aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/arpwatch/arpwatch.xml8
-rw-r--r--config/asterisk/asterisk.inc286
-rw-r--r--config/asterisk/asterisk.xml87
-rw-r--r--config/asterisk/asterisk_calls.php181
-rw-r--r--config/asterisk/asterisk_cmd.php132
-rw-r--r--config/asterisk/asterisk_edit_file.php425
-rw-r--r--config/asterisk/asterisk_log.php110
-rw-r--r--config/asterisk/pkg_asterisk.inc2
-rw-r--r--config/bind/bind.inc222
-rw-r--r--config/bind/bind.widget.php62
-rw-r--r--config/bind/bind.xml262
-rw-r--r--config/bind/bind_acls.xml91
-rw-r--r--config/bind/bind_sync.xml100
-rw-r--r--config/bind/bind_views.xml117
-rw-r--r--config/bind/bind_zones.xml250
-rw-r--r--config/filemgr/file_manager.php91
-rw-r--r--config/filemgr/filemgr.xml7
-rw-r--r--config/git/git.xml35
-rw-r--r--config/haproxy-devel/haproxy.xml2
-rw-r--r--config/haproxy-devel/pkg/haproxy.inc81
-rw-r--r--config/haproxy-devel/pkg/haproxy_htmllist.inc4
-rw-r--r--config/haproxy-devel/www/haproxy_files.php2
-rw-r--r--config/haproxy-devel/www/haproxy_global.php113
-rw-r--r--config/haproxy-devel/www/haproxy_pool_edit.php35
-rw-r--r--config/iftop/iftop.xml35
-rw-r--r--config/ipguard/ipguard.inc216
-rw-r--r--config/ipguard/ipguard.xml168
-rwxr-xr-xconfig/ipguard/ipguard_sync.xml70
-rw-r--r--config/ipmitool/ipmitool.xml35
-rw-r--r--config/nut/nut.inc3
-rw-r--r--config/olsrd/olsrd.xml6
-rw-r--r--config/pfblockerng/pfblockerng.sh6
-rw-r--r--config/siproxd/siproxd.inc247
-rw-r--r--config/siproxd/siproxd.xml12
-rw-r--r--config/siproxd/siproxd_registered_phones.php172
-rw-r--r--config/siproxd/siproxdusers.xml12
-rwxr-xr-xconfig/snort/snort.inc20
-rwxr-xr-xconfig/snort/snort.xml2
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php17
-rw-r--r--config/snort/snort_defs.inc9
-rw-r--r--config/snort/snort_migrate_config.php4
-rw-r--r--config/snort/snort_passlist.php3
-rw-r--r--config/snort/snort_passlist_edit.php17
-rw-r--r--config/snort/snort_post_install.php4
-rwxr-xr-xconfig/squid3/34/squid.inc8
-rw-r--r--config/urlsnarf/urlsnarf.xml35
-rw-r--r--config/zabbix-agent-lts/zabbix-agent-lts.inc275
-rw-r--r--config/zabbix-agent-lts/zabbix-agent-lts.xml142
-rw-r--r--config/zabbix-proxy-lts/zabbix-proxy-lts.inc185
-rw-r--r--config/zabbix-proxy-lts/zabbix-proxy-lts.xml115
-rw-r--r--pkg_config.10.xml26
-rw-r--r--pkg_config.8.xml4
-rw-r--r--pkg_config.8.xml.amd644
53 files changed, 2419 insertions, 2138 deletions
diff --git a/config/arpwatch/arpwatch.xml b/config/arpwatch/arpwatch.xml
index aa6a9ae8..dab2a74e 100644
--- a/config/arpwatch/arpwatch.xml
+++ b/config/arpwatch/arpwatch.xml
@@ -149,9 +149,15 @@
<custom_php_install_command>
<![CDATA[
unlink_if_exists("/usr/local/etc/rc.d/arpwatch.sh");
- @link("/usr/sbin/sm.php", "/usr/sbin/sendmail");
+ unlink_if_exists("/usr/sbin/sendmail");
+ symlink("/usr/sbin/sm.php", "/usr/sbin/sendmail");
]]>
</custom_php_install_command>
+ <custom_php_deinstall_command>
+ <![CDATA[
+ unlink_if_exists("/usr/sbin/sendmail");
+ ]]>
+ </custom_php_deinstall_command>
<custom_php_resync_config_command>
<![CDATA[
sync_package_arpwatch();
diff --git a/config/asterisk/asterisk.inc b/config/asterisk/asterisk.inc
index 9a89d885..22a7b96c 100644
--- a/config/asterisk/asterisk.inc
+++ b/config/asterisk/asterisk.inc
@@ -1,118 +1,109 @@
<?php
-/* ========================================================================== */
/*
asterisk.inc
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2012-2013 Marcello Coutinho
- Copyright (C) 2012-2013 robi <robreg@zsurob.hu>
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2013 Marcello Coutinho
+ Copyright (C) 2012-2013 robi <robreg@zsurob.hu>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
define('ASTERISK_CONF_DIR', '/conf/asterisk');
-//Check pfsense version
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pf_version == "2.1" || $pf_version == "2.2")
+$pf_version=substr(trim(file_get_contents("/etc/version")), 0, 3);
+if ($pf_version == "2.1" || $pf_version == "2.2") {
define('ASTERISK_LOCALBASE', '/usr/pbi/asterisk-' . php_uname("m"));
-else
+} else {
define('ASTERISK_LOCALBASE','/usr/local');
+}
function asterisk_install() {
+ // Remove rc script from previous package versions
+ unlink_if_exists("/usr/local/etc/rc.d/asterisk");
sync_package_asterisk();
}
function asterisk_deinstall() {
- $script='/usr/local/etc/rc.d/asterisk';
- if (file_exists($script)){
- mwexec("$script stop");
- chmod ($script,0444);
- }
+ stop_service("asterisk");
+ unlink_if_exists("/usr/local/etc/rc.d/asterisk.sh");
}
function sync_package_asterisk() {
- global $config, $g;
-
- #mount filesystem writeable
conf_mount_rw();
-
- //for NanoBSD compatibility, move the /etc/asterisk configuration directory to /conf, and symlink it back
- $dist_dir=ASTERISK_CONF_DIR ."/dist";
- if (!is_dir($dist_dir))
- mkdir($dist_dir,0755,TRUE);
- if(file_exists (ASTERISK_LOCALBASE."/etc/asterisk") && !is_link(ASTERISK_LOCALBASE."/etc/asterisk")){
- $dist_files= scandir(ASTERISK_LOCALBASE."/etc/asterisk");
- foreach ($dist_files as $dist){
- if (preg_match("/-dist/",$dist))
- rename (ASTERISK_LOCALBASE."/etc/asterisk"."/$dist", "$dist_dir/$dist");
- elseif (preg_match("/\w+/",$dist))
- rename (ASTERISK_LOCALBASE."/etc/asterisk"."/$dist", ASTERISK_CONF_DIR."/$dist");
- }
- rmdir(ASTERISK_LOCALBASE. "/etc/asterisk");
- symlink (ASTERISK_CONF_DIR , ASTERISK_LOCALBASE. "/etc/asterisk");
- }
-
- //fix asterisk options for nanobsd: logging, db and calls log in /tmp
- // if ($g['platform'] == "nanobsd"){
- $script='/conf/asterisk/logger.conf';
- if (file_exists($script)){
- $script_file=file_get_contents($script);
- $pattern[0]='@;rotatestrategy@';
- $replace[0]='rotatestrategy = rotate ;by pfSense ;';
- $script_file=preg_replace($pattern,$replace,$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
- }
-
- $script='/conf/asterisk/asterisk.conf';
- if (file_exists($script)){
- //point to the /var subdirs in the writable area in RAM
- $script_file=file_get_contents($script);
- $pattern[0]='/(\Wdirectories\W)\S+/';
- $replace[0]='$1';
- $pattern[1]='/astetcdir => \S+/';
- $replace[1]='astetcdir => /conf/asterisk';
- $pattern[2]='/astdbdir => \S+/';
- $replace[2]='astdbdir => /var/db/asterisk';
- $pattern[3]='/astspooldir => \S+/';
- $replace[3]='astspooldir => /var/spool/asterisk';
- $pattern[4]='/astrundir => \S+/';
- $replace[4]='astrundir => /var/run/asterisk';
- $pattern[5]='/astlogdir => \S+/';
- $replace[5]='astlogdir => /var/log/asterisk';
- $script_file=preg_replace($pattern,$replace,$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
+ // For NanoBSD compatibility, move the /etc/asterisk configuration directory to /conf, and symlink it back
+ $dist_dir = ASTERISK_CONF_DIR . "/dist";
+ safe_mkdir($dist_dir, 0755);
+
+ if (file_exists (ASTERISK_LOCALBASE . "/etc/asterisk") && !is_link(ASTERISK_LOCALBASE . "/etc/asterisk")) {
+ $dist_files = scandir(ASTERISK_LOCALBASE . "/etc/asterisk");
+ foreach ($dist_files as $dist) {
+ if (preg_match("/-dist/", $dist)) {
+ rename (ASTERISK_LOCALBASE . "/etc/asterisk" . "/$dist", "$dist_dir/$dist");
+ } elseif (preg_match("/\w+/", $dist)) {
+ rename (ASTERISK_LOCALBASE . "/etc/asterisk" . "/$dist", ASTERISK_CONF_DIR . "/$dist");
+ }
}
-// }
+ rmdir(ASTERISK_LOCALBASE . "/etc/asterisk");
+ symlink(ASTERISK_CONF_DIR, ASTERISK_LOCALBASE . "/etc/asterisk");
+ }
- //add modules settings, for disabling those not required on pfSense
- $script='/conf/asterisk/modules.conf';
- if (file_exists($script)){
- $script_file=file_get_contents($script);
- if (strpos($script_file,'pfSense') === false) { //first check if already added...
- $add_modules_settings=<<<EOF
+ // Fix asterisk options for NanoBSD: logging, db and calls log in /tmp
+ $script = '/conf/asterisk/logger.conf';
+ if (file_exists($script)) {
+ $script_file = file_get_contents($script);
+ $pattern[0] = '@;rotatestrategy@';
+ $replace[0] = 'rotatestrategy = rotate ;by pfSense ;';
+ $script_file = preg_replace($pattern, $replace, $script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
+ $script = '/conf/asterisk/asterisk.conf';
+ if (file_exists($script)) {
+ // Point to the /var subdirs in the writable area in ramfs
+ $script_file = file_get_contents($script);
+ $pattern[0] = '/(\Wdirectories\W)\S+/';
+ $replace[0] = '$1';
+ $pattern[1] = '/astetcdir => \S+/';
+ $replace[1] = 'astetcdir => /conf/asterisk';
+ $pattern[2] = '/astdbdir => \S+/';
+ $replace[2] = 'astdbdir => /var/db/asterisk';
+ $pattern[3] = '/astspooldir => \S+/';
+ $replace[3] = 'astspooldir => /var/spool/asterisk';
+ $pattern[4] = '/astrundir => \S+/';
+ $replace[4] = 'astrundir => /var/run/asterisk';
+ $pattern[5] = '/astlogdir => \S+/';
+ $replace[5] = 'astlogdir => /var/log/asterisk';
+ $script_file = preg_replace($pattern, $replace, $script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
+ // Add modules settings, for disabling those not required on pfSense
+ $script = '/conf/asterisk/modules.conf';
+ if (file_exists($script)) {
+ $script_file = file_get_contents($script);
+ // First check if already added...
+ if (strpos($script_file, 'pfSense') === false) {
+ $add_modules_settings = <<<EOF
;The following modules settings work out of the box on pfSense (note: do not remove this comment line).
;Should you need any disabled module, check for its functionality individually in your environment.
;For more information check asterisk's online documentation.
@@ -327,32 +318,34 @@ noload => chan_h323.so
noload => res_config_odbc.so
EOF;
- $script_file .= $add_modules_settings;
- file_put_contents($script, $script_file, LOCK_EX);
- }
+ $script_file .= $add_modules_settings;
+ file_put_contents($script, $script_file, LOCK_EX);
}
+ }
+
+ // Replace general SIP settings as a newbie hint to start configuration
+ $script = '/conf/asterisk/sip.conf';
+ if (file_exists($script)) {
+ $script_file = file_get_contents($script);
+ // Strenghten a couple of security settings, and predefine codecs in the default SIP configuration
+ // First check if already added...
+ if (strpos($script_file, 'pfSense') === false) {
+ $pattern[0] = '/;allowguest\S+/';
+ $replace[0] = 'allowguest=no ;by pfSense ;';
+ $pattern[1] = '/;alwaysauthreject/';
+ $replace[1] = 'alwaysauthreject=yes ;by pfSense ;';
+ $pattern[2] = '/; jbenable/';
+ $replace[2] = 'jbenable=yes ;by pfSense ;';
+ $pattern[3] = '/(First disallow all codecs)/';
+ $replace[3] = "$1\n;The following general settings usually work on pfSense boxes (note: please do not remove this comment line).\ndisallow=all ;by pfSense\nallow=g729\nallow=gsm\nallow=ulaw\nallow=alaw\n\n";
+ $script_file = preg_replace($pattern, $replace, $script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
+ // First check if already added...
+ if (strpos($script_file, 'demo extension for pfSense') === false) {
+ $add_demo_extension = <<<EOF
- //replace general SIP settings as a newbie hint to start configuration
- $script='/conf/asterisk/sip.conf';
- if (file_exists($script)){
- $script_file=file_get_contents($script);
- //strenghten a couple of security settings, and predefine codecs in the default SIP configuration
- if (strpos($script_file,'pfSense') === false) { //first check if already added...
- $pattern[0]='/;allowguest\S+/';
- $replace[0]='allowguest=no ;by pfSense ;';
- $pattern[1]='/;alwaysauthreject/';
- $replace[1]='alwaysauthreject=yes ;by pfSense ;';
- $pattern[2]='/; jbenable/';
- $replace[2]='jbenable=yes ;by pfSense ;';
- $pattern[3]='/(First disallow all codecs)/';
- $replace[3]="$1\n;The following general settings usually work on pfSense boxes (note: please do not remove this comment line).\ndisallow=all ;by pfSense\nallow=g729\nallow=gsm\nallow=ulaw\nallow=alaw\n\n";
- $script_file=preg_replace($pattern,$replace,$script_file);
- file_put_contents($script, $script_file, LOCK_EX);
- }
-
- if (strpos($script_file,'demo extension for pfSense') === false) { //first check if already added...
- $add_demo_extension = <<<EOF
-
[301]
;demo extension for pfSense
type=friend
@@ -376,51 +369,50 @@ context=default
EOF;
$script_file .= $add_demo_extension;
file_put_contents($script, $script_file, LOCK_EX);
- }
}
+ }
- $script='/usr/local/etc/rc.d/asterisk';
- if (file_exists($script)){
- $script_file=file_get_contents($script);
- if (preg_match('/NO/',$script_file)){
- $script_file=preg_replace("/NO/","YES",$script_file);
- $script_file=preg_replace("/core stop now'/","core stop now'\n killall \$name",$script_file);
-
- //create the /var subdirs for the writable area in RAM
- if (strpos($script_file,'pfSense') === false) { //first check if already added...
- $writable_area = <<< EOF
-# Create paths in pfSense's volatile area if they don't exist (note: please do not remove this comment line)
+ // Write /usr/local/etc/rc.d/asterisk.sh rc script
+ $asterisk_user = "asterisk";
+ $command = "/usr/local/sbin/asterisk";
+ $command_args = "-n -F -U {$asterisk_user}";
+ $start = <<<EOF
+
+# Create the /var subdirs for the writable area in ramfs
for a in db spool run log
do
if [ ! -d /var/\$a/asterisk ]; then
- mkdir -p /var/\$a/asterisk
- chown -R asterisk:asterisk /var/\$a/asterisk
- chmod -R g+w /var/\$a/asterisk
+ mkdir -p /var/\$a/asterisk
+ chown -R asterisk:asterisk /var/\$a/asterisk
+ chmod -R g+w /var/\$a/asterisk
fi
done
if [ ! -d /var/log/asterisk/cdr-csv ]; then
- mkdir -p /var/log/asterisk/cdr-csv
- chown -R asterisk:asterisk /var/log/asterisk/cdr-csv
- chmod -R g+w /var/log/asterisk/cdr-csv
+ mkdir -p /var/log/asterisk/cdr-csv
+ chown -R asterisk:asterisk /var/log/asterisk/cdr-csv
+ chmod -R g+w /var/log/asterisk/cdr-csv
fi
+{$command} {$command_args}
+
EOF;
- $script_file .= $writable_area;
- }
- file_put_contents($script, $script_file, LOCK_EX);
- }
- chmod ($script,0755);
- mwexec("$script stop");
- mwexec_bg("$script start");
- }
-
- //prepare backup for factory defaults restoring feature
+
+ $stop = "{$command} -nqrx 'core stop now'\n\t";
+ $stop .= "/usr/bin/killall asterisk";
+
+ write_rcfile(array(
+ 'file' => 'asterisk.sh',
+ 'start' => $start,
+ 'stop' => $stop ));
+
+ restart_service("asterisk");
+
+ // Prepare backup for factory defaults restoring feature
if (!file_exists("/conf.default/asterisk_factory_defaults_config.tgz")) {
- system("cd /conf/asterisk/ && tar czf /conf.default/asterisk_factory_defaults_config.tgz *");
+ system("cd /conf/asterisk/ && /usr/bin/tar czf /conf.default/asterisk_factory_defaults_config.tgz *");
}
-
- //mount filesystem readonly
+
conf_mount_ro();
}
diff --git a/config/asterisk/asterisk.xml b/config/asterisk/asterisk.xml
index d5fb3161..2eef359f 100644
--- a/config/asterisk/asterisk.xml
+++ b/config/asterisk/asterisk.xml
@@ -2,76 +2,71 @@
<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
+ <copyright>
+<![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- asterisk.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
+ asterisk.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
*/
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Asterisk status pacakge</description>
- <requirements>Asterisk 1.8.x</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>asterisk</name>
- <version>0.3.1</version>
+ <version>0.3.2</version>
<title>asterisk</title>
<include_file>/usr/local/pkg/asterisk.inc</include_file>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/asterisk.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/asterisk_calls.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/asterisk_edit_file.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/asterisk_log.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/asterisk_cmd.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/asterisk/pkg_asterisk.inc</item>
</additional_files_needed>
<menu>
@@ -82,26 +77,16 @@
</menu>
<service>
<name>asterisk</name>
- <rcfile>asterisk</rcfile>
+ <rcfile>asterisk.sh</rcfile>
<executable>asterisk</executable>
- <description><![CDATA[Asterisk VoIP telephony]]></description>
+ <description>Asterisk VoIP Telephony</description>
</service>
- <tabs>
- </tabs>
- <fields>
- </fields>
<custom_php_install_command>
asterisk_install();
</custom_php_install_command>
<custom_php_deinstall_command>
asterisk_deinstall();
</custom_php_deinstall_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_php_validation_command>
- </custom_php_validation_command>
- <custom_delete_php_command>
- </custom_delete_php_command>
<custom_php_resync_config_command>
sync_package_asterisk();
</custom_php_resync_config_command>
diff --git a/config/asterisk/asterisk_calls.php b/config/asterisk/asterisk_calls.php
index 75f24b2f..791b6d85 100644
--- a/config/asterisk/asterisk_calls.php
+++ b/config/asterisk/asterisk_calls.php
@@ -1,14 +1,10 @@
<?php
-/* $Id$ */
/*
- status_asterisk_calls.php
- part of pfSense
- Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>.
+ asterisk_calls.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>
Copyright (C) 2013 robi <robreg@zsurob.hu>
- All rights reserved.
-
- originally part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -32,7 +28,7 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-/*
+/*
pfSense_MODULE: asterisk
*/
@@ -53,127 +49,122 @@ include("head.inc");
$callog = "/var/log/asterisk/cdr-csv/Master.csv";
/* Data input processing */
-$cmd = $_GET['cmd'];
+$cmd = $_GET['cmd'];
$file = $_SERVER["SCRIPT_NAME"];
-$break = Explode('/', $file);
-$pfile = $break[count($break) - 1];
+$break = explode('/', $file);
+$pfile = $break[count($break) - 1];
-if (file_exists($callog))
- switch ($cmd){
+if (file_exists($callog)) {
+ switch ($cmd) {
case "trim":
- $trimres=shell_exec("tail -50 '$callog' > /tmp/trimmed_asterisk.csv && rm '$callog' && mv /tmp/trimmed_asterisk.csv '$callog' && chown asterisk:asterisk '$callog' && chmod g+w '$callog'");
- header( 'Location: asterisk_calls.php?savemsg=Calls+log+trimmed.') ;
- break;
+ $trimres = shell_exec("/usr/bin/tail -n 50 '$callog' > /tmp/trimmed_asterisk.csv && /bin/rm '$callog' && /bin/mv /tmp/trimmed_asterisk.csv '$callog' && /usr/sbin/chown asterisk:asterisk '$callog' && /bin/chmod g+w '$callog'");
+ header('Location: asterisk_calls.php?savemsg=Calls+log+trimmed.');
+ break;
case "clear":
- $trimres=shell_exec("rm '$callog' && touch '$callog' && chown asterisk:asterisk '$callog' && chmod g+w '$callog'");
- header( 'Location: asterisk_calls.php?savemsg=Calls+log+cleared.') ;
- break;
+ $trimres=shell_exec("/bin/rm '$callog' && /usr/bin/touch '$callog' && /usr/sbin/chown asterisk:asterisk '$callog' && /bin/chmod g+w '$callog'");
+ header('Location: asterisk_calls.php?savemsg=Calls+log+cleared.');
+ break;
case "download":
- // session_cache_limiter('none'); //*Use before session_start()
- // session_start();
-
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
- header('Content-Disposition: attachment; filename='.basename($callog));
+ header('Content-Disposition: attachment; filename=' . basename($callog));
header('Content-Transfer-Encoding: binary');
- header('Expires: 0');
- header('Cache-Control: must-revalidate');
- header('Pragma: public');
+ header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
+ header('Cache-Control: no-cache, must-revalidate');
+ header('Pragma: no-cache');
header('Content-Length: ' . filesize($callog));
ob_clean();
flush();
readfile($callog);
exit;
- break;
+ break;
}
+}
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
- <?php include("fbegin.inc"); ?>
- <?php
+<?php include("fbegin.inc"); ?>
+<?php
$savemsg = $_GET["savemsg"];
if ($savemsg) {
- print_info_box($savemsg);
+ print_info_box($savemsg);
}
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+ <?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
+ $tab_array[1] = array(gettext("Calls"), true, "asterisk_calls.php");
+ $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
+ $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
+ display_top_tabs($tab_array);
?>
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
- <?php
- $tab_array = array();
- $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
- $tab_array[1] = array(gettext("Calls"), true, "asterisk_calls.php");
- $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
- $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
- display_top_tabs($tab_array);
- ?>
- </td>
- </tr>
- <tr>
- <td>
- <div id="mainarea">
- <?php
- if (file_exists($callog))
- $file_handle = fopen($callog, "r");
- ?>
- <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
- <tr>
- <td colspan="6" class="listtopic">Last 50 Asterisk calls</td>
- </tr>
- <tr>
- <td nowrap class="listhdrr"><?=gettext("From");?></td>
- <td nowrap class="listhdrr"><?=gettext("To");?></a></td>
- <td nowrap class="listhdrr"><?=gettext("Start");?></td>
- <td nowrap class="listhdrr"><?=gettext("End");?></a></td>
- <td nowrap class="listhdrr"><?=gettext("Duration");?></a></td>
- <td nowrap class="listhdrr"><?=gettext("Status");?></td>
- </tr>
- <?php
- $out = '';
- if (file_exists($callog)){
- while (!feof($file_handle) ) {
- $lin = fgetcsv($file_handle, 102400);
- if ($lin[12] != "") {
- $out = "<tr>" . $out;
- $out = "<td class='listlr'>" . utf8_decode(str_replace('"', '', $lin[4])) . "</td><td class='listlr'>" . $lin[2] . "</td><td class='listlr'>" . $lin[9] . "</td><td class='listlr'>" . $lin[11] . "</td><td class='listlr'>" . gmdate("G:i:s", $lin[12]) . "</td><td class='listlr'>" . $lin[14] . "</td>" . $out;
- $out = "</tr>" . $out;
- }
- }
- fclose($file_handle);
- }
- echo $out;
- echo "<tr><td colspan='6'><a href='$pfile?cmd=download'><input type='button' name='command' value='Download' class='formbtn'></a>";
- echo "<a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>";
- echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>";
- ?>
- </table>
- </div>
- </td>
- </tr>
- </table>
-
-<p/>
+</td></tr>
+
+<tr><td>
+ <div id="mainarea">
+ <?php
+ if (file_exists($callog)) {
+ $file_handle = fopen($callog, "r");
+ }
+ ?>
+ <table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="6" class="listtopic">Last 50 Asterisk calls</td>
+ </tr>
+ <tr>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("From");?></td>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("To");?></td>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("Start");?></td>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("End");?></td>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("Duration");?></td>
+ <td nowrap="nowrap" class="listhdrr"><?=gettext("Status");?></td>
+ </tr>
+ <?php
+ $out = '';
+ if (file_exists($callog)) {
+ while (!feof($file_handle)) {
+ $lin = fgetcsv($file_handle, 102400);
+ if ($lin[12] != "") {
+ $out = "<tr>" . $out;
+ $out = "<td class='listlr'>" . utf8_decode(str_replace('"', '', $lin[4])) . "</td><td class='listlr'>" . $lin[2] . "</td><td class='listlr'>" . $lin[9] . "</td><td class='listlr'>" . $lin[11] . "</td><td class='listlr'>" . gmdate("G:i:s", $lin[12]) . "</td><td class='listlr'>" . $lin[14] . "</td>" . $out;
+ $out = "</tr>" . $out;
+ }
+ }
+ fclose($file_handle);
+ }
+ echo $out;
+ echo "<tr><td colspan='6'><a href='$pfile?cmd=download'><input type='button' name='command' value='Download' class='formbtn' /></a>";
+ echo "<a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn' /></a>";
+ echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn' /></a></td></tr>";
+ ?>
+ </table>
+ </div>
+</td></tr>
+</table>
+
+<br />
<span class="vexpl">
<span class="red">
<strong><?=gettext("Notes:");?><br /></strong>
</span>
- <?=gettext("Listed in reverse order (latest on top).");?> <br>
- <?=gettext("Duration includes ringing time.");?> <br>
+ <?=gettext("Listed in reverse order (latest on top).");?> <br />
+ <?=gettext("Duration includes ringing time.");?> <br />
<?=gettext("Trim keeps the last 50 entries.");?>
<?
-if ($g['platform'] == "nanobsd")
- echo "<br>This log may be lost when rebooting the system.";
+if ($g['platform'] == "nanobsd") {
+ echo "<br />This log may be lost when rebooting the system.";
+}
?>
-
-
</span>
-
<?php include("fend.inc"); ?>
</body>
+</html>
diff --git a/config/asterisk/asterisk_cmd.php b/config/asterisk/asterisk_cmd.php
index da684cde..5ba1b460 100644
--- a/config/asterisk/asterisk_cmd.php
+++ b/config/asterisk/asterisk_cmd.php
@@ -1,14 +1,10 @@
<?php
-/* $Id$ */
/*
- status_asterisk.php
- part of pfSense
- Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>.
+ asterisk_cmd.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>
Copyright (C) 2013 robi <robreg@zsurob.hu>
- All rights reserved.
-
- originally part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -32,7 +28,7 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-/*
+/*
pfSense_MODULE: asterisk
*/
@@ -56,73 +52,75 @@ include("head.inc");
<?php
/* Data input processing */
-$cmd = $_GET['cmd'];
-$cmd = str_replace("+", " ", $cmd);
+$cmd = $_GET['cmd'];
+$cmd = str_replace("+", " ", $cmd);
if ($cmd == "") {
$cmd = "core show settings";
}
$file = $_SERVER["SCRIPT_NAME"];
-$break = Explode('/', $file);
-$pfile = $break[count($break) - 1];
-
+$break = explode('/', $file);
+$pfile = $break[count($break) - 1];
?>
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+ <?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Commands"), true, "asterisk_cmd.php");
+ $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
+ $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
+ $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
+ display_top_tabs($tab_array);
+ ?>
+</td></tr>
+
+<tr><td>
+ <div id="mainarea">
+ <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr><td class="listtopic">
+ <table>
+ <tr>
+ <?php
+ /* Print command buttons */
+ echo "<td align='center'><a href='$pfile?cmd=sip+show+registry'><input type='button' name='command' value='SIP Registry' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=sip+show+peers'><input type='button' name='command' value='SIP Peers' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=sip+show+channels'><input type='button' name='command' value='SIP Channels' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+show+channels'><input type='button' name='command' value='Channels' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+show+codecs+audio'><input type='button' name='command' value='Codecs' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+show+translation+recalc+10'><input type='button' name='command' value='Translation' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=sip+show+settings'><input type='button' name='command' value='SIP Settings' class='formbtns' style='width: 100px' /></a></td>";
+ ?>
+ </tr>
+ <tr>
+ <?php
+ echo "<td align='center'><a href='$pfile?cmd=sip+reload'><input type='button' name='command' value='Reload SIP' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=dialplan+reload'><input type='button' name='command' value='Reload Extensions' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+reload'><input type='button' name='command' value='Reload Core' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+show+uptime'><input type='button' name='command' value='Uptime' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='center'><a href='$pfile?cmd=core+restart+now'><input type='button' name='command' value='Restart Asterisk' class='formbtns' style='width: 100px' /></a></td>";
+ echo "<td align='right' colspan='2'><form name='input' action='$pfile' method='get'><input type='text' name='cmd' style='width: 145px' /><input type='submit' value='SEND' class='formbtns' style='width: 50px' /></form></td>";
+ ?>
+ </tr>
+ </table>
+ </td></tr>
+ <tr valign="top">
+ <td class="listlr" nowrap="nowrap">
<?php
- $tab_array = array();
- $tab_array[0] = array(gettext("Commands"), true, "asterisk_cmd.php");
- $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
- $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
- $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
- display_top_tabs($tab_array);
+ /* Run commands and print results */
+ $asterisk_command = shell_exec("/usr/local/sbin/asterisk -rx '$cmd'");
+ echo "<pre style='font-size: 11px; background: white'>";
+ echo $asterisk_command;
+ echo "</pre>";
?>
</td>
</tr>
- <tr>
- <td>
- <div id="mainarea">
- <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0">
- <tr>
- <td class="listtopic">
- <table><tr>
- <?php
- /* Print command buttons */
- echo "<td align='center'><a href='$pfile?cmd=sip+show+registry'><input type='button' name='command' value='SIP Registry' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=sip+show+peers'><input type='button' name='command' value='SIP Peers' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=sip+show+channels'><input type='button' name='command' value='SIP Channels' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+show+channels'><input type='button' name='command' value='Channels' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+show+codecs+audio'><input type='button' name='command' value='Codecs' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+show+translation+recalc+10'><input type='button' name='command' value='Translation' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=sip+show+settings'><input type='button' name='command' value='SIP Settings' class='formbtns' style='width: 100px'></a></td>";
- echo "</tr><tr>";
- //echo "<td></td>";
- echo "<td align='center'><a href='$pfile?cmd=sip+reload'><input type='button' name='command' value='Reload SIP' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=dialplan+reload'><input type='button' name='command' value='Reload Extensions' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+reload'><input type='button' name='command' value='Reload Core' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+show+uptime'><input type='button' name='command' value='Uptime' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='center'><a href='$pfile?cmd=core+restart+now'><input type='button' name='command' value='Restart Asterisk' class='formbtns' style='width: 100px'></a></td>";
- echo "<td align='right' colspan='2'><form name='input' action='$pfile' method='get'><input type='text' name='cmd' style='width: 145px'><input type='submit' value='SEND' class='formbtns' style='width: 50px'></form> </td>";
- ?>
- </tr></table>
- </td>
- </tr>
- <tr valign="top">
- <td class="listlr" nowrap>
- <?php
- /* Run commands and print results */
- $asterisk_command=shell_exec("asterisk -rx '$cmd'");
- echo "<pre style='font-size:11px; background:white'>";
- echo $asterisk_command;
- echo "</pre>";
- ?>
- </td>
- </tr>
- </table>
- </div>
- </td>
- </tr>
- </table>
+ </table>
+ </div>
+</td></tr>
+</table>
+
<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/asterisk/asterisk_edit_file.php b/config/asterisk/asterisk_edit_file.php
index 1c992d26..353ecd07 100644
--- a/config/asterisk/asterisk_edit_file.php
+++ b/config/asterisk/asterisk_edit_file.php
@@ -1,8 +1,10 @@
<?php
/*
- edit.php
- Copyright (C) 2004, 2005 Scott Ullrich
+ asterisk_edit_file.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>
Copyright (C) 2013 robi <robreg@zsurob.hu>
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -27,7 +29,7 @@
POSSIBILITY OF SUCH DAMAGE.
