diff options
| author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-01-28 17:32:17 -0200 |
|---|---|---|
| committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-01-28 17:32:17 -0200 |
| commit | 9d3d8d005ec74d6108aa423c7ad09e0b58951127 (patch) | |
| tree | f765cfb57d7d75ac2af8fa6b975ea953b557bdfc | |
| parent | b638ef519a8e1ad3e843c55e091fc2649e834797 (diff) | |
| parent | 1596d9c17349f47ef06defa5c44333db0158a110 (diff) | |
| download | pfsense-9d3d8d005ec74d6108aa423c7ad09e0b58951127.zip pfsense-9d3d8d005ec74d6108aa423c7ad09e0b58951127.tar.gz | |
Merge branch 'master' into inc
Conflicts:
etc/inc/captiveportal.inc
etc/inc/config.console.inc
etc/inc/config.lib.inc
etc/inc/easyrule.inc
etc/inc/filter.inc
etc/inc/ipsec.inc
etc/inc/pkg-utils.inc
etc/inc/shaper.inc
etc/inc/system.inc
etc/inc/voucher.inc
220 files changed, 8678 insertions, 5464 deletions
diff --git a/conf.default/config.xml b/conf.default/config.xml index 0200f4d..6074c02 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -1,157 +1,167 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>6.8</version> + <version>7.6</version> <lastchange></lastchange> <theme>pfsense_ng</theme> <sysctl> <item> - <descr>Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html</descr> + <descr><![CDATA[Disable the pf ftp proxy handler.]]></descr> + <tunable>debug.pfftpproxy</tunable> + <value>default</value> + </item> + <item> + <descr><![CDATA[Increase UFS read-ahead speeds to match current state of hard drives and NCQ. More information here: http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html]]></descr> <tunable>vfs.read_max</tunable> <value>default</value> </item> <item> - <descr>Set the ephemeral port range to be lower.</descr> + <descr><![CDATA[Set the ephemeral port range to be lower.]]></descr> <tunable>net.inet.ip.portrange.first</tunable> <value>default</value> </item> <item> - <descr>Drop packets to closed TCP ports without returning a RST</descr> + <descr><![CDATA[Drop packets to closed TCP ports without returning a RST]]></descr> <tunable>net.inet.tcp.blackhole</tunable> <value>default</value> </item> <item> - <descr>Do not send ICMP port unreachable messages for closed UDP ports</descr> + <descr><![CDATA[Do not send ICMP port unreachable messages for closed UDP ports]]></descr> <tunable>net.inet.udp.blackhole</tunable> <value>default</value> </item> <item> - <descr>Randomize the ID field in IP packets (default is 0: sequential IP IDs)</descr> + <descr><![CDATA[Randomize the ID field in IP packets (default is 0: sequential IP IDs)]]></descr> <tunable>net.inet.ip.random_id</tunable> <value>default</value> </item> <item> - <descr>Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)</descr> + <descr><![CDATA[Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway)]]></descr> <tunable>net.inet.tcp.drop_synfin</tunable> <value>default</value> </item> <item> - <descr>Enable sending IPv4 redirects</descr> + <descr><![CDATA[Enable sending IPv4 redirects]]></descr> <tunable>net.inet.ip.redirect</tunable> <value>default</value> </item> <item> - <descr>Enable sending IPv6 redirects</descr> + <descr><![CDATA[Enable sending IPv6 redirects]]></descr> <tunable>net.inet6.ip6.redirect</tunable> <value>default</value> </item> <item> - <descr>Generate SYN cookies for outbound SYN-ACK packets</descr> + <descr><![CDATA[Generate SYN cookies for outbound SYN-ACK packets]]></descr> <tunable>net.inet.tcp.syncookies</tunable> <value>default</value> </item> <item> - <descr>Maximum incoming/outgoing TCP datagram size (receive)</descr> + <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (receive)]]></descr> <tunable>net.inet.tcp.recvspace</tunable> <value>default</value> </item> <item> - <descr>Maximum incoming/outgoing TCP datagram size (send)</descr> + <descr><![CDATA[Maximum incoming/outgoing TCP datagram size (send)]]></descr> <tunable>net.inet.tcp.sendspace</tunable> <value>default</value> </item> <item> - <descr>IP Fastforwarding</descr> + <descr><![CDATA[IP Fastforwarding]]></descr> <tunable>net.inet.ip.fastforwarding</tunable> <value>default</value> </item> <item> - <descr>Do not delay ACK to try and piggyback it onto a data packet</descr> + <descr><![CDATA[Do not delay ACK to try and piggyback it onto a data packet]]></descr> <tunable>net.inet.tcp.delayed_ack</tunable> <value>default</value> </item> <item> - <descr>Maximum outgoing UDP datagram size</descr> + <descr><![CDATA[Maximum outgoing UDP datagram size]]></descr> <tunable>net.inet.udp.maxdgram</tunable> <value>default</value> </item> <item> - <descr>Handling of non-IP packets which are not passed to pfil (see if_bridge(4))</descr> + <descr><![CDATA[Handling of non-IP packets which are not passed to pfil (see if_bridge(4))]]></descr> <tunable>net.link.bridge.pfil_onlyip</tunable> <value>default</value> </item> <item> - <descr>Set to 0 to disable filtering on the incoming and outgoing member interfaces.</descr> + <descr><![CDATA[Set to 0 to disable filtering on the incoming and outgoing member interfaces.]]></descr> <tunable>net.link.bridge.pfil_member</tunable> <value>default</value> </item> <item> - <descr>Set to 1 to enable filtering on the bridge interface</descr> + <descr><![CDATA[Set to 1 to enable filtering on the bridge interface]]></descr> <tunable>net.link.bridge.pfil_bridge</tunable> <value>default</value> </item> <item> - <descr>Allow unprivileged access to tap(4) device nodes</descr> + <descr><![CDATA[Allow unprivileged access to tap(4) device nodes]]></descr> <tunable>net.link.tap.user_open</tunable> <value>default</value> </item> <item> - <descr>Verbosity of the rndtest driver (0: do not display results on console)</descr> + <descr><![CDATA[Verbosity of the rndtest driver (0: do not display results on console)]]></descr> <tunable>kern.rndtest.verbose</tunable> <value>default</value> </item> <item> - <descr>Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())</descr> + <descr><![CDATA[Randomize PID's (see src/sys/kern/kern_fork.c: sysctl_kern_randompid())]]></descr> <tunable>kern.randompid</tunable> <value>default</value> </item> <item> - <descr>Maximum size of the IP input queue</descr> + <descr><![CDATA[Maximum size of the IP input queue]]></descr> <tunable>net.inet.ip.intr_queue_maxlen</tunable> <value>default</value> </item> <item> - <descr>Disable CTRL+ALT+Delete reboot from keyboard.</descr> + <descr><![CDATA[Disable CTRL+ALT+Delete reboot from keyboard.]]></descr> <tunable>hw.syscons.kbd_reboot</tunable> <value>default</value> </item> <item> - <descr>Enable TCP Inflight mode</descr> + <descr><![CDATA[Enable TCP Inflight mode]]></descr> <tunable>net.inet.tcp.inflight.enable</tunable> <value>default</value> </item> <item> - <descr>Enable TCP extended debugging</descr> + <descr><![CDATA[Enable TCP extended debugging]]></descr> <tunable>net.inet.tcp.log_debug</tunable> <value>default</value> </item> <item> - <descr>Set ICMP Limits</descr> + <descr><![CDATA[Set ICMP Limits]]></descr> <tunable>net.inet.icmp.icmplim</tunable> <value>default</value> </item> <item> - <descr>TCP Offload Engine</descr> + <descr><![CDATA[TCP Offload Engine]]></descr> <tunable>net.inet.tcp.tso</tunable> <value>default</value> </item> + <item> + <descr><![CDATA[Maximum socket buffer size]]></descr> + <tunable>kern.ipc.maxsockbuf</tunable> + <value>default</value> + </item> </sysctl> <system> <optimization>normal</optimization> <hostname>pfSense</hostname> <domain>localdomain</domain> - <dnsserver></dnsserver> + <dnsserver/> <dnsallowoverride/> <group> <name>all</name> - <description>All Users</description> + <description><![CDATA[All Users]]></description> <scope>system</scope> <gid>1998</gid> <member>0</member> </group> <group> <name>admins</name> - <description>System Administrators</description> + <description><![CDATA[System Administrators]]></description> <scope>system</scope> <gid>1999</gid> <member>0</member> @@ -159,7 +169,7 @@ </group> <user> <name>admin</name> - <descr>System Administrator</descr> + <descr><![CDATA[System Administrator]]></descr> <scope>system</scope> <groupname>admins</groupname> <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password> @@ -294,9 +304,9 @@ </dhcpd> <pptpd> <mode><!-- off *or* server *or* redir --></mode> - <redir></redir> - <localip></localip> - <remoteip></remoteip> + <redir/> + <localip/> + <remoteip/> <!-- <accounting/> --> <!-- <user> @@ -305,51 +315,6 @@ </user> --> </pptpd> - <ovpn> - <!-- - <server> - <enable/> - <ca_cert></ca_cert> - <srv_cert></srv_cert> - <srv_key></srv_key> - <dh_param></dh_param> - <verb></verb> - <tun_iface></tun_iface> - <port></port> - <bind_iface></bind_iface> - <cli2cli/> - <maxcli></maxcli> - <prefix></prefix> - <ipblock></ipblock> - <crypto></crypto> - <dupcn/> - <psh_options> - <redir></redir> - <redir_loc></redir_loc> - <rte_delay></rte_delay> - <ping></ping> - <pingrst></pingrst> - <pingexit></pingexit> - <inact></inact> - </psh_options> - </server> - <client> - <tunnel></tunnel> - <ca_cert></ca_cert> - <cli_cert></cli_cert> - <cli_key></cli_key> - <type></type> - <tunnel> - <if></if> - <proto></proto> - <cport></cport> - <saddr></saddr> - <sport></sport> - <crypto></crypto> - </tunnel> - </client> - --> - </ovpn> <dnsmasq> <enable/> <!-- @@ -363,14 +328,14 @@ </dnsmasq> <snmpd> <!-- <enable/> --> - <syslocation></syslocation> - <syscontact></syscontact> + <syslocation/> + <syscontact/> <rocommunity>public</rocommunity> </snmpd> <diag> <ipv6nat> <!-- <enable/> --> - <ipaddr></ipaddr> + <ipaddr/> </ipv6nat> </diag> <bridge> @@ -462,7 +427,7 @@ <!-- <tcpidletimeout></tcpidletimeout> --> <rule> <type>pass</type> - <descr>Default allow LAN to any rule</descr> + <descr><![CDATA[Default allow LAN to any rule]]></descr> <interface>lan</interface> <source> <network>lan</network> @@ -693,13 +658,13 @@ <command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot</command> </item> <item> - <minute>*/5</minute> - <hour>*</hour> + <minute>30</minute> + <hour>12</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> - <command>/usr/bin/nice -n20 /usr/local/bin/checkreload.sh</command> + <command>/usr/bin/nice -n20 /etc/rc.update_urltables</command> </item> </cron> <wol> @@ -718,21 +683,19 @@ <monitor_type> <name>ICMP</name> <type>icmp</type> - <descr>ICMP</descr> - <options> - </options> + <descr><![CDATA[ICMP]]></descr> + <options/> </monitor_type> <monitor_type> <name>TCP</name> <type>tcp</type> - <descr>Generic TCP</descr> - <options> - </options> + <descr><![CDATA[Generic TCP]]></descr> + <options/> </monitor_type> <monitor_type> <name>HTTP</name> <type>http</type> - <descr>Generic HTTP</descr> + <descr><![CDATA[Generic HTTP]]></descr> <options> <path>/</path> <host/> @@ -742,7 +705,7 @@ <monitor_type> <name>HTTPS</name> <type>https</type> - <descr>Generic HTTPS</descr> + <descr><![CDATA[Generic HTTPS]]></descr> <options> <path>/</path> <host/> @@ -752,7 +715,7 @@ <monitor_type> <name>SMTP</name> <type>send</type> - <descr>Generic SMTP</descr> + <descr><![CDATA[Generic SMTP]]></descr> <options> <send>EHLO nosuchhost</send> <expect>250-</expect> @@ -1,28 +1,17 @@ 0.0.0.0/8 -5.0.0.0/8 -14.0.0.0/8 -23.0.0.0/8 -31.0.0.0/8 -36.0.0.0/8 -37.0.0.0/8 39.0.0.0/8 -42.0.0.0/8 -49.0.0.0/8 -100.0.0.0/8 -101.0.0.0/8 102.0.0.0/8 103.0.0.0/8 104.0.0.0/8 -105.0.0.0/8 106.0.0.0/8 127.0.0.0/8 169.254.0.0/16 -176.0.0.0/8 -177.0.0.0/8 179.0.0.0/8 -181.0.0.0/8 185.0.0.0/8 +192.0.0.0/24 192.0.2.0/24 198.18.0.0/15 -223.0.0.0/8 -224.0.0.0/3
\ No newline at end of file +198.51.100.0/24 +203.0.113.0/24 +224.0.0.0/4 +240.0.0.0/4
\ No newline at end of file diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 2a0e7d9..6942223 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -130,6 +130,10 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui'][' break; } } + if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") { + // allow SSH port forwarded connections and links from localhost + $found_host = true; + } } } if($found_host == false) { @@ -406,7 +410,7 @@ function local_user_set(& $user) { /* create user directory if required */ if (!is_dir($user_home)) { mkdir($user_home, 0700); - mwexec("cp /root/.* {$home_base}/"); + mwexec("/bin/cp /root/.* {$home_base}/", true); } chown($user_home, $user_name); chgrp($user_home, $user_group); diff --git a/etc/inc/basic_sasl_client.inc b/etc/inc/basic_sasl_client.inc new file mode 100644 index 0000000..b2972b5 --- /dev/null +++ b/etc/inc/basic_sasl_client.inc @@ -0,0 +1,61 @@ +<?php +/* + * basic_sasl_client.php + * + * @(#) $Id: basic_sasl_client.php,v 1.1 2004/11/17 08:01:23 mlemos Exp $ + * + */ + +define("SASL_BASIC_STATE_START", 0); +define("SASL_BASIC_STATE_DONE", 1); + +class basic_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_BASIC_STATE_START; + + Function Initialize(&$client) + { + return(1); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_BASIC_STATE_START) + { + $client->error="Basic authentication state is not at the start"; + return(SASL_FAIL); + } + $this->credentials=array( + "user"=>"", + "password"=>"" + ); + $defaults=array( + ); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + { + $message=$this->credentials["user"].":".$this->credentials["password"]; + $this->state=SASL_BASIC_STATE_DONE; + } + else + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { + case SASL_BASIC_STATE_DONE: + $client->error="Basic authentication was finished without success"; + return(SASL_FAIL); + default: + $client->error="invalid Basic authentication step state"; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 5bf7579..4a3b80d 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -2,12 +2,11 @@ /* captiveportal.inc part of pfSense (http://www.pfSense.org) - - originally part of m0n0wall (http://m0n0.ch/wall) - - Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2004-2011 Scott Ullrich <sullrich@gmail.com> Copyright (C) 2009 Ermal Luçi <ermal.luci@gmail.com> Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + + originally part of m0n0wall (http://m0n0.ch/wall) All rights reserved. Redistribution and use in source and binary forms, with or without @@ -38,9 +37,9 @@ These changes are (c) 2004 Keycom PLC. pfSense_BUILDER_BINARIES: /sbin/ipfw /sbin/sysctl /sbin/kldunload - pfSense_BUILDER_BINARIES: /usr/local/sbin/lighttpd /usr/local/bin/minicron /sbin/pfctl - pfSense_BUILDER_BINARIES: /bin/hostname /bin/cp - pfSense_MODULE: captiveportal + pfSense_BUILDER_BINARIES: /usr/local/sbin/lighttpd /usr/local/bin/minicron /sbin/pfctl + pfSense_BUILDER_BINARIES: /bin/hostname /bin/cp + pfSense_MODULE: captiveportal */ /* include all configuration functions */ @@ -74,8 +73,8 @@ function get_default_captive_portal_html() { <div id="mainlevel"> <center> <table width="100%" border="0" cellpadding="5" cellspacing="0"> - <tr> - <td> + <tr> + <td> <center> <div id="mainarea"> <center> @@ -100,7 +99,7 @@ function get_default_captive_portal_html() { </div> </center> </div> - </td> + </td> </tr> </table> </center> @@ -145,14 +144,14 @@ EOD; <div id="mainlevel"> <center> <table width="100%" border="0" cellpadding="5" cellspacing="0"> - <tr> - <td> + <tr> + <td> <center> <div id="mainarea"> <center> <table width="100%" border="0" cellpadding="5" cellspacing="5"> <tr> - <td> + <td> <div id="maindivarea"> <center> <div id='statusbox'> @@ -171,15 +170,15 @@ EOD; <tr><td align="right">Password:</td><td><input name="auth_pass" type="password" style="border: 1px dashed;"></td></tr> <tr><td> </td></tr> <tr> - <td colspan="2"> + <td colspan="2"> <center><input name="accept" type="submit" value="Continue"></center> - </td> + </td> </tr> </table> </div> </center> </div> - </td> + </td> </tr> </table> </center> @@ -206,7 +205,7 @@ EOD; function captiveportal_configure() { global $config, $g; - $captiveportallck = lock('captiveportal'); + $captiveportallck = lock('captiveportal', LOCK_EX); if (isset($config['captiveportal']['enable'])) { @@ -233,13 +232,14 @@ function captiveportal_configure() { captiveportal_init_rules(true); /* stop accounting on all clients */ - captiveportal_radius_stop_all(true); + captiveportal_radius_stop_all(); /* initialize minicron interval value */ $croninterval = $config['captiveportal']['croninterval'] ? $config['captiveportal']['croninterval'] : 60; /* double check if the $croninterval is numeric and at least 10 seconds. If not we set it to 60 to avoid problems */ - if ((!is_numeric($croninterval)) || ($croninterval < 10)) { $croninterval = 60; } + if ((!is_numeric($croninterval)) || ($croninterval < 10)) + $croninterval = 60; /* write portal page */ if ($config['captiveportal']['page']['htmltext']) @@ -259,6 +259,10 @@ function captiveportal_configure() { $htmltext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $htmltext); $htmltext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $htmltext); $htmltext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $htmltext); + if($config['captiveportal']['preauthurl']) { + $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $htmltext); + $htmltext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $htmltext); + } fwrite($fd, $htmltext); fclose($fd); } @@ -289,14 +293,14 @@ function captiveportal_configure() { <div id="mainlevel"> <center> <table width="100%" border="0" cellpadding="5" cellspacing="0"> - <tr> - <td> + <tr> + <td> <center> <div id="mainarea"> <center> <table width="100%" border="0" cellpadding="5" cellspacing="5"> <tr> - <td> + <td> <div id="maindivarea"> <center> <div id='statusbox'> @@ -315,15 +319,15 @@ function captiveportal_configure() { <tr><td align="right">Password:</td><td><input name="auth_pass" type="password" style="border: 1px dashed;"></td></tr> <tr><td> </td></tr> <tr> - <td colspan="2"> + <td colspan="2"> <center><input name="accept" type="submit" value="Continue"></center> - </td> + </td> </tr> </table> </div> </center> </div> - </td> + </td> </tr> </table> </center> @@ -355,6 +359,10 @@ EOD; $errtext = str_replace("\$CLIENT_IP\$", "#CLIENT_IP#", $errtext); $errtext = str_replace("\$ORIGINAL_PORTAL_IP\$", "#ORIGINAL_PORTAL_IP#", $errtext); $errtext = str_replace("\$PORTAL_ACTION\$", "#PORTAL_ACTION#", $errtext); + if($config['captiveportal']['preauthurl']) { + $errtext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $errtext); + $errtext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $errtext); + } fwrite($fd, $errtext); fclose($fd); } @@ -375,18 +383,18 @@ EOD; <!-- LogoutWin = window.open('', 'Logout', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=256,height=64'); if (LogoutWin) { - LogoutWin.document.write('<HTML>'); - LogoutWin.document.write('<HEAD><TITLE>Logout</TITLE></HEAD>') ; - LogoutWin.document.write('<BODY BGCOLOR="#435370">'); - LogoutWin.document.write('<DIV ALIGN="center" STYLE="color: #ffffff; font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; font-size: 11px;">') ; - LogoutWin.document.write('<B>Click the button below to disconnect</B><P>'); - LogoutWin.document.write('<FORM METHOD="POST" ACTION="<?=\$logouturl;?>">'); - LogoutWin.document.write('<INPUT NAME="logout_id" TYPE="hidden" VALUE="<?=\$sessionid;?>">'); - LogoutWin.document.write('<INPUT NAME="logout" TYPE="submit" VALUE="Logout">'); - LogoutWin.document.write('</FORM>'); - LogoutWin.document.write('</DIV></BODY>'); - LogoutWin.document.write('</HTML>'); - LogoutWin.document.close(); + LogoutWin.document.write('<HTML>'); + LogoutWin.document.write('<HEAD><TITLE>Logout</TITLE></HEAD>') ; + LogoutWin.document.write('<BODY BGCOLOR="#435370">'); + LogoutWin.document.write('<DIV ALIGN="center" STYLE="color: #ffffff; font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif; font-size: 11px;">') ; + LogoutWin.document.write('<B>Click the button below to disconnect</B><P>'); + LogoutWin.document.write('<FORM METHOD="POST" ACTION="<?=\$logouturl;?>">'); + LogoutWin.document.write('<INPUT NAME="logout_id" TYPE="hidden" VALUE="<?=\$sessionid;?>">'); + LogoutWin.document.write('<INPUT NAME="logout" TYPE="submit" VALUE="Logout">'); + LogoutWin.document.write('</FORM>'); + LogoutWin.document.write('</DIV></BODY>'); + LogoutWin.document.write('</HTML>'); + LogoutWin.document.close(); } document.location.href="<?=\$my_redirurl;?>"; @@ -414,41 +422,7 @@ EOD; "/etc/rc.prunecaptiveportal"); /* generate radius server database */ - if ($config['captiveportal']['radiusip'] && (!isset($config['captiveportal']['auth_method']) || - ($config['captiveportal']['auth_method'] == "radius"))) { - $radiusip = $config['captiveportal']['radiusip']; - $radiusip2 = ($config['captiveportal']['radiusip2']) ? $config['captiveportal']['radiusip2'] : null; - - if ($config['captiveportal']['radiusport']) - $radiusport = $config['captiveportal']['radiusport']; - else - $radiusport = 1812; - - if ($config['captiveportal']['radiusacctport']) - $radiusacctport = $config['captiveportal']['radiusacctport']; - else - $radiusacctport = 1813; - - if ($config['captiveportal']['radiusport2']) - $radiusport2 = $config['captiveportal']['radiusport2']; - else - $radiusport2 = 1812; - - $radiuskey = $config['captiveportal']['radiuskey']; - $radiuskey2 = ($config['captiveportal']['radiuskey2']) ? $config['captiveportal']['radiuskey2'] : null; - - $fd = @fopen("{$g['vardb_path']}/captiveportal_radius.db", "w"); - if (!$fd) { - printf(gettext("Error: cannot open radius DB file in captiveportal_configure().%s"), "\n"); - return 1; - } else if (isset($radiusip2, $radiuskey2)) { - fwrite($fd,$radiusip . "," . $radiusport . "," . $radiusacctport . "," . $radiuskey . "\n" - . $radiusip2 . "," . $radiusport2 . "," . $radiusacctport . "," . $radiuskey2); - } else { - fwrite($fd,$radiusip . "," . $radiusport . "," . $radiusacctport . "," . $radiuskey); - } - fclose($fd); - } + captiveportal_init_radius_servers(); if ($g['booting']) printf(gettext("done%s"), "\n"); @@ -457,7 +431,7 @@ EOD; killbypid("{$g['varrun_path']}/lighty-CaptivePortal.pid"); killbypid("{$g['varrun_path']}/minicron.pid"); - captiveportal_radius_stop_all(true); + captiveportal_radius_stop_all(); mwexec("/sbin/sysctl net.link.ether.ipfw=0"); @@ -470,7 +444,7 @@ EOD; if (does_interface_exist($listrealif)) { pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER); $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); - if (!empty($carpif)) { + if (!empty($carpif)) { $carpsif = explode(" ", $carpif); foreach ($carpsif as $cpcarp) pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER); @@ -489,7 +463,7 @@ function captiveportal_init_webgui() { global $g, $config; if (!isset($config['captiveportal']['enable'])) - return; + return; if ($config['captiveportal']['maxproc']) $maxproc = $config['captiveportal']['maxproc']; @@ -567,7 +541,7 @@ function captiveportal_init_rules($reinit = false) { if (count($cpips) > 0) { $cpactive = true; $cpinterface = "{ {$cpinterface} } "; - } else + } else return false; if ($reinit == false) @@ -583,7 +557,7 @@ function captiveportal_init_rules($reinit = false) { if (!is_module_loaded("dummynet.ko")) mwexec("/sbin/kldload dummynet"); - $cprules = "add 65291 set 1 allow pfsync from any to any\n"; + $cprules = "add 65291 set 1 allow pfsync from any to any\n"; $cprules .= "add 65292 set 1 allow carp from any to any\n"; $cprules .= <<<EOD @@ -652,12 +626,12 @@ EOD; $rulenum++; } else { $cprules .= "add {$rulenum} set 1 allow ip from table(1) to any in\n"; - $rulenum++; - $cprules .= "add {$rulenum} set 1 allow ip from any to table(2) out\n"; - $rulenum++; + $rulenum++; + $cprules .= "add {$rulenum} set 1 allow ip from any to table(2) out\n"; + $rulenum++; } - $cprules .= <<<EOD + $cprules .= <<<EOD # redirect non-authenticated clients to captive portal add 65531 set 1 fwd 127.0.0.1,8000 tcp from any to any in @@ -673,9 +647,13 @@ EOD; /* generate passthru mac database */ $cprules .= captiveportal_passthrumac_configure(true); $cprules .= "\n"; + /* allowed ipfw rules to make allowed ip work */ $cprules .= captiveportal_allowedip_configure(); + /* allowed ipfw rules to make allowed hostnames work */ + $cprules .= captiveportal_allowedhostname_configure(); + /* load rules */ if ($reinit == true) $cprules = "table all flush\nflush\n{$cprules}"; @@ -694,179 +672,173 @@ EOD; file_put_contents("{$g['tmp_path']}/ipfw.cp.rules", $cprules); mwexec("/sbin/ipfw -q {$g['tmp_path']}/ipfw.cp.rules", true); - @unlink("{$g['tmp_path']}/ipfw.cp.rules"); + //@unlink("{$g['tmp_path']}/ipfw.cp.rules"); if ($reinit == false) unlock($captiveportallck); - /* filter on layer2 as well so we can check MAC addresses */ mwexec("/sbin/sysctl net.link.ether.ipfw=1"); return $cprules; } -/* remove clients that have been around for longer than the specified amount of time */ -/* db file structure: -timestamp,ipfw_rule_no,clientip,clientmac,username,sessionid,password,session_timeout,idle_timeout,session_terminate_time */ - -/* (password is in Base64 and only saved when reauthentication is enabled) */ +/* remove clients that have been around for longer than the specified amount of time + * db file structure: + * timestamp,ipfw_rule_no,clientip,clientmac,username,sessionid,password,session_timeout,idle_timeout,session_terminate_time + * (password is in Base64 and only saved when reauthentication is enabled) + */ function captiveportal_prune_old() { + global $g, $config; + + /* check for expired entries */ + if (empty($config['captiveportal']['timeout']) || + !is_numeric($config['captiveportal']['timeout'])) + $timeout = 0; + else + $timeout = $config['captiveportal']['timeout'] * 60; + + if (empty($config['captiveportal']['idletimeout']) || + !is_numeric($config['captiveportal']['idletimeout'])) + $idletimeout = 0; + else + $idletimeout = $config['captiveportal']['idletimeout'] * 60; + + if (!$timeout && !$idletimeout && !isset($config['captiveportal']['reauthenticate']) && + !isset($config['captiveportal']['radiussession_timeout']) && !isset($config['voucher']['enable'])) + return; + + /* read database */ + $cpdb = captiveportal_read_db(); - global $g, $config; - - /* check for expired entries */ - if ($config['captiveportal']['timeout']) - $timeout = $config['captiveportal']['timeout'] * 60; - else - $timeout = 0; - - if ($config['captiveportal']['idletimeout']) - $idletimeout = $config['captiveportal']['idletimeout'] * 60; - else - $idletimeout = 0; - - if (!$timeout && !$idletimeout && !isset($config['captiveportal']['reauthenticate']) && - !isset($config['captiveportal']['radiussession_timeout']) && !isset($config['voucher']['enable'])) - return; - - $captiveportallck = lock('captiveportal'); - - /* read database */ - $cpdb = captiveportal_read_db(); - - $radiusservers = captiveportal_get_radius_servers(); - - /* To make sure we iterate over ALL accounts on every run the count($cpdb) is moved - * outside of the loop. Otherwise the loop would evaluate count() on every iteration - * and since $i would increase and count() would decrement they would meet before we - * had a chance to iterate over all accounts. - */ - $unsetindexes = array(); - $no_users = count($cpdb); - for ($i = 0; $i < $no_users; $i++) { - - $timedout = false; - $term_cause = 1; - - /* hard timeout? */ - if ($timeout) { - if ((time() - $cpdb[$i][0]) >= $timeout) { - $timedout = true; - $term_cause = 5; // Session-Timeout - } - } - - /* Session-Terminate-Time */ - if (!$timedout && !empty($cpdb[$i][9])) { - if (time() >= $cpdb[$i][9]) { - $timedout = true; - $term_cause = 5; // Session-Timeout - } - } - - /* check if the radius idle_timeout attribute has been set and if its set change the idletimeout to this value */ - $idletimeout = (is_numeric($cpdb[$i][8])) ? $cpdb[$i][8] : $idletimeout; - /* if an idle timeout is specified, get last activity timestamp from ipfw */ - if (!$timedout && $idletimeout) { - $lastact = captiveportal_get_last_activity($cpdb[$i][2]); - /* If the user has logged on but not sent any traffic they will never be logged out. - * We "fix" this by setting lastact to the login timestamp. + $radiusservers = captiveportal_get_radius_servers(); + + /* To make sure we iterate over ALL accounts on every run the count($cpdb) is moved + * outside of the loop. Otherwise the loop would evaluate count() on every iteration + * and since $i would increase and count() would decrement they would meet before we + * had a chance to iterate over all accounts. + */ + $unsetindexes = array(); + $no_users = count($cpdb); + for ($i = 0; $i < $no_users; $i++) { + + $timedout = false; + $term_cause = 1; + + /* hard timeout? */ + if ($timeout) { + if ((time() - $cpdb[$i][0]) >= $timeout) { + $timedout = true; + $term_cause = 5; // Session-Timeout + } + } + + /* Session-Terminate-Time */ + if (!$timedout && !empty($cpdb[$i][9])) { + if (time() >= $cpdb[$i][9]) { + $timedout = true; + $term_cause = 5; // Session-Timeout + } + } + + /* check if the radius idle_timeout attribute has been set and if its set change the idletimeout to this value */ + $uidletimeout = (is_numeric($cpdb[$i][8])) ? $cpdb[$i][8] : $idletimeout; + /* if an idle timeout is specified, get last activity timestamp from ipfw */ + if (!$timedout && $uidletimeout) { + $lastact = captiveportal_get_last_activity($cpdb[$i][2]); + /* If the user has logged on but not sent any traffic they will never be logged out. + * We "fix" this by setting lastact to the login timestamp. */ $lastact = $lastact ? $lastact : $cpdb[$i][0]; - if ($lastact && ((time() - $lastact) >= $idletimeout)) { - $timedout = true; - $term_cause = 4; // Idle-Timeout - $stop_time = $lastact; // Entry added to comply with WISPr - } - } - - /* if vouchers are configured, activate session timeouts */ - if (!$timedout && isset($config['voucher']['enable']) && !empty($cpdb[$i][7])) { - if (time() >= ($cpdb[$i][0] + $cpdb[$i][7])) { - $timedout = true; - $term_cause = 5; // Session-Timeout + if ($lastact && ((time() - $lastact) >= $uidletimeout)) { + $timedout = true; + $term_cause = 4; // Idle-Timeout + $stop_time = $lastact; // Entry added to comply with WISPr + } } - } - /* if radius session_timeout is enabled and the session_timeout is not null, then check if the user should be logged out */ - if (!$timedout && isset($config['captiveportal']['radiussession_timeout']) && !empty($cpdb[$i][7])) { - if (time() >= ($cpdb[$i][0] + $cpdb[$i][7])) { - $timedout = true; - $term_cause = 5; // Session-Timeout - } - } - - if ($timedout) { - captiveportal_disconnect($cpdb[$i], $radiusservers,$term_cause,$stop_time); - captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2], "TIMEOUT"); - $unsetindexes[$i] = $i; - } - - /* do periodic RADIUS reauthentication? */ - if (!$timedout && isset($config['captiveportal']['reauthenticate']) && - !empty($radiusservers)) { - - if (isset($config['captiveportal']['radacct_enable'])) { - if ($config['captiveportal']['reauthenticateacct'] == "stopstart") { - /* stop and restart accounting */ - RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno - $cpdb[$i][4], // username - $cpdb[$i][5], // sessionid - $cpdb[$i][0], // start time - $radiusservers, - $cpdb[$i][2], // clientip - $cpdb[$i][3], // clientmac - 10); // NAS Request - exec("/sbin/ipfw table 1 entryzerostats {$cpdb[$i][2]}"); - exec("/sbin/ipfw table 2 entryzerostats {$cpdb[$i][2]}"); - RADIUS_ACCOUNTING_START($cpdb[$i][1], // ruleno - $cpdb[$i][4], // username - $cpdb[$i][5], // sessionid - $radiusservers, - $cpdb[$i][2], // clientip - $cpdb[$i][3]); // clientmac - } else if ($config['captiveportal']['reauthenticateacct'] == "interimupdate") { - RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno - $cpdb[$i][4], // username - $cpdb[$i][5], // sessionid - $cpdb[$i][0], // start time - $radiusservers, - $cpdb[$i][2], // clientip - $cpdb[$i][3], // clientmac - 10, // NAS Request - true); // Interim Updates - } - } - - /* check this user against RADIUS again */ - $auth_list = RADIUS_AUTHENTICATION($cpdb[$i][4], // username - base64_decode($cpdb[$i][6]), // password - $radiusservers, - $cpdb[$i][2], // clientip - $cpdb[$i][3], // clientmac - $cpdb[$i][1]); // ruleno - - if ($auth_list['auth_val'] == 3) { - captiveportal_disconnect($cpdb[$i], $radiusservers, 17); - captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2], "RADIUS_DISCONNECT", $auth_list['reply_message']); - $unsetindexes[$i] = $i; - } - } - } - /* This is a kludge to overcome some php weirdness */ - foreach($unsetindexes as $unsetindex) - unset($cpdb[$unsetindex]); + /* if vouchers are configured, activate session timeouts */ + if (!$timedout && isset($config['voucher']['enable']) && !empty($cpdb[$i][7])) { + if (time() >= ($cpdb[$i][0] + $cpdb[$i][7])) { + $timedout = true; + $term_cause = 5; // Session-Timeout + } + } + + /* if radius session_timeout is enabled and the session_timeout is not null, then check if the user should be logged out */ + if (!$timedout && isset($config['captiveportal']['radiussession_timeout']) && !empty($cpdb[$i][7])) { + if (time() >= ($cpdb[$i][0] + $cpdb[$i][7])) { + $timedout = true; + $term_cause = 5; // Session-Timeout + } + } + + if ($timedout) { + captiveportal_disconnect($cpdb[$i], $radiusservers,$term_cause,$stop_time); + captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2], "TIMEOUT"); + $unsetindexes[$i] = $i; + } + + /* do periodic RADIUS reauthentication? */ + if (!$timedout && !empty($radiusservers)) { + if (isset($config['captiveportal']['radacct_enable'])) { + if ($config['captiveportal']['reauthenticateacct'] == "stopstart") { + /* stop and restart accounting */ + RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno + $cpdb[$i][4], // username + $cpdb[$i][5], // sessionid + $cpdb[$i][0], // start time + $radiusservers, + $cpdb[$i][2], // clientip + $cpdb[$i][3], // clientmac + 10); // NAS Request + exec("/sbin/ipfw table 1 entryzerostats {$cpdb[$i][2]}"); + exec("/sbin/ipfw table 2 entryzerostats {$cpdb[$i][2]}"); + RADIUS_ACCOUNTING_START($cpdb[$i][1], // ruleno + $cpdb[$i][4], // username + $cpdb[$i][5], // sessionid + $radiusservers, + $cpdb[$i][2], // clientip + $cpdb[$i][3]); // clientmac + } else if ($config['captiveportal']['reauthenticateacct'] == "interimupdate") { + RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno + $cpdb[$i][4], // username + $cpdb[$i][5], // sessionid + $cpdb[$i][0], // start time + $radiusservers, + $cpdb[$i][2], // clientip + $cpdb[$i][3], // clientmac + 10, // NAS Request + true); // Interim Updates + } + } - /* write database */ - captiveportal_write_db($cpdb); + /* check this user against RADIUS again */ + if (isset($config['captiveportal']['reauthenticate'])) { + $auth_list = RADIUS_AUTHENTICATION($cpdb[$i][4], // username + base64_decode($cpdb[$i][6]), // password + $radiusservers, + $cpdb[$i][2], // clientip + $cpdb[$i][3], // clientmac + $cpdb[$i][1]); // ruleno + if ($auth_list['auth_val'] == 3) { + captiveportal_disconnect($cpdb[$i], $radiusservers, 17); + captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2], "RADIUS_DISCONNECT", $auth_list['reply_message']); + $unsetindexes[$i] = $i; + } + } + } + } + /* This is a kludge to overcome some php weirdness */ + foreach($unsetindexes as $unsetindex) + unset($cpdb[$unsetindex]); - unlock($captiveportallck); + /* write database */ + captiveportal_write_db($cpdb); } /* remove a single client according to the DB entry */ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_time = null) { - global $g, $config; $stop_time = (empty($stop_time)) ? time() : $stop_time; @@ -874,15 +846,15 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t /* this client needs to be deleted - remove ipfw rules */ if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { RADIUS_ACCOUNTING_STOP($dbent[1], // ruleno - $dbent[4], // username - $dbent[5], // sessionid - $dbent[0], // start time - $radiusservers, - $dbent[2], // clientip - $dbent[3], // clientmac - $term_cause, // Acct-Terminate-Cause - false, - $stop_time); + $dbent[4], // username + $dbent[5], // sessionid + $dbent[0], // start time + $radiusservers, + $dbent[2], // clientip + $dbent[3], // clientmac + $term_cause, // Acct-Terminate-Cause + false, + $stop_time); } /* Delete client's ip entry from tables 3 and 4. */ mwexec("/sbin/ipfw table 1 delete {$dbent[2]}"); @@ -908,22 +880,17 @@ function captiveportal_disconnect($dbent, $radiusservers,$term_cause = 1,$stop_t /* remove a single client by ipfw rule number */ function captiveportal_disconnect_client($id,$term_cause = 1) { - global $g, $config; - $captiveportallck = lock('captiveportal'); - /* read database */ $cpdb = captiveportal_read_db(); $radiusservers = captiveportal_get_radius_servers(); /* find entry */ - $tmpindex = 0; - $cpdbcount = count($cpdb); - for ($i = 0; $i < $cpdbcount; $i++) { - if ($cpdb[$i][1] == $id) { - captiveportal_disconnect($cpdb[$i], $radiusservers, $term_cause); - captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2], "DISCONNECT"); + foreach ($cpdb as $i => $cpentry) { + if ($cpentry[1] == $id) { + captiveportal_disconnect($cpentry, $radiusservers, $term_cause); + captiveportal_logportalauth($cpentry[4], $cpentry[3], $cpentry[2], "DISCONNECT"); unset($cpdb[$i]); break; } @@ -931,61 +898,53 @@ function captiveportal_disconnect_client($id,$term_cause = 1) { /* write database */ captiveportal_write_db($cpdb); - - unlock($captiveportallck); } /* send RADIUS acct stop for all current clients */ -function captiveportal_radius_stop_all($lock = false) { - global $g, $config; +function captiveportal_radius_stop_all() { + global $config; if (!isset($config['captiveportal']['radacct_enable'])) return; - if (!$lock) - $captiveportallck = lock('captiveportal'); - - $cpdb = captiveportal_read_db(); - $radiusservers = captiveportal_get_radius_servers(); if (!empty($radiusservers)) { - for ($i = 0; $i < count($cpdb); $i++) { - RADIUS_ACCOUNTING_STOP($cpdb[$i][1], // ruleno - $cpdb[$i][4], // username - $cpdb[$i][5], // sessionid - $cpdb[$i][0], // start time - $radiusservers, - $cpdb[$i][2], // clientip - $cpdb[$i][3], // clientmac - 7); // Admin Reboot + $cpdb = captiveportal_read_db(); + foreach ($cpdb as $cpentry) { + RADIUS_ACCOUNTING_STOP($cpentry[1], // ruleno + $cpentry[4], // username + $cpentry[5], // sessionid + $cpentry[0], // start time + $radiusservers, + $cpentry[2], // clientip + $cpentry[3], // clientmac + 7); // Admin Reboot } } - if (!$lock) - unlock($captiveportallck); } function captiveportal_passthrumac_configure_entry($macent) { $rules = ""; - $enBwup = isset($macent['bw_up']); - $enBwdown = isset($macent['bw_down']); + $enBwup = isset($macent['bw_up']); + $enBwdown = isset($macent['bw_down']); $actionup = "allow"; $actiondown = "allow"; - if ($enBwup && $enBwdown) - $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true); - else - $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false); + if ($enBwup && $enBwdown) + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true); + else + $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false); if ($enBwup) { - $bw_up = $ruleno + 20000; - $rules .= "pipe {$bw_up} config bw {$macent['bw_up']}Kbit/s queue 100\n"; + $bw_up = $ruleno + 20000; + $rules .= "pipe {$bw_up} config bw {$macent['bw_up']}Kbit/s queue 100\n"; $actionup = "pipe {$bw_up}"; - } - if ($enBwdown) { + } + if ($enBwdown) { $bw_down = $ruleno + 20001; $rules .= "pipe {$bw_down} config bw {$macent['bw_down']}Kbit/s queue 100\n"; $actiondown = "pipe {$bw_down}"; - } + } $rules .= "add {$ruleno} {$actiondown} ip from any to any MAC {$macent['mac']} any\n"; $ruleno++; $rules .= "add {$ruleno} {$actionup} ip from any to any MAC any {$macent['mac']}\n"; @@ -1028,80 +987,126 @@ function captiveportal_passthrumac_findbyname($username) { */ function captiveportal_allowedip_configure_entry($ipent) { + /* This function can deal with hostname or ipaddress */ + if($ipent['ip']) + $ipaddress = $ipent['ip']; + + /* Instead of copying this entire function for something + * easy such as hostname vs ip address add this check + */ + if($ipent['hostname']) { + $ipaddress = gethostbyname($ipent['hostname']); + if(!is_ipaddr($ipaddress)) + return; + } + $rules = ""; - $enBwup = isset($ipent['bw_up']); - $enBwdown = isset($ipent['bw_down']); + $enBwup = intval($ipent['bw_up']); + $enBwdown = intval($ipent['bw_down']); $bw_up = ""; - $bw_down = ""; - $tablein = array(); - $tableout = array(); + $bw_down = ""; + $tablein = array(); + $tableout = array(); - if ($enBwup && $enBwdown) + if (intval($enBwup) > 0 or intval($enBwdown) > 0) $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true); else $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false); - if ($ipent['dir'] == "from") { - if ($enBwup) - $tablein[] = 5; - else - $tablein[] = 3; - if ($enBwdown) - $tableout[] = 6; - else - $tableout[] = 4; - } else if ($ipent['dir'] == "to") { - if ($enBwup) - $tablein[] = 9; - else - $tablein[] = 7; - if ($enBwdown) - $tableout[] = 10; - else - $tableout[] = 8; - } else if ($ipent['dir'] == "both") { - if ($enBwup) { - $tablein[] = 5; - $tablein[] = 9; - } else { - $tablein[] = 3; - $tablein[] = 7; - } - if ($enBwdown) { - $tableout[] = 6; - $tableout[] = 10; - } else { - $tableout[] = 4; - $tableout[] = 8; - } - } - if ($enBwup) { - $bw_up = $ruleno + 20000; - $rules .= "pipe {$bw_up} config bw {$ipent['bw_up']}Kbit/s queue 100\n"; - } + if ($ipent['dir'] == "from") { + if ($enBwup) + $tablein[] = 5; + else + $tablein[] = 3; + if ($enBwdown) + $tableout[] = 6; + else + $tableout[] = 4; + } else if ($ipent['dir'] == "to") { + if ($enBwup) + $tablein[] = 9; + else + $tablein[] = 7; + if ($enBwdown) + $tableout[] = 10; + else + $tableout[] = 8; + } else if ($ipent['dir'] == "both") { + if ($enBwup) { + $tablein[] = 5; + $tablein[] = 9; + } else { + $tablein[] = 3; + $tablein[] = 7; + } + if ($enBwdown) { + $tableout[] = 6; + $tableout[] = 10; + } else { + $tableout[] = 4; + $tableout[] = 8; + } + } + if ($enBwup) { + $bw_up = $ruleno + 20000; + $rules .= "pipe {$bw_up} config bw {$ipent['bw_up']}Kbit/s queue 100\n"; + } $subnet = ""; if (!empty($ipent['sn'])) $subnet = "/{$ipent['sn']}"; foreach ($tablein as $table) - $rules .= "table {$table} add {$ipent['ip']}{$subnet} {$bw_up}\n"; - if ($enBwdown) { - $bw_down = $ruleno + 20001; - $rules .= "pipe {$bw_down} config bw {$ipent['bw_down']}Kbit/s queue 100\n"; - } - foreach ($tableout as $table) - $rules .= "table {$table} add {$ipent['ip']}{$subnet} {$bw_down}\n"; + $rules .= "table {$table} add {$ipaddress}{$subnet} {$bw_up}\n"; + if ($enBwdown) { + $bw_down = $ruleno + 20001; + $rules .= "pipe {$bw_down} config bw {$ipent['bw_down']}Kbit/s queue 100\n"; + } + foreach ($tableout as $table) + $rules .= "table {$table} add {$ipaddress}{$subnet} {$bw_down}\n"; return $rules; } +/* + Adds a dnsfilter entry and watches for hostname changes. + A change results in reloading the ruleset. +*/ +function setup_dnsfilter_entries() { + global $g, $config; + + $cp_filterdns_filename = "{$g['varetc_path']}/filterdns-captiveportal.conf"; + $cp_filterdns_conf = ""; + if (is_array($config['captiveportal']['allowedhostname'])) { + foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) { + $cp_filterdns_conf .= "ipfw $hostnameent 3 '/etc/rc.captiveportal_configure'\n"; + $cp_filterdns_conf .= "ipfw $hostnameent 4 '/etc/rc.captiveportal_configure'\n"; + $cp_filterdns_conf .= "ipfw $hostnameent 7 '/etc/rc.captiveportal_configure'\n"; + $cp_filterdns_conf .= "ipfw $hostnameent 8 '/etc/rc.captiveportal_configure'\n"; + } + } + file_put_contents($cp_filterdns_filename, $cp_filterdns_conf); + killbypid("{$g['tmp_path']}/filterdns-cpah.pid"); + mwexec("/usr/local/sbin/filterdns -p {$g['tmp_path']}/filterdns-cpah.pid -i 300 -c {$cp_filterdns_filename} -d 1"); +} + +function captiveportal_allowedhostname_configure() { + global $config, $g; + + $rules = "\n# captiveportal_allowedhostname_configure()\n"; + setup_dnsfilter_entries(); + if (is_array($config['captiveportal']['allowedhostname'])) { + foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) + $rules .= captiveportal_allowedip_configure_entry($hostnameent); + } + return $rules; +} + function captiveportal_allowedip_configure() { global $config, $g; $rules = ""; if (is_array($config['captiveportal']['allowedip'])) { - foreach ($config['captiveportal']['allowedip'] as $ipent) { + foreach ($config['captiveportal']['allowedip'] as $ipent) $rules .= captiveportal_allowedip_configure_entry($ipent); - } } return $rules; @@ -1123,42 +1128,84 @@ function captiveportal_get_last_activity($ip) { return 0; } +function captiveportal_init_radius_servers() { + global $config, $g; + + /* generate radius server database */ + if ($config['captiveportal']['radiusip'] && (!isset($config['captiveportal']['auth_method']) || + ($config['captiveportal']['auth_method'] == "radius"))) { + $radiusip = $config['captiveportal']['radiusip']; + $radiusip2 = ($config['captiveportal']['radiusip2']) ? $config['captiveportal']['radiusip2'] : null; + + if ($config['captiveportal']['radiusport']) + $radiusport = $config['captiveportal']['radiusport']; + else + $radiusport = 1812; + if ($config['captiveportal']['radiusacctport']) + $radiusacctport = $config['captiveportal']['radiusacctport']; + else + $radiusacctport = 1813; + if ($config['captiveportal']['radiusport2']) + $radiusport2 = $config['captiveportal']['radiusport2']; + else + $radiusport2 = 1812; + $radiuskey = $config['captiveportal']['radiuskey']; + $radiuskey2 = ($config['captiveportal']['radiuskey2']) ? $config['captiveportal']['radiuskey2'] : null; + + $cprdsrvlck = lock('captiveportalradius', LOCK_EX); + $fd = @fopen("{$g['vardb_path']}/captiveportal_radius.db", "w"); + if (!$fd) { + captiveportal_syslog("Error: cannot open radius DB file in captiveportal_configure().\n"); + unlock($cprdsrvlck); + return 1; + } else if (isset($radiusip2, $radiuskey2)) + fwrite($fd,$radiusip . "," . $radiusport . "," . $radiusacctport . "," . $radiuskey . "\n" + . $radiusip2 . "," . $radiusport2 . "," . $radiusacctport . "," . $radiuskey2); + else + fwrite($fd,$radiusip . "," . $radiusport . "," . $radiusacctport . "," . $radiuskey); + fclose($fd); + unlock($cprdsrvlck); + } +} + /* read RADIUS servers into array */ function captiveportal_get_radius_servers() { + global $g; - global $g; - - if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { - $radiusservers = array(); - $cpradiusdb = file("{$g['vardb_path']}/captiveportal_radius.db", + $cprdsrvlck = lock('captiveportalradius'); + if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { + $radiusservers = array(); + $cpradiusdb = file("{$g['vardb_path']}/captiveportal_radius.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); - if ($cpradiusdb) - foreach($cpradiusdb as $cpradiusentry) { - $line = trim($cpradiusentry); - if ($line) { - $radsrv = array(); - list($radsrv['ipaddr'],$radsrv['port'],$radsrv['acctport'],$radsrv['key']) = explode(",",$line); - $radiusservers[] = $radsrv; - } + if ($cpradiusdb) { + foreach($cpradiusdb as $cpradiusentry) { + $line = trim($cpradiusentry); + if ($line) { + $radsrv = array(); + list($radsrv['ipaddr'],$radsrv['port'],$radsrv['acctport'],$radsrv['key']) = explode(",",$line); + $radiusservers[] = $radsrv; + } + } + } + unlock($cprdsrvlck); + return $radiusservers; } - return $radiusservers; - } - - return false; + unlock($cprdsrvlck); + return false; } /* log successful captive portal authentication to syslog */ /* part of this code from php.net */ function captiveportal_logportalauth($user,$mac,$ip,$status, $message = null) { - $message = trim($message); // Log it if (!$message) $message = "$status: $user, $mac, $ip"; - else + else { + $message = trim($message); $message = "$status: $user, $mac, $ip, $message"; + } captiveportal_syslog($message); - closelog(); } /* log simple messages to syslog */ @@ -1172,91 +1219,78 @@ function captiveportal_syslog($message) { } function radius($username,$password,$clientip,$clientmac,$type) { - global $g, $config; - - /* Start locking from the beginning of an authentication session */ - $captiveportallck = lock('captiveportal'); - - $ruleno = captiveportal_get_next_ipfw_ruleno(); - - /* If the pool is empty, return appropriate message and fail authentication */ - if (is_null($ruleno)) { - $auth_list = array(); - $auth_list['auth_val'] = 1; - $auth_list['error'] = gettext("System reached maximum login capacity"); - unlock($captiveportallck); - return $auth_list; - } - - /* - * Drop the lock since radius takes some time to finish. - * The implementation is reentrant so we gain speed with this. - */ - unlock($captiveportallck); - - $radiusservers = captiveportal_get_radius_servers(); - - $auth_list = RADIUS_AUTHENTICATION($username, - $password, - $radiusservers, - $clientip, - $clientmac, - $ruleno); + global $g, $config; - $captiveportallck = lock('captiveportal'); + $ruleno = captiveportal_get_next_ipfw_ruleno(); - if ($auth_list['auth_val'] == 2) { - captiveportal_logportalauth($username,$clientmac,$clientip,$type); - $sessionid = portal_allow($clientip, - $clientmac, - $username, - $password, - $auth_list, - $ruleno); - } + /* If the pool is empty, return appropriate message and fail authentication */ + if (is_null($ruleno)) { + $auth_list = array(); + $auth_list['auth_val'] = 1; + $auth_list['error'] = "System reached maximum login capacity"; + return $auth_list; + } - unlock($captiveportallck); + $radiusservers = captiveportal_get_radius_servers(); - return $auth_list; + $auth_list = RADIUS_AUTHENTICATION($username, + $password, + $radiusservers, + $clientip, + $clientmac, + $ruleno); + + if ($auth_list['auth_val'] == 2) { + captiveportal_logportalauth($username,$clientmac,$clientip,$type); + $sessionid = portal_allow($clientip, + $clientmac, + $username, + $password, + $auth_list, + $ruleno); + } + return $auth_list; } /* read captive portal DB into array */ function captiveportal_read_db() { + global $g; + + $cpdb = array(); - global $g; - - $cpdb = array(); - $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "r"); - if ($fd) { - while (!feof($fd)) { - $line = trim(fgets($fd)); - if ($line) { - $cpdb[] = explode(",", $line); - } - } - fclose($fd); - } - return $cpdb; + $cpdblck = lock('captiveportaldb'); + $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "r"); + if ($fd) { + while (!feof($fd)) { + $line = trim(fgets($fd)); + if ($line) + $cpdb[] = explode(",", $line); + } + fclose($fd); + } + unlock($cpdblck); + return $cpdb; } /* write captive portal DB */ function captiveportal_write_db($cpdb) { - - global $g; - - $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "w"); - if ($fd) { - foreach ($cpdb as $cpent) { - fwrite($fd, join(",", $cpent) . "\n"); - } - fclose($fd); - } + global $g; + + $cpdblck = lock('captiveportaldb', LOCK_EX); + $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "w"); + if ($fd) { + foreach ($cpdb as $cpent) { + fwrite($fd, join(",", $cpent) . "\n"); + } + fclose($fd); + } + unlock($cpdblck); } function captiveportal_write_elements() { global $g, $config; - + /* delete any existing elements */ if (is_dir($g['captiveportal_element_path'])) { $dh = opendir($g['captiveportal_element_path']); @@ -1265,8 +1299,9 @@ function captiveportal_write_elements() { unlink($g['captiveportal_element_path'] . "/" . $file); } closedir($dh); - } else + } else { @mkdir($g['captiveportal_element_path']); + } if (is_array($config['captiveportal']['element'])) { conf_mount_rw(); @@ -1285,7 +1320,7 @@ function captiveportal_write_elements() { } conf_mount_ro(); } - + return 0; } @@ -1308,16 +1343,17 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang if(!isset($config['captiveportal']['enable'])) return NULL; + $cpruleslck = lock('captiveportalrules', LOCK_EX); $ruleno = 0; if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); for ($ridx = 2; $ridx < ($rulenos_range_max - $rulenos_start); $ridx++) { if ($rules[$ridx]) { /* - * This allows our traffic shaping pipes to be the in pipe the same as ruleno - * and the out pipe ruleno + 1. This removes limitation that where present in - * previous version of the peruserbw. - */ + * This allows our traffic shaping pipes to be the in pipe the same as ruleno + * and the out pipe ruleno + 1. This removes limitation that where present in + * previous version of the peruserbw. + */ if (isset($config['captiveportal']['peruserbw'])) $ridx++; continue; @@ -1334,6 +1370,7 @@ function captiveportal_get_next_ipfw_ruleno($rulenos_start = 2000, $rulenos_rang $ruleno = 2; } file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); + unlock($cpruleslck); return $ruleno; } @@ -1343,6 +1380,7 @@ function captiveportal_free_ipfw_ruleno($ruleno, $usedbw = false) { if(!isset($config['captiveportal']['enable'])) return NULL; + $cpruleslck = lock('captiveportalrules', LOCK_EX); if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); $rules[$ruleno] = false; @@ -1350,21 +1388,26 @@ function captiveportal_free_ipfw_ruleno($ruleno, $usedbw = false) { $rules[++$ruleno] = false; file_put_contents("{$g['vardb_path']}/captiveportal.rules", serialize($rules)); } + unlock($cpruleslck); } function captiveportal_get_ipfw_passthru_ruleno($value) { global $config, $g; if(!isset($config['captiveportal']['enable'])) - return NULL; + return NULL; - if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { - $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); + $cpruleslck = lock('captiveportalrules', LOCK_EX); + if (file_exists("{$g['vardb_path']}/captiveportal.rules")) { + $rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules")); $ruleno = intval(`/sbin/ipfw show | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`); - if ($rules[$ruleno]) + if ($rules[$ruleno]) { + unlock($cpruleslck); return $ruleno; - } + } + } + unlock($cpruleslck); return NULL; } @@ -1381,31 +1424,31 @@ function captiveportal_get_ipfw_passthru_ruleno($value) { function getVolume($ip) { - $volume = array(); + $volume = array(); - // Initialize vars properly, since we don't want NULL vars - $volume['input_pkts'] = $volume['input_bytes'] = $volume['output_pkts'] = $volume['output_bytes'] = 0 ; + // Initialize vars properly, since we don't want NULL vars + $volume['input_pkts'] = $volume['input_bytes'] = $volume['output_pkts'] = $volume['output_bytes'] = 0 ; - // Ingress - $ipfwin = ""; - $ipfwout = ""; - $matchesin = ""; - $matchesout = ""; - exec("/sbin/ipfw table 1 entrystats {$ip}", $ipfwin); - if ($ipfwin[0]) { + // Ingress + $ipfwin = ""; + $ipfwout = ""; + $matchesin = ""; + $matchesout = ""; + exec("/sbin/ipfw table 1 entrystats {$ip}", $ipfwin); + if ($ipfwin[0]) { $ipfwin = split(" ", $ipfwin[0]); $volume['input_pkts'] = $ipfwin[2]; $volume['input_bytes'] = $ipfwin[3]; - } + } - exec("/sbin/ipfw table 2 entrystats {$ip}", $ipfwout); - if ($ipfwout[0]) { - $ipfwout = split(" ", $ipfwout[0]); - $volume['output_pkts'] = $ipfwout[2]; - $volume['output_bytes'] = $ipfwout[3]; - } + exec("/sbin/ipfw table 2 entrystats {$ip}", $ipfwout); + if ($ipfwout[0]) { + $ipfwout = split(" ", $ipfwout[0]); + $volume['output_pkts'] = $ipfwout[2]; + $volume['output_bytes'] = $ipfwout[3]; + } - return $volume; + return $volume; } /** @@ -1415,11 +1458,11 @@ function getVolume($ip) { */ function getNasID() { - $nasId = ""; - exec("/bin/hostname", $nasId); - if(!$nasId[0]) - $nasId[0] = "{$g['product_name']}"; - return $nasId[0]; + $nasId = ""; + exec("/bin/hostname", $nasId); + if(!$nasId[0]) + $nasId[0] = "{$g['product_name']}"; + return $nasId[0]; } /** @@ -1433,17 +1476,17 @@ function getNasIP() { global $config; - if (empty($config['captiveportal']['radiussrcip_attribute'])) - $nasIp = get_interface_ip(); - else { + if (empty($config['captiveportal']['radiussrcip_attribute'])) { + $nasIp = get_interface_ip(); + } else { if (is_ipaddr($config['captiveportal']['radiussrcip_attribute'])) - $nasIp = $config['captiveportal']['radiussrcip_attribute']; - else - $nasIp = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); + $nasIp = $config['captiveportal']['radiussrcip_attribute']; + else + $nasIp = get_interface_ip($config['captiveportal']['radiussrcip_attribute']); } - if(!is_ipaddr($nasIp)) - $nasIp = "0.0.0.0"; + if(!is_ipaddr($nasIp)) + $nasIp = "0.0.0.0"; return $nasIp; } diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index e82baba..7d19045 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -286,6 +286,7 @@ function csr_get_subject($str_crt, $decode = true) { if (!is_array($components)) return "unknown"; + ksort($components); foreach ($components as $a => $v) { if (!strlen($subject)) $subject = "{$a}={$v}"; @@ -307,13 +308,15 @@ function cert_get_subject($str_crt, $decode = true) { if (!is_array($components)) return "unknown"; + ksort($components); foreach ($components as $a => $v) { - if (is_array($v)) + if (is_array($v)) { + ksort($v); foreach ($v as $w) { $asubject = "{$a}={$w}"; $subject = (strlen($subject)) ? "{$asubject}, {$subject}" : $asubject; } - else { + } else { $asubject = "{$a}={$v}"; $subject = (strlen($subject)) ? "{$asubject}, {$subject}" : $asubject; } @@ -561,4 +564,4 @@ function is_crl_internal($crl) { return !(!empty($crl['text']) && empty($crl['cert'])); } -?>
