aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/autoconfigbackup/parse_config_upload.php8
-rw-r--r--config/avahi/avahi.xml4
-rwxr-xr-xconfig/dansguardian/dansguardian.inc18
-rwxr-xr-xconfig/dansguardian/dansguardian_groups.xml39
-rw-r--r--config/dansguardian/dansguardian_ldap.php43
-rw-r--r--config/dashboard/dashboard.xml2
-rw-r--r--config/dnsblacklist/dnsblacklist.xml2
-rw-r--r--config/haproxy-devel/haproxy.inc35
-rwxr-xr-xconfig/haproxy-devel/haproxy_global.php18
-rw-r--r--config/haproxy-devel/haproxy_listeners_edit.php29
-rw-r--r--config/haproxy-devel/haproxy_pool_edit.php2
-rw-r--r--config/lcdproc/lcdproc.xml8
-rw-r--r--config/phpsysinfo/phpsysinfo.xml2
-rwxr-xr-x[-rw-r--r--]config/postfix/postfix.inc9
-rwxr-xr-xconfig/squid3/33/squid.inc18
-rw-r--r--config/squidGuard/squidguard_configurator.inc9
-rw-r--r--config/vhosts/vhosts.inc12
-rw-r--r--config/vnstat/vnstat.xml2
-rw-r--r--config/vnstat2/vnstat2.xml10
19 files changed, 188 insertions, 82 deletions
diff --git a/config/autoconfigbackup/parse_config_upload.php b/config/autoconfigbackup/parse_config_upload.php
new file mode 100644
index 00000000..ce592966
--- /dev/null
+++ b/config/autoconfigbackup/parse_config_upload.php
@@ -0,0 +1,8 @@
+<?php
+
+if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) {
+ require_once("/usr/local/pkg/autoconfigbackup.inc");
+ upload_config();
+}
+
+?>
diff --git a/config/avahi/avahi.xml b/config/avahi/avahi.xml
index ef229af1..46f1293b 100644
--- a/config/avahi/avahi.xml
+++ b/config/avahi/avahi.xml
@@ -84,12 +84,12 @@
<additional_files_needed>
<prefix>/root/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/avahi/binaries/avahi.tar.gz</item>
+ <item>http://files.pfsense.org/packages/avahi/avahi.tar.gz</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/root/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.org/packages/config/avahi/binaries/avahi8.tar.gz</item>
+ <item>http://files.pfsense.org/packages/avahi/avahi8.tar.gz</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index b1c79a97..39282409 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -90,7 +90,7 @@ function check_ca_hashes(){
}
}
-function sync_package_dansguardian($via_rpc=false,$install_process=false) {
+function sync_package_dansguardian($via_rpc="no",$install_process=false) {
global $config,$g;
# detect boot process
@@ -101,7 +101,7 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) {
$boot_process="on";
}
- if (is_process_running('dansguardian') && isset($boot_process) && $via_rpc==false){
+ if (is_process_running('dansguardian') && isset($boot_process) && $via_rpc=="no"){
log_error("[Dansguardian] - Detected boot process pr:".is_process_running('dansguardian')." bp:".isset($boot_process)." rpc:".$via_rpc);
return;
}
@@ -723,6 +723,7 @@ function sync_package_dansguardian($via_rpc=false,$install_process=false) {
'urlacl'=> "Default",
'group_options' => "scancleancache,infectionbypasserrorsonly",
'reportinglevel'=>'3',
+ 'group_name_source'=>'name',
'mode'=> "1",
'report_level'=>"global");
@@ -979,7 +980,7 @@ EOF;
$cron_found=0;
if (is_array($config['cron']['item']))
foreach($config['cron']['item'] as $cron)
- if (preg_match("@".DANSGUARDIAN_DIR."/(bin.freshclam|www/dansguardian)@",$cron["command"]))
+ if (preg_match("@(".DANSGUARDIAN_DIR."|/usr/local)/(bin.freshclam|www/dansguardian)@",$cron["command"]))
$cron_found++;
else
$new_cron['item'][]=$cron;
@@ -1062,6 +1063,7 @@ EOF;
$cron_cmd="/usr/local/bin/php /usr/local/www/dansguardian_ldap.php";
if (is_array($config['installedpackages']['dansguardiangroups']['config']))
foreach ($config['installedpackages']['dansguardiangroups']['config'] as $dansguardian_groups){
+ $dans_group_source=($dansguardian_groups['groupnamesource'] !="" ? $dansguardian_groups['groupnamesource'] : "name");
