aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/arping/arping.inc37
-rw-r--r--config/arping/arping.xml112
-rw-r--r--config/blinkled/blinkled.inc61
-rw-r--r--config/blinkled/blinkled.xml47
-rw-r--r--config/checkmk-agent/checkmk.inc378
-rw-r--r--config/checkmk-agent/checkmk.xml95
-rw-r--r--config/checkmk-agent/checkmk_sync.xml169
-rw-r--r--config/filer/filer.inc240
-rw-r--r--config/filer/filer.xml114
-rw-r--r--config/filer/filer_sync.xml89
-rw-r--r--config/ftpproxy/ftpproxy.inc32
-rw-r--r--config/ftpproxy/ftpproxy.xml46
-rw-r--r--config/gwled/gwled.inc70
-rw-r--r--config/gwled/gwled.php28
-rw-r--r--config/gwled/gwled.xml46
-rw-r--r--config/nmap/nmap.inc43
-rw-r--r--config/nmap/nmap.xml44
-rw-r--r--config/ntopng/ntopng.xml30
-rw-r--r--config/nut/nut.inc320
-rw-r--r--config/nut/nut.xml80
-rw-r--r--config/nut/status_nut.php104
-rw-r--r--config/rrd-summary/rrd-summary.xml84
-rw-r--r--config/rrd-summary/status_rrd_summary.php24
-rw-r--r--config/softflowd/softflowd.xml131
-rw-r--r--config/sshdcond/sshdcond.inc131
-rw-r--r--config/sshdcond/sshdcond.xml80
-rwxr-xr-xconfig/sshdcond/sshdcond_sync.xml68
-rw-r--r--config/sudo/sudo.inc30
-rw-r--r--config/sudo/sudo.xml42
-rw-r--r--config/syslog-ng/syslog-ng.inc4
-rw-r--r--config/tinydns/tinydns.inc47
-rw-r--r--config/tinydns/tinydns.xml124
32 files changed, 1676 insertions, 1274 deletions
diff --git a/config/arping/arping.inc b/config/arping/arping.inc
index 0054adf0..996fddf3 100644
--- a/config/arping/arping.inc
+++ b/config/arping/arping.inc
@@ -1,9 +1,9 @@
<?php
-/* $Id$ */
/*
arping.inc
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2006 Scott Ullrich
- part of pfSense
+ Copyright (C) 2009-2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -28,22 +28,25 @@
POSSIBILITY OF SUCH DAMAGE.
*/
-function arping_deinstall() {
-}
-
-function arping_package_reinstall() {
-}
-
function arping_package_php_command() {
require_once("util.inc");
- if (is_ipaddr($_POST['hostip']) || is_hostname($_POST['hostip']) || is_macaddr($_POST['hostip']))
- system("arping -c3 " . escapeshellarg($_POST['hostip']));
- else
- echo "Invalid input. Supplied address must be a valid IP or MAC address.";
+
+ $button = "<br /><br /><input class=\"formbtn\" type=\"button\" value=\"Back to ARPing\" onclick=\"history.back()\" />";
+ $int_count = (is_numeric($_POST['count']) ? (abs(intval($_POST['count']))) : 3);
+ $arping_options = " -v -c {$int_count}";
+ if (!empty($_POST['interface'])) {
+ $iface = convert_friendly_interface_to_real_interface_name($_POST['interface']);
+ $arping_options .= " -i {$iface}";
+ }
+ if (is_ipaddr($_POST['pinghost']) || is_hostname($_POST['pinghost']) || is_macaddr($_POST['pinghost'])) {
+ $arping_options .= " " . $_POST['pinghost'];
+ echo "<strong>arping {$arping_options} output:</strong><br /><br />";
+ system("/usr/local/sbin/arping {$arping_options}");
+ echo "{$button}";
+ } else {
+ echo "<div class=\"errmsg\">ERROR: Invalid input. Supplied address must be a valid hostname, IP or MAC address.</div>";
+ echo "{$button}";
+ }
exit;
}
-
-function arping_package_resync() {
-}
-
-?> \ No newline at end of file
+?>
diff --git a/config/arping/arping.xml b/config/arping/arping.xml
index c8ab9931..59da6db1 100644
--- a/config/arping/arping.xml
+++ b/config/arping/arping.xml
@@ -2,83 +2,85 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- authng.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007 to whom it may belong
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ arping.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>arping</name>
- <version>2.6.0.2</version>
+ <version>1.2</version>
<title>Diagnostics: ARPing</title>
- <savetext>ARPing</savetext>
+ <savetext>Run ARPing</savetext>
<preoutput>yes</preoutput>
<donotsave>true</donotsave>
<include_file>/usr/local/pkg/arping.inc</include_file>
<menu>
- <name>Arping</name>
- <tooltiptext>Host to arp ping</tooltiptext>
+ <name>ARPing</name>
+ <tooltiptext>The arping utility sends ARP and/or ICMP requests to the specified host and displays the replies.</tooltiptext>
<section>Diagnostics</section>
- <url><![CDATA[/pkg_edit.php?xml=arping.xml&id=0]]></url>
+ <url>/pkg_edit.php?xml=arping.xml&amp;id=0</url>
</menu>
- <tabs>
- <tab>
- <text>arping Settings</text>
- <url><![CDATA[/pkg_edit.php?xml=arping.xml&id=0]]></url>
- <active/>
- </tab>
- </tabs>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/arping/arping.inc</item>
</additional_files_needed>
<fields>
<field>
- <fielddescr>Host IP or MAC</fielddescr>
- <fieldname>hostip</fieldname>
- <description>Enter the host IP or MAC address to ARP ping</description>
+ <fielddescr>IP, Hostname or MAC</fielddescr>
+ <fieldname>pinghost</fieldname>
+ <description>Enter the hostname, IP or MAC address to ARPing.</description>
+ <type>input</type>
+ <required>true</required>
+ </field>
+ <field>
+ <fielddescr>Count</fielddescr>
+ <fieldname>count</fieldname>
+ <description>This is the number of ARP pings to send.</description>
<type>input</type>
+ <typehint>(Defaults to 3.)</typehint>
+ </field>
+ <field>
+ <fielddescr>Interface</fielddescr>
+ <fieldname>interface</fieldname>
+ <description>Use the specified interface.</description>
+ <type>interfaces_selection</type>
+ <hideinterfaceregex>loopback</hideinterfaceregex>
</field>
- </fields>
+ </fields>
<custom_add_php_command>
- arping_package_php_command();
+ arping_package_php_command();
</custom_add_php_command>
</packagegui>
diff --git a/config/blinkled/blinkled.inc b/config/blinkled/blinkled.inc
index ffbc79b2..ef2b6db8 100644
--- a/config/blinkled/blinkled.inc
+++ b/config/blinkled/blinkled.inc
@@ -1,20 +1,45 @@
<?php
+/*
+ blinkled.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
require_once("config.inc");
require_once("functions.inc");
-function blinkled_running () {
- return ((int)exec('pgrep blinkled | wc -l') > 0);
-}
-
function sync_package_blinkled() {
global $config;
$blinkled_config = $config['installedpackages']['blinkled']['config'][0];
- /* kill all instances of blinkled */
- if(blinkled_running()) {
- blinkled_stop();
+ /* Kill all instances of blinkled */
+ if (is_process_running("blinkled")) {
+ mwexec("/usr/bin/killall -9 blinkled");
}
- /* if blinkled not running start it */
- if(!blinkled_running()) {
+ /* If blinkled is not running, start it */
+ if (!is_process_running("blinkled")) {
blinkled_start();
}
}
@@ -26,25 +51,25 @@ function blinkled_launch($int, $led) {
function blinkled_start() {
global $config;
$blinkled_config = $config['installedpackages']['blinkled']['config'][0];
- if (!($blinkled_config['enable']))
+ if (!($blinkled_config['enable'])) {
return;
+ }
- if (($blinkled_config['enable_led2']) && ($blinkled_config['iface_led2']))
+ if (($blinkled_config['enable_led2']) && ($blinkled_config['iface_led2'])) {
blinkled_launch(convert_friendly_interface_to_real_interface_name($blinkled_config['iface_led2']), 2);
- if (($blinkled_config['enable_led3']) && ($blinkled_config['iface_led3']))
+ }
+ if (($blinkled_config['enable_led3']) && ($blinkled_config['iface_led3'])) {
blinkled_launch(convert_friendly_interface_to_real_interface_name($blinkled_config['iface_led3']), 3);
-}
-
-function blinkled_stop() {
- mwexec("/usr/bin/killall -9 blinkled");
+ }
}
function validate_form_blinkled($post, &$input_errors) {
/* Make sure both aren't using the same interface */
- if (($post['iface_led2']) && ($post['iface_led3']) &&
+ if (($post['iface_led2']) && ($post['iface_led3']) &&
(($post['enable_led2']) && ($post['enable_led3'])) &&
- ($post['iface_led2'] == $post['iface_led3']))
+ ($post['iface_led2'] == $post['iface_led3'])) {
$input_errors[] = 'You cannot set two LEDs for a single interface. Please choose seperate interfaces.';
+ }
}
?>
diff --git a/config/blinkled/blinkled.xml b/config/blinkled/blinkled.xml
index aa0c53e8..65a574af 100644
--- a/config/blinkled/blinkled.xml
+++ b/config/blinkled/blinkled.xml
@@ -1,8 +1,49 @@
<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
+/*
+ blinkled.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009-2012 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<title>Interfaces: Assign LEDs</title>
<name>blinkled</name>
- <version>20090710</version>
+ <version>0.4.4</version>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/blinkled.inc</include_file>
<menu>
@@ -14,13 +55,13 @@
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/blinkled/blinkled.inc</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
+ <!-- TODO: Make the blinkled.sh script really usable for start/stop/restart -->
<service>
<name>blinkled</name>
<rcfile>blinkled.sh</rcfile>
<executable>blinkled</executable>
- <description>Blinks LEDs to indicate network activity</description>
+ <description>Network Activity LED Indicator Daemon</description>
</service>
<fields>
<field>
diff --git a/config/checkmk-agent/checkmk.inc b/config/checkmk-agent/checkmk.inc
index def0ae2d..67d82e6b 100644
--- a/config/checkmk-agent/checkmk.inc
+++ b/config/checkmk-agent/checkmk.inc
@@ -1,302 +1,314 @@
<?php
-/* ========================================================================== */
/*
checkmk.inc
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code MUST retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form MUST reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
-
-define('ETC_SERVICES','/etc/services');
-define('ETC_INETD','/etc/inetd.conf');
-define('ETC_HOSTS_ALLOW','/etc/hosts.allow');
-define('ETC_RC_CONF','/etc/rc.conf.local');
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+define('ETC_SERVICES', '/etc/services');
+define('ETC_INETD', '/etc/inetd.conf');
+define('ETC_HOSTS_ALLOW', '/etc/hosts.allow');
+define('ETC_RC_CONF', '/etc/rc.conf.local');
function checkmk_install() {
- // Download latest check_mk version from head repo
- $checkmk_bin="/usr/local/bin/check_mk_agent";
- mwexec("fetch -o {$checkmk_bin} 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=refs/heads/1.2.6'");
- chmod($checkmk_bin,0755);
- sync_package_checkmk();
-}
+ /*
+ Download last STABLE check_mk version (1.2.5i7) from upstream git repository.
+ IMPORTANT NOTE: Newer versions require bash instead of sh!
+ */
+ $checkmk_bin = "/usr/local/bin/check_mk_agent";
+ $checkmk_url = 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=e13899bde8bdafe13780427811c8153c59be807f';
+ mwexec("fetch -o {$checkmk_bin} \"{$checkmk_url}\"");
+ chmod($checkmk_bin, 0755);
-function checkmk_deinstall() {
- // reserved
+ sync_package_checkmk();
}
-function checkmk_start() {
- global $g, $config;
-
- // reserved
+function checkmk_text_area_decode($text) {
+ return preg_replace('/\r\n/', "\n", base64_decode($text));
}
-function checkmk_text_area_decode($text){
- return preg_replace('/\r\n/', "\n",base64_decode($text));
-}
function sync_package_checkmk() {
- global $config, $g;
- $update_conf=0;
+ global $config, $g, $mk_config;
+ $update_conf = 0;
- if (!is_array($config['installedpackages']['checkmk']['config']))
+ if (!is_array($config['installedpackages']['checkmk']['config'])) {
return;
-
- $mk_config=$config['installedpackages']['checkmk']['config'][0];
-
- $checkmk_bin="/usr/local/bin/check_mk_agent";
- if (!file_exists($checkmk_bin) && $mk_config['checkmkenable']=="on"){
- $error = "Check_mk-agent Binary file not found";
- log_error($error." You can manually download it using this cmd: fetch -o {$checkmk_bin} 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=refs/heads/1.2.6'");
- file_notice("Check_mk-agent", $error, "checkmk save config", "");
+ }
+
+ $mk_config = $config['installedpackages']['checkmk']['config'][0];
+
+ $checkmk_bin = "/usr/local/bin/check_mk_agent";
+ $checkmk_url = 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=e13899bde8bdafe13780427811c8153c59be807f';
+ if (!file_exists($checkmk_bin) && $mk_config['checkmkenable'] == "on") {
+ $error = "ERROR: check_mk-agent binary file not found.";
+ $error .= " You can manually download it using this cmd: fetch -o {$checkmk_bin} \"{$checkmk_url}\"";
+ log_error($error);
+ file_notice("check_mk-agent", $error, "checkmk save config", "");
return;
- }
- //mount filesystem writeable
+ }
+
conf_mount_rw();
-
- // check services file
- $mk_services= file(ETC_SERVICES);
- $port=($mk_config['checkmkport'] ? $mk_config['checkmkport'] : "6556");
- foreach($mk_services as $mk_service){
- if (!preg_match("/check_mk/",$mk_service))
+
+ /* Check services file. */
+ $mk_services = file(ETC_SERVICES);
+ $port = ($mk_config['checkmkport'] ? $mk_config['checkmkport'] : "6556");
+ foreach ($mk_services as $mk_service) {
+ if (!preg_match("/check_mk/", $mk_service)) {
$mk_service_file.=chop($mk_service)."\n";
}
- if ($mk_config['checkmkenable']=="on")
- $mk_service_file.="check_mk {$port}/tcp #check_mk agent\n";
- file_put_contents(ETC_SERVICES,$mk_service_file,LOCK_EX);
-
- // check inetd file
- $mk_inetds= file(ETC_INETD);
- foreach($mk_inetds as $mk_inetd){
- if (!preg_match("/check_mk/",$mk_inetd))
+ }
+ if ($mk_config['checkmkenable']=="on") {
+ $mk_service_file .= "check_mk {$port}/tcp #check_mk agent\n";
+ file_put_contents(ETC_SERVICES, $mk_service_file, LOCK_EX);
+ }
+
+ /* Check inetd file. */
+ $mk_inetds = file(ETC_INETD);
+ foreach ($mk_inetds as $mk_inetd) {
+ if (!preg_match("/check_mk/",$mk_inetd)) {
$mk_inetd_file.=chop($mk_inetd)."\n";
}
- if ($mk_config['checkmkenable']=="on")
- $mk_inetd_file.="check_mk stream tcp nowait root /usr/local/bin/check_mk_agent check_mk\n";
- file_put_contents(ETC_INETD,$mk_inetd_file,LOCK_EX);
-
- // check hosts.allow
- $mk_hosts= file(ETC_HOSTS_ALLOW);
- $inet_daemons_count=0;
- foreach($mk_hosts as $mk_host){
- if (!preg_match("/check_mk/",$mk_host))
- $mk_hosts_file.=chop($mk_host)."\n";
- if (preg_match("/^\w+/"))
+ }
+ if ($mk_config['checkmkenable']=="on") {
+ $mk_inetd_file .= "check_mk stream tcp nowait root /usr/local/bin/check_mk_agent check_mk\n";
+ }
+ file_put_contents(ETC_INETD, $mk_inetd_file, LOCK_EX);
+
+ /* Check hosts.allow file. */
+ $mk_hosts = file(ETC_HOSTS_ALLOW);
+ $inet_daemons_count = 0;
+ foreach ($mk_hosts as $mk_host) {
+ if (!preg_match("/check_mk/",$mk_host)) {
+ $mk_hosts_file .= chop($mk_host) . "\n";
+ }
+ if (preg_match("/^\w+/")) {
$inet_daemons_count++;
}
- if ($mk_config['checkmkenable']=="on")
- foreach (explode(',',$mk_config['checkmkhosts']) as $check_mk_host){
- $mk_hosts_file.="check_mk : {$check_mk_host} : allow\n";
+ }
+ if ($mk_config['checkmkenable'] == "on") {
+ foreach (explode(',',$mk_config['checkmkhosts']) as $check_mk_host) {
+ $mk_hosts_file .= "check_mk : {$check_mk_host} : allow\n";
$inet_daemons_count++;
- }
- file_put_contents(ETC_HOSTS_ALLOW,$mk_hosts_file,LOCK_EX);
-
- //check inetd daemon rc_conf option
- $mk_rc_confs= file(ETC_RC_CONF);
- foreach($mk_rc_confs as $mk_rc_conf){
- if (!preg_match("/inetd_/",$mk_rc_conf))
- $mk_rc_conf_file.=chop($mk_rc_conf)."\n";
}
- if ($mk_config['checkmkenable']=="on"){
- $mk_rc_conf_file.='inetd_enable="YES"'."\n";
- $mk_rc_conf_file.='inetd_flags="-wW"'."\n";
+ }
+ file_put_contents(ETC_HOSTS_ALLOW, $mk_hosts_file, LOCK_EX);
+
+ /* Check inetd daemon rc_conf option. */
+ $mk_rc_confs= file(ETC_RC_CONF);
+ foreach ($mk_rc_confs as $mk_rc_conf) {
+ if (!preg_match("/inetd_/",$mk_rc_conf)) {
+ $mk_rc_conf_file .= chop($mk_rc_conf)."\n";
}
-
- file_put_contents(ETC_RC_CONF,$mk_rc_conf_file,LOCK_EX);
- if ($inet_daemons_count > 0)
+ }
+ if ($mk_config['checkmkenable']=="on") {
+ $mk_rc_conf_file .= 'inetd_enable="YES"' . "\n";
+ $mk_rc_conf_file .= 'inetd_flags="-wW"' . "\n";
+ }
+