*/
/*
- pfSense_MODULE: shell
+ pfSense_MODULE: asterisk
*/
##|+PRIV
@@ -37,21 +39,19 @@
##|*MATCH=asterisk_edit_file.php*
##|-PRIV
-$pgtitle = array(gettext("Status"),gettext("Asterisk configuration files"));
require("guiconfig.inc");
-
$backup_dir = "/conf";
$backup_filename = "asterisk_config.bak.tgz";
$backup_path = "{$backup_dir}/{$backup_filename}";
$files_dir = "/conf/asterisk";
$host = "{$config['system']['hostname']}.{$config['system']['domain']}";
-$downname = "asterisk-config-{$host}-".date("YmdHis").".bak.tgz"; //put the date in the filename
+// Put the date in the filename
+$downname = "asterisk-config-{$host}-" . date("YmdHis") . ".bak.tgz";
if (($_GET['a'] == "download") && $_GET['t'] == "backup") {
conf_mount_rw();
-// system("cd {$files_dir} && tar czf {$backup_path} *");
- system("cd {$files_dir} && tar czf {$backup_path} --exclude 'dist/*' --exclude dist *");
+ system("cd {$files_dir} && /usr/bin/tar czf {$backup_path} --exclude 'dist/*' --exclude dist *");
conf_mount_ro();
}
@@ -63,8 +63,8 @@ if (($_GET['a'] == "download") && file_exists("{$backup_path}")) {
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"{$downname}\"");
- header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
- header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
+ header("Cache-Control: no-cache, must-revalidate");
+ header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
header("Content-Length: " . filesize("{$backup_path}"));
fpassthru($fd);
exit;
@@ -72,40 +72,38 @@ if (($_GET['a'] == "download") && file_exists("{$backup_path}")) {
if ($_GET['a'] == "other") {
if ($_GET['t'] == "restore") {
- //extract files to $files_dir (/conf/asterisk)
+ // Extract files to $files_dir (/conf/asterisk)
if (file_exists($backup_path)) {
- //echo "The file $filename exists";
conf_mount_rw();
- exec("tar -xzC {$files_dir} -f {$backup_path} 2>&1", $sysretval);
+ exec("/usr/bin/tar -xzC {$files_dir} -f {$backup_path} 2>&1", $sysretval);
$savemsg = "Backup has been restored, please restart Asterisk now " . $sysretval[1];
- system("chmod -R 644 {$files_dir}/*");
- header( 'Location: asterisk_edit_file.php?savemsg=' . $savemsg ) ;
+ system("/bin/chmod -R 644 {$files_dir}/*");
+ header('Location: asterisk_edit_file.php?savemsg=' . $savemsg);
conf_mount_ro();
} else {
- header( 'Location: asterisk_edit_file.php?savemsg=Restore+failed.+Backup+file+not+found.' ) ;
+ header('Location: asterisk_edit_file.php?savemsg=Restore+failed.+Backup+file+not+found.');
}
exit;
}
if ($_GET['t'] == "factrest") {
- //extract files to $files_dir (/conf/asterisk)
+ // Extract files to $files_dir (/conf/asterisk)
if (file_exists('/conf.default/asterisk_factory_defaults_config.tgz')) {
- //echo "The file $filename exists";
conf_mount_rw();
- exec("tar -xzC {$files_dir} -f /conf.default/asterisk_factory_defaults_config.tgz 2>&1", $sysretval);
+ exec("/usr/bin/tar -xzC {$files_dir} -f /conf.default/asterisk_factory_defaults_config.tgz 2>&1", $sysretval);
$savemsg = "Factory configuration restored, please restart Asterisk now " . $sysretval[1];
- system("chmod -R 644 {$files_dir}/*");
- header( 'Location: asterisk_edit_file.php?savemsg=' . $savemsg ) ;
+ system("/bin/chmod -R 644 {$files_dir}/*");
+ header('Location: asterisk_edit_file.php?savemsg=' . $savemsg);
conf_mount_ro();
}
exit;
}
if ($_GET['t'] == "deldist") {
- //delete dist directory from $files_dir/dist (/conf/asterisk/dist)
+ // Delete dist directory from $files_dir/dist (/conf/asterisk/dist)
if (file_exists($files_dir . "/dist")) {
conf_mount_rw();
- exec("rm -r {$files_dir}/dist 2>&1", $sysretval);
+ exec("/bin/rm -r {$files_dir}/dist 2>&1", $sysretval);
$savemsg = "Deleted dist files " . $sysretval[1];
- header( 'Location: asterisk_edit_file.php?savemsg=' . $savemsg ) ;
+ header('Location: asterisk_edit_file.php?savemsg=' . $savemsg);
conf_mount_ro();
}
exit;
@@ -114,53 +112,55 @@ if ($_GET['a'] == "other") {
if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {
$upfilnam = $_FILES['ulfile']['name'];
- $upfiltim = strtotime(str_replace(".bak.tgz","",end(explode("-",$upfilnam))));
+ $upfiltim = strtotime(str_replace(".bak.tgz", "", end(explode("-", $upfilnam))));
conf_mount_rw();
move_uploaded_file($_FILES['ulfile']['tmp_name'], "{$backup_path}");
- $savemsg = "Uploaded ". htmlentities($_FILES['ulfile']['name']) . " file as " . $backup_path . "." ;
- system('chmod -R 644 {$backup_path}');
- if ($upfiltim) { //take the date from the filename and update modified time accordingly
+ $savemsg = "Uploaded " . htmlentities($_FILES['ulfile']['name']) . " file as " . $backup_path . ".";
+ system("/bin/chmod -R 644 {$backup_path}");
+ // Take the date from the filename and update modified time accordingly
+ if ($upfiltim) {
touch($backup_path, $upfiltim);
}
unset($_POST['txtCommand']);
conf_mount_ro();
- header( 'Location: asterisk_edit_file.php?savemsg=' . $savemsg ) ;
+ header('Location: asterisk_edit_file.php?savemsg=' . $savemsg);
}
-if($_REQUEST['action']) {
+if ($_REQUEST['action']) {
switch($_REQUEST['action']) {
case 'load':
- if(strlen($_REQUEST['file']) < 1) {
+ if (strlen($_REQUEST['file']) < 1) {
echo "|5|" . gettext("No file name specified") . ".|";
- } elseif(is_dir($_REQUEST['file'])) {
+ } elseif (is_dir($_REQUEST['file'])) {
echo "|4|" . gettext("Loading a directory is not supported") . ".|";
- } elseif(! is_file($_REQUEST['file'])) {
+ } elseif (! is_file($_REQUEST['file'])) {
echo "|3|" . gettext("File does not exist or is not a regular file") . ".|";
} else {
$data = file_get_contents(urldecode($_REQUEST['file']));
- if($data === false) {
+ if ($data === false) {
echo "|1|" . gettext("Failed to read file") . ".|";
} else {
- echo "|0|{$_REQUEST['file']}|{$data}|";
+ echo "|0|{$_REQUEST['file']}|{$data}|";
}
}
exit;
case 'save':
- if(strlen($_REQUEST['file']) < 1) {
+ if (strlen($_REQUEST['file']) < 1) {
echo "|" . gettext("No file name specified") . ".|";
} else {
conf_mount_rw();
$_REQUEST['data'] = str_replace("\r", "", base64_decode($_REQUEST['data']));
$ret = file_put_contents($_REQUEST['file'], $_REQUEST['data']);
conf_mount_ro();
- if($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") {
- if(file_exists("/tmp/config.cache"))
+ if ($_REQUEST['file'] == "/conf/config.xml" || $_REQUEST['file'] == "/cf/conf/config.xml") {
+ if (file_exists("/tmp/config.cache")) {
unlink("/tmp/config.cache");
+ }
disable_security_checks();
}
- if($ret === false) {
+ if ($ret === false) {
echo "|" . gettext("Failed to write file") . ".|";
- } elseif($ret <> strlen($_REQUEST['data'])) {
+ } elseif ($ret <> strlen($_REQUEST['data'])) {
echo "|" . gettext("Error while writing file") . ".|";
} else {
echo "|" . gettext("File successfully saved") . ".|";
@@ -170,10 +170,10 @@ if($_REQUEST['action']) {
}
exit;
}
+
$shortcut_section = "asterisk";
+$pgtitle = array(gettext("Status"), gettext("Asterisk configuration files"));
require("head.inc");
-outputJavaScriptFileInline("filebrowser/browser.js");
-outputJavaScriptFileInline("javascript/base64.js");
?>
@@ -181,21 +181,34 @@ outputJavaScriptFileInline("javascript/base64.js");
<?php include("fbegin.inc"); ?>
<?php
-$savemsg = $_GET["savemsg"];
-if ($savemsg) {
- print_info_box($savemsg);
-}
+ $savemsg = $_GET["savemsg"];
+ if ($savemsg) {
+ print_info_box($savemsg);
+ }
?>
-<script type="text/javascript">
+<script type="text/javascript">
+//<![CDATA[
+<?php include("filebrowser/browser.js"); ?>
+//]]>
+</script>
+
+<script type="text/javascript">
+//<![CDATA[
+<?php include("javascript/base64.js"); ?>
+//]]>
+</script>
+
+<script type="text/javascript">
+//<![CDATA[
function loadFile() {
$("fileStatus").innerHTML = "<?=gettext("Loading file"); ?> ...";
Effect.Appear("fileStatusBox", { duration: 0.5 });
new Ajax.Request(
"<?=$_SERVER['SCRIPT_NAME'];?>", {
- method: "post",
- postBody: "action=load&file=" + $("fbTarget").value,
+ method: "post",
+ postBody: "action=load&file=" + $("fbTarget").value,
onComplete: loadComplete
}
);
@@ -209,10 +222,10 @@ if ($savemsg) {
if(values.shift() == "0") {
var file = values.shift();
$("fileStatus").innerHTML = "<?=gettext("File successfully loaded"); ?>.";
- $("fileContent").value = values.join("|");
+ $("fileContent").value = values.join("|");
var lang = "none";
- if(file.indexOf(".php") > 0) lang = "php";
+ if(file.indexOf(".php") > 0) lang = "php";
else if(file.indexOf(".inc") > 0) lang = "php";
else if(file.indexOf(".xml") > 0) lang = "xml";
else if(file.indexOf(".js" ) > 0) lang = "js";
@@ -229,14 +242,14 @@ if ($savemsg) {
function saveFile(file) {
$("fileStatus").innerHTML = "<?=gettext("Saving file"); ?> ...";
Effect.Appear("fileStatusBox", { duration: 0.5 });
-
+
var fileContent = Base64.encode($("fileContent").value);
fileContent = fileContent.replace(/\+/g,"%2B");
-
+
new Ajax.Request(
"<?=$_SERVER['SCRIPT_NAME'];?>", {
- method: "post",
- postBody: "action=save&file=" + $("fbTarget").value +
+ method: "post",
+ postBody: "action=save&file=" + $("fbTarget").value +
"&data=" + fileContent,
onComplete: function(req) {
var values = req.responseText.split("|");
@@ -246,7 +259,7 @@ if ($savemsg) {
);
}
-
+
function ckrest() {
if(document.getElementById('ckrest').checked==true) {
@@ -263,188 +276,174 @@ if ($savemsg) {
document.getElementById('deldistdire').disabled=true;
}
}
-
-
+
+//]]>
</script>
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
- <?php
- $tab_array = array();
- $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
- $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
- $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
- $tab_array[3] = array(gettext("Edit configuration"), true, "asterisk_edit_file.php");
- display_top_tabs($tab_array);
- ?>
- </td>
- </tr>
- <tr>
- <td>
- <div id="mainarea">
-
- <!-- backup options -->
- <div style="background:#eeeeee;">
- <div class="vexpl" style="padding-left:15px;">
- <br />
- <table width='98%' cellpadding='0' cellspacing='0' border='0'>
- <tr>
- <td width='80%'>
- <b>Backup / Restore</b>
- The 'Backup' button will tar gzip asterisk configuration files to <? echo $backup_path; ?> it then offers it to download.<br>
- The 'Restore' button will be visible only if the <? echo $backup_path; ?> backup file exists.<br>
- You can upload a backup file to the system, if one already exists at <? echo $backup_path; ?>, it will be overwritten.
- <br />
- </td>
- <td width='20%' valign='middle' align='right'>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+ <?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
+ $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
+ $tab_array[2] = array(gettext("Log"), false, "asterisk_log.php");
+ $tab_array[3] = array(gettext("Edit configuration"), true, "asterisk_edit_file.php");
+ display_top_tabs($tab_array);
+ ?>
+</td></tr>
+
+<tr><td>
+ <div id="mainarea">
+ <!-- backup options -->
+ <div style="background:#eeeeee;">
+ <div class="vexpl" style="padding-left:15px;"><br />
+ <table width='98%' cellpadding='0' cellspacing='0' border='0'>
+ <tr>
+ <td width='80%'>
+ <strong>Backup / Restore</strong>
+ The 'Backup' button will tar gzip asterisk configuration files to <? echo $backup_path; ?> it then offers it to download.<br />
+ The 'Restore' button will be visible only if the <? echo $backup_path; ?> backup file exists.<br />
+ You can upload a backup file to the system, if one already exists at <? echo $backup_path; ?>, it will be overwritten.<br />
+ </td>
+ <td width='20%' valign='middle' align='right'>
<?php
- echo " <input type='button' value='Backup' onclick=\"document.location.href='asterisk_edit_file.php?a=download&t=backup';\" />\n";
- if (file_exists($backup_path)) {
- echo " <input type='button' value='Restore' onclick=\"document.location.href='asterisk_edit_file.php?a=other&t=restore';\" />\n";
- }
+ echo "<input type='button' value='Backup' onclick=\"document.location.href='asterisk_edit_file.php?a=download&amp;t=backup';\" />\n";
+ if (file_exists($backup_path)) {
+ echo "<input type='button' value='Restore' onclick=\"document.location.href='asterisk_edit_file.php?a=other&amp;t=restore';\" />\n";
+ }
?>
- </td>
- </tr></table><br>
- <table width='98%' cellpadding='0' cellspacing='0' border='0'>
- <tr>
- <td width='20%' valign='middle' align='left'>
+ </td>
+ </tr>
+ </table>
+ <br />
+ <table width='98%' cellpadding='0' cellspacing='0' border='0'>
+ <tr>
+ <td width='20%' valign='middle' align='left'>
<?php
if (file_exists($backup_path)) {
- echo $backup_filename . " date:<br>" . date ("Y F d H:i:s.", filemtime($backup_path));
+ echo $backup_filename . " date:<br />" . date ("Y F d H:i:s.", filemtime($backup_path));
}
?>
- </td>
- <td width='80%' valign='middle' align='right'>
- <form action="asterisk_edit_file.php" method="POST" enctype="multipart/form-data" name="frmUpload" onSubmit="">
+ </td>
+ <td width='80%' valign='middle' align='right'>
+ <form action="asterisk_edit_file.php" method="post" enctype="multipart/form-data" name="frmUpload" onsubmit="">
Upload backup file:
- <input name="ulfile" type="file" class="button" id="ulfile">
- <input name="submit" type="submit" class="button" id="upload" value="Upload">
+ <input name="ulfile" type="file" class="button" id="ulfile" />
+ <input name="submit" type="submit" class="button" id="upload" value="Upload" />
</form>
- </td>
- </tr>
- </table><br />
- </div>
- </div>
-
-
-
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td class="tabcont" align="center">
-
- <!-- controls -->
- <table width="100%" cellpadding="9" cellspacing="9">
- <tr>
- <td align="center" class="list">
- <?=gettext("Configuration files stored in"); ?>:
- <input type="text" class="formfld file" id="fbTarget" value="<?=gettext($files_dir);?>" size="45" />
- <input type="button" class="formbtn" id="fbOpen" value="<?=gettext('Browse');?>" />
- <!-- <input type="button" class="formbtn" onclick="loadFile();" value="<?=gettext('Load');?>" /> -->
- <input type="button" class="formbtn" onclick="saveFile();" value="<?=gettext('Save');?>" />
- <br />
- </td>
- </tr>
- </table>
-
-
-
- <!-- file status box -->
- <div style="display:none; background:#eeeeee;" id="fileStatusBox">
- <div class="vexpl" style="padding-left:15px;">
- <strong id="fileStatus"></strong>
- </div>
- </div>
-
-
- <!-- filebrowser -->
- <div id="fbBrowser" style="display:none; border:1px dashed gray; width:98%;"></div>
-
- <!-- file viewer/editor -->
- <table width="100%">
- <tr>
- <td valign="top" class="label">
- <div style="background:#eeeeee;" id="fileOutput">
- <textarea id="fileContent" name="fileContent" style="width:100%;" rows="30" wrap="off"></textarea>
- </div>
- </td>
- </tr>
- </table>
-
- </td>
- </tr>
- </table>
-
- <script type="text/javascript">
- Event.observe(
- window, "load",
- function() {
- $("fbTarget").focus();
-
- NiftyCheck();
- Rounded("div#fileStatusBox", "all", "#ffffff", "#eeeeee", "smooth");
- }
- );
-
- <?php if($_GET['action'] == "load"): ?>
- Event.observe(
- window, "load",
- function() {
- $("fbTarget").value = "<?=$_GET['path'];?>";
- loadFile();
- }
- );
- <?php endif; ?>
- </script>
-
-
- <div style="background:#eeeeee;">
- <div class="vexpl" style="padding-left:15px;">
- <table width='98%' cellpadding='0' cellspacing='0' border='0'>
- <tr>
- <td width='80%' valign='middle' align='right'><br />
- <?php
- if (file_exists($files_dir . "/dist")) {
- echo "<input name='ckdist' id='ckdist' type='checkbox' onclick='return ckdist();' style='vertical-align:-3px;'>enable <input type='button' value='Delete dist files' name='deldistdire' id='deldistdire' disabled='disabled' onclick=\"document.location.href='asterisk_edit_file.php?a=other&t=deldist';\" />&nbsp;&nbsp;\n";
- }
- if (file_exists("/conf.default/asterisk_factory_defaults_config.tgz")) {
- echo "<input name='ckrest' id='ckrest' type='checkbox' onclick='return ckrest();' style='vertical-align:-3px;'>enable <input type='button' value='Restore to factory defaults' name='restfactdef' id='restfactdef' disabled='disabled' onclick=\"document.location.href='asterisk_edit_file.php?a=other&t=factrest';\" />\n";
- }
- ?>
- <br /></td>
- </tr>
- </table><br />
- </div>
- </div>
-
-
+ </td>
+ </tr>
+ </table>
+ <br />
+ </div>
+ </div>
+
+ <table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabcont" align="center">
+ <!-- controls -->
+ <table width="100%" cellpadding="9" cellspacing="9">
+ <tr>
+ <td align="center" class="list">
+ <?=gettext("Configuration files stored in"); ?>:
+ <input type="text" class="formfld file" id="fbTarget" value="<?=gettext($files_dir);?>" size="45" />
+ <input type="button" class="formbtn" id="fbOpen" value="<?=gettext('Browse');?>" />
+ <input type="button" class="formbtn" onclick="saveFile();" value="<?=gettext('Save');?>" />
+ <br />
+ </td>
+ </tr>
+ </table>
+
+ <!-- file status box -->
+ <div style="display:none; background:#eeeeee;" id="fileStatusBox">
+ <div class="vexpl" style="padding-left:15px;">
+ <strong id="fileStatus"></strong>
</div>
- </td>
- </tr>
- </table>
+ </div>
-<p/>
+ <!-- filebrowser -->
+ <div id="fbBrowser" style="display:none; border:1px dashed gray; width:98%;"></div>
+
+ <!-- file viewer/editor -->
+ <table width="100%">
+ <tr>
+ <td valign="top" class="label">
+ <div style="background:#eeeeee;" id="fileOutput">
+ <textarea id="fileContent" name="fileContent" style="width:100%;" rows="30" cols="65" wrap="off"></textarea>
+ </div>
+ </td>
+ </tr>
+ </table>
+ </td></tr>
+ </table>
+
+<script type="text/javascript">
+//<![CDATA[
+ Event.observe(
+ window, "load",
+ function() {
+ $("fbTarget").focus();
+ NiftyCheck();
+ Rounded("div#fileStatusBox", "all", "#ffffff", "#eeeeee", "smooth");
+ }
+ );
+
+ <?php if ($_GET['action'] == "load"): ?>
+ Event.observe(
+ window, "load",
+ function() {
+ $("fbTarget").value = "<?=$_GET['path'];?>";
+ loadFile();
+ }
+ );
+ <?php endif; ?>
+//]]>
+</script>
+
+ <div style="background: #eeeeee;">
+ <div class="vexpl" style="padding-left:15px;">
+ <table width='98%' cellpadding='0' cellspacing='0' border='0'>
+ <tr>
+ <td width='80%' valign='middle' align='right'><br />
+ <?php
+ if (file_exists($files_dir . "/dist")) {
+ echo "<input name='ckdist' id='ckdist' type='checkbox' onclick='return ckdist();' style='vertical-align:-3px;'>enable <input type='button' value='Delete dist files' name='deldistdire' id='deldistdire' disabled='disabled' onclick=\"document.location.href='asterisk_edit_file.php?a=other&amp;t=deldist';\" />&nbsp;&nbsp;\n";
+ }
+ if (file_exists("/conf.default/asterisk_factory_defaults_config.tgz")) {
+ echo "<input name='ckrest' id='ckrest' type='checkbox' onclick='return ckrest();' style='vertical-align:-3px;'>enable <input type='button' value='Restore to factory defaults' name='restfactdef' id='restfactdef' disabled='disabled' onclick=\"document.location.href='asterisk_edit_file.php?a=other&amp;t=factrest';\" />\n";
+ }
+ ?>
+ <br />
+ </td>
+ </tr>
+ </table>
+ <br />
+ </div>
+ </div>
+ </div>
+</td></tr>
+</table>
+
+<br />
<span class="vexpl">
<span class="red">
<strong><?=gettext("Note:");?><br /></strong>
</span>
- <?=gettext("Please back up your Asterisk configuration regularly.");?><br>
+ <?=gettext("Please back up your Asterisk configuration regularly.");?><br />
<?=gettext("It's worth to preserve the automatically generated filename of the downloaded backup file. It contains the backup creation date, which is used when uploading it back to the system.");?>
<?php
- $sipconf=$files_dir . "/sip.conf";
- if (file_exists($sipconf)){
- $sipconf_file=file_get_contents($sipconf);
- if (strpos($sipconf_file,"demo extension for pfSense") !== false) {
+ $sipconf = $files_dir . "/sip.conf";
+ if (file_exists($sipconf)) {
+ $sipconf_file = file_get_contents($sipconf);
+ if (strpos($sipconf_file, "demo extension for pfSense") !== false) {
?><br />
<?=gettext("This Asterisk configuration on pfSense contains two demo SIP accounts, 301 and 302 with password 1234, for you to test functionality. Check sip.conf for more details. These accounts can be safely removed at any time.");?>
<?php
}
- }
+ }
?>
-
</span>
-
+
<?php include("fend.inc"); ?>
</body>
</html>
diff --git a/config/asterisk/asterisk_log.php b/config/asterisk/asterisk_log.php
index f4a752d2..44ba8acf 100644
--- a/config/asterisk/asterisk_log.php
+++ b/config/asterisk/asterisk_log.php
@@ -1,15 +1,11 @@
<?php
-/* $Id$ */
/*
- status_asterisk_log.php
- part of pfSense
- Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>.
- Copyright (C) 2012 robi <robreg@zsurob.hu>
+ asterisk_log.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Scott Ullrich <sullrich@gmail.com>
+ Copyright (C) 2012 robi <robreg@zsurob.hu>
Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
-
- originally part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -33,7 +29,7 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-/*
+/*
pfSense_MODULE: asterisk
*/
@@ -51,94 +47,84 @@ $shortcut_section = "asterisk";
include("head.inc");
/* Path to Asterisk log file */
-//if ($g['platform'] == "nanobsd")
-// $log = "/tmp/asterisk.log";
-//else
$log = "/var/log/asterisk/messages";
?>
<?php
/* Data input processing */
-$cmd = $_GET['cmd'];
-//$cmd = str_replace("+", " ", $cmd);
+$cmd = $_GET['cmd'];
+//$cmd = str_replace("+", " ", $cmd);
$file = $_SERVER["SCRIPT_NAME"];
-$break = Explode('/', $file);
-$pfile = $break[count($break) - 1];
+$break = explode('/', $file);
+$pfile = $break[count($break) - 1];
if (file_exists($log)) {
if ($cmd == "trim") {
- $trimres=shell_exec("tail -50 '$log' > /tmp/trimmed_asterisk.log && rm '$log' && mv /tmp/trimmed_asterisk.log '$log' && chown asterisk:asterisk '$log' && chmod g+w '$log'");
- header( 'Location: asterisk_log.php?savemsg=Log+trimmed.') ;
+ $trimres = shell_exec("/usr/bin/tail -n 50 '$log' > /tmp/trimmed_asterisk.log && /bin/rm '$log' && /bin/mv /tmp/trimmed_asterisk.log '$log' && /usr/sbin/chown asterisk:asterisk '$log' && /bin/chmod g+w '$log'");
+ header('Location: asterisk_log.php?savemsg=Log+trimmed.');
}
if ($cmd == "clear") {
- $trimres=shell_exec("rm '$log' && touch '$log' && chown asterisk:asterisk '$log' && chmod g+w '$log'");
- header( 'Location: asterisk_log.php?savemsg=Log+cleared.') ;
+ $trimres = shell_exec("/bin/rm '$log' && /usr/bin/touch '$log' && /usr/sbin/chown asterisk:asterisk '$log' && /bin/chmod g+w '$log'");
+ header('Location: asterisk_log.php?savemsg=Log+cleared.');
}
}
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
- <?php include("fbegin.inc"); ?>
- <?php
+<?php include("fbegin.inc"); ?>
+<?php
$savemsg = $_GET["savemsg"];
if ($savemsg) {
- print_info_box($savemsg);
+ print_info_box($savemsg);
}
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+ <?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
+ $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
+ $tab_array[2] = array(gettext("Log"), true, "asterisk_log.php");
+ $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
+ display_top_tabs($tab_array);
?>
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
- <?php
- $tab_array = array();
- $tab_array[0] = array(gettext("Commands"), false, "asterisk_cmd.php");
- $tab_array[1] = array(gettext("Calls"), false, "asterisk_calls.php");
- $tab_array[2] = array(gettext("Log"), true, "asterisk_log.php");
- $tab_array[3] = array(gettext("Edit configuration"), false, "asterisk_edit_file.php");
- display_top_tabs($tab_array);
- ?>
- </td>
- </tr>
- <tr>
- <td>
- <div id="mainarea">
- <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0">
- <tr>
- <td colspan="2" class="listtopic">Last 50 Asterisk log entries</td>
- </tr>
-
- <tr valign="top"><td class="listlr" nowrap>
-
+</td></tr>
+<tr><td>
+ <div id="mainarea">
+ <table class="tabcont sortable" width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" class="listtopic">Last 50 Asterisk log entries</td>
+ </tr>
+ <tr valign="top"><td class="listlr" nowrap="nowrap">
<?php
$showlog_command=shell_exec("tail -50 '$log'");
echo nl2br($showlog_command);
?>
- </td></tr>
+ </td></tr>
<?php
- echo "<tr><td colspan='6'><a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn'></a>";
- echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn'></a></td></tr>";
+ echo "<tr><td colspan='6'><a href='$pfile?cmd=trim'><input type='button' name='command' value='Trim log' class='formbtn' /></a>";
+ echo "<a href='$pfile?cmd=clear'><input type='button' name='command' value='Clear log' class='formbtn' /></a></td></tr>";
?>
- </table>
- </div>
- </td>
- </tr>
- </table>
+ </table>
+ </div>
+</td></tr>
+</table>
-<p/>
+<br />
<span class="vexpl">
<span class="red">
<strong><?=gettext("Note:");?><br /></strong>
</span>
<?=gettext("Trim keeps the last 50 lines of the log.");?>
-<?