if(preg_match('/(\d+)m/',$dansguardian_groups['freq'],$matches)){
$new_cron['item'][]=array( "minute" => "*/".$matches[1],
"hour" => "*",
@@ -1069,7 +1071,7 @@ EOF;
"month" => "*",
"wday" => "*",
"who" => "root",
- "command"=> $cron_cmd." ".$dansguardian_groups['name']);
+ "command"=> "{$cron_cmd} $dans_group_source '{$dansguardian_groups[$dans_group_source]}'");
$config['cron']=$new_cron;
$cron_found++;
}
@@ -1080,7 +1082,7 @@ EOF;
"month" => "*",
"wday" => "*",
"who" => "root",
- "command"=> $cron_cmd." ".$dansguardian_groups['name']);
+ "command"=> "{$cron_cmd} $dans_group_source '{$dansguardian_groups[$dans_group_source]}'");
$config['cron']=$new_cron;
$cron_found++;
}
@@ -1205,7 +1207,7 @@ EOF;
#avoid sync during boot process
- if (!isset($boot_process)){
+ if (!isset($boot_process) || $via_rpc=="yes"){
/* Uses XMLRPC to synchronize the changes to a remote node */
if (is_array($config['installedpackages']['dansguardiansync']['config'])){
$dans_sync=$config['installedpackages']['dansguardiansync']['config'][0];
@@ -1280,7 +1282,7 @@ function dansguardian_validate_input($post, &$input_errors) {
}
function dansguardian_php_install_command() {
- sync_package_dansguardian(false,true);
+ sync_package_dansguardian("no",true);
}
function dansguardian_php_deinstall_command() {
@@ -1385,7 +1387,7 @@ function dansguardian_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,
/* tell dansguardian to reload our settings on the destionation sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/dansguardian.inc');\n";
- $execcmd .= "sync_package_dansguardian(true);";
+ $execcmd .= "sync_package_dansguardian('yes');";
/* assemble xmlrpc payload */
$params = array(
diff --git a/config/dansguardian/dansguardian_groups.xml b/config/dansguardian/dansguardian_groups.xml
index fc9ff8a8..aaa9bcd6 100755
--- a/config/dansguardian/dansguardian_groups.xml
+++ b/config/dansguardian/dansguardian_groups.xml
@@ -386,10 +386,20 @@
<type>listtopic</type>
</field>
<field>
+ <fielddescr>LDAP group name source</fielddescr>
+ <fieldname>groupnamesource</fieldname>
+ <description><![CDATA[ This option determines where to look for LDAP group/OU name.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Dansguardian Group Name(default)</name><value>name</value></option>
+ <option><name>Dansguardian Group Description</name><value>description</value></option>
+ </options>
+ </field>
+ <field>
<fielddescr>LDAP</fielddescr>
<fieldname>ldap</fieldname>
- <description><![CDATA[Select Active directory servers to extract users from<br>
- The group must has the same name in dansguardian and on active directory<br>
+ <description><![CDATA[Select LDAP servers to extract users from<br>
+ The group must has the same name( or description) in dansguardian and on active directory<br>
<strong>This is not aplicable for default group</strong>]]></description>
<type>select_source</type>
<size>05</size>
@@ -399,6 +409,31 @@
<source_value>dc</source_value>
</field>
<field>
+ <fielddescr>LDAP user account status</fielddescr>
+ <fieldname>useraccountcontrol</fieldname>
+ <description><![CDATA[Import only users with these account status. Leave empty to do not check account status.]]></description>
+ <type>select</type>
+ <options>
+ <option><name>Normal (code 512)</name><value>512</value></option>
+ <option><name>Disabled Account (code 514)</name><value>514</value></option>
+ <option><name>Account is Disabled (code 2)</name><value>2</value></option>
+ <option><name>Account Locked Out (code 16)</name><value>16</value></option>
+ <option><name>Entered Bad Password (code 17)</name><value>17</value></option>
+ <option><name>No Password is Required(code 32)</name><value>32</value></option>
+ <option><name>Password CANNOT Change(code 64)</name><value>64</value></option>
