aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/siproxd/siproxd.inc69
-rw-r--r--config/siproxd/siproxd.priv.inc42
-rw-r--r--config/siproxd/siproxd.xml81
-rw-r--r--config/siproxd/siproxd_registered_phones.php2
-rw-r--r--config/siproxd/siproxdusers.xml11
-rw-r--r--pkg_config.10.xml2
-rw-r--r--pkg_config.8.xml4
-rw-r--r--pkg_config.8.xml.amd644
8 files changed, 145 insertions, 70 deletions
diff --git a/config/siproxd/siproxd.inc b/config/siproxd/siproxd.inc
index 50b6e558..9eae2567 100644
--- a/config/siproxd/siproxd.inc
+++ b/config/siproxd/siproxd.inc
@@ -31,6 +31,7 @@
if (!function_exists("filter_configure")) {
require_once("filter.inc");
}
+require_once("pfsense-utils.inc");
require_once("service-utils.inc");
// Check to find out on which pfSense version the package is running
@@ -42,6 +43,18 @@ if ($pfs_version == "2.1" || $pfs_version == "2.2") {
define('SIPROXD', '/usr/local');
}
+function install_package_siproxd() {
+ siproxd_create_chroot();
+ /* remove rc script distributed with the package */
+ unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd');
+}
+
+function deinstall_package_siproxd() {
+ rmdir_recursive("/var/siproxd");
+ unlink_if_exists(SIPROXD . '/etc/siproxd.conf');
+ unlink_if_exists(SIPROXD . '/etc/siproxd_passwd.cfg');
+}
+
function sync_package_siproxd_users() {
global $g, $config;
conf_mount_rw();
@@ -64,23 +77,28 @@ function sync_package_siproxd_users() {
function siproxd_generate_rules($type) {
global $config;
- $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ if (is_array($config['installedpackages']['siproxdsettings'])) {
+ $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ } else {
+ $siproxd_conf = array();
+ }
+
if (!is_service_running('siproxd')) {
- log_error("Siproxd is installed but not started. Not installing redirect rules.");
+ log_error("[siproxd] Package is installed but not started. Not installing firewall rules.");
return;
}
/* proxy is turned off in package settings */
- if ($siproxd_conf['sipenable'] == "0") {
- log_error("WARNING: siproxd proxy has not been enabled. Not installing rules.");
+ if ($siproxd_conf['sipenable'] != "on") {
+ log_error("[siproxd] WARNING: siproxd proxy has not been enabled. Not installing firewall rules.");
return "\n";
}
$ifaces = explode(",", $siproxd_conf['if_inbound']);
$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
- $rtplower = ($siproxd_conf['rtplower'] ? $siproxd_conf['rtplower'] : 7070);
- $rtpupper = ($siproxd_conf['rtpupper'] ? $siproxd_conf['rtpupper'] : 7079);
- $port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060);
+ $rtplower = $siproxd_conf['rtplower'] ?: '7070';
+ $rtpupper = $siproxd_conf['rtpupper'] ?: '7079';
+ $port = $siproxd_conf['port'] ?: '5060';
switch($type) {
case 'nat':
@@ -108,18 +126,24 @@ function siproxd_generate_rules($type) {
return $rules;
}
-function sync_package_siproxd() {
- global $config, $pfs_version;
-
- conf_mount_rw();
-
+function siproxd_create_chroot() {
$siproxd_chroot = "/var/siproxd/";
safe_mkdir($siproxd_chroot);
@chown($siproxd_chroot, "nobody");
@chgrp($siproxd_chroot, "nobody");
- unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd');
+}
+
+function sync_package_siproxd() {
+ global $config, $pfs_version;
+
+ conf_mount_rw();
+ siproxd_create_chroot();
- $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ if (is_array($config['installedpackages']['siproxdsettings'])) {
+ $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ } else {
+ $siproxd_conf = array();
+ }
$siproxd_conffile = SIPROXD . '/etc/siproxd.conf';
$siproxd_pwfile = SIPROXD . '/etc/siproxd_passwd.cfg';
@@ -136,9 +160,14 @@ function sync_package_siproxd() {
fwrite($fout, "# This file was automatically generated by the pfSense\n");
fwrite($fout, "# package management system.\n\n");
