aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/cron/cron.inc16
-rw-r--r--config/cron/cron.xml12
-rw-r--r--config/dansguardian/dansguardian.xml204
-rwxr-xr-xconfig/dansguardian/dansguardian_rc.template21
-rw-r--r--config/iperf/iperf.xml3
-rw-r--r--config/olsrd/olsrd.inc156
-rw-r--r--config/olsrd/olsrd.priv.inc37
-rw-r--r--config/olsrd/olsrd.xml111
-rw-r--r--config/openbgpd/openbgpd.priv.inc47
-rw-r--r--config/openbgpd/openbgpd.xml7
-rw-r--r--config/siproxd/siproxd.inc69
-rw-r--r--config/siproxd/siproxd.priv.inc42
-rw-r--r--config/siproxd/siproxd.xml81
-rw-r--r--config/siproxd/siproxd_registered_phones.php2
-rw-r--r--config/siproxd/siproxdusers.xml11
-rw-r--r--config/zabbix2/zabbix2-agent.inc (renamed from config/zabbix2/zabbix2.inc)110
-rw-r--r--config/zabbix2/zabbix2-agent.xml17
-rw-r--r--config/zabbix2/zabbix2-proxy.inc244
-rw-r--r--config/zabbix2/zabbix2-proxy.xml17
19 files changed, 820 insertions, 387 deletions
diff --git a/config/cron/cron.inc b/config/cron/cron.inc
index 645575d9..87591e08 100644
--- a/config/cron/cron.inc
+++ b/config/cron/cron.inc
@@ -27,22 +27,30 @@
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
+require_once("pfsense-utils.inc");
require_once("services.inc");
+require_once("util.inc");
function cron_sync_package() {
configure_cron();
// Previous package versions were "helpfully" killing cron on uninstall.
// Also, need to make sure cron is running, otherwise the package is useless.
- // TODO: Something like this needs to be eventually done in configure_cron() in services.inc.
- if (!is_process_running("cron")) {
- exec("cd /tmp && /usr/sbin/cron -s 2>/dev/null");
+ // configure_cron() function in services.inc already does this check on pfSense >=2.2.5
+ $pfs_version = str_replace(".", "", substr(trim(file_get_contents("/etc/version")), 0, 5));
+ if ($pfs_version < 225) {
+ if (!is_process_running("cron")) {
+ exec("cd /tmp && /usr/sbin/cron -s 2>/dev/null");
+ }
}
}
function cron_install_command() {
// Clean up possible lingering garbage after previous package versions
unlink_if_exists("/usr/local/etc/rc.d/cron.sh");
- cron_sync_package();
+}
+
+function cron_deinstall_command() {
+ rmdir_recursive("/usr/local/www/packages/cron");
}
?>
diff --git a/config/cron/cron.xml b/config/cron/cron.xml
index f777faff..181a4506 100644
--- a/config/cron/cron.xml
+++ b/config/cron/cron.xml
@@ -41,19 +41,16 @@
/* ====================================================================================== */
]]>
</copyright>
- <description>Cron</description>
- <name>Cron Settings</name>
- <version>0.3.1</version>
- <title>Settings</title>
+ <name>cronsettings</name>
+ <version>0.3.3</version>
+ <title>Cron Settings</title>
<include_file>/usr/local/pkg/cron.inc</include_file>
<menu>
<name>Cron</name>
- <tooltiptext>Cron settings.</tooltiptext>
<section>Services</section>
<configfile>cron.xml</configfile>
<url>/packages/cron/cron.php</url>
</menu>
- <configpath>installedpackages->package->$packagename->configuration->cron</configpath>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<item>https://packages.pfsense.org/packages/config/cron/cron.xml</item>
@@ -87,4 +84,7 @@
<custom_php_install_command>
cron_install_command();
</custom_php_install_command>
+ <custom_php_deinstall_command>
+ cron_deinstall_command();
+ </custom_php_deinstall_command>
</packagegui>
diff --git a/config/dansguardian/dansguardian.xml b/config/dansguardian/dansguardian.xml
index 2f87259b..a5717d2f 100644
--- a/config/dansguardian/dansguardian.xml
+++ b/config/dansguardian/dansguardian.xml
@@ -1,72 +1,68 @@
<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- dansguardian.xml
- part of the dansguardian for pfSense
- Copyright (C) 2012-2013 Marcello Coutinho
-
- All rights reserved.
- */
-/* ========================================================================== */
+ dansguardian.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2012-2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code MUST retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ====================================================================================== */
]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>dansguardian</name>
- <version>1.0</version>
+ <version>0.1.13</version>
<title>Services: Dansguardian</title>
<include_file>/usr/local/pkg/dansguardian.inc</include_file>
<menu>
<name>Dansguardian</name>
- <tooltiptext>Configure dansguardian</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=dansguardian.xml</url>
</menu>
<service>
<name>dansguardian</name>
- <rcfile>dansguardian</rcfile>
+ <rcfile>dansguardian.sh</rcfile>
<executable>dansguardian</executable>
- <description><![CDATA[Award winning Open Source web content filter]]></description>
+ <description>Web Content Filter</description>
</service>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.inc</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.php</item>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_ldap.php</item>
@@ -76,122 +72,98 @@
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_ldap.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_limits.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_ips_header.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_users_header.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_users_footer.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_about.php</item>
<prefix>/usr/local/www/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_config.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_sync.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardianfx.conf.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_url_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_site_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_search_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_pics_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_phrase_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_log.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_header_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_groups.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_file_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_content_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_blacklist.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_antivirus_acl.xml</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.conf.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/icapscan.conf.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<additional_files_needed>
<item>https://packages.pfsense.org/packages/config/dansguardian/dansguardian_rc.template</item>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
</additional_files_needed>
<tabs>
<tab>
@@ -253,13 +225,21 @@
<fielddescr>Enable dansguardian</fielddescr>
<fieldname>enable</fieldname>
<type>checkbox</type>
- <description><![CDATA[<a target=_new href='http://dansguardian.org/?page=copyright2'>I agree with dansguardian Terms and Conditions.</a>]]></description>
+ <description>
+ <![CDATA[
+ <a target=_new href='http://dansguardian.org/?page=copyright2'>I agree with dansguardian Terms and Conditions.</a>
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Listen Interface(s)</fielddescr>
<fieldname>interface</fieldname>
- <description><![CDATA[Default: <strong>LAN/loopback</strong><br>Select interface(s) that you want to dansguardian listen on.<br>
- <strong>Note: Do NOT select more then one interface if you plan to use more then one authentication plugin.</strong>]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>LAN/loopback</strong><br/>Select interface(s) that you want to dansguardian listen on.<br/>
+ <strong>Note: Do NOT select more then one interface if you plan to use more then one authentication plugin.</strong>
+ ]]>
+ </description>
<type>interfaces_selection</type>
<required/>
<multiple/>
@@ -269,66 +249,90 @@
<fieldname>filterports</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>8080</strong><br>The port(s) that DansGuardian listens to.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>8080</strong><br>The port(s) that DansGuardian listens to.
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Daemon Options</fielddescr>
<fieldname>daemon_options</fieldname>
<description><![CDATA[Daemon Options. Default values are in ( )]]></description>
- <type>select</type>
- <options>
+ <type>select</type>
+ <options>
<option><name>nodaemon (off)</name><value>nodaemon</value></option>
<option><name>softrestart (on)</name><value>softrestart</value></option>
- </options>
- <multiple/>
- <size>3</size>
+ </options>
+ <multiple/>
+ <size>3</size>
</field>
<field>
<fielddescr>Min/Max Children</fielddescr>
<fieldname>children</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>8/120</strong><br>
- Sets the minimun and maximum number of processes to spawn to handle the incoming connections.<br>
- Max value usually 250 depending on OS.<br>
- On large sites you might want to try 32/180.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>8/120</strong><br>
+ Sets the minimun and maximum number of processes to spawn to handle the incoming connections.<br/>
+ Max value usually 250 depending on OS.<br>
+ On large sites you might want to try 32/180.
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Min/Max Spare Children</fielddescr>
<fieldname>sparechildren</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>4/32</strong><br>
- Sets the minimum and maximun number of processes to be kept ready to handle connections.<br>
- On large sites you might want to try 8/64.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>4/32</strong><br>
+ Sets the minimum and maximun number of processes to be kept ready to handle connections.<br/>
+ On large sites you might want to try 8/64.