+ <option><name>Password has Expired (code 8388608)</name><value>8388608</value></option>
+ <option><name>Account will Never Expire (code 65536)</name><value>65536</value></option>
+ <option><name>Enabled and Does NOT expire Paswword (code 66048)</name><value>66048</value></option>
+ <option><name>Server Trusted Account for Delegation (code 8192)</name><value>8192</value></option>
+ <option><name>Trusted Account for Delegation (code 524288)</name><value>524288</value></option>
+ <option><name>Enabled, User Cannot Change Password, Password Never Expires (code 590336)</name><value>590336</value></option>
+ <option><name>Normal Account, Password will not expire and Currently Disabled (code 66050)</name><value>66050</value></option>
+ <option><name>Account Enabled, Password does not expire, currently Locked out (code 66064)</name><value>66064</value></option>
+ </options>
+ <multiple/>
+ <size>16</size>
+ </field>
+ <field>
<fielddescr>Update frequency</fielddescr>
<fieldname>freq</fieldname>
<description><![CDATA[How often extract users from active directory and verify changes<br>
diff --git a/config/dansguardian/dansguardian_ldap.php b/config/dansguardian/dansguardian_ldap.php
index 33cbee91..01d4764e 100644
--- a/config/dansguardian/dansguardian_ldap.php
+++ b/config/dansguardian/dansguardian_ldap.php
@@ -56,6 +56,7 @@ function get_ldap_members($group,$user,$password) {
global $ldap_host;
global $ldap_dn;
$LDAPFieldsToFind = array("member");
+ print "{$ldap_host} {$ldap_dn}\n";
$ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP");
// OPTIONS TO AD
@@ -64,7 +65,10 @@ function get_ldap_members($group,$user,$password) {
ldap_bind($ldap, $user, $password) or die("Could not bind to LDAP");
- $results = ldap_search($ldap,$ldap_dn,"cn=" . $group,$LDAPFieldsToFind);
+ //check if group is just a name or an ldap string
+ $group_cn=(preg_match("/cn=/i",$group)? $group : "cn={$group}");
+
+ $results = ldap_search($ldap,$ldap_dn,$group_cn,$LDAPFieldsToFind);
$member_list = ldap_get_entries($ldap, $results);
$group_member_details = array();
@@ -77,7 +81,8 @@ function get_ldap_members($group,$user,$password) {
$member_search = ldap_search($ldap, $ldap_dn, "(CN=" . $member_cn . ")");
$member_details = ldap_get_entries($ldap, $member_search);
$group_member_details[] = array($member_details[0]['samaccountname'][0],
- $member_details[0]['displayname'][0]);
+ $member_details[0]['displayname'][0],
+ $member_details[0]['useraccountcontrol'][0]);
}
ldap_close($ldap);
array_shift($group_member_details);
@@ -96,11 +101,12 @@ $apply_config=0;
if (is_array($config['installedpackages']['dansguardiangroups']['config']))
foreach($config['installedpackages']['dansguardiangroups']['config'] as $group) {
#ignore default group
- if ($id > 0)
- if ($argv[1] == "" || $argv[1] == $group['name']){
+ if ($id > 0){
+ $ldap_group_source=(preg_match("/description/",$argv[1]) ? "description" : "name");
+ if ($argv[2] == $group[$ldap_group_source]){
$members="";
$ldap_servers= explode (',',$group['ldap']);
- echo "Group : " . $group['name']."\n";
+ echo "Group : {$group['name']}({$group['description']})\n";
if (is_array($config['installedpackages']['dansguardianldap']['config']))
foreach ($config['installedpackages']['dansguardianldap']['config'] as $server){
if (in_array($server['dc'],$ldap_servers)){
@@ -113,18 +119,28 @@ if (is_array($config['installedpackages']['dansguardiangroups']['config']))
$ldap_username=$server['username'];
#$domainuser=split("cn=",$server['username']);
#$ldap_username=preg_replace("/,\./","@",$domainuser[1].preg_replace("/(,|)DC=/i",".",$server['dn']));
- $result = get_ldap_members($group['name'],$ldap_username,$server['password']);
- foreach($result as $key => $value) {
- if (preg_match ("/\w+/",$value[0])){
