diff options
-rw-r--r-- | config/siproxd/siproxd.inc | 69 | ||||
-rw-r--r-- | config/siproxd/siproxd.priv.inc | 42 | ||||
-rw-r--r-- | config/siproxd/siproxd.xml | 81 | ||||
-rw-r--r-- | config/siproxd/siproxd_registered_phones.php | 2 | ||||
-rw-r--r-- | config/siproxd/siproxdusers.xml | 11 | ||||
-rw-r--r-- | pkg_config.10.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml | 4 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 4 |
8 files changed, 145 insertions, 70 deletions
diff --git a/config/siproxd/siproxd.inc b/config/siproxd/siproxd.inc index 50b6e558..9eae2567 100644 --- a/config/siproxd/siproxd.inc +++ b/config/siproxd/siproxd.inc @@ -31,6 +31,7 @@ if (!function_exists("filter_configure")) { require_once("filter.inc"); } +require_once("pfsense-utils.inc"); require_once("service-utils.inc"); // Check to find out on which pfSense version the package is running @@ -42,6 +43,18 @@ if ($pfs_version == "2.1" || $pfs_version == "2.2") { define('SIPROXD', '/usr/local'); } +function install_package_siproxd() { + siproxd_create_chroot(); + /* remove rc script distributed with the package */ + unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd'); +} + +function deinstall_package_siproxd() { + rmdir_recursive("/var/siproxd"); + unlink_if_exists(SIPROXD . '/etc/siproxd.conf'); + unlink_if_exists(SIPROXD . '/etc/siproxd_passwd.cfg'); +} + function sync_package_siproxd_users() { global $g, $config; conf_mount_rw(); @@ -64,23 +77,28 @@ function sync_package_siproxd_users() { function siproxd_generate_rules($type) { global $config; - $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0]; + if (is_array($config['installedpackages']['siproxdsettings'])) { + $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0]; + } else { + $siproxd_conf = array(); + } + if (!is_service_running('siproxd')) { - log_error("Siproxd is installed but not started. Not installing redirect rules."); + log_error("[siproxd] Package is installed but not started. Not installing firewall rules."); return; } /* proxy is turned off in package settings */ - if ($siproxd_conf['sipenable'] == "0") { - log_error("WARNING: siproxd proxy has not been enabled. Not installing rules."); + if ($siproxd_conf['sipenable'] != "on") { + log_error("[siproxd] WARNING: siproxd proxy has not been enabled. Not installing firewall rules."); return "\n"; } $ifaces = explode(",", $siproxd_conf['if_inbound']); $ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces); - $rtplower = ($siproxd_conf['rtplower'] ? $siproxd_conf['rtplower'] : 7070); - $rtpupper = ($siproxd_conf['rtpupper'] ? $siproxd_conf['rtpupper'] : 7079); - $port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060); + $rtplower = $siproxd_conf['rtplower'] ?: '7070'; + $rtpupper = $siproxd_conf['rtpupper'] ?: '7079'; + $port = $siproxd_conf['port'] ?: '5060'; switch($type) { case 'nat': @@ -108,18 +126,24 @@ function siproxd_generate_rules($type) { return $rules; } -function sync_package_siproxd() { - global $config, $pfs_version; - - conf_mount_rw(); - +function siproxd_create_chroot() { $siproxd_chroot = "/var/siproxd/"; safe_mkdir($siproxd_chroot); @chown($siproxd_chroot, "nobody"); @chgrp($siproxd_chroot, "nobody"); - unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd'); +} + +function sync_package_siproxd() { + global $config, $pfs_version; + + conf_mount_rw(); + siproxd_create_chroot(); - $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0]; + if (is_array($config['installedpackages']['siproxdsettings'])) { + $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0]; + } else { + $siproxd_conf = array(); + } $siproxd_conffile = SIPROXD . '/etc/siproxd.conf'; $siproxd_pwfile = SIPROXD . '/etc/siproxd_passwd.cfg'; @@ -136,9 +160,14 @@ function sync_package_siproxd() { fwrite($fout, "# This file was automatically generated by the pfSense\n"); fwrite($fout, "# package management system.