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Prefork Children</fielddescr>
<fieldname>preforkchildren</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[sets the minimum number of processes to spawn when it runs out<br>
- On large sites you might want to try 10]]></description>
+ <description>
+ <![CDATA[
+ sets the minimum number of processes to spawn when it runs out<br/>
+ On large sites you might want to try 10
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Max Age Children</fielddescr>
<fieldname>maxagechildren</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>500</strong><br>
- Sets the maximum age of a child process before it croaks it.<br>
- This is the number of connections they handle before exiting.<br>
- On large sites you might want to try 10000.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>500</strong><br>
+ Sets the maximum age of a child process before it croaks it.<br/>
+ This is the number of connections they handle before exiting.<br/>
+ On large sites you might want to try 10000.
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Max Ips</fielddescr>
<fieldname>maxips</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>0</strong><br>
- Sets the maximum number client IP addresses allowed to connect at once.<br>
- Use this to set a hard limit on the number of users allowed to concurrently<br>
- browse the web. Set to 0 for no limit, and to disable the IP cache process.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>0</strong><br>
+ Sets the maximum number client IP addresses allowed to connect at once.<br/>
+ Use this to set a hard limit on the number of users allowed to concurrently<br/>
+ browse the web. Set to 0 for no limit, and to disable the IP cache process.
+ ]]>
+ </description>
</field>
<field>
<name>Parent proxy Settings</name>
@@ -339,23 +343,31 @@
<fieldname>proxyip</fieldname>
<type>input</type>
<size>20</size>
- <description><![CDATA[Default: <strong>127.0.0.1</strong><br>
- Sets ip address for proxy server(usually squid).]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>127.0.0.1</strong><br/>
+ Sets ip address for proxy server(usually squid).
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Proxy Port</fielddescr>
<fieldname>proxyport</fieldname>
<type>input</type>
<size>10</size>
- <description><![CDATA[Default: <strong>3128</strong><br>
- Sets port number for proxy server.]]></description>
+ <description>
+ <![CDATA[
+ Default: <strong>3128</strong><br>
+ Sets port number for proxy server.
+ ]]>
+ </description>
</field>
<field>
<fielddescr>Proxy Time out</fielddescr>
<fieldname>proxytimeout</fieldname>
<description><![CDATA[This option handle max time to wait for proxy server.]]></description>
- <type>select</type>
- <options>
+ <type>select</type>
+ <options>
<option><name>30 seconds (default)</name><value>30</value></option>
<option><name>20 seconds</name><value>20</value></option>
<option><name>40 seconds</name><value>40</value></option>
@@ -365,7 +377,7 @@
<option><name>80 seconds</name><value>80</value></option>
<option><name>90 seconds</name><value>90</value></option>
<default_value>30</default_value>
- </options>
+ </options>
</field>
</fields>
<custom_php_install_command>
@@ -378,7 +390,7 @@
</custom_php_deinstall_command>
<custom_php_validation_command>
dansguardian_validate_input($_POST, $input_errors);
- </custom_php_validation_command>
+ </custom_php_validation_command>
<custom_php_resync_config_command>
sync_package_dansguardian();
</custom_php_resync_config_command>
diff --git a/config/dansguardian/dansguardian_rc.template b/config/dansguardian/dansguardian_rc.template
index 580fb835..1d63c7ec 100755
--- a/config/dansguardian/dansguardian_rc.template
+++ b/config/dansguardian/dansguardian_rc.template
@@ -14,11 +14,6 @@
#
# dansguardian_enable="YES"
# dansguardian_flags="<set as needed>"
-sysctl kern.ipc.somaxconn=16384
-sysctl kern.maxfiles=131072
-sysctl kern.maxfilesperproc=104856
-sysctl kern.threads.max_threads_per_proc=4096
-
dansguardian_enable=${dansguardian_enable:-"YES"}
dansguardian_pidfile=${dansguardian_pidfile:-"/var/run/dansguardian.pid"}
@@ -27,6 +22,22 @@ dansguardian_pidfile=${dansguardian_pidfile:-"/var/run/dansguardian.pid"}
name="dansguardian"
rcvar=dansguardian_enable
command="/usr/local/sbin/${name}"
+start_precmd="${name}_prestart"
+
+dansguardian_prestart()
+{
+ /sbin/sysctl kern.ipc.somaxconn=16384
+ /sbin/sysctl kern.maxfiles=131072
+ /sbin/sysctl kern.maxfilesperproc=104856
+ /sbin/sysctl kern.threads.max_threads_per_proc=4096
+
+ for i in dguardianipc dguardianipipc dguardianurlipc; do
+ if [ -f "/tmp/.${i}" ]; then
+ /bin/rm -f "/tmp/.${i}"
+ fi
+ done
+ return 0
+}
load_rc_config $name
diff --git a/config/iperf/iperf.xml b/config/iperf/iperf.xml
index b7e27871..49674a9f 100644
--- a/config/iperf/iperf.xml
+++ b/config/iperf/iperf.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>iperf</name>
- <version>2.0.5.3</version>
+ <version>2.0.5.4</version>
<title>iperf: Client</title>
<savetext>Run iperf client</savetext>
<preoutput>yes</preoutput>
@@ -56,6 +56,7 @@
<name>iperf</name>
<executable>iperf</executable>
<description>iperf Network Performance Testing Daemon/Client</description>
+ <stopcmd>mwexec("/usr/bin/killall iperf");</stopcmd>
</service>
<tabs>
<tab>
diff --git a/config/olsrd/olsrd.inc b/config/olsrd/olsrd.inc
index 4e15f9cf..f65c1168 100644
--- a/config/olsrd/olsrd.inc
+++ b/config/olsrd/olsrd.inc
@@ -2,7 +2,7 @@
/*
olsrd.inc
part of pfSense (https://www.pfSense.org/)
- Copyright (C) 2012 Ermal Luçi
+ Copyright (C) 2006 Scott Ullrich
Copyright (C) 2015 ESF, LLC
All rights reserved.
@@ -28,27 +28,36 @@
POSSIBILITY OF SUCH DAMAGE.
*/
require_once("config.inc");
+require_once("service-utils.inc");
+require_once("util.inc");
+
+$pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+if ($pfs_version == "2.1" || $pfs_version == "2.2") {
+ define('OLSRD_LOCALBASE', '/usr/pbi/olsrd-' . php_uname("m") . '/local');
+} else {
+ define('OLSRD_LOCALBASE', '/usr/local');
+}
function setup_wireless_olsr() {
global $config, $g;
- if ($g['platform'] == 'jail' || !$config['installedpackages']['olsrd'] || !$config['installedpackages']) {
- return;
- }
- if (isset($config['system']['developerspew'])) {
- $mt = microtime();
- echo "setup_wireless_olsr($interface) being called $mt\n";
- }
conf_mount_rw();
- foreach ($config['installedpackages']['olsrd']['config'] as $olsrd) {
- $olsr_enable = $olsrd['enable'];
- if ($olsr_enable <> "on") {
- if (is_process_running("olsrd")) {
- mwexec("/usr/bin/killall olsrd", true);
- }
- return;
+ if (is_array($config['installedpackages']['olsrd'])) {