+ $result = get_ldap_members($group[$ldap_group_source],$ldap_username,$server['password']);
+ if ($group['useraccountcontrol'] !="")
+ $valid_account_codes=explode(",",$group['useraccountcontrol']);
+ foreach($result as $mvalue) {
+ if (preg_match ("/\w+/",$mvalue[0])){
#var_dump($value);
- $name= preg_replace('/[^(\x20-\x7F)]*/','', $value[1]);
+ $name= preg_replace("/&([a-z])[a-z]+;/i", "$1", htmlentities($mvalue[1]));//preg_replace('/[^(\x20-\x7F)]*/','', $mvalue[1]);
$pattern[0]="/USER/";
$pattern[1]="/,/";
$pattern[2]="/NAME/";
- $replace[0]=$value[0];
+ $replace[0]=$mvalue[0];
$replace[1]="\n";
$replace[2]="$name";
- $members .= preg_replace($pattern,$replace,$mask)."\n";
+
+ if (is_array($valid_account_codes)){
+ if (in_array($mvalue[2],$valid_account_codes,true))
+ $members .= preg_replace($pattern,$replace,$mask)."\n";
+ }
+ else
+ {
+ $members .= preg_replace($pattern,$replace,$mask)."\n";
+ }
}
}
}
@@ -144,8 +160,9 @@ if (is_array($config['installedpackages']['dansguardiangroups']['config']))
$apply_config++;
}
}
- }
- $id++;
+ }
+ }
+ $id++;
}
if ($apply_config > 0){
print "User list from LDAP is different from current group, applying new configuration...";
diff --git a/config/dashboard/dashboard.xml b/config/dashboard/dashboard.xml
index 7177eed6..c09a2eda 100644
--- a/config/dashboard/dashboard.xml
+++ b/config/dashboard/dashboard.xml
@@ -57,7 +57,7 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>077</chmod>
- <item>http://www.pfsense.com/packages/config/dashboard/binaries/widgets.tgz</item>
+ <item>http://files.pfsense.org/packages/widgets.tgz</item>
</additional_files_needed>
<custom_php_install_command>
dashboard_install();
diff --git a/config/dnsblacklist/dnsblacklist.xml b/config/dnsblacklist/dnsblacklist.xml
index 1b7c29e5..52c59b35 100644
--- a/config/dnsblacklist/dnsblacklist.xml
+++ b/config/dnsblacklist/dnsblacklist.xml
@@ -77,7 +77,7 @@
<additional_files_needed>
<prefix>/tmp/</prefix>
<chmod>0755</chmod>
- <item>http://www.pfsense.com/packages/config/dnsblacklist/blacklists.tar.gz</item>
+ <item>http://files.pfsense.org/packages/blacklists.tar.gz</item>
</additional_files_needed>
<fields>
<field>
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 735ab196..66bcf81f 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -867,10 +867,12 @@ function haproxy_load_modules() {
function use_transparent_clientip_proxying() {
global $config;
$a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item'];
- foreach ($a_backends as $backend) {
- if ($backend["transparent_clientip"] == 'yes') {
- return true;
- break;
+ if (is_array($a_backends)) {
+ foreach ($a_backends as $backend) {
+ if ($backend["transparent_clientip"] == 'yes') {
+ return true;
+ break;
+ }
}
}
return false;
@@ -939,7 +941,8 @@ function haproxy_check_run($reload) {
if ($status != "MASTER") {
if (haproxy_is_running()) {
log_error("Stopping haproxy on CARP backup.");
- exec("/bin/pkill -F /var/run/haproxy.pid haproxy");
+ //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
+ haproxy_kill();
}
return (0);
} else if (haproxy_is_running() && $reload == 0) {
@@ -951,7 +954,11 @@ function haproxy_check_run($reload) {
return (0);
if (haproxy_is_running()) {
- exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
+ if (isset($a_global['terminate_on_reload']))
+ $sf_st = "-st";//terminate old process as soon as the new process is listening
+ else
+ $sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening
+ exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
} else {
exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode);
}
@@ -960,11 +967,23 @@ function haproxy_check_run($reload) {
return ($errcode);
} else {
if ($reload && haproxy_is_running()) {
- exec("/bin/pkill -F /var/run/haproxy.pid haproxy");
