ff4
|
Chris Buechler
|
if (is_ipaddr($if) || is_ipaddrv6($if)) {
|
| 4564 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = get_vip_from_ip_alias($if);
|
| 4565 |
d9901ff4
|
Chris Buechler
|
} else if (strpos($if, "_vip")) {
|
| 4566 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = get_vip_from_oldcarp($if);
|
| 4567 |
d9901ff4
|
Chris Buechler
|
} else {
|
| 4568 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = $if;
|
| 4569 |
d9901ff4
|
Chris Buechler
|
}
|
| 4570 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4571 |
|
|
$config['unbound']['active_interface'] = implode(",", $ifs);
|
| 4572 |
|
|
}
|
| 4573 |
|
|
|
| 4574 |
|
|
/* Convert dnsmasq. */
|
| 4575 |
|
|
if (is_array($config['dnsmasq']) && !empty($config['dnsmasq']['interface'])) {
|
| 4576 |
|
|
$active_ifs = explode(",", $config['dnsmasq']['interface']);
|
| 4577 |
|
|
$ifs = array();
|
| 4578 |
|
|
foreach ($active_ifs as $if) {
|
| 4579 |
d9901ff4
|
Chris Buechler
|
if (is_ipaddr($if) || is_ipaddrv6($if)) {
|
| 4580 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = get_vip_from_ip_alias($if);
|
| 4581 |
d9901ff4
|
Chris Buechler
|
} else if (strpos($if, "_vip")) {
|
| 4582 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = get_vip_from_oldcarp($if);
|
| 4583 |
d9901ff4
|
Chris Buechler
|
} else {
|
| 4584 |
b1567b5b
|
Luiz Otavio O Souza
|
$ifs[] = $if;
|
| 4585 |
d9901ff4
|
Chris Buechler
|
}
|
| 4586 |
b1567b5b
|
Luiz Otavio O Souza
|
}
|
| 4587 |
|
|
$config['dnsmasq']['interface'] = implode(",", $ifs);
|
| 4588 |
|
|
}
|
| 4589 |
|
|
}
|
| 4590 |
|
|
|
| 4591 |
7c4c43a5
|
Chris Buechler
|
function upgrade_144_to_145() {
|
| 4592 |
|
|
global $config;
|
| 4593 |
|
|
|
| 4594 |
b76cc978
|
Stephen Beaver
|
// Enable DHCPv6 server and radvd config for track6 interfaces,
|
| 4595 |
|
|
// matching what used to be automatically enabled with no user
|
| 4596 |
|
|
// configurability.
|
| 4597 |
7c4c43a5
|
Chris Buechler
|
if (is_array($config['interfaces'])) {
|
| 4598 |
|
|
foreach ($config['interfaces'] as $ifname => $ifcfg) {
|
| 4599 |
|
|
if (isset($ifcfg['enable'])) {
|
| 4600 |
|
|
if ($ifcfg['ipaddrv6'] == "track6") {
|
| 4601 |
|
|
$config['dhcpdv6'][$ifname]['enable'] = true;
|
| 4602 |
|
|
$config['dhcpdv6'][$ifname]['range']['from'] = "::1000";
|
| 4603 |
|
|
$config['dhcpdv6'][$ifname]['range']['to'] = "::2000";
|
| 4604 |
|
|
$config['dhcpdv6'][$ifname]['ramode'] = "assist";
|
| 4605 |
|
|
$config['dhcpdv6'][$ifname]['rapriority'] = "medium";
|
| 4606 |
|
|
}
|
| 4607 |
|
|
}
|
| 4608 |
|
|
}
|
| 4609 |
|
|
}
|
| 4610 |
|
|
}
|
| 4611 |
|
|
|
| 4612 |
2fbac0b2
|
Renato Botelho
|
function upgrade_145_to_146() {
|
| 4613 |
0b3613ef
|
Denny Page
|
// Add standard deviation to the quality rrds
|
| 4614 |
|
|
global $config, $g;
|
| 4615 |
|
|
|
| 4616 |
|
|
$rrddbpath = "/var/db/rrd";
|
| 4617 |
|
|
$rrdtool = "/usr/local/bin/rrdtool";
|
| 4618 |
|
|
|
| 4619 |
|
|
$awkcmd = "/usr/bin/awk '";