+ $olsrd_config = $config['installedpackages']['olsrd']['config'][0];
+ } else {
+ $olsrd_config = array();
+ }
+
+ /* If disabled, stop service if needed, unlink the rc script and do nothing else */
+ if ($olsrd_config['enable'] != "on") {
+ if (is_service_running("olsrd")) {
+ stop_service("olsrd");
}
+ unlink_if_exists("/usr/local/etc/rc.d/olsrd.sh");
+ return;
+ } else {
+ /* parse package config and create configuration file */
$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
if ($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
@@ -64,7 +73,8 @@ function setup_wireless_olsr() {
} else {
$enableannounce = "";
}
-
+
+ $pluginpath = OLSRD_LOCALBASE . '/lib';
$olsr .= <<<EODA
#
# olsr.org OLSR daemon config file
@@ -201,10 +211,10 @@ MprCoverage 3
EODA;
- if ($olsrd['enablehttpinfo'] == "on") {
- $olsr .= <<<EODB
+ if ($olsrd['enablehttpinfo'] == "on") {
+ $olsr .= <<<EODB
-LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
+LoadPlugin "{$pluginpath}/olsrd_httpinfo.so.0.1"
{
PlParam "port" "{$olsrd['port']}"
PlParam "Net" "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
@@ -212,29 +222,29 @@ LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
EODB;
- }
+ }
- if ($olsrd['enabledsecure'] == "on") {
- @file_put_contents("{$g['tmp_path']}/olsrkey.txt", $olsrd['securekey']);
- $olsr .= <<<EODC
+ if ($olsrd['enabledsecure'] == "on") {
+ @file_put_contents("{$g['tmp_path']}/olsrkey.txt", $olsrd['securekey']);
+ $olsr .= <<<EODC
-LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
+LoadPlugin "{$pluginpath}/olsrd_secure.so.0.6"
{
PlParam "Keyfile" "{$g['tmp_path']}/olsrkey.txt"
}
EODC;
- }
+ }
- if ($olsrd['enabledyngw'] == "on") {
+ if ($olsrd['enabledyngw'] == "on") {
- /* unset default route, olsr auto negotiates */
- mwexec("/sbin/route delete default");
+ /* unset default route, olsr auto negotiates */
+ mwexec("/sbin/route delete default");
- $olsr .= <<<EODE
+ $olsr .= <<<EODE
-LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
+LoadPlugin "{$pluginpath}/olsrd_dyn_gw.so.0.4"
{
# how often to look for a inet gw, in seconds
# defaults to 5 secs, if commented out
@@ -252,13 +262,13 @@ LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
EODE;
- }
+ }
- foreach ($config['installedpackages']['olsrd']['config'] as $conf) {
- $interfaces = explode(',', $conf['iface_array']);
- foreach ($interfaces as $interface) {
- $realinterface = convert_friendly_interface_to_real_interface_name($interface);
- $olsr .= <<<EODAD
+ foreach ($config['installedpackages']['olsrd']['config'] as $conf) {
+ $interfaces = explode(',', $conf['iface_array']);
+ foreach ($interfaces as $interface) {
+ $realinterface = convert_friendly_interface_to_real_interface_name($interface);
+ $olsr .= <<<EODAD
Interface "{$realinterface}"
{
@@ -301,22 +311,78 @@ Interface "{$realinterface}"
EODAD;
+ }
+ break;
}
- break;
- }
- fwrite($fd, $olsr);
- fclose($fd);
+ fwrite($fd, $olsr);
+ fclose($fd);
+
-}
- if (is_process_running("olsrd")) {
- mwexec("/usr/bin/killall olsrd", true);
+ /* create rc script and (re)start service */
+ $olsrd_start = "/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf";
+ $olsrd_stop = "/usr/bin/killall olsrd; sleep 3";
+ write_rcfile(array(
+ "file" => "olsrd.sh",
+ "start" => $olsrd_start,
+ "stop" => $olsrd_stop
+ )
+ );
+ if (is_service_running("olsrd")) {
+ restart_service("olsrd");
+ } else {
+ start_service("olsrd");
+ }
}
- sleep(2);
- mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
conf_mount_ro();
}
+function validate_form_olsrd($post, &$input_errors) {
+ /*
+ if ($post['iface_array'] == "") {
+ $input_errors[] = 'You must select at least one interface for OSLRD.';
+ }
+ */
+ if ($post['enablehttpinfo']) {
+ if (!$post['port'] || !$post['allowedhttpinfohost'] || !$post['allowedhttpinfosubnet']) {
+ $input_errors[] = "'HTTPInfo Port', 'Allowed Host(s) IP Address/Subnet' and 'Allowed Host(s) Netmask' must be filled in when HTTPInfo Plugin is enabled.";
+ }
+ if ($post['port'] && !is_port($post['port'])) {
+ $input_errors[] = "Invalid port entered for 'HTTPInfo Port'.";
+ }
+ if ($post['allowedhttpinfohost'] && !is_ipaddrv4($post['allowedhttpinfohost'])) {
+ $input_errors[] = "Invalid IPv4 address entered for 'Allowed Host(s) IP Address/Subnet'.";
+ }
+ if ($post['allowedhttpinfosubnet'] && !is_ipaddrv4($post['allowedhttpinfosubnet'])) {
+ $input_errors[] = "Invalid IPv4 address entered for 'Allowed Host(s) Netmask'.";
+ }
+ if ($post['allowedhttpinfohost'] && is_ipaddrv4($post['allowedhttpinfohost']) && $post['allowedhttpinfosubnet'] && is_ipaddrv4($post['allowedhttpinfosubnet'])) {
+ $cidr = 32 - log((ip2long($post['allowedhttpinfosubnet']) ^ ip2long('255.255.255.255')) + 1, 2);
+ $acl = "{$post['allowedhttpinfohost']}/{$cidr}";
+ if (!is_subnetv4($acl)) {
+ $input_errors[] = "'{$post['allowedhttpinfohost']}/{$post['allowedhttpinfosubnet']}' is not a valid IPv4 subnet.";
+ }
+ }
+ }
+ if ($post['enabledyngw']) {
+ if (!$post['ping'] || !$post['polling']) {
+ $input_errors[] = "'Ping IP Address' and 'Poll Interval' must be filled in when 'Enable Dynamic Gateway' is checked.";
+ }
+ if ($post['ping'] && !is_ipaddrv4($post['ping'])) {
+ $input_errors[] = "Invalid IPv4 address entered for 'Ping IP Address'.";
+ }
+ if ($post['polling'] && (!is_numericint($post['polling']) || ($post['polling'] < 1))) {
+ $input_errors[] = "'Poll Interval' must be numeric integer greater than 0.";
+ }
+ }
+}
+
+function php_deinstall_olsrd() {
+ global $g;
+ unlink_if_exists("{$g['varetc_path']}/olsr.conf");
+ unlink_if_exists("{$g['tmp_path']}/olsrkey.txt");
+}
+
?>
diff --git a/config/olsrd/olsrd.priv.inc b/config/olsrd/olsrd.priv.inc
new file mode 100644
index 00000000..159a2d36
--- /dev/null
+++ b/config/olsrd/olsrd.priv.inc
@@ -0,0 +1,37 @@
+<?php
+/*
+ olsrd.priv.inc
+ part of pfSense (http://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+global $priv_list;
+
+$priv_list['page-services-olsrd'] = array();
+$priv_list['page-services-olsrd']['name'] = "WebCfg - Services: OLSRD package";
+$priv_list['page-services-olsrd']['descr'] = "Allow access to OLSRD package GUI";
+$priv_list['page-services-olsrd']['match'] = array();
+$priv_list['page-services-olsrd']['match'][] = "pkg_edit.php?xml=olsrd.xml*";
+
+?>
diff --git a/config/olsrd/olsrd.xml b/config/olsrd/olsrd.xml
index 6623c31f..8023f818 100644
--- a/config/olsrd/olsrd.xml
+++ b/config/olsrd/olsrd.xml
@@ -9,7 +9,7 @@
/*
olsrd.xml
part of pfSense (https://www.pfSense.org/)
- Copyright (C) 2012 Ermal Luçi
+ Copyright (C) 2006 Scott Ullrich
Copyright (C) 2015 ESF, LLC
All rights reserved.