+ //exec("/bin/pkill -F /var/run/haproxy.pid haproxy");//doesnt work for multiple pid's in a pidfile
+ haproxy_kill();
}
return (0);
}
-
+}
+
+function haproxy_kill($killimmediately = true) {
+ if ($killimmediately)
+ $signal = "KILL"; // stop now
+ else
+ $signal = "USR1"; // stop when all connections are closed
+ killprocesses("haproxy", "/var/run/haproxy.pid", $signal);
+}
+
+function killprocesses($processname, $pidfile, $signal = "KILL") {
+ exec("kill -$signal `pgrep -x $processname | grep -w -f $pidfile`");
}
function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php
index 7ff0fb65..dbc55847 100755
--- a/config/haproxy-devel/haproxy_global.php
+++ b/config/haproxy-devel/haproxy_global.php
@@ -68,6 +68,7 @@ if ($_POST) {
if (!$input_errors) {
$config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false;
+ $config['installedpackages']['haproxy']['terminate_on_reload'] = $_POST['terminate_on_reload'] ? true : false;
$config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false;
$config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false;
$config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false;
@@ -84,10 +85,10 @@ if ($_POST) {
write_config();
}
}
-
}
$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']);
+$pconfig['terminate_on_reload'] = isset($config['installedpackages']['haproxy']['terminate_on_reload']);
$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn'];
$pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']);
$pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword'];
@@ -177,9 +178,9 @@ function enable_change(enable_change) {
Sets the maximum per-process number of concurrent connections to X.<br/>
<strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/>
<?php
- $hascpu = trim(`top | grep haproxy | awk '{ print $6 }'`);
- if($hascpu)
- echo "<p>Current memory usage {$hascpu}.</p>";
+ $memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`);
+ if($memusage)
+ echo "<p>Current memory usage: {$memusage} K.</p>";
?>
</td><td>
<table style="border: 1px solid #000;">
@@ -225,6 +226,15 @@ function enable_change(enable_change) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Reload behaviour</td>
+ <td width="78%" class="vtable">
+ <input name="terminate_on_reload" type="checkbox" value="yes" <?php if ($pconfig['terminate_on_reload']) echo "checked"; ?>>
+ Force immediate stop of old process on reload. (closes existing connections)<br/><br/>Note: when this option is selected connections will be closed when haproxy is restarted.
+ Otherwise the existing connections will be served by the old haproxy process untill they are closed.
+ Checking this option will interupt existing connections on a restart. (which happens when the configuration is applied,
+ but possibly also when pfSense detects an interface comming up or changing its ip-address)</td>
+ </tr>
+ <tr>
<td valign="top" class="vncell">
Remote syslog host
</td>
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php
index 05868de7..8f9c2484 100644
--- a/config/haproxy-devel/haproxy_listeners_edit.php
+++ b/config/haproxy-devel/haproxy_listeners_edit.php
@@ -160,23 +160,32 @@ if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
- $reqdfields = explode(" ", "name type port max_connections");
- $reqdfieldsn = explode(",", "Name,Type,Port,Max connections");
+
+ if ($pconfig['secondary'] != "yes") {
+ $reqdfields = explode(" ", "name type port max_connections");
+ $reqdfieldsn = explode(",", "Name,Type,Port,Max connections");
+ } else {
+ $reqdfields = explode(" ", "name");
+ $reqdfieldsn = explode(",", "Name");
+ }
+
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name']))
$input_errors[] = "The field 'Name' contains invalid characters.";
- if (!is_numeric($_POST['max_connections']))
