diff options
Diffstat (limited to 'config/Fit123/bin/ltsp/services.inc')
| -rw-r--r-- | config/Fit123/bin/ltsp/services.inc | 1320 |
1 files changed, 0 insertions, 1320 deletions
diff --git a/config/Fit123/bin/ltsp/services.inc b/config/Fit123/bin/ltsp/services.inc deleted file mode 100644 index f999868a..00000000 --- a/config/Fit123/bin/ltsp/services.inc +++ /dev/null @@ -1,1320 +0,0 @@ -<?php -/* $Id$ */ -/* - services.inc - part of m0n0wall (http://m0n0.ch/wall) - - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* include all configuration functions */ -require_once("functions.inc"); - -function load_balancer_use_sticky() { - global $config, $g; - if (isset ($config['system']['lb_use_sticky'])) - touch("/var/etc/use_pf_pool__stickyaddr"); - else - unlink_if_exists("/var/etc/use_pf_pool__stickyaddr"); -} - -function services_dhcpd_configure() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dhcpd_configure($if) being called $mt\n"; - } - - /* if OLSRD is enabled, allow WAN to house DHCP. */ - if($config['installedpackages']['olsrd']) - foreach($config['installedpackages']['olsrd']['config'] as $olsrd) - if($olsrd['enable']) - $is_olsr_enabled = true; - - /* configure DHCPD chroot */ - $fd = fopen("/tmp/dhcpd.sh","w"); - $status = `mount | grep "{$g['dhcpd_chroot_path']}/dev"`; - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n"); - fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n"); - fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n"); - fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n"); - fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n"); - if(!trim($status)) - fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n"); - fclose($fd); - mwexec("/bin/sh /tmp/dhcpd.sh"); - - /* kill any running dhcpd */ - if(is_process_running("dhcpd")) - mwexec("killall dhcpd", true); - - $syscfg = $config['system']; - $dhcpdcfg = $config['dhcpd']; - - /* DHCP enabled on any interfaces? */ - $dhcpdenable = false; - if(is_array($dhcpdcfg)) - foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) { - if (isset($dhcpifconf['enable']) && - (($dhcpif == "lan") || - (isset($config['interfaces'][$dhcpif]['enable']) && - $config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge'])))) - $dhcpdenable = true; - if (isset($dhcpifconf['enable']) && - (($dhcpif == "wan") || (isset($config['interfaces'][$dhcpif]['enable']) && - $config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge'])))) - $dhcpdenable = true; - } - - if (!$dhcpdenable) - return 0; - - if ($g['booting']) - echo "Starting DHCP service..."; - else - sleep(1); - - /* write dhcpd.conf */ - $fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w"); - if (!$fd) { - printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n"); - return 1; - } - - - - $dhcpdconf = <<<EOD -option domain-name "{$syscfg['domain']}"; -default-lease-time 7200; -max-lease-time 86400; -authoritative; -log-facility local7; -ddns-update-style none; -one-lease-per-client true; -deny duplicates; - -EOD; - - $dhcpdifs = array(); - - /* loop through and deterimine if we need to setup - * failover peer "bleh" entries - */ - $dhcpnum = 0; - foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) { - if($dhcpifconf['failover_peerip'] <> "") { - /* - * yep, failover peer is defined. - * does it match up to a defined vip? - */ - $skew = 110; - $a_vip = &$config['virtualip']['vip']; - if(is_array($a_vip)) { - foreach ($a_vip as $vipent) { - $int = guess_interface_from_ip($dhcpifconf['failover_peerip']); - $intip = find_interface_ip($int); - $real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif); - if($int == $real_dhcpif) { - /* this is the interface! */ - if($vipent['advskew'] < "20") - $skew = 0; - } - } - } else { - log_error("Warning! DHCP Failover setup and no CARP virtual IP's defined!"); - } - if($skew > 10) { - $type = "secondary"; - $dhcpdconf_pri = "mclt 600;\n"; - $my_port = "520"; - $peer_port = "519"; - } else { - $my_port = "519"; - $peer_port = "520"; - $type = "primary"; - $dhcpdconf_pri = "split 128;\n"; - $dhcpdconf_pri .