diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/bandwidthd/bandwidthd.inc | 25 | ||||
| -rw-r--r-- | config/freeradius2/freeradius.inc | 68 | ||||
| -rw-r--r-- | config/freeradius2/freeradius.xml | 1 | ||||
| -rw-r--r-- | config/freeradius2/freeradius_view_config.php | 12 | ||||
| -rw-r--r-- | config/freeradius2/freeradiusauthorizedmacs.xml | 1 | ||||
| -rw-r--r-- | config/freeradius2/freeradiusclients.xml | 1 | ||||
| -rw-r--r-- | config/freeradius2/freeradiusinterfaces.xml | 1 | ||||
| -rw-r--r-- | config/havp/havp.xml | 22 | ||||
| -rw-r--r-- | config/tinydns/tinydns.inc | 12 |
9 files changed, 89 insertions, 54 deletions
diff --git a/config/bandwidthd/bandwidthd.inc b/config/bandwidthd/bandwidthd.inc index 3aa53694..da7260bc 100644 --- a/config/bandwidthd/bandwidthd.inc +++ b/config/bandwidthd/bandwidthd.inc @@ -28,12 +28,18 @@ POSSIBILITY OF SUCH DAMAGE. */ +if (substr(trim(file_get_contents("/etc/version")),0,3) == "2.1") { + define('PKG_BANDWIDTHD_BASE', '/usr/pbi/bandwidthd-' . php_uname("m") . '/bandwidthd'); +} else { + define('PKG_BANDWIDTHD_BASE', '/usr/local/bandwidthd'); +} + function bandwidthd_install_deinstall() { conf_mount_rw(); config_lock(); - exec("rm /usr/local/etc/rc.d/bandwidthd*"); - exec("rm -rf /usr/local/bandwidthd*"); - exec("rm /usr/local/www/bandwidthd"); + exec("rm -f /usr/local/etc/rc.d/bandwidthd*"); + exec("rm -rf " . PKG_BANDWIDTHD_BASE . "/htdocs"); + exec("rm -f /usr/local/www/bandwidthd"); conf_mount_ro(); config_unlock(); } @@ -41,6 +47,9 @@ function bandwidthd_install_deinstall() { function bandwidthd_install_config() { global $config, $g; + /* bandwidthd doesn't have a way to pass a custom config path, unfortunately */ + $bandwidthd_config_dir = PKG_BANDWIDTHD_BASE . "/etc"; + conf_mount_rw(); config_lock(); @@ -177,9 +186,9 @@ $meta_refresh EOF; - $fd = fopen("/usr/local/bandwidthd/etc/bandwidthd.conf","w"); + $fd = fopen("{$bandwidthd_config_dir}/bandwidthd.conf","w"); if(!$fd) { - log_error("could not open /usr/local/bandwidthd/etc/bandwidthd.conf for writing"); + log_error("could not open {$bandwidthd_config_dir}/bandwidthd.conf for writing"); exit; } fwrite($fd, $config_file); @@ -188,15 +197,15 @@ EOF; /* write out rc.d start/stop file */ write_rcfile(array( "file" => "bandwidthd.sh", - "start" => "/usr/local/bandwidthd/bandwidthd /usr/local/bandwidthd/etc/bandwidthd.conf", + "start" => "/usr/local/bandwidthd/bandwidthd {$bandwidthd_config_dir}/bandwidthd.conf", "stop" => "/usr/bin/killall bandwidthd" ) ); exec("rm /usr/local/www/bandwidthd"); - exec("/bin/ln -s /usr/local/bandwidthd/htdocs /usr/local/www/bandwidthd"); + exec("/bin/ln -s " . PKG_BANDWIDTHD_BASE . "/htdocs /usr/local/www/bandwidthd"); - exec("echo \"Please start bandwidthd to populate this directory.\" > /usr/local/bandwidthd/htdocs/index.html"); + exec("echo \"Please start bandwidthd to populate this directory.\" > " . PKG_BANDWIDTHD_BASE . "/htdocs/index.html"); conf_mount_ro(); config_unlock(); diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index d2f42dfd..0e31b8d1 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -46,25 +46,15 @@ require_once("filter.inc"); require_once("services.inc"); // Check to find out on which system the package is running -if (exec("uname -r | cut -c 1-3") == '8.3') { - if (exec("uname -m") == "i386") { - define('RADDB', '/usr/pbi/freeradius-i386/etc/raddb'); - define('USRLOCAL', '/usr/pbi/freeradius-i386'); - } - else { - define('RADDB', '/usr/pbi/freeradius-amd64/etc/raddb'); - define('USRLOCAL', '/usr/pbi/freeradius-amd64'); - } -} -else { +if (substr(trim(file_get_contents("/etc/version")),0,3) == "2.0") { define('RADDB', '/usr/local/etc/raddb'); define('USRLOCAL', '/usr/local'); +} else { + define('RADDB', '/usr/pbi/freeradius-' . php_uname("m") . '/etc/raddb'); + define('USRLOCAL', '/usr/pbi/freeradius-' . php_uname("m")); } // End of system check - -// define('RADDB', '/usr/local/etc/raddb'); - function freeradius_deinstall_command() { exec("cd /var/db/pkg && pkg_delete `ls | grep freeradius`"); exec("rm -rf " . RADDB); @@ -75,6 +65,10 @@ function freeradius_install_command() { global $config; conf_mount_rw(); + // put the constant to a variable + $varRADDB = RADDB; + $varUSRLOCAL = USRLOCAL; + // We create here different folders for different counters. if (!file_exists("/var/log/radacct/datacounter/")) { exec("mkdir /var/log/radacct/datacounter && mkdir /var/log/radacct/datacounter/daily && mkdir /var/log/radacct/datacounter/weekly && mkdir /var/log/radacct/datacounter/monthly && mkdir /var/log/radacct/datacounter/forever"); } if (!file_exists("/var/log/radacct/timecounter/")) { exec("mkdir /var/log/radacct/timecounter"); } @@ -124,8 +118,8 @@ function freeradius_install_command() { $rcfile = array(); $rcfile['file'] = 'radiusd.sh'; - $rcfile['start'] = USRLOCAL . '/etc/rc.d/radiusd onestart'; - $rcfile['stop'] = USRLOCAL . '/etc/rc.d/radiusd onestop'; + $rcfile['start'] = "$varUSRLOCAL" . '/etc/rc.d/radiusd onestart'; + $rcfile['stop'] = "$varUSRLOCAL" . '/etc/rc.d/radiusd onestop'; write_rcfile($rcfile); conf_mount_ro(); start_service("radiusd"); @@ -135,6 +129,10 @@ function freeradius_settings_resync() { global $config; $conf = ''; + // put the constant to a variable + $varRADDB = RADDB; + $varUSRLOCAL = USRLOCAL; + // We do some checks of some folders which will be deleted after reboot on nanobsd systems if (!file_exists("/var/log/radacct/")) { exec("mkdir /var/log/radacct"); } if (!file_exists("/var/log/radacct/datacounter/")) { exec("mkdir /var/log/radacct/datacounter && mkdir /var/log/radacct/datacounter/daily && mkdir /var/log/radacct/datacounter/weekly && mkdir /var/log/radacct/datacounter/monthly && mkdir /var/log/radacct/datacounter/forever"); } @@ -203,7 +201,7 @@ function freeradius_settings_resync() { $conf .= <<<EOD -prefix = USRLOCAL +prefix = $varUSRLOCAL exec_prefix = \${prefix} sysconfdir = \${prefix}/etc localstatedir = /var @@ -3808,14 +3806,26 @@ function freeradius_motp_resync() { exec("cd /var/db/pkg && pkg_delete `ls | grep bash`"); log_error('FreeRADIUS: Uninstalling package "bash-4.1.7" which comes with Mobile-One-Time-Password (motp).'); } + if (exec("cd /var/db/pkg && ls | grep bash") == "bash-4.2.20") { + exec("cd /var/db/pkg && pkg_delete `ls | grep bash`"); + log_error('FreeRADIUS: Uninstalling package "bash-4.2.20" which comes with Mobile-One-Time-Password (motp).'); + } } // check if enabled then we need to download "bash" else { - if (exec("cd /var/db/pkg && ls | grep bash") != "bash-4.1.7") { - log_error('FreeRADIUS: Downloading and installing package "bash-4.1.7" to use Mobile-One-Time-Password (motp).'); - exec("pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/`uname -m`/packages-8.1-release/All/bash-4.1.7.tbz"); + if (substr(trim(file_get_contents("/etc/version")),0,3) == "2.0") { + if (exec("cd /var/db/pkg && ls | grep bash") != "bash-4.1.7") { + log_error('FreeRADIUS: Downloading and installing package "bash-4.1.7" to use Mobile-One-Time-Password (motp).'); + exec("pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/ports/`uname -m`/packages-8.1-release/All/bash-4.1.7.tbz"); + } + } else { + if (exec("cd /var/db/pkg && ls | grep bash") != "bash-4.2.20") { + log_error('FreeRADIUS: Downloading and installing package "bash-4.2.20" to use Mobile-One-Time-Password (motp).'); + exec("pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD/ports/`uname -m`/packages-8.3-release/All/bash-4.2.20.tbz"); + } } + $conf .= <<<EOD #!/bin/bash @@ -3950,10 +3960,14 @@ function freeradius_modulesmotp_resync() { global $config; $conf = ''; + // put the constant to a variable + $varRADDB = RADDB; + $varUSRLOCAL = USRLOCAL; + $conf .= <<<EOD exec motp { wait = yes - program = "/usr/local/bin/bash " . RADDB . "/scripts/otpverify.sh %{request:User-Name} %{request:User-Password} %{reply:MOTP-Init-Secret} %{reply:MOTP-PIN} %{reply:MOTP-Offset}" + program = "/usr/local/bin/bash $varRADDB/scripts/otpverify.sh %{request:User-Name} %{request:User-Password} %{reply:MOTP-Init-Secret} %{reply:MOTP-PIN} %{reply:MOTP-Offset}" } EOD; @@ -3969,22 +3983,26 @@ function freeradius_modulesdatacounter_resync() { global $config; $conf = ''; + // put the constant to a variable + $varRADDB = RADDB; + $varUSRLOCAL = USRLOCAL; + $conf .= <<<EOD exec datacounterdaily { wait = yes - program = "/bin/sh " . RADDB . "/scripts/datacounter_acct.sh %{request:User-Name} daily %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" + program = "/bin/sh $varRADDB/scripts/datacounter_acct.sh %{request:User-Name} daily %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" } exec datacounterweekly { wait = yes - program = "/bin/sh " . RADDB . "/scripts/datacounter_acct.sh %{request:User-Name} weekly %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" + program = "/bin/sh $varRADDB/scripts/datacounter_acct.sh %{request:User-Name} weekly %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" } exec datacountermonthly { wait = yes - program = "/bin/sh " . RADDB . "/scripts/datacounter_acct.sh %{request:User-Name} monthly %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" + program = "/bin/sh $varRADDB/scripts/datacounter_acct.sh %{request:User-Name} monthly %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" } exec datacounterforever { wait = yes - program = "/bin/sh " . RADDB . "/scripts/datacounter_acct.sh %{request:User-Name} forever %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" + program = "/bin/sh $varRADDB/scripts/datacounter_acct.sh %{request:User-Name} forever %{request:Acct-Input-Octets} %{request:Acct-Output-Octets}" } EOD; diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index 4cdea6c3..716fd6db 100644 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -200,6 +200,7 @@ <fielddescr>Description</fielddescr> <fieldname>description</fieldname> </columnitem> + <movable>text</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/freeradius2/freeradius_view_config.php b/config/freeradius2/freeradius_view_config.php index ee7ca4c1..a29e1a55 100644 --- a/config/freeradius2/freeradius_view_config.php +++ b/config/freeradius2/freeradius_view_config.php @@ -33,16 +33,10 @@ require("guiconfig.inc"); // Check to find