\ No newline at end of file +?> diff --git a/etc/inc/config.console.inc b/etc/inc/config.console.inc index 40b765e..536c976 100644 --- a/etc/inc/config.console.inc +++ b/etc/inc/config.console.inc @@ -319,6 +319,8 @@ EOD; if (in_array($key, array('y', 'Y'))) { if($lanif) { + if (!is_array($config['interfaces']['lan'])) + $config['interfaces']['lan'] = array(); $config['interfaces']['lan']['if'] = $lanif; $config['interfaces']['lan']['enable'] = true; } elseif (!$g['booting'] && !$auto_assign) { @@ -332,7 +334,7 @@ unload the interface now? [y|n]? EODD; if (strcasecmp(chop(fgets($fp)), "y") == 0) { - if($config['interfaces']['lan']['if']) + if(isset($config['interfaces']['lan']) && $config['interfaces']['lan']['if']) mwexec("/sbin/ifconfig " . $config['interfaces']['lan']['if'] . " delete"); } if(isset($config['interfaces']['lan'])) @@ -372,9 +374,12 @@ EODD; (!is_array($config['interfaces']['lan']['wireless']))) $config['interfaces']['lan']['wireless'] = array(); } else { - unset($config['interfaces']['lan']['wireless']); + if (isset($config['interfaces']['lan'])) + unset($config['interfaces']['lan']['wireless']); } + if (!is_array($config['interfaces']['wan'])) + $config['interfaces']['wan'] = array(); $config['interfaces']['wan']['if'] = $wanif; $config['interfaces']['wan']['enable'] = true; if (preg_match($g['wireless_regex'], $wanif)) { @@ -382,7 +387,8 @@ EODD; (!is_array($config['interfaces']['wan']['wireless']))) $config['interfaces']['wan']['wireless'] = array(); } else { - unset($config['interfaces']['wan']['wireless']); + if (isset($config['interfaces']['wan'])) + unset($config['interfaces']['wan']['wireless']); } for ($i = 0; $i < count($optif); $i++) { @@ -420,13 +426,7 @@ EODD; $g['booting'] = false; - /* XXX: ermal - disable it for now this is used during bootup at best so shouldn't be needed. - * For now just comment it out and later remove it completely. - * resync everything - reload_all_sync(); - */ - - echo " " . gettext("done!") . "\n"; + echo gettext(" done!") . "\n"; touch("{$g['tmp_path']}/assign_complete"); diff --git a/etc/inc/config.gui.inc b/etc/inc/config.gui.inc index cd38049..1a7e397 100644 --- a/etc/inc/config.gui.inc +++ b/etc/inc/config.gui.inc @@ -54,11 +54,6 @@ if($config_parsed == true) else $config_parsed = true; -// Set the memory limit to 128M. When someone has something like 500+ tunnels -// the parser needs quite a bit of ram. Do not remove this line unless you -// know what you are doing. If in doubt, check with dev@ _/FIRST/_! -ini_set("memory_limit","128M"); - /* include globals from notices.inc /utility/XML parser files */ require_once('config.lib.inc'); require_once("notices.inc"); diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index e985aa8..9f0b736 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -53,30 +53,33 @@ ******/ function encrypted_configxml() { global $g, $config; - if(file_exists($g['conf_path'] . "/config.xml")) { - if($g['booting']) { - $configtxt = file_get_contents($g['conf_path'] . "/config.xml"); - if(tagfile_deformat($configtxt, $configtxt, "config.xml")) { - $fp = fopen('php://stdin', 'r'); + + if (!file_exists($g['conf_path'] . "/config.xml")) + return; + + if (!$g['booting']) + return; + + $configtxt = file_get_contents($g['conf_path'] . "/config.xml"); + if(tagfile_deformat($configtxt, $configtxt, "config.xml")) { + $fp = fopen('php://stdin', 'r'); + $data = ""; + echo "\n\n*** Encrypted config.xml detected ***\n"; + while($data == "") { + echo "\nEnter the password to decrypt config.xml: "; + $decrypt_password = chop(fgets($fp)); + $data = decrypt_data($configtxt, $decrypt_password); + if(!strstr($data, "<pfsense>")) $data = ""; - echo "\n\n" . gettext("*** Encrypted config.xml detected ***") . "\n"; - while($data == "") { - echo "\n" . gettext("Enter the password to decrypt config.xml:") . " "; - $decrypt_password = chop(fgets($fp)); - $data = decrypt_data($configtxt, $decrypt_password); - if(!strstr($data, "<pfsense>")) - $data = ""; - if($data) { - $fd = fopen($g['conf_path'] . "/config.xml.tmp", "w"); - fwrite($fd, $data); - fclose($fd); - exec("/bin/mv {$g['conf_path']}/config.xml.tmp {$g['conf_path']}/config.xml"); - echo "\n" . gettext("Config.xml unlocked.") . "\n"; - fclose($fp); - } else { - echo "\n" . gettext("Invalid password entered. Please try again.") . "\n"; - } - } + if($data) { + $fd = fopen($g['conf_path'] . "/config.xml.tmp", "w"); + fwrite($fd, $data); + fclose($fd); + exec("/bin/mv {$g['conf_path']}/config.xml.tmp {$g['conf_path']}/config.xml"); + echo "\n" . gettext("Config.xml unlocked.") . "\n"; + fclose($fp); + } else { + echo "\n" . gettext("Invalid password entered. Please try again.") . "\n"; } } } @@ -92,9 +95,10 @@ function encrypted_configxml() { ******/ function parse_config($parse = false) { global $g, $config_parsed, $config_extra; - + $lockkey = lock('config'); $config_parsed = false; + if (!file_exists("{$g['conf_path']}/config.xml") || filesize("{$g['conf_path']}/config.xml") == 0) { $last_backup = discover_last_backup(); if($last_backup) { @@ -106,12 +110,17 @@ function parse_config($parse = false) { die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.")); } } - if($g['booting']) echo "."; + + if($g['booting']) + echo "."; + // Check for encrypted config.xml encrypted_configxml(); + if(!$parse) { - if(file_exists($g['tmp_path'] . '/config.cache')) { + if (file_exists($g['tmp_path'] . '/config.cache')) { $config = unserialize(file_get_contents($g['tmp_path'] . '/config.cache')); +<<<<<<< HEAD if(is_null($config)) { unlock($lockkey); parse_config(true); @@ -139,6 +148,19 @@ function parse_config($parse = false) { if($g['booting']) echo "."; log_error(gettext("No config.xml found, attempting last known config restore.")); file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", ""); +======= + if (is_null($config)) + $parse = true; + } else + $parse = true; + } + if ($parse == true) { + if(!file_exists($g['conf_path'] . "/config.xml")) { + if($g['booting']) + echo "."; + log_error("No config.xml found, attempting last known config restore."); + file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", ""); +>>>>>>> master $last_backup = discover_last_backup(); if ($last_backup) restore_backup("/cf/conf/backup/{$last_backup}"); @@ -149,7 +171,7 @@ function parse_config($parse = false) { } } $config = parse_xml_config($g['conf_path'] . '/config.xml', array($g['xml_rootobj'], 'pfsense')); - if($config == "-1") { + if($config == -1) { $last_backup = discover_last_backup(); if ($last_backup) restore_backup("/cf/conf/backup/{$last_backup}"); @@ -161,11 +183,15 @@ function parse_config($parse = false) { } generate_config_cache($config); } - if($g['booting']) echo "."; - alias_make_table($config); + + if($g['booting']) + echo "."; + $config_parsed = true; unlock($lockkey); + alias_make_table($config); + return $config; } @@ -226,7 +252,8 @@ function restore_backup($file) { function parse_config_bootup() { global $config, $g; - if($g['booting']) echo "."; + if($g['booting']) + echo "."; $lockkey = lock('config'); if (!file_exists("{$g['conf_path']}/config.xml")) { @@ -249,7 +276,12 @@ function parse_config_bootup() { restore_backup("/cf/conf/backup/{$last_backup}"); } if(!file_exists("{$g['conf_path']}/config.xml")) { +<<<<<<< HEAD echo sprintf(gettext("XML configuration file not found. %s cannot continue booting."), $g['product_name']) . "\n"; +======= + echo "XML configuration file not found. {$g['product_name']} cannot continue booting.\n"; + unlock($lockkey); +>>>>>>> master mwexec("/sbin/halt"); exit; } @@ -348,6 +380,9 @@ function conf_mount_ro() { if($g['platform'] == "cdrom" or $g['platform'] == "pfSense") return; + if($g['booting']) + return; + if (refcount_unreference(1000) > 0) return; @@ -411,10 +446,14 @@ function convert_config() { log_error(sprintf(gettext("Ended Configuration upgrade at %s"), $now)); if ($prev_version != $config['version']) +<<<<<<< HEAD write_config(sprintf(gettext('Upgraded config version level from %1$s to %2$s'), $prev_version, $config['version'])); if($g['booting']) echo gettext("Loading new configuration..."); +======= + write_config("Upgraded config version level from {$prev_version} to {$config['version']}"); +>>>>>>> master } /****f* config/safe_write_file @@ -481,12 +520,22 @@ function write_config($desc="Unknown", $backup = true) { * for now, since it was preventing config saving. */ // $config = parse_config(true, false, false); +<<<<<<< HEAD if($g['bootup']) log_error(gettext("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml")); +======= + if($g['booting']) + log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml"); +>>>>>>> master + + $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username']; if($backup) backup_config(); + if (!is_array($config['revision'])) + $config['revision'] = array(); + if (time() > mktime(0, 0, 0, 9, 1, 2004)) /* make sure the clock settings are plausible */ $config['revision']['time'] = time(); @@ -494,8 +543,8 @@ function write_config($desc="Unknown", $backup = true) { if ($desc == "Unknown") $desc = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']); - $config['revision']['description'] = "{$_SESSION['Username']}: " . $desc; - $config['revision']['username'] = $_SESSION["Username"]; + $config['revision']['description'] = "{$username}: " . $desc; + $config['revision']['username'] = $username; conf_mount_rw(); $lockkey = lock('config', LOCK_EX); @@ -755,7 +804,7 @@ function cleanup_backupcache($revisions = 30, $lock = false) { foreach($tocache as $version => $versioninfo) { if(!in_array($version, array_keys($newcache))) { unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml'); - if($g['booting']) print " " . $tocheck . "d"; + //if($g['booting']) print " " . $tocheck . "d"; } } $tocache = $newcache; diff --git a/etc/inc/cram_md5_sasl_client.inc b/etc/inc/cram_md5_sasl_client.inc new file mode 100644 index 0000000..69bd625 --- /dev/null +++ b/etc/inc/cram_md5_sasl_client.inc @@ -0,0 +1,67 @@ +<?php +/* + * cram_md5_sasl_client.php + * + * @(#) $Id: cram_md5_sasl_client.php,v 1.3 2004/11/17 08:00:37 mlemos Exp $ + * + */ + +define("SASL_CRAM_MD5_STATE_START", 0); +define("SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE", 1); +define("SASL_CRAM_MD5_STATE_DONE", 2); + +class cram_md5_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_CRAM_MD5_STATE_START; + + Function Initialize(&$client) + { + return(1); + } + + Function HMACMD5($key,$text) + { + $key=(strlen($key)<64 ? str_pad($key,64,"\0") : substr($key,0,64)); + return(md5((str_repeat("\x5c", 64)^$key).pack("H32", md5((str_repeat("\x36", 64)^$key).$text)))); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_CRAM_MD5_STATE_START) + { + $client->error="CRAM-MD5 authentication state is not at the start"; + return(SASL_FAIL); + } + $this->credentials=array( + "user"=>"", + "password"=>"" + ); + $defaults=array(); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + $this->state=SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE; + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { + case SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE: + $message=$this->credentials["user"]." ".$this->HMACMD5($this->credentials["password"], $response); + $this->state=SASL_CRAM_MD5_STATE_DONE; + break; + case SASL_CRAM_MD5_STATE_DONE: + $client->error="CRAM-MD5 authentication was finished without success"; + return(SASL_FAIL); + default: + $client->error="invalid CRAM-MD5 authentication step state"; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/crypt.inc b/etc/inc/crypt.inc index dc40eb9..582a84c 100644 --- a/etc/inc/crypt.inc +++ b/etc/inc/crypt.inc @@ -85,12 +85,12 @@ $body_pos = $btag_pos + $btag_len; $body_len = strlen($in); - $body_len -= strlen($btag_len); - $body_len -= strlen($etag_len); + $body_len -= $btag_len; + $body_len -= $etag_len + 1; $out = substr($in, $body_pos, $body_len); return true; } -?>
\ No newline at end of file +?> diff --git a/etc/inc/digest_sasl_client.inc b/etc/inc/digest_sasl_client.inc new file mode 100644 index 0000000..924887d --- /dev/null +++ b/etc/inc/digest_sasl_client.inc @@ -0,0 +1,135 @@ +<?php +/* + * digest_sasl_client.php + * + * @(#) $Id: digest_sasl_client.php,v 1.1 2005/10/27 05:24:15 mlemos Exp $ + * + */ + +define('SASL_DIGEST_STATE_START', 0); +define('SASL_DIGEST_STATE_RESPOND_CHALLENGE', 1); +define('SASL_DIGEST_STATE_DONE', 2); + +class digest_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_DIGEST_STATE_START; + + Function unq($string) + { + return(($string[0]=='"' && $string[strlen($string)-1]=='"') ? substr($string, 1, strlen($string)-2) : $string); + } + + Function H($data) + { + return md5($data); + } + + Function KD($secret, $data) + { + return $this->H($secret.':'.$data); + } + + Function Initialize(&$client) + { + return(1); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_DIGEST_STATE_START) + { + $client->error='Digest authentication state is not at the start'; + return(SASL_FAIL); + } + $this->credentials=array( + 'user'=>'', + 'password'=>'', + 'uri'=>'', + 'method'=>'', + 'session'=>'' + ); + $defaults=array(); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + $this->state=SASL_DIGEST_STATE_RESPOND_CHALLENGE; + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { + case SASL_DIGEST_STATE_RESPOND_CHALLENGE: + $values=explode(',',$response); + $parameters=array(); + for($v=0; $v<count($values); $v++) + $parameters[strtok(trim($values[$v]), '=')]=strtok(''); + + $message='username="'.$this->credentials['user'].'"'; + if(!IsSet($parameters[$p='realm']) + && !IsSet($parameters[$p='nonce'])) + { + $client->error='Digest authentication parameter '.$p.' is missing from the server response'; + return(SASL_FAIL); + } + $message.=', realm='.$parameters['realm']; + $message.=', nonce='.$parameters['nonce']; + $message.=', uri="'.$this->credentials['uri'].'"'; + if(IsSet($parameters['algorithm'])) + { + $algorithm=$this->unq($parameters['algorithm']); + $message.=', algorithm='.$parameters['algorithm']; + } + else + $algorithm=''; + + $realm=$this->unq($parameters['realm']); + $nonce=$this->unq($parameters['nonce']); + if(IsSet($parameters['qop'])) + { + switch($qop=$this->unq($parameters['qop'])) + { + case "auth": + $cnonce=$this->credentials['session']; + break; + default: + $client->error='Digest authentication quality of protection '.$qop.' is not yet supported'; + return(SASL_FAIL); + } + } + $nc_value='00000001'; + if(IsSet($parameters['qop']) + && !strcmp($algorithm, 'MD5-sess')) + $A1=$this->H($this->credentials['user'].':'. $realm.':'. $this->credentials['password']).':'.$nonce.':'.$cnonce; + else + $A1=$this->credentials['user'].':'. $realm.':'. $this->credentials['password']; + $A2=$this->credentials['method'].':'.$this->credentials['uri']; + if(IsSet($parameters['qop'])) + $response=$this->KD($this->H($A1), $nonce.':'. $nc_value.':'. $cnonce.':'. $qop.':'. $this->H($A2)); + else + $response=$this->KD($this->H($A1), $nonce.':'. $this->H($A2)); + $message.=', response="'.$response.'"'; + if(IsSet($parameters['opaque'])) + $message.=', opaque='.$parameters['opaque']; + if(IsSet($parameters['qop'])) + $message.=', qop="'.$qop.'"'; + $message.=', nc='.$nc_value; + if(IsSet($parameters['qop'])) + $message.=', cnonce="'.$cnonce.'"'; + $client->encode_response=0; + $this->state=SASL_DIGEST_STATE_DONE; + break; + case SASL_DIGEST_STATE_DONE: + $client->error='Digest authentication was finished without success'; + return(SASL_FAIL); + default: + $client->error='invalid Digest authentication step state'; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index 785c902..da8844e 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -827,10 +827,7 @@ log_error("DynDns: Current WAN IP: {$wan_ip}"); if (file_exists($this->_cacheFile)) { - if(file_exists($this->_cacheFile)) - $contents = file_get_contents($this->_cacheFile); - else - $contents = ""; + $contents = file_get_contents($this->_cacheFile); list($cacheIP,$cacheTime) = split(':', $contents); $this->_debug($cacheIP.'/'.$cacheTime); $initial = false; @@ -933,4 +930,4 @@ } -?>
\ No newline at end of file +?> diff --git a/etc/inc/easyrule.inc b/etc/inc/easyrule.inc index da1377d..96864b1 100644 --- a/etc/inc/easyrule.inc +++ b/etc/inc/easyrule.inc @@ -164,9 +164,9 @@ function easyrule_block_alias_add($host, $int = 'wan') { $alias['detail'] = $a_aliases[$id]['detail'] . gettext('Entry added') . ' ' . date('r') . '||'; } else { /* Create a new alias with all the proper information */ - $alias['name'] = $blockaliasname . strtoupper($int); - $alias['type'] = 'network'; - $alias['descr'] = mb_convert_encoding(gettext("Hosts blocked from Firewall Log view"),"HTML-ENTITIES","auto"); + $alias['name'] = $blockaliasname . strtoupper($int); + $alias['type'] = 'network'; + $alias['descr'] = gettext("Hosts blocked from Firewall Log view"); $alias['address'] = $host . '/32'; $alias['detail'] = gettext('Entry added') . ' ' . date('r') . '||'; diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8d0d9f2..6de6425 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -39,6 +39,7 @@ */ /* DISABLE_PHP_LINT_CHECKING */ +// vim: ts=4 sw=4 noexpandtab /* include all configuration functions */ @@ -184,9 +185,8 @@ function filter_configure_sync() { global $config, $g, $after_filter_configure_run, $FilterIflist; global $time_based_rules, $filterdns, $aliases; - /* Use filter lock to not allow recursion and config lock to prevent changes during this run. */ + /* Use filter lock to not allow concurrent filter reloads during this run. */ $filterlck = lock('filter', LOCK_EX); - $configlck = lock('config'); filter_pflog_start(); @@ -241,7 +241,6 @@ function filter_configure_sync() { update_filter_reload_status(gettext("Filter is disabled. Not loading rules.")); if($g['booting'] == true) echo gettext("done.") . "\n"; - unlock($configlck); unlock($filterlck); return; } @@ -298,8 +297,7 @@ function filter_configure_sync() { $rules .= discover_pkg_rules("filter"); if(!file_put_contents("{$g['tmp_path']}/rules.debug", $rules, LOCK_EX)) { - log_error(gettext("WARNING: Could not write new rules!")); - unlock($configlck); + log_error("WARNING: Could not write new rules!"); unlock($filterlck); return; } @@ -335,11 +333,9 @@ function filter_configure_sync() { if(is_array($line_split)) $line_error = sprintf(gettext('The line in question reads [%1$d]: %2$s'), $line_number, $line_split[$line_number-1]); if($line_error and $line_number) { - $error_msg = sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $rules_error, $line_error); - file_notice("filter_load", $error_msg, "Filter Reload", ""); - log_error($error_msg); - update_filter_reload_status($error_msg); - unlock($configlck); + file_notice("filter_load", sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $rules_error, $line_error), "Filter Reload", ""); + log_error("There were error(s) loading the rules: {$rules_error} - {$line_error}"); + update_filter_reload_status(sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $rules_error, $line_error)); unlock($filterlck); return; } @@ -388,8 +384,6 @@ function filter_configure_sync() { fclose($fda); } - unlock($configlck); - if(file_exists("{$g['tmp_path']}/commands.txt")) { mwexec("sh {$g['tmp_path']}/commands.txt &"); unlink("{$g['tmp_path']}/commands.txt"); @@ -479,7 +473,7 @@ function filter_generate_nested_alias($name, $alias, &$aliasnesting, &$aliasaddr $tmpline = filter_generate_nested_alias($address, $aliastable[$address], $aliasnesting, $aliasaddrnesting); } else if(!isset($aliasaddrnesting[$address])) { if(!is_ipaddr($address) && !is_subnet($address) && !is_port($address)) { - $filterdns .= "{$address} = {$name}\n"; + $filterdns .= "pf {$address} {$name}\n"; continue; } $aliasaddrnesting[$address] = $address; @@ -1094,13 +1088,18 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_ } /* Generate a 'nat on' or 'no nat on' rule for given interface */ -function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false, $proto = "") { +function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "any", $dstport = "", $natip = "", $natport = "", $nonat = false, $staticnatport = false, $proto = "", $poolopts = "") { global $config, $FilterIflist; /* XXX: billm - any idea if this code is needed? */ if($src == "/32" || $src{0} == "/") return "# src incorrectly specified\n"; if($natip != "") { - $tgt = "{$natip}/32"; + if (is_subnet($natip)) + $tgt = $natip; + elseif (is_alias($natip)) + $tgt = "\${$natip}"; + else + $tgt = "{$natip}/32"; } else { $natip = get_interface_ip($if); if(is_ipaddr($natip)) @@ -1132,18 +1131,17 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " if($dstport != "") $dst .= " port {$dstport}"; /* outgoing static-port option, hamachi, Grandstream, VOIP, etc */ + $staticnatport_txt = ""; if($staticnatport) - $staticnatport_txt = " static-port"; - else - if(!$natport) - $staticnatport_txt = " port 1024:65535"; // set source port range - else - $staticnatport_txt = ""; + $staticnatport_txt = "static-port"; + elseif(!$natport) + $tgt .= " port 1024:65535"; // set source port range /* Allow for negating NAT entries */ if($nonat) { $nat = "no nat"; $target = ""; $staticnatport_txt = ""; + $poolopts = ""; } else { $nat = "nat"; $target = "-> {$tgt}"; @@ -1151,7 +1149,7 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " $if_friendly = $FilterIflist[$if]['descr']; /* Put all the pieces together */ if($if_friendly) - $natrule = "{$nat} on \${$if_friendly} {$protocol} from {$src} to {$dst} {$target}{$staticnatport_txt}\n"; + $natrule = "{$nat} on \${$if_friendly} {$protocol} from {$src} to {$dst} {$target} {$poolopts} {$staticnatport_txt}\n"; else $natrule .= "# Could not convert {$if} to friendly name(alias)\n"; return $natrule; @@ -1244,6 +1242,9 @@ function filter_nat_rules_generate() { else $natif = $obent['interface']; + $obtarget = ($obent['target'] == "other-subnet") ? $obent['targetip'] . '/' . $obent['targetip_subnet']: $obent['target']; + $poolopts = (is_subnet($obtarget) || is_alias($obtarget)) ? $obent['poolopts'] : ""; + if (!isset($FilterIflist[$natif])) continue; @@ -1252,11 +1253,12 @@ function filter_nat_rules_generate() { $obent['sourceport'], $dst, $obent['dstport'], - $obent['target'], + $obtarget, $obent['natport'], isset($obent['nonat']), isset($obent['staticnatport']), - $obent['protocol'] + $obent['protocol'], + $poolopts ); } } @@ -1346,6 +1348,8 @@ function filter_nat_rules_generate() { } if($numberofnathosts > 0): foreach ($FilterIflist as $if => $ifcfg) { + if (substr($ifcfg['if'], 0, 4) == "ovpn") + continue; update_filter_reload_status(sprintf(gettext('Creating outbound rules %1$s - (%2$s)'), $if, $ifcfg['descr'])); if(interface_has_gateway($if)) { $target = $ifcfg['ip']; @@ -1543,7 +1547,7 @@ function filter_generate_user_rule_arr($rule) { $ret['rule'] = $line; $ret['interface'] = $rule['interface']; if($rule['descr'] != "" and $line != "") - $ret['descr'] = "label \"USER_RULE: " . str_replace('"', '', substr($rule['descr'], 0, 63)) . "\""; + $ret['descr'] = "label \"USER_RULE: " . str_replace('"', '', substr($rule['descr'], 0, 52)) . "\""; else $ret['descr'] = "label \"USER_RULE\""; @@ -1972,42 +1976,6 @@ function filter_rules_generate() { $ipfrules = ""; //$ipfrules .= discover_pkg_rules("filter"); - /* if captive portal is enabled, ensure that access to this port - * is allowed on a locked down interface - */ - if(isset($config['captiveportal']['enable'])) { - $cpinterfaces = explode(",", $config['captiveportal']['interface']); - $cpiflist = array(); - $cpiplist = array(); - foreach ($cpinterfaces as $cpifgrp) { - if(!isset($FilterIflist[$cpifgrp])) - continue; - $tmpif = get_real_interface($cpifgrp); - if(!empty($tmpif)) { - $cpiflist[] = "{$tmpif}"; - $cpipm = get_interface_ip($cpifgrp); - if(is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $cpiflist[] = $carpif; - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) - $cpiplist[] = $carpip; - } - } - $cpiplist[] = $cpipm; - } - } - } - if (count($cpiplist) > 0 && count($cpiflist) > 0) { - $cpinterface = implode(" ", $cpiflist); - $cpaddresses = implode(" ", $cpiplist); - $ipfrules .= "pass in quick on { {$cpinterface} } proto tcp from any to { {$cpaddresses} } port { 8000 8001 } keep state(sloppy)\n"; - $ipfrules .= "pass out quick on { {$cpinterface} } proto tcp from { {$cpaddresses} } port { 8000 8001 } to any keep state(sloppy)\n"; - } - } /* relayd */ $ipfrules .= "anchor \"relayd/*\"\n"; # BEGIN OF firewall rules @@ -2078,6 +2046,43 @@ EOD; */ $ipfrules .= "block in quick from <virusprot> to any label \"virusprot overload table\"\n"; + /* if captive portal is enabled, ensure that access to this port + * is allowed on a locked down interface + */ + if(isset($config['captiveportal']['enable'])) { + $cpinterfaces = explode(",", $config['captiveportal']['interface']); + $cpiflist = array(); + $cpiplist = array(); + foreach ($cpinterfaces as $cpifgrp) { + if(!isset($FilterIflist[$cpifgrp])) + continue; + $tmpif = get_real_interface($cpifgrp); + if(!empty($tmpif)) { + $cpiflist[] = "{$tmpif}"; + $cpipm = get_interface_ip($cpifgrp); + if(is_ipaddr($cpipm)) { + $carpif = link_ip_to_carp_interface($cpipm); + if (!empty($carpif)) { + $cpiflist[] = $carpif; + $carpsif = explode(" ", $carpif); + foreach ($carpsif as $cpcarp) { + $carpip = find_interface_ip($cpcarp); + if (is_ipaddr($carpip)) + $cpiplist[] = $carpip; + } + } + $cpiplist[] = $cpipm; + } + } + } + if (count($cpiplist) > 0 && count($cpiflist) > 0) { + $cpinterface = implode(" ", $cpiflist); + $cpaddresses = implode(" ", $cpiplist); + $ipfrules .= "pass in {$log} quick on { {$cpinterface} } proto tcp from any to { {$cpaddresses} } port { 8000 8001 } keep state(sloppy)\n"; + $ipfrules .= "pass out {$log} quick on { {$cpinterface} } proto tcp from any to any flags any keep state(sloppy)\n"; + } + } + $bogontableinstalled = 0; foreach ($FilterIflist as $on => $oc) { /* block bogon networks */ @@ -2167,7 +2172,6 @@ EOD; pass in on \$loopback all label "pass loopback" pass out on \$loopback all label "pass loopback" - EOD; $ipfrules .= <<<EOD @@ -2766,6 +2770,4 @@ function discover_pkg_rules($ruletype) { return $rules; } -// vim: ts=4 sw=4 noexpandtab - ?> diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index ba97ba0..6f64478 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -3,7 +3,7 @@ /* globals.inc part of pfSense (www.pfsense.com) - Copyright (C) 2004-2006 Scott Ullrich + Copyright (C) 2004-2010 Scott Ullrich Originally Part of m0n0wall Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. @@ -80,7 +80,7 @@ $g = array( "product_name" => "pfSense", "product_copyright" => "BSD Perimeter LLC", "product_copyright_url" => "http://www.bsdperimeter.com", - "product_copyright_years" => "2004 - 2010", + "product_copyright_years" => "2004 - 2011", "product_website" => "www.pfsense.org", "product_website_footer" => "http://www.pfsense.org/?gui20", "product_email" => "coreteam@pfsense.org", @@ -89,7 +89,7 @@ $g = array( "disablehelpmenu" => false, "disablehelpicon" => false, "debug" => false, - "latest_config" => "7.5", + "latest_config" => "7.6", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "105", "minimum_ram_warning_text" => "128 MB", @@ -110,10 +110,7 @@ $g = array( // Loop through and set vlan_long_frame VLAN_MTU $vlan_native_supp = get_nics_with_capabilities("vlanmtu"); -if(count($vlan_native_supp) > 0) - $g['vlan_long_frame'] = $vlan_native_supp; -else - $g['vlan_long_frame'] = array("vge", "bfe", "bge", "dc", "em", "fxp", "gem", "hme", "ixgb", "le", "lem", "nge", "re", "rl", "sis", "sk", "ste", "ti", "tl", "tx", "txp", "vr", "xl", "lagg"); +$g['vlan_long_frame'] = array_merge(array("vge", "bfe", "bge", "dc", "em", "fxp", "gem", "hme", "ixgb", "le", "lem", "nge", "re", "rl", "sis", "sk", "ste", "ti", "tl", "tx", "txp", "vr", "xl", "lagg"), (array)$vlan_native_supp); /* IP TOS flags */ $iptos = array("lowdelay", "throughput", "reliability"); @@ -162,7 +159,9 @@ $sysctls = array("net.inet.ip.portrange.first" => "1024", "net.inet.tcp.log_debug" => "0", "net.inet.tcp.tso" => "1", "net.inet.icmp.icmplim" => "0", - "vfs.read_max" => "32" + "vfs.read_max" => "32", + "kern.ipc.maxsockbuf" => "4262144", + "debug.pfftpproxy" => "0" ); $config_parsed = false; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index ba8d217..60201bd 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -84,6 +84,85 @@ function does_interface_exist($interface) { return false; } +function interface_netgraph_needed($interface = "wan") { + global $config; + + $found = false; + if (!empty($config['pptpd']) && + $config['pptpd']['mode'] == "server") + $found = true; + if ($found == false && !empty($config['l2tp']) && + $config['l2tp']['mode'] == "server") + $found = true; + if ($found == false && is_array($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoe) { + if ($pppoe['mode'] != "server") + continue; + if ($pppoe['interface'] == $interface) + $found = true; + break; + } + } + if ($found == false) { + if (!empty($config['interfaces'][$interface])) { + switch ($config['interfaces'][$interface]['ipaddr']) { + case "ppp": + case "pppoe": + case "l2tp": + case "pptp": + $found = true; + break; + default: + $found = false; + break; + } + } + } + if ($found == false) { + $realif = get_real_interface($interface); + if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + +/* This if block doesn't do anything. It can be deleted. +PPP interfaces are found above in the previous if ($found == false) block. +This block of code is only entered for OPTx interfaces that are configured for PPPoE modem access, so $realif != $ppp['if'] + + if ($realif == $ppp['if']) { + $found = true; + break; + } +*/ + $ports = explode(',',$ppp['ports']); + foreach($ports as $pid => $port){ + $port = get_real_interface($port); + if ($realif == $port) { + $found = true; + break; + } + /* Find the parent interfaces of the vlans in the MLPPP configs + * there should be only one element in the array here + * -- this could be better . . . */ + $parent_if = get_parent_interface($port); + if ($realif == $parent_if[0]) { + $found = true; + break; + } + } + } + } + } + + if ($found == false) { + $realif = get_real_interface($interface); + pfSense_ngctl_detach("{$realif}:", $realif); + } + /* NOTE: We make sure for this on interface_ppps_configure() + * no need to do it here agan. + * else + * pfSense_ngctl_attach(".", $realif); + */ +} + function interfaces_loopback_configure() { if($g['booting']) echo gettext("Configuring loopback interface..."); @@ -873,13 +952,15 @@ function interface_bring_down($interface = "wan", $destroy = false) { if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { foreach ($config['ppps']['ppp'] as $pppid => $ppp) { if ($realif == $ppp['if']) { - if (file_exists("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid")) { - killbypid("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid"); - sleep(5); + if (isset($ppp['ondemand']) && !$destroy){ + send_event("interface reconfigure {$interface}"); + break; + } + if (file_exists("{$g['varrun_path']}/{$ppp['type']}_{$interface}.pid")) { + killbypid("{$g['varrun_path']}/{$ppp['type']}_{$interface}.pid"); + sleep(2); } unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf"); - if (isset($ppp['ondemand']) && !$destroy) - send_event("interface reconfigure {$interface}"); break; } } @@ -893,7 +974,7 @@ function interface_bring_down($interface = "wan", $destroy = false) { case "dhcp": $pid = find_dhclient_process($realif); if($pid) - mwexec("kill {$pid}"); + mwexec("/bin/kill {$pid}"); sleep(1); unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf"); if(does_interface_exist("$realif")) { @@ -1117,6 +1198,7 @@ function interface_ppps_configure($interface) { case "pppoe": /* Bring the parent interface up */ interfaces_bring_up($port); + pfSense_ngctl_attach(".", $port); break; case "pptp": case "l2tp": @@ -1147,6 +1229,7 @@ function interface_ppps_configure($interface) { log_error(sprintf(gettext('Could not get a PPTP/L2TP Remote IP address from %1$s for %2$s in interfaces_ppps_configure.'), $dhcp_gateway, $gway)); return 0; } + pfSense_ngctl_attach(".", $port); break; case "ppp": if (!file_exists("{$port}")) { @@ -1442,7 +1525,7 @@ EOD; conf_mount_ro(); } } - + /* fire up mpd */ mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/{$ppp['type']}_{$interface}.pid -s ppp {$ppp['type']}client"); @@ -1749,7 +1832,10 @@ function interface_carp_configure(&$vip) { get_interface_arr(true); $broadcast_address = gen_subnet_max($vip['subnet'], $vip['subnet_bits']); - mwexec("/sbin/ifconfig {$vipif} {$vip['subnet']}/{$vip['subnet_bits']} vhid {$vip['vhid']} advskew {$vip['advskew']} advbase {$vip['advbase']} {$password}"); + $advbase = ""; + if (!empty($vip['advbase'])) + $advbase = "advbase {$vip['advbase']}"; + mwexec("/sbin/ifconfig {$vipif} {$vip['subnet']}/{$vip['subnet_bits']} vhid {$vip['vhid']} advskew {$vip['advskew']} {$advbase} {$password}"); interfaces_bring_up($vipif); @@ -2387,7 +2473,7 @@ function find_dhclient_process($interface) { else $pid = 0; - return $pid; + return intval($pid); } function interface_configure($interface = "wan", $reloadall = false, $linkupevent = false) { @@ -2397,7 +2483,9 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven $wancfg = $config['interfaces'][$interface]; $realif = get_real_interface($interface); - $realhwif = interface_translate_type_to_real($interface); + $realhwif_array = get_parent_interface($interface); + // Need code to handle MLPPP if we ever use $realhwif for MLPPP handling + $realhwif = $realhwif_array[0]; if (!$g['booting']) { /* remove all IPv4 addresses */ @@ -2408,7 +2496,6 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven case 'l2tp': case 'pptp': case 'ppp': - interface_bring_down($interface, true); break; default: interface_bring_down($interface); @@ -2554,6 +2641,8 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven if(does_interface_exist($wancfg['if'])) interfaces_bring_up($wancfg['if']); + + interface_netgraph_needed($interface); if (!$g['booting']) { link_interface_to_vips($interface, "update"); @@ -2759,9 +2848,13 @@ function convert_real_interface_to_friendly_interface_name($interface = "wan") { if (stristr($interface, "_wlan0") && $config['interfaces'][$if]['if'] == interface_get_wireless_base($interface)) return $if; - $int = interface_translate_type_to_real($if); - if ($int == $interface) + // XXX: This case doesn't work anymore (segfaults - recursion?) - should be replaced with something else or just removed. + // Not to be replaced with get_real_interface - causes slow interface listings here because of recursion! + /* + $int = get_parent_interface($if); + if ($int[0] == $interface) return $ifname; + */ } return NULL; } @@ -2831,37 +2924,63 @@ function convert_real_interface_to_friendly_descr($interface) { } /* - * interface_translate_type_to_real($interface): - * returns the real hardware interface name for a friendly interface. ie: wan + * get_parent_interface($interface): + * --returns the (real or virtual) parent interface(s) array for a given interface friendly name (i.e. wan) + * or virtual interface (i.e. vlan) + * (We need array because MLPPP and bridge interfaces have more than one parent.) + * -- returns $interface passed in if $interface parent is not found + * -- returns empty array if an invalid interface is passed + * (Only handles ppps and vlans now.) */ -function interface_translate_type_to_real($interface) { - global $config; +function get_parent_interface($interface) { + global $config; - if (empty($config['interfaces'][$interface])) - return $interface; - $tmpif = $config['interfaces'][$interface]; - switch ($tmpif['type']) { - case "ppp": - case "pppoe": - case "pptp": - case "l2tp": - if (is_array($config['ppps']['ppp'])) { - foreach ($config['ppps']['ppp'] as $pppidx => $ppp) { - if ($tmpif['if'] == $ppp['if']) { - $interface = $ppp['ports']; - break; - } - } + $parents = array(); + //Check that we got a valid interface passed + $realif = get_real_interface($interface); + if ($realif == NULL) + return $parents; + + // If we got a real interface, find it's friendly assigned name + $interface = convert_real_interface_to_friendly_interface_name($interface); + + if (!empty($interface) && isset($config['interfaces'][$interface])) { + $ifcfg = $config['interfaces'][$interface]; + switch ($ifcfg['ipaddr']) { + case "ppp": + case "pppoe": + case "pptp": + case "l2tp": + if (empty($parents)) + if (is_array($config['ppps']['ppp'])) + foreach ($config['ppps']['ppp'] as $pppidx => $ppp) { + if ($ppp_if == $ppp['if']) { + $ports = explode(',', $ppp['ports']); + foreach ($ports as $pid => $parent_if) + $parents[$pid] = get_real_interface($parent_if); + break; + } + } + break; + case "dhcp": + case "static": + default: + // Handle _vlans + if (strstr($realif,"_vlan")) + if (is_array($config['vlans']['vlan'])) + foreach ($config['vlans']['vlan'] as $vlanidx => $vlan) + if ($ifcfg['if'] == $vlan['vlanif']){ + $parents[0] = $vlan['if']; + break; + } + break; } - break; - case "dhcp": - case "static": - default: - $interface = $tmpif['if']; - break; } - - return $interface; + + if (empty($parents)) + $parents[0] = $realif; + + return $parents; } function interface_is_wireless_clone($wlif) { @@ -3406,10 +3525,9 @@ function get_wireless_modes($interface) { /* return wireless modes and channels */ $wireless_modes = array(); - $wlif = interface_translate_type_to_real($interface); + $cloned_interface = get_real_interface($interface); - if(is_interface_wireless($wlif)) { - $cloned_interface = get_real_interface($interface); + if($cloned_interface && is_interface_wireless($cloned_interface)) { $chan_list = "/sbin/ifconfig {$cloned_interface} list chan"; $stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'"; $format_list = "/usr/bin/awk '{print \$5 \" \" \$6 \",\" \$1}'"; @@ -3452,10 +3570,9 @@ function get_wireless_modes($interface) { function get_wireless_channel_info($interface) { $wireless_channels = array(); - $wlif = interface_translate_type_to_real($interface); + $cloned_interface = get_real_interface($interface); - if(is_interface_wireless($wlif)) { - $cloned_interface = get_real_interface($interface); + if($cloned_interface && is_interface_wireless($cloned_interface)) { $chan_list = "/sbin/ifconfig {$cloned_interface} list txpower"; $stack_list = "/usr/bin/awk -F\"Channel \" '{ gsub(/\\*/, \" \"); print \$2 \"\\\n\" \$3 }'"; $format_list = "/usr/bin/awk '{print \$1 \",\" \$3 \" \" \$4 \",\" \$5 \",\" \$7}'"; diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index 6637c72..109bf18 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -469,4 +469,21 @@ function ipsec_mobilekey_sort() { usort($config['ipsec']['mobilekey'], "mobilekeycmp"); } +function ipsec_get_number_of_phase2($ikeid) { + global $config; + $a_phase2 = $config['ipsec']['phase2']; + + $nbph2=0; + + if (is_array($a_phase2) && count($a_phase2)) { + foreach ($a_phase2 as $ph2tmp) { + if ($ph2tmp['ikeid'] == $ikeid) { + $nbph2++; + } + } + } + + return $nbph2; +} + ?> diff --git a/etc/inc/login_sasl_client.inc b/etc/inc/login_sasl_client.inc new file mode 100644 index 0000000..923d16e --- /dev/null +++ b/etc/inc/login_sasl_client.inc @@ -0,0 +1,69 @@ +<?php +/* + * login_sasl_client.php + * + * @(#) $Id: login_sasl_client.php,v 1.2 2004/11/17 08:00:37 mlemos Exp $ + * + */ + +define("SASL_LOGIN_STATE_START", 0); +define("SASL_LOGIN_STATE_IDENTIFY_USER", 1); +define("SASL_LOGIN_STATE_IDENTIFY_PASSWORD", 2); +define("SASL_LOGIN_STATE_DONE", 3); + +class login_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_LOGIN_STATE_START; + + Function Initialize(&$client) + { + return(1); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_LOGIN_STATE_START) + { + $client->error="LOGIN authentication state is not at the start"; + return(SASL_FAIL); + } + $this->credentials=array( + "user"=>"", + "password"=>"", + "realm"=>"" + ); + $defaults=array( + "realm"=>"" + ); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + $this->state=SASL_LOGIN_STATE_IDENTIFY_USER; + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { + case SASL_LOGIN_STATE_IDENTIFY_USER: + $message=$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : ""); + $this->state=SASL_LOGIN_STATE_IDENTIFY_PASSWORD; + break; + case SASL_LOGIN_STATE_IDENTIFY_PASSWORD: + $message=$this->credentials["password"]; + $this->state=SASL_LOGIN_STATE_DONE; + break; + case SASL_LOGIN_STATE_DONE: + $client->error="LOGIN authentication was finished without success"; + break; + default: + $client->error="invalid LOGIN authentication step state"; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc index 6f410da..b0e95c5 100644 --- a/etc/inc/notices.inc +++ b/etc/inc/notices.inc @@ -283,6 +283,7 @@ function notify_via_smtp($message) { return; } + require_once("sasl.inc"); require_once("smtp.inc"); $smtp = new smtp_class; @@ -306,7 +307,7 @@ function notify_via_smtp($message) { if($config['notifications']['smtp']['username'] && $config['notifications']['smtp']['password']) { $smtp->authentication_mechanism = "PLAIN"; - $smtp->username = $config['notifications']['smtp']['username']; + $smtp->user = $config['notifications']['smtp']['username']; $smtp->password = $config['notifications']['smtp']['password']; } diff --git a/etc/inc/ntlm_sasl_client.inc b/etc/inc/ntlm_sasl_client.inc new file mode 100644 index 0000000..406edf2 --- /dev/null +++ b/etc/inc/ntlm_sasl_client.inc @@ -0,0 +1,180 @@ +<?php +/* + * ntlm_sasl_client.php + * + * @(#) $Id: ntlm_sasl_client.php,v 1.3 2004/11/17 08:00:37 mlemos Exp $ + * + */ + +define("SASL_NTLM_STATE_START", 0); +define("SASL_NTLM_STATE_IDENTIFY_DOMAIN", 1); +define("SASL_NTLM_STATE_RESPOND_CHALLENGE", 2); +define("SASL_NTLM_STATE_DONE", 3); + +class ntlm_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_NTLM_STATE_START; + + Function Initialize(&$client) + { + if(!function_exists($function="mcrypt_encrypt") + || !function_exists($function="mhash")) + { + $extensions=array( + "mcrypt_encrypt"=>"mcrypt", + "mhash"=>"mhash" + ); + $client->error="the extension ".$extensions[$function]." required by the NTLM SASL client class is not available in this PHP configuration"; + return(0); + } + return(1); + } + + Function ASCIIToUnicode($ascii) + { + for($unicode="",$a=0;$a<strlen($ascii);$a++) + $unicode.=substr($ascii,$a,1).chr(0); + return($unicode); + } + + Function TypeMsg1($domain,$workstation) + { + $domain_length=strlen($domain); + $workstation_length=strlen($workstation); + $workstation_offset=32; + $domain_offset=$workstation_offset+$workstation_length; + return( + "NTLMSSP\0". + "\x01\x00\x00\x00". + "\x07\x32\x00\x00". + pack("v",$domain_length). + pack("v",$domain_length). + pack("V",$domain_offset). + pack("v",$workstation_length). + pack("v",$workstation_length). + pack("V",$workstation_offset). + $workstation. + $domain + ); + } + + Function NTLMResponse($challenge,$password) + { + $unicode=$this->ASCIIToUnicode($password); + $md4=mhash(MHASH_MD4,$unicode); + $padded=$md4.str_repeat(chr(0),21-strlen($md4)); + $iv_size=mcrypt_get_iv_size(MCRYPT_DES,MCRYPT_MODE_ECB); + $iv=mcrypt_create_iv($iv_size,MCRYPT_RAND); + for($response="",$third=0;$third<21;$third+=7) + { + for($packed="",$p=$third;$p<$third+7;$p++) + $packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT); + for($key="",$p=0;$p<strlen($packed);$p+=7) + { + $s=substr($packed,$p,7); + $b=$s.((substr_count($s,"1") % 2) ? "0" : "1"); + $key.=chr(bindec($b)); + } + $ciphertext=mcrypt_encrypt(MCRYPT_DES,$key,$challenge,MCRYPT_MODE_ECB,$iv); + $response.=$ciphertext; + } + return $response; + } + + Function TypeMsg3($ntlm_response,$user,$domain,$workstation) + { + $domain_unicode=$this->ASCIIToUnicode($domain); + $domain_length=strlen($domain_unicode); + $domain_offset=64; + $user_unicode=$this->ASCIIToUnicode($user); + $user_length=strlen($user_unicode); + $user_offset=$domain_offset+$domain_length; + $workstation_unicode=$this->ASCIIToUnicode($workstation); + $workstation_length=strlen($workstation_unicode); + $workstation_offset=$user_offset+$user_length; + $lm=""; + $lm_length=strlen($lm); + $lm_offset=$workstation_offset+$workstation_length; + $ntlm=$ntlm_response; + $ntlm_length=strlen($ntlm); + $ntlm_offset=$lm_offset+$lm_length; + $session=""; + $session_length=strlen($session); + $session_offset=$ntlm_offset+$ntlm_length; + return( + "NTLMSSP\0". + "\x03\x00\x00\x00". + pack("v",$lm_length). + pack("v",$lm_length). + pack("V",$lm_offset). + pack("v",$ntlm_length). + pack("v",$ntlm_length). + pack("V",$ntlm_offset). + pack("v",$domain_length). + pack("v",$domain_length). + pack("V",$domain_offset). + pack("v",$user_length). + pack("v",$user_length). + pack("V",$user_offset). + pack("v",$workstation_length). + pack("v",$workstation_length). + pack("V",$workstation_offset). + pack("v",$session_length). + pack("v",$session_length). + pack("V",$session_offset). + "\x01\x02\x00\x00". + $domain_unicode. + $user_unicode. + $workstation_unicode. + $lm. + $ntlm + ); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_NTLM_STATE_START) + { + $client->error="NTLM authentication state is not at the start"; + return(SASL_FAIL); + } + $this->credentials=array( + "user"=>"", + "password"=>"", + "realm"=>"", + "workstation"=>"" + ); + $defaults=array(); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + $this->state=SASL_NTLM_STATE_IDENTIFY_DOMAIN; + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { + case SASL_NTLM_STATE_IDENTIFY_DOMAIN: + $message=$this->TypeMsg1($this->credentials["realm"],$this->credentials["workstation"]); + $this->state=SASL_NTLM_STATE_RESPOND_CHALLENGE; + break; + case SASL_NTLM_STATE_RESPOND_CHALLENGE: + $ntlm_response=$this->NTLMResponse(substr($response,24,8),$this->credentials["password"]); + $message=$this->TypeMsg3($ntlm_response,$this->credentials["user"],$this->credentials["realm"],$this->credentials["workstation"]); + $this->state=SASL_NTLM_STATE_DONE; + break; + case SASL_NTLM_STATE_DONE: + $client->error="NTLM authentication was finished without success"; + return(SASL_FAIL); + default: + $client->error="invalid NTLM authentication step state"; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index 9ca76cf..35d79cd 100755 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -127,4 +127,4 @@ syslog(LOG_WARNING, "user {$username} authenticated\n"); exit(0); -?> +?>