*/
@@ -42,38 +42,59 @@
]]>
</copyright>
<name>olsrd</name>
- <version>1.0.3</version>
- <title>OLSRD</title>
+ <version>1.0.4</version>
+ <title>Services: OLSRD Settings</title>
<include_file>/usr/local/pkg/olsrd.inc</include_file>
<menu>
<name>OLSRD</name>
<section>Services</section>
<configfile>olsrd.xml</configfile>
+ <url>/pkg_edit.php?xml=olsrd.xml</url>
</menu>
<service>
- <name>OLSRD</name>
- <rcfile>/usr/local/sbin/olsrd -f /var/etc/olsr.conf</rcfile>
+ <name>olsrd</name>
+ <rcfile>olsrd.sh</rcfile>
+ <executable>olsrd</executable>
+ <description>Optimized Link State Routing Protocol Daemon</description>
</service>
- <tabs>
- <tab>
- <text>OLSRD Settings</text>
- <url>/pkg_edit.php?xml=olsrd.xml&amp;id=0</url>
- <active/>
- </tab>
- </tabs>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<item>https://packages.pfsense.org/packages/config/olsrd/olsrd.inc</item>
</additional_files_needed>
- <configpath>['installedpackages']['OLSRD']['config']</configpath>
+ <additional_files_needed>
+ <prefix>/etc/inc/priv/</prefix>
+ <item>https://packages.pfsense.org/packages/config/olsrd/olsrd.priv.inc</item>
+ </additional_files_needed>
<fields>
<field>
+ <name>Service Settings</name>
+ <type>listtopic</type>
+ </field>
+ <field>
<fielddescr>Enable OLSR</fielddescr>
<fieldname>enable</fieldname>
<description>Enables the dynamic mesh linking daemon.</description>
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Enable Secure Mode</fielddescr>
+ <fieldname>enabledsecure</fieldname>
+ <description>Enables the secure mode.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
+ <fielddescr>Key</fielddescr>
+ <fieldname>securekey</fieldname>
+ <description>Paste the secure key information here.</description>
+ <type>textarea</type>
+ <rows>5</rows>
+ <cols>50</cols>
+ </field>
+ <field>
+ <name>General Settings</name>
+ <type>listtopic</type>
+ </field>
+ <field>
<fielddescr>Link Quality Level</fielddescr>
<fieldname>enablelqe</fieldname>
<type>select</type>
@@ -83,6 +104,7 @@
<option><value>0</value><name>0</name></option>
<option><value>1</value><name>1</name></option>
</options>
+ <default_value>2</default_value>
</field>
<field>
<fielddescr>Interfaces</fielddescr>
@@ -98,6 +120,7 @@
<fieldname>enablehttpinfo</fieldname>
<description>Enables the OLSR stats web server.</description>
<type>checkbox</type>
+ <enablefields>port,allowedhttpinfohost,allowedhttpinfosubnet</enablefields>
</field>
<field>
<fielddescr>HTTPInfo Port</fielddescr>
@@ -106,65 +129,67 @@
<type>input</type>
</field>
<field>
- <fielddescr>Allowed host(s)</fielddescr>
+ <fielddescr>Allowed Host(s) IP Address/Subnet</fielddescr>
<fieldname>allowedhttpinfohost</fieldname>
- <description>Hosts that are allowed to access the HTTPInfo web service.</description>
+ <description>IP(s) that are allowed to access the HTTPInfo web service.</description>
<type>input</type>
</field>
<field>
- <fielddescr>Allowed host(s) subnet</fielddescr>
+ <fielddescr>Allowed Host(s) Netmask</fielddescr>
<fieldname>allowedhttpinfosubnet</fieldname>
- <description>Enter the subnet mask in form 255.255.255.0</description>
+ <description>Enter the subnet mask in long form (e.g. 255.255.255.0)</description>
<type>input</type>
</field>
<field>
- <fielddescr>Enable Dynamic Gateway</fielddescr>
- <fieldname>enabledyngw</fieldname>
- <description>Enables the OLSR Dynamic Gateways feature.</description>
- <type>checkbox</type>
- </field>
- <field>
- <fielddescr>Announce self as Dynamic Gateway</fielddescr>
+ <fielddescr>Announce Self as Dynamic Gateway</fielddescr>
<fieldname>enableannounce</fieldname>
<description>Enables the OLSR Dynamic Gateways Announcing feature.</description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Announce Dynamic local route</fielddescr>
+ <fielddescr>Announce Dynamic Local Route</fielddescr>
<fieldname>announcedynamicroute</fieldname>
<description>Enter the IP/Netmask.</description>
<type>textarea</type>
<rows>3</rows>
<cols>50</cols>
</field>
+ <!-- Disabled since the required plugin is missing in the package -->
+ <!--
<field>
- <fielddescr>Ping</fielddescr>
- <fieldname>ping</fieldname>
- <description>Pings this host to ensure connectivity.</description>
- <type>input</type>
+ <name>Dynamic Gateway</name>
+ <type>listtopic</type>
</field>
<field>
- <fielddescr>Poll</fielddescr>
- <fieldname>polling</fieldname>
- <description>How often to look for a inet gw, in seconds.</description>
- <type>input</type>
+ <fielddescr>Enable Dynamic Gateway</fielddescr>
+ <fieldname>enabledyngw</fieldname>
+ <description>Enables the OLSR Dynamic Gateways feature.</description>
+ <type>checkbox</type>
+ <enablefields>ping,polling</enablefields>
</field>
<field>
- <fielddescr>Enable Secure Mode</fielddescr>
- <fieldname>enabledsecure</fieldname>
- <description>Enables the secure mode.</description>
- <type>checkbox</type>
+ <fielddescr>Ping IP Address</fielddescr>
+ <fieldname>ping</fieldname>
+ <description>Pings this IPv4 address to ensure connectivity.</description>
+ <type>input</type>
+ <default_value>5</default_value>
</field>
<field>
- <fielddescr>Key</fielddescr>
- <fieldname>securekey</fieldname>
- <description>Paste the secure key information here.</description>
- <type>textarea</type>
- <rows>5</rows>
- <cols>50</cols>
+ <fielddescr>Poll Interval</fielddescr>
+ <fieldname>polling</fieldname>
+ <description>How often to look for an inet GW (in seconds).</description>
+ <type>input</type>
+ <default_value>5</default_value>
</field>
+ -->
</fields>
+ <custom_php_deinstall_command>
+ php_deinstall_olsrd();
+ </custom_php_deinstall_command>
<custom_php_resync_config_command>
setup_wireless_olsr($if);
</custom_php_resync_config_command>
+ <custom_php_validation_command>
+ validate_form_olsrd($_POST, $input_errors);
+ </custom_php_validation_command>
</packagegui>
diff --git a/config/openbgpd/openbgpd.priv.inc b/config/openbgpd/openbgpd.priv.inc
new file mode 100644
index 00000000..6a0cae94
--- /dev/null
+++ b/config/openbgpd/openbgpd.priv.inc
@@ -0,0 +1,47 @@
+<?php
+/*
+ openbgpd.priv.inc
+ part of pfSense (http://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+global $priv_list;
+
+$priv_list['page-services-openbgpd'] = array();
+$priv_list['page-services-openbgpd']['name'] = "WebCfg - Services: OpenBGPD package";
+$priv_list['page-services-openbgpd']['descr'] = "Allow access to OpenBGPD package GUI";
+
+$priv_list['page-services-openbgpd']['match'] = array();
+$priv_list['page-services-openbgpd']['match'][] = "pkg.php?xml=openbgpd.xml*";
+$priv_list['page-services-openbgpd']['match'][] = "pkg.php?xml=openbgpd_neighbors.xml*";
+$priv_list['page-services-openbgpd']['match'][] = "pkg.php?xml=openbgpd_groups.xml*";
+
+$priv_list['page-services-openbgpd']['match'][] = "pkg_edit.php?xml=openbgpd.xml*";
+$priv_list['page-services-openbgpd']['match'][] = "pkg_edit.php?xml=openbgpd_neighbors.xml*";
+$priv_list['page-services-openbgpd']['match'][] = "pkg_edit.php?xml=openbgpd_groups.xml*";
+
+$priv_list['page-services-openbgpd']['match'][] = "openbgpd_raw.php*";
+$priv_list['page-services-openbgpd']['match'][] = "openbgpd_status.php*";
+
+?>
diff --git a/config/openbgpd/openbgpd.xml b/config/openbgpd/openbgpd.xml
index 6ed587d6..351182cc 100644
--- a/config/openbgpd/openbgpd.xml
+++ b/config/openbgpd/openbgpd.xml
@@ -42,7 +42,7 @@
]]>
</copyright>
<name>OpenBGPD</name>
- <version>0.9.3.7</version>
+ <version>0.9.3.9</version>
<title>Services: OpenBGPD</title>
<include_file>/usr/local/pkg/openbgpd.inc</include_file>
<service>
@@ -64,6 +64,10 @@
<item>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.inc</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/etc/inc/priv/</prefix>
+ <item>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.priv.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
<item>https://packages.pfsense.org/packages/config/openbgpd/openbgpd_groups.xml</item>
</additional_files_needed>
@@ -73,7 +77,6 @@
</additional_files_needed>
<menu>
<name>OpenBGPD</name>
- <tooltiptext></tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=openbgpd.xml&amp;id=0</url>
</menu>
diff --git a/config/siproxd/siproxd.inc b/config/siproxd/siproxd.inc
index 50b6e558..9eae2567 100644
--- a/config/siproxd/siproxd.inc
+++ b/config/siproxd/siproxd.inc
@@ -31,6 +31,7 @@
if (!function_exists("filter_configure")) {
require_once("filter.inc");
}
+require_once("pfsense-utils.inc");
require_once("service-utils.inc");
// Check to find out on which pfSense version the package is running
@@ -42,6 +43,18 @@ if ($pfs_version == "2.1" || $pfs_version == "2.2") {
define('SIPROXD', '/usr/local');
}
+function install_package_siproxd() {
+ siproxd_create_chroot();
+ /* remove rc script distributed with the package */
+ unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd');
+}
+
+function deinstall_package_siproxd() {
+ rmdir_recursive("/var/siproxd");
+ unlink_if_exists(SIPROXD . '/etc/siproxd.conf');
+ unlink_if_exists(SIPROXD . '/etc/siproxd_passwd.cfg');
+}
+
function sync_package_siproxd_users() {
global $g, $config;
conf_mount_rw();
@@ -64,23 +77,28 @@ function sync_package_siproxd_users() {
function siproxd_generate_rules($type) {
global $config;
- $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ if (is_array($config['installedpackages']['siproxdsettings'])) {
+ $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ } else {
+ $siproxd_conf = array();
+ }
+
if (!is_service_running('siproxd')) {
- log_error("Siproxd is installed but not started. Not installing redirect rules.");