out on which system the package is running -if (exec("uname -r | cut -c 1-3") == '8.3') { - if (exec("uname -m") == "i386") { - define('RADDB', '/usr/pbi/freeradius-i386/etc/raddb'); - } - else { - define('RADDB', '/usr/pbi/freeradius-amd64/etc/raddb'); - } -} -else { +if (substr(trim(file_get_contents("/etc/version")),0,3) == "2.0") { define('RADDB', '/usr/local/etc/raddb'); +} else { + define('RADDB', '/usr/pbi/freeradius-' . php_uname("m") . '/etc/raddb'); } // End of system check diff --git a/config/freeradius2/freeradiusauthorizedmacs.xml b/config/freeradius2/freeradiusauthorizedmacs.xml index 02bf2d2b..898c3e48 100644 --- a/config/freeradius2/freeradiusauthorizedmacs.xml +++ b/config/freeradius2/freeradiusauthorizedmacs.xml @@ -196,6 +196,7 @@ <fielddescr>Description</fielddescr> <fieldname>description</fieldname> </columnitem> + <movable>text</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml index 2bf24ecc..87d8a11f 100644 --- a/config/freeradius2/freeradiusclients.xml +++ b/config/freeradius2/freeradiusclients.xml @@ -128,6 +128,7 @@ <fielddescr>Description</fielddescr> <fieldname>description</fieldname> </columnitem> + <movable>text</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/freeradius2/freeradiusinterfaces.xml b/config/freeradius2/freeradiusinterfaces.xml index 5ec634f1..c944ac17 100644 --- a/config/freeradius2/freeradiusinterfaces.xml +++ b/config/freeradius2/freeradiusinterfaces.xml @@ -116,6 +116,7 @@ <fielddescr>Description</fielddescr> <fieldname>description</fieldname> </columnitem> + <movable>text</movable> </adddeleteeditpagefields> <fields> <field> diff --git a/config/havp/havp.xml b/config/havp/havp.xml index df03fca9..6d991a81 100644 --- a/config/havp/havp.xml +++ b/config/havp/havp.xml @@ -70,8 +70,8 @@ Select interface mode: <br> <b> standard </b> - client(s) bind to the 'proxy port' on selected interface(s); <br> <b> parent for squid </b> - configure HAVP as parent for Squid proxy;<br> - <b> transparent </b> - all 'http' requests on interface(s) will be translated to the HAVP proxy server without any client(s) additional configuration necessary (worked as 'parent for squid' with 'transparent' Squid proxy); <br> - <b> internal </b> - HAVP listen internal interface (127.0.0.1) on 'proxy port', use you own traffic forwarding rules.<br> + <b> transparent </b> - all HTTP requests on interface(s) will be directed to the HAVP proxy server without any client configuration necessary (works as parent for squid with transparent Squid proxy); <br> + <b> internal </b> - HAVP will listen on the loopback (127.0.0.1) on configured 'proxy port.' Use you own traffic forwarding rules.<br> </description> <type>select</type> <default_value>standard</default_value> @@ -85,7 +85,7 @@ <field> <fielddescr>Proxy interface(s)</fielddescr> <fieldname>proxyinterface</fieldname> - <description>The interface(s) for client connections to the proxy. Use 'Ctrl' + L.Click for multiple selection.</description> + <description>The interface(s) for client connections to the proxy. Use 'Ctrl' + L. Click for multiple selection.