|
| 4620 |
|
|
$awkcmd .= "{\n";
|
| 4621 |
|
|
$awkcmd .= " if (sub(/<\\/v><\\/row>/, \"</v><v>NaN</v></row>\") == 0)\n";
|
| 4622 |
|
|
$awkcmd .= " {\n";
|
| 4623 |
|
|
$awkcmd .= " if (/<\\/cdp_prep>/)\n";
|
| 4624 |
|
|
$awkcmd .= " {\n";
|
| 4625 |
|
|
$awkcmd .= " print \" <ds>\"\n";
|
| 4626 |
|
|
$awkcmd .= " print \" <primary_value> 0.0000000000e+00 </primary_value>\"\n";
|
| 4627 |
|
|
$awkcmd .= " print \" <secondary_value> 0.0000000000e+00 </secondary_value>\"\n";
|
| 4628 |
|
|
$awkcmd .= " print \" <value> NaN </value>\"\n";
|
| 4629 |
|
|
$awkcmd .= " print \" <unknown_datapoints> 0 </unknown_datapoints>\"\n";
|
| 4630 |
|
|
$awkcmd .= " print \" </ds>\"\n";
|
| 4631 |
|
|
$awkcmd .= " }\n";
|
| 4632 |
|
|
$awkcmd .= " else if (/<!-- Round Robin Archives -->/)\n";
|
| 4633 |
|
|
$awkcmd .= " {\n";
|
| 4634 |
|
|
$awkcmd .= " print \" <ds>\"\n";
|
| 4635 |
|
|
$awkcmd .= " print \" <name> stddev </name>\"\n";
|
| 4636 |
|
|
$awkcmd .= " print \" <type> GAUGE </type>\"\n";
|
| 4637 |
|
|
$awkcmd .= " print \" <minimal_heartbeat> 120 </minimal_heartbeat>\"\n";
|
| 4638 |
|
|
$awkcmd .= " print \" <min> 0.0000000000e+00 </min>\"\n";
|
| 4639 |
|
|
$awkcmd .= " print \" <max> 1.0000000000e+05 </max>\\n\"\n";
|
| 4640 |
|
|
$awkcmd .= " print \" <!-- PDP Status -->\"\n";
|
| 4641 |
|
|
$awkcmd .= " print \" <last_ds> 0 </last_ds>\"\n";
|
| 4642 |
|
|
$awkcmd .= " print \" <value> 0.0000000000e+00 </value>\"\n";
|
| 4643 |
|
|
$awkcmd .= " print \" <unknown_sec> 0 </unknown_sec>\"\n";
|
| 4644 |
|
|
$awkcmd .= " print \" </ds>\\n\"\n";
|
| 4645 |
|
|
$awkcmd .= " }\n";
|
| 4646 |
|
|
$awkcmd .= " }\n";
|
| 4647 |
|
|
$awkcmd .= " print;\n";
|
| 4648 |
|
|
$awkcmd .= "}'";
|
| 4649 |
|
|
|
| 4650 |
dc61252a
|
Renato Botelho
|
if (isset($config['system']['use_mfs_tmpvar'])) {
|
| 4651 |
0b3613ef
|
Denny Page
|
/* restore the databases, if we have one */
|
| 4652 |
|
|
if (restore_rrd()) {
|
| 4653 |
|
|
/* Make sure to move the rrd backup out of the way. We will make a new one after converting. */
|
| 4654 |
|
|
@rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup/rrd.tgz");
|
| 4655 |
|
|
}
|
| 4656 |
|
|
}
|
| 4657 |
|
|
|
| 4658 |
|
|
$databases = return_dir_as_array($rrddbpath, '/-quality\.rrd$/');
|
| 4659 |
|
|
foreach ($databases as $database) {
|
| 4660 |
|
|
$xmldump = "{$g['tmp_path']}/{$database}.xml";
|
| 4661 |
|
|
|
| 4662 |
|
|
if (platform_booting()) {
|
| 4663 |
|
|
echo "Update RRD database {$database}.\n";
|
| 4664 |
|
|
}
|
| 4665 |
|
|
|
| 4666 |
|
|
exec("$rrdtool dump {$rrddbpath}/{$database} | {$awkcmd} > {$xmldump}");
|
| 4667 |
|
|
exec("$rrdtool restore -f {$xmldump} {$rrddbpath}/{$database}");
|
| 4668 |
|
|
@unlink("{$xmldump}");
|
| 4669 |
|
|
}
|
| 4670 |
|
|
|
| 4671 |
|
|
if (!platform_booting()) {
|
| 4672 |
|
|
enable_rrd_graphing();
|
| 4673 |
|
|
}
|
| 4674 |
|
|
/* Let's save the RRD graphs after we run enable RRD graphing */
|
| 4675 |
|
|