+ log_error("[siproxd] Package is installed but not started. Not installing firewall rules.");
return;
}
/* proxy is turned off in package settings */
- if ($siproxd_conf['sipenable'] == "0") {
- log_error("WARNING: siproxd proxy has not been enabled. Not installing rules.");
+ if ($siproxd_conf['sipenable'] != "on") {
+ log_error("[siproxd] WARNING: siproxd proxy has not been enabled. Not installing firewall rules.");
return "\n";
}
$ifaces = explode(",", $siproxd_conf['if_inbound']);
$ifaces = array_map('convert_friendly_interface_to_real_interface_name', $ifaces);
- $rtplower = ($siproxd_conf['rtplower'] ? $siproxd_conf['rtplower'] : 7070);
- $rtpupper = ($siproxd_conf['rtpupper'] ? $siproxd_conf['rtpupper'] : 7079);
- $port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060);
+ $rtplower = $siproxd_conf['rtplower'] ?: '7070';
+ $rtpupper = $siproxd_conf['rtpupper'] ?: '7079';
+ $port = $siproxd_conf['port'] ?: '5060';
switch($type) {
case 'nat':
@@ -108,18 +126,24 @@ function siproxd_generate_rules($type) {
return $rules;
}
-function sync_package_siproxd() {
- global $config, $pfs_version;
-
- conf_mount_rw();
-
+function siproxd_create_chroot() {
$siproxd_chroot = "/var/siproxd/";
safe_mkdir($siproxd_chroot);
@chown($siproxd_chroot, "nobody");
@chgrp($siproxd_chroot, "nobody");
- unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd');
+}
+
+function sync_package_siproxd() {
+ global $config, $pfs_version;
+
+ conf_mount_rw();
+ siproxd_create_chroot();
- $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ if (is_array($config['installedpackages']['siproxdsettings'])) {
+ $siproxd_conf = &$config['installedpackages']['siproxdsettings']['config'][0];
+ } else {
+ $siproxd_conf = array();
+ }
$siproxd_conffile = SIPROXD . '/etc/siproxd.conf';
$siproxd_pwfile = SIPROXD . '/etc/siproxd_passwd.cfg';
@@ -136,9 +160,14 @@ function sync_package_siproxd() {
fwrite($fout, "# This file was automatically generated by the pfSense\n");
fwrite($fout, "# package management system.\n\n");
- /* proxy is turned off in package settings */
- if ($siproxd_conf['sipenable'] == "0") {
+ /* if proxy is turned off in package settings, stop service, remove rc script and do nothing else */
+ if ($siproxd_conf['sipenable'] != "on") {
fclose($fout);
+ if (is_service_running('siproxd')) {
+ stop_service("siproxd");
+ sleep(3);
+ }
+ unlink_if_exists(SIPROXD . '/etc/rc.d/siproxd.sh');
return;
}
@@ -147,11 +176,7 @@ function sync_package_siproxd() {
}
if ($siproxd_conf['if_outbound'] != "") {
- if (intval($config['version']) < 6 && $config['interfaces'][$siproxd_conf['if_outbound']]['ipaddr'] == "pppoe") {
- fwrite($fout, "if_outbound = ng0\n");
- } else {
- fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n");
- }
+ fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($siproxd_conf['if_outbound']) . "\n");
}
if ($siproxd_conf['port'] != "") {
@@ -286,7 +311,7 @@ function sync_package_siproxd() {
sleep(3);
}
/* Only (re)start the service when siproxd is enabled */
- if ($siproxd_conf['sipenable'] != "0") {
+ if ($siproxd_conf['sipenable'] == "on") {
start_service("siproxd");
sleep(3);
}
diff --git a/config/siproxd/siproxd.priv.inc b/config/siproxd/siproxd.priv.inc
new file mode 100644
index 00000000..9980a353
--- /dev/null
+++ b/config/siproxd/siproxd.priv.inc
@@ -0,0 +1,42 @@
+<?php
+/*
+ siproxd.priv.inc
+ part of pfSense (http://www.pfSense.org/)
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+global $priv_list;
+
+$priv_list['page-services-siproxd'] = array();
+$priv_list['page-services-siproxd']['name'] = "WebCfg - Services: siproxd package";
+$priv_list['page-services-siproxd']['descr'] = "Allow access to siproxd package GUI";
+
+$priv_list['page-services-siproxd']['match'] = array();
+$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxd.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg.php?xml=siproxdusers.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxd.xml*";
+$priv_list['page-services-siproxd']['match'][] = "pkg_edit.php?xml=siproxdusers.xml*";
+$priv_list['page-services-siproxd']['match'][] = "siproxd_registered_phones.php*";
+
+?>
diff --git a/config/siproxd/siproxd.xml b/config/siproxd/siproxd.xml
index e4375d8e..b0866eb1 100644
--- a/config/siproxd/siproxd.xml
+++ b/config/siproxd/siproxd.xml
@@ -43,25 +43,25 @@
]]>
</copyright>
<name>siproxdsettings</name>
- <version>1.0.6</version>
+ <version>1.0.7</version>
<title>siproxd: Settings</title>
<include_file>/usr/local/pkg/siproxd.inc</include_file>
- <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml&amp;id=0</aftersaveredirect>
+ <aftersaveredirect>/pkg_edit.php?xml=siproxd.xml</aftersaveredirect>
<menu>
<name>siproxd</name>
- <tooltiptext>Modify siproxd users and settings.</tooltiptext>
<section>Services</section>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
</menu>
<service>
<name>siproxd</name>
<rcfile>siproxd.sh</rcfile>
<executable>siproxd</executable>
+ <description>Proxy/Masquerading Daemon for SIP</description>
</service>
<tabs>
<tab>
<text>Settings</text>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
<active/>
</tab>
<tab>
@@ -82,6 +82,10 @@
<item>https://packages.pfsense.org/packages/config/siproxd/siproxd.inc</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/etc/inc/priv/</prefix>
+ <item>https://packages.pfsense.org/packages/config/siproxd/siproxd.priv.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/www/</prefix>
<item>https://packages.pfsense.org/packages/config/siproxd/siproxd_registered_phones.php</item>
</additional_files_needed>
@@ -89,23 +93,23 @@
<field>
<fielddescr>Enable siproxd</fielddescr>
<fieldname>sipenable</fieldname>
- <description>Enable or disable siproxd</description>
+ <description>Enable or disable siproxd.</description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Inbound interface</fielddescr>
+ <fielddescr>Inbound Interface</fielddescr>
<fieldname>if_inbound</fieldname>
<description>Select the inbound interface.</description>
<type>interfaces_selection</type>
</field>
<field>
- <fielddescr>Outbound interface</fielddescr>
+ <fielddescr>Outbound Interface</fielddescr>
<fieldname>if_outbound</fieldname>
<description>Select the outbound interface.</description>
<type>interfaces_selection</type>
</field>
<field>
- <fielddescr>Listening port</fielddescr>
+ <fielddescr>Listening Port</fielddescr>
<fieldname>port</fieldname>
<description>
<![CDATA[
@@ -114,11 +118,12 @@
]]>
</description>
<type>input</type>
+ <default_value>5060</default_value>
</field>
<field>
- <fielddescr>Default expiration timeout</fielddescr>
+ <fielddescr>Default Expiration Timeout</fielddescr>
<fieldname>defaulttimeout</fieldname>
- <description>If a REGISTER request dose not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description>
+ <description>If a REGISTER request does not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer.</description>
<type>input</type>
</field>
<field>
@@ -126,38 +131,36 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Enable RTP proxy</fielddescr>
+ <fielddescr>Enable RTP Proxy</fielddescr>
<fieldname>rtpenable</fieldname>
- <description>Enable or disable the RTP proxy. (default is enabled)</description>
+ <description>Enable or disable the RTP proxy. (Default: enabled)</description>
<type>select</type>
<options>
- <option>
- <name>Enable</name>
- <value>1</value>
- </option>
- <option>
- <name>Disable</name>
- <value>0</value>
- </option>
+ <option><name>Enable</name><value>1</value></option>
+ <option><name>Disable</name><value>0</value></option>
</options>
+ <default_value>1</default_value>
</field>
<field>
- <fielddescr>RTP port range (lower)</fielddescr>
+ <fielddescr>RTP Port Range (Lower)</fielddescr>
<fieldname>rtplower</fieldname>
- <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7070).</description>
+ <description>Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7070)</description>
<type>input</type>
+ <default_value>7070</default_value>
</field>
<field>
- <fielddescr>RTP port range (upper)</fielddescr>
+ <fielddescr>RTP Port Range (Upper)</fielddescr>
<fieldname>rtpupper</fieldname>
- <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7079).</description>
+ <description>Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must not be blocked by the firewall. (Default: 7079)</description>
<type>input</type>
+ <default_value>7079</default_value>
</field>
<field>
- <fielddescr>RTP stream timeout</fielddescr>
+ <fielddescr>RTP Stream Timeout</fielddescr>
<fieldname>rtptimeout</fieldname>
- <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped (default 300sec).</description>
+ <description>After this number of seconds, an RTP stream is considered dead and proxying it will be stopped. (Default: 300sec)</description>
<type>input</type>
+ <default_value>300</default_value>
</field>
<field>
<name>Dejittering Settings</name>
@@ -180,7 +183,7 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>TCP inactivity timeout</fielddescr>
+ <fielddescr>TCP Inactivity Timeout</fielddescr>
<fieldname>tcp_timeout</fieldname>
<description>
<![CDATA[
@@ -195,8 +198,8 @@
<fieldname>tcp_connect_timeout</fieldname>
<description>
<![CDATA[
- Defines How many msecs siproxd will wait for an successful connect when establishing an outgoing SIP signalling connection.<br />
- This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - while waiting for a connect to succeed no SIP messages are processed (RTP is not affected).