-if ($g['platform'] == "nanobsd")
- echo "<br>This log may be lost when rebooting the system.";
-?>
-
-
+ <?php
+ if ($g['platform'] == "nanobsd") {
+ echo "<br />This log may be lost when rebooting the system.";
+ }
+ ?>
</span>
<?php include("fend.inc"); ?>
diff --git a/config/asterisk/pkg_asterisk.inc b/config/asterisk/pkg_asterisk.inc
index 129313c4..ad26ee80 100644
--- a/config/asterisk/pkg_asterisk.inc
+++ b/config/asterisk/pkg_asterisk.inc
@@ -8,4 +8,4 @@ $shortcuts['asterisk']['log'] = "asterisk_log.php";
$shortcuts['asterisk']['status'] = "asterisk_cmd.php";
$shortcuts['asterisk']['service'] = "asterisk";
-?> \ No newline at end of file
+?>
diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index 7b5b773e..39c12e13 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -1,10 +1,11 @@
-<?PHP
-/* $Id$ */
+<?php
/*
bind.inc
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- Copyright (C) 2013 Marcello Coutinho
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -27,15 +28,14 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
-
*/
$shortcut_section = "bind";
-require_once('globals.inc');
-require_once('config.inc');
-require_once('util.inc');
-require_once('pfsense-utils.inc');
-require_once('pkg-utils.inc');
-require_once('service-utils.inc');
+require_once("globals.inc");
+require_once("config.inc");
+require_once("util.inc");
+require_once("pfsense-utils.inc");
+require_once("pkg-utils.inc");
+require_once("service-utils.inc");
if (!function_exists("filter_configure")) {
require_once("filter.inc");
}
@@ -49,8 +49,8 @@ if ($pf_version == "2.1" || $pf_version == "2.2") {
define('CHROOT_LOCALBASE', '/cf/named');
-function bind_zone_validate($post, &$input_errors)
-{
+function bind_zone_validate($post, &$input_errors) {
+
if (array_key_exists("mail", $_POST)) {
$_POST['mail'] = preg_replace("/@/", ".", $post['mail']);
}
@@ -112,11 +112,11 @@ function bind_zone_validate($post, &$input_errors)
}
}
-function bind_sync()
-{
+function bind_sync() {
+
global $config;
conf_mount_rw();
- //create rndc
+ // Create rndc
$rndc_confgen = "/usr/local/sbin/rndc-confgen";
if (!file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense") && file_exists($rndc_confgen)) {
exec("$rndc_confgen ", $rndc_conf);
@@ -128,8 +128,8 @@ function bind_sync()
}
$rndc_bindconf = "";
$rndc_file = "";
- if (file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense")) {
- $rndc_conf = file(BIND_LOCALBASE."/etc/rndc-confgen.pfsense");
+ if (file_exists(BIND_LOCALBASE . "/etc/rndc-confgen.pfsense")) {
+ $rndc_conf = file(BIND_LOCALBASE . "/etc/rndc-confgen.pfsense");
$confgen = "rndc.conf";
foreach ($rndc_conf as $line) {
if ($confgen == "rndc.conf") {
@@ -143,7 +143,7 @@ function bind_sync()
}
if (preg_match("/named.conf/", $line)) {
$confgen = "named.conf";
- file_put_contents(BIND_LOCALBASE."/etc/rndc.conf", $rndc_file);
+ file_put_contents(BIND_LOCALBASE . "/etc/rndc.conf", $rndc_file);
}
}
}
@@ -152,7 +152,7 @@ function bind_sync()
$bind_enable = $bind['enable_bind'];
$bind_forwarder = $bind['bind_forwarder'];
$forwarder_ips = $bind['bind_forwarder_ips'];
- $ram_limit = ($bind['bind_ram_limit'] ? $bind['bind_ram_limit'] : "256M");
+ $ram_limit = $bind['bind_ram_limit'] ? $bind['bind_ram_limit'] : "256M";
$hide_version = $bind['bind_hide_version'];
$bind_notify = $bind['bind_notify'];
$custom_options = base64_decode($bind['bind_custom_options']);
@@ -162,7 +162,7 @@ function bind_sync()
$bind_conf .= "#Do not edit this file!!!\n\n";
$bind_conf .= "$rndc_bindconf\n";
$bind_conf .= "$bind_global_settings\n";
- // curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
+ // Curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
$bind_conf .= <<<EOD
options {
@@ -172,13 +172,13 @@ options {
max-cache-size {$ram_limit};
EOD;
- // check response rate limit option
+ // Check response rate limit option
//https://kb.isc.org/article/AA-01000/0/A-Quick-Introduction-to-Response-Rate-Limiting.html
//http://ss.vix.su/~vjs/rl-arm.html
if ($bind['rate_enabled'] == "on") {
- $rate_limit = ($bind['rate_limit'] ? $bind['rate_limit'] : "15");
- $log_only = ($bind['log_only'] == "no" ? "no" : "yes");
- // curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
+ $rate_limit = $bind['rate_limit'] ? $bind['rate_limit'] : "15";
+ $log_only = $bind['log_only'] == "no" ? "no" : "yes";
+ // Curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
$bind_conf .= <<<EOD
rate-limit {
responses-per-second {$rate_limit};
@@ -187,7 +187,7 @@ EOD;
EOD;
}
- //check ips to listen on
+ // Check IPs to listen on
if (preg_match("/All/", $bind['listenon'])) {
$bind_listenonv6 = "any;";
$bind_listenon = "any;";
@@ -200,7 +200,7 @@ EOD;
} elseif (is_ipaddr($listenon)) {
$bind_listenon .= $listenon."; ";
} else {
- $listenon = (pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon)));
+ $listenon = pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon));
if (is_ipaddr($listenon['ipaddr'])) {
$bind_listenon .= $listenon['ipaddr']."; ";
}
@@ -210,15 +210,15 @@ EOD;
}
}
}
- $bind_listenonv6 = ($bind_listenonv6 == "" ? "none;" : $bind_listenonv6);
- $bind_listenon = ($bind_listenon == "" ? "none;" : $bind_listenon);
- // print "<PRE>$bind_listenonv6 $bind_listenon";
+ $bind_listenonv6 = $bind_listenonv6 == "" ? "none;" : $bind_listenonv6;
+ $bind_listenon = $bind_listenon == "" ? "none;" : $bind_listenon;
+ // Print "<pre>$bind_listenonv6 $bind_listenon";
if (array_key_exists("ipv6allow", $config['system'])) {
$bind_conf .= "\tlisten-on-v6 { $bind_listenonv6 };\n";
}
$bind_conf .= "\tlisten-on { $bind_listenon };\n";
- // forwarder config
+ // Forwarder config
if ($bind_forwarder == 'on') {
$bind_conf .= "\tforwarders { $forwarder_ips };\n";
}
@@ -249,9 +249,9 @@ EOD;
system("/usr/bin/killall -HUP syslogd");
}
$log_categories = explode(",", $bind['log_options']);
- $log_severity = ($bind['log_severity'] ? $bind['log_severity'] : 'default');
+ $log_severity = $bind['log_severity'] ? $bind['log_severity'] : 'default';
if (sizeof($log_categories) > 0 && $log_categories[0] != "") {
- // curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
+ // Curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
$bind_conf .= <<<EOD
logging {
@@ -286,7 +286,7 @@ EOD;
array("name" => "localhost", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
$config['installedpackages']['bindacls']['config'][] =
array("name" => "localnets", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
- write_config("Create BIND Built-in ACLs");
+ write_config("Created BIND Built-in ACLs");
}
$bindacls = $config['installedpackages']['bindacls']['config'];
for ($i = 0; $i < sizeof($bindacls); $i++) {
@@ -366,9 +366,7 @@ EOD;
// Ensure zone view folder exists
if ($zonetype != "forward") {
foreach ($zoneviewlist as $zoneview) {
- if (!(is_dir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview"))) {
- mkdir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", 0755, true);
- }
+ safe_mkdir(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", 0755);
}
}
@@ -422,7 +420,7 @@ EOD;
$bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
}
if ($zone['dnssec'] == "on") {
- //https://kb.isc.org/article/AA-00626/
+ // https://kb.isc.org/article/AA-00626/
$bind_conf .= "\n\t\t# look for dnssec keys here:\n";
$bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
$bind_conf .= "\t\t# publish and activate dnssec keys:\n";
@@ -442,7 +440,7 @@ EOD;
$bind_conf .= "\t\tforwarders { $zoneforwarders; };\n";
break;
case 'redirect':
- $bind_conf .= "\t\t# While using redirect zones,NXDOMAIN Redirection will not override DNSSEC\n";
+ $bind_conf .= "\t\t# While using redirect zones, NXDOMAIN Redirection will not override DNSSEC\n";
$bind_conf .= "\t\t# If the client has requested DNSSEC records (DO=1) and the NXDOMAIN response is signed then no substitution will occur\n";
$bind_conf .= "\t\t# https://kb.isc.org/article/AA-00376/192/BIND-9.9-redirect-zones-for-NXDOMAIN-redirection.html\n";
$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
@@ -462,17 +460,17 @@ EOD;
switch ($zonetype) {
case 'master':
case 'redirect':
- // check/update slave dir permission
- chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
- chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
- $zonetll = ($zone['tll'] ? $zone['tll'] : "43200");
- $zonemail = ($zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}");
+ // Check/update slave dir permission
+ chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
+ $zonetll = $zone['tll'] ? $zone['tll'] : "43200";
+ $zonemail = $zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}";
$zonemail = preg_replace("/@/", ".", $zonemail);
$zoneserial = $zone['serial'];
- $zonerefresh = ($zone['refresh'] ? $zone['refresh'] : "3600");
- $zoneretry = ($zone['retry'] ? $zone['retry'] : "600");
- $zoneexpire = ($zone['expire'] ? $zone['expire'] : "86400");
- $zoneminimum = ($zone['minimum'] ? $zone['minimum'] : "3600");
+ $zonerefresh = $zone['refresh'] ? $zone['refresh'] : "3600";
+ $zoneretry = $zone['retry'] ? $zone['retry'] : "600";
+ $zoneexpire = $zone['expire'] ? $zone['expire'] : "86400";
+ $zoneminimum = $zone['minimum'] ? $zone['minimum'] : "3600";
$zonenameserver = $zone['nameserver'];
$zoneipns = $zone['ipns'];
$zonereverso = $zone['reverso'];
@@ -573,10 +571,10 @@ EOD;
$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($zone_conf);
$write_config++;
- //check dnssec keys creation for master zones
+ // Check DNSSEC keys creation for master zones
if ($zone['dnssec'] == "on") {
$zone_found = 0;
- foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
+ foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
$zone_found++;
}
if ($zone_found == 0) {
@@ -596,16 +594,16 @@ EOD;
}
$dnssec_bin = "/usr/local/sbin/dnssec-keygen";
if (file_exists($dnssec_bin) && $key_restored == 0) {
- exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys {$zonename}", $kout);
- exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys -fk {$zonename}", $kout);
+ exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys {$zonename}", $kout);
+ exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys -fk {$zonename}", $kout);
foreach ($kout as $filename) {
- chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.key", "bind");
- chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.private", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.key", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.private", "bind");
}
log_error("[bind] DNSSEC keys for {$zonename} created.");
}
}
- // get ds keys
+ // Get DS keys
$dsfromkey = "/usr/local/sbin/dnssec-dsfromkey";
foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
$zone_key = file_get_contents($filename);
@@ -616,10 +614,10 @@ EOD;
}
}
- // save dnssec keys to xml
+ // Save DNSSEC keys to xml
if ($zone['backupkeys'] == "on") {
$dnssec_keys = 0;
- foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
+ foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
$file_found = 0;
if (is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])) {
foreach ($config['installedpackages']['dnsseckeys']['config'] as $filer) {
@@ -643,21 +641,21 @@ EOD;
}
break;
case 'slave':
- // check/update slave dir permission
- chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
- chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
+ // Check/update slave dir permission
+ chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
// check if exists slave zone file
$rsconfig = "";
if ($zone['dnssec'] == "on") {
- if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
- exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} ".CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
+ if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
+ exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} " . CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
}
} else {
- if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
- $slave_file = file(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB");
+ if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
+ $slave_file = file(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB");
}
}
- // TODO is is_array() the best test to use? is it only checking for existence?
+ // TODO: is is_array() the best test to use? Is it only checking for existence?
if (is_array($slave_file)) {
foreach ($slave_file as $zfile) {
$rsconfig .= $zfile;
@@ -667,7 +665,7 @@ EOD;
$write_config++;
break;
case 'forward':
- // forwarder zone does not have a DB file
+ // Forwarder zone does not have a DB file
$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = '';
$write_config++;
break;
@@ -683,18 +681,16 @@ EOD;
$bind_conf .= "\t};\n\n";
}
if ($write_config > 0) {
- write_config("save result config file for zone on xml");
+ write_config("BIND: Saved resulting config file for zone in xml");
}
$bind_conf .= "};\n";
}
$dirs = array("/etc/namedb/keys", "/var/run/named", "/var/dump", "/var/log", "/var/stats", "/dev");
foreach ($dirs as $dir) {
- if (!is_dir(CHROOT_LOCALBASE.$dir)) {
- mkdir(CHROOT_LOCALBASE.$dir, 0755, true);
- }
+ safe_mkdir(CHROOT_LOCALBASE . $dir, 0755);
}
- // dev dirs for chroot
- $bind_dev_dir = CHROOT_LOCALBASE."/dev";
+ // Handle /dev dirs for chroot
+ $bind_dev_dir = CHROOT_LOCALBASE . "/dev";
if (!file_exists("$bind_dev_dir/random")) {
$dev_dirs = array("null", "zero", "random", "urandom");
exec("/sbin/mount -t devfs devfs {$bind_dev_dir}", $dout);
@@ -706,41 +702,40 @@ EOD;
exec("/sbin/devfs -m {$bind_dev_dir} rule applyset", $dout);
}
// http://www.unixwiz.net/techtips/bind9-chroot.html
- file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/named.conf', $bind_conf);
- file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/rndc.conf', $rndc_file);
+ file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/named.conf', $bind_conf);
+ file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/rndc.conf', $rndc_file);
- if (!file_exists(CHROOT_LOCALBASE."/etc/namedb/named.root")) {
+ if (!file_exists(CHROOT_LOCALBASE . "/etc/namedb/named.root")) {
// dig +tcp @a.root-servers.net > CHROOT_LOCALBASE."/etc/namedb/named.root"
$named_root = file_get_contents("http://www.internic.net/domain/named.root");
- file_put_contents(CHROOT_LOCALBASE."/etc/namedb/named.root", $named_root, LOCK_EX);
+ file_put_contents(CHROOT_LOCALBASE . "/etc/namedb/named.root", $named_root, LOCK_EX);
}
if (!file_exists(CHROOT_LOCALBASE."/etc/localtime")) {
- copy("/etc/localtime", CHROOT_LOCALBASE."/etc/localtime");
+ copy("/etc/localtime", CHROOT_LOCALBASE . "/etc/localtime");
}
bind_write_rcfile();
- chown(CHROOT_LOCALBASE."/etc/namedb/keys", "bind");
- chown(CHROOT_LOCALBASE."/etc/namedb", "bind");
- chown(CHROOT_LOCALBASE."/var/log", "bind");
- chown(CHROOT_LOCALBASE."/var/run/named", "bind");
- chgrp(CHROOT_LOCALBASE."/var/log", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb/keys", "bind");
+ chown(CHROOT_LOCALBASE . "/etc/namedb", "bind");
+ chown(CHROOT_LOCALBASE . "/var/log", "bind");
+ chown(CHROOT_LOCALBASE . "/var/run/named", "bind");
+ chgrp(CHROOT_LOCALBASE . "/var/log", "bind");
$bind_sh = "/usr/local/etc/rc.d/named.sh";
if ($bind_enable == "on") {
chmod($bind_sh, 0755);
- mwexec("{$bind_sh} restart");
+ restart_service("named");
} elseif (is_service_running('named')) {
- mwexec("{$bind_sh} stop");
+ stop_service("named");
chmod($bind_sh, 0644);
}
- // sync to backup servers
+ // Sync to backup servers
bind_sync_on_changes();
conf_mount_ro();
}
-function bind_print_javascript_type_zone()
-{
+function bind_print_javascript_type_zone() {
?>
- <script language="JavaScript">
+ <script type="text/javascript">
<!--
function on_type_zone_changed() {
@@ -844,35 +839,33 @@ function bind_print_javascript_type_zone()
<?php
}
-function bind_print_javascript_type_zone2()
-{
- print("<script language=\"JavaScript\">on_type_zone_changed();document.iform.resultconfig.disabled = 1;document.iform.dsset.disabled = 1;</script>\n");
+function bind_print_javascript_type_zone2() {
+ print("<script language=\"text/javascript\">on_type_zone_changed(); document.iform.resultconfig.disabled = 1; document.iform.dsset.disabled = 1;</script>\n");
}
-function bind_write_rcfile()
-{
+function bind_write_rcfile() {
global $config;
$bind = $config['installedpackages']['bind']['config'][0];
$ip_version = ($bind['bind_ip_version'] ? $bind['bind_ip_version'] : "");
$rc = array();
$BIND_LOCALBASE = "/usr/local";
$rc['file'] = 'named.sh';
- // curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
+ // Curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
$rc['start'] = <<<EOD
- if [ -z "`ps auxw | grep "[n]amed {$ip_version} -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
+ if [ -z "`/bin/ps auxw | /usr/bin/grep "[n]amed {$ip_version} -c /etc/namedb/named.conf" | /usr/bin/awk '{print $2}'`" ]; then
{$BIND_LOCALBASE}/sbin/named {$ip_version} -c /etc/namedb/named.conf -u bind -t /cf/named/
fi
EOD;
$rc['stop'] = <<<EOD
- killall -9 named 2>/dev/null
+ /usr/bin/killall -9 named 2>/dev/null
sleep 2
EOD;
// curly braces in the following <<<EOD are PHP {$variable}, not named.conf text { value; }
$rc['restart'] = <<<EOD
- if [ -z "`ps auxw | grep "[n]amed {$ip_version} -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
+ if [ -z "`/bin/ps auxw | /usr/bin/grep "[n]amed {$ip_version} -c /etc/namedb/named.conf" | /usr/bin/awk '{print $2}'`" ]; then
{$BIND_LOCALBASE}/sbin/named {$ip_version} -c /etc/namedb/named.conf -u bind -t /cf/named/
else
- killall -9 named 2>/dev/null
+ /usr/bin/killall -9 named 2>/dev/null
sleep 3
{$BIND_LOCALBASE}/sbin/named {$ip_version} -c /etc/namedb/named.conf -u bind -t /cf/named/
fi
@@ -896,7 +889,7 @@ function bind_sync_on_changes()
if (is_array($bind_sync['row'])) {
$rs = $bind_sync['row'];
} else {
- log_error("[bind] xmlrpc sync is enabled but there is no hosts to push on bind config.");
+ log_error("[bind] XMLRPC sync is enabled but there are no hosts to push on BIND config.");
return;
}
break;
@@ -907,7 +900,7 @@ function bind_sync_on_changes()
$rs[0]['username'] = $hasync['username'];
$rs[0]['password'] = $hasync['password'];
} else {
- log_error("[bind] xmlrpc sync is enabled but there is no system backup hosts to push bind config.");
+ log_error("[bind] XMLRPC sync is enabled but there are no system backup hosts to push BIND config.");
return;
}
break;
@@ -916,7 +909,7 @@ function bind_sync_on_changes()
break;
}
if (is_array($rs)) {
- log_error("[bind] xmlrpc sync is starting.");
+ log_error("[bind] XMLRPC sync is starting.");
foreach ($rs as $sh) {
$sync_to_ip = $sh['ipaddress'];
$password = $sh['password'];
@@ -929,7 +922,7 @@ function bind_sync_on_changes()
bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $master_zone_ip);
}
}
- log_error("[bind] xmlrpc sync is ending.");
+ log_error("[bind] XMLRPC sync is ending.");
}
}
}
@@ -955,14 +948,13 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
$synctimeout = 25;
}
-
$xmlrpc_sync_neighbor = $sync_to_ip;
if ($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
$synchronizetoip .= "://";
}
$port = $config['system']['webgui']['port'];
- /* if port is empty lets rely on the protocol selection */
+ /* If port is empty let's rely on the protocol selection */
if ($port == "") {
if ($config['system']['webgui']['protocol'] == "http") {
$port = "80";
@@ -972,7 +964,7 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
}
$synchronizetoip .= $sync_to_ip;
- /* xml will hold the sections to sync */
+ /* XML will hold the sections to sync */
$xml = array();
$xml['bind'] = $config['installedpackages']['bind'];
$xml['bindacls'] = $config['installedpackages']['bindacls'];
@@ -981,7 +973,7 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
if (is_array($config['installedpackages']['dnsseckeys'])) {
$xml['dnsseckeys'] = $config['installedpackages']['dnsseckeys'];
}
- //change master zone to slave on backup servers
+ // Change master zone to slave on backup servers
if (is_array($xml['bindzone']["config"])) {
for ($x = 0; $x < sizeof($xml['bindzone']["config"]); $x++) {
if ($xml['bindzone']["config"][$x]['type'] == "master") {
@@ -991,13 +983,13 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
}
}
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
- /* set a few variables needed for sync code borrowed from filter.inc */
+ /* Set a few variables needed for sync code borrowed from filter.inc */
$url = $synchronizetoip;
log_error("[bind] Beginning bind XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
@@ -1007,10 +999,10 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
if ($g['debug']) {
$cli->setDebug(1);
}
- /* send our XMLRPC message and timeout after defined sync timeout value*/
+ /* Send our XMLRPC message and timeout after defined sync timeout value */
$resp = $cli->send($msg, $synctimeout);
if (!$resp) {
- $error = "A communications error occurred while attempting BIND XMLRPC sync with {$url}:{$port}.";
+ $error = "A communication error occurred while attempting BIND XMLRPC sync with {$url}:{$port}.";
log_error($error);
file_notice("sync_settings", $error, "bind Settings Sync", "");
} elseif ($resp->faultCode()) {
@@ -1023,11 +1015,11 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
log_error("[bind] XMLRPC sync successfully completed with {$url}:{$port}.");
}
- /* tell bind to reload our settings on the destination sync host. */
+ /* Tell bind to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/bind.inc');\n";
$execcmd .= "bind_sync('yes');";
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
@@ -1039,13 +1031,13 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $m
$cli->setCredentials($username, $password);
$resp = $cli->send($msg, $synctimeout);
if (!$resp) {
- $error = "A communications error occurred while attempting BIND XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
+ $error = "A communication error occurred while attempting BIND XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
log_error($error);
file_notice("sync_settings", $error, "Bind Settings Sync", "");
} elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, $synctimeout);
- $error = "[Bind] An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code ".$resp->faultCode().": ".$resp->faultString();
+ $error = "[bind] An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code ".$resp->faultCode().": ".$resp->faultString();
log_error($error);
file_notice("sync_settings", $error, "bind Settings Sync", "");
} else {
diff --git a/config/bind/bind.widget.php b/config/bind/bind.widget.php
index 1e8c0cc8..deae7ba6 100644
--- a/config/bind/bind.widget.php
+++ b/config/bind/bind.widget.php
@@ -1,28 +1,31 @@
<?php
/*
- Copyright 2013 Marcello Coutinho
- Part of bind package for pfSense(www.pfsense.org)
+ bind.widget.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
*/
@require_once("guiconfig.inc");
@require_once("pfsense-utils.inc");
@@ -33,27 +36,22 @@ if ($uname['machine'] == 'amd64') {
ini_set('memory_limit', '250M');
}
-function open_table()
-{
+function open_table() {
echo "<table style=\"padding-top:0px; padding-bottom:0px; padding-left:0px; padding-right:0px\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">";
- echo " <tr>";
+ echo "<tr>";
}
-function close_table()
-{
- echo " </tr>";
+function close_table() {
+ echo "</tr>";
echo "</table>";
-
}
$pfb_table = array();
-$img['Sick'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_down.gif'>";
-$img['Healthy'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_up.gif'>";
-
+$img['Sick'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_down.gif' alt='sick'>";
+$img['Healthy'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_up.gif' alt='healthy'>";
-#var_dump($pfb_table);
-#exit;
?>
+
<div id='bind'><?php
global $config;
$rndc_bin = "/usr/local/sbin/rndc";
@@ -73,6 +71,7 @@ $img['Healthy'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_
?>
<script type="text/javascript">
+ //<![CDATA[
function getstatus_bind() {
var url = "/widgets/widgets/bind.widget.php";
var pars = 'getupdatestatus=yes';
@@ -89,4 +88,5 @@ $img['Healthy'] = "<img src ='/themes/{$g['theme']}/images/icons/icon_interface_
setTimeout('getstatus_postfix()', 5000);
}
getstatus_bind();
+ //]]>
</script>
diff --git a/config/bind/bind.xml b/config/bind/bind.xml
index c24bf351..0f6861fc 100644
--- a/config/bind/bind.xml
+++ b/config/bind/bind.xml
@@ -3,56 +3,50 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind.xml
- part of pfSense (http://www.pfSense.com)
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ bind.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+ ]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bind</name>
- <version>1.0</version>
- <title>Bind: Domain Named Settings</title>
+ <version>0.4.0</version>
+ <title>BIND: DNS Settings</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
<menu>
- <name>BIND Server</name>
+ <name>BIND DNS Server</name>
<tooltiptext>Modify BIND settings</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=bind.xml</url>
@@ -87,45 +81,36 @@
</tab>
</tabs>
- <!-- Installation -->
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_views.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_zones.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_acls.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_sync.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/pkg_bind.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/widgets/widgets/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.widget.php</item>
</additional_files_needed>
<fields>
@@ -137,16 +122,24 @@
<field>
<fielddescr>Enable BIND</fielddescr>
<fieldname>enable_bind</fieldname>
- <description><![CDATA[Enable BIND DNS server<br>
- Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.]]></description>
+ <description>
+ <![CDATA[
+ Enable BIND DNS server<br />
+ Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.
+ ]]>
+ </description>
<type>checkbox</type>
<required/>
</field>
<field>
<fielddescr>IP Version</fielddescr>
<fieldname>bind_ip_version</fieldname>
- <description><![CDATA[Select IP transport version.<br>
- This controls which transports are used when resolving queries.]]></description>
+ <description>
+ <![CDATA[
+ Select IP transport version.<br />
+ This controls which transports are used when resolving queries.
+ ]]>
+ </description>
<type>select</type>
<options>
<option><name>IPv4+IPv6</name><value></value></option>
@@ -157,7 +150,7 @@
<field>
<fielddescr>Listen on</fielddescr>
<fieldname>listenon</fieldname>
- <description><![CDATA[Choose the interfaces on which to enable BIND.]]></description>
+ <description>Choose the interfaces on which to enable BIND.</description>
<type>interfaces_selection</type>
<showlistenall/>
<showvirtualips/>
@@ -178,34 +171,42 @@
<field>
<fielddescr>Limit Memory Use</fielddescr>
<fieldname>bind_ram_limit</fieldname>
- <description>Limits RAM use for DNS server, recommend 256M</description>
+ <description>Limits RAM use for DNS server (Recommended: 256M)</description>
<type>input</type>
<size>10</size>
<default_value>256M</default_value>
</field>
<field>
<type>listtopic</type>
- <name>Logging options</name>
+ <name>Logging Options</name>
<fieldname>temp01</fieldname>
</field>
<field>
<fielddescr>Enable Logging</fielddescr>
<fieldname>bind_logging</fieldname>
- <description><![CDATA[Enable BIND logs under Status > System logs, Resolver tab.]]></description>
+ <description>
+ <![CDATA[
+ Enable BIND logs under Status > System logs, Resolver tab.
+ ]]>
+ </description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Logging Serverity</fielddescr>
+ <fielddescr>Logging Severity</fielddescr>
<fieldname>log_severity</fieldname>
- <description><![CDATA[Choose logging level for selected categories.<BR>
- The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.]]></description>
+ <description>
+ <![CDATA[
+ Choose logging level for selected categories.<br />
+ The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.
+ ]]>
+ </description>
<type>select</type>
<options>
- <option><name>Critital</name><value>critical</value></option>
+ <option><name>Critical</name><value>critical</value></option>
<option><name>Error</name><value>error</value></option>
<option><name>Warning</name><value>warning</value></option>
<option><name>Notice</name><value>Notice</value></option>
- <option><name>info</name><value>info</value></option>
+ <option><name>Info</name><value>info</value></option>
<option><name>Debug level 1</name><value>debug 1</value></option>
<option><name>Debug level 3</name><value>debug 3</value></option>
<option><name>Debug level 5</name><value>debug 5</value></option>
@@ -215,27 +216,82 @@
<field>
<fielddescr>Logging Options</fielddescr>
<fieldname>log_options</fieldname>
- <description><![CDATA[Select categories to log.<BR>
- use CTRL+click to select/unselect.]]></description>
+ <description>
+ <![CDATA[
+ Select categories to log.<br />
+ (Use CTRL + click to select/unselect.
+ ]]>
+ </description>
<type>select</type>
<options>
- <option><name>Default-if this is the only category selected, it will log all categories except queries</name><value>default</value></option>
- <option><name>General-Anything that is not classified as any other item in this list defaults to this category</name><value>general</value></option>
- <option><name>Database-The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace</name><value>database</value></option>
- <option><name>Security-Approval and denial of requests</name><value>security</value></option>
- <option><name>Config-Configuration file parsing and processing</name><value>config</value></option>
- <option><name>Resolver-Name resolution including recursive lookups</name><value>resolver</value></option>
- <option><name>Xfer-in-Details of zone transfers the server is receiving.</name><value>xfer-in</value></option>
- <option><name>Xfer-out-Details of zone transfers the server is sending.</name><value>xfer-out</value></option>
- <option><name>Notify-Logs all NOTIFY operations.</name><value>notify</value></option>
- <option><name>Client-Processing of client requests</name><value>client</value></option>
- <option><name>Unmatched-No matching view clause or unrecognized class value.</name><value>unmatched</value></option>
- <option><name>Queries-Logs all query transactions</name><value>queries</value></option>
- <option><name>Network-Logs all network operations</name><value>network</value></option>
- <option><name>Update-Logging of all dynamic update (DDNS) transactions</name><value>update</value></option>
- <option><name>Dispatch-Dispatching of incoming packets to the server modules</name><value>dispatch</value></option>
- <option><name>DNSSEC-DNSSEC and TSIG protocol processing</name><value>dnssec</value></option>
- <option><name>lame-servers-Mis-configuration in the delegation of domains discovered by BIND</name><value>lame-servers</value></option>
+ <option>
+ <name>Default - If this is the only category selected, it will log all categories except queries.</name>
+ <value>default</value>
+ </option>
+ <option>
+ <name>General - Anything that is not classified as any other item in this list defaults to this category.</name>
+ <value>general</value>
+ </option>
+ <option>
+ <name>Database - Messages relating to the databases used internally by the name server to store zone and cache data.</name>
+ <value>database</value>
+ </option>
+ <option>
+ <name>Security - Approval and denial of requests.</name>
+ <value>security</value>
+ </option>
+ <option>
+ <name>Config - Configuration file parsing and processing.</name>
+ <value>config</value>
+ </option>
+ <option>
+ <name>Resolver - Name resolution including recursive lookups.</name>
+ <value>resolver</value>
+ </option>
+ <option>
+ <name>Xfer-in - Details of zone transfers the server is receiving.</name>
+ <value>xfer-in</value>
+ </option>
+ <option>
+ <name>Xfer-out - Details of zone transfers the server is sending.</name>
+ <value>xfer-out</value>
+ </option>
+ <option>
+ <name>Notify - Logs all NOTIFY operations.</name>
+ <value>notify</value>
+ </option>
+ <option>
+ <name>Client - Processing of client requests.</name>
+ <value>client</value>
+ </option>
+ <option>
+ <name>Unmatched - No matching view clause or unrecognized class value.</name>
+ <value>unmatched</value>
+ </option>
+ <option>
+ <name>Queries - Logs all query transactions.</name>
+ <value>queries</value>
+ </option>
+ <option>
+ <name>Network - Logs all network operations.</name>
+ <value>network</value>
+ </option>
+ <option>
+ <name>Update - Logging of all dynamic update (DDNS) transactions.</name>
+ <value>update</value>
+ </option>
+ <option>
+ <name>Dispatch - Dispatching of incoming packets to the server modules.</name>
+ <value>dispatch</value>
+ </option>
+ <option>
+ <name>DNSSEC - DNSSEC and TSIG protocol processing.</name>
+ <value>dnssec</value>
+ </option>
+ <option>
+ <name>lame-servers - Misconfiguration in the delegation of domains discovered by BIND.</name>
+ <value>lame-servers</value>
+ </option>
</options>
<multiple/>
<size>18</size>
@@ -248,8 +304,12 @@
<field>
<fielddescr>Rate Limit</fielddescr>
<fieldname>rate_enabled</fieldname>
- <description><![CDATA[<a target=_new href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html?utm_source=isc&utm_medium=website&utm_term=rrl-kb&utm_content=kbarticle&utm_campaign=bind994_release_091913'>
- Limit/rate response queries</a> to prevent DOS attack.]]></description>
+ <description>
+ <![CDATA[
+ See <a href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html'>A Quick Introduction to Response Rate Limiting</a>&nbsp;
+ to prevent DOS attack.
+ ]]>
+ </description>
<type>checkbox</type>
<enablefields>rate_limit,log_only</enablefields>
</field>
@@ -266,29 +326,30 @@
<field>
<fielddescr>Limit</fielddescr>
<fieldname>rate_limit</fieldname>
- <description>Set rate limit. Default to 15.</description>
+ <description>Set rate limit. (Default: 15)</description>
<type>input</type>
<size>10</size>
</field>
<field>
<type>listtopic</type>
- <name>Forwarder Config</name>
+ <name>Forwarder Configuration</name>
<fieldname>temp01</fieldname>
</field>
<field>
<fielddescr>Enable Forwarding</fielddescr>
<fieldname>bind_forwarder</fieldname>
- <description>Enable forwarding queries to other DNS servers listed below rather than this server
- performing its own recursion.
- </description>
+ <description>Enable forwarding queries to other DNS servers listed below rather than this server performing its own recursion.</description>
<type>checkbox</type>
<enablefields>bind_forwarder_ips</enablefields>
</field>
<field>
<fielddescr>Forwarder IPs</fielddescr>
<fieldname>bind_forwarder_ips</fieldname>
- <description>Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;). Applies
- only if Enable Forwarding is chosen.
+ <description>
+ <![CDATA[
+ Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;).<br />
+ Applies only if Enable Forwarding is chosen.
+ ]]>
</description>
<type>input</type>
<size>80</size>
@@ -302,8 +363,10 @@
<fielddescr>Custom Options</fielddescr>
<fieldname>bind_custom_options</fieldname>
<description>
- <![CDATA[You can put your own custom options here, one per line.<br>
- They'll be added to the configuration. They need to be named.conf native options.]]>
+ <![CDATA[
+ You can put your own custom options here, one per line. They'll be added to the configuration.<br />
+ They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings.
+ ]]>
</description>
<type>textarea</type>
<cols>65</cols>
@@ -319,8 +382,10 @@
<fielddescr>Global Settings</fielddescr>
<fieldname>bind_global_settings</fieldname>
<description>
- <![CDATA[You can put your own global settings here.<br>
- They'll be added to the configuration. They need to be named.conf native settings.]]>
+ <![CDATA[
+ You can put your own global settings here. They'll be added to the configuration.<br />
+ They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings.
+ ]]>
</description>
<type>textarea</type>
<cols>65</cols>
@@ -328,21 +393,10 @@
<encoding>base64</encoding>
</field>
</fields>
- <custom_php_after_head_command>
- </custom_php_after_head_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_add_php_command>
- </custom_add_php_command>
- <custom_php_validation_command>
- </custom_php_validation_command>
<custom_php_resync_config_command>
bind_sync();
</custom_php_resync_config_command>
<custom_php_install_command>
bind_write_rcfile();
</custom_php_install_command>
- <custom_php_deinstall_command>
- </custom_php_deinstall_command>
- <filter_rules_needed></filter_rules_needed>
</packagegui>
diff --git a/config/bind/bind_acls.xml b/config/bind/bind_acls.xml
index 49794a69..49ca1631 100644
--- a/config/bind/bind_acls.xml
+++ b/config/bind/bind_acls.xml
@@ -1,61 +1,50 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind_acls.xml
- part of pfSense (http://www.pfSense.com)
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ bind_acls.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+ ]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bindacls</name>
- <version>0.1.0</version>
+ <version>0.4.0</version>
<title>BIND: ACLs Settings</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
- <menu>
- <name>BIND Server</name>
- <tooltiptext></tooltiptext>
- <section>Services</section>
- <configfile>bind.xml</configfile>
- </menu>
<tabs>
<tab>
<text>Settings</text>
@@ -91,13 +80,11 @@
</columnitem>
<movable>on</movable>
</adddeleteeditpagefields>
- <!-- fields gets invoked when the user adds or edits a item. the following items
- will be parsed and rendered for the user as a gui with input, and selectboxes. -->
<fields>
<field>
<fielddescr>ACL Name</fielddescr>
<fieldname>name</fieldname>
- <description>Enter name ACL.</description>
+ <description>Enter name of the ACL.</description>
<type>input</type>
<required/>
</field>
@@ -108,8 +95,8 @@
<type>input</type>
</field>
<field>
- <fielddescr>Enter IP or range block network.</fielddescr>
- <description>Leave blank to allow All</description>
+ <fielddescr>Enter IP or network range block.</fielddescr>
+ <description>Leave blank to allow All.</description>
<fieldname>none</fieldname>
<type>rowhelper</type>
<rowhelper>
@@ -128,10 +115,6 @@
</rowhelper>
</field>
</fields>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_delete_php_command>
- </custom_delete_php_command>
<custom_php_resync_config_command>
bind_sync();
</custom_php_resync_config_command>
diff --git a/config/bind/bind_sync.xml b/config/bind/bind_sync.xml
index 97fdad81..91d713e3 100644
--- a/config/bind/bind_sync.xml
+++ b/config/bind/bind_sync.xml
@@ -1,49 +1,50 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind_sync.xml
- part of the Bind package for pfSense
- Copyright (C) 2013 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
+ bind_sync.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code MUST retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bindsync</name>
- <version>1.0</version>
- <title>Bind: XMLRPC Sync</title>
+ <version>0.4.0</version>
+ <title>BIND: XMLRPC Sync</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
<tabs>
<tab>
@@ -74,9 +75,9 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Automatically sync bind configuration changes</fielddescr>
+ <fielddescr>Automatically Sync BIND Configuration Changes</fielddescr>
<fieldname>synconchanges</fieldname>
- <description>Select a sync method for bind.</description>
+ <description>Select a sync method for BIND.</description>
<type>select</type>
<required/>
<default_value>auto</default_value>
@@ -87,7 +88,7 @@
</options>
</field>
<field>
- <fielddescr>Sync timeout</fielddescr>
+ <fielddescr>Sync Timeout</fielddescr>
<fieldname>synctimeout</fieldname>
<description>Select sync max wait time</description>
<type>select</type>
@@ -104,8 +105,12 @@
<field>
<fielddescr>Zone Master IP</fielddescr>
<fieldname>masterip</fieldname>
- <description><![CDATA[Set master zone ip you want to use to sync backup server zones with master.<br>
- <b>All master zones will be configured as backup on slave servers.<b>]]></description>
+ <description>
+ <![CDATA[
+ Set master zone ip you want to use to sync backup server zones with master.<br />
+ <strong>Note: All master zones will be configured as backup on slave servers.</strong>
+ ]]>
+ </description>
<type>input</type>
<size>20</size>
<required/>
@@ -114,15 +119,18 @@
<fielddescr>Remote Server</fielddescr>
<fieldname>none</fieldname>
<type>rowhelper</type>
- <description><![CDATA[<b>Do not forget to:</b><br>
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Create firewall rules to allow zone transfer between master and slave servers.<br>
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Create a acls with these slave servers.<br>
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Include created acl on allow-transfer option on zone config.]]></description>
+ <description><![CDATA[
+ <strong>Do not forget to:</strong><br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Create firewall rules to allow zone transfer between master and slave servers.<br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Create ACLs with these slave servers.<br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Include created ACLs on allow-transfer option on zone config.