= " mclt 600;\n"; - } - $dhcpdconf .= <<<EOPP -failover peer "dhcp{$dhcpnum}" { - {$type}; - address {$intip}; - port {$my_port}; - peer address {$dhcpifconf['failover_peerip']}; - peer port {$peer_port}; - max-response-delay 10; - max-unacked-updates 10; - {$dhcpdconf_pri} - load balance max seconds 3; -} - -EOPP; - $dhcpnum++; - } - } - - $dhcpnum = 0; - - foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) { - - $ifcfg = $config['interfaces'][$dhcpif]; - - if (!isset($dhcpifconf['enable']) || - ($ifcfg['ipaddr'] == "dhcp") || - (($dhcpif != "lan") && - (!isset($ifcfg['enable']) || !$ifcfg['if'] || $ifcfg['bridge']))) - continue; - - if($dhcpif == "lan" && $ifcfg['bridge']) - log_error("NOTE: DHCP Server on LAN is enabled."); - - $subnet = gen_subnet($ifcfg['ipaddr'], $ifcfg['subnet']); - $subnetmask = gen_subnet_mask($ifcfg['subnet']); - - if($is_olsr_enabled == true) - if($dhcpifconf['netmask']) - $subnetmask = gen_subnet_mask($dhcpifconf['netmask']); - - $dnscfg = ""; - - if ($dhcpifconf['domain']) { - $dnscfg .= " option domain-name \"{$dhcpifconf['domain']}\";\n"; - } - if (isset($dhcpifconf['ddnsupdate'])) { - if($dhcpifconf['ddnsdomain'] <> "") { - $dnscfg .= " ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n"; - } - $dnscfg .= " ddns-update-style interim;\n"; - } - - - if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) { - $dnscfg .= " option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";"; - } else if (isset($config['dnsmasq']['enable'])) { - $dnscfg .= " option domain-name-servers " . $ifcfg['ipaddr'] . ";"; - } else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) { - $dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";"; - } - - $dhcpdconf .= "subnet $subnet netmask $subnetmask {\n"; - $dhcpdconf .= " pool {\n"; - - /* is failover dns setup? */ - if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") { - $dhcpdconf .= " option domain-name-servers {$dhcpifconf['dnsserver'][0]}"; - if($dhcpifconf['dnsserver'][1] <> "") - $dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}"; - $dhcpdconf .= ";\n"; - } - - if($dhcpifconf['failover_peerip'] <> "") - $dhcpdconf .= " deny dynamic bootp clients;\n"; - - if (isset($dhcpifconf['denyunknown'])) - $dhcpdconf .= " deny unknown clients;\n"; - - if ($dhcpifconf['gateway']) - $routers = $dhcpifconf['gateway']; - else - $routers = $ifcfg['ipaddr']; - - if($dhcpifconf['failover_peerip'] <> "") { - $dhcpdconf .= " failover peer \"dhcp{$dhcpnum}\";\n"; - $dhcpnum++; - } - - $dhcpdconf .= <<<EOD - range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']}; - } - option routers {$routers}; -$dnscfg - -EOD; - - if ($dhcpifconf['defaultleasetime']) - $dhcpdconf .= " default-lease-time {$dhcpifconf['defaultleasetime']};\n"; - if ($dhcpifconf['maxleasetime']) - $dhcpdconf .= " max-lease-time {$dhcpifconf['maxleasetime']};\n"; - - if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) { - $dhcpdconf .= " option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n"; - $dhcpdconf .= " option netbios-node-type 8;\n"; - } - - if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0]) - $dhcpdconf .= " option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n"; - - if(isset($dhcpifconf['netboot'])) { - if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) { - $dhcpdconf .= " next-server {$dhcpifconf['next-server']};\n"; - $dhcpdconf .= " filename \"{$dhcpifconf['filename']}\";\n"; - } - if ($dhcpifconf['rootpath'] <> "") { - $dhcpdconf .= " option root-path \"{$dhcpifconf['rootpath']}\";\n"; - } - } - $dhcpdconf .= <<<EOD -} - -EOD; - - /* add static mappings */ - if (is_array($dhcpifconf['staticmap'])) { - - $i = 0; - foreach ($dhcpifconf['staticmap'] as $sm) { - $dhcpdconf .= <<<EOD -host s_{$dhcpif}_{$i} { - hardware ethernet {$sm['mac']}; - -EOD; - if ($sm['ipaddr']) - $dhcpdconf .= " fixed-address {$sm['ipaddr']};\n"; - - $dhcpdconf .