+ file_put_contents(ETC_RC_CONF, $mk_rc_conf_file, LOCK_EX);
+ if ($inet_daemons_count > 0) {
mwexec("/etc/rc.d/inetd restart");
- else
+ } else {
mwexec("/etc/rc.d/inetd stop");
+ }
- //Write config if any file from filesystem was loaded
- if ($update_conf > 0)
+ /* Write config if any file from filesystem was loaded. */
+ if ($update_conf > 0) {
write_config();
-
- // mount filesystem readonly
+ }
+
conf_mount_ro();
-
+
checkmk_sync_on_changes();
}
function checkmk_validate_input($post, &$input_errors) {
foreach ($post as $key => $value) {
- if (empty($value))
+ if (empty($value)) {
continue;
- if (substr($key, 0, 3) == "port" && !preg_match("/^\d+$/", $value))
+ }
+ if (substr($key, 0, 3) == "port" && !preg_match("/^\d+$/", $value)) {
$input_errors[] = "{$value} is no a valid port number";
- if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value))
+ }
+ if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) {
$input_errors[] = "Do not use special characters on description";
- if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value))
+ }
+ if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) {
$input_errors[] = "Do not use special characters on filename";
-
+ }
+
}
}
-##############################################
-/* Uses XMLRPC to synchronize the changes to a remote node */
+
+/* Uses XMLRPC to synchronize the changes to a remote node. */
function checkmk_sync_on_changes() {
global $config, $g;
- if (is_array($config['installedpackages']['checkmksync']['config'])){
- $checkmk_sync=$config['installedpackages']['checkmksync']['config'][0];
+ if (is_array($config['installedpackages']['checkmksync']['config'])) {
+ $checkmk_sync = $config['installedpackages']['checkmksync']['config'][0];
$synconchanges = $checkmk_sync['synconchanges'];
$synctimeout = $checkmk_sync['synctimeout'];
- switch ($synconchanges){
+ switch ($synconchanges) {
case "manual":
- if (is_array($checkmk_sync[row])){
- $rs=$checkmksync[row];
- }
- else{
- log_error("[Check_mk-agent] xmlrpc sync is enabled but there is no hosts to push on squid config.");
+ if (is_array($checkmk_sync[row])) {
+ $rs = $checkmksync[row];
+ } else {
+ log_error("[check_mk-agent] XMLRPC sync is enabled but there is no hosts to push on squid config.");
return;
- }
+ }
break;
case "auto":
- if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){
- $system_carp=$config['installedpackages']['carpsettings']['config'][0];
- $rs[0]['ipaddress']=$system_carp['synchronizetoip'];
- $rs[0]['username']=$system_carp['username'];
- $rs[0]['password']=$system_carp['password'];
- }
- else{
- log_error("[Check_mk-agent] xmlrpc sync is enabled but there is no system backup hosts to push squid config.");
- return;
- }
- break;
+ if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])) {
+ $system_carp = $config['installedpackages']['carpsettings']['config'][0];
+ $rs[0]['ipaddress'] = $system_carp['synchronizetoip'];
+ $rs[0]['username'] = $system_carp['username'];
+ $rs[0]['password'] = $system_carp['password'];
+ } else {
+ log_error("[check_mk-agent] XMLRPC sync is enabled but there is no system backup hosts to push squid config.");
+ return;
+ }
+ break;
default:
return;
break;
}
- if (is_array($rs)){
- log_error("[Check_mk-agent] xmlrpc sync is starting.");
- foreach($rs as $sh){
+ if (is_array($rs)) {
+ log_error("[check_mk-agent] XMLRPC sync is starting.");
+ foreach ($rs as $sh) {
$sync_to_ip = $sh['ipaddress'];
$password = $sh['password'];
- if($sh['username'])
+ if ($sh['username']) {
$username = $sh['username'];
- else
+ } else {
$username = 'admin';
- if($password && $sync_to_ip)
+ }
+ if ($password && $sync_to_ip) {
checkmk_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout);
}
- log_error("[Check_mk-agent] xmlrpc sync is ending.");
+ log_error("[check_mk-agent] XMLRPC sync is ending.");
}
- }
+ }
+ }
}
-##############################################
-/* Do the actual XMLRPC sync */
+
+/* Do the actual XMLRPC sync. */
function checkmk_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout) {
global $config, $g;
- if(!$username)
+ if (!$username) {
return;
-
- if(!$password)
+ }
+
+ if (!$password) {
return;
+ }
- if(!$sync_to_ip)
+ if (!$sync_to_ip) {
return;
+ }
$xmlrpc_sync_neighbor = $sync_to_ip;
- if($config['system']['webgui']['protocol'] != "") {
+ if($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
$synchronizetoip .= "://";
- }
- $port = $config['system']['webgui']['port'];
- /* if port is empty lets rely on the protocol selection */
- if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ }
+ $port = $config['system']['webgui']['port'];
+ /* If port is empty, let's rely on the protocol selection. */
+ if ($port == "") {
+ if($config['system']['webgui']['protocol'] == "http") {
$port = "80";
- else
+ } else {
$port = "443";
- }
+ }
+ }
$synchronizetoip .= $sync_to_ip;
- /* xml will hold the sections to sync */
+ /* xml will hold the sections to sync. */
$xml = array();
$xml['checkmk'] = $config['installedpackages']['checkmk'];
-
- /* assemble xmlrpc payload */
+
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
- /* set a few variables needed for sync code borrowed from filter.inc */
+ /* Set a few variables needed for sync code; borrowed from filter.inc. */
$url = $synchronizetoip;
- log_error("[Check_mk-agent] Beginning checkmk XMLRPC sync to {$url}:{$port}.");
+ log_error("[check_mk-agent] Beginning checkmk XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
- if($g['debug'])
+ if ($g['debug']) {
$cli->setDebug(1);
- /* send our XMLRPC message and timeout after 250 seconds */
+ }
+ /* Send our XMLRPC message and timeout after 250 seconds. */
$resp = $cli->send($msg, $synctimeout);
- if(!$resp) {
- $error = "[Check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port}.";
+ if (!$resp) {
+ $error = "[check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port}.";
log_error($error);
file_notice("sync_settings", $error, "checkmk Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, $synctimeout);
- $error = "[Check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ $error = "[check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
log_error($error);
file_notice("sync_settings", $error, "checkmk Settings Sync", "");
} else {
- log_error("[Check_mk-agent] XMLRPC sync successfully completed with {$url}:{$port}.");
+ log_error("[check_mk-agent] XMLRPC sync successfully completed with {$url}:{$port}.");
}
-
- /* tell checkmk to reload our settings on the destionation sync host. */
+
+ /* Tell check_mk to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
- $execcmd = "require_once('/usr/local/pkg/checkmk.inc');\n";
+ $execcmd = "require_once('/usr/local/pkg/checkmk.inc');\n";
$execcmd .= "sync_package_checkmk();";
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
);
-
- log_error("[Check_mk-agent] XMLRPC reload data {$url}:{$port}.");
+
+ log_error("[check_mk-agent] XMLRPC reload data {$url}:{$port}.");
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
$resp = $cli->send($msg, $synctimeout);
- if(!$resp) {
- $error = "[Check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
+ if (!$resp) {
+ $error = "[check_mk-agent] A communications error occurred while attempting checkmk XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
log_error($error);
file_notice("sync_settings", $error, "checkmk Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, $synctimeout);
- $error = "[Check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ $error = "[check_mk-agent] An error code was received while attempting checkmk XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
log_error($error);
file_notice("sync_settings", $error, "checkmk Settings Sync", "");
} else {
- log_error("[Check_mk-agent] XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
+ log_error("[check_mk-agent] XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
}
-
}
?>
diff --git a/config/checkmk-agent/checkmk.xml b/config/checkmk-agent/checkmk.xml
index 3709dce1..786a7977 100644
--- a/config/checkmk-agent/checkmk.xml
+++ b/config/checkmk-agent/checkmk.xml
@@ -1,61 +1,60 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- checkmk.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013 Marcello Coutinho
- All rights reserved.
+ checkmk.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
*/
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code MUST retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form MUST reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>checkmk</name>
- <version>0.1.1</version>
- <title>Check_mk Agent</title>
+ <version>0.1.4</version>
+ <title>check_mk Agent</title>
<include_file>/usr/local/pkg/checkmk.inc</include_file>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/checkmk-agent/checkmk.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/checkmk-agent/checkmk_sync.xml</item>
</additional_files_needed>
<menu>
- <name>Check_mk Agent</name>
+ <name>check_mk Agent</name>
<tooltiptext>checkmk</tooltiptext>
<section>Diagnostics</section>
<url>/pkg_edit.php?xml=checkmk.xml</url>
@@ -71,21 +70,23 @@
<url>/pkg_edit.php?xml=checkmk_sync.xml</url>
</tab>
</tabs>
-
<fields>
<field>
<type>listtopic</type>
<fieldname>temp</fieldname>
- <name>Check_mk agent configuration</name>
+ <name>check_mk Agent Configuration</name>
</field>
<field>
<fielddescr>Enable check_mk Agent</fielddescr>
<fieldname>checkmkenable</fieldname>
<type>checkbox</type>
<size>60</size>
- <description><![CDATA[Enable check_mk Agent on this server. This will check all config options to run check_mk binary on your system.<br>
- <strong>Reference:</strong><br>https://github.com/sileht/check_mk/tree/master/doc<br><br>
- <strong>Latest check_mk version:</strong> fetch -o /usr/local/bin/check_mk_agent 'http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=HEAD']]></description>
+ <description>
+ <![CDATA[
+ Enable check_mk agent on this server. This will check all config options to run check_mk binary on your system.<br />
+ For reference, see <a href="https://github.com/sileht/check_mk/tree/master/doc">project documentation at GitHub</a>.
+ ]]>
+ </description>
<required/>
</field>
<field>
@@ -101,19 +102,17 @@
<description>Enter hosts (comma separated) that can communicate with this agent.</description>
<type>input</type>
<size>60</size>
- </field>
+ </field>
</fields>
<custom_php_install_command>
checkmk_install();
</custom_php_install_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
<custom_php_validation_command>
checkmk_validate_input($_POST, $input_errors);
</custom_php_validation_command>
<custom_delete_php_command>
sync_package_checkmk();
- </custom_delete_php_command>
+ </custom_delete_php_command>
<custom_php_resync_config_command>
sync_package_checkmk();
</custom_php_resync_config_command>
diff --git a/config/checkmk-agent/checkmk_sync.xml b/config/checkmk-agent/checkmk_sync.xml
index 6603991d..1165152c 100644
--- a/config/checkmk-agent/checkmk_sync.xml
+++ b/config/checkmk-agent/checkmk_sync.xml
@@ -2,47 +2,48 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- checkmk_sync.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2013 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
+ checkmk_sync.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>checkmksync</name>
- <version>1.1</version>
- <title>Check_mk Agent: Sync</title>
+ <version>0.1.4</version>
+ <title>check_mk Agent: Sync</title>
<include_file>/usr/local/pkg/checkmk.inc</include_file>
<tabs>
<tab>
@@ -59,8 +60,8 @@
<field>
<type>listtopic</type>
<fieldname>temp</fieldname>
- <name>Enable checkmk configuration sync</name>
- </field>
+ <name>Enable check_mk configuration sync</name>
+ </field>
<field>
<fielddescr>Sync Option</fielddescr>
<fieldname>synconchanges</fieldname>
@@ -69,24 +70,48 @@
<required/>
<default_value>auto</default_value>
<options>
- <option><name>Sync to configured system backup server</name><value>auto</value></option>
- <option><name>Sync to host(s) defined below</name><value>manual</value></option>
- <option><name>Do not sync this package configuration</name><value>disabled</value></option>
+ <option>
+ <name>Sync to configured system backup server</name>
+ <value>auto</value>
+ </option>
+ <option>
+ <name>Sync to host(s) defined below</name>
+ <value>manual</value>
+ </option>
+ <option>
+ <name>Do not sync this package configuration</name>
+ <value>disabled</value>
+ </option>
</options>
</field>
<field>
- <fielddescr>Sync timeout</fielddescr>
+ <fielddescr>Sync Timeout</fielddescr>
<fieldname>synctimeout</fieldname>
<description>Select sync max wait time</description>
<type>select</type>
<required/>
<default_value>250</default_value>
<options>
- <option><name>250 seconds(Default)</name><value>250</value></option>
- <option><name>120 seconds</name><value>120</value></option>
- <option><name>90 seconds</name><value>90</value></option>
- <option><name>60 seconds</name><value>60</value></option>
- <option><name>30 seconds</name><value>30</value></option>
+ <option>
+ <name>250 seconds (Default)</name>
+ <value>250</value>
+ </option>
+ <option>
+ <name>120 seconds</name>
+ <value>120</value>
+ </option>
+ <option>
+ <name>90 seconds</name>
+ <value>90</value>
+ </option>
+ <option>
+ <name>60 seconds</name>
+ <value>60</value>
+ </option>
+ <option>
+ <name>30 seconds</name>
+ <value>30</value>
+ </option>
</options>
</field>
<field>
@@ -94,36 +119,36 @@
<fieldname>none</fieldname>
<type>rowhelper</type>
<rowhelper>
- <rowhelperfield>
- <fielddescr>IP Address</fielddescr>
- <fieldname>ipaddress</fieldname>
- <description>IP Address of remote server</description>
- <type>input</type>
- <size>20</size>
- <required/>
- </rowhelperfield>
- <rowhelperfield>
- <fielddescr>User Name</fielddescr>
- <fieldname>username</fieldname>
- <description>user name of remote server</description>
- <type>input</type>
- <size>20</size>
- </rowhelperfield>
- <rowhelperfield>
- <fielddescr>Password</fielddescr>
- <fieldname>password</fieldname>
- <description>Password for remote server.</description>
- <type>password</type>
- <size>20</size>
- <required/>
- </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>IP Address</fielddescr>
+ <fieldname>ipaddress</fieldname>
+ <description>IP Address of remote server</description>
+ <type>input</type>
+ <size>20</size>
+ <required/>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Username</fielddescr>
+ <fieldname>username</fieldname>
+ <description>Username on remote server</description>
+ <type>input</type>
+ <size>20</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Password</fielddescr>
+ <fieldname>password</fieldname>
+ <description>Password for remote server</description>
+ <type>password</type>
+ <size>20</size>
+ <required/>
+ </rowhelperfield>
</rowhelper>
</field>
</fields>
<custom_php_resync_config_command>
- checkmk_sync_on_changes();
+ checkmk_sync_on_changes();
</custom_php_resync_config_command>
- <custom_php_command_before_form>
+ <custom_php_command_before_form>
unset($_POST['temp']);
</custom_php_command_before_form>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/filer/filer.inc b/config/filer/filer.inc
index b89553e4..3a012dd2 100644
--- a/config/filer/filer.inc
+++ b/config/filer/filer.inc
@@ -1,194 +1,191 @@
<?php
-/* ========================================================================== */
-/*
- filerinc
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
- Copyright (C) 2012 Marcello Coutinho
- Copyright (C) 2012 Brian Scholer
- All rights reserved.