\n\n"); - /* proxy is turned off in package settings */ - if ($siproxd_conf['sipenable'] == "0") { + /* if proxy is turned off in package settings, stop service, remove rc script and do nothing else */ + if ($siproxd_conf['sipenable'] != "on") { fclose($fout); + if (is_service_running('siproxd')) { + stop_service("siproxd"); + sleep(3); + } + unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd.sh'); return; } @@ -147,11 +176,7 @@ function sync_package_siproxd() { } if ($siproxd_conf['if_outbound'] != "") { - if (intval($config['version']) < 6 && $config['interfaces'][$siproxd_conf['if_outbound']]['ipaddr'] == "pppoe") { - fwrite($fout, "if_outbound = ng0\n"); - } else { - fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n"); - } + fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n"); } if ($siproxd_conf['port'] != "") { @@ -286,7 +311,7 @@ function sync_package_siproxd() { sleep(3); } /* Only (re)start the service when siproxd is enabled */ - if ($siproxd_conf['sipenable'] != "0") { + if ($siproxd_conf['sipenable'] == "on") { start_service("siproxd"); sleep(3); } diff --git a/config/siproxd/siproxd.priv.inc b/config/siproxd/siproxd.priv.inc new file mode 100644 index 00000000..9980a353 --- /dev/null +++ b/config/siproxd/siproxd.priv.inc @@ -0,0 +1,42 @@ +<?php +/* + siproxd.priv.inc + part of pfSense (http://www.pfSense.org/) + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +global $priv_list; + +$priv_list['page-services-siproxd'] = array(); +$priv_list['page-services-siproxd']['name'] = "WebCfg - Services: siproxd package"; +$priv_list['page-services-siproxd']['descr'] = "Allow access to siproxd package GUI"; + +$priv_list['page-services-siproxd']['match'] = array(); +$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxd.xml*"; +$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxdusers.xml*"; +$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxd.xml*"; +$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxdusers.xml*"; +$priv_list['page-services-siproxd']['match'][] = "siproxd_registered_phones.php*"; + +?> diff --git a/config/siproxd/siproxd.xml b/config/siproxd/siproxd.xml index e4375d8e..b0866eb1 100644 --- a/config/siproxd/siproxd.xml +++ b/config/siproxd/siproxd.xml @@ -43,25 +43,25 @@ ]]> </copyright> <name>siproxdsettings</name> - <version>1.0.6</version> + <version>1.0.7</version> <title>siproxd: Settings</title> <include_file>/usr/local/pkg/siproxd.inc</include_file> - <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml&id=0</aftersaveredirect> + <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml</aftersaveredirect> <menu> <name>siproxd</name> - <tooltiptext>Modify siproxd users and settings.</tooltiptext> <section>Services</section> - <url>/pkg_edit.php?xml=siproxd.xml&id=0</url> + <url>/pkg_edit.php?xml=siproxd.xml</url> </menu> <service> <name>siproxd</name> <rcfile>siproxd.sh</rcfile> <executable>siproxd</executable> + <description>Proxy/Masquerading Daemon for SIP</description> </service> <tabs> <tab> <text>Settings</text> - <url>/pkg_edit.php?xml=siproxd.xml&id=0</url> + <url>/pkg_edit.php?xml=siproxd.xml</url> <active/> </tab> <tab> @@ -82,6 +82,10 @@ <item>https://packages.pfsense.org/packages/config/siproxd/siproxd.inc</item> </additional_files_needed> <additional_files_needed> + <prefix>/etc/inc/priv/</prefix> + <item>https://packages.pfsense.org/packages/config/siproxd/siproxd.priv.inc</item> + </additional_files_needed> + <additional_files_needed> <prefix>/usr/local/www/</prefix> <item>https://packages.pfsense.org/packages/config/siproxd/siproxd_registered_phones.php</item> </additional_files_needed> @@ -89,23 +93,23 @@ <field> <fielddescr>Enable siproxd</fielddescr> <fieldname>sipenable</fieldname> - <description>Enable or disable siproxd</description> + <description>Enable or disable siproxd.</description> <type>checkbox</type> </field> <field> - <fielddescr>Inbound interface</fielddescr> + <fielddescr>Inbound Interface</fielddescr> <fieldname>if_inbound</fieldname> <description>Select the inbound interface.</description> <type>interfaces_selection</type> </field> <field> - <fielddescr>Outbound interface</fielddescr> + <fielddescr>Outbound Interface</fielddescr> <fieldname>if_outbound</fieldname> <description>Select the outbound interface.