diff options
author | marcelloc <marcellocoutinho@gmail.com> | 2013-02-12 20:16:58 -0200 |
---|---|---|
committer | marcelloc <marcellocoutinho@gmail.com> | 2013-02-12 20:16:58 -0200 |
commit | 44150465a58c3574e76658655e5efce41f49c3ff (patch) | |
tree | 959c48fccd24f8a443a00296dc7e18402e83e2a3 /config | |
parent | 82a9e4c7eb601bc2c105691d63c6865a1789e394 (diff) | |
parent | 1ef5e1725772e4a39c9f0a193dc84ef4ae010eca (diff) | |
download | pfsense-packages-44150465a58c3574e76658655e5efce41f49c3ff.tar.gz pfsense-packages-44150465a58c3574e76658655e5efce41f49c3ff.tar.bz2 pfsense-packages-44150465a58c3574e76658655e5efce41f49c3ff.zip |
Merge branch 'master' of https://github.com/bsdperimeter/pfsense-packages
Diffstat (limited to 'config')
-rw-r--r-- | config/routed/routed.inc | 67 | ||||
-rw-r--r-- | config/routed/routed.xml | 111 | ||||
-rwxr-xr-x | config/snort/snort.inc | 2 |
3 files changed, 93 insertions, 87 deletions
diff --git a/config/routed/routed.inc b/config/routed/routed.inc index 59967e8c..f7ace8a5 100644 --- a/config/routed/routed.inc +++ b/config/routed/routed.inc @@ -32,43 +32,42 @@ function setup_routed() { global $config; $gw = ""; + if (!is_array($config['installedpackages']['routed'])) + return; + if (!is_array($config['installedpackages']['routed']['config'])) + return; if (isset($config['installedpackages']['routed']['config'][0]['enable']) && - $config['installedpackages']['routed']['config'][0]['enable'] == "on") { - /* if user selected individual interfaces */ - $ifdescrs = array ("wan", "lan"); - for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { - if(isset($config['interfaces']['opt' . $j]['enable'])) - $ifdescrs['opt' . $j] = "opt" . $j; - } - - $ifarr = explode(",", $config['installedpackages']['routed']['config'][0]['iface_array']); - if (count($ifarr) != 0) { - foreach($ifdescrs as $ifdescr => $ifname) { - if (in_array($ifname, $ifarr)) { - $gw .= setup_etc_gateways($ifname, 'enable'); - } else { - $gw .= setup_etc_gateways($ifname, 'disable'); + $config['installedpackages']['routed']['config'][0]['enable'] == "on") { + /* if user selected individual interfaces */ + $ifarr = array_flip(explode(",", $config['installedpackages']['routed']['config'][0]['iface_array'])); + $allifs = get_interface_arr(); + if (!empty($ifarr)) { + foreach($allifs as $ifname) { + $friendly_ifname = convert_real_interface_to_friendly_interface_name($ifname); + if (array_key_exists($friendly_ifname, $ifarr)) + $gw .= setup_etc_gateways($ifname, 'enable'); + else + $gw .= setup_etc_gateways($ifname, 'disable'); } - } - } else { - /* setup for all interfaces */ - $gw = setup_etc_gateways(); - } - $fd = fopen("/etc/gateways", "w"); - fwrite($fd, $gw); - fclose($fd); + } else + /* setup for all interfaces */ + $gw = setup_etc_gateways(); + conf_mount_rw(); + file_put_contents("/etc/gateways", $gw); + conf_mount_ro(); restart_routed(); - } else { + } else stop_routed(); - } } function setup_etc_gateways($iface="", $mode="") { global $config; + $ret = ""; if ($iface != "") { - $realif=convert_friendly_interface_to_real_interface_name(strtoupper($iface)); - $ret = "if={$realif} "; + $realif=convert_friendly_interface_to_real_interface_name($iface); + if (!empty($realif)) + $ret = "if={$realif} "; } switch($mode) { @@ -79,10 +78,18 @@ function setup_etc_gateways($iface="", $mode="") { if ($passwd != "") { $ret .= "passwd={$passwd} "; } + $add_no_ag = $config['installedpackages']['routed']['config'][0]['enable_no_ag']; + $add_no_super_ag = $config['installedpackages']['routed']['config'][0]['enable_no_super_ag']; + if($add_no_ag == "on") { + $ret .= "no_ag "; + } + if($add_no_super_ag == "on") { + $ret .= "no_super_ag "; + } } break; case "disable": - $ret .= "no_rip "; + $ret .= "no_rip_out no_solicit no_rdisc no_rdisc_adv"; break; default: @@ -95,11 +102,11 @@ function setup_etc_gateways($iface="", $mode="") { } function start_routed() { - mwexec("/sbin/routed"); + mwexec_bg("/sbin/routed"); } function stop_routed() { - mwexec("killall routed"); + killbyname("routed"); } function restart_routed() { diff --git a/config/routed/routed.xml b/config/routed/routed.xml index d7767a5b..b722a28d 100644 --- a/config/routed/routed.xml +++ b/config/routed/routed.xml @@ -1,55 +1,44 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ -/* $Id$ */ -/* ========================================================================== */ -/* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + <copyright> + /* $Id$ */ + /* + part of pfSense (http://www.pfsense.org/) - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Copyright (C) 2006 Bill Marquette - bill.marquette@gmail.com. + All rights reserved. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ + </copyright> <name>routed</name> <version>1.1</version> <title>Services: RIP</title> - <aftersaveredirect>pkg_edit.php?xml=routed.xml&id=0</aftersaveredirect> - <include_file>routed.inc</include_file> + <include_file>/usr/local/pkg/routed.inc</include_file> + + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/routed/routed.inc</item> + </additional_files_needed> + <!-- Menu is where this packages menu will appear --> <menu> <name>RIP</name> @@ -61,15 +50,12 @@ <tab> <text>ROUTED Settings</text> <url>/pkg_edit.php?xml=routed.xml</url> - <active/> + <active/> </tab> </tabs> <!-- configpath gets expanded out automatically and config items will be stored in that location --> <configpath>['installedpackages']['routed']['config']</configpath> - <additional_files_needed> - <item>http://www.pfsense.org/packages/config/routed/routed.inc</item> - </additional_files_needed> <!-- fields gets invoked when the user adds or edits a item. the following items will be parsed and rendered for the user as a gui with input, and selectboxes. --> <fields> @@ -78,29 +64,29 @@ <fieldname>enable</fieldname> <description>Enables the Routing Information Protocol daemon</description> <type>checkbox</type> - <enablefields>iface_array,ripversion,passwd</enablefields> + <enablefields>iface_array[],ripversion,passwd,enable_no_ag,enable_no_super_ag</enablefields> </field> <field> <fielddescr>Interfaces</fielddescr> <fieldname>iface_array</fieldname> - <description>Select the interfaces that RIP will bind to. You can use the CTRL or COMMAND key to select multiple interfaces.</description> - <type>interfaces_selection</type> - <size>3</size> - <required /> <value>lan</value> <multiple>true</multiple> + <size>3</size> + <type>interfaces_selection</type> + <description>Select the interfaces that RIP will bind to. You can use the CTRL or COMMAND key to select multiple interfaces.</description> + <required /> </field> <field> <fielddescr>RIP Version</fielddescr> <fieldname>ripversion</fieldname> <type>select</type> - <required /> <default_value>2</default_value> <options> <option><name>RIP Version 1</name><value>1</value></option> <option><name>RIP Version 2</name><value>2</value></option> </options> <typehint>Select which RIP version the daemon will listen/advertise using.</typehint> + <required /> </field> <field> <fielddescr>RIPv2 password</fielddescr> @@ -110,14 +96,27 @@ </description> <type>input</type> </field> + <field> + <fielddescr>no_ag</fielddescr> + <fieldname>enable_no_ag</fieldname> + <description>turns off aggregation of subnets in RIPv1 and RIPv2 responses.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>no_super_ag</fielddescr> + <fieldname>enable_no_super_ag</fieldname> + <description>turns off aggregation of networks into supernets in RIPv2 responses.</description> + <type>checkbox</type> + </field> </fields> - <custom_php_command_before_form> - </custom_php_command_before_form> + <aftersaveredirect>pkg_edit.php?xml=routed.xml&id=0</aftersaveredirect> + <custom_php_command_before_form> + </custom_php_command_before_form> <custom_delete_php_command> </custom_delete_php_command> <custom_php_resync_config_command> conf_mount_rw(); - setup_routed(); + setup_routed(); conf_mount_ro(); </custom_php_resync_config_command> <custom_php_install_command> diff --git a/config/snort/snort.inc b/config/snort/snort.inc index e6c20a50..c36fc873 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -149,7 +149,7 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false) { $snortip = get_interface_ipv6($snortcfg['interface']); if (is_ipaddrv6($snortip)) { if ($whitelist === false) { - $sn = get_interface_subnetv6($int); + $sn = get_interface_subnetv6($snortcfg['interface']); $home_net .= "{$snortip}/{$sn} "; } else $home_net .= "{$snortip} "; |