/* The function will restore the rrd.tgz so we will save it after */
|
| 4676 |
1289c0c1
|
Renato Botelho
|
exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh");
|
| 4677 |
0b3613ef
|
Denny Page
|
}
|
| 4678 |
|
|
|
| 4679 |
67c6bab5
|
Luiz Otavio O Souza
|
function upgrade_bgpd_146_to_147() {
|
| 4680 |
|
|
global $config;
|
| 4681 |
|
|
|
| 4682 |
|
|
if (!isset($config['installedpackages']['openbgpd']['config']) ||
|
| 4683 |
|
|
!is_array($config['installedpackages']['openbgpd']['config'])) {
|
| 4684 |
|
|
return;
|
| 4685 |
|
|
}
|
| 4686 |
|
|
$openbgpd_conf = &$config['installedpackages']['openbgpd']['config'][0];
|
| 4687 |
|
|
if (!isset($openbgpd_conf['carpstatusip']) &&
|
| 4688 |
|
|
!is_ipaddr($openbgpd_conf['carpstatusip'])) {
|
| 4689 |
|
|
return;
|
| 4690 |
|
|
}
|
| 4691 |
|
|
|
| 4692 |
|
|
if (!is_array($config['virtualip']['vip']))
|
| 4693 |
|
|
return;
|
| 4694 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4695 |
|
|
if ($vip['subnet'] == $openbgpd_conf['carpstatusip']) {
|
| 4696 |
|
|
$openbgpd_conf['carpstatusvid'] = "_vip{$vip['uniqid']}";
|
| 4697 |
|
|
unset($openbgpd_conf['carpstatusip']);
|
| 4698 |
|
|
return;
|
| 4699 |
|
|
}
|
| 4700 |
|
|
}
|
| 4701 |
|
|
}
|
| 4702 |
|
|
|
| 4703 |
|
|
function upgrade_quagga_146_to_147() {
|
| 4704 |
|
|
global $config;
|
| 4705 |
|
|
|
| 4706 |
|
|
if (!isset($config['installedpackages']['quaggaospfd']['config']) ||
|
| 4707 |
|
|
!is_array($config['installedpackages']['quaggaospfd']['config'])) {
|
| 4708 |
|
|
return;
|
| 4709 |
|
|
}
|
| 4710 |
|
|
$ospfd_conf = &$config['installedpackages']['quaggaospfd']['config'][0];
|
| 4711 |
|
|
if (!isset($ospfd_conf['carpstatusip']) &&
|
| 4712 |
|
|
!is_ipaddr($ospfd_conf['carpstatusip'])) {
|
| 4713 |
|
|
return;
|
| 4714 |
|
|
}
|
| 4715 |
|
|
|
| 4716 |
|
|
if (!is_array($config['virtualip']['vip']))
|
| 4717 |
|
|
return;
|
| 4718 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4719 |
|
|
if ($vip['subnet'] == $ospfd_conf['carpstatusip']) {
|
| 4720 |
|
|
$ospfd_conf['carpstatusvid'] = "_vip{$vip['uniqid']}";
|
| 4721 |
|
|
unset($ospfd_conf['carpstatusip']);
|
| 4722 |
|
|
return;
|
| 4723 |
|
|
}
|
| 4724 |
|
|
}
|
| 4725 |
|
|
}
|
| 4726 |
|
|
|
| 4727 |
|
|
function upgrade_146_to_147() {
|
| 4728 |
|
|
|
| 4729 |
|
|
upgrade_bgpd_146_to_147();
|
| 4730 |
|
|
upgrade_quagga_146_to_147();
|
| 4731 |
|
|
}
|
| 4732 |
|
|
|
| 4733 |
b76cc978
|
Stephen Beaver
|
function upgrade_147_to_148() {
|
| 4734 |
|
|
global $config;
|
| 4735 |
|
|
|
| 4736 |
|
|
// Ensure there are no spaces in group names by
|
| 4737 |
|
|
// replacing spaces with underscores
|
| 4738 |
|
|
if (is_array($config['system']['group'])) {
|
| 4739 |
d3f3b75f
|
Chris Buechler
|
$cleargroups = false;
|
| 4740 |
e5ef7ae2
|
Chris Buechler
|
foreach ($config['system']['group'] as $idx => $grp) {
|
| 4741 |
|
|
if (strstr($grp['name'], " ")) {
|
| 4742 |
d3f3b75f
|
Chris Buechler
|
$cleargroups = true;