+ ]]>
+ </description>
<rowhelper>
<rowhelperfield>
<fielddescr>IP Address</fielddescr>
<fieldname>ipaddress</fieldname>
- <description>IP Address of remote server</description>
+ <description>IP Address of remote server.</description>
<type>input</type>
<size>20</size>
</rowhelperfield>
@@ -136,8 +144,4 @@
</rowhelper>
</field>
</fields>
- <custom_php_validation_command>
- </custom_php_validation_command>
- <custom_php_resync_config_command>
- </custom_php_resync_config_command>
</packagegui>
diff --git a/config/bind/bind_views.xml b/config/bind/bind_views.xml
index 7d38f481..29bf9bb3 100644
--- a/config/bind/bind_views.xml
+++ b/config/bind/bind_views.xml
@@ -1,61 +1,50 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind_zone.xml
- part of pfSense (http://www.pfSense.com)
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ bind_views.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+ ]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bindviews</name>
- <version>0.1.0</version>
- <title>Bind: Views Settings</title>
+ <version>0.4.0</version>
+ <title>BIND: Views Settings</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
- <menu>
- <name>BIND Server</name>
- <tooltiptext></tooltiptext>
- <section>Services</section>
- <configfile>bind.xml</configfile>
- </menu>
<tabs>
<tab>
<text>Settings</text>
@@ -108,10 +97,12 @@
<field>
<fielddescr>Recursion</fielddescr>
<fieldname>recursion</fieldname>
- <description>A recursive query occurs when your DNS server is queried for a domain that it
- currently knows nothing about, in which case it will try to resolve the given host by
- performing further queries (eg by starting at the root servers and working out, or by
- simply passing the request to yet another DNS server).
+ <description>
+ <![CDATA[
+ A recursive query occurs when your DNS server is queried for a domain that it currently knows nothing about,&nbsp;
+ in which case it will try to resolve the given host by performing further queries&nbsp;
+ (e.g. by starting at the root servers and working out, or by simply passing the request to yet another DNS server).
+ ]]>
</description>
<type>select</type>
<options>
@@ -120,11 +111,13 @@
</options>
</field>
<field>
- <fielddescr>Match-clients</fielddescr>
+ <fielddescr>match-clients</fielddescr>
<fieldname>match-clients</fieldname>
- <description>If either or both of match-clients are missing they default to any (all hosts
- match). The match-clients statement defines the address_match_list for the source IP
- address of the incoming messages.
+ <description>
+ <![CDATA[
+ If either or both of match-clients are missing they default to any (all hosts match).<br />
+ The match-clients statement defines the address_match_list for the source IP address of the incoming messages.
+ ]]>
</description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source>
@@ -134,10 +127,13 @@
<size>03</size>
</field>
<field>
- <fielddescr>Allow-recursion</fielddescr>
+ <fielddescr>allow-recursion</fielddescr>
<fieldname>allow-recursion</fieldname>
- <description>For example, if you have one DNS server serving your local network, you may want
- all of your local computers to use your DNS server.
+ <description>
+ <![CDATA[
+ For example, if you have one DNS server serving your local network, you may want&nbsp;
+ all of your local computers to use your DNS server.
+ ]]>
</description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source>
@@ -154,18 +150,13 @@
<field>
<fielddescr>Custom Options</fielddescr>
<fieldname>bind_custom_options</fieldname>
- <description>You can put your own custom options here, separated by semi-colons (;).
- </description>
+ <description>You can put your own custom options here, separated by semi-colons (;).</description>
<type>textarea</type>
<cols>65</cols>
<rows>8</rows>
<encoding>base64</encoding>
</field>
</fields>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_delete_php_command>
- </custom_delete_php_command>
<custom_php_resync_config_command>
bind_sync();
</custom_php_resync_config_command>
diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml
index c289ddd3..50f852c3 100644
--- a/config/bind/bind_zones.xml
+++ b/config/bind/bind_zones.xml
@@ -1,61 +1,50 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind_zone.xml
- part of pfSense (http://www.pfSense.com)
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ bind_zones.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+ ]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bindzone</name>
<version>none</version>
<title>BIND: Zones Settings</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
- <menu>
- <name>BIND Server</name>
- <tooltiptext></tooltiptext>
- <section>Services</section>
- <configfile>bind.xml</configfile>
- </menu>
<tabs>
<tab>
<text>Settings</text>
@@ -116,17 +105,21 @@
<fieldname>temp01</fieldname>
</field>
<field>
- <fielddescr>Disable this zone</fielddescr>
+ <fielddescr>Disable This Zone</fielddescr>
<fieldname>disabled</fieldname>
- <description><![CDATA[Do not include this zone in BIND config files.]]></description>
+ <description>Do not include this zone in BIND config files.</description>
<type>checkbox</type>
</field>
<field>
<fielddescr>Zone Name</fielddescr>
<fieldname>name</fieldname>
- <description><![CDATA[Enter the name for zone (e.g. example.com)<br>
- For reverse zones, include zone IP in reverse order. (e.g. 1.168.192)<br>
- IN-ADDR.ARPA will be automaticaly included in config files when reverse zone option is checked.]]></description>
+ <description>
+ <![CDATA[
+ Enter the name for this zone (e.g. example.com)<br />
+ For reverse zones, include zone IP in reverse order. (e.g. 1.168.192)<br />
+ <strong>Note: IN-ADDR.ARPA will be automaticaly included in config files when reverse zone option is checked.</strong>
+ ]]>
+ </description>
<type>input</type>
<required/>
</field>
@@ -140,7 +133,7 @@
<field>
<fielddescr>Zone Type</fielddescr>
<fieldname>type</fieldname>
- <description><![CDATA[Select zone type.]]></description>
+ <description>Select zone type.</description>
<type>select</type>
<options>
<option><name>Master</name><value>master</value><enablefields>description</enablefields></option>
@@ -154,7 +147,7 @@
<field>
<fielddescr>View</fielddescr>
<fieldname>view</fieldname>
- <description><![CDATA[Select(CTRL+click) views that this zone will belong.]]></description>
+ <description>Select (CTRL+click) the views that this zone will belong to.</description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindviews']['config']]]></source>
<source_name>name</source_name>
@@ -165,14 +158,14 @@
<field>
<fielddescr>Reverse Zone</fielddescr>
<fieldname>reverso</fieldname>
- <description>Enable if this is a reverse zone.</description>
+ <description>Check if this is a reverse zone.</description>
<type>checkbox</type>
<enablefields>reversv6o</enablefields>
</field>
<field>
<fielddescr>IPv6 Reverse Zone</fielddescr>
<fieldname>reversv6o</fieldname>
- <description>Enable if this is a IPv6 reverse zone. Reverse Zone must also be enabled.</description>
+ <description>Check if this is an IPv6 reverse zone. Reverse Zone must also be enabled.</description>
<type>checkbox</type>
</field>
<field>
@@ -193,20 +186,28 @@
<fielddescr>Inline Signing</fielddescr>
<fieldname>dnssec</fieldname>
<enablefields>backupkeys</enablefields>
- <description><![CDATA[<a target=_new href='https://kb.isc.org/article/AA-00626/109/Inline-Signing-in-ISC-BIND-9.9.0-Examples.html'>Enable inline DNSSEC signing</a> for this zone.]]></description>
+ <description>
+ <![CDATA[
+ <a href="https://kb.isc.org/article/AA-00626/109/Inline-Signing-in-ISC-BIND-9.9.0-Examples.html">Enable inline DNSSEC signing</a> for this zone.
+ ]]>
+ </description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>backup keys</fielddescr>
+ <fielddescr>Backup Keys</fielddescr>
<fieldname>backupkeys</fieldname>
- <description><![CDATA[Enable this option to include all DNSSEC key files on XML.]]></description>
+ <description>Enable this option to include all DNSSEC key files in XML.</description>
<type>checkbox</type>
</field>
<field>
<fielddescr>DSSET</fielddescr>
<fieldname>dsset</fieldname>
- <description><![CDATA[Digest fingerprint of the Key Signing Key for this zone.<br>
- Upload this DSSET to your domain root server.]]></description>
+ <description>
+ <![CDATA[
+ Digest fingerprint of the Key Signing Key for this zone.<br />
+ Upload this DSSET to your domain root server.
+ ]]>
+ </description>
<type>textarea</type>
<cols>75</cols>
<rows>3</rows>
@@ -220,8 +221,7 @@
<field>
<fielddescr>Master Zone IP</fielddescr>
<fieldname>slaveip</fieldname>
- <description>If this is a slave zone, enter the IP address of the master DNS server.
- </description>
+ <description>If this is a slave zone, enter the IP address of the master DNS server.</description>
<type>input</type>
</field>
<field>
@@ -236,7 +236,6 @@
<type>input</type>
<size>70</size>
</field>
-
<field>
<type>listtopic</type>
<name>Master Zone Configuration</name>
@@ -245,20 +244,23 @@
<field>
<fielddescr>TLL</fielddescr>
<fieldname>tll</fieldname>
- <description>Default expiration time of all resource records without their own TTL value
- </description>
+ <description>Default expiration time of all resource records without their own TTL value.</description>
<type>input</type>
</field>
<field>
<fielddescr>Name Server</fielddescr>
<fieldname>nameserver</fieldname>
- <description>Enter nameserver for this zone</description>
+ <description>Enter nameserver for this zone.</description>
<type>input</type>
</field>
<field>
<fielddescr>Base Domain IP</fielddescr>
<fieldname>ipns</fieldname>
- <description>Enter IP address for base domain lookup. Ex: nslookup mydomain.com</description>
+ <description>
+ <![CDATA[
+ Enter IP address for base domain lookup. (Meaning, what IP should <em>nslookup mydomain.com</em> return.)
+ ]]>
+ </description>
<type>input</type>
</field>
<field>
@@ -270,42 +272,47 @@
<field>
<fielddescr>Serial</fielddescr>
<fieldname>serial</fieldname>
- <description>Parsed value for the slave to update the DNS zone</description>
+ <description>Parsed value for the slave to update the DNS zone.</description>
<type>input</type>
</field>
<field>
<fielddescr>Refresh</fielddescr>
<fieldname>refresh</fieldname>
- <description>Slave refresh (1 day)</description>
+ <description>Slave refresh (Default: 1 day)</description>
<type>input</type>
<default_value>1d</default_value>
</field>
<field>
<fielddescr>Retry</fielddescr>
<fieldname>retry</fieldname>
- <description>Slave retry time in case of a problem (2 hours)</description>
+ <description>Slave retry time in case of a problem (Default: 2 hours)</description>
<type>input</type>
<default_value>2h</default_value>
</field>
<field>
<fielddescr>Expire</fielddescr>
<fieldname>expire</fieldname>
- <description>Slave expiration time (4 weeks)</description>
+ <description>Slave expiration time (Default: 4 weeks)</description>
<type>input</type>
<default_value>4w</default_value>
</field>
<field>
<fielddescr>Minimum</fielddescr>
<fieldname>minimum</fieldname>
- <description>Maximum caching time in case of failed lookups (1 hour)</description>
+ <description>Maximum caching time in case of failed lookups (Default: 1 hour)</description>
<type>input</type>
<default_value>1h</default_value>
</field>
<field>
- <fielddescr>Allow-update</fielddescr>
+ <fielddescr>allow-update</fielddescr>
<fieldname>allowupdate</fieldname>
- <description><![CDATA[Select(CTRL+click) who are allowed to send updates to this zone.<br>
- Allow-update defines a match list eg IP address(es) that are allowed to submit dynamic updates for 'master' zones, ie it enables Dynamic DNS (DDNS).]]></description>
+ <description>
+ <![CDATA[
+ Select(CTRL+click) who is allowed to send updates to this zone.<br />
+ The allow-update statement defines a match list of IP address(es) that are allowed&nbsp;
+ to submit dynamic updates for 'master' zones - i.e., it enables Dynamic DNS (DDNS).
+ ]]>
+ </description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source>
<source_name>name</source_name>
@@ -314,26 +321,38 @@
<size>03</size>
</field>
<field>
- <fielddescr>Enable Update-policy</fielddescr>
+ <fielddescr>Enable update-policy</fielddescr>
<fieldname>enable_updatepolicy</fieldname>
- <description><![CDATA[Enable Update-policy which overrides Allow-update.<br>
- The update-policy statement replaces the allow-update statement.]]></description>
+ <description>
+ <![CDATA[
+ Enable update-policy which overrides allow-update.<br />
+ The update-policy statement replaces the allow-update statement.
+ ]]>
+ </description>
<type>checkbox</type>
<enablefields>updatepolicy</enablefields>
</field>
<field>
- <fielddescr>Update-policy</fielddescr>
+ <fielddescr>update-policy</fielddescr>
<fieldname>updatepolicy</fieldname>
- <description><![CDATA[Update-policy defines the policy for submitting dynamic updates to 'master' zones.<br>
- Do not include the surrounding { } when using multiple statements]]></description>
+ <description>
+ <![CDATA[
+ The update-policy statement defines the policy for submitting dynamic updates to 'master' zones.<br />
+ <strong>Note: Do NOT include the surrounding { } when using multiple statements!</strong>
+ ]]>
+ </description>
<type>input</type>
<size>75</size>
</field>
<field>
- <fielddescr>Allow-query</fielddescr>
+ <fielddescr>allow-query</fielddescr>
<fieldname>allowquery</fieldname>
- <description><![CDATA[Select(CTRL+click) who are allowed to query this zone.<br>
- Allow-query defines an match list of IP address(es) which are allowed to issue queries to the server.]]></description>
+ <description>
+ <![CDATA[
+ Select (CTRL+click) who is allowed to query this zone.<br />
+ The allow-query statement defines a match list of IP address(es) which are allowed to issue queries to the server.
+ ]]>
+ </description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source>
<source_name>name</source_name>
@@ -342,10 +361,20 @@
<size>03</size>
</field>
<field>
- <fielddescr>Allow-transfer</fielddescr>
+ <fielddescr>allow-transfer</fielddescr>
<fieldname>allowtransfer</fieldname>
- <description><![CDATA[Select(CTRL+click) who are allowed to copy this zone.<br>
- Allow-transfer defines a match list eg IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy.]]></description>
+ <description>
+ <![CDATA[
+ Select (CTRL+click) who is allowed to copy this zone.<br />
+ The allow-transfer statement defines a match list of IP address(es) that are allowed to transfer&nbsp;
+ (copy) the zone information from the server (master or slave for the zone). While on its face this may&nbsp;
+ seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys&nbsp;
+ can get all of it anyway.<br /><br />
+ However, if the thought of anyone being able to transfer your precious zone file is repugnant, or&nbsp;
+ (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests,&nbsp;
+ then you should use the following policy.
+ ]]>
+ </description>
<type>select_source</type>
<source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source>
<source_name>name</source_name>
@@ -359,26 +388,30 @@
<fieldname>temp02</fieldname>
</field>
<field>
- <fielddescr>Enter Domain records.</fielddescr>
- <description><![CDATA[<b>"Record"</b> is the name or last octet of IP. Example: www or pop<br>
- <b>"Type"</b> is the type of the record Sample: A CNAME MX NS<br>
- <b>"Priority"</b> in used only in mx records to define its priority<br>
- <b>"Alias or IP address"</b> is the destination host or ip address.<br><br>
- You can order elements on this list with drag and drop between columns.]]></description>
+ <fielddescr>Enter Domain Records</fielddescr>
+ <description>
+ <![CDATA[
+ <strong>"Record"</strong> is the name or last octet of an IP. (Example: www, pop, smtp)<br />
+ <strong>"Type"</strong> is the type of the record. (Example: A, CNAME, MX, NS)<br />
+ <strong>"Priority"</strong> is used only in MX records to define their priority.<br />
+ <strong>"Alias or IP address"</strong> is the destination host or IP address.<br /><br />
+ Note: You can order the elements on this list with drag and drop.
+ ]]>
+ </description>
<fieldname>none</fieldname>
<type>rowhelper</type>
<rowhelper>
<rowhelperfield>
<fielddescr>Record</fielddescr>
<fieldname>hostname</fieldname>
- <description>Enter the Host Name (ex: www)</description>
+ <description>Enter the Host Name (Example: www)</description>
<type>input</type>
<size>10</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr>Type</fielddescr>
<fieldname>hosttype</fieldname>
- <description>Select Type Host</description>
+ <description>Select record type for this host.</description>
<type>select</type>
<options>
<option><name>A</name><value>A</value></option>
@@ -397,15 +430,14 @@
<rowhelperfield>
<fielddescr>Priority</fielddescr>
<fieldname>hostvalue</fieldname>
- <description>MX 10 or 20</description>
+ <description>Priority for MX record. (Example: 10 or 20)</description>
<type>input</type>
<size>3</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr>Alias or IP address</fielddescr>
<fieldname>hostdst</fieldname>
- <description>Enter the IP address or FQDN destination for domain MX (ex: 10.31.11.1 or mail.example.com)
- </description>
+ <description>Enter the IP address or FQDN destination for domain's MX (Example: 10.31.11.1 or mail.example.com)</description>
<type>input</type>
<size>35</size>
</rowhelperfield>
@@ -414,22 +446,24 @@
</field>
<field>
<fieldname>regdhcpstatic</fieldname>
- <fielddescr>Register DHCP static mappings</fielddescr>
- <description>If this option is set, then DHCP static mappings will be registered in DNS, so that
- their name can be resolved.
- </description>
+ <fielddescr>Register DHCP Static Mappings</fielddescr>
+ <description>If this option is set, then DHCP static mappings will be registered in DNS, so that their name can be resolved.</description>
<type>checkbox</type>
</field>
<field>
<type>listtopic</type>
- <name>Custom Zone Domain records</name>
+ <name>Custom Zone Domain Records</name>
<fieldname>temp02</fieldname>
</field>
<field>
<fielddescr></fielddescr>
<fieldname>customzonerecords</fieldname>
- <description><![CDATA[Paste any custom zone records to include in this zone.<br>
- This can be used for a fast migration setup.]]></description>
+ <description>
+ <![CDATA[
+ Paste any custom zone records to include in this zone.<br />
+ This can be used for a fast migration setup.
+ ]]>
+ </description>
<type>textarea</type>
<cols>84</cols>
<rows>10</rows>
@@ -439,7 +473,7 @@
</field>
<field>
<type>listtopic</type>
- <name>Resulting zone config file</name>
+ <name>Resulting Zone Config File</name>
</field>
<field>
<fielddescr></fielddescr>
@@ -459,13 +493,13 @@
<custom_php_after_head_command>
bind_print_javascript_type_zone();
</custom_php_after_head_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
<custom_php_validation_command>
- if ($_POST['type']=="master" and $_POST['serial']=="") {
- $_POST['serial']=(date("U")+ 1000000000);
+ <![CDATA[
+ if ($_POST['type'] == "master" and $_POST['serial'] == "") {
+ $_POST['serial'] = date("U") + 1000000000);
}
bind_zone_validate($_POST, $input_errors);
+ ]]>
</custom_php_validation_command>
<custom_delete_php_command>
bind_sync();
diff --git a/config/filemgr/file_manager.php b/config/filemgr/file_manager.php
index 5e858591..1c9edb61 100644
--- a/config/filemgr/file_manager.php
+++ b/config/filemgr/file_manager.php
@@ -193,19 +193,19 @@ if ('ok' == 'ok') {
}
$container .= <<<EOF
-<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" class=\"list\" width=\"100%\" summary=\"file manager\">
+<table border="0" cellspacing="1" cellpadding="1" class="list" width="100%" summary="file manager">
<tr>
- <th style=\"padding:0;width:18px\">&nbsp;</th>
+ <th style="padding:0; width:18px">&nbsp;</th>
<th>Name</th>
- <th colspan=\"5\">&nbsp;</th>
+ <th colspan="5">&nbsp;</th>
<th>Ext.</th>
<th>Size</th>
<th>Date</th>
<th>Attributes</th>
</tr>
<tr>
- <td style=\"padding:0;width:18px\" title=\"UP one level\"><img width=\"16\" height=\"16\" src=\"rbfmimg/folder.png\" alt=\"F\" {$up_one_level} /></td>
- <td colspan=\"11\"><b title=\"UP one level\"{$up_one_level}>[..]</b></td>
+ <td style="padding:0; width:18px" title="UP one level"><img width="16" height="16" src="rbfmimg/folder.png" alt="F" {$up_one_level} /></td>
+ <td colspan="11"><b title="UP one level"{$up_one_level}>[..]</b></td>
</tr>
EOF;
@@ -231,39 +231,40 @@ EOF;
$use_url = "<img src=\"rbfmimg/ico_use_file_inactive.png\" border=\"0\" width=\"16\" height=\"16\" alt=\"U\" title=\"Use URL (Inactive!!!)\" />";
}
-
+ $cfe = urlencode($current_folder);
+ $vfe = urlencode($v);
$container .= <<<EOF
<tr>
- <td style=\"padding:0;width:18px\">
- <img width=\"16\" height=\"16\" src=\"rbfmimg/folder.png\" alt=\"Folder\" ondblclick=\"document.location='{$_SERVER['PHP_SELF']}?p=".urlencode($current_folder.$vf)."'\" />
+ <td style="padding:0; width:18px">
+ <img width="16" height="16" src="rbfmimg/folder.png" alt="Folder" ondblclick="document.location='{$_SERVER['PHP_SELF']}?p={$cfe}{$vfe}'" />
</td>
<td>
- <div style=\"padding-top:2px;\" id=\"f{$id}\" ondblclick=\"document.location='{$_SERVER['PHP_SELF']}?p=".urlencode($current_folder.$vf)."'\">
+ <div style="padding-top:2px;" id="f{$id}" ondblclick="document.location='{$_SERVER['PHP_SELF']}?p={$cfe}{$vfe}'">
{$v}
</div>
- <form class=\"rename_field\" id=\"r{$id}\" name=\"r{$id}\" method=\"post\" action=\"rbfminc/rename.php\" target=\"results\" onsubmit=\"this.n.blur(); return false\">
- <input class=\"input_name rename_input\" name=\"n\" type=\"text\" value=\"{$v}\" id=\"rf{$id}\" onblur=\"document.form{$id}.submit(); document.getElementById('f{$id}').style.display = 'block'; document.getElementById('r{$id}').style.display = 'none'; document.getElementById('f{$id}').innerHTML = this.value; document.form{$id}.o.value = this.value;\" />
- <input name=\"cf\" type=\"hidden\" value=\"{$current_folder}\" />
- <input name=\"o\" type=\"hidden\" value=\"{$v}\" />
- <input name=\"t\" type=\"hidden\" value=\"d\" />
- <input name=\"submitS\" type=\"submit\" value=\"submitS\" style='display: none; width:0;height:0' />
+ <form class="rename_field" id="r{$id}" name="r{$id}" method="post" action="rbfminc/rename.php" target="results" onsubmit="this.n.blur(); return false">
+ <input class="input_name rename_input" name="n" type="text" value="{$v}" id="rf{$id}" onblur="document.form{$id}.submit(); document.getElementById('f{$id}').style.display = 'block'; document.getElementById('r{$id}').style.display = 'none'; document.getElementById('f{$id}').innerHTML = this.value; document.form{$id}.o.value = this.value;" />
+ <input name="cf" type="hidden" value="{$current_folder}" />
+ <input name="o" type="hidden" value="{$v}" />
+ <input name="t" type="hidden" value="d" />
+ <input name="submitS" type="submit" value="submitS" style='display: none; width:0; height:0' />
</form>
</td>
<!--<td>{$use_url}</td>-->
<td>{$browser}</td>
<td>&nbsp;</td>
<td>
- <img width=\"16\" height=\"16\" src=\"rbfmimg/ico_rename.png\" alt=\"Rename\" title=\"Rename\" onclick=\" document.getElementById('r{$id}').style.display = 'block'; document.getElementById('f{$id}').style.display = 'none'; document.getElementById('rf{$id}').focus(); document.getElementById('rf{$id}').select()\" />
+ <img width="16" height="16" src="rbfmimg/ico_rename.png" alt="Rename" title="Rename" onclick="document.getElementById('r{$id}').style.display = 'block'; document.getElementById('f{$id}').style.display = 'none'; document.getElementById('rf{$id}').focus(); document.getElementById('rf{$id}').select()" />
</td>
<td>&nbsp;</td>
<td>
- <img width=\"16\" height=\"16\" src=\"rbfmimg/ico_delete.png\" alt=\"D\" title=\"Delete\" onclick=\"if(confirm('Delete folder &quot;{$v}&quot;?') &amp;&amp; confirm('You cannot undo this operation!!!') &amp;&amp; confirm('To delete this folder &quot;{$v}&quot; press OK\\nTo cancel this operation press CANCEL')){document.location = 'file_manager.php?p=".urlencode($current_folder)."&amp;do=delete&amp;file=".urlencode($v)."&amp;type=directory'}\" />
+ <img width="16" height="16" src="rbfmimg/ico_delete.png" alt="D" title="Delete" onclick="if(confirm('Delete folder &quot;{$v}&quot;?') &amp;&amp; confirm('You cannot undo this operation!!!') &amp;&amp; confirm('To delete this folder &quot;{$v}&quot; press OK\\nTo cancel this operation press CANCEL')){document.location='file_manager.php?p={$cf}&amp;do=delete&amp;file={$vfe}&amp;type=directory'}" />
</td>
- <td class=\"srow\">&nbsp;</td>
+ <td class="srow">&nbsp;</td>
<td><b>&lt;DIR&gt;</b></td>
- <td class=\"srow\">{$last_updated_time}</td>
- <td class=\"fileperms\">{$fileperms}</td>
+ <td class="srow">{$last_updated_time}</td>
+ <td class="fileperms">{$fileperms}</td>
</tr>
EOF;
@@ -315,40 +316,42 @@ EOF;
$use_url = "<img src=\"rbfmimg/ico_use_file_inactive.png\" border=\"0\" width=\"16\" height=\"16\" alt=\"U\" title=\"Use URL (Inactive!!!)\" />";
}
+ $cfe = urlencode($current_folder);
+ $vfe = urlencode($v);
$container .= <<<EOF
<tr>
- <td style=\"padding:0;width:18px\">
- <img width=\"16\" height=\"16\" src=\"rbfmimg/{$file_image}\" alt=\"File\" ondblclick=\"document.location = 'rbfminc/download.php?p=".urlencode($current_folder)."&amp;file_name=".urlencode($v)."'\" />
+ <td style="padding:0; width:18px">
+ <img width="16" height="16" src="rbfmimg/{$file_image}" alt="File" ondblclick="document.location='rbfminc/download.php?p={$cfe}&amp;file_name={$vfe}'" />
</td>
<td>
- <div style=\"padding-top:2px;\" id=\"f{$id}\" ondblclick=\"document.location = 'rbfminc/download.php?p=".urlencode($current_folder)."&amp;file_name=".urlencode($v)."'\">
+ <div style="padding-top:2px;" id="f{$id}" ondblclick="document.location='rbfminc/download.php?p={$cfe}&amp;file_name={$vfe}'">
{$v}
</div>
- <form class=\"rename_field\" id=\"r{$id}\" name=\"r{$id}\" method=\"post\" action=\"rbfminc/rename.php\" target=\"results\" onsubmit=\"this.n.blur(); return false\">
- <input name=\"cf\" type=\"hidden\" value=\"{$current_folder}\" />
- <input name=\"o\" type=\"hidden\" value=\"{$v}\" />
- <input name=\"t\" type=\"hidden\" value=\"f\" />
- <input class=\"input_name\" name=\"n\" type=\"text\" value=\"{$v}\" id=\"rf{$id}\" onblur=\"document.form{$id}.submit(); document.getElementById('f{$id}').style.display = 'block'; document.getElementById('r{$id}').style.display = 'none'; document.getElementById('f{$id}').innerHTML = this.value; document.form{$id}.o.value = this.value;\" />
- <input name=\"submitS\" type=\"submit\" value=\"submitS\" style=\"display: none; width:0;height:0\" />
+ <form class="rename_field" id="r{$id}" name="r{$id}" method="post" action="rbfminc/rename.php" target="results" onsubmit="this.n.blur(); return false">
+ <input name="cf" type="hidden" value="{$current_folder}" />
+ <input name="o" type="hidden" value="{$v}" />
+ <input name="t" type="hidden" value="f" />
+ <input class="input_name" name="n" type="text" value="{$v}" id="rf{$id}" onblur="document.form{$id}.submit(); document.getElementById('f{$id}').style.display = 'block'; document.getElementById('r{$id}').style.display = 'none'; document.getElementById('f{$id}').innerHTML = this.value; document.form{$id}.o.value = this.value;" />
+ <input name="submitS" type="submit" value="submitS" style="display: none; width:0;height:0" />
</form>
</td>
<!--<td>{$use_url}</td>-->
<td>{$browser}</td>
<td>
- <a href=\"rbfminc/download.php?p=".urlencode($current_folder)."&amp;file_name=".urlencode($v)."\"><img width=\"16\" height=\"16\" src=\"rbfmimg/ico_download.png\" alt=\"Download\" title=\"Download\" border=\"0\"/></a>
+ <a href="rbfminc/download.php?p={$cfe}&amp;file_name={$vfe}"><img width="16" height="16" src="rbfmimg/ico_download.png" alt="Download" title="Download" border="0" /></a>
</td>
<td>
- <img width=\"16\" height=\"16\" src=\"rbfmimg/ico_rename.png\" alt=\"Rename\" title=\"Rename\" onclick=\"document.getElementById('f{$id}').style.display = 'none'; document.getElementById('r{$id}').style.display = 'block'; document.getElementById('rf{$id}').focus(); document.getElementById('rf{$id}').select()\" />
+ <img width="16" height="16" src="rbfmimg/ico_rename.png" alt="Rename" title="Rename" onclick="document.getElementById('f{$id}').style.display = 'none'; document.getElementById('r{$id}').style.display = 'block'; document.getElementById('rf{$id}').focus(); document.getElementById('rf{$id}').select()" />
</td>
<td>{$edit_file_content}</td>
<td>
- <img width=\"16\" height=\"16\" src=\"rbfmimg/ico_delete.png\" alt=\"D\" title=\"Delete\" onclick=\"if(confirm('Delete file &quot;{$v}&quot;?') &amp;&amp; confirm('You cannot undo this operation!!!') &amp;&amp; confirm('To delete this file &quot;{$v}&quot; press OK\\nTo cancel this operation press CANCEL')){document.location = 'file_manager.php?p=".urlencode($current_folder)."&amp;do=delete&amp;file=".urlencode($v)."&amp;type=file'}\" />
+ <img width="16" height="16" src="rbfmimg/ico_delete.png" alt="D" title="Delete" onclick="if(confirm('Delete file &quot;{$v}&quot;?') &amp;&amp; confirm('You cannot undo this operation!!!') &amp;&amp; confirm('To delete this file &quot;{$v}&quot; press OK\\nTo cancel this operation press CANCEL')){document.location='file_manager.php?p={$cfe}&amp;do=delete&amp;file={$vfe}&amp;type=file'}" />
</td>
- <td class=\"srow\">{$extension}</td>
+ <td class="srow">{$extension}</td>
<td>{$file_size}</td>
- <td class=\"srow\">{$last_updated_time}</td>
- <td class=\"fileperms\">{$fileperms}</td>
+ <td class="srow">{$last_updated_time}</td>
+ <td class="fileperms">{$fileperms}</td>
</tr>
EOF;
@@ -404,14 +407,16 @@ EOF;
if ($_GET['do'] == 'edit') {
$file_content = file_get_contents($current_folder.$_GET['f']);
+ $cfe = urlencode($current_folder);
+ $fce = htmlentities($file_content);
echo <<<EOD
-<form id=\"form_edit\" name=\"form_edit\" method=\"post\" action=\"\" style='width: 670px;margin: 10px auto 0;border-top: 1px #999999 solid'>
- <a name=\"file_edit\"></a>
+<form id="form_edit" name="form_edit" method="post" action="" style='width: 670px;margin: 10px auto 0;border-top: 1px #999999 solid'>
+ <a name="file_edit"></a>
File: <b>{$current_folder}{$_GET['f']}</b><br />
- <textarea name=\"file_content\" id=\"file_content\" cols=\"1\" rows=\"1\" style=\"width: 99%; height: 400px\">".htmlentities ($file_content)."</textarea><br />
- <input name=\"save\" type=\"submit\" value=\"Save\" />
- <input name=\"close\" type=\"button\" value=\"Close file editor\" onclick=\"document.location = 'file_manager.php?f=".urlencode($current_folder)."'\" />
- <input name=\"save_file\" type=\"hidden\" value=\"save_file\" />
+ <textarea name="file_content" id="file_content" cols="1" rows="1" style="width: 99%; height: 400px">{$fce}</textarea><br />
+ <input name="save" type="submit" value="Save" />
+ <input name="close" type="button" value="Close file editor" onclick="document.location='file_manager.php?f={$cfe}'" />
+ <input name="save_file" type="hidden" value="save_file" />
</form>
EOD;
@@ -424,7 +429,7 @@ EOD;
<?php
if ($alert_info) {
echo <<<EOD
- <script type=\"text/javascript\">
+ <script type="text/javascript">
//<![CDATA[
alert('{$alert_info}');
//]]>
@@ -434,7 +439,7 @@ EOD;
if ($redirect) {
echo <<<EOD
- <script type=\"text/javascript\">
+ <script type="text/javascript">
//<![CDATA[
document.location = '{$redirect}';
//]]>
diff --git a/config/filemgr/filemgr.xml b/config/filemgr/filemgr.xml
index fdcf46d0..72ca53d4 100644
--- a/config/filemgr/filemgr.xml
+++ b/config/filemgr/filemgr.xml
@@ -184,4 +184,11 @@
<prefix>/usr/local/www/packages/filemgr/rbfminc/</prefix>
<item>https://packages.pfsense.org/packages/config/filemgr/rbfminc/session.php</item>
</additional_files_needed>
+ <custom_php_deinstall_command>
+ <![CDATA[
+ if (is_dir("/usr/local/www/packages/filemgr")) {
+ mwexec("/bin/rm -rf /usr/local/www/packages/filemgr/");
+ }
+ ]]>
+ </custom_php_deinstall_command>
</packagegui>
diff --git a/config/git/git.xml b/config/git/git.xml
index 6c5254ae..6139fd04 100644
--- a/config/git/git.xml
+++ b/config/git/git.xml
@@ -3,23 +3,28 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
-/* ========================================================================== */
+<![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013
+ git.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013-2015 ESF, LLC
All rights reserved.