- /* proxy is turned off in package settings */
- if ($siproxd_conf['sipenable'] == "0") {
+ /* if proxy is turned off in package settings, stop service, remove rc script and do nothing else */
+ if ($siproxd_conf['sipenable'] != "on") {
fclose($fout);
+ if (is_service_running('siproxd')) {
+ stop_service("siproxd");
+ sleep(3);
+ }
+ unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd.sh');
return;
}
@@ -147,11 +176,7 @@ function sync_package_siproxd() {
}
if ($siproxd_conf['if_outbound'] != "") {
- if (intval($config['version']) < 6 && $config['interfaces'][$siproxd_conf['if_outbound']]['ipaddr'] == "pppoe") {
- fwrite($fout, "if_outbound = ng0\n");
- } else {
- fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n");
- }
+ fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n");
}
if ($siproxd_conf['port'] != "") {
@@ -286,7 +311,7 @@ function sync_package_siproxd() {
sleep(3);
}
/* Only (re)start the service when siproxd is enabled */
- if ($siproxd_conf['sipenable'] != "0") {
+ if ($siproxd_conf['sipenable'] == "on") {
start_service("siproxd");
sleep(3);
}
diff --git a/config/siproxd/siproxd.priv.inc b/config/siproxd/siproxd.priv.inc
new file mode 100644
index 00000000..9980a353
--- /dev/null
+++ b/config/siproxd/siproxd.priv.inc
@@ -0,0 +1,42 @@
+<?php
+/*
+ siproxd.priv.inc
+ part of pfSense (http://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+global $priv_list;
+
+$priv_list['page-services-siproxd'] = array();
+$priv_list['page-services-siproxd']['name'] = "WebCfg - Services: siproxd package";
+$priv_list['page-services-siproxd']['descr'] = "Allow access to siproxd package GUI";
+
+$priv_list['page-services-siproxd']['match'] = array();
+$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxd.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxdusers.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxd.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxdusers.xml*";
+$priv_list['page-services-siproxd']['match'][] = "siproxd_registered_phones.php*";
+
+?>
diff --git a/config/siproxd/siproxd.xml b/config/siproxd/siproxd.xml
index e4375d8e..b0866eb1 100644
--- a/config/siproxd/siproxd.xml
+++ b/config/siproxd/siproxd.xml
@@ -43,25 +43,25 @@
]]>
</copyright>
<name>siproxdsettings</name>
- <version>1.0.6</version>
+ <version>1.0.7</version>
<title>siproxd: Settings</title>
<include_file>/usr/local/pkg/siproxd.inc</include_file>
- <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml&amp;id=0</aftersaveredirect>
+ <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml</aftersaveredirect>
<menu>
<name>siproxd</name>
- <tooltiptext>Modify siproxd users and settings.</tooltiptext>
<section>Services</section>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
</menu>
<service>
<name>siproxd</name>
<rcfile>siproxd.sh</rcfile>
<executable>siproxd</executable>
+ <description>Proxy/Masquerading Daemon for SIP</description>
</service>
<tabs>
<tab>
<text>Settings</text>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
<active/>
</tab>
<tab>
@@ -82,6 +82,10 @@
<item>https://packages.pfsense.org/packages/config/siproxd/siproxd.inc</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/etc/inc/priv/</prefix>
+ <item>https://packages.pfsense.org/packages/config/siproxd/siproxd.priv.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/www/</prefix>
<item>https://packages.pfsense.org/packages/config/siproxd/siproxd_registered_phones.php</item>
</additional_files_needed>
@@ -89,23 +93,23 @@
<field>
<fielddescr>Enable siproxd</fielddescr>
<fieldname>sipenable</fieldname>
- <description>Enable or disable siproxd</description>
+ <description>Enable or disable siproxd.</description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Inbound interface</fielddescr>
