diff options
Diffstat (limited to 'config')
29 files changed, 1356 insertions, 1003 deletions
diff --git a/config/arping/arping.inc b/config/arping/arping.inc index 0054adf0..996fddf3 100644 --- a/config/arping/arping.inc +++ b/config/arping/arping.inc @@ -1,9 +1,9 @@ <?php -/* $Id$ */ /* arping.inc + part of pfSense (https://www.pfSense.org/) Copyright (C) 2006 Scott Ullrich - part of pfSense + Copyright (C) 2009-2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -28,22 +28,25 @@ POSSIBILITY OF SUCH DAMAGE. */ -function arping_deinstall() { -} - -function arping_package_reinstall() { -} - function arping_package_php_command() { require_once("util.inc"); - if (is_ipaddr($_POST['hostip']) || is_hostname($_POST['hostip']) || is_macaddr($_POST['hostip'])) - system("arping -c3 " . escapeshellarg($_POST['hostip'])); - else - echo "Invalid input. Supplied address must be a valid IP or MAC address."; + + $button = "<br /><br /><input class=\"formbtn\" type=\"button\" value=\"Back to ARPing\" onclick=\"history.back()\" />"; + $int_count = (is_numeric($_POST['count']) ? (abs(intval($_POST['count']))) : 3); + $arping_options = " -v -c {$int_count}"; + if (!empty($_POST['interface'])) { + $iface = convert_friendly_interface_to_real_interface_name($_POST['interface']); + $arping_options .= " -i {$iface}"; + } + if (is_ipaddr($_POST['pinghost']) || is_hostname($_POST['pinghost']) || is_macaddr($_POST['pinghost'])) { + $arping_options .= " " . $_POST['pinghost']; + echo "<strong>arping {$arping_options} output:</strong><br /><br />"; + system("/usr/local/sbin/arping {$arping_options}"); + echo "{$button}"; + } else { + echo "<div class=\"errmsg\">ERROR: Invalid input. Supplied address must be a valid hostname, IP or MAC address.</div>"; + echo "{$button}"; + } exit; } - -function arping_package_resync() { -} - -?>
\ No newline at end of file +?> diff --git a/config/arping/arping.xml b/config/arping/arping.xml index c8ab9931..59da6db1 100644 --- a/config/arping/arping.xml +++ b/config/arping/arping.xml @@ -2,83 +2,85 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + arping.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009-2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>arping</name> - <version>2.6.0.2</version> + <version>1.2</version> <title>Diagnostics: ARPing</title> - <savetext>ARPing</savetext> + <savetext>Run ARPing</savetext> <preoutput>yes</preoutput> <donotsave>true</donotsave> <include_file>/usr/local/pkg/arping.inc</include_file> <menu> - <name>Arping</name> - <tooltiptext>Host to arp ping</tooltiptext> + <name>ARPing</name> + <tooltiptext>The arping utility sends ARP and/or ICMP requests to the specified host and displays the replies.</tooltiptext> <section>Diagnostics</section> - <url><![CDATA[/pkg_edit.php?xml=arping.xml&id=0]]></url> + <url>/pkg_edit.php?xml=arping.xml&id=0</url> </menu> - <tabs> - <tab> - <text>arping Settings</text> - <url><![CDATA[/pkg_edit.php?xml=arping.xml&id=0]]></url> - <active/> - </tab> - </tabs> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/arping/arping.inc</item> </additional_files_needed> <fields> <field> - <fielddescr>Host IP or MAC</fielddescr> - <fieldname>hostip</fieldname> - <description>Enter the host IP or MAC address to ARP ping</description> + <fielddescr>IP, Hostname or MAC</fielddescr> + <fieldname>pinghost</fieldname> + <description>Enter the hostname, IP or MAC address to ARPing.</description> + <type>input</type> + <required>true</required> + </field> + <field> + <fielddescr>Count</fielddescr> + <fieldname>count</fieldname> + <description>This is the number of ARP pings to send.</description> <type>input</type> + <typehint>(Defaults to 3.)</typehint> + </field> + <field> + <fielddescr>Interface</fielddescr> + <fieldname>interface</fieldname> + <description>Use the specified interface.</description> + <type>interfaces_selection</type> + <hideinterfaceregex>loopback</hideinterfaceregex> </field> - </fields> + </fields> <custom_add_php_command> - arping_package_php_command(); + arping_package_php_command(); </custom_add_php_command> </packagegui> diff --git a/config/blinkled/blinkled.inc b/config/blinkled/blinkled.inc index ffbc79b2..ef2b6db8 100644 --- a/config/blinkled/blinkled.inc +++ b/config/blinkled/blinkled.inc @@ -1,20 +1,45 @@ <?php +/* + blinkled.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + require_once("config.inc"); require_once("functions.inc"); -function blinkled_running () { - return ((int)exec('pgrep blinkled | wc -l') > 0); -} - function sync_package_blinkled() { global $config; $blinkled_config = $config['installedpackages']['blinkled']['config'][0]; - /* kill all instances of blinkled */ - if(blinkled_running()) { - blinkled_stop(); + /* Kill all instances of blinkled */ + if (is_process_running("blinkled")) { + mwexec("/usr/bin/killall -9 blinkled"); } - /* if blinkled not running start it */ - if(!blinkled_running()) { + /* If blinkled is not running, start it */ + if (!is_process_running("blinkled")) { blinkled_start(); } } @@ -26,25 +51,25 @@ function blinkled_launch($int, $led) { function blinkled_start() { global $config; $blinkled_config = $config['installedpackages']['blinkled']['config'][0]; - if (!($blinkled_config['enable'])) + if (!($blinkled_config['enable'])) { return; + } - if (($blinkled_config['enable_led2']) && ($blinkled_config['iface_led2'])) + if (($blinkled_config['enable_led2']) && ($blinkled_config['iface_led2'])) { blinkled_launch(convert_friendly_interface_to_real_interface_name($blinkled_config['iface_led2']), 2); - if (($blinkled_config['enable_led3']) && ($blinkled_config['iface_led3'])) + } + if (($blinkled_config['enable_led3']) && ($blinkled_config['iface_led3'])) { blinkled_launch(convert_friendly_interface_to_real_interface_name($blinkled_config['iface_led3']), 3); -} - -function blinkled_stop() { - mwexec("/usr/bin/killall -9 blinkled"); + } } function validate_form_blinkled($post, &$input_errors) { /* Make sure both aren't using the same interface */ - if (($post['iface_led2']) && ($post['iface_led3']) && + if (($post['iface_led2']) && ($post['iface_led3']) && (($post['enable_led2']) && ($post['enable_led3'])) && - ($post['iface_led2'] == $post['iface_led3'])) + ($post['iface_led2'] == $post['iface_led3'])) { $input_errors[] = 'You cannot set two LEDs for a single interface. Please choose seperate interfaces.'; + } } ?> diff --git a/config/blinkled/blinkled.xml b/config/blinkled/blinkled.xml index aa0c53e8..65a574af 100644 --- a/config/blinkled/blinkled.xml +++ b/config/blinkled/blinkled.xml @@ -1,8 +1,49 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ +/* + blinkled.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009-2012 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <title>Interfaces: Assign LEDs</title> <name>blinkled</name> - <version>20090710</version> + <version>0.4.4</version> <savetext>Save</savetext> <include_file>/usr/local/pkg/blinkled.inc</include_file> <menu> @@ -14,13 +55,13 @@ <additional_files_needed> <item>https://packages.pfsense.org/packages/config/blinkled/blinkled.inc</item> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> </additional_files_needed> + <!-- TODO: Make the blinkled.sh script really usable for start/stop/restart --> <service> <name>blinkled</name> <rcfile>blinkled.sh</rcfile> <executable>blinkled</executable> - <description>Blinks LEDs to indicate network activity</description> + <description>Network Activity LED Indicator Daemon</description> </service> <fields> <field> diff --git a/config/filer/filer.inc b/config/filer/filer.inc index b89553e4..3a012dd2 100644 --- a/config/filer/filer.inc +++ b/config/filer/filer.inc @@ -1,194 +1,191 @@ <?php -/* ========================================================================== */ -/* - filerinc - part of pfSense (http://www.pfSense.com) - Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> - Copyright (C) 2012 Marcello Coutinho - Copyright (C) 2012 Brian Scholer - All rights reserved. - */ -/* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + filer.inc + part of pfSense (https://www.pfsense.org/) + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012 Brian Scholer + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ /* ========================================================================== */ - - -function filer_install() { - // reserved +function filer_text_area_decode($text) { + return preg_replace('/\r\n/', "\n", base64_decode($text)); } -function filer_deinstall() { - // reserved -} - -function filer_start() { - global $g, $config; - - // reserved -} - -function filer_text_area_decode($text){ - return preg_replace('/\r\n/', "\n",base64_decode($text)); -} function sync_package_filer() { global $config, $g; - $update_conf=0; - #mount filesystem writeable + $update_conf = 0; + conf_mount_rw(); - - #loop on configured files - if($config['installedpackages']['filer']['config']!="") { - $count=0; - foreach($config['installedpackages']['filer']['config'] as $file) { - if ($file['filedata']=="" && file_exists($file['fullfile'])){ - $config['installedpackages']['filer']['config'][$count]['filedata']=base64_encode(file_get_contents($file['fullfile'])); - $file['filedata']=base64_encode(file_get_contents($file['fullfile'])); + + /* Loop on configured files. */ + if ($config['installedpackages']['filer']['config'] != "") { + $count = 0; + foreach ($config['installedpackages']['filer']['config'] as $file) { + if ($file['filedata']=="" && file_exists($file['fullfile'])) { + $config['installedpackages']['filer']['config'][$count]['filedata'] = base64_encode(file_get_contents($file['fullfile'])); + $file['filedata'] = base64_encode(file_get_contents($file['fullfile'])); $update_conf++; - } + } $count++; - if(preg_match("/0?[0-7]{3}/", $file['mod'])) + if (preg_match("/0?[0-7]{3}/", $file['mod'])) { $mod = octdec($file['mod']); - else - $mod = 0700; - - #write file - file_put_contents($file['fullfile'], filer_text_area_decode($file['filedata']),LOCK_EX); + } else { + $mod = 0644; + } + + /* Write file. */ + file_put_contents($file['fullfile'], filer_text_area_decode($file['filedata']), LOCK_EX); chmod($file['fullfile'], $mod); - - #check if there is a script to run after file save - if($file['cmd']!= "") - switch ($file['background']){ + + /* Check if there is a script to run after file save. */ + if ($file['cmd'] != "") { + switch ($file['background']) { case "background": mwexec_bg($file['cmd']); break; case "foreground": mwexec($file['cmd']); - break; + break; } - + } } - #Write config if any file from filesystem was loaded - if ($update_conf > 0) - write_config(); + /* Write config if any file from filesystem was loaded. */ + if ($update_conf > 0) { + write_config(); + } } - #mount filesystem readonly + conf_mount_ro(); - + filer_sync_on_changes(); } function filer_validate_input($post, &$input_errors) { foreach ($post as $key => $value) { - if (empty($value)) + if (empty($value)) { continue; - if (substr($key, 0, 3) == "mod" && !preg_match("/^0?[0-7]{3}$/", $value)) - $input_errors[] = "{$value} is valid permission number"; - if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) - $input_errors[] = "Do not use special characters on description"; - if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) - $input_errors[] = "Do not use special characters on filename"; - + } + if (substr($key, 0, 3) == "mod" && !preg_match("/^0?[0-7]{3}$/", $value)) { + $input_errors[] = "{$value} is not valid permissions mode number."; + } + if (substr($key, 0, 11) == "description" && !preg_match("@^[a-zA-Z0-9 _/.-]+$@", $value)) { + $input_errors[] = "Do not use special characters in description."; + } + if (substr($key, 0, 8) == "fullfile" && !preg_match("@^[a-zA-Z0-9_/.