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
@@ -31,14 +36,12 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
]]>
</copyright>
<description>git</description>
- <requirements>None</requirements>
- <faq></faq>
<name>git</name>
- <version>0.0</version>
+ <version>2.2.1</version>
<title>git</title>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/haproxy-devel/haproxy.xml b/config/haproxy-devel/haproxy.xml
index 386e43a7..429b6c9f 100644
--- a/config/haproxy-devel/haproxy.xml
+++ b/config/haproxy-devel/haproxy.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>haproxy</name>
- <version>0.28</version>
+ <version>0.29</version>
<title>HAProxy</title>
<aftersaveredirect>/pkg_edit.php?xml=haproxy_pools.php</aftersaveredirect>
<include_file>/usr/local/pkg/haproxy.inc</include_file>
diff --git a/config/haproxy-devel/pkg/haproxy.inc b/config/haproxy-devel/pkg/haproxy.inc
index eceef783..de1963b0 100644
--- a/config/haproxy-devel/pkg/haproxy.inc
+++ b/config/haproxy-devel/pkg/haproxy.inc
@@ -212,7 +212,18 @@ $a_error['500'] = array('descr' => "internal error");
$a_error['502'] = array('descr' => "server response invalid or blocked");
$a_error['503'] = array('descr' => "no server was available to handle the request");
$a_error['504'] = array('descr' => "timeout before the server responds");
-
+
+global $a_sysloglevel;
+$a_sysloglevel = array();
+$a_sysloglevel['emerg'] = array('name' => "Emergency");
+$a_sysloglevel['alert'] = array('name' => "Alert");
+$a_sysloglevel['crit'] = array('name' => "Critical");
+$a_sysloglevel['err'] = array('name' => "Error");
+$a_sysloglevel['warning'] = array('name' => "Warning");
+$a_sysloglevel['notice'] = array('name' => "Notice");
+$a_sysloglevel['info'] = array('name' => "Informational");
+$a_sysloglevel['debug'] = array('name' => "Debugging");
+
if(!function_exists('group_ports')){
// function group_ports() is present in pfSense 2.2 in util.inc
/* create ranges of sequential port numbers (200:215) and remove duplicates */
@@ -264,6 +275,15 @@ function group_ports($ports) {
}
}
+global $haproxy_version;
+function haproxy_verion() {
+ global $haproxy_version;
+ if (empty($haproxy_version)) {
+ $haproxy_version = shell_exec("haproxy -v | head -n 1 | awk '{ print $3 }'");
+ }
+ return $haproxy_version;
+}
+
function haproxy_portoralias_to_list($port_or_alias) {
// input: a port or aliasname: 80 https MyPortAlias
// returns: a array of ports and portranges 80 443 8000:8010
@@ -592,8 +612,11 @@ function haproxy_find_acl($name) {
}
function write_backend($configpath, $fd, $name, $pool, $backendsettings) {
+ global $config;
$frontend = $backendsettings['frontend'];
$ipversion = $backendsettings['ipversion'];
+ $a_global = &$config['installedpackages']['haproxy'];
+ $a_mailers = &$config['installedpackages']['haproxy']['email_mailers']['items'];
if(!is_array($pool['ha_servers']['item']) && !$pool['stats_enabled']=='yes')
return;
@@ -610,6 +633,36 @@ function write_backend($configpath, $fd, $name, $pool, $backendsettings) {
$backend_mode = $frontendtype;
}
fwrite ($fd, "\tmode\t\t\t" . $backend_mode . "\n");
+
+ if (haproxy_verion() >= '1.6') {
+ $use_mailers = is_array($a_mailers) && count($a_mailers) > 0;
+ if ($use_mailers) {
+ fwrite ($fd, "\t# use mailers\n");
+ if (empty($pool['email_level'])) {
+ $email_level = $a_global['email_level'];
+ } else {
+ $email_level = $pool['email_level'];
+ }
+
+ fwrite ($fd, "\t# level $email_level \n");
+ if (!empty($email_level) && $email_level != 'dontlog') {
+ if (empty($pool['email_to'])) {
+ $email_to = $a_global['email_to'];
+ } else {
+ $email_to = $pool['email_to'];
+ }
+
+ fwrite ($fd, "\temail-alert mailers\t\t\tglobalmailers\n");
+ fwrite ($fd, "\temail-alert level\t\t\t{$email_level}\n");
+ fwrite ($fd, "\temail-alert from\t\t\t{$a_global['email_from']}\n");
+ fwrite ($fd, "\temail-alert to\t\t\t{$email_to}\n");
+ if (!empty($a_global['email_myhostname'])) {
+ fwrite ($fd, "\temail-alert myhostname\t\t\t{$a_global['email_myhostname']}\n");
+ }
+ }
+ }
+ }
+
if ($pool['log-health-checks'] == 'yes')
fwrite ($fd, "\toption\t\t\tlog-health-checks\n");
@@ -732,8 +785,6 @@ function write_backend($configpath, $fd, $name, $pool, $backendsettings) {
if ($check_type == "Agent") {
$checkport = " port " . $pool['monitor_agentport'];
}
- } else {
- $optioncheck = "httpchk";
}
if($pool['balance'])
@@ -1049,9 +1100,9 @@ function haproxy_updateocsp($socketupdate = true) {
haproxy_updateocsp_one($socketupdate, $filename, $frontend['name']);
$subfolder = "$configpath/{$frontend['name']}";
- $certs = $frontend['ha_certificates']['item'];
- if (is_array($certs)){
- foreach($certs as $cert){
+ if (is_arrayset($frontend, 'ha_certificates', 'item')) {
+ $certs = $frontend['ha_certificates']['item'];
+ foreach($certs as $cert) {
$filename = "$subfolder/{$cert['ssl_certificate']}.pem";
haproxy_updateocsp_one($socketupdate, $filename, $frontend['name']);
}
@@ -1075,6 +1126,7 @@ function haproxy_writeconf($configpath) {
$a_global = &$config['installedpackages']['haproxy'];
$a_frontends = &$config['installedpackages']['haproxy']['ha_backends']['item'];
$a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item'];
+ $a_mailers = &$config['installedpackages']['haproxy']['email_mailers']['items'];
$fd = fopen($configfile, "w");
if(is_array($a_global)) {
@@ -1130,6 +1182,17 @@ function haproxy_writeconf($configpath) {
fwrite ($fd, "\n");
}
}
+
+ if (haproxy_verion() >= '1.6') {
+ $use_mailers = is_array($a_mailers) && count($a_mailers) > 0;
+ if ($use_mailers) {
+ fwrite ($fd, "mailers globalmailers\n");
+ foreach($a_mailers as $mailer) {
+ fwrite ($fd, "\tmailer {$mailer['name']} {$mailer['mailserver']}:{$mailer['mailserverport']}\n");
+ }
+ fwrite ($fd, "\n");
+ }
+ }
// Try and get a unique array for address:port as frontends can duplicate
$a_bind = array();
@@ -1158,7 +1221,8 @@ function haproxy_writeconf($configpath) {
haproxy_write_certificate_fullchain($filename, $frontend['ssloffloadcert']);
if ($frontend['sslocsp'] == 'yes') {
- if (!empty(haproxy_getocspurl($filename))) {
+ $ocspurl = haproxy_getocspurl($filename);
+ if (!empty($ocspurl)) {
haproxy_write_certificate_issuer($filename . ".issuer", $frontend['ssloffloadcert']);
touch($filename . ".ocsp");//create initial empty file. this will trigger updates, and inform haproxy it 'should' be using ocsp
}
@@ -1173,7 +1237,8 @@ function haproxy_writeconf($configpath) {
$filenamefoldercert = "$subfolder/{$cert['ssl_certificate']}.pem";
haproxy_write_certificate_fullchain($filenamefoldercert, $cert['ssl_certificate']);
if ($frontend['sslocsp'] == 'yes') {
- if (!empty(haproxy_getocspurl($filenamefoldercert))) {
+ $ocspurl = haproxy_getocspurl($filenamefoldercert);
+ if (!empty($ocspurl)) {
haproxy_write_certificate_issuer($filenamefoldercert . ".issuer", $cert['ssl_certificate']);
touch($filenamefoldercert . ".ocsp");
}
diff --git a/config/haproxy-devel/pkg/haproxy_htmllist.inc b/config/haproxy-devel/pkg/haproxy_htmllist.inc
index f873028e..394f3ff6 100644
--- a/config/haproxy-devel/pkg/haproxy_htmllist.inc
+++ b/config/haproxy-devel/pkg/haproxy_htmllist.inc
@@ -114,7 +114,9 @@ class HaproxyHtmlList
echo $itemvalue=='yes' ? gettext('yes') : gettext('no');
} else
if ($itemtype == "textarea"){
- echo htmlspecialchars(base64_decode($itemvalue));
+ echo '<div style="overlow:scroll;max-height:120px;overflow-y: scroll;">';
+ echo str_replace("\n","<br/>", htmlspecialchars(base64_decode($itemvalue)));
+ echo '</div>';
} else
echo htmlspecialchars($itemvalue);
}
diff --git a/config/haproxy-devel/www/haproxy_files.php b/config/haproxy-devel/www/haproxy_files.php
index 4946a7be..12ab5a88 100644
--- a/config/haproxy-devel/www/haproxy_files.php
+++ b/config/haproxy-devel/www/haproxy_files.php
@@ -155,7 +155,7 @@ include("head.inc");
</tr>
<tr>
<td width="78%">
- <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)" />
+ <input name="Submit" type="submit" class="formbtn" value="Save" />
</td>
</tr>
</table>
diff --git a/config/haproxy-devel/www/haproxy_global.php b/config/haproxy-devel/www/haproxy_global.php
index 978d778d..2ae92256 100644
--- a/config/haproxy-devel/www/haproxy_global.php
+++ b/config/haproxy-devel/www/haproxy_global.php
@@ -35,13 +35,38 @@ require_once("haproxy.inc");
require_once("haproxy_utils.inc");
require_once("globals.inc");
require_once("pkg_haproxy_tabs.inc");
+require_once("haproxy_htmllist.inc");
-$simplefields = array('localstats_refreshtime','localstats_sticktable_refreshtime','log-send-hostname','ssldefaultdhparam');
+$simplefields = array('localstats_refreshtime', 'localstats_sticktable_refreshtime', 'log-send-hostname', 'ssldefaultdhparam',
+ 'email_level', 'email_myhostname', 'email_from', 'email_to');
+
+$none = array();
+$none['']['name'] = "Dont log";
+$a_sysloglevel = $none + $a_sysloglevel;
+
+$fields_mailers = array();
+$fields_mailers[0]['name'] = "name";
+$fields_mailers[0]['columnheader'] = "Name";
+$fields_mailers[0]['colwidth'] = "30%";
+$fields_mailers[0]['type'] = "textbox";
+$fields_mailers[0]['size'] = "20";
+$fields_mailers[1]['name'] = "mailserver";
+$fields_mailers[1]['columnheader'] = "Mailserver";
+$fields_mailers[1]['colwidth'] = "60%";
+$fields_mailers[1]['type'] = "textbox";
+$fields_mailers[1]['size'] = "60";
+$fields_mailers[2]['name'] = "mailserverport";
+$fields_mailers[2]['columnheader'] = "Mailserverport";
+$fields_mailers[2]['colwidth'] = "10%";
+$fields_mailers[2]['type'] = "textbox";
+$fields_mailers[2]['size'] = "10";
+
+$mailerslist = new HaproxyHtmlList("table_mailers", $fields_mailers);
+$mailerslist->keyfield = "name";
if (!is_array($config['installedpackages']['haproxy']))
$config['installedpackages']['haproxy'] = array();
-
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
@@ -56,16 +81,12 @@ if ($_POST) {
if ($result)
unlink_if_exists($d_haproxyconfdirty_path);
} else {
- //if ($_POST['enable']) {
- // $reqdfields = explode(" ", "maxconn");
- // $reqdfieldsn = explode(",", "Maximum connections");
- //}
+ $a_mailers = $mailerslist->haproxy_htmllist_get_values();
+ $pool['ha_servers']['item'] = $a_servers;
if ($_POST['carpdev'] == "disabled")
unset($_POST['carpdev']);
- //do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn'])))
$input_errors[] = "The maximum number of connections should be numeric.";
@@ -86,6 +107,8 @@ if ($_POST) {
$input_errors[] = "Synchost3 needs to be an IPAddress.";*/
if (!$input_errors) {
+ $config['installedpackages']['haproxy']['email_mailers']['items'] = $a_mailers;
+
$config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false;
$config['installedpackages']['haproxy']['terminate_on_reload'] = $_POST['terminate_on_reload'] ? true : false;
$config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false;
@@ -109,6 +132,8 @@ if ($_POST) {
}
}
+$a_mailers = $config['installedpackages']['haproxy']['email_mailers']['items'];
+
$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']);
$pconfig['terminate_on_reload'] = isset($config['installedpackages']['haproxy']['terminate_on_reload']);
$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn'];
@@ -183,6 +208,12 @@ function enable_change(enable_change) {
<strong>Enable HAProxy</strong></td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Installed version:</td>
+ <td width="78%" class="vtable">
+ <strong><?=haproxy_verion()?></strong>
+ </td>
+ </tr>
+ <tr>
<td valign="top" class="vncell">
Maximum connections
</td>
@@ -368,6 +399,64 @@ function enable_change(enable_change) {
<input name="log-send-hostname" type="text" <?if(isset($pconfig['log-send-hostname'])) echo "value=\"{$pconfig['log-send-hostname']}\"";?> size="18" maxlength="50" /> EXAMPLE: HaproxyMasterNode<br/>Sets the hostname field in the syslog header. If empty defaults to the system hostname.
</td>
</tr>
+ <tr><td>&nbsp;</td></tr>
+ <? if (haproxy_verion() >= '1.6' ) { ?>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Email notifications</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mailer servers
+ </td>
+ <td class="vtable">
+ It is possible to send email alerts when the state of servers changes. If configured email alerts are sent to each mailer that is configured in a mailers section. Email is sent to mailers using SMTP.
+ <br/>
+ <?
+ $counter=0;
+ $mailerslist->Draw($a_mailers);
+ ?>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail level
+ </td>
+ <td class="vtable">
+ <?
+ echo_html_select('email_level', $a_sysloglevel, $pconfig['email_level']);
+ ?>
+ Define the maximum loglevel to send emails for.
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail myhostname
+ </td>
+ <td class="vtable">
+ <input name="email_myhostname" type="text" <?if(isset($pconfig['email_myhostname'])) echo "value=\"{$pconfig['email_myhostname']}\"";?> size="50" /><br/>
+ Define hostname to use as sending the emails.
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail from
+ </td>
+ <td class="vtable">
+ <input name="email_from" type="text" <?if(isset($pconfig['email_from'])) echo "value=\"{$pconfig['email_from']}\"";?> size="50"/><br/>
+ Email address to be used as the sender of the emails.
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail to
+ </td>
+ <td class="vtable">
+ <input name="email_to" type="text" <?if(isset($pconfig['email_to'])) echo "value=\"{$pconfig['email_to']}\"";?> size="50"/><br/>
+ Email address to send emails to.
+ </td>
+ </tr>
+ <? } ?>
+ <tr><td>&nbsp;</td></tr>
<tr>
<td colspan="2" valign="top" class="listtopic">Tuning</td>
</tr>
@@ -487,7 +576,15 @@ Minimum and default value is: 1024, bigger values might increase CPU usage.<br/>
<?php endif; ?>
</form>
+<?
+haproxy_htmllist_js();
+?>
<script type="text/javascript">
+ totalrows = <?php echo $counter; ?>;
+<?
+ phparray_to_javascriptarray($fields_mailers,"fields_mailers",Array('/*','/*/name','/*/type','/*/size','/*/items','/*/items/*','/*/items/*/*','/*/items/*/*/name'));
+?>
+
function scroll_after_fade() {
scrollTo(0,99999999999);
}
diff --git a/config/haproxy-devel/www/haproxy_pool_edit.php b/config/haproxy-devel/www/haproxy_pool_edit.php
index 0824e45c..6cd78741 100644
--- a/config/haproxy-devel/www/haproxy_pool_edit.php
+++ b/config/haproxy-devel/www/haproxy_pool_edit.php
@@ -65,7 +65,8 @@ $simplefields = array(
"stats_enabled","stats_username","stats_password","stats_uri","stats_scope","stats_realm","stats_admin","stats_node","stats_desc","stats_refresh",
"persist_stick_expire","persist_stick_tablesize","persist_stick_length","persist_stick_cookiename","persist_sticky_type",
"persist_cookie_enabled","persist_cookie_name","persist_cookie_mode","persist_cookie_cachable",
-"strict_transport_security","cookie_attribute_secure"
+"strict_transport_security", "cookie_attribute_secure",
+"email_level", "email_to"
);
$primaryfrontends = get_haproxy_frontends();
@@ -73,6 +74,12 @@ $none = array();
$none['']['name']="Address+Port:";
$primaryfrontends = $none + $primaryfrontends;
+$default = array();
+$default['']['name'] = "Default level from global";
+$none = array();
+$none['dontlog']['name'] = "Dont log";
+$a_sysloglevel = $default + $none + $a_sysloglevel;
+
$fields_servers=array();
$fields_servers[0]['name']="status";
$fields_servers[0]['columnheader']="Mode";
@@ -861,6 +868,32 @@ set by the 'retries' parameter.</div>
</td>
</tr>
<tr><td>&nbsp;</td></tr>
+ <? if (haproxy_verion() >= '1.6' ) { ?>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Email notifications</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail level
+ </td>
+ <td class="vtable">
+ <?
+ echo_html_select('email_level', $a_sysloglevel, $pconfig['email_level']);
+ ?>
+ Define the maximum loglevel to send emails for.
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncell">
+ Mail to
+ </td>
+ <td class="vtable">
+ <input name="email_to" type="text" <?if(isset($pconfig['email_to'])) echo "value=\"{$pconfig['email_to']}\"";?> size="50"/><br/>
+ Email address to send emails to, defaults to the value set on the global settings tab.
+ </td>
+ </tr>
+ <tr><td>&nbsp;</td></tr>
+ <? } ?>
<tr>
<td colspan="2" valign="top" class="listtopic">Statistics</td>
</tr>
diff --git a/config/iftop/iftop.xml b/config/iftop/iftop.xml
index 64afbc79..b9dfbe5b 100644
--- a/config/iftop/iftop.xml
+++ b/config/iftop/iftop.xml
@@ -3,23 +3,28 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
-/* ========================================================================== */
+<![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013
+ iftop.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013-2015 ESF, LLC
All rights reserved.
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
@@ -31,14 +36,12 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
]]>
</copyright>
<description>iftop</description>
- <requirements>None</requirements>
- <faq></faq>
<name>iftop</name>
- <version>0.0</version>
+ <version>0.17</version>
<title>iftop</title>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/ipguard/ipguard.inc b/config/ipguard/ipguard.inc
index 1891b24b..53284c96 100644
--- a/config/ipguard/ipguard.inc
+++ b/config/ipguard/ipguard.inc
@@ -1,88 +1,81 @@
<?php
-
-/* ========================================================================== */
-/*
- ipguard.inc
- part of the ipguard package for pfSense (http://www.pfSense.com)
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- require_once("config.inc");
- require_once("util.inc");
-
-function ipguard_custom_php_deinstall_command(){
- global $g, $config;
-
- conf_mount_rw();
-
+ ipguard.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+require_once("config.inc");
+require_once("util.inc");
+
+function ipguard_custom_php_deinstall_command() {
stop_service('ipguard');
- $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh";
- if (is_file($ipguard_sh_file))
- chmod($ipguard_sh_file,0444);
-
- conf_mount_ro();
- }
+ unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh");
+ $files = glob("/usr/local/etc/ipguard_*.conf");
+ unlink_if_exists($files);
+}
-function ipguard_custom_php_write_config(){
+function ipguard_custom_php_write_config() {
global $g, $config;
-
- # detect boot process
- if (is_array($_POST)){
- if (!preg_match("/\w+/",$_POST['__csrf_magic']))
- return;
- }
-
- if (is_array($config['installedpackages']['ipguard']['config'])){
+ /* Detect boot process and do nothing */
+ if (platform_booting()) {
+ return;
+ }
+
+ if (is_array($config['installedpackages']['ipguard']['config'])) {
// Read config
$new_config=array();
- foreach ($config['installedpackages']['ipguard']['config'] as $ipguard){
- if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']){
- $new_config[$ipguard['interface']].= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n";
+ foreach ($config['installedpackages']['ipguard']['config'] as $ipguard) {
+ if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']) {
+ $new_config[$ipguard['interface']] .= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n";
}
}
}
- //Save /etc/ssh/ipguard_extra
- $script="/usr/local/etc/rc.d/ipguard.sh";
$start="";
$stop="pkill -anx ipguard";
conf_mount_rw();
- if (count ($new_config) > 0 && $ipguard['enable']){
- foreach ($new_config as $key => $value){
- $conf_file="/usr/local/etc/ipguard_{$key}.conf";
- file_put_contents($conf_file,$value,LOCK_EX);
- $config_file=file_put_contents($conf_file,$new_config[$key],LOCK_EX);
- $iface=convert_friendly_interface_to_real_interface_name($key);
- $start.="/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t";
+ /* Create rc script and restart service if ipguard is enabled */
+ if (count($new_config) > 0 && $ipguard['enable']) {
+ foreach ($new_config as $key => $value) {
+ $conf_file = "/usr/local/etc/ipguard_{$key}.conf";
+ file_put_contents($conf_file, $value, LOCK_EX);
+ $config_file = file_put_contents($conf_file, $new_config[$key], LOCK_EX);
+ /* Hack around PBI stupidity; ipguard does not find its own conf files otherwise */
+ $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+ if ($pfs_version == "2.2") {
+ $conf_file_link = "/usr/pbi/ipguard-" . php_uname("m") . "/local/etc/ipguard_{$key}.conf";
+ /* Better recreate this every time just in case users shuffle interfaces assignment somehow */
+ if (is_link($conf_file_link)) {
+ unlink($conf_file_link);
+ }
+ symlink($conf_file, $conf_file_link);
+ }
+ $iface = convert_friendly_interface_to_real_interface_name($key);
+ $start .= "/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t";
}
write_rcfile(array(
'file' => 'ipguard.sh',
@@ -90,38 +83,36 @@ function ipguard_custom_php_write_config(){
'stop' => $stop
));
restart_service('ipguard');
-
- }
- else{
- #remove config files
+
+ } else {
+ /* Otherwise, stop the service and remove rc script */
stop_service('ipguard');
- $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh";
- if (is_file($ipguard_sh_file))
- chmod($ipguard_sh_file,0444);
+ unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh");
+
}
- // Mount Read-only
conf_mount_ro();
-
- //sync config with other pfsense servers
+
+ /* Sync config with other pfSense servers */
ipguard_sync_on_changes();
- }
+}
/* Uses XMLRPC to synchronize the changes to a remote node */
function ipguard_sync_on_changes() {
global $config, $g;
-
+
if (is_array($config['installedpackages']['ipguardsync'])) {
- if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) {
- log_error("[ipguard] xmlrpc sync is starting.");
- foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ){
- foreach($rs['row'] as $sh){
+ if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) {
+ log_error("[ipguard] XMLRPC sync is starting.");
+ foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ) {
+ foreach ($rs['row'] as $sh) {
$sync_to_ip = $sh['ipaddress'];
$password = $sh['password'];
- if($password && $sync_to_ip)
+ if ($password && $sync_to_ip) {
ipguard_do_xmlrpc_sync($sync_to_ip, $password);
+ }
}
}
- log_error("[ipguard] xmlrpc sync is ending.");
+ log_error("[ipguard] XMLRPC sync is ending.");
}
}
}
@@ -130,53 +121,57 @@ function ipguard_sync_on_changes() {
function ipguard_do_xmlrpc_sync($sync_to_ip, $password) {
global $config, $g;
- if(!$password)
+ if (!$password) {
return;
+ }
- if(!$sync_to_ip)
+ if (!$sync_to_ip) {
return;
+ }
- $username='admin';
+ $username = 'admin';
$xmlrpc_sync_neighbor = $sync_to_ip;
- if($config['system']['webgui']['protocol'] != "") {
+ if ($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
$synchronizetoip .= "://";
- }
- $port = $config['system']['webgui']['port'];
- /* if port is empty lets rely on the protocol selection */
- if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ }
+ $port = $config['system']['webgui']['port'];
+ /* If port is empty, let's rely on the protocol selection */
+ if ($port == "") {
+ if ($config['system']['webgui']['protocol'] == "http") {
$port = "80";
- else
+ } else {
$port = "443";
- }
+ }
+ }
$synchronizetoip .= $sync_to_ip;
/* xml will hold the sections to sync */
$xml = array();
$xml['ipguard'] = $config['installedpackages']['ipguard'];
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
- /* set a few variables needed for sync code borrowed from filter.inc */
+ /* Set a few variables needed for sync code; borrowed from filter.inc */
$url = $synchronizetoip;
log_error("Beginning ipguard XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
- if($g['debug'])
+ if ($g['debug']) {
$cli->setDebug(1);
+ }
/* send our XMLRPC message and timeout after 250 seconds */
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port}.";
log_error($error);
file_notice("sync_settings", $error, "ipguard Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -185,27 +180,27 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) {
} else {
log_error("ipguard XMLRPC sync successfully completed with {$url}:{$port}.");
}
-
+
/* tell ipguard to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
- $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n";
+ $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n";
$execcmd .= "ipguard_custom_php_write_config();";
/* assemble xmlrpc payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
);
-
+
log_error("ipguard XMLRPC reload data {$url}:{$port}.");
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
log_error($error);
file_notice("sync_settings", $error, "ipguard Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -215,4 +210,5 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) {
log_error("ipguard XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
}
}
- ?> \ No newline at end of file
+
+?>
diff --git a/config/ipguard/ipguard.xml b/config/ipguard/ipguard.xml
index 74b58f86..2b13e7e0 100644
--- a/config/ipguard/ipguard.xml
+++ b/config/ipguard/ipguard.xml
@@ -1,55 +1,55 @@
<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
-<copyright>
- <![CDATA[
+ <copyright>
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- ipguard.xml
- part of the ipguard package for pfSense (http://www.pfSense.com)
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ ipguard.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>ipguard</name>
- <version>1.0</version>
- <title>Ipguard</title>
- <description>Ipguard macs/ip</description>
+ <version>0.1.1</version>
+ <title>Firewall: IPguard</title>
+ <description>IPguard MACs/IP</description>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/ipguard.inc</include_file>
<menu>
- <name>Ipguard</name>
- <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing</tooltiptext>
+ <name>IPguard</name>
+ <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing.</tooltiptext>
<section>Firewall</section>
<url>/pkg.php?xml=ipguard.xml</url>
</menu>
@@ -57,17 +57,15 @@
<name>ipguard</name>
<rcfile>ipguard.sh</rcfile>
<executable>ipguard</executable>
- <description>Tool designed to protect LAN IP address space by ARP spoofing.</description>
+ <description>IPguard ARP Spoofing Daemon</description>
</service>
<configpath>installedpackages->package->ipguard</configpath>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>755</chmod>
<item>https://packages.pfsense.org/packages/config/ipguard/ipguard.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>755</chmod>
<item>https://packages.pfsense.org/packages/config/ipguard/ipguard_sync.xml</item>
</additional_files_needed>
<tabs>
@@ -92,11 +90,11 @@
<fieldname>interface</fieldname>
</columnitem>
<columnitem>
- <fielddescr>Mac Address</fielddescr>
+ <fielddescr>MAC Address</fielddescr>
<fieldname>mac</fieldname>
</columnitem>
<columnitem>
- <fielddescr>Ip Address(es)</fielddescr>
+ <fielddescr>IP Address(es)</fielddescr>
<fieldname>ip</fieldname>
</columnitem>
<columnitem>
@@ -104,43 +102,53 @@
<fieldname>description</fieldname>
</columnitem>
<movable>on</movable>
- <description><![CDATA[If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br>This will prevent not permitted host from working properly in the specified ethernet segment.]]></description>
+ <description>
+ <![CDATA[
+ If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br />
+ This will prevent not permitted host from working properly in the specified ethernet segment.
+ ]]>
+ </description>
</adddeleteeditpagefields>
<fields>
<field>
<type>listtopic</type>
- <name>Ipguard Options</name>
+ <name>IPguard Options</name>
<fieldname>temp</fieldname>
</field>
<field>
- <fielddescr>sortable</fielddescr>
- <fieldname>sortable</fieldname>
- <display_maximum_rows>20</display_maximum_rows>
- <type>sorting</type>
- <include_filtering_inputbox/>
- <sortablefields>
- <item>
- <name>Mac Address</name>
- <fieldname>mac</fieldname>
- <regex>/%FILTERTEXT%/i</regex>
- </item>
- <item>
- <name>Ip Address</name>
- <fieldname>ip</fieldname>
- <regex>/%FILTERTEXT%/i</regex>
- </item>
- </sortablefields>
+ <fielddescr>sortable</fielddescr>
+ <fieldname>sortable</fieldname>
+ <display_maximum_rows>20</display_maximum_rows>
+ <type>sorting</type>
+ <include_filtering_inputbox/>
+ <sortablefields>
+ <item>
+ <name>MAC Address</name>
+ <fieldname>mac</fieldname>
+ <regex>/%FILTERTEXT%/i</regex>
+ </item>
+ <item>
+ <name>IP Address</name>
+ <fieldname>ip</fieldname>
+ <regex>/%FILTERTEXT%/i</regex>
+ </item>
+ </sortablefields>
</field>
<field>
- <fielddescr>Enable</fielddescr>
+ <fielddescr>Enable</fielddescr>
<fieldname>enable</fieldname>
<type>checkbox</type>
- <description><![CDATA[Enable this mac rule.<br><strong>Important Note:</strong> Always create rules for pfsense mac and ip address to avoid denying access to pfsense gui.]]></description>
+ <description>
+ <![CDATA[
+ Enable this MAC rule.<br />
+ <strong>Important Note:</strong> Always create rules for pfSense MAC and IP address to avoid denying access to pfFense GUI!