- */
-/* ========================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
+ filer.inc
+ part of pfSense (https://www.pfsense.org/)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2012 Brian Scholer
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
/* ========================================================================== */
-
-
-function filer_install() {
- // reserved
+function filer_text_area_decode($text) {
+ return preg_replace('/\r\n/', "\n", base64_decode($text));
}
-function filer_deinstall() {
- // reserved
-}
-
-function filer_start() {
- global $g, $config;
-
- // reserved
-}
-
-function filer_text_area_decode($text){
- return preg_replace('/\r\n/', "\n",base64_decode($text));
-}
function sync_package_filer() {
global $config, $g;
- $update_conf=0;
- #mount filesystem writeable
+ $update_conf = 0;
+
conf_mount_rw();
-
- #loop on configured files
- if($config['installedpackages']['filer']['config']!="") {
- $count=0;
- foreach($config['installedpackages']['filer']['config'] as $file) {
- if ($file['filedata']=="" && file_exists($file['fullfile'])){
- $config['installedpackages']['filer']['config'][$count]['filedata']=base64_encode(file_get_contents($file['fullfile']));
- $file['filedata']=base64_encode(file_get_contents($file['fullfile']));
+
+ /* Loop on configured files. */
+ if ($config['installedpackages']['filer']['config'] != "") {
+ $count = 0;
+ foreach ($config['installedpackages']['filer']['config'] as $file) {
+ if ($file['filedata']=="" && file_exists($file['fullfile'])) {
+ $config['installedpackages']['filer']['config'][$count]['filedata'] = base64_encode(file_get_contents($file['fullfile']));
+ $file['filedata'] = base64_encode(file_get_contents($file['fullfile']));
$update_conf++;
- }
+ }
$count++;
- if(preg_match("/0?[0-7]{3}/", $file['mod']))
+ if (preg_match("/0?[0-7]{3}/", $file['mod'])) {
$mod = octdec($file['mod']);
- else
- $mod = 0700;
-
- #write file
- file_put_contents($file['fullfile'], filer_text_area_decode($file['filedata']),LOCK_EX);
+ } else {
+ $mod = 0644;
+ }
+
+ /* Write file. */
+ file_put_contents($file['fullfile'], filer_text_area_decode($file['filedata']), LOCK_EX);
chmod($file['fullfile'], $mod);
-
- #check if there is a script to run after file save
- if($file['cmd']!= "")
- switch ($file['background']){
+
+ /* Check if there is a script to run after file save. */
+ if ($file['cmd'] != "") {
+ switch ($file['background']) {
case "background":
mwexec_bg($file['cmd']);
break;
case "foreground":
mwexec($file['cmd']);
- break;
+ break;
}
-
+ }
}
- #Write config if any file from filesystem was loaded
- if ($update_conf > 0)
- write_config();
+ /* Write config if any file from filesystem was loaded. */
+ if ($update_conf > 0) {
+ write_config();
+ }
}
- #mount filesystem readonly
+
conf_mount_ro();
-
+
filer_sync_on_changes();
}
function filer_validate_input($post, &$input_errors) {
foreach ($post as $key => $value) {
- if (empty($value))
+ if (empty($value)) {
continue;
- if (substr($key, 0, 3) == "mod" && !preg_match("/^0?[0-7]{3}$/", $value))
- $input_errors[] = "{$value} is valid permission number";
- if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value))
- $input_errors[] = "Do not use special characters on description";
- if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value))
- $input_errors[] = "Do not use special characters on filename";
-
+ }
+ if (substr($key, 0, 3) == "mod" && !preg_match("/^0?[0-7]{3}$/", $value)) {
+ $input_errors[] = "{$value} is not valid permissions mode number.";
+ }
+ if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) {
+ $input_errors[] = "Do not use special characters in description.";
+ }
+ if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) {
+ $input_errors[] = "Do not use special characters in filename.";
+ }
}
}
-/* Uses XMLRPC to synchronize the changes to a remote node */
+/* Uses XMLRPC to synchronize the changes to a remote node. */
function filer_sync_on_changes() {
global $config, $g;
-
+
log_error("[filer] filer_xmlrpc_sync.php is starting.");
- $synconchanges = $config['installedpackages']['filersync']['config'][0]['synconchanges'];
- if(!$synconchanges)
+ $synconchanges = $config['installedpackages']['filersync']['config'][0]['synconchanges'];
+ if (!$synconchanges) {
return;
- foreach ($config['installedpackages']['filersync']['config'] as $rs ){
- foreach($rs['row'] as $sh){
+ }
+ foreach ($config['installedpackages']['filersync']['config'] as $rs) {
+ foreach ($rs['row'] as $sh) {
$sync_to_ip = $sh['ipaddress'];
$password = $sh['password'];
- if($sh['username'])
+ if ($sh['username']) {
$username = $sh['username'];
- else
+ } else {
$username = 'admin';
- if($password && $sync_to_ip)
+ }
+ if ($password && $sync_to_ip) {
filer_do_xmlrpc_sync($sync_to_ip, $username, $password);
}
+ }
}
log_error("[filer] filer_xmlrpc_sync.php is ending.");
}
-/* Do the actual XMLRPC sync */
+
+/* Do the actual XMLRPC sync. */
function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) {
global $config, $g;
- if(!$username)
+ if (!$username) {
return;
-
- if(!$password)
+ }
+
+ if (!$password) {
return;
+ }
- if(!$sync_to_ip)
+ if (!$sync_to_ip) {
return;
+ }
$xmlrpc_sync_neighbor = $sync_to_ip;
- if($config['system']['webgui']['protocol'] != "") {
+ if ($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
$synchronizetoip .= "://";
- }
- $port = $config['system']['webgui']['port'];
- /* if port is empty lets rely on the protocol selection */
- if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ }
+ $port = $config['system']['webgui']['port'];
+ /* If port is empty, let's rely on the protocol selection. */
+ if ($port == "") {
+ if ($config['system']['webgui']['protocol'] == "http") {
$port = "80";
- else
+ } else {
$port = "443";
- }
+ }
+ }
$synchronizetoip .= $sync_to_ip;
- /* xml will hold the sections to sync */
+ /* xml will hold the sections to sync. */
$xml = array();
$xml['filer'] = $config['installedpackages']['filer'];
-
- /* assemble xmlrpc payload */
+
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
- /* set a few variables needed for sync code borrowed from filter.inc */
+ /* Set a few variables needed for sync; code borrowed from filter.inc. */
$url = $synchronizetoip;
log_error("Beginning Filer XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
- if($g['debug'])
+ if ($g['debug']) {
$cli->setDebug(1);
- /* send our XMLRPC message and timeout after 250 seconds */
+ }
+ /* Send our XMLRPC message and timeout after 250 seconds. */
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting filer XMLRPC sync with {$url}:{$port}.";
log_error($error);
file_notice("sync_settings", $error, "filer Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting filer XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -197,27 +194,27 @@ function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) {
} else {
log_error("filer XMLRPC sync successfully completed with {$url}:{$port}.");
}
-
- /* tell filer to reload our settings on the destionation sync host. */
+
+ /* Tell filer to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
- $execcmd = "require_once('/usr/local/pkg/filer.inc');\n";
+ $execcmd = "require_once('/usr/local/pkg/filer.inc');\n";
$execcmd .= "sync_package_filer();";
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
);
-
+
log_error("filer XMLRPC reload data {$url}:{$port}.");
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting filer XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
log_error($error);
file_notice("sync_settings", $error, "filer Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting filer XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -226,7 +223,6 @@ function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) {
} else {
log_error("filer XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
}
-
}
?>
diff --git a/config/filer/filer.xml b/config/filer/filer.xml
index 71821067..ab49bb21 100644
--- a/config/filer/filer.xml
+++ b/config/filer/filer.xml
@@ -1,59 +1,58 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- filer.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
- Copyright (C) 2011 Brian Scholer
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
+ filer.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ Copyright (C) 2011 Brian Scholer
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
*/
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>filer</name>
- <version>0.60.1</version>
+ <version>0.60.2</version>
<title>Filer</title>
<include_file>/usr/local/pkg/filer.inc</include_file>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/filer/filer.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/filer/filer_sync.xml</item>
</additional_files_needed>
<menu>
@@ -73,7 +72,6 @@
<url>/pkg_edit.php?xml=filer_sync.xml</url>
</tab>
</tabs>
-
<adddeleteeditpagefields>
<columnitem>
<fielddescr>File</fielddescr>
@@ -99,7 +97,7 @@
<fieldname>fullfile</fieldname>
<type>input</type>
<size>60</size>
- <description>Enter Full file path</description>
+ <description>Enter full file path.</description>
<required/>
</field>
<field>
@@ -107,6 +105,7 @@
<fieldname>description</fieldname>
<description>Enter a description for this file.</description>
<type>input</type>
+ <typehint>(Not parsed -- this is for your reference only.)</typehint>
<size>60</size>
</field>
<field>
@@ -114,7 +113,7 @@
<fieldname>mod</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Enter file permission you want on this file<br>Blank leaves the permissions alone.]]></description>
+ <description><![CDATA[Enter file permission you want on this file<br />If left blank, default file permissions (0644) will be used.]]></description>
</field>
<field>
<fielddescr>File Contents</fielddescr>
@@ -129,32 +128,37 @@
<field>
<type>listtopic</type>
<fieldname>temp</fieldname>
- <name>cmd to run after file save/sync</name>
+ <name>Command to run after file save/sync.</name>
</field>
<field>
- <fielddescr>script</fielddescr>
+ <fielddescr>Script/Command</fielddescr>
<fieldname>cmd</fieldname>
- <description>Enter script or cmd to run after file save/sync</description>
+ <description>Enter script or command to run after file save/sync.</description>
<type>input</type>
+ <typehint>(Optional. If using a custom script, it must have executable bit set.)</typehint>
<size>60</size>
</field>
<field>
- <fielddescr>execute mode</fielddescr>
+ <fielddescr>Execute mode</fielddescr>
<fieldname>background</fieldname>
<type>select</type>
<options>
- <option><name>Background (default)</name><value>background</value></option>
- <option><name>Foreground</name><value>foreground</value></option>
- <option><name>Do not run this script</name><value>disabled</value></option>
+ <option>
+ <name>Background (default)</name>
+ <value>background</value>
+ </option>
+ <option>
+ <name>Foreground</name>
+ <value>foreground</value>
+ </option>
+ <option>
+ <name>Do not run this script</name>
+ <value>disabled</value>
+ </option>
</options>
<description>Choose the way script will run.</description>
</field>
</fields>
- <custom_php_install_command>
- filer_install();
- </custom_php_install_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
<custom_php_validation_command>
filer_validate_input($_POST, $input_errors);
</custom_php_validation_command>
@@ -164,4 +168,4 @@
<custom_php_resync_config_command>
sync_package_filer();
</custom_php_resync_config_command>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/filer/filer_sync.xml b/config/filer/filer_sync.xml
index c51bae86..0b4124ce 100644
--- a/config/filer/filer_sync.xml
+++ b/config/filer/filer_sync.xml
@@ -2,48 +2,49 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
-/* ========================================================================== */
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
/*
- filer_sync.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
- Copyright (C) 2011 Brian Scholer
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
+ filer_sync.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+ Copyright (C) 2011 Brian Scholer
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>filersync</name>
- <version>1.1</version>
+ <version>1.2</version>
<title>Filer: Sync</title>
<include_file>/usr/local/pkg/filer.inc</include_file>
<tabs>
@@ -62,11 +63,11 @@
<type>listtopic</type>
<fieldname>temp</fieldname>
<name>Enable Filer configuration sync</name>
- </field>
+ </field>
<field>
- <fielddescr>Automatically sync Filer configuration changes</fielddescr>
+ <fielddescr>Automatically sync Filer configuration changes.</fielddescr>
<fieldname>synconchanges</fieldname>
- <description>pfSense will automatically sync changes to the hosts defined below. Blank user assumes 'admin'.</description>
+ <description>pfSense will automatically sync changes to the hosts defined below. (Leave blank to use 'admin'.)</description>
<type>checkbox</type>
</field>
<field>
@@ -77,7 +78,7 @@
<rowhelperfield>
<fielddescr>IP Address</fielddescr>
<fieldname>ipaddress</fieldname>
- <description>IP Address of remote server</description>
+ <description>IP Address of remote server.</description>
<type>input</type>
<size>20</size>
<required/>
@@ -85,7 +86,7 @@
<rowhelperfield>
<fielddescr>User Name</fielddescr>
<fieldname>username</fieldname>
- <description>user name of remote server</description>
+ <description>user name of remote server.</description>
<type>input</type>
<size>20</size>
</rowhelperfield>
@@ -101,9 +102,9 @@
</field>
</fields>
<custom_php_resync_config_command>
- filer_sync_on_changes();
+ filer_sync_on_changes();
</custom_php_resync_config_command>
- <custom_php_command_before_form>
+ <custom_php_command_before_form>
unset($_POST['temp']);
</custom_php_command_before_form>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/ftpproxy/ftpproxy.inc b/config/ftpproxy/ftpproxy.inc
index 7fc54775..ece580c2 100644
--- a/config/ftpproxy/ftpproxy.inc
+++ b/config/ftpproxy/ftpproxy.inc
@@ -1,4 +1,34 @@
<?php
+/*
+ ftpproxy.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+*/
function sync_package_ftpproxy() {
conf_mount_rw();
config_lock();
@@ -144,4 +174,4 @@ function ftpproxy_generate_rules($type) {
}
return $rules;
}
-?> \ No newline at end of file
+?>
diff --git a/config/ftpproxy/ftpproxy.xml b/config/ftpproxy/ftpproxy.xml
index 5bd123dc..eb2af370 100644
--- a/config/ftpproxy/ftpproxy.xml
+++ b/config/ftpproxy/ftpproxy.xml
@@ -1,12 +1,52 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
+/*
+ ftpproxy.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>FTP Client Proxy</name>
- <version>0.2</version>
+ <version>0.2.1</version>
<title>FTP Client Proxy</title>
<aftersaveredirect>pkg_edit.php?xml=ftpproxy.xml</aftersaveredirect>
<include_file>/usr/local/pkg/ftpproxy.inc</include_file>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/ftpproxy/ftpproxy.inc</item>
</additional_files_needed>
<menu>
@@ -95,7 +135,7 @@
<field>
<fielddescr>Idle Timeout (Default: 86400)</fielddescr>
<fieldname>idletimeout</fieldname>
- <description>(Seconds) Number of seconds that the control connection can be idle, before the proxy will disconnect. The maximum is 86400 seconds. Do not set this too low, because the control connection is usually idle when large data transfers are taking place.</description>
+ <description>(Seconds) Number of seconds that the control connection can be idle, before the proxy will disconnect. The maximum is 86400 seconds. Do not set this too low, because the control connection is usually idle when large data transfers are taking place.</description>
<type>input</type>
</field>
<field>
diff --git a/config/gwled/gwled.inc b/config/gwled/gwled.inc
index dad6fe69..9917208b 100644
--- a/config/gwled/gwled.inc
+++ b/config/gwled/gwled.inc
@@ -1,17 +1,42 @@
<?php
-require_once("functions.inc");
+/*
+ gwled.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2011 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
-function gwled_running () {
- return ((int)exec('pgrep -f gwled | wc -l') > 0);
-}
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("functions.inc");
function sync_package_gwled() {
global $config;
$gwled_config = $config['installedpackages']['gwled']['config'][0];
led_normalize();
- /* kill all instances of gwled */
- if(gwled_running()) {
- gwled_stop();
+ /* Kill all instances of gwled */
+ if (is_process_running("gwled")) {
+ mwexec("/bin/pkill -9 -f gwled");
}
gwled_start();
}
@@ -19,29 +44,27 @@ function sync_package_gwled() {
function gwled_start() {
global $config;
$gwled_config = $config['installedpackages']['gwled']['config'][0];
- if (!($gwled_config['enable']))
+ if (!($gwled_config['enable'])) {
return;
+ }
// How often to run the check, in seconds.
