diff options
28 files changed, 1395 insertions, 67 deletions
diff --git a/config/asterisk/asterisk.inc b/config/asterisk/asterisk.inc new file mode 100644 index 00000000..c4630114 --- /dev/null +++ b/config/asterisk/asterisk.inc @@ -0,0 +1,93 @@ +<?php
+/* ========================================================================== */
+/*
+ asterisk.inc
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
+
+function asterisk_install() {
+ sync_package_asterisk();
+}
+
+function asterisk_deinstall() {
+ $script='/usr/local/etc/rc.d/asterisk';
+ if (file_exists($script)){
+ mwexec("$script stop");
+ chmod ($script,0444);
+ }
+}
+
+function sync_package_asterisk() {
+ global $config, $g;
+
+ #mount filesystem writeable
+ conf_mount_rw();
+
+ #fix asterisk options for nanobsd
+ if ($g['platform'] == "nanobsd"){
+ $script='/usr/local/etc/asterisk/logger.conf';
+ if (file_exists($script)){
+ $script_file=file_get_contents($script);
+ $pattern[0]='/messages =/';
+ $replace[0]='/tmp/log_asterisk =';
+ $script_file=preg_replace($pattern,$replace,$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
+ $script='/usr/local/etc/asterisk/asterisk.conf';
+ if (file_exists($script)){
+ $script_file=file_get_contents($script);
+ $pattern[0]='@astdbdir => [a-z,A-Z,/]@';
+ $replace[0]='astdbdir => /tmp';
+ $pattern[1]='@astspooldir => [a-z,A-Z,/]@';
+ $replace[1]='astspooldir => /tmp';
+ $script_file=preg_replace($pattern,$replace,$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
+ }
+
+ $script='/usr/local/etc/rc.d/asterisk';
+ if (file_exists($script)){
+ $script_file=file_get_contents($script);
+ if (preg_match('/NO/',$script_file)){
+ $script_file=preg_replace("/NO/","YES",$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+ chmod ($script,0755);
+ mwexec("$script stop");
+ mwexec_bg("$script start");
+ }
+ #mount filesystem readonly
+ conf_mount_ro();
+
+}
+
+?>
diff --git a/config/asterisk/asterisk.xml b/config/asterisk/asterisk.xml new file mode 100644 index 00000000..94bc96d4 --- /dev/null +++ b/config/asterisk/asterisk.xml @@ -0,0 +1,103 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + asterisk.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Asterisk status pacakge</description> + <requirements>Asterisk 1.8.x</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>asterisk</name> + <version>0.1</version> + <title>asterisk</title> + <include_file>/usr/local/pkg/asterisk.inc</include_file> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_calls.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_edit_file.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_log.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/asterisk/asterisk_cmd.php</item> + </additional_files_needed> + <menu> + <name>asterisk</name> + <tooltiptext>Asterisk</tooltiptext> + <section>status</section> + <configfile>asterisk_cmd.php</configfile> + </menu> + <service> + <name>asterisk</name> + <rcfile>asterisk</rcfile> + <executable>asterisk</executable> + <description><![CDATA[Asterisk VoIP telephony]]></description> + </service> + <tabs> + </tabs> + <fields> + </fields> + <custom_php_install_command> + asterisk_install(); + </custom_php_install_command> + <custom_php_deinstall_command> + asterisk_deinstall(); + </custom_php_deinstall_command> + <custom_php_command_before_form> + </custom_php_command_before_form> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_delete_php_command> + </custom_delete_php_command> + <custom_php_resync_config_command> + sync_package_asterisk(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/asterisk/asterisk_calls.php b/config/asterisk/asterisk_calls.php new file mode 100644 index 00000000..77131d8d --- /dev/null +++ b/config/asterisk/asterisk_calls.php @@ -0,0 +1,167 @@ +<?php +/* $Id$ */ +/* + status_asterisk_calls.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk Calls page +##|*DESCR=Allow access to the 'Status: Asterisk Calls' page. +##|*MATCH=status_asterisk_calls.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk Calls")); +include("head.inc"); + +/* Path to call log database */ +$callog = "/var/log/asterisk/cdr-csv/Master.csv"; + +/* Data input processing */ +$cmd = $_GET['cmd']; +//$cmd = str_replace("+", " ", $cmd); + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +if (file_exists($callog)) + switch ($cmd){ + case "trim": + $trimres=shell_exec("tail -50 '$callog' > /tmp/trimmed.csv; rm '$callog'; mv /tmp/trimmed.csv '$callog'; chmod 666 '$callog'"); + break; + + case "clear": + $trimres=shell_exec("rm '$callog'; touch '$callog'; chmod 666 '$callog'"); + break; + + case "download": + // session_cache_limiter('none'); //*Use before session_start() + // session_start(); + + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.basename($callog)); + header('Content-Transfer-Encoding: binary'); + header('Expires: 0'); + header('Cache-Control: must-revalidate'); + header('Pragma: public'); + header('Content-Length: ' . filesize($callog)); + ob_clean(); + flush(); + readfile($callog); + exit; + break; + } +?> + + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), true, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <?php + //$trimres=shell_exec("tail -50 '$callog' > /tmp/trimmed.csv; rm '$callog'; mv /tmp/trimmed.csv '$callog'"); + //print $trimres . "Last 50 calls: <br>"; + if (file_exists($callog)) + $file_handle = fopen($callog, "r"); + ?> + <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="6" class="listtopic">Last 50 Asterisk calls</td> + </tr> + <tr> + <td nowrap class="listhdrr"><?=gettext("From");?></td> + <td nowrap class="listhdrr"><?=gettext("To");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Start");?></td> + <td nowrap class="listhdrr"><?=gettext("End");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Duration");?></a></td> + <td nowrap class="listhdrr"><?=gettext("Status");?