From 9154cf219365944fe9b1423ac1622f2df4390849 Mon Sep 17 00:00:00 2001
From: Perry Mason <crazypark2@yahoo.dk>
Date: Fri, 6 Mar 2009 16:46:18 +0100
Subject: lo to Fit123

---
 config/Fit123/bin/ltsp/services.inc | 1316 +++++++++++++++++++++++++++++++++++
 1 file changed, 1316 insertions(+)
 create mode 100644 config/Fit123/bin/ltsp/services.inc

(limited to 'config/Fit123/bin/ltsp')

diff --git a/config/Fit123/bin/ltsp/services.inc b/config/Fit123/bin/ltsp/services.inc
new file mode 100644
index 00000000..a788a2b3
--- /dev/null
+++ b/config/Fit123/bin/ltsp/services.inc
@@ -0,0 +1,1316 @@
+<?php
+/* $Id$ */
+/*
+	services.inc
+	part of m0n0wall (http://m0n0.ch/wall)
+
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* include all configuration functions */
+require_once("functions.inc");
+
+function load_balancer_use_sticky() {
+	global $config, $g;
+	if (isset ($config['system']['lb_use_sticky']))
+		touch("/var/etc/use_pf_pool__stickyaddr");
+	else
+		unlink_if_exists("/var/etc/use_pf_pool__stickyaddr");
+}
+
+function services_dhcpd_configure() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dhcpd_configure($if) being called $mt\n";
+	}
+
+	/* if OLSRD is enabled, allow WAN to house DHCP. */
+	if($config['installedpackages']['olsrd'])
+		foreach($config['installedpackages']['olsrd']['config'] as $olsrd)
+				if($olsrd['enable'])
+					$is_olsr_enabled = true;
+
+	/* configure DHCPD chroot */
+	$fd = fopen("/tmp/dhcpd.sh","w");
+	$status = `mount | grep "{$g['dhcpd_chroot_path']}/dev"`;
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/dev\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n");
+	fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n");
+	fwrite($fd, "chown -R dhcpd:_dhcp {$g['dhcpd_chroot_path']}/*\n");
+	fwrite($fd, "cp /lib/libc.so.* {$g['dhcpd_chroot_path']}/lib/\n");
+	fwrite($fd, "cp /usr/local/sbin/dhcpd {$g['dhcpd_chroot_path']}/usr/local/sbin/\n");
+	fwrite($fd, "chmod a+rx {$g['dhcpd_chroot_path']}/usr/local/sbin/dhcpd\n");
+	if(!trim($status))
+		fwrite($fd, "mount -t devfs devfs {$g['dhcpd_chroot_path']}/dev\n");
+	fclose($fd);
+	mwexec("/bin/sh /tmp/dhcpd.sh");
+
+	/* kill any running dhcpd */
+	if(is_process_running("dhcpd"))
+		mwexec("killall dhcpd", true);
+
+	$syscfg = $config['system'];
+	$dhcpdcfg = $config['dhcpd'];
+
+	/* DHCP enabled on any interfaces? */
+	$dhcpdenable = false;
+	if(is_array($dhcpdcfg))
+		foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
+			if (isset($dhcpifconf['enable']) &&
+				(($dhcpif == "lan") ||
+				(isset($config['interfaces'][$dhcpif]['enable']) &&
+				$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
+				$dhcpdenable = true;
+			if (isset($dhcpifconf['enable']) &&
+				(($dhcpif == "wan") || (isset($config['interfaces'][$dhcpif]['enable']) &&
+				$config['interfaces'][$dhcpif]['if'] && (!$config['interfaces'][$dhcpif]['bridge']))))
+				$dhcpdenable = true;
+		}
+
+	if (!$dhcpdenable)
+		return 0;
+
+	if ($g['booting'])
+		echo "Starting DHCP service...";
+	else
+		sleep(1);
+
+	/* write dhcpd.conf */
+	$fd = fopen("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf", "w");
+	if (!$fd) {
+		printf("Error: cannot open dhcpd.conf in services_dhcpd_configure().\n");
+		return 1;
+	}
+
+
+
+	$dhcpdconf = <<<EOD
+option domain-name "{$syscfg['domain']}";
+default-lease-time 7200;
+max-lease-time 86400;
+authoritative;
+log-facility local7;
+ddns-update-style none;
+one-lease-per-client true;
+deny duplicates;
+
+EOD;
+
+	$dhcpdifs = array();
+
+	/*    loop through and deterimine if we need to setup
+	 *    failover peer "bleh" entries
+	 */
+	$dhcpnum = 0;
+	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
+		if($dhcpifconf['failover_peerip'] <> "") {
+			/*
+			 *    yep, failover peer is defined.
+			 *    does it match up to a defined vip?