$interval = 15;
- if (($gwled_config['enable_led2']) && ($gwled_config['gw_led2'])
- || ($gwled_config['enable_led3']) && ($gwled_config['gw_led3'])) {
+ if (($gwled_config['enable_led2']) && ($gwled_config['gw_led2']) ||
+ ($gwled_config['enable_led3']) && ($gwled_config['gw_led3'])) {
mwexec("/usr/local/bin/minicron {$interval} /var/run/gwled.pid /usr/local/bin/gwled.php");
mwexec_bg("/usr/local/bin/gwled.php");
}
}
-function gwled_stop() {
- exec("/bin/pkill -9 -f gwled");
-}
-
function validate_form_gwled($post, &$input_errors) {
/* Make sure both aren't using the same interface */
- if (($post['gw_led2']) && ($post['gw_led3']) &&
+ if (($post['gw_led2']) && ($post['gw_led3']) &&
(($post['enable_led2']) && ($post['enable_led3'])) &&
- ($post['gw_led2'] == $post['gw_led3']))
+ ($post['gw_led2'] == $post['gw_led3'])) {
$input_errors[] = 'You cannot set two LEDs for a single gateway. Please choose seperate interfaces.';
+ }
}
function gwled_get_gateways() {
@@ -49,7 +72,7 @@ function gwled_get_gateways() {
foreach ($gateways as $gateway) {
$tmp["name"] = "{$gateway['name']} (Monitor: {$gateway['monitor']})";
- $tmp["value"] = $gateway['name'];
+ $tmp["value"] = $gateway['name'];
$gws[] = $tmp;
}
return $gws;
@@ -59,18 +82,21 @@ function gwled_set_status($gateway, $led) {
$a_gateways = return_gateways_array();
$gateways_status = array();
$gateways_status = return_gateways_status(true);
+
if ($gateways_status[$gateway]) {
$status = $gateways_status[$gateway]['status'];
- if (stristr($status, "down"))
+ if (stristr($status, "down")) {
led_blink($led, "veryfast");
- elseif (stristr($status, "loss"))
+ } elseif (stristr($status, "loss")) {
led_blink($led, "fast");
- elseif (stristr($status, "delay"))
+ } elseif (stristr($status, "delay")) {
led_blink($led, "medium");
- elseif ($status == "none")
+ } elseif ($status == "none") {
led_on($led);
- } else
+ }
+ } else {
led_blink($led, "veryfast");
+ }
}
?>
diff --git a/config/gwled/gwled.php b/config/gwled/gwled.php
index efcb73dd..bddf41eb 100644
--- a/config/gwled/gwled.php
+++ b/config/gwled/gwled.php
@@ -1,5 +1,33 @@
#!/usr/local/bin/php -q
<?php
+/*
+ gwled.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2011 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
require_once("config.inc");
require_once("functions.inc");
require_once("gwled.inc");
diff --git a/config/gwled/gwled.xml b/config/gwled/gwled.xml
index 015ab3bb..5d2a047e 100644
--- a/config/gwled/gwled.xml
+++ b/config/gwled/gwled.xml
@@ -1,8 +1,47 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
+/*
+ gwled.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2011-2013 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<title>Interfaces: Gateway Status LEDs</title>
<name>gwled</name>
- <version>20110810</version>
+ <version>0.2.2</version>
<savetext>Save</savetext>
<include_file>/usr/local/pkg/gwled.inc</include_file>
<menu>
@@ -14,13 +53,13 @@
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/gwled/gwled.inc</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0644</chmod>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/bin/</prefix>
<chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/gwled/gwled.php</item>
</additional_files_needed>
+ <!-- TODO: Make the gwled.sh script really usable for start/stop/restart -->
<service>
<name>gwled</name>
<rcfile>gwled.sh</rcfile>
@@ -33,8 +72,7 @@
<fieldname>enable</fieldname>
<type>checkbox</type>
<enablefields>enable_led2,enable_led3,gw_led2,gw_led3</enablefields>
- <description>if this is enabled, it will use LED #2 and #3 to
- indicate gateway status with a peridic poll.</description>
+ <description>if this is enabled, it will use LED #2 and #3 to indicate gateway status with a peridic poll.</description>
</field>
<field>
<fielddescr>Enable LED #2</fielddescr>
diff --git a/config/nmap/nmap.inc b/config/nmap/nmap.inc
index 632d4b2d..cbf1b15a 100644
--- a/config/nmap/nmap.inc
+++ b/config/nmap/nmap.inc
@@ -1,9 +1,9 @@
<?
-/* $Id$ */
/*
- part of pfSense (https://www.pfsense.org/)
-
- Copyright (C) 2006 Bill Marquette - bill.marquette@gmail.com.
+ nmap.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2006 Bill Marquette <bill.marquette@gmail.com>
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -43,20 +43,16 @@ function nmap_install() {
}
/* Only copy the file if it doesn't exist */
if (file_exists($source_file) && !file_exists($destination_file)) {
- if (!is_dir(dirname($destination_file))) {
- @mkdir(dirname($destination_file), 0644, true);
- }
+ safe_mkdir(dirname($destination_file));
@symlink($source_file, $destination_file);
}
}
-function nmap_custom_php_validation_command($post, & $input_errors) {
+function nmap_custom_php_validation_command($post, &$input_errors) {
global $_POST, $savemsg, $config;
if (empty($_POST['hostname'])) {
$input_errors[] = gettext("You must enter an IP address to scan.");
- } elseif (!(is_ipaddr($_POST['hostname']) ||
- is_subnet($_POST['hostname']) ||
- is_hostname($_POST['hostname']))) {
+ } elseif (!(is_ipaddr($_POST['hostname']) || is_subnet($_POST['hostname']) || is_hostname($_POST['hostname']))) {
$input_errors[] = gettext("You must enter a valid IP address to scan.");
}
@@ -71,9 +67,9 @@ function nmap_custom_php_validation_command($post, & $input_errors) {
function nmap_custom_add_php_command() {
$nmap_options = "";
- if (function_exists("is_ipaddrv6") && function_exists("is_subnetv6"))
- if (is_ipaddrv6($_POST['hostname']) || is_subnetv6($_POST['hostname']))
- $nmap_options .= " -6";
+ if (is_ipaddrv6($_POST['hostname']) || is_subnetv6($_POST['hostname'])) {
+ $nmap_options .= " -6";
+ }
switch($_POST['scanmethod']) {
case 'syn':
@@ -93,14 +89,23 @@ function nmap_custom_add_php_command() {
break;
}
- if($_POST['noping']) $nmap_options .= " -P0";
- if($_POST['servicever']) $nmap_options .= " -sV";
- if($_POST['osdetect']) $nmap_options .= " -O";
- if(!empty($_POST['interface'])) $nmap_options .= " -e " . get_real_interface($_POST['interface']);
+ if ($_POST['noping']) {
+ $nmap_options .= " -P0";
+ }
+ if ($_POST['servicever']) {
+ $nmap_options .= " -sV";
+ }
+ if ($_POST['osdetect']) {
+ $nmap_options .= " -O";
+ }
+ if (!empty($_POST['interface'])) {
+ $nmap_options .= " -e " . get_real_interface($_POST['interface']);
+ }
$nmap_options .= " " . escapeshellarg($_POST['hostname']);
- echo "Running: /usr/local/bin/nmap {$nmap_options}</br>";
+ echo "<strong>Running: /usr/local/bin/nmap {$nmap_options}</strong><br />";
system("/usr/local/bin/nmap" . $nmap_options);
+ echo "<br /><br /><input class=\"formbtn\" type=\"button\" value=\"Back to NMap\" onclick=\"history.back()\" />";
}
function nmap_get_interfaces() {
diff --git a/config/nmap/nmap.xml b/config/nmap/nmap.xml
index ad0f8e0a..446ba461 100644
--- a/config/nmap/nmap.xml
+++ b/config/nmap/nmap.xml
@@ -7,26 +7,25 @@
/* $Id$ */
/* ========================================================================== */
/*
- authng.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007 to whom it may belong
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ nmap.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2006 Bill Marquette <bill.marquette@gmail.com>
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
*/
-/* ========================================================================== */
+/* ====================================================================================== */
/*
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
@@ -39,20 +38,16 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
-/* ========================================================================== */
+/* ====================================================================================== */
]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>nmap</name>
- <version>6.40_2 pkg v1.3</version>
+ <version>1.4</version>
<title>Diagnostics: NMap</title>
<savetext>Scan</savetext>
<preoutput>yes</preoutput>
<donotsave>true</donotsave>
<include_file>/usr/local/pkg/nmap.inc</include_file>
- <!-- Menu is where this packages menu will appear -->
<menu>
<name>NMap</name>
<tooltiptext>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</tooltiptext>
@@ -61,7 +56,6 @@
</menu>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/nmap/nmap.inc</item>
</additional_files_needed>
<fields>
@@ -97,23 +91,23 @@
<field>
<fielddescr>-P0</fielddescr>
<fieldname>noping</fieldname>
- <description>This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when port scanning microsoft.com. Note the "ping" in this context may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbitrary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.</description>
+ <description>This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when port scanning microsoft.com. Note the "ping" in this context may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbitrary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.</description>
<type>checkbox</type>
<typehint>Do not try to ping hosts at all before scanning them.</typehint>
</field>
<field>
<fielddescr>-sV</fielddescr>
<fieldname>servicever</fieldname>
- <description>After TCP and/or UDP ports are discovered using one of the other scan methods, version detection communicates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version)</description>
+ <description>After TCP and/or UDP ports are discovered using one of the other scan methods, version detection communicates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version).</description>
<type>checkbox</type>
- <typehint>Try to identify service versions</typehint>
+ <typehint>Try to identify service versions.</typehint>
</field>
<field>
<fielddescr>-O</fielddescr>
<fieldname>osdetect</fieldname>
- <description>This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtleties in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning</description>
+ <description>This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtleties in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning.</description>
<type>checkbox</type>
- <typehint>Turn on OS detection</typehint>
+ <typehint>Turn on OS detection.</typehint>
</field>
</fields>
<custom_add_php_command>
diff --git a/config/ntopng/ntopng.xml b/config/ntopng/ntopng.xml
index dcb3f2b7..3d07b064 100644
--- a/config/ntopng/ntopng.xml
+++ b/config/ntopng/ntopng.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
@@ -8,7 +8,7 @@
/* ========================================================================== */
/*
ntopng.xml
- part of pfSense (http://www.pfSense.com)
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2014 ESF, LLC
All rights reserved.
*/
@@ -39,7 +39,7 @@
]]>
</copyright>
<name>ntopng</name>
- <version>1.2 v0.5</version>
+ <version>0.7.2</version>
<title>Diagnostics: ntopng Settings</title>
<savetext>Change</savetext>
<aftersaveredirect>pkg_edit.php?xml=ntopng.xml</aftersaveredirect>
@@ -146,6 +146,8 @@
config_lock();
global $config;
global $input_errors;
+ global $pf_version, $scripts_path, $fonts_path;
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
if ($_POST) {
$config['installedpackages']['ntopng']['config'] = array();
$config['installedpackages']['ntopng']['config'][0] = $_POST;
@@ -156,15 +158,26 @@
safe_mkdir("/var/db/ntopng/rrd/graphics", 0755, true);
system("/bin/chmod -R 755 /var/db/ntopng");
system("/usr/sbin/chown -R nobody:nobody /var/db/ntopng");
- $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+
if ($pf_version == "2.2") {
$fonts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/lib/X11/fonts";
+ $scripts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/share/ntopng/scripts";
} else if ($pf_version == "2.1") {
$fonts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/lib/X11/fonts";
+ $scripts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/share/ntopng/scripts";
} else {
$fonts_path = "/usr/local/lib/X11/fonts";
}
+ if ($pf_version == "2.1" || $pf_version == "2.2") {
+ $ntopng_share_path = "/usr/local/share/ntopng";
+ $scripts_link_path = $ntopng_share_path . "/scripts";
+ safe_mkdir("$ntopng_share_path", 0755, true);
+ if (!file_exists($scripts_link_path)) {
+ symlink($scripts_path, $scripts_link_path);
+ }
+ }
system("/bin/cp -Rp {$fonts_path}/webfonts/ {$fonts_path}/TTF/");
+
$first = 0;
foreach($ntopng_config['interface_array'] as $iface) {
$if = convert_friendly_interface_to_real_interface_name($iface);
@@ -211,7 +224,6 @@
$disable_alerts = "-H";
}
- $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
if ($pf_version == "2.2") {
$redis_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/bin";
} else if ($pf_version == "2.1") {
@@ -318,6 +330,12 @@
</custom_php_install_command>
<custom_php_deinstall_command>
exec("rm /usr/local/etc/rc.d/ntopng*");
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version == "2.1" || $pf_version == "2.2") {
+ if (is_dir("/usr/local/share/ntopng/")) {
+ exec("rm -rf /usr/local/share/ntopng/");
+ }
+ }
</custom_php_deinstall_command>
<custom_php_validation_command>
<![CDATA[
diff --git a/config/nut/nut.inc b/config/nut/nut.inc
index a186ab30..dae2269e 100644
--- a/config/nut/nut.inc
+++ b/config/nut/nut.inc
@@ -2,8 +2,8 @@
/*
nut.inc
part of pfSense (https://www.pfsense.org/)
-
- Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>.
+ Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -30,8 +30,7 @@
require_once("config.inc");
require_once("functions.inc");
-
- /* Nut */
+ require_once("util.inc");
define('NUT_RCFILE', '/usr/local/etc/rc.d/nut.sh');
@@ -43,80 +42,58 @@
define('NUT_DIR','/usr/local/etc/nut');
}
- function nut_notice ($msg) { syslog(LOG_NOTICE, "nut: {$msg}"); return; }
- function nut_warn ($msg) { syslog(LOG_WARNING, "nut: {$msg}"); return; }
-
- function nut_action ($action) {
- if (file_exists(NUT_RCFILE))
- mwexec(NUT_RCFILE.' '.$action);
- }
-
- function nut_config ($name) {
+ function nut_config($name) {
global $config;
- if($config['installedpackages']['nut']['config'][0]["{$name}"])
+ if ($config['installedpackages']['nut']['config'][0]["{$name}"]) {
return $config['installedpackages']['nut']['config'][0]["{$name}"];
- return null;
- }
+ } else {
+ return null;
+ }
+ }
- function nut_config_sub ($name,$len) {
+ function nut_config_sub($name,$len) {
global $config;
- if(nut_config($name))
+ if (nut_config($name)) {
return substr(nut_config($name),0,strlen(nut_config($name))-$len);
- return null;
- }
-
+ } else {
+ return null;
+ }
+ }
+
function nut_write_config($file, $text, $mask = null, $uid = null) {
$conf = fopen($file, "w");
- if(!$conf) {
- nut_warn("Could not open {$file} for writing.");
+ if (!$conf) {
+ log_error("[nut] ERROR: Could not open {$file} for writing.");
exit;
}
fwrite($conf, $text);
fclose($conf);
- if($mask) chmod($file, $mask);
- if($uid) chown($file, $uid);
+ if ($mask) {
+ chmod($file, $mask);
+ }
+ if ($uid) {
+ chown($file, $uid);
+ }
}
- function nut_validate_ip($ip,$check_cdir) {
- /* validate cdir */
- if($check_cdir) {
- $ip_array = explode("/",$ip);
- if(count($ip_array) == 2) {
- if($ip_array[1] < 1 || $ip_array[1] > 32)
- return false;
- } else
- if(count($ip_array) != 1)
- return false;
- } else
- $ip_array[] = $ip;
-
- /* validate ip */
- if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip_array[0]))
- return false;
- foreach(explode(".", $ip_array[0]) as $sub)
- if($sub < 0 || $sub > 256)
- return false;
- return true;
- }
-
function before_form_nut(&$pkg) {
/* return available serial ports */
-
+
$serial_types = array("sio", "cua", "tty");
$ignore_files = array(".lock", ".init");
- foreach($serial_types as $st) {
+ foreach ($serial_types as $st) {
$devices = glob("/dev/{$st}*");
- foreach($devices as $line) {
- if($line != '') {
+ foreach ($devices as $line) {
+ if ($line != '') {
$ignore = false;
- foreach($ignore_files as $if) {
- if(strstr($line, $if)) {
+ foreach ($ignore_files as $if) {
+ if (strstr($line, $if)) {
$ignore = true;
continue;
}
}
- if($ignore == false) {
+ if ($ignore == false) {
$names[] = str_replace("/dev/", "", $line);
$values[] = $line;
}
@@ -127,69 +104,80 @@
/* find correct field */
$i = 0;
foreach ($pkg['fields']['field'] as $field) {
- if ($field['fieldname'] == 'port')
+ if ($field['fieldname'] == 'port') {
break;
- $i++;
- }
- $field = &$pkg['fields']['field'][$i];
+ } else {
+ $i++;
+ }
+ }
+ $field = &$pkg['fields']['field'][$i];
/* add available serial ports */
- for ($i = 0; $i < count($values) ; $i++)
+ for ($i = 0; $i < count($values); $i++) {
$field['options']['option'][] = array('name' => $names[$i], 'value' => $values[$i]);
+ }
}
function validate_form_nut($post, &$input_errors) {
global $config;
/* monitor remote validation */
- if($post['monitor'] == 'remote') {
- if(!$post['remotename'])
+ if ($post['monitor'] == 'remote') {
+ if (!$post['remotename']) {
$input_errors[] = 'You must specify a name in the \'Remote UPS Name\' field';
- if($post['remotename'] && !eregi('^[a-z0-9_.-]+$', $post['remotename']))
- $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Remote UPS Name\' field';
- if(!$post['remoteaddr'] || !nut_validate_ip($post['remoteaddr'],false))
+ }
+ if ($post['remotename'] && !preg_match("/^[a-zA-Z0-9-_]+$/", $post['name'])) {
+ $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Remote UPS Name\' field';
+ }
+ if (!$post['remoteaddr'] || !is_ipaddr($post['remoteaddr'])) {
$input_errors[] = 'You must specify a valid address \'Remote UPS Address\' field';
- if(!$post['remoteuser'])
+ }
+ if (!$post['remoteuser']) {
$input_errors[] = 'You must specify a name in the \'Remote UPS User\' field';
- if(!$post['remotepass'])
+ }
+ if (!$post['remotepass']) {
$input_errors[] = 'You must specify a name in the \'Remote UPS Password\' field';
- }
-
- /* monitor local validation */
- elseif($post['monitor'] == 'local') {
- if(!$post['name'])
+ }
+ } elseif ($post['monitor'] == 'local') {
+ /* monitor local validation */
+ if (!$post['name']) {
$input_errors[] = 'You must specify a name in the \'Local UPS Name\' field';
- if($post['name'] && !eregi('^[a-z0-9_.-]+$', $post['name']))
- $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Local UPS Name\' field';
- if(!$post['driver'])
+ }
+ if ($post['name'] && !preg_match("/^[a-zA-Z0-9-_]+$/", $post['name'])) {
+ $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Local UPS Name\' field';
+ }
+ if (!$post['driver']) {
$input_errors[] = 'You must select a driver in the \'Local UPS Driver\' field';
- if(!$post['port'])
+ }
+ if (!$post['port']) {
$input_errors[] = 'You must select a port in the \'Local UPS Port\' field';
+ }
}
}
function deinstall_package_nut() {
- nut_action('stop');
+ stop_service("nut");
- @unlink(NUT_RCFILE);
- @unlink(NUT_DIR.'/upsmon.conf');
- @unlink(NUT_DIR.'/ups.conf');
- @unlink(NUT_DIR.'/upsd.conf');
- @unlink(NUT_DIR.'/upsd.users');
+ unlink_if_exists(NUT_RCFILE);
+ unlink_if_exists(NUT_DIR.'/upsmon.conf');
+ unlink_if_exists(NUT_DIR.'/ups.conf');
+ unlink_if_exists(NUT_DIR.'/upsd.conf');
+ unlink_if_exists(NUT_DIR.'/upsd.users');
- exec('rm -rf /var/db/nut');
- }
+ exec('/bin/rm -rf /var/db/nut');
+ }
function sync_package_nut_remote() {
$remotename = nut_config('remotename');
$remoteaddr = nut_config('remoteaddr');
$remoteuser = nut_config('remoteuser');
$remotepass = nut_config('remotepass');
- $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
+ $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
$custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf'));
- if(!($remotename && $remoteaddr && $remoteuser && $remotepass))
+ if (!($remotename && $remoteaddr && $remoteuser && $remotepass)) {
return false;
+ }
/* upsmon.conf */
$upsmon_conf = <<<EOD
@@ -199,16 +187,16 @@ SHUTDOWNCMD "/sbin/shutdown {$shutdownflag} +0"
POWERDOWNFLAG /etc/killpower
{$custom_upsmonconf}
EOD;
-
+
$stop = <<<EOD
-if [ `pgrep upsmon | wc -l` != 0 ]; then
+if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then
/usr/bin/killall upsmon
- while [ `pgrep upsmon | wc -l` != 0 ]; do
+ while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do
sleep 1
done
fi
EOD;
-
+
$start = $stop."\n\t/usr/local/sbin/upsmon {$remotename}@{$remoteaddr}\n";
/* write out configuration */
@@ -216,10 +204,10 @@ EOD;
nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp');
write_rcfile(array(
'file' => 'nut.sh',
- 'start' => $start,
- 'stop' => $stop
- )
- );
+ 'start' => $start,
+ 'stop' => $stop
+ )
+ );
conf_mount_ro();
return true;
@@ -227,6 +215,7 @@ EOD;
function sync_package_nut_local() {
global $pfs_version;
+ $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
$name = nut_config('name');
$driver = nut_config_sub('driver', 2);
@@ -235,43 +224,46 @@ EOD;
$cable = nut_config_sub('cable', 3);
$allowuser = nut_config('allowuser');
$allowpass = nut_config('allowpass');
- $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
+ $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
$custom_upsconf = str_replace(";", "\n", nut_config('custom_upsconf'));
$custom_upsdconf = str_replace(";", "\n", nut_config('custom_upsdconf'));
$custom_upsdusers = str_replace(";", "\n", nut_config('custom_upsdusers'));
$custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf'));
- if(!($name && $driver && $port))
+ if (!($name && $driver && $port)) {
return false;
+ }
/* some installs are missing the lock dir */
- if(!is_dir('/var/spool/lock')) {
- @mkdir('/var/spool');
- mkdir('/var/spool/lock');
+ if (!is_dir('/var/spool/lock')) {
+ safe_mkdir('/var/spool');
+ safe_mkdir('/var/spool/lock');
chown('/var/spool/lock', 'uucp');
chgrp('/var/spool/lock', 'dialer');
}
/* determine permissions for port */
- if($port != 'auto') {
+ if ($port != 'auto') {
$port_rel = "chown root {$port}";
$port_set = "chown uucp {$port}";
}
/* ups.conf */
- /* for usb ups run as root */
- if($port == 'auto') {
+ /* for USB ups run as root */
+ if ($port == 'auto') {
$ups_conf = "user=root\n";
$ovr_user = '-u root';
}
$ups_conf .= "[{$name}]\n";
$ups_conf .= "driver={$driver}\n";
$ups_conf .= "port={$port}\n";
- if($cable)
+ if ($cable) {
$ups_conf .= "cable={$cable}\n";
- if($upstype)
+ }
+ if ($upstype) {
$ups_conf .= "upstype={$upstype}\n";
+ }
$ups_conf .= "{$custom_upsconf}";
/* upsd.conf */
@@ -284,17 +276,18 @@ EOD;
$upsd_users = "[monuser]\n";
$upsd_users .= "password = {$password}\n";
$upsd_users .= "upsmon master\n";
- if($allowuser && $allowpass) {
+ if ($allowuser && $allowpass) {
$upsd_users .= "\n[$allowuser]\n";
$upsd_users .= "password = $allowpass\n";
$upsd_users .= "upsmon master\n";
}
$upsd_users .= "{$custom_upsdusers}";
- if ($pfs_version == "2.1")
+ if ($pfs_version == "2.1") {
$upsdrvctl = "/usr/local/libexec/nut/upsdrvctl";
- else
+ } else {
$upsdrvctl = "/usr/local/sbin/upsdrvctl";
+ }
/* upsmon.conf */
$upsmon_conf = <<<EOD
@@ -306,26 +299,26 @@ POWERDOWNFLAG /etc/killpower
EOD;
$stop = <<<EOD
- if [ `pgrep upsmon | wc -l` != 0 ]; then
+ if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then
echo stopping upsmon
/usr/bin/killall upsmon
- while [ `pgrep upsmon | wc -l` != 0 ]; do
+ while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do
sleep 1
done
fi
- if [ `pgrep upsd | wc -l` != 0 ]; then
+ if [ `/bin/pgrep upsd | /usr/bin/wc -l` != 0 ]; then
echo stopping upsd
/usr/bin/killall upsd
fi
- if [ `pgrep {$driver} | wc -l` != 0 ]; then
+ if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
echo stopping {$driver}
{$upsdrvctl} stop
fi
sleep 1
- if [ `pgrep {$driver} | wc -l` != 0 ]; then
+ if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
echo forcing {$driver} termination
/usr/bin/killall {$driver}
- while [ `pgrep {$driver} | wc -l` != 0 ]; do
+ while [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; do
sleep 1
done
fi
@@ -333,7 +326,7 @@ EOD;
EOD;
$start = <<<EOD
-if [ `pgrep {$driver} | wc -l` != 0 ]; then
+if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
{$stop}
fi
{$port_set}
@@ -356,9 +349,9 @@ EOD;
nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp');
write_rcfile(array(
'file' => 'nut.sh',
- 'start' => $start,
- 'stop' => $stop
- )
+ 'start' => $start,
+ 'stop' => $stop
+ )
);
conf_mount_ro();
@@ -369,7 +362,7 @@ EOD;
$name = nut_config('snmpname');
$driver = "snmp-ups";
$port = nut_config('snmpaddr');
- $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
+ $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h';
$snmpmib = nut_config('snmpmib');
$snmpversion = nut_config('snmpversion');
$snmpcommunity = nut_config('snmpcommunity');
@@ -382,8 +375,9 @@ EOD;
$custom_upsdusers = str_replace(";", "\n", nut_config('custom_upsdusers'));
$custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf'));
- if(!($name && $driver && $port))
+ if (!($name && $driver && $port)) {
return false;
+ }
/* ups.conf */
$ups_conf = "user=root\n";
@@ -391,16 +385,21 @@ EOD;
$ups_conf .= "[{$name}]\n";
$ups_conf .= "driver={$driver}\n";
$ups_conf .= "port={$port}\n";
- if($snmpmib)
+ if ($snmpmib) {
$ups_conf .= "mibs={$snmpmib}\n";
- if($snmpversion)
+ }
+ if ($snmpversion) {
$ups_conf .= "snmp_version={$snmpversion}\n";
- if($snmpcommunity)
+ }
+ if ($snmpcommunity) {
$ups_conf .= "community={$snmpcommunity}\n";
- if($snmpfreq)
+ }
+ if ($snmpfreq) {
$ups_conf .= "pollfreq={$snmpfreq}\n";
- if($snmpdisabletransfer)
+ }
+ if ($snmpdisabletransfer) {
$ups_conf .= "notransferoids=true\n";
+ }
$ups_conf .= "{$custom_upsconf}";
/* upsd.conf */
@@ -413,13 +412,14 @@ EOD;
$upsd_users = "[monuser]\n";
$upsd_users .= "password = {$password}\n";
$upsd_users .= "upsmon master\n";
- if($allowuser && $allowpass) {
+ if ($allowuser && $allowpass) {
$upsd_users .= "\n[$allowuser]\n";
$upsd_users .= "password = $allowpass\n";
$upsd_users .= "upsmon master\n";
}
$upsd_users .= "{$custom_upsdusers}";
+ $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
if ($pfs_version == "2.1")
$upsdrvctl = "/usr/local/libexec/nut/upsdrvctl";
else
@@ -435,26 +435,26 @@ POWERDOWNFLAG /etc/killpower
EOD;
$stop = <<<EOD
- if [ `pgrep upsmon | wc -l` != 0 ]; then
+ if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then
echo stopping upsmon
/usr/bin/killall upsmon
- while [ `pgrep upsmon | wc -l` != 0 ]; do
+ while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do
sleep 1
done
fi
- if [ `pgrep upsd | wc -l` != 0 ]; then
+ if [ `/bin/pgrep upsd | /usr/bin/wc -l` != 0 ]; then
echo stopping upsd
/usr/bin/killall upsd
fi
- if [ `pgrep {$driver} | wc -l` != 0 ]; then
+ if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
echo stopping {$driver}
{$upsdrvctl} stop
fi
sleep 1
- if [ `pgrep {$driver} | wc -l` != 0 ]; then
+ if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
echo forcing {$driver} termination
/usr/bin/killall {$driver}
- while [ `pgrep {$driver} | wc -l` != 0 ]; do
+ while [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; do
sleep 1
done
fi
@@ -462,7 +462,7 @@ EOD;
EOD;
$start = <<<EOD
-if [ `pgrep {$driver} | wc -l` != 0 ]; then
+if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then
{$stop}
fi
{$port_set}
@@ -485,8 +485,8 @@ EOD;
nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp');
write_rcfile(array(
'file' => 'nut.sh',
- 'start' => $start,
- 'stop' => $stop
+ 'start' => $start,
+ 'stop' => $stop
)
);
conf_mount_ro();
@@ -500,51 +500,49 @@ EOD;
config_lock();
- nut_action('stop');
+ stop_service("nut");
/* create state path */
- if(!is_dir('/var/db/nut')) {
- mkdir('/var/db/nut');
- chmod('/var/db/nut', 0700);
- chown('/var/db/nut', 'uucp');
- }
+ safe_mkdir("/var/db/nut", 0700);
+ chown('/var/db/nut', 'uucp');
- if(nut_config('monitor') == 'remote')
+ if (nut_config('monitor') == 'remote') {
$return = sync_package_nut_remote();
- elseif(nut_config('monitor') == 'local')
+ } elseif (nut_config('monitor') == 'local') {
$return = sync_package_nut_local();
- elseif(nut_config('monitor') == 'snmp')
+ } elseif (nut_config('monitor') == 'snmp') {
$return = sync_package_nut_snmp();
+ }
- if($return && $_POST['monitor']) {
+ if ($return && $_POST['monitor']) {
/* only start if changing settings as we have a startup script for system boot */
/* this prevents service from starting / stopping / starting on boot */
-
- nut_notice('Starting service');
- nut_action('start');
- if((int)exec('pgrep upsmon | wc -l') == 0)
- nut_notice('Service failed to start: check configuration');
- } elseif(!$return && file_exists(NUT_RCFILE)) {
+ log_error("[nut] INFO: Starting service");
+ start_service("nut");
+ if ((int)exec('/bin/pgrep upsmon | /usr/bin/wc -l') == 0) {
+ log_error("[nut] ERROR: Service failed to start: check configuration.");
+ }
+ } elseif (!$return && file_exists(NUT_RCFILE)) {
/* no parameters user does not want nut running */
/* lets stop the service and remove the rc file */
- if(!nut_config('monitor'))
- nut_notice('Service stopped: nut disabled');
- else
- nut_notice('Service stopped: check configuration');
+ if (!nut_config('monitor')) {
+ log_error("[nut] INFO: Service stopped: nut disabled");
+ } else {
+ log_error("[nut] WARNING: Service stopped: check configuration.");
+ }
conf_mount_rw();
- unlink(NUT_RCFILE);
- unlink(NUT_DIR.'/upsmon.conf');
- /* might not always exist */
- @unlink(NUT_DIR.'/ups.conf');
- @unlink(NUT_DIR.'/upsd.conf');
- @unlink(NUT_DIR.'/upsd.users');
- exec('rm -rf /var/db/nut');
+ unlink_if_exists(NUT_RCFILE);
+ unlink_if_exists(NUT_DIR.'/upsmon.conf');
+ unlink_if_exists(NUT_DIR.'/ups.conf');
+ unlink_if_exists(NUT_DIR.'/upsd.conf');
+ unlink_if_exists(NUT_DIR.'/upsd.users');
+ exec('/bin/rm -rf /var/db/nut');
conf_mount_ro();
}
-
+
config_unlock();
}
?>
diff --git a/config/nut/nut.xml b/config/nut/nut.xml
index d1496a16..ca7ca956 100644
--- a/config/nut/nut.xml
+++ b/config/nut/nut.xml
@@ -2,51 +2,46 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- nut.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007 to whom it may belong
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ nut.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>nut</name>
- <version>2.6.5_1 pkg 2.0.1</version>
+ <version>2.0.5</version>
<title>Services: NUT</title>
<savetext>Change</savetext>
<aftersaveredirect>/status_nut.php</aftersaveredirect>
@@ -75,13 +70,11 @@
</tab>
</tabs>
<additional_files_needed>
- <prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
+ <prefix>/usr/local/pkg/</prefix>
<item>https://packages.pfsense.org/packages/config/nut/nut.inc</item>
</additional_files_needed>
<additional_files_needed>
- <prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
+ <prefix>/usr/local/www/</prefix>
<item>https://packages.pfsense.org/packages/config/nut/status_nut.php</item>
</additional_files_needed>
<advanced_options>enabled</advanced_options>
@@ -187,8 +180,7 @@
<field>
<fielddescr>&lt;strong&gt;Local UPS Model&lt;/strong&gt;</fielddescr>
<fieldname>driver</fieldname>
- <description>If generic or cable specified in parenthesis you need
- to select the appropriate option below.</description>
+ <description>If generic or cable specified in parenthesis you need to select the appropriate option below.</description>
<type>select</type>
<options>
<option>
diff --git a/config/nut/status_nut.php b/config/nut/status_nut.php
index 0bb1145c..64b11112 100644
--- a/config/nut/status_nut.php
+++ b/config/nut/status_nut.php
@@ -2,8 +2,8 @@
/*
status_nut.php
part of pfSense (https://www.pfsense.org/)
-
Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>.