-]+$@", $value)) { + $input_errors[] = "Do not use special characters in filename."; + } } } -/* Uses XMLRPC to synchronize the changes to a remote node */ +/* Uses XMLRPC to synchronize the changes to a remote node. */ function filer_sync_on_changes() { global $config, $g; - + log_error("[filer] filer_xmlrpc_sync.php is starting."); - $synconchanges = $config['installedpackages']['filersync']['config'][0]['synconchanges']; - if(!$synconchanges) + $synconchanges = $config['installedpackages']['filersync']['config'][0]['synconchanges']; + if (!$synconchanges) { return; - foreach ($config['installedpackages']['filersync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ + } + foreach ($config['installedpackages']['filersync']['config'] as $rs) { + foreach ($rs['row'] as $sh) { $sync_to_ip = $sh['ipaddress']; $password = $sh['password']; - if($sh['username']) + if ($sh['username']) { $username = $sh['username']; - else + } else { $username = 'admin'; - if($password && $sync_to_ip) + } + if ($password && $sync_to_ip) { filer_do_xmlrpc_sync($sync_to_ip, $username, $password); } + } } log_error("[filer] filer_xmlrpc_sync.php is ending."); } -/* Do the actual XMLRPC sync */ + +/* Do the actual XMLRPC sync. */ function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) { global $config, $g; - if(!$username) + if (!$username) { return; - - if(!$password) + } + + if (!$password) { return; + } - if(!$sync_to_ip) + if (!$sync_to_ip) { return; + } $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if ($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + } + $port = $config['system']['webgui']['port']; + /* If port is empty, let's rely on the protocol selection. */ + if ($port == "") { + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; - } + } + } $synchronizetoip .= $sync_to_ip; - /* xml will hold the sections to sync */ + /* xml will hold the sections to sync. */ $xml = array(); $xml['filer'] = $config['installedpackages']['filer']; - - /* assemble xmlrpc payload */ + + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($xml) ); - /* set a few variables needed for sync code borrowed from filter.inc */ + /* Set a few variables needed for sync; code borrowed from filter.inc. */ $url = $synchronizetoip; log_error("Beginning Filer XMLRPC sync to {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($g['debug']) + if ($g['debug']) { $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ + } + /* Send our XMLRPC message and timeout after 250 seconds. */ $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting filer XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "filer Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting filer XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -197,27 +194,27 @@ function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) { } else { log_error("filer XMLRPC sync successfully completed with {$url}:{$port}."); } - - /* tell filer to reload our settings on the destionation sync host. */ + + /* Tell filer to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/filer.inc');\n"; + $execcmd = "require_once('/usr/local/pkg/filer.inc');\n"; $execcmd .= "sync_package_filer();"; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($execcmd) ); - + log_error("filer XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting filer XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "filer Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting filer XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -226,7 +223,6 @@ function filer_do_xmlrpc_sync($sync_to_ip, $username, $password) { } else { log_error("filer XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } - } ?> diff --git a/config/filer/filer.xml b/config/filer/filer.xml index 71821067..98eb4bd8 100644 --- a/config/filer/filer.xml +++ b/config/filer/filer.xml @@ -1,59 +1,58 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ -/* ========================================================================== */ + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ /* - filer.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> - Copyright (C) 2011 Brian Scholer - Copyright (C) 2012 Marcello Coutinho - All rights reserved. + filer.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Brian Scholer + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>filer</name> - <version>0.60.1</version> + <version>0.60.2</version> <title>Filer</title> <include_file>/usr/local/pkg/filer.inc</include_file> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/filer/filer.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/filer/filer_sync.xml</item> </additional_files_needed> <menu> @@ -73,7 +72,6 @@ <url>/pkg_edit.php?xml=filer_sync.xml</url> </tab> </tabs> - <adddeleteeditpagefields> <columnitem> <fielddescr>File</fielddescr> @@ -99,7 +97,7 @@ <fieldname>fullfile</fieldname> <type>input</type> <size>60</size> - <description>Enter Full file path</description> + <description>Enter full file path.</description> <required/> </field> <field> @@ -107,6 +105,7 @@ <fieldname>description</fieldname> <description>Enter a description for this file.</description> <type>input</type> + <typehint>(Not parsed -- this is for your reference only.)</typehint> <size>60</size> </field> <field> @@ -114,7 +113,7 @@ <fieldname>mod</fieldname> <type>input</type> <size>10</size> - <description><![CDATA[Enter file permission you want on this file<br>Blank leaves the permissions alone.]]></description> + <description><![CDATA[Enter file permission you want on this file<br />If left blank, default file permissions (0644) will be used.]]></description> </field> <field> <fielddescr>File Contents</fielddescr> @@ -129,23 +128,33 @@ <field> <type>listtopic</type> <fieldname>temp</fieldname> - <name>cmd to run after file save/sync</name> + <name>Command to run after file save/sync.</name> </field> <field> - <fielddescr>script</fielddescr> + <fielddescr>Script/Command</fielddescr> <fieldname>cmd</fieldname> - <description>Enter script or cmd to run after file save/sync</description> + <description>Enter script or command to run after file save/sync.</description> <type>input</type> + <typehint>(Optional. If using a custom script, it must have executable bit set.)</typehint> <size>60</size> </field> <field> - <fielddescr>execute mode</fielddescr> + <fielddescr>Execute mode</fielddescr> <fieldname>background</fieldname> <type>select</type> <options> - <option><name>Background (default)</name><value>background</value></option> - <option><name>Foreground</name><value>foreground</value></option> - <option><name>Do not run this script</name><value>disabled</value></option> + <option> + <name>Background (default)</name> + <value>background</value> + </option> + <option> + <name>Foreground</name> + <value>foreground</value> + </option> + <option> + <name>Do not run this script</name> + <value>disabled</value> + </option> </options> <description>Choose the way script will run.</description> </field> @@ -153,8 +162,6 @@ <custom_php_install_command> filer_install(); </custom_php_install_command> - <custom_php_command_before_form> - </custom_php_command_before_form> <custom_php_validation_command> filer_validate_input($_POST, $input_errors); </custom_php_validation_command> @@ -164,4 +171,4 @@ <custom_php_resync_config_command> sync_package_filer(); </custom_php_resync_config_command> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/filer/filer_sync.xml b/config/filer/filer_sync.xml index c51bae86..0b4124ce 100644 --- a/config/filer/filer_sync.xml +++ b/config/filer/filer_sync.xml @@ -2,48 +2,49 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ -/* ========================================================================== */ + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ /* - filer_sync.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com> - Copyright (C) 2011 Brian Scholer - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - */ -/* ========================================================================== */ + filer_sync.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2011 Brian Scholer + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>filersync</name> - <version>1.1</version> + <version>1.2</version> <title>Filer: Sync</title> <include_file>/usr/local/pkg/filer.inc</include_file> <tabs> @@ -62,11 +63,11 @@ <type>listtopic</type> <fieldname>temp</fieldname> <name>Enable Filer configuration sync</name> - </field> + </field> <field> - <fielddescr>Automatically sync Filer configuration changes</fielddescr> + <fielddescr>Automatically sync Filer configuration changes.</fielddescr> <fieldname>synconchanges</fieldname> - <description>pfSense will automatically sync changes to the hosts defined below. Blank user assumes 'admin'.</description> + <description>pfSense will automatically sync changes to the hosts defined below. (Leave blank to use 'admin'.)</description> <type>checkbox</type> </field> <field> @@ -77,7 +78,7 @@ <rowhelperfield> <fielddescr>IP Address</fielddescr> <fieldname>ipaddress</fieldname> - <description>IP Address of remote server</description> + <description>IP Address of remote server.</description> <type>input</type> <size>20</size> <required/> @@ -85,7 +86,7 @@ <rowhelperfield> <fielddescr>User Name</fielddescr> <fieldname>username</fieldname> - <description>user name of remote server</description> + <description>user name of remote server.</description> <type>input</type> <size>20</size> </rowhelperfield> @@ -101,9 +102,9 @@ </field> </fields> <custom_php_resync_config_command> - filer_sync_on_changes(); + filer_sync_on_changes(); </custom_php_resync_config_command> - <custom_php_command_before_form> + <custom_php_command_before_form> unset($_POST['temp']); </custom_php_command_before_form> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/ftpproxy/ftpproxy.inc b/config/ftpproxy/ftpproxy.inc index 7fc54775..ece580c2 100644 --- a/config/ftpproxy/ftpproxy.inc +++ b/config/ftpproxy/ftpproxy.inc @@ -1,4 +1,34 @@ <?php +/* + ftpproxy.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + +*/ function sync_package_ftpproxy() { conf_mount_rw(); config_lock(); @@ -144,4 +174,4 @@ function ftpproxy_generate_rules($type) { } return $rules; } -?>