\ No newline at end of file diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 5dc0233..9101c04 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -172,6 +172,23 @@ function openvpn_get_cipherlist() { return $ciphers; } +function openvpn_get_engines() { + $openssl_engines = array('none' => 'No Hardware Crypto Acceleration'); + exec("/usr/bin/openssl engine", $openssl_engine_output); + foreach ($openssl_engine_output as $oeo) { + $linematch = array(); + preg_match("/\((.*)\)\s(.*)/", $oeo, $linematch); + if ($linematch[1] != "dynamic") + $openssl_engines[$linematch[1]] = $linematch[2]; + } + return $openssl_engines; +} + +function openvpn_validate_engine($engine) { + $engines = openvpn_get_engines(); + return array_key_exists($engine, $engines); +} + function openvpn_validate_host($value, $name) { $value = trim($value); if (empty($value) || (!is_domain($value) && !is_ipaddr($value))) @@ -261,7 +278,7 @@ function openvpn_add_keyfile(& $data, & $conf, $mode_id, $directive, $opt = "") $conf .= "{$directive} {$fpath} {$opt}\n"; } -function openvpn_reconfigure($mode,& $settings) { +function openvpn_reconfigure($mode, $settings) { global $g, $config; if (empty($settings)) @@ -343,6 +360,9 @@ function openvpn_reconfigure($mode,& $settings) { $conf .= "local {$iface_ip}\n"; } + if (openvpn_validate_engine($settings['engine']) && ($settings['engine'] != "none")) + $conf .= "engine {$settings['engine']}\n"; + // server specific settings if ($mode == 'server') { @@ -431,6 +451,8 @@ function openvpn_reconfigure($mode,& $settings) { $conf .= "client-to-client\n"; break; } + if (isset($settings['duplicate_cn'])) + $conf .= "duplicate-cn\n"; } // client specific settings @@ -514,7 +536,7 @@ function openvpn_reconfigure($mode,& $settings) { openvpn_add_keyfile($crl['text'], $conf, $mode_id, "crl-verify"); } if ($settings['tls']) { - if (stristr($settings['mode'], "server")) + if ($mode == "server") $tlsopt = 0; else $tlsopt = 1; @@ -549,7 +571,7 @@ function openvpn_reconfigure($mode,& $settings) { @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.conf", 0600); } -function openvpn_restart($mode, & $settings) { +function openvpn_restart($mode, $settings) { global $g, $config; $vpnid = $settings['vpnid']; @@ -661,7 +683,7 @@ function openvpn_delete_csc(& $settings) { } // Resync the configuration and restart the VPN -function openvpn_resync($mode, & $settings) { +function openvpn_resync($mode, $settings) { openvpn_reconfigure($mode, $settings); openvpn_restart($mode, $settings); } @@ -696,9 +718,9 @@ function openvpn_resync_all($interface = "") { } */ if ($interface <> "") - log_error("Resyncing openvpn instances configurations for interface " . convert_friendly_interface_to_friendly_descr($interface) . "."); + log_error("Resyncing OpenVPN instances for interface " . convert_friendly_interface_to_friendly_descr($interface) . "."); else - log_error("Resyncing openvpn instances configurations."); + log_error("Resyncing OpenVPN instances."); if (is_array($config['openvpn']['openvpn-server'])) { foreach ($config['openvpn']['openvpn-server'] as & $settings) { diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index c5890d1..b6755c8 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1458,17 +1458,35 @@ function read_header($ch, $string) { function read_body($ch, $string) { global $fout, $file_size, $downloaded, $sendto, $static_status, $static_output, $lastseen; + global $pkg_interface; $length = strlen($string); $downloaded += intval($length); - $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0); - $downloadProgress = 100 - $downloadProgress; + if($file_size > 0) { + $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0); + $downloadProgress = 100 - $downloadProgress; + } else + $downloadProgress = 0; if($lastseen <> $downloadProgress and $downloadProgress < 101) { if($sendto == "status") { + if($pkg_interface == "console") { + if(substr($downloadProgress,2,1) == "0" || count($downloadProgress) < 2) { + $tostatus = $static_status . $downloadProgress . "%"; + update_status($tostatus); + } + } else { $tostatus = $static_status . $downloadProgress . "%"; - update_status($tostatus); + update_status($tostatus); + } } else { + if($pkg_interface == "console") { + if(substr($downloadProgress,2,1) == "0" || count($downloadProgress) < 2) { + $tooutput = $static_output . $downloadProgress . "%"; + update_output_window($tooutput); + } + } else { $tooutput = $static_output . $downloadProgress . "%"; update_output_window($tooutput); + } } update_progress_bar($downloadProgress); $lastseen = $downloadProgress; @@ -1486,7 +1504,9 @@ function update_output_window($text) { global $pkg_interface; $log = ereg_replace("\n", "\\n", $text); if($pkg_interface != "console") { - echo "\n<script language=\"JavaScript\">this.document.forms[0].output.value = \"" . $log . "\";</script>"; + echo "\n<script language=\"JavaScript\">\nthis.document.forms[0].output.value = \"" . $log . "\";\n"; + echo "this.document.forms[0].output.scrollTop = this.document.forms[0].output.scrollHeight;\n"; + echo "</script>"; } /* ensure that contents are written out */ ob_flush(); diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index e7bcd15..eb54b6d 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -98,7 +98,7 @@ conf_mount_ro(); * ******/ function remove_freebsd_package($packagestring) { - exec("/usr/sbin/pkg_delete -x {$packagestring}"); + exec("/usr/sbin/pkg_delete -x {$packagestring} 2>>/tmp/pkg_delete_errors.txt"); } /****f* pkg-utils/is_package_installed @@ -191,28 +191,34 @@ function get_pkg_sizes($pkgs = 'all') { * This function may also print output to the terminal indicating progress. */ function resync_all_package_configs($show_message = false) { - global $config, $pkg_interface; + global $config, $pkg_interface, $g; log_error(gettext("Resyncing configuration for all packages.")); + if (!is_array($config['installedpackages']['package'])) return; + if($show_message == true) echo "Syncing packages:"; conf_mount_rw(); + foreach($config['installedpackages']['package'] as $idx => $package) { if (empty($package['name'])) continue; if($show_message == true) echo " " . $package['name']; get_pkg_depends($package['name'], "all"); - stop_service($package['name']); + if($g['booting'] != true) + stop_service($package['name']); sync_package($idx, true, true); if($pkg_interface == "console") echo "\n" . gettext("Syncing packages:"); } + if($show_message == true) echo " done.\n"; + @unlink("/conf/needs_package_sync"); conf_mount_ro(); } @@ -222,6 +228,8 @@ function resync_all_package_configs($show_message = false) { * package is installed. */ function is_freebsd_pkg_installed($pkg) { + if(!$pkg) + return; $output = ""; exec("/usr/sbin/pkg_info -E \"{$pkg}*\"", $output, $retval); @@ -303,6 +311,18 @@ function get_pkg_depends($pkg_name, $filetype = ".xml", $format = "files", $retu function uninstall_package($pkg_name) { global $config, $static_output; + global $builder_package_install; + + // Back up /usr/local/lib libraries first if + // not running from the builder code. + if(!$builder_package_install) { + if(!file_exists("/tmp/pkg_libs.tgz")) { + $static_output .= "Backing up libraries... "; + update_output_window($static_output); + exec("/usr/bin/tar czPf /tmp/pkg_libs.tgz `/bin/cat /etc/pfSense_md5.txt | /usr/bin/grep 'local/lib' | /usr/bin/awk '{ print $2 }' | /usr/bin/cut -d'(' -f2 | /usr/bin/cut -d')' -f1`"); + $static_output .= "\n"; + } + } $id = get_pkg_id($pkg_name); if ($id >= 0) { @@ -315,6 +335,15 @@ function uninstall_package($pkg_name) { } } delete_package_xml($pkg_name); + + // Restore libraries that we backed up if not + // running from the builder code. + if(!$builder_package_install) { + $static_output .= "Cleaning up... "; + update_output_window($static_output); + exec("/usr/bin/tar xzPfU /tmp/pkg_libs.tgz -C /"); + @unlink("/tmp/pkg_libs.tgz"); + } } function force_remove_package($pkg_name) { @@ -326,6 +355,12 @@ function force_remove_package($pkg_name) { */ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { global $config, $config_parsed; + global $builder_package_install; + + // If this code is being called by pfspkg_installer + // which the builder system uses then return (ignore). + if($builder_package_install) + return; if(empty($config['installedpackages']['package'])) return; @@ -418,16 +453,16 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = $osname = php_uname("s"); $arch = php_uname("m"); - $rel = php_uname("r"); - $rel = substr($rel, 0, strrpos($rel, "-")); - $priv_url = "http://ftp2.{$osname}.org/pub/{$osname}/ports/{$arch}/packages-{$rel}/Latest"; + $rel = strtolower(php_uname("r")); + if (substr_count($rel, '-') > 1) + $rel = substr($rel, 0, strrpos($rel, "-")); + $priv_url = "http://ftp2.{$osname}.org/pub/{$osname}/ports/{$arch}/packages-{$rel}/All"; if (empty($base_url)) $base_url = $priv_url; if (substr($base_url, -1) == "/") $base_url = substr($base_url, 0, -1); - $static_output .= "\n" . str_repeat(" ", $dependlevel * 2) . $pkgname . " "; $fetchto = "{$g['tmp_path']}/apkg_{$filename}"; - $static_output .= "\n" . str_repeat(" ", $dependlevel * 2 + 1) . "Trying to download {$base_url}/{$filename} ... "; + $static_output .= "\n" . str_repeat(" ", $dependlevel * 2 + 1) . "Downloading {$base_url}/{$filename} ... "; if (download_file_with_progress_bar("{$base_url}/{$filename}", $fetchto) !== true) { if ($base_url != $priv_url && download_file_with_progress_bar("{$priv_url}/{$filename}", $fetchto) !== true) { $static_output .= " could not download from there or {$priv_url}/{$filename}.\n"; @@ -438,7 +473,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = update_output_window($static_output); return false; } else { - $static_output .= " downloaded from {$osname} repository instead of provided one.\n"; + $static_output .= " [{$osname} repository]\n"; update_output_window($static_output); } } @@ -459,8 +494,6 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = if (pkg_fetch_recursive($working_depend[1], $depend_filename, $dependlevel + 1, $base_url) == false) return false; } else { - //$dependlevel++; - $static_output .= "\n" . str_repeat(" ", $dependlevel * 2) . $working_depend[1] . " already installed."; pkg_debug($working_depend[1] . "\n"); } } @@ -505,7 +538,7 @@ function install_package($package, $pkg_info = "") { if($pkg_interface == "console") print "\n" . gettext("ERROR! Unable to fetch package configuration file. Aborting package installation.") . "\n"; else { - $static_output .= gettext("failed!\n\nInstallation aborted."); + $static_output .= gettext("failed!\n\nInstallation aborted.\n"); update_output_window($static_output); echo "<br>Show <a href=\"pkg_mgr_install.php?showlog=true\">install log</a></center>"; } @@ -528,9 +561,10 @@ function install_package($package, $pkg_info = "") { $changedesc = sprintf(gettext("Overwrote previous installation of %s."), $pkg_info['name']); $to_output = gettext("overwrite!") . "\n"; } - /* XXX: Fix inclusion of config.inc that causes data loss! */ + if(file_exists('/conf/needs_package_sync')) + @unlink('/conf/needs_package_sync'); conf_mount_ro(); - write_config(); + write_config("Intermediate config write during package install for {$pkg_info['name']}."); $static_output .= $to_output; update_output_window($static_output); /* install other package components */ @@ -620,18 +654,18 @@ function install_package_xml($pkg) { } $configfile = substr(strrchr($pkg_info['config_file'], '/'), 1); if(file_exists("/usr/local/pkg/" . $configfile)) { - $static_output .= "\n" . gettext("Loading package configuration... "); + $static_output .= gettext("Loading package configuration... "); update_output_window($static_output); $pkg_config = parse_xml_config_pkg("/usr/local/pkg/" . $configfile, "packagegui"); $static_output .= gettext("done.") . "\n"; update_output_window($static_output); - $static_output .= "\t" . gettext("Configuring package components...") . "\n"; + $static_output .= gettext("Configuring package components...\n"); if (!empty($pkg_config['filter_rules_needed'])) $config['installedpackages']['package'][$pkgid]['filter_rule_function'] = $pkg_config['filter_rules_needed']; update_output_window($static_output); /* modify system files */ if(is_array($pkg_config['modify_system']) && is_array($pkg_config['modify_system']['item'])) { - $static_output .= "\t" . gettext("System files... "); + $static_output .= gettext("System files... "); update_output_window($static_output); foreach($pkg_config['modify_system']['item'] as $ms) { if($ms['textneeded']) { @@ -643,7 +677,7 @@ function install_package_xml($pkg) { } /* download additional files */ if(is_array($pkg_config['additional_files_needed'])) { - $static_output .= "\t" . gettext("Additional files... "); + $static_output .= gettext("Additional files... "); $static_orig = $static_output; update_output_window($static_output); foreach($pkg_config['additional_files_needed'] as $afn) { @@ -661,7 +695,7 @@ function install_package_xml($pkg) { if(!is_dir($prefix)) safe_mkdir($prefix); $static_output .= $filename . " "; - update_output_window($static_output); + update_output_window($static_output); if (download_file_with_progress_bar($afn['item'][0], $prefix . $filename) !== true) { $static_output .= "failed.\n"; update_output_window($static_output); @@ -697,7 +731,7 @@ function install_package_xml($pkg) { require_once($pkg_config['include_file']); else { $missing_include = true; - $static_output .= "\tInclude " . basename($pkg_config['include_file']) . " is missing!\n"; + $static_output .= "Include " . basename($pkg_config['include_file']) . " is missing!\n"; update_output_window($static_output); /* XXX: Should undo the steps before this?! */ return false; @@ -705,7 +739,7 @@ function install_package_xml($pkg) { } /* sidebar items */ if(is_array($pkg_config['menu'])) { - $static_output .= "\t" . gettext("Menu items... "); + $static_output .= gettext("Menu items... "); update_output_window($static_output); foreach($pkg_config['menu'] as $menu) { if(is_array($config['installedpackages']['menu'])) @@ -719,7 +753,7 @@ function install_package_xml($pkg) { } /* integrated tab items */ if(is_array($pkg_config['tabs']['tab'])) { - $static_output .= "\t" . gettext("Integrated Tab items... "); + $static_output .= gettext("Integrated Tab items... "); update_output_window($static_output); foreach($pkg_config['tabs']['tab'] as $tab) { if(is_array($config['installedpackages']['tab'])) @@ -733,7 +767,7 @@ function install_package_xml($pkg) { } /* services */ if(is_array($pkg_config['service'])) { - $static_output .= "\t" . gettext("Services... "); + $static_output .= gettext("Services... "); update_output_window($static_output); foreach($pkg_config['service'] as $service) { if(is_array($config['installedpackages']['service'])) @@ -750,21 +784,21 @@ function install_package_xml($pkg) { update_output_window($static_output); if ($missing_include == false) { if($pkg_config['custom_php_global_functions'] <> "") { - $static_output .= "\t" . gettext("Executing custom_php_global_functions()..."); + $static_output .= gettext("Executing custom_php_global_functions()..."); update_output_window($static_output); eval_once($pkg_config['custom_php_global_functions']); $static_output .= gettext("done.") . "\n"; update_output_window($static_output); } if($pkg_config['custom_php_install_command']) { - $static_output .= "\t" . gettext("Executing custom_php_install_command()..."); + $static_output .= gettext("Executing custom_php_install_command()..."); update_output_window($static_output); eval_once($pkg_config['custom_php_install_command']); $static_output .= gettext("done.") . "\n"; update_output_window($static_output); } if($pkg_config['custom_php_resync_config_command'] <> "") { - $static_output .= "\t" . gettext("Executing custom_php_resync_config_command()..."); + $static_output .= gettext("Executing custom_php_resync_config_command()..."); update_output_window($static_output); eval_once($pkg_config['custom_php_resync_config_command']); $static_output .= gettext("done.") . "\n"; @@ -795,31 +829,54 @@ function install_package_xml($pkg) { return true; } +function does_package_depend($pkg) { + // Should not happen, but just in case. + if(!$pkg) + return; + $pkg_var_db_dir = glob("/var/db/pkg/{$pkg}*"); + // If this package has dependency then return true + foreach($pkg_var_db_dir as $pvdd) { + if (file_exists("{$vardb}/{$pvdd}/+REQUIRED_BY") && count(file("{$vardb}/{$pvdd}/+REQUIRED_BY")) > 0) + return true; + } + // Did not find a record of dependencies, so return false. + return false; +} + function delete_package($pkg) { global $config, $g, $static_output, $vardb; - $pkg = substr(reverse_strrchr($pkg, "."), 0, -1); + if(!$pkg) + return; + $pkg = substr(reverse_strrchr($pkg, "."), 0, -1); - if (file_exists("{$vardb}/{$pkg}/+REQUIRED_BY") && count(file("{$vardb}/{$pkg}/+REQUIRED_BY")) > 0) { - $static_output .= "\t" . sprintf(gettext("Skipping package deletion for %s because it is required by other packages."), $pkg) . "\n"; + // If package has dependencies then skip it + if(does_package_depend($pkg)) { + $static_output .= sprintf(gettext("Skipping package deletion for %s because it is a dependency."),$pkg) . "\n"; update_output_window($static_output); - return; + return; } else { if($pkg) - $static_output .= "\t" . sprintf(gettext("Starting package deletion for %s..."), $pkg); - update_output_window($static_output); + $static_output .= sprintf(gettext("Starting package deletion for %s..."),$pkg); + update_output_window($static_output); } + $info = ""; exec("/usr/sbin/pkg_info -qrx {$pkg}", $info); remove_freebsd_package($pkg); $static_output .= "done.\n"; update_output_window($static_output); foreach($info as $line) { - $depend = trim(str_replace("@pkgdep", "", $line), " \n"); - delete_package($depend); + $depend = trim(str_replace("@pkgdep ", "", $line), " \n"); + // If package has dependencies then skip it + if(!does_package_depend($depend)) + delete_package($depend); } + /* Rescan directories for what has been left and avoid fooling other programs. */ + mwexec("/sbin/ldconfig"); + return; } @@ -854,7 +911,7 @@ function delete_package_xml($pkg) { $pkg_config = parse_xml_config_pkg("/usr/local/pkg/" . $packages[$pkgid]['configurationfile'], "packagegui"); /* remove tab items */ if(is_array($pkg_config['tabs'])) { - $static_output .= "\t" . gettext("Tabs items... "); + $static_output .= gettext("Tabs items... "); update_output_window($static_output); if(is_array($pkg_config['tabs']['tab']) && is_array($tabs)) { foreach($pkg_config['tabs']['tab'] as $tab) { @@ -871,7 +928,7 @@ function delete_package_xml($pkg) { } /* remove menu items */ if(is_array($pkg_config['menu'])) { - $static_output .= "\t" . gettext("Menu items... "); + $static_output .= gettext("Menu items... "); update_output_window($static_output); if (is_array($pkg_config['menu']) && is_array($menus)) { foreach($pkg_config['menu'] as $menu) { @@ -888,13 +945,14 @@ function delete_package_xml($pkg) { } /* remove services */ if(is_array($pkg_config['service'])) { - $static_output .= "\t" . gettext("Services... "); + $static_output .= gettext("Services... "); update_output_window($static_output); if (is_array($pkg_config['service']) && is_array($services)) { foreach($pkg_config['service'] as $service) { foreach($services as $key => $instservice) { if($instservice['name'] == $service['name']) { - stop_service($service['name']); + if($g['booting'] != true) + stop_service($service['name']); unset($services[$key]); } } @@ -907,7 +965,7 @@ function delete_package_xml($pkg) { * XXX: Otherwise inclusion of config.inc again invalidates actions taken. * Same is done during installation. */ - write_config(); + write_config("Intermediate config write during package removal for {$pkg}."); /* * If a require exists, include it. this will @@ -924,7 +982,7 @@ function delete_package_xml($pkg) { else { $missing_include = true; update_output_window($static_output); - $static_output .= "\tInclude file " . basename($pkg_config['include_file']) . " could not be found for inclusion.\n"; + $static_output .= "Include file " . basename($pkg_config['include_file']) . " could not be found for inclusion.\n"; } } /* ermal @@ -940,7 +998,7 @@ function delete_package_xml($pkg) { } /* system files */ if(is_array($pkg_config['modify_system']) && is_array($pkg_config['modify_system']['item'])) { - $static_output .= "\t" . gettext("System files... "); + $static_output .= gettext("System files... "); update_output_window($static_output); foreach($pkg_config['modify_system']['item'] as $ms) if($ms['textneeded']) remove_text_from_file($ms['modifyfilename'], $ms['textneeded']); @@ -950,27 +1008,26 @@ function delete_package_xml($pkg) { } /* deinstall commands */ if($pkg_config['custom_php_deinstall_command'] <> "") { - $static_output .= "\t" . gettext("Deinstall commands... "); + $static_output .= gettext("Deinstall commands... "); update_output_window($static_output); if ($missing_include == false) { eval_once($pkg_config['custom_php_deinstall_command']); $static_output .= gettext("done.") . "\n"; } else - $static_output .= "\n\t" . gettext("Not executing custom deinstall hook because an include is missing.") . "\n"; + $static_output .= "\nNot executing custom deinstall hook because an include is missing.\n"; update_output_window($static_output); } if($pkg_config['include_file'] <> "") { - $static_output .= "\t" . gettext("Removing package instructions..."); - update_output_window($static_output); + $static_output .= gettext("Removing package instructions..."); + update_output_window($static_output); pkg_debug(sprintf(gettext("Remove '%s'"), $pkg_config['include_file']) . "\n"); - unlink_if_exists("/usr/local/pkg/" . $pkg_config['include_file']); - $static_output .= "done.\n"; - update_output_window($static_output); - - } + unlink_if_exists("/usr/local/pkg/" . $pkg_config['include_file']); + $static_output .= gettext("done.") . "\n"; + update_output_window($static_output); + } /* remove all additional files */ if(is_array($pkg_config['additional_files_needed'])) { - $static_output .= "\t" . gettext("Auxiliary files... "); + $static_output .= gettext("Auxiliary files... "); update_output_window($static_output); foreach($pkg_config['additional_files_needed'] as $afn) { $filename = get_filename_from_url($afn['item'][0]); @@ -978,14 +1035,13 @@ function delete_package_xml($pkg) { $prefix = $afn['prefix']; else $prefix = "/usr/local/pkg/"; - unlink_if_exists($prefix . $filename); } $static_output .= gettext("done.") . "\n"; update_output_window($static_output); } /* package XML file */ - $static_output .= "\t" . gettext("Package XML... "); + $static_output .= gettext("Package XML... "); update_output_window($static_output); unlink_if_exists("/usr/local/pkg/" . $packages[$pkgid]['configurationfile']); $static_output .= gettext("done.") . "\n"; @@ -993,7 +1049,7 @@ function delete_package_xml($pkg) { } /* syslog */ if(is_array($pkg_info['logging']) && $pkg_info['logging']['logfile_name'] <> "") { - $static_output .= "\tSyslog entries... "; + $static_output .= "Syslog entries... "; update_output_window($static_output); remove_text_from_file("/etc/syslog.conf", $pkg_info['logging']['facilityname'] . "\t\t\t\t" . $pkg_info['logging']['logfilename']); system_syslogd_start(); @@ -1001,9 +1057,10 @@ function delete_package_xml($pkg) { $static_output .= "done.\n"; update_output_window($static_output); } + conf_mount_ro(); /* remove config.xml entries */ - $static_output .= "\t" . gettext("Configuration... "); + $static_output .= gettext("Configuration... "); update_output_window($static_output); unset($config['installedpackages']['package'][$pkgid]); $static_output .= gettext("done.") . "\n"; @@ -1081,4 +1138,33 @@ function squash_from_bytes($size, $round = "") { return; } +function pkg_reinstall_all() { + global $g, $config; + $pkg_id = 0; + $todo = array(); + if (is_array($config['installedpackages']['package'])) + foreach($config['installedpackages']['package'] as $package) + $todo[] = array('name' => $package['name'], 'version' => $package['version']); + echo "One moment please, reinstalling packages...\n"; + echo " >>> Trying to fetch package info..."; + $pkg_info = get_pkg_info(); + if ($pkg_info) { + echo " Done.\n"; + } else { + $xmlrpc_base_url = isset($config['system']['altpkgrepo']['enable']) ? $config['system']['altpkgrepo']['xmlrpcbaseurl'] : $g['xmlrpcbaseurl']; + echo "\n" . sprintf(gettext(' >>> Unable to communicate with %1$s. Please verify DNS and interface configuration, and that %2$s has functional Internet connectivity.'), $xmlrpc_base_url, $g['product_name']) . "\n"; + return; + } + if(is_array($todo)) { + foreach($todo as $pkgtodo) { + $static_output = ""; + if($pkgtodo['name']) { + uninstall_package($pkgtodo['name']); + install_package($pkgtodo['name']); + $pkg_id++; + } + } + } +} + ?> diff --git a/etc/inc/plain_sasl_client.inc b/etc/inc/plain_sasl_client.inc new file mode 100644 index 0000000..c7feed0 --- /dev/null +++ b/etc/inc/plain_sasl_client.inc @@ -0,0 +1,99 @@ +<?php +/* + * plain_sasl_client.php + * + * @(#) $Id: plain_sasl_client.php,v 1.2 2004/11/17 08:00:37 mlemos Exp $ + * + */ + +define("SASL_PLAIN_STATE_START", 0); +define("SASL_PLAIN_STATE_IDENTIFY", 1); +define("SASL_PLAIN_STATE_DONE", 2); + +define("SASL_PLAIN_DEFAULT_MODE", 0); +define("SASL_PLAIN_EXIM_MODE", 1); +define("SASL_PLAIN_EXIM_DOCUMENTATION_MODE", 2); + +class plain_sasl_client_class +{ + var $credentials=array(); + var $state=SASL_PLAIN_STATE_START; + + Function Initialize(&$client) + { + return(1); + } + + Function Start(&$client, &$message, &$interactions) + { + if($this->state!=SASL_PLAIN_STATE_START) + { + $client->error="PLAIN authentication state is not at the start"; + return(SASL_FAIL); + } + $this->credentials=array( + "user"=>"", + "password"=>"", + "realm"=>"", + "mode"=>"" + ); + $defaults=array( + "realm"=>"", + "mode"=>"" + ); + $status=$client->GetCredentials($this->credentials,$defaults,$interactions); + if($status==SASL_CONTINUE) + { + switch($this->credentials["mode"]) + { + case SASL_PLAIN_EXIM_MODE: + $message=$this->credentials["user"]."\0".$this->credentials["password"]."\0"; + break; + case SASL_PLAIN_EXIM_DOCUMENTATION_MODE: + $message="\0".$this->credentials["user"]."\0".$this->credentials["password"]; + break; + default: + $message=$this->credentials["user"]."\0".$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : "")."\0".$this->credentials["password"]; + break; + } + $this->state=SASL_PLAIN_STATE_DONE; + } + else + Unset($message); + return($status); + } + + Function Step(&$client, $response, &$message, &$interactions) + { + switch($this->state) + { +/* + case SASL_PLAIN_STATE_IDENTIFY: + switch($this->credentials["mode"]) + { + case SASL_PLAIN_EXIM_MODE: + $message=$this->credentials["user"]."\0".$this->credentials["password"]."\0"; + break; + case SASL_PLAIN_EXIM_DOCUMENTATION_MODE: + $message="\0".$this->credentials["user"]."\0".$this->credentials["password"]; + break; + default: + $message=$this->credentials["user"]."\0".$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : "")."\0".$this->credentials["password"]; + break; + } + var_dump($message); + $this->state=SASL_PLAIN_STATE_DONE; + break; +*/ + case SASL_PLAIN_STATE_DONE: + $client->error="PLAIN authentication was finished without success"; + return(SASL_FAIL); + default: + $client->error="invalid PLAIN authentication step state"; + return(SASL_FAIL); + } + return(SASL_CONTINUE); + } +}; + +?>
\ No newline at end of file diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index 365ba9f..e928fc8 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -175,6 +175,8 @@ function enable_rrd_graphing() { $mem = "-memory.rrd"; $cellular = "-cellular.rrd"; $vpnusers = "-vpnusers.rrd"; + $captiveportalconcurrent = "-concurrent.rrd"; + $captiveportalloggedin = "-loggedin.rrd"; $rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool"; $netstat = "/usr/bin/netstat"; @@ -186,6 +188,7 @@ function enable_rrd_graphing() { $top = "/usr/bin/top"; $spamd_gather = "/usr/local/bin/spamd_gather_stats.php"; $ifconfig = "/sbin/ifconfig"; + $captiveportal_gather = "/usr/local/bin/captiveportal_gather_stats.php"; $rrdtrafficinterval = 60; $rrdwirelessinterval = 60; @@ -199,6 +202,7 @@ function enable_rrd_graphing() { $rrdmeminterval = 60; $rrdcellularinterval = 60; $rrdvpninterval = 60; + $rrdcaptiveportalinterval = 60; $trafficvalid = $rrdtrafficinterval * 2; $wirelessvalid = $rrdwirelessinterval * 2; @@ -212,6 +216,7 @@ function enable_rrd_graphing() { $memvalid = $rrdmeminterval * 2; $cellularvalid = $rrdcellularinterval * 2; $vpnvalid = $rrdvpninterval * 2; + $captiveportalvalid = $rrdcaptiveportalinterval * 2; /* Asume GigE for now */ $downstream = 125000000; @@ -602,7 +607,7 @@ function enable_rrd_graphing() { /* SPAMD, set up the spamd rrd file */ if (isset($config['installedpackages']['spamdsettings']) && - isset ($config['installedpackages']['spamdsettings']['config'][0]['enablerrd'])) { + $config['installedpackages']['spamdsettings']['config'][0]['enablerrd']) { /* set up the spamd rrd file */ if (!file_exists("$rrddbpath$ifname$spamd")) { $rrdcreate = "$rrdtool create $rrddbpath$ifname$spamd --step $rrdspamdinterval "; @@ -660,6 +665,78 @@ function enable_rrd_graphing() { $rrdupdatesh .= "else $rrdtool update $rrddbpath$ifname$cellular N:U:U; fi\n"; } + /* Captive Portal statistics, set up the rrd file */ + if(isset($config['captiveportal']['enable'])) { + $ifname= "captiveportal"; + if (!file_exists("$rrddbpath$ifname$captiveportal")) { + $rrdcreate = "$rrdtool create $rrddbpath$ifname$captiveportalconcurrent --step $rrdcaptiveportalinterval "; + $rrdcreate .= "DS:concurrentusers:GAUGE:$captiveportalvalid:0:10000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 "; + $rrdcreate .= "RRA:MIN:0.5:1:1000 "; + $rrdcreate .= "RRA:MIN:0.5:5:1000 "; + $rrdcreate .= "RRA:MIN:0.5:60:1000 "; + $rrdcreate .= "RRA:MIN:0.5:720:3000 "; + $rrdcreate .= "RRA:MAX:0.5:1:1000 "; + $rrdcreate .= "RRA:MAX:0.5:5:1000 "; + $rrdcreate .= "RRA:MAX:0.5:60:1000 "; + $rrdcreate .= "RRA:MAX:0.5:720:3000 "; + $rrdcreate .= "RRA:LAST:0.5:1:1000 "; + $rrdcreate .= "RRA:LAST:0.5:5:1000 "; + $rrdcreate .= "RRA:LAST:0.5:60:1000 "; + $rrdcreate .= "RRA:LAST:0.5:720:3000 "; + + create_new_rrd($rrdcreate); + } + + /* enter UNKNOWN values in the RRD so it knows we rebooted. */ + if($g['booting']) { + mwexec("$rrdtool update $rrddbpath$ifname$captiveportalconcurrent N:U"); + } + + /* the Captive Portal stats gathering function. */ + $rrdupdatesh .= "\n"; + $rrdupdatesh .= "# polling Captive Portal for number of concurrent users\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalconcurrent \\\n"; + $rrdupdatesh .= "`$php -q $captiveportal_gather concurrent`\n"; + + $ifname= "captiveportal"; + if (!file_exists("$rrddbpath$ifname$captiveportal")) { + $rrdcreate = "$rrdtool create $rrddbpath$ifname$captiveportalloggedin --step $rrdcaptiveportalinterval "; + $rrdcreate .= "DS:loggedinusers:GAUGE:$captiveportalvalid:0:10000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:5:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:60:1000 "; + $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 "; + $rrdcreate .= "RRA:MIN:0.5:1:1000 "; + $rrdcreate .= "RRA:MIN:0.5:5:1000 "; + $rrdcreate .= "RRA:MIN:0.5:60:1000 "; + $rrdcreate .= "RRA:MIN:0.5:720:3000 "; + $rrdcreate .= "RRA:MAX:0.5:1:1000 "; + $rrdcreate .= "RRA:MAX:0.5:5:1000 "; + $rrdcreate .= "RRA:MAX:0.5:60:1000 "; + $rrdcreate .= "RRA:MAX:0.5:720:3000 "; + $rrdcreate .= "RRA:LAST:0.5:1:1000 "; + $rrdcreate .= "RRA:LAST:0.5:5:1000 "; + $rrdcreate .= "RRA:LAST:0.5:60:1000 "; + $rrdcreate .= "RRA:LAST:0.5:720:3000 "; + + create_new_rrd($rrdcreate); + } + + /* enter UNKNOWN values in the RRD so it knows we rebooted. */ + if($g['booting']) { + mwexec("$rrdtool update $rrddbpath$ifname$captiveportalloggedin N:U"); + } + + /* the Captive Portal stats gathering function. */ + $rrdupdatesh .= "\n"; + $rrdupdatesh .= "# polling Captive Portal for number of logged in users and concurrent users\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalloggedin \\\n"; + $rrdupdatesh .= "`$php -q $captiveportal_gather loggedin`\n"; + } $rrdupdatesh .= "sleep 60\n"; $rrdupdatesh .= "done\n"; diff --git a/etc/inc/sasl.inc b/etc/inc/sasl.inc new file mode 100644 index 0000000..d64442e --- /dev/null +++ b/etc/inc/sasl.inc @@ -0,0 +1,422 @@ +<?php +/* + * sasl.php + * + * @(#) $Id: sasl.php,v 1.11 2005/10/31 18:43:27 mlemos Exp $ + * + */ + +define("SASL_INTERACT", 2); +define("SASL_CONTINUE", 1); +define("SASL_OK", 0); +define("SASL_FAIL", -1); +define("SASL_NOMECH", -4); + +class sasl_interact_class +{ + var $id; + var $challenge; + var $prompt; + var $default_result; + var $result; +}; + +/* +{metadocument}<?xml version="1.0" encoding="ISO-8859-1" ?> +<class> + + <package>net.manuellemos.sasl</package> + + <version>@(#) $Id: sasl.php,v 1.11 2005/10/31 18:43:27 mlemos Exp $</version> + <copyright>Copyright © (C) Manuel Lemos 2004</copyright> + <title>Simple Authentication and Security Layer client</title> + <author>Manuel Lemos</author> + <authoraddress>mlemos-at-acm.org</authoraddress> + + <documentation> + <idiom>en</idiom> + <purpose>Provide a common interface to plug-in driver classes that + implement different mechanisms for authentication used by clients of + standard protocols like SMTP, POP3, IMAP, HTTP, etc.. Currently the + supported authentication mechanisms are: <tt>PLAIN</tt>, + <tt>LOGIN</tt>, <tt>CRAM-MD5</tt>, <tt>Digest</tt> and <tt>NTML</tt> + (Windows or Samba).</purpose> + <usage>.</usage> + </documentation> + +{/metadocument} +*/ + +class sasl_client_class +{ + /* Public variables */ + +/* +{metadocument} + <variable> + <name>error</name> + <type>STRING</type> + <value></value> + <documentation> + <purpose>Store the message that is returned when an error + occurs.</purpose> + <usage>Check this variable to understand what happened when a call to + any of the class functions has failed.<paragraphbreak /> + This class uses cumulative error handling. This means that if one + class functions that may fail is called and this variable was + already set to an error message due to a failure in a previous call + to the same or other function, the function will also fail and does + not do anything.<paragraphbreak /> + This allows programs using this class to safely call several + functions that may fail and only check the failure condition after + the last function call.<paragraphbreak /> + Just set this variable to an empty string to clear the error + condition.</usage> + </documentation> + </variable> +{/metadocument} +*/ + var $error=''; + +/* +{metadocument} + <variable> + <name>mechanism</name> + <type>STRING</type> + <value></value> + <documentation> + <purpose>Store the name of the mechanism that was selected during the + call to the <functionlink>Start</functionlink> function.</purpose> + <usage>You can access this variable but do not change it.</usage> + </documentation> + </variable> +{/metadocument} +*/ + var $mechanism=''; + +/* +{metadocument} + <variable> + <name>encode_response</name> + <type>BOOLEAN</type> + <value>1</value> + <documentation> + <purpose>Let the drivers inform the applications whether responses + need to be encoded.</purpose> + <usage>Applications should check this variable before sending + authentication responses to the server to determine if the + responses need to be encoded, eventually with base64 algorithm.</usage> + </documentation> + </variable> +{/metadocument} +*/ + var $encode_response=1; + + /* Private variables */ + + var $driver; + var $drivers=array( + "Digest" => array("digest_sasl_client_class", "digest_sasl_client.inc" ), + "CRAM-MD5" => array("cram_md5_sasl_client_class", "cram_md5_sasl_client.inc" ), + "LOGIN" => array("login_sasl_client_class", "login_sasl_client.inc" ), + "NTLM" => array("ntlm_sasl_client_class", "ntlm_sasl_client.inc" ), + "PLAIN" => array("plain_sasl_client_class", "plain_sasl_client.inc" ), + "Basic" => array("basic_sasl_client_class", "basic_sasl_client.inc" ) + ); + var $credentials=array(); + + /* Public functions */ + +/* +{metadocument} + <function> + <name>SetCredential</name> + <type>VOID</type> + <documentation> + <purpose>Store the value of a credential that may be used by any of + the supported mechanisms to process the authentication messages and + responses.</purpose> + <usage>Call this function before starting the authentication dialog + to pass all the credential values that be needed to use the type + of authentication that the applications may need.</usage> + <returnvalue>.</returnvalue> + </documentation> + <argument> + <name>key</name> + <type>STRING</type> + <documentation> + <purpose>Specify the name of the credential key.</purpose> + </documentation> + </argument> + <argument> + <name>value</name> + <type>STRING</type> + <documentation> + <purpose>Specify the value for the credential.</purpose> + </documentation> + </argument> + <do> +{/metadocument} +*/ + Function SetCredential($key,$value) + { + $this->credentials[$key]=$value; + } +/* +{metadocument} + </do> + </function> +{/metadocument} +*/ + +/* +{metadocument} + <function> + <name>GetCredentials</name> + <type>INTEGER</type> + <documentation> + <purpose>Retrieve the values of one or more credentials to be used by + the authentication mechanism classes.</purpose> + <usage>This is meant to be used by authentication mechanism driver + classes to retrieve the credentials that may be neede.</usage> + <returnvalue>The function may return <tt>SASL_CONTINUE</tt> if it + succeeded, or <tt>SASL_NOMECH</tt> if it was not possible to + retrieve one of the requested credentials.</returnvalue> + </documentation> + <argument> + <name>credentials</name> + <type>HASH</type> + <documentation> + <purpose>Reference to an associative array variable with all the + credentials that are being requested. The function initializes + this associative array values.</purpose> + </documentation> + </argument> + <argument> + <name>defaults</name> + <type>HASH</type> + <documentation> + <purpose>Associative arrays with default values for credentials + that may have not been defined.</purpose> + </documentation> + </argument> + <argument> + <name>interactions</name> + <type>ARRAY</type> + <documentation> + <purpose>Not yet in use. It is meant to provide context + information to retrieve credentials that may be obtained + interacting with the user.</purpose> + </documentation> + </argument> + <do> +{/metadocument} +*/ + Function GetCredentials(&$credentials,$defaults,&$interactions) + { + Reset($credentials); + $end=(GetType($key=Key($credentials))!="string"); + for(;!$end;) + { + if(!IsSet($this->credentials[$key])) + { + if(IsSet($defaults[$key])) + $credentials[$key]=$defaults[$key]; + else + { + $this->error="the requested credential ".$key." is not defined"; + return(SASL_NOMECH); + } + } + else + $credentials[$key]=$this->credentials[$key]; + Next($credentials); + $end=(GetType($key=Key($credentials))!="string"); + } + return(SASL_CONTINUE); + } +/* +{metadocument} + </do> + </function> +{/metadocument} +*/ + +/* +{metadocument} + <function> + <name>Start</name> + <type>INTEGER</type> + <documentation> + <purpose>Process the initial authentication step initializing the + driver class that implements the first of the list of requested + mechanisms that is supported by this SASL client library + implementation.</purpose> + <usage>Call this function specifying a list of mechanisms that the + server supports. If the <argumentlink> + <argument>message</argument> + <function>Start</function> + </argumentlink> argument returns a string, it should be sent to + the server as initial message. Check the + <variablelink>encode_response</variablelink> variable to determine + whether the initial message needs to be encoded, eventually with + base64 algorithm, before it is sent to the server.</usage> + <returnvalue>The function may return <tt>SASL_CONTINUE</tt> if it + could start one of the requested authentication mechanisms. It + may return <tt>SASL_NOMECH</tt> if it was not possible to start + any of the requested mechanisms. It returns <tt>SASL_FAIL</tt> or + other value in case of error.</returnvalue> + </documentation> + <argument> + <name>mechanisms</name> + <type>ARRAY</type> + <inout /> + <documentation> + <purpose>Define the list of names of authentication mechanisms + supported by the that should be tried.</purpose> + </documentation> + </argument> + <argument> + <name>message</name> + <type>STRING</type> + <out /> + <documentation> + <purpose>Return the initial message that should be sent to the + server to start the authentication dialog. If this value is + undefined, no message should be sent to the server.</purpose> + </documentation> + </argument> + <argument> + <name>interactions</name> + <type>ARRAY</type> + <documentation> + <purpose>Not yet in use. It is meant to provide context + information to interact with the end user.</purpose> + </documentation> + </argument> + <do> +{/metadocument} +*/ + Function Start($mechanisms, &$message, &$interactions) + { + if(strlen($this->error)) + return(SASL_FAIL); + if(IsSet($this->driver)) + return($this->driver->Start($this,$message,$interactions)); + $no_mechanism_error=""; + for($m=0;$m<count($mechanisms);$m++) + { + $mechanism=$mechanisms[$m]; + if(IsSet($this->drivers[$mechanism])) + { + if(!class_exists($this->drivers[$mechanism][0])) + require(dirname(__FILE__)."/".$this->drivers[$mechanism][1]); + $this->driver=new $this->drivers[$mechanism][0]; + if($this->driver->Initialize($this)) + { + $this->encode_response=1; + $status=$this->driver->Start($this,$message,$interactions); + switch($status) + { + case SASL_NOMECH: + Unset($this->driver); + if(strlen($no_mechanism_error)==0) + $no_mechanism_error=$this->error; + $this->error=""; + break; + case SASL_CONTINUE: + $this->mechanism=$mechanism; + return($status); + default: + Unset($this->driver); + $this->error=""; + return($status); + } + } + else + { + Unset($this->driver); + if(strlen($no_mechanism_error)==0) + $no_mechanism_error=$this->error; + $this->error=""; + } + } + } + $this->error=(strlen($no_mechanism_error) ? $no_mechanism_error : "it was not requested any of the authentication mechanisms that are supported"); + return(SASL_NOMECH); + } +/* +{metadocument} + </do> + </function> +{/metadocument} +*/ + +/* +{metadocument} + <function> + <name>Step</name> + <type>INTEGER</type> + <documentation> + <purpose>Process the authentication steps after the initial step, + until the authetication iteration dialog is complete.</purpose> + <usage>Call this function iteratively after a successful initial + step calling the <functionlink>Start</functionlink> function.</usage> + <returnvalue>The function returns <tt>SASL_CONTINUE</tt> if step was + processed successfully, or returns <tt>SASL_FAIL</tt> in case of + error.</returnvalue> + </documentation> + <argument> + <name>response</name> + <type>STRING</type> + <in /> + <documentation> + <purpose>Pass the response returned by the server to the previous + step.</purpose> + </documentation> + </argument> + <argument> + <name>message</name> + <type>STRING</type> + <out /> + <documentation> + <purpose>Return the message that should be sent to the server to + continue the authentication dialog. If this value is undefined, + no message should be sent to the server.</purpose> + </documentation> + </argument> + <argument> + <name>interactions</name> + <type>ARRAY</type> + <documentation> + <purpose>Not yet in use. It is meant to provide context + information to interact with the end user.</purpose> + </documentation> + </argument> + <do> +{/metadocument} +*/ + Function Step($response, &$message, &$interactions) + { + if(strlen($this->error)) + return(SASL_FAIL); + return($this->driver->Step($this,$response,$message,$interactions)); + } +/* +{metadocument} + </do> + </function> +{/metadocument} +*/ + +}; + +/* + +{metadocument} +</class> +{/metadocument} + +*/ + +?> diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 11d49ed..3c23ece 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -72,7 +72,7 @@ function services_dhcpd_configure() { fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/etc\n"); fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr/local/sbin\n"); fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/db\n"); - fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n"); + fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/var/run\n"); fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/usr\n"); fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/lib\n"); fwrite($fd, "mkdir -p {$g['dhcpd_chroot_path']}/run\n"); @@ -228,6 +228,9 @@ EOPP; $subnet = gen_subnet($ifcfgip, $ifcfgsn); $subnetmask = gen_subnet_mask($ifcfgsn); + if (!is_ipaddr($subnet)) + continue; + if($is_olsr_enabled == true) if($dhcpifconf['netmask']) $subnetmask = gen_subnet_mask($dhcpifconf['netmask']); @@ -257,7 +260,7 @@ EOPP; $dnscfg .= " option domain-name-servers " . join(",", $syscfg['dnsserver']) . ";"; } - $dhcpdconf .= "subnet $subnet netmask $subnetmask {\n"; + $dhcpdconf .= "subnet {$subnet} netmask {$subnetmask} {\n"; $dhcpdconf .= " pool {\n"; /* is failover dns setup? */ diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index d63367d..bc4a0c2 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -31,6 +31,8 @@ /* XXX: needs some reducing on include. */ /* include all configuration functions. */ require_once("functions.inc"); +require_once("util.inc"); +require_once("notices.inc"); /* * I admit :) this is derived from xmplparse.inc StartElement() @@ -122,20 +124,20 @@ function get_bandwidthtype_scale($type) { switch ($type) { case "Gb": - $factor = 1000 * 1000 * 1000; + $factor = 1024 * 1024 * 1024; break; case "Mb": - $factor = 1000 * 1000; + $factor = 1024 * 1024; break; case "Kb": - $factor = 1000; + $factor = 1024; break; case "b": default: $factor = 1; break; } - return floatval($factor); + return intval($factor); } function get_hfsc_bandwidth($object, $bw) @@ -418,6 +420,7 @@ class altq_root_queue { $q->ReadConfig($queue); $q->validate_input($queue, $input_errors); if (count($input_errors)) { + log_error("SHAPER: could not create queue " . $q->GetQname() . " on interface {$interface} because: " . print_r($input_errors, true)); return $q; } @@ -514,8 +517,9 @@ class altq_root_queue { * foreach ($queues as $qkey => $queue) * this->queues[$qkey]->build_rule(); */ - function build_rules() { + function build_rules(&$default = false) { if (count($this->queues) > 0 && $this->GetEnabled() == "on") { + $default = false; $rules = " altq on " . get_real_interface($this->GetInterface()); if ($this->GetScheduler()) $rules .= " ".strtolower($this->GetScheduler()); @@ -538,9 +542,16 @@ class altq_root_queue { } $rules .= " } \n"; foreach ($this->queues as $q) { - $rules .= $q->build_rules(); + $rules .= $q->build_rules($default); } } + if ($default == false) { + $error = "SHAPER: no default queue specified for interface ". $this->GetInterface() . ". The interface queue will be enforced as default."; + file_notice("Shaper", $error, "Error occurred", ""); + unset($error); + return "\n"; + } + $frule .= $rules; } $rules .= " \n"; return $rules; @@ -1024,7 +1035,7 @@ class priq_queue { /* Should return something like: * queue $qname on $qinterface bandwidth .... */ - function build_rules() { + function build_rules(&$default = false) { $pfq_rule = " queue ". $this->qname; if ($this->GetInterface()) $pfq_rule .= " on ".get_real_interface($this->GetInterface()); @@ -1060,6 +1071,7 @@ class priq_queue { if ($comma) $pfq_rule .= " ,"; $pfq_rule .= " default "; + $default = true; } $pfq_rule .= " ) "; } @@ -1335,6 +1347,7 @@ class hfsc_queue extends priq_queue { $q->ReadConfig($qname); $q->validate_input($qname, $input_errors); if (count($input_errors)) { + log_error("SHAPER: could not create queue " . $q->GetQname() . " on interface {$interface} because: " . print_r($input_errors, true)); return $q; } @@ -1672,7 +1685,7 @@ class hfsc_queue extends priq_queue { } /* Even this should take children into consideration */ - function build_rules() { + function build_rules(&$default = false) { $pfq_rule = " queue ". $this->qname; if ($this->GetInterface()) @@ -1711,6 +1724,7 @@ class hfsc_queue extends priq_queue { $pfq_rule .= " ,"; $comma = 1; $pfq_rule .= " default "; + $default = true; } if ($this->GetRealtime() <> "") { @@ -1753,7 +1767,7 @@ class hfsc_queue extends priq_queue { } $pfq_rule .= " } \n"; foreach ($this->subqueues as $q) - $pfq_rule .= $q->build_rules(); + $pfq_rule .= $q->build_rules(&$default); } $pfq_rule .= " \n"; @@ -2038,6 +2052,7 @@ class cbq_queue extends priq_queue { $q->ReadConfig($qname); $q->validate_input($qname, $input_errors); if (count($input_errors)) { + log_error("SHAPER: could not create queue " . $q->GetQname() . " on interface {$interface} because: " . print_r($input_errors, true)); return $q; } switch ($q->GetBwscale()) { @@ -2212,7 +2227,7 @@ class cbq_queue extends priq_queue { } /* Even this should take children into consideration */ - function build_rules() { + function build_rules(&$default = false) { $pfq_rule = "queue ". $this->qname; if ($this->GetInterface()) $pfq_rule .= " on ".get_real_interface($this->GetInterface()); @@ -2251,6 +2266,7 @@ class cbq_queue extends priq_queue { $pfq_rule .= " ,"; $comma = 1; $pfq_rule .= " default "; + $default = true; } $tmpvalue = trim($this->GetBorrow()); if (!empty($tmpvalue)) { @@ -2272,7 +2288,7 @@ class cbq_queue extends priq_queue { } $pfq_rule .= " } \n"; foreach ($this->subqueues as $q) - $pfq_rule .= $q->build_rules(); + $pfq_rule .= $q->build_rules($default); } $pfq_rule .= " \n"; @@ -2486,7 +2502,7 @@ class fairq_queue extends priq_queue { } /* Even this should take children into consideration */ - function build_rules() { + function build_rules(&$default = false) { $pfq_rule = "queue ". $this->qname; if ($this->GetInterface()) $pfq_rule .= " on ".get_real_interface($this->GetInterface()); @@ -2526,6 +2542,7 @@ class fairq_queue extends priq_queue { $pfq_rule .= " ,"; $comma = 1; $pfq_rule .= " default "; + $default = true; } $tmpvalue = trim($this->GetBuckets()); if (!empty($tmpvalue)) { @@ -2813,8 +2830,10 @@ class dnpipe_class extends dummynet_class { $q->SetParent(&$this); $q->ReadConfig($queue); $q->validate_input($queue, $input_errors); - if (count($input_errors)) + if (count($input_errors)) { + log_error("SHAPER: could not create queue " . $q->GetQname() . " on interface {$interface} because: " . print_r($input_errors, true)); return $q; + } $this->subqueues[$q->GetQname()] = &$q; return $q; @@ -2867,16 +2886,28 @@ class dnpipe_class extends dummynet_class { } if (isset($q['qlimit']) && $q['qlimit'] <> "") $this->SetQlimit($q['qlimit']); + else + $this->SetQlimit(""); if (isset($q['mask']) && $q['mask'] <> "") $this->SetMask($q['mask']); + else + $this->SetMask(""); if (isset($q['buckets']) && $q['buckets'] <> "") $this->SetBuckets($q['buckets']); + else + $this->SetBuckets(""); if (isset($q['plr']) && $q['plr'] <> "") $this->SetPlr($q['plr']); + else + $this->SetPlr(""); if (isset($q['delay']) && $q['delay'] <> "") $this->SetDelay($q['delay']); + else + $this->SetDelay(0); if (isset($q['description']) && $q['description'] <> "") $this->SetDescription($q['description']); + else + $this->SetDescription(""); $this->SetEnabled($q['enabled']); } @@ -2943,12 +2974,12 @@ class dnpipe_class extends dummynet_class { function build_form() { $form = "<tr><td valign=\"center\" class=\"vncellreq\"><br>"; - $form .= gettext("Enable/Disable"); + $form .= gettext("Enable"); $form .= "</td><td class=\"vncellreq\">"; $form .= " <input type=\"checkbox\" id=\"enabled\" name=\"enabled\" value=\"on\""; if ($this->GetEnabled() == "on") $form .= " CHECKED"; - $form .= " ><span class=\"vexpl\"> " . gettext("Enable/Disable limiter and its children") . "</span>"; + $form .= " ><span class=\"vexpl\"> " . gettext("Enable limiter and its children") . "</span>"; $form .= "</td></tr>"; $form .= "<tr><td valign=\"center\" class=\"vncellreq\"><br><span class=\"vexpl\">" . gettext("Name") . "</span></td>"; $form .= "<td class=\"vncellreq\">"; @@ -3136,12 +3167,20 @@ class dnqueue_class extends dummynet_class { $this->SetNumber($q['number']); if (isset($q['qlimit']) && $q['qlimit'] <> "") $this->SetQlimit($q['qlimit']); + else + $this->SetQlimit(""); if (isset($q['mask']) && $q['mask'] <> "") $this->SetMask($q['mask']); + else + $this->SetMask(""); if (isset($q['weight']) && $q['weight'] <> "") $this->SetWeight($q['weight']); + else + $this->SetWeight(""); if (isset($q['description']) && $q['description'] <> "") $this->SetDescription($q['description']); + else + $this->SetDescription(""); $this->SetEnabled($q['enabled']); } diff --git a/etc/inc/system.inc b/etc/inc/system.inc index e560a19..107a777 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -86,12 +86,6 @@ function system_resolvconf_generate($dynupdate = false) { $syscfg = $config['system']; - $fd = fopen("{$g['varetc_path']}/resolv.conf", "w"); - if (!$fd) { - printf(gettext("Error: cannot open resolv.conf in system_resolvconf_generate().%s"), "\n"); - return 1; - } - $resolvconf = "domain {$syscfg['domain']}\n"; $havedns = false; @@ -122,6 +116,12 @@ function system_resolvconf_generate($dynupdate = false) { } } + $fd = fopen("{$g['varetc_path']}/resolv.conf", "w"); + if (!$fd) { + printf("Error: cannot open resolv.conf in system_resolvconf_generate().\n"); + return 1; + } + fwrite($fd, $resolvconf); fclose($fd); @@ -158,11 +158,16 @@ function get_searchdomains() { $master_list = array(); // Read in dhclient nameservers - $search_list = split("\n", `/bin/cat /var/etc/searchdomain_* 2>/dev/null`); + $search_list = glob("/var/etc/searchdomain_*"); if (is_array($search_lists)) { - foreach($search_lists as $dns) { - if(is_hostname($dns)) - $master_list[] = $dns; + foreach($search_lists as $fdns) { + $contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + if (!is_array($contents)) + continue; + foreach ($contents as $dns) { + if(is_hostname($dns)) + $master_list[] = $dns; + } } } @@ -174,21 +179,27 @@ function get_nameservers() { $master_list = array(); // Read in dhclient nameservers - $dns_lists = split("\n", `/bin/cat /var/etc/nameserver_* 2>/dev/null`); + $dns_lists = glob("/var/etc/nameserver_*"); if (is_array($dns_lists)) { - foreach($dns_lists as $dns) { - if(is_ipaddr($dns)) - $master_list[] = $dns; + foreach($dns_lists as $fdns) { + $contents = file($fdns, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + if (!is_array($contents)) + continue; + foreach ($contents as $dns) { + if(is_ipaddr($dns)) + $master_list[] = $dns; + } } } // Read in any extra nameservers if(file_exists("/var/etc/nameservers.conf")) { - $dns_lists = split("\n", `/bin/cat /var/etc/nameservers.conf`); - if(is_array($dns_s)) + $dns_s = file("/var/etc/nameservers.