</description> <type>interfaces_selection</type> <required/> <multiple/> @@ -125,7 +125,7 @@ <fielddescr>Enable Forwarded IP</fielddescr> <fieldname>enableforwardedip</fieldname> <description> - If HAVP is used as parent proxy by some other proxy, this allows to write the real users IP to log, instead of proxy IP. + If HAVP is used as a parent proxy for some other proxy, this allows writing the real user's IP to log, instead of the proxy IP. </description> <type>checkbox</type> </field> @@ -150,7 +150,7 @@ <field> <fielddescr>Max download size, Bytes</fielddescr> <fieldname>maxdownloadsize</fieldname> - <description>Enter value (in Bytes) or leave empty. Downloads larger, than 'Max download size' will be blocked. Only if not Whitelisted!</description> + <description>Enter value (in Bytes) or leave empty. Downloads larger than 'Max download size' will be blocked if not whitelisted.</description> <type>input</type> <size>10</size> <default_value></default_value> @@ -169,7 +169,7 @@ <fielddescr>Whitelist</fielddescr> <fieldname>whitelist</fieldname> <description> - Enter each destination url on a new line that will be accessable to the users without scanning. + Enter each destination URL on a new line that will be accessable to the users without scanning. Use '*' symbol for mask. Example: *.github.com/*, *sourceforge.net/*clamav-*, */*.xml, */*.inc </description> <type>textarea</type> @@ -196,10 +196,10 @@ <fielddescr>Enable RAM Disk</fielddescr> <fieldname>enableramdisk</fieldname> <description> - This option allow use RAM Disk for HAVP temp files for more quick traffic scan. - Ram Disc size depend from 'ScanMax file size and avialable memory. - This option can be ignored in VMVare or on 'low system memory'. - ( RAM Disk size calculated as [1/4 avialable system memory] > [Scan max file size] * 100 ) + This option allow use RAM disk for HAVP temp files for more quick traffic scan. + RAM disk size depends on 'ScanMax' file size and available memory. + This option can be ignored on systems with low memory. + ( RAM disk size calculated as [1/4 available system memory] > [Scan max file size] * 100 ) </description> <type>checkbox</type> </field> @@ -209,7 +209,7 @@ <description> Select this value for limit maximum file size or leave '---(5M)'. Files larger than this limit won't be scanned. - Small values increace scan speed and maximum new connections per second and allow RAM Disk use. + Small values increace scan speed and maximum new connections per second and allow RAM disk use. <br> NOTE: Setting limit is a security risk, because some archives like ZIP need all the data to be scanned properly! Use this only if you diff --git a/config/tinydns/tinydns.inc b/config/tinydns/tinydns.inc index f6b9b556..1b3e7c0c 100644 --- a/config/tinydns/tinydns.inc +++ b/config/tinydns/tinydns.inc @@ -1139,7 +1139,17 @@ function tinydns_dnscache_forwarding_servers($index) { exec("rm -R {$g['varetc_path']}/dnscache/root/servers/"); exec("/bin/mkdir -p {$g['varetc_path']}/dnscache{$index}/root/servers/"); if (intval($config['version']) >= 6) - exec("/bin/cat {$g['varetc_path']}/nameserver_* > {$g['varetc_path']}/dnscache{$index}/root/servers/@"); + if (file_exists("{$g['varetc_path']}/nameserver_*")) { + exec("/bin/cat {$g['varetc_path']}/nameserver_* > {$g['varetc_path']}/dnscache{$index}/root/servers/@"); + } else { + $fw = fopen("{$g['varetc_path']}/dnscache{$index}/root/servers/@", "w"); + if (! $fw) { + printf("Error: cannot open dnscache/root/servers/@ in tinydns_register_forwarding_servers().\n"); + return 1; + } + fwrite($fw, $config['system']['dnsserver'][0]); + fclose($fw); + } else { $fr = fopen("{$g['varetc_path']}/resolv.conf.dnscache", "r"); if (! $fr) { |