= "}\n"; - $i++; - } - } - - $dhcpdifs[] = $ifcfg['if']; - } - - fwrite($fd, $dhcpdconf); - fclose($fd); - - /* create an empty leases database */ - touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); - - /* fire up dhcpd in a chroot */ - mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf {$g['dhcpd_chroot_path']}/etc/dhcpd.conf " . - join(" ", $dhcpdifs)); - - if ($g['booting']) { - print "done.\n"; - } - - return 0; -} - -function interfaces_staticarp_configure($if) { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "interfaces_staticarp_configure($if) being called $mt\n"; - } - - $ifcfg = $config['interfaces'][$if]; - - /* Enable staticarp, if enabled */ - if(isset($config['dhcpd'][$if]['staticarp'])) { - mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " ); - mwexec("/usr/sbin/arp -ad > /dev/null 2>&1 "); - if (is_array($config['dhcpd'][$if]['staticmap'])) { - - foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) { - mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac'])); - log_error("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac'])); - } - - } - } else { - mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " ); - mwexec("/usr/sbin/arp -da > /dev/null 2>&1 "); - } - - return 0; -} - -function services_dhcrelay_configure() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dhcrelay_configure() being called $mt\n"; - } - - /* kill any running dhcrelay */ - killbypid("{$g['varrun_path']}/dhcrelay.pid"); - - $dhcrelaycfg = $config['dhcrelay']; - - /* DHCPRelay enabled on any interfaces? */ - $dhcrelayenable = false; - if(is_array($dhcrelaycfg)) { - foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) { - if (isset($dhcrelayifconf['enable']) && - (($dhcrelayif == "lan") || - (isset($config['interfaces'][$dhcrelayif]['enable']) && - $config['interfaces'][$dhcrelayif]['if'] && (!$config['interfaces'][$dhcrelayif]['bridge'])))) - $dhcrelayenable = true; - } - } - - if (!$dhcrelayenable) - return 0; - - if ($g['booting']) - echo "Starting DHCP relay service..."; - else - sleep(1); - - $dhcrelayifs = array(); - foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) { - - $ifcfg = $config['interfaces'][$dhcrelayif]; - - if (!isset($dhcrelayifconf['enable']) || - (($dhcrelayif != "lan") && - (!isset($ifcfg['enable']) || !$ifcfg['if'] || $ifcfg['bridge']))) - continue; - - $dhcrelayifs[] = $ifcfg['if']; - } - - /* In order for the relay to work, it needs to be active on the - interface in which the destination server sits */ - foreach ($config['interfaces'] as $ifname) { - $subnet = $ifname['ipaddr'] . "/" . $ifname['subnet']; - if (ip_in_subnet($dhcrelaycfg['server'],$subnet)) - $destif = $ifname['if']; - } - - if (!isset($destif)) - $destif = $config['interfaces']['wan']['if']; - - $dhcrelayifs[] = $destif; - $dhcrelayifs = array_unique($dhcrelayifs); - - /* fire up dhcrelay */ - $cmd = "/usr/local/sbin/dhcrelay -i " . join(" -i ", $dhcrelayifs); - - if (isset($dhcrelaycfg['agentoption'])) - $cmd .= " -a -m replace"; - - $cmd .= " {$dhcrelaycfg['server']}"; - mwexec($cmd); - - if (!$g['booting']) { - /* set the reload filter dity flag */ - touch("{$g['tmp_path']}/filter_dirty"); - } - - return 0; -} - -function services_dyndns_reset() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dyndns_reset() being called $mt\n"; - } - - if (file_exists("{$g['vardb_path']}/ez-ipupdate.cache")) { - conf_mount_rw(); - unlink("{$g['vardb_path']}/ez-ipupdate.cache"); - conf_mount_ro(); - } - - if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) { - conf_mount_rw(); - unlink("{$g['conf_path']}/ez-ipupdate.cache"); - conf_mount_ro(); - } - - if (file_exists("{$g['conf_path']}/dyndns.cache")) { - conf_mount_rw(); - unlink("{$g['conf_path']}/dyndns.cache"); - conf_mount_ro(); - } - - return 0; -} - -function services_dyndns_configure() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dyndns_configure() being called $mt\n"; - } - - $dyndnscfg = $config['dyndns']; - $wancfg = $config['interfaces']['wan']; - - if (isset($dyndnscfg['enable'])) { - - if ($g['booting']) { - echo "Starting DynDNS client..."; - if(isset($config['system']['use_old_dyndns'])) { - echo " [Using ez-ipupdate] "; - services_dyndns_configure_old(); - return; - } - } else { - sleep(1); - if(isset($config['system']['use_old_dyndns'])) { - services_dyndns_configure_old(); - return; - } - } - - /* load up the dyndns.class */ - require_once("dyndns.class"); - - log_error("DynDns: Running updatedns()"); - - /* determine WAN interface name */ - $wanif = get_real_wan_interface(); - /* get ip */ - $ip = find_interface_ip($wanif); - - $dns = new updatedns($dnsService = $config['dyndns']['type'], - $dnsHost = $config['dyndns']['host'], - $dnsUser = $config['dyndns']['username'], - $dnsPass = $config['dyndns']['password'], - $dnsWilcard = $config['dyndns']['wildcard'], - $dnsMX = $config['dyndns']['mx']); - - if ($g['booting']) - echo "done.\n"; - } - - return 0; -} - -function services_dyndns_configure_old() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dyndns_configure_old() being called $mt\n"; - } - - /* kill any running ez-ipupdate */ - /* ez-ipupdate needs SIGQUIT instead of SIGTERM */ - sigkillbypid("{$g['varrun_path']}/ez-ipupdate.pid", "QUIT"); - - $dyndnscfg = $config['dyndns']; - $wancfg = $config['interfaces']['wan']; - - if (isset($dyndnscfg['enable'])) { - - if ($g['booting']) - echo "Starting DynDNS client..."; - else - sleep(1); - - /* determine WAN interface name */ - $wanif = get_real_wan_interface(); - - /* write ez-ipupdate.conf */ - $fd = fopen("{$g['varetc_path']}/ez-ipupdate.conf", "w"); - if (!$fd) { - printf("Error: cannot open ez-ipupdate.conf in services_dyndns_configure().\n"); - return 1; - } - - $ezipupdateconf = <<<EOD -service-type={$dyndnscfg['type']} -user={$dyndnscfg['username']}:{$dyndnscfg['password']} -host={$dyndnscfg['host']} -interface={$wanif} -max-interval=2073600 -pid-file={$g['varrun_path']}/ez-ipupdate.pid -cache-file={$g['vardb_path']}/ez-ipupdate.cache -execute=/etc/rc.dyndns.storecache -daemon - -EOD; - - /* enable server[:port]? */ - if ($dyndnscfg['server']) { - if ($dyndnscfg['port']) - $ezipupdateconf .= "server={$dyndnscfg['server']}:{$dyndnscfg['port']}\n"; - else - $ezipupdateconf .= "server={$dyndnscfg['server']}\n"; - } - - /* enable MX? */ - if ($dyndnscfg['mx']) { - $ezipupdateconf .= "mx={$dyndnscfg['mx']}\n"; - } - - /* enable wildcards? */ - if (isset($dyndnscfg['wildcard'])) { - $ezipupdateconf .= "wildcard\n"; - } - - fwrite($fd, $ezipupdateconf); - fclose($fd); - - /* if we're booting, copy the cache file from /conf */ - if ($g['booting']) { - if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) { - copy("{$g['conf_path']}/ez-ipupdate.cache", "{$g['vardb_path']}/ez-ipupdate.cache"); - } - } - - /* run ez-ipupdate */ - mwexec("/usr/local/bin/ez-ipupdate -c {$g['varetc_path']}/ez-ipupdate.conf"); - - if ($g['booting']) - echo "done\n"; - } - - return 0; -} - -function services_dnsmasq_configure() { - global $config, $g; - $return = 0; - - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dnsmasq_configure() being called $mt\n"; - } - - /* kill any running dnsmasq */ - sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM"); - - if (isset($config['dnsmasq']['enable'])) { - - if ($g['booting']) - echo "Starting DNS forwarder..."; - else - sleep(1); - - /* generate hosts file */ - if(system_hosts_generate()!=0) - $return = 1; - - $args = ""; - - if (isset($config['dnsmasq']['regdhcp'])) { - - $args .= " -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases" . - " -s {$config['system']['domain']}"; - } - - if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { - foreach($config['dnsmasq']['domainoverrides'] as $override) { - $args .= ' --server=/' . $override['domain'] . '/' . $override['ip']; - } - } - - /* suppose that dnsmasq handles our domain and don't send - requests for our local domain to upstream servers */ - //if (!empty($config['system']['domain'])) { - // $args .