</description> <type>interfaces_selection</type> </field> <field> - <fielddescr>Listening port</fielddescr> + <fielddescr>Listening Port</fielddescr> <fieldname>port</fieldname> <description> <![CDATA[ @@ -114,11 +118,12 @@ ]]> </description> <type>input</type> + <default_value>5060</default_value> </field> <field> - <fielddescr>Default expiration timeout</fielddescr> + <fielddescr>Default Expiration Timeout</fielddescr> <fieldname>defaulttimeout</fieldname> - <description>If a REGISTER request dose not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description> + <description>If a REGISTER request does not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description> <type>input</type> </field> <field> @@ -126,38 +131,36 @@ <type>listtopic</type> </field> <field> - <fielddescr>Enable RTP proxy</fielddescr> + <fielddescr>Enable RTP Proxy</fielddescr> <fieldname>rtpenable</fieldname> - <description>Enable or disable the RTP proxy. (default is enabled)</description> + <description>Enable or disable the RTP proxy. (Default: enabled)</description> <type>select</type> <options> - <option> - <name>Enable</name> - <value>1</value> - </option> - <option> - <name>Disable</name> - <value>0</value> - </option> + <option><name>Enable</name><value>1</value></option> + <option><name>Disable</name><value>0</value></option> </options> + <default_value>1</default_value> </field> <field> - <fielddescr>RTP port range (lower)</fielddescr> + <fielddescr>RTP Port Range (Lower)</fielddescr> <fieldname>rtplower</fieldname> - <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7070).</description> + <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7070)</description> <type>input</type> + <default_value>7070</default_value> </field> <field> - <fielddescr>RTP port range (upper)</fielddescr> + <fielddescr>RTP Port Range (Upper)</fielddescr> <fieldname>rtpupper</fieldname> - <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7079).</description> + <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7079)</description> <type>input</type> + <default_value>7079</default_value> </field> <field> - <fielddescr>RTP stream timeout</fielddescr> + <fielddescr>RTP Stream Timeout</fielddescr> <fieldname>rtptimeout</fieldname> - <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped (default 300sec).</description> + <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped. (Default: 300sec)</description> <type>input</type> + <default_value>300</default_value> </field> <field> <name>Dejittering Settings</name> @@ -180,7 +183,7 @@ <type>listtopic</type> </field> <field> - <fielddescr>TCP inactivity timeout</fielddescr> + <fielddescr>TCP Inactivity Timeout</fielddescr> <fieldname>tcp_timeout</fieldname> <description> <![CDATA[ @@ -195,8 +198,8 @@ <fieldname>tcp_connect_timeout</fieldname> <description> <![CDATA[ - Defines How many msecs siproxd will wait for an successful connect when establishing an outgoing SIP signalling connection.<br /> - This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - while waiting for a connect to succeed no SIP messages are processed (RTP is not affected). + Defines How many msecs siproxd will wait for a successful connect when establishing an outgoing SIP signalling connection.<br /> + This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - no SIP messages are processed while waiting for a connect to succeed (RTP is not affected). ]]> </description> <type>input</type> @@ -212,19 +215,19 @@ <type>listtopic</type> </field> <field> - <fielddescr>Enable proxy authentication</fielddescr> + <fielddescr>Enable Proxy Authentication</fielddescr> <fieldname>authentication</fieldname> - <description>If this is checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description> + <description>If checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description> <type>checkbox</type> </field> <field> - <fielddescr>Outbound proxy hostname</fielddescr> + <fielddescr>Outbound Proxy Hostname</fielddescr> <fieldname>outboundproxyhost</fieldname> <description>Enter the hostname of an outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description> <type>input</type> </field> <field> - <fielddescr>Outbound proxy port</fielddescr> + <fielddescr>Outbound Proxy Port</fielddescr> <fieldname>outboundproxyport</fieldname> <description>Enter the port of the outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description> <type>input</type> @@ -266,7 +269,7 @@ <type>checkbox</type> </field> <field> - <fielddescr>Log redirected calls</fielddescr> + <fielddescr>Log Redirected Calls</fielddescr> <fieldname>plugin_defaulttarget_log</fieldname> <description>Log redirected calls.