aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2012-08-22 16:57:46 -0400
committerjim-p <jimp@pfsense.org>2012-08-22 16:57:46 -0400
commitc4cb635d11cd82e98be9d16d9abf4fc8b4a35c84 (patch)
treefcdd4d450bc5d17dcc6433ac24074e9031909e65
parentc051bf14000857ffff97ab80273a1a0ea6b62c7b (diff)
downloadpfsense-packages-c4cb635d11cd82e98be9d16d9abf4fc8b4a35c84.tar.gz
pfsense-packages-c4cb635d11cd82e98be9d16d9abf4fc8b4a35c84.tar.bz2
pfsense-packages-c4cb635d11cd82e98be9d16d9abf4fc8b4a35c84.zip
Change up some bgpd initialization, fixes #2572
-rw-r--r--config/openbgpd/openbgpd.inc116
1 files changed, 61 insertions, 55 deletions
diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc
index 4a99dbc1..0a02eb7b 100644
--- a/config/openbgpd/openbgpd.inc
+++ b/config/openbgpd/openbgpd.inc
@@ -34,20 +34,26 @@ require_once("service-utils.inc");
define('PKG_BGPD_CONFIG_BASE', '/var/etc/openbgpd');
-$pkg_login = "_bgpd";
-$pkg_uid = "130";
-$pkg_group = "_bgpd";
-$pkg_gid = "130";
-$pkg_gecos = "BGP Daemon";
-$pkg_homedir = "/var/empty";
-$pkg_shell = "/usr/sbin/nologin";
-
+define('PKG_BGPD_LOGIN', = "_bgpd");
+define('PKG_BGPD_UID', = "130");
+define('PKG_BGPD_GROUP', = "_bgpd");
+define('PKG_BGPD_GID', = "130");
+define('PKG_BGPD_GECOS', = "BGP Daemon");
+define('PKG_BGPD_HOMEDIR', = "/var/empty");
+define('PKG_BGPD_SHELL', = "/usr/sbin/nologin");
function openbgpd_install_conf() {
- global $config, $g, $pkg_login, $pkg_uid, $pkg_group, $pkg_gid, $pkg_gecos, $pkg_homedir, $pkg_shell;
-
+ global $config, $g;
+ $pkg_login = PKG_BGPD_LOGIN;
+ $pkg_uid = PKG_BGPD_UID;
+ $pkg_group = PKG_BGPD_GROUP;
+ $pkg_gid = PKG_BGPD_GID;
+ $pkg_gecos = PKG_BGPD_GECOS;
+ $pkg_homedir = PKG_BGPD_HOMEDIR;
+ $pkg_shell = PKG_BGPD_SHELL;
+
conf_mount_rw();
-
+
// Since we need to embed this in a string, copy to a var. Can't embed constnats.
$bgpd_config_base = PKG_BGPD_CONFIG_BASE;
if ($config['installedpackages']['openbgpd']['rawconfig'] && $config['installedpackages']['openbgpd']['rawconfig']['item']) {
@@ -56,45 +62,45 @@ function openbgpd_install_conf() {
//$conffile = $config['installedpackages']['openbgpd']['rawconfig'];
} else {
// generate bgpd.conf based on the assistant
- if($config['installedpackages']['openbgpd']['config'])
+ if($config['installedpackages']['openbgpd']['config'])
$openbgpd_conf = &$config['installedpackages']['openbgpd']['config'][0];
if($config['installedpackages']['openbgpd']['config'][0]['row'])
- $openbgpd_rows = &$config['installedpackages']['openbgpd']['config'][0]['row'];
+ $openbgpd_rows = &$config['installedpackages']['openbgpd']['config'][0]['row'];
if($config['installedpackages']['openbgpdgroups']['config'])
$openbgpd_groups = &$config['installedpackages']['openbgpdgroups']['config'];
if($config['installedpackages']['openbgpdneighbors']['config'])
$openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config'];
-
+
$conffile = "# This file was created by the package manager. Do not edit!\n\n";
$setkeycf = "";
-
+
// Setup AS #
- if($openbgpd_conf['asnum'])
+ if($openbgpd_conf['asnum'])
$conffile .= "AS {$openbgpd_conf['asnum']}\n";
-
+
if($openbgpd_conf['fibupdate'])
$conffile .= "fib-update {$openbgpd_conf['fibupdate']}\n";
-
+
// Setup holdtime if defined. Default is 90.