+ Defines How many msecs siproxd will wait for a successful connect when establishing an outgoing SIP signalling connection.<br />
+ This should be kept as short as possible as waiting for an TCP connection to establish is a BLOCKING operation - no SIP messages are processed while waiting for a connect to succeed (RTP is not affected).
]]>
</description>
<type>input</type>
@@ -212,19 +215,19 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Enable proxy authentication</fielddescr>
+ <fielddescr>Enable Proxy Authentication</fielddescr>
<fieldname>authentication</fieldname>
- <description>If this is checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description>
+ <description>If checked, clients will be forced to authenticate themselves at the proxy (for registration only).</description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Outbound proxy hostname</fielddescr>
+ <fielddescr>Outbound Proxy Hostname</fielddescr>
<fieldname>outboundproxyhost</fieldname>
<description>Enter the hostname of an outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description>
<type>input</type>
</field>
<field>
- <fielddescr>Outbound proxy port</fielddescr>
+ <fielddescr>Outbound Proxy Port</fielddescr>
<fieldname>outboundproxyport</fieldname>
<description>Enter the port of the outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross.</description>
<type>input</type>
@@ -266,7 +269,7 @@
<type>checkbox</type>
</field>
<field>
- <fielddescr>Log redirected calls</fielddescr>
+ <fielddescr>Log Redirected Calls</fielddescr>
<fieldname>plugin_defaulttarget_log</fieldname>
<description>Log redirected calls.</description>
<type>checkbox</type>
@@ -371,6 +374,12 @@
<type>input</type>
</field>
</fields>
+ <custom_php_install_command>
+ install_package_siproxd();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ deinstall_package_siproxd();
+ </custom_php_deinstall_command>
<custom_add_php_command>
sync_package_siproxd();
</custom_add_php_command>
@@ -378,7 +387,7 @@
sync_package_siproxd();
</custom_php_resync_config_command>
<filter_rules_needed>
- siproxd_generate_rules();
+ siproxd_generate_rules
</filter_rules_needed>
<custom_php_validation_command>
validate_form_siproxd($_POST, $input_errors);
diff --git a/config/siproxd/siproxd_registered_phones.php b/config/siproxd/siproxd_registered_phones.php
index 51eb474a..0648aa2f 100644
--- a/config/siproxd/siproxd_registered_phones.php
+++ b/config/siproxd/siproxd_registered_phones.php
@@ -82,7 +82,7 @@ require("head.inc");
<tr><td>
<?php
$tab_array = array();
- $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml&amp;id=0");
+ $tab_array[] = array(gettext("Settings"), false, "pkg_edit.php?xml=siproxd.xml");
$tab_array[] = array(gettext("Users"), false, "pkg.php?xml=siproxdusers.xml");
$tab_array[] = array(gettext("Registered Phones"), true, "siproxd_registered_phones.php");
display_top_tabs($tab_array);
diff --git a/config/siproxd/siproxdusers.xml b/config/siproxd/siproxdusers.xml
index 6dd53efe..390c4f35 100644
--- a/config/siproxd/siproxdusers.xml
+++ b/config/siproxd/siproxdusers.xml
@@ -43,13 +43,13 @@
]]>
</copyright>
<name>siproxdusers</name>
- <version>1.0.6</version>
+ <version>1.0.7</version>
<title>siproxd: Users</title>
<include_file>/usr/local/pkg/siproxd.inc</include_file>
<tabs>
<tab>
<text>Settings</text>
- <url>/pkg_edit.php?xml=siproxd.xml&amp;id=0</url>
+ <url>/pkg_edit.php?xml=siproxd.xml</url>
</tab>
<tab>
<text>Users</text>
@@ -61,7 +61,6 @@
<url>/siproxd_registered_phones.php</url>
</tab>
</tabs>
- <configpath>installedpackages->package->$packagename->configuration->settings</configpath>
<adddeleteeditpagefields>
<columnitem>
<fielddescr>Username</fielddescr>
@@ -76,19 +75,19 @@
<field>
<fielddescr>Username</fielddescr>
<fieldname>username</fieldname>
- <description>Enter the username here</description>
+ <description>Enter the username here.</description>
<type>input</type>
</field>
<field>
<fielddescr>Password</fielddescr>
<fieldname>password</fieldname>
- <description>Enter the password here</description>
+ <description>Enter the password here.</description>
<type>password</type>
</field>
<field>
<fielddescr>Username Description</fielddescr>
<fieldname>description</fieldname>
- <description>Enter the description of the user here</description>
+ <description>Enter the description of the user here.</description>
<type>input</type>
</field>
</fields>
diff --git a/config/zabbix2/zabbix2.inc b/config/zabbix2/zabbix2-agent.inc
index 9b5f3ed3..4aa0d5f7 100644
--- a/config/zabbix2/zabbix2.inc
+++ b/config/zabbix2/zabbix2-agent.inc
@@ -1,6 +1,6 @@
<?php
/*
- zabbix2.inc
+ zabbix2-agent.inc
part of pfSense (https://www.pfSense.org/)
Copyright (C) 2013 Danilo G. Baio
Copyright (C) 2013 Marcello Coutinho
@@ -77,50 +77,7 @@ function php_deinstall_zabbix2_agent() {
}
}
-function php_deinstall_zabbix2_proxy() {
- global $config, $g;
-
- $pfs_version = php_zabbix2_pfs_version();
- $zabbix2_pkg_base = php_zabbix2_pkg_base($pfs_version);
-
- if ($pfs_version == "2.1" || $pfs_version == "2.2") {
- define('ZABBIX_PROXY_BASE', '/usr/pbi/' . $zabbix2_pkg_base . '-proxy-' . php_uname("m"));
- } else {
- define('ZABBIX_PROXY_BASE', '/usr/local');
- }
-
- exec("/usr/bin/killall zabbix_proxy");
- unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base . "/zabbix_proxy.conf");
- unlink_if_exists("/var/log/zabbix2/zabbix_proxy.log");
- unlink_if_exists("/var/run/zabbix2/zabbix2_proxy.pid");
-
- if (!is_array($config['installedpackages']['zabbixagent'])) {
- if (is_dir("/var/log/zabbix2")) {
- exec("/bin/rm -r /var/log/zabbix2/");
- }
- if (is_dir("/var/run/zabbix2")) {
- exec("/bin/rm -r /var/run/zabbix2/");
- }
- }
-
- if (is_dir("/var/db/zabbix2")) {
- exec("/bin/rm -r /var/db/zabbix2/");
- }
-}
-
-function validate_input_zabbix2($post, &$input_errors) {
- if (isset($post['proxyenabled'])) {
- if (!is_numericint($post['serverport'])) {
- $input_errors[] = "'Server Port' value is not numeric.";
- } elseif ($post['serverport'] < 1 || $post['serverport'] > 65535) {
- $input_errors[] = "You must enter a valid value for 'Server Port'.";
- }
-
- if (!is_numericint($post['configfrequency'])) {
- $input_errors[] = "'Config Frequency' value is not numeric.";
- }
- }
-
+function validate_input_zabbix2_agent($post, &$input_errors) {
if (isset($post['agentenabled'])) {
if (!preg_match("/\w+/", $post['server'])) {
$input_errors[] = "Server field is required.";
@@ -186,7 +143,7 @@ function validate_input_zabbix2($post, &$input_errors) {
}
}
-function sync_package_zabbix2() {
+function sync_package_zabbix2_agent() {
global $config, $g;
conf_mount_rw();
@@ -195,38 +152,10 @@ function sync_package_zabbix2() {
if ($pfs_version == "2.1" || $pfs_version == "2.2") {
define('ZABBIX_AGENT_BASE', '/usr/pbi/' . $zabbix2_pkg_base . '-agent-' . php_uname("m"));
- define('ZABBIX_PROXY_BASE', '/usr/pbi/' . $zabbix2_pkg_base . '-proxy-' . php_uname("m"));
} else {
define('ZABBIX_AGENT_BASE', '/usr/local');
- define('ZABBIX_PROXY_BASE', '/usr/local');
}
- // Check zabbix proxy config
- if (is_array($config['installedpackages']['zabbixproxy'])) {
- $zbproxy_config = $config['installedpackages']['zabbixproxy']['config'][0];
- if ($zbproxy_config['proxyenabled'] == "on") {
- $Mode = (is_numericint($zbproxy_config['proxymode']) ? $zbproxy_config['proxymode'] : 0);
- $AdvancedParams = base64_decode($zbproxy_config['advancedparams']);
-
- $zbproxy_conf_file = <<< EOF
-Server={$zbproxy_config['server']}
-ServerPort={$zbproxy_config['serverport']}
-Hostname={$zbproxy_config['hostname']}
-PidFile=/var/run/zabbix2/zabbix2_proxy.pid
-DBName=/var/db/zabbix2/proxy.db
-LogFile=/var/log/zabbix2/zabbix_proxy.log
-ConfigFrequency={$zbproxy_config['configfrequency']}
-FpingLocation=/usr/local/sbin/fping
-# There's currently no fping6 (IPv6) dependency in the package,
-# but if there was, the binary would likely also be in /usr/local/sbin.