+			 */
+			$skew = 110;
+			$a_vip = &$config['virtualip']['vip'];
+			if(is_array($a_vip)) {
+				foreach ($a_vip as $vipent) {
+					$int = guess_interface_from_ip($dhcpifconf['failover_peerip']);
+					$intip = find_interface_ip($int);
+					$real_dhcpif = convert_friendly_interface_to_real_interface_name($dhcpif);
+					if($int == $real_dhcpif) {
+						/* this is the interface! */
+						if($vipent['advskew'] < "20")
+							$skew = 0;
+					}
+				}
+			} else {
+				log_error("Warning!  DHCP Failover setup and no CARP virtual IP's defined!");
+			}
+			if($skew > 10) {
+				$type = "secondary";
+				$dhcpdconf_pri  = "mclt 600;\n";
+				$my_port = "520";
+				$peer_port = "519";
+			} else {
+				$my_port = "519";
+				$peer_port = "520";
+				$type = "primary";
+				$dhcpdconf_pri  = "split 128;\n";
+				$dhcpdconf_pri .= "  mclt 600;\n";
+			}
+			$dhcpdconf .= <<<EOPP
+failover peer "dhcp{$dhcpnum}" {
+  {$type};
+  address {$intip};
+  port {$my_port};
+  peer address {$dhcpifconf['failover_peerip']};
+  peer port {$peer_port};
+  max-response-delay 10;
+  max-unacked-updates 10;
+  {$dhcpdconf_pri}
+  load balance max seconds 3;
+}
+
+EOPP;
+		$dhcpnum++;
+		}
+	}
+
+	$dhcpnum = 0;
+
+	foreach ($dhcpdcfg as $dhcpif => $dhcpifconf) {
+
+		$ifcfg = $config['interfaces'][$dhcpif];
+
+		if (!isset($dhcpifconf['enable']) ||
+			($ifcfg['ipaddr'] == "dhcp") ||
+			(($dhcpif != "lan") &&
+			(!isset($ifcfg['enable']) || !$ifcfg['if'] || $ifcfg['bridge'])))
+			continue;
+
+		if($dhcpif == "lan" && $ifcfg['bridge'])
+			log_error("NOTE: DHCP Server on LAN is enabled.");
+
+		$subnet = gen_subnet($ifcfg['ipaddr'], $ifcfg['subnet']);
+		$subnetmask = gen_subnet_mask($ifcfg['subnet']);
+
+		if($is_olsr_enabled == true)
+			if($dhcpifconf['netmask'])
+				$subnetmask = gen_subnet_mask($dhcpifconf['netmask']);
+
+		$dnscfg = "";
+
+		if ($dhcpifconf['domain']) {
+			$dnscfg .= "	option domain-name \"{$dhcpifconf['domain']}\";\n";
+		}
+		if (isset($dhcpifconf['ddnsupdate'])) {
+			if($dhcpifconf['ddnsdomain'] <> "") {
+				$dnscfg .= "	ddns-domainname \"{$dhcpifconf['ddnsdomain']}\";\n";
+			}
+			$dnscfg .= "	ddns-update-style interim;\n";
+		}
+
+
+		if (is_array($dhcpifconf['dnsserver']) && ($dhcpifconf['dnsserver'][0])) {
+			$dnscfg .= "	option domain-name-servers " . join(",", $dhcpifconf['dnsserver']) . ";";
+		} else if (isset($config['dnsmasq']['enable'])) {
+			$dnscfg .= "	option domain-name-servers " . $ifcfg['ipaddr'] . ";";
+		} else if (is_array($syscfg['dnsserver']) && ($syscfg['dnsserver'][0])) {
+			$dnscfg .= "	option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";";
+		}
+
+		$dhcpdconf .= "subnet $subnet netmask $subnetmask {\n";
+		$dhcpdconf .= "	pool {\n";
+
+		/* is failover dns setup? */
+		if (is_array($dhcpifconf['dnsserver']) && $dhcpifconf['dnsserver'][0] <> "") {
+			$dhcpdconf .= "		option domain-name-servers {$dhcpifconf['dnsserver'][0]}";
+			if($dhcpifconf['dnsserver'][1] <> "")
+				$dhcpdconf .= ",{$dhcpifconf['dnsserver'][1]}";
+			$dhcpdconf .= ";\n";
+		}
+
+		if($dhcpifconf['failover_peerip'] <> "")
+			$dhcpdconf .= "		deny dynamic bootp clients;\n";
+
+		if (isset($dhcpifconf['denyunknown']))
+		   $dhcpdconf .= "		deny unknown clients;\n";
+
+		if ($dhcpifconf['gateway'])
+			$routers = $dhcpifconf['gateway'];
+		else
+			$routers = $ifcfg['ipaddr'];
+
+		if($dhcpifconf['failover_peerip'] <> "") {
+			$dhcpdconf .= "		failover peer \"dhcp{$dhcpnum}\";\n";
+			$dhcpnum++;
+		}
+
+		$dhcpdconf .= <<<EOD
+		range {$dhcpifconf['range']['from']} {$dhcpifconf['range']['to']};
+	}
+	option routers {$routers};
+$dnscfg
+
+EOD;
+
+		if ($dhcpifconf['defaultleasetime'])
+			$dhcpdconf .= "	default-lease-time {$dhcpifconf['defaultleasetime']};\n";
+		if ($dhcpifconf['maxleasetime'])
+			$dhcpdconf .= "	max-lease-time {$dhcpifconf['maxleasetime']};\n";
+
+		if (is_array($dhcpifconf['winsserver']) && $dhcpifconf['winsserver'][0]) {
+			$dhcpdconf .= "	option netbios-name-servers " . join(",", $dhcpifconf['winsserver']) . ";\n";
+			$dhcpdconf .= "	option netbios-node-type 8;\n";
+		}
+
+		if (is_array($dhcpifconf['ntpserver']) && $dhcpifconf['ntpserver'][0])
+			$dhcpdconf .= "	option ntp-servers " . join(",", $dhcpifconf['ntpserver']) . ";\n";
+
+		if(isset($dhcpifconf['netboot'])) {
+			if (($dhcpifconf['next-server'] <> "") && ($dhcpifconf['filename'] <> "")) {
+				$dhcpdconf .= "	next-server {$dhcpifconf['next-server']};\n";
+				$dhcpdconf .= "	filename \"{$dhcpifconf['filename']}\";\n";
+			}
+		if ($dhcpifconf['rootpath'] <> "") {
+				$dhcpdconf .= "	option root-path \"{$dhcpifconf['rootpath']}\";\n";