></td> + </tr> + <?php + $out = ''; + if (file_exists($callog)){ + while (!feof($file_handle) ) { + $lin = fgetcsv($file_handle, 102400); + if ($lin[12] != "") { + $out = "<tr>" . $out; + $out = "<td class='listlr'>" . str_replace('"', '', $lin[4]) . "</td><td class='listlr'>" . $lin[2] . "</td><td class='listlr'>" . $lin[9] . "</td><td class='listlr'>" . $lin[11] . "</td><td class='listlr'>" . gmdate("G:i:s", $lin[12]) . "</td><td class='listlr'>" . $lin[14] . "</td>" . $out; + $out = "</tr>" . $out; + } + } + fclose($file_handle); + } + echo $out; + echo "<tr><td colspan='6'><a href='$pfile?cmd=download'><input type='button' name='command' value='Download' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>"; + ?> + </table> + </div> + </td> + </tr> + </table> + +<p/> + +<span class="vexpl"> + <span class="red"> + <strong><?=gettext("Notes:");?><br /></strong> + </span> + <?=gettext("Listed in reverse order (latest on top).");?> <br> + <?=gettext("Duration includes ringing time.");?> <br> + <?=gettext("Trim keeps the last 50 entries.");?> +</span> + + +<?php include("fend.inc"); ?> +</body> diff --git a/config/asterisk/asterisk_cmd.php b/config/asterisk/asterisk_cmd.php new file mode 100644 index 00000000..504c3cd1 --- /dev/null +++ b/config/asterisk/asterisk_cmd.php @@ -0,0 +1,120 @@ +<?php +/* $Id$ */ +/* + status_asterisk.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk page +##|*DESCR=Allow access to the 'Status: Asterisk' page. +##|*MATCH=status_asterisk.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk")); +include("head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php include("fbegin.inc"); ?> + +<?php +/* Data input processing */ +$cmd = $_GET['cmd']; +$cmd = str_replace("+", " ", $cmd); + +if ($cmd == "") { + $cmd = "core show settings"; +} + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), true, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td class="listtopic"> + <?php + /* Print command buttons */ + echo "<a href='$pfile?cmd=sip+show+registry'><input type='button' name='command' value='SIP Registry' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+peers'><input type='button' name='command' value='SIP Peers' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+channels'><input type='button' name='command' value='SIP Channels' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+channels'><input type='button' name='command' value='Channels' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+codecs+audio'><input type='button' name='command' value='Codecs' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+translation+recalc+10'><input type='button' name='command' value='Translation' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+show+settings'><input type='button' name='command' value='SIP Settings' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=sip+reload'><input type='button' name='command' value='!Reload SIP' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+reload'><input type='button' name='command' value='!Reload Core' class='formbtns'></a>"; + echo "<a href='$pfile?cmd=core+show+uptime'><input type='button' name='command' value='Uptime' class='formbtns'></a>"; + ?> + </td> + </tr> + <tr valign="top"> + <td class="listlr" nowrap> + <?php + /* Run commands and print results */ + $asterisk_command=shell_exec("asterisk -rx '$cmd'"); + echo "<pre style='font-size:11px; background:white'>"; + echo $asterisk_command; + echo "</pre>"; + ?> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> +<?php include("fend.inc"); ?>
\ No newline at end of file diff --git a/config/asterisk/asterisk_edit_file.php b/config/asterisk/asterisk_edit_file.php new file mode 100644 index 00000000..50d00279 --- /dev/null +++ b/config/asterisk/asterisk_edit_file.php @@ -0,0 +1,246 @@ +<?php +/* + edit.php + Copyright (C) 2004, 2005 Scott Ullrich + Copyright (C) 2012 robreg@zsurob.hu + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: shell +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk config editor page +##|*DESCR=Allow access to the 'Status: Asterisk configuration files' page. +##|*MATCH=status_asterisk_edit.php* +##|-PRIV + +$pgtitle = array(gettext("Status"),gettext("Asterisk configuration files")); +require("guiconfig.inc"); + +if($_REQUEST['action']) { + switch($_REQUEST['action']) { + case 'load': + if(strlen($_REQUEST['file']) < 1) { + echo "|5|" . gettext("No file name specified") . ".|"; + } elseif(is_dir($_REQUEST['file'])) { + echo "|4|" . gettext("Loading a directory is not supported") . ".|"; + } elseif(! is_file($_REQUEST['file'])) { + echo "|3|" . gettext("File does not exist or is not a regular file") . ".|"; + } else { + $data = file_get_contents(urldecode($_REQUEST['file'])); + if($data === false) { + echo "|1|" . gettext("Failed to read file") . ".|"; + } else { + echo "|0|{$_REQUEST['file']}|{$data}|"; + } + } + exit; + case 'save': + if(strlen($_REQUEST['file']) < 1) { + echo "|" . gettext("No file name specified") . ".|"; + } else { + conf_mount_rw(); + $_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data'])); + $ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']); + conf_mount_ro(); + if($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") { + if(file_exists("/tmp/config.cache")) + unlink("/tmp/config.cache"); + disable_security_checks(); + } + if($ret === false) { + echo "|" . gettext("Failed to write file") . ".|"; + } elseif($ret <> strlen($_REQUEST['data'])) { + echo "|" . gettext("Error while writing file") . ".|"; + } else { + echo "|" . gettext("File successfully saved") . ".|"; + } + } + exit; + } + exit; +} + +require("head.inc"); +outputJavaScriptFileInline("filebrowser/browser.js"); +outputJavaScriptFileInline("javascript/base64.js"); + +?> + +<body link="#000000" vlink="#000000" alink="#000000"> +<?php include("fbegin.inc"); ?> + +<script type="text/javascript"> + function loadFile() { + $("fileStatus").innerHTML = "<?=gettext("Loading file"); ?> ..."; + Effect.Appear("fileStatusBox", { duration: 0.5 }); + + new Ajax.Request( + "<?=$_SERVER['SCRIPT_NAME'];?