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -29,13 +29,15 @@
*/
require("guiconfig.inc");
-
+global $nut_config;
$nut_config = $config['installedpackages']['nut']['config'][0];
/* functions */
function secs2hms($secs) {
- if ($secs<0) return false;
+ if ($secs < 0 ) {
+ return false;
+ }
$m = (int)($secs / 60); $s = $secs % 60;
$h = (int)($m / 60); $m = $m % 60;
return "{$h}h {$m}m {$s}s";
@@ -50,25 +52,29 @@ function tblclose () {
}
function tblrow ($name, $value, $symbol = null) {
- if(!$value) return;
-
- if($symbol == '&deg;')
+ if (!$value) {
+ return;
+ }
+ if ($symbol == '&deg;') {
$value = sprintf("%.1f", $value);
-
- if($symbol == 'Hz')
+ }
+ if ($symbol == 'Hz') {
$value = sprintf("%d", $value);
+ }
print(<<<EOD
<tr>
- <td class="vncellreq" width="100px">{$name}</td>
- <td class="vtable">{$value}{$symbol}</td>
+ <td class="vncellreq" width="100px">{$name}</td>
+ <td class="vtable">{$value}{$symbol}</td>
<tr>
EOD
."\n");
}
function tblrowbar ($name, $value, $symbol, $red, $yellow, $green) {
- if(!$value) return;
+ if (!$value) {
+ return;
+ }
$value = sprintf("%.1f", $value);
@@ -80,57 +86,54 @@ function tblrowbar ($name, $value, $symbol, $red, $yellow, $green) {
sort($yellow);
sort($green);
- if($value >= $red[0] && $value <= ($red[0]+9)) {
+ if ($value >= $red[0] && $value <= ($red[0]+9)) {
$color = 'black';
$bgcolor = 'red';
}
- if($value >= ($red[0]+10) && $value <= $red[1]) {
+ if ($value >= ($red[0]+10) && $value <= $red[1]) {
$color = 'white';
$bgcolor = 'red';
}
- if($value >= $yellow[0] && $value <= $yellow[1]) {
+ if ($value >= $yellow[0] && $value <= $yellow[1]) {
$color = 'black';
$bgcolor = 'yellow';
}
- if($value >= $green[0] && $value <= ($green[0]+9)) {
+ if ($value >= $green[0] && $value <= ($green[0]+9)) {
$color = 'black';
$bgcolor = 'green';
}
- if($value >= ($green[0]+10) && $value <= $green[1]) {
+ if ($value >= ($green[0]+10) && $value <= $green[1]) {
$color = 'white';
$bgcolor = 'green';
}
print(<<<EOD
<tr>
- <td class="vncellreq" width="100px">{$name}</td>
- <td class="vtable">
- <div style="width: 125px; height: 12px; border-top: thin solid gray; border-bottom: thin solid gray;">
- <div style="width: {$value}{$symbol}; height: 12px; background-color: {$bgcolor};">
- <div style="text-align: center; color: {$color}">{$value}{$symbol}</div>
- </div>
- </div>
- </td>
+ <td class="vncellreq" width="100px">{$name}</td>
+ <td class="vtable">
+ <div style="width: 125px; height: 12px; border-top: thin solid gray; border-bottom: thin solid gray;">
+ <div style="width: {$value}{$symbol}; height: 12px; background-color: {$bgcolor};">
+ <div style="text-align: center; color: {$color}">{$value}{$symbol}</div>
+ </div>
+ </div>
+ </td>
<tr>
EOD
."\n");
}
/* defaults to this page but if no settings are present, redirect to setup page */
-if(!$nut_config['monitor'])
+if (!$nut_config['monitor']) {
Header("Location: /pkg_edit.php?xml=nut.xml&id=0");
+}
$pgtitle = "Status: NUT Status";
include("head.inc");
-/* put your custom HTML head content here */
-/* using some of the $pfSenseHead function calls */
-//$pfSenseHead->addMeta("<meta http-equiv=\"refresh\" content=\"120;url={$_SERVER['SCRIPT_NAME']}\" />");
-//echo $pfSenseHead->getHTML();
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc"); ?>
-<p class="pgtitle"><?=$pgtitle?></font></p>
+<p class="pgtitle"><?=$pgtitle?></p>
<?php if ($savemsg) print_info_box($savemsg); ?>
<div id="mainlevel">
@@ -143,32 +146,33 @@ include("head.inc");
?>
</table>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
+<tr>
<td>
<?php
tblopen();
- $running = ((int)exec('pgrep upsmon | wc -l') > 0) ? true : false;
+ $running = ((int)exec('/bin/pgrep upsmon | /usr/bin/wc -l') > 0) ? true : false;
- if($nut_config['monitor'] == 'local') {
+ if ($nut_config['monitor'] == 'local') {
tblrow('Monitoring:','Local UPS');
- $cmd = "upsc {$nut_config['name']}@localhost";
- } elseif($nut_config['monitor'] == 'remote') {
+ $cmd = "/usr/local/bin/upsc {$nut_config['name']}@localhost";
+ } elseif ($nut_config['monitor'] == 'remote') {
tblrow('Monitoring:','Remote UPS');
- $cmd = "upsc {$nut_config['remotename']}@{$nut_config['remoteaddr']}";
- } elseif($nut_config['monitor'] == 'snmp') {
+ $cmd = "/usr/local/bin/upsc {$nut_config['remotename']}@{$nut_config['remoteaddr']}";
+ } elseif ($nut_config['monitor'] == 'snmp') {
tblrow('Monitoring:','SNMP UPS');
- $cmd = "upsc {$nut_config['snmpname']}@localhost";
+ $cmd = "/usr/local/bin/upsc {$nut_config['snmpname']}@localhost";
}
- if($running)
+ if ($running) {
$handle = popen($cmd, 'r');
- elseif($nut_config['monitor'] == 'snmp')
+ } elseif ($nut_config['monitor'] == 'snmp') {
tblrow('ERROR:','NUT is enabled, however the service is not running! The SNMP UPS may be unreachable.');
- else
+ } else {
tblrow('ERROR:','NUT is enabled, however the service is not running!');
+ }
- if($handle) {
+ if ($handle) {
$read = fread($handle, 4096);
pclose($handle);
@@ -179,14 +183,17 @@ include("head.inc");
$ups[$line[0]] = trim($line[1]);
}
- if(count($lines) == 1)
+ if (count($lines) == 1) {
tblrow('ERROR:', 'Data stale!');
+ }
tblrow('Model:', $ups['ups.model']);
$status = explode(' ', $ups['ups.status']);
foreach($status as $condition) {
- if($disp_status) $disp_status .= ', ';
+ if ($disp_status) {
+ $disp_status .= ', ';
+ }
switch ($condition) {
case 'WAIT':
$disp_status .= 'Waiting';
@@ -241,14 +248,11 @@ include("head.inc");
tblclose();
?>
- </td>
- </tr>
+ </td>
+</tr>
</table>
-<?php
- /* display upsc array */
- /*print('<pre>'); print_r($ups); print('</pre>');*/
-?>
</div>
+
<?php include("fend.inc"); ?>
</body>
</html>
diff --git a/config/rrd-summary/rrd-summary.xml b/config/rrd-summary/rrd-summary.xml
index 4b62272d..67c20937 100644
--- a/config/rrd-summary/rrd-summary.xml
+++ b/config/rrd-summary/rrd-summary.xml
@@ -2,69 +2,57 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- rrd-summary.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2010 to whom it may belong
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ rrd-summary.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<description>RRD Summary Page</description>
- <requirements>None</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>RRD Summary</name>
- <version>1.1</version>
+ <version>1.2</version>
<title>Status: RRD Summary</title>
<menu>
<name>RRD Summary</name>
- <tooltiptext></tooltiptext>
+ <tooltiptext>Display total amount of traffic passed In/Out during this and the previous month.</tooltiptext>
<section>Status</section>
<url>/status_rrd_summary.php</url>
</menu>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/rrd-summary/status_rrd_summary.php</item>
</additional_files_needed>
- <custom_php_deinstall_command>
- <![CDATA[
- $version = file_get_contents("/etc/version");
- if ($version[0] < 2) {
- unlink_if_exists("/usr/local/www/status_rrd_summary.php");
- }
- ]]>
- </custom_php_deinstall_command>
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/rrd-summary/status_rrd_summary.php b/config/rrd-summary/status_rrd_summary.php
index 0e43d95c..27a6f069 100644
--- a/config/rrd-summary/status_rrd_summary.php
+++ b/config/rrd-summary/status_rrd_summary.php
@@ -1,7 +1,10 @@
<?php
/*
rrd_summary.php
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2010 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
@@ -37,9 +40,9 @@ $lastmonth = fetch_rrd_summary($rrd, $lastmonth, $start, 720*60);
function fetch_rrd_summary($rrd, $start, $end, $resolution=3600) {
$traffic = array();
- $rrd = escapeshellarg("/var/db/rrd/{$rrd}");
+ $rrd = escapeshellarg("/var/db/rrd/{$rrd}");
$start = escapeshellarg($start);
- $end = escapeshellarg($end);
+ $end = escapeshellarg($end);
exec("/usr/local/bin/rrdtool fetch {$rrd} AVERAGE -r {$resolution} -s {$start} -e {$end} | grep -v nan | awk '{ sum1 += $2/(1024*1024); sum2 += $3/(1024*1024) } END { printf \"%u|%u\", sum1*{$resolution}, sum2*{$resolution}; }'", $traffic);
return explode('|', trim($traffic[0]));
}
@@ -55,19 +58,20 @@ function print_rrd_summary_table($data) { ?>
}
$pgtitle = "Status: RRD Summary";
-include("head.inc");
-include("fbegin.inc");
+include_once("head.inc");
+echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">";
+include_once("fbegin.inc");
$rrds = glob("/var/db/rrd/*-traffic.rrd");
?>
-<form name="form1" action="status_rrd_summary.php" method="POST">
- RRD Database:
+<form name="form1" action="status_rrd_summary.php" method="post">
+ RRD Database:&nbsp;
<select name="rrd" class="formselect" onchange="document.form1.submit()">
<?php
foreach ($rrds as $r) {
$r = basename($r);
- $selected = ($r == $rrd) ? " selected" : "";
+ $selected = ($r == $rrd) ? ' selected="selected"' : '';
print "<option value=\"{$r}\"{$selected}>{$r}</option>";
} ?>
</select>
@@ -75,7 +79,7 @@ $rrds = glob("/var/db/rrd/*-traffic.rrd");
<select name="startday" class="formselect" onchange="document.form1.submit()">
<?php
for ($day=1; $day < 29; $day++) {
- $selected = ($day == $startday) ? " selected" : "";
+ $selected = ($day == $startday) ? ' selected="selected"' : "";
print "<option value=\"{$day}\"{$selected}>{$day}</option>";
} ?>
</select>
@@ -87,4 +91,6 @@ This Month (to date, does not include this hour, starting at day <?php echo $sta
Last Month:
<?php print_rrd_summary_table($lastmonth); ?>
-<?php include("fend.inc"); ?>
+<?php include_once("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/softflowd/softflowd.xml b/config/softflowd/softflowd.xml
index 55065429..6e9c080f 100644
--- a/config/softflowd/softflowd.xml
+++ b/config/softflowd/softflowd.xml
@@ -1,6 +1,45 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ softflowd.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ========================================================================== */
+ ]]>
+ </copyright>
<name>softflowd</name>
- <version>0.9.8_2 pkg v1.1</version>
+ <version>1.2</version>
<title>softflowd: Settings</title>
<aftersaveredirect>pkg_edit.php?xml=softflowd.xml&amp;id=0</aftersaveredirect>
<menu>
@@ -50,7 +89,7 @@
<field>
<fielddescr>Hop Limit</fielddescr>
<fieldname>hoplimit</fieldname>
- <description>Set the IPv4 TTL or the IPv6 hop limit to hoplimit. softflowd will use the default system TTL when exporting flows to a unicast host. When exporting to a multicast group, the default TTL will be 1 (i.e. link-local).</description>
+ <description>Set the IPv4 TTL or the IPv6 hop limit to hoplimit. softflowd will use the default system TTL when exporting flows to a unicast host. When exporting to a multicast group, the default TTL will be 1 (i.e. link-local).</description>
<type>input</type>
</field>
<field>
@@ -76,7 +115,7 @@
<field>
<fielddescr>Flow Tracking Level</fielddescr>
<fieldname>flowtracking</fieldname>
- <description>Specify which flow elements softflowd should be used to define a flow. track_level may be one of: &quot;full&quot; (track everything in the flow, the default), &quot;proto&quot; (track source and destination addresses and protocol), or &quot;ip&quot; (only track source and destination addresses). Selecting either of the latter options will produce flows with less information in them (e.g. TCP/UDP ports will not be recorded). This will cause flows to be consolidated, reducing the quantity of output and CPU load that softflowd will place on the system at the cost of some detail being lost.</description>
+ <description>Specify which flow elements softflowd should be used to define a flow. track_level may be one of: &quot;full&quot; (track everything in the flow, the default), &quot;proto&quot; (track source and destination addresses and protocol), or &quot;ip&quot; (only track source and destination addresses). Selecting either of the latter options will produce flows with less information in them (e.g. TCP/UDP ports will not be recorded). This will cause flows to be consolidated, reducing the quantity of output and CPU load that softflowd will place on the system at the cost of some detail being lost.</description>
<type>select</type>
<options>
<option>
@@ -106,13 +145,13 @@
<field>
<fielddescr>Maximum Lifetime</fielddescr>
<fieldname>timeout-maxlife</fieldname>
- <description>(Seconds) This is the maximum lifetime that a flow may exist for. All flows are forcibly expired when they pass maxlife seconds. To disable this feature, specify a maxlife of 0.</description>
+ <description>(Seconds) This is the maximum lifetime that a flow may exist for. All flows are forcibly expired when they pass maxlife seconds. To disable this feature, specify a maxlife of 0.</description>
<type>input</type>
</field>
<field>
<fielddescr>Expire Interval</fielddescr>
<fieldname>timeout-expint</fieldname>
- <description>(Seconds) Specify the interval between expiry checks. Increase this to group more flows into a NetFlow packet. To disable this feature, specify a expint of 0.</description>
+ <description>(Seconds) Specify the interval between expiry checks. Increase this to group more flows into a NetFlow packet. To disable this feature, specify a expint of 0.</description>
<type>input</type>
</field>
<field>
@@ -152,36 +191,49 @@
$cf['host'] = is_ipaddrv6($cf['host']) ? "[{$cf['host']}]" : $cf['host'];
$start = "/usr/bin/killall -9 softflowd";
foreach ($interface_list as $interface_friendly) {
- if (empty($interface_friendly))
+ if (empty($interface_friendly)) {
continue;
+ }
$interface = get_real_interface($interface_friendly);
- if (empty($interface))
+ if (empty($interface)) {
continue;
+ }
$start .= "\n\t/usr/local/sbin/softflowd ";
$start .= " -i " . escapeshellarg($interface);
$start .= " -n " . escapeshellarg("{$cf['host']}:{$cf['port']}");
- if (is_numeric($cf['maxflows']))
+ if (is_numeric($cf['maxflows'])) {
$start .= " -m " . escapeshellarg($cf['maxflows']);
- if (is_numeric($cf['hoplimit']))
+ }
+ if (is_numeric($cf['hoplimit'])) {
$start .= " -L " . escapeshellarg($cf['hoplimit']);
- if ($cf['version'] != "")
+ }
+ if ($cf['version'] != "") {
$start .= " -v " . escapeshellarg($cf['version']);
- if ($cf['flowtracking'] != "")
+ }
+ if ($cf['flowtracking'] != "") {
$start .= " -T " . escapeshellarg($cf['flowtracking']);
- if (is_numeric($cf['timeout-general']))
+ }
+ if (is_numeric($cf['timeout-general'])) {
$start .= " -t " . escapeshellarg("general={$cf['timeout-general']}");
- if (is_numeric($cf['timeout-maxlife']))
+ }
+ if (is_numeric($cf['timeout-maxlife'])) {
$start .= " -t " . escapeshellarg("maxlife={$cf['timeout-maxlife']}");