-Fping6Location=/usr/local/sbin/fping6
-ProxyMode={$Mode}
-{$AdvancedParams}
-
-EOF;
- file_put_contents(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base . "/zabbix_proxy.conf", strtr($zbproxy_conf_file, array("\r" => "")));
- }
- }
// Check zabbix agent settings
if (is_array($config['installedpackages']['zabbixagent'])) {
$zbagent_config = $config['installedpackages']['zabbixagent']['config'][0];
@@ -310,8 +239,8 @@ EOF;
// Check startup script files
// Create a few directories and ensure the sample files are in place
- if (!is_dir(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base)) {
- mwexec("/bin/mkdir -p " . ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base);
+ if (!is_dir(ZABBIX_AGENT_BASE . "/etc/" . $zabbix2_pkg_base)) {
+ mwexec("/bin/mkdir -p " . ZABBIX_AGENT_BASE . "/etc/" . $zabbix2_pkg_base);
}
$dir_checks = <<< EOF
@@ -336,29 +265,6 @@ EOF;
EOF;
- $zproxy_rcfile = "/usr/local/etc/rc.d/zabbix2_proxy.sh";
- if (is_array($zbproxy_config) && $zbproxy_config['proxyenabled'] == "on") {
- $zproxy_start = strtr($dir_checks, array("\r" => "")). "\necho \"Starting Zabbix Proxy\"...\n";
- $zproxy_start .= ZABBIX_PROXY_BASE . "/sbin/zabbix_proxy\n";
-
- $zproxy_stop = "echo \"Stopping Zabbix Proxy\"\n";
- $zproxy_stop .= "/usr/bin/killall zabbix_proxy\n";
- $zproxy_stop .= "/bin/sleep 5\n";
-
- write_rcfile(array(
- "file" => "zabbix2_proxy.sh",
- "start" => $zproxy_start,
- "stop" => $zproxy_stop
- )
- );
- restart_service("zabbix_proxy");
- } else {
- if (is_service_running("zabbix_proxy")) {
- stop_service("zabbix_proxy");
- }
- unlink_if_exists($zproxy_rcfile);
- }
-
$zagent_rcfile="/usr/local/etc/rc.d/zabbix2_agentd.sh";
if (is_array($zbagent_config) && $zbagent_config['agentenabled']=="on") {
$zagent_start .= strtr($dir_checks, array("\r" => "")). "\necho \"Starting Zabbix Agent...\"\n";
@@ -374,7 +280,11 @@ EOF;
"stop" => $zagent_stop
)
);
- restart_service("zabbix_agentd");
+ if (is_service_running("zabbix_agentd")) {
+ restart_service("zabbix_agentd");
+ } else {
+ start_service("zabbix_agentd");
+ }
} else {
if (is_service_running("zabbix_agentd")) {
stop_service("zabbix_agentd");
diff --git a/config/zabbix2/zabbix2-agent.xml b/config/zabbix2/zabbix2-agent.xml
index e02caefc..be081603 100644
--- a/config/zabbix2/zabbix2-agent.xml
+++ b/config/zabbix2/zabbix2-agent.xml
@@ -45,13 +45,13 @@
<name>zabbixagent</name>
<title>Services: Zabbix-2 Agent</title>
<category>Monitoring</category>
- <version>0.8.4</version>
- <include_file>/usr/local/pkg/zabbix2.inc</include_file>
- <addedit_string>Zabbix Agent has been created/modified.</addedit_string>
- <delete_string>Zabbix Agent has been deleted.</delete_string>
+ <version>0.8.5</version>
+ <include_file>/usr/local/pkg/zabbix2-agent.inc</include_file>
+ <addedit_string>Zabbix Agent configuration has been created/modified.</addedit_string>
+ <delete_string>Zabbix Agent configuration has been deleted.</delete_string>
<restart_command>/usr/local/etc/rc.d/zabbix2_agentd.sh restart</restart_command>
<additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/zabbix2/zabbix2.inc</item>
+ <item>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-agent.inc</item>
<prefix>/usr/local/pkg/</prefix>
</additional_files_needed>
<additional_files_needed>
@@ -204,14 +204,11 @@
<advancedfield/>
</field>
</fields>
- <custom_php_install_command>
- sync_package_zabbix2();
- </custom_php_install_command>
<custom_php_validation_command>
- validate_input_zabbix2($_POST, $input_errors);
+ validate_input_zabbix2_agent($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
- sync_package_zabbix2();
+ sync_package_zabbix2_agent();
</custom_php_resync_config_command>
<custom_php_deinstall_command>
php_deinstall_zabbix2_agent();
diff --git a/config/zabbix2/zabbix2-proxy.inc b/config/zabbix2/zabbix2-proxy.inc
new file mode 100644
index 00000000..aa21b817
--- /dev/null
+++ b/config/zabbix2/zabbix2-proxy.inc
@@ -0,0 +1,244 @@
+<?php
+/*
+ zabbix2-proxy.inc
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Danilo G. Baio
+ Copyright (C) 2013 Marcello Coutinho
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+require_once("util.inc");
+require_once("functions.inc");
+require_once("pkg-utils.inc");
+require_once("globals.inc");
+
+function php_zabbix2_pfs_version() {
+ $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+ return $pfs_version;
+}
+
+function php_zabbix2_pkg_base($pfs_version) {
+ if ($pfs_version >= 2.2) {
+ // pfSense 2.2 with zabbix 2.4
+ $zabbix2_pkg_base = "zabbix24";
+ } else {
+ // pfSense 2.1 with zabbix 2.2
+ $zabbix2_pkg_base = "zabbix22";
+ }
+ return $zabbix2_pkg_base;
+}
+
+function php_deinstall_zabbix2_proxy() {
+ global $config, $g;
+
+ $pfs_version = php_zabbix2_pfs_version();
+ $zabbix2_pkg_base = php_zabbix2_pkg_base($pfs_version);
+
+ if ($pfs_version == "2.1" || $pfs_version == "2.2") {
+ define('ZABBIX_PROXY_BASE', '/usr/pbi/' . $zabbix2_pkg_base . '-proxy-' . php_uname("m"));
+ } else {
+ define('ZABBIX_PROXY_BASE', '/usr/local');
+ }
+
+ exec("/usr/bin/killall zabbix_proxy");
+ unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base . "/zabbix_proxy.conf");
+ unlink_if_exists("/var/log/zabbix2/zabbix_proxy.log");
+ unlink_if_exists("/var/run/zabbix2/zabbix2_proxy.pid");
+
+ if (!is_array($config['installedpackages']['zabbixagent'])) {
+ if (is_dir("/var/log/zabbix2")) {
+ exec("/bin/rm -r /var/log/zabbix2/");
+ }
+ if (is_dir("/var/run/zabbix2")) {
+ exec("/bin/rm -r /var/run/zabbix2/");
+ }
+ if (is_dir("/var/db/zabbix2")) {
+ exec("/bin/rm -r /var/db/zabbix2/");
+ }
+ }
+}
+
+function validate_input_zabbix2_proxy($post, &$input_errors) {
+ if (isset($post['proxyenabled'])) {
+ if (!is_numericint($post['serverport'])) {
+ $input_errors[] = "'Server Port' value is not numeric.";
+ } elseif ($post['serverport'] < 1 || $post['serverport'] > 65535) {
+ $input_errors[] = "You must enter a valid value for 'Server Port'.";
+ }
+
+ if (!preg_match("/\w+/", $post['hostname'])) {
+ $input_errors[] = "Hostname field is required.";
+ }
+
+ if (!is_numericint($post['configfrequency'])) {
+ $input_errors[] = "'Config Frequency' value is not numeric.";
+ }
+ }
+}
+
+function sync_package_zabbix2_proxy() {
+ global $config, $g;
+
+ conf_mount_rw();
+ $pfs_version = php_zabbix2_pfs_version();
+ $zabbix2_pkg_base = php_zabbix2_pkg_base($pfs_version);
+
+ if ($pfs_version == "2.1" || $pfs_version == "2.2") {
+ define('ZABBIX_PROXY_BASE', '/usr/pbi/' . $zabbix2_pkg_base . '-proxy-' . php_uname("m"));
+ } else {
+ define('ZABBIX_PROXY_BASE', '/usr/local');
+ }
+
+ // Check zabbix proxy config
+ if (is_array($config['installedpackages']['zabbixproxy'])) {
+ $zbproxy_config = $config['installedpackages']['zabbixproxy']['config'][0];
+ if ($zbproxy_config['proxyenabled'] == "on") {
+ $Mode = (is_numericint($zbproxy_config['proxymode']) ? $zbproxy_config['proxymode'] : 0);
+ $AdvancedParams = base64_decode($zbproxy_config['advancedparams']);
+
+ $zbproxy_conf_file = <<< EOF
+Server={$zbproxy_config['server']}
+ServerPort={$zbproxy_config['serverport']}
+Hostname={$zbproxy_config['hostname']}
+PidFile=/var/run/zabbix2/zabbix2_proxy.pid
+DBName=/var/db/zabbix2/proxy.db
+LogFile=/var/log/zabbix2/zabbix_proxy.log
+ConfigFrequency={$zbproxy_config['configfrequency']}
+FpingLocation=/usr/local/sbin/fping
+# There's currently no fping6 (IPv6) dependency in the package,
+# but if there was, the binary would likely also be in /usr/local/sbin.