>", { + method: "post", + postBody: "action=load&file=" + $("fbTarget").value, + onComplete: loadComplete + } + ); + } + + function loadComplete(req) { + Element.show("fileContent") + var values = req.responseText.split("|"); + values.shift(); values.pop(); + + if(values.shift() == "0") { + var file = values.shift(); + $("fileStatus").innerHTML = "<?=gettext("File successfully loaded"); ?>."; + $("fileContent").value = values.join("|"); + + var lang = "none"; + if(file.indexOf(".php") > 0) lang = "php"; + else if(file.indexOf(".inc") > 0) lang = "php"; + else if(file.indexOf(".xml") > 0) lang = "xml"; + else if(file.indexOf(".js" ) > 0) lang = "js"; + else if(file.indexOf(".css") > 0) lang = "css"; + + } + else { + $("fileStatus").innerHTML = values[0]; + $("fileContent").value = ""; + } + new Effect.Appear("fileContent"); + } + + function saveFile(file) { + $("fileStatus").innerHTML = "<?=gettext("Saving file"); ?> ..."; + Effect.Appear("fileStatusBox", { duration: 0.5 }); + + var fileContent = Base64.encode($("fileContent").value); + fileContent = fileContent.replace(/\+/g,"%2B"); + + new Ajax.Request( + "<?=$_SERVER['SCRIPT_NAME'];?>", { + method: "post", + postBody: "action=save&file=" + $("fbTarget").value + + "&data=" + fileContent, + onComplete: function(req) { + var values = req.responseText.split("|"); + $("fileStatus").innerHTML = values[1]; + } + } + ); + } +</script> + + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), true, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + + <!-- file status box --> + <div style="display:none; background:#eeeeee;" id="fileStatusBox"> + <div class="vexpl" style="padding-left:15px;"> + <strong id="fileStatus"></strong> + </div> + </div> + + + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="tabcont" align="center"> + + <!-- controls --> + <table width="100%" cellpadding="9" cellspacing="9"> + <tr> + <td align="center" class="list"> + <?=gettext("Save / Load from path"); ?>: + <input type="text" class="formfld file" id="fbTarget" value="<?=gettext('/usr/local/etc/asterisk');?>" size="45" /> + <input type="button" class="formbtn" id="fbOpen" value="<?=gettext('Browse');?>" /> + <!-- <input type="button" class="formbtn" onclick="loadFile();" value="<?=gettext('Load');?>" /> --> + <input type="button" class="formbtn" onclick="saveFile();" value="<?=gettext('Save');?>" /> + <br /> + </td> + </tr> + </table> + + <!-- filebrowser --> + <div id="fbBrowser" style="display:none; border:1px dashed gray; width:98%;"></div> + + <!-- file viewer/editor --> + <table width="100%"> + <tr> + <td valign="top" class="label"> + <div style="background:#eeeeee;" id="fileOutput"> + <textarea id="fileContent" name="fileContent" style="width:100%;" rows="30" wrap="off"></textarea> + </div> + </td> + </tr> + </table> + + </td> + </tr> + </table> + + <script type="text/javascript"> + Event.observe( + window, "load", + function() { + $("fbTarget").focus(); + + NiftyCheck(); + Rounded("div#fileStatusBox", "all", "#ffffff", "#eeeeee", "smooth"); + } + ); + + <?php if($_GET['action'] == "load"): ?> + Event.observe( + window, "load", + function() { + $("fbTarget").value = "<?=$_GET['path'];?>"; + loadFile(); + } + ); + <?php endif; ?> + </script> + + </div> + </td> + </tr> + </table> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/asterisk/asterisk_log.php b/config/asterisk/asterisk_log.php new file mode 100644 index 00000000..7d1328ed --- /dev/null +++ b/config/asterisk/asterisk_log.php @@ -0,0 +1,130 @@ +<?php +/* $Id$ */ +/* + status_asterisk_log.php + part of pfSense + Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>. + Copyright (C) 2012 robreg@zsurob.hu + Copyright (C) 2012 Marcello Coutinho + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_MODULE: asterisk +*/ + +##|+PRIV +##|*IDENT=page-status-asterisk +##|*NAME=Status: Asterisk Calls page +##|*DESCR=Allow access to the 'Status: Asterisk Log' page. +##|*MATCH=status_asterisk_log.php* +##|-PRIV + +require_once("guiconfig.inc"); + +$pgtitle = array(gettext("Status"),gettext("Asterisk Log")); +include("head.inc"); + +/* Path to Asterisk log file */ +if ($g['platform'] == "nanobsd") + $log = "/tmp/log_asterisk"; +else + $log = "/var/log/asterisk/messages"; + +?> + +<?php +/* Data input processing */ +$cmd = $_GET['cmd']; +//$cmd = str_replace("+", " ", $cmd); + +$file = $_SERVER["SCRIPT_NAME"]; +$break = Explode('/', $file); +$pfile = $break[count($break) - 1]; + +if ($cmd == "trim") { + $trimres=shell_exec("tail -50 '$log' > /tmp/trimmed.csv; rm '$log'; mv /tmp/trimmed.csv '$log'; chmod 666 '$log'"); +} + +if ($cmd == "clear") { + $trimres=shell_exec("rm '$log'; touch '$log'; chmod 666 '$log'"); +} + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <?php + $tab_array = array(); + $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php"); + $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php"); + $tab_array[2] = array(gettext("Log"), true, "asterisk_log.php"); + $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php"); + display_top_tabs($tab_array); + ?> + </td> + </tr> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" class="listtopic">Last 50 Asterisk log entries</td> + </tr> + + <tr valign="top"><td class="listlr" nowrap> + + <?php + $showlog_command=shell_exec("tail -50 '$log'"); + echo nl2br($showlog_command); + ?> + </td></tr> + <?php + echo "<tr><td colspan='6'><a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>"; + echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>"; + ?> + </table> + </div> + </td> + </tr> + </table> + +<p/> + +<span class="vexpl"> + <span class="red"> + <strong><?=gettext("Note:");?><br /></strong> + </span> + <?=gettext("Trim keeps the last 50 lines of the log.");?