+      }
+		}
+		$dhcpdconf .= <<<EOD
+}
+
+EOD;
+
+		/* add static mappings */
+		if (is_array($dhcpifconf['staticmap'])) {
+
+			$i = 0;
+			foreach ($dhcpifconf['staticmap'] as $sm) {
+				$dhcpdconf .= <<<EOD
+host s_{$dhcpif}_{$i} {
+	hardware ethernet {$sm['mac']};
+
+EOD;
+				if ($sm['ipaddr'])
+					$dhcpdconf .= "	fixed-address {$sm['ipaddr']};\n";
+
+				$dhcpdconf .= "}\n";
+				$i++;
+			}
+		}
+
+		$dhcpdifs[] = $ifcfg['if'];
+	}
+
+	fwrite($fd, $dhcpdconf);
+	fclose($fd);
+
+	/* create an empty leases database */
+	touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
+
+	/* fire up dhcpd in a chroot */
+	mwexec("/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot {$g['dhcpd_chroot_path']} -cf {$g['dhcpd_chroot_path']}/etc/dhcpd.conf " .
+		join(" ", $dhcpdifs));
+
+	if ($g['booting']) {
+		print "done.\n";
+	}
+
+	return 0;
+}
+
+function interfaces_staticarp_configure($if) {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "interfaces_staticarp_configure($if) being called $mt\n";
+	}
+
+        $ifcfg = $config['interfaces'][$if];
+
+        /* Enable staticarp, if enabled */
+        if(isset($config['dhcpd'][$if]['staticarp'])) {
+                mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " staticarp " );
+                mwexec("/usr/sbin/arp -ad > /dev/null 2>&1 ");
+                if (is_array($config['dhcpd'][$if]['staticmap'])) {
+
+                        foreach ($config['dhcpd'][$if]['staticmap'] as $arpent) {
+                                mwexec("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
+								log_error("/usr/sbin/arp -s " . escapeshellarg($arpent['ipaddr']) . " " . escapeshellarg($arpent['mac']));
+                        }
+
+                }
+        } else {
+                mwexec("/sbin/ifconfig " . escapeshellarg($ifcfg['if']) . " -staticarp " );
+                mwexec("/usr/sbin/arp -da > /dev/null 2>&1 ");
+        }
+
+        return 0;
+}
+
+function services_dhcrelay_configure() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dhcrelay_configure() being called $mt\n";
+	}
+
+	/* kill any running dhcrelay */
+	killbypid("{$g['varrun_path']}/dhcrelay.pid");
+
+	$dhcrelaycfg = $config['dhcrelay'];
+
+	/* DHCPRelay enabled on any interfaces? */
+	$dhcrelayenable = false;
+	if(is_array($dhcrelaycfg)) {
+		foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
+			if (isset($dhcrelayifconf['enable']) &&
+				(($dhcrelayif == "lan") ||
+				(isset($config['interfaces'][$dhcrelayif]['enable']) &&
+				$config['interfaces'][$dhcrelayif]['if'] && (!$config['interfaces'][$dhcrelayif]['bridge']))))
+				$dhcrelayenable = true;
+		}
+	}
+
+	if (!$dhcrelayenable)
+		return 0;
+
+	if ($g['booting'])
+		echo "Starting DHCP relay service...";
+	else
+		sleep(1);
+
+	$dhcrelayifs = array();
+	foreach ($dhcrelaycfg as $dhcrelayif => $dhcrelayifconf) {
+
+		$ifcfg = $config['interfaces'][$dhcrelayif];
+
+		if (!isset($dhcrelayifconf['enable']) ||
+			(($dhcrelayif != "lan") &&
+			(!isset($ifcfg['enable']) || !$ifcfg['if'] || $ifcfg['bridge'])))
+			continue;
+
+		$dhcrelayifs[] = $ifcfg['if'];
+	}
+
+	/* In order for the relay to work, it needs to be active on the
+	   interface in which the destination server sits */
+	foreach ($config['interfaces'] as $ifname) {
+		$subnet = $ifname['ipaddr'] . "/" . $ifname['subnet'];
+		if (ip_in_subnet($dhcrelaycfg['server'],$subnet))
+			$destif = $ifname['if'];
+	}
+
+	if (!isset($destif))
+		$destif = $config['interfaces']['wan']['if'];
+
+	$dhcrelayifs[] = $destif;
+	$dhcrelayifs = array_unique($dhcrelayifs);
+
+	/* fire up dhcrelay */
+	$cmd = "/usr/local/sbin/dhcrelay -i " .  join(" -i ", $dhcrelayifs);
+
+	if (isset($dhcrelaycfg['agentoption']))
+		$cmd .=  " -a -m replace";
+
+	$cmd .= " {$dhcrelaycfg['server']}";
+	mwexec($cmd);
+
+	if (!$g['booting']) {
+		/* set the reload filter dity flag */
+		touch("{$g['tmp_path']}/filter_dirty");
+	}
+
+	return 0;
+}
+
+function services_dyndns_reset() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dyndns_reset() being called $mt\n";
+	}
+
+	if (file_exists("{$g['vardb_path']}/ez-ipupdate.cache")) {
+		conf_mount_rw();
+		unlink("{$g['vardb_path']}/ez-ipupdate.cache");
+		conf_mount_ro();
+	}
+
+	if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
+		conf_mount_rw();
+		unlink("{$g['conf_path']}/ez-ipupdate.cache");
+		conf_mount_ro();
+	}
+	
+	if (file_exists("{$g['conf_path']}/dyndns.cache")) {
+		conf_mount_rw();
+		unlink("{$g['conf_path']}/dyndns.cache");
+		conf_mount_ro();
+	}
+
+	return 0;
+}
+