+Fping6Location=/usr/local/sbin/fping6
+ProxyMode={$Mode}
+{$AdvancedParams}
+
+EOF;
+ file_put_contents(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base . "/zabbix_proxy.conf", strtr($zbproxy_conf_file, array("\r" => "")));
+ }
+ }
+
+ $want_sysctls = array(
+ 'kern.ipc.shmall' => '2097152',
+ 'kern.ipc.shmmax' => '2147483648',
+ 'kern.ipc.semmsl' => '250'
+ );
+ $sysctls = array();
+ // Check sysctl file values
+ $sc_file="";
+ if (file_exists("/etc/sysctl.conf")) {
+ $sc = file("/etc/sysctl.conf");
+ foreach ($sc as $line) {
+ list($sysk, $sysv) = explode("=", $line, 2);
+ if (preg_match("/\w/", $line) && !array_key_exists($sysk, $want_sysctls)) {
+ $sc_file .= $line;
+ }
+ }
+ }
+ foreach ($want_sysctls as $ws => $wv) {
+ $sc_file .= "{$ws}={$wv}\n";
+ mwexec("/sbin/sysctl {$ws}={$wv}");
+ }
+ file_put_contents("/etc/sysctl.conf", $sc_file);
+
+ // Check bootloader values
+ $lt_file = "";
+ $want_tunables = array(
+ 'kern.ipc.semopm' => '100',
+ 'kern.ipc.semmni' => '128',
+ 'kern.ipc.semmns' => '32000',
+ 'kern.ipc.shmmni' => '4096'
+ );
+ $tunables = array();
+ if (file_exists("/boot/loader.conf")) {
+ $lt = file("/boot/loader.conf");
+ foreach ($lt as $line) {
+ list($tunable, $val) = explode("=", $line, 2);
+ if (preg_match("/\w/", $line) && !array_key_exists($tunable, $want_tunables)) {
+ $lt_file .= $line;
+ }
+ }
+ }
+ foreach ($want_tunables as $wt => $wv) {
+ $lt_file .= "{$wt}={$wv}\n";
+ }
+ file_put_contents("/boot/loader.conf", $lt_file);
+
+ // Check startup script files
+ // Create a few directories and ensure the sample files are in place
+ if (!is_dir(ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base)) {
+ mwexec("/bin/mkdir -p " . ZABBIX_PROXY_BASE . "/etc/" . $zabbix2_pkg_base);
+ }
+
+ $dir_checks = <<< EOF
+
+ if [ ! -d /var/log/zabbix2 ]; then
+ /bin/mkdir -p /var/log/zabbix2
+ /usr/sbin/chmod 755 /var/log/zabbix2
+ fi
+ /usr/sbin/chown -R zabbix:zabbix /var/log/zabbix2
+
+ if [ ! -d /var/run/zabbix2 ]; then
+ /bin/mkdir -p /var/run/zabbix2
+ /usr/sbin/chmod 755 /var/run/zabbix2
+ fi
+ /usr/sbin/chown -R zabbix:zabbix /var/run/zabbix2
+
+ if [ ! -d /var/db/zabbix2 ]; then
+ /bin/mkdir -p /var/db/zabbix2
+ /usr/sbin/chmod 755 /var/db/zabbix2
+ fi
+ /usr/sbin/chown -R zabbix:zabbix /var/db/zabbix2
+
+EOF;
+
+ $zproxy_rcfile = "/usr/local/etc/rc.d/zabbix2_proxy.sh";
+ if (is_array($zbproxy_config) && $zbproxy_config['proxyenabled'] == "on") {
+ $zproxy_start = strtr($dir_checks, array("\r" => "")). "\necho \"Starting Zabbix Proxy\"...\n";
+ $zproxy_start .= ZABBIX_PROXY_BASE . "/sbin/zabbix_proxy\n";
+
+ $zproxy_stop = "echo \"Stopping Zabbix Proxy\"\n";
+ $zproxy_stop .= "/usr/bin/killall zabbix_proxy\n";
+ $zproxy_stop .= "/bin/sleep 5\n";
+
+ write_rcfile(array(
+ "file" => "zabbix2_proxy.sh",
+ "start" => $zproxy_start,
+ "stop" => $zproxy_stop
+ )
+ );
+ if (is_service_running("zabbix_proxy")) {
+ restart_service("zabbix_proxy");
+ } else {
+ start_service("zabbix_proxy");
+ }
+ } else {
+ if (is_service_running("zabbix_proxy")) {
+ stop_service("zabbix_proxy");
+ }
+ unlink_if_exists($zproxy_rcfile);
+ }
+
+ conf_mount_ro();
+}
+
+?>
diff --git a/config/zabbix2/zabbix2-proxy.xml b/config/zabbix2/zabbix2-proxy.xml
index 398c3df4..c39bbdc6 100644
--- a/config/zabbix2/zabbix2-proxy.xml
+++ b/config/zabbix2/zabbix2-proxy.xml
@@ -45,13 +45,13 @@
<name>zabbixproxy</name>
<title>Services: Zabbix-2 Proxy</title>
<category>Monitoring</category>
- <version>0.8.4</version>
- <include_file>/usr/local/pkg/zabbix2.inc</include_file>
- <addedit_string>Zabbix Proxy has been created/modified.</addedit_string>
- <delete_string>Zabbix Proxy has been deleted.</delete_string>
+ <version>0.8.5</version>
+ <include_file>/usr/local/pkg/zabbix2-proxy.inc</include_file>
+ <addedit_string>Zabbix Proxy configuration has been created/modified.</addedit_string>
+ <delete_string>Zabbix Proxy configuration has been deleted.</delete_string>
<restart_command>/usr/local/etc/rc.d/zabbix2_proxy.sh restart</restart_command>
<additional_files_needed>
- <item>https://packages.pfsense.org/packages/config/zabbix2/zabbix2.inc</item>
+ <item>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-proxy.inc</item>
<prefix>/usr/local/pkg/</prefix>
</additional_files_needed>
<additional_files_needed>
@@ -148,14 +148,11 @@
<advancedfield/>
</field>
</fields>
- <custom_php_install_command>
- sync_package_zabbix2();
- </custom_php_install_command>
<custom_php_validation_command>
- validate_input_zabbix2($_POST, $input_errors);
+ validate_input_zabbix2_proxy($_POST, $input_errors);
</custom_php_validation_command>
<custom_php_resync_config_command>
- sync_package_zabbix2();
+ sync_package_zabbix2_proxy();
</custom_php_resync_config_command>
<custom_php_deinstall_command>
php_deinstall_zabbix2_proxy();
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-12 02:32:10 +0000