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Interface</fielddescr>
<fieldname>interface</fieldname>
- <description>The interface on which ipguard server will check this mac</description>
+ <description>The interface on which IPguard server will check this MAC.</description>
<type>interfaces_selection</type>
<required/>
<default_value>lan</default_value>
@@ -148,39 +156,44 @@
<field>
<fielddescr>Description</fielddescr>
<fieldname>description</fieldname>
- <description>Describe this mac rule.</description>
+ <description>Describe this MAC rule.</description>
<type>input</type>
<size>50</size>
<required/>
</field>
<field>
- <fielddescr>Mac address</fielddescr>
+ <fielddescr>MAC Address</fielddescr>
<fieldname>mac</fieldname>
- <description><![CDATA[Insert mac address you want to filter.<br>
- <strong>To include a permit rule, use mac=00:00:00:00:00:00</strong>]]></description>
+ <description>
+ <![CDATA[
+ Insert MAC address you want to filter.<br />
+ <strong>To include a permit rule, use MAC 00:00:00:00:00:00</strong>
+ ]]>
+ </description>
<type>input</type>
<size>25</size>
<required/>
</field>
<field>
- <fielddescr>Ip address</fielddescr>
+ <fielddescr>IP Address</fielddescr>
<fieldname>ip</fieldname>
- <description><![CDATA[Insert ip address, hostname or network cidr you want to apply on this ipguard rule.<br>
- <strong>To include a permit rule, use your lan cidr or 0.0.0.0</strong>]]></description>
+ <description>
+ <![CDATA[
+ Insert IP address, hostname or network CIDR you want to apply on this IPguard rule.<br>
+ <strong>To include a permit rule, use your LAN CIDR or 0.0.0.0</strong>
+ ]]>
+ </description>
<type>input</type>
<size>40</size>
<required/>
</field>
</fields>
-
<custom_delete_php_command>
ipguard_custom_php_write_config();
</custom_delete_php_command>
<custom_add_php_command>
ipguard_custom_php_write_config();
</custom_add_php_command>
- <custom_php_install_command>
- </custom_php_install_command>
<custom_php_deinstall_command>
ipguard_custom_php_deinstall_command();
</custom_php_deinstall_command>
@@ -190,5 +203,4 @@
<custom_php_command_before_form>
unset($_POST['temp']);
</custom_php_command_before_form>
-
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/ipguard/ipguard_sync.xml b/config/ipguard/ipguard_sync.xml
index 0b5ffecb..609dd6ca 100755
--- a/config/ipguard/ipguard_sync.xml
+++ b/config/ipguard/ipguard_sync.xml
@@ -1,49 +1,49 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- ipguard_sync.xml
- part of the ipguard package for pfSense (http://www.pfSense.com)
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
+ ipguard_sync.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>ipguardsync</name>
- <version>1.0</version>
- <title>Ipguard - Sync</title>
+ <version>0.1.1</version>
+ <title>IPguard - Sync</title>
<include_file>/usr/local/pkg/ipguard.inc</include_file>
<tabs>
<tab>
@@ -89,8 +89,6 @@
</rowhelper>
</field>
</fields>
- <custom_php_validation_command>
- </custom_php_validation_command>
<custom_php_resync_config_command>
ipguard_custom_php_write_config();
</custom_php_resync_config_command>
diff --git a/config/ipmitool/ipmitool.xml b/config/ipmitool/ipmitool.xml
index a42baa36..cb6bf385 100644
--- a/config/ipmitool/ipmitool.xml
+++ b/config/ipmitool/ipmitool.xml
@@ -3,23 +3,28 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
-/* ========================================================================== */
+<![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013
+ ipmitool.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013-2015 ESF, LLC
All rights reserved.
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
@@ -31,14 +36,12 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
]]>
</copyright>
<description>ipmitool</description>
- <requirements>None</requirements>
- <faq></faq>
<name>ipmitool</name>
- <version>0.0</version>
+ <version>1.8.12_5.1</version>
<title>ipmitool</title>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/nut/nut.inc b/config/nut/nut.inc
index e0ca9d30..6467ec13 100644
--- a/config/nut/nut.inc
+++ b/config/nut/nut.inc
@@ -518,9 +518,6 @@ EOD;
log_error("[nut] INFO: Starting service");
start_service("nut");
- if (!is_process_running('upsmon')) {
- log_error("[nut] ERROR: Service failed to start: check configuration.");
- }
} elseif (!$return && file_exists(NUT_RCFILE)) {
/* no parameters user does not want nut running */
/* lets stop the service and remove the rc file */
diff --git a/config/olsrd/olsrd.xml b/config/olsrd/olsrd.xml
index 464f730d..6623c31f 100644
--- a/config/olsrd/olsrd.xml
+++ b/config/olsrd/olsrd.xml
@@ -164,13 +164,7 @@
<cols>50</cols>
</field>
</fields>
- <custom_delete_php_command>
- </custom_delete_php_command>
<custom_php_resync_config_command>
setup_wireless_olsr($if);
</custom_php_resync_config_command>
- <custom_php_install_command>
- </custom_php_install_command>
- <custom_php_deinstall_command>
- </custom_php_deinstall_command>
</packagegui>
diff --git a/config/pfblockerng/pfblockerng.sh b/config/pfblockerng/pfblockerng.sh
index fcfbcae1..13e14760 100644
--- a/config/pfblockerng/pfblockerng.sh
+++ b/config/pfblockerng/pfblockerng.sh
@@ -81,7 +81,7 @@ DISK_NAME=`/bin/df /var/db/rrd | /usr/bin/tail -1 | /usr/bin/awk '{print $1;}'`
DISK_TYPE=`/usr/bin/basename ${DISK_NAME} | /usr/bin/cut -c1-2`
if [ "${PLATFORM}" != "pfSense" ] || [ ${USE_MFS_TMPVAR} -gt 0 ] || [ "${DISK_TYPE}" = "md" ]; then
- /usr/local/bin/php /etc/rc.conf_mount_rw >/dev/null 2>&1
+ /etc/rc.conf_mount_rw >/dev/null 2>&1
if [ ! -d $pfbdbdir ]; then mkdir $pfbdbdir; fi
if [ ! -d $pfsense_alias_dir ]; then mkdir $pfsense_alias_dir; fi
fi
@@ -104,7 +104,7 @@ if [ ! -d $tmpxlsx ]; then mkdir $tmpxlsx; fi
# Exit Function to set mount RO if required before Exiting
exitnow() {
if [ "${PLATFORM}" != "pfSense" ] || [ ${USE_MFS_TMPVAR} -gt 0 ] || [ "${DISK_TYPE}" = "md" ]; then
- /usr/local/bin/php /etc/rc.conf_mount_ro >/dev/null 2>&1
+ /etc/rc.conf_mount_ro >/dev/null 2>&1
fi
exit
}
@@ -975,4 +975,4 @@ case $1 in
exitnow
;;
esac
-exitnow \ No newline at end of file
+exitnow
diff --git a/config/siproxd/siproxd.inc b/config/siproxd/siproxd.inc
index 53dc7a2d..50b6e558 100644
--- a/config/siproxd/siproxd.inc
+++ b/config/siproxd/siproxd.inc
@@ -1,8 +1,10 @@
<?php
/*
siproxd.inc
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2006 Scott Ullrich
Copyright (C) 2010 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -26,54 +28,51 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-
-if(!function_exists("filter_configure"))
+if (!function_exists("filter_configure")) {
require_once("filter.inc");
+}
require_once("service-utils.inc");
-// Check to find out on which system the package is running
-$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
+// Check to find out on which pfSense version the package is running
+global $pfs_version;
+$pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
if ($pfs_version == "2.1" || $pfs_version == "2.2") {
define('SIPROXD', '/usr/pbi/siproxd-' . php_uname("m"));
} else {
define('SIPROXD', '/usr/local');
}
-// End of system check
-function sync_package_sipproxd_users() {
+function sync_package_siproxd_users() {
+ global $g, $config;
conf_mount_rw();
- // put the constant to a variable
- $varSIPROXD = SIPROXD;
-
- global $config;
- $fout = fopen("$varSIPROXD/etc/siproxd_passwd.cfg","w");
+ $siproxd_pwfile = SIPROXD . '/etc/siproxd_passwd.cfg';
+ $fout = fopen($siproxd_pwfile, "w");
fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
- if($config['installedpackages']['siproxdusers']['config'] != "") {
- foreach($config['installedpackages']['siproxdusers']['config'] as $rowhelper) {
+ if ($config['installedpackages']['siproxdusers']['config'] != "") {
+ foreach ($config['installedpackages']['siproxdusers']['config'] as $rowhelper) {
fwrite($fout, $rowhelper['username'] . " " . $rowhelper['password'] . "\n");
}
}
fclose($fout);
+
conf_mount_ro();
- system("/usr/bin/killall -HUP siproxd");
+ /* Reload settings to sync users */
+ sigkillbypid("{$g['varrun_path']}/siproxd.pid", "HUP");
}
function siproxd_generate_rules($type) {
global $config;
- // put the constant to a variable
- $varSIPROXD = SIPROXD;
-
$siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
if (!is_service_running('siproxd')) {
- log_error("Sipproxd is installed but not started. Not installing redirect rules.");
+ log_error("Siproxd is installed but not started. Not installing redirect rules.");
return;
}
/* proxy is turned off in package settings */
- if($siproxd_conf['sipenable'] == "0") {
- log_error("WARNING: siproxd proxy has not been enabled. Not installing rules.");
+ if ($siproxd_conf['sipenable'] == "0") {
+ log_error("WARNING: siproxd proxy has not been enabled. Not installing rules.");
return "\n";
}
@@ -84,25 +83,26 @@ function siproxd_generate_rules($type) {
$port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060);
switch($type) {
- case 'nat':
- $rules .= "\n# Setup Sipproxd proxy redirect\n";
- foreach ($ifaces as $iface) {
- if($iface <> "")
- $rules .= "rdr on {$iface} proto udp from any to !($iface) port {$port} -> 127.0.0.1 port {$port}\n";
- }
- break;
- case 'filter':
- case 'rule':
- foreach ($ifaces as $iface) {
- if($iface <> "") {
- $rules .= "# allow SIP signaling and RTP traffic\n";
- $rules .= "pass in on {$iface} proto udp from any to any port = {$port}\n";
- if($siproxd_conf['rtpenable'] == "1") {
- $rules .= "pass in on {$iface} proto udp from any to any port {$rtplower}:{$rtpupper}\n";
+ case 'nat':
+ $rules .= "\n# Setup Siproxd proxy redirect\n";
+ foreach ($ifaces as $iface) {
+ if ($iface <> "") {
+ $rules .= "rdr on {$iface} proto udp from any to !($iface) port {$port} -> 127.0.0.1 port {$port}\n";
}
}
- }
- break;
+ break;
+ case 'filter':
+ case 'rule':
+ foreach ($ifaces as $iface) {
+ if ($iface <> "") {
+ $rules .= "# allow SIP signaling and RTP traffic\n";
+ $rules .= "pass in on {$iface} proto udp from any to any port = {$port}\n";
+ if ($siproxd_conf['rtpenable'] == "1") {
+ $rules .= "pass in on {$iface} proto udp from any to any port {$rtplower}:{$rtpupper}\n";
+ }
+ }
+ }
+ break;
}
return $rules;
@@ -111,42 +111,50 @@ function siproxd_generate_rules($type) {
function sync_package_siproxd() {
global $config, $pfs_version;
- // put the constant to a variable
- $varSIPROXD = SIPROXD;
-
conf_mount_rw();
$siproxd_chroot = "/var/siproxd/";
- @mkdir($siproxd_chroot);
+ safe_mkdir($siproxd_chroot);
@chown($siproxd_chroot, "nobody");
@chgrp($siproxd_chroot, "nobody");
+ unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd');
- unlink_if_exists("$varSIPROXD/etc/rc.d/siproxd");
$siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
- $fout = fopen("$varSIPROXD/etc/siproxd.conf","w");
+ $siproxd_conffile = SIPROXD . '/etc/siproxd.conf';
+ $siproxd_pwfile = SIPROXD . '/etc/siproxd_passwd.cfg';
+
+ $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+ if ($pfs_version == '2.2') {
+ $siproxd_bin = SIPROXD . '/bin/siproxd';
+ } else {
+ $siproxd_bin = SIPROXD . '/sbin/siproxd';
+ }
+ $plugindir = SIPROXD . '/lib/siproxd';
+
+ $fout = fopen($siproxd_conffile, "w");
fwrite($fout, "# This file was automatically generated by the pfSense\n");
fwrite($fout, "# package management system.\n\n");
/* proxy is turned off in package settings */
- if($siproxd_conf['sipenable'] == "0") {
+ if ($siproxd_conf['sipenable'] == "0") {
fclose($fout);
return;
}
- if($siproxd_conf['if_inbound'] != "") {
+ if ($siproxd_conf['if_inbound'] != "") {
fwrite($fout, "if_inbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_inbound']) . "\n");
}
- if($siproxd_conf['if_outbound'] != "") {
- if(intval($config['version']) < 6 && $config['interfaces'][$siproxd_conf['if_outbound']]['ipaddr'] == "pppoe") {
+ if ($siproxd_conf['if_outbound'] != "") {
+ if (intval($config['version']) < 6 && $config['interfaces'][$siproxd_conf['if_outbound']]['ipaddr'] == "pppoe") {
fwrite($fout, "if_outbound = ng0\n");
} else {
fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n");
}
}
- if($siproxd_conf['port'] != "") {
+ if ($siproxd_conf['port'] != "") {
fwrite($fout, "sip_listen_port = " . $siproxd_conf['port'] . "\n");
} else {
fwrite($fout, "sip_listen_port = 5060\n");
@@ -161,13 +169,13 @@ function sync_package_siproxd() {
fwrite($fout, "autosave_registrations = 10\n");
fwrite($fout, "pid_file = siproxd.pid\n");
- if($siproxd_conf['rtpenable'] != "") {
+ if ($siproxd_conf['rtpenable'] != "") {
fwrite($fout, "rtp_proxy_enable = " . $siproxd_conf['rtpenable'] . "\n");
} else {
fwrite($fout, "rtp_proxy_enable = 1\n");
}
- if(($siproxd_conf['rtplower'] != "") && ($siproxd_conf['rtpupper'] != "")) {
+ if (($siproxd_conf['rtplower'] != "") && ($siproxd_conf['rtpupper'] != "")) {
fwrite($fout, "rtp_port_low = " . $siproxd_conf['rtplower'] . "\n");
fwrite($fout, "rtp_port_high = " . $siproxd_conf['rtpupper'] . "\n");
} else {
@@ -175,102 +183,113 @@ function sync_package_siproxd() {
fwrite($fout, "rtp_port_high = 7079\n");
}
- if($siproxd_conf['rtptimeout'] != "") {
+ if ($siproxd_conf['rtptimeout'] != "") {
fwrite($fout, "rtp_timeout = " . $siproxd_conf['rtptimeout'] . "\n");
} else {
fwrite($fout, "rtp_timeout = 300\n");
}
- if($siproxd_conf['defaulttimeout'] != "") {
+ if ($siproxd_conf['defaulttimeout'] != "") {
fwrite($fout, "default_expires = " . $siproxd_conf['defaulttimeout'] . "\n");
} else {
fwrite($fout, "default_expires = 600\n");
}
- if($siproxd_conf['authentication']) {
+ if ($siproxd_conf['authentication']) {
fwrite($fout, "proxy_auth_realm = Authentication_Realm\n");
- fwrite($fout, "proxy_auth_pwfile = $varSIPROXD/etc/siproxd_passwd.cfg\n");
+ fwrite($fout, "proxy_auth_pwfile = {$siproxd_pwfile}\n");
}
- if($siproxd_conf['debug_level'] != "") {
+ if ($siproxd_conf['debug_level'] != "") {
fwrite($fout, "debug_level = " . $siproxd_conf['debug_level'] . "\n");
} else {
fwrite($fout, "debug_level = 0x00000000\n");
}
- if($siproxd_conf['debug_port'] != "") {
+ if ($siproxd_conf['debug_port'] != "") {
fwrite($fout, "debug_port = " . $siproxd_conf['debug_port'] . "\n");
}
- if($siproxd_conf['outboundproxyhost'] != "") {
- if($siproxd_conf['outboundproxyport'] != "") {
+ if ($siproxd_conf['outboundproxyhost'] != "") {
+ if ($siproxd_conf['outboundproxyport'] != "") {
fwrite($fout, "outbound_proxy_host = " . $siproxd_conf['outboundproxyhost'] . "\n");
fwrite($fout, "outbound_proxy_port = " . $siproxd_conf['outboundproxyport'] . "\n");
}
}
- if($siproxd_conf['expeditedforwarding'] != "")
+ if ($siproxd_conf['expeditedforwarding'] != "") {
fwrite($fout, "rtp_dscp = 46\n");
- if($siproxd_conf['expeditedsipforwarding'] != "")
+ }
+ if ($siproxd_conf['expeditedsipforwarding'] != "") {
fwrite($fout, "sip_dscp = 26\n");
-
- if ($siproxd_conf['rtp_input_dejitter'] != "")
+ }
+ if ($siproxd_conf['rtp_input_dejitter'] != "") {
fwrite($fout, "rtp_input_dejitter = " . $siproxd_conf['rtp_input_dejitter'] . "\n");
- if ($siproxd_conf['rtp_output_dejitter'] != "")
+ }
+ if ($siproxd_conf['rtp_output_dejitter'] != "") {
fwrite($fout, "rtp_output_dejitter = " . $siproxd_conf['rtp_output_dejitter'] . "\n");
- if ($siproxd_conf['tcp_timeout'] != "")
+ }
+ if ($siproxd_conf['tcp_timeout'] != "") {
fwrite($fout, "tcp_timeout = " . $siproxd_conf['tcp_timeout'] . "\n");
- if ($siproxd_conf['tcp_connect_timeout'] != "")
+ }
+ if ($siproxd_conf['tcp_connect_timeout'] != "") {
fwrite($fout, "tcp_connect_timeout = " . $siproxd_conf['tcp_connect_timeout'] . "\n");
- if ($siproxd_conf['tcp_keepalive'] != "")
+ }
+ if ($siproxd_conf['tcp_keepalive'] != "") {
fwrite($fout, "tcp_keepalive = " . $siproxd_conf['tcp_keepalive'] . "\n");
+ }
- fwrite($fout, "plugindir=$varSIPROXD/lib/siproxd/\n");
+ fwrite($fout, "plugindir={$plugindir}\n");
fwrite($fout, "load_plugin=plugin_logcall.la\n");
- if ($siproxd_conf['plugin_defaulttarget'] != "")
+ if ($siproxd_conf['plugin_defaulttarget'] != "") {
fwrite($fout, "load_plugin=plugin_defaulttarget.la\n");
- if (($siproxd_conf['plugin_defaulttarget'] != "") && ($siproxd_conf['plugin_defaulttarget_log'] != ""))
+ }
+ if (($siproxd_conf['plugin_defaulttarget'] != "") && ($siproxd_conf['plugin_defaulttarget_log'] != "")) {
fwrite($fout, "plugin_defaulttarget_log = 1\n");
- if (($siproxd_conf['plugin_defaulttarget'] != "") && ($siproxd_conf['plugin_defaulttarget_target'] != ""))
+ }
+ if (($siproxd_conf['plugin_defaulttarget'] != "") && ($siproxd_conf['plugin_defaulttarget_target'] != "")) {
fwrite($fout, "plugin_defaulttarget_target = " . $siproxd_conf['plugin_defaulttarget_target'] . "\n");
+ }
- if ($siproxd_conf['plugin_fix_bogus_via'] != "")
+ if ($siproxd_conf['plugin_fix_bogus_via'] != "") {
fwrite($fout, "load_plugin=plugin_fix_bogus_via.la\n");
- if (($siproxd_conf['plugin_fix_bogus_via'] != "") && ($siproxd_conf['plugin_fix_bogus_via_networks'] != ""))
+ }
+ if (($siproxd_conf['plugin_fix_bogus_via'] != "") && ($siproxd_conf['plugin_fix_bogus_via_networks'] != "")) {
fwrite($fout, "plugin_fix_bogus_via_networks = " . $siproxd_conf['plugin_fix_bogus_via_networks'] . "\n");
+ }
- if ($siproxd_conf['plugin_stun'] != "")
+ if ($siproxd_conf['plugin_stun'] != "") {
fwrite($fout, "load_plugin=plugin_stun.la\n");
- if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_server'] != ""))
+ }
+ if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_server'] != "")) {
fwrite($fout, "plugin_stun_server = " . $siproxd_conf['plugin_stun_server'] . "\n");
- if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_port'] != ""))
+ }
+ if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_port'] != "")) {
fwrite($fout, "plugin_stun_port = " . $siproxd_conf['plugin_stun_port'] . "\n");
- if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_period'] != ""))
+ }
+ if (($siproxd_conf['plugin_stun'] != "") && ($siproxd_conf['plugin_stun_period'] != "")) {
fwrite($fout, "plugin_stun_period = " . $siproxd_conf['plugin_stun_period'] . "\n");
+ }
fclose($fout);
- if ($pfs_version == '2.2')
- $bin_dir='bin';
- else
- $bin_dir='sbin';
-
write_rcfile(array(
"file" => "siproxd.sh",
- "start" => "$varSIPROXD/{$bin_dir}/siproxd -c $varSIPROXD/etc/siproxd.conf &",
+ "start" => "{$siproxd_bin} -c {$siproxd_conffile} &",
"stop" => "/usr/bin/killall -9 siproxd"
)
);
- exec("killall -9 siproxd");
-
- sleep(3);
-
- start_service("siproxd");
-
- sleep(3);
-
+ if (is_service_running('siproxd')) {
+ stop_service("siproxd");
+ sleep(3);
+ }
+ /* Only (re)start the service when siproxd is enabled */
+ if ($siproxd_conf['sipenable'] != "0") {
+ start_service("siproxd");
+ sleep(3);
+ }
filter_configure();
conf_mount_ro();
@@ -278,38 +297,54 @@ function sync_package_siproxd() {
}
function validate_form_siproxd($post, &$input_errors) {
- if ($post['port'] && !is_port($post['port']))
+ if ($post['port'] && !is_port($post['port'])) {
$input_errors[] = 'Invalid port entered for "Listening Port"';
- if ($post['rtplower'] && !is_port($post['rtplower']))
+ }
+ if ($post['rtplower'] && !is_port($post['rtplower'])) {
$input_errors[] = 'Invalid port entered for "RTP port range (lower)".';
- if ($post['rtpupper'] && !is_port($post['rtpupper']))
+ }
+ if ($post['rtpupper'] && !is_port($post['rtpupper'])) {
$input_errors[] = 'Invalid port entered for "RTP port range (upper)".';
- if ($post['rtplower'] && $post['rtpupper'] && ($post['rtplower'] >= $post['rtpupper']))
+ }
+ if ($post['rtplower'] && $post['rtpupper'] && ($post['rtplower'] >= $post['rtpupper'])) {
$input_errors[] = 'RTP lower port cannot be equal to or higher than the RTP upper port.';
- if ($post['rtptimeout'] && (!is_numeric($post['rtptimeout']) || ($post['rtptimeout'] < 0)))
+ }
+ if ($post['rtptimeout'] && (!is_numeric($post['rtptimeout']) || ($post['rtptimeout'] < 0))) {
$input_errors[] = '"RTP stream timeout" must be numeric and greater than 0.';
- if ($post['defaulttimeout'] && (!is_numeric($post['defaulttimeout']) || ($post['defaulttimeout'] < 0)))
+ }
+ if ($post['defaulttimeout'] && (!is_numeric($post['defaulttimeout']) || ($post['defaulttimeout'] < 0))) {
$input_errors[] = '"Default expiration timeout" must be numeric and greater than 0.';
- if ($post['outboundproxyhost'] && (!is_hostname($post['outboundproxyhost']) && !is_ipaddr($post['outboundproxyhost'])))
+ }
+ if ($post['outboundproxyhost'] && (!is_hostname($post['outboundproxyhost']) && !is_ipaddr($post['outboundproxyhost']))) {
$input_errors[] = 'Invalid hostname or IP address entered for "Outbound Proxy Host".';
- if ($post['outboundproxyport'] && !is_port($post['outboundproxyport']))
+ }
+ if ($post['outboundproxyport'] && !is_port($post['outboundproxyport'])) {
$input_errors[] = 'Invalid port entered for "Outbound Proxy Port".';
- if ($post['rtp_input_dejitter'] && (!is_numeric($post['rtp_input_dejitter']) || ($post['rtp_input_dejitter'] < 0)))
+ }
+ if ($post['rtp_input_dejitter'] && (!is_numeric($post['rtp_input_dejitter']) || ($post['rtp_input_dejitter'] < 0))) {
$input_errors[] = '"Input Dejitter" must be numeric and greater than 0.';
- if ($post['rtp_output_dejitter'] && (!is_numeric($post['rtp_output_dejitter']) || ($post['rtp_output_dejitter'] < 0)))
+ }
+ if ($post['rtp_output_dejitter'] && (!is_numeric($post['rtp_output_dejitter']) || ($post['rtp_output_dejitter'] < 0))) {
$input_errors[] = '"Output Dejitter" must be numeric and greater than 0.';
- if ($post['tcp_timeout'] && (!is_numeric($post['tcp_timeout']) || ($post['tcp_timeout'] < 0)))
+ }
+ if ($post['tcp_timeout'] && (!is_numeric($post['tcp_timeout']) || ($post['tcp_timeout'] < 0))) {
$input_errors[] = '"TCP inactivity timeout" must be numeric and greater than 0.';
- if ($post['tcp_connect_timeout'] && (!is_numeric($post['tcp_connect_timeout']) || ($post['tcp_connect_timeout'] < 0)))
+ }
+ if ($post['tcp_connect_timeout'] && (!is_numeric($post['tcp_connect_timeout']) || ($post['tcp_connect_timeout'] < 0))) {
$input_errors[] = '"TCP Connect Timeout" must be numeric and greater than 0.';
- if ($post['tcp_keepalive'] && (!is_numeric($post['tcp_keepalive']) || ($post['tcp_keepalive'] < 0)))
+ }
+ if ($post['tcp_keepalive'] && (!is_numeric($post['tcp_keepalive']) || ($post['tcp_keepalive'] < 0))) {
$input_errors[] = '"TCP Keepalive" must be numeric and greater than 0.';
- if ($post['plugin_stun_server'] && (!is_hostname($post['plugin_stun_server']) && !is_ipaddr($post['plugin_stun_server'])))
+ }
+ if ($post['plugin_stun_server'] && (!is_hostname($post['plugin_stun_server']) && !is_ipaddr($post['plugin_stun_server']))) {
$input_errors[] = 'Invalid hostname or IP address entered for "STUN Server".';
- if ($post['plugin_stun_port'] && !is_port($post['plugin_stun_port']))
+ }
+ if ($post['plugin_stun_port'] && !is_port($post['plugin_stun_port'])) {
$input_errors[] = 'Invalid port entered for "STUN Port".';
- if ($post['plugin_stun_period'] && (!is_numeric($post['plugin_stun_period']) || ($post['plugin_stun_period'] < 0)))
+ }
+ if ($post['plugin_stun_period'] && (!is_numeric($post['plugin_stun_period']) || ($post['plugin_stun_period'] < 0))) {
$input_errors[] = '"STUN Period" must be numeric and greater than 0.';
+ }
}
diff --git a/config/siproxd/siproxd.xml b/config/siproxd/siproxd.xml
index cca84138..e4375d8e 100644
--- a/config/siproxd/siproxd.xml
+++ b/config/siproxd/siproxd.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
@@ -43,7 +43,7 @@
]]>
</copyright>
<name>siproxdsettings</name>
- <version>1.0.5</version>
+ <version>1.0.6</version>
<title>siproxd: Settings</title>
<include_file>/usr/local/pkg/siproxd.inc</include_file>
<aftersaveredirect>/pkg_edit.php?xml=siproxd.xml&amp;id=0</aftersaveredirect>
@@ -371,15 +371,15 @@
<type>input</type>
</field>
</fields>
- <custom_php_global_functions>
- </custom_php_global_functions>
<custom_add_php_command>
sync_package_siproxd();
</custom_add_php_command>
<custom_php_resync_config_command>
sync_package_siproxd();
</custom_php_resync_config_command>
- <filter_rules_needed>siproxd_generate_rules</filter_rules_needed>
+ <filter_rules_needed>
+ siproxd_generate_rules();
+ </filter_rules_needed>
<custom_php_validation_command>
validate_form_siproxd($_POST, $input_errors);
</custom_php_validation_command>
diff --git a/config/siproxd/siproxd_registered_phones.php b/config/siproxd/siproxd_registered_phones.php
index a8789d7f..51eb474a 100644
--- a/config/siproxd/siproxd_registered_phones.php
+++ b/config/siproxd/siproxd_registered_phones.php
@@ -1,7 +1,9 @@
<?php
/*
siproxd_registered_phones.php
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2010 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -36,8 +38,7 @@
##|*MATCH=siproxd_registered_phones.php*
##|-PRIV
-require("guiconfig.inc");
-$pgtitle = array(gettext("Status"), gettext("siproxd Registered Phones"));
+require_once("guiconfig.inc");
$phonetext = file_get_contents("/var/siproxd/siproxd_registrations");
$phonedata = explode("\n", $phonetext);
@@ -47,27 +48,28 @@ if (!is_array($phonedata)) {
}
$activephones = array();
-for ($i=0; $i < count($phonedata); $i++) {
+for ($i = 0; $i < count($phonedata); $i++) {
list($stars, $active, $expires) = explode(":", $phonedata[$i]);
if ($active == "1") {
$phone = array();
$phone["expires"] = $expires;
- $phone["real"]["type"] = $phonedata[++$i];
- $phone["real"]["user"] = $phonedata[++$i];
- $phone["real"]["host"] = $phonedata[++$i];
- $phone["real"]["port"] = $phonedata[++$i];
- $phone["nat"]["type"] = $phonedata[++$i];
- $phone["nat"]["user"] = $phonedata[++$i];
- $phone["nat"]["host"] = $phonedata[++$i];
- $phone["nat"]["port"] = $phonedata[++$i];
- $phone["registered"]["type"] = $phonedata[++$i];
- $phone["registered"]["user"] = $phonedata[++$i];
- $phone["registered"]["host"] = $phonedata[++$i];
- $phone["registered"]["port"] = $phonedata[++$i];
+ $phone["real"]["type"] = $phonedata[++$i];
+ $phone["real"]["user"] = $phonedata[++$i];
+ $phone["real"]["host"] = $phonedata[++$i];
+ $phone["real"]["port"] = $phonedata[++$i];
+ $phone["nat"]["type"] = $phonedata[++$i];
+ $phone["nat"]["user"] = $phonedata[++$i];
+ $phone["nat"]["host"] = $phonedata[++$i];
+ $phone["nat"]["port"] = $phonedata[++$i];
+ $phone["registered"]["type"] = $phonedata[++$i];
+ $phone["registered"]["user"] = $phonedata[++$i];
+ $phone["registered"]["host"] = $phonedata[++$i];
+ $phone["registered"]["port"] = $phonedata[++$i];
$activephones[] = $phone;
}
}
+$pgtitle = array(gettext("Status"), gettext("siproxd Registered Phones"));
require("head.inc");
?>
@@ -77,8 +79,7 @@ require("head.inc");
<br />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
+<tr><td>
<?php
$tab_array = array();
$tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml&amp;id=0");
@@ -86,76 +87,73 @@ require("head.inc");
$tab_array[] = array(gettext("Registered Phones"), true, "siproxd_registered_phones.php");
display_top_tabs($tab_array);
?>
- </td>
- </tr>
-
- <tr>
- <td>
- <div id="mainarea">
- <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
- <thead>
- <tr>
- <td colspan="16" class="listtopic"><?php echo gettext("Currently Registered Phones") . " (" . count($activephones) . ")"; ?></td>
- </tr>
- <tr>
- <th colspan="5">Real Phone</th>
- <th colspan="5">NAT Address</th>
- <th colspan="4">Registered With</th>
- <th colspan="2">&nbsp;</th>
- </tr>
- <tr>
- <th>Type</th>
- <th>User</th>
- <th>Host</th>
- <th>Port</th>
- <th>&nbsp;</th>
- <th>Type</th>
- <th>User</th>
- <th>Host</th>
- <th>Port</th>
- <th>&nbsp;</th>
- <th>Type</th>
- <th>User</th>
- <th>Host</th>
- <th>Port</th>
- <th>&nbsp;</th>
- <th>Expires</th>
- </tr>
- </thead>
- <?php if (count($phonedata) == 0): ?>
- <tr><td colspan="16" align="center">No Phone Data Found</td></tr>
- <? elseif (count($activephones) == 0): ?>
- <tr><td colspan="16" align="center">No Active Phones</td></tr>
- <? else: ?>
- <? foreach ($activephones as $phone): ?>
- <tr>
- <td align="center" class="listlr"><? echo ($phone['real']['type']) ? $phone['real']['type'] : "sip"; ?></td>
- <td align="center" class="listr"><? echo ($phone['real']['user']) ? $phone['real']['user'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['real']['host']) ? $phone['real']['host'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['real']['port']) ? $phone['real']['port'] : "5060"; ?></td>
-
- <td align="center" class="list">&nbsp;</td>
- <td align="center" class="listlr"><? echo ($phone['nat']['type']) ? $phone['nat']['type'] : "sip"; ?></td>
- <td align="center" class="listr"><? echo ($phone['nat']['user']) ? $phone['nat']['user'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['nat']['host']) ? $phone['nat']['host'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['nat']['port']) ? $phone['nat']['port'] : "5060"; ?></td>
-
- <td align="center" class="list">&nbsp;</td>
- <td align="center" class="listlr"><? echo ($phone['registered']['type']) ? $phone['registered']['type'] : "sip"; ?></td>
- <td align="center" class="listr"><? echo ($phone['registered']['user']) ? $phone['registered']['user'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['registered']['host']) ? $phone['registered']['host'] : "&nbsp;"; ?></td>
- <td align="center" class="listr"><? echo ($phone['registered']['port']) ? $phone['registered']['port'] : "5060"; ?></td>
-
- <td align="center" class="list">&nbsp;</td>
- <td align="center" class="listlr"><? echo date("m/d/Y h:i:sa", $phone['expires']); ?></td>
- </tr>
- <? endforeach; ?>
- <? endif; ?>
- </table>
- </div>
- </td>
- </tr>
-
+</td></tr>
+
+<tr><td>
+ <div id="mainarea">
+ <table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
+ <thead>
+ <tr>
+ <td colspan="16" class="listtopic"><?php echo gettext("Currently Registered Phones") . " (" . count($activephones) . ")"; ?></td>
+ </tr>
+ <tr>
+ <th colspan="5">Real Phone</th>
+ <th colspan="5">NAT Address</th>
+ <th colspan="4">Registered With</th>
+ <th colspan="2">&nbsp;</th>
+ </tr>
+ <tr>
+ <th>Type</th>