+function services_dyndns_configure() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dyndns_configure() being called $mt\n";
+	}
+
+	$dyndnscfg = $config['dyndns'];
+	$wancfg = $config['interfaces']['wan'];
+
+	if (isset($dyndnscfg['enable'])) {
+
+		if ($g['booting']) {
+			echo "Starting DynDNS client...";
+			if(isset($config['system']['use_old_dyndns'])) {
+				echo " [Using ez-ipupdate] ";
+				services_dyndns_configure_old();
+				return;
+			}
+		} else {
+			sleep(1);
+			if(isset($config['system']['use_old_dyndns'])) {
+				services_dyndns_configure_old();
+				return;
+			}
+		}
+
+		/* load up the dyndns.class */
+		require_once("dyndns.class");
+
+		log_error("DynDns: Running updatedns()");
+
+		/* determine WAN interface name */
+		$wanif = get_real_wan_interface();
+		/* get ip */
+		$ip = find_interface_ip($wanif);
+
+		$dns = new updatedns($dnsService = $config['dyndns']['type'],
+							 $dnsHost = $config['dyndns']['host'],
+							 $dnsUser = $config['dyndns']['username'],
+							 $dnsPass = $config['dyndns']['password'],
+							 $dnsWilcard = $config['dyndns']['wildcard'],
+							 $dnsMX = $config['dyndns']['mx']);
+
+		if ($g['booting'])
+			echo "done.\n";
+	}
+
+	return 0;
+}
+
+function services_dyndns_configure_old() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dyndns_configure_old() being called $mt\n";
+	}
+
+        /* kill any running ez-ipupdate */
+        /* ez-ipupdate needs SIGQUIT instead of SIGTERM */
+        sigkillbypid("{$g['varrun_path']}/ez-ipupdate.pid", "QUIT");
+
+        $dyndnscfg = $config['dyndns'];
+        $wancfg = $config['interfaces']['wan'];
+
+        if (isset($dyndnscfg['enable'])) {
+
+                if ($g['booting'])
+                        echo "Starting DynDNS client...";
+                else
+                        sleep(1);
+
+                /* determine WAN interface name */
+                $wanif = get_real_wan_interface();
+
+                /* write ez-ipupdate.conf */
+                $fd = fopen("{$g['varetc_path']}/ez-ipupdate.conf", "w");
+                if (!$fd) {
+                        printf("Error: cannot open ez-ipupdate.conf in services_dyndns_configure().\n");
+                        return 1;
+                }
+
+                $ezipupdateconf = <<<EOD
+service-type={$dyndnscfg['type']}
+user={$dyndnscfg['username']}:{$dyndnscfg['password']}
+host={$dyndnscfg['host']}
+interface={$wanif}
+max-interval=2073600
+pid-file={$g['varrun_path']}/ez-ipupdate.pid
+cache-file={$g['vardb_path']}/ez-ipupdate.cache
+execute=/etc/rc.dyndns.storecache
+daemon
+
+EOD;
+
+                /* enable server[:port]? */
+                if ($dyndnscfg['server']) {
+                        if ($dyndnscfg['port'])
+                                $ezipupdateconf .= "server={$dyndnscfg['server']}:{$dyndnscfg['port']}\n";
+                        else
+                                $ezipupdateconf .= "server={$dyndnscfg['server']}\n";
+                }
+
+                /* enable MX? */
+                if ($dyndnscfg['mx']) {
+                        $ezipupdateconf .= "mx={$dyndnscfg['mx']}\n";
+                }
+
+                /* enable wildcards? */
+                if (isset($dyndnscfg['wildcard'])) {
+                        $ezipupdateconf .= "wildcard\n";
+                }
+
+                fwrite($fd, $ezipupdateconf);
+                fclose($fd);
+
+                /* if we're booting, copy the cache file from /conf */
+                if ($g['booting']) {
+                        if (file_exists("{$g['conf_path']}/ez-ipupdate.cache")) {
+                                copy("{$g['conf_path']}/ez-ipupdate.cache", "{$g['vardb_path']}/ez-ipupdate.cache");
+                       }
+                }
+
+                /* run ez-ipupdate */
+                mwexec("/usr/local/bin/ez-ipupdate -c {$g['varetc_path']}/ez-ipupdate.conf");
+
+                if ($g['booting'])
+                        echo "done\n";
+        }
+
+        return 0;
+}
+
+function services_dnsmasq_configure() {
+	global $config, $g;
+	$return = 0;
+	
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dnsmasq_configure() being called $mt\n";
+	}
+
+	/* kill any running dnsmasq */
+	sigkillbypid("{$g['varrun_path']}/dnsmasq.pid", "TERM");
+
+	if (isset($config['dnsmasq']['enable'])) {
+
+		if ($g['booting'])
+			echo "Starting DNS forwarder...";
+		else
+			sleep(1);
+
+		/* generate hosts file */
+		if(system_hosts_generate()!=0)
+			$return = 1;
+
+		$args = "";
+
+		if (isset($config['dnsmasq']['regdhcp'])) {
+
+			$args .= " -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases" .