> +</span> + +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/config/dansguardian/dansguardian.conf.template b/config/dansguardian/dansguardian.conf.template index 5bee053e..27099332 100755 --- a/config/dansguardian/dansguardian.conf.template +++ b/config/dansguardian/dansguardian.conf.template @@ -680,7 +680,7 @@ softrestart = {$softrestart} #SSL certificate checking path #Path to CA certificates used to validate the certificates of https sites. -sslcertificatepath = '/etc/ssl/certs/' +sslcertificatepath = '/usr/local/share/certs/' #SSL man in the middle #CA certificate path diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index 6c6d6e93..a568b69e 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -215,27 +215,30 @@ function sync_package_dansguardian() { $load_samples=0; #ssl men-in-the-middle feature - $dirs=array($dansguardian_dir."/ssl",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); + $dirs=array("/var/log/dansguardian/stats","/etc/ssl/demoCA","/etc/ssl/demoCA/private","/etc/ssl/demoCA/crl","/etc/ssl/demoCA/certs",$dansguardian_dir."/ssl/generatedcerts",$dansguardian_dir."/ssl/generatedlinks"); foreach ($dirs as $dir) if (!is_dir($dir)) - mkdir ($dir,0700,true); - $ca_cert = lookup_ca($dansguardian_config["ca"][0]); + mkdir ($dir,0755,true); + $ca_cert = lookup_ca($dansguardian_config["dca"]); if ($ca_cert != false) { if(base64_decode($ca_cert['prv'])) { - file_put_contents($dansguardian_dir. "/ssl/ssl_ca_key.pem",base64_decode($ca_cert['prv'])); - $ca_pk = "caprivatekeypath = ".$dansguardian_dir . "/ssl/ssl_ca_key.pem"; + file_put_contents("/etc/ssl/demoCA/private/cakey.pem",base64_decode($ca_cert['prv'])); + $ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'"; } if(base64_decode($ca_cert['crt'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_ca_cert.pem",base64_decode($ca_cert['crt'])); - $ca_pem = "cacertificatepath = ".$dansguardian_dir . "/ssl/ssl_ca_cert.pem"; - $generatedcertpath= "generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; - $generatedlinkpath= "generatedlinkpath = ".$dansguardian_dir . "/ssl/generatedlinks"; + file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt'])); + exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt'])); + $ca_pem = "cacertificatepath = '/etc/ssl/demoCA/cacert.pem'"; + $generatedcertpath= "generatedcertpath = '/etc/ssl/demoCA/certs/'"; + #generatedcertpath = ".$dansguardian_dir . "/ssl/generatedcerts"; + $generatedlinkpath= "generatedlinkpath = '".$dansguardian_dir . "/ssl/generatedlinks'"; } - $svr_cert = lookup_cert($dansguardian_config["cert"][0]); + $svr_cert = lookup_cert($dansguardian_config["dcert"]); if ($svr_cert != false) { if(base64_decode($svr_cert['prv'])) { - file_put_contents($dansguardian_dir . "/ssl/ssl_server_key.pem",base64_decode($svr_cert['prv'])."\n".base64_decode($svr_cert['crt'])); - $cert_key = "certprivatekeypath = ".$dansguardian_dir . '/ssl/ssl_server_key.pem'; + file_put_contents("/etc/ssl/demoCA/private/serverkey.pem",base64_decode($svr_cert['prv'])); + $cert_key = "certprivatekeypath = '/etc/ssl/demoCA/private/serverkey.pem' "; } } } @@ -796,7 +799,7 @@ EOF; $cron_found=0; if (is_array($config['cron']['item'])) foreach($config['cron']['item'] as $cron) - if (!preg_match("/usr.local.(bin.freshclam|www.dansguardian.php)/",$cron["command"])){ + if (!preg_match("/usr.local.(bin.freshclam|www.dansguardian)/",$cron["command"])){ $cron_found++; $new_cron['item'][]=$cron; } @@ -875,7 +878,32 @@ EOF; break; } - + $cron_cmd="/usr/local/bin/php /usr/local/www/dansguardian_ldap.php"; + if (is_array($config['installedpackages']['dansguardiangroups']['config'])) + foreach ($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){ + if(preg_match('/(\d+)m/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "*/".$matches[1], + "hour" => "*", + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + if(preg_match('/(\d+)h/',$dansguardian_groups['freq'],$matches)){ + $new_cron['item'][]=array( "minute" => "0", + "hour" => "*/".$matches[1], + "mday" => "*", + "month" => "*", + "wday" => "*", + "who" => "root", + "command"=> $cron_cmd." ".$dansguardian_groups['name']); + $config['cron']=$new_cron; + $cron_found++; + } + } #write files conf_mount_rw(); @@ -997,7 +1025,10 @@ function dansguardian_validate_input($post, &$input_errors) { $input_errors[] = "{$value} cannot be used as name."; else if ($key == "name" && preg_match("/\W/",$value)) $input_errors[] = "{$value} cannot be used as name. Use only a-z 0-9 characters"; - + else if (empty($value)) + continue; + else if($key == "freq" && (!preg_match("/^\d+(h|m|d)$/",$value) || $value == 0)) + $input_errors[] = "A valid number with a time reference is required for the field 'Update Frequency'"; } } @@ -1045,6 +1076,8 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { $xml['dansguardian'] = $config['installedpackages']['dansguardian']; $xml['dansguardianantivirusacl'] = $config['installedpackages']['dansguardianantivirusacl']; $xml['dansguardianconfig'] = $config['installedpackages']['dansguardianconfig']; + $xml['dansguardianblacklist'] = $config['installedpackages']['dansguardianblacklist']; + $xml['dansguardianldap'] = $config['installedpackages']['dansguardianldap']; $xml['dansguardiancontentacl'] = $config['installedpackages']['dansguardiancontentacl']; $xml['dansguardianfileacl'] = $config['installedpackages']['dansguardianfileacl']; $xml['dansguardiangroups'] = $config['installedpackages']['dansguardiangroups']; diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml index 41f2a447..1188796c 100644 --- a/config/dansguardian/dansguardian.xml +++ b/config/dansguardian/dansguardian.xml @@ -69,6 +69,16 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.php</item> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> + <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_ldap.xml</item> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + </additional_files_needed> + <additional_files_needed> <item>http://www.