- $input_errors[] = "The field 'Max connections' value is not a number.";
+ if ($pconfig['secondary'] != "yes") {
+ if (!is_numeric($_POST['max_connections']))
+ $input_errors[] = "The field 'Max connections' value is not a number.";
- $ports = split(",", $_POST['port'] . ",");
- foreach($ports as $port)
- if ($port && !is_numeric($port))
- $input_errors[] = "The field 'Port' value is not a number.";
+ $ports = split(",", $_POST['port'] . ",");
+ foreach($ports as $port)
+ if ($port && !is_numeric($port))
+ $input_errors[] = "The field 'Port' value is not a number.";
- if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout']))
- $input_errors[] = "The field 'Client timeout' value is not a number.";
+ if ($_POST['client_timeout'] !== "" && !is_numeric($_POST['client_timeout']))
+ $input_errors[] = "The field 'Client timeout' value is not a number.";
+ }
/* Ensure that our pool names are unique */
for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++)
diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php
index e282504a..4b93632f 100644
--- a/config/haproxy-devel/haproxy_pool_edit.php
+++ b/config/haproxy-devel/haproxy_pool_edit.php
@@ -608,7 +608,7 @@ FLUSH PRIVILEGES;</pre>
<td width="78%" class="vtable" colspan="2">
<input name="monitor_agentport" type="text" <?if(isset($pconfig['monitor_agentport'])) echo "value=\"{$pconfig['monitor_agentport']}\"";?>size="64">
<br/>
- Fill in the TCP portnumber the healtcheck should be performed on.
+ Fill in the TCP portnumber the healthcheck should be performed on.
</td>
</tr>
</table>
diff --git a/config/lcdproc/lcdproc.xml b/config/lcdproc/lcdproc.xml
index bc03b761..32a8f900 100644
--- a/config/lcdproc/lcdproc.xml
+++ b/config/lcdproc/lcdproc.xml
@@ -38,22 +38,22 @@
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/lcdproc/bin/nexcom.so</item>
+ <item>http://files.pfsense.org/packages/lcdproc/nexcom.so</item>
<prefix>/usr/local/lib/lcdproc/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/lcdproc/bin/SureElec.so</item>
+ <item>http://files.pfsense.org/packages/lcdproc/SureElec.so</item>
<prefix>/usr/local/lib/lcdproc/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/lcdproc/bin/picolcd.so</item>
+ <item>http://files.pfsense.org/packages/lcdproc/picolcd.so</item>
<prefix>/usr/local/lib/lcdproc/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
- <item>http://www.pfsense.org/packages/config/lcdproc/bin/libusb.so.2</item>
+ <item>http://files.pfsense.org/packages/lcdproc/libusb.so.2</item>
<prefix>/usr/local/lib/lcdproc/</prefix>
<chmod>0755</chmod>
</additional_files_needed>
diff --git a/config/phpsysinfo/phpsysinfo.xml b/config/phpsysinfo/phpsysinfo.xml
index 3cbe4a5b..116643a4 100644
--- a/config/phpsysinfo/phpsysinfo.xml
+++ b/config/phpsysinfo/phpsysinfo.xml
@@ -75,7 +75,7 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/phpsysinfo/bin/phpsysinfo-2.5.4.tar.gz</item>
+ <item>http://files.pfsense.org/packages/phpsysinfo-2.5.4.tar.gz</item>
</additional_files_needed>
<fields>
<field>
diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc
index b564fd47..4378a1f9 100644..100755
--- a/config/postfix/postfix.inc
+++ b/config/postfix/postfix.inc
@@ -278,9 +278,10 @@ function check_cron(){
}
-function sync_package_postfix($via_rpc=false) {
+function sync_package_postfix($via_rpc="no") {
global $config;
+ log_error("sync_package_postfix called with via_rpc={$via_rpc}");
# detect boot process
if (is_array($_POST)){
if (preg_match("/\w+/",$_POST['__csrf_magic']))
@@ -289,7 +290,7 @@ function sync_package_postfix($via_rpc=false) {
$boot_process="on";
}
- if(is_process_running("master") && isset($boot_process) && $via_rpc==false)
+ if(is_process_running("master") && isset($boot_process) && $via_rpc=="no")
return;
#check patch in /etc/inc/config.