- if (is_numeric($cf['timeout-expint']))
+ }
+ if (is_numeric($cf['timeout-expint'])) {
$start .= " -t " . escapeshellarg("expint={$cf['timeout-expint']}");
- if (is_numeric($cf['timeout-tcp']))
+ }
+ if (is_numeric($cf['timeout-tcp'])) {
$start .= " -t " . escapeshellarg("tcp={$cf['timeout-tcp']}");
- if (is_numeric($cf['timeout-tcp-rst']))
+ }
+ if (is_numeric($cf['timeout-tcp-rst'])) {
$start .= " -t " . escapeshellarg("tcp.rst={$cf['timeout-tcp-rst']}");
- if (is_numeric($cf['timeout-tcp-fin']))
+ }
+ if (is_numeric($cf['timeout-tcp-fin'])) {
$start .= " -t " . escapeshellarg("tcp.fin={$cf['timeout-tcp-fin']}");
- if (is_numeric($cf['timeout-udp']))
+ }
+ if (is_numeric($cf['timeout-udp'])) {
$start .= " -t " . escapeshellarg("udp={$cf['timeout-udp']}");
+ }
$start .= " -p " . escapeshellarg("/var/run/softflowd.{$interface}.pid");
$start .= " -c " . escapeshellarg("/var/run/softflowd.{$interface}.ctl");
}
@@ -191,39 +243,52 @@
"stop" => "/usr/bin/killall -9 softflowd"
)
);
- restart_service("softflowd");
+ /* Only try to restart if not booting */
+ if (!platform_booting()) {
+ restart_service("softflowd");
+ }
}
conf_mount_ro();
config_unlock();
}
function validate_form_softflowd($post, &$input_errors) {
- if (($post['host'] == "") || !is_ipaddr($post['host']))
+ if (($post['host'] == "") || !is_ipaddr($post['host'])) {
$input_errors[] = 'You must specify a valid ip address in the \'Host\' field';
- if (($post['port'] == "") || !is_port($post['port']))
+ }
+ if (($post['port'] == "") || !is_port($post['port'])) {
$input_errors[] = 'You must specify a valid port number in the \'Port\' field';
-
- if (($post['version'] == "" || !in_array($post['version'], array(1, 5, 9))))
+ }
+ if (($post['version'] == "" || !in_array($post['version'], array(1, 5, 9)))) {
$input_errors[] = 'You must specify a netflow version';
- if (($post['flowtracking'] == "" || !in_array($post['flowtracking'], array("full", "proto", "ip"))))
+ }
+ if (($post['flowtracking'] == "" || !in_array($post['flowtracking'], array("full", "proto", "ip")))) {
$input_errors[] = 'You must specify a valid flow tracking selection';
-
- if (!empty($post['hoplimit']) && (!is_numeric($post['hoplimit']) || ($post['hoplimit'] < 1) || ($post['hoplimit'] > 255)))
+ }
+ if (!empty($post['hoplimit']) && (!is_numeric($post['hoplimit']) || ($post['hoplimit'] < 1) || ($post['hoplimit'] > 255))) {
$input_errors[] = 'You must specify a valid hop limit';
- if (!empty($post['timeout-general']) && (!is_numeric($post['timeout-general']) || ($post['timeout-general'] < 0)))
+ }
+ if (!empty($post['timeout-general']) && (!is_numeric($post['timeout-general']) || ($post['timeout-general'] < 0))) {
$input_errors[] = 'You must specify a valid General Timeout';
- if (!empty($post['timeout-maxlife']) && (!is_numeric($post['timeout-maxlife']) || ($post['timeout-maxlife'] < 0)))
+ }
+ if (!empty($post['timeout-maxlife']) && (!is_numeric($post['timeout-maxlife']) || ($post['timeout-maxlife'] < 0))) {
$input_errors[] = 'You must specify a valid Maximum Lifetime Timeout';
- if (!empty($post['timeout-expint']) && (!is_numeric($post['timeout-expint']) || ($post['timeout-expint'] < 0)))
+ }
+ if (!empty($post['timeout-expint']) && (!is_numeric($post['timeout-expint']) || ($post['timeout-expint'] < 0))) {
$input_errors[] = 'You must specify a valid Expire Interval';
- if (!empty($post['timeout-tcp']) && (!is_numeric($post['timeout-tcp']) || ($post['timeout-tcp'] < 0)))
+ }
+ if (!empty($post['timeout-tcp']) && (!is_numeric($post['timeout-tcp']) || ($post['timeout-tcp'] < 0))) {
$input_errors[] = 'You must specify a valid TCP Timeout';
- if (!empty($post['timeout-tcp-rst']) && (!is_numeric($post['timeout-tcp-rst']) || ($post['timeout-tcp-rst'] < 0)))
+ }
+ if (!empty($post['timeout-tcp-rst']) && (!is_numeric($post['timeout-tcp-rst']) || ($post['timeout-tcp-rst'] < 0))) {
$input_errors[] = 'You must specify a valid TCP RST Timeout';
- if (!empty($post['timeout-tcp-fin']) && (!is_numeric($post['timeout-tcp-fin']) || ($post['timeout-tcp-fin'] < 0)))
+ }
+ if (!empty($post['timeout-tcp-fin']) && (!is_numeric($post['timeout-tcp-fin']) || ($post['timeout-tcp-fin'] < 0))) {
$input_errors[] = 'You must specify a valid TCP FIN Timeout';
- if (!empty($post['timeout-udp']) && (!is_numeric($post['timeout-udp']) || ($post['timeout-udp'] < 0)))
+ }
+ if (!empty($post['timeout-udp']) && (!is_numeric($post['timeout-udp']) || ($post['timeout-udp'] < 0))) {
$input_errors[] = 'You must specify a valid UDP Timeout';
+ }
}
function cleanup_config_softflowd() {
diff --git a/config/sshdcond/sshdcond.inc b/config/sshdcond/sshdcond.inc
index 7ff911c1..756f1556 100644
--- a/config/sshdcond/sshdcond.inc
+++ b/config/sshdcond/sshdcond.inc
@@ -1,14 +1,10 @@
<?php
-
/*
sshdcond.inc
- part of pfSense (http://www.pfSense.com)
+ part of pfSense (https://www.pfsense.org/)
Copyright (C) 2012 Marcello Coutinho
Copyright (C) 2012 Han Van (namezero@afim.info)
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -45,57 +41,59 @@ function sshdcond_custom_php_install_command() {
conf_mount_rw();
- // We need to generate an outfile for our extra commands
- // The patched g_szSSHDFileGenerate php file then reads and appends that config
+ /* We need to generate an outfile for our extra commands.
+ The patched g_szSSHDFileGenerate php file then reads and appends that config.
+ */
$fd = fopen("/etc/ssh/sshd_extra", 'w');
fclose($fd);
conf_mount_ro();
- }
+}
function sshdcond_custom_php_deinstall_command() {
global $g, $config;
conf_mount_rw();
- // 1. Delete our config file
+ /* Delete our config file. */
unlink_if_exists("/etc/ssh/sshd_extra");
- // 2. Re-run sshd config generation script
+ /* Re-run sshd config generation script. */
restart_sshd();
conf_mount_ro();
- }
+}
function sshdcond_custom_php_write_config() {
- global $g, $config;
+ global $g, $config, $pkg_interface;
- # detect boot process
- if (is_array($_POST)) {
- if (!preg_match("/\w+/",$_POST['__csrf_magic']))
- return;
- }
+ /* Detect boot process, do nothing during boot. */
+ if (platform_booting()) {
+ return;
+ }
+
+ conf_mount_rw();
- $sshd_extra="";
+ $sshd_extra = "";
if (is_array($config['installedpackages']['sshdcond']['config'])) {
- // Mount Read-only
- conf_mount_rw();
- // Read config
+ /* Read config. */
foreach ($config['installedpackages']['sshdcond']['config'] as $sshdcond) {
if ($sshdcond['enable'] && is_array($sshdcond['row'])) {
$sshd_extra.= "Match {$sshdcond['matchtype']} {$sshdcond['matchvalue']}\n";
foreach ($sshdcond['row'] as $sshd) {
- //check if there is spaces on sshd value
- if(preg_match ("/\s+/",$sshd['sshdvalue']))
- $sshd['sshdvalue']='"'.$sshd['sshdvalue'].'"';
+ /* Check sshd value for spaces. */
+ if (preg_match ("/\s+/",$sshd['sshdvalue'])) {
+ $sshd['sshdvalue'] = '"' . $sshd['sshdvalue'] . '"';
+ }
- //check if value is not empty
- if($sshd['sshdvalue']!="")
- $sshd_extra.="\t {$sshd['sshdoption']} {$sshd['sshdvalue']}\n";
+ /* Check that sshdvalue is not empty. */
+ if ($sshd['sshdvalue'] != "") {
+ $sshd_extra .= "\t {$sshd['sshdoption']} {$sshd['sshdvalue']}\n";
+ }
- //apply file permission if option is ChrootDirectory
- if ($sshd['sshdoption']=="ChrootDirectory" && file_exists($sshd['sshdvalue'])) {
+ /* Apply file permission if option is ChrootDirectory. */
+ if ($sshd['sshdoption'] == "ChrootDirectory" && file_exists($sshd['sshdvalue'])) {
chown($sshd['sshdvalue'], 'root');
chgrp($sshd['sshdvalue'], 'operator');
}
@@ -104,92 +102,95 @@ function sshdcond_custom_php_write_config() {
}
}
- //Save /etc/ssh/sshd_extra
- file_put_contents("/etc/ssh/sshd_extra",$sshd_extra,LOCK_EX);
-
-
+ /* Save /etc/ssh/sshd_extra. */
+ file_put_contents("/etc/ssh/sshd_extra", $sshd_extra, LOCK_EX);
- // Restart sshd
+ /* Restart sshd and re-mount read-only. */
restart_sshd();
-
- // Mount Read-only
conf_mount_ro();
- //sync config with other pfsense servers
+ /* Sync config with other pfSense servers. */
sshdcond_sync_on_changes();
- }
+}
-/* Uses XMLRPC to synchronize the changes to a remote node */
+/* Uses XMLRPC to synchronize the changes to a remote node. */
function sshdcond_sync_on_changes() {
global $config, $g;
- if (is_array($config['installedpackages']['sshdcondsync']))
- if (!$config['installedpackages']['sshdcondsync']['config'][0]['synconchanges'])
+ if (is_array($config['installedpackages']['sshdcondsync'])) {
+ if (!$config['installedpackages']['sshdcondsync']['config'][0]['synconchanges']) {
return;
+ }
+ }
log_error("[sshdcond] xmlrpc sync is starting.");
- foreach ($config['installedpackages']['sshdcondsync']['config'] as $rs ) {
+ foreach ($config['installedpackages']['sshdcondsync']['config'] as $rs) {
foreach($rs['row'] as $sh) {
$sync_to_ip = $sh['ipaddress'];
$password = $sh['password'];
- if($password && $sync_to_ip)
+ if ($password && $sync_to_ip) {
sshdcond_do_xmlrpc_sync($sync_to_ip, $password);
}
+ }
}
log_error("[sshdcond] xmlrpc sync is ending.");
}
-/* Do the actual XMLRPC sync */
+/* Do the actual XMLRPC sync. */
function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) {
global $config, $g;
- if(!$password)
+ if (!$password) {
return;
+ }
- if(!$sync_to_ip)
+ if (!$sync_to_ip) {
return;
+ }
$username='admin';
$xmlrpc_sync_neighbor = $sync_to_ip;
- if($config['system']['webgui']['protocol'] != "") {
+ if ($config['system']['webgui']['protocol'] != "") {
$synchronizetoip = $config['system']['webgui']['protocol'];
$synchronizetoip .= "://";
}
$port = $config['system']['webgui']['port'];
- /* if port is empty lets rely on the protocol selection */
- if($port == "") {
- if($config['system']['webgui']['protocol'] == "http")
+ /* If port is empty, let's rely on the protocol selection. */
+ if ($port == "") {
+ if ($config['system']['webgui']['protocol'] == "http") {
$port = "80";
- else
+ } else {
$port = "443";
+ }
}
$synchronizetoip .= $sync_to_ip;
- /* xml will hold the sections to sync */
+ /* xml will hold the sections to sync. */
$xml = array();
$xml['sshdcond'] = $config['installedpackages']['sshdcond'];
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($xml)
);
- /* set a few variables needed for sync code borrowed from filter.inc */
+ /* Set a few variables needed for sync code; borrowed from filter.inc. */
$url = $synchronizetoip;
log_error("Beginning sshdcond XMLRPC sync to {$url}:{$port}.");
$method = 'pfsense.merge_installedpackages_section_xmlrpc';
$msg = new XML_RPC_Message($method, $params);
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
- if($g['debug'])
+ if ($g['debug']) {
$cli->setDebug(1);
- /* send our XMLRPC message and timeout after 250 seconds */
+ }
+ /* Send our XMLRPC message and timeout after 250 seconds. */
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port}.";
log_error($error);
file_notice("sync_settings", $error, "sshdcond Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -199,11 +200,11 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) {
log_error("sshdcond XMLRPC sync successfully completed with {$url}:{$port}.");
}
- /* tell sshdcond to reload our settings on the destionation sync host. */
+ /* Tell sshdcond to reload our settings on the destination sync host. */
$method = 'pfsense.exec_php';
- $execcmd = "require_once('/usr/local/pkg/sshdcond.inc');\n";
+ $execcmd = "require_once('/usr/local/pkg/sshdcond.inc');\n";
$execcmd .= "sshdcond_custom_php_write_config();";
- /* assemble xmlrpc payload */
+ /* Assemble XMLRPC payload. */
$params = array(
XML_RPC_encode($password),
XML_RPC_encode($execcmd)
@@ -214,11 +215,11 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) {
$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
$cli->setCredentials($username, $password);
$resp = $cli->send($msg, "250");
- if(!$resp) {
+ if (!$resp) {
$error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
log_error($error);
file_notice("sync_settings", $error, "sshdcond Settings Sync", "");
- } elseif($resp->faultCode()) {
+ } elseif ($resp->faultCode()) {
$cli->setDebug(1);
$resp = $cli->send($msg, "250");
$error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
@@ -228,4 +229,4 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) {
log_error("sshdcond XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
}
}
- ?>
+?>
diff --git a/config/sshdcond/sshdcond.xml b/config/sshdcond/sshdcond.xml
index 17dda28d..11104e1d 100644
--- a/config/sshdcond/sshdcond.xml
+++ b/config/sshdcond/sshdcond.xml
@@ -1,49 +1,49 @@
<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
-<copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- sshdcond.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2012 Marcello Coutinho
- Copyright (C) 2012 Han Van (namezero@afim.info)
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ sshdcond.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2012 Han Van (namezero@afim.info)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>sshdcond</name>
- <version>1.0</version>
+ <version>1.0.2</version>
<title>SSH Conditional</title>
<description>SSH Conditional blocks</description>
<savetext>Save</savetext>
@@ -56,15 +56,12 @@
<url>/pkg.php?xml=sshdcond.xml</url>
</menu>
<configpath>installedpackages->package->sshdcond</configpath>
-
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>755</chmod>
<item>https://packages.pfsense.org/packages/config/sshdcond/sshdcond.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>755</chmod>
<item>https://packages.pfsense.org/packages/config/sshdcond/sshdcond_sync.xml</item>
</additional_files_needed>
<tabs>
@@ -107,7 +104,7 @@
<field>
<fielddescr>Match Type</fielddescr>
<fieldname>matchtype</fieldname>
- <description>See Match keyword at http://www.manpagez.com/man/5/sshd_config/ for options</description>
+ <description><![CDATA[See <a href="http://www.manpagez.com/man/5/sshd_config/">ssh_config(5)</a> manpage for valid options.]]></description>
<type>select</type>
<options>
<option><name>User</name><value>User</value></option>
@@ -193,5 +190,4 @@
<custom_php_command_before_form>
unset($_POST['temp']);
</custom_php_command_before_form>
-
-</packagegui> \ No newline at end of file
+</packagegui>
diff --git a/config/sshdcond/sshdcond_sync.xml b/config/sshdcond/sshdcond_sync.xml
index 2bd4a26b..511df25b 100755
--- a/config/sshdcond/sshdcond_sync.xml
+++ b/config/sshdcond/sshdcond_sync.xml
@@ -1,48 +1,48 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- sshdcond_sync.xml
- part of the sarg package for pfSense
- Copyright (C) 2012 Marcello Coutinho
- All rights reserved.