\ No newline at end of file +?> diff --git a/config/ftpproxy/ftpproxy.xml b/config/ftpproxy/ftpproxy.xml index 5bd123dc..eb2af370 100644 --- a/config/ftpproxy/ftpproxy.xml +++ b/config/ftpproxy/ftpproxy.xml @@ -1,12 +1,52 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ +/* + ftpproxy.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>FTP Client Proxy</name> - <version>0.2</version> + <version>0.2.1</version> <title>FTP Client Proxy</title> <aftersaveredirect>pkg_edit.php?xml=ftpproxy.xml</aftersaveredirect> <include_file>/usr/local/pkg/ftpproxy.inc</include_file> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/ftpproxy/ftpproxy.inc</item> </additional_files_needed> <menu> @@ -95,7 +135,7 @@ <field> <fielddescr>Idle Timeout (Default: 86400)</fielddescr> <fieldname>idletimeout</fieldname> - <description>(Seconds) Number of seconds that the control connection can be idle, before the proxy will disconnect. The maximum is 86400 seconds. Do not set this too low, because the control connection is usually idle when large data transfers are taking place.</description> + <description>(Seconds) Number of seconds that the control connection can be idle, before the proxy will disconnect. The maximum is 86400 seconds. Do not set this too low, because the control connection is usually idle when large data transfers are taking place.</description> <type>input</type> </field> <field> diff --git a/config/gwled/gwled.inc b/config/gwled/gwled.inc index dad6fe69..9917208b 100644 --- a/config/gwled/gwled.inc +++ b/config/gwled/gwled.inc @@ -1,17 +1,42 @@ <?php -require_once("functions.inc"); +/* + gwled.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2011 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. -function gwled_running () { - return ((int)exec('pgrep -f gwled | wc -l') > 0); -} + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("functions.inc"); function sync_package_gwled() { global $config; $gwled_config = $config['installedpackages']['gwled']['config'][0]; led_normalize(); - /* kill all instances of gwled */ - if(gwled_running()) { - gwled_stop(); + /* Kill all instances of gwled */ + if (is_process_running("gwled")) { + mwexec("/bin/pkill -9 -f gwled"); } gwled_start(); } @@ -19,29 +44,27 @@ function sync_package_gwled() { function gwled_start() { global $config; $gwled_config = $config['installedpackages']['gwled']['config'][0]; - if (!($gwled_config['enable'])) + if (!($gwled_config['enable'])) { return; + } // How often to run the check, in seconds. $interval = 15; - if (($gwled_config['enable_led2']) && ($gwled_config['gw_led2']) - || ($gwled_config['enable_led3']) && ($gwled_config['gw_led3'])) { + if (($gwled_config['enable_led2']) && ($gwled_config['gw_led2']) || + ($gwled_config['enable_led3']) && ($gwled_config['gw_led3'])) { mwexec("/usr/local/bin/minicron {$interval} /var/run/gwled.pid /usr/local/bin/gwled.php"); mwexec_bg("/usr/local/bin/gwled.php"); } } -function gwled_stop() { - exec("/bin/pkill -9 -f gwled"); -} - function validate_form_gwled($post, &$input_errors) { /* Make sure both aren't using the same interface */ - if (($post['gw_led2']) && ($post['gw_led3']) && + if (($post['gw_led2']) && ($post['gw_led3']) && (($post['enable_led2']) && ($post['enable_led3'])) && - ($post['gw_led2'] == $post['gw_led3'])) + ($post['gw_led2'] == $post['gw_led3'])) { $input_errors[] = 'You cannot set two LEDs for a single gateway. Please choose seperate interfaces.'; + } } function gwled_get_gateways() { @@ -49,7 +72,7 @@ function gwled_get_gateways() { foreach ($gateways as $gateway) { $tmp["name"] = "{$gateway['name']} (Monitor: {$gateway['monitor']})"; - $tmp["value"] = $gateway['name']; + $tmp["value"] = $gateway['name']; $gws[] = $tmp; } return $gws; @@ -59,18 +82,21 @@ function gwled_set_status($gateway, $led) { $a_gateways = return_gateways_array(); $gateways_status = array(); $gateways_status = return_gateways_status(true); + if ($gateways_status[$gateway]) { $status = $gateways_status[$gateway]['status']; - if (stristr($status, "down")) + if (stristr($status, "down")) { led_blink($led, "veryfast"); - elseif (stristr($status, "loss")) + } elseif (stristr($status, "loss")) { led_blink($led, "fast"); - elseif (stristr($status, "delay")) + } elseif (stristr($status, "delay")) { led_blink($led, "medium"); - elseif ($status == "none") + } elseif ($status == "none") { led_on($led); - } else + } + } else { led_blink($led, "veryfast"); + } } ?> diff --git a/config/gwled/gwled.php b/config/gwled/gwled.php index efcb73dd..bddf41eb 100644 --- a/config/gwled/gwled.php +++ b/config/gwled/gwled.php @@ -1,5 +1,33 @@ #!/usr/local/bin/php -q <?php +/* + gwled.php + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2011 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ require_once("config.inc"); require_once("functions.inc"); require_once("gwled.inc"); diff --git a/config/gwled/gwled.xml b/config/gwled/gwled.xml index 015ab3bb..5d2a047e 100644 --- a/config/gwled/gwled.xml +++ b/config/gwled/gwled.xml @@ -1,8 +1,47 @@ <?xml version="1.0" encoding="utf-8" ?> <packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ +/* + gwled.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2011-2013 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <title>Interfaces: Gateway Status LEDs</title> <name>gwled</name> - <version>20110810</version> + <version>0.2.2</version> <savetext>Save</savetext> <include_file>/usr/local/pkg/gwled.inc</include_file> <menu> @@ -14,13 +53,13 @@ <additional_files_needed> <item>https://packages.pfsense.org/packages/config/gwled/gwled.inc</item> <prefix>/usr/local/pkg/</prefix> - <chmod>0644</chmod> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/bin/</prefix> <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/gwled/gwled.php</item> </additional_files_needed> + <!-- TODO: Make the gwled.sh script really usable for start/stop/restart --> <service> <name>gwled</name> <rcfile>gwled.sh</rcfile> @@ -33,8 +72,7 @@ <fieldname>enable</fieldname> <type>checkbox</type> <enablefields>enable_led2,enable_led3,gw_led2,gw_led3</enablefields> - <description>if this is enabled, it will use LED #2 and #3 to - indicate gateway status with a peridic poll.</description> + <description>if this is enabled, it will use LED #2 and #3 to indicate gateway status with a peridic poll.</description> </field> <field> <fielddescr>Enable LED #2</fielddescr> diff --git a/config/mtr-nox11/mtr-nox11.xml b/config/mtr-nox11/mtr-nox11.xml index e0125333..396e860d 100644 --- a/config/mtr-nox11/mtr-nox11.xml +++ b/config/mtr-nox11/mtr-nox11.xml @@ -2,54 +2,53 @@ <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + mtr-nox11.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2014-2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> <name>mtr</name> - <version>0.65_2</version> + <version>0.85_3</version> <title>Diagnostics: mtr</title> - <savetext>mtr</savetext> + <savetext>Run mtr</savetext> <preoutput>yes</preoutput> + <!-- Invokes a simple input menu and will not update the configuration database. --> <donotsave>true</donotsave> <!-- Menu is where this packages menu will appear --> <menu> @@ -58,36 +57,86 @@ <section>Diagnostics</section> <configfile>mtr-nox11.xml</configfile> </menu> - <!-- Do not save invokes a simple input menu and will not update - the configuration database. --> <fields> <field> - <fielddescr>IP or Hostname</fielddescr> - <fieldname>hostname</fieldname> - <description>Enter the IP address or hostname that you would like to traceroute to.</description> - <type>input</type> + <fielddescr>IP or Hostname</fielddescr> + <fieldname>hostname</fieldname> + <description>Enter the IP address or hostname that you would like to traceroute to.</description> + <type>input</type> + <required>true</required> + </field> + <field> + <fielddescr>Count</fielddescr> + <fieldname>count</fieldname> + <description>This is the number of pings to send, each one takes 1 second.</description> + <type>input</type> + <typehint>(Defaults to 10)</typehint> + </field> + <field> + <fielddescr>No DNS Lookup</fielddescr> + <fieldname>nodns</fieldname> + <description>Use this option to force mtr to display numeric IP numbers and not try to resolve the host names.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Show IPs</fielddescr> + <fieldname>showips</fieldname> + <description>Use this option to tell mtr to display both the host names and numeric IP numbers.</description> + <type>checkbox</type> </field> - <field> - <fielddescr>Count</fielddescr> - <fieldname>count</fieldname> - <description>This is the number of pings to send, each one takes 1 second</description> - <type>input</type> - <typehint>Defaults to 10</typehint> - </field> - <field> - <fielddescr>No DNS Lookup</fielddescr> - <fieldname>nodns</fieldname> - <description>Use this option to force mtr to display numeric IP numbers and not try to resolve the host names</description> - <type>checkbox</type> - </field> - </fields> - <custom_add_php_command> - $mtr_options = " -r"; - if($_POST['count']) $mtr_options .= " -c " . $_POST['count']; - if($_POST['nodns']) $mtr_options .= " -n"; - $mtr_options .= " " . $_POST['hostname']; - system("/usr/local/sbin/mtr" . $mtr_options); - </custom_add_php_command> - <custom_php_deinstall_command> - </custom_php_deinstall_command> + <field> + <fielddescr>Raw Output Format</fielddescr> + <fieldname>raw</fieldname> + <description>Use this option to tell mtr to use the raw output format.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Interval</fielddescr> + <fieldname>interval</fieldname> + <description>Use this option to specify the positive number of seconds between ICMP ECHO requests.</description> + <type>input</type> + <typehint>(Default is 1 second.)</typehint> + </field> + <field> + <fielddescr>Use IPv4 only</fielddescr> + <fieldname>ipv4only</fieldname> + <description>Use this option to use IPv4 only.</description> + <type>checkbox</type> + </field> + </fields> + <custom_add_php_command> + <![CDATA[ + /* Do some basic input validation/sanitation here */ + $int_count = (is_numeric($_POST['count']) ? (abs(intval($_POST['count']))) : 10); + $int_interval = (is_numeric($_POST['interval']) ? (abs(intval($_POST['interval']))) : 1); + + if (!is_hostname($_POST['hostname']) && !is_ipaddr($_POST['hostname'])) { + echo "<div class=\"errmsg\">ERROR: No valid IP or Hostname given. Fix this and try again!</div>"; + echo "\n<input class=\"formbtn\" type=\"button\" value=\"Back to mtr\" onclick=\"history.back()\">"; + die(); + } + + /* Set up the configured options */ + /* Use wide report mode to not cut hostnames in the report */ + $mtr_options = " -w"; + $mtr_options .= " -c " . $int_count; + if ($_POST['nodns']) { + $mtr_options .= " -n"; + } + if ($_POST['showips']) { + $mtr_options .= " -b"; + } + if ($_POST['raw']) { + $mtr_options .= " -l"; + } + $mtr_options .= " -i " . $int_interval; + if ($_POST['ipv4only']) { + $mtr_options .= " -4"; + } + $mtr_options .= " " . $_POST['hostname']; + echo "Running mtr $mtr_options:\n\n"; + system("/usr/local/sbin/mtr" . $mtr_options); + echo "\n<input class=\"formbtn\" type=\"button\" value=\"Back to mtr\" onclick=\"history.back()\">"; + ]]> + </custom_add_php_command> </packagegui> diff --git a/config/nmap/nmap.inc b/config/nmap/nmap.inc index 632d4b2d..cbf1b15a 100644 --- a/config/nmap/nmap.inc +++ b/config/nmap/nmap.inc @@ -1,9 +1,9 @@ <? -/* $Id$ */ /* - part of pfSense (https://www.pfsense.org/) - - Copyright (C) 2006 Bill Marquette - bill.marquette@gmail.com. + nmap.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2006 Bill Marquette <bill.marquette@gmail.com> + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -43,20 +43,16 @@ function nmap_install() { } /* Only copy the file if it doesn't exist */ if (file_exists($source_file) && !file_exists($destination_file)) { - if (!is_dir(dirname($destination_file))) { - @mkdir(dirname($destination_file), 0644, true); - } + safe_mkdir(dirname($destination_file)); @symlink($source_file, $destination_file); } } -function nmap_custom_php_validation_command($post, & $input_errors) { +function nmap_custom_php_validation_command($post, &$input_errors) { global $_POST, $savemsg, $config; if (empty($_POST['hostname'])) { $input_errors[] = gettext("You must enter an IP address to scan."); - } elseif (!(is_ipaddr($_POST['hostname']) || - is_subnet($_POST['hostname']) || - is_hostname($_POST['hostname']))) { + } elseif (!(is_ipaddr($_POST['hostname']) || is_subnet($_POST['hostname']) || is_hostname($_POST['hostname']))) { $input_errors[] = gettext("You must enter a valid IP address to scan."); } @@ -71,9 +67,9 @@ function nmap_custom_php_validation_command($post, & $input_errors) { function nmap_custom_add_php_command() { $nmap_options = ""; - if (function_exists("is_ipaddrv6") && function_exists("is_subnetv6")) - if (is_ipaddrv6($_POST['hostname']) || is_subnetv6($_POST['hostname'])) - $nmap_options .= " -6"; + if (is_ipaddrv6($_POST['hostname']) || is_subnetv6($_POST['hostname'])) { + $nmap_options .= " -6"; + } switch($_POST['scanmethod']) { case 'syn': @@ -93,14 +89,23 @@ function nmap_custom_add_php_command() { break; } - if($_POST['noping']) $nmap_options .= " -P0"; - if($_POST['servicever']) $nmap_options .= " -sV"; - if($_POST['osdetect']) $nmap_options .= " -O"; - if(!empty($_POST['interface'])) $nmap_options .