+				" -s {$config['system']['domain']}";
+		}
+
+                if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
+                        foreach($config['dnsmasq']['domainoverrides'] as $override) {
+                                $args .= ' --server=/' . $override['domain'] . '/' . $override['ip'];
+                        }
+                }
+
+		/* suppose that dnsmasq handles our domain and don't send
+		requests for our local domain to upstream servers */
+		//if (!empty($config['system']['domain'])) {
+		//	$args .= sprintf(' --local=/%s/', $config['system']['domain']);
+		//}
+
+		/* run dnsmasq */
+		mwexec("/usr/local/sbin/dnsmasq {$args}");
+
+		if ($g['booting'])
+			echo "done.\n";
+	}
+
+	if (!$g['booting']) {
+		if(services_dhcpd_configure()!=0)
+			$return = 1;
+	}
+
+	return $return;
+}
+
+function services_snmpd_configure() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_snmpd_configure() being called $mt\n";
+	}
+
+	/* kill any running snmpd */
+	sigkillbypid("{$g['varrun_path']}/snmpd.pid", "TERM");
+	if(is_process_running("bsnmpd")) 
+		mwexec("/usr/bin/killall bsnmpd", true);
+
+	if (isset($config['snmpd']['enable'])) {
+
+		if ($g['booting'])
+			echo "Starting SNMP daemon... ";
+
+		/* generate snmpd.conf */
+		$fd = fopen("{$g['varetc_path']}/snmpd.conf", "w");
+		if (!$fd) {
+			printf("Error: cannot open snmpd.conf in services_snmpd_configure().\n");
+			return 1;
+		}
+
+
+		$snmpdconf = <<<EOD
+location := "{$config['snmpd']['syslocation']}"
+contact := "{$config['snmpd']['syscontact']}"
+read := "{$config['snmpd']['rocommunity']}"
+
+EOD;
+
+/* No docs on what write strings do there for disable for now.
+		if(isset($config['snmpd']['rwenable']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
+		    $snmpdconf .= <<<EOD
+# write string
+write := "{$config['snmpd']['rwcommunity']}"
+
+EOD;
+		}
+*/
+
+
+		if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
+		    $snmpdconf .= <<<EOD
+# SNMP Trap support.
+traphost := {$config['snmpd']['trapserver']}
+trapport := {$config['snmpd']['trapserverport']}
+trap := "{$config['snmpd']['trapstring']}"
+
+
+EOD;
+		}
+
+
+		$snmpdconf .= <<<EOD
+system := 1     # pfSense
+%snmpd
+begemotSnmpdDebugDumpPdus       = 2
+begemotSnmpdDebugSyslogPri      = 7
+begemotSnmpdCommunityString.0.1 = $(read)
+
+EOD;
+
+/* No docs on what write strings do there for disable for now.
+		if(isset($config['snmpd']['rwcommunity']) && preg_match('/^\S+$/', $config['snmpd']['rwcommunity'])){
+		    $snmpdconf .= <<<EOD
+begemotSnmpdCommunityString.0.2 = $(write)
+
+EOD;
+		}
+*/
+
+
+		if(isset($config['snmpd']['trapenable']) && preg_match('/^\S+$/', $config['snmpd']['trapserver'])){
+		    $snmpdconf .= <<<EOD
+begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
+begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
+begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
+
+EOD;
+		}
+
+
+		$snmpdconf .= <<<EOD
+begemotSnmpdCommunityDisable    = 1
+
+EOD;
+
+		if(isset($config['snmpd']['bindlan'])) {
+			$bind_to_ip = $config['interfaces']['lan']['ipaddr'];
+		} else {
+			$bind_to_ip = "0.0.0.0";
+		}
+
+		if(is_port( $config['snmpd']['pollport'] )) {
+		    $snmpdconf .= <<<EOD
+begemotSnmpdPortStatus.{$bind_to_ip}.{$config['snmpd']['pollport']} = 1
+
+EOD;
+
+		}
+
+		$snmpdconf .= <<<EOD
+begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
+begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
+
+# These are bsnmp macros not php vars.