+ <th>User</th>
+ <th>Host</th>
+ <th>Port</th>
+ <th>&nbsp;</th>
+ <th>Type</th>
+ <th>User</th>
+ <th>Host</th>
+ <th>Port</th>
+ <th>&nbsp;</th>
+ <th>Type</th>
+ <th>User</th>
+ <th>Host</th>
+ <th>Port</th>
+ <th>&nbsp;</th>
+ <th>Expires</th>
+ </tr>
+ </thead>
+
+ <?php if (count($phonedata) == 0): ?>
+ <tr><td colspan="16" align="center">No Phone Data Found</td></tr>
+ <? elseif (count($activephones) == 0): ?>
+ <tr><td colspan="16" align="center">No Active Phones</td></tr>
+ <? else: ?>
+ <? foreach ($activephones as $phone): ?>
+ <tr>
+ <td align="center" class="listlr"><? echo ($phone['real']['type']) ? $phone['real']['type'] : "sip"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['real']['user']) ? $phone['real']['user'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['real']['host']) ? $phone['real']['host'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['real']['port']) ? $phone['real']['port'] : "5060"; ?></td>
+
+ <td align="center" class="list">&nbsp;</td>
+ <td align="center" class="listlr"><? echo ($phone['nat']['type']) ? $phone['nat']['type'] : "sip"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['nat']['user']) ? $phone['nat']['user'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['nat']['host']) ? $phone['nat']['host'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['nat']['port']) ? $phone['nat']['port'] : "5060"; ?></td>
+
+ <td align="center" class="list">&nbsp;</td>
+ <td align="center" class="listlr"><? echo ($phone['registered']['type']) ? $phone['registered']['type'] : "sip"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['registered']['user']) ? $phone['registered']['user'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['registered']['host']) ? $phone['registered']['host'] : "&nbsp;"; ?></td>
+ <td align="center" class="listr"><? echo ($phone['registered']['port']) ? $phone['registered']['port'] : "5060"; ?></td>
+
+ <td align="center" class="list">&nbsp;</td>
+ <td align="center" class="listlr"><? echo date("m/d/Y h:i:sa", $phone['expires']); ?></td>
+ </tr>
+ <? endforeach; ?>
+ <? endif; ?>
+ </table>
+ </div>
+</td></tr>
</table>
<?php include("fend.inc"); ?>
diff --git a/config/siproxd/siproxdusers.xml b/config/siproxd/siproxdusers.xml
index 7a636a3b..6dd53efe 100644
--- a/config/siproxd/siproxdusers.xml
+++ b/config/siproxd/siproxdusers.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
@@ -43,9 +43,9 @@
]]>
</copyright>
<name>siproxdusers</name>
- <version>1.0.5</version>
+ <version>1.0.6</version>
<title>siproxd: Users</title>
- <include_file>/usr/local/pkg/siproxd.inc</include_file>
+ <include_file>/usr/local/pkg/siproxd.inc</include_file>
<tabs>
<tab>
<text>Settings</text>
@@ -93,9 +93,9 @@
</field>
</fields>
<custom_add_php_command>
- sync_package_sipproxd_users();
+ sync_package_siproxd_users();
</custom_add_php_command>
<custom_php_resync_config_command>
- sync_package_sipproxd_users();
+ sync_package_siproxd_users();
</custom_php_resync_config_command>
</packagegui>
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 027207b1..b7d4299e 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -45,11 +45,6 @@ ini_set("memory_limit", "384M");
// Explicitly declare this as global so it works through function call includes
global $g, $config, $rebuild_rules;
-// Grab the Snort binary version programmatically, but if that fails use a safe default
-$snortver = array();
-$snortbindir = SNORT_PBI_BINDIR;
-exec("{$snortbindir}snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
-
/* Rebuild Rules Flag -- if "true", rebuild enforcing rules and flowbit-rules files */
$rebuild_rules = false;
@@ -292,7 +287,8 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
if (empty($list))
return $list;
$localnet = $list['localnets'];
- $wanip = $list['wanips'];
+// $wanip = $list['wanips'];
+ $wanip = 'yes';
$wangw = $list['wangateips'];
$wandns = $list['wandnsips'];
$vips = $list['vips'];
@@ -471,7 +467,7 @@ function snort_build_list($snortcfg, $listname = "", $whitelist = false, $extern
/* iterate all vips and add to whitelist */
if (is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) {
foreach($config['virtualip']['vip'] as $vip) {
- if ($vip['subnet'] && $vip['mode'] != 'proxyarp') {
+ if ($vip['subnet']) {
if (!in_array("{$vip['subnet']}/{$vip['subnet_bits']}", $home_net))
$home_net[] = "{$vip['subnet']}/{$vip['subnet_bits']}";
}
@@ -3454,7 +3450,7 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) {
/* Build a new sid-msg.map file from the enabled */
/* rules and copy it to the interface directory. */
- log_error(gettext("[Snort] Building new sig-msg.map file for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
+ log_error(gettext("[Snort] Building new sid-msg.map file for " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . "..."));
snort_build_sid_msg_map("{$snortcfgdir}/rules/", "{$snortcfgdir}/sid-msg.map");
}
@@ -3752,8 +3748,8 @@ function snort_sync_on_changes() {
$syncdownloadrules = $snort_sync['vardownloadrules'];
switch ($synconchanges){
case "manual":
- if (is_array($snort_sync[row])){
- $rs=$snort_sync[row];
+ if (is_array($snort_sync['row'])){
+ $rs=$snort_sync['row'];
}
else{
log_error("[snort] xmlrpc sync is enabled but there are no hosts configured as replication targets.");
@@ -3761,8 +3757,8 @@ function snort_sync_on_changes() {
}
break;
case "auto":
- if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){
- $system_carp=$config['installedpackages']['carpsettings']['config'][0];
+ if (is_array($config['hasync'])) {
+ $system_carp=$config['hasync'];
$rs[0]['varsyncipaddress']=$system_carp['synchronizetoip'];
$rs[0]['varsyncusername']=$system_carp['username'];
$rs[0]['varsyncpassword']=$system_carp['password'];
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index e3e1cdad..18e6ef20 100755
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -45,7 +45,7 @@
</copyright>
<description>Snort IDS/IPS Package</description>
<name>Snort</name>
- <version>3.2.6</version>
+ <version>3.2.8</version>
<title>Services: Snort IDS</title>
<include_file>/usr/local/pkg/snort/snort.inc</include_file>
<menu>
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index 0c4543cd..123661e4 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -64,19 +64,14 @@ $openappid_detectors = $config['installedpackages']['snortglobal']['openappid_de
/* Working directory for downloaded rules tarballs and extraction */
$tmpfname = "{$g['tmp_path']}/snort_rules_up";
-/* Grab the Snort binary version programmatically and use it to construct */
-/* the proper Snort VRT rules tarball and md5 filenames. Fallback to a */
-/* default in the event we fail. */
-$snortver = array();
-exec("{$snortbindir}snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
-// Save the version with decimal delimiters for use in extracting the rules
-$snort_version = $snortver[0];
-if (empty($snort_version))
- $snort_version = SNORT_BIN_VERSION;
+/* Use the Snort binary version to construct the proper Snort VRT */
+/* rules tarball and md5 filenames. Save the version with decimal */
+/* delimiters for use in extracting the rules. */
+$snort_version = SNORT_BIN_VERSION;
// Create a collapsed version string for use in the tarball filename
-$snortver[0] = str_replace(".", "", $snortver[0]);
-$snort_filename = "snortrules-snapshot-{$snortver[0]}.tar.gz";
+$snortver = str_replace(".", "", SNORT_BIN_VERSION);
+$snort_filename = "snortrules-snapshot-{$snortver}.tar.gz";
$snort_filename_md5 = "{$snort_filename}.md5";
$snort_rule_url = VRT_DNLD_URL;
diff --git a/config/snort/snort_defs.inc b/config/snort/snort_defs.inc
index 3f5c82e5..ac09db44 100644
--- a/config/snort/snort_defs.inc
+++ b/config/snort/snort_defs.inc
@@ -49,13 +49,12 @@ if (!defined("SNORTLOGDIR"))
define("SNORTLOGDIR", "{$g['varlog_path']}/snort");
if (!defined("SNORT_BIN_VERSION")) {
// Grab the Snort binary version programmatically
- $snortver = array();
$snortbindir = SNORT_PBI_BINDIR;
- mwexec("{$snortbindir}/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver);
- if (!empty($snortver[0]))
- define("SNORT_BIN_VERSION", $snortver[0]);
+ $snortver = exec_command("{$snortbindir}/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26");
+ if (!empty($snortver))
+ define("SNORT_BIN_VERSION", $snortver);
else
- define("SNORT_BIN_VERSION", "2.9.7.3");
+ define("SNORT_BIN_VERSION", "2.9.7.5");
}
if (!defined("SNORT_SID_MODS_PATH"))
define('SNORT_SID_MODS_PATH', "{$g['vardb_path']}/snort/sidmods/");
diff --git a/config/snort/snort_migrate_config.php b/config/snort/snort_migrate_config.php
index ae1daf6a..edcbb2d5 100644
--- a/config/snort/snort_migrate_config.php
+++ b/config/snort/snort_migrate_config.php
@@ -541,10 +541,10 @@ unset($r);
// Log a message if we changed anything
if ($updated_cfg) {
- $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2.6";
log_error("[Snort] Settings successfully migrated to new configuration format...");
}
-else
+else {
log_error("[Snort] Configuration version is current...");
+}
?>
diff --git a/config/snort/snort_passlist.php b/config/snort/snort_passlist.php
index 965f22d7..1b377a1f 100644
--- a/config/snort/snort_passlist.php
+++ b/config/snort/snort_passlist.php
@@ -197,7 +197,8 @@ if ($savemsg) {
<p><?php echo gettext("1. Here you can create Pass List files for your Snort package rules. Hosts on a Pass List are never blocked by Snort."); ?><br/>
<?php echo gettext("2. Add all the IP addresses or networks (in CIDR notation) you want to protect against Snort block decisions."); ?><br/>
<?php echo gettext("3. The default Pass List includes the WAN IP and gateway, defined DNS servers, VPNs and locally-attached networks."); ?><br/>
- <?php echo gettext("4. Be careful, it is very easy to get locked out of your system by altering the default settings."); ?></p></span></td>
+ <?php echo gettext("4. Be careful, it is very easy to get locked out of your system by altering the default settings."); ?><br/>
+ <?php echo gettext("5. To use a custom Pass List on an interface, you must manually assign the list using the drop-down control on the Interface Settings tab."); ?></p></span></td>
</tr>
<tr>
<td width="100%"><span class="vexpl"><?php echo gettext("Remember you must restart Snort on the interface for changes to take effect!"); ?></span></td>
diff --git a/config/snort/snort_passlist_edit.php b/config/snort/snort_passlist_edit.php
index 75724344..25ebcc82 100644
--- a/config/snort/snort_passlist_edit.php
+++ b/config/snort/snort_passlist_edit.php
@@ -3,7 +3,7 @@
* snort_passlist_edit.php
* Copyright (C) 2004 Scott Ullrich
* Copyright (C) 2011-2012 Ermal Luci
- * Copyright (C) 2014 Bill Meeks
+ * Copyright (C) 2015 Bill Meeks
* All rights reserved.
*
* originially part of m0n0wall (http://m0n0.ch/wall)
@@ -71,7 +71,7 @@ if (isset($id) && isset($a_passlist[$id])) {
$pconfig['address'] = $a_passlist[$id]['address'];
$pconfig['descr'] = html_entity_decode($a_passlist[$id]['descr']);
$pconfig['localnets'] = $a_passlist[$id]['localnets'];
- $pconfig['wanips'] = $a_passlist[$id]['wanips'];
+// $pconfig['wanips'] = $a_passlist[$id]['wanips'];
$pconfig['wangateips'] = $a_passlist[$id]['wangateips'];
$pconfig['wandnsips'] = $a_passlist[$id]['wandnsips'];
$pconfig['vips'] = $a_passlist[$id]['vips'];
@@ -87,7 +87,7 @@ if ($_GET['act'] == "import") {
$pconfig['address'] = htmlspecialchars($_GET['address']);
$pconfig['descr'] = htmlspecialchars($_GET['descr']);
$pconfig['localnets'] = htmlspecialchars($_GET['localnets'])? 'yes' : 'no';
- $pconfig['wanips'] = htmlspecialchars($_GET['wanips'])? 'yes' : 'no';
+// $pconfig['wanips'] = htmlspecialchars($_GET['wanips'])? 'yes' : 'no';
$pconfig['wangateips'] = htmlspecialchars($_GET['wangateips'])? 'yes' : 'no';
$pconfig['wandnsips'] = htmlspecialchars($_GET['wandnsips'])? 'yes' : 'no';
$pconfig['vips'] = htmlspecialchars($_GET['vips'])? 'yes' : 'no';
@@ -168,7 +168,7 @@ if ($_POST['save']) {
$p_list['name'] = $_POST['name'];
$p_list['uuid'] = $passlist_uuid;
$p_list['localnets'] = $_POST['localnets']? 'yes' : 'no';
- $p_list['wanips'] = $_POST['wanips']? 'yes' : 'no';
+// $p_list['wanips'] = $_POST['wanips']? 'yes' : 'no';
$p_list['wangateips'] = $_POST['wangateips']? 'yes' : 'no';
$p_list['wandnsips'] = $_POST['wandnsips']? 'yes' : 'no';
$p_list['vips'] = $_POST['vips']? 'yes' : 'no';
@@ -255,7 +255,6 @@ if ($savemsg)
<tr>
<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Add auto-generated IP Addresses."); ?></td>
</tr>
-
<tr>
<td width="22%" valign="top" class="vncell"><?php echo gettext("Local Networks"); ?></td>
<td width="78%" class="vtable"><input name="localnets" type="checkbox"
@@ -263,14 +262,6 @@ if ($savemsg)
<?php if($pconfig['localnets'] == 'yes'){ echo "checked";} if($pconfig['localnets'] == ''){ echo "checked";} ?> />
<span class="vexpl"> <?php echo gettext("Add firewall Local Networks to the list (excluding WAN)."); ?> </span></td>
</tr>
-
- <tr>
- <td width="22%" valign="top" class="vncell"><?php echo gettext("WAN IPs"); ?></td>
- <td width="78%" class="vtable"><input name="wanips" type="checkbox"
- id="wanips" size="40" value="yes"
- <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?> />
- <span class="vexpl"> <?php echo gettext("Add WAN interface IPs to the list."); ?> </span></td>
- </tr>
<tr>
<td width="22%" valign="top" class="vncell"><?php echo gettext("WAN Gateways"); ?></td>
<td width="78%" class="vtable"><input name="wangateips"
diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php
index 280f0efe..bbb2642c 100644
--- a/config/snort/snort_post_install.php
+++ b/config/snort/snort_post_install.php
@@ -265,8 +265,8 @@ if (stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE)
$config['widgets']['sequence'] .= ",{$snort_widget_container}";
/* Update Snort package version in configuration */
-$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.2.6";
-write_config("Snort pkg v3.2.6: post-install configuration saved.");
+$config['installedpackages']['snortglobal']['snort_config_ver'] = $config['installedpackages']['package'][get_pkg_id("snort")]['version'];
+write_config("Snort pkg v{$config['installedpackages']['package'][get_pkg_id("snort")]['version']}: post-install configuration saved.");
/* Done with post-install, so clear flag */
unset($g['snort_postinstall']);
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 7155d560..2705ceb6 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -153,7 +153,7 @@ function squid_dash_z($cache_action='none') {
if (file_exists("/var/squid/cache/swap.state")) {
chown("/var/squid/cache/swap.state", SQUID_UID);
chgrp("/var/squid/cache/swap.state", SQUID_GID);
- chmod("/var/squid/cache/swap.state", "a+rw");
+ chmod("/var/squid/cache/swap.state", 0666);
}
}
@@ -308,7 +308,7 @@ function squid_install_command() {
/* make sure pinger is executable */
if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger"))
- @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", "a+x");
+ @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
// XXX: Is it really necessary?
if (file_exists("/usr/local/etc/rc.d/squid"))
@@ -318,7 +318,7 @@ function squid_install_command() {
// XXX: Is it really necessary? mode is set to 0755 in squid.xml
if (file_exists("/usr/local/pkg/swapstate_check.php"))
- @chmod("/usr/local/pkg/swapstate_check.php", "a+x");
+ @chmod("/usr/local/pkg/swapstate_check.php", 0755);
write_rcfile(array(
"file" => "sqp_monitor.sh",
@@ -1934,7 +1934,7 @@ function squid_resync($via_rpc="no") {
/* make sure pinger is executable */
// XXX: Is it really necessary? Who could change its permission?
if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
- exec("chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger");
+ @chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
$log_dir="";
// check if squid is enabled
diff --git a/config/urlsnarf/urlsnarf.xml b/config/urlsnarf/urlsnarf.xml
index c65d1a14..97b3d6bd 100644
--- a/config/urlsnarf/urlsnarf.xml
+++ b/config/urlsnarf/urlsnarf.xml
@@ -3,23 +3,28 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
-/* ========================================================================== */
+<![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013
+ urlsnarf.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013-2015 ESF, LLC
All rights reserved.
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
@@ -31,14 +36,12 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+*/
+/* ====================================================================================== */
]]>
</copyright>
<description>urlsnarf</description>
- <requirements>None</requirements>
- <faq></faq>
<name>urlsnarf</name>
- <version>0.0</version>
+ <version>2.4b1</version>
<title>urlsnarf</title>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/zabbix-agent-lts/zabbix-agent-lts.inc b/config/zabbix-agent-lts/zabbix-agent-lts.inc
index e3e5570c..7eb7c564 100644
--- a/config/zabbix-agent-lts/zabbix-agent-lts.inc
+++ b/config/zabbix-agent-lts/zabbix-agent-lts.inc
@@ -1,159 +1,149 @@
<?php
-/* $Id$ */
-/* ========================================================================== */
/*
- zabbix-agent-lts.inc
- part of the Zabbix package for pfSense
- Copyright (C) 2013 Danilo G. Baio
- Copyright (C) 2013 Marcello Coutinho
-
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ zabbix-agent-lts.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Danilo G. Baio
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
require_once("util.inc");
require_once("functions.inc");
require_once("pkg-utils.inc");
require_once("globals.inc");
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+$pf_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
if ($pf_version == "2.1" || $pf_version == "2.2") {
define('ZABBIX_AGENT_BASE', '/usr/pbi/zabbix22-agent-' . php_uname("m"));
} else {
define('ZABBIX_AGENT_BASE', '/usr/local');
}
-function php_install_zabbix_agent_lts(){
- sync_package_zabbix_agent_lts();
-}
-
-function php_deinstall_zabbix_agent_lts(){
- global $config, $g;
-
- conf_mount_rw();
+function php_deinstall_zabbix_agent_lts() {
+ conf_mount_rw();
- exec("/usr/bin/killall zabbix_agentd");
- unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/rc.d/zabbix_agentd_lts.sh");
- unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/zabbix22/zabbix_agentd.conf");
- unlink_if_exists("/var/log/zabbix-agent-lts/zabbix_agentd_lts.log");
- unlink_if_exists("/var/run/zabbix-agent-lts/zabbix_agentd_lts.pid");
+ stop_service("zabbix_agentd_lts");
+ unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/rc.d/zabbix_agentd_lts.sh");
+ unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/zabbix22/zabbix_agentd.conf");
+ unlink_if_exists("/var/log/zabbix-agent-lts/zabbix_agentd_lts.log");
+ unlink_if_exists("/var/run/zabbix-agent-lts/zabbix_agentd_lts.pid");
if (is_dir("/var/log/zabbix-agent-lts")) {
- exec("/bin/rm -r /var/log/zabbix-agent-lts/");
+ mwexec("/bin/rm -rf /var/log/zabbix-agent-lts/");
}
-
if (is_dir("/var/run/zabbix-agent-lts")) {
- exec("/bin/rm -r /var/run/zabbix-agent-lts/");
+ mwexec("/bin/rm -rf /var/run/zabbix-agent-lts/");
}
- conf_mount_ro();
+ conf_mount_ro();
}
-function validate_input_zabbix_agent_lts($post, &$input_errors){
+function validate_input_zabbix_agent_lts($post, &$input_errors) {
if (isset($post['agentenabled'])) {
if (!preg_match("/\w+/", $post['server'])) {
- $input_errors[]='Server field is required.';
+ $input_errors[] = "Server field is required.";
}
-
+
if (!preg_match("/\w+/", $post['hostname'])) {
- $input_errors[]='Hostname field is required.';
+ $input_errors[] = "Hostname field is required.";
}
-
+
if ($post['listenip'] != '') {
- if (!is_ipaddr_configured($post['listenip']) && !preg_match("/(127.0.0.1|0.0.0.0)/",$post['listenip'])) {
- $input_errors[]='Listen IP is not a configured IP address.';
+ if (!is_ipaddr_configured($post['listenip']) && !preg_match("/(127.0.0.1|0.0.0.0)/", $post['listenip'])) {
+ $input_errors[] = "'Listen IP' is not a configured IP address.";
}
}
if ($post['listenport'] != '') {
- if (!preg_match("/^\d+$/", $post['listenport'])) {
- $input_errors[]='Listen Port is not numeric.';
- }
+ if (!is_numericint($post['listenport'])) {
+ $input_errors[] = "'Listen Port' value is not numeric.";
+ } elseif ($post['listenport'] < 1 || $post['listenport'] > 65535) {
+ $input_errors[] = "You must enter a valid value for 'Listen Port'.";
+ }
}
if ($post['refreshactchecks'] != '') {
- if (!preg_match("/^\d+$/", $post['refreshactchecks'])) {
- $input_errors[]='Refresh Active Checks is not numeric.';
- } elseif ( $post['refreshactchecks'] < 60 || $post['refreshactchecks'] > 3600 ) {
- $input_errors[]='You must enter a valid value for \'Refresh Active Checks\'';
+ if (!is_numericint($post['refreshactchecks'])) {
+ $input_errors[] = "'Refresh Active Checks' value is not numeric.";
+ } elseif ($post['refreshactchecks'] < 60 || $post['refreshactchecks'] > 3600) {
+ $input_errors[] = "You must enter a valid value for 'Refresh Active Checks'.";
}
}
if ($post['timeout'] != '') {
if (!is_numericint($post['timeout'])) {
- $input_errors[]='Timeout is not numeric.';
- } elseif ( $post['timeout'] < 1 || $post['timeout'] > 30 ) {
- $input_errors[]='You must enter a valid value for \'Timeout\'';
+ $input_errors[] = "Timeout value is not numeric.";
+ } elseif ($post['timeout'] < 1 || $post['timeout'] > 30) {
+ $input_errors[] = "You must enter a valid value for 'Timeout'.";
}
}
-
+
if ($post['buffersend'] != '') {
if (!is_numericint($post['buffersend'])) {
- $input_errors[]='Buffer Send is not numeric.';
- } elseif ( $post['buffersend'] < 1 || $post['buffersend'] > 3600 ) {
- $input_errors[]='You must enter a valid value for \'Buffer Send\'';
+ $input_errors[] = "'Buffer Send' value is not numeric.";
+ } elseif ($post['buffersend'] < 1 || $post['buffersend'] > 3600) {
+ $input_errors[] = "You must enter a valid value for 'Buffer Send'.";
}
}
-
+
if ($post['buffersize'] != '') {
if (!is_numericint($post['buffersize'])) {
- $input_errors[]='Bufer Size is not numeric.';
- } elseif ( $post['buffersize'] < 2 || $post['buffersize'] > 65535 ) {
- $input_errors[]='You must enter a valid value for \'Buffer Size\'';
+ $input_errors[] = "'Buffer Size' value is not numeric.";
+ } elseif ($post['buffersize'] < 2 || $post['buffersize'] > 65535) {
+ $input_errors[] = "You must enter a valid value for 'Buffer Size'.";
}
}
-
+
if ($post['startagents'] != '') {
if (!is_numericint($post['startagents'])) {
- $input_errors[]='Start Agents is not numeric.';
- } elseif ( $post['startagents'] < 0 || $post['startagents'] > 100 ) {
- $input_errors[]='You must enter a valid value for \'Start Agents\'';
+ $input_errors[] = "'Start Agents' value is not numeric.";
+ } elseif ($post['startagents'] < 0 || $post['startagents'] > 100) {
+ $input_errors[] = "You must enter a valid value for 'Start Agents'.";
}
}
- }
+ }
}
-function sync_package_zabbix_agent_lts(){
+function sync_package_zabbix_agent_lts() {
global $config, $g;
conf_mount_rw();
- /* check zabbix agent settings*/
- if (is_array($config['installedpackages']['zabbixagentlts'])){
+ // Check Zabbix Agent settings
+ if (is_array($config['installedpackages']['zabbixagentlts'])) {
$zbagent_config = $config['installedpackages']['zabbixagentlts']['config'][0];
- if ($zbagent_config['agentenabled']=="on"){
- $RefreshActChecks=(preg_match("/(\d+)/",$zbagent_config['refreshactchecks'],$matches)? $matches[1] : "120");
- $BufferSend=(preg_match("/(\d+)/",$zbagent_config['buffersend'],$matches)? $matches[1] : "5" );
- $BufferSize=(preg_match("/(\d+)/",$zbagent_config['buffersize'],$matches)? $matches[1] : "100");
- $StartAgents=(preg_match("/(\d+)/",$zbagent_config['startagents'],$matches)? $matches[1] :"3" );
- $UserParams=base64_decode($zbagent_config['userparams']);
- $ListenIp=($zbagent_config['listenip'] != ''? $zbagent_config['listenip'] : "0.0.0.0");
- $ListenPort=($zbagent_config['listenport'] != ''? $zbagent_config['listenport'] : "10050");
- $TimeOut=($zbagent_config['timeout'] != ''? $zbagent_config['timeout'] : "3");
-
+ if ($zbagent_config['agentenabled'] == "on") {
+ $RefreshActChecks = (preg_match("/(\d+)/", $zbagent_config['refreshactchecks'], $matches)? $matches[1] : "120");
+ $BufferSend = (preg_match("/(\d+)/", $zbagent_config['buffersend'], $matches) ? $matches[1] : "5");
+ $BufferSize = (preg_match("/(\d+)/", $zbagent_config['buffersize'], $matches) ? $matches[1] : "100");
+ $StartAgents = (preg_match("/(\d+)/", $zbagent_config['startagents'], $matches) ? $matches[1] : "3");
+ $UserParams = base64_decode($zbagent_config['userparams']);
+ $ListenIp = $zbagent_config['listenip'] ?: "0.0.0.0";
+ $ListenPort = $zbagent_config['listenport'] ?: "10050";
+ $TimeOut = $zbagent_config['timeout'] ?: "3";
+
$zbagent_conf_file = <<< EOF
Server={$zbagent_config['server']}
ServerActive={$zbagent_config['serveractive']}
@@ -172,33 +162,35 @@ StartAgents={$StartAgents}
{$UserParams}
EOF;
- file_put_contents(ZABBIX_AGENT_BASE . "/etc/zabbix22/zabbix_agentd.conf", strtr($zbagent_conf_file, array("\r" => "")));
+ file_put_contents(ZABBIX_AGENT_BASE . "/etc/zabbix22/zabbix_agentd.conf", strtr($zbagent_conf_file, array("\r" => "")));
}
}
+
$want_sysctls = array(
'kern.ipc.shmall' => '2097152',
'kern.ipc.shmmax' => '2147483648',
'kern.ipc.semmsl' => '250'
);
$sysctls = array();
- #check sysctl file values
+ // Check sysctl file values
$sc_file="";
if (file_exists("/etc/sysctl.conf")) {
$sc = file("/etc/sysctl.conf");
foreach ($sc as $line) {
list($sysk, $sysv) = explode("=", $line, 2);
- if (preg_match("/\w/",$line) && !array_key_exists($sysk, $want_sysctls))
- $sc_file.=$line;
+ if (preg_match("/\w/", $line) && !array_key_exists($sysk, $want_sysctls)) {
+ $sc_file .= $line;
}
+ }
}
- foreach ($want_sysctls as $ws=> $wv) {
+ foreach ($want_sysctls as $ws => $wv) {
$sc_file .= "{$ws}={$wv}\n";
- exec("/sbin/sysctl {$ws}={$wv}");
+ mwexec("/sbin/sysctl {$ws}={$wv}");
}
file_put_contents("/etc/sysctl.conf", $sc_file);
- #check bootloader values
- $lt_file="";
+ // Check bootloader values
+ $lt_file = "";
$want_tunables = array(
'kern.ipc.semopm' => '100',
'kern.ipc.semmni' => '128',
@@ -210,61 +202,62 @@ EOF;
$lt = file("/boot/loader.conf");
foreach ($lt as $line) {
list($tunable, $val) = explode("=", $line, 2);
- if (preg_match("/\w/",$line) && !array_key_exists($tunable, $want_tunables))
- $lt_file.=$line;
+ if (preg_match("/\w/", $line) && !array_key_exists($tunable, $want_tunables)) {
+ $lt_file .= $line;
+ }
}
}
foreach ($want_tunables as $wt => $wv) {
- $lt_file.= "{$wt}={$wv}\n";
+ $lt_file .= "{$wt}={$wv}\n";
}
file_put_contents("/boot/loader.conf", $lt_file);
- /*check startup script files*/
- /* create a few directories and ensure the sample files are in place */
- if (!is_dir(ZABBIX_AGENT_BASE . "/etc/zabbix22"))
- exec("/bin/mkdir -p " . ZABBIX_AGENT_BASE . "/etc/zabbix22");
-
- $dir_checks = <<< EOF
-if [ ! -d /var/log/zabbix-agent-lts ]
- then
- /bin/mkdir -p /var/log/zabbix-agent-lts
- /usr/sbin/chmod 755 /var/log/zabbix-agent-lts
- fi
-/usr/sbin/chown -R zabbix:zabbix /var/log/zabbix-agent-lts
-
-if [ ! -d /var/run/zabbix-agent-lts ]
- then
- /bin/mkdir -p /var/run/zabbix-agent-lts
- /usr/sbin/chmod 755 /var/run/zabbix-agent-lts
- fi
-/usr/sbin/chown -R zabbix:zabbix /var/run/zabbix-agent-lts
+ // Check startup script files
+ // Create a few directories and ensure the sample files are in place
+ if (!is_dir(ZABBIX_AGENT_BASE . "/etc/zabbix22")) {
+ mwexec("/bin/mkdir -p " . ZABBIX_AGENT_BASE . "/etc/zabbix22");
+ }
+
+ $dir_checks = <<< EOF
+
+ if [ ! -d /var/log/zabbix-agent-lts ]; then
+ /bin/mkdir -p /var/log/zabbix-agent-lts
+ /usr/sbin/chmod 755 /var/log/zabbix-agent-lts
+ fi
+ /usr/sbin/chown -R zabbix:zabbix /var/log/zabbix-agent-lts
+
+ if [ ! -d /var/run/zabbix-agent-lts ]; then
+ /bin/mkdir -p /var/run/zabbix-agent-lts
+ /usr/sbin/chmod 755 /var/run/zabbix-agent-lts
+ fi
+ /usr/sbin/chown -R zabbix:zabbix /var/run/zabbix-agent-lts
EOF;
-
- $zagent_rcfile="/usr/local/etc/rc.d/zabbix_agentd_lts.sh";
- if (is_array($zbagent_config) && $zbagent_config['agentenabled']=="on"){
+
+ $zagent_rcfile = "/usr/local/etc/rc.d/zabbix_agentd_lts.sh";
+ if (is_array($zbagent_config) && $zbagent_config['agentenabled'] == "on") {
$zagent_start .= strtr($dir_checks, array("\r" => "")). "\necho \"Starting Zabbix Agent LTS...\"\n";
$zagent_start .= ZABBIX_AGENT_BASE . "/sbin/zabbix_agentd\n";
-
- $zagent_stop = "echo \"Stopping Zabbix Agent LTS...\"\n";
+
+ $zagent_stop = "echo \"Stopping Zabbix Agent LTS...\"\n";
$zagent_stop .= "/usr/bin/killall zabbix_agentd\n";
$zagent_stop .= "/bin/sleep 5\n";
-
- /* write out rc.d start/stop file */
+
+ // write out rc.d start/stop file
write_rcfile(array(
- "file" => "zabbix_agentd_lts.sh",
- "start" => "$zagent_start",
- "stop" => "$zagent_stop"
- )
+ "file" => "zabbix_agentd_lts.sh",
+ "start" => "$zagent_start",
+ "stop" => "$zagent_stop"
+ )
);
- mwexec("{$zagent_rcfile} restart");
- }else{
- if (file_exists($zagent_rcfile)){
- mwexec("{$zagent_rcfile} stop");
- unlink($zagent_rcfile);
+ restart_service("zabbix_agentd_lts");
+ } else {
+ if (is_service_running("zabbix_agentd_lts")) {
+ stop_service("zabbix_agentd_lts");
}
+ unlink_if_exists($zagent_rcfile);
}
-
+
conf_mount_ro();
}
diff --git a/config/zabbix-agent-lts/zabbix-agent-lts.xml b/config/zabbix-agent-lts/zabbix-agent-lts.xml
index c58ac04c..8883ff22 100644
--- a/config/zabbix-agent-lts/zabbix-agent-lts.xml
+++ b/config/zabbix-agent-lts/zabbix-agent-lts.xml
@@ -1,54 +1,57 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
-<copyright>
+ <copyright>
<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- zabbix-agent-lts.xml
- part of the Zabbix package for pfSense
- Copyright (C) 2013 Danilo G. Baio
- Copyright (C) 2013 Marcello Coutinho
-
- All rights reserved.