= " -e " . get_real_interface($_POST['interface']); + if ($_POST['noping']) { + $nmap_options .= " -P0"; + } + if ($_POST['servicever']) { + $nmap_options .= " -sV"; + } + if ($_POST['osdetect']) { + $nmap_options .= " -O"; + } + if (!empty($_POST['interface'])) { + $nmap_options .= " -e " . get_real_interface($_POST['interface']); + } $nmap_options .= " " . escapeshellarg($_POST['hostname']); - echo "Running: /usr/local/bin/nmap {$nmap_options}</br>"; + echo "<strong>Running: /usr/local/bin/nmap {$nmap_options}</strong><br />"; system("/usr/local/bin/nmap" . $nmap_options); + echo "<br /><br /><input class=\"formbtn\" type=\"button\" value=\"Back to NMap\" onclick=\"history.back()\" />"; } function nmap_get_interfaces() { diff --git a/config/nmap/nmap.xml b/config/nmap/nmap.xml index ad0f8e0a..446ba461 100644 --- a/config/nmap/nmap.xml +++ b/config/nmap/nmap.xml @@ -7,26 +7,25 @@ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + nmap.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2006 Bill Marquette <bill.marquette@gmail.com> + Copyright (C) 2015 ESF, LLC All rights reserved. */ -/* ========================================================================== */ +/* ====================================================================================== */ /* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY @@ -39,20 +38,16 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* ========================================================================== */ +/* ====================================================================================== */ ]]> </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>nmap</name> - <version>6.40_2 pkg v1.3</version> + <version>1.4</version> <title>Diagnostics: NMap</title> <savetext>Scan</savetext> <preoutput>yes</preoutput> <donotsave>true</donotsave> <include_file>/usr/local/pkg/nmap.inc</include_file> - <!-- Menu is where this packages menu will appear --> <menu> <name>NMap</name> <tooltiptext>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</tooltiptext> @@ -61,7 +56,6 @@ </menu> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/nmap/nmap.inc</item> </additional_files_needed> <fields> @@ -97,23 +91,23 @@ <field> <fielddescr>-P0</fielddescr> <fieldname>noping</fieldname> - <description>This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when port scanning microsoft.com. Note the "ping" in this context may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbitrary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.</description> + <description>This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when port scanning microsoft.com. Note the "ping" in this context may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbitrary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.</description> <type>checkbox</type> <typehint>Do not try to ping hosts at all before scanning them.</typehint> </field> <field> <fielddescr>-sV</fielddescr> <fieldname>servicever</fieldname> - <description>After TCP and/or UDP ports are discovered using one of the other scan methods, version detection communicates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version)</description> + <description>After TCP and/or UDP ports are discovered using one of the other scan methods, version detection communicates with those ports to try and determine more about what is actually running. A file called nmap-service-probes is used to determine the best probes for detecting various services and the match strings to expect. Nmap tries to determine the service protocol (e.g. ftp, ssh, telnet, http), the application name (e.g. ISC Bind, Apache httpd, Solaris telnetd), the version number, and sometimes miscellaneous details like whether an X server is open to connections or the SSH protocol version).</description> <type>checkbox</type> - <typehint>Try to identify service versions</typehint> + <typehint>Try to identify service versions.</typehint> </field> <field> <fielddescr>-O</fielddescr> <fieldname>osdetect</fieldname> - <description>This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtleties in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning</description> + <description>This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtleties in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file) to decide what type of system you are scanning.</description> <type>checkbox</type> - <typehint>Turn on OS detection</typehint> + <typehint>Turn on OS detection.</typehint> </field> </fields> <custom_add_php_command> diff --git a/config/ntopng/ntopng.xml b/config/ntopng/ntopng.xml index dcb3f2b7..3d07b064 100644 --- a/config/ntopng/ntopng.xml +++ b/config/ntopng/ntopng.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> <![CDATA[ @@ -8,7 +8,7 @@ /* ========================================================================== */ /* ntopng.xml - part of pfSense (http://www.pfSense.com) + part of pfSense (https://www.pfSense.org/) Copyright (C) 2014 ESF, LLC All rights reserved. */ @@ -39,7 +39,7 @@ ]]> </copyright> <name>ntopng</name> - <version>1.2 v0.5</version> + <version>0.7.2</version> <title>Diagnostics: ntopng Settings</title> <savetext>Change</savetext> <aftersaveredirect>pkg_edit.php?xml=ntopng.xml</aftersaveredirect> @@ -146,6 +146,8 @@ config_lock(); global $config; global $input_errors; + global $pf_version, $scripts_path, $fonts_path; + $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($_POST) { $config['installedpackages']['ntopng']['config'] = array(); $config['installedpackages']['ntopng']['config'][0] = $_POST; @@ -156,15 +158,26 @@ safe_mkdir("/var/db/ntopng/rrd/graphics", 0755, true); system("/bin/chmod -R 755 /var/db/ntopng"); system("/usr/sbin/chown -R nobody:nobody /var/db/ntopng"); - $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); + if ($pf_version == "2.2") { $fonts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/lib/X11/fonts"; + $scripts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/share/ntopng/scripts"; } else if ($pf_version == "2.1") { $fonts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/lib/X11/fonts"; + $scripts_path = "/usr/pbi/ntopng-" . php_uname("m") . "/share/ntopng/scripts"; } else { $fonts_path = "/usr/local/lib/X11/fonts"; } + if ($pf_version == "2.1" || $pf_version == "2.2") { + $ntopng_share_path = "/usr/local/share/ntopng"; + $scripts_link_path = $ntopng_share_path . "/scripts"; + safe_mkdir("$ntopng_share_path", 0755, true); + if (!file_exists($scripts_link_path)) { + symlink($scripts_path, $scripts_link_path); + } + } system("/bin/cp -Rp {$fonts_path}/webfonts/ {$fonts_path}/TTF/"); + $first = 0; foreach($ntopng_config['interface_array'] as $iface) { $if = convert_friendly_interface_to_real_interface_name($iface); @@ -211,7 +224,6 @@ $disable_alerts = "-H"; } - $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version == "2.2") { $redis_path = "/usr/pbi/ntopng-" . php_uname("m") . "/local/bin"; } else if ($pf_version == "2.1") { @@ -318,6 +330,12 @@ </custom_php_install_command> <custom_php_deinstall_command> exec("rm /usr/local/etc/rc.d/ntopng*"); + $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); + if ($pf_version == "2.1" || $pf_version == "2.2") { + if (is_dir("/usr/local/share/ntopng/")) { + exec("rm -rf /usr/local/share/ntopng/"); + } + } </custom_php_deinstall_command> <custom_php_validation_command> <![CDATA[ diff --git a/config/nut/nut.inc b/config/nut/nut.inc index a186ab30..dae2269e 100644 --- a/config/nut/nut.inc +++ b/config/nut/nut.inc @@ -2,8 +2,8 @@ /* nut.inc part of pfSense (https://www.pfsense.org/) - - Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. + Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com> + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -30,8 +30,7 @@ require_once("config.inc"); require_once("functions.inc"); - - /* Nut */ + require_once("util.inc"); define('NUT_RCFILE', '/usr/local/etc/rc.d/nut.sh'); @@ -43,80 +42,58 @@ define('NUT_DIR','/usr/local/etc/nut'); } - function nut_notice ($msg) { syslog(LOG_NOTICE, "nut: {$msg}"); return; } - function nut_warn ($msg) { syslog(LOG_WARNING, "nut: {$msg}"); return; } - - function nut_action ($action) { - if (file_exists(NUT_RCFILE)) - mwexec(NUT_RCFILE.' '.$action); - } - - function nut_config ($name) { + function nut_config($name) { global $config; - if($config['installedpackages']['nut']['config'][0]["{$name}"]) + if ($config['installedpackages']['nut']['config'][0]["{$name}"]) { return $config['installedpackages']['nut']['config'][0]["{$name}"]; - return null; - } + } else { + return null; + } + } - function nut_config_sub ($name,$len) { + function nut_config_sub($name,$len) { global $config; - if(nut_config($name)) + if (nut_config($name)) { return substr(nut_config($name),0,strlen(nut_config($name))-$len); - return null; - } - + } else { + return null; + } + } + function nut_write_config($file, $text, $mask = null, $uid = null) { $conf = fopen($file, "w"); - if(!$conf) { - nut_warn("Could not open {$file} for writing."); + if (!$conf) { + log_error("[nut] ERROR: Could not open {$file} for writing."); exit; } fwrite($conf, $text); fclose($conf); - if($mask) chmod($file, $mask); - if($uid) chown($file, $uid); + if ($mask) { + chmod($file, $mask); + } + if ($uid) { + chown($file, $uid); + } } - function nut_validate_ip($ip,$check_cdir) { - /* validate cdir */ - if($check_cdir) { - $ip_array = explode("/",$ip); - if(count($ip_array) == 2) { - if($ip_array[1] < 1 || $ip_array[1] > 32) - return false; - } else - if(count($ip_array) != 1) - return false; - } else - $ip_array[] = $ip; - - /* validate ip */ - if(!eregi("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", $ip_array[0])) - return false; - foreach(explode(".", $ip_array[0]) as $sub) - if($sub < 0 || $sub > 256) - return false; - return true; - } - function before_form_nut(&$pkg) { /* return available serial ports */ - + $serial_types = array("sio", "cua", "tty"); $ignore_files = array(".lock", ".init"); - foreach($serial_types as $st) { + foreach ($serial_types as $st) { $devices = glob("/dev/{$st}*"); - foreach($devices as $line) { - if($line != '') { + foreach ($devices as $line) { + if ($line != '') { $ignore = false; - foreach($ignore_files as $if) { - if(strstr($line, $if)) { + foreach ($ignore_files as $if) { + if (strstr($line, $if)) { $ignore = true; continue; } } - if($ignore == false) { + if ($ignore == false) { $names[] = str_replace("/dev/", "", $line); $values[] = $line; } @@ -127,69 +104,80 @@ /* find correct field */ $i = 0; foreach ($pkg['fields']['field'] as $field) { - if ($field['fieldname'] == 'port') + if ($field['fieldname'] == 'port') { break; - $i++; - } - $field = &$pkg['fields']['field'][$i]; + } else { + $i++; + } + } + $field = &$pkg['fields']['field'][$i]; /* add available serial ports */ - for ($i = 0; $i < count($values) ; $i++) + for ($i = 0; $i < count($values); $i++) { $field['options']['option'][] = array('name' => $names[$i], 'value' => $values[$i]); + } } function validate_form_nut($post, &$input_errors) { global $config; /* monitor remote validation */ - if($post['monitor'] == 'remote') { - if(!$post['remotename']) + if ($post['monitor'] == 'remote') { + if (!$post['remotename']) { $input_errors[] = 'You must specify a name in the \'Remote UPS Name\' field'; - if($post['remotename'] && !eregi('^[a-z0-9_.-]+$', $post['remotename'])) - $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Remote UPS Name\' field'; - if(!$post['remoteaddr'] || !nut_validate_ip($post['remoteaddr'],false)) + } + if ($post['remotename'] && !preg_match("/^[a-zA-Z0-9-_]+$/", $post['name'])) { + $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Remote UPS Name\' field'; + } + if (!