|
| 4743 |
f788b1e2
|
Chris Buechler
|
$config['system']['group'][$idx]['scope'] = "remote";
|
| 4744 |
1a2d6d34
|
Stephen Beaver
|
}
|
| 4745 |
b76cc978
|
Stephen Beaver
|
}
|
| 4746 |
d3f3b75f
|
Chris Buechler
|
|
| 4747 |
|
|
// if there was a space in a group name, there may be multiple
|
| 4748 |
|
|
// groups with the same name in the group file. To prevent pw
|
| 4749 |
|
|
// from getting into a neverending loop, delete all user-defined
|
| 4750 |
|
|
// groups here. local_sync_accounts will run shortly after this
|
| 4751 |
|
|
// and add them back. redmine #6012
|
| 4752 |
|
|
if ($cleargroups) {
|
| 4753 |
|
|
foreach ($config['system']['group'] as $grp) {
|
| 4754 |
|
|
mwexec("/usr/sbin/pw groupdel -g {$grp['gid']}");
|
| 4755 |
|
|
}
|
| 4756 |
|
|
}
|
| 4757 |
b76cc978
|
Stephen Beaver
|
}
|
| 4758 |
|
|
}
|
| 4759 |
22752ae7
|
Luiz Otavio O Souza
|
|
| 4760 |
|
|
function upgrade_148_to_149() {
|
| 4761 |
|
|
global $config;
|
| 4762 |
|
|
global $altq_list_queues;
|
| 4763 |
|
|
|
| 4764 |
|
|
if (!isset($config['shaper']['queue']) || !is_array($config['shaper']['queue']))
|
| 4765 |
|
|
return;
|
| 4766 |
|
|
|
| 4767 |
|
|
read_altq_config();
|
| 4768 |
|
|
|
| 4769 |
|
|
/* Set root queue bandwidth. */
|
| 4770 |
|
|
foreach ($altq_list_queues as $altq) {
|
| 4771 |
|
|
$sum = $altq->GetTotalBw();
|
| 4772 |
|
|
while ($sum > get_queue_bandwidth($altq)) {
|
| 4773 |
bdd284c3
|
Chris Buechler
|
if (intval(($sum / 1000) * 1.2) < (1024 * 1024)) {
|
| 4774 |
22752ae7
|
Luiz Otavio O Souza
|
/* 1Gb where possible. */
|
| 4775 |
|
|
$bw = 1024 * 1024;
|
| 4776 |
bdd284c3
|
Chris Buechler
|
} else {
|
| 4777 |
22752ae7
|
Luiz Otavio O Souza
|
/* Increase by 20% until it fits. */
|
| 4778 |
|
|
$bw = intval(($sum / 1000) * 1.2);
|
| 4779 |
bdd284c3
|
Chris Buechler
|
}
|
| 4780 |
22752ae7
|
Luiz Otavio O Souza
|
$altq->SetBandwidth($bw);
|
| 4781 |
|
|
$altq->SetBwscale("Kb");
|
| 4782 |
|
|
$altq->wconfig();
|
| 4783 |
|
|
$sum = $altq->GetTotalBw();
|
| 4784 |
|
|
}
|
| 4785 |
|
|
}
|
| 4786 |
|
|
}
|
| 4787 |
c0509674
|
Chris Buechler
|
|
| 4788 |
|
|
function upgrade_149_to_150() {
|
| 4789 |
|
|
global $config;
|
| 4790 |
|
|
|
| 4791 |
|
|
if (is_array($config['dhcpdv6'])) {
|
| 4792 |
|
|
foreach ($config['dhcpdv6'] as &$dhcpdv6) {
|
| 4793 |
|
|
if (isset($dhcpdv6['rainterface'])) {
|
| 4794 |
|
|
if (strstr($dhcpdv6['rainterface'], "_vip")) {
|
| 4795 |
|
|
$dhcpdv6['rainterface'] = get_vip_from_oldcarp($dhcpdv6['rainterface']);
|
| 4796 |
|
|
}
|
| 4797 |
|
|
}
|
| 4798 |
|
|
}
|
| 4799 |
|
|
}
|
| 4800 |
|
|
}
|
| 4801 |
f8f2eae4
|
Phil Davis
|
|
| 4802 |
|
|
function upgrade_150_to_151() {
|
| 4803 |
|
|
global $config;
|
| 4804 |
|
|
|
| 4805 |
|
|
// Default dpinger parameters at time of this upgrade (2.3.1)
|
| 4806 |
|
|
$default_interval = 500;
|
| 4807 |
|
|
$default_alert_interval = 1000;
|
| 4808 |
|
|
$default_loss_interval = 2000;
|
| 4809 |
|
|
