aboutsummaryrefslogtreecommitdiffstats
path: root/config/openbgpd/openbgpd.inc
diff options
context:
space:
mode:
Diffstat (limited to 'config/openbgpd/openbgpd.inc')
-rw-r--r--config/openbgpd/openbgpd.inc94
1 files changed, 38 insertions, 56 deletions
diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc
index eff2855b..45449793 100644
--- a/config/openbgpd/openbgpd.inc
+++ b/config/openbgpd/openbgpd.inc
@@ -79,7 +79,6 @@ function openbgpd_install_conf() {
$openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config'];
$conffile = "# This file was created by the package manager. Do not edit!\n\n";
- $setkeycf = "";
// Setup AS #
if($openbgpd_conf['asnum'])
@@ -114,20 +113,24 @@ function openbgpd_install_conf() {
if(is_array($openbgpd_neighbors)) {
foreach($openbgpd_neighbors as $neighbor) {
if($neighbor['groupname'] == $group['name']) {
- $conffile .= " neighbor {$neighbor['neighbor']} {\n";
- $conffile .= " descr \"{$neighbor['descr']}\"\n";
- $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n";
+ $conffile .= "\tneighbor {$neighbor['neighbor']} {\n";
+ $conffile .= "\t\tdescr \"{$neighbor['descr']}\"\n";
if($neighbor['md5sigpass']) {
- $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 \"{$neighbor['md5sigpass']}\";\n";
- $conffile .= " tcp md5sig password {$neighbor['md5sigpass']}\n";
+ $conffile .= "\t\ttcp md5sig password {$neighbor['md5sigpass']}\n";
}
if($neighbor['md5sigkey']) {
- $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 0x{$neighbor['md5sigkey']};\n";
- $conffile .= " tcp md5sig key {$neighbor['md5sigkey']}\n";
+ $conffile .= "\t\ttcp md5sig key {$neighbor['md5sigkey']}\n";
}
- foreach($neighbor['row'] as $row) {
- $conffile .= " {$row['parameters']} {$row['parmvalue']} \n";
- }
+ $setlocaladdr = true;
+ if (is_array($neighbor['row'])) {
+ foreach($neighbor['row'] as $row) {
+ if ($row['parameters'] == "local-address")
+ $setlocaladdr = false;
+ $conffile .= "\t\t{$row['parameters']} {$row['parmvalue']} \n";
+ }
+ }
+ if ($setlocaladdr == true)
+ $conffile .= "\t\tlocal-address {$openbgpd_conf['listenip']}\n";
$conffile .= "}\n";
}
}
@@ -142,23 +145,25 @@ function openbgpd_install_conf() {
$used_this_item = false;
if($neighbor['groupname'] == "") {
$conffile .= "neighbor {$neighbor['neighbor']} {\n";
- $conffile .= " descr \"{$neighbor['descr']}\"\n";
- $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n";
+ $conffile .= "\tdescr \"{$neighbor['descr']}\"\n";
if ($neighbor['md5sigpass']) {
- $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 \"{$neighbor['md5sigpass']}\";\n";
- $conffile .= " tcp md5sig password {$neighbor['md5sigpass']}\n";
+ $conffile .= "\ttcp md5sig password {$neighbor['md5sigpass']}\n";
}
if ($neighbor['md5sigkey']) {
- $setkeycf .= "add {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000 -A tcp-md5 0x{$neighbor['md5sigkey']};\n";
- $conffile .= " tcp md5sig key {$neighbor['md5sigkey']}\n";
+ $conffile .= "\ttcp md5sig key {$neighbor['md5sigkey']}\n";
}
- $used_this_item = true;