+ <fielddescr>Inbound Interface</fielddescr>
<fieldname>if_inbound</fieldname>
<description>Select the inbound interface.</description>
<type>interfaces_selection</type>
</field>
<field>
- <fielddescr>Outbound interface</fielddescr>
+ <fielddescr>Outbound Interface</fielddescr>
<fieldname>if_outbound</fieldname>
<description>Select the outbound interface.</description>
<type>interfaces_selection</type>
</field>
<field>
- <fielddescr>Listening port</fielddescr>
+ <fielddescr>Listening Port</fielddescr>
<fieldname>port</fieldname>
<description>
<![CDATA[
@@ -114,11 +118,12 @@
]]>
</description>
<type>input</type>
+ <default_value>5060</default_value>
</field>
<field>
- <fielddescr>Default expiration timeout</fielddescr>
+ <fielddescr>Default Expiration Timeout</fielddescr>
<fieldname>defaulttimeout</fieldname>
- <description>If a REGISTER request dose not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description>
+ <description>If a REGISTER request does not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description>
<type>input</type>
</field>
<field>
@@ -126,38 +131,36 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Enable RTP proxy</fielddescr>
+ <fielddescr>Enable RTP Proxy</fielddescr>
<fieldname>rtpenable</fieldname>
- <description>Enable or disable the RTP proxy. (default is enabled)</description>
+ <description>Enable or disable the RTP proxy. (Default: enabled)</description>
<type>select</type>
<options>
- <option>
- <name>Enable</name>
- <value>1</value>
- </option>
- <option>
- <name>Disable</name>
- <value>0</value>
- </option>
+ <option><name>Enable</name><value>1</value></option>
+ <option><name>Disable</name><value>0</value></option>
</options>
+ <default_value>1</default_value>
</field>
<field>
- <fielddescr>RTP port range (lower)</fielddescr>
+ <fielddescr>RTP Port Range (Lower)</fielddescr>
<fieldname>rtplower</fieldname>
- <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7070).</description>
+ <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7070)</description>
<type>input</type>
+ <default_value>7070</default_value>
</field>
<field>
- <fielddescr>RTP port range (upper)</fielddescr>
+ <fielddescr>RTP Port Range (Upper)</fielddescr>
<fieldname>rtpupper</fieldname>
- <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7079).</description>
+ <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7079)</description>
<type>input</type>
+ <default_value>7079</default_value>
</field>
<field>
- <fielddescr>RTP stream timeout</fielddescr>
+ <fielddescr>RTP Stream Timeout</fielddescr>
<fieldname>rtptimeout</fieldname>
- <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped (default 300sec).</description>
+ <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped. (Default: 300sec)</description>
<type>input</type>
+ <default_value>300</default_value>
</field>
<field>
<name>Dejittering Settings</name>
@@ -180,7 +183,7 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>TCP inactivity timeout</fielddescr>
+ <fielddescr>TCP Inactivity Timeout</fielddescr>
<fieldname>tcp_timeout</fieldname>
<description>
<![CDATA[
@@ -195,8 +198,8 @@
<fieldname>tcp_connect_timeout</fieldname>
<description>
<![CDATA[
- Defines How many msecs siproxd will wait for an successful connect when establishing an outgoing SIP signalling connection.<br />
- This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - while waiting for a connect to succeed no SIP messages are processed (RTP is not affected).
+ Defines How many msecs siproxd will wait for a successful connect when establishing an outgoing SIP signalling connection.<br />
+ This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - no SIP messages are processed while waiting for a connect to succeed (RTP is not affected).