</description> <type>checkbox</type> @@ -371,6 +374,12 @@ <type>input</type> </field> </fields> + <custom_php_install_command> + install_package_siproxd(); + </custom_php_install_command> + <custom_php_deinstall_command> + deinstall_package_siproxd(); + </custom_php_deinstall_command> <custom_add_php_command> sync_package_siproxd(); </custom_add_php_command> @@ -378,7 +387,7 @@ sync_package_siproxd(); </custom_php_resync_config_command> <filter_rules_needed> - siproxd_generate_rules(); + siproxd_generate_rules </filter_rules_needed> <custom_php_validation_command> validate_form_siproxd($_POST, $input_errors); diff --git a/config/siproxd/siproxd_registered_phones.php b/config/siproxd/siproxd_registered_phones.php index 51eb474a..0648aa2f 100644 --- a/config/siproxd/siproxd_registered_phones.php +++ b/config/siproxd/siproxd_registered_phones.php @@ -82,7 +82,7 @@ require("head.inc"); <tr><td> <?php $tab_array = array(); - $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml&id=0"); + $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml"); $tab_array[] = array(gettext("Users"), false, "pkg.php?xml=siproxdusers.xml"); $tab_array[] = array(gettext("Registered Phones"), true, "siproxd_registered_phones.php"); display_top_tabs($tab_array); diff --git a/config/siproxd/siproxdusers.xml b/config/siproxd/siproxdusers.xml index 6dd53efe..390c4f35 100644 --- a/config/siproxd/siproxdusers.xml +++ b/config/siproxd/siproxdusers.xml @@ -43,13 +43,13 @@ ]]> </copyright> <name>siproxdusers</name> - <version>1.0.6</version> + <version>1.0.7</version> <title>siproxd: Users</title> <include_file>/usr/local/pkg/siproxd.inc</include_file> <tabs> <tab> <text>Settings</text> - <url>/pkg_edit.php?xml=siproxd.xml&id=0</url> + <url>/pkg_edit.php?xml=siproxd.xml</url> </tab> <tab> <text>Users</text> @@ -61,7 +61,6 @@ <url>/siproxd_registered_phones.php</url> </tab> </tabs> - <configpath>installedpackages->package->$packagename->configuration->settings</configpath> <adddeleteeditpagefields> <columnitem> <fielddescr>Username</fielddescr> @@ -76,19 +75,19 @@ <field> <fielddescr>Username</fielddescr> <fieldname>username</fieldname> - <description>Enter the username here</description> + <description>Enter the username here.</description> <type>input</type> </field> <field> <fielddescr>Password</fielddescr> <fieldname>password</fieldname> - <description>Enter the password here</description> + <description>Enter the password here.</description> <type>password</type> </field> <field> <fielddescr>Username Description</fielddescr> <fieldname>description</fieldname> - <description>Enter the description of the user here</description> + <description>Enter the description of the user here.</description> <type>input</type> </field> </fields> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index e7d92123..cb267b95 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -567,7 +567,7 @@ <build_pbi> <port>net/siproxd</port> </build_pbi> - <version>1.0.6</version> + <version>1.0.7</version> <status>BETA</status> <required_version>2.2</required_version> <configurationfile>siproxd.xml</configurationfile> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index fe97e998..2c156848 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -593,9 +593,9 @@ <depends_on_package_pbi>siproxd-0.8.0-i386.pbi</depends_on_package_pbi> <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <build_port_path>/usr/ports/net/siproxd</build_port_path> - <version>0.8.0_1 pkg v1.0.3</version> + <version>0.8.0_1 pkg v1.0.7</version> <status>Beta</status> - <required_version>1.2.1</required_version> + <required_version>2.1</required_version> <configurationfile>siproxd.xml</configurationfile> </package> <package> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 6815c981..bb49b8b8 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -580,9 +580,9 @@ <depends_on_package_pbi>siproxd-0.8.0-amd64.pbi</depends_on_package_pbi> <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <build_port_path>/usr/ports/net/siproxd</build_port_path> - <version>0.8.0_1 pkg v1.0.3</version> + <version>0.8.0_1 pkg v1.0.7</version> <status>Beta</status> - <required_version>1.2.1</required_version> + <required_version>2.1</required_version> <configurationfile>siproxd.xml</configurationfile> </package> <package> |