= sprintf(' --local=/%s/', $config['system']['domain']); - //} - - /* run dnsmasq */ - mwexec("/usr/local/sbin/dnsmasq --all-servers {$args}"); - - if ($g['booting']) - echo "done.\n"; - } - - if (!$g['booting']) { - if(services_dhcpd_configure()!=0) - $return = 1; - } - - return $return; -} - -function services_snmpd_configure() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_snmpd_configure() being called $mt\n"; - } - - /* kill any running snmpd */ - sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM"); - if(is_process_running("bsnmpd")) - mwexec("/usr/bin/killall bsnmpd", true); - - if (isset($config['snmpd']['enable'])) { - - if ($g['booting']) - echo "Starting SNMP daemon... "; - - /* generate snmpd.conf */ - $fd = fopen("{$g['varetc_path']}/snmpd.conf", "w"); - if (!$fd) { - printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n"); - return 1; - } - - - $snmpdconf = <<<EOD -location := "{$config['snmpd']['syslocation']}" -contact := "{$config['snmpd']['syscontact']}" -read := "{$config['snmpd']['rocommunity']}" - -EOD; - -/* No docs on what write strings do there for disable for now. - if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){ - $snmpdconf .= <<<EOD -# write string -write := "{$config['snmpd']['rwcommunity']}" - -EOD; - } -*/ - - - if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){ - $snmpdconf .= <<<EOD -# SNMP Trap support. -traphost := {$config['snmpd']['trapserver']} -trapport := {$config['snmpd']['trapserverport']} -trap := "{$config['snmpd']['trapstring']}" - - -EOD; - } - - - $snmpdconf .= <<<EOD -system := 1 # pfSense -%snmpd -begemotSnmpdDebugDumpPdus = 2 -begemotSnmpdDebugSyslogPri = 7 -begemotSnmpdCommunityString.0.1 = $(read) - -EOD; - -/* No docs on what write strings do there for disable for now. - if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){ - $snmpdconf .= <<<EOD -begemotSnmpdCommunityString.0.2 = $(write) - -EOD; - } -*/ - - - if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){ - $snmpdconf .= <<<EOD -begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4 -begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2 -begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap) - -EOD; - } - - - $snmpdconf .= <<<EOD -begemotSnmpdCommunityDisable = 1 - -EOD; - - if(isset($config['snmpd']['bindlan'])) { - $bind_to_ip = $config['interfaces']['lan']['ipaddr']; - } else { - $bind_to_ip = "0.0.0.0"; - } - - if(is_port( $config['snmpd']['pollport'] )) { - $snmpdconf .= <<<EOD -begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1 - -EOD; - - } - - $snmpdconf .= <<<EOD -begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1 -begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4 - -# These are bsnmp macros not php vars. -sysContact = $(contact) -sysLocation = $(location) -sysObjectId = 1.3.6.1.4.1.12325.1.1.2.1.$(system) - -snmpEnableAuthenTraps = 2 - -EOD; - - if (is_array( $config['snmpd']['modules'] )) { - if(isset($config['snmpd']['modules']['mibii'])) { - $snmpdconf .= <<<EOD -begemotSnmpdModulePath."mibII" = "/usr/lib/snmp_mibII.so" - -EOD; - } - - if(isset($config['snmpd']['modules']['netgraph'])) { - $snmpdconf .= <<<EOD -begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so" -%netgraph -begemotNgControlNodeName = "snmpd" - -EOD; - } - - if(isset($config['snmpd']['modules']['pf'])) { - $snmpdconf .= <<<EOD -begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so" - -EOD; - } - - if(isset($config['snmpd']['modules']['hostres'])) { - $snmpdconf .= <<<EOD -begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so" - -EOD; - } - if(isset($config['snmpd']['modules']['bridge'])) { - $snmpdconf .= <<<EOD -begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so" -# config must end with blank line - - -EOD; - } - } - - fwrite($fd, $snmpdconf); - fclose($fd); - - if (isset($config['snmpd']['bindlan'])) { - $bindlan = ""; - } - - /* run bsnmpd */ - mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" . - "{$bindlan} -p {$g['varrun_path']}/snmpd.pid"); - - if ($g['booting']) - echo "done.