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> @@ -201,6 +211,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_about.php b/config/dansguardian/dansguardian_about.php index f9c9e260..49359472 100755 --- a/config/dansguardian/dansguardian_about.php +++ b/config/dansguardian/dansguardian_about.php @@ -57,6 +57,7 @@ include("head.inc"); $tab_array[] = array(gettext("Limits"), false, "/pkg_edit.php?xml=dansguardian_limits.xml&id=0"); $tab_array[] = array(gettext("Blacklist"), false, "/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0"); $tab_array[] = array(gettext("Access Lists"), false, "/pkg_edit.php?xml=dansguardian_antivirus.xml&id=0"); + $tab_array[] = array(gettext("LDAP"), false, "/pkg.php?xml=dansguardian_ldap.xml&id=0"); $tab_array[] = array(gettext("Groups"), false, "/pkg.php?xml=dansguardian_groups.xml&id=0"); $tab_array[] = array(gettext("Users"), false, "/pkg.php?xml=dansguardian_users.xml&id=0"); $tab_array[] = array(gettext("IPs"), false, "/pkg.php?xml=dansguardian_ips.xml&id=0"); diff --git a/config/dansguardian/dansguardian_blacklist.xml b/config/dansguardian/dansguardian_blacklist.xml index a8895342..d95558e6 100644 --- a/config/dansguardian/dansguardian_blacklist.xml +++ b/config/dansguardian/dansguardian_blacklist.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_config.xml b/config/dansguardian/dansguardian_config.xml index 11a34434..6016d80f 100644 --- a/config/dansguardian/dansguardian_config.xml +++ b/config/dansguardian/dansguardian_config.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> @@ -198,7 +202,7 @@ </field> <field> <fielddescr>CA</fielddescr> - <fieldname>ca</fieldname> + <fieldname>dca</fieldname> <description><![CDATA[Select Certificate Authority to use when SSL filtering is enabled on Group options<br> To create a CA on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> @@ -208,7 +212,7 @@ </field> <field> <fielddescr>Cert</fielddescr> - <fieldname>cert</fieldname> + <fieldname>dcert</fieldname> <description><![CDATA[Select Certificate pair to use when SSL filtering is enabled on Group options<br> To create a Certificate on pfsense, go to <strong>system -> Cert Manager<strong>]]></description> <type>select_source</type> diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml index 4849126d..baa9b44a 100755 --- a/config/dansguardian/dansguardian_groups.xml +++ b/config/dansguardian/dansguardian_groups.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> <active/> @@ -148,7 +152,6 @@ <multiple/> <size>10</size> </field> - <field> <fielddescr>Pics</fielddescr> <fieldname>picsacl</fieldname> @@ -328,6 +331,32 @@ <type>input</type> <size>10</size> </field> + <field> + <name>LDAP</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>LDAP</fielddescr> + <fieldname>ldap</fieldname> + <description><![CDATA[Select Active directory servers to extract users from<br> + The group must has the same name in dansguardian and on active directory<br> + <strong>This is not aplicable for default group</strong>]]></description> + <type>select_source</type> + <size>05</size> + <multiple/> + <source><![CDATA[$config['installedpackages']['dansguardianldap']['config']]]></source> + <source_name>dc</source_name> + <source_value>dc</source_value> + </field> + <field> + <fielddescr>Update frequency</fielddescr> + <fieldname>freq</fieldname> + <description><![CDATA[How often extract users from active directory and verify changes<br> + Valid options are minutes(m), hours(h)<br> + Sample: To update every two minute, use 2m]]></description> + <type>input</type> + <size>05</size> + </field> </fields> <custom_php_install_command> dansguardian_php_install_command(); diff --git a/config/dansguardian/dansguardian_ips_header.xml b/config/dansguardian/dansguardian_ips_header.xml index 2029fabf..33e50332 100644 --- a/config/dansguardian/dansguardian_ips_header.xml +++ b/config/dansguardian/dansguardian_ips_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php new file mode 100644 index 00000000..90ab1b99 --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.php @@ -0,0 +1,149 @@ +#!/usr/local/bin/php -f
+<?php
+
+// based on http://samjlevy.com/2011/02/using-php-and-ldap-to-list-of-members-of-an-active-directory-group/
+// pfsense integration by marcelloc and ccesario
+/* $Id$ */
+/* ========================================================================== */
+/*
+ dansguardian_ldap.php
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2012 Marcello Coutinho
+
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
+require_once("/etc/inc/util.inc");
+require_once("/etc/inc/functions.inc");
+require_once("/etc/inc/pkg-utils.inc");
+require_once("/etc/inc/globals.inc");
+
+function explode_dn($dn, $with_attributes=0)
+{
+ $result = ldap_explode_dn($dn, $with_attributes);
+ if (is_array($result))
+ foreach($result as $key => $value) {
+ $result[$key] = $value;
+ }
+ return $result;
+}
+
+function get_ldap_members($group,$user,$password) {
+ global $ldap_host;
+ global $ldap_dn;
+ $LDAPFieldsToFind = array("member");
+ $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP");
+
+ // OPTIONS TO AD
+ ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION,3);
+ ldap_set_option($ldap, LDAP_OPT_REFERRALS,0);
+
+ ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP");
+
+ $results = ldap_search($ldap,$ldap_dn,"cn=" . $group,$LDAPFieldsToFind);
+
+ $member_list = ldap_get_entries($ldap, $results);
+ $group_member_details = array();
+ if (is_array($member_list[0]))
+ foreach($member_list[0] as $list)
+ if (is_array($list))
+ foreach($list as $member) {
+ $member_dn = explode_dn($member);
+ $member_cn = str_replace("CN=","",$member_dn[0]);
+ $member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")");
+ $member_details = ldap_get_entries($ldap, $member_search);
+ $group_member_details[] = array($member_details[0]['samaccountname'][0],
+ $member_details[0]['displayname'][0]);
+ }
+ ldap_close($ldap);
+ array_shift($group_member_details);
+ return $group_member_details;
+ ldap_unbind($ldap);
+}
+
+// Read Pfsense config
+global $config,$g;
+
+#mount filesystem writable
+conf_mount_rw();
+
+$id=0;
+$apply_config=0;
+if (is_array($config['installedpackages']['dansguardiangroups']['config']))