+sysContact      = $(contact)
+sysLocation     = $(location)
+sysObjectId     = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
+
+snmpEnableAuthenTraps = 2
+
+EOD;
+
+		if (is_array( $config['snmpd']['modules'] )) {
+		    if(isset($config['snmpd']['modules']['mibii'])) {
+			$snmpdconf .= <<<EOD
+begemotSnmpdModulePath."mibII"  = "/usr/lib/snmp_mibII.so"
+
+EOD;
+		    }
+
+		    if(isset($config['snmpd']['modules']['netgraph'])) {
+			$snmpdconf .= <<<EOD
+begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
+%netgraph
+begemotNgControlNodeName = "snmpd"
+
+EOD;
+		    }
+
+		    if(isset($config['snmpd']['modules']['pf'])) {
+			$snmpdconf .= <<<EOD
+begemotSnmpdModulePath."pf"     = "/usr/lib/snmp_pf.so"
+
+EOD;
+		    }
+
+		    if(isset($config['snmpd']['modules']['hostres'])) {
+			$snmpdconf .= <<<EOD
+begemotSnmpdModulePath."hostres"     = "/usr/lib/snmp_hostres.so"
+
+EOD;
+		    }
+		    if(isset($config['snmpd']['modules']['bridge'])) {
+			$snmpdconf .= <<<EOD
+begemotSnmpdModulePath."bridge"     = "/usr/lib/snmp_bridge.so"
+# config must end with blank line
+
+
+EOD;
+		    }
+		}
+
+		fwrite($fd, $snmpdconf);
+		fclose($fd);
+
+		if (isset($config['snmpd']['bindlan'])) {
+			$bindlan = "";
+		}
+
+		/* run bsnmpd */
+		mwexec("/usr/sbin/bsnmpd -c {$g['varetc_path']}/snmpd.conf" .
+			"{$bindlan} -p {$g['varrun_path']}/snmpd.pid");
+
+		if ($g['booting'])
+			echo "done.\n";
+	}
+
+	return 0;
+}
+
+function services_proxyarp_configure() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_proxyarp_configure() being called $mt\n";
+	}
+
+	/* kill any running choparp */
+	killbyname("choparp");
+
+	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
+		$paa = array();
+
+		/* group by interface */
+		foreach ($config['virtualip']['vip'] as $vipent) {
+			if ($vipent['mode'] === "proxyarp") {
+				if ($vipent['interface'])
+					$if = $vipent['interface'];
+				else
+					$if = "wan";
+
+				if (!is_array($paa[$if]))
+					$paa[$if] = array();
+
+				$paa[$if][] = $vipent;
+			}
+		}
+
+		if (count($paa))
+		foreach ($paa as $paif => $paents) {
+			if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) ||
+                                       ($config['interfaces']['wan']['ipaddr'] == "dhcp") ||
+                                       ($config['interfaces']['wan']['ipaddr'] == "bigpond")))
+                               continue;
+
+			$args = $config['interfaces'][$paif]['if'] . " auto";
+
+			foreach ($paents as $paent) {
+
+				if (isset($paent['subnet']))
+					$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
+				else if (isset($paent['range']))
+					$args .= " " . escapeshellarg($paent['range']['from'] . "-" .
+						$paent['range']['to']);
+			}
+
+			mwexec_bg("/usr/local/sbin/choparp " . $args);
+		}
+	}
+}
+
+function services_dnsupdate_process() {
+	global $config, $g;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "services_dnsupdate_process() being called $mt\n";
+	}
+
+	/* Dynamic DNS updating active? */
+	if (isset($config['dnsupdate']['enable'])) {
+
+		$wanip = get_current_wan_address();
+		if ($wanip) {
+
+			$keyname = $config['dnsupdate']['keyname'];
+			/* trailing dot */
+			if (substr($keyname, -1) != ".")
+				$keyname .= ".";
+
+			$hostname = $config['dnsupdate']['host'];
+			/* trailing dot */
+			if (substr($hostname, -1) != ".")
+				$hostname .= ".";
+
+			/* write private key file
+			   this is dumb - public and private keys are the same for HMAC-MD5,
+			   but nsupdate insists on having both */
+			$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w");
+			$privkey .= <<<EOD
+Private-key-format: v1.2
+Algorithm: 157 (HMAC)
+Key: {$config['dnsupdate']['keydata']}
+
+EOD;
+			fwrite($fd, $privkey);
+			fclose($fd);
+
+			/* write public key file */
+			if ($config['dnsupdate']['keytype'] == "zone") {
+				$flags = 257;
+				$proto = 3;
+			} else if ($config['dnsupdate']['keytype'] == "host") {
+				$flags = 513;
+				$proto = 3;
+			} else if ($config['dnsupdate']['keytype'] == "user") {
+				$flags = 0;
+				$proto = 2;
+			}
+
+			$fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w");
+			fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n");
+			fclose($fd);
+
+			/* generate update instructions */
+			$upinst =  "update delete {$config['dnsupdate']['host']} A\n";
+			$upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n";
+			$upinst .= "\n";	/* mind that trailing newline! */
+
+			$fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w");
+			fwrite($fd, $upinst);
+			fclose($fd);
+
+			/* invoke nsupdate */
+			$cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}/K{$keyname}+157+00000.key";
+			if (isset($config['dnsupdate']['usetcp']))
+				$cmd .= " -v";
+			$cmd .= " {$g['varetc_path']}/nsupdatecmds";
+
+			mwexec_bg($cmd);
+		}
+	}
+
+	return 0;
+}
+
+function setup_wireless_olsr() {
+	global $config, $g;
+	if(!$config['installedpackages']['olsrd'] || !$config['installedpackages'])
+		return;
+	if(isset($config['system']['developerspew'])) {
+		$mt = microtime();
+		echo "setup_wireless_olsr($interface) being called $mt\n";
+	}
+	conf_mount_rw();
+	foreach($config['installedpackages']['olsrd']['config'] as $olsrd) {
+		$olsr_enable = $olsrd['enable'];
+		if($olsr_enable <> "on")
+			return;
+		$fd = fopen("{$g['varetc_path']}/olsr.conf", "w");
+
+		if($olsrd['announcedynamicroute'] or $olsrd['enableannounce'] == "on") {
+			$enableannounce .= "\nHna4\n";
+			$enableannounce .= "{\n";
+		if($olsrd['announcedynamicroute'])
+			$enableannounce .= "\t{$olsrd['announcedynamicroute']}\n";
+		if($olsrd['enableannounce'] == "on")
+			$enableannounce .= "0.0.0.0 0.0.0.0";
+			$enableannounce .= "\n}\n";
+		} else {
+			$enableannounce = "";
+		}
+
+		$olsr .= <<<EODA
+#
+# olsr.org OLSR daemon config file
+#
+# Lines starting with a # are discarded
+#
+# This file was generated by setup_wireless_olsr() in services.inc
+#
+
+# This file is an example of a typical
+# configuration for a mostly static
+# network(regarding mobility) using
+# the LQ extention
+
+# Debug level(0-9)
+# If set to 0 the daemon runs in the background
+
+DebugLevel	2
+
+# IP version to use (4 or 6)
+
+IpVersion	4
+
+# Clear the screen each time the internal state changes
+
+ClearScreen     yes
+
+{$enableannounce}
+
+# Should olsrd keep on running even if there are
+# no interfaces available? This is a good idea
+# for a PCMCIA/USB hotswap environment.