- if($openbgpd_conf['holdtime'])
+ if($openbgpd_conf['holdtime'])
$conffile .= "holdtime {$openbgpd_conf['holdtime']}\n";
// Specify listen ip
- if($openbgpd_conf['listenip'])
+ if($openbgpd_conf['listenip'])
$conffile .= "listen on {$openbgpd_conf['listenip']}\n";
// Specify router id
- if($openbgpd_conf['routerid'])
+ if($openbgpd_conf['routerid'])
$conffile .= "router-id {$openbgpd_conf['routerid']}\n";
// Handle advertised networks
if($config['installedpackages']['openbgpd']['config'][0]['row'])
if(is_array($openbgpd_rows))
- foreach($openbgpd_rows as $row)
+ foreach($openbgpd_rows as $row)
$conffile .= "network {$row['networks']}\n";
-
+
// Attach neighbors to their respective group owner
- if(is_array($openbgpd_groups)) {
+ if(is_array($openbgpd_groups)) {
foreach($openbgpd_groups as $group) {
$conffile .= "group \"{$group['name']}\" {\n";
$conffile .= " remote-as {$group['remoteas']}\n";
@@ -114,16 +120,16 @@ function openbgpd_install_conf() {
}
foreach($neighbor['row'] as $row) {
$conffile .= " {$row['parameters']} {$row['parmvalue']} \n";
- }
+ }
$conffile .= "}\n";
}
}
}
$conffile .= "}\n";
}
- }
+ }
- // Handle neighbors that do not have a group assigned to them
+ // Handle neighbors that do not have a group assigned to them
if(is_array($openbgpd_neighbors)) {
foreach($openbgpd_neighbors as $neighbor) {
$used_this_item = false;
@@ -147,27 +153,27 @@ function openbgpd_install_conf() {
if($used_this_item)
$conffile .= "}\n";
}
- }
-
+ }
+
// OpenBGPD filters
$conffile .= "deny from any\n";
$conffile .= "deny to any\n";
if(is_array($openbgpd_neighbors)) {
foreach($openbgpd_neighbors as $neighbor) {
$conffile .= "allow from {$neighbor['neighbor']}\n";
- $conffile .= "allow to {$neighbor['neighbor']}\n";
+ $conffile .= "allow to {$neighbor['neighbor']}\n";
}
}
}
safe_mkdir($bgpd_config_base);
$fd = fopen("{$bgpd_config_base}/bgpd.conf", "w");
-
+
// Write out the configuration file
fwrite($fd, $conffile);
-
+
// Close file handle
fclose($fd);
-
+
// Create rc.d file
$rc_file_stop = <<<EOF
killall -9 bgpd
@@ -183,7 +189,7 @@ fi
/bin/mkdir -p {$bgpd_config_base}
chmod u+rw,go-rw {$bgpd_config_base}/bgpd.conf
-/usr/sbin/chown -R {$pkg_login}:{$pkg_login} {$bgpd_config_base}
+/usr/sbin/chown -R root:wheel {$bgpd_config_base}
NUMBGPD=`ps auxw | grep -c '[b]gpd.*parent'`
if [ \${NUMBGPD} -lt 1 ] ; then
@@ -196,7 +202,7 @@ EOF;
"stop" => $rc_file_stop
)
);
-
+
// TCP-MD5 support on freebsd. See tcp(5) for more
$fd = fopen("{$g['tmp_path']}/bgpdsetkey.conf", "w");
fwrite($fd, $setkeycf );
@@ -209,7 +215,7 @@ EOF;
} else {
exec("bgpd");
}
-
+
conf_mount_ro();
}
@@ -260,19 +266,19 @@ function deinstall_openbgpd() {
function check_group_usage($groupname) {
global $config, $g;
- if($config['installedpackages']['openbgpd']['config'])
+ if($config['installedpackages']['openbgpd']['config'])
$openbgpd_conf = &$config['installedpackages']['openbgpd']['config'][0];
if($config['installedpackages']['openbgpd']['config'][0]['row'])
- $openbgpd_rows = &$config['installedpackages']['openbgpd']['config'][0]['row'];
+ $openbgpd_rows = &$config['installedpackages']['openbgpd']['config'][0]['row'];
if($config['installedpackages']['openbgpdgroups']['config'])
$openbgpd_groups = &$config['installedpackages']['openbgpdgroups']['config'];
if($config['installedpackages']['openbgpdneighbors']['config'])
$openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config'];
- if(is_array($openbgpd_groups)) {
+ if(is_array($openbgpd_groups)) {
foreach($openbgpd_groups as $group) {
foreach($openbgpd_neighbors as $neighbor) {
- if($neighbor['groupname'] == $group['name'])
+ if($neighbor['groupname'] == $group['name'])
return $neighbor['groupname'];
}
}
@@ -286,16 +292,16 @@ function bgpd_validate_input() {
if (!empty($_POST['asnum']) && !is_numeric($_POST['asnum']))
$input_errors[] = "AS must be entered as a number only.";
-
+
if (!empty($_POST['routerid']) && !is_ipaddr($_POST['routerid']))
$input_errors[] = "Router ID must be an IP address.";
-
+
if (!empty($_POST['holdtime']) && !is_numeric($_POST['holdtime']))
$input_errors[] = "Holdtime must be entered as a number.";
-
+
if (!empty($_POST['listenip']) && !is_ipaddr($_POST['listenip']))
$input_errors[] = "Listen IP must be an IP address or blank to bind to all IPs.";
-
+
}
function bgpd_validate_group() {
@@ -303,12 +309,12 @@ function bgpd_validate_group() {
if (!is_numeric($_POST['remoteas']))
$input_errors[] = "Remote AS must be entered as a number only.";
-
+
if ($_POST['name'] == "")
$input_errors[] = "You must enter a name.";
-
+
$_POST['name'] = remove_bad_chars($_POST['name']);
-
+
}
function remove_bad_chars($string) {
@@ -328,7 +334,7 @@ function grey_out_value_boxes() {
var last_two = fieldvalue.substring(length);
var without_last_two = fieldvalue.substring(0,length);
if( \$('parmvalue' + x) ) {
- if(last_two != ' X') {
+ if(last_two != ' X') {
\$('parmvalue' + x).value = '';
\$('parmvalue' + x).disabled = true;
} else {
@@ -338,21 +344,21 @@ function grey_out_value_boxes() {
}
}
var timerID = setTimeout("grey_out_value_boxes()", 1200);
-
- }
+
+ }
grey_out_value_boxes();
- </script>
+ </script>
+
-
EOF;
-
+
}
function is_openbgpd_running() {
$status = `ps auxw | grep -c '[b]gpd.*parent'`;
- if(intval($status) > 0)
+ if(intval($status) > 0)
return true;
- else
+ else
return false;
}