$post['remoteaddr'] || !is_ipaddr($post['remoteaddr'])) { $input_errors[] = 'You must specify a valid address \'Remote UPS Address\' field'; - if(!$post['remoteuser']) + } + if (!$post['remoteuser']) { $input_errors[] = 'You must specify a name in the \'Remote UPS User\' field'; - if(!$post['remotepass']) + } + if (!$post['remotepass']) { $input_errors[] = 'You must specify a name in the \'Remote UPS Password\' field'; - } - - /* monitor local validation */ - elseif($post['monitor'] == 'local') { - if(!$post['name']) + } + } elseif ($post['monitor'] == 'local') { + /* monitor local validation */ + if (!$post['name']) { $input_errors[] = 'You must specify a name in the \'Local UPS Name\' field'; - if($post['name'] && !eregi('^[a-z0-9_.-]+$', $post['name'])) - $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Local UPS Name\' field'; - if(!$post['driver']) + } + if ($post['name'] && !preg_match("/^[a-zA-Z0-9-_]+$/", $post['name'])) { + $input_errors[] = 'Only [Aa-Zz], [0-9], and [-_] accepted in the \'Local UPS Name\' field'; + } + if (!$post['driver']) { $input_errors[] = 'You must select a driver in the \'Local UPS Driver\' field'; - if(!$post['port']) + } + if (!$post['port']) { $input_errors[] = 'You must select a port in the \'Local UPS Port\' field'; + } } } function deinstall_package_nut() { - nut_action('stop'); + stop_service("nut"); - @unlink(NUT_RCFILE); - @unlink(NUT_DIR.'/upsmon.conf'); - @unlink(NUT_DIR.'/ups.conf'); - @unlink(NUT_DIR.'/upsd.conf'); - @unlink(NUT_DIR.'/upsd.users'); + unlink_if_exists(NUT_RCFILE); + unlink_if_exists(NUT_DIR.'/upsmon.conf'); + unlink_if_exists(NUT_DIR.'/ups.conf'); + unlink_if_exists(NUT_DIR.'/upsd.conf'); + unlink_if_exists(NUT_DIR.'/upsd.users'); - exec('rm -rf /var/db/nut'); - } + exec('/bin/rm -rf /var/db/nut'); + } function sync_package_nut_remote() { $remotename = nut_config('remotename'); $remoteaddr = nut_config('remoteaddr'); $remoteuser = nut_config('remoteuser'); $remotepass = nut_config('remotepass'); - $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; + $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; $custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf')); - if(!($remotename && $remoteaddr && $remoteuser && $remotepass)) + if (!($remotename && $remoteaddr && $remoteuser && $remotepass)) { return false; + } /* upsmon.conf */ $upsmon_conf = <<<EOD @@ -199,16 +187,16 @@ SHUTDOWNCMD "/sbin/shutdown {$shutdownflag} +0" POWERDOWNFLAG /etc/killpower {$custom_upsmonconf} EOD; - + $stop = <<<EOD -if [ `pgrep upsmon | wc -l` != 0 ]; then +if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then /usr/bin/killall upsmon - while [ `pgrep upsmon | wc -l` != 0 ]; do + while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do sleep 1 done fi EOD; - + $start = $stop."\n\t/usr/local/sbin/upsmon {$remotename}@{$remoteaddr}\n"; /* write out configuration */ @@ -216,10 +204,10 @@ EOD; nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp'); write_rcfile(array( 'file' => 'nut.sh', - 'start' => $start, - 'stop' => $stop - ) - ); + 'start' => $start, + 'stop' => $stop + ) + ); conf_mount_ro(); return true; @@ -227,6 +215,7 @@ EOD; function sync_package_nut_local() { global $pfs_version; + $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); $name = nut_config('name'); $driver = nut_config_sub('driver', 2); @@ -235,43 +224,46 @@ EOD; $cable = nut_config_sub('cable', 3); $allowuser = nut_config('allowuser'); $allowpass = nut_config('allowpass'); - $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; + $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; $custom_upsconf = str_replace(";", "\n", nut_config('custom_upsconf')); $custom_upsdconf = str_replace(";", "\n", nut_config('custom_upsdconf')); $custom_upsdusers = str_replace(";", "\n", nut_config('custom_upsdusers')); $custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf')); - if(!($name && $driver && $port)) + if (!($name && $driver && $port)) { return false; + } /* some installs are missing the lock dir */ - if(!is_dir('/var/spool/lock')) { - @mkdir('/var/spool'); - mkdir('/var/spool/lock'); + if (!is_dir('/var/spool/lock')) { + safe_mkdir('/var/spool'); + safe_mkdir('/var/spool/lock'); chown('/var/spool/lock', 'uucp'); chgrp('/var/spool/lock', 'dialer'); } /* determine permissions for port */ - if($port != 'auto') { + if ($port != 'auto') { $port_rel = "chown root {$port}"; $port_set = "chown uucp {$port}"; } /* ups.conf */ - /* for usb ups run as root */ - if($port == 'auto') { + /* for USB ups run as root */ + if ($port == 'auto') { $ups_conf = "user=root\n"; $ovr_user = '-u root'; } $ups_conf .= "[{$name}]\n"; $ups_conf .= "driver={$driver}\n"; $ups_conf .= "port={$port}\n"; - if($cable) + if ($cable) { $ups_conf .= "cable={$cable}\n"; - if($upstype) + } + if ($upstype) { $ups_conf .= "upstype={$upstype}\n"; + } $ups_conf .= "{$custom_upsconf}"; /* upsd.conf */ @@ -284,17 +276,18 @@ EOD; $upsd_users = "[monuser]\n"; $upsd_users .= "password = {$password}\n"; $upsd_users .= "upsmon master\n"; - if($allowuser && $allowpass) { + if ($allowuser && $allowpass) { $upsd_users .= "\n[$allowuser]\n"; $upsd_users .= "password = $allowpass\n"; $upsd_users .= "upsmon master\n"; } $upsd_users .= "{$custom_upsdusers}"; - if ($pfs_version == "2.1") + if ($pfs_version == "2.1") { $upsdrvctl = "/usr/local/libexec/nut/upsdrvctl"; - else + } else { $upsdrvctl = "/usr/local/sbin/upsdrvctl"; + } /* upsmon.conf */ $upsmon_conf = <<<EOD @@ -306,26 +299,26 @@ POWERDOWNFLAG /etc/killpower EOD; $stop = <<<EOD - if [ `pgrep upsmon | wc -l` != 0 ]; then + if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then echo stopping upsmon /usr/bin/killall upsmon - while [ `pgrep upsmon | wc -l` != 0 ]; do + while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do sleep 1 done fi - if [ `pgrep upsd | wc -l` != 0 ]; then + if [ `/bin/pgrep upsd | /usr/bin/wc -l` != 0 ]; then echo stopping upsd /usr/bin/killall upsd fi - if [ `pgrep {$driver} | wc -l` != 0 ]; then + if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then echo stopping {$driver} {$upsdrvctl} stop fi sleep 1 - if [ `pgrep {$driver} | wc -l` != 0 ]; then + if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then echo forcing {$driver} termination /usr/bin/killall {$driver} - while [ `pgrep {$driver} | wc -l` != 0 ]; do + while [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; do sleep 1 done fi @@ -333,7 +326,7 @@ EOD; EOD; $start = <<<EOD -if [ `pgrep {$driver} | wc -l` != 0 ]; then +if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then {$stop} fi {$port_set} @@ -356,9 +349,9 @@ EOD; nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp'); write_rcfile(array( 'file' => 'nut.sh', - 'start' => $start, - 'stop' => $stop - ) + 'start' => $start, + 'stop' => $stop + ) ); conf_mount_ro(); @@ -369,7 +362,7 @@ EOD; $name = nut_config('snmpname'); $driver = "snmp-ups"; $port = nut_config('snmpaddr'); - $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; + $shutdownflag = (nut_config('powerdown') == 'on') ? '-p' : '-h'; $snmpmib = nut_config('snmpmib'); $snmpversion = nut_config('snmpversion'); $snmpcommunity = nut_config('snmpcommunity'); @@ -382,8 +375,9 @@ EOD; $custom_upsdusers = str_replace(";", "\n", nut_config('custom_upsdusers')); $custom_upsmonconf = str_replace(";", "\n", nut_config('custom_upsmonconf')); - if(!($name && $driver && $port)) + if (!($name && $driver && $port)) { return false; + } /* ups.conf */ $ups_conf = "user=root\n"; @@ -391,16 +385,21 @@ EOD; $ups_conf .= "[{$name}]\n"; $ups_conf .= "driver={$driver}\n"; $ups_conf .= "port={$port}\n"; - if($snmpmib) + if ($snmpmib) { $ups_conf .= "mibs={$snmpmib}\n"; - if($snmpversion) + } + if ($snmpversion) { $ups_conf .= "snmp_version={$snmpversion}\n"; - if($snmpcommunity) + } + if ($snmpcommunity) { $ups_conf .= "community={$snmpcommunity}\n"; - if($snmpfreq) + } + if ($snmpfreq) { $ups_conf .= "pollfreq={$snmpfreq}\n"; - if($snmpdisabletransfer) + } + if ($snmpdisabletransfer) { $ups_conf .= "notransferoids=true\n"; + } $ups_conf .= "{$custom_upsconf}"; /* upsd.conf */ @@ -413,13 +412,14 @@ EOD; $upsd_users = "[monuser]\n"; $upsd_users .= "password = {$password}\n"; $upsd_users .= "upsmon master\n"; - if($allowuser && $allowpass) { + if ($allowuser && $allowpass) { $upsd_users .= "\n[$allowuser]\n"; $upsd_users .= "password = $allowpass\n"; $upsd_users .= "upsmon master\n"; } $upsd_users .= "{$custom_upsdusers}"; + $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); if ($pfs_version == "2.1") $upsdrvctl = "/usr/local/libexec/nut/upsdrvctl"; else @@ -435,26 +435,26 @@ POWERDOWNFLAG /etc/killpower EOD; $stop = <<<EOD - if [ `pgrep upsmon | wc -l` != 0 ]; then + if [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; then echo stopping upsmon /usr/bin/killall upsmon - while [ `pgrep upsmon | wc -l` != 0 ]; do + while [ `/bin/pgrep upsmon | /usr/bin/wc -l` != 0 ]; do sleep 1 done fi - if [ `pgrep upsd | wc -l` != 0 ]; then + if [ `/bin/pgrep upsd | /usr/bin/wc -l` != 0 ]; then echo stopping upsd /usr/bin/killall upsd fi - if [ `pgrep {$driver} | wc -l` != 0 ]; then + if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then echo stopping {$driver} {$upsdrvctl} stop fi sleep 1 - if [ `pgrep {$driver} | wc -l` != 0 ]; then + if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then echo forcing {$driver} termination /usr/bin/killall {$driver} - while [ `pgrep {$driver} | wc -l` != 0 ]; do + while [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; do sleep 1 done fi @@ -462,7 +462,7 @@ EOD; EOD; $start = <<<EOD -if [ `pgrep {$driver} | wc -l` != 0 ]; then +if [ `/bin/pgrep {$driver} | /usr/bin/wc -l` != 0 ]; then {$stop} fi {$port_set} @@ -485,8 +485,8 @@ EOD; nut_write_config(NUT_DIR.'/upsmon.conf', $upsmon_conf, 0640, 'uucp'); write_rcfile(array( 'file' => 'nut.sh', - 'start' => $start, - 'stop' => $stop + 'start' => $start, + 'stop' => $stop ) ); conf_mount_ro(); @@ -500,51 +500,49 @@ EOD; config_lock(); - nut_action('stop'); + stop_service("nut"); /* create state path */ - if(!is_dir('/var/db/nut')) { - mkdir('/var/db/nut'); - chmod('/var/db/nut', 0700); - chown('/var/db/nut', 'uucp'); - } + safe_mkdir("/var/db/nut", 0700); + chown('/var/db/nut', 'uucp'); - if(nut_config('monitor') == 'remote') + if (nut_config('monitor') == 'remote') { $return = sync_package_nut_remote(); - elseif(nut_config('monitor') == 'local') + } elseif (nut_config('monitor') == 'local') { $return = sync_package_nut_local(); - elseif(nut_config('monitor') == 'snmp') + } elseif (nut_config('monitor') == 'snmp') { $return = sync_package_nut_snmp(); + } - if($return && $_POST['monitor']) { + if ($return && $_POST['monitor']) { /* only start if changing settings as we have a startup script for system boot */ /* this prevents service from starting / stopping / starting on boot */ - - nut_notice('Starting service'); - nut_action('start'); - if((int)exec('pgrep upsmon | wc -l') == 0) - nut_notice('Service failed to start: check configuration'); - } elseif(!$return && file_exists(NUT_RCFILE)) { + log_error("[nut] INFO: Starting service"); + start_service("nut"); + if ((int)exec('/bin/pgrep upsmon | /usr/bin/wc -l') == 0) { + log_error("[nut] ERROR: Service failed to start: check configuration."); + } + } elseif (!$return && file_exists(NUT_RCFILE)) { /* no parameters user does not want nut running */ /* lets stop the service and remove the rc file */ - if(!nut_config('monitor')) - nut_notice('Service stopped: nut disabled'); - else - nut_notice('Service stopped: check configuration'); + if (!nut_config('monitor')) { + log_error("[nut] INFO: Service stopped: nut disabled"); + } else { + log_error("[nut] WARNING: Service stopped: check configuration."); + } conf_mount_rw(); - unlink(NUT_RCFILE); - unlink(NUT_DIR.'/upsmon.conf'); - /* might not always exist */ - @unlink(NUT_DIR.'