+# "yes" OR "no"
+
+AllowNoInt	yes
+
+# TOS(type of service) value for
+# the IP header of control traffic.
+# If not set it will default to 16
+
+#TosValue	16
+
+# The fixed willingness to use(0-7)
+# If not set willingness will be calculated
+# dynamically based on battery/power status
+# if such information is available
+
+#Willingness    	4
+
+# Allow processes like the GUI front-end
+# to connect to the daemon.
+
+IpcConnect
+{
+     # Determines how many simultaneously
+     # IPC connections that will be allowed
+     # Setting this to 0 disables IPC
+
+     MaxConnections  0
+
+     # By default only 127.0.0.1 is allowed
+     # to connect. Here allowed hosts can
+     # be added
+
+     Host            127.0.0.1
+     #Host            10.0.0.5
+
+     # You can also specify entire net-ranges
+     # that are allowed to connect. Multiple
+     # entries are allowed
+
+     #Net             192.168.1.0 255.255.255.0
+}
+
+# Wether to use hysteresis or not
+# Hysteresis adds more robustness to the
+# link sensing but delays neighbor registration.
+# Used by default. 'yes' or 'no'
+
+UseHysteresis	no
+
+# Hysteresis parameters
+# Do not alter these unless you know
+# what you are doing!
+# Set to auto by default. Allowed
+# values are floating point values
+# in the interval 0,1
+# THR_LOW must always be lower than
+# THR_HIGH.
+
+#HystScaling	0.50
+#HystThrHigh	0.80
+#HystThrLow	0.30
+
+
+# Link quality level
+# 0 = do not use link quality
+# 1 = use link quality for MPR selection
+# 2 = use link quality for MPR selection and routing
+# Defaults to 0
+
+LinkQualityLevel	{$olsrd['enablelqe']}
+
+# Link quality window size
+# Defaults to 10
+
+LinkQualityWinSize	10
+
+# Polling rate in seconds(float).
+# Default value 0.05 sec
+
+Pollrate	0.05
+
+
+# TC redundancy
+# Specifies how much neighbor info should
+# be sent in TC messages
+# Possible values are:
+# 0 - only send MPR selectors
+# 1 - send MPR selectors and MPRs
+# 2 - send all neighbors
+#
+# defaults to 0
+
+TcRedundancy	2
+
+#
+# MPR coverage
+# Specifies how many MPRs a node should
+# try select to reach every 2 hop neighbor
+#
+# Can be set to any integer >0
+#
+# defaults to 1
+
+MprCoverage	3
+
+# Example plugin entry with parameters:
+
+EODA;
+
+if($olsrd['enablehttpinfo'] == "on") {
+	$olsr .= <<<EODB
+
+LoadPlugin "/usr/local/lib/olsrd_httpinfo.so.0.1"
+{
+    PlParam     "port"   "{$olsrd['port']}"
+    PlParam     "Net"    "{$olsrd['allowedhttpinfohost']} {$olsrd['allowedhttpinfosubnet']}"
+}
+
+EODB;
+
+}
+
+if($olsrd['enabledsecure'] == "on") {
+	$olsr .= <<<EODC
+
+LoadPlugin "/usr/local/lib/olsrd_secure.so.0.5"
+{
+    PlParam     "Keyfile"   "/usr/local/etc/olsrkey.txt"
+}
+
+EODC;
+
+}
+
+if($olsrd['enabledyngw'] == "on") {
+
+	/* unset default route, olsr auto negotiates */
+	mwexec("/sbin/route delete default");
+
+	$olsr .= <<<EODE
+
+LoadPlugin "/usr/local/lib/olsrd_dyn_gw.so.0.4"
+{
+    # how often to look for a inet gw, in seconds
+    # defaults to 5 secs, if commented out
+    PlParam     "Interval"   "{$olsrd['polling']}"
+
+    # if one or more IPv4 addresses are given, do a ping on these in
+    # descending order to validate that there is not only an entry in
+    # routing table, but also a real internet connection. If any of
+    # these addresses could be pinged successfully, the test was
+    # succesful, i.e. if the ping on the 1st address was successful,the
+    # 2nd won't be pinged
+    PlParam     "Ping"       "{$olsrd['ping']}"
+    #PlParam     "HNA"   "192.168.81.0 255.255.255.0"
+}
+
+EODE;
+
+}
+
+foreach($config['installedpackages']['olsrd']['config'] as $conf) {
+	$interfaces = explode(',', $conf['iface_array']);
+	foreach($interfaces as $interface) {