$default_time_period = 60000;
|
| 4810 |
|
|
$default_latencyhigh = 500;
|
| 4811 |
|
|
|
| 4812 |
|
|
// Check advanced gateway parameter relationships in case they are incorrect
|
| 4813 |
13dab353
|
Chris Buechler
|
if (is_array($config['gateways']['gateway_item'])) {
|
| 4814 |
|
|
foreach ($config['gateways']['gateway_item'] as &$gw) {
|
| 4815 |
|
|
if (isset($gw['interval'])) {
|
| 4816 |
|
|
$effective_interval = $gw['interval'];
|
| 4817 |
|
|
} else {
|
| 4818 |
|
|
$effective_interval = $default_interval;
|
| 4819 |
|
|
}
|
| 4820 |
f8f2eae4
|
Phil Davis
|
|
| 4821 |
13dab353
|
Chris Buechler
|
if (isset($gw['alert_interval'])) {
|
| 4822 |
|
|
$effective_alert_interval = $gw['alert_interval'];
|
| 4823 |
|
|
} else {
|
| 4824 |
|
|
$effective_alert_interval = $default_alert_interval;
|
| 4825 |
|
|
}
|
| 4826 |
f8f2eae4
|
Phil Davis
|
|
| 4827 |
13dab353
|
Chris Buechler
|
if (isset($gw['loss_interval'])) {
|
| 4828 |
|
|
$effective_loss_interval = $gw['loss_interval'];
|
| 4829 |
|
|
} else {
|
| 4830 |
|
|
$effective_loss_interval = $default_loss_interval;
|
| 4831 |
|
|
}
|
| 4832 |
f8f2eae4
|
Phil Davis
|
|
| 4833 |
13dab353
|
Chris Buechler
|
if (isset($gw['time_period'])) {
|
| 4834 |
|
|
$effective_time_period = $gw['time_period'];
|
| 4835 |
|
|
} else {
|
| 4836 |
|
|
$effective_time_period = $default_time_period;
|
| 4837 |
|
|
}
|
| 4838 |
f8f2eae4
|
Phil Davis
|
|
| 4839 |
13dab353
|
Chris Buechler
|
if (isset($gw['latencyhigh'])) {
|
| 4840 |
|
|
$effective_latencyhigh = $gw['latencyhigh'];
|
| 4841 |
|
|
} else {
|
| 4842 |
|
|
$effective_latencyhigh = $default_latencyhigh;
|
| 4843 |
|
|
}
|
| 4844 |
f8f2eae4
|
Phil Davis
|
|
| 4845 |
13dab353
|
Chris Buechler
|
// Loss interval has to be at least as big as high latency.
|
| 4846 |
|
|
if ($effective_latencyhigh > $effective_loss_interval) {
|
| 4847 |
|
|
$effective_loss_interval = $gw['loss_interval'] = $effective_latencyhigh;
|
| 4848 |
|
|
}
|
| 4849 |
f8f2eae4
|
Phil Davis
|
|
| 4850 |
13dab353
|
Chris Buechler
|
// Alert interval has to be at least as big as probe interval.
|
| 4851 |
|
|
if ($effective_interval > $effective_alert_interval) {
|
| 4852 |
|
|
$gw['alert_interval'] = $effective_interval;
|
| 4853 |
|
|
}
|
| 4854 |
f8f2eae4
|
Phil Davis
|
|
| 4855 |
13dab353
|
Chris Buechler
|
// The time period for averaging has to be more than 2 probes plus the loss interval.
|
| 4856 |
|
|
if ((($effective_interval * 2) + $effective_loss_interval) >= $effective_time_period) {
|
| 4857 |
|
|
$gw['time_period'] = ($effective_interval * 2) + $effective_loss_interval + 1;
|
| 4858 |
|
|
}
|
| 4859 |
f8f2eae4
|
Phil Davis
|
}
|
| 4860 |
|
|
}
|
| 4861 |
|
|
}
|
| 4862 |
53f2965e
|
NOYB
|
|
| 4863 |
|
|
function upgrade_151_to_152() {
|
| 4864 |
|
|
global $g, $config;
|
| 4865 |
|
|
|
| 4866 |
|
|
require_once("/etc/inc/services.inc");
|
| 4867 |
|
|
|
| 4868 |
|
|
// Remove these cron jobs on full install if not using ramdisk.