/ups.conf'); - @unlink(NUT_DIR.'/upsd.conf'); - @unlink(NUT_DIR.'/upsd.users'); - exec('rm -rf /var/db/nut'); + unlink_if_exists(NUT_RCFILE); + unlink_if_exists(NUT_DIR.'/upsmon.conf'); + unlink_if_exists(NUT_DIR.'/ups.conf'); + unlink_if_exists(NUT_DIR.'/upsd.conf'); + unlink_if_exists(NUT_DIR.'/upsd.users'); + exec('/bin/rm -rf /var/db/nut'); conf_mount_ro(); } - + config_unlock(); } ?> diff --git a/config/nut/nut.xml b/config/nut/nut.xml index d1496a16..ca7ca956 100644 --- a/config/nut/nut.xml +++ b/config/nut/nut.xml @@ -2,51 +2,46 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - nut.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + nut.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009-2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>nut</name> - <version>2.6.5_1 pkg 2.0.1</version> + <version>2.0.5</version> <title>Services: NUT</title> <savetext>Change</savetext> <aftersaveredirect>/status_nut.php</aftersaveredirect> @@ -75,13 +70,11 @@ </tab> </tabs> <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> + <prefix>/usr/local/pkg/</prefix> <item>https://packages.pfsense.org/packages/config/nut/nut.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/www/</prefix> - <chmod>0755</chmod> + <prefix>/usr/local/www/</prefix> <item>https://packages.pfsense.org/packages/config/nut/status_nut.php</item> </additional_files_needed> <advanced_options>enabled</advanced_options> @@ -187,8 +180,7 @@ <field> <fielddescr><strong>Local UPS Model</strong></fielddescr> <fieldname>driver</fieldname> - <description>If generic or cable specified in parenthesis you need - to select the appropriate option below.</description> + <description>If generic or cable specified in parenthesis you need to select the appropriate option below.</description> <type>select</type> <options> <option> diff --git a/config/nut/status_nut.php b/config/nut/status_nut.php index 0bb1145c..64b11112 100644 --- a/config/nut/status_nut.php +++ b/config/nut/status_nut.php @@ -2,8 +2,8 @@ /* status_nut.php part of pfSense (https://www.pfsense.org/) - Copyright (C) 2007 Ryan Wagoner <rswagoner@gmail.com>. + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -29,13 +29,15 @@ */ require("guiconfig.inc"); - +global $nut_config; $nut_config = $config['installedpackages']['nut']['config'][0]; /* functions */ function secs2hms($secs) { - if ($secs<0) return false; + if ($secs < 0 ) { + return false; + } $m = (int)($secs / 60); $s = $secs % 60; $h = (int)($m / 60); $m = $m % 60; return "{$h}h {$m}m {$s}s"; @@ -50,25 +52,29 @@ function tblclose () { } function tblrow ($name, $value, $symbol = null) { - if(!$value) return; - - if($symbol == '°') + if (!$value) { + return; + } + if ($symbol == '°') { $value = sprintf("%.1f", $value); - - if($symbol == 'Hz') + } + if ($symbol == 'Hz') { $value = sprintf("%d", $value); + } print(<<<EOD <tr> - <td class="vncellreq" width="100px">{$name}</td> - <td class="vtable">{$value}{$symbol}</td> + <td class="vncellreq" width="100px">{$name}</td> + <td class="vtable">{$value}{$symbol}</td> <tr> EOD ."\n"); } function tblrowbar ($name, $value, $symbol, $red, $yellow, $green) { - if(!$value) return; + if (!$value) { + return; + } $value = sprintf("%.1f", $value); @@ -80,57 +86,54 @@ function tblrowbar ($name, $value, $symbol, $red, $yellow, $green) { sort($yellow); sort($green); - if($value >= $red[0] && $value <= ($red[0]+9)) { + if ($value >= $red[0] && $value <= ($red[0]+9)) { $color = 'black'; $bgcolor = 'red'; } - if($value >= ($red[0]+10) && $value <= $red[1]) { + if ($value >= ($red[0]+10) && $value <= $red[1]) { $color = 'white'; $bgcolor = 'red'; } - if($value >= $yellow[0] && $value <= $yellow[1]) { + if ($value >= $yellow[0] && $value <= $yellow[1]) { $color = 'black'; $bgcolor = 'yellow'; } - if($value >= $green[0] && $value <= ($green[0]+9)) { + if ($value >= $green[0] && $value <= ($green[0]+9)) { $color = 'black'; $bgcolor = 'green'; } - if($value >= ($green[0]+10) && $value <= $green[1]) { + if ($value >= ($green[0]+10) && $value <= $green[1]) { $color = 'white'; $bgcolor = 'green'; } print(<<<EOD <tr> - <td class="vncellreq" width="100px">{$name}</td> - <td class="vtable"> - <div style="width: 125px; height: 12px; border-top: thin solid gray; border-bottom: thin solid gray;"> - <div style="width: {$value}{$symbol}; height: 12px; background-color: {$bgcolor};"> - <div style="text-align: center; color: {$color}">{$value}{$symbol}</div> - </div> - </div> - </td> + <td class="vncellreq" width="100px">{$name}</td> + <td class="vtable"> + <div style="width: 125px; height: 12px; border-top: thin solid gray; border-bottom: thin solid gray;"> + <div style="width: {$value}{$symbol}; height: 12px; background-color: {$bgcolor};"> + <div style="text-align: center; color: {$color}">{$value}{$symbol}</div> + </div> + </div> + </td> <tr> EOD ."\n"); } /* defaults to this page but if no settings are present, redirect to setup page */ -if(!$nut_config['monitor']) +if (!$nut_config['monitor']) { Header("Location: /pkg_edit.php?xml=nut.xml&id=0"); +} $pgtitle = "Status: NUT Status"; include("head.inc"); -/* put your custom HTML head content here */ -/* using some of the $pfSenseHead function calls */ -//$pfSenseHead->addMeta("<meta http-equiv=\"refresh\" content=\"120;url={$_SERVER['SCRIPT_NAME']}\" />"); -//echo $pfSenseHead->getHTML(); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> -<p class="pgtitle"><?=$pgtitle?></font></p> +<p class="pgtitle"><?=$pgtitle?></p> <?php if ($savemsg) print_info_box($savemsg); ?> <div id="mainlevel"> @@ -143,32 +146,33 @@ include("head.inc"); ?> </table> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> +<tr> <td> <?php tblopen(); - $running = ((int)exec('pgrep upsmon | wc -l') > 0) ? true : false; + $running = ((int)exec('/bin/pgrep upsmon | /usr/bin/wc -l') > 0) ? true : false; - if($nut_config['monitor'] == 'local') { + if ($nut_config['monitor'] == 'local') { tblrow('Monitoring:','Local UPS'); - $cmd = "upsc {$nut_config['name']}@localhost"; - } elseif($nut_config['monitor'] == 'remote') { + $cmd = "/usr/local/bin/upsc {$nut_config['name']}@localhost"; + } elseif ($nut_config['monitor'] == 'remote') { tblrow('Monitoring:','Remote UPS'); - $cmd = "upsc {$nut_config['remotename']}@{$nut_config['remoteaddr']}"; - } elseif($nut_config['monitor'] == 'snmp') { + $cmd = "/usr/local/bin/upsc {$nut_config['remotename']}@{$nut_config['remoteaddr']}"; + } elseif ($nut_config['monitor'] == 'snmp') { tblrow('Monitoring:','SNMP UPS'); - $cmd = "upsc {$nut_config['snmpname']}@localhost"; + $cmd = "/usr/local/bin/upsc {$nut_config['snmpname']}@localhost"; } - if($running) + if ($running) { $handle = popen($cmd, 'r'); - elseif($nut_config['monitor'] == 'snmp') + } elseif ($nut_config['monitor'] == 'snmp') { tblrow('ERROR:','NUT is enabled, however the service is not running! The SNMP UPS may be unreachable.'); - else + } else { tblrow('ERROR:','NUT is enabled, however the service is not running!'); + } - if($handle) { + if ($handle) { $read = fread($handle, 4096); pclose($handle); @@ -179,14 +183,17 @@ include("head.inc"); $ups[$line[0]] = trim($line[1]); } - if(count($lines) == 1) + if (count($lines) == 1) { tblrow('ERROR:', 'Data stale!'); + } tblrow('Model:', $ups['ups.model']); $status = explode(' ', $ups['ups.status']); foreach($status as $condition) { - if($disp_status) $disp_status .= ', '; + if ($disp_status) { + $disp_status .= ', '; + } switch ($condition) { case 'WAIT': $disp_status .= 'Waiting'; @@ -241,14 +248,11 @@ include("head.inc"); tblclose(); ?> - </td> - </tr> + </td> +</tr> </table> -<?php - /* display upsc array */ - /*print('<pre>'); print_r($ups); print('</pre>');*/ -?> </div> + <?php include("fend.inc"); ?> </body> </html> diff --git a/config/rrd-summary/rrd-summary.xml b/config/rrd-summary/rrd-summary.xml index 4b62272d..67c20937 100644 --- a/config/rrd-summary/rrd-summary.xml +++ b/config/rrd-summary/rrd-summary.xml @@ -2,69 +2,57 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - rrd-summary.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2010 to whom it may belong - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + rrd-summary.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2010 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <description>RRD Summary Page</description> - <requirements>None</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>RRD Summary</name> - <version>1.1</version> + <version>1.2</version> <title>Status: RRD Summary</title> <menu> <name>RRD Summary</name> - <tooltiptext></tooltiptext> + <tooltiptext>Display total amount of traffic passed In/Out during this and the previous month.</tooltiptext> <section>Status</section> <url>/status_rrd_summary.php</url> </menu> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/rrd-summary/status_rrd_summary.php</item> </additional_files_needed> - <custom_php_deinstall_command> - <![CDATA[ - $version = file_get_contents("/etc/version"); - if ($version[0] < 2) { - unlink_if_exists("/usr/local/www/status_rrd_summary.php"); - } - ]]> - </custom_php_deinstall_command> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/rrd-summary/status_rrd_summary.php b/config/rrd-summary/status_rrd_summary.php index 0e43d95c..27a6f069 100644 --- a/config/rrd-summary/status_rrd_summary.php +++ b/config/rrd-summary/status_rrd_summary.php @@ -1,7 +1,10 @@ <?php /* rrd_summary.php + part of pfSense (https://www.pfsense.org/) Copyright (C) 2010 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -37,9 +40,9 @@ $lastmonth = fetch_rrd_summary($rrd, $lastmonth, $start, 720*60); function fetch_rrd_summary($rrd, $start, $end, $resolution=3600) { $traffic = array(); - $rrd = escapeshellarg("/var/db/rrd/{$rrd}"); + $rrd = escapeshellarg("/var/db/rrd/{$rrd}"); $start = escapeshellarg($start); - $end = escapeshellarg($end); + $end = escapeshellarg($end); exec("/usr/local/bin/rrdtool fetch {$rrd} AVERAGE -r {$resolution} -s {$start} -e {$end} | grep -v nan | awk '{ sum1 += $2/(1024*1024); sum2 += $3/(1024*1024) } END { printf \"%u|%u\", sum1*{$resolution}, sum2*{$resolution}; }'", $traffic); return explode('|', trim($traffic[0])); } @@ -55,19 +58,20 @@ function print_rrd_summary_table($data) { ?> } $pgtitle = "Status: RRD Summary"; -include("head.inc"); -include("fbegin.inc"); +include_once("head.inc"); +echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">"; +include_once("fbegin.inc"); $rrds = glob("/var/db/rrd/*-traffic.rrd"); ?> -<form name="form1" action="status_rrd_summary.php" method="POST"> - RRD Database: +<form name="form1" action="status_rrd_summary.php" method="post"> + RRD Database: <select name="rrd" class="formselect" onchange="document.form1.submit()"> <?php foreach ($rrds as $r) { $r = basename($r); - $selected = ($r == $rrd) ? " selected" : ""; + $selected = ($r == $rrd) ? ' selected="selected"' : ''; print "<option value=\"{$r}\"{$selected}>{$r}</option>"; } ?> </select> @@ -75,7 +79,7 @@ $rrds = glob("/var/db/rrd/*-traffic.rrd"); <select name="startday" class="formselect" onchange="document.form1.submit()"> <?php for ($day=1; $day < 29; $day++) { - $selected = ($day == $startday) ? " selected" : ""; + $selected = ($day == $startday) ? ' selected="selected"' : ""; print "<option value=\"{$day}\"{$selected}>{$day}</option>"; } ?> </select> @@ -87,4 +91,6 @@ This Month (to date, does not include this hour, starting at day <?php echo $sta Last Month: <?php print_rrd_summary_table($lastmonth); ?> -<?php include("fend.inc"); ?> +<?php include_once("fend.inc"); ?