- foreach($neighbor['row'] as $row) {
- $conffile .= " {$row['parameters']} {$row['parmvalue']} \n";
- }
+ $setlocaladdr = true;
+ if (is_array($neighbor['row'])) {
+ foreach($neighbor['row'] as $row) {
+ if ($row['parameters'] == "local-address")
+ $setlocaladdr = false;
+ $conffile .= "\t{$row['parameters']} {$row['parmvalue']} \n";
+ }
+ }
+ if ($setlocaladdr == true)
+ $conffile .= "\tlocal-address {$openbgpd_conf['listenip']}\n";
}
- if($used_this_item)
- $conffile .= "}\n";
+ $conffile .= "}\n";
}
}
@@ -173,17 +178,13 @@ function openbgpd_install_conf() {
}
}
safe_mkdir($bgpd_config_base);
- $fd = fopen("{$bgpd_config_base}/bgpd.conf", "w");
-
- // Write out the configuration file
- fwrite($fd, $conffile);
-
- // Close file handle
- fclose($fd);
+ // Write out the configuration file
+ @file_put_contents("{$bgpd_config_base}/bgpd.conf", $conffile);
+ @chmod("{$bgpd_config_base}/bgpd.conf", 0600);
// Create rc.d file
$rc_file_stop = <<<EOF
-killall -9 bgpd
+killall -TERM bgpd
EOF;
$rc_file_start = <<<EOF
@@ -195,12 +196,14 @@ if [ `pw usershow {$pkg_login} 2>&1 | grep -c "pw: no such user"` -gt 0 ]; then
fi
/bin/mkdir -p {$bgpd_config_base}
-chmod u+rw,go-rw {$bgpd_config_base}/bgpd.conf
/usr/sbin/chown -R root:wheel {$bgpd_config_base}
+/bin/chmod 0600 {$bgpd_config_base}/bgpd.conf
NUMBGPD=`ps auxw | grep -c '[b]gpd.*parent'`
if [ \${NUMBGPD} -lt 1 ] ; then
{$pkg_bin}/bgpd -f {$bgpd_config_base}/bgpd.conf
+else
+ {$pkg_bin}/bgpctl reload
fi
EOF;
write_rcfile(array(
@@ -210,17 +213,11 @@ EOF;
)
);
- // TCP-MD5 support on freebsd. See tcp(5) for more
- $fd = fopen("{$g['tmp_path']}/bgpdsetkey.conf", "w");
- fwrite($fd, $setkeycf );
- fclose($fd);
- exec("setkey -f {$g['tmp_path']}/bgpdsetkey.conf");
-
// bgpd process running? if so reload, else start.
if(is_openbgpd_running() == true) {
- exec("bgpctl reload");
+ exec("{$pkg_bin}/bgpctl reload");
} else {
- exec("bgpd");
+ exec("{$pkg_bin}/bgpd -f {$bgpd_config_base}/bgpd.conf");
}
conf_mount_ro();
@@ -250,21 +247,6 @@ function openbgpd_put_raw_config($conffile) {
function deinstall_openbgpd() {
global $config, $g;
- if($config['installedpackages']['openbgpd']['config'])
- $openbgpd_conf = &$config['installedpackages']['openbgpd']['config'][0];
- if($config['installedpackages']['openbgpdneighbors']['config'])
- $openbgpd_neighbors = &$config['installedpackages']['openbgpdneighbors']['config'];
- $setkeycf = "";
- if(is_array($openbgpd_neighbors)) {
- foreach($openbgpd_neighbors as $neighbor)
- $setkeycf .= "delete {$openbgpd_conf['listenip']} {$neighbor['neighbor']} tcp 0x1000;\n";
- }
- // Clear all SADB entries used.
- $fd = fopen("{$g['tmp_path']}/bgpdsetkey.conf", "w");
- fwrite($fd, $setkeycf );
- fclose($fd);
- exec("setkey -f {$g['tmp_path']}/bgpdsetkey.conf");
-
exec("rm /usr/local/etc/rc.d/bgpd.sh");
exec("rm /usr/local/www/openbgpd_status.php");
exec("killall bgpd");
@@ -369,4 +351,4 @@ function is_openbgpd_running() {
return false;
}
-?> \ No newline at end of file
+?>