\n"; - } - - return 0; -} - -function services_proxyarp_configure() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_proxyarp_configure() being called $mt\n"; - } - - /* kill any running choparp */ - killbyname("choparp"); - - if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) { - $paa = array(); - - /* group by interface */ - foreach ($config['virtualip']['vip'] as $vipent) { - if ($vipent['mode'] === "proxyarp") { - if ($vipent['interface']) - $if = $vipent['interface']; - else - $if = "wan"; - - if (!is_array($paa[$if])) - $paa[$if] = array(); - - $paa[$if][] = $vipent; - } - } - - if (count($paa)) - foreach ($paa as $paif => $paents) { - if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) || - ($config['interfaces']['wan']['ipaddr'] == "dhcp") || - ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) - continue; - - $args = $config['interfaces'][$paif]['if'] . " auto"; - - foreach ($paents as $paent) { - - if (isset($paent['subnet'])) - $args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}"); - else if (isset($paent['range'])) - $args .= " " . escapeshellarg($paent['range']['from'] . "-" . - $paent['range']['to']); - } - - mwexec_bg("/usr/local/sbin/choparp " . $args); - } - } -} - -function services_dnsupdate_process() { - global $config, $g; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "services_dnsupdate_process() being called $mt\n"; - } - - /* Dynamic DNS updating active? */ - if (isset($config['dnsupdate']['enable'])) { - - $wanip = get_current_wan_address(); - if ($wanip) { - - $keyname = $config['dnsupdate']['keyname']; - /* trailing dot */ - if (substr($keyname, -1) != ".") - $keyname .= "."; - - $hostname = $config['dnsupdate']['host']; - /* trailing dot */ - if (substr($hostname, -1) != ".") - $hostname .= "."; - - /* write private key file - this is dumb - public and private keys are the same for HMAC-MD5, - but nsupdate insists on having both */ - $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w"); - $privkey .= <<<EOD -Private-key-format: v1.2 -Algorithm: 157 (HMAC) -Key: {$config['dnsupdate']['keydata']} - -EOD; - fwrite($fd, $privkey); - fclose($fd); - - /* write public key file */ - if ($config['dnsupdate']['keytype'] == "zone") { - $flags = 257; - $proto = 3; - } else if ($config['dnsupdate']['keytype'] == "host") { - $flags = 513; - $proto = 3; - } else if ($config['dnsupdate']['keytype'] == "user") { - $flags = 0; - $proto = 2; - } - - $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w"); - fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n"); - fclose($fd); - - /* generate update instructions */ - $upinst = ""; - if ($config['dnsupdate']['server']) - $upinst .= "server {$config['dnsupdate']['server']}\n"; - $upinst .= "update delete {$config['dnsupdate']['host']} A\n"; - $upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n"; - $upinst .= "\n"; /* mind that trailing newline! */ - - $fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w"); - fwrite($fd, $upinst); - fclose($fd); - - /* invoke nsupdate */ - $cmd = "/usr/bin/nsupdate -k {$g['varetc_path']}/K{$keyname}+157+00000.key"; - if (isset($config['dnsupdate']['usetcp'])) - $cmd .= " -v"; - $cmd .= " {$g['varetc_path']}/nsupdatecmds"; - - mwexec_bg($cmd); - } - } - - return 0; -} - -function setup_wireless_olsr() { - global $config, $g; - if(!$config['installedpackages']['olsrd'] || !$config['installedpackages']) - return; - if(isset($config['system']['developerspew'])) { - $mt = microtime(); - echo "setup_wireless_olsr($interface) being called $mt\n"; - } - conf_mount_rw(); - foreach($config['installedpackages']['olsrd']['config'] as $olsrd) { - $olsr_enable = $olsrd['enable']; - if($olsr_enable <> "on") - return; - $fd = fopen("{$g['varetc_path']}/olsr.conf", "w"); - - if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") { - $enableannounce .= "\nHna4\n"; - $enableannounce .