|
| 4869 |
dc61252a
|
Renato Botelho
|
if (!isset($config['system']['use_mfs_tmpvar'])) {
|
| 4870 |
53f2965e
|
NOYB
|
install_cron_job("/etc/rc.backup_rrd.sh", false);
|
| 4871 |
|
|
install_cron_job("/etc/rc.backup_dhcpleases.sh", false);
|
| 4872 |
|
|
}
|
| 4873 |
|
|
}
|
| 4874 |
8175a2a8
|
Chris Buechler
|
|
| 4875 |
|
|
function upgrade_152_to_153() {
|
| 4876 |
|
|
global $config;
|
| 4877 |
|
|
|
| 4878 |
|
|
if (is_array($config['virtualip']['vip'])) {
|
| 4879 |
|
|
foreach ($config['virtualip']['vip'] as $idx => $vip) {
|
| 4880 |
|
|
if (substr($vip['interface'], 0, 4) == "_vip") {
|
| 4881 |
|
|
// using new VIP format
|
| 4882 |
|
|
continue;
|
| 4883 |
|
|
} else if (strstr($vip['interface'], "_vip")) {
|
| 4884 |
|
|
// using old VIP format, update
|
| 4885 |
|
|
$config['virtualip']['vip'][$idx]['interface'] = get_vip_from_oldcarp($vip['interface']);
|
| 4886 |
|
|
}
|
| 4887 |
|
|
}
|
| 4888 |
|
|
}
|
| 4889 |
aa31bad6
|
Chris Buechler
|
|
| 4890 |
|
|
// upgrade GIFs using VIP to new format
|
| 4891 |
|
|
if (is_array($config['gifs']['gif'])) {
|
| 4892 |
|
|
foreach ($config['gifs']['gif'] as $idx => $gif) {
|
| 4893 |
|
|
if (substr($gif['if'], 0, 4) == "_vip") {
|
| 4894 |
|
|
// using new VIP format
|
| 4895 |
|
|
continue;
|
| 4896 |
|
|
} else if (strstr($gif['if'], "_vip")) {
|
| 4897 |
|
|
// using old VIP format, update
|
| 4898 |
|
|
$config['gifs']['gif'][$idx]['if'] = get_vip_from_oldcarp($gif['if']);
|
| 4899 |
|
|
}
|
| 4900 |
|
|
}
|
| 4901 |
|
|
}
|
| 4902 |
|
|
|
| 4903 |
|
|
// upgrade GREs using VIP to new format
|
| 4904 |
|
|
if (is_array($config['gres']['gre'])) {
|
| 4905 |
|
|
foreach ($config['gres']['gre'] as $idx => $gre) {
|
| 4906 |
|
|
if (substr($gre['if'], 0, 4) == "_vip") {
|
| 4907 |
|
|
// using new VIP format
|
| 4908 |
|
|
continue;
|
| 4909 |
|
|
} else if (strstr($gre['if'], "_vip")) {
|
| 4910 |
|
|
// using old VIP format, update
|
| 4911 |
|
|
$config['gres']['gre'][$idx]['if'] = get_vip_from_oldcarp($gre['if']);
|
| 4912 |
|
|
}
|
| 4913 |
|
|
}
|
| 4914 |
|
|
}
|
| 4915 |
|
|
|
| 4916 |
|
|
// upgrade gateway groups using VIPs
|
| 4917 |
|
|
if (is_array($config['gateways']['gateway_group'])) {
|
| 4918 |
|
|
foreach ($config['gateways']['gateway_group'] as $idx => $gw) {
|
| 4919 |
|
|
if (is_array($gw['item'])) {
|
| 4920 |
|
|
$newitems = array();
|
| 4921 |
|
|
$gwvipchange = false;
|
| 4922 |
|
|
foreach ($gw['item'] as $item) {
|
| 4923 |
|
|
if (strstr($item, "|_vip")) {
|
| 4924 |
|
|
// using new VIP format
|
| 4925 |
|
|
$newitems[] = $item;
|
| 4926 |
|
|
continue;
|
| 4927 |
|
|
} else if (strstr($item, "_vip")) {
|
| 4928 |
|
|
// using old VIP format, update
|
| 4929 |
|
|
$gwitemarr = explode("|", $item);
|
| 4930 |
|
|
$gwitemarr[2] = get_vip_from_oldcarp($gwitemarr[2]);
|
| 4931 |
|
|
$newitems[] = implode("|", $gwitemarr);