+		$realinterface = convert_friendly_interface_to_real_interface_name($interface);
+$olsr .= <<<EODAD
+Interface "{$realinterface}"
+{
+
+    # Hello interval in seconds(float)
+    HelloInterval    2.0
+
+    # HELLO validity time
+    HelloValidityTime	20.0
+
+    # TC interval in seconds(float)
+    TcInterval        5.0
+
+    # TC validity time
+    TcValidityTime	30.0
+
+    # MID interval in seconds(float)
+    MidInterval	5.0
+
+    # MID validity time
+    MidValidityTime	30.0
+
+    # HNA interval in seconds(float)
+    HnaInterval	5.0
+
+    # HNA validity time
+    HnaValidityTime 	30.0
+
+    # When multiple links exist between hosts
+    # the weight of interface is used to determine
+    # the link to use. Normally the weight is
+    # automatically calculated by olsrd based
+    # on the characteristics of the interface,
+    # but here you can specify a fixed value.
+    # Olsrd will choose links with the lowest value.
+
+    # Weight 0
+
+
+}
+
+EODAD;
+
+	}
+	break;
+}
+		fwrite($fd, $olsr);
+		fclose($fd);
+	}
+
+	if(is_process_running("olsrd"))
+		mwexec("/usr/bin/killall olsrd", true);
+
+	sleep(2);
+
+	mwexec_bg("/usr/local/sbin/olsrd -f {$g['varetc_path']}/olsr.conf");
+
+	conf_mount_ro();
+}
+
+/* configure cron service */
+function configure_cron() {
+	global $g, $config;
+	conf_mount_rw();
+	/* preserve existing crontab entries */
+	$crontab_contents = file_get_contents("/etc/crontab");
+	$crontab_contents_a = split("\n", $crontab_contents);
+	
+	for ($i = 0; $i < count($crontab_contents_a); $i++) {
+		$item =& $crontab_contents_a[$i];
+		if (strpos($item, "# pfSense specific crontab entries") !== false) {
+			array_splice($crontab_contents_a, $i - 1);
+			break;
+		}
+	}
+	$crontab_contents = implode("\n", $crontab_contents_a) . "\n";
+	
+	
+	if (is_array($config['cron']['item'])) {
+		$crontab_contents .= "#\n";
+		$crontab_contents .= "# pfSense specific crontab entries\n";
+		$crontab_contents .= "# Created: " . date("F j, Y, g:i a") . "\n";
+		$crontab_contents .= "#\n";
+
+		foreach ($config['cron']['item'] as $item) {
+			$crontab_contents .= "\n{$item['minute']}\t";
+			$crontab_contents .= "{$item['hour']}\t";
+			$crontab_contents .= "{$item['mday']}\t";
+			$crontab_contents .= "{$item['month']}\t";
+			$crontab_contents .= "{$item['wday']}\t";
+			$crontab_contents .= "{$item['who']}\t";
+			$crontab_contents .= "{$item['command']}";
+		}
+    
+		$crontab_contents .= "\n#\n";
+		$crontab_contents .= "# If possible do not add items to this file manually.\n";
+		$crontab_contents .= "# If you do so, this file must be terminated with a blank line (e.g. new line)\n";
+		$crontab_contents .= "#\n\n";
+	}
+	
+	/* please maintain the newline at the end of file */
+	file_put_contents("/etc/crontab", $crontab_contents);
+	
+	if (!$g['booting'])
+		conf_mount_ro();
+}
+
+function upnp_action ($action) {
+	switch($action) {
+		case "start":
+			if(file_exists('/var/etc/miniupnpd.conf'))
+				mwexec_bg('/usr/local/sbin/miniupnpd -f /var/etc/miniupnpd.conf');
+			break;
+		case "stop":
+			while((int)exec("pgrep miniupnpd | wc -l") > 0)
+				mwexec('killall miniupnpd 2>/dev/null', true);
+			mwexec('/sbin/pfctl -aminiupnpd -Fr 2>&1 >/dev/null');
+			mwexec('/sbin/pfctl -aminiupnpd -Fn 2>&1 >/dev/null');
+			break;
+		case "restart":
+			upnp_action('stop');
+			upnp_action('start');
+			break;
+	}
+}
+
+function upnp_start() {
+	global $config, $g;
+	if($config['installedpackages']['miniupnpd']['config'][0]['enable']) {
+		if($g['booting']) {
+			echo "Starting UPnP service...";
+			include('/usr/local/pkg/miniupnpd.inc');
+			sync_package_miniupnpd();
+			echo "done.\n";
+		}
+		else {
+			upnp_action('start');
+		}
+	}
+}
+
+?>
-- 
cgit v1.2.3