= "{\n"; - if($olsrd['announcedynamicroute']) - $enableannounce .= "\t{$olsrd['announcedynamicroute']}\n"; - if($olsrd['enableannounce'] == "on") - $enableannounce .= "0.0.0.0 0.0.0.0"; - $enableannounce .= "\n}\n"; - } else { - $enableannounce = ""; - } - - $olsr .= <<<EODA -# -# olsr.org OLSR daemon config file -# -# Lines starting with a # are discarded -# -# This file was generated by setup_wireless_olsr() in services.inc -# - -# This file is an example of a typical -# configuration for a mostly static -# network(regarding mobility) using -# the LQ extention - -# Debug level(0-9) -# If set to 0 the daemon runs in the background - -DebugLevel 2 - -# IP version to use (4 or 6) - -IpVersion 4 - -# Clear the screen each time the internal state changes - -ClearScreen yes - -{$enableannounce} - -# Should olsrd keep on running even if there are -# no interfaces available? This is a good idea -# for a PCMCIA/USB hotswap environment. -# "yes" OR "no" - -AllowNoInt yes - -# TOS(type of service) value for -# the IP header of control traffic. -# If not set it will default to 16 - -#TosValue 16 - -# The fixed willingness to use(0-7) -# If not set willingness will be calculated -# dynamically based on battery/power status -# if such information is available - -#Willingness 4 - -# Allow processes like the GUI front-end -# to connect to the daemon. - -IpcConnect -{ - # Determines how many simultaneously - # IPC connections that will be allowed - # Setting this to 0 disables IPC - - MaxConnections 0 - - # By default only 127.0.0.1 is allowed - # to connect. Here allowed hosts can - # be added - - Host 127.0.0.1 - #Host 10.0.0.5 - - # You can also specify entire net-ranges - # that are allowed to connect. Multiple - # entries are allowed - - #Net 192.168.1.0 255.255.255.0 -} - -# Wether to use hysteresis or not -# Hysteresis adds more robustness to the -# link sensing but delays neighbor registration. -# Used by default. 'yes' or 'no' - -UseHysteresis no - -# Hysteresis parameters -# Do not alter these unless you know -# what you are doing! -# Set to auto by default. Allowed -# values are floating point values -# in the interval 0,1 -# THR_LOW must always be lower than -# THR_HIGH. - -#HystScaling 0.50 -#HystThrHigh 0.80 -#HystThrLow 0.30 - - -# Link quality level -# 0 = do not use link quality -# 1 = use link quality for MPR selection -# 2 = use link quality for MPR selection and routing -# Defaults to 0 - -LinkQualityLevel {$olsrd['enablelqe']} - -# Link quality window size -# Defaults to 10 - -LinkQualityWinSize 10 - -# Polling rate in seconds(float). -# Default value 0.05 sec - -Pollrate 0.05 - - -# TC redundancy -# Specifies how much neighbor info should -# be sent in TC messages -# Possible values are: -# 0 - only send MPR selectors -# 1 - send MPR selectors and MPRs -# 2 - send all neighbors -# -# defaults to 0 - -TcRedundancy 2 - -# -# MPR coverage -# Specifies how many MPRs a node should -# try select to reach every 2 hop neighbor -# -# Can be set to any integer >0 -# -# defaults to 1 - -MprCoverage 3 - -# Example plugin entry with parameters: - -EODA; - -if($olsrd['enablehttpinfo'] == "on") { - $olsr .= <<<EODB - -LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1" -{ - PlParam "port" "{$olsrd['port']}" - PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}" -} - -EODB; - -} - -if($olsrd['enabledsecure'] == "on") { - $olsr .= <<<EODC - -LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5" -{ - PlParam "Keyfile" "/usr/local/etc/olsrkey.txt" -} - -EODC; - -} - -if($olsrd['enabledyngw'] == "on") { - - /* unset default route, olsr auto negotiates */ - mwexec("/sbin/route delete default"); - - $olsr .