+ foreach($config['installedpackages']['dansguardiangroups']['config'] as $group) {
+ #ignore default group
+ if ($id > 0)
+ if ($argv[1] == "" || $argv[1] == $group['name']){
+ $members="";
+ $ldap_servers= explode (',',$group['ldap']);
+ echo "Group : " . $group['name']."\n";
+ if (is_array($config['installedpackages']['dansguardianldap']['config']))
+ foreach ($config['installedpackages']['dansguardianldap']['config'] as $server){
+ if (in_array($server['dc'],$ldap_servers)){
+ $ldap_dn = $server['dn'];
+ $ldap_host=$server['dc'];
+ $mask=(empty($server['mask'])?"USER":$server['mask']);
+ $result = get_ldap_members($group['name'],$server['username'].','.$server['dn'],$server['password']);
+ foreach($result as $key => $value) {
+ if (preg_match ("/\w+/",$value[0])){
+ #var_dump($value);
+ $name= preg_replace('/[^(\x20-\x7F)]*/','', $value[1]);
+ $pattern[0]="/USER/";
+ $pattern[1]="/,/";
+ $pattern[2]="/NAME/";
+ $replace[0]=$value[0];
+ $replace[1]="\n";
+ $replace[2]="$name";
+ $members .= preg_replace($pattern,$replace,$mask)."\n";
+ }
+ }
+ }
+ }
+ if (!empty($members)){
+ $import_users = explode("\n", $members);
+ asort($import_users);
+ $members=base64_encode(implode("\n", $import_users));
+ if($config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] != $members){
+ $config['installedpackages']['dansguardianusers']['config'][0][strtolower($group['name'])] = $members;
+ $apply_config++;
+ }
+ }
+ }
+ $id++;
+ }
+if ($apply_config > 0){
+ print "user list from LDAP is different from current group, applying new configuration...";
+ write_config();
+ include("/usr/local/pkg/dansguardian.inc");
+ sync_package_dansguardian();
+ print "done\n";
+}
+
+#mount filesystem read-only
+conf_mount_ro();
+
+?>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_ldap.xml b/config/dansguardian/dansguardian_ldap.xml new file mode 100755 index 00000000..3411f483 --- /dev/null +++ b/config/dansguardian/dansguardian_ldap.xml @@ -0,0 +1,171 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* ========================================================================== */ +/* + dansguardian_ldap.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2012 Marcello Coutinho + + All rights reserved. +*/ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>dansguardianldap</name> + <version>1.0</version> + <title>Services: Dansguardian</title> + <include_file>/usr/local/pkg/dansguardian.inc</include_file> + <tabs> + <tab> + <text>Daemon</text> + <url>/pkg_edit.php?xml=dansguardian.xml&id=0</url> + </tab> + <tab> + <text>General</text> + <url>/pkg_edit.php?xml=dansguardian_config.xml&id=0</url> + </tab> + <tab> + <text>Limits</text> + <url>/pkg_edit.php?xml=dansguardian_limits.xml&id=0</url> + </tab> + <tab> + <text>Blacklist</text> + <url>/pkg_edit.php?xml=dansguardian_blacklist.xml&id=0</url> + </tab> + <tab> + <text>Access Lists</text> + <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> + </tab> + <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + <active/> + </tab> + <tab> + <text>Groups</text> + <url>/pkg.php?xml=dansguardian_groups.xml</url> + </tab> + <tab> + <text>Users</text> + <url>/pkg_edit.php?xml=dansguardian_users.xml</url> + </tab> + <tab> + <text>IPs</text> + <url>/pkg_edit.php?xml=dansguardian_ips.xml</url> + </tab> + <tab> + <text>Report and log</text> + <url>/pkg_edit.php?xml=dansguardian_log.xml&id=0</url> + </tab> + <tab> + <text>XMLRPC Sync</text> + <url>/pkg_edit.php?xml=dansguardian_sync.xml&id=0</url> + </tab> + <tab> + <text>Help</text> + <url>/dansguardian_about.php</url> + </tab> +</tabs> +<adddeleteeditpagefields> + <columnitem> + <fielddescr>hostname</fielddescr> + <fieldname>dc</fieldname> + </columnitem> + <columnitem> + <fielddescr>domain</fielddescr> + <fieldname>dn</fieldname> + </columnitem> + + <columnitem> + <fielddescr>username</fielddescr> + <fieldname>username</fieldname> + </columnitem> + </adddeleteeditpagefields> + <fields> + <field> + <name>Ldap configuration</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Hostname</fielddescr> + <description><![CDATA[LDAP hostname example:<strong>dc1.mysite.com</strong>]]></description> + <fieldname>dc</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Domain</fielddescr> + <description><![CDATA[LDAP Domain example:<strong> dc=mysite,dc=com</strong>]]></description> + <fieldname>dn</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Username</fielddescr> + <description><![CDATA[Username Example:<strong>cn=antispam,cn=Users</strong>]]></description> + <fieldname>username</fieldname> + <type>input</type> + <size>25</size> + </field> + <field> + <fielddescr>Password</fielddescr> + <description><![CDATA[User password]]></description> + <fieldname>password</fieldname> + <type>password</type> + <size>10</size> + </field> + <field> + <fielddescr>mask</fielddescr> + <description><![CDATA[Default: USER<br>Apply prefix or sufix any info to username extracted.<br> + use "," if you need more than one mask for each user<br> + <strong>domain\USER #NAME,USER@MYDOMAIN.COM</strong><br> + NAME shows user name<br> + USER shows user login<br>]]></description> + <fieldname>mask</fieldname> + <type>input</type> + <size>50</size> + </field> + </fields> + <custom_php_install_command> + dansguardian_php_install_command(); + </custom_php_install_command> + <custom_php_deinstall_command> + dansguardian_php_deinstall_command(); + </custom_php_deinstall_command> + <custom_php_validation_command> + dansguardian_validate_input($_POST, &$input_errors); + </custom_php_validation_command> + <custom_php_resync_config_command> + sync_package_dansguardian(); + </custom_php_resync_config_command> +</packagegui>