@@ -731,7 +732,7 @@ MASTEREOF2;
postfix_start();
#Do not sync during boot
- if(!isset($boot_process))
+ if(!isset($boot_process) || $via_rpc=="yes")
postfix_sync_on_changes();
}
@@ -944,7 +945,7 @@ function postfix_do_xmlrpc_sync($sync_to_ip,$username,$password,$sync_type,$sync
/* tell postfix to reload our settings on the destionation sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/postfix.inc');\n";
- $execcmd .= "sync_package_postfix(true);";
+ $execcmd .= "sync_package_postfix('yes');";
/* assemble xmlrpc payload */
$params = array(
diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc
index a29fb3c6..1da86847 100755
--- a/config/squid3/33/squid.inc
+++ b/config/squid3/33/squid.inc
@@ -1748,7 +1748,7 @@ function squid_resync_msnt() {
chmod(SQUID_CONFBASE."/msntauth.conf", 0600);
}
-function squid_resync() {
+function squid_resync($via_rpc="no") {
global $config;
# detect boot process
@@ -1759,7 +1759,9 @@ function squid_resync() {
$boot_process="on";
}
- if (is_process_running('squid') && isset($boot_process))
+ log_error("[Squid] - Squid_resync function call pr:".is_process_running('squid')." bp:".isset($boot_process)." rpc:".$via_rpc);
+
+ if (is_process_running('squid') && isset($boot_process) && $via_rpc=="no")
return;
conf_mount_rw();
@@ -1785,7 +1787,7 @@ function squid_resync() {
squid_resync_users();
squid_write_rcfile();
- if(!isset($boot_process))
+ if(!isset($boot_process) || $via_rpc="yes")
squid_sync_on_changes();
#write config file
@@ -2295,7 +2297,7 @@ function squid_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) {
/* set a few variables needed for sync code borrowed from filter.inc */
$url = $synchronizetoip;
- log_error("Beginning squid XMLRPC sync to {$url}:{$port}.");
+ log_error("[Squid] Beginning squid XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
@@ -2315,20 +2317,20 @@ function squid_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) {
log_error($error);
file_notice("sync_settings", $error, "squid Settings Sync", "");
} else {
- log_error("squid XMLRPC sync successfully completed with {$url}:{$port}.");
+ log_error("[Squid] XMLRPC sync successfully completed with {$url}:{$port}.");
}
/* tell squid to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
$execcmd = "require_once('/usr/local/pkg/squid.inc');\n";
- $execcmd .= "squid_resync();";
+ $execcmd .= "squid_resync('yes');";
/* assemble xmlrpc payload */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
);
- log_error("squid XMLRPC reload data {$url}:{$port}.");
+ log_error("[Squid] XMLRPC reload data {$url}:{$port}.");
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
@@ -2340,7 +2342,7 @@ function squid_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) {
} elseif($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, $synctimeout);
- $error = "An error code was received while attempting squid XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ $error = "[Squid] An error code was received while attempting squid XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
log_error($error);
file_notice("sync_settings", $error, "squid Settings Sync", "");
} else {
diff --git a/config/squidGuard/squidguard_configurator.inc b/config/squidGuard/squidguard_configurator.inc
index e57b7597..b900a477 100644
--- a/config/squidGuard/squidguard_configurator.inc
+++ b/config/squidGuard/squidguard_configurator.inc
@@ -112,9 +112,12 @@ define('REDIRECT_URL_ARGS', '&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u');
# ------------------------------------------------------------------------------
$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pf_version > 2.0)
- define('SQUIDGUARD_LOCALBASE', '/usr/pbi/squidguard-' . php_uname("m"));
-else
+if ($pf_version > 2.0) {
+ if (file_exists('/usr/pbi/squidguard-squid3-' . php_uname("m")))