= <<<EODE - -LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4" -{ - # how often to look for a inet gw, in seconds - # defaults to 5 secs, if commented out - PlParam "Interval" "{$olsrd['polling']}" - - # if one or more IPv4 addresses are given, do a ping on these in - # descending order to validate that there is not only an entry in - # routing table, but also a real internet connection. If any of - # these addresses could be pinged successfully, the test was - # succesful, i.e. if the ping on the 1st address was successful,the - # 2nd won't be pinged - PlParam "Ping" "{$olsrd['ping']}" - #PlParam "HNA" "192.168.81.0 255.255.255.0" -} - -EODE; - -} - -foreach($config['installedpackages']['olsrd']['config'] as $conf) { - $interfaces = explode(',', $conf['iface_array']); - foreach($interfaces as $interface) { - $realinterface = convert_friendly_interface_to_real_interface_name($interface); -$olsr .= <<<EODAD -Interface "{$realinterface}" -{ - - # Hello interval in seconds(float) - HelloInterval 2.0 - - # HELLO validity time - HelloValidityTime 20.0 - - # TC interval in seconds(float) - TcInterval 5.0 - - # TC validity time - TcValidityTime 30.0 - - # MID interval in seconds(float) - MidInterval 5.0 - - # MID validity time - MidValidityTime 30.0 - - # HNA interval in seconds(float) - HnaInterval 5.0 - - # HNA validity time - HnaValidityTime 30.0 - - # When multiple links exist between hosts - # the weight of interface is used to determine - # the link to use. Normally the weight is - # automatically calculated by olsrd based - # on the characteristics of the interface, - # but here you can specify a fixed value. - # Olsrd will choose links with the lowest value. - - # Weight 0 - - -} - -EODAD; - - } - break; -} - fwrite($fd, $olsr); - fclose($fd); - } - - if(is_process_running("olsrd")) - mwexec("/usr/bin/killall olsrd", true); - - sleep(2); - - mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf"); - - conf_mount_ro(); -} - -/* configure cron service */ -function configure_cron() { - global $g, $config; - conf_mount_rw(); - /* preserve existing crontab entries */ - $crontab_contents = file_get_contents("/etc/crontab"); - $crontab_contents_a = split("\n", $crontab_contents); - - for ($i = 0; $i < count($crontab_contents_a); $i++) { - $item =& $crontab_contents_a[$i]; - if (strpos($item, "# pfSense specific crontab entries") !== false) { - array_splice($crontab_contents_a, $i - 1); - break; - } - } - $crontab_contents = implode("\n", $crontab_contents_a) . "\n"; - - - if (is_array($config['cron']['item'])) { - $crontab_contents .= "#\n"; - $crontab_contents .= "# pfSense specific crontab entries\n"; - $crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n"; - $crontab_contents .= "#\n"; - - foreach ($config['cron']['item'] as $item) { - $crontab_contents .= "\n{$item['minute']}\t"; - $crontab_contents .= "{$item['hour']}\t"; - $crontab_contents .= "{$item['mday']}\t"; - $crontab_contents .= "{$item['month']}\t"; - $crontab_contents .= "{$item['wday']}\t"; - $crontab_contents .= "{$item['who']}\t"; - $crontab_contents .= "{$item['command']}"; - } - - $crontab_contents .= "\n#\n"; - $crontab_contents .= "# If possible do not add items to this file manually.\n"; - $crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n"; - $crontab_contents .= "#\n\n"; - } - - /* please maintain the newline at the end of file */ - file_put_contents("/etc/crontab", $crontab_contents); - - if (!$g['booting']) - conf_mount_ro(); -} - -function upnp_action ($action) { - switch($action) { - case "start": - if(file_exists('/var/etc/miniupnpd.conf')) - mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf'); - break; - case "stop": - while((int)exec("pgrep miniupnpd | wc -l") > 0) - mwexec('killall miniupnpd 2>/dev/null', true); - mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null'); - mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null'); - break; - case "restart": - upnp_action('stop'); - upnp_action('start'); - break; - } -} - -function upnp_start() { - global $config, $g; - if($config['installedpackages']['miniupnpd']['config'][0]['enable']) { - if($g['booting']) { - echo "Starting UPnP service..."; - include('/usr/local/pkg/miniupnpd.inc'); - sync_package_miniupnpd(); - echo "done.\n"; - } - else { - upnp_action('start'); - } - } -} - -?> |