- */
-/* ========================================================================== */
+ zabbix-agent-lts.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Danilo G. Baio
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
]]>
</copyright>
<name>zabbixagentlts</name>
<title>Services: Zabbix Agent LTS</title>
<category>Monitoring</category>
- <version>0.8.5</version>
+ <version>0.8.6</version>
<include_file>/usr/local/pkg/zabbix-agent-lts.inc</include_file>
<addedit_string>Zabbix Agent LTS has been created/modified.</addedit_string>
<delete_string>Zabbix Agent LTS has been deleted.</delete_string>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/zabbix-agent-lts/zabbix-agent-lts.inc</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<menu>
<name>Zabbix Agent LTS</name>
@@ -60,7 +63,7 @@
<name>zabbix_agentd_lts</name>
<rcfile>zabbix_agentd_lts.sh</rcfile>
<executable>zabbix_agentd</executable>
- <description>Zabbix Agent LTS host monitor daemon</description>
+ <description>Zabbix Agent LTS Host Monitor Daemon</description>
</service>
<tabs>
<tab>
@@ -69,6 +72,7 @@
<active />
</tab>
</tabs>
+ <advanced_options>enabled</advanced_options>
<fields>
<field>
<name>Zabbix Agent LTS Settings</name>
@@ -77,27 +81,27 @@
<field>
<fielddescr>Enable</fielddescr>
<fieldname>agentenabled</fieldname>
- <description>Enable Zabbix Agent LTS service</description>
+ <description>Enable Zabbix Agent LTS service.</description>
<type>checkbox</type>
</field>
<field>
<fielddescr>Server</fielddescr>
<fieldname>server</fieldname>
- <description>List of comma delimited IP addresses (or hostnames) of ZABBIX servers</description>
+ <description>List of comma delimited IP addresses (or hostnames) of ZABBIX servers.</description>
<type>input</type>
<size>60</size>
</field>
<field>
<fielddescr>Server Active</fielddescr>
<fieldname>serveractive</fieldname>
- <description>List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks</description>
+ <description>List of comma delimited IP:port (or hostname:port) pairs of Zabbix servers for active checks.</description>
<type>input</type>
<size>60</size>
</field>
<field>
<fielddescr>Hostname</fielddescr>
<fieldname>hostname</fieldname>
- <description>Unique hostname. Required for active checks and must match hostname as configured on the Zabbix server (case sensitive).</description>
+ <description>Unique, case sensitive hostname. Required for active checks and must match hostname as configured on the Zabbix server.</description>
<type>input</type>
<size>60</size>
</field>
@@ -107,7 +111,7 @@
<default_value>0.0.0.0</default_value>
<type>input</type>
<size>60</size>
- <description>Listen IP for connections from the server (default 0.0.0.0 for all interfaces)</description>
+ <description>Listen IP for connections from the server. (Default: 0.0.0.0 - all interfaces)</description>
</field>
<field>
<fielddescr>Listen Port</fielddescr>
@@ -115,7 +119,7 @@
<default_value>10050</default_value>
<type>input</type>
<size>5</size>
- <description>Listen port for connections from the server (default 10050)</description>
+ <description>Listen port for connections from the server. (Default: 10050)</description>
</field>
<field>
<fielddescr>Refresh Active Checks</fielddescr>
@@ -123,7 +127,7 @@
<default_value>120</default_value>
<type>input</type>
<size>5</size>
- <description>The agent will refresh list of active checks once per 120 (default) seconds.</description>
+ <description>The agent will refresh list of active checks once per this number of seconds. (Default: 120)</description>
</field>
<field>
<fielddescr>Timeout</fielddescr>
@@ -131,7 +135,13 @@
<default_value>3</default_value>
<type>input</type>
<size>5</size>
- <description>Timeout (default 3). Do not spend more that Timeout seconds on getting requested value (1-30). The agent does not kill timeouted User Parameters processes!</description>
+ <description>
+ <![CDATA[
+ Do not spend more that N seconds on getting requested value.<br />
+ Note: The agent does not kill timeouted User Parameters processes!<br />
+ (Default: 3. Valid range: 1-30)
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Buffer Send</fielddescr>
@@ -139,7 +149,12 @@
<default_value>5</default_value>
<type>input</type>
<size>5</size>
- <description>Buffer Send (default 5). Do not keep data longer than N seconds in buffer (1-3600).</description>
+ <description>
+ <![CDATA[
+ Do not keep data longer than N seconds in buffer.<br />
+ (Default: 5. Valid range: 1-3600)
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Buffer Size</fielddescr>
@@ -147,7 +162,12 @@
<default_value>100</default_value>
<type>input</type>
<size>5</size>
- <description>Buffer Size (default 100). Maximum number of values in a memory buffer (2-65535). The agent will send all collected data to Zabbix server or proxy if the buffer is full.</description>
+ <description>
+ <![CDATA[
+ Maximum number of values in the memory buffer. The agent will send all collected data to Zabbix server or proxy if the buffer is full.<br />
+ (Default: 100. Valid range: 2-65535)
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Start Agents</fielddescr>
@@ -155,7 +175,13 @@
<default_value>3</default_value>
<type>input</type>
<size>5</size>
- <description>Start Agents (default 3). Number of pre-forked instances of zabbix_agentd that process passive checks (0-100).If set to 0, disables passive checks and the agent will not listen on any TCP port.</description>
+ <description>
+ <![CDATA[
+ Number of pre-forked instances of zabbix_agentd that process passive checks.<br />
+ Note: Setting to 0 disables passive checks and the agent will not listen on any TCP port.<br />
+ (Default: 3. Valid range: 0-100)
+ ]]>
+ </description>
</field>
<field>
<fielddescr>User Parameters</fielddescr>
@@ -164,15 +190,25 @@
<type>textarea</type>
<rows>5</rows>
<cols>50</cols>
- <description>User-defined parameter to monitor. There can be several user-defined parameters. Value has form, example: UserParameter=users,who|wc -l</description>
+ <description>
+ <![CDATA[
+ User-defined parameter(s) to monitor. There can be multiple user-defined parameters.<br />
+ Example: <em>UserParameter=users,who|wc -l</em>
+ ]]>
+ </description>
+ <advancedfield/>
</field>
</fields>
- <custom_php_install_command>sync_package_zabbix_agent_lts();</custom_php_install_command>
- <custom_php_command_before_form></custom_php_command_before_form>
- <custom_php_after_head_command></custom_php_after_head_command>
- <custom_php_after_form_command></custom_php_after_form_command>
- <custom_php_validation_command>validate_input_zabbix_agent_lts($_POST, $input_errors);</custom_php_validation_command>
- <custom_add_php_command></custom_add_php_command>
- <custom_php_resync_config_command>sync_package_zabbix_agent_lts();</custom_php_resync_config_command>
- <custom_php_deinstall_command>php_deinstall_zabbix_agent_lts();</custom_php_deinstall_command>
+ <custom_php_install_command>
+ sync_package_zabbix_agent_lts();
+ </custom_php_install_command>
+ <custom_php_validation_command>
+ validate_input_zabbix_agent_lts($_POST, $input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_zabbix_agent_lts();
+ </custom_php_resync_config_command>
+ <custom_php_deinstall_command>
+ php_deinstall_zabbix_agent_lts();
+ </custom_php_deinstall_command>
</packagegui>
diff --git a/config/zabbix-proxy-lts/zabbix-proxy-lts.inc b/config/zabbix-proxy-lts/zabbix-proxy-lts.inc
index bc9864f4..f1b877b5 100644
--- a/config/zabbix-proxy-lts/zabbix-proxy-lts.inc
+++ b/config/zabbix-proxy-lts/zabbix-proxy-lts.inc
@@ -1,110 +1,101 @@
<?php
-/* $Id$ */
-/* ========================================================================== */
/*
- zabbix-proxy-lts.inc
- part of the Zabbix package for pfSense
- Copyright (C) 2013 Danilo G. Baio
- Copyright (C) 2013 Marcello Coutinho
-
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ zabbix-proxy-lts.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Danilo G. Baio
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
require_once("util.inc");
require_once("functions.inc");
require_once("pkg-utils.inc");
require_once("globals.inc");
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+$pf_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
if ($pf_version == "2.1" || $pf_version == "2.2") {
define('ZABBIX_PROXY_BASE', '/usr/pbi/zabbix22-proxy-' . php_uname("m"));
} else {
define('ZABBIX_PROXY_BASE', '/usr/local');
}
-function php_install_zabbix_proxy_lts(){
- sync_package_zabbix_proxy_lts();
-}
-
-function php_deinstall_zabbix_proxy_lts(){
- global $config, $g;
-
- conf_mount_rw();
+function php_deinstall_zabbix_proxy_lts() {
+ conf_mount_rw();
- exec("/usr/bin/killall zabbix_proxy");
- unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/rc.d/zabbix_proxy_lts.sh");
- unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/zabbix22/zabbix_proxy_lts.conf");
- unlink_if_exists("/var/log/zabbix-proxy-lts/zabbix_proxy_lts.log");
- unlink_if_exists("/var/run/zabbix-proxy-lts/zabbix_proxy_lts.pid");
+ stop_service("zabbix_proxy_lts");
+ unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/rc.d/zabbix_proxy_lts.sh");
+ unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/zabbix22/zabbix_proxy_lts.conf");
+ unlink_if_exists("/var/log/zabbix-proxy-lts/zabbix_proxy_lts.log");
+ unlink_if_exists("/var/run/zabbix-proxy-lts/zabbix_proxy_lts.pid");
if (is_dir("/var/log/zabbix-proxy-lts")) {
- exec("/bin/rm -r /var/log/zabbix-proxy-lts/");
+ mwexec("/bin/rm -rf /var/log/zabbix-proxy-lts/");
}
if (is_dir("/var/run/zabbix-proxy-lts")) {
- exec("/bin/rm -r /var/run/zabbix-proxy-lts/");
+ mwexec("/bin/rm -rf /var/run/zabbix-proxy-lts/");
}
- if (is_dir("/var/db/zabbix-proxy-lts")) {
- exec("/bin/rm -r /var/db/zabbix-proxy-lts/");
+ if (is_dir("/var/db/zabbix-proxy-lts")) {
+ mwexec("/bin/rm -rf /var/db/zabbix-proxy-lts/");
}
- conf_mount_ro();
+ conf_mount_ro();
}
-function validate_input_zabbix_proxy_lts($post, &$input_errors){
- if (isset($post['proxyenabled'])) {
+function validate_input_zabbix_proxy_lts($post, &$input_errors) {
+ if (isset($post['proxyenabled'])) {
if (!preg_match("/\w+/", $post['server'])) {
- $input_errors[]='Server field is required.';
+ $input_errors[] = "Server field is required.";
}
if (!is_numericint($post['serverport'])) {
- $input_errors[]='Server Port is not numeric.'.$ServerPort;
+ $input_errors[] = "'Server Port' value is not numeric.";
+ } elseif ($post['serverport'] < 1 || $post['serverport'] > 65535) {
+ $input_errors[] = "You must enter a valid value for 'Server Port'.";
}
if (!preg_match("/\w+/", $post['hostname'])) {
- $input_errors[]='Hostname field is required.';
+ $input_errors[] = "Hostname field is required.";
}
if (!is_numericint($post['configfrequency'])) {
- $input_errors[]='Config Frequency is not numeric.';
+ $input_errors[] = "'Config Frequency' value is not numeric.";
}
}
}
-function sync_package_zabbix_proxy_lts(){
+function sync_package_zabbix_proxy_lts() {
global $config, $g;
conf_mount_rw();
- #check zabbix proxy config
- if (is_array($config['installedpackages']['zabbixproxylts'])){
+ // Check zabbix proxy config
+ if (is_array($config['installedpackages']['zabbixproxylts'])) {
$zbproxy_config = $config['installedpackages']['zabbixproxylts']['config'][0];
- if ($zbproxy_config['proxyenabled']=="on"){
- $Mode=(is_numericint($zbproxy_config['proxymode'])?$zbproxy_config['proxymode'] : 0);
- $AdvancedParams=base64_decode($zbproxy_config['advancedparams']);
-
+ if ($zbproxy_config['proxyenabled'] == "on") {
+ $Mode = (is_numericint($zbproxy_config['proxymode']) ? $zbproxy_config['proxymode'] : 0);
+ $AdvancedParams = base64_decode($zbproxy_config['advancedparams']);
+
$zbproxy_conf_file = <<< EOF
Server={$zbproxy_config['server']}
ServerPort={$zbproxy_config['serverport']}
@@ -114,7 +105,8 @@ DBName=/var/db/zabbix-proxy-lts/proxy.db
LogFile=/var/log/zabbix-proxy-lts/zabbix_proxy_lts.log
ConfigFrequency={$zbproxy_config['configfrequency']}
FpingLocation=/usr/local/sbin/fping
-#there's currently no fping6 (IPv6) dependency in the package, but if there was, the binary would likely also be in /usr/local/sbin
+# There's currently no fping6 (IPv6) dependency in the package,
+# but if there was, the binary would likely also be in /usr/local/sbin.
Fping6Location=/usr/local/sbin/fping6
ProxyMode={$Mode}
{$AdvancedParams}
@@ -130,24 +122,25 @@ EOF;
'kern.ipc.semmsl' => '250'
);
$sysctls = array();
- #check sysctl file values
+ // Check sysctl file values
$sc_file="";
if (file_exists("/etc/sysctl.conf")) {
$sc = file("/etc/sysctl.conf");
foreach ($sc as $line) {
list($sysk, $sysv) = explode("=", $line, 2);
- if (preg_match("/\w/",$line) && !array_key_exists($sysk, $want_sysctls))
- $sc_file.=$line;
+ if (preg_match("/\w/", $line) && !array_key_exists($sysk, $want_sysctls)) {
+ $sc_file .= $line;
}
+ }
}
- foreach ($want_sysctls as $ws=> $wv) {
+ foreach ($want_sysctls as $ws => $wv) {
$sc_file .= "{$ws}={$wv}\n";
- exec("/sbin/sysctl {$ws}={$wv}");
+ mwexec("/sbin/sysctl {$ws}={$wv}");
}
file_put_contents("/etc/sysctl.conf", $sc_file);
- #check bootloader values
- $lt_file="";
+ // Check bootloader values
+ $lt_file = "";
$want_tunables = array(
'kern.ipc.semopm' => '100',
'kern.ipc.semmni' => '128',
@@ -159,21 +152,23 @@ EOF;
$lt = file("/boot/loader.conf");
foreach ($lt as $line) {
list($tunable, $val) = explode("=", $line, 2);
- if (preg_match("/\w/",$line) && !array_key_exists($tunable, $want_tunables))
- $lt_file.=$line;
+ if (preg_match("/\w/", $line) && !array_key_exists($tunable, $want_tunables)) {
+ $lt_file .= $line;
+ }
}
}
foreach ($want_tunables as $wt => $wv) {
- $lt_file.= "{$wt}={$wv}\n";
+ $lt_file .= "{$wt}={$wv}\n";
}
file_put_contents("/boot/loader.conf", $lt_file);
- /*check startup script files*/
- /* create a few directories and ensure the sample files are in place */
- if (!is_dir(ZABBIX_PROXY_BASE . "/etc/zabbix22"))
- exec("/bin/mkdir -p " . ZABBIX_PROXY_BASE . "/etc/zabbix22");
+ // Check startup script files
+ // Create a few directories and ensure the sample files are in place
+ if (!is_dir(ZABBIX_PROXY_BASE . "/etc/zabbix22")) {
+ mwexec("/bin/mkdir -p " . ZABBIX_PROXY_BASE . "/etc/zabbix22");
+ }
- $dir_checks = <<< EOF
+ $dir_checks = <<< EOF
if [ ! -d /var/log/zabbix-proxy-lts ]; then
/bin/mkdir -p /var/log/zabbix-proxy-lts
@@ -195,7 +190,7 @@ EOF;
EOF;
- $pid_check = <<< EOF
+ $pid_check = <<< EOF
/bin/pgrep -anx zabbix_proxy 2>/dev/null
if [ "\$?" -eq "0" ]; then
@@ -204,33 +199,33 @@ EOF;
fi
EOF;
-
- $zproxy_rcfile="/usr/local/etc/rc.d/zabbix_proxy_lts.sh";
- if (is_array($zbproxy_config) && $zbproxy_config['proxyenabled']=="on"){
- $zproxy_start = strtr($dir_checks, array("\r" => ""));
+
+ $zproxy_rcfile = "/usr/local/etc/rc.d/zabbix_proxy_lts.sh";
+ if (is_array($zbproxy_config) && $zbproxy_config['proxyenabled'] == "on") {
+ $zproxy_start = strtr($dir_checks, array("\r" => ""));
$zproxy_start .= "\techo \"Starting Zabbix Proxy LTS\"...\n";
$zproxy_start .= "\t" . ZABBIX_PROXY_BASE . "/sbin/zabbix_proxy\n";
-
- $zproxy_stop = "echo \"Stopping Zabbix Proxy LTS\"\n";
+
+ $zproxy_stop = "echo \"Stopping Zabbix Proxy LTS\"\n";
$zproxy_stop .= "\t/usr/bin/killall zabbix_proxy\n";
$zproxy_stop .= "\t/bin/sleep 5\n";
$zproxy_stop .= strtr($pid_check, array("\r" => ""));
- /* write out rc.d start/stop file */
+ // write out rc.d start/stop file
write_rcfile(array(
"file" => "zabbix_proxy_lts.sh",
"start" => $zproxy_start,
"stop" => $zproxy_stop
)
);
- mwexec("{$zproxy_rcfile} restart");
- }else{
- if (file_exists($zproxy_rcfile)){
- mwexec("{$zproxy_rcfile} stop");
- unlink($zproxy_rcfile);
+ restart_service("zabbix_proxy_lts");
+ } else {
+ if (is_service_running("zabbix_proxy_lts")) {
+ stop_service("zabbix_proxy_lts");
}
+ unlink_if_exists($zproxy_rcfile);
}
-
+
conf_mount_ro();
}
diff --git a/config/zabbix-proxy-lts/zabbix-proxy-lts.xml b/config/zabbix-proxy-lts/zabbix-proxy-lts.xml
index 15111aa5..27092e59 100644
--- a/config/zabbix-proxy-lts/zabbix-proxy-lts.xml
+++ b/config/zabbix-proxy-lts/zabbix-proxy-lts.xml
@@ -1,54 +1,57 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
-<copyright>
+ <copyright>
<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- zabbix-proxy-lts.xml
- part of the Zabbix package for pfSense
- Copyright (C) 2013 Danilo G. Baio
- Copyright (C) 2013 Marcello Coutinho
-
- All rights reserved.
- */
-/* ========================================================================== */
+ zabbix-proxy-lts.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Danilo G. Baio
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
]]>
</copyright>
<name>zabbixproxylts</name>
<title>Services: Zabbix Proxy LTS</title>
<category>Monitoring</category>
- <version>0.8.5</version>
+ <version>0.8.6</version>
<include_file>/usr/local/pkg/zabbix-proxy-lts.inc</include_file>
<addedit_string>Zabbix Proxy has been created/modified.</addedit_string>
<delete_string>Zabbix Proxy has been deleted.</delete_string>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/zabbix-proxy-lts/zabbix-proxy-lts.inc</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<menu>
<name>Zabbix Proxy LTS</name>
@@ -60,7 +63,7 @@
<name>zabbix_proxy_lts</name>
<rcfile>zabbix_proxy_lts.sh</rcfile>
<executable>zabbix_proxy</executable>
- <description>Zabbix Proxy LTS collection daemon</description>
+ <description>Zabbix Proxy LTS Collection Daemon</description>
</service>
<tabs>
<tab>
@@ -69,6 +72,7 @@
<active />
</tab>
</tabs>
+ <advanced_options>enabled</advanced_options>
<fields>
<field>
<name>Zabbix Proxy LTS Settings</name>
@@ -77,31 +81,31 @@
<field>
<fielddescr>Enable</fielddescr>
<fieldname>proxyenabled</fieldname>
- <description>Enable Zabbix Proxy LTS service</description>
+ <description>Enable Zabbix Proxy LTS service.</description>
<type>checkbox</type>
</field>
<field>
<fielddescr>Server</fielddescr>
<fieldname>server</fieldname>
- <description>List of comma delimited IP addresses (or hostnames) of ZABBIX servers</description>
+ <description>List of comma delimited IP addresses (or hostnames) of ZABBIX servers.</description>
<default_value>127.0.0.1</default_value>
<type>input</type>
<size>60</size>
<required>true</required>
</field>
<field>
- <fielddescr>Server Port</fielddescr>
- <fieldname>serverport</fieldname>
- <description>Port of Zabbix trapper on Zabbix server. default value 10051</description>
- <default_value>10051</default_value>
- <type>input</type>
- <size>6</size>
- <required>true</required>
+ <fielddescr>Server Port</fielddescr>
+ <fieldname>serverport</fieldname>
+ <description>Port of Zabbix trapper on Zabbix server. (Default: 10051)</description>
+ <default_value>10051</default_value>
+ <type>input</type>
+ <size>6</size>
+ <required>true</required>
</field>
<field>
<fielddescr>Hostname</fielddescr>
<fieldname>hostname</fieldname>
- <description>Unique, case-sensitive proxy name. Make sure the proxy name is known to the server</description>
+ <description>Unique, case-sensitive proxy name. Make sure the proxy name is known to the server.</description>
<default_value>localhost</default_value>
<type>input</type>
<size>50</size>
@@ -110,7 +114,7 @@
<field>
<fielddescr>Proxy Mode</fielddescr>
<fieldname>proxymode</fieldname>
- <description>Select Zabbix proxy mode (Active is default)</description>
+ <description>Select Zabbix proxy mode (Default: Active)</description>
<type>select</type>
<default_value>0</default_value>
<options>
@@ -135,15 +139,20 @@
<type>textarea</type>
<rows>5</rows>
<cols>50</cols>
- <description>Advanced parameters. There are some rarely used parameters that sometimes need to be defined. Value has form, example: StartDiscoverers=10</description>
+ <description>Advanced parameters. There are some rarely used parameters that sometimes need to be defined. Example: StartDiscoverers=10</description>
+ <advancedfield/>
</field>
</fields>
- <custom_php_install_command>sync_package_zabbix_proxy_lts();</custom_php_install_command>
- <custom_php_command_before_form></custom_php_command_before_form>
- <custom_php_after_head_command></custom_php_after_head_command>
- <custom_php_after_form_command></custom_php_after_form_command>
- <custom_php_validation_command>validate_input_zabbix_proxy_lts($_POST, $input_errors);</custom_php_validation_command>
- <custom_add_php_command></custom_add_php_command>
- <custom_php_resync_config_command>sync_package_zabbix_proxy_lts();</custom_php_resync_config_command>
- <custom_php_deinstall_command>php_deinstall_zabbix_proxy_lts();</custom_php_deinstall_command>
+ <custom_php_install_command>
+ sync_package_zabbix_proxy_lts();
+ </custom_php_install_command>
+ <custom_php_validation_command>
+ validate_input_zabbix_proxy_lts($_POST, $input_errors);
+ </custom_php_validation_command>
+ <custom_php_resync_config_command>
+ sync_package_zabbix_proxy_lts();
+ </custom_php_resync_config_command>
+ <custom_php_deinstall_command>
+ php_deinstall_zabbix_proxy_lts();
+ </custom_php_deinstall_command>
</packagegui>
diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index af9bc952..abd6a714 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -39,7 +39,7 @@
</descr>
<website>http://www.asterisk.org/</website>
<category>Services</category>
- <version>0.3.1</version>
+ <version>0.3.2</version>
<status>Beta</status>
<required_version>2.2</required_version>
<config_file>https://packages.pfsense.org/packages/config/asterisk/asterisk.xml</config_file>
@@ -61,7 +61,7 @@
<descr>The most widely used name server software.</descr>
<website>http://www.isc.org/downloads/BIND/</website>
<category>Services</category>
- <version>0.3.9</version>
+ <version>0.4.0</version>
<status>RC</status>
<required_version>2.2</required_version>
<config_file>https://packages.pfsense.org/packages/config/bind/bind.xml</config_file>
@@ -96,7 +96,7 @@
<category>Diagnostics</category>
<pkginfolink>https://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink>
<config_file>https://packages.pfsense.org/packages/config/filemgr/filemgr.xml</config_file>
- <version>0.2.0</version>
+ <version>0.2.1</version>
<status>Beta</status>
<required_version>2.2</required_version>
<maintainer>tom@tomschaefer.org</maintainer>
@@ -143,7 +143,7 @@
</descr>
<website>http://haproxy.1wt.eu/</website>
<category>Services</category>
- <version>0.28</version>
+ <version>0.29</version>
<status>Release</status>
<required_version>2.2</required_version>
<config_file>https://packages.pfsense.org/packages/config/haproxy1_5/haproxy.xml</config_file>
@@ -388,14 +388,14 @@
<category>Security</category>
<run_depends>bin/snort:security/snort</run_depends>
<port_category>security</port_category>
- <depends_on_package_pbi>snort-2.9.7.3-##ARCH##.pbi</depends_on_package_pbi>
+ <depends_on_package_pbi>snort-2.9.7.5-##ARCH##.pbi</depends_on_package_pbi>
<build_pbi>
<port>security/snort</port>
<ports_after>security/barnyard2</ports_after>
</build_pbi>
<build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET_FORCE=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET_FORCE=BARNYARD PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET_FORCE=PULLEDPORK FILEINSPECT HA</build_options>
<config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file>
- <version>3.2.6</version>
+ <version>3.2.8</version>
<required_version>2.2</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
@@ -546,7 +546,7 @@
<build_pbi>
<port>net/siproxd</port>
</build_pbi>
- <version>1.0.5</version>
+ <version>1.0.6</version>
<status>Beta</status>
<required_version>2.2</required_version>
<configurationfile>siproxd.xml</configurationfile>
@@ -633,7 +633,7 @@
<config_file>https://packages.pfsense.org/packages/config/ipguard/ipguard.xml</config_file>
<pkginfolink>https://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink>
<depends_on_package_pbi>ipguard-1.04_2-##ARCH##.pbi</depends_on_package_pbi>
- <version>0.1</version>
+ <version>0.1.1</version>
<status>beta</status>
<required_version>2.2</required_version>
<configurationfile>ipguard.xml</configurationfile>
@@ -814,7 +814,7 @@
<descr>Network UPS Tools.</descr>
<website>http://www.networkupstools.org/</website>
<category>Network Management</category>
- <version>2.0.7</version>
+ <version>2.0.8</version>
<status>BETA</status>
<required_version>2.2</required_version>
<maintainer>rswagoner@gmail.com</maintainer>
@@ -1052,7 +1052,7 @@
<pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink>
<website>http://www.squid-cache.org/</website>
<category>Network</category>
- <version>0.2.8</version>
+ <version>0.2.9</version>
<status>beta</status>
<required_version>2.2</required_version>
<maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer>
@@ -1123,7 +1123,7 @@
<build_pbi>
<port>net-mgmt/arpwatch</port>
</build_pbi>
- <version>1.1.3</version>
+ <version>1.1.4</version>
<status>ALPHA</status>
<required_version>2.2</required_version>
<config_file>https://packages.pfsense.org/packages/config/arpwatch/arpwatch.xml</config_file>
@@ -1523,7 +1523,7 @@
<website>http://www.zabbix.com/product.php</website>
<category>Services</category>
<config_file>https://packages.pfsense.org/packages/config/zabbix-agent-lts/zabbix-agent-lts.xml</config_file>
- <version>0.8.5</version>
+ <version>0.8.6</version>
<status>BETA</status>
<required_version>2.2</required_version>
<configurationfile>zabbix-agent-lts.xml</configurationfile>
@@ -1550,7 +1550,7 @@
<website>http://www.zabbix.com/product.php</website>
<category>Services</category>
<config_file>https://packages.pfsense.org/packages/config/zabbix-proxy-lts/zabbix-proxy-lts.xml</config_file>
- <version>0.8.5</version>
+ <version>0.8.6</version>
<status>BETA</status>
<required_version>2.2</required_version>
<configurationfile>zabbix-proxy-lts.xml</configurationfile>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index ce02021b..4b02bcdd 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -166,7 +166,7 @@
Supports ACLs for smart backend switching.]]></descr>
<website>http://haproxy.1wt.eu/</website>
<category>Services</category>
- <version>1.5.3 pkg v 0.27</version>
+ <version>1.5.3 pkg v 0.29</version>
<status>Release</status>
<required_version>2.1</required_version>
<config_file>https://packages.pfsense.org/packages/config/haproxy1_5/haproxy.xml</config_file>
@@ -472,7 +472,7 @@
</build_pbi>
<build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS</build_options>
<config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file>
- <version>2.9.7.2 pkg v3.2.4</version>
+ <version>2.9.7.2 pkg v3.2.5</version>
<required_version>2.1</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 9751fe3e..e93af0be 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -153,7 +153,7 @@
Supports ACLs for smart backend switching.]]></descr>
<website>http://haproxy.1wt.eu/</website>
<category>Services</category>
- <version>1.5.3 pkg v 0.27</version>
+ <version>1.5.3 pkg v 0.29</version>
<status>Release</status>
<required_version>2.1</required_version>
<config_file>https://packages.pfsense.org/packages/config/haproxy1_5/haproxy.xml</config_file>
@@ -459,7 +459,7 @@
</build_pbi>
<build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;snort_SET=PERFPROFILE SOURCEFIRE GRE IPV6 NORMALIZER APPID;snort_UNSET=PULLEDPORK FILEINSPECT HA;perl_SET=THREADS</build_options>
<config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file>
- <version>2.9.7.2 pkg v3.2.4</version>
+ <version>2.9.7.2 pkg v3.2.5</version>
<required_version>2.1</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>