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + if(is_array($dns_s)) { foreach($dns_s as $dns) if (is_ipaddr($dns)) $master_list[] = $dns; + } } return $master_list; @@ -314,6 +325,8 @@ function system_routing_configure($interface = "") { mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw", true); foreach ($config['gateways']['gateway_item'] as $gateway) { if (isset($gateway['defaultgw'])) { + if(strstr($gateway['gateway'], ":")) + break; if ($gateway['gateway'] == "dynamic") $gateway['gateway'] = get_interface_gateway($gateway['interface']); $gatewayip = $gateway['gateway']; @@ -364,8 +377,8 @@ function system_routing_configure($interface = "") { if(isset($route_arr['default'])) { $action = "change"; } - log_error(sprintf(gettext('ROUTING: %1$s default route to %2$s'), $action, $gatewayip)); - mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip)); + log_error("ROUTING: $action default route to $gatewayip"); + mwexec("/sbin/route {$action} -inet default " . escapeshellarg($gatewayip)); } } @@ -379,7 +392,7 @@ function system_routing_configure($interface = "") { continue; } $gateway = $gateways_arr[$rtent['gateway']]; - if ($interface == $gateway['friendlyiface']) + if (!empty($interface) && $interface != $gateway['friendlyiface']) continue; $gatewayip = $gateway['gateway']; $interfacegw = $gateway['interface']; @@ -388,10 +401,10 @@ function system_routing_configure($interface = "") { $action = "change"; if (is_ipaddr($gatewayip)) { - mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) . + mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) . " " . escapeshellarg($gatewayip)); } else if (!empty($interfacegw)) { - mwexec("/sbin/route {$action} " . escapeshellarg($rtent['network']) . + mwexec("/sbin/route {$action} -inet " . escapeshellarg($rtent['network']) . " -iface " . escapeshellarg($interfacegw)); } } @@ -613,9 +626,14 @@ EOD; } fwrite($fd, $syslogconf); fclose($fd); + + // Ensure that the log directory exists + if(!is_dir("{$g['dhcpd_chroot_path']}/var/run")) + exec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/run"); + // Are we logging to a least one remote server ? if(strpos($syslogconf, "@") != false) - $retval = system("/usr/sbin/syslogd -c c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf"); + $retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf"); else $retval = system("/usr/sbin/syslogd -c -c -l /var/dhcpd/var/run/log -f {$g['varetc_path']}/syslog.conf"); @@ -689,7 +707,7 @@ function system_webgui_start() { if (!is_array($config['cert'])) $config['cert'] = array(); $a_cert =& $config['cert']; - echo gettext("Creating SSL Certificate... "); + log_error("Creating SSL Certificate for this host"); $cert = array(); $cert['refid'] = uniqid(); $cert['descr'] = gettext("webConfigurator default"); @@ -765,7 +783,7 @@ function system_generate_lighty_config($filename, if($captive_portal == true) { $captiveportal = ",\"mod_rewrite\""; $captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?redirurl=$1\" )\n"; - $captive_portal_module = "\"mod_accesslog\", "; + $captive_portal_module = ""; $maxprocperip = $config['captiveportal']['maxprocperip']; if(!$maxprocperip and $maxprocperip > 0) $captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}"; @@ -1054,7 +1072,7 @@ EOD; fwrite($fd, "\n"); fwrite($fd, $key); fclose($fd); - if($ca <> "") { + if(!(empty($ca) || (strlen(trim($ca)) == 0))) { $fd = fopen("{$g['varetc_path']}/{$ca_location}", "w"); if (!$fd) { printf(gettext("Error: cannot open ca.pem in system_webgui_start().%s"), "\n"); @@ -1068,7 +1086,7 @@ EOD; $lighty_config .= "## " . gettext("ssl configuration") . "\n"; $lighty_config .= "ssl.engine = \"enable\"\n"; $lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n"; - if($ca <> "") + if(!(empty($ca) || (strlen(trim($ca)) == 0))) $lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n"; } diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index bca0ec7..c7c29c8 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -709,10 +709,14 @@ function upgrade_040_to_041() { $config['sysctl']['item'][19]['descr'] = "Set the ephemeral port range starting port"; $config['sysctl']['item'][19]['value'] = "default"; - $config['sysctl']['item'][20]['tunable'] = "hw.syscons.kbd_reboot "; + $config['sysctl']['item'][20]['tunable'] = "hw.syscons.kbd_reboot"; $config['sysctl']['item'][20]['descr'] = "Enables ctrl+alt+delete"; $config['sysctl']['item'][20]['value'] = "default"; + $config['sysctl']['item'][21]['tunable'] = "kern.ipc.maxsockbuf"; + $config['sysctl']['item'][21]['descr'] = "Maximum socket buffer size"; + $config['sysctl']['item'][21]['value'] = "default"; + } } @@ -817,8 +821,7 @@ function upgrade_044_to_045() { $iflist = get_configured_interface_list(false, true); if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) { foreach ($config['vlans']['vlan'] as $id => $vlan) { - $vlan['vlanif'] = "{$vlan['if']}_vlan{$vlan['tag']}"; - $config['vlans']['vlan'][$id] = $vlan; + $config['vlans']['vlan'][$id]['vlanif'] = "{$vlan['if']}_vlan{$vlan['tag']}"; /* Make sure to update the interfaces section with the right name */ foreach($iflist as $ifname) { if($config['interfaces'][$ifname]['if'] == "vlan{$id}") { @@ -1083,8 +1086,8 @@ function upgrade_047_to_048() { $tempdyn['enable'] = isset($config['dyndns'][0]['enable']); $tempdyn['type'] = $config['dyndns'][0]['type']; $tempdyn['wildcard'] = isset($config['dyndns'][0]['wildcard']); - $tempdyn['usernamefld'] = $config['dyndns'][0]['username']; - $tempdyn['passwordfld'] = $config['dyndns'][0]['password']; + $tempdyn['username'] = $config['dyndns'][0]['username']; + $tempdyn['password'] = $config['dyndns'][0]['password']; $tempdyn['host'] = $config['dyndns'][0]['host']; $tempdyn['mx'] = $config['dyndns'][0]['mx']; $tempdyn['interface'] = "wan"; @@ -2282,4 +2285,17 @@ function upgrade_074_to_075() { rename_field($config['crl'], 'name', 'descr'); } +function upgrade_075_to_076() { + global $config; + $cron_item = array(); + $cron_item['minute'] = "30"; + $cron_item['hour'] = "12"; + $cron_item['mday'] = "*"; + $cron_item['month'] = "*"; + $cron_item['wday'] = "*"; + $cron_item['who'] = "root"; + $cron_item['command'] = "/usr/bin/nice -n20 /etc/rc.update_urltables"; + $config['cron']['item'][] = $cron_item; +} + ?> diff --git a/etc/inc/util.inc b/etc/inc/util.inc index a39670b..507e32c 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -1237,6 +1237,19 @@ function start_devd() { sleep(1); } +function is_interface_vlan_mismatch() { + global $config, $g; + + if (is_array($config['vlans']['vlan'])) { + foreach ($config['vlans']['vlan'] as $vlan) { + if (does_interface_exist($vlan['if']) == false) + return true; + } + } + + return false; +} + function is_interface_mismatch() { global $config, $g; diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index 1aaf91e..74d83d9 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -1,6 +1,8 @@ <?php /* - Copyright (C) 2007 Marcel Wiget <mwiget@mac.com>. + Copyright (C) 2010 Ermal Luci <ermal.luci@gmail.com> + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + Copyright (C) 2007 Marcel Wiget <mwiget@mac.com> All rights reserved. Redistribution and use in source and binary forms, with or without @@ -32,6 +34,8 @@ */ /* include all configuration functions */ +if(!function_exists('captiveportal_syslog')) + require_once("captiveportal.inc"); function xmlrpc_sync_used_voucher($voucher_received, $syncip, $port, $password, $username) { global $g, $config; @@ -63,14 +67,12 @@ EOF; $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if(!is_object($resp)) { $error = "A communications error occurred while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("CaptivePortalVoucherSync", $error, "Communications error occurred", ""); return array("timeleft" => "0"); } elseif($resp->faultCode()) { - $cli->setDebug(1); - $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting CaptivePortalVoucherSync XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("CaptivePortalVoucherSync", $error, "Error code received", ""); @@ -84,25 +86,24 @@ EOF; write_config("Captive Portal Voucher database synchronized with {$url}"); voucher_configure(); } - return $toreturn['timeleft']; + + return $toreturn['timeleft']; } /* - *Authenticate a voucher and return the remaining time credit in minutes + * Authenticate a voucher and return the remaining time credit in minutes * if $test is set, don't mark the voucher as used nor add it to the list * of active vouchers + * If $test is set, simply test the voucher. Don't change anything + * but return a more verbose error and result message back */ function voucher_auth($voucher_received, $test = 0) { - global $g, $config; - // if $test is set, simply test the voucher. Don't change anything - // but return a more verbose error and result message back - $voucherlck = lock('voucher'); // XMLRPC Call over to the master Voucher node - $a_voucher = &$config['voucher']; + $a_voucher = &$config['voucher']; if($a_voucher['vouchersyncdbip']) { $syncip = $a_voucher['vouchersyncdbip']; $syncport = $a_voucher['vouchersyncport']; @@ -111,12 +112,16 @@ function voucher_auth($voucher_received, $test = 0) { $remote_time_used = xmlrpc_sync_used_voucher($voucher_received, $syncip, $syncport, $syncpass, $vouchersyncusername); } - // read rolls into assoc array with rollid as key and minutes as value - $a_roll = &$config['voucher']['roll']; - foreach ($a_roll as $rollent) { - $tickets_per_roll[$rollent['number']] = $rollent['count']; - $minutes_per_roll[$rollent['number']] = $rollent['minutes']; - } + // read rolls into assoc array with rollid as key and minutes as value + $tickets_per_roll = array(); + $minutes_per_roll = array(); + if (is_array($config['voucher']['roll'])) { + $a_roll = &$config['voucher']['roll']; + foreach ($a_roll as $rollent) { + $tickets_per_roll[$rollent['number']] = $rollent['count']; + $minutes_per_roll[$rollent['number']] = $rollent['minutes']; + } + } // split into an array. Useful for multiple vouchers given $a_vouchers_received = split("[\t\n\r ]+",$voucher_received); @@ -138,9 +143,9 @@ function voucher_auth($voucher_received, $test = 0) { $result = exec("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher.cfg -k {$g['varetc_path']}/voucher.public -- $v"); list($status, $roll, $nr) = explode(" ", $result); if ($status == "OK") { - if (!$first_voucher) - { - $first_voucher = $voucher; // store first voucher. Thats the one we give the timecredit + if (!$first_voucher) { + // store first voucher. Thats the one we give the timecredit + $first_voucher = $voucher; $first_voucher_roll = $roll; } // check if we have this ticket on a registered roll for this ticket @@ -165,6 +170,7 @@ function voucher_auth($voucher_received, $test = 0) { $mask = 1 << ($nr % 8); if (ord($bitstring[$roll][$pos]) & $mask) { $test_result[] = sprintf(gettext('%1$s (%2$s/%3$s) already used and expired'), $voucher, $roll, $nr); + captiveportal_syslog(sprintf(gettext('%1$s (%2$s/%3$s) already used and expired'), $voucher, $roll, $nr)); $total_minutes = -1; // voucher expired $error++; } else { @@ -176,10 +182,12 @@ function voucher_auth($voucher_received, $test = 0) { } } else { $test_result[] = sprintf(gettext('%1$s (%2$s/%3$s): not found on any registererd Roll'), $voucher, $roll, $nr); + captiveportal_syslog("$voucher ($roll/$nr): not found on any registererd Roll"); } } else { // hmm, thats weird ... not what I expected $test_result[] = "$voucher " . gettext("invalid:") . " $result !!"; + captiveportal_syslog("$voucher " . gettext("invalid:") . " $result !!"); $error++; } } @@ -240,9 +248,6 @@ function voucher_auth($voucher_received, $test = 0) { $active_vouchers[$first_voucher_roll][$first_voucher] = "$timestamp,$minutes"; voucher_write_active_db($roll, $active_vouchers[$first_voucher_roll]); - // mark the DB's as dirty. - mark_subsystem_dirty('voucher'); - unlock($voucherlck); return $total_minutes; @@ -250,15 +255,15 @@ function voucher_auth($voucher_received, $test = 0) { function voucher_configure() { global $config, $g; - - /* kill any running minicron */ - killbypid("{$g['varrun_path']}/vouchercron.pid"); - if (isset($config['voucher']['enable'])) { + /* kill any running minicron */ + killbypid("{$g['varrun_path']}/vouchercron.pid"); + + if (!isset($config['voucher']['enable'])) + return 0; - if ($g['booting']) { + if ($g['booting']) echo gettext("Enabling voucher support... "); - } // start cron if we're asked to save runtime DB periodically // to XML config if it changed @@ -269,18 +274,19 @@ function voucher_configure() { "/etc/rc.savevoucher"); } - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); + /* write public key used to verify vouchers */ $pubkey = base64_decode($config['voucher']['publickey']); $fd = fopen("{$g['varetc_path']}/voucher.public", "w"); if (!$fd) { - printf(gettext("Error: cannot write voucher.public") . "\n"); - unlock($voucherlck); + captiveportal_syslog(gettext("Voucher error: cannot write voucher.public") . "\n"); + unlock($voucherlck); return 1; } - chmod("{$g['varetc_path']}/voucher.public", 0600); fwrite($fd, $pubkey); fclose($fd); + @chmod("{$g['varetc_path']}/voucher.public", 0600); /* write config file used by voucher binary to decode vouchers */ $fd = fopen("{$g['varetc_path']}/voucher.cfg", "w"); @@ -289,16 +295,16 @@ function voucher_configure() { unlock($voucherlck); return 1; } - chmod("{$g['varetc_path']}/voucher.cfg", 0600); fwrite($fd, "{$config['voucher']['rollbits']},{$config['voucher']['ticketbits']},{$config['voucher']['checksumbits']},{$config['voucher']['magic']},{$config['voucher']['charset']}\n"); fclose($fd); - unlock($voucherlck); + @chmod("{$g['varetc_path']}/voucher.cfg", 0600); + unlock($voucherlck); - if ($g['booting']) { + if ($g['booting'] && is_array($config['voucher']['roll'])) { // create active and used DB per roll on ramdisk from config $a_roll = &$config['voucher']['roll']; - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher'); foreach ($a_roll as $rollent) { @@ -320,64 +326,59 @@ function voucher_configure() { voucher_write_active_db($roll, $active_vouchers); } - unlock($voucherlck); + unlock($voucherlck); echo gettext("done") . "\n"; } - } - return 0; + + return 0; } /* write bitstring of used vouchers to ramdisk. * Bitstring must already be base64_encoded! */ function voucher_write_used_db($roll, $vdb) { - - global $g; - - $fd = fopen("{$g['vardb_path']}/voucher_used_$roll.db", "w"); - if ($fd) { - fwrite($fd, $vdb . "\n"); - fclose($fd); - } else { - voucher_log(LOG_ERR, sprintf(gettext('cant write %1$s/voucher_used_%2$s.db'), $g['vardb_path'], $roll)); - } + global $g; + + $fd = fopen("{$g['vardb_path']}/voucher_used_$roll.db", "w"); + if ($fd) { + fwrite($fd, $vdb . "\n"); + fclose($fd); + } else + voucher_log(LOG_ERR, sprintf(gettext('cant write %1$s/voucher_used_%2$s.db'), $g['vardb_path'], $roll)); } /* return assoc array of active vouchers with activation timestamp * voucher is index. */ function voucher_read_active_db($roll) { - - global $g; - - $active = array(); - $dirty = 0; - $file = "{$g['vardb_path']}/voucher_active_$roll.db"; - if (file_exists($file)) { - $fd = fopen($file, "r"); - if ($fd) { - while (!feof($fd)) { - $line = trim(fgets($fd)); - if ($line) { - list($voucher,$timestamp,$minutes) = explode(",", $line); // voucher,timestamp - if ((($timestamp + 60*$minutes) - time()) > 0) { - $active[$voucher] = "$timestamp,$minutes"; - } else { - $dirty=1; - } - } - } - fclose($fd); - if ($dirty) // if we found expired entries, lets save our snapshot - voucher_write_active_db($roll, $active); - } - } - return $active; + global $g; + + $active = array(); + $dirty = 0; + $file = "{$g['vardb_path']}/voucher_active_$roll.db"; + if (file_exists($file)) { + $fd = fopen($file, "r"); + if ($fd) { + while (!feof($fd)) { + $line = trim(fgets($fd)); + if ($line) { + list($voucher,$timestamp,$minutes) = explode(",", $line); // voucher,timestamp + if ((($timestamp + 60*$minutes) - time()) > 0) + $active[$voucher] = "$timestamp,$minutes"; + else + $dirty=1; + } + } + fclose($fd); + if ($dirty) // if we found expired entries, lets save our snapshot + voucher_write_active_db($roll, $active); + } + } + return $active; } /* store array of active vouchers back to DB */ function voucher_write_active_db($roll, $active) { - global $g; $fd = fopen("{$g['vardb_path']}/voucher_active_$roll.db", "w"); @@ -390,7 +391,6 @@ function voucher_write_active_db($roll, $active) { /* return how many vouchers are marked used on a roll */ function voucher_used_count($roll) { - global $g; $bitstring = voucher_read_used_db($roll); @@ -407,7 +407,6 @@ function voucher_used_count($roll) { } function voucher_read_used_db($roll) { - global $g; $vdb = ""; @@ -425,10 +424,9 @@ function voucher_read_used_db($roll) { } function voucher_unlink_db($roll) { - global $g; - unlink("{$g['vardb_path']}/voucher_used_$roll.db"); - unlink("{$g['vardb_path']}/voucher_active_$roll.db"); + @unlink("{$g['vardb_path']}/voucher_used_$roll.db"); + @unlink("{$g['vardb_path']}/voucher_active_$roll.db"); } /* we share the log with captiveportal for now */ @@ -445,20 +443,15 @@ function voucher_log($priority, $message) { * Called during reboot -> system_reboot_cleanup() and minicron */ function voucher_save_db_to_config() { - global $config, $g; if (!isset($config['voucher']['enable']) || $config['voucher']['saveinterval'] == 0) return; // no vouchers or don't want to save DB's - if (!is_subsystem_dirty('voucher')) - return; // nothing changed. - - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); // walk all active rolls and save runtime DB's to flash $a_roll = &$config['voucher']['roll']; -// foreach ($a_roll as $rollent) { while (list($key, $value) = each($a_roll)) { $rollent = &$a_roll[$key]; $roll = $rollent['number']; @@ -466,7 +459,7 @@ function voucher_save_db_to_config() { $rollent['used'] = base64_encode($bitmask); $active_vouchers = voucher_read_active_db($roll); $db = array(); - $dbi = 1; + $dbi = 1; foreach($active_vouchers as $voucher => $line) { list($timestamp,$minutes) = explode(",", $line); $activent['voucher'] = $voucher; @@ -477,8 +470,9 @@ function voucher_save_db_to_config() { } $rollent['active'] = $db; } - clear_subsystem_dirty('voucher'); + unlock($voucherlck); + write_config(); return; } diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index e720853..906fcdd 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -37,7 +37,7 @@ pfSense_BUILDER_BINARIES: /usr/bin/killall /usr/local/sbin/sasyncd /sbin/ifconfig /sbin/sysctl pfSense_BUILDER_BINARIES: /usr/local/sbin/setkey /usr/bin/netstat /sbin/route /bin/mkdir pfSense_BUILDER_BINARIES: /usr/local/sbin/racoonctl /usr/local/sbin/racoon - pfSense_BUILDER_BINARIES: /usr/local/sbin/dnswatch /usr/local/sbin/mpd4 + pfSense_BUILDER_BINARIES: /usr/local/sbin/filterdns /usr/local/sbin/mpd4 pfSense_MODULE: vpn */ @@ -103,7 +103,7 @@ function vpn_ipsec_configure($ipchg = false) /* kill racoon */ if(is_process_running("racoon")) mwexec("/usr/bin/killall racoon", true); - killbypid("{$g['varrun_path']}/dnswatch-ipsec.pid"); + killbypid("{$g['varrun_path']}/filterdns-ipsec.pid"); /* wait for racoon process to die */ sleep(2); @@ -133,7 +133,7 @@ function vpn_ipsec_configure($ipchg = false) /* resolve all local, peer addresses and setup pings */ $ipmap = array(); $rgmap = array(); - $dnswatch_list = array(); + $filterdns_list = array(); if (is_array($a_phase1) && count($a_phase1)) { /* step through each phase1 entry */ @@ -149,7 +149,7 @@ function vpn_ipsec_configure($ipchg = false) $ipmap[] = $ep; /* see if this tunnel has a hostname for the remote-gateway. If so, - try to resolve it now and add it to the list for dnswatch */ + try to resolve it now and add it to the list for filterdns */ if (isset ($ph1ent['mobile'])) continue; @@ -157,7 +157,7 @@ function vpn_ipsec_configure($ipchg = false) $rg = $ph1ent['remote-gateway']; if (!is_ipaddr($rg)) { - $dnswatch_list[] = "{$rg}=value"; + $filterdns_list[] = "{$rg}"; add_hostname_to_watch($rg); $rg = resolve_retry($rg); if (!$rg) @@ -636,11 +636,12 @@ EOD; $localid_type = $ph2ent['localid']['type']; $localid_data = ipsec_idinfo_to_cidr($ph2ent['localid']); - /* Do not print localid in some cases, such as a pure-psk or psk/xauth mobile tunnel */ + /* Do not print localid in some cases, such as a pure-psk or psk/xauth single phase2 mobile tunnel */ if (($localid_type == "none") || (($ph1ent['authentication_method'] == "xauth_psk_server") || ($ph1ent['authentication_method'] == "pre_shared_key")) - && isset($ph1ent['mobile'])) + && isset($ph1ent['mobile']) + && (ipsec_get_number_of_phase2($ikeid)==1)) $localid_spec = " "; else { if ($localid_type != "address") { @@ -879,7 +880,9 @@ EOD; /* mange racoon process */ if (is_process_running("racoon")) { sleep("0.1"); - mwexec("/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config", false); + /* XXX: This seems to not work in ipsec-tools 0.7.3 but a HUP signal is equivalent. */ + //mwexec("/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config", false); + sigkillbypid("{$g['varrun_path']}/racoon.pid", "HUP"); /* load SPD without flushing to be safe on config additions or changes. */ mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf", false); } else { @@ -894,19 +897,20 @@ EOD; /* load SPD */ mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf", false); - /* start dnswatch, if necessary */ - if (count($dnswatch_list) > 0) { + /* start filterdns, if necessary */ + if (count($filterdns_list) > 0) { $interval = 60; if (!empty($ipseccfg['dns-interval']) && is_numeric($ipseccfg['dns-interval'])) $interval = $ipseccfg['dns-interval']; $hostnames = ""; - array_unique($dnswatch_list); - $hostnames = implode("\n", $dnswatch_list); - file_put_contents("{$g['varetc_path']}/dnswatch-ipsec.hosts", $hostnames); + array_unique($filterdns_list); + foreach ($hostname as $filterdns_list) + $hostnames .= "cmd {$hostname} '/etc/rc.newipsecdns'\n"; + file_put_contents("{$g['varetc_path']}/filternds-ipsec.hosts", $hostnames); - killbypid("{$g['varrun_path']}/dnswatch-ipsec.pid"); - mwexec("/usr/local/sbin/dnswatch {$g['varrun_path']}/dnswatch-ipsec.pid $interval /etc/rc.newipsecdns {$g['varetc_path']}/dnswatch-ipsec.hosts"); + killbypid("{$g['varrun_path']}/filterdns-ipsec.pid"); + mwexec("/usr/local/sbin/filterdns -p {$g['varrun_path']}/filterdns-ipsec.pid -i {$interval} -c {$g['varetc_path']}/filterdns_ipsec.hosts -d 1"); } } @@ -963,6 +967,17 @@ function vpn_setup() { vpn_l2tp_configure(); } +function vpn_netgraph_support() { + $iflist = get_configured_interface_list(); + foreach ($iflist as $iface) { + $realif = get_real_interface($iface); + /* Get support for netgraph(4) from the nic */ + $ifinfo = pfSense_get_interface_addresses($realif); + if (!empty($ifinfo) && in_array($ifinfo['iftype'], array("ether", "vlan", "bridge"))) + pfSense_ngctl_attach(".", $realif); + } +} + function vpn_pptpd_configure() { global $config, $g; @@ -1153,6 +1168,8 @@ EOD; fclose($fd); chmod("{$g['varetc_path']}/pptp-vpn/mpd.secret", 0600); + vpn_netgraph_support(); + /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pptp-vpn -p {$g['varrun_path']}/pptp-vpn.pid -s pptps pptps"); @@ -1289,8 +1306,14 @@ EOD; } if (isset ($pppoecfg['radius']['server']['enable'])) { + $radiusport = ""; + $radiusacctport = ""; + if (isset($pppoecfg['radius']['server']['port'])) + $radiusport = $pppoecfg['radius']['server']['port']; + if (isset($pppoecfg['radius']['server']['acctport'])) + $radiusacctport = $pppoecfg['radius']['server']['acctport']; $mpdconf .=<<<EOD - set radius server {$pppoecfg['radius']['server']['ip']} "{$pppoecfg['radius']['server']['secret']}" + set radius server {$pppoecfg['radius']['server']['ip']} "{$pppoecfg['radius']['server']['secret']} {$radiusport} {$radiusacctport}" set radius retries 3 set radius timeout 10 set auth enable radius-auth @@ -1356,6 +1379,8 @@ EOD; chmod("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600); } + /* Get support for netgraph(4) from the nic */ + pfSense_ngctl_attach(".", $pppoe_interface); /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p {$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes"); @@ -1537,6 +1562,8 @@ EOD; fclose($fd); chmod("{$g['varetc_path']}/l2tp-vpn/mpd.secret", 0600); + vpn_netgraph_support(); + /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/l2tp-vpn -p {$g['varrun_path']}/l2tp-vpn.pid -s l2tps l2tps"); @@ -1648,7 +1675,7 @@ function reload_tunnel_spd_policy($phase1, $phase2, $old_phase1, $old_phase2) { $old_remote_subnet = ipsec_idinfo_to_cidr($old_phase2['remoteid']); /* see if this tunnel has a hostname for the remote-gateway, and if so, - * try to resolve it now and add it to the list for dnswatch */ + * try to resolve it now and add it to the list for filterdns */ if (!is_ipaddr($phase1['remote-gateway'])) { $rgip = resolve_retry($phase1['remote-gateway']); add_hostname_to_watch($phase1['remote-gateway']); diff --git a/etc/inc/vslb.inc b/etc/inc/vslb.inc index 3985337..2c3f0ca 100644 --- a/etc/inc/vslb.inc +++ b/etc/inc/vslb.inc @@ -206,7 +206,12 @@ function relayd_configure() { if(is_array($pool_a)) { for ($i = 0; isset($pool_a[$i]); $i++) { if(is_array($pool_a[$i]['servers'])) { - $srvtxt = implode(", ", $pool_a[$i]['servers']); + if (!empty($pool_a[$i]['retry'])) { + $retrytext = " retry {$pool_a[$i]['retry']}"; + $srvtxt = implode("{$retrytext}, ", $pool_a[$i]['servers']) . "{$retrytext}"; + } else { + $srvtxt = implode(", ", $pool_a[$i]['servers']); + } $conf .= "table <{$pool_a[$i]['name']}> { $srvtxt }\n"; /* Index by name for easier fetching when we loop through the virtual servers */ $pools[$pool_a[$i]['name']] = $pool_a[$i]; @@ -283,4 +288,70 @@ function relayd_configure() { } +function get_lb_redirects() { +/* +# relayctl show summary +Id Type Name Avlblty Status +1 redirect testvs2 active +5 table test2:80 active (3 hosts up) +11 host 192.168.1.2 91.55% up +10 host 192.168.1.3 100.00% up +9 host 192.168.1.4 88.73% up +3 table test:80 active (1 hosts up) +7 host 192.168.1.2 66.20% down +6 host 192.168.1.3 97.18% up +0 redirect testvs active +3 table test:80 active (1 hosts up) +7 host 192.168.1.2 66.20% down +6 host 192.168.1.3 97.18% up +4 table testvs-sitedown:80 active (1 hosts up) +8 host 192.168.1.4 84.51% up +# relayctl show redirects +Id Type Name Avlblty Status +1 redirect testvs2 active +0 redirect testvs active +# relayctl show redirects +Id Type Name Avlblty Status +1 redirect testvs2 active + total: 2 sessions + last: 2/60s 2/h 2/d sessions + average: 1/60s 0/h 0/d sessions +0 redirect testvs active +*/ + $rdr_a = array(); + exec('/usr/local/sbin/relayctl show redirects 2>&1', $rdr_a); + $vs = array(); + for ($i = 0; isset($rdr_a[$i]); $i++) { + $line = $rdr_a[$i]; + if (preg_match("/^[0-9]+/", $line)) { + $regs = array(); + if($x = preg_match("/^[0-9]+\s+redirect\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { + $vs[trim($regs[1])] = array(); + $vs[trim($regs[1])]['status'] = trim($regs[2]); + } + } + } + return $vs; +} + +function get_lb_summary() { + $relayctl = array(); + exec('/usr/local/sbin/relayctl show summary 2>&1', $relayctl); + $relay_hosts=Array(); + foreach( (array) $relayctl as $line) { + $t=split("\t", $line); + switch (trim($t[1])) { + case "table": + $curpool=trim($t[2]); + break; + case "host": + $curhost=trim($t[2]); + $relay_hosts[$curpool][$curhost]['avail']=trim($t[3]); + $relay_hosts[$curpool][$curhost]['state']=trim($t[4]); + break; + } + } + return $relay_hosts; +} + ?>
\ No newline at end of file diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc index c1ab5cd..49ebb0e 100644 --- a/etc/inc/xmlparse.inc +++ b/etc/inc/xmlparse.inc @@ -36,9 +36,9 @@ function listtags() { * I know it's a pain, but it's a pain to find stuff too if it's not */ $ret = explode(" ", - "alias aliasurl allowedip authserver bridged ca cacert cert crl clone config ". - "container columnitem build_port_path depends_on_package disk dnsserver dnsupdate ". - "domainoverrides dyndns earlyshellcmd element encryption-algorithm-option ". + "alias aliasurl allowedip allowedhostname authserver bridged ca cacert cert crl ". + "clone config container columnitem build_port_path depends_on_package disk dnsserver ". + "dnsupdate domainoverrides dyndns earlyshellcmd element encryption-algorithm-option ". "field fieldname hash-algorithm-option gateway_item gateway_group gif gre ". "group hosts member ifgroupentry igmpentry interface_array item key lagg " . "lbaction lbpool l7rules lbprotocol ". @@ -47,7 +47,7 @@ function listtags() { "option package passthrumac phase1 phase2 ppp pppoe priv proxyarpnet qinqentry queue ". "pages pipe roll route row rrddatafile rule schedule service servernat servers ". "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". - "tunnel user vip virtual_server vlan winsserver wolentry widget" + "tunnel user vip virtual_server vlan winsserver wolentry widget npt" ); return $ret; } @@ -229,7 +229,7 @@ function dump_xml_config_sub($arr, $indent) { $xmlconfig .= str_repeat("\t", $indent); if((is_bool($cval) && $cval == true) || ($cval === "")) { $xmlconfig .= "<$ent/>\n"; - } else if (substr($ent, 0, 5) == "descr") { + } else if ((substr($ent, 0, 5) == "descr") || (substr($ent, 0, 6) == "detail")) { $xmlconfig .= "<$ent><![CDATA[" . htmlentities($cval) . "]]></$ent>\n"; } else { $xmlconfig .= "<$ent>" . htmlentities($cval) . "</$ent>\n"; @@ -253,7 +253,7 @@ function dump_xml_config_sub($arr, $indent) { $xmlconfig .= "<$ent/>\n"; } else if (!is_bool($val)) { $xmlconfig .= str_repeat("\t", $indent); - if (substr($ent, 0, 5) == "descr") + if ((substr($ent, 0, 5) == "descr") || (substr($ent, 0, 6) == "detail")) $xmlconfig .= "<$ent><![CDATA[" . htmlentities($val) . "]]></$ent>\n"; else $xmlconfig .= "<$ent>" . htmlentities($val) . "</$ent>\n"; diff --git a/etc/inc/xmlreader.inc b/etc/inc/xmlreader.inc index 173a59f..1caa6ea 100644 --- a/etc/inc/xmlreader.inc +++ b/etc/inc/xmlreader.inc @@ -51,7 +51,7 @@ function listtags() { "option package passthrumac phase1 phase2 ppp pppoe priv proxyarpnet qinqentry queue ". "pages pipe roll route row rrddatafile rule schedule service servernat servers ". "serversdisabled earlyshellcmd shellcmd staticmap subqueue timerange ". - "tunnel user vip virtual_server vlan winsserver wolentry widget" + "tunnel user vip virtual_server vlan winsserver wolentry widget npt" ); return array_flip($ret); } diff --git a/etc/inc/xmlrpc.inc b/etc/inc/xmlrpc.inc index ef4fc19..ae725e5 100644 --- a/etc/inc/xmlrpc.inc +++ b/etc/inc/xmlrpc.inc @@ -139,4 +139,4 @@ function xmlrpc_auth(&$params) { return false; } -?> +?>
\ No newline at end of file diff --git a/etc/inc/xmlrpc_client.inc b/etc/inc/xmlrpc_client.inc index 5a9f559..80bf7c8 100644 --- a/etc/inc/xmlrpc_client.inc +++ b/etc/inc/xmlrpc_client.inc @@ -228,7 +228,7 @@ if (function_exists('mb_ereg')) { * which can cause PHP's SAX-based XML parser to break? * @global boolean $GLOBALS['XML_RPC_auto_base64'] */ -$GLOBALS['XML_RPC_auto_base64'] = false; +$GLOBALS['XML_RPC_auto_base64'] = true; /** diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 9fa7079..4b865c5 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -313,6 +313,8 @@ function post_cvssync_commands() { fwrite($fd, "sleep 5\n"); fwrite($fd, "killall php\n"); fwrite($fd, "/usr/local/sbin/pfSctl -c 'service restart webgui'\n"); + if(file_exists("/var/etc/lighty-CaptivePortal.conf")) + fwrite($fd, "/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf\n"); fclose($fd); mwexec_bg("sh /tmp/restart_lighty"); echo "\n"; @@ -25,6 +25,12 @@ PLATFORM=`/bin/cat /etc/platform` # Set our current version version=`/bin/cat /etc/version` +# Setup dumpdev/ddb/savecore" +echo "Configuring crash dumps..." +if [ "$PLATFORM" = "pfSense" ]; then + /etc/rc.dumpon +fi + # Mount memory file system if it exists echo "Mounting filesystems..." @@ -110,11 +116,13 @@ elif [ "$PLATFORM" = "nanobsd" ] ; then /bin/rm -rf /var/db/pkg /bin/ln -s /root/var/db/pkg/ /var/db/pkg else - SWAPDEVICE=`/bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/cut -f1` - /sbin/swapon -a 2>/dev/null >/dev/null + SWAPDEVICE=`/bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/cut -f1` + /sbin/swapon -a 2>/dev/null >/dev/null + /etc/rc.savecore fi if [ "$PLATFORM" = "cdrom" ] ; then + echo -n "Mounting unionfs directories..." /bin/mkdir /tmp/unionfs /bin/mkdir /tmp/unionfs/usr /bin/mkdir /tmp/unionfs/root @@ -122,21 +130,13 @@ if [ "$PLATFORM" = "cdrom" ] ; then /bin/mkdir /tmp/unionfs/bin /bin/mkdir /tmp/unionfs/boot /bin/mkdir /tmp/unionfs/confdefault - echo -n "Mounting unionfs directories:" - echo -n " usr" /sbin/mount_unionfs /tmp/unionfs/usr /usr/ - echo -n " root" /sbin/mount_unionfs /tmp/unionfs/root /root/ - echo -n " bin" /sbin/mount_unionfs /tmp/unionfs/bin /bin/ - echo -n " sbin" /sbin/mount_unionfs /tmp/unionfs/sbin /sbin/ - echo -n " boot" /sbin/mount_unionfs /tmp/unionfs/boot /boot/ - echo -n " conf.default" /sbin/mount_unionfs /tmp/unionfs/confdefault /conf.default/ - echo -n " installer" - echo "... done." + echo "done." fi echo -n "Creating symlinks..." diff --git a/etc/rc.banner b/etc/rc.banner index 9b32334..6f81cb9 100755 --- a/etc/rc.banner +++ b/etc/rc.banner @@ -45,7 +45,7 @@ if(!$hideplatform) $platformbanner = "-{$platform}"; - print "\n*** Welcome to {$product} {$version}{$platformbanner} ({$machine}) on {$hostname} ***\n"; + print "*** Welcome to {$product} {$version}{$platformbanner} ({$machine}) on {$hostname} ***\n"; $iflist = get_configured_interface_with_descr(false, true); foreach($iflist as $ifname => $friendly) { diff --git a/etc/rc.bootup b/etc/rc.bootup index fe1faa3..3451c88 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -255,8 +255,7 @@ setup_gateways_monitor(); echo "done.\n"; echo "Synchronizing user settings..."; -if (empty($config['system']['webgui']['backend'])) - local_sync_accounts(); +local_sync_accounts(); echo "done.\n"; if($avail > 0 and $avail < 65) { @@ -381,6 +380,18 @@ activate_powerd(); if (file_exists("/sbin/shutdown.old")) @unlink("/sbin/shutdown.old"); +/* Resync / Reinstall packages if need be */ +if(file_exists('/conf/needs_package_sync')) { + if($config['installedpackages'] <> '' && is_array($config['installedpackages']['package'])) { + require_once("pkg-utils.inc"); + if($g['platform'] == "pfSense" || $g['platform'] == "nanobsd") { + mark_subsystem_dirty('packagelock'); + pkg_reinstall_all(); + clear_subsystem_dirty('packagelock'); + } + } +} + /* done */ unset($g['booting']); diff --git a/etc/rc.dumpon b/etc/rc.dumpon new file mode 100755 index 0000000..fad1a82 --- /dev/null +++ b/etc/rc.dumpon @@ -0,0 +1,35 @@ +#!/bin/sh +# Based on: +# FreeBSD: src/etc/rc.d/dumpon,v 1.12.2.1.4.1 2010/06/14 02:09:06 kensmith Exp + +# dumpon + +dumpon_try() +{ + if /sbin/dumpon "${1}" ; then + # Make a symlink in devfs for savecore + echo "Using ${1} for dump device." + ln -fs "${1}" /dev/dumpdev + return 0 + fi + echo "Unable to specify $1 as a dump device." + return 1 +} + +# Enable dumpdev so that savecore can see it. Enable it +# early so a crash early in the boot process can be caught. +# +while read dev mp type more ; do + [ "${type}" = "swap" ] || continue + [ -c "${dev}" ] || continue + dumpon_try "${dev}" && works=true +done </etc/fstab +if [ "${works}" != "true" ]; then + echo "No suitable dump device was found." 1>&2 + exit +fi + +# ddb +if [ ! -z "`sysctl -Nq debug.ddb.scripting.scripts`" ]; then + /sbin/ddb /etc/ddb.conf +fi diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index 0a8316b..9e310f1 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -94,46 +94,45 @@ function carp_check_version($url, $password, $port = 80, $method = 'pfsense.host if(file_exists("{$g['varrun_path']}/booting") || $g['booting']) return; - $params = array( - XML_RPC_encode($password) - ); - - $numberofruns = 0; - while ($numberofruns < 2) { - $msg = new XML_RPC_Message($method, $params); - $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $username = $config['system']['user'][0]['name']; - $cli->setCredentials($username, $password); - if($numberofruns > 1) - $cli->setDebug(1); - /* send our XMLRPC message and timeout after 240 seconds */ - $resp = $cli->send($msg, "240"); + $params = array( + XML_RPC_encode($password) + ); + + $numberofruns = 0; + while ($numberofruns < 2) { + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $username = $config['system']['user'][0]['name']; + $cli->setCredentials($username, $password); + if($numberofruns > 1) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 240 seconds */ + $resp = $cli->send($msg, "240"); if(!is_object($resp)) { - $error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}."; - } elseif($resp->faultCode()) { - $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - } else { - $parsed_response = XML_RPC_decode($resp->value()); - if(!is_array($parsed_response)) { - if (trim($parsed_response) == "Authentication failed") { - $error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method})."; - log_error($error); - file_notice("sync_settings", $error, "Settings Sync", ""); - exit; + $error = "A communications error occured while attempting XMLRPC sync with username {$username} {$url}:{$port}."; + } elseif($resp->faultCode()) { + $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + } else { + $parsed_response = XML_RPC_decode($resp->value()); + if(!is_array($parsed_response)) { + if (trim($parsed_response) == "Authentication failed") { + $error = "A authentication failure occurred while trying to access {$url}:{$port} ({$method})."; + log_error($error); + file_notice("sync_settings", $error, "Settings Sync", ""); + exit; + } + } else { + if (!isset($parsed_response['config_version']) || + $parsed_response['config_version'] < $config['version']) + return false; + else + return true; } - } else { - if (!isset($parsed_response['config_version']) || - $parsed_response['config_version'] < $config['version']) - return false; - else - return true; } + log_error($error); + file_notice("sync_settings", $error, "Settings Sync", ""); + $numberofruns++; } - log_error($error); - file_notice("sync_settings", $error, "Settings Sync", ""); - $numberofruns++; - } - return false; } @@ -382,8 +381,8 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) { $sections[] = 'vouchers'; if (count($sections) > 0) { if (!carp_check_version($synchronizetoip, $carp['password'], $port)) { - update_filter_reload_status("The other member is on older version of {$g['product']}. Sync will not be done to prevent problems!"); - log_error("The other member is on older version of {$g['product']}. Sync will not be done to prevent problems!"); + update_filter_reload_status("The other member is on older configuration version of {$g['product_name']}. Sync will not be done to prevent problems!"); + log_error("The other member is on older configuration version of {$g['product_name']}. Sync will not be done to prevent problems!"); break; } @@ -418,4 +417,4 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) { } } -?> +?>
\ No newline at end of file diff --git a/etc/rc.firmware b/etc/rc.firmware index b10737e..063e9a3 100755 --- a/etc/rc.firmware +++ b/etc/rc.firmware @@ -491,7 +491,6 @@ pfSenseupgrade) if [ -f /tmp/no_upgrade_reboot_required ]; then rm /tmp/no_upgrade_reboot_required else - rm -f /var/run/config.lock sh /etc/rc.reboot fi diff --git a/etc/rc.halt b/etc/rc.halt index 4f3d1ef..fd6318b 100755 --- a/etc/rc.halt +++ b/etc/rc.halt @@ -2,8 +2,8 @@ # $Id$ -if [ -f /var/run/config.lock ]; then - echo "Cannot reboot at this moment, a config write operation is in progress." +if ! /usr/bin/lockf -s -t 30 /tmp/config.lock /usr/bin/true; then + echo "Cannot halt at this moment, a config write operation is in progress and 30 seconds have passed." exit -1 fi diff --git a/etc/rc.initial b/etc/rc.initial index 4d88bda..3d600f1 100755 --- a/etc/rc.initial +++ b/etc/rc.initial @@ -73,8 +73,12 @@ echo " 4) Reset to factory defaults 12) ${product} Developer Shell" echo " 5) Reboot system 13) Upgrade from console" echo " 6) Halt system ${sshd_option}" echo " 7) Ping host ${option98}" -/bin/echo "${option99}" +if [ "${option99}" != "" ]; then + /bin/echo "${option99}" +fi + +echo read -p "Enter an option: " opmode echo diff --git a/etc/rc.initial.setlanip b/etc/rc.initial.setlanip index 1aacfb1..c1f6ddc 100755 --- a/etc/rc.initial.setlanip +++ b/etc/rc.initial.setlanip @@ -139,6 +139,7 @@ $config['interfaces'][$interface]['ipaddr'] = $intip; $config['interfaces'][$interface]['subnet'] = $intbits; + $config['interfaces'][$interface]['enable'] = true; if($g['services_dhcp_server_enable']) $yn = prompt_for_enable_dhcp_server(); @@ -257,4 +258,4 @@ fgets($fp); fclose($fp); -?>
\ No newline at end of file +?> diff --git a/etc/rc.linkup b/etc/rc.linkup index 997228f..2e8bbcd 100755 --- a/etc/rc.linkup +++ b/etc/rc.linkup @@ -43,6 +43,7 @@ function handle_argument_group($iface, $argument2) { if (is_ipaddr($ipaddr) || empty($ipaddr)) { log_error("Hotplug event detected for {$iface} but ignoring since interface is configured with static IP ({$ipaddr})"); $iface = get_real_interface($iface); + interfaces_bring_up($iface); exec("/usr/sbin/arp -d -i {$iface} -a"); } else { switch ($argument2) { diff --git a/etc/rc.newipsecdns b/etc/rc.newipsecdns index 4bb247c..3061f16 100755 --- a/etc/rc.newipsecdns +++ b/etc/rc.newipsecdns @@ -36,6 +36,7 @@ require_once("shaper.inc"); require_once("ipsec.inc"); require_once("vpn.inc"); + require_once("util.inc"); /* make sure to wait until the boot scripts have finished */ while (file_exists("{$g['varrun_path']}/booting")) { @@ -44,7 +45,7 @@ log_error("IPSEC: One or more IPSEC tunnel endpoints has changed IP. Refreshing."); /* We will walk the list of hostnames found in the ipsec tunnel - * configuration. Since we are already triggered by dnswatch + * configuration. Since we are already triggered by filterdns * that a hostname has changed we can proceed to compare the * new IP address with the old address from the DNS cache. */ diff --git a/etc/rc.newwanip b/etc/rc.newwanip index 4735994..b85d102 100755 --- a/etc/rc.newwanip +++ b/etc/rc.newwanip @@ -84,7 +84,6 @@ system_resolvconf_generate(true); /* write current WAN IP to file */ file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip); -file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip); /* reconfigure static routes (kernel may have deleted them) */ system_routing_configure($interface); @@ -95,8 +94,19 @@ setup_gateways_monitor(); /* signal filter reload */ filter_configure(); -if (is_ipaddr($oldip) && $curwanip == $oldip) +if (is_ipaddr($oldip) && $curwanip == $oldip) { + // Still need to sync VPNs on PPPoE and such, as even with the same IP the VPN software is unhappy with the IP disappearing. + if (in_array($config['interfaces'][$interface]['ipaddr'], array('pppoe', 'pptp', 'ppp'))) { + /* reconfigure IPsec tunnels */ + vpn_ipsec_force_reload(); + + /* start OpenVPN server & clients */ + openvpn_resync_all($interface); + } exit; +} + +file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip); /* perform RFC 2136 DNS update */ services_dnsupdate_process($interface); @@ -108,7 +118,8 @@ services_dyndns_configure($interface); vpn_ipsec_force_reload(); /* start OpenVPN server & clients */ -openvpn_resync_all($interface); +if (substr($interface_real, 0, 4) != "ovpn") + openvpn_resync_all($interface); /* reload graphing functions */ enable_rrd_graphing(); diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 6fc7589..67aceaf 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -44,28 +44,28 @@ fi # Calculate APC SHM size according # to detected memory values if [ "$AVAILMEM" -lt "65" ]; then - APCSHMEMSIZE="1" + APCSHMEMSIZE="1M" fi if [ "$AVAILMEM" -lt "96" ]; then - APCSHMEMSIZE="5" + APCSHMEMSIZE="5M" fi if [ "$AVAILMEM" -lt "128" ]; then - APCSHMEMSIZE="10" + APCSHMEMSIZE="10M" fi if [ "$AVAILMEM" -gt "128" ]; then - APCSHMEMSIZE="15" + APCSHMEMSIZE="15M" fi if [ "$AVAILMEM" -gt "256" ]; then - APCSHMEMSIZE="20" + APCSHMEMSIZE="20M" fi if [ "$AVAILMEM" -gt "384" ]; then - APCSHMEMSIZE="25" + APCSHMEMSIZE="25M" fi if [ "$AVAILMEM" -gt "512" ]; then - APCSHMEMSIZE="30" + APCSHMEMSIZE="30M" fi if [ "$AVAILMEM" -gt "784" ]; then - APCSHMEMSIZE="35" + APCSHMEMSIZE="35M" fi # Set upload directory diff --git a/etc/rc.reboot b/etc/rc.reboot index 851f1a8..4bb28a1 100755 --- a/etc/rc.reboot +++ b/etc/rc.reboot @@ -2,9 +2,9 @@ # $Id$ -if [ -f /var/run/config.lock ]; then - echo "Cannot reboot at this moment, a config write operation is in progress." - exit -1 +if ! /usr/bin/lockf -s -t 30 /tmp/config.lock /usr/bin/true; then + echo "Cannot reboot at this moment, a config write operation is in progress, and 30 seconds have passed." + exit 1 fi sleep 1 diff --git a/etc/rc.savecore b/etc/rc.savecore new file mode 100755 index 0000000..8685330 --- /dev/null +++ b/etc/rc.savecore @@ -0,0 +1,22 @@ +#!/bin/sh +# Based on: +# FreeBSD: src/etc/rc.d/savecore,v 1.16.2.2.4.1 2010/06/14 02:09:06 kensmith Exp + +dumpdev=`/bin/realpath /dev/dumpdev` +dumpdir='/var/crash' + +if [ ! -c "${dumpdev}" ]; then + echo "Dump device does not exist. Savecore not run." + exit +fi + +if [ ! -d "${dumpdir}" ]; then + echo "Dump directory does not exist. Savecore not run." + exit +fi + +if savecore -C "${dumpdir}" "${dumpdev}" >/dev/null; then + savecore ${dumpdir} ${dumpdev} +else + echo 'No core dumps found.' +fi diff --git a/etc/rc.shutdown b/etc/rc.shutdown index 257a577..9d46ad2 100755 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -1,7 +1,7 @@ #!/bin/sh -if [ -f /var/run/config.lock ]; then - echo "Cannot reboot at this moment, a config write operation is in progress." +if ! /usr/bin/lockf -s -t 30 /tmp/config.lock /usr/bin/true; then + echo "Cannot shutdown at this moment, a config write operation is in progress and 30 seconds have passed." exit -1 fi diff --git a/etc/version b/etc/version index 7c92322..813dcee 100644 --- a/etc/version +++ b/etc/version @@ -1 +1 @@ -2.0-BETA4 +2.0-BETA5 diff --git a/tmp/post_upgrade_command b/tmp/post_upgrade_command index a2fb94e..ed49d0a 100755 --- a/tmp/post_upgrade_command +++ b/tmp/post_upgrade_command @@ -1,6 +1,5 @@ #!/bin/sh -touch /var/run/config.lock /etc/rc.conf_mount_rw KERNELTYPE=`cat /boot/kernel/pfsense_kernel.txt` diff --git a/usr/local/bin/captiveportal_gather_stats.php b/usr/local/bin/captiveportal_gather_stats.php new file mode 100644 index 0000000..5fe1c6b --- /dev/null +++ b/usr/local/bin/captiveportal_gather_stats.php @@ -0,0 +1,106 @@ +#!/usr/local/bin/php -q +<?php +/* $Id$ */ +/* + captiveportal_gather_stats.php + Copyright (C) 2011 Warren Baker + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("functions.inc"); +require_once("captiveportal.inc"); +require_once("util.inc"); + +/* read in captive portal db */ +$cpdb = captiveportal_read_db(); + +/* determine number of logged in users */ +$no_users = count($cpdb); +$concurrent_users = $no_users; + +/* set initial user count to zero */ +$current_user_count = 0; + +/* tmp file to use to store old data (per interface)*/ +$tmpfile = "{$g['tmp_path']}/captiveportal_online_users"; + +$type = $argv[1]; + +if(empty($type)) + exit; + +/* echo the rrd required syntax */ +echo "N:"; + +if ($type == "loggedin") { + + /* Find out the previous user timestamp + * so we can determine the difference between the current + * and previous user count. If the file is empty return a 0. + */ + $fd = @fopen($tmpfile, "r"); + if ($fd) { + while (!feof($fd)) { + $line = trim(fgets($fd)); + if($line) + $previous_user_timestamp = $line; + else + $previous_user_timestamp = 0; + } + } else { + $previous_user_timestamp = 0; + } + @fclose($fd); + + + foreach($cpdb as $user) { + $user_ip = $user[2]; + // Record the timestamp + $timestamp = $user[0]; + if ($timestamp > $previous_user_timestamp) + $current_user_count = $current_user_count + 1; + } + + // Write out the latest timestamp + $fd = @fopen($tmpfile, "w"); + if ($fd) { + fwrite($fd, $timestamp); + } + @fclose($fd); + + /* If $timestamp is less than or equal to previous_user_timestamp return 0, + * as we only want the 'X' number of users logged in since last RRD poll. + */ + if($timestamp <= $previous_user_timestamp) + $result = 0; + else { + $result = $current_user_count; + } +} else + $result = $no_users; + + +echo "$result"; + +?>
\ No newline at end of file diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 6cbe1c0..caaa4d2 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -106,8 +106,7 @@ if (file_exists("{$g['vardb_path']}/captiveportal_radius.db")) { } if ($_POST['logout_id']) { - disconnect_client($_POST['logout_id']); - echo <<<EOD + echo <<<EOD <HTML> <HEAD><TITLE>Disconnecting...</TITLE></HEAD> <BODY BGCOLOR="#435370"> @@ -123,7 +122,8 @@ setTimeout('window.close();',5000) ; </HTML> EOD; -exit; + disconnect_client($_POST['logout_id']); + exit; } else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip)) { /* radius functions handle everything so we exit here since we're done */ exit; @@ -216,6 +216,12 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac else $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal-error.html"); + /* substitute the PORTAL_REDIRURL variable */ + if ($config['captiveportal']['preauthurl']) { + $htmltext = str_replace("\$PORTAL_REDIRURL\$", "{$config['captiveportal']['preauthurl']}", $htmltext); + $htmltext = str_replace("#PORTAL_REDIRURL#", "{$config['captiveportal']['preauthurl']}", $htmltext); + } + /* substitute other variables */ if (isset($config['captiveportal']['httpslogin'])) { $htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal']['httpsname']}:8001/", $htmltext); @@ -268,20 +274,14 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut global $redirurl, $g, $config, $type, $passthrumac, $_POST; - /* See if a ruleno is passed, if not start locking the sessions because this means there isn't one atm */ - $captiveshouldunlock = false; - if ($ruleno == null) { - $cplock = lock('captiveportal'); - $captiveshouldunlock = true; + /* See if a ruleno is passed, if not start sessions because this means there isn't one atm */ + if ($ruleno == null) $ruleno = captiveportal_get_next_ipfw_ruleno(); - } /* if the pool is empty, return appropriate message and exit */ if (is_null($ruleno)) { portal_reply_page($redirurl, "error", "System reached maximum login capacity"); log_error("WARNING! Captive portal has reached maximum login capacity"); - if ($captiveshouldunlock == true) - unlock($cplock); exit; } @@ -367,13 +367,10 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut } } - if ($attributes['voucher'] && $remaining_time <= 0) { - unlock($cplock); + if ($attributes['voucher'] && $remaining_time <= 0) return 0; // voucher already used and no time left - } if (!isset($sessionid)) { - /* generate unique session ID */ $tod = gettimeofday(); $sessionid = substr(md5(mt_rand() . $tod['sec'] . $tod['usec'] . $clientip . $clientmac), 0, 16); @@ -405,7 +402,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry.rules.tmp"); $writecfg = true; } else { - if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) { $bw_up_pipeno = $ruleno + 20000; //$bw_up /= 1000; // Scale to Kbit/s @@ -448,7 +444,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut if (isset($config['captiveportal']['radacct_enable']) && !empty($radiusservers)) { $acct_val = RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, $clientip, $clientmac); - if ($acct_val == 1) captiveportal_logportalauth($username,$clientmac,$clientip,$type,"RADIUS ACCOUNTING FAILED"); } @@ -458,9 +453,6 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut } } - if ($captiveshouldunlock == true) - unlock($cplock); - if ($writecfg == true) write_config(); @@ -502,13 +494,11 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut /* remove a single client by session ID - by Dinesh Nair + * by Dinesh Nair */ function disconnect_client($sessionid, $logoutReason = "LOGOUT", $term_cause = 1) { - global $g, $config; - $cplock = lock('captiveportal'); /* read database */ $cpdb = captiveportal_read_db(); @@ -527,8 +517,6 @@ function disconnect_client($sessionid, $logoutReason = "LOGOUT", $term_cause = 1 /* write database */ captiveportal_write_db($cpdb); - - unlock($cplock); } /* @@ -555,8 +543,6 @@ function portal_consume_passthrough_credit($clientmac) { $updatetimeouts = isset($config['captiveportal']['freelogins_updatetimeouts']); - $cplock = lock('captiveportal'); - /* * Read database of used MACs. Lines are a comma-separated list * of the time, MAC, then the count of pass-through credits remaining. @@ -578,7 +564,6 @@ function portal_consume_passthrough_credit($clientmac) { captiveportal_write_usedmacs_db($usedmacs); } - unlock($cplock); return false; } else { $usedmac[2] -= 1; @@ -600,13 +585,13 @@ function portal_consume_passthrough_credit($clientmac) { } captiveportal_write_usedmacs_db($usedmacs); - unlock($cplock); return true; } function captiveportal_read_usedmacs_db() { global $g; + $cpumaclck = lock('captiveusedmacs'); if (file_exists("{$g['vardb_path']}/captiveportal_usedmacs.db")) { $usedmacs = file("{$g['vardb_path']}/captiveportal_usedmacs.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); if (!usedmacs) @@ -614,13 +599,16 @@ function captiveportal_read_usedmacs_db() { } else $usedmacs = array(); + unlock($cpumaclck); return $usedmacs; } function captiveportal_write_usedmacs_db($usedmacs) { global $g; - file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs.db", implode("\n", $usedmacs)); + $cpumaclck = lock('captiveusedmacs', LOCK_EX); + @file_put_contents("{$g['vardb_path']}/captiveportal_usedmacs.db", implode("\n", $usedmacs)); + unlock($cpumaclck); } ?> diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index f57757a..67bb523 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -126,7 +126,7 @@ function RADIUS_ACCOUNTING_START($ruleno, $username, $sessionid, $radiusservers, // Default attributes $racct->putAttribute(RADIUS_SERVICE_TYPE, RADIUS_LOGIN); $racct->putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET); - $racct->putAttribute(RADIUS_NAS_PORT, $nas_port); + $racct->putAttribute(RADIUS_NAS_PORT, $nas_port, 'integer'); $racct->putAttribute(RADIUS_ACCT_SESSION_ID, $sessionid); // Extra data to identify the client and nas diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index 1f7e2b5..142ab0e 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -103,7 +103,7 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli // Default attributes $rauth->putAttribute(RADIUS_SERVICE_TYPE, RADIUS_LOGIN); $rauth->putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_ETHERNET); - $rauth->putAttribute(RADIUS_NAS_PORT, $nas_port); + $rauth->putAttribute(RADIUS_NAS_PORT, $nas_port, 'integer'); // Extra data to identify the client and nas $rauth->putAttribute(RADIUS_FRAMED_IP_ADDRESS, $clientip, addr); diff --git a/usr/local/pkg/carp_settings.xml b/usr/local/pkg/carp_settings.xml index 19db7e7..075a919 100644 --- a/usr/local/pkg/carp_settings.xml +++ b/usr/local/pkg/carp_settings.xml @@ -117,7 +117,7 @@ <type>checkbox</type> </field> <field> - <fielddescr>Synchronize nat</fielddescr> + <fielddescr>Synchronize NAT</fielddescr> <fieldname>synchronizenat</fieldname> <description>When this option is enabled, this system will automatically sync the NAT rules over to the other CARP host when changes are made.</description> <type>checkbox</type> diff --git a/usr/local/pkg/routed.inc b/usr/local/pkg/routed.inc index 2d4f6d1..4d1b1d8 100644 --- a/usr/local/pkg/routed.inc +++ b/usr/local/pkg/routed.inc @@ -39,29 +39,20 @@ function setup_routed() { if (isset($config['installedpackages']['routed']['config'][0]['enable']) && $config['installedpackages']['routed']['config'][0]['enable'] == "on") { /* if user selected individual interfaces */ - $ifdescrs = get_configured_interface_with_descr(); $ifarr = explode(",", $config['installedpackages']['routed']['config'][0]['iface_array']); - if (count($ifarr) != 0) { - foreach($ifdescrs as $ifdescr => $ifname) { - if (in_array($ifname, $ifarr)) { - $gw .= setup_etc_gateways($ifdescr, 'enable'); - } else { - $gw .= setup_etc_gateways($ifdescr, 'disable'); - } + if (!empty($ifarr)) { + foreach($ifarr as $ifname) { + $gw .= setup_etc_gateways($ifname, 'enable'); } - } else { + } else /* setup for all interfaces */ $gw = setup_etc_gateways(); - } conf_mount_rw(); - $fd = fopen("/etc/gateways", "w"); - fwrite($fd, $gw); - fclose($fd); + file_put_contents("/etc/gateways", $gw); conf_mount_ro(); restart_routed(); - } else { + } else stop_routed(); - } } function setup_etc_gateways($iface="", $mode="") { @@ -70,7 +61,7 @@ function setup_etc_gateways($iface="", $mode="") { $ret = ""; if ($iface != "") { $realif=convert_friendly_interface_to_real_interface_name($iface); - if ($realif) + if (!empty($realif)) $ret = "if={$realif} "; } @@ -98,12 +89,11 @@ function setup_etc_gateways($iface="", $mode="") { } function start_routed() { - mwexec("/sbin/routed"); + mwexec_bg("/sbin/routed"); } function stop_routed() { - if(isvalidproc("routed")) - mwexec("killall routed"); + killbyname("routed"); } function restart_routed() { diff --git a/usr/local/sbin/ovpn-linkup b/usr/local/sbin/ovpn-linkup index 2d5d006..f962ac2 100755 --- a/usr/local/sbin/ovpn-linkup +++ b/usr/local/sbin/ovpn-linkup @@ -7,5 +7,5 @@ /bin/echo $4 > /tmp/$1_router /usr/bin/touch /tmp/$1up # reload filter -/usr/local/sbin/pfSctl -c 'filter reload' +/usr/local/sbin/pfSctl -c "interface newip $1" exit 0 diff --git a/usr/local/sbin/ppp-linkup b/usr/local/sbin/ppp-linkup index dd156c4..a9c0f32 100755 --- a/usr/local/sbin/ppp-linkup +++ b/usr/local/sbin/ppp-linkup @@ -18,5 +18,6 @@ fi /bin/echo $3 > /tmp/$1_ip /usr/bin/touch /tmp/$1up /usr/local/sbin/pfSctl -c 'service reload dns' +/bin/sleep 1 /usr/local/sbin/pfSctl -c "interface newip $1" exit 0 diff --git a/usr/local/www/csrf/csrf-magic.php b/usr/local/www/csrf/csrf-magic.php index 447ecc9..ccb1617 100644 --- a/usr/local/www/csrf/csrf-magic.php +++ b/usr/local/www/csrf/csrf-magic.php @@ -244,7 +244,7 @@ function csrf_get_tokens() { */
function csrf_callback($tokens) {
header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
- echo "<html><head><title>CSRF check failed</title></head><body>CSRF check failed. Please enable cookies.<br />Debug: ".$tokens."</body></html>
+ echo "<html><head><title>CSRF check failed</title></head><body>CSRF check failed. Either your session has expired, this page has been inactive too long, or you need to enable cookies.<br />Debug: ".$tokens."</body></html>
";
}
diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index 410fb0b..5892f06 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -223,7 +223,7 @@ if ($_POST) { * Backup RRD Data */ if(!$_POST['donotbackuprrd']) { - $data = str_replace("</pfsense>", "\t<rrddata>", $data); + $data = str_replace("</" . $g['xml_rootobj'] . ">", "\t<rrddata>", $data); $rrd_files_var_db_rrd = split("\n",`cd /var/db/rrd && ls *.rrd`); foreach($rrd_files_var_db_rrd as $rrd) { if($rrd) { @@ -237,7 +237,7 @@ if ($_POST) { } } $data .= "\t</rrddata>\n"; - $data .= "</pfsense>\n"; + $data .= "</" . $g['xml_rootobj'] . ">\n"; } $size = strlen($data); @@ -315,7 +315,7 @@ if ($_POST) { if(file_exists("{$g['tmp_path']}/config.cache")) unlink("{$g['tmp_path']}/config.cache"); $config = parse_config(true); - /* extract out rrd items, unset from $confgi when done */ + /* extract out rrd items, unset from $config when done */ if($config['rrddata']) { foreach($config['rrddata']['rrddatafile'] as $rrd) { $rrd_fd = fopen("{$g['vardb_path']}/rrd/{$rrd['filename']}", "w"); @@ -451,6 +451,13 @@ if ($_POST) { header("Location: interfaces_assign.php"); exit; } + if (is_interface_vlan_mismatch() == true) { + touch("/var/run/interface_mismatch_reboot_needed"); + clear_subsystem_dirty("restore"); + convert_config(); + header("Location: interfaces_assign.php"); + exit; + } } else { $input_errors[] = gettext("The configuration could not be restored."); } diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 025a7a3..5fb94cf 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -155,13 +155,13 @@ include("head.inc"); $dststr = $filterent['dstip'] . get_port_with_service($filterent['dstport'], $proto); ?> <td class="listr" nowrap> - <a href="diag_dns.php?host=<?php echo $filterent['srcip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/nervecenter/images/icons/icon_log.gif"></a> - <a href="easyrule.php?<?php echo "action=block&int={$int}&src={$filterent['srcip']}"; ?>" title="<?=gettext("Easy Rule: Add to Block List");?>" onclick="return confirm('<?=gettext("Do you really want to add this BLOCK rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.")?>')"><img border="0" src="/themes/nervecenter/images/icons/icon_block_add.gif"></a> + <a href="diag_dns.php?host=<?php echo $filterent['srcip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif"></a> + <a href="easyrule.php?<?php echo "action=block&int={$int}&src={$filterent['srcip']}"; ?>" title="<?=gettext("Easy Rule: Add to Block List");?>" onclick="return confirm('<?=gettext("Do you really want to add this BLOCK rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.")?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_block_add.gif"></a> <?php echo $srcstr;?> </td> <td class="listr" nowrap> - <a href="diag_dns.php?host=<?php echo $filterent['dstip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/nervecenter/images/icons/icon_log.gif"></a> - <a href="easyrule.php?<?php echo "action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic");?>" onclick="return confirm('<?=gettext("Do you really want to add this PASS rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.");?>')"><img border="0" src="/themes/nervecenter/images/icons/icon_pass_add.gif"></a> + <a href="diag_dns.php?host=<?php echo $filterent['dstip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif"></a> + <a href="easyrule.php?<?php echo "action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic");?>" onclick="return confirm('<?=gettext("Do you really want to add this PASS rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.");?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_pass_add.gif"></a> <?php echo $dststr;?> </td> <?php diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc index 45a14a2..8183797 100755 --- a/usr/local/www/fbegin.inc +++ b/usr/local/www/fbegin.inc @@ -425,5 +425,10 @@ function add_to_menu($url, $name) { <br /> <?php +/* if upgrade in progress, alert user */ +if(is_subsystem_dirty('packagelock')) { + $pgtitle = array(gettext("System"),gettext("Package Manager")); + print_info_box(gettext("Packages are currently being reinstalled in the background.<p>Do not make changes in the GUI until this is complete.") . "<p><img src='/themes/{$g['theme']}/images/icons/icon_fw-update.gif'>"); +} $pgtitle_output = true; ?> diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index ab90a5a..3710644 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -284,7 +284,7 @@ if ($_POST) { if (!$input_errors) { $alias['address'] = is_array($address) ? implode(" ", $address) : $address; - $alias['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $alias['descr'] = $_POST['descr']; $alias['type'] = $_POST['type']; $alias['detail'] = implode("||", $final_address_details); @@ -333,7 +333,6 @@ if ($_POST) { $a_aliases = msort($a_aliases, "name"); write_config(); - filter_configure(); header("Location: firewall_aliases.php"); exit; @@ -342,7 +341,7 @@ if ($_POST) { else { $pconfig['name'] = $_POST['name']; - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $pconfig['descr'] = $_POST['descr']; $pconfig['address'] = implode(" ", $address); $pconfig['type'] = $_POST['type']; $pconfig['detail'] = implode("||", $final_address_details); @@ -583,8 +582,8 @@ EOD; <option value="host" <?php if ($pconfig['type'] == "host") echo "selected"; ?>><?=gettext("Host(s)"); ?></option> <option value="network" <?php if ($pconfig['type'] == "network") echo "selected"; ?>><?=gettext("Network(s)"); ?></option> <option value="port" <?php if ($pconfig['type'] == "port") echo "selected"; ?>><?=gettext("Port(s)"); ?></option> - <option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected"; ?>><?=gettext("OpenVPN Users"); ?></option> - <option value="url" <?php if ($pconfig['type'] == "url") echo "selected"; ?>><?=gettext("URL");?></option> +<!-- <option value="openvpn" <?php if ($pconfig['type'] == "openvpn") echo "selected"; ?>><?=gettext("OpenVPN Users"); ?></option> --> + <option value="url" <?php if ($pconfig['type'] == "url") echo "selected"; ?>><?=gettext("URL");?></option> <option value="urltable" <?php if ($pconfig['type'] == "urltable") echo "selected"; ?>><?=gettext("URL Table"); ?></option> </select> </td> diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php index e768334..06da39d 100755 --- a/usr/local/www/firewall_nat.php +++ b/usr/local/www/firewall_nat.php @@ -191,12 +191,12 @@ echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript <td width="3%" class="list"> </td> <td width="5%" class="listhdrr"><?=gettext("If");?></td> <td width="5%" class="listhdrr"><?=gettext("Proto");?></td> - <td width="11%" class="listhdrr"><?=gettext("Src. addr");?></td> - <td width="11%" class="listhdrr"><?=gettext("Src. ports");?></td> - <td width="11%" class="listhdrr"><?=gettext("Dest. addr");?></td> - <td width="11%" class="listhdrr"><?=gettext("Dest. ports");?></td> - <td width="11%" class="listhdrr"><?=gettext("NAT IP");?></td> - <td width="11%" class="listhdrr"><?=gettext("NAT Ports");?></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("Src. addr");?></nobr></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("Src. ports");?></nobr></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("Dest. addr");?></nobr></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("Dest. ports");?></nobr></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("NAT IP");?></nobr></td> + <td width="11%" class="listhdrr"><nobr><?=gettext("NAT Ports");?></nobr></td> <td width="11%" class="listhdr"><?=gettext("Description");?></td> <td width="5%" class="list"> <table border="0" cellspacing="0" cellpadding="1"> diff --git a/usr/local/www/firewall_nat_1to1.php b/usr/local/www/firewall_nat_1to1.php index 306c811..60f1189 100755 --- a/usr/local/www/firewall_nat_1to1.php +++ b/usr/local/www/firewall_nat_1to1.php @@ -102,7 +102,7 @@ include("head.inc"); <tr> <td width="10%" class="listhdrr"><?=gettext("Interface"); ?></td> <td width="20%" class="listhdrr"><?=gettext("External IP"); ?></td> - <td width="15%" class="listhdrr"><?=gettext("Source IP"); ?></td> + <td width="15%" class="listhdrr"><?=gettext("Internal IP"); ?></td> <td width="15%" class="listhdrr"><?=gettext("Destination IP"); ?></td> <td width="30%" class="listhdr"><?=gettext("Description"); ?></td> <td width="10%" class="list"> diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index 199adef..1a3ce77 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -131,22 +131,25 @@ if ($_POST) { $_POST['dsttype'] = "single"; } - if (($_POST['external'] && !is_ipaddroralias($_POST['external']))) + /* For external, user can enter only ip's */ + if (($_POST['external'] && !is_ipaddr($_POST['external']))) $input_errors[] = gettext("A valid external subnet must be specified."); - /* if user enters an alias and selects "network" then disallow. */ - if( ($_POST['srctype'] == "network" && is_alias($_POST['src']) ) - || ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) ) ) + /* For dst, if user enters an alias and selects "network" then disallow. */ + if ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) ) $input_errors[] = gettext("You must specify single host or alias for alias entries."); + /* For src, user can enter only ip's or networks */ if (!is_specialnet($_POST['srctype'])) { - if (($_POST['src'] && !is_ipaddroralias($_POST['src']))) { - $input_errors[] = sprintf(gettext("%s is not a valid source IP address or alias."), $_POST['src']); + if (($_POST['src'] && !is_ipaddr($_POST['src']))) { + $input_errors[] = sprintf(gettext("%s is not a valid internal IP address."), $_POST['src']); } if (($_POST['srcmask'] && !is_numericint($_POST['srcmask']))) { - $input_errors[] = gettext("A valid source bit count must be specified."); + $input_errors[] = gettext("A valid internal bit count must be specified."); } } + + /* For dst, user can enter ip's, networks or aliases */ if (!is_specialnet($_POST['dsttype'])) { if (($_POST['dst'] && !is_ipaddroralias($_POST['dst']))) { $input_errors[] = sprintf(gettext("%s is not a valid destination IP address or alias."), $_POST['dst']); @@ -307,14 +310,14 @@ function typesel_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet IP"); ?></td> <td width="78%" class="vtable"> - <input name="external" type="text" class="formfldalias" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>"> + <input name="external" type="text" class="formfld" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>"> <br/> - <span class="vexpl"><?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping. The subnet mask from the source address below will be applied to this IP address."); ?><br> + <span class="vexpl"><?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping. The subnet mask from the internal address below will be applied to this IP address."); ?><br> <?=gettext("Hint: this is generally an address owned by the router itself on the selected interface."); ?></span> </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Source"); ?></td> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Internal IP"); ?></td> <td width="78%" class="vtable"> <input name="srcnot" type="checkbox" id="srcnot" value="yes" <?php if ($pconfig['srcnot']) echo "checked"; ?>> <strong><?=gettext("not"); ?></strong> @@ -330,7 +333,7 @@ function typesel_change() { <?php $sel = is_specialnet($pconfig['src']); ?> <option value="any" <?php if ($pconfig['src'] == "any") { echo "selected"; } ?>><?=gettext("any"); ?></option> - <option value="single" <?php if (($pconfig['srcmask'] == 32) && !$sel) { echo "selected"; $sel = 1; } ?>><?=gettext("Single host"); ?></option> + <option value="single" <?php if ((($pconfig['srcmask'] == 32) || !isset($pconfig['srcmask'])) && !$sel) { echo "selected"; $sel = 1; } ?>><?=gettext("Single host"); ?></option> <option value="network" <?php if (!$sel) echo "selected"; ?>><?=gettext("Network"); ?></option> <?php if(have_ruleint_access("pptp")): ?> <option value="pptp" <?php if ($pconfig['src'] == "pptp") { echo "selected"; } ?>><?=gettext("PPTP clients"); ?></option> @@ -355,7 +358,7 @@ function typesel_change() { <tr> <td><?=gettext("Address:"); ?> </td> <td> - <input name="src" type="text" class="formfldalias" id="src" size="20" value="<?php if (!is_specialnet($pconfig['src'])) echo htmlspecialchars($pconfig['src']);?>"> / + <input name="src" type="text" class="formfld" id="src" size="20" value="<?php if (!is_specialnet($pconfig['src'])) echo htmlspecialchars($pconfig['src']);?>"> / <select name="srcmask" class="formselect" id="srcmask"> <?php for ($i = 31; $i > 0; $i--): ?> <option value="<?=$i;?>" <?php if ($i == $pconfig['srcmask']) echo "selected"; ?>><?=$i;?></option> @@ -410,7 +413,7 @@ function typesel_change() { <tr> <td><?=gettext("Address:"); ?> </td> <td> - <input name="dst" type="text" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> + <input name="dst" type="text" class="formfld" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>"> / <select name="dstmask" class="formselect" id="dstmask"> <?php @@ -481,9 +484,7 @@ if($config['aliases']['alias'] <> "") <!-- var addressarray=new Array(<?php echo $aliasesaddr; ?>); - var oTextbox1 = new AutoSuggestControl(document.getElementById("external"), new StateSuggestions(addressarray)); - var oTextbox2 = new AutoSuggestControl(document.getElementById("src"), new StateSuggestions(addressarray)); - var oTextbox3 = new AutoSuggestControl(document.getElementById("dst"), new StateSuggestions(addressarray)); + var oTextbox1 = new AutoSuggestControl(document.getElementById("dst"), new StateSuggestions(addressarray)); //--> </script> <?php include("fend.inc"); ?> diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index d216a98..125a34f 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -646,6 +646,8 @@ include("fbegin.inc"); ?> <?php if (is_array($config['virtualip']['vip'])): foreach ($config['virtualip']['vip'] as $sn): + if (isset($sn['noexpand'])) + continue; if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index bf72f2c..85c4550 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -363,6 +363,7 @@ include("head.inc"); </td> <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';"> <?php + echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ; if (!$natent['sourceport']) echo "*"; else @@ -382,6 +383,7 @@ include("head.inc"); </td> <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';"> <?php + echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ; if (!$natent['dstport']) echo "*"; else @@ -392,6 +394,8 @@ include("head.inc"); <?php if (!$natent['target']) echo "*"; + elseif ($natent['target'] == "other-subnet") + echo $natent['targetip'] . '/' . $natent['targetip_subnet']; else echo $natent['target']; ?> diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 2910c08..f03bded 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -54,6 +54,10 @@ if (!is_array($config['nat']['advancedoutbound']['rule'])) { $a_out = &$config['nat']['advancedoutbound']['rule']; +if (!is_array($config['aliases']['alias'])) + $config['aliases']['alias'] = array(); +$a_aliases = &$config['aliases']['alias']; + $id = $_GET['id']; if (isset($_POST['id'])) { $id = $_POST['id']; @@ -75,6 +79,9 @@ if (isset($id) && $a_out[$id]) { $pconfig['dstport'] = $a_out[$id]['dstport']; $pconfig['natport'] = $a_out[$id]['natport']; $pconfig['target'] = $a_out[$id]['target']; + $pconfig['targetip'] = $a_out[$id]['targetip']; + $pconfig['targetip_subnet'] = $a_out[$id]['targetip_subnet']; + $pconfig['poolopts'] = $a_out[$id]['poolopts']; $pconfig['interface'] = $a_out[$id]['interface']; if (!$pconfig['interface']) { $pconfig['interface'] = "wan"; @@ -149,10 +156,32 @@ if ($_POST) { } } - if ($_POST['target'] && !is_ipaddr($_POST['target']) && !isset($_POST['nonat'])) { + if ($_POST['target'] && !is_ipaddr($_POST['target']) && !is_subnet($_POST['target']) && !is_alias($_POST['target']) && !isset($_POST['nonat']) && !($_POST['target'] == "other-subnet")) { $input_errors[] = gettext("A valid target IP address must be specified."); } + if ($_POST['target'] == "other-subnet") { + if (!is_ipaddr($_POST['targetip'])) { + $input_errors[] = gettext("A valid target IP must be specified when using the 'Other Subnet' type."); + } + if (!is_numericint($_POST['targetip_subnet'])) { + $input_errors[] = gettext("A valid target bit count must be specified when using the 'Other Subnet' type."); + } + } + + /* Verify Pool Options */ + $poolopts = ""; + if ($_POST['poolopts']) { + if (is_subnet($_POST['target']) || ($_POST['target'] == "other-subnet")) + $poolopts = $_POST['poolopts']; + elseif (is_alias($_POST['target'])) { + if (substr($_POST['poolopts'], 0, 11) == "round-robin") + $poolopts = $_POST['poolopts']; + else + $input_errors[] = gettext("Only Round Robin pool options may be chosen when selecting an alias."); + } + } + /* if user has selected any as source, set it here */ if($_POST['source_type'] == "any") { $osn = "any"; @@ -183,7 +212,10 @@ if ($_POST) { $natent['sourceport'] = ($protocol_uses_ports) ? $_POST['sourceport'] : ""; $natent['descr'] = $_POST['descr']; $natent['target'] = (!isset($_POST['nonat'])) ? $_POST['target'] : ""; + $natent['targetip'] = (!isset($_POST['nonat'])) ? $_POST['targetip'] : ""; + $natent['targetip_subnet'] = (!isset($_POST['nonat'])) ? $_POST['targetip_subnet'] : ""; $natent['interface'] = $_POST['interface']; + $natent['poolopts'] = $poolopts; /* static-port */ if(isset($_POST['staticnatport']) && $protocol_uses_ports && !isset($_POST['nonat'])) { @@ -320,6 +352,24 @@ function proto_change() { document.getElementById("tportstatic_tr").style.display = 'none'; } } +function poolopts_change() { + if ($('target').options[$('target').selectedIndex].text.substring(0,4) == "Host") { + $('poolopts_tr').style.display = ''; + $('target_network').style.display = 'none'; + } else if ($('target').options[$('target').selectedIndex].text.substring(0,6) == "Subnet") { + $('poolopts_tr').style.display = ''; + $('target_network').style.display = 'none'; + } else if ($('target').options[$('target').selectedIndex].text.substring(0,5) == "Other") { + $('poolopts_tr').style.display = ''; + $('target_network').style.display = ''; + } else { + $('poolopts').selectedIndex = 0; + $('poolopts_tr').style.display = 'none'; + $('target_network').style.display = 'none'; + $('targetip').value = ''; + $('targetip_subnet').value = '0'; + } +} //--> </script> </head> @@ -467,16 +517,18 @@ any)");?></td> <table border="0" cellspacing="1" cellpadding="1"> <tr> <td><?=gettext("Address:");?> </td> - <td><select name="target" class="formselect"> + <td><select name="target" class="formselect" id="target" onChange="poolopts_change();"> <option value=""<?php if (!$pconfig['target']) echo " selected"; ?>><?=gettext("Interface address");?></option> <?php if (is_array($config['virtualip']['vip'])): foreach ($config['virtualip']['vip'] as $sn): + if (isset($sn['noexpand'])) + continue; if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); - $len = $end - $start; - - for ($i = 0; $i <= $len; $i++): + $len = $end - $start; ?> + <option value="<?=$sn['subnet'].'/'.$sn['subnet_bits'];?>" <?php if ($sn['subnet'].'/'.$sn['subnet_bits'] == $pconfig['target']) echo "selected"; ?>><?=htmlspecialchars("Subnet: {$sn['subnet']}/{$sn['subnet_bits']} ({$sn['descr']})");?></option> + <?php for ($i = 0; $i <= $len; $i++): $snip = long2ip32($start+$i); ?> <option value="<?=$snip;?>" <?php if ($snip == $pconfig['target']) echo "selected"; ?>><?=htmlspecialchars("{$snip} ({$sn['descr']})");?></option> @@ -485,18 +537,57 @@ any)");?></td> <option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['target']) echo "selected"; ?>><?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?></option> <?php endif; endforeach; endif; -?> + foreach ($a_aliases as $alias): + if ($alias['type'] != "host") + continue; ?> + <option value="<?=$alias['name'];?>" <?php if ($alias['name'] == $pconfig['target']) echo "selected"; ?>><?=htmlspecialchars("Host Alias: {$alias['name']} ({$alias['descr']})");?></option> +<?php endforeach; ?> + <option value="other-subnet"<?php if($pconfig['target'] == "other-subnet") echo " selected"; ?>><?=gettext("Other Subnet (Enter Below)");?></option> <option value=""<?php if($pconfig['target'] == "any") echo " selected"; ?>><?=gettext("any");?></option> </select> </td> </tr> + + <tr id="target_network"> + <td><?=gettext("Other Subnet:");?> </td> + <td> + <input name="targetip" type="text" class="formfld unknown" id="targetip" size="20" value="<?=htmlspecialchars($pconfig['targetip']);?>">/<select name="targetip_subnet" class="formfld" id="targetip_subnet"> +<?php for ($i = 32; $i >= 0; $i--): ?> + <option value="<?=$i;?>"<?php if ($i == $pconfig['targetip_subnet']) echo " selected"; ?>><?=$i;?></option> +<?php endfor; ?> + </select> + </td> + </tr> + <tr><td> </td><td> <span class="vexpl"><?=gettext("Packets matching this rule will be mapped to the IP address given here.");?><br> <?=gettext("If you want this rule to apply to another IP address than the IP address of the interface chosen above, ". "select it here (you need to define");?> <a href="firewall_virtual_ip.php"><?=gettext("Virtual IP");?></a> <?=gettext("addresses on the first).");?> <?=gettext("Also note that if you are trying to redirect connections on the LAN select the \"any\" option.");?> - </span> + </span><br/> </td></tr> + <tr id="poolopts_tr"> + <td valign="top">Pool Options</td> + <td> + <select name="poolopts" id="poolopts"> + <option value="" <?php if ($pconfig['poolopts'] == "" ) echo "selected"; ?>><?=htmlspecialchars("Default" );?></option> + <option value="round-robin" <?php if ($pconfig['poolopts'] == "round-robin" ) echo "selected"; ?>><?=htmlspecialchars("Round Robin" );?></option> + <option value="round-robin sticky-address" <?php if ($pconfig['poolopts'] == "round-robin sticky-address") echo "selected"; ?>><?=htmlspecialchars("Round Robin with Sticky Address");?></option> + <option value="random" <?php if ($pconfig['poolopts'] == "random" ) echo "selected"; ?>><?=htmlspecialchars("Random" );?></option> + <option value="random sticky-address" <?php if ($pconfig['poolopts'] == "random sticky-address" ) echo "selected"; ?>><?=htmlspecialchars("Random with Sticky Address" );?></option> + <option value="source-hash" <?php if ($pconfig['poolopts'] == "source-hash" ) echo "selected"; ?>><?=htmlspecialchars("Source Hash" );?></option> + <option value="bitmask" <?php if ($pconfig['poolopts'] == "bitmask" ) echo "selected"; ?>><?=htmlspecialchars("Bitmask" );?></option> + </select><br/> + <span class="vexpl"> + <?=gettext("Only Round Robin types work with Host Aliases. Any type can be used with a Subnet.");?><br/> + * <?=gettext("Round Robin: Loops through the translation addresses.");?><br/> + * <?=gettext("Random: Selects an address from the translation address pool at random.");?><br/> + * <?=gettext("Source Hash: Uses a hash of the source address to determine the translation address, ensuring that the redirection address is always the same for a given source.");?><br/> + * <?=gettext("Bitmask: Applies the subnet mask and keeps the last portion identical; 10.0.1.50 -> x.x.x.50.");?><br/> + * <?=gettext("Sticky Address: The Sticky Address option can be used with the Random and Round Robin pool types to ensure that a particular source address is always mapped to the same translation address.");?><br/> + </span><br/> + </td> + </tr> <tr name="tport_tr" id="tport_tr"> <td><?=gettext("Port:");?> </td> <td><input name="natport" type="text" class="formfld unknown" id="natport" size="5" value="<?=htmlspecialchars($pconfig['natport']);?>"></td> @@ -543,6 +634,7 @@ typesel_change(); staticportchange(); nonat_change(); proto_change(); +poolopts_change(); //--> </script> <?php include("fend.inc"); ?> diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index ae4f60e..a0b34b4 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -826,9 +826,6 @@ if($_REQUEST['undodrag']) { "to the rule order. Everything that isn't explicitly passed is blocked " . "by default. ");?> </li> -<li> - <?=gettext("You may drag and drop rules using your mouse to reorder the rule ordering.");?> -</li> </ul> </td> </tr> diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 1c6c3f0..8933344 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -364,7 +364,7 @@ if ($_POST) { } if (isset($_POST['floating']) && $_POST['pdnpipe'] != "none" && (empty($_POST['direction']) || $_POST['direction'] == "any")) $input_errors[] = gettext("You can not use limiters in Floating rules without choosing a direction."); - if (isset($_POST['floating']) && $_POST['gateway'] != "default" && (empty($_POST['direction']) || $_POST['direction'] == "any")) + if (isset($_POST['floating']) && $_POST['gateway'] != "" && (empty($_POST['direction']) || $_POST['direction'] == "any")) $input_errors[] = gettext("You can not use gateways in Floating rules without choosing a direction."); if ($_POST['pdnpipe'] && $_POST['pdnpipe'] != "none") { if ($_POST['dnpipe'] == "none" ) @@ -727,7 +727,7 @@ include("head.inc"); <td width="78%" class="vtable"> <select <?=$edit_disabled;?> name="proto" class="formselect" onchange="proto_change()"> <?php - $protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IGMP any carp pfsync"); + $protocols = explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IGMP OSPF any carp pfsync"); foreach ($protocols as $proto): ?> <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['proto']) echo "selected"; ?>><?=htmlspecialchars($proto);?></option> <?php endforeach; ?> @@ -1238,7 +1238,7 @@ include("head.inc"); } ?> </select> - <p><strong><?=gettext("Leave as 'default' to use the system routing table. Or choose a gateway to utilize policy based routing.");?></strong></p> + <p><?=gettext("Leave as 'default' to use the system routing table. Or choose a gateway to utilize policy based routing.");?></p> </div> </td> </tr> @@ -1287,7 +1287,7 @@ include("head.inc"); ?> </select> <br /> - <span class="vexpl"><?=gettext("Choose the Out queue/Virtual interface only if you have selected In too.")."<br/>".gettext("The Out selection is applied to traffic going out the interface the rule is created, In is the incoming one.")."<br/>".gettext("If you are creating a rule on the Floating tab if the direction is In then the same rules apply, if the direction is out the selections are reverted Out is for incoming and In is for outgoing and if you do not select any direction use only the In since the Out selection does not make sense in there to prevent oddities.");?></span> + <span class="vexpl"><?=gettext("Choose the Out queue/Virtual interface only if you have also selected In.")."<br/>".gettext("The Out selection is applied to traffic leaving the interface where the rule is created, In is applied to traffic coming into the chosen interface.")."<br/>".gettext("If you are creating a floating rule, if the direction is In then the same rules apply, if the direction is out the selections are reverted Out is for incoming and In is for outgoing.");?></span> </div> </td> </tr> diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index c3607ec..63d0f7e 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -117,6 +117,12 @@ if ($_GET['act'] == "del") { if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']) . "/" . $a_vip[$_GET['id']]['subnet_bits'])) $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by CARP") . " {$vip['descr']}."; } + } else if ($a_vip[$_GET['id']]['mode'] == "carp") { + $vipiface = $a_vip[$_GET['id']]['interface']; + foreach ($a_vip as $vip) { + if ($vipiface == "vip{$vip['vhid']}" && $vip['mode'] == "ipalias") + $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by ip alias entry") . " {$vip['descr']}."; + } } diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index edcde6c..5825aaf 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -87,6 +87,7 @@ if (isset($id) && $a_vip[$id]) { $pconfig['range'] = $a_vip[$id]['range']; $pconfig['subnet'] = $a_vip[$id]['subnet']; $pconfig['subnet_bits'] = $a_vip[$id]['subnet_bits']; + $pconfig['noexpand'] = $a_vip[$id]['noexpand']; $pconfig['descr'] = $a_vip[$id]['descr']; $pconfig['type'] = $a_vip[$id]['type']; $pconfig['interface'] = $a_vip[$id]['interface']; @@ -134,7 +135,9 @@ if ($_POST) { /* make sure new ip is within the subnet of a valid ip * on one of our interfaces (wan, lan optX) */ - if ($_POST['mode'] == "carp" or $_POST['mode'] == "carpdev-dhcp") { + switch ($_POST['mode']) { + case "carp": + case "carpdev-dhcp": /* verify against reusage of vhids */ $idtracker = 0; foreach($config['virtualip']['vip'] as $vip) { @@ -151,8 +154,26 @@ if ($_POST) { $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); } + if (substr($_POST['interface'], 0, 3) == "vip") + $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); + break; + case "ipalias": + if (substr($_POST['interface'], 0, 3) == "vip") { + $parent_ip = get_interface_ip($_POST['interface']); + $parent_sn = get_interface_subnet($_POST['interface']); + if (!ip_in_subnet($_POST['subnet'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) { + $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; + $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); + } + } + break; + default: + if (substr($_POST['interface'], 0, 3) == "vip") + $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); + break; } + if (isset($id) && ($a_vip[$id])) { if ($a_vip[$id]['mode'] != $_POST['mode']) { $bringdown = false; @@ -179,7 +200,9 @@ if ($_POST) { if ($_POST['type'] == "range") { $vipent['range']['from'] = $_POST['range_from']; $vipent['range']['to'] = $_POST['range_to']; + } + $vipent['noexpand'] = isset($_POST['noexpand']); } /* CARP specific fields */ @@ -268,6 +291,8 @@ function enable_change(enable_over) { document.iform.type.disabled = 1; document.iform.subnet_bits.disabled = 0; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; if (note.firstChild == null) { note.appendChild(carpnote); } else { @@ -282,6 +307,8 @@ function enable_change(enable_over) { document.iform.type.disabled = 0; document.iform.subnet_bits.disabled = 1; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 0; + $('noexpandrow').style.display = ''; if (note.firstChild == null) { note.appendChild(proxyarpnote); } else { @@ -295,6 +322,8 @@ function enable_change(enable_over) { note.removeChild(note.firstChild); } document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } if (get_radio_value(document.iform.mode) == "ipalias") { document.iform.type.disabled = 1; @@ -302,6 +331,8 @@ function enable_change(enable_over) { note.appendChild(ipaliasnote); document.iform.subnet_bits.disabled = 0; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } if (get_radio_value(document.iform.mode) == "carpdev-dhcp") { document.iform.type.disabled = 1; @@ -315,29 +346,40 @@ function enable_change(enable_over) { document.iform.password.disabled = 0; document.iform.advskew.disabled = 0; document.iform.advbase.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } + typesel_change(); } function typesel_change() { switch (document.iform.type.selectedIndex) { case 0: // single document.iform.subnet.disabled = 0; if((get_radio_value(document.iform.mode) == "proxyarp")) document.iform.subnet_bits.disabled = 1; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; break; case 1: // network document.iform.subnet.disabled = 0; document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 0; + $('noexpandrow').style.display = ''; //document.iform.range_from.disabled = 1; //document.iform.range_to.disabled = 1; break; case 2: // range document.iform.subnet.disabled = 1; document.iform.subnet_bits.disabled = 1; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; //document.iform.range_from.disabled = 0; //document.iform.range_to.disabled = 0; break; case 3: // IP alias document.iform.subnet.disabled = 1; document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; //document.iform.range_from.disabled = 0; //document.iform.range_to.disabled = 0; break; @@ -378,6 +420,9 @@ function typesel_change() { <select name="interface" class="formselect"> <?php $interfaces = get_configured_interface_with_descr(false, true); + $carplist = get_configured_carp_interface_list(); + foreach ($carplist as $cif => $carpip) + $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")"; foreach ($interfaces as $iface => $ifacename): ?> <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> <?=htmlspecialchars($ifacename);?> @@ -413,6 +458,12 @@ function typesel_change() { </select> <i id="typenote"></i> </td> </tr> + <tr id="noexpandrow"> + <td><?=gettext("Expansion:");?> </td> + <td><input name="noexpand" type="checkbox" class="formfld unknown" id="noexpand" <?php echo (isset($pconfig['noexpand'])) ? "checked" : "" ; ?>> + Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) + </td> + </tr> <?php /* <tr> @@ -436,7 +487,7 @@ function typesel_change() { <tr valign="top"> <td width="22%" class="vncellreq"><?=gettext("VHID Group");?></td> <td class="vtable"><select id='vhid' name='vhid'> - <?php for ($i = 1; $i <= 65536; $i++): ?> + <?php for ($i = 1; $i <= 255; $i++): ?> <option value="<?=$i;?>" <?php if ($i == $pconfig['vhid']) echo "selected"; ?>> <?=$i;?> </option> diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index 1e30482..c6a58b3 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -881,7 +881,7 @@ function echo_array($array,$return_me=false){ * RESULT * null ******/ -function display_top_tabs(& $tab_array) { +function display_top_tabs(& $tab_array, $no_drop_down = false) { global $HTTP_SERVER_VARS; global $config; global $g; @@ -896,16 +896,15 @@ function display_top_tabs(& $tab_array) { */ /* empty string code */ - if ($tab_array_indent == '') - { + if ($tab_array_indent == '') { $tab_array_indent = 0; } - if ($tab_array_space == '') - { + + if ($tab_array_space == '') { $tab_array_space = 1; } - if ($tab_array_char_limit == '') - { + + if ($tab_array_char_limit == '') { $tab_array_char_limit = 82; } @@ -956,6 +955,11 @@ function display_top_tabs(& $tab_array) { foreach ($tab_array as $ta) $tabcharcount = $tabcharcount + strlen($ta[0]); + if($no_drop_down == true) { + $tabcharcount = 0; + unset($tab_array_char_limit); + } + // If the character count of the tab names is > 670 // then show a select item dropdown menubox. if($tabcharcount > $tab_array_char_limit) { @@ -975,7 +979,6 @@ function display_top_tabs(& $tab_array) { echo " function tabs_will_go(obj){ document.location = obj.value; }"; echo "</script>"; } else { - //////>>> echo "<div class=\"newtabmenu\" style=\"margin:{$tab_array_space}px {$tab_array_indent}px; width:775px;\">\n"; echo "<!-- Tabbed bar code-->\n"; echo "<ul class=\"newtabmenu\">\n"; @@ -989,7 +992,6 @@ function display_top_tabs(& $tab_array) { $tabscounter++; } echo "</ul>\n</div>\n"; - ////////>>>> } } diff --git a/usr/local/www/help.php b/usr/local/www/help.php index 89a5feb..59cc905 100644 --- a/usr/local/www/help.php +++ b/usr/local/www/help.php @@ -121,7 +121,7 @@ $helppages = array( 'services_snmp.php' => 'http://doc.pfsense.org/index.php/SNMP_Daemon', 'services_wol.php' => 'http://doc.pfsense.org/index.php/Wake_on_LAN', 'services_wol_edit.php' => 'http://doc.pfsense.org/index.php/Wake_on_LAN', - 'routed/routed.xml' => 'http://doc.pfsense.org/index.php/Routing_Information_Protocol_(RIP)', # RIP + 'routed.xml' => 'http://doc.pfsense.org/index.php/Routing_Information_Protocol_(RIP)', # RIP 'system.php' => 'http://doc.pfsense.org/index.php/General_Setup_(2.0)', 'system_advanced_admin.php' => 'http://doc.pfsense.org/index.php/Advanced_Setup_(2.0)', 'system_advanced_firewall.php' => 'http://doc.pfsense.org/index.php/Advanced_Setup_(2.0)#Firewall.2FNAT', @@ -208,6 +208,14 @@ $helppages = array( 'vpn_openvpn_crl_edit.php' => 'http://doc.pfsense.org/index.php/Category:OpenVPN', 'vpn_openvpn_srv.php' => 'http://doc.pfsense.org/index.php/Category:OpenVPN', 'vpn_openvpn_srv_edit.php' => 'http://doc.pfsense.org/index.php/Category:OpenVPN', + 'diag_authentication.php' => 'http://doc.pfsense.org/index.php/User_Authentication_Servers', + 'diag_limiter_info.php' => 'http://doc.pfsense.org/index.php/Traffic_Shaping_Guide#Display_Pipes', + 'diag_pf_info.php' => 'http://doc.pfsense.org/index.php/Packet_Filter_Information', + 'diag_smart.php' => 'http://doc.pfsense.org/index.php/SMART_Status', + 'diag_states_summary.php' => 'http://doc.pfsense.org/index.php/States_Summary', + 'interfaces_wireless.php' => 'http://doc.pfsense.org/index.php/Wireless_Interfaces', + 'interfaces_wireless_edit.php' => 'http://doc.pfsense.org/index.php/Wireless_Interfaces', + 'system_crlmanager.php' => 'http://doc.pfsense.org/index.php/Certificate_Management', /* Below here are pages that may need some cleanup or have not been fully looked at yet */ @@ -294,6 +302,7 @@ $helppages = array( 'siproxdusers.xml' => 'http://doc.pfsense.org/index.php/Siproxd_package', 'open-vm-tools.xml' => 'http://doc.pfsense.org/index.php/Open_VM_Tools_package', 'arping.xml' => 'http://doc.pfsense.org/index.php/Arping_package', + 'unbound.xml' => 'http://doc.pfsense.org/index.php/Unbound_package', ); diff --git a/usr/local/www/index.php b/usr/local/www/index.php index 3bb68cf..c1fdc26 100755 --- a/usr/local/www/index.php +++ b/usr/local/www/index.php @@ -42,6 +42,9 @@ ##|*MATCH=index.php* ##|-PRIV +// Turn off csrf for the dashboard +$nocsrf = true; + // Turn on buffering to speed up rendering ini_set('output_buffering','true'); @@ -107,14 +110,15 @@ if (!is_array($config['widgets'])) { ## User recently restored his config. ## If packages are installed lets resync if(file_exists('/conf/needs_package_sync')) { - if($config['installedpackages'] <> '') { - conf_mount_rw(); - @unlink('/conf/needs_package_sync'); - conf_mount_ro(); + if($config['installedpackages'] <> '' && is_array($config['installedpackages']['package'])) { if($g['platform'] == "pfSense" || $g['platform'] == "nanobsd") { header('Location: pkg_mgr_install.php?mode=reinstallall'); exit; } + } else { + conf_mount_rw(); + @unlink('/conf/needs_package_sync'); + conf_mount_ro(); } } diff --git a/usr/local/www/installer.php b/usr/local/www/installer.php deleted file mode 100644 index 68570ac..0000000 --- a/usr/local/www/installer.php +++ /dev/null @@ -1,753 +0,0 @@ -<?php -/* - installer.php - part of pfSense (http://www.pfsense.com/) - Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -$nocsrf = true; - -require("globals.inc"); -require("guiconfig.inc"); - -define('PC_SYSINSTALL', '/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh'); - -if($g['platform'] == "pfSense" or $g['platform'] == "nanobsd") { - Header("Location: /index.php"); - exit; -} - -// Main switch dispatcher -switch ($_REQUEST['state']) { - case "update_installer_status": - update_installer_status(); - exit; - case "custominstall": - installer_custom(); - exit; - case "begin_install": - installing_gui(); - begin_install(); - exit; - case "verify_before_install": - verify_before_install(); - exit; - default: - installer_main(); -} - -function write_out_pc_sysinstaller_config($disk, $fstype = "UFS+S", $swapsize = false) { - $fd = fopen("/usr/sbin/pc-sysinstall/examples/pfSense-install.cfg", "w"); - if(!$fd) { - return true; - } - if($swapsize <> "") { - $diskareas = "disk0-part=SWAP {$swapsize} none \n"; - $diskareas .= "disk0-part={$fstype} 0 /\n"; - } else { - $diskareas = "disk0-part={$fstype} 0 /\n"; - } - $config = <<<EOF -# Sample configuration file for an installation using pc-sysinstall - -installMode=fresh -installInteractive=yes -installType=FreeBSD -installMedium=LiveCD - -# Set the disk parameters -disk0={$disk} -partition=all -bootManager=bsd -commitDiskPart - -# Setup the disk label -# All sizes are expressed in MB -# Avail FS Types, UFS, UFS+S, UFS+J, ZFS, SWAP -# Size 0 means use the rest of the slice size -{$diskareas} - -# Do it now! -commitDiskLabel - -# Set if we are installing via optical, USB, or FTP -installType=FreeBSD - -packageType=cpdup - -# Optional Components -cpdupPaths=boot,COPYRIGHT,bin,conf,conf.default,dev,etc,home,kernels,libexec,lib,root,sbin,sys,usr,var - -# runExtCommand=chmod a+rx /usr/local/bin/after_installation_routines.sh ; cd / ; /usr/local/bin/after_installation_routines.sh -EOF; - fwrite($fd, $config); - fclose($fd); - return; -} - -function start_installation() { - global $g, $fstype; - if(file_exists("/tmp/install_complete")) - return; - $ps_running = exec("ps awwwux | grep -v grep | grep 'sh /tmp/installer.sh'"); - if($ps_running) - return; - $fd = fopen("/tmp/installer.sh", "w"); - if(!$fd) { - die(gettext("Could not open /tmp/installer.sh for writing")); - exit; - } - fwrite($fd, "rm /tmp/.pc-sysinstall/pc-sysinstall.log 2>/dev/null\n"); - fwrite($fd, "/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh -c /usr/sbin/pc-sysinstall/examples/pfSense-install.cfg \n"); - fwrite($fd, "chmod a+rx /usr/local/bin/after_installation_routines.sh\n"); - fwrite($fd, "cd / && /usr/local/bin/after_installation_routines.sh\n"); - fwrite($fd, "mkdir /mnt/tmp\n"); -// fwrite($fd, "umount /mnt\n"); - fwrite($fd, "touch /tmp/install_complete\n"); - fclose($fd); - exec("chmod a+rx /tmp/installer.sh"); - mwexec_bg("sh /tmp/installer.sh"); -} - -function installer_find_first_disk() { - global $g, $fstype; - $disk = `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list | head -n1 | cut -d':' -f1`; - return $disk; -} - -function pcsysinstall_get_disk_info($diskname) { - global $g, $fstype; - $disk = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list`); - $disks_array = array(); - foreach($disk as $d) { - if(!$d) - continue; - $disks_info = split(":", $d); - $tmp_array = array(); - if($disks_info[0] == $diskname) { - $disk_info = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-info {$disks_info[0]}`); - foreach($disk_info as $di) { - $di_s = split("=", $di); - if($di_s[0]) - $tmp_array[$di_s[0]] = $di_s[1]; - } - $tmp_array['disk'] = trim($disks_info[0]); - $tmp_array['desc'] = trim(htmlentities($disks_info[1])); - return $tmp_array; - } - } -} - -// Return an array with all disks information. -function installer_find_all_disks() { - global $g, $fstype; - $disk = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list`); - $disks_array = array(); - foreach($disk as $d) { - if(!$d) - continue; - $disks_info = split(":", $d); - $tmp_array = array(); - $disk_info = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-info {$disks_info[0]}`); - foreach($disk_info as $di) { - $di_s = split("=", $di); - if($di_s[0]) - $tmp_array[$di_s[0]] = $di_s[1]; - } - $tmp_array['disk'] = trim($disks_info[0]); - $tmp_array['desc'] = trim(htmlentities($disks_info[1])); - $disks_array[] = $tmp_array; - } - return $disks_array; -} - -function update_installer_status() { - global $g, $fstype; - // Ensure status files exist - if(!file_exists("/tmp/installer_installer_running")) - touch("/tmp/installer_installer_running"); - $status = `cat /tmp/.pc-sysinstall/pc-sysinstall.log`; - $status = str_replace("\n", "\\n", $status); - $status = str_replace("\n", "\\r", $status); - echo "this.document.forms[0].installeroutput.value='$status';\n"; - echo "this.document.forms[0].installeroutput.scrollTop = this.document.forms[0].installeroutput.scrollHeight;\n"; - // Find out installer progress - $progress = "5"; - if(strstr($status, "Running: dd")) - $progress = "6"; - if(strstr($status, "Running: gpart create -s GPT")) - $progress = "7"; - if(strstr($status, "Running: gpart bootcode")) - $progress = "7"; - if(strstr($status, "Running: newfs -U")) - $progress = "8"; - if(strstr($status, "Running: sync")) - $progress = "9"; - if(strstr($status, "/boot /mnt/boot")) - $progress = "10"; - if(strstr($status, "/COPYRIGHT /mnt/COPYRIGHT")) - $progress = "11"; - if(strstr($status, "/bin /mnt/bin")) - $progress = "12"; - if(strstr($status, "/conf /mnt/conf")) - $progress = "15"; - if(strstr($status, "/conf.default /mnt/conf.default")) - $progress = "20"; - if(strstr($status, "/dev /mnt/dev")) - $progress = "25"; - if(strstr($status, "/etc /mnt/etc")) - $progress = "30"; - if(strstr($status, "/home /mnt/home")) - $progress = "35"; - if(strstr($status, "/kernels /mnt/kernels")) - $progress = "40"; - if(strstr($status, "/libexec /mnt/libexec")) - $progress = "50"; - if(strstr($status, "/lib /mnt/lib")) - $progress = "60"; - if(strstr($status, "/root /mnt/root")) - $progress = "70"; - if(strstr($status, "/sbin /mnt/sbin")) - $progress = "75"; - if(strstr($status, "/sys /mnt/sys")) - $progress = "80"; - if(strstr($status, "/usr /mnt/usr")) - $progress = "95"; - if(strstr($status, "/usr /mnt/usr")) - $progress = "90"; - if(strstr($status, "/var /mnt/var")) - $progress = "95"; - if(strstr($status, "cap_mkdb /etc/login.conf")) - $progress = "96"; - if(strstr($status, "Setting hostname")) - $progress = "97"; - if(strstr($status, "umount -f /mnt")) - $progress = "98"; - if(strstr($status, "umount -f /mnt")) - $progress = "99"; - if(strstr($status, "Installation finished")) - $progress = "100"; - // Check for error and bail if we see one. - if(stristr($status, "error")) { - $error = true; - echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"2\"><b>An error occurred. Aborting installation. <a href=\"installer.php\">Back</a> to webInstaller'; "; - echo "\$('progressbar').style.width='100%';\n"; - unlink_if_exists("/tmp/install_complete"); - return; - } - $running_old = trim(file_get_contents("/tmp/installer_installer_running")); - if($installer_running <> "running") { - $ps_running = exec("ps awwwux | grep -v grep | grep 'sh /tmp/installer.sh'"); - if($ps_running) { - $running = "\$('installerrunning').innerHTML='<table><tr><td valign=\"middle\"><img src=\"/themes/{$g['theme']}/images/misc/loader.gif\"></td><td valign=\"middle\"> <font size=\"2\"><b>Installer running ({$progress}% completed)...</td></tr></table>'; "; - if($running_old <> $running) { - echo $running; - file_put_contents("/tmp/installer_installer_running", "$running"); - } - } - } - if($progress) - echo "\$('progressbar').style.width='{$progress}%';\n"; - if(file_exists("/tmp/install_complete")) { - echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"+1\">Installation completed. Please <a href=\"reboot.php\">reboot</a> to continue';\n"; - echo "\$('pbdiv').Fade();\n"; - unlink_if_exists("/tmp/installer.sh"); - file_put_contents("/tmp/installer_installer_running", "finished"); - } -} - -function update_installer_status_win($status) { - global $g, $fstype; - echo "<script type=\"text/javascript\">\n"; - echo " \$('installeroutput').value = '" . str_replace(htmlentities($status), "\n", "") . "';\n"; - echo "</script>"; -} - -function begin_install() { - global $g; - if(file_exists("/tmp/install_complete")) - return; - unlink_if_exists("/tmp/install_complete"); - if($_REQUEST['disk']) - $disk = htmlspecialchars($_REQUEST['disk']); - else - $disk = installer_find_first_disk(); - if(!$disk) { - echo "<script type=\"text/javascript\">"; - echo "\$('pbdiv').Fade();\n"; - echo "</script>"; - $savemsg = gettext("Could not find a suitable disk for installation"); - update_installer_status_win(gettext("Could not find a suitable disk for installation.")); - return; - } - // Handle other type of file systems - if($_REQUEST['fstype']) - $fstype = htmlspecialchars(strtoupper($_REQUEST['fstype'])); - else - $fstype = "UFS+S"; - write_out_pc_sysinstaller_config($disk, $fstype); - update_installer_status_win(sprintf(gettext("Beginning installation on disk %s."),$disk)); - start_installation(); -} - -function head_html() { - global $g, $fstype; - echo <<<EOF -<html> - <head> - <style type='text/css'> - a:link { - color: #000000; - text-decoration:underline; - font-size:14; - } - a:visited { - color: #000000; - text-decoration:underline; - font-size:14; - } - a:hover { - color: #FFFF00; - text-decoration: none; - font-size:14; - } - a:active { - color: #FFFF00; - text-decoration:underline; - font-size:14; - } - </style> - </head> -EOF; - -} - -function body_html() { - global $g, $fstype; - $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); - if(strstr($pfSversion, "1.2")) - $one_two = true; - $pgtitle = "{$g['product_name']}: " . gettext("Installer"); - include("head.inc"); - echo <<<EOF - <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> - <script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script> - <script type="text/javascript"> - function getinstallerprogress() { - url = 'installer.php'; - pars = 'state=update_installer_status'; - callajax(url, pars, installcallback); - } - function callajax(url, pars, activitycallback) { - var myAjax = new Ajax.Request( - url, - { - method: 'post', - parameters: pars, - onComplete: activitycallback - }); - } - function installcallback(transport) { - setTimeout('getinstallerprogress()', 2000); - eval(transport.responseText); - } - </script> -EOF; - - if($one_two) - echo "<p class=\"pgtitle\">{$pgtitle}</font></p>"; - - if ($savemsg) print_info_box($savemsg); -} - -function end_html() { - global $g, $fstype; - echo "</form>"; - echo "</body>"; - echo "</html>"; -} - -function template() { - global $g, $fstype; - head_html(); - body_html(); - echo <<<EOF - <div id="mainlevel"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <div id="mainarea"> - <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > - <form action="installer.php" method="post"> - <div id="pfsensetemplate"> - - - </div> - </td> - </tr> - </table> - </div> - </td> - </tr> - </table> - </div> -EOF; - end_html(); -} - -function verify_before_install() { - global $g, $fstype; - head_html(); - body_html(); - page_table_start(); - $disk = pcsysinstall_get_disk_info(htmlspecialchars($_REQUEST['disk'])); - $disksize = format_bytes($disk['size'] * 1048576); - $swapsize = htmlspecialchars($_REQUEST['swapsize']); - $fstype_echo = htmlspecialchars($_REQUEST['fstype']); - $disk_echo = htmlspecialchars($_REQUEST['disk']); - $swapsize_echo = htmlspecialchars($_REQUEST['swapsize']); - echo <<<EOF - <form method="post" action="installer.php"> - <input type="hidden" name="fstype" value="{$fstype_echo}"> - <input type="hidden" name="disk" value="{$disk_echo}"> - <input type="hidden" name="state" value="begin_install"> - <input type="hidden" name="swapsize" value="{$swapsize_echo}"> - <div id="mainlevel"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <div id="mainarea"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td > - <div> - <center> - <div id="pfsensetemplate"> - <table bgcolor="FFFF00" width="400" height="30" cellpadding="2" style="border:1px dashed;"> - <tr valign="middle"> - <td> - <center><b>Please verify that the following is correct:</b></center> - </td> - </tr> - </table> - <p/> - <table> - <tr><td align="right"><b>Disk:</td><td>{$disk_echo}</td></tr> - <tr><td align="right"><b>Description:</td><td>{$disk['desc']}</td></tr> - <tr><td align="right"><b>Size:</td><td>{$disksize}</td></tr> - <tr><td align="right"><b>SWAP Size:</td><td>{$swapsize}</td></tr> - <tr><td align="right"><b>Filesystem:</td><td>{$fstype_echo}</td></tr> - </table> - </div> - </center> - </div> - </td> - </tr> - </table> - </div> - <center> - <p/> - <input type="button" value="Cancel" onClick="javascript:document.location='/installer.php';"> - <input type="submit" value="Begin installation"> - </center> - </td> - </tr> - </table> - </div> -EOF; - page_table_end(); - end_html(); -} - -function installing_gui() { - global $g, $fstype; - head_html(); - body_html(); - echo "<form action=\"installer.php\" method=\"post\" state=\"step1_post\">"; - page_table_start(); - echo <<<EOF - <center> - <table width="100%"> - <tr><td> - <div id="mainlevel"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <div id="mainarea"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td> - <div id="pfsenseinstaller" width="100%"> - <div id='installerrunning' width='100%' style="padding:8px; border:1px dashed #000000"> - <table> - <tr> - <td valign="middle"> - <img src="/themes/{$g['theme']}/images/misc/loader.gif"> - </td> - <td valign="middle"> - <font size="2"><b>Starting Installer... Please wait... - </td> - </tr> - </table> - </div> - <div id='pbdiv'> - <br/> - <center> - <table id='pbtable' height='15' width='640' border='0' colspacing='0' cellpadding='0' cellspacing='0'> - <tr> - <td background="./themes/the_wall/images/misc/bar_left.gif" height='15' width='5'> - </td> - <td> - <table id="progholder" name="progholder" height='15' width='630' border='0' colspacing='0' cellpadding='0' cellspacing='0'> - <td background="./themes/the_wall/images/misc/bar_gray.gif" valign="top" align="left"> - <img src='./themes/the_wall/images/misc/bar_blue.gif' width='0' height='15' name='progressbar' id='progressbar'> - </td> - </table> - </td> - <td background="./themes/the_wall/images/misc/bar_right.gif" height='15' width='5'> - </td> - </tr> - </table> - <br/> - </div> - <textarea name='installeroutput' id='installeroutput' rows="31" cols="90"> - </textarea> - </div> - </td> - </tr> - </table> - </div> - </td> - </tr> - </table> - </div> - </td></tr> - </table> - </center> - <script type="text/javascript">setTimeout('getinstallerprogress()', 250);</script> - -EOF; - page_table_end(); - end_html(); -} - -function page_table_start() { - global $g, $fstype; - echo <<<EOF - <center> - <img border="0" src="./themes/{$g['theme']}/images/logo.gif"></a><br/> - <table cellpadding="6" cellspacing="0" width="550" height="380" style="border:1px solid #000000"> - <tr height="10" bgcolor="#990000"> - <td style="border-bottom:1px solid #000000"> - <font color='white'> - <b> - {$g['product_name']} installer - </b> - </font> - </td> - </tr> - <tr> - <td> - -EOF; - -} - -function page_table_end() { - global $g, $fstype; - echo <<<EOF - </td> - </tr> - </table> - </center> - -EOF; - -} - -function installer_custom() { - global $g, $fstype; - if(file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log")) - unlink("/tmp/.pc-sysinstall/pc-sysinstall.log"); - head_html(); - body_html(); - page_table_start(); - echo <<<EOF - <form action="installer.php" method="post"> - <input type="hidden" name="state" value="verify_before_install"> - <div id="mainlevel"> - <center> - <table width="100%" border="0" cellpadding="5" cellspacing="0"> - <tr> - <td> - <center> - <div id="mainarea"> - <br/> - <center> - <table width="100%" border="0" cellpadding="5" cellspacing="5"> - <tr> - <td> - <div id="pfsenseinstaller"> - <center> - <div id='loadingdiv'> - <img src="/themes/{$g['theme']}/images/misc/loader.gif"> Probing disks, please wait... - </div> -EOF; - ob_flush(); - $disks = installer_find_all_disks(); - if(!$disks) { - $custom_txt = gettext("ERROR: Could not find any suitable disks for installation."); - } else { - // Prepare disk selection dropdown - $custom_txt = <<<EOF - <table bgcolor="FFFF00" width="400" height="30" cellpadding="2" style="border:1px dashed;"> - <tr valign="middle"> - <td> - <center><b>Select the installation parameters for {$g['product_name']}:</b></center> - </td> - </tr> - </table><p/> - <table> -EOF; - $custom_txt .= "<tr><td align='right'><b>Swap size</td><td><input name='swapsize' type='text' value='200M'></td></tr>\n"; - $custom_txt .= "<tr><td align='right'><b>Disk:</td><td><select name='disk'>\n"; - foreach($disks as $disk) { - $disksize = format_bytes($disk['size'] * 1048576); - $custom_txt .= "<option value='{$disk['disk']}'>{$disk['disk']} - {$disksize} - {$disk['desc']}</option>\n"; - } - $custom_txt .= "</select></td></tr>\n"; - // XXX: Convert to rowhelper. Add Ajax callbacks to verify sizes, etc. - // Prepare disk types - $custom_txt .= "<tr><td align='right'><b>Filesystem type:</td><td><select name='fstype'>\n"; - $custom_txt .= "<option value='UFS'>UFS</option>\n"; - $custom_txt .= "<option value='UFS+S'>UFS + Softupdates</option>\n"; - $release = php_uname("r"); - $release = $release[0]; - if($release == "9") - $custom_txt .= "<option value='UFS+J'>UFS + Journaling</option>\n"; - if(file_exists("/boot/gptzfsboot")) - $custom_txt .= "<option value='ZFS'>ZFS</option>\n"; - $custom_txt .= "</select>\n</td></tr></table><p/>"; - } - echo <<<EOF - <script type="text/javascript"> - \$('loadingdiv').style.visibility='hidden'; - </script> - <div id='contentdiv' style="display:none;"> - {$custom_txt}<p/> - <input type="button" value="Cancel" onClick="javascript:document.location='/installer.php';">   - <input type="submit" value="Next"> - </div> - <script type="text/javascript"> - \$('contentdiv').appear(); - </script> - </center> - </td></tr> - </table> - </div> - </td> - </tr> - </table> - </div> - </td> - </tr> - </table> - </div> - -EOF; - page_table_end(); - end_html(); -} - -function installer_main() { - global $g, $fstype; - if(file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log")) - unlink("/tmp/.pc-sysinstall/pc-sysinstall.log"); - head_html(); - body_html(); - $disk = installer_find_first_disk(); - // Only enable ZFS if this exists. The install will fail otherwise. - if(file_exists("/boot/gptzfsboot")) - $zfs_enabled = "<tr bgcolor=\"#9A9A9A\"><td align=\"center\"><a href=\"installer.php?state=verify_before_install&fstype=ZFS&swapsize=200M\">Easy installation of {$g['product_name']} using the ZFS filesystem on disk {$disk}</a></td></tr>"; - page_table_start(); - echo <<<EOF - <form action="installer.php" method="post" state="step1_post"> - <div id="mainlevel"> - <center> - <b><font face="arial" size="+2">Welcome to the {$g['product_name']} webInstaller!</b></font><p/> - <font face="arial" size="+1">This utility will install {$g['product_name']} to a hard disk, flash drive, etc.</font> - <table width="100%" border="0" cellpadding="5" cellspacing="0"> - <tr> - <td> - <center> - <div id="mainarea"> - <br/> - <center> - Please select an installer option to begin: - <p/> - <table width="100%" border="0" cellpadding="5" cellspacing="5"> - <tr> - <td> - <div id="pfsenseinstaller"> - <center> -EOF; - if(!$disk) { - echo gettext("ERROR: Could not find any suitable disks for installation."); - echo "</div></td></tr></table></div></table></div>"; - end_html(); - exit; - } - echo <<<EOF - - <table cellspacing="5" cellpadding="5" style="border: 1px dashed;"> - <tr bgcolor="#CECECE"><td align="center"> - <a href="installer.php?state=verify_before_install&disk={$disk}&fstype=UFS&swapsize=200M">Easy installation of {$g['product_name']} using the UFS filesystem on disk {$disk}</a> - </td></tr> - {$zfs_enabled} - <tr bgcolor="#AAAAAA"><td align="center"> - <a href="installer.php?state=custominstall">Custom installation of {$g['product_name']}</a> - </td></tr> - <tr bgcolor="#CECECE"><td align="center"> - <a href='/'>Cancel and return to Dashboard</a> - </td></tr> - </table> - </center> - </div> - </td> - </tr> - </table> - </div> - </td> - </tr> - </table> - </div> -EOF; - page_table_end(); - end_html(); -} - -?> diff --git a/usr/local/www/installer/index.php b/usr/local/www/installer/index.php new file mode 100644 index 0000000..2c7dd90 --- /dev/null +++ b/usr/local/www/installer/index.php @@ -0,0 +1,5 @@ +<?php + +Header("Location: installer.php"); + +?>
\ No newline at end of file diff --git a/usr/local/www/installer/installer.php b/usr/local/www/installer/installer.php new file mode 100644 index 0000000..fdb682a --- /dev/null +++ b/usr/local/www/installer/installer.php @@ -0,0 +1,1212 @@ +<?php +/* + installer.php (pfSense webInstaller) + part of pfSense (http://www.pfsense.com/) + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +$nocsrf = true; + +require("globals.inc"); +require("guiconfig.inc"); + +define('PC_SYSINSTALL', '/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh'); + +if($g['platform'] == "pfSense" or $g['platform'] == "nanobsd") { + Header("Location: /"); + exit; +} + +// Main switch dispatcher +switch ($_REQUEST['state']) { + case "update_installer_status": + update_installer_status(); + exit; + case "custominstall": + installer_custom(); + exit; + case "begin_install": + installing_gui(); + begin_install(); + exit; + case "verify_before_install": + verify_before_install(); + exit; + case "easy_install_ufs": + easy_install("UFS+S"); + exit; + case "easy_install_ufs": + easy_install("ZFS"); + exit; + + default: + installer_main(); +} + +function easy_install($fstype = "UFS+S") { + // Calculate swap and disk sizes + $disks = installer_find_all_disks(); + $memory = get_memory(); + $swap_size = $memory[0] * 2; + $first_disk = trim(installer_find_first_disk()); + $disk_info = pcsysinstall_get_disk_info($first_disk); + $size = $disk_info['size']; + $first_disk_size = $size - $swap_size; + $disk_setup = array(); + $tmp_array = array(); + // Build the disk layout for / + $tmp_array['disk'] = $first_disk; + $tmp_array['size'] = $first_disk_size; + $tmp_array['mountpoint'] = "/"; + $tmp_array['fstype'] = $fstype; + $disk_setup[] = $tmp_array; + unset($tmp_array); + $tmp_array = array(); + // Build the disk layout for SWAP + $tmp_array['disk'] = $first_disk; + $tmp_array['size'] = $swap_size; + $tmp_array['mountpoint'] = "none"; + $tmp_array['fstype'] = "SWAP"; + $disk_setup[] = $tmp_array; + unset($tmp_array); + $bootmanager = "bsd"; + file_put_contents("/tmp/webInstaller_disk_layout.txt", serialize($disk_setup)); + file_put_contents("/tmp/webInstaller_disk_bootmanager.txt", serialize($bootmanager)); + Header("Location: installer.php?state=verify_before_install"); + exit; +} + +function write_out_pc_sysinstaller_config($disks, $bootmanager = "bsd") { + $diskareas = ""; + $fd = fopen("/usr/sbin/pc-sysinstall/examples/pfSense-install.cfg", "w"); + if(!$fd) + return true; + if($bootmanager == "") + $bootmanager = "none"; + // Yes, -1. We ++ early in loop. + $numdisks = -1; + $lastdisk = ""; + $diskdefs = ""; + // Run through the disks and create the conf areas for pc-sysinstaller + foreach($disks as $disksa) { + $fstype = $disksa['fstype']; + $size = $disksa['size']; + $mountpoint = $disksa['mountpoint']; + $disk = $disksa['disk']; + if($disk <> $lastdisk) { + $lastdisk = $disk; + $numdisks++; + $diskdefs .= "# disk {$disk}\n"; + $diskdefs .= "disk{$numdisks}={$disk}\n"; + $diskdefs .= "partition=all\n"; + $diskdefs .= "bootManager={$bootmanager}\n"; + $diskdefs .= "commitDiskPart\n\n"; + } + $diskareas .= "disk{$numdisks}-part={$fstype} {$size} {$mountpoint} \n"; + if($encpass) + $diskareas .= "encpass={$encpass}\n"; + } + + $config = <<<EOF +# Sample configuration file for an installation using pc-sysinstall +# This file was automatically generated by installer.php + +installMode=fresh +installInteractive=yes +installType=FreeBSD +installMedium=LiveCD + +# Set the disk parameters +{$diskdefs} + +# Setup the disk label +# All sizes are expressed in MB +# Avail FS Types, UFS, UFS+S, UFS+J, ZFS, SWAP +# Size 0 means use the rest of the slice size +# Alternatively, you can append .eli to any of +# the above filesystem types to encrypt that disk. +# If you with to use a passphrase with this +# encrypted partition, on the next line +# the flag "encpass=" should be entered: +# encpass=mypass +# disk0-part=UFS 500 /boot +# disk0-part=UFS.eli 500 / +# disk0-part=UFS.eli 500 /usr +{$diskareas} + +# Do it now! +commitDiskLabel + +# Set if we are installing via optical, USB, or FTP +installType=FreeBSD + +packageType=cpdup + +# Optional Components +cpdupPaths=boot,COPYRIGHT,bin,conf,conf.default,dev,etc,home,kernels,libexec,lib,root,sbin,usr,var + +# runExtCommand=chmod a+rx /usr/local/bin/after_installation_routines.sh ; cd / ; /usr/local/bin/after_installation_routines.sh +EOF; + fwrite($fd, $config); + fclose($fd); + return; +} + +function start_installation() { + global $g, $fstype, $savemsg; + if(file_exists("/tmp/install_complete")) + return; + $ps_running = exec("/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep 'sh /tmp/installer.sh'"); + if($ps_running) + return; + $fd = fopen("/tmp/installer.sh", "w"); + if(!$fd) { + die(gettext("Could not open /tmp/installer.sh for writing")); + exit; + } + fwrite($fd, "/bin/rm /tmp/.pc-sysinstall/pc-sysinstall.log 2>/dev/null\n"); + fwrite($fd, "/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh -c /usr/sbin/pc-sysinstall/examples/pfSense-install.cfg \n"); + fwrite($fd, "/bin/chmod a+rx /usr/local/bin/after_installation_routines.sh\n"); + fwrite($fd, "cd / && /usr/local/bin/after_installation_routines.sh\n"); + fwrite($fd, "/bin/mkdir /mnt/tmp\n"); + fwrite($fd, "/usr/bin/touch /tmp/install_complete\n"); + fclose($fd); + exec("/bin/chmod a+rx /tmp/installer.sh"); + mwexec_bg("/bin/sh /tmp/installer.sh"); +} + +function installer_find_first_disk() { + global $g, $fstype, $savemsg; + $disk = `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list | head -n1 | cut -d':' -f1`; + return trim($disk); +} + +function pcsysinstall_get_disk_info($diskname) { + global $g, $fstype, $savemsg; + $disk = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list`); + $disks_array = array(); + foreach($disk as $d) { + $disks_info = split(":", $d); + $tmp_array = array(); + if($disks_info[0] == $diskname) { + $disk_info = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-info {$disks_info[0]}`); + $disk_info_split = split("=", $disk_info); + foreach($disk_info as $di) { + $di_s = split("=", $di); + if($di_s[0]) + $tmp_array[$di_s[0]] = $di_s[1]; + } + $tmp_array['size']--; + $tmp_array['disk'] = trim($disks_info[0]); + $tmp_array['desc'] = trim(htmlentities($disks_info[1])); + return $tmp_array; + } + } +} + +// Return an array with all disks information. +function installer_find_all_disks() { + global $g, $fstype, $savemsg; + $disk = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-list`); + $disks_array = array(); + foreach($disk as $d) { + if(!$d) + continue; + $disks_info = split(":", $d); + $tmp_array = array(); + $disk_info = split("\n", `/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh disk-info {$disks_info[0]}`); + foreach($disk_info as $di) { + $di_s = split("=", $di); + if($di_s[0]) + $tmp_array[$di_s[0]] = $di_s[1]; + } + $tmp_array['size']--; + $tmp_array['disk'] = trim($disks_info[0]); + $tmp_array['desc'] = trim(htmlentities($disks_info[1])); + $disks_array[] = $tmp_array; + } + return $disks_array; +} + +function update_installer_status() { + global $g, $fstype, $savemsg; + // Ensure status files exist + if(!file_exists("/tmp/installer_installer_running")) + touch("/tmp/installer_installer_running"); + $status = `cat /tmp/.pc-sysinstall/pc-sysinstall.log`; + $status = str_replace("\n", "\\n", $status); + $status = str_replace("\n", "\\r", $status); + echo "this.document.forms[0].installeroutput.value='$status';\n"; + echo "this.document.forms[0].installeroutput.scrollTop = this.document.forms[0].installeroutput.scrollHeight;\n"; + // Find out installer progress + $progress = "5"; + if(strstr($status, "Running: dd")) + $progress = "6"; + if(strstr($status, "Running: gpart create -s GPT")) + $progress = "7"; + if(strstr($status, "Running: gpart bootcode")) + $progress = "7"; + if(strstr($status, "Running: newfs -U")) + $progress = "8"; + if(strstr($status, "Running: sync")) + $progress = "9"; + if(strstr($status, "/boot /mnt/boot")) + $progress = "10"; + if(strstr($status, "/COPYRIGHT /mnt/COPYRIGHT")) + $progress = "11"; + if(strstr($status, "/bin /mnt/bin")) + $progress = "12"; + if(strstr($status, "/conf /mnt/conf")) + $progress = "15"; + if(strstr($status, "/conf.default /mnt/conf.default")) + $progress = "20"; + if(strstr($status, "/dev /mnt/dev")) + $progress = "25"; + if(strstr($status, "/etc /mnt/etc")) + $progress = "30"; + if(strstr($status, "/home /mnt/home")) + $progress = "35"; + if(strstr($status, "/kernels /mnt/kernels")) + $progress = "40"; + if(strstr($status, "/libexec /mnt/libexec")) + $progress = "50"; + if(strstr($status, "/lib /mnt/lib")) + $progress = "60"; + if(strstr($status, "/root /mnt/root")) + $progress = "70"; + if(strstr($status, "/sbin /mnt/sbin")) + $progress = "75"; + if(strstr($status, "/sys /mnt/sys")) + $progress = "80"; + if(strstr($status, "/usr /mnt/usr")) + $progress = "95"; + if(strstr($status, "/usr /mnt/usr")) + $progress = "90"; + if(strstr($status, "/var /mnt/var")) + $progress = "95"; + if(strstr($status, "cap_mkdb /etc/login.conf")) + $progress = "96"; + if(strstr($status, "Setting hostname")) + $progress = "97"; + if(strstr($status, "umount -f /mnt")) + $progress = "98"; + if(strstr($status, "umount -f /mnt")) + $progress = "99"; + if(strstr($status, "Installation finished")) + $progress = "100"; + // Check for error and bail if we see one. + if(stristr($status, "error")) { + $error = true; + echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"2\"><b>An error occurred. Aborting installation. <a href=\"/installer\">Back</a> to webInstaller'; "; + echo "\$('progressbar').style.width='100%';\n"; + unlink_if_exists("/tmp/install_complete"); + return; + } + $running_old = trim(file_get_contents("/tmp/installer_installer_running")); + if($installer_running <> "running") { + $ps_running = exec("/bin/ps awwwux | /usr/bin/grep -v grep | /usr/bin/grep 'sh /tmp/installer.sh'"); + if($ps_running) { + $running = "\$('installerrunning').innerHTML='<table><tr><td valign=\"middle\"><img src=\"/themes/{$g['theme']}/images/misc/loader.gif\"></td><td valign=\"middle\"> <font size=\"2\"><b>Installer running ({$progress}% completed)...</td></tr></table>'; "; + if($running_old <> $running) { + echo $running; + file_put_contents("/tmp/installer_installer_running", "$running"); + } + } + } + if($progress) + echo "\$('progressbar').style.width='{$progress}%';\n"; + if(file_exists("/tmp/install_complete")) { + echo "\$('installerrunning').innerHTML='<img class=\"infoboxnpimg\" src=\"/themes/{$g['theme']}/images/icons/icon_exclam.gif\"> <font size=\"+1\">Installation completed. Please <a href=\"/reboot.php\">reboot</a> to continue';\n"; + echo "\$('pbdiv').Fade();\n"; + unlink_if_exists("/tmp/installer.sh"); + file_put_contents("/tmp/installer_installer_running", "finished"); + } +} + +function update_installer_status_win($status) { + global $g, $fstype, $savemsg; + echo "<script type=\"text/javascript\">\n"; + echo " \$('installeroutput').value = '" . str_replace(htmlentities($status), "\n", "") . "';\n"; + echo "</script>\n"; +} + +function begin_install() { + global $g, $savemsg; + if(file_exists("/tmp/install_complete")) + return; + unlink_if_exists("/tmp/install_complete"); + update_installer_status_win(sprintf(gettext("Beginning installation on disk %s."),$disk)); + start_installation(); +} + +function head_html() { + global $g, $fstype, $savemsg; + echo <<<EOF +<html> + <head> + <style type='text/css'> + hr { + border: 0; + color: #000000; + background-color: #000000; + height: 1px; + width: 100%; + text-align: left; + } + a:link { + color: #000000; + text-decoration:underline; + font-size:14; + } + a:visited { + color: #000000; + text-decoration:underline; + font-size:14; + } + a:hover { + color: #FFFF00; + text-decoration: none; + font-size:14; + } + a:active { + color: #FFFF00; + text-decoration:underline; + font-size:14; + } + </style> + </head> +EOF; + +} + +function body_html() { + global $g, $fstype, $savemsg; + $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); + if(strstr($pfSversion, "1.2")) + $one_two = true; + $pgtitle = array("{$g['product_name']}", gettext("Installer")); + include("head.inc"); + echo <<<EOF + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script> + <script src="/javascript/scriptaculous/scriptaculous.js" type="text/javascript"></script> + <script type="text/javascript"> + function getinstallerprogress() { + url = '/installer/installer.php'; + pars = 'state=update_installer_status'; + callajax(url, pars, installcallback); + } + function callajax(url, pars, activitycallback) { + var myAjax = new Ajax.Request( + url, + { + method: 'post', + parameters: pars, + onComplete: activitycallback + }); + } + function installcallback(transport) { + setTimeout('getinstallerprogress()', 2000); + eval(transport.responseText); + } + </script> +EOF; + + if($one_two) + echo "<p class=\"pgtitle\">{$pgtitle}</font></p>"; + + if ($savemsg) print_info_box($savemsg); +} + +function end_html() { + global $g, $fstype, $savemsg; + echo "</form>"; + echo "</body>"; + echo "</html>"; +} + +function template() { + global $g, $fstype, $savemsg; + head_html(); + body_html(); + echo <<<EOF + <div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td class="tabcont" > + <form action="installer.php" method="post"> + <div id="pfsensetemplate"> + + + </div> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> + </div> +EOF; + end_html(); +} + +function verify_before_install() { + global $g, $fstype, $savemsg; + $encrypted_root = false; + $non_encrypted_boot = false; + $non_encrypted_notice = false; + head_html(); + body_html(); + page_table_start($g['product_name'] . " installer - Verify final installation settings"); + // If we are visiting this step from anything but the row editor / custom install + // then load the on disk layout contents if they are available. + if(!$_REQUEST['fstype0'] && file_exists("/tmp/webInstaller_disk_layout.txt")) { + $disks = unserialize(file_get_contents("/tmp/webInstaller_disk_layout.txt")); + $bootmanager = unserialize(file_get_contents("/tmp/webInstaller_disk_bootmanager.txt")); + $restored_layout_from_file = true; + $restored_layout_txt = "The previous disk layout was restored from disk"; + } else { + $disks = array(); + } + if(!$bootmanager) + $bootmanager = $_REQUEST['bootmanager']; + echo "\n<!--" . print_r($_REQUEST, true) . " -->\n"; + $disk = pcsysinstall_get_disk_info(htmlspecialchars($_REQUEST['disk'])); + $disksize = format_bytes($disk['size'] * 1048576); + // Loop through posted items and create an array + for($x=0; $x<99; $x++) { // XXX: Make this more optimal + if(!$_REQUEST['fstype' . $x]) + continue; + $tmparray = array(); + if($_REQUEST['fstype' . $x] <> "SWAP") { + $tmparray['mountpoint'] = $_REQUEST['mountpoint' . $x]; + // Check for encrypted slice / + if(stristr($_REQUEST['fstype' . $x], ".eli")) { + if($tmparray['mountpoint'] == "/") + $encrypted_root = true; + } + // Check if we have a non-encrypted /boot + if($tmparray['mountpoint'] == "/boot") { + if(!stristr($_REQUEST['fstype' . $x], ".eli")) + $non_encrypted_boot = true; + } + if($tmparray['mountpoint'] == "/conf") { + $tmparray['mountpoint'] = "/conf{$x}"; + $error_txt[] = "/conf is not an allowed mount point and has been renamed to /conf{$x}."; + } + } else { + $tmparray['mountpoint'] = "none"; + } + // If we have an encrypted /root and lack a non encrypted /boot, throw an error/warning + if($encrypted_root && !$non_encrypted_boot && !$non_encrypted_notice) { + $error_txt[] = "A non-encrypted /boot slice is required when encrypting the / slice"; + $non_encrypted_notice = true; + } + $tmparray['disk'] = $_REQUEST['disk' . $x]; + $tmparray['fstype'] = $_REQUEST['fstype' . $x]; + $tmparray['size'] = $_REQUEST['size' . $x]; + $tmparray['encpass'] = $_REQUEST['encpass' . $x]; + $disks[] = $tmparray; + } + echo "\n<!-- " . print_r($disks, true) . " --> \n"; + $bootmanagerupper = strtoupper($bootmanager); + echo <<<EOFAMBAC + <form method="post" action="installer.php"> + <input type="hidden" name="fstype" value="{$fstype_echo}"> + <input type="hidden" name="disk" value="{$disk_echo}"> + <input type="hidden" name="state" value="begin_install"> + <input type="hidden" name="swapsize" value="{$swapsize}"> + <input type="hidden" name="encpass" value="{$encpass}"> + <input type="hidden" name="bootmanager" value="{$bootmanager}"> + <div id="mainlevel"> + <table width="800" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <div id="mainarea"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td > + <div> + <center> + <div id="pfsensetemplate"> + <table width='100%'> +EOFAMBAC; + // If errors are found, throw the big red box. + if ($error_txt) { + echo "<tr><td colspan=\"5\"> </td>"; + echo "<tr><td colspan=\"5\">"; + print_input_errors($error_txt); + echo "</td></tr>"; + } else + echo "<tr><td> </td></tr>"; + + echo <<<EOFAMBACBAF + + <tr><td colspan='5' align="center"><b>Boot manager: {$bootmanagerupper}</td></tr> + <tr><td> </td></tr> + <tr> + <td align='left'> + <b>Mount point</b> + </td> + <td align='left'> + <b>Filesysytem type</b> + </td> + <td align='left'> + <b>Disk</b> + </td> + <td align='left'> + <b>Size</b> + </td> + <td align='left'> + <b>Encryption password</b> + </td> + </tr> + <tr><td colspan='5'><hr></td></tr> + +EOFAMBACBAF; + + foreach($disks as $disk) { + $desc = pcsysinstall_get_disk_info($disk['disk']); + echo "<tr>"; + echo "<td> {$disk['mountpoint']}</td>"; + echo "<td>{$disk['fstype']}</td>"; + echo "<td>{$disk['disk']} {$desc['desc']}</td>"; + echo "<td>{$disk['size']}</td>"; + echo "<td>{$disk['encpass']}</td>"; + echo "</tr>"; + } + +echo <<<EOFAMB + <tr><td colspan="5"><hr></td></tr> + </table> + </div> + </center> + </div> + </td> + </tr> + </table> + </div> + <center> + <p/> + <input type="button" value="Cancel" onClick="javascript:document.location='installer.php?state=custominstall';"> +EOFAMB; + if(!$error_txt) + echo "<input type=\"submit\" value=\"Begin installation\"> <br/> "; +echo <<<EOFAMBASDF + + </center> + </td> + </tr> + </table> + </div> +EOFAMBASDF; + + + page_table_end(); + end_html(); + write_out_pc_sysinstaller_config($disks, $bootmanager); + // Serialize layout to disk so it can be read in later. + file_put_contents("/tmp/webInstaller_disk_layout.txt", serialize($disks)); + file_put_contents("/tmp/webInstaller_disk_bootmanager.txt", serialize($bootmanager)); +} + +function installing_gui() { + global $g, $fstype, $savemsg; + head_html(); + body_html(); + echo "<form action=\"installer.php\" method=\"post\" state=\"step1_post\">"; + page_table_start(); + echo <<<EOF + <center> + <table width="100%"> + <tr><td> + <div id="mainlevel"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <div id="mainarea"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + <div id="pfsenseinstaller" width="100%"> + <div id='installerrunning' width='100%' style="padding:8px; border:1px dashed #000000"> + <table> + <tr> + <td valign="middle"> + <img src="/themes/{$g['theme']}/images/misc/loader.gif"> + </td> + <td valign="middle"> + <font size="2"><b>Starting Installer... Please wait... + </td> + </tr> + </table> + </div> + <div id='pbdiv'> + <br/> + <center> + <table id='pbtable' height='15' width='640' border='0' colspacing='0' cellpadding='0' cellspacing='0'> + <tr> + <td background="/themes/the_wall/images/misc/bar_left.gif" height='15' width='5'> + </td> + <td> + <table id="progholder" name="progholder" height='15' width='630' border='0' colspacing='0' cellpadding='0' cellspacing='0'> + <td background="/themes/the_wall/images/misc/bar_gray.gif" valign="top" align="left"> + <img src='/themes/the_wall/images/misc/bar_blue.gif' width='0' height='15' name='progressbar' id='progressbar'> + </td> + </table> + </td> + <td background="/themes/the_wall/images/misc/bar_right.gif" height='15' width='5'> + </td> + </tr> + </table> + <br/> + </div> + <textarea name='installeroutput' id='installeroutput' rows="31" cols="90"> + </textarea> + </div> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> + </div> + </td></tr> + </table> + </center> + <script type="text/javascript">setTimeout('getinstallerprogress()', 250);</script> + +EOF; + page_table_end(); + end_html(); +} + +function page_table_start($pgtitle = "") { + global $g, $fstype, $savemsg; + if($pgtitle == "") + $pgtitle = "{$g['product_name']} installer"; + echo <<<EOF + <center> + <img border="0" src="/themes/{$g['theme']}/images/logo.gif"></a><br/> + <table cellpadding="6" cellspacing="0" width="550" style="border:1px solid #000000"> + <tr height="10" bgcolor="#990000"> + <td style="border-bottom:1px solid #000000"> + <font color='white'> + <b> + {$pgtitle} + </b> + </font> + </td> + </tr> + <tr> + <td> + +EOF; + +} + +function page_table_end() { + global $g, $fstype, $savemsg; + echo <<<EOF + </td> + </tr> + </table> + </center> + +EOF; + +} + +function installer_custom() { + global $g, $fstype, $savemsg; + global $select_txt, $custom_disks; + if(file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log")) + unlink("/tmp/.pc-sysinstall/pc-sysinstall.log"); + $disks = installer_find_all_disks(); + // Pass size of disks down to javascript. + $disk_sizes_js_txt = "var disk_sizes = new Array();\n"; + foreach($disks as $disk) + $disk_sizes_js_txt .= "disk_sizes['{$disk['disk']}'] = '{$disk['size']}';\n"; + head_html(); + body_html(); + page_table_start($g['product_name'] . " installer - Customize disk(s) layout"); + echo <<<EOF + <script type="text/javascript"> + Array.prototype.in_array = function(p_val) { + for(var i = 0, l = this.length; i < l; i++) { + if(this[i] == p_val) { + return true; + } + } + return false; + } + function row_helper_dynamic_custom() { + var totalsize = 0; + {$disk_sizes_js_txt} + // Run through all rows and process data + for(var x = 0; x<99; x++) { //optimize me better + if(\$('fstype' + x)) { + if(\$('size' + x).value == '') + \$('size' + x).value = disk_sizes[\$('disk' + x).value]; + var fstype = \$F('fstype' + x); + if(fstype.substring(fstype.length - 4) == ".eli") { + \$('encpass' + x).disabled = 0; + if(!encryption_warning_shown) { + alert('NOTE: If you define a disk encryption password you will need to enter it on *EVERY* bootup!'); + encryption_warning_shown = true; + } + } else { + \$('encpass' + x).disabled = 1; + } + } + // Calculate size allocations + if(\$('size' + x)) { + if(parseInt($('size' + x).value) > 0) + totalsize += parseInt($('size' + x).value); + } + } + // If the totalsize element exists, set it and disable + if(\$('totalsize')) { + if(\$('totalsize').value != totalsize) { + // When size allocation changes, draw attention. + new Effect.Highlight('totalsize'); + \$('totalsize').value = totalsize; + } + \$('totalsize').disabled = 1; + } + if(\$('disktotals')) { + var disks_seen = new Array(); + var tmp_sizedisks = 0; + var disksseen = 0; + for(var xx = 0; xx<99; xx++) { + if(\$('disk' + xx)) { + if(!disks_seen.in_array(\$('disk' + xx).value)) { + tmp_sizedisks += parseInt(disk_sizes[\$('disk' + xx).value]); + disks_seen[disksseen] = \$('disk' + xx).value; + disksseen++; + } + } + \$('disktotals').value = tmp_sizedisks; + \$('disktotals').disabled = 1; + \$('disktotals').setStyle({color:'#000000'}); + var remaining = parseInt(\$('disktotals').value) - parseInt(\$('totalsize').value); + if(remaining == 0) { + if(\$('totalsize')) + \$('totalsize').setStyle({ + background:'#00FF00', + color:'#000000' + }); + } else { + if(\$('totalsize')) + \$('totalsize').setStyle({ + background:'#FFFFFF', + color:'#000000' + }); + } + if(parseInt(\$('totalsize').value) > parseInt(\$('disktotals').value)) { + if(\$('totalsize')) + \$('totalsize').setStyle({ + background:'#FF0000', + color:'#000000' + }); + } + if(\$('availalloc')) { + \$('availalloc').disabled = 1; + \$('availalloc').value = remaining; + \$('availalloc').setStyle({ + background:'#FFFFFF', + color:'#000000' + }); + } + } + } + } + </script> + <script type="text/javascript" src="/javascript/row_helper_dynamic.js"></script> + <script type="text/javascript"> + // Setup rowhelper data types + rowname[0] = "mountpoint"; + rowtype[0] = "textbox"; + rowsize[0] = "8"; + rowname[1] = "fstype"; + rowtype[1] = "select"; + rowsize[1] = "1"; + rowname[2] = "disk"; + rowtype[2] = "select"; + rowsize[2] = "1"; + rowname[3] = "size"; + rowtype[3] = "textbox"; + rowsize[3] = "8"; + rowname[4] = "encpass"; + rowtype[4] = "textbox"; + rowsize[4] = "8"; + field_counter_js = 5; + rows = 1; + totalrows = 1; + loaded = 1; + rowhelper_onChange = " onChange='javascript:row_helper_dynamic_custom()' "; + rowhelper_onDelete = "row_helper_dynamic_custom(); "; + rowhelper_onAdd = "row_helper_dynamic_custom();"; + </script> + <form action="installer.php" method="post"> + <input type="hidden" name="state" value="verify_before_install"> + <div id="mainlevel"> + <center> + <table width="100%" border="0" cellpadding="5" cellspacing="0"> + <tr> + <td> + <center> + <div id="mainarea"> + <center> + <table width="100%" border="0" cellpadding="5" cellspacing="5"> + <tr> + <td> + <div id="pfsenseinstaller"> + <center> + <div id='loadingdiv'> + <table> + <tr> + <td valign="center"> + <img src="/themes/{$g['theme']}/images/misc/loader.gif"> + </td> + <td valign="center"> + Probing disks, please wait... + </td> + </tr> + </table> + </div> +EOF; + ob_flush(); + // Read bootmanager setting from disk if found + if(file_exists("/tmp/webInstaller_disk_bootmanager.txt")) + $bootmanager = unserialize(file_get_contents("/tmp/webInstaller_disk_bootmanager.txt")); + if($bootmanager == "none") + $noneselected = " SELECTED"; + if($bootmanager == "bsd") + $bsdeselected = " SELECTED"; + if(!$disks) { + $custom_txt = gettext("ERROR: Could not find any suitable disks for installation."); + } else { + // Prepare disk selection dropdown + $custom_txt = <<<EOF + <center> + <table> + <tr> + <td align='right'> + Boot manager: + </td> + <td> + <select name='bootmanager'> + <option value='none' $noneselected> + None + </option> + <option value='bsd' $bsdeselected> + BSD + </option> + </select> + </td> + </tr> + </table> + <hr> + <table id='maintable'><tbody> + <tr> + <td align="middle"> + <b>Mount</b> + </td> + <td align='middle'> + <b>Filesysytem</b> + </td> + <td align="middle"> + <b>Disk</b> + </td> + <td align="middle"> + <b>Size</b> + </td> + <td align="middle"> + <b>Encryption password</b> + </td> + <td> + + </td> + </tr> + <tr> + +EOF; + + // Calculate swap disk sizes + $memory = get_memory(); + $swap_size = $memory[0] * 2; + $first_disk = trim(installer_find_first_disk()); + $disk_info = pcsysinstall_get_disk_info($first_disk); + $size = $disk_info['size']; + $first_disk_size = $size - $swap_size; + + // Debugging + echo "\n\n<!-- $first_disk - " . print_r($disk_info, true) . " - $size - $first_disk_size -->\n\n"; + + // Check to see if a on disk layout exists + if(file_exists("/tmp/webInstaller_disk_layout.txt")) { + $disks_restored = unserialize(file_get_contents("/tmp/webInstaller_disk_layout.txt")); + $restored_layout_from_file = true; + $restored_layout_txt = "<br/>* The previous disk layout was restored from a previous session"; + } + + // If we restored disk layout(s) from a file then build the rows + if($restored_layout_from_file == true) { + $diskcounter = 0; + foreach($disks_restored as $dr) { + $custom_txt .= return_rowhelper_row("$diskcounter", $dr['mountpoint'], $dr['fstype'], $dr['disk'], $dr['size'], $dr['encpass']); + $diskcounter++; + } + } else { + // Construct the default rows that outline the disks configuration. + $custom_txt .= return_rowhelper_row("0", "/", "UFS+S", $first_disk, "{$first_disk_size}", ""); + $custom_txt .= return_rowhelper_row("1", "none", "SWAP", $first_disk, "$swap_size", ""); + } + + // tfoot and tbody are used by rowhelper + $custom_txt .= "</tr>"; + $custom_txt .= "<tfoot></tfoot></tbody>"; + // Total allocation box + $custom_txt .= "<tr><td></td><td></td><td align='right'>Total allocated:</td><td><input style='border:0px; background-color: #FFFFFF;' size='8' id='totalsize' name='totalsize'></td>"; + // Add row button + $custom_txt .= "</td><td> </td><td>"; + $custom_txt .= "<div id=\"addrowbutton\">"; + $custom_txt .= "<a onclick=\"javascript:addRowTo('maintable', 'formfldalias'); return false;\" href=\"#\">"; + $custom_txt .= "<img border=\"0\" src=\"/themes/{$g['theme']}/images/icons/icon_plus.gif\" alt=\"\" title=\"add another entry\" /></a>"; + $custom_txt .= "</div>"; + $custom_txt .= "</td></tr>"; + // Disk capacity box + $custom_txt .= "<tr><td></td><td></td><td align='right'>Disk(s) capacity total:</td><td><input style='border:0px; background-color: #FFFFFF;' size='8' id='disktotals' name='disktotals'></td></tr>"; + // Remaining allocation box + $custom_txt .= "<tr><td></td><td></td><td align='right'>Available space for allocation:</td><td><input style='border:0px; background-color: #FFFFFF;' size='8' id='availalloc' name='availalloc'></td></tr>"; + $custom_txt .= "</table>"; + $custom_txt .= "<script type=\"text/javascript\">row_helper_dynamic_custom();</script>"; + } + echo <<<EOF + + <tr> + <td colspan='4'> + <script type="text/javascript"> + \$('loadingdiv').style.visibility='hidden'; + </script> + <div id='contentdiv' style="display:none;"> + <p/> + {$custom_txt}<p/> + <hr><p/> + <input type="button" value="Cancel" onClick="javascript:document.location='/installer/installer.php';">   + <input type="submit" value="Next"> + </div> + <script type="text/javascript"> + var encryption_warning_shown = false; + \$('contentdiv').appear(); + row_helper_dynamic_custom(); + </script> + </center> + </td></tr> + </table> + </div> + </td> + </tr> + </table> + </center> + <span class="vexpl"> + <span class="red"> + <strong> + NOTES: + </strong> + </span> + <br/>* Sizes are in megabytes. + <br/>* Mount points named /conf are not allowed. Use /cf if you want to make a configuration slice/mount. + {$restored_layout_txt} + </span> + </strong> + </div> + </td> + </tr> + </table> + </div> + </center> + <script type="text/javascript"> + <!-- + newrow[1] = "{$select_txt}"; + newrow[2] = "{$custom_disks}"; + --> + </script> + + +EOF; + page_table_end(); + end_html(); +} + +function installer_main() { + global $g, $fstype, $savemsg; + if(file_exists("/tmp/.pc-sysinstall/pc-sysinstall.log")) + unlink("/tmp/.pc-sysinstall/pc-sysinstall.log"); + head_html(); + body_html(); + $disk = installer_find_first_disk(); + // Only enable ZFS if this exists. The install will fail otherwise. + if(file_exists("/boot/gptzfsboot")) + $zfs_enabled = "<tr bgcolor=\"#9A9A9A\"><td align=\"center\"><a href=\"installer.php?state=easy_install_zfs\">Easy installation of {$g['product_name']} using the ZFS filesystem on disk {$disk}</a></td></tr>"; + page_table_start(); + echo <<<EOF + <form action="installer.php" method="post" state="step1_post"> + <div id="mainlevel"> + <center> + <b><font face="arial" size="+2">Welcome to the {$g['product_name']} webInstaller!</b></font><p/> + <font face="arial" size="+1">This utility will install {$g['product_name']} to a hard disk, flash drive, etc.</font> + <table width="100%" border="0" cellpadding="5" cellspacing="0"> + <tr> + <td> + <center> + <div id="mainarea"> + <br/> + <center> + Please select an installer option to begin: + <p/> + <table width="100%" border="0" cellpadding="5" cellspacing="5"> + <tr> + <td> + <div id="pfsenseinstaller"> + <center> +EOF; + if(!$disk) { + echo gettext("ERROR: Could not find any suitable disks for installation."); + echo "</div></td></tr></table></div></table></div>"; + end_html(); + exit; + } + echo <<<EOF + + <table cellspacing="5" cellpadding="5" style="border: 1px dashed;"> + <tr bgcolor="#CECECE"><td align="center"> + <a href="installer.php?state=easy_install_ufs">Easy installation of {$g['product_name']} using the UFS filesystem on disk {$disk}</a> + </td></tr> + {$zfs_enabled} + <tr bgcolor="#AAAAAA"><td align="center"> + <a href="installer.php?state=custominstall">Custom installation of {$g['product_name']}</a> + </td></tr> + <tr bgcolor="#CECECE"><td align="center"> + <a href='/'>Cancel and return to Dashboard</a> + </td></tr> + </table> + </center> + </div> + </td> + </tr> + </table> + </div> + </td> + </tr> + </table> + </div> +EOF; + page_table_end(); + end_html(); +} + +function return_rowhelper_row($rownum, $mountpoint, $fstype, $disk, $size, $encpass) { + global $g, $select_txt, $custom_disks, $savemsg; + $release = php_uname("r"); + $release = trim($release[0]); + + // Mount point + $disks = installer_find_all_disks(); + $custom_txt .= "<tr>"; + $custom_txt .= "<td><input size='8' id='mountpoint{$rownum}' name='mountpoint{$rownum}' value='{$mountpoint}'></td>"; + + // Filesystem type array + $types = array( + 'UFS' => 'UFS', + 'UFS+S' => 'UFS + Softupdates', + 'UFS.eli' => 'Encrypted UFS', + 'UFS+S.eli' => 'Encrypted UFS + Softupdates', + 'SWAP' => 'SWAP' + ); + + // UFS + Journaling was introduced in 9.0 + if($release == "9") { + $types['UFS+J'] = "UFS + Journaling"; + $types['UFS+J.eli'] = "Encrypted UFS + Journaling"; + } + + // Add ZFS Boot loader if it exists + if(file_exists("/boot/gptzfsboot")) { + $types['ZFS'] = "Zetabyte Filesystem"; + $types['ZFS.eli'] = "Encrypted Zetabyte Filesystem"; + } + + // fstype form field + $custom_txt .= "<td><select onChange='javascript:row_helper_dynamic_custom()' id='fstype{$rownum}' name='fstype{$rownum}'>"; + $select_txt = ""; + foreach($types as $type => $desc) { + if($type == $fstype) + $SELECTED="SELECTED"; + else + $SELECTED=""; + $select_txt .= "<option value='$type' $SELECTED>$desc</option>"; + } + $custom_txt .= "{$select_txt}</select>\n"; + $custom_txt .= "</td>"; + + // Disk selection form field + $custom_txt .= "<td><select id='disk{$rownum}' name='disk{$rownum}'>\n"; + $custom_disks = ""; + foreach($disks as $dsk) { + $disksize_bytes = format_bytes($dsk['size'] * 1048576); + $disksize = $dsk['size']; + if($disk == $dsk['disk']) + $SELECTED="SELECTED"; + else + $SELECTED=""; + $custom_disks .= "<option value='{$dsk['disk']}' $SELECTED>{$dsk['disk']} - {$dsk['desc']} - {$disksize}MB ({$disksize_bytes})</option>"; + } + $custom_txt .= "{$custom_disks}</select></td>\n"; + + // Slice size + $custom_txt .= "<td><input onChange='javascript:row_helper_dynamic_custom();' name='size{$rownum}' id='size{$rownum}' size='8' type='text' value='{$size}'></td>"; + + // Encryption password + $custom_txt .= "<td>"; + $custom_txt .= "<input id='encpass{$rownum}' name='encpass{$rownum}' size='8' value='{$encpass}'>"; + $custom_txt .= "</td>"; + + // Add Rowhelper + button + if($rownum > 0) + $custom_txt .= "<td><a onclick=\"removeRow(this); return false;\" href=\"#\"><img border=\"0\" src=\"/themes/{$g['theme']}/images/icons/icon_x.gif\" alt=\"\" title=\"remove this entry\"/></a></td>"; + + $custom_txt .= "</tr>"; + return $custom_txt; +} + +?>
\ No newline at end of file diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 2d821ab..98d449b 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -759,15 +759,15 @@ function handle_wireless_post() { $config['wireless']['interfaces'][$wlanbaseif] = array(); } else if (isset($config['wireless']['interfaces'][$wlanbaseif])) unset($config['wireless']['interfaces'][$wlanbaseif]); - if (isset($_POST['diversity']) && $_POST['diversity'] != "") + if (isset($_POST['diversity']) && is_numeric($_POST['diversity'])) $wancfg['wireless']['diversity'] = $_POST['diversity']; else if (isset($wancfg['wireless']['diversity'])) unset($wancfg['wireless']['diversity']); - if (isset($_POST['txantenna']) && $_POST['txantenna'] != "") + if (isset($_POST['txantenna']) && is_numeric($_POST['txantenna'])) $wancfg['wireless']['txantenna'] = $_POST['txantenna']; else if (isset($wancfg['wireless']['txantenna'])) unset($wancfg['wireless']['txantenna']); - if (isset($_POST['rxantenna']) && $_POST['rxantenna'] != "") + if (isset($_POST['rxantenna']) && is_numeric($_POST['rxantenna'])) $wancfg['wireless']['rxantenna'] = $_POST['rxantenna']; else if (isset($wancfg['wireless']['rxantenna'])) unset($wancfg['wireless']['rxantenna']); @@ -1653,9 +1653,9 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <td> <?=gettext("Diversity"); ?><br/> <select name="diversity" class="formselect" id="diversity"> - <option <?php if (empty($pconfig['diversity'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> - <option <?php if ($pconfig['diversity'] == '0') echo "selected"; ?> value="0"><?=gettext("Off"); ?></option> - <option <?php if ($pconfig['diversity'] == '1') echo "selected"; ?> value="1"><?=gettext("On"); ?></option> + <option <?php if (!isset($pconfig['diversity'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> + <option <?php if ($pconfig['diversity'] === '0') echo "selected"; ?> value="0"><?=gettext("Off"); ?></option> + <option <?php if ($pconfig['diversity'] === '1') echo "selected"; ?> value="1"><?=gettext("On"); ?></option> </select> </td> <td>  </td> @@ -1664,10 +1664,10 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <td> <?=gettext("Transmit antenna"); ?><br/> <select name="txantenna" class="formselect" id="txantenna"> - <option <?php if (empty($pconfig['txantenna'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> - <option <?php if ($pconfig['txantenna'] == '0') echo "selected"; ?> value="0"><?=gettext("Auto"); ?></option> - <option <?php if ($pconfig['txantenna'] == '1') echo "selected"; ?> value="1"><?=gettext("#1"); ?></option> - <option <?php if ($pconfig['txantenna'] == '2') echo "selected"; ?> value="2"><?=gettext("#2"); ?></option> + <option <?php if (!isset($pconfig['txantenna'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> + <option <?php if ($pconfig['txantenna'] === '0') echo "selected"; ?> value="0"><?=gettext("Auto"); ?></option> + <option <?php if ($pconfig['txantenna'] === '1') echo "selected"; ?> value="1"><?=gettext("#1"); ?></option> + <option <?php if ($pconfig['txantenna'] === '2') echo "selected"; ?> value="2"><?=gettext("#2"); ?></option> </select> </td> <td>  </td> @@ -1676,10 +1676,10 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <td> <?=gettext("Receive antenna"); ?><br/> <select name="rxantenna" class="formselect" id="rxantenna"> - <option <?php if (empty($pconfig['rxantenna'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> - <option <?php if ($pconfig['rxantenna'] == '0') echo "selected"; ?> value="0"><?=gettext("Auto"); ?></option> - <option <?php if ($pconfig['rxantenna'] == '1') echo "selected"; ?> value="1"><?=gettext("#1"); ?></option> - <option <?php if ($pconfig['rxantenna'] == '2') echo "selected"; ?> value="2"><?=gettext("#2"); ?></option> + <option <?php if (!isset($pconfig['rxantenna'])) echo "selected"; ?> value=""><?=gettext("Default"); ?></option> + <option <?php if ($pconfig['rxantenna'] === '0') echo "selected"; ?> value="0"><?=gettext("Auto"); ?></option> + <option <?php if ($pconfig['rxantenna'] === '1') echo "selected"; ?> value="1"><?=gettext("#1"); ?></option> + <option <?php if ($pconfig['rxantenna'] === '2') echo "selected"; ?> value="2"><?=gettext("#2"); ?></option> </select> </td> <?php endif; ?> @@ -1963,7 +1963,7 @@ $types = array("none" => gettext("None"), "static" => gettext("Static"), "dhcp" <td class="vtable"> <input name="ieee8021x" type="checkbox" value="yes" class="formfld" id="ieee8021x" <?php if ($pconfig['ieee8021x']) echo "checked";?>> <br/><?=gettext("Setting this option will enable 802.1x authentication."); ?> - <br/><span class="red"><strong><?=gettext("NOTE"); ?>:</strong</span> <?=gettext("this option requires checking the \"Enable WPA box\"."); ?> + <br/><span class="red"><strong><?=gettext("NOTE"); ?>:</strong></span> <?=gettext("this option requires checking the \"Enable WPA box\"."); ?> </td> </tr> <tr> diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 340ee78..3d2cec0 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -191,6 +191,12 @@ if ($_POST['apply']) { } } + if (is_array($config['vlans']['vlan'])) { + foreach ($config['vlans']['vlan'] as $vlan) { + if (does_interface_exist($vlan['if']) == false) + $input_errors[] = "Vlan parent interface {$vlan['if']} does not exist anymore so vlan id {$vlan['tag']} cannot be created please fix the issue before continuing."; + } + } if (!$input_errors) { /* No errors detected, so update the config */ diff --git a/usr/local/www/interfaces_bridge_edit.php b/usr/local/www/interfaces_bridge_edit.php index 06d5b94..ec48bc9 100644 --- a/usr/local/www/interfaces_bridge_edit.php +++ b/usr/local/www/interfaces_bridge_edit.php @@ -46,6 +46,10 @@ if (!is_array($config['bridges']['bridged'])) $a_bridges = &$config['bridges']['bridged']; $ifacelist = get_configured_interface_with_descr(); +foreach ($ifacelist as $bif => $bdescr) { + if (substr(get_real_interface($bif), 0, 3) == "gre") + unset($ifacelist[$bif]); +} $id = $_GET['id']; if (isset($_POST['id'])) diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php index 59bad8f..6744979 100644 --- a/usr/local/www/interfaces_gif_edit.php +++ b/usr/local/www/interfaces_gif_edit.php @@ -111,6 +111,10 @@ if ($_POST) { write_config(); + $confif = convert_real_interface_to_friendly_interface_name($gif['gifif']); + if ($confif <> "") + interface_configure($confif); + header("Location: interfaces_gif.php"); exit; } diff --git a/usr/local/www/interfaces_gre.php b/usr/local/www/interfaces_gre.php index c9fa525..d9e19c2 100644 --- a/usr/local/www/interfaces_gre.php +++ b/usr/local/www/interfaces_gre.php @@ -110,7 +110,7 @@ include("head.inc"); <td width="10%" class="list"></td> </tr> <?php $i = 0; foreach ($a_gres as $gre): ?> - <tr ondblclick="document.location='interfaces_vlan_gre.php?id=<?=$i;?>'"> + <tr ondblclick="document.location='interfaces_gre_edit.php?id=<?=$i;?>'"> <td class="listlr"> <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gre['if']));?> </td> diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php index ce9f324..ca95369 100644 --- a/usr/local/www/interfaces_gre_edit.php +++ b/usr/local/www/interfaces_gre_edit.php @@ -114,6 +114,10 @@ if ($_POST) { write_config(); + $confif = convert_real_interface_to_friendly_interface_name($gre['greif']); + if ($confif <> "") + interface_configure($confif); + header("Location: interfaces_gre.php"); exit; } diff --git a/usr/local/www/interfaces_groups_edit.php b/usr/local/www/interfaces_groups_edit.php index 253be67..2c193f6 100755 --- a/usr/local/www/interfaces_groups_edit.php +++ b/usr/local/www/interfaces_groups_edit.php @@ -93,7 +93,7 @@ if ($_POST) { if (!$input_errors) { $ifgroupentry = array(); $ifgroupentry['members'] = $members; - $ifgroupentry['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $ifgroupentry['descr'] = $_POST['descr']; if (isset($id) && $a_ifgroups[$id] && $_POST['ifname'] != $a_ifgroups[$id]['ifname']) { if (!empty($config['filter']) && is_array($config['filter']['rule'])) { @@ -156,7 +156,7 @@ if ($_POST) { header("Location: interfaces_groups.php"); exit; } else { - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $pconfig['descr'] = $_POST['descr']; $pconfig['members'] = $members; } } diff --git a/usr/local/www/interfaces_lagg_edit.php b/usr/local/www/interfaces_lagg_edit.php index b30853b..09dbf51 100644 --- a/usr/local/www/interfaces_lagg_edit.php +++ b/usr/local/www/interfaces_lagg_edit.php @@ -69,6 +69,9 @@ if (isset($_POST['id'])) if (isset($id) && $a_laggs[$id]) { $pconfig['laggif'] = $a_laggs[$id]['laggif']; $pconfig['members'] = $a_laggs[$id]['members']; + $laggiflist = explode(",", $a_laggs[$id]['members']); + foreach ($laggiflist as $tmpif) + unset($realifchecklist[get_real_interface($tmpif)]); $pconfig['proto'] = $a_laggs[$id]['proto']; $pconfig['descr'] = $a_laggs[$id]['descr']; } diff --git a/usr/local/www/interfaces_ppps_edit.php b/usr/local/www/interfaces_ppps_edit.php index 46fb414..140b998 100644 --- a/usr/local/www/interfaces_ppps_edit.php +++ b/usr/local/www/interfaces_ppps_edit.php @@ -683,7 +683,7 @@ $types = array("select" => gettext("Select"), "ppp" => "PPP", "pppoe" => "PPPoE" <td valign="top" class="vncell"><?= gettext("Dial On Demand"); ?></td> <td class="vtable"> <input type="checkbox" value="on" id="ondemand" name="ondemand" <?php if (isset($pconfig['ondemand'])) echo "checked"; ?>> <?= gettext("Enable Dial-on-Demand mode"); ?> - <br/> <span class="vexpl"><?= gettext("This option causes the interface to operate in dial-on-demand mode, allowing you to have a virtual full time connection. " . + <br/> <span class="vexpl"><?= gettext("This option causes the interface to operate in dial-on-demand mode. Do NOT enable if you want your link to be always up. " . "The interface is configured, but the actual connection of the link is delayed until qualifying outgoing traffic is detected."); ?> </span> </td> </tr> @@ -779,7 +779,7 @@ $types = array("select" => gettext("Select"), "ppp" => "PPP", "pppoe" => "PPPoE" <br> <span class="vexpl"><?=gettext("Set ONLY for MLPPP connections.");?> MRRU <?=gettext("will be auto-negotiated by default.");?></span> </td> </tr> - </table + </table> </td> </tr><?php endfor; ?> <tr> diff --git a/usr/local/www/interfaces_qinq_edit.php b/usr/local/www/interfaces_qinq_edit.php index e8b698e..2ffbac9 100755 --- a/usr/local/www/interfaces_qinq_edit.php +++ b/usr/local/www/interfaces_qinq_edit.php @@ -142,7 +142,7 @@ if ($_POST) { if (!$input_errors) { $qinqentry['members'] = $members; - $qinqentry['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $qinqentry['descr'] = $_POST['descr']; $qinqentry['vlanif'] = "{$_POST['if']}_{$_POST['tag']}"; $nmembers = explode(" ", $members); @@ -200,7 +200,7 @@ if ($_POST) { header("Location: interfaces_qinq.php"); exit; } else { - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $pconfig['descr'] = $_POST['descr']; $pconfig['tag'] = $_POST['tag']; $pconfig['members'] = $members; } diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index 447722a..ea43508 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -96,6 +96,11 @@ if ($_POST) { } if (!$input_errors) { + if (isset($id) && $a_vlans[$id]) { + if ($a_vlans[$id]['if'] != $_POST['if']) + // Destroy previous vlan + pfSense_interface_destroy($a_vlans[$id]['if']); + } $vlan = array(); $vlan['if'] = $_POST['if']; $vlan['tag'] = $_POST['tag']; diff --git a/usr/local/www/javascript/row_helper_dynamic.js b/usr/local/www/javascript/row_helper_dynamic.js index bef6120..30312ba 100755 --- a/usr/local/www/javascript/row_helper_dynamic.js +++ b/usr/local/www/javascript/row_helper_dynamic.js @@ -1,14 +1,20 @@ // Global Variables -var rowname = new Array(99); -var rowtype = new Array(99); -var newrow = new Array(99); -var rowsize = new Array(99); +var rowname = new Array(99); +var rowtype = new Array(99); +var newrow = new Array(99); +var rowsize = new Array(99); + +// Global variables. Set to javascript code +// that will be eval() after change, add & delete. +var rowhelper_onChange = ''; +var rowhelper_onAdd = ''; +var rowhelper_onDelete = ''; for (i = 0; i < 99; i++) { rowname[i] = ''; rowtype[i] = ''; - newrow[i] = ''; - rowsize[i] = '25'; + newrow[i] = ''; + rowsize[i] = '25'; } var field_counter_js = 0; @@ -30,17 +36,17 @@ var addRowTo = (function() { if(typeof(rowtype[i]) == 'function') { td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input>" + rowtype[i](rowname[i], objectSize, totalrows) + " "; } else if(rowtype[i] == 'textbox') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + objectSize + "' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input " + rowhelper_onChange + " size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'select') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'>" + newrow[i] + "</select> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select " + rowhelper_onChange + " name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'>" + newrow[i] + "</select> "; } else if(rowtype[i] == 'select_source') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'>" + newrow[i] + "</select> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select " + rowhelper_onChange + " name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'>" + newrow[i] + "</select> "; } else if(rowtype[i] == 'checkbox') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='checkbox'name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input " + rowhelper_onChange + " type='checkbox'name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'input') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input class='formfld unknown' size='" + objectSize + "' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input " + rowhelper_onChange + " class='formfld unknown' size='" + objectSize + "' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } else if(rowtype[i] == 'password') { - td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input class='formfld pwd' type='password' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; + td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input " + rowhelper_onChange + " class='formfld pwd' type='password' name='" + rowname[i] + totalrows + "' id='" + rowname[i] + totalrows + "'></input> "; } tr.appendChild(td); } @@ -49,6 +55,8 @@ var addRowTo = (function() { td.innerHTML = '<a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/' + theme + '/images/icons/icon_x.gif" /></a>'; tr.appendChild(td); tbody.appendChild(tr); + if(rowhelper_onAdd != '') + eval(rowhelper_onAdd); }); })(); @@ -61,6 +69,8 @@ function removeRow(el) { cel = el.getElementsByTagName("td").item(0); el.parentNode.removeChild(el); } + if(rowhelper_onDelete != '') + eval(rowhelper_onDelete); } function find_unique_field_name(field_name) { diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index 51b3bec..08e7fdc 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -56,6 +56,7 @@ if (isset($id) && $a_pool[$id]) { $pconfig['mode'] = $a_pool[$id]['mode']; $pconfig['descr'] = $a_pool[$id]['descr']; $pconfig['port'] = $a_pool[$id]['port']; + $pconfig['retry'] = $a_pool[$id]['retry']; $pconfig['servers'] = &$a_pool[$id]['servers']; $pconfig['serversdisabled'] = &$a_pool[$id]['serversdisabled']; $pconfig['monitor'] = $a_pool[$id]['monitor']; @@ -86,6 +87,11 @@ if ($_POST) { if (!is_port($_POST['port'])) $input_errors[] = gettext("The port must be an integer between 1 and 65535."); + + // May as well use is_port as we want a positive integer and such. + if (!empty($_POST['retry']) && !is_port($_POST['retry'])) + $input_errors[] = gettext("The retry value must be an integer between 1 and 65535."); + if (is_array($_POST['servers'])) { foreach($pconfig['servers'] as $svrent) { if (!is_ipaddr($svrent)) { @@ -118,6 +124,7 @@ if ($_POST) { update_if_changed("mode", $poolent['mode'], $_POST['mode']); update_if_changed("description", $poolent['descr'], $_POST['descr']); update_if_changed("port", $poolent['port'], $_POST['port']); + update_if_changed("retry", $poolent['retry'], $_POST['retry']); update_if_changed("servers", $poolent['servers'], $_POST['servers']); update_if_changed("serversdisabled", $poolent['serversdisabled'], $_POST['serversdisabled']); update_if_changed("monitor", $poolent['monitor'], $_POST['monitor']); @@ -199,6 +206,13 @@ function clearcombo(){ <div id="monitorport_desc"><?=gettext("This is the port your servers are listening on."); ?></div> </td> </tr> + <tr align="left"> + <td width="22%" valign="top" id="retry_text" class="vncell"><?=gettext("Retry"); ?></td> + <td width="78%" class="vtable" colspan="2"> + <input name="retry" type="text" <?if(isset($pconfig['retry'])) echo "value=\"{$pconfig['retry']}\"";?> size="16" maxlength="16"><br> + <div id="retry_desc"><?=gettext("Optionally specify how many times to retry checking a server before declaring it down."); ?></div> + </td> + </tr> <tr> <td> </td> </tr> diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 8b71837..5361b51 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -644,6 +644,7 @@ if ($pkg['tabs'] <> "") { $values = $value; else $values = explode(',', $value); + $ifaces["lo0"] = "loopback"; foreach($ifaces as $ifname => $iface) { $selected = (in_array($ifname, $values) ? 'selected' : ''); if(isset($pkga['advancedfield']) && $adv_enabled) diff --git a/usr/local/www/pkg_mgr.php b/usr/local/www/pkg_mgr.php index b82ed26..15097a6 100755 --- a/usr/local/www/pkg_mgr.php +++ b/usr/local/www/pkg_mgr.php @@ -44,6 +44,19 @@ require_once("globals.inc"); require_once("guiconfig.inc"); require_once("pkg-utils.inc"); +/* if upgrade in progress, alert user */ +if(is_subsystem_dirty('packagelock')) { + $pgtitle = array(gettext("System"),gettext("Package Manager")); + include("head.inc"); + echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">\n"; + include("fbegin.inc"); + echo "Please wait while packages are reinstalled in the background."; + include("fend.inc"); + echo "</body>"; + echo "</html>"; + exit; +} + $pkg_info = get_pkg_info('all', array("noembedded", "name", "category", "website", "version", "status", "descr", "maintainer", "required_version", "maximum_version", "pkginfolink", "supportedbybsdperimeter")); if($pkg_info) { $fout = fopen("{$g['tmp_path']}/pkg_info.cache", "w"); @@ -80,15 +93,11 @@ include("head.inc"); <tr> <td> <?php - $version = file_get_contents("/etc/version"); - $dash = strpos($version, "."); - $hyphen = strpos($version, "-"); - $major = substr($version, 0, $dash); - $minor = substr($version, $dash + 1, $hyphen - $dash - 1); - $testing_version = substr($version, $hyphen + 1, strlen($version) - $hyphen); + $version = rtrim(file_get_contents("/etc/version")); $tab_array = array(); - $tab_array[] = array($version . gettext("packages"), $requested_version <> "" ? false : true, "pkg_mgr.php"); + $tab_array[] = array(gettext("Available Packages"), $requested_version <> "" ? false : true, "pkg_mgr.php"); +// $tab_array[] = array($version . gettext("packages"), $requested_version <> "" ? false : true, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", $requested_version == "none" ? true : false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages with a different version", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); $tab_array[] = array(gettext("Installed Packages"), false, "pkg_mgr_installed.php"); @@ -112,9 +121,6 @@ include("head.inc"); if(!$pkg_info) { echo "<tr><td colspan=\"5\"><center>" . gettext("There are currently no packages available for installation.") . "</td></tr>"; } else { - $installed_pfsense_version = rtrim(file_get_contents("/etc/version")); - $dash = strpos($installed_pfsense_version, "-"); - $installed_pfsense_version = substr($installed_pfsense_version, 0, $dash); $pkgs = array(); $instpkgs = array(); if($config['installedpackages']['package'] != "") @@ -133,30 +139,28 @@ include("head.inc"); if($g['platform'] == "nanobsd") if($index['noembedded']) continue; - $dash = strpos($index['required_version'], "-"); - $index['major_version'] = substr($index['required_version'], 0, $dash); + /* If we are on not on HEAD, and the package wants it, skip */ if ($version <> "HEAD" && $index['required_version'] == "HEAD" && $requested_version <> "other") continue; + /* If there is no required version, and the requested package + version is not 'none', then skip */ if (empty($index['required_version']) && $requested_version <> "none") continue; - if($index['major_version'] > $major && - $requested_version <> "other") - continue; - if(isset($index['major_version']) && - $requested_version == "none") + /* If the requested version is not 'other', and the required version is newer than what we have, skip. */ + if($requested_version <> "other" && + (pfs_version_compare("", $version, $index['required_version']) < 0)) continue; - if($index['major_version'] == $major && - $requested_version == "other") + /* If the requestion version is 'other' and we are on the version requested, skip. */ + if($requested_version == "other" && + (pfs_version_compare("", $version, $index['required_version']) == 0)) continue; - /* Package is for a newer version, lets skip */ - if($installed_pfsense_version < $index['required_version']) + /* Package is only for an older version, lets skip */ + if($index['maximum_version'] && + (pfs_version_compare("", $version, $index['maximum_version']) > 0)) continue; - if($index['maximum_version']) - if($installed_pfsense_version > $index['maximum_version']) - continue; ?> <tr valign="top"> <td class="listlr"> diff --git a/usr/local/www/pkg_mgr_install.php b/usr/local/www/pkg_mgr_install.php index 7139a0d..8659b8e 100755 --- a/usr/local/www/pkg_mgr_install.php +++ b/usr/local/www/pkg_mgr_install.php @@ -67,9 +67,9 @@ include("head.inc"); <tr> <td> <?php - $version = file_get_contents("/etc/version"); +// $version = file_get_contents("/etc/version"); $tab_array = array(); - $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); + $tab_array[] = array(gettext("Available packages"), false, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages for a different platform", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); $tab_array[] = array(gettext("Installed packages"), false, "pkg_mgr_installed.php"); @@ -98,9 +98,9 @@ include("head.inc"); </table> <br> <!-- status box --> - <textarea cols="60" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning package installation.");?></textarea> + <textarea cols="80" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning package installation.");?></textarea> <!-- command output box --> - <textarea cols="60" rows="25" name="output" id="output" wrap="hard"></textarea> + <textarea cols="80" rows="35" name="output" id="output" wrap="hard"></textarea> </center> </td> </tr> @@ -153,6 +153,8 @@ switch($_GET['mode']) { update_output_window($static_output); filter_configure(); } + file_put_contents("/tmp/{$_GET['pkg']}.info", $static_output); + echo "<script type='text/javascript'>document.location=\"pkg_mgr_install.php?mode=installedinfo&pkg={$_GET['pkg']}\";</script>"; break; case "installedinfo": if(file_exists("/tmp/{$_GET['pkg']}.info")) { @@ -164,8 +166,6 @@ switch($_GET['mode']) { update_output_window(sprintf(gettext("Could not find %s."), $_GET['pkg'])); break; case "reinstallall": - if ($config['installedpackages']['package']) - exec("rm -rf /var/db/pkg/*"); if (is_array($config['installedpackages']['package'])) foreach($config['installedpackages']['package'] as $package) $todo[] = array('name' => $package['name'], 'version' => $package['version']); @@ -191,8 +191,6 @@ switch($_GET['mode']) { $static_output .= "\n" . gettext("Installation halted."); update_output_window($static_output); } else { - $filename = escapeshellcmd("/tmp/" . $_GET['id'] . ".info"); - $fd = fopen($filename, "w"); $status_a = gettext("Installation of") . " " . htmlspecialchars($_GET['id']) . " " . gettext("completed."); update_status($status_a); $status = get_after_install_info($_GET['id']); @@ -200,9 +198,8 @@ switch($_GET['mode']) { $static_output .= "\n" . gettext("Installation completed.") . "\n{$_GET['id']} " . gettext("setup instructions") . ":\n{$status}"; else $static_output .= "\n" . gettext("Installation completed. Please check to make sure that the package is configured from the respective menu then start the package."); - fwrite($fd, $status_a . "\n". $static_output); - fclose($fd); - echo "<script type='text/javascript'>document.location=\"pkg_mgr_install.php?mode=installedinfo&pkg={$_GET['id']}\";</script>"; + file_put_contents("/tmp/{$_GET['id']}.info", $static_output); + echo "<script type='text/javascript'>document.location=\"pkg_mgr_install.php?mode=installedinfo&pkg={$_GET['id']}\";</script>"; } filter_configure(); break; diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php index 2708c78..02fb8d3 100755 --- a/usr/local/www/pkg_mgr_installed.php +++ b/usr/local/www/pkg_mgr_installed.php @@ -40,6 +40,19 @@ require_once("guiconfig.inc"); require_once("pkg-utils.inc"); +/* if upgrade in progress, alert user */ +if(is_subsystem_dirty('packagelock')) { + $pgtitle = array(gettext("System"),gettext("Package Manager")); + include("head.inc"); + echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">\n"; + include("fbegin.inc"); + echo "Please wait while packages are reinstalled in the background."; + include("fend.inc"); + echo "</body>"; + echo "</html>"; + exit; +} + if(is_array($config['installedpackages']['package'])) { foreach($config['installedpackages']['package'] as $instpkg) { $tocheck[] = $instpkg['name']; @@ -60,10 +73,11 @@ include("head.inc"); <?php $version = file_get_contents("/etc/version"); $tab_array = array(); - $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); + $tab_array[] = array(gettext("Available Packages"), false, "pkg_mgr.php"); +// $tab_array[] = array("{$version} " . gettext("packages"), false, "pkg_mgr.php"); // $tab_array[] = array("Packages for any platform", false, "pkg_mgr.php?ver=none"); // $tab_array[] = array("Packages for a different platform", $requested_version == "other" ? true : false, "pkg_mgr.php?ver=other"); - $tab_array[] = array(gettext("Installed packages"), true, "pkg_mgr_installed.php"); + $tab_array[] = array(gettext("Installed Packages"), true, "pkg_mgr_installed.php"); display_top_tabs($tab_array); ?> </td> @@ -86,7 +100,7 @@ include("head.inc"); foreach($config['installedpackages']['package'] as $instpkg) { $instpkgs[] = $instpkg['name']; } - asort($instpkgs); + natcasesort($instpkgs); foreach ($instpkgs as $index => $pkgname): diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 13ac985..8d12c7c 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -82,7 +82,7 @@ $pconfig['radmac_secret'] = $config['captiveportal']['radmac_secret']; $pconfig['reauthenticate'] = isset($config['captiveportal']['reauthenticate']); $pconfig['reauthenticateacct'] = $config['captiveportal']['reauthenticateacct']; $pconfig['httpslogin_enable'] = isset($config['captiveportal']['httpslogin']); -$pconfig['httpsname'] = strtolower($config['captiveportal']['httpsname']); +$pconfig['preauthurl'] = strtolower($config['captiveportal']['preauthurl']); $pconfig['cert'] = base64_decode($config['captiveportal']['certificate']); $pconfig['cacert'] = base64_decode($config['captiveportal']['cacertificate']); $pconfig['key'] = base64_decode($config['captiveportal']['private-key']); @@ -198,6 +198,7 @@ if ($_POST) { $config['captiveportal']['reauthenticateacct'] = $_POST['reauthenticateacct']; $config['captiveportal']['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; $config['captiveportal']['httpsname'] = $_POST['httpsname']; + $config['captiveportal']['preauthurl'] = $_POST['preauthurl']; $config['captiveportal']['peruserbw'] = $_POST['peruserbw'] ? true : false; $config['captiveportal']['bwdefaultdn'] = $_POST['bwdefaultdn']; $config['captiveportal']['bwdefaultup'] = $_POST['bwdefaultup']; @@ -239,6 +240,8 @@ if ($_POST) { if (is_array($_POST['cinterface'])) $pconfig['cinterface'] = implode(",", $_POST['cinterface']); + + filter_configure(); } } include("head.inc"); @@ -312,9 +315,10 @@ function enable_change(enable_change) { $tab_array[] = array(gettext("Captive portal"), true, "services_captiveportal.php"); $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); - display_top_tabs($tab_array); + display_top_tabs($tab_array, true); ?> </td></tr> <tr> <td class="tabcont"> @@ -395,7 +399,14 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <?=gettext("If enabled, a popup window will appear when clients are allowed through the captive portal. This allows clients to explicitly disconnect themselves before the idle or hard timeout occurs."); ?></td> </tr> <tr> - <td valign="top" class="vncell"><?=gettext("Redirection URL"); ?></td> + <td valign="top" class="vncell"><?=gettext("Pre-authentication redirect URL"); ?> </td> + <td class="vtable"> + <input name="preauthurl" type="text" class="formfld url" id="preauthurl" size="60" value="<?=htmlspecialchars($pconfig['preauthurl']);?>"><br> + <?php printf(gettext("Use this field to set \$PORTAL_REDIRURL\$ variable which can be accessed using your custom captive portal index.php page or error pages."));?> + </td> + </tr> + <tr> + <td valign="top" class="vncell"><?=gettext("After authentication Redirection URL"); ?></td> <td class="vtable"> <input name="redirurl" type="text" class="formfld url" id="redirurl" size="60" value="<?=htmlspecialchars($pconfig['redirurl']);?>"> <br> diff --git a/usr/local/www/services_captiveportal_filemanager.php b/usr/local/www/services_captiveportal_filemanager.php index bba925f..7bc61ec 100755 --- a/usr/local/www/services_captiveportal_filemanager.php +++ b/usr/local/www/services_captiveportal_filemanager.php @@ -139,9 +139,10 @@ include("head.inc"); $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); $tab_array[] = array(gettext("File Manager"), true, "services_captiveportal_filemanager.php"); - display_top_tabs($tab_array); + display_top_tabs($tab_array, true); ?> </td></tr> <tr> <td class="tabcont"> diff --git a/usr/local/www/services_captiveportal_hostname.php b/usr/local/www/services_captiveportal_hostname.php new file mode 100755 index 0000000..3668a35 --- /dev/null +++ b/usr/local/www/services_captiveportal_hostname.php @@ -0,0 +1,188 @@ +<?php +/* + services_captiveportal_hostname.php + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + All rights reserved. + + Originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_BUILDER_BINARIES: /sbin/ipfw + pfSense_MODULE: captiveportal +*/ + +##|+PRIV +##|*IDENT=page-services-captiveportal-allowedhostnames +##|*NAME=Services: Captive portal: Allowed IPs page +##|*DESCR=Allow access to the 'Services: Captive portal: Allowed IPs' page. +##|*MATCH=services_captiveportal_ip.php* +##|-PRIV + +$statusurl = "status_captiveportal.php"; +$logurl = "diag_logs_auth.php"; + +require("guiconfig.inc"); +require("functions.inc"); +require("filter.inc"); +require("shaper.inc"); +require("captiveportal.inc"); + +$pgtitle = array(gettext("Services"),gettext("Captive portal")); + +if (!is_array($config['captiveportal']['allowedhostname'])) + $config['captiveportal']['allowedhostname'] = array(); + +$a_allowedhostnames = &$config['captiveportal']['allowedhostname'] ; + +if ($_GET['act'] == "del") { + if ($a_allowedhostnames[$_GET['id']]) { + $ipent = $a_allowedhostnames[$_GET['id']]; + + if (isset($config['captiveportal']['enable'])) { + if (!empty($ipent['sn'])) + $ipent['ip'] .= "/{$ipent['sn']}"; + $ip = gethostbyname($ipent['ip']); + if(is_ipaddr($ip)) { + mwexec("/sbin/ipfw table 3 delete {$ip}"); + mwexec("/sbin/ipfw table 4 delete {$ip}"); + mwexec("/sbin/ipfw table 5 delete {$ip}"); + mwexec("/sbin/ipfw table 6 delete {$ip}"); + mwexec("/sbin/ipfw table 7 delete {$ip}"); + mwexec("/sbin/ipfw table 8 delete {$ip}"); + mwexec("/sbin/ipfw table 9 delete {$ip}"); + mwexec("/sbin/ipfw table 10 delete {$ip}"); + } + } + + unset($a_allowedhostnames[$_GET['id']]); + write_config(); + header("Location: services_captiveportal_hostname.php"); + exit; + } +} + + +include("head.inc"); +?> +<?php include("fbegin.inc"); ?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<form action="services_captiveportal_hostname.php" method="post"> +<?php if ($savemsg) print_info_box($savemsg); ?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr><td class="tabnavtbl"> +<?php + $tab_array = array(); + $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); + $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); + $tab_array[] = array(gettext("Allowed IP Addresses"), false, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), true, "services_captiveportal_hostname.php"); + $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); + $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); + display_top_tabs($tab_array, true); +?> + </td></tr> + <tr> + <td class="tabcont"> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="30%" class="listhdrr"><?=gettext("Hostname"); ?></td> + <td width="60%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="10%" class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td width="17" heigth="17"></td> + <td><a href="services_captiveportal_hostname_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + <?php $i = 0; foreach ($a_allowedhostnames as $ip): ?> + <tr ondblclick="document.location='services_captiveportal_hostname_edit.php?id=<?=$i;?>'"> + <td class="listlr"> + <?php + if($ip['dir'] == "to") { + echo "any <img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> "; + } + if($ip['dir'] == "both") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_pass.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> "; + } + echo strtolower($ip['hostname']); + if($ip['dir'] == "from") { + echo "<img src=\"/themes/{$g['theme']}/images/icons/icon_in.gif\" width=\"11\" height=\"11\" align=\"absmiddle\"> any"; + } + + ?> + </td> + <td class="listbg"> + <?=htmlspecialchars($ip['descr']);?> + </td> + <td valign="middle" nowrap class="list"> <a href="services_captiveportal_hostname_edit.php?id=<?=$i;?>"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit address"); ?>" width="17" height="17" border="0"></a> + <a href="services_captiveportal_hostname.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this address?"); ?>')"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_x.gif" title="<?=gettext("delete address"); ?>" width="17" height="17" border="0"></a></td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="2"> </td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td width="17" heigth="17"></td> + <td><a href="services_captiveportal_hostname_edit.php"><img src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add address"); ?>" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + <tr> + <td colspan="2" class="list"><p class="vexpl"><span class="red"><strong> + <?=gettext("Note:"); ?><br> + </strong></span> + <?=gettext("Adding allowed Hostnames will allow a DNS hostname access to/from access through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying <em>from</em> addresses, it may be used to always allow pass-through access from a client behind the captive portal."); ?></p> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td><span class="vexpl"><?=gettext("any"); ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="absmiddle"> x.x.x.x </span></td> + <td><span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("to"); ?></strong> <?=gettext("the Hostname are allowed"); ?></span></td> + </tr> + <tr> + <td colspan="5" height="4"></td> + </tr> + <tr> + <td>x.x.x.x <span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_in.gif" width="11" height="11" align="absmiddle"></span> <?=gettext("any"); ?> </td> + <td><span class="vexpl"><?=gettext("All connections"); ?> <strong><?=gettext("from"); ?></strong> <?=gettext("the Hostname are allowed"); ?> </span></td> + </tr> + <tr> + <td><span class="vexpl"><img src="/themes/<?=$g['theme'];?>/images/icons/icon_pass.gif" width="11" height="11" align="right"></span> </td> + <td><span class="vexpl"> All connections <strong>to</strong> and <strong>from</strong> the Hostname are allowed </span></td> + </tr> + </table></td> + <td class="list"> </td> + </tr> + </table> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/services_captiveportal_hostname_edit.php b/usr/local/www/services_captiveportal_hostname_edit.php new file mode 100755 index 0000000..b6e580a --- /dev/null +++ b/usr/local/www/services_captiveportal_hostname_edit.php @@ -0,0 +1,217 @@ +<?php +/* + services_captiveportal_hostname_edit.php + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + All rights reserved. + + Originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* + pfSense_BUILDER_BINARIES: /sbin/ipfw + pfSense_MODULE: captiveportal +*/ + +##|+PRIV +##|*IDENT=page-services-captiveportal-editallowedhostnames +##|*NAME=Services: Captive portal: Edit Allowed IPs page +##|*DESCR=Allow access to the 'Services: Captive portal: Edit Allowed IPs' page. +##|*MATCH=services_captiveportal_hostname_edit.php* +##|-PRIV + +function allowedhostnamescmp($a, $b) { + return strcmp($a['hostname'], $b['hostname']); +} + +function allowedhostnames_sort() { + global $g, $config; + usort($config['captiveportal']['allowedhostname'],"allowedhostname"); +} + +$statusurl = "status_captiveportal.php"; +$logurl = "diag_logs_auth.php"; + +require("guiconfig.inc"); +require("functions.inc"); +require("filter.inc"); +require("shaper.inc"); +require("captiveportal.inc"); + +$pgtitle = array(gettext("Services"),gettext("Captive portal"),gettext("Edit allowed Hostname")); + +if (!is_array($config['captiveportal']['allowedhostname'])) + $config['captiveportal']['allowedhostname'] = array(); + +$a_allowedhostnames = &$config['captiveportal']['allowedhostname']; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (isset($id) && $a_allowedhostnames[$id]) { + $pconfig['hostname'] = $a_allowedhostnames[$id]['hostname']; + $pconfig['sn'] = $a_allowedhostnames[$id]['sn']; + $pconfig['dir'] = $a_allowedhostnames[$id]['dir']; + $pconfig['bw_up'] = $a_allowedhostnames[$id]['bw_up']; + $pconfig['bw_down'] = $a_allowedhostnames[$id]['bw_down']; + $pconfig['descr'] = $a_allowedhostnames[$id]['descr']; +} + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "hostname"); + $reqdfieldsn = array(gettext("Allowed Hostname")); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (($_POST['hostname'] && !is_hostname($_POST['hostname']))) + $input_errors[] = sprintf(gettext("A valid Hostname must be specified. [%s]"), $_POST['hostname']); + + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) + $input_errors[] = gettext("Upload speed needs to be an integer"); + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + $input_errors[] = gettext("Download speed needs to be an integer"); + + foreach ($a_allowedhostnames as $ipent) { + if (isset($id) && ($a_allowedhostnames[$id]) && ($a_allowedhostnames[$id] === $ipent)) + continue; + + if ($ipent['hostname'] == $_POST['hostname']){ + $input_errors[] = sprintf("[%s] %s.", $_POST['hostname'], gettext("already allowed")) ; + break ; + } + } + + if (!$input_errors) { + $ip = array(); + $ip['hostname'] = $_POST['hostname']; + $ip['sn'] = $_POST['sn']; + $ip['dir'] = $_POST['dir']; + $ip['descr'] = $_POST['descr']; + if ($_POST['bw_up']) + $ip['bw_up'] = $_POST['bw_up']; + if ($_POST['bw_down']) + $ip['bw_down'] = $_POST['bw_down']; + if (isset($id) && $a_allowedhostnames[$id]) { + $oldip = $a_allowedhostnames[$id]['hostname']; + if (!empty($a_allowedhostnames[$id]['sn'])) + $oldip .= "/{$a_allowedhostnames[$id]['sn']}"; + $a_allowedhostnames[$id] = $ip; + } else { + $oldip = $ip['hostname']; + if (!empty($$ip['sn'])) + $oldip .= "/{$$ip['sn']}"; + $a_allowedhostnames[] = $ip; + } + allowedhostnames_sort(); + + write_config(); + + if (isset($config['captiveportal']['enable']) && is_module_loaded("ipfw.ko")) { + $rules = ""; + $hostname = gethostbyname($oldip); + if($hostname) + for ($i = 3; $i < 10; $i++) + $rules .= "table {$i} delete {$hostname}\n"; + $hostname = gethostbyname($ip); + if(is_ipaddr($hostname)) + $rules .= captiveportal_allowedip_configure_entry($hostname); + file_put_contents("{$g['tmp_path']}/allowedhostname_tmp{$id}", $rules); + mwexec("/sbin/ipfw -q {$g['tmp_path']}/allowedhostname_tmp{$id}"); + @unlink("{$g['tmp_path']}/allowedhostname_tmp{$id}"); + } + + header("Location: services_captiveportal_hostname.php"); + exit; + } +} + +include("head.inc"); + +?> +<?php include("fbegin.inc"); ?> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php if ($input_errors) print_input_errors($input_errors); ?> + <form action="services_captiveportal_hostname_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Direction"); ?></td> + <td width="78%" class="vtable"> + <select name="dir" class="formfld"> + <?php + $dirs = array(gettext("Both"),gettext("From"),gettext("To")) ; + foreach ($dirs as $dir): ?> + <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected";?> > + <?=htmlspecialchars($dir);?> + </option> + <?php endforeach; ?> + </select> + <br> + <span class="vexpl"><?=gettext("Use"); ?> <em><?=gettext("From"); ?></em> <?=gettext("to always allow an Hostname through the captive portal (without authentication)"); ?>. + <?=gettext("Use"); ?> <em><?=gettext("To"); ?></em> <?=gettext("to allow access from all clients (even non-authenticated ones) behind the portal to this Hostname"); ?>.</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Hostname"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="hostname" type="text" class="formfld unknown" id="hostname" size="17" value="<?=htmlspecialchars($pconfig['hostname']);?>"> + <br> + <span class="vexpl"><?=gettext("Hostname");?>.</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth up"); ?></td> + <td width="78%" class="vtable"> + <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this Hostname in Kbit/s"); ?></span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> + <td width="78%" class="vtable"> + <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this Hostname in Kbit/s"); ?></span></td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <?php if (isset($id) && $a_allowedhostnames[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <?php endif; ?> + </td> + </tr> + </table> +</form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index 25615e6..d636f8a 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -93,9 +93,10 @@ include("head.inc"); $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); $tab_array[] = array(gettext("Allowed IP addresses"), true, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); - display_top_tabs($tab_array); + display_top_tabs($tab_array, true); ?> </td></tr> <tr> diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index d6119ce..fd87c5b 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -1,8 +1,10 @@ <?php /* services_captiveportal_ip_edit.php - part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2011 Scott Ullrich <sullrich@gmail.com> + All rights reserved. + + Originally part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2004 Dinesh Nair <dinesh@alphaque.com> All rights reserved. @@ -29,7 +31,7 @@ */ /* pfSense_BUILDER_BINARIES: /sbin/ipfw - pfSense_MODULE: captiveportal + pfSense_MODULE: captiveportal */ ##|+PRIV @@ -44,9 +46,9 @@ function allowedipscmp($a, $b) { } function allowedips_sort() { - global $g, $config; + global $g, $config; - usort($config['captiveportal']['allowedip'],"allowedipscmp"); + usort($config['captiveportal']['allowedip'],"allowedipscmp"); } $statusurl = "status_captiveportal.php"; @@ -89,13 +91,14 @@ if ($_POST) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) { + if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) $input_errors[] = sprintf(gettext("A valid IP address must be specified. [%s]"), $_POST['ip']); - } + if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) - $input_errors[] = gettext("Upload speed needs to be an integer"); - if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) - $input_errors[] = gettext("Download speed needs to be an integer"); + $input_errors[] = gettext("Upload speed needs to be an integer"); + + if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) + $input_errors[] = gettext("Download speed needs to be an integer"); foreach ($a_allowedips as $ipent) { if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent)) @@ -114,9 +117,9 @@ if ($_POST) { $ip['dir'] = $_POST['dir']; $ip['descr'] = $_POST['descr']; if ($_POST['bw_up']) - $ip['bw_up'] = $_POST['bw_up']; - if ($_POST['bw_down']) - $ip['bw_down'] = $_POST['bw_down']; + $ip['bw_up'] = $_POST['bw_up']; + if ($_POST['bw_down']) + $ip['bw_down'] = $_POST['bw_down']; if (isset($id) && $a_allowedips[$id]) { $oldip = $a_allowedips[$id]['ip']; if (!empty($a_allowedips[$id]['sn'])) @@ -124,8 +127,8 @@ if ($_POST) { $a_allowedips[$id] = $ip; } else { $oldip = $ip['ip']; - if (!empty($$ip['sn'])) - $oldip .= "/{$$ip['sn']}"; + if (!empty($ip['sn'])) + $oldip .= "/{$ip['sn']}"; $a_allowedips[] = $ip; } allowedips_sort(); @@ -153,65 +156,69 @@ include("head.inc"); <?php include("fbegin.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <form action="services_captiveportal_ip_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Direction"); ?></td> - <td width="78%" class="vtable"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Direction"); ?></td> + <td width="78%" class="vtable"> <select name="dir" class="formfld"> <?php $dirs = array(gettext("Both"),gettext("From"),gettext("To")) ; - foreach ($dirs as $dir): ?> + foreach ($dirs as $dir): + ?> <option value="<?=strtolower($dir);?>" <?php if (strtolower($dir) == strtolower($pconfig['dir'])) echo "selected";?> > <?=htmlspecialchars($dir);?> </option> <?php endforeach; ?> </select> - <br> - <span class="vexpl"><?=gettext("Use"); ?> <em><?=gettext("From"); ?></em> <?=gettext("to always allow an IP address through the captive portal (without authentication)"); ?>. - <?=gettext("Use"); ?> <em><?=gettext("To"); ?></em> <?=gettext("to allow access from all clients (even non-authenticated ones) behind the portal to this IP address"); ?>.</span></td> - </tr> + <br> + <span class="vexpl"><?=gettext("Use"); ?> <em><?=gettext("From"); ?></em> <?=gettext("to always allow an IP address through the captive portal (without authentication)"); ?>. + <?=gettext("Use"); ?> <em><?=gettext("To"); ?></em> <?=gettext("to allow access from all clients (even non-authenticated ones) behind the portal to this IP address"); ?>.</span></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("IP address"); ?></td> + <td width="78%" class="vtable"> + <?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>"> + /<select name='sn' class="formselect" id='sn'> + <?php for ($i = 32; $i >= 1; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['sn']) echo "selected"; ?>><?=$i;?></option> + <?php endfor; ?> + </select> + <br> + <span class="vexpl"><?=gettext("IP address and subnet mask. Use /32 for a single IP");?>.</span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> + <br> <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed)"); ?>.</span> + </td> + </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("IP address"); ?></td> - <td width="78%" class="vtable"> - <?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="17" value="<?=htmlspecialchars($pconfig['ip']);?>"> - /<select name='sn' class="formselect" id='sn'> - <?php for ($i = 32; $i >= 1; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['sn']) echo "selected"; ?>><?=$i;?></option> - <?php endfor; ?> - </select> - <br> - <span class="vexpl"><?=gettext("IP address and subnet mask. Use /32 for a single IP");?>.</span></td> - </tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth up"); ?></td> + <td width="78%" class="vtable"> + <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this IP address in Kbit/s"); ?></span> + </td> + </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>"> - <br> <span class="vexpl"><?=gettext("You may enter a description here " . - "for your reference (not parsed)"); ?>.</span></td> - </tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> + <td width="78%" class="vtable"> + <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>"> + <br> <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this IP address in Kbit/s"); ?></span> + </td> + </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth up"); ?></td> - <td width="78%" class="vtable"> - <input name="bw_up" type="text" class="formfld unknown" id="bw_up" size="10" value="<?=htmlspecialchars($pconfig['bw_up']);?>"> - <br> <span class="vexpl"><?=gettext("Enter a upload limit to be enforced on this IP address in Kbit/s"); ?></span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Bandwidth down"); ?></td> - <td width="78%" class="vtable"> - <input name="bw_down" type="text" class="formfld unknown" id="bw_down" size="10" value="<?=htmlspecialchars($pconfig['bw_down']);?>"> - <br> <span class="vexpl"><?=gettext("Enter a download limit to be enforced on this IP address in Kbit/s"); ?></span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> - <?php if (isset($id) && $a_allowedips[$id]): ?> - <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> - <?php endif; ?> - </td> - </tr> - </table> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>"> + <?php if (isset($id) && $a_allowedips[$id]): ?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>"> + <?php endif; ?> + </td> + </tr> + </table> </form> <?php include("fend.inc"); ?> </body> diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index bbcd217..25c250c 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -134,9 +134,10 @@ include("head.inc"); $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); $tab_array[] = array(gettext("Pass-through MAC"), true, "services_captiveportal_mac.php"); $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); $tab_array[] = array(gettext("Vouchers"), false, "services_captiveportal_vouchers.php"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); - display_top_tabs($tab_array); + display_top_tabs($tab_array, true); ?> </td></tr> <tr> diff --git a/usr/local/www/services_captiveportal_vouchers.php b/usr/local/www/services_captiveportal_vouchers.php index c79b84d..2ad0217 100644 --- a/usr/local/www/services_captiveportal_vouchers.php +++ b/usr/local/www/services_captiveportal_vouchers.php @@ -77,7 +77,7 @@ if (!isset($config['voucher']['rollbits'])) if (!isset($config['voucher']['ticketbits'])) $config['voucher']['ticketbits'] = 10; if (!isset($config['voucher']['saveinterval'])) - $config['voucher']['saveinterval'] = 300; + $config['voucher']['saveinterval'] = 5; if (!isset($config['voucher']['checksumbits'])) $config['voucher']['checksumbits'] = 5; if (!isset($config['voucher']['magic'])) @@ -377,9 +377,10 @@ function enable_change(enable_change) { $tab_array[] = array(gettext("Captive portal"), false, "services_captiveportal.php"); $tab_array[] = array(gettext("Pass-through MAC"), false, "services_captiveportal_mac.php"); $tab_array[] = array(gettext("Allowed IP addresses"), false, "services_captiveportal_ip.php"); + $tab_array[] = array(gettext("Allowed Hostnames"), false, "services_captiveportal_hostname.php"); $tab_array[] = array(gettext("Vouchers"), true, "services_captiveportal_vouchers.php"); $tab_array[] = array(gettext("File Manager"), false, "services_captiveportal_filemanager.php"); - display_top_tabs($tab_array); + display_top_tabs($tab_array, true); ?> </ul> </td> diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index 3f922d4..d02fef6 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -47,11 +47,6 @@ if(!$g['services_dhcp_server_enable']) { exit; } -/* Fix failover DHCP problem - * http://article.gmane.org/gmane.comp.security.firewalls.pfsense.support/18749 - */ -ini_set("memory_limit","64M"); - /* This function will remove entries from dhcpd.leases that would otherwise * overlap with static DHCP reservations. If we don't clean these out, * then DHCP will print a warning in the logs about a duplicate lease @@ -824,7 +819,7 @@ include("head.inc"); ?> <tr> <td> - <input autocomplete="off" name="number<?php echo $counter; ?>" type="text" class="formfld" id="number<?php echo $counter; ?>" size="10" value="<?=htmlspecialchars($number);?>" /> + <input autocomplete="off" name="number<?php echo $counter; ?>" type="text" class="formfld unknown" id="number<?php echo $counter; ?>" size="10" value="<?=htmlspecialchars($number);?>" /> </td> <td> <select name="itemtype<?php echo $counter; ?>" class="formselect" id="itemtype<?php echo $counter; ?>"> @@ -838,7 +833,7 @@ include("head.inc"); </select> </td> <td> - <input autocomplete="off" name="value<?php echo $counter; ?>" type="text" class="formfld" id="value<?php echo $counter; ?>" size="40" value="<?=htmlspecialchars($value);?>" /> + <input autocomplete="off" name="value<?php echo $counter; ?>" type="text" class="formfld unknown" id="value<?php echo $counter; ?>" size="40" value="<?=htmlspecialchars($value);?>" /> </td> <td> <a onclick="removeRow(this); return false;" href="#"><img border="0" src="/themes/<?echo $g['theme'];?>/images/icons/icon_x.gif" /></a> diff --git a/usr/local/www/services_dnsmasq_domainoverride_edit.php b/usr/local/www/services_dnsmasq_domainoverride_edit.php index 948ecb0..ae1a0d5 100755 --- a/usr/local/www/services_dnsmasq_domainoverride_edit.php +++ b/usr/local/www/services_dnsmasq_domainoverride_edit.php @@ -69,8 +69,8 @@ if ($_POST) { if (($_POST['domain'] && !is_domain($_POST['domain']))) { $input_errors[] = gettext("A valid domain must be specified."); } - if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) { - $input_errors[] = gettext("A valid IP address must be specified."); + if ($_POST['ip'] && !is_ipaddr($_POST['ip']) && ($_POST['ip'] != '#')) { + $input_errors[] = gettext("A valid IP address must be specified, or # for an exclusion."); } if (!$input_errors) { @@ -115,7 +115,7 @@ include("head.inc"); <td width="78%" class="vtable"> <?=$mandfldhtml;?><input name="ip" type="text" class="formfld unknown" id="ip" size="40" value="<?=htmlspecialchars($pconfig['ip']);?>"> <br> <span class="vexpl"><?=gettext("IP address of the authoritative DNS server for this domain"); ?><br> - <?=gettext("e.g."); ?> <em>192.168.100.100</em></span></td> + <?=gettext("e.g."); ?> <em>192.168.100.100</em><br/><?=gettext("Or enter # for an exclusion to pass through this host/subdomain to standard nameservers instead of a previous override."); ?></span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> diff --git a/usr/local/www/services_igmpproxy_edit.php b/usr/local/www/services_igmpproxy_edit.php index 63cb10e..8d02173 100755 --- a/usr/local/www/services_igmpproxy_edit.php +++ b/usr/local/www/services_igmpproxy_edit.php @@ -98,7 +98,7 @@ if ($_POST) { if (!$input_errors) { $igmpentry['address'] = $address; - $igmpentry['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $igmpentry['descr'] = $_POST['descr']; if (isset($id) && $a_igmpproxy[$id]) $a_igmpproxy[$id] = $igmpentry; @@ -114,7 +114,7 @@ if ($_POST) { //we received input errors, copy data to prevent retype else { - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); + $pconfig['descr'] = $_POST['descr']; $pconfig['address'] = $address; $pconfig['type'] = $_POST['type']; } diff --git a/usr/local/www/services_snmp.php b/usr/local/www/services_snmp.php index 0b61bbf..432db3d 100755 --- a/usr/local/www/services_snmp.php +++ b/usr/local/www/services_snmp.php @@ -162,6 +162,12 @@ include("head.inc"); ?> <script language="JavaScript"> <!-- +function check_deps() { + if ($('hostres').checked == true) { + $('mibii').checked = true; + } +} + function enable_change(whichone) { if( whichone.name == "trapenable" ) @@ -369,13 +375,13 @@ function enable_change(whichone) { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("SNMP Modules");?></td> <td width="78%" class="vtable"> - <input name="mibii" type="checkbox" id="mibii" value="yes" <?php if ($pconfig['mibii']) echo "checked"; ?> ><?=gettext("MibII"); ?> + <input name="mibii" type="checkbox" id="mibii" value="yes" onClick="check_deps()" <?php if ($pconfig['mibii']) echo "checked"; ?> ><?=gettext("MibII"); ?> <br /> <input name="netgraph" type="checkbox" id="netgraph" value="yes" <?php if ($pconfig['netgraph']) echo "checked"; ?> ><?=gettext("Netgraph"); ?> <br /> <input name="pf" type="checkbox" id="pf" value="yes" <?php if ($pconfig['pf']) echo "checked"; ?> ><?=gettext("PF"); ?> <br /> - <input name="hostres" type="checkbox" id="hostres" value="yes" <?php if ($pconfig['hostres']) echo "checked"; ?> ><?=gettext("Host Resources");?> + <input name="hostres" type="checkbox" id="hostres" value="yes" onClick="check_deps()" <?php if ($pconfig['hostres']) echo "checked"; ?> ><?=gettext("Host Resources (Requires MibII)");?> </td> </tr> <?php if(!$config['interfaces']['lan']): ?> diff --git a/usr/local/www/services_wol.php b/usr/local/www/services_wol.php index 128fc3f..e3c5b7d 100755 --- a/usr/local/www/services_wol.php +++ b/usr/local/www/services_wol.php @@ -171,11 +171,7 @@ include("head.inc"); <?php $i = 0; foreach ($a_wol as $wolent): ?> <tr> <td class="listlr" ondblclick="document.location='services_wol_edit.php?id=<?=$i;?>';"> - <?php if ($wolent['interface'] == "lan") - echo "LAN"; - else - echo $config['interfaces'][$wolent['interface']]['descr']; - ?> + <?=convert_friendly_interface_to_friendly_descr($wolent['interface']);?> </td> <td class="listr" ondblclick="document.location='services_wol_edit.php?id=<?=$i;?>';"> <a href="?mac=<?=$wolent['mac'];?>&if=<?=$wolent['interface'];?>"><?=strtolower($wolent['mac']);?></a> diff --git a/usr/local/www/status_captiveportal.php b/usr/local/www/status_captiveportal.php index 3625e40..9560041 100755 --- a/usr/local/www/status_captiveportal.php +++ b/usr/local/www/status_captiveportal.php @@ -71,7 +71,7 @@ function clientcmp($a, $b) { $cpdb = array(); if (file_exists("{$g['vardb_path']}/captiveportal.db")) { - $captiveportallck = lock('captiveportal'); + $captiveportallck = lock('captiveportaldb'); $cpcontents = file("/var/db/captiveportal.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); unlock($captiveportallck); } else diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php index 896b1af..ed474de 100755 --- a/usr/local/www/status_dhcp_leases.php +++ b/usr/local/www/status_dhcp_leases.php @@ -354,7 +354,7 @@ foreach ($leases as $data) { echo "<tr>\n"; echo "<td class=\"listlr\">{$fspans}{$data['ip']}{$fspane} </td>\n"; if ($data['online'] != "online") { - echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" . gettext("send Wake on LAN packet to this MAC address") ."\">{$data['mac']}</a>{$fspane} </td>\n"; + echo "<td class=\"listr\">{$fspans}<a href=\"services_wol.php?if={$data['if']}&mac={$data['mac']}\" title=\"" . gettext("send Wake on LAN packet to this MAC address") ."\" onclick=\"return confirm('" . gettext("Send Wake on LAN packet to this MAC address?") . "')\">{$data['mac']}</a>{$fspane} </td>\n"; } else { echo "<td class=\"listr\">{$fspans}{$data['mac']}{$fspane} </td>\n"; } diff --git a/usr/local/www/status_lb_pool.php b/usr/local/www/status_lb_pool.php index 16f474b..b7d79ce 100755 --- a/usr/local/www/status_lb_pool.php +++ b/usr/local/www/status_lb_pool.php @@ -43,6 +43,7 @@ require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); +require_once("vslb.inc"); if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); @@ -61,21 +62,7 @@ $year = date("Y"); $pgtitle = array(gettext("Status"),gettext("Load Balancer"),gettext("Pool")); include("head.inc"); -$relayctl=split("\n", shell_exec("/usr/local/sbin/relayctl show summary")); -$relay_hosts=Array(); -foreach( (array) $relayctl as $line) { - $t=split("\t", $line); - switch (trim($t[1])) { - case "table": - $curpool=trim($t[2]); - break; - case "host": - $curhost=trim($t[2]); - $relay_hosts[$curpool][$curhost]['avail']=trim($t[3]); - $relay_hosts[$curpool][$curhost]['state']=trim($t[4]); - break; - } -} +$relay_hosts = get_lb_summary(); if ($_POST) { if ($_POST['apply']) { diff --git a/usr/local/www/status_lb_vs.php b/usr/local/www/status_lb_vs.php index 43510c8..33ad6e3 100755 --- a/usr/local/www/status_lb_vs.php +++ b/usr/local/www/status_lb_vs.php @@ -40,7 +40,8 @@ ##|*MATCH=status_lb_vs.php* ##|-PRIV -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("vslb.inc"); if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); @@ -50,63 +51,7 @@ if (!is_array($config['load_balancer']['virtual_server'])) { } $a_vs = &$config['load_balancer']['virtual_server']; $a_pool = &$config['load_balancer']['lbpool']; - - - -// # relayctl show summary -// Id Type Name Avlblty Status -// 1 redirect testvs2 active -// 5 table test2:80 active (3 hosts up) -// 11 host 192.168.1.2 91.55% up -// 10 host 192.168.1.3 100.00% up -// 9 host 192.168.1.4 88.73% up -// 3 table test:80 active (1 hosts up) -// 7 host 192.168.1.2 66.20% down -// 6 host 192.168.1.3 97.18% up -// 0 redirect testvs active -// 3 table test:80 active (1 hosts up) -// 7 host 192.168.1.2 66.20% down -// 6 host 192.168.1.3 97.18% up -// 4 table testvs-sitedown:80 active (1 hosts up) -// 8 host 192.168.1.4 84.51% up -// # relayctl show redirects -// Id Type Name Avlblty Status -// 1 redirect testvs2 active -// 0 redirect testvs active -// # relayctl show redirects -// Id Type Name Avlblty Status -// 1 redirect testvs2 active -// total: 2 sessions -// last: 2/60s 2/h 2/d sessions -// average: 1/60s 0/h 0/d sessions -// 0 redirect testvs active - -$redirects_a = array(); -exec('/usr/local/sbin/relayctl show redirects 2>&1', $redirects_a); -$summary_a = array(); -exec('/usr/local/sbin/relayctl show summary 2>&1', $summary_a); -$rdr_a = parse_redirects($redirects_a); -//$server_a = parse_summary($summary_a, parse_redirects($redirects_a)); - -function parse_redirects($rdr_a) { - $vs = array(); - for ($i = 0; isset($rdr_a[$i]); $i++) { - $line = $rdr_a[$i]; - if (preg_match("/^[0-9]+/", $line)) { - $regs = array(); - if($x = preg_match("/^[0-9]+\s+redirect\s+([0-9a-zA-Z\.]+)\s+([a-z]+)/", $line, $regs)) { - $vs[trim($regs[1])] = array(); - $vs[trim($regs[1])]['status'] = trim($regs[2]); - } - } - } - return $vs; -} - -function parse_summary($summary, $rdrs_a) { - $server_a = array(); - return $server_a; -} +$rdr_a = get_lb_redirects(); $pgtitle = array(gettext("Status"),gettext("Load Balancer"),gettext("Virtual Server")); include("head.inc"); diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index 48f5734..4505a02 100755 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -66,7 +66,11 @@ if ($_GET['cat']) { if ($_GET['period']) { $curperiod = $_GET['period']; } else { - $curperiod = "current"; + if(! empty($config['rrd']['period'])) { + $curperiod = $config['rrd']['period']; + } else { + $curperiod = "absolute"; + } } if ($_GET['option']) { @@ -118,6 +122,9 @@ if ($_GET['option']) { continue 2; } } + case "captiveportal": + $curoption = "allgraphs"; + break; default: $curoption = "wan"; break; @@ -128,11 +135,11 @@ $now = time(); if($curcat == "custom") { if (is_numeric($_GET['start'])) { if($start < ($now - (3600 * 24 * 365 * 5))) { - $start = $now - (4 * 3600); + $start = $now - (8 * 3600); } $start = $_GET['start']; } else { - $start = $now - (4 * 3600); + $start = $now - (8 * 3600); } } @@ -144,6 +151,7 @@ if (is_numeric($_GET['end'])) { /* this should never happen */ if($end < $start) { + log_error("start $start is smaller than end $end"); $end = $now; } @@ -168,6 +176,7 @@ $dbheader = array("allgraphs-traffic.rrd", "allgraphs-wireless.rrd", "allgraphs-cellular.rrd", "allgraphs-vpnusers.rrd", + "captiveportal-allgraphs.rrd", "allgraphs-packets.rrd", "system-allgraphs.rrd", "system-throughput.rrd", @@ -191,6 +200,9 @@ foreach($databases as $database) { if(stristr($database, "-vpnusers")) { $vpnusers = true; } + if(stristr($database, "captiveportal-") && isset($config['captiveportal']['enable'])) { + $captiveportal = true; + } } /* append the existing array to the header */ $ui_databases = array_merge($dbheader, $databases); @@ -198,81 +210,103 @@ $custom_databases = array_merge($dbheader_custom, $databases); $styles = array('inverse' => gettext('Inverse'), 'absolute' => gettext('Absolute')); -$graphs = array("day", "week", "month", "quarter", "year", "4year"); -$periods = array("current" => gettext("Current Period"), "previous" => gettext("Previous Period")); +$graphs = array("8hour", "day", "week", "month", "quarter", "year", "4year"); +$periods = array("absolute" => gettext("Absolute Timespans"), "current" => gettext("Current Period"), "previous" => gettext("Previous Period")); +$graph_length = array( + "8hour" => 28800, + "day" => 86400, + "week" => 604800, + "month" => 2764800, + "quarter" => 8035200, + "year" => 31622400, + "4year" => 126489600); $pgtitle = array(gettext("Status"),gettext("RRD Graphs")); include("head.inc"); function get_dates($curperiod, $graph) { + global $graph_length; $now = time(); $end = $now; - $curyear = date('Y', $now); - $curmonth = date('m', $now); - $curweek = date('W', $now); - $curweekday = date('N', $now) - 1; // We want to start on monday - $curday = date('d', $now); - - switch($curperiod) { - case "previous": - $offset = -1; - break; - default: - $offset = 0; - } - switch($graph) { - case "12hour": - switch($offset) { - case 0; - $houroffset = 0; - break; - default: - $houroffset = ($offset * 12) - 12; - break; - } - $start = mktime((8 + $houroffset), 0, 0, $curmonth, $curday, $curyear); - if(($offset != 0) || (($end - ($start + (12 * 3600)) ) > 0) ) { - $end = mktime((8 + $houroffset) + 12, 0, 0, $curmonth, $curday, $curyear); - } - break; - case "day": - $start = mktime(0, 0, 0, $curmonth, ($curday + $offset), $curyear); - if($offset != 0) - $end = mktime(0, 0, 0, $curmonth, (($curday + $offset) + 1), $curyear); - break; - case "week": - switch($offset) { - case 0; - $weekoffset = 0; - break; - default: - $weekoffset = ($offset * 7) - 7; - break; - } - $start = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset), $curyear); - if($offset != 0) - $end = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset + 7), $curyear); - break; - case "month": - $start = mktime(0, 0, 0, ($curmonth + $offset), 0, $curyear); - if($offset != 0) - $end = mktime(0, 0, 0, (($curmonth + $offset) + 1), 0, $curyear); - break; - case "quarter": - $start = mktime(0, 0, 0, (($curmonth - 2) + $offset), 0, $curyear); - if($offset != 0) - $end = mktime(0, 0, 0, (($curmonth + $offset) + 1), 0, $curyear); - break; - case "year": - $start = mktime(0, 0, 0, 1, 0, ($curyear + $offset)); - if($offset != 0) - $end = mktime(0, 0, 0, 1, 0, (($curyear + $offset) +1)); - break; - case "4year": - $start = mktime(0, 0, 0, 1, 0, (($curyear - 3) + $offset)); - if($offset != 0) - $end = mktime(0, 0, 0, 1, 0, (($curyear + $offset) +1)); - break; + + if($curperiod == "absolute") { + $start = $end - $graph_length[$graph]; + } else { + $curyear = date('Y', $now); + $curmonth = date('m', $now); + $curweek = date('W', $now); + $curweekday = date('N', $now) - 1; // We want to start on monday + $curday = date('d', $now); + $curhour = date('G', $now); + + switch($curperiod) { + case "previous": + $offset = -1; + break; + default: + $offset = 0; + } + switch($graph) { + case "8hour": + if($curhour < 24) + $starthour = 16; + if($curhour < 16) + $starthour = 8; + if($curhour < 8) + $starthour = 0; + + switch($offset) { + case 0: + $houroffset = $starthour; + break; + default: + $houroffset = $starthour + ($offset * 8); + break; + } + $start = mktime($houroffset, 0, 0, $curmonth, $curday, $curyear); + if($offset != 0) { + $end = mktime(($houroffset + 8), 0, 0, $curmonth, $curday, $curyear); + } + break; + case "day": + $start = mktime(0, 0, 0, $curmonth, ($curday + $offset), $curyear); + if($offset != 0) + $end = mktime(0, 0, 0, $curmonth, (($curday + $offset) + 1), $curyear); + break; + case "week": + switch($offset) { + case 0: + $weekoffset = 0; + break; + default: + $weekoffset = ($offset * 7) - 7; + break; + } + $start = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset), $curyear); + if($offset != 0) + $end = mktime(0, 0, 0, $curmonth, (($curday - $curweekday) + $weekoffset + 7), $curyear); + break; + case "month": + $start = mktime(0, 0, 0, ($curmonth + $offset), 0, $curyear); + if($offset != 0) + $end = mktime(0, 0, 0, (($curmonth + $offset) + 1), 0, $curyear); + break; + case "quarter": + $start = mktime(0, 0, 0, (($curmonth - 2) + $offset), 0, $curyear); + if($offset != 0) + $end = mktime(0, 0, 0, (($curmonth + $offset) + 1), 0, $curyear); + break; + case "year": + $start = mktime(0, 0, 0, 1, 0, ($curyear + $offset)); + if($offset != 0) + $end = mktime(0, 0, 0, 1, 0, (($curyear + $offset) +1)); + break; + case "4year": + $start = mktime(0, 0, 0, 1, 0, (($curyear - 3) + $offset)); + if($offset != 0) + $end = mktime(0, 0, 0, 1, 0, (($curyear + $offset) +1)); + break; + } } // echo "start $start ". date('l jS \of F Y h:i:s A', $start) .", end $end ". date('l jS \of F Y h:i:s A', $end) ."<br>"; $dates = array(); @@ -317,6 +351,10 @@ function get_dates($curperiod, $graph) { if($curcat == "vpnusers") { $tabactive = True; } else { $tabactive = False; } $tab_array[] = array("VPN", $tabactive, "status_rrd_graph.php?cat=vpnusers"); } + if($captiveportal) { + if($curcat == "captiveportal") { $tabactive = True; } else { $tabactive = False; } + $tab_array[] = array("Captive Portal", $tabactive, "status_rrd_graph.php?cat=captiveportal"); + } if($curcat == "custom") { $tabactive = True; } else { $tabactive = False; } $tab_array[] = array(gettext("Custom"), $tabactive, "status_rrd_graph.php?cat=custom"); if($curcat == "settings") { $tabactive = True; } else { $tabactive = False; } @@ -360,6 +398,11 @@ function get_dates($curperiod, $graph) { $replace = array(" :: ", "", $friendly); switch($curcat) { + case "captiveportal": + $optionc = str_replace($search, $replace, $optionc[1]); + echo "<option value=\"$optionc\""; + $prettyprint = ucwords(str_replace($search, $replace, $optionc)); + break; case "system": $optionc = str_replace($search, $replace, $optionc[1]); echo "<option value=\"$optionc\""; diff --git a/usr/local/www/status_rrd_graph_img.php b/usr/local/www/status_rrd_graph_img.php index c57e322..34040db 100644 --- a/usr/local/www/status_rrd_graph_img.php +++ b/usr/local/www/status_rrd_graph_img.php @@ -63,11 +63,11 @@ $now = time(); if (is_numeric($_GET['start'])) { if($start < ($now - (3600 * 24 * 365 * 5))) { - $start = $now - (4 * 3600); + $start = $now - (8 * 3600); } $start = $_GET['start']; } else { - $start = $now - (4 * 3600); + $start = $now - (8 * 3600); } if (is_numeric($_GET['end'])) { @@ -78,6 +78,7 @@ if (is_numeric($_GET['end'])) { /* this should never happen */ if($end < $start) { + log_error("start $start is smaller than end $end"); $end = $now; } @@ -208,6 +209,7 @@ if(file_exists($rrdcolors)) { $colorspamdtime = array('DDDDFF', 'AAAAFF', 'DDDDFF', '000066'); $colorspamdconn = array('00AA00BB', 'FFFFFFFF', '00660088', 'FFFFFF88', '006600'); $colorvpnusers = array('990000'); + $colorcaptiveportalusers = array('990000'); } switch ($curstyle) { @@ -909,6 +911,44 @@ elseif((strstr($curdatabase, "-cellular.rrd")) && (file_exists("$rrddbpath$curda $graphcmd .= "COMMENT:\"\\n\" "; $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; } +elseif((strstr($curdatabase, "-loggedin.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { + /* define graphcmd for online Captive Portal users stats */ + $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; + $graphcmd .= "--start $start --end $end "; + $graphcmd .= "--vertical-label \"Captive Portal Users\" "; + $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; + $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--height 200 --width 620 "; + $graphcmd .= "DEF:\"$curif-loggedinusers=$rrddbpath$curdatabase:loggedinusers:AVERAGE\" "; + $graphcmd .= "LINE2:\"$curif-loggedinusers#{$colorcaptiveportalusers[0]}:$curif-loggedinusers\" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; + $graphcmd .= "COMMENT:\"Users Online\t\" "; + $graphcmd .= "GPRINT:\"$curif-loggedinusers:LAST:%7.2lf \" "; + $graphcmd .= "GPRINT:\"$curif-loggedinusers:AVERAGE:%7.2lf \" "; + $graphcmd .= "GPRINT:\"$curif-loggedinusers:MAX:%7.2lf \" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; +} +elseif((strstr($curdatabase, "-concurrent.rrd")) && (file_exists("$rrddbpath$curdatabase"))) { + /* define graphcmd for online Captive Portal users stats */ + $graphcmd = "$rrdtool graph $rrdtmppath$curdatabase-$curgraph.png "; + $graphcmd .= "--start $start --end $end "; + $graphcmd .= "--vertical-label \"Captive Portal Users\" "; + $graphcmd .= "--color SHADEA#eeeeee --color SHADEB#eeeeee "; + $graphcmd .= "--title \"`hostname` - {$prettydb} - {$hperiod} - {$havg} average\" "; + $graphcmd .= "--height 200 --width 620 "; + $graphcmd .= "DEF:\"$curif-concurrentusers=$rrddbpath$curdatabase:concurrentusers:AVERAGE\" "; + $graphcmd .= "LINE2:\"$curif-concurrentusers#{$colorcaptiveportalusers[0]}:$curif-concurrentusers\" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t current\t\t average\t maximum\\n\" "; + $graphcmd .= "COMMENT:\"Users Online\t\" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:LAST:%7.2lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:AVERAGE:%7.2lf \" "; + $graphcmd .= "GPRINT:\"$curif-concurrentusers:MAX:%7.2lf \" "; + $graphcmd .= "COMMENT:\"\\n\" "; + $graphcmd .= "COMMENT:\"\t\t\t\t\t\t\t\t\t\t\t\t\t`date +\"%b %d %H\:%M\:%S %Y\"`\" "; +} else { $data = false; log_error(sprintf(gettext("Sorry we do not have data to graph for %s"),$curdatabase)); diff --git a/usr/local/www/status_rrd_graph_settings.php b/usr/local/www/status_rrd_graph_settings.php index 6fb943a..a4b562e 100755 --- a/usr/local/www/status_rrd_graph_settings.php +++ b/usr/local/www/status_rrd_graph_settings.php @@ -47,15 +47,20 @@ require_once("rrd.inc"); $pconfig['enable'] = isset($config['rrd']['enable']); $pconfig['category'] = $config['rrd']['category']; $pconfig['style'] = $config['rrd']['style']; +$pconfig['period'] = $config['rrd']['period']; $curcat = "settings"; $categories = array('system' => gettext("System"), 'traffic' => gettext("Traffic"), 'packets' => gettext("Packets"), 'quality' => gettext("Quality"), - 'queues' => gettext("Queues")); + 'queues' => gettext("Queues"), + 'captiveportal' => gettext("Captive Portal")); $styles = array('inverse' => gettext("Inverse"), 'absolute' => gettext("Absolute")); +$periods = array("absolute" => gettext("Absolute Timespans"), + "current" => gettext("Current Period"), + "previous" => gettext("Previous Period")); if ($_POST) { @@ -69,6 +74,7 @@ if ($_POST) { $config['rrd']['enable'] = $_POST['enable'] ? true : false; $config['rrd']['category'] = $_POST['category']; $config['rrd']['style'] = $_POST['style']; + $config['rrd']['period'] = $_POST['period']; write_config(); $retval = 0; @@ -96,6 +102,9 @@ foreach($databases as $database) { if(stristr($database, "-vpnusers")) { $vpnusers = true; } + if(stristr($database, "captiveportal-") && isset($config['captiveportal']['enable'])) { + $captiveportal = true; + } } $pgtitle = array(gettext("Status"),gettext("RRD Graphs")); @@ -138,6 +147,10 @@ include("head.inc"); if($curcat == "vpnusers") { $tabactive = True; } else { $tabactive = False; } $tab_array[] = array(gettext("VPN"), $tabactive, "status_rrd_graph.php?cat=vpnusers"); } + if($captiveportal) { + if($curcat == "captiveportal") { $tabactive = True; } else { $tabactive = False; } + $tab_array[] = array(gettext("Captive Portal"), $tabactive, "status_rrd_graph.php?cat=captiveportal"); + } if($curcat == "custom") { $tabactive = True; } else { $tabactive = False; } $tab_array[] = array(gettext("Custom"), $tabactive, "status_rrd_graph.php?cat=custom"); if($curcat == "settings") { $tabactive = True; } else { $tabactive = False; } @@ -189,6 +202,21 @@ include("head.inc"); </td> </tr> <tr> + <td width="22%" valign="top" class="vtable"><?=gettext("Default period");?></td> + <td width="78%" class="vtable"> + <select name="period" class="formselect" style="z-index: -10;" > + <?php + foreach ($periods as $period => $periodd) { + echo "<option value=\"$period\""; + if ($period == $pconfig['period']) echo " selected"; + echo ">" . htmlspecialchars($periodd) . "</option>\n"; + } + ?> + </select> + <b><?=gettext("This selects the default period.");?></b> + </td> + </tr> + <tr> <td width="22%" valign="top"> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" onclick="enable_change(true)"> diff --git a/usr/local/www/status_services.php b/usr/local/www/status_services.php index 779e396..d463f3a 100755 --- a/usr/local/www/status_services.php +++ b/usr/local/www/status_services.php @@ -334,9 +334,15 @@ foreach (array('server', 'client') as $mode) { } } } - - + +function service_name_compare($a, $b) { + if (strtolower($a['name']) == strtolower($b['name'])) + return 0; + return (strtolower($a['name']) < strtolower($b['name'])) ? -1 : 1; +} + if (count($services) > 0) { + uasort($services, "service_name_compare"); foreach($services as $service) { if (empty($service['name'])) continue; diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 2bdf7e2..7b4b8e3 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -346,12 +346,12 @@ function prot_change() { <td width="22%" valign="top" class="vncell"><?=gettext("DNS Rebind Check"); ?></td> <td width="78%" class="vtable"> <input name="nodnsrebindcheck" type="checkbox" id="nodnsrebindcheck" value="yes" <?php if ($pconfig['nodnsrebindcheck']) echo "checked"; ?> /> - <strong><?=gettext("Disable webConfigurator DNS Rebinding Checks"); ?></strong> + <strong><?=gettext("Disable DNS Rebinding Checks"); ?></strong> <br/> - <?php echo gettext("When this is unchecked, access to the webConfigurator " . + <?php echo gettext("When this is unchecked, your system " . "is protected against <a href=\"http://en.wikipedia.org/wiki/DNS_rebinding\">DNS Rebinding attacks</a>. " . - "Check this box to disable this protection if you find that it interferes with " . - "webConfigurator access in certain corner cases. "); ?> + "This blocks private IP responses from your configured DNS servers. Check this box to disable this protection if it interferes with " . + "webConfigurator access or name resolution in your environment. "); ?> </td> </tr> <tr> @@ -374,7 +374,7 @@ function prot_change() { <?php echo gettext("When this is unchecked, access to the webConfigurator " . "is protected against HTTP_REFERER redirection attempts. " . "Check this box to disable this protection if you find that it interferes with " . - "webConfigurator access in certain corner cases such as using 3rd party scripts to interact with pfSense. More information on HTTP_REFERER is available from <a target='_new' href='http://en.wikipedia.org/wiki/HTTP_referrer'>Wikipedia</a>."); ?> + "webConfigurator access in certain corner cases such as using external scripts to interact with this system. More information on HTTP_REFERER is available from <a target='_new' href='http://en.wikipedia.org/wiki/HTTP_referrer'>Wikipedia</a>."); ?> </td> </tr> <tr> @@ -422,7 +422,7 @@ function prot_change() { <input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) echo "checked"; ?> /> <strong><?=gettext("This will enable the first serial port with 9600/8/N/1"); ?></strong> <br> - <span class="vexpl"><?=gettext("Note: This will disable the internal video card/keyboard"); ?></span> + <span class="vexpl"><?=gettext("Note: This will redirect the console output and messages to the serial port. You can still access the console menu from the internal video card/keyboard. A <b>null modem</b> serial cable or adapter is required to use the serial console."); ?></span> </td> </tr> <tr> diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 2662775..6eddd39 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -138,6 +138,8 @@ if ($_POST) { $reqdfieldsn = array( gettext("Descriptive name"), gettext("Certificate data")); + if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) + $input_errors[] = gettext("This certificate does not appear to be valid."); } if ($pconfig['method'] == "internal") { $reqdfields = explode(" ", diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 36a11bb..0113461 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -162,6 +162,8 @@ if ($_POST) { gettext("Descriptive name"), gettext("Certificate data"), gettext("Key data")); + if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) + $input_errors[] = gettext("This certificate does not appear to be valid."); } if ($pconfig['method'] == "internal") { diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index 93b6997..9e876c9 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -43,6 +43,8 @@ ##|-PRIV $d_isfwfile = 1; +$nocsrf = true; + require_once("globals.inc"); require_once("guiconfig.inc"); @@ -101,7 +103,7 @@ if(is_subsystem_dirty('firmwarelock')) { echo "<body link=\"#0000CC\" vlink=\"#0000CC\" alink=\"#0000CC\">\n"; include("fbegin.inc"); echo "<div>\n"; - print_info_box(gettext("An upgrade is currently in progress.<p>The firewall will reboot when the operation is complete.") . "<p><center><img src='/themes/{$g['theme']}/images/icons/icon_fw-update.gif'>"); + print_info_box(gettext("An upgrade is currently in progress.<p>The firewall will reboot when the operation is complete.") . "<p><img src='/themes/{$g['theme']}/images/icons/icon_fw-update.gif'>"); echo "</div>\n"; include("fend.inc"); echo "</body>"; @@ -145,7 +147,7 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) { if (is_uploaded_file($_FILES['ulfile']['tmp_name'])) { /* verify firmware image(s) */ if (file_is_for_platform($_FILES['ulfile']['tmp_name'], $_FILES['ulfile']['name']) == false && !$_POST['sig_override']) - $input_errors[] = gettext("The uploaded image file is not for this platform") . " ({$g['platform']})"; + $input_errors[] = gettext("The uploaded image file is not for this platform."); else if (!file_exists($_FILES['ulfile']['tmp_name'])) { /* probably out of memory for the MFS */ $input_errors[] = gettext("Image upload failed (out of memory?)"); diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 4f655fe..06a9eb1 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -42,6 +42,8 @@ ##|*MATCH=system_firmware_auto.php* ##|-PRIV +$nocsrf = true; + require("guiconfig.inc"); require_once("pfsense-utils.inc"); @@ -105,9 +107,9 @@ include("head.inc"); </table> <br> <!-- status box --> - <textarea cols="60" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning firmware upgrade"); ?>.</textarea> + <textarea cols="90" rows="1" name="status" id="status" wrap="hard"><?=gettext("Beginning firmware upgrade"); ?>.</textarea> <!-- command output box --> - <textarea cols="60" rows="25" name="output" id="output" wrap="hard"></textarea> + <textarea cols="90" rows="25" name="output" id="output" wrap="hard"></textarea> </center> </td> </tr> @@ -203,11 +205,13 @@ if ($sigchk == 1) { if ($exitstatus) { update_status($sig_warning); - update_output_window(gettext("Update cannot continue")); - require("fend.inc"); + update_output_window(gettext("Update cannot continue. You can disable this check on the Updater Settings tab.")); + require("fend.inc"); exit; -} else if ($sigchk == 2) - update_output_window("\n" . gettext("Image has no signature but the system configured to allow unsigned images.") . "\n"); +} else if ($sigchk == 2) { + update_status("Upgrade in progress..."); + update_output_window("\n" . gettext("Upgrade Image does not contain a signature but the system has been configured to allow unsigned images. One moment please...") . "\n"); +} if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) { update_status(gettext("The image file is corrupt.")); diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index 025ff97..7ded7ae 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -130,7 +130,7 @@ if ($_POST) { foreach ($a_gateways as $gateway) { if (isset($id) && ($a_gateways[$id]) && ($a_gateways[$id] === $gateway)) { if ($gateway['name'] != $_POST['name']) - $input_errors[] = gettext("Changing name on a gateway is not allowed because it can leave stale gateways around."); + $input_errors[] = gettext("Changing name on a gateway is not allowed."); continue; } if($_POST['name'] <> "") { diff --git a/usr/local/www/themes/_corporate/images/icons/icon_block_add.gif b/usr/local/www/themes/_corporate/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/_corporate/images/icons/icon_pass_add.gif b/usr/local/www/themes/_corporate/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/_corporate/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/code-red/images/icons/icon_block_add.gif b/usr/local/www/themes/code-red/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/code-red/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/code-red/images/icons/icon_pass_add.gif b/usr/local/www/themes/code-red/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/code-red/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/metallic/images/icons/icon_block_add.gif b/usr/local/www/themes/metallic/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/metallic/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/metallic/images/icons/icon_pass_add.gif b/usr/local/www/themes/metallic/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/metallic/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_block_add.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/pfsense-dropdown/images/icons/icon_pass_add.gif b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/pfsense-dropdown/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_block_add.gif b/usr/local/www/themes/pfsense/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/pfsense/images/icons/icon_pass_add.gif b/usr/local/www/themes/pfsense/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/pfsense/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/pfsense_ng/images/icons/icon_block_add.gif b/usr/local/www/themes/pfsense_ng/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/pfsense_ng/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/pfsense_ng/images/icons/icon_pass_add.gif b/usr/local/www/themes/pfsense_ng/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/pfsense_ng/images/icons/icon_pass_add.gif diff --git a/usr/local/www/themes/the_wall/images/icons/icon_block_add.gif b/usr/local/www/themes/the_wall/images/icons/icon_block_add.gif Binary files differnew file mode 100644 index 0000000..eb726d6 --- /dev/null +++ b/usr/local/www/themes/the_wall/images/icons/icon_block_add.gif diff --git a/usr/local/www/themes/the_wall/images/icons/icon_pass_add.gif b/usr/local/www/themes/the_wall/images/icons/icon_pass_add.gif Binary files differnew file mode 100644 index 0000000..f7f4c20 --- /dev/null +++ b/usr/local/www/themes/the_wall/images/icons/icon_pass_add.gif diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 96f67bf..d2374b2 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -125,6 +125,7 @@ if($_GET['act']=="edit"){ } else $pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']); $pconfig['crypto'] = $a_client[$id]['crypto']; + $pconfig['engine'] = $a_server[$id]['engine']; $pconfig['tunnel_network'] = $a_client[$id]['tunnel_network']; $pconfig['remote_network'] = $a_client[$id]['remote_network']; @@ -254,6 +255,7 @@ if ($_POST) { $client['shared_key'] = base64_encode($pconfig['shared_key']); } $client['crypto'] = $pconfig['crypto']; + $client['engine'] = $pconfig['engine']; $client['tunnel_network'] = $pconfig['tunnel_network']; $client['remote_network'] = $pconfig['remote_network']; @@ -716,6 +718,24 @@ if ($savemsg) </select> </td> </tr> + <tr id="engine"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td> + <td width="78%" class="vtable"> + <select name="engine" class="formselect"> + <?php + $engines = openvpn_get_engines(); + foreach ($engines as $name => $desc): + $selected = ''; + if ($name == $pconfig['engine']) + $selected = ' selected'; + ?> + <option value="<?=$name;?>"<?=$selected?>> + <?=htmlspecialchars($desc);?> + </option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr> <td colspan="2" class="list" height="12"></td> </tr> diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 9d7c00d..0f751e7 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -126,6 +126,7 @@ if($_GET['act']=="edit"){ } else $pconfig['shared_key'] = base64_decode($a_server[$id]['shared_key']); $pconfig['crypto'] = $a_server[$id]['crypto']; + $pconfig['engine'] = $a_server[$id]['engine']; $pconfig['tunnel_network'] = $a_server[$id]['tunnel_network']; $pconfig['remote_network'] = $a_server[$id]['remote_network']; @@ -176,6 +177,8 @@ if($_GET['act']=="edit"){ // just in case the modes switch $pconfig['autokey_enable'] = "yes"; $pconfig['autotls_enable'] = "yes"; + + $pconfig['duplicate_cn'] = isset($a_server[$id]['duplicate_cn']); } } @@ -322,6 +325,7 @@ if ($_POST) { $server['shared_key'] = base64_encode($pconfig['shared_key']); } $server['crypto'] = $pconfig['crypto']; + $server['engine'] = $pconfig['engine']; $server['tunnel_network'] = $pconfig['tunnel_network']; $server['remote_network'] = $pconfig['remote_network']; @@ -364,7 +368,10 @@ if ($_POST) { if ($pconfig['dns_server_enable']) $server['nbdd_server1'] = $pconfig['nbdd_server1']; } - + + if ($_POST['duplicate_cn'] == "yes") + $server['duplicate_cn'] = true; + if (isset($id) && $a_server[$id]) $a_server[$id] = $server; else @@ -867,6 +874,24 @@ if ($savemsg) </select> </td> </tr> + <tr id="engine"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Hardware Crypto"); ?></td> + <td width="78%" class="vtable"> + <select name="engine" class="formselect"> + <?php + $engines = openvpn_get_engines(); + foreach ($engines as $name => $desc): + $selected = ''; + if ($name == $pconfig['engine']) + $selected = ' selected'; + ?> + <option value="<?=$name;?>"<?=$selected?>> + <?=htmlspecialchars($desc);?> + </option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr id="strictusercn"> <td width="22%" valign="top" class="vncell"><?=gettext("Strict User/CN Matching"); ?></td> <td width="78%" class="vtable"> @@ -1012,6 +1037,24 @@ if ($savemsg) </table> </td> </tr> + <tr id="duplicate_cn"> + <td width="22%" valign="top" class="vncell"><?=gettext("Duplicate Connections"); ?></td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0"> + <tr> + <td> + <?php set_checked($pconfig['duplicate_cn'],$chk); ?> + <input name="duplicate_cn" type="checkbox" value="yes" <?=$chk;?>/> + </td> + <td> + <span class="vexpl"> + <?=gettext("Allow multiple concurrent connections from clients using the same Common Name.<br/>NOTE: This is not generally recommended, but may be needed for some scenarios."); ?> + </span> + </td> + </tr> + </table> + </td> + </tr> </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="client_opts"> diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php index 8052466..52fd334 100755 --- a/usr/local/www/vpn_pppoe.php +++ b/usr/local/www/vpn_pppoe.php @@ -99,7 +99,7 @@ include("head.inc"); <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="15%" class="listhdrr"><?=gettext("Interface");?></td> - <td width="10%" class="listhdrr"><?=gettext("Local ip");?></td> + <td width="10%" class="listhdrr"><?=gettext("Local IP");?></td> <td width="25%" class="listhdrr"><?=gettext("Number of users");?></td> <td width="25%" class="listhdr"><?=gettext("Description");?></td> <td width="5%" class="list"> diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index 73ba7cc..1cd0075 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -84,7 +84,7 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['username'])) $input_errors[] = gettext("The username contains invalid characters."); - if (preg_match("/[[:cntrl:]\"]/", $_POST['password'])) + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['passwordfld'])) $input_errors[] = gettext("The password contains invalid characters."); if (preg_match("/^!/", $_POST['password'])) diff --git a/usr/local/www/widgets/include/wake_on_lan.inc b/usr/local/www/widgets/include/wake_on_lan.inc new file mode 100644 index 0000000..af3229c --- /dev/null +++ b/usr/local/www/widgets/include/wake_on_lan.inc @@ -0,0 +1,7 @@ +<?php + +//set variable for custom title +$wake_on_lan_title = "Wake On Lan"; +$wake_on_lan_title_link = "services_wol.php"; + +?>
\ No newline at end of file diff --git a/usr/local/www/widgets/widgets/captive_portal_status.widget.php b/usr/local/www/widgets/widgets/captive_portal_status.widget.php index 1ca7007..d240d69 100644 --- a/usr/local/www/widgets/widgets/captive_portal_status.widget.php +++ b/usr/local/www/widgets/widgets/captive_portal_status.widget.php @@ -32,10 +32,13 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("globals.inc"); require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); +require_once("captiveportal.inc"); ?> @@ -55,7 +58,7 @@ function clientcmp($a, $b) { $cpdb = array(); if (file_exists("{$g['vardb_path']}/captiveportal.db")) { - $captiveportallck = lock('captiveportal'); + $captiveportallck = lock('captiveportaldb'); $cpcontents = file("{$g['vardb_path']}/captiveportal.db", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); unlock($captiveportallck); } else diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php index 6399579..a671308 100644 --- a/usr/local/www/widgets/widgets/carp_status.widget.php +++ b/usr/local/www/widgets/widgets/carp_status.widget.php @@ -27,10 +27,13 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); require_once("/usr/local/www/widgets/include/carp_status.inc"); + ?> <table bgcolor="#990000" width="100%" border="0" cellspacing="0" cellpadding="0"> <?php diff --git a/usr/local/www/widgets/widgets/gateways.widget.php b/usr/local/www/widgets/widgets/gateways.widget.php index db6a83a..4abe524 100644 --- a/usr/local/www/widgets/widgets/gateways.widget.php +++ b/usr/local/www/widgets/widgets/gateways.widget.php @@ -26,6 +26,9 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/gmirror_status.widget.php b/usr/local/www/widgets/widgets/gmirror_status.widget.php index cd73a0f..cbbead2 100644 --- a/usr/local/www/widgets/widgets/gmirror_status.widget.php +++ b/usr/local/www/widgets/widgets/gmirror_status.widget.php @@ -25,6 +25,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("/usr/local/www/widgets/include/gmirror_status.inc"); if ($_GET['textonly'] == "true") { diff --git a/usr/local/www/widgets/widgets/installed_packages.widget.php b/usr/local/www/widgets/widgets/installed_packages.widget.php index 6795d36..3ecb0ec 100644 --- a/usr/local/www/widgets/widgets/installed_packages.widget.php +++ b/usr/local/www/widgets/widgets/installed_packages.widget.php @@ -1,36 +1,38 @@ <?php /* - $Id$ - Copyright 2007 Scott Dale - Part of pfSense widgets (www.pfsense.com) - originally based on m0n0wall (http://m0n0.ch/wall) + $Id$ + Copyright 2007 Scott Dale + Part of pfSense widgets (www.pfsense.com) + originally based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> - and Jonathan Watt <jwatt@jwatt.org>. - All rights reserved. + Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> + and Jonathan Watt <jwatt@jwatt.org>. + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); @@ -48,76 +50,69 @@ $updateavailable = false; ?> <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="15%" class="listhdrr">Package Name</td> - <td width="15%" class="listhdrr">Category</td> - <td width="30%" class="listhdrr">Package Version</td> - </tr> - <?php - if($config['installedpackages']['package'] != "") { - $instpkgs = array(); - foreach($config['installedpackages']['package'] as $instpkg) $instpkgs[] = $instpkg['name']; - asort($instpkgs); - $y=1; - foreach ($instpkgs as $index => $pkgname){ - + <tr> + <td width="15%" class="listhdrr">Package Name</td> + <td width="15%" class="listhdrr">Category</td> + <td width="30%" class="listhdrr">Package Version</td> + </tr> + <?php + if($config['installedpackages']['package'] != "") { + $instpkgs = array(); + foreach($config['installedpackages']['package'] as $instpkg) + $instpkgs[] = $instpkg['name']; + natcasesort($instpkgs); + $y=1; + foreach ($instpkgs as $index => $pkgname){ + $pkg = $config['installedpackages']['package'][$index]; - if($pkg['name'] <> "") { - ?> - <tr valign="top"> - <td class="listlr"> - <?= $pkg['name'] ?> - </td> - <td class="listlr"> - <?= $pkg['category'] ?> - </td> - <td class="listlr"> - <?php - $latest_package = $currentvers[$pkg['name']]['version']; - if($latest_package == false) - { - // We can't determine this package's version status. - echo "Current: Unknown.<br>Installed: " . $pkg['version']; - } - elseif(strcmp($pkg['version'], $latest_package) > 0) - { - /* we're running a newer version of the package */ - echo "Current: {$latest_package}"; - echo "<br>Installed: {$pkg['version']}"; - } - elseif(strcmp($pkg['version'], $latest_package) < 0) - { - /* our package is out of date */ - $updateavailable = true; - ?> - <div id="updatediv-<?php echo $y; ?>" style="color:red"> - <b>Update Available!</b></div><div style="float:left"> - Current: <?php echo $latest_package; ?><br/> - Installed: <?php echo $pkg['version']; ?></div><div style="float:right"> - <a href="pkg_mgr_install.php?mode=reinstallpkg&pkg=<?= $pkg['name']; ?>"><img title="Update this package." src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_pkg.gif" width="17" height="17" border="0"</a> - </div> - <?php $y++; - } - else - { - echo $pkg['version']; - } - ?></td> - </tr> - <?php - } - } - } else { - echo "<tr><td colspan=\"5\"><center>There are no packages currently installed.</td></tr>"; - } - ?> - </table> - + if($pkg['name'] <> "") { ?> + <tr valign="top"> + <td class="listlr"> + <?= $pkg['name'] ?> + </td> + <td class="listlr"> + <?= $pkg['category'] ?> + </td> + <td class="listlr"> + <?php + $latest_package = $currentvers[$pkg['name']]['version']; + if($latest_package == false) { + // We can't determine this package's version status. + echo "Current: Unknown.<br>Installed: " . $pkg['version']; + } elseif(strcmp($pkg['version'], $latest_package) > 0) { + /* we're running a newer version of the package */ + echo "Current: {$latest_package}"; + echo "<br>Installed: {$pkg['version']}"; + } elseif(strcmp($pkg['version'], $latest_package) < 0) { + /* our package is out of date */ + $updateavailable = true; + ?> + <div id="updatediv-<?php echo $y; ?>" style="color:red"> + <b>Update Available!</b></div><div style="float:left"> + Current: <?php echo $latest_package; ?><br/> + Installed: <?php echo $pkg['version']; ?></div><div style="float:right"> + <a href="pkg_mgr_install.php?mode=reinstallpkg&pkg=<?= $pkg['name']; ?>"><img title="Update this package." src="./themes/<?= $g['theme']; ?>/images/icons/icon_reinstall_pkg.gif" width="17" height="17" border="0"/></a> + </div> + <?php + $y++; + } else { + echo $pkg['version']; + } ?> + </td> + </tr> + <?php } + } + } else { + echo "<tr><td colspan=\"5\"><center>There are no packages currently installed.</td></tr>"; + } + ?> +</table> + <?php if ($updateavailable): ?> <script language="javascript" type="text/javascript"> window.onload = function(in_event) - { - for (y=1; y<=<?php echo $y;?>; y++){ + { + for (y=1; y<=<?php echo $y;?>; y++){ textID = "updatediv-" + y; Effect.Pulsate(textID,{from:0.1}); } diff --git a/usr/local/www/widgets/widgets/interface_statistics.widget.php b/usr/local/www/widgets/widgets/interface_statistics.widget.php index 3fcf8a6..7dca538 100644 --- a/usr/local/www/widgets/widgets/interface_statistics.widget.php +++ b/usr/local/www/widgets/widgets/interface_statistics.widget.php @@ -31,6 +31,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/interfaces.widget.php b/usr/local/www/widgets/widgets/interfaces.widget.php index d74f690..626e067 100644 --- a/usr/local/www/widgets/widgets/interfaces.widget.php +++ b/usr/local/www/widgets/widgets/interfaces.widget.php @@ -30,6 +30,9 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/ipsec.widget.php b/usr/local/www/widgets/widgets/ipsec.widget.php index 4966dd7..dd0c10e 100644 --- a/usr/local/www/widgets/widgets/ipsec.widget.php +++ b/usr/local/www/widgets/widgets/ipsec.widget.php @@ -31,6 +31,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("functions.inc"); require_once("ipsec.inc"); diff --git a/usr/local/www/widgets/widgets/load_balancer_status.widget.php b/usr/local/www/widgets/widgets/load_balancer_status.widget.php index c1cf979..63f8bc4 100644 --- a/usr/local/www/widgets/widgets/load_balancer_status.widget.php +++ b/usr/local/www/widgets/widgets/load_balancer_status.widget.php @@ -1,137 +1,144 @@ <?php /* - $Id$ - Copyright 2007 Scott Dale - Part of pfSense widgets (www.pfsense.com) - originally based on m0n0wall (http://m0n0.ch/wall) + Copyright 2010 Jim Pingle + Portions copied from status_lb_pool.php, status_lb_vs.php, and vslb.inc: + Copyright (C) 2010 Seth Mos <seth.mos@dds.nl>. + Copyright (C) 2005-2008 Bill Marquette - Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> - and Jonathan Watt <jwatt@jwatt.org>. - All rights reserved. + Part of pfSense widgets (www.pfsense.com) + originally based on m0n0wall (http://m0n0.ch/wall) - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Copyright (C) 2004-2005 T. Lechat <dev@lechat.org>, Manuel Kasper <mk@neon1.net> + and Jonathan Watt <jwatt@jwatt.org>. + All rights reserved. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); +require_once("vslb.inc"); + +$now = time(); +$year = date("Y"); - if (!is_array($config['load_balancer']['lbpool'])) { +if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); - } - if (!is_array($config['load_balancer']['virtual_server'])) { - $config['load_balancer']['virtual_server'] = array(); - } - $a_vs = &$config['load_balancer']['virtual_server']; - $a_pool = &$config['load_balancer']['lbpool']; - - $slbd_logfile = "{$g['varlog_path']}/slbd.log"; - - $nentries = $config['syslog']['nentries']; - if (!$nentries) - $nentries = 50; - - $now = time(); - $year = date("Y"); - - +} +if (!is_array($config['load_balancer']['virtual_server'])) { + $config['load_balancer']['virtual_server'] = array(); +} +$a_vs = &$config['load_balancer']['virtual_server']; +$a_pool = &$config['load_balancer']['lbpool']; +$rdr_a = get_lb_redirects(); +$relay_hosts = get_lb_summary(); + +$lb_logfile = "{$g['varlog_path']}/relayd.log"; +$nentries = $config['syslog']['nentries']; +if (!$nentries) + $nentries = 50; + ?> - <table bgcolor="#990000" width="100%" border="0" cellspacing="0" cellpadding="0"> - <tr> - <td width="10%" class="listhdrr">Name</td> - <td width="10%" class="listhdrr">Port</td> - <td width="10%" class="listhdrr">Servers</td> - <td width="30%" class="listhdrr">Status</td> - <td width="30%" class="listhdr">Description</td> - </tr> - <?php $i = 0; foreach ($a_vs as $vsent): ?> - <tr> - <td class="listlr"> - <?=$vsent['name'];?> - </td> - <td class="listr" align="center" > - <?=$vsent['port'];?> - <br /> - </td> - <td class="listr" align="center" > - <table border="0" cellpadding="0" cellspacing="2"> - <?php - foreach ($a_pool as $vipent) { - if ($vipent['name'] == $vsent['pool']) { - foreach ((array) $vipent['servers'] as $server) { - PRINT "<tr><td> {$server} </td></tr>"; - } +<table bgcolor="#990000" width="100%" border="0" cellspacing="0" cellpadding="0"> + <tr> + <td width="10%" class="listhdrr">Server</td> + <td width="10%" class="listhdrr">Pool</td> + <td width="30%" class="listhdr">Description</td> + </tr> + <?php $i = 0; foreach ($a_vs as $vsent): ?> + <tr> + <?php + switch (trim($rdr_a[$vsent['name']]['status'])) { + case 'active': + $bgcolor = "lightgreen"; + $rdr_a[$vsent['name']]['status'] = "Active"; + break; + case 'down': + $bgcolor = "lightcoral"; + $rdr_a[$vsent['name']]['status'] = "Down"; + break; + default: + $bgcolor = "lightgray"; + $rdr_a[$vsent['name']]['status'] = 'Unknown - relayd not running?'; + } + ?> + <td class="listlr"> + <?=$vsent['name'];?><br/> + <span style="background-color: <?=$bgcolor?>; display: block"><i><?=$rdr_a[$vsent['name']]['status']?></i></span> + <?=$vsent['ipaddr'].":".$vsent['port'];?><br/> + </td> + <td class="listr" align="center" > + <table border="0" cellpadding="0" cellspacing="2"> + <?php + foreach ($a_pool as $pool) { + if ($pool['name'] == $vsent['pool']) { + $pool_hosts=array(); + foreach ((array) $pool['servers'] as $server) { + $svr['ip']['addr']=$server; + $svr['ip']['state']=$relay_hosts[$pool['name'].":".$pool['port']][$server]['state']; + $svr['ip']['avail']=$relay_hosts[$pool['name'].":".$pool['port']][$server]['avail']; + $pool_hosts[]=$svr; } - } - ?> - </table> - </td> - <td class="listr" > - <table border="0" cellpadding="0" cellspacing="2"> - <?php - $poolfile = "{$g['tmp_path']}/{$vsent['name']}.pool"; - if(file_exists("$poolfile")) { - $poolstatus = file_get_contents("$poolfile"); + foreach ((array) $pool['serversdisabled'] as $server) { + $svr['ip']['addr']="$server"; + $svr['ip']['state']='disabled'; + $svr['ip']['avail']='disabled'; + $pool_hosts[]=$svr; } - foreach ($a_pool as $vipent) { - if ($vipent['name'] == $vsent['pool']) { - foreach ((array) $vipent['servers'] as $server) { - $lastchange = ""; - $monitorip = $server; - $logstates = return_clog($slbd_logfile, $nentries, array("$monitorip", "marking"), true); - $logstates = $logstates[0]; - - if(stristr($logstates, $monitorip)) { - $date = preg_split("/[ ]+/" , $logstates); - $lastchange = "$date[0] $date[1] $year $date[2]"; - } - if(stristr($poolstatus, $monitorip)) { - $online = "Online"; - $bgcolor = "lightgreen"; - $change = $now - strtotime("$lastchange"); - if($change < 300) { - $bgcolor = "khaki"; - } - } else { - $online = "Offline"; - $bgcolor = "lightcoral"; + asort($pool_hosts); + foreach ((array) $pool_hosts as $server) { + if($server['ip']['addr']!="") { + switch ($server['ip']['state']) { + case 'up': + $bgcolor = "lightgreen"; + $checked = "checked"; + break; + case 'disabled': + $bgcolor = "white"; + $checked = ""; + break; + default: + $bgcolor = "lightcoral"; + $checked = "checked"; } - PRINT "<tr><td bgcolor=\"$bgcolor\" > $online </td><td>"; - if($lastchange <> "") { - PRINT "Last change $lastchange"; - } else { - PRINT "No changes found in logfile"; - } - PRINT "</td></tr>"; - } + echo "<tr>"; + echo "<td bgcolor={$bgcolor}> {$server['ip']['addr']}:{$pool['port']} </td><td bgcolor={$bgcolor}>"; + if($server['ip']['avail']) + echo " ({$server['ip']['avail']}) "; + echo "</td></tr>"; + } } } - ?> - </table> - </td> - <td class="listbg" > - <font color="#FFFFFF"><?=$vipent['descr'];?></font> - </td> - </tr> - <?php $i++; endforeach; ?> - </table> + } + ?> + </table> + </td> + <td class="listbg" > + <font color="#FFFFFF"><?=$vsent['descr'];?></font> + </td> + </tr> + <?php $i++; endforeach; ?> +</table> diff --git a/usr/local/www/widgets/widgets/log.widget.php b/usr/local/www/widgets/widgets/log.widget.php index c46a6ab..84f6585 100644 --- a/usr/local/www/widgets/widgets/log.widget.php +++ b/usr/local/www/widgets/widgets/log.widget.php @@ -30,6 +30,9 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/openvpn.widget.php b/usr/local/www/widgets/widgets/openvpn.widget.php index 25454c8..fdf2e3c 100644 --- a/usr/local/www/widgets/widgets/openvpn.widget.php +++ b/usr/local/www/widgets/widgets/openvpn.widget.php @@ -1,4 +1,7 @@ <?php + +$nocsrf = true; + require_once("openvpn.inc"); /* Handle AJAX */ diff --git a/usr/local/www/widgets/widgets/picture.widget.php b/usr/local/www/widgets/widgets/picture.widget.php index 7f25af4..90bf288 100644 --- a/usr/local/www/widgets/widgets/picture.widget.php +++ b/usr/local/www/widgets/widgets/picture.widget.php @@ -26,6 +26,7 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); diff --git a/usr/local/www/widgets/widgets/rss.widget.php b/usr/local/www/widgets/widgets/rss.widget.php index d81fa4d..0843684 100644 --- a/usr/local/www/widgets/widgets/rss.widget.php +++ b/usr/local/www/widgets/widgets/rss.widget.php @@ -26,6 +26,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/services_status.widget.php b/usr/local/www/widgets/widgets/services_status.widget.php index 862a069..f41e7f5 100644 --- a/usr/local/www/widgets/widgets/services_status.widget.php +++ b/usr/local/www/widgets/widgets/services_status.widget.php @@ -29,6 +29,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("captiveportal.inc"); require_once("service-utils.inc"); @@ -175,7 +177,14 @@ if(isset($_POST['servicestatusfilter'])) { <?php $skipservices = explode(",", str_replace(" ", "", $config['widgets']['servicestatusfilter'])); +function service_name_compare($a, $b) { + if (strtolower($a['name']) == strtolower($b['name'])) + return 0; + return (strtolower($a['name']) < strtolower($b['name'])) ? -1 : 1; +} + if (count($services) > 0) { + uasort($services, "service_name_compare"); foreach($services as $service) { if((!$service['name']) || (in_array($service['name'], $skipservices))) continue; diff --git a/usr/local/www/widgets/widgets/system_information.widget.php b/usr/local/www/widgets/widgets/system_information.widget.php index 9604461..1b9683a 100644 --- a/usr/local/www/widgets/widgets/system_information.widget.php +++ b/usr/local/www/widgets/widgets/system_information.widget.php @@ -31,11 +31,12 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("functions.inc"); require_once("guiconfig.inc"); require_once('notices.inc'); - if($_REQUEST['getupdatestatus']) { if(isset($curcfg['alturl']['enable'])) $updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}"; diff --git a/usr/local/www/widgets/widgets/traffic_graphs.widget.php b/usr/local/www/widgets/widgets/traffic_graphs.widget.php index 9d1e76c..4686d0b 100644 --- a/usr/local/www/widgets/widgets/traffic_graphs.widget.php +++ b/usr/local/www/widgets/widgets/traffic_graphs.widget.php @@ -31,6 +31,8 @@ POSSIBILITY OF SUCH DAMAGE. */ +$nocsrf = true; + require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); require_once