- */
-/* ========================================================================== */
+ sshdcond_sync.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>sshdcondsync</name>
- <version>1.0</version>
+ <version>1.0.2</version>
<title>SSH Conditional - Sync</title>
<include_file>/usr/local/pkg/sshdcond.inc</include_file>
<tabs>
@@ -75,7 +75,7 @@
<rowhelperfield>
<fielddescr>IP Address</fielddescr>
<fieldname>ipaddress</fieldname>
- <description>IP Address of remote server</description>
+ <description>IP Address of remote server.</description>
<type>input</type>
<size>20</size>
</rowhelperfield>
@@ -89,8 +89,6 @@
</rowhelper>
</field>
</fields>
- <custom_php_validation_command>
- </custom_php_validation_command>
<custom_php_resync_config_command>
sshdcond_custom_php_write_config();
</custom_php_resync_config_command>
diff --git a/config/sudo/sudo.inc b/config/sudo/sudo.inc
index 1c07984d..ed0feb9c 100644
--- a/config/sudo/sudo.inc
+++ b/config/sudo/sudo.inc
@@ -1,8 +1,9 @@
<?php
/*
sudo.inc
-
+ part of pfSense (https://www.pfSense.org/)
Copyright (C) 2013 Jim Pingle (jpingle@gmail.com)
+ Copyright (C) 2015 ESF, LLC
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -32,7 +33,7 @@ global $pfs_version;
$pfs_version = substr(trim(file_get_contents("/etc/version")),0,3);
switch ($pfs_version) {
case "2.1":
- // Hackish way to detect if someone manually did pkg_add rather than use pbi.
+ /* Hackish way to detect if someone manually did pkg_add rather than use pbi. */
if (is_dir('/usr/pbi/sudo-' . php_uname("m"))) {
define('SUDO_BASE', '/usr/pbi/sudo-' . php_uname("m"));
define('SUDO_LIBEXEC_DIR', '/usr/local/libexec/');
@@ -43,7 +44,7 @@ switch ($pfs_version) {
break;
case "2.2":
define('SUDO_BASE','/usr/local');
- // Hackish way to detect if someone manually did pkg_add rather than use pbi.
+ /* Hackish way to detect if someone manually did pkg_add rather than use pbi. */
if (is_dir('/usr/pbi/sudo-' . php_uname("m"))) {
define('SUDO_LIBEXEC_DIR', '/usr/pbi/sudo-' . php_uname("m") . '/local/libexec/sudo');
} else {
@@ -132,16 +133,19 @@ function sudo_write_config() {
conf_mount_ro();
}
-/* Get a list of users and groups in a format we can use to make proper sudoers entries.
+/*
+Get a list of users and groups in a format we can use to make proper sudoers entries.
Optionally include "ALL" as a user (for use by the Run As list)
*/
function sudo_get_users($list_all_user = false) {
global $config;
- if (!is_array($config['system']['user']))
+ if (!is_array($config['system']['user'])) {
$config['system']['user'] = array();
+ }
$a_user = &$config['system']['user'];
- if (!is_array($config['system']['group']))
+ if (!is_array($config['system']['group'])) {
$config['system']['group'] = array();
+ }
$a_group = &$config['system']['group'];
$users = array();
@@ -174,8 +178,9 @@ function sudo_get_users($list_all_user = false) {
foreach ($a_group as $group) {
/* The "all" group is internal and doesn't make sense to use here. */
- if ($group['name'] == "all")
+ if ($group['name'] == "all") {
continue;
+ }
$tmpgroup = array();
$tmpgroup["name"] = "group:{$group['name']}";
$tmpgroup["descr"] = "Group: {$group['name']}";
@@ -185,20 +190,23 @@ function sudo_get_users($list_all_user = false) {
return $users;
}
-/* Make sure commands passed in are valid executables to help ensure a valid sudoers file and expected behavior.
- This also forces the user to give full paths to executables, which they should be doing anyhow.
+/*
+Make sure commands passed in are valid executables to help ensure a valid sudoers file and expected behavior.
+This also forces the user to give full paths to executables, which they should be doing anyhow.
*/
function sudo_validate_commands(&$input_errors) {
$idx = 0;
while(isset($_POST["cmdlist{$idx}"])) {
$commands = $_POST["cmdlist" . $idx++];
- if (strtoupper($commands) == "ALL")
+ if (strtoupper($commands) == "ALL") {
continue;
+ }
$commands = explode(",", $commands);
foreach ($commands as $command) {
list($cmd, $params) = explode(" ", trim($command), 2);
- if (!is_executable($cmd))
+ if (!is_executable($cmd)) {
$input_errors[] = htmlspecialchars($cmd) . " is not an executable command.";
+ }
}
}
}
diff --git a/config/sudo/sudo.xml b/config/sudo/sudo.xml
index 069606ba..e9b4dcbb 100644
--- a/config/sudo/sudo.xml
+++ b/config/sudo/sudo.xml
@@ -1,9 +1,48 @@
<?xml version="1.0" encoding="utf-8" ?>
<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ====================================================================================== */
+/*
+ sudo.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Jim Pingle
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<description>Sudo Command Control</description>
<requirements>None</requirements>
<name>sudo</name>
- <version>0.2.5</version>
+ <version>0.2.6</version>
<title>Sudo - Shell Command Privilege Delegation Utility</title>
<include_file>/usr/local/pkg/sudo.inc</include_file>
<menu>
@@ -15,7 +54,6 @@
<configpath>installedpackages->package->sudo</configpath>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/sudo/sudo.inc</item>
</additional_files_needed>
<fields>
diff --git a/config/syslog-ng/syslog-ng.inc b/config/syslog-ng/syslog-ng.inc
index bbec3a7c..56decfad 100644
--- a/config/syslog-ng/syslog-ng.inc
+++ b/config/syslog-ng/syslog-ng.inc
@@ -69,6 +69,8 @@ function syslogng_deinstall_command() {
if (is_link("/usr/local/lib/syslog-ng"))
unlink_if_exists("/usr/local/lib/syslog-ng");
syslogng_install_cron(false);
+ unlink_if_exists("/usr/local/etc/logrotate.conf");
+ unlink_if_exists("/usr/local/etc/syslog-ng.conf");
conf_mount_ro();
filter_configure();
}
@@ -165,7 +167,7 @@ function syslogng_install_cron($should_install) {
$cron_item['month'] = "*";
$cron_item['wday'] = "*";
$cron_item['who'] = "root";
- $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/logrotate /usr/local/etc/logrotate.conf";
+ $cron_item['command'] = "/usr/bin/nice -n20 " . SYSLOGNG_BASEDIR . "local/sbin/logrotate /usr/local/etc/logrotate.conf";
$config['cron']['item'][] = $cron_item;
$need_write = true;
}
diff --git a/config/tinydns/tinydns.inc b/config/tinydns/tinydns.inc
index 5effa10c..f2bda436 100644
--- a/config/tinydns/tinydns.inc
+++ b/config/tinydns/tinydns.inc
@@ -63,6 +63,21 @@ function tinydns_custom_php_install_command() {
if($config['installedpackages']['tinydns']['config'][0]['refreshinterval'])
$refreshinterval = $config['installedpackages']['tinydns']['config'][0]['refreshinterval'];
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version == "2.2") {
+ $svscan_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svscan";
+ $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svc";
+ $tinydns_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin";
+ } else if ($pf_version == "2.1") {
+ $svscan_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svscan";
+ $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svc";
+ $tinydns_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin";
+ } else {
+ $svscan_path = "/usr/local/bin/svscan";
+ $svc_path = "/usr/local/bin/svc";
+ $tinydns_path = "/usr/local/bin";
+ }
+
$svscan = <<<EOD
#!/bin/sh
@@ -74,7 +89,7 @@ function tinydns_custom_php_install_command() {
name="svscan"
rcvar="\${name}_enable"
-command="/usr/local/bin/svscan"
+command="{$svscan_path}"
svscan_enable=\${svscan_enable-"YES"}
svscan_servicedir=\${svscan_servicedir-"{$g['varrun_path']}/service"}
logdir="/var/log/svscan"
@@ -90,7 +105,7 @@ svscan_start () {
echo "Starting svscan."
mkdir -p \$logdir
/usr/bin/env \
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+ PATH={$tinydns_path}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
/usr/sbin/daemon -f /bin/sh -c "\$command \$svscan_servicedir 2>&1 | /usr/local/bin/multilog t \$logdir" > /dev/null
EOD;
@@ -105,7 +120,7 @@ $svscan .= <<<EOD
svscan_stop_post () {
echo "Stopping svscan."
- find -L "\$svscan_servicedir" -mindepth 1 -maxdepth 2 -type d \( \! -path "\$svscan_servicedir/*/*" -or -name 'log' \) -print0 | xargs -0 /usr/local/bin/svc -dx
+ find -L "\$svscan_servicedir" -mindepth 1 -maxdepth 2 -type d \( \! -path "\$svscan_servicedir/*/*" -or -name 'log' \) -print0 | xargs -0 {$svc_path} -dx
/bin/pkill -F /var/run/ping_hosts.pid
}
@@ -132,11 +147,11 @@ ENDPHP\n";
$stop = "";
$interfaces = explode(",", $config['installedpackages']['tinydns']['config'][0]['interface']);
foreach ($interfaces as $dnsidx => $dnsif)
- $stop .= "\t/usr/local/bin/svc -dx {$g['varrun_path']}/service/dnscache{$dnsidx}\n";
+ $stop .= "\t{$svc_path} -dx {$g['varrun_path']}/service/dnscache{$dnsidx}\n";
$stop .= <<<ENDSH
- /usr/local/bin/svc -dx {$g['varrun_path']}/service/tinydns
- /usr/local/bin/svc -dx {$g['varrun_path']}/service/axfrdns
+ {$svc_path} -dx {$g['varrun_path']}/service/tinydns
+ {$svc_path} -dx {$g['varrun_path']}/service/axfrdns
/bin/rm -rf {$g['varrun_path']}/service/tinydns 2>/dev/null
/bin/rm -rf {$g['varetc_path']}/tinydns 2>/dev/null
/bin/rm -rf {$g['varrun_path']}/dnscache* 2>/dev/null
@@ -161,9 +176,19 @@ function tinydns_custom_php_deinstall_command() {
global $g, $config;
conf_mount_rw();
+
+ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+ if ($pf_version == "2.2") {
+ $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svc";
+ } else if ($pf_version == "2.1") {
+ $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svc";
+ } else {
+ $svc_path = "/usr/local/bin/svc";
+ }
+
/* destroy all daemontools items */
- exec("/usr/local/bin/svc -xk {$g['varetc_path']}/tinydns*");
- exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache*");
+ exec("{$svc_path} -xk {$g['varetc_path']}/tinydns*");
+ exec("{$svc_path} -xk {$g['varetc_path']}/dnscache*");
exec("/usr/local/etc/rc.d/tinydns.sh stop");
exec("/usr/local/etc/rc.d/svscan.sh stop");
exec("/usr/bin/killall supervise");
@@ -225,7 +250,7 @@ function tinydns_custom_php_changeip_command() {
}
exec("echo {$dnsserverip} > {$g['varetc_path']}/tinydns/env/IP");
- exec("/usr/local/bin/svc -xk {$g['varrun_path']}/service/tinydns");
+ exec("{$svc_path} -xk {$g['varrun_path']}/service/tinydns");
if(!empty($config['installedpackages']['tinydns']['config'][0]['enableforwarding'])) {
@@ -277,7 +302,7 @@ function tinydns_custom_php_changeip_command() {
/* setup symlink to start dnscache */
exec("/bin/ln -s {$g['varetc_path']}/dnscache{$dnsidx} {$g['varrun_path']}/service/");
- exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache{$dnsidx}");
+ exec("{$svc_path} -xk {$g['varetc_path']}/dnscache{$dnsidx}");
}
} else {
$interfaces = explode(",", $$config['installedpackages']['tinydns']['config'][0]['interface']);
@@ -285,7 +310,7 @@ function tinydns_custom_php_changeip_command() {
if(is_dir("{$g['varetc_path']}/dnscache{$dnsidx}"))
dnscache_use_root_servers($dnsidx);
}
- exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache*");
+ exec("{$svc_path} -xk {$g['varetc_path']}/dnscache*");
}
/* a wee bit of magic - something seems to start up a broken dnscache, the below kills it, and svc restarts it correctly. */
diff --git a/config/tinydns/tinydns.xml b/config/tinydns/tinydns.xml
index fa80953c..55ee3269 100644
--- a/config/tinydns/tinydns.xml
+++ b/config/tinydns/tinydns.xml
@@ -2,45 +2,47 @@
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
- <copyright>
- <![CDATA[
+ <copyright>
+ <![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- tinydns.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2007 to whom it may belong
- All rights reserved.
- */
-/* ========================================================================== */
+ tinydns.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2009 Bill Marquette
+ Copyright (C) 2010 Ermal Luçi
+ Copyright (C) 2010-2011 Scott Ullrich
+ Copyright (C) 2012-2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
+ ]]>
+ </copyright>
<name>tinydns</name>
<version>1.0</version>
<title>DNS Server: Settings</title>
@@ -94,62 +96,53 @@
<configpath>installedpackages->package->tinydns</configpath>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/pf/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_xmlrpc_sync.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_domains.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_status.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_dhcp_filter.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_filter.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
+ <chmod>0775</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_down.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
+ <chmod>0775</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_up.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
+ <chmod>0775</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_parse_logs.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_view_logs.php</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/tinydns_sync.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/wizards/</prefix>
- <chmod>077</chmod>
<item>https://packages.pfsense.org/packages/config/tinydns/new_zone_wizard.xml</item>
</additional_files_needed>
<fields>
@@ -237,23 +230,23 @@
<field>
<fielddescr>Hosts allowed to perform DNS Zone Transfers - Note: this requires TCP port 53 firewall permit rule!</fielddescr>
<fieldname>none</fieldname>
- <type>rowhelper</type>
- <rowhelper>
- <rowhelperfield>
- <fielddescr>IP Address</fielddescr>
- <fieldname>ztipaddress</fieldname>
- <description>Enter the IP Address that is allowed to transfer zone records (ex: 4.2.2.1)</description>
- <type>input</type>
- <size>20</size>
- </rowhelperfield>
- <rowhelperfield>
- <fielddescr>DNS Zone - Use * for all Zones</fielddescr>
- <fieldname>dnszone</fieldname>
- <description>Enter the DNS zone that this IP address is allowed to transfer (ex: domain.com)</description>
- <type>input</type>
- <size>20</size>
- </rowhelperfield>
- </rowhelper>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>IP Address</fielddescr>
+ <fieldname>ztipaddress</fieldname>
+ <description>Enter the IP Address that is allowed to transfer zone records (ex: 4.2.2.1)</description>
+ <type>input</type>
+ <size>20</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>DNS Zone - Use * for all Zones</fielddescr>
+ <fieldname>dnszone</fieldname>
+ <description>Enter the DNS zone that this IP address is allowed to transfer (ex: domain.com)</description>
+ <type>input</type>
+ <size>20</size>
+ </rowhelperfield>
+ </rowhelper>
</field>
</fields>
<custom_delete_php_command>
@@ -290,9 +283,10 @@
</custom_php_deinstall_command>
<custom_php_command_before_form>
<![CDATA[
- unset($_POST['temp']);
- if(!is_process_running("svscan"))
- $savemsg = "NOTE: svscan is not running. Please <a href='/status_services.php?mode=restartservice&service=svscan'>start svscan</a> to bring up the DNS Server";
+ unset($_POST['temp']);
+ if (!is_process_running("svscan")) {
+ $savemsg = "NOTE: svscan is not running. Please <a href='/status_services.php?mode=restartservice&service=svscan'>start svscan</a> to bring up the DNS Server";
+ }
]]>
</custom_php_command_before_form>
</packagegui>