> +</body> +</html> diff --git a/config/sshdcond/sshdcond.inc b/config/sshdcond/sshdcond.inc index 7ff911c1..756f1556 100644 --- a/config/sshdcond/sshdcond.inc +++ b/config/sshdcond/sshdcond.inc @@ -1,14 +1,10 @@ <?php - /* sshdcond.inc - part of pfSense (http://www.pfSense.com) + part of pfSense (https://www.pfsense.org/) Copyright (C) 2012 Marcello Coutinho Copyright (C) 2012 Han Van (namezero@afim.info) - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -45,57 +41,59 @@ function sshdcond_custom_php_install_command() { conf_mount_rw(); - // We need to generate an outfile for our extra commands - // The patched g_szSSHDFileGenerate php file then reads and appends that config + /* We need to generate an outfile for our extra commands. + The patched g_szSSHDFileGenerate php file then reads and appends that config. + */ $fd = fopen("/etc/ssh/sshd_extra", 'w'); fclose($fd); conf_mount_ro(); - } +} function sshdcond_custom_php_deinstall_command() { global $g, $config; conf_mount_rw(); - // 1. Delete our config file + /* Delete our config file. */ unlink_if_exists("/etc/ssh/sshd_extra"); - // 2. Re-run sshd config generation script + /* Re-run sshd config generation script. */ restart_sshd(); conf_mount_ro(); - } +} function sshdcond_custom_php_write_config() { - global $g, $config; + global $g, $config, $pkg_interface; - # detect boot process - if (is_array($_POST)) { - if (!preg_match("/\w+/",$_POST['__csrf_magic'])) - return; - } + /* Detect boot process, do nothing during boot. */ + if (platform_booting()) { + return; + } + + conf_mount_rw(); - $sshd_extra=""; + $sshd_extra = ""; if (is_array($config['installedpackages']['sshdcond']['config'])) { - // Mount Read-only - conf_mount_rw(); - // Read config + /* Read config. */ foreach ($config['installedpackages']['sshdcond']['config'] as $sshdcond) { if ($sshdcond['enable'] && is_array($sshdcond['row'])) { $sshd_extra.= "Match {$sshdcond['matchtype']} {$sshdcond['matchvalue']}\n"; foreach ($sshdcond['row'] as $sshd) { - //check if there is spaces on sshd value - if(preg_match ("/\s+/",$sshd['sshdvalue'])) - $sshd['sshdvalue']='"'.$sshd['sshdvalue'].'"'; + /* Check sshd value for spaces. */ + if (preg_match ("/\s+/",$sshd['sshdvalue'])) { + $sshd['sshdvalue'] = '"' . $sshd['sshdvalue'] . '"'; + } - //check if value is not empty - if($sshd['sshdvalue']!="") - $sshd_extra.="\t {$sshd['sshdoption']} {$sshd['sshdvalue']}\n"; + /* Check that sshdvalue is not empty. */ + if ($sshd['sshdvalue'] != "") { + $sshd_extra .= "\t {$sshd['sshdoption']} {$sshd['sshdvalue']}\n"; + } - //apply file permission if option is ChrootDirectory - if ($sshd['sshdoption']=="ChrootDirectory" && file_exists($sshd['sshdvalue'])) { + /* Apply file permission if option is ChrootDirectory. */ + if ($sshd['sshdoption'] == "ChrootDirectory" && file_exists($sshd['sshdvalue'])) { chown($sshd['sshdvalue'], 'root'); chgrp($sshd['sshdvalue'], 'operator'); } @@ -104,92 +102,95 @@ function sshdcond_custom_php_write_config() { } } - //Save /etc/ssh/sshd_extra - file_put_contents("/etc/ssh/sshd_extra",$sshd_extra,LOCK_EX); - - + /* Save /etc/ssh/sshd_extra. */ + file_put_contents("/etc/ssh/sshd_extra", $sshd_extra, LOCK_EX); - // Restart sshd + /* Restart sshd and re-mount read-only. */ restart_sshd(); - - // Mount Read-only conf_mount_ro(); - //sync config with other pfsense servers + /* Sync config with other pfSense servers. */ sshdcond_sync_on_changes(); - } +} -/* Uses XMLRPC to synchronize the changes to a remote node */ +/* Uses XMLRPC to synchronize the changes to a remote node. */ function sshdcond_sync_on_changes() { global $config, $g; - if (is_array($config['installedpackages']['sshdcondsync'])) - if (!$config['installedpackages']['sshdcondsync']['config'][0]['synconchanges']) + if (is_array($config['installedpackages']['sshdcondsync'])) { + if (!$config['installedpackages']['sshdcondsync']['config'][0]['synconchanges']) { return; + } + } log_error("[sshdcond] xmlrpc sync is starting."); - foreach ($config['installedpackages']['sshdcondsync']['config'] as $rs ) { + foreach ($config['installedpackages']['sshdcondsync']['config'] as $rs) { foreach($rs['row'] as $sh) { $sync_to_ip = $sh['ipaddress']; $password = $sh['password']; - if($password && $sync_to_ip) + if ($password && $sync_to_ip) { sshdcond_do_xmlrpc_sync($sync_to_ip, $password); } + } } log_error("[sshdcond] xmlrpc sync is ending."); } -/* Do the actual XMLRPC sync */ +/* Do the actual XMLRPC sync. */ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) { global $config, $g; - if(!$password) + if (!$password) { return; + } - if(!$sync_to_ip) + if (!$sync_to_ip) { return; + } $username='admin'; $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if ($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; } $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + /* If port is empty, let's rely on the protocol selection. */ + if ($port == "") { + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; + } } $synchronizetoip .= $sync_to_ip; - /* xml will hold the sections to sync */ + /* xml will hold the sections to sync. */ $xml = array(); $xml['sshdcond'] = $config['installedpackages']['sshdcond']; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($xml) ); - /* set a few variables needed for sync code borrowed from filter.inc */ + /* Set a few variables needed for sync code; borrowed from filter.inc. */ $url = $synchronizetoip; log_error("Beginning sshdcond XMLRPC sync to {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($g['debug']) + if ($g['debug']) { $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ + } + /* Send our XMLRPC message and timeout after 250 seconds. */ $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -199,11 +200,11 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) { log_error("sshdcond XMLRPC sync successfully completed with {$url}:{$port}."); } - /* tell sshdcond to reload our settings on the destionation sync host. */ + /* Tell sshdcond to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/sshdcond.inc');\n"; + $execcmd = "require_once('/usr/local/pkg/sshdcond.inc');\n"; $execcmd .= "sshdcond_custom_php_write_config();"; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload. */ $params = array( XML_RPC_encode($password), XML_RPC_encode($execcmd) @@ -214,11 +215,11 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) { $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting sshdcond XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "sshdcond Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting sshdcond XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -228,4 +229,4 @@ function sshdcond_do_xmlrpc_sync($sync_to_ip, $password) { log_error("sshdcond XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } } - ?> +?> diff --git a/config/sshdcond/sshdcond.xml b/config/sshdcond/sshdcond.xml index 17dda28d..11104e1d 100644 --- a/config/sshdcond/sshdcond.xml +++ b/config/sshdcond/sshdcond.xml @@ -1,49 +1,49 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> -<copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - sshdcond.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - Copyright (C) 2012 Han Van (namezero@afim.info) - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + sshdcond.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2012 Han Van (namezero@afim.info) + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>sshdcond</name> - <version>1.0</version> + <version>1.0.2</version> <title>SSH Conditional</title> <description>SSH Conditional blocks</description> <savetext>Save</savetext> @@ -56,15 +56,12 @@ <url>/pkg.php?xml=sshdcond.xml</url> </menu> <configpath>installedpackages->package->sshdcond</configpath> - <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/sshdcond/sshdcond.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/sshdcond/sshdcond_sync.xml</item> </additional_files_needed> <tabs> @@ -107,7 +104,7 @@ <field> <fielddescr>Match Type</fielddescr> <fieldname>matchtype</fieldname> - <description>See Match keyword at http://www.manpagez.com/man/5/sshd_config/ for options</description> + <description><![CDATA[See <a href="http://www.manpagez.com/man/5/sshd_config/">ssh_config(5)</a> manpage for valid options.]]></description> <type>select</type> <options> <option><name>User</name><value>User</value></option> @@ -193,5 +190,4 @@ <custom_php_command_before_form> unset($_POST['temp']); </custom_php_command_before_form> - -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/sshdcond/sshdcond_sync.xml b/config/sshdcond/sshdcond_sync.xml index 2bd4a26b..511df25b 100755 --- a/config/sshdcond/sshdcond_sync.xml +++ b/config/sshdcond/sshdcond_sync.xml @@ -1,48 +1,48 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - sshdcond_sync.xml - part of the sarg package for pfSense - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - */ -/* ========================================================================== */ + sshdcond_sync.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ ]]> </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>sshdcondsync</name> - <version>1.0</version> + <version>1.0.2</version> <title>SSH Conditional - Sync</title> <include_file>/usr/local/pkg/sshdcond.inc</include_file> <tabs> @@ -75,7 +75,7 @@ <rowhelperfield> <fielddescr>IP Address</fielddescr> <fieldname>ipaddress</fieldname> - <description>IP Address of remote server</description> + <description>IP Address of remote server.</description> <type>input</type> <size>20</size> </rowhelperfield> @@ -89,8 +89,6 @@ </rowhelper> </field> </fields> - <custom_php_validation_command> - </custom_php_validation_command> <custom_php_resync_config_command> sshdcond_custom_php_write_config(); </custom_php_resync_config_command> diff --git a/config/sudo/sudo.inc b/config/sudo/sudo.inc index 1c07984d..ed0feb9c 100644 --- a/config/sudo/sudo.inc +++ b/config/sudo/sudo.inc @@ -1,8 +1,9 @@ <?php /* sudo.inc - + part of pfSense (https://www.pfSense.org/) Copyright (C) 2013 Jim Pingle (jpingle@gmail.com) + Copyright (C) 2015 ESF, LLC All rights reserved. Redistribution and use in source and binary forms, with or without @@ -32,7 +33,7 @@ global $pfs_version; $pfs_version = substr(trim(file_get_contents("/etc/version")),0,3); switch ($pfs_version) { case "2.1": - // Hackish way to detect if someone manually did pkg_add rather than use pbi. + /* Hackish way to detect if someone manually did pkg_add rather than use pbi. */ if (is_dir('/usr/pbi/sudo-' . php_uname("m"))) { define('SUDO_BASE', '/usr/pbi/sudo-' . php_uname("m")); define('SUDO_LIBEXEC_DIR', '/usr/local/libexec/'); @@ -43,7 +44,7 @@ switch ($pfs_version) { break; case "2.2": define('SUDO_BASE','/usr/local'); - // Hackish way to detect if someone manually did pkg_add rather than use pbi. + /* Hackish way to detect if someone manually did pkg_add rather than use pbi. */ if (is_dir('/usr/pbi/sudo-' . php_uname("m"))) { define('SUDO_LIBEXEC_DIR', '/usr/pbi/sudo-' . php_uname("m") . '/local/libexec/sudo'); } else { @@ -132,16 +133,19 @@ function sudo_write_config() { conf_mount_ro(); } -/* Get a list of users and groups in a format we can use to make proper sudoers entries. +/* +Get a list of users and groups in a format we can use to make proper sudoers entries. Optionally include "ALL" as a user (for use by the Run As list) */ function sudo_get_users($list_all_user = false) { global $config; - if (!is_array($config['system']['user'])) + if (!is_array($config['system']['user'])) { $config['system']['user'] = array(); + } $a_user = &$config['system']['user']; - if (!is_array($config['system']['group'])) + if (!is_array($config['system']['group'])) { $config['system']['group'] = array(); + } $a_group = &$config['system']['group']; $users = array(); @@ -174,8 +178,9 @@ function sudo_get_users($list_all_user = false) { foreach ($a_group as $group) { /* The "all" group is internal and doesn't make sense to use here. */ - if ($group['name'] == "all") + if ($group['name'] == "all") { continue; + } $tmpgroup = array(); $tmpgroup["name"] = "group:{$group['name']}"; $tmpgroup["descr"] = "Group: {$group['name']}"; @@ -185,20 +190,23 @@ function sudo_get_users($list_all_user = false) { return $users; } -/* Make sure commands passed in are valid executables to help ensure a valid sudoers file and expected behavior. - This also forces the user to give full paths to executables, which they should be doing anyhow. +/* +Make sure commands passed in are valid executables to help ensure a valid sudoers file and expected behavior. +This also forces the user to give full paths to executables, which they should be doing anyhow. */ function sudo_validate_commands(&$input_errors) { $idx = 0; while(isset($_POST["cmdlist{$idx}"])) { $commands = $_POST["cmdlist" . $idx++]; - if (strtoupper($commands) == "ALL") + if (strtoupper($commands) == "ALL") { continue; + } $commands = explode(",", $commands); foreach ($commands as $command) { list($cmd, $params) = explode(" ", trim($command), 2); - if (!is_executable($cmd)) + if (!is_executable($cmd)) { $input_errors[] = htmlspecialchars($cmd) . " is not an executable command."; + } } } } diff --git a/config/sudo/sudo.xml b/config/sudo/sudo.xml index 069606ba..e9b4dcbb 100644 --- a/config/sudo/sudo.xml +++ b/config/sudo/sudo.xml @@ -1,9 +1,48 @@ <?xml version="1.0" encoding="utf-8" ?