+ define('SQUIDGUARD_LOCALBASE', '/usr/pbi/squidguard-squid3-' . php_uname("m"));
+ else
+ define('SQUIDGUARD_LOCALBASE', '/usr/pbi/squidguard-' . php_uname("m"));
+} else
define('SQUIDGUARD_LOCALBASE','/usr/local');
if (!defined('SQUID_LOCALBASE') && ($pf_version > 2.0))
diff --git a/config/vhosts/vhosts.inc b/config/vhosts/vhosts.inc
index a5b8c4e2..651b79b2 100644
--- a/config/vhosts/vhosts.inc
+++ b/config/vhosts/vhosts.inc
@@ -736,31 +736,31 @@ function vhosts_install_command() {
if(stristr(php_uname('r'), '7.2') == TRUE) {
if (!file_exists('/usr/local/php5')) {
chdir('/usr/local/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd7.2/php5.tar.gz");
+ exec ("fetch http://files.pfsense.org/packages/7/vhosts/php5.tar.gz");
exec("tar zxvf /usr/local/php5.tar.gz -C /usr/local/");
exec("rm /usr/local/php5.tar.gz");
}
if (!file_exists('/usr/local/lib/libxml2.so.5')) {
chdir('/usr/local/lib/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd7.2/usr.local.lib/libxml2.so.5");
+ exec ("fetch http://files.pfsense.org/packages/7/vhosts/usr.local.lib/libxml2.so.5");
}
if (!file_exists('/usr/local/lib/libxml2.so')) {
chdir('/usr/local/lib/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd7.2/usr.local.lib/libxml2.so");
+ exec ("fetch http://files.pfsense.org/packages/7/vhosts/usr.local.lib/libxml2.so");
}
if (!file_exists('/usr/local/lib/libxml2.la')) {
chdir('/usr/local/lib/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd7.2/usr.local.lib/libxml2.la");
+ exec ("fetch http://files.pfsense.org/packages/7/vhosts/usr.local.lib/libxml2.la");
}
if (!file_exists('/usr/local/lib/libxml2.a')) {
chdir('/usr/local/lib/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd7.2/usr.local.lib/lib/libxml2.a");
+ exec ("fetch http://files.pfsense.org/packages/7/vhosts/usr.local.lib/lib/libxml2.a");
}
}
if(stristr(php_uname('r'), '8.1') == TRUE) {
if (!file_exists('/usr/local/php5')) {
chdir('/usr/local/');
- exec ("fetch http://www.pfsense.com/packages/config/vhosts/freebsd8.0/php5.tar.gz");
+ exec ("fetch http://files.pfsense.org/packages/8/vhosts/php5.tar.gz");
exec("tar zxvf /usr/local/php5.tar.gz -C /usr/local/");
exec("rm /usr/local/php5.tar.gz");
}
diff --git a/config/vnstat/vnstat.xml b/config/vnstat/vnstat.xml
index 2a0c06f5..63a121a0 100644
--- a/config/vnstat/vnstat.xml
+++ b/config/vnstat/vnstat.xml
@@ -25,7 +25,7 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat/bin/vnstat_php_frontend-1.4.1.tar.gz</item>
+ <item>http://files.pfsense.org/packages/7/vnstat/vnstat_php_frontend-1.4.1.tar.gz</item>
</additional_files_needed>
<custom_php_resync_config_command></custom_php_resync_config_command>
<custom_php_install_command>vnstat_install_config();</custom_php_install_command>
diff --git a/config/vnstat2/vnstat2.xml b/config/vnstat2/vnstat2.xml
index 08bfc91d..25cd0bcb 100644
--- a/config/vnstat2/vnstat2.xml
+++ b/config/vnstat2/vnstat2.xml
@@ -48,7 +48,7 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat2/bin/vnstat_php_frontend-1.4.1.tar.gz</item>
+ <item>http://files.pfsense.org/packages/8/vnstat/vnstat_php_frontend-1.4.1.tar.gz</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
@@ -68,22 +68,22 @@
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat2/bin/diag_vnstat.abc</item>
+ <item>http://files.pfsense.org/packages/8/vnstat/diag_vnstat.abc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat2/bin/diag_vnstat2.abc</item>
+ <item>http://files.pfsense.org/packages/8/vnstat/diag_vnstat2.abc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat2/bin/vnstat2_img.abc</item>
+ <item>http://files.pfsense.org/packages/8/vnstat/vnstat2_img.abc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/vnstat2/bin/vnstati.abc</item>
+ <item>http://files.pfsense.org/packages/8/vnstat/vnstati.abc</item>
</additional_files_needed>
<fields>
<field>