\ No newline at end of file diff --git a/config/dansguardian/dansguardian_limits.xml b/config/dansguardian/dansguardian_limits.xml index eef24d52..4974bc7d 100644 --- a/config/dansguardian/dansguardian_limits.xml +++ b/config/dansguardian/dansguardian_limits.xml @@ -69,6 +69,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_log.xml b/config/dansguardian/dansguardian_log.xml index 3a0f241e..a3448d44 100644 --- a/config/dansguardian/dansguardian_log.xml +++ b/config/dansguardian/dansguardian_log.xml @@ -68,6 +68,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_sync.xml b/config/dansguardian/dansguardian_sync.xml index c041f398..f91eae6a 100755 --- a/config/dansguardian/dansguardian_sync.xml +++ b/config/dansguardian/dansguardian_sync.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardian_users_header.xml b/config/dansguardian/dansguardian_users_header.xml index 70edb5fe..1f15a610 100644 --- a/config/dansguardian/dansguardian_users_header.xml +++ b/config/dansguardian/dansguardian_users_header.xml @@ -67,6 +67,10 @@ <url>/pkg_edit.php?xml=dansguardian_antivirus_acl.xml&id=0</url> </tab> <tab> + <text>LDAP</text> + <url>/pkg.php?xml=dansguardian_ldap.xml</url> + </tab> + <tab> <text>Groups</text> <url>/pkg.php?xml=dansguardian_groups.xml</url> </tab> diff --git a/config/dansguardian/dansguardianfx.conf.template b/config/dansguardian/dansguardianfx.conf.template index d420871f..ccc24f19 100644 --- a/config/dansguardian/dansguardianfx.conf.template +++ b/config/dansguardian/dansguardianfx.conf.template @@ -376,7 +376,7 @@ sslcertcheck = {$dansguardian_groups['sslcertcheck']} # Forge ssl certificates for all sites, decrypt the data then re encrypt it # using a different private key. Used to filter ssl sites sslmitm = {$dansguardian_groups['sslmitm']} -mitmkey = '{$dansguardian_groups['mitmkey']}' +#mitmkey = '{$dansguardian_groups['mitmkey']}' EOF; diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 57d73b57..3358e07f 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -368,28 +368,29 @@ function sync_package_pfblocker() { } } #update pfsense alias table - if (is_array($config['aliases']['alias'])) + if (is_array($config['aliases']['alias'])){ $aliases=$config['aliases']['alias']; - foreach($aliases as $cbalias){ - if (preg_match("/pfBlocker/",$cbalias['name'])){ - #mark pfctl aliastable for cleaning - if (!in_array($cbalias['name'], $aliases_list)) + foreach($aliases as $cbalias){ + if (preg_match("/pfBlocker/",$cbalias['name'])){ + #mark pfctl aliastable for cleaning + if (!in_array($cbalias['name'], $aliases_list)) $aliases_list[]=$cbalias['name']; #mark aliastable for cleaning - #remove previous aliastable file if alias is not defined any more - if (!in_array($cbalias['name'], $new_aliases_list)) - unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); - } - else{ - $new_aliases[]= $cbalias; - if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ - preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + #remove previous aliastable file if alias is not defined any more + if (!in_array($cbalias['name'], $new_aliases_list)) + unlink_if_exists("/var/db/aliastables/".$cbalias['name'].".txt"); + } + else{ + $new_aliases[]= $cbalias; + if (file_exists($pfb_alias_dir.'/'.$alias.'.txt') && $message ==""){ + preg_match("/(\d+)/",exec("/usr/bin/wc -l ".$pfb_alias_dir.'/'.$alias.'.txt'),$matches); + } + if (($matches[1] * 2.1)>= $table_limit ) + #alias table too large + $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } - if (($matches[1] * 2.1)>= $table_limit ) - #alias table too large - $message= $alias .' alias table is too large. Reduce networks in list or increase "Firewall Maximum Table Entries" value to at least '. (int)($matches[1] * 2.1) .' in "system - advanced - Firewall/NAT".'; } } - #apply new alias table to xml +#apply new alias table to xml if ($message == "") $config['aliases']['alias']=$new_aliases; #exit; diff --git a/config/pf-blocker/pfblocker.php b/config/pf-blocker/pfblocker.php index cf0df89f..af489b81 100644 --- a/config/pf-blocker/pfblocker.php +++ b/config/pf-blocker/pfblocker.php @@ -23,6 +23,7 @@ if ($argv[1]=='cron'){ require_once("/etc/inc/pkg-utils.inc"); require_once("/etc/inc/globals.inc"); require_once("/etc/inc/filter.inc"); + require_once("/etc/inc/config.inc"); $hour=date('H'); $pfbdir='/usr/local/pkg/pfblocker'; $updates=0; diff --git a/config/squid-reverse/squid.inc b/config/squid-reverse/squid.inc index 151f710c..0358ce7c 100644 --- a/config/squid-reverse/squid.inc +++ b/config/squid-reverse/squid.inc @@ -1063,7 +1063,7 @@ function squid_resync_reverse() { foreach ($defs as $def) { $cfg = explode(";",($def)); if (($cfg[0]) != '' && ($cfg[1]) != '' && ($cfg[2]) != ''){ - $conf .= "cache_peer {$cfg[1]} parent {$cfg[2]} 0 proxy-only no-query originserver "; + $conf .= "cache_peer {$cfg[1]} parent {$cfg[2]} 0 proxy-only no-query login=PASS originserver "; if($cfg[3] == 'HTTPS') $conf .= "login=PASS ssl sslflags=DONT_VERIFY_PEER front-end-https=auto "; $conf .= "name={$cfg[0]}\n"; diff --git a/config/squid-reverse/swapstate_check.php b/config/squid-reverse/swapstate_check.php index ab5b11d8..d70c2dd4 100644 --- a/config/squid-reverse/swapstate_check.php +++ b/config/squid-reverse/swapstate_check.php @@ -30,19 +30,23 @@ require_once('config.inc'); require_once('util.inc'); $settings = $config['installedpackages']['squidcache']['config'][0]; -$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); -$swapstate = $cachedir . '/swap.state'; -$disktotal = disk_total_space(dirname($cachedir)); -$diskfree = disk_free_space(dirname($cachedir)); -$diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); -$swapstate_size = filesize($swapstate); -$swapstate_pct = round(($swapstate_size / $disktotal) * 100); +// Only check the cache if Squid is actually caching. +// If there is no cache then quietly do nothing. +if ($settings['harddisk_cache_system'] != "null"){ + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $swapstate = $cachedir . '/swap.state'; + $disktotal = disk_total_space(dirname($cachedir)); + $diskfree = disk_free_space(dirname($cachedir)); + $diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); + $swapstate_size = filesize($swapstate); + $swapstate_pct = round(($swapstate_size / $disktotal) * 100); -// If the swap.state file is taking up more than 75% disk space, -// or the drive is 90% full and swap.state is larger than 1GB, -// kill it and initiate a rotate to write a fresh copy. -if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { - mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); - log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + // If the swap.state file is taking up more than 75% disk space, + // or the drive is 90% full and swap.state is larger than 1GB, + // kill it and initiate a rotate to write a fresh copy. + if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + } } ?>