> <packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ====================================================================================== */ +/* + sudo.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Jim Pingle + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <description>Sudo Command Control</description> <requirements>None</requirements> <name>sudo</name> - <version>0.2.5</version> + <version>0.2.6</version> <title>Sudo - Shell Command Privilege Delegation Utility</title> <include_file>/usr/local/pkg/sudo.inc</include_file> <menu> @@ -15,7 +54,6 @@ <configpath>installedpackages->package->sudo</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/sudo/sudo.inc</item> </additional_files_needed> <fields> diff --git a/config/syslog-ng/syslog-ng.inc b/config/syslog-ng/syslog-ng.inc index bbec3a7c..56decfad 100644 --- a/config/syslog-ng/syslog-ng.inc +++ b/config/syslog-ng/syslog-ng.inc @@ -69,6 +69,8 @@ function syslogng_deinstall_command() { if (is_link("/usr/local/lib/syslog-ng")) unlink_if_exists("/usr/local/lib/syslog-ng"); syslogng_install_cron(false); + unlink_if_exists("/usr/local/etc/logrotate.conf"); + unlink_if_exists("/usr/local/etc/syslog-ng.conf"); conf_mount_ro(); filter_configure(); } @@ -165,7 +167,7 @@ function syslogng_install_cron($should_install) { $cron_item['month'] = "*"; $cron_item['wday'] = "*"; $cron_item['who'] = "root"; - $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/sbin/logrotate /usr/local/etc/logrotate.conf"; + $cron_item['command'] = "/usr/bin/nice -n20 " . SYSLOGNG_BASEDIR . "local/sbin/logrotate /usr/local/etc/logrotate.conf"; $config['cron']['item'][] = $cron_item; $need_write = true; } diff --git a/config/tinydns/tinydns.inc b/config/tinydns/tinydns.inc index 5effa10c..f2bda436 100644 --- a/config/tinydns/tinydns.inc +++ b/config/tinydns/tinydns.inc @@ -63,6 +63,21 @@ function tinydns_custom_php_install_command() { if($config['installedpackages']['tinydns']['config'][0]['refreshinterval']) $refreshinterval = $config['installedpackages']['tinydns']['config'][0]['refreshinterval']; + $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); + if ($pf_version == "2.2") { + $svscan_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svscan"; + $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svc"; + $tinydns_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin"; + } else if ($pf_version == "2.1") { + $svscan_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svscan"; + $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svc"; + $tinydns_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin"; + } else { + $svscan_path = "/usr/local/bin/svscan"; + $svc_path = "/usr/local/bin/svc"; + $tinydns_path = "/usr/local/bin"; + } + $svscan = <<<EOD #!/bin/sh @@ -74,7 +89,7 @@ function tinydns_custom_php_install_command() { name="svscan" rcvar="\${name}_enable" -command="/usr/local/bin/svscan" +command="{$svscan_path}" svscan_enable=\${svscan_enable-"YES"} svscan_servicedir=\${svscan_servicedir-"{$g['varrun_path']}/service"} logdir="/var/log/svscan" @@ -90,7 +105,7 @@ svscan_start () { echo "Starting svscan." mkdir -p \$logdir /usr/bin/env \ - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ + PATH={$tinydns_path}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ /usr/sbin/daemon -f /bin/sh -c "\$command \$svscan_servicedir 2>&1 | /usr/local/bin/multilog t \$logdir" > /dev/null EOD; @@ -105,7 +120,7 @@ $svscan .= <<<EOD svscan_stop_post () { echo "Stopping svscan." - find -L "\$svscan_servicedir" -mindepth 1 -maxdepth 2 -type d \( \! -path "\$svscan_servicedir/*/*" -or -name 'log' \) -print0 | xargs -0 /usr/local/bin/svc -dx + find -L "\$svscan_servicedir" -mindepth 1 -maxdepth 2 -type d \( \! -path "\$svscan_servicedir/*/*" -or -name 'log' \) -print0 | xargs -0 {$svc_path} -dx /bin/pkill -F /var/run/ping_hosts.pid } @@ -132,11 +147,11 @@ ENDPHP\n"; $stop = ""; $interfaces = explode(",", $config['installedpackages']['tinydns']['config'][0]['interface']); foreach ($interfaces as $dnsidx => $dnsif) - $stop .= "\t/usr/local/bin/svc -dx {$g['varrun_path']}/service/dnscache{$dnsidx}\n"; + $stop .= "\t{$svc_path} -dx {$g['varrun_path']}/service/dnscache{$dnsidx}\n"; $stop .= <<<ENDSH - /usr/local/bin/svc -dx {$g['varrun_path']}/service/tinydns - /usr/local/bin/svc -dx {$g['varrun_path']}/service/axfrdns + {$svc_path} -dx {$g['varrun_path']}/service/tinydns + {$svc_path} -dx {$g['varrun_path']}/service/axfrdns /bin/rm -rf {$g['varrun_path']}/service/tinydns 2>/dev/null /bin/rm -rf {$g['varetc_path']}/tinydns 2>/dev/null /bin/rm -rf {$g['varrun_path']}/dnscache* 2>/dev/null @@ -161,9 +176,19 @@ function tinydns_custom_php_deinstall_command() { global $g, $config; conf_mount_rw(); + + $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); + if ($pf_version == "2.2") { + $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/local/bin/svc"; + } else if ($pf_version == "2.1") { + $svc_path = "/usr/pbi/djbdns-" . php_uname("m") . "/bin/svc"; + } else { + $svc_path = "/usr/local/bin/svc"; + } + /* destroy all daemontools items */ - exec("/usr/local/bin/svc -xk {$g['varetc_path']}/tinydns*"); - exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache*"); + exec("{$svc_path} -xk {$g['varetc_path']}/tinydns*"); + exec("{$svc_path} -xk {$g['varetc_path']}/dnscache*"); exec("/usr/local/etc/rc.d/tinydns.sh stop"); exec("/usr/local/etc/rc.d/svscan.sh stop"); exec("/usr/bin/killall supervise"); @@ -225,7 +250,7 @@ function tinydns_custom_php_changeip_command() { } exec("echo {$dnsserverip} > {$g['varetc_path']}/tinydns/env/IP"); - exec("/usr/local/bin/svc -xk {$g['varrun_path']}/service/tinydns"); + exec("{$svc_path} -xk {$g['varrun_path']}/service/tinydns"); if(!empty($config['installedpackages']['tinydns']['config'][0]['enableforwarding'])) { @@ -277,7 +302,7 @@ function tinydns_custom_php_changeip_command() { /* setup symlink to start dnscache */ exec("/bin/ln -s {$g['varetc_path']}/dnscache{$dnsidx} {$g['varrun_path']}/service/"); - exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache{$dnsidx}"); + exec("{$svc_path} -xk {$g['varetc_path']}/dnscache{$dnsidx}"); } } else { $interfaces = explode(",", $$config['installedpackages']['tinydns']['config'][0]['interface']); @@ -285,7 +310,7 @@ function tinydns_custom_php_changeip_command() { if(is_dir("{$g['varetc_path']}/dnscache{$dnsidx}")) dnscache_use_root_servers($dnsidx); } - exec("/usr/local/bin/svc -xk {$g['varetc_path']}/dnscache*"); + exec("{$svc_path} -xk {$g['varetc_path']}/dnscache*"); } /* a wee bit of magic - something seems to start up a broken dnscache, the below kills it, and svc restarts it correctly. */ diff --git a/config/tinydns/tinydns.xml b/config/tinydns/tinydns.xml index fa80953c..55ee3269 100644 --- a/config/tinydns/tinydns.xml +++ b/config/tinydns/tinydns.xml @@ -2,45 +2,47 @@ <!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> + <![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - tinydns.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. - */ -/* ========================================================================== */ + tinydns.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2009 Bill Marquette + Copyright (C) 2010 Ermal Luçi + Copyright (C) 2010-2011 Scott Ullrich + Copyright (C) 2012-2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>tinydns</name> <version>1.0</version> <title>DNS Server: Settings</title> @@ -94,62 +96,53 @@ <configpath>installedpackages->package->tinydns</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/pf/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_xmlrpc_sync.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_domains.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_status.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_dhcp_filter.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_filter.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> + <chmod>0775</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_down.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> + <chmod>0775</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_up.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> + <chmod>0775</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_parse_logs.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_view_logs.php</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/tinydns_sync.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/wizards/</prefix> - <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/tinydns/new_zone_wizard.xml</item> </additional_files_needed> <fields> @@ -237,23 +230,23 @@ <field> <fielddescr>Hosts allowed to perform DNS Zone Transfers - Note: this requires TCP port 53 firewall permit rule!</fielddescr> <fieldname>none</fieldname> - <type>rowhelper</type> - <rowhelper> - <rowhelperfield> - <fielddescr>IP Address</fielddescr> - <fieldname>ztipaddress</fieldname> - <description>Enter the IP Address that is allowed to transfer zone records (ex: 4.2.2.1)</description> - <type>input</type> - <size>20</size> - </rowhelperfield> - <rowhelperfield> - <fielddescr>DNS Zone - Use * for all Zones</fielddescr> - <fieldname>dnszone</fieldname> - <description>Enter the DNS zone that this IP address is allowed to transfer (ex: domain.com)</description> - <type>input</type> - <size>20</size> - </rowhelperfield> - </rowhelper> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ztipaddress</fieldname> + <description>Enter the IP Address that is allowed to transfer zone records (ex: 4.2.2.1)</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>DNS Zone - Use * for all Zones</fielddescr> + <fieldname>dnszone</fieldname> + <description>Enter the DNS zone that this IP address is allowed to transfer (ex: domain.com)</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + </rowhelper> </field> </fields> <custom_delete_php_command> @@ -290,9 +283,10 @@ </custom_php_deinstall_command> <custom_php_command_before_form> <![CDATA[ - unset($_POST['temp']); - if(!is_process_running("svscan")) - $savemsg = "NOTE: svscan is not running. Please <a href='/status_services.php?mode=restartservice&service=svscan'>start svscan</a> to bring up the DNS Server"; + unset($_POST['temp']); + if (!is_process_running("svscan")) { + $savemsg = "NOTE: svscan is not running. Please <a href='/status_services.php?mode=restartservice&service=svscan'>start svscan</a> to bring up the DNS Server"; + } ]]> </custom_php_command_before_form> </packagegui> |