|
| 4932 |
|
|
$gwvipchange = true;
|
| 4933 |
|
|
} else {
|
| 4934 |
|
|
$newitems[] = $item;
|
| 4935 |
|
|
}
|
| 4936 |
|
|
}
|
| 4937 |
|
|
if ($gwvipchange) {
|
| 4938 |
|
|
$config['gateways']['gateway_group'][$idx]['item'] = $newitems;
|
| 4939 |
|
|
}
|
| 4940 |
|
|
}
|
| 4941 |
|
|
}
|
| 4942 |
|
|
}
|
| 4943 |
8175a2a8
|
Chris Buechler
|
}
|
| 4944 |
374f8c51
|
NewEraCracker
|
|
| 4945 |
|
|
function upgrade_153_to_154() {
|
| 4946 |
|
|
/* NOTE: This upgrade code was reverted. See redmine ticket #6118 and
|
| 4947 |
|
|
https://github.com/pfsense/pfsense/commit/538a3c04a6b6671151e913b06b2f340b6f8ee222 */
|
| 4948 |
|
|
}
|
| 4949 |
ee9fb7bc
|
jim-p
|
|
| 4950 |
|
|
/* Clean up old GRE/GIF options. See Redmine tickets #6586 and #6587 */
|
| 4951 |
|
|
function upgrade_154_to_155() {
|
| 4952 |
|
|
global $config;
|
| 4953 |
|
|
|
| 4954 |
|
|
if (is_array($config['gifs']['gif'])) {
|
| 4955 |
|
|
foreach ($config['gifs']['gif'] as $idx => $gif) {
|
| 4956 |
|
|
if (isset($gif['link0'])) {
|
| 4957 |
|
|
unset($config['gifs']['gif'][$idx]['link0']);
|
| 4958 |
|
|
}
|
| 4959 |
|
|
}
|
| 4960 |
|
|
}
|
| 4961 |
|
|
|
| 4962 |
|
|
if (is_array($config['gres']['gre'])) {
|
| 4963 |
|
|
foreach ($config['gres']['gre'] as $idx => $gre) {
|
| 4964 |
|
|
if (isset($gre['link0'])) {
|
| 4965 |
|
|
unset($config['gres']['gre'][$idx]['link0']);
|
| 4966 |
|
|
}
|
| 4967 |
|
|
if (isset($gre['link2'])) {
|
| 4968 |
|
|
unset($config['gres']['gre'][$idx]['link2']);
|
| 4969 |
|
|
}
|
| 4970 |
|
|
}
|
| 4971 |
|
|
}
|
| 4972 |
|
|
}
|
| 4973 |
2ce5cd33
|
jim-p
|
|
| 4974 |
|
|
function upgrade_155_to_156() {
|
| 4975 |
e030050d
|
Phil Davis
|
// Unused
|
| 4976 |
2ce5cd33
|
jim-p
|
}
|
| 4977 |
2446fffa
|
jim-p
|
|
| 4978 |
|
|
function upgrade_156_to_157() {
|
| 4979 |
|
|
global $config;
|
| 4980 |
|
|
/* Convert Cloudflare and GratisDNS type DynDNS entries to the new split hostname and domain format */
|
| 4981 |
|
|
|
| 4982 |
|
|
if (!is_array($config['dyndnses'])) {
|
| 4983 |
|
|
$config['dyndnses'] = array();
|
| 4984 |
|
|
}
|
| 4985 |
|
|
if (!is_array($config['dyndnses']['dyndns'])) {
|
| 4986 |
|
|
$config['dyndnses']['dyndns'] = array();
|
| 4987 |
|
|
}
|
| 4988 |
|
|
$a_dyndns = &$config['dyndnses']['dyndns'];
|
| 4989 |
|
|
|
| 4990 |
|
|
foreach ($a_dyndns as &$dyndns) {
|
| 4991 |
|
|
if (($dyndns['type'] == "cloudflare") || ($dyndns['type'] == "cloudflare-v6") || ($dyndns['type'] == "gratisdns")) {
|
| 4992 |
|
|
/* Use the old style logic to split the host and domain one last time. */
|
| 4993 |
|
|
$dparts = explode(".", trim($dyndns['host']));
|
| 4994 |
|
|
$domain_part_count = ($dparts[count($dparts)-1] == "uk") ? 3 : 2;
|
| 4995 |
|
|
$domain_offset = count($dparts) - $domain_part_count;
|
| 4996 |
|
|
$dyndns['host'] = implode(".", array_slice($dparts, 0, $domain_offset));