\ No newline at end of file diff --git a/config/squid/swapstate_check.php b/config/squid/swapstate_check.php index ab5b11d8..d70c2dd4 100644 --- a/config/squid/swapstate_check.php +++ b/config/squid/swapstate_check.php @@ -30,19 +30,23 @@ require_once('config.inc'); require_once('util.inc'); $settings = $config['installedpackages']['squidcache']['config'][0]; -$cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); -$swapstate = $cachedir . '/swap.state'; -$disktotal = disk_total_space(dirname($cachedir)); -$diskfree = disk_free_space(dirname($cachedir)); -$diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); -$swapstate_size = filesize($swapstate); -$swapstate_pct = round(($swapstate_size / $disktotal) * 100); +// Only check the cache if Squid is actually caching. +// If there is no cache then quietly do nothing. +if ($settings['harddisk_cache_system'] != "null"){ + $cachedir =($settings['harddisk_cache_location'] ? $settings['harddisk_cache_location'] : '/var/squid/cache'); + $swapstate = $cachedir . '/swap.state'; + $disktotal = disk_total_space(dirname($cachedir)); + $diskfree = disk_free_space(dirname($cachedir)); + $diskusedpct = round((($disktotal - $diskfree) / $disktotal) * 100); + $swapstate_size = filesize($swapstate); + $swapstate_pct = round(($swapstate_size / $disktotal) * 100); -// If the swap.state file is taking up more than 75% disk space, -// or the drive is 90% full and swap.state is larger than 1GB, -// kill it and initiate a rotate to write a fresh copy. -if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { - mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); - log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + // If the swap.state file is taking up more than 75% disk space, + // or the drive is 90% full and swap.state is larger than 1GB, + // kill it and initiate a rotate to write a fresh copy. + if (($swapstate_pct > 75) || (($diskusedpct > 90) && ($swapstate_size > 1024*1024*1024))) { + mwexec_bg("/bin/rm $swapstate; /usr/local/sbin/squid -k rotate"); + log_error(gettext(sprintf("Squid swap.state file exceeded size limits. Removing and rotating. File was %d bytes, %d%% of total disk space.", $swapstate_size, $swapstate_pct))); + } } ?>
\ No newline at end of file diff --git a/pkg_config.8.xml b/pkg_config.8.xml index cd48e1c5..9e76292b 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -6,6 +6,23 @@ <copy_packages_to_folder_ssh>/usr/local/www/files/packages/8/All/</copy_packages_to_folder_ssh> <packages> <package> + <name>Asterisk</name> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br>Asterisk turns an ordinary computer into a communications server.]]></descr> + <website>http://www.asterisk.org/</website> + <category>Services</category> + <version>1.8.8.1 pkg v 0.1</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> + <depends_on_package>asterisk18-1.8.8.1.tbz</depends_on_package> + <depends_on_package>openldap-sasl-client-2.4.26.tbz</depends_on_package> + <maintainer>marcellocoutinho@gmail.com robreg@zsurob.hu</maintainer> + <configurationfile>asterisk.xml</configurationfile> + <after_install_info>Please visit the Asterisk tab on status menu.</after_install_info> + </package> + <package> <name>Filer</name> <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> @@ -432,7 +449,7 @@ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package> <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package> - <version>2.12.0.0 pkg v.0.1.4_1</version> + <version>2.12.0.0 pkg v.0.1.5</version> <status>beta</status> <required_version>2.0</required_version> <configurationfile>dansguardian.xml</configurationfile> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index d6770740..117cc86b 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -6,6 +6,23 @@ <copy_packages_to_folder_ssh>/usr/local/www/files/packages/amd64/8/All/</copy_packages_to_folder_ssh> <packages> <package> + <name>Asterisk</name> + <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br>Asterisk turns an ordinary computer into a communications server.]]></descr> + <website>http://www.asterisk.org/</website> + <category>Services</category> + <version>1.8.8.1 pkg v 0.1</version> + <status>Beta</status> + <required_version>2.0</required_version> + <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>asterisk18-1.8.8.1.tbz</depends_on_package> + <depends_on_package>openldap-sasl-client-2.4.26.tbz</depends_on_package> + <maintainer>marcellocoutinho@gmail.com robreg@zsurob.hu</maintainer> + <configurationfile>asterisk.xml</configurationfile> + <after_install_info>Please visit the Asterisk tab on status menu.</after_install_info> + </package> + <package> <name>Filer</name> <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> @@ -214,7 +231,7 @@ <build_port_path>/usr/ports/net/haproxy</build_port_path> </package> <package> - <name>haproxy-legacy</name> + <name>haproxy-full</name> <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer package<br> This package implements both TCP and HTTP balance features from Haproxy.]]></descr> @@ -538,7 +555,7 @@ <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.0.tbz</depends_on_package> <depends_on_package>clamav-0.97.3_1.tbz</depends_on_package> - <version>2.12.0.0 pkg v.0.1.4_1</version> + <version>2.12.0.0 pkg v.0.1.5</version> <status>beta</status> <required_version>2.0</required_version> <configurationfile>dansguardian.xml</configurationfile> |