From 4e577ec6d4207ff6da1d55070dab24aefd3f1c07 Mon Sep 17 00:00:00 2001 From: Colin Smith Date: Thu, 31 Mar 2005 01:49:32 +0000 Subject: * Clean up carp_settings.xml. * Rewrite CARP syncing code to use XMLRPC. --- packages/carp_settings.xml | 70 ++++--------------------------------------- packages/carp_sync_client.php | 23 ++++++++------ 2 files changed, 20 insertions(+), 73 deletions(-) diff --git a/packages/carp_settings.xml b/packages/carp_settings.xml index 6417aac2..4aa0f590 100644 --- a/packages/carp_settings.xml +++ b/packages/carp_settings.xml @@ -107,72 +107,14 @@ Synchronize to IP synchronizetoip - Enter the IP address of the firewall you would like to synchornize your rules to. + Enter the IP address of the firewall you would like to synchronize your rules to. input - Known Hosts - knownhosts - Paste in the /etc/ssh/ssh_host_dsa_key.pub file generated from the destination server. - 4 - 50 - textarea - - - Authorized Keys - authorizedkeys - Paste in your Authorized Keys file generated from OpenSSH. - 4 - 50 - textarea - - - Install keys - installkeys - Check this option and enter a password below of the remote box if you would like to automatically install the keys on the remote machine. - checkbox - - - Install keys password - installkeyspassword - Enter the password of the remote machine that you would like to copy the keys to. - password - - + Remote System Password + password + Enter the webGUI password of the system that you would like to synchronize with. + input + - - - - system("/etc/rc.packages >/dev/null 2>&1 &"); - - - - - system("/bin/mkdir -p /root/.ssh"); - if($_POST['knownhosts'] != "") { - $fout = fopen("/root/.ssh/known_hosts","w"); - fwrite($fout, $_POST['knownhosts']); - fclose($fout); - } - if($_POST['authorizedkeys'] != "") { - $fout = fopen("/root/.ssh/authorized_keys","w"); - fwrite($fout, $_POST['authorizedkeys']); - fclose($fout); - } - if($_POST['installkeys'] != "") { - $httpport = "80"; - $cmd = "/bin/mkdir /root/.ssh"; - /* make sure /root/.ssh exists */ - $vararrays = array("cmd" => "mkdir -p /root/.ssh"); - http_post($synchronizetoip, $httpport, "/exec_raw.php", $vararrays); - /* populate /root/.ssh/known_hosts */ - $vararrays = array("cmd" => "echo \"{$_POST['knownhosts']}\" > /root/.ssh/known_hosts"); - http_post($synchronizetoip, $httpport, "/exec_raw.php", $vararrays); - /* populate /root/.ssh/authorized_keys */ - $vararrays = array("cmd" => "echo \"{$_POST['authorizedkeys']}\" > /root/.ssh/authorized_keys"); - http_post($synchronizetoip, $httpport, "/exec_raw.php", $vararrays); - } - - - diff --git a/packages/carp_sync_client.php b/packages/carp_sync_client.php index e5bd1cdf..b2da24ba 100644 --- a/packages/carp_sync_client.php +++ b/packages/carp_sync_client.php @@ -2,7 +2,7 @@ /* carp_sync.php part of pfSense (www.pfSense.com) - Copyright (C) 2004 Scott Ullrich (sullrich@gmail.com) + Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) and Colin Smith (ethethlay@gmail.com) All rights reserved. Redistribution and use in source and binary forms, with or without @@ -25,25 +25,30 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + TODO: + * SSL support! + */ +require_once("xmlrpc_client.inc"); // Include client classes from our XMLRPC implementation. +require_once("xmlparse_pkg.inc"); // Include pfSense helper functions. +require_once("config.inc"); +require_once("functions.inc"); + +function carp_sync_xml($url, $password, $section, $section_xml) { + $params = array(new XML_R + if($already_processed != 1) if($config['installedpackages']['carpsettings']['config'] <> "" and is_array($config['installedpackages']['carpsettings']['config'])) { $already_processed = 1; foreach($config['installedpackages']['carpsettings']['config'] as $carp) { if($carp['synchronizetoip'] <> "" ) { - /* lets sync! */ $synchronizetoip = $carp['synchronizetoip']; - $files_to_copy = ""; if($carp['synchronizerules'] <> "" and is_array($config['filter'])) { $current_rules_section = backup_config_section("filter"); - $current_rules_section = str_replace("", "", $current_rules_section); - /* generate firewall rules xml */ - $fout = fopen("{$g['tmp_path']}/filter_section.txt","w"); - fwrite($fout, $current_rules_section); - fclose($fout); - $files_to_copy .= "{$g['tmp_path']}/filter_section.txt"; + //$current_rules_section = str_replace("", "", $current_rules_section); } if($carp['synchronizenat'] <> "" and is_array($config['nat'])) { $current_nat_section = backup_config_section("nat"); -- cgit v1.2.3