|
| 4997 |
|
|
$dyndns['domainname'] = implode(".", array_slice($dparts, $domain_offset));
|
| 4998 |
|
|
}
|
| 4999 |
|
|
}
|
| 5000 |
|
|
|
| 5001 |
|
|
/* unset old pppoerestart cron job if it exists. redmine 1905 */
|
| 5002 |
|
|
if (is_array($config['cron']['item'])) {
|
| 5003 |
|
|
foreach ($config['cron']['item'] as $idx => $cronitem) {
|
| 5004 |
|
|
if ($cronitem['command'] == "/etc/pppoerestart") {
|
| 5005 |
|
|
unset($config['cron']['item'][$idx]);
|
| 5006 |
|
|
}
|
| 5007 |
|
|
}
|
| 5008 |
|
|
}
|
| 5009 |
|
|
}
|
| 5010 |
|
|
|
| 5011 |
86584ded
|
jim-p
|
function upgrade_157_to_158() {
|
| 5012 |
|
|
global $config;
|
| 5013 |
|
|
/* Convert Dynamic DNS passwords to base64 encoding. Redmine #6688 */
|
| 5014 |
|
|
|
| 5015 |
|
|
if (!is_array($config['dyndnses'])) {
|
| 5016 |
|
|
$config['dyndnses'] = array();
|
| 5017 |
|
|
}
|
| 5018 |
|
|
if (!is_array($config['dyndnses']['dyndns'])) {
|
| 5019 |
|
|
$config['dyndnses']['dyndns'] = array();
|
| 5020 |
|
|
}
|
| 5021 |
|
|
$a_dyndns = &$config['dyndnses']['dyndns'];
|
| 5022 |
|
|
|
| 5023 |
|
|
foreach ($a_dyndns as &$dyndns) {
|
| 5024 |
|
|
$dyndns['password'] = base64_encode($dyndns['password']);
|
| 5025 |
|
|
}
|
| 5026 |
|
|
}
|
| 5027 |
|
|
|
| 5028 |
e030050d
|
Phil Davis
|
/* Unset references to glxsb in the config. See #6755 */
|
| 5029 |
|
|
function upgrade_158_to_159() {
|
| 5030 |
|
|
global $config;
|
| 5031 |
|
|
|
| 5032 |
|
|
if ($config['system']['crypto_hardware'] == "glxsb") {
|
| 5033 |
|
|
unset($config['system']['crypto_hardware']);
|
| 5034 |
|
|
}
|
| 5035 |
|
|
}
|
| 5036 |
|
|
|
| 5037 |
ca366676
|
jim-p
|
/* Convert OpenVPN "protocol" to new style for OpenVPN 2.4, old udp/tcp was
|
| 5038 |
|
|
* IPv4 only, now is dual stack, so change it to udp4/tcp4
|
| 5039 |
|
|
*/
|
| 5040 |
|
|
function upgrade_159_to_160() {
|
| 5041 |
|
|
global $config;
|
| 5042 |
|
|
|
| 5043 |
|
|
if (isset($config['openvpn']) && is_array($config['openvpn'])) {
|
| 5044 |
|
|
if (is_array($config['openvpn']['openvpn-server'])) {
|
| 5045 |
|
|
foreach ($config['openvpn']['openvpn-server'] as &$vpn) {
|
| 5046 |
|
|
if ($vpn['protocol'] == "UDP") {
|
| 5047 |
|
|
$vpn['protocol'] = "UDP4";
|
| 5048 |
|
|
}
|
| 5049 |
|
|
if ($vpn['protocol'] == "TCP") {
|
| 5050 |
|
|
$vpn['protocol'] = "TCP4";
|
| 5051 |
|
|
}
|
| 5052 |
|
|
}
|
| 5053 |
|
|
}
|
| 5054 |
|
|
if (is_array($config['openvpn']['openvpn-client'])) {
|
| 5055 |
|
|
foreach ($config['openvpn']['openvpn-client'] as &$vpn) {
|
| 5056 |
|
|
if ($vpn['protocol'] == "UDP") {
|
| 5057 |
|
|
$vpn['protocol'] = "UDP4";
|
| 5058 |
|
|
}
|
| 5059 |
|
|
if ($vpn['protocol'] == "TCP") {
|
| 5060 |
|
|
$vpn['protocol'] = "TCP4";
|
| 5061 |
|
|
}
|
| 5062 |
|
|
}
|
| 5063 |
|
|
}
|
| 5064 |
|
|
}
|
| 5065 |
|
|
}
|
| 5066 |
faaab088
|
Renato Botelho
|
?>
|