]]>
</description>
<type>input</type>
@@ -212,19 +215,19 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Enable proxy authentication</fielddescr>
+ <fielddescr>Enable Proxy Authentication</fielddescr>
<fieldname>authentication</fieldname>
- <description>If this is checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description>
+ <description>If checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Outbound proxy hostname</fielddescr>
+ <fielddescr>Outbound Proxy Hostname</fielddescr>
<fieldname>outboundproxyhost</fieldname>
<description>Enter the hostname of an outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description>
<type>input</type>
</field>
<field>
- <fielddescr>Outbound proxy port</fielddescr>
+ <fielddescr>Outbound Proxy Port</fielddescr>
<fieldname>outboundproxyport</fieldname>
<description>Enter the port of the outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description>
<type>input</type>
@@ -266,7 +269,7 @@
<type>checkbox</type>
</field>
<field>
- <fielddescr>Log redirected calls</fielddescr>
+ <fielddescr>Log Redirected Calls</fielddescr>
<fieldname>plugin_defaulttarget_log</fieldname>
<description>Log redirected calls.</description>
<type>checkbox</type>
@@ -371,6 +374,12 @@
<type>input</type>
</field>
</fields>
+ <custom_php_install_command>
+ install_package_siproxd();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ deinstall_package_siproxd();
+ </custom_php_deinstall_command>
<custom_add_php_command>
sync_package_siproxd();
</custom_add_php_command>
@@ -378,7 +387,7 @@
sync_package_siproxd();
</custom_php_resync_config_command>
<filter_rules_needed>
- siproxd_generate_rules();
+ siproxd_generate_rules
</filter_rules_needed>
<custom_php_validation_command>
validate_form_siproxd($_POST, $input_errors);
diff --git a/config/siproxd/siproxd_registered_phones.php b/config/siproxd/siproxd_registered_phones.php
index 51eb474a..0648aa2f 100644
--- a/config/siproxd/siproxd_registered_phones.php
+++ b/config/siproxd/siproxd_registered_phones.php
@@ -82,7 +82,7 @@ require("head.inc");
<tr><td>
<?php
$tab_array = array();
- $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml&amp;id=0");
+ $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml");
$tab_array[] = array(gettext("Users"), false, "pkg.php?xml=siproxdusers.xml");
$tab_array[] = array(gettext("Registered Phones"), true, "siproxd_registered_phones.php");
display_top_tabs($tab_array);
diff --git a/config/siproxd/siproxdusers.xml b/config/siproxd/siproxdusers.xml
index 6dd53efe..390c4f35 100644
--- a/config/siproxd/siproxdusers.xml
+++ b/config/siproxd/siproxdusers.xml
@@ -43,13 +43,13 @@
]]>
</copyright>
<name>siproxdusers</name>
- <version>1.0.6</version>
+ <version>1.0.7</version>
<title>siproxd: Users</title>
<include_file>/usr/local/pkg/siproxd.inc</include_file>
<tabs>
<tab>
<text>Settings</text>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
</tab>
<tab>
<text>Users</text>
@@ -61,7 +61,6 @@
<url>/siproxd_registered_phones.php</url>
</tab>
</tabs>
- <configpath>installedpackages->package->$packagename->configuration->settings</configpath>
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Username</fielddescr>
@@ -76,19 +75,19 @@
<field>
<fielddescr>Username</fielddescr>
<fieldname>username</fieldname>
- <description>Enter the username here</description>
+ <description>Enter the username here.</description>
<type>input</type>
</field>
<field>
<fielddescr>Password</fielddescr>
<fieldname>password</fieldname>
- <description>Enter the password here</description>
+ <description>Enter the password here.</description>
<type>password</type>
</field>
<field>
<fielddescr>Username Description</fielddescr>
<fieldname>description</fieldname>
- <description>Enter the description of the user here</description>
+ <description>Enter the description of the user here.</description>
<type>input</type>
</field>
</fields>
diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index e7d92123..cb267b95 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -567,7 +567,7 @@
<build_pbi>
<port>net/siproxd</port>
</build_pbi>
- <version>1.0.6</version>
+ <version>1.0.7</version>
<status>BETA</status>
<required_version>2.2</required_version>
<configurationfile>siproxd.xml</configurationfile>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index fe97e998..2c156848 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -593,9 +593,9 @@
<depends_on_package_pbi>siproxd-0.8.0-i386.pbi</depends_on_package_pbi>
<pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink>
<build_port_path>/usr/ports/net/siproxd</build_port_path>
- <version>0.8.0_1 pkg v1.0.3</version>
+ <version>0.8.0_1 pkg v1.0.7</version>
<status>Beta</status>
- <required_version>1.2.1</required_version>
+ <required_version>2.1</required_version>
<configurationfile>siproxd.xml</configurationfile>
</package>
<package>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 6815c981..bb49b8b8 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -580,9 +580,9 @@
<depends_on_package_pbi>siproxd-0.8.0-amd64.pbi</depends_on_package_pbi>
<pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink>
<build_port_path>/usr/ports/net/siproxd</build_port_path>
- <version>0.8.0_1 pkg v1.0.3</version>
+ <version>0.8.0_1 pkg v1.0.7</version>
<status>Beta</status>
- <required_version>1.2.1</required_version>
+ <required_version>2.1</required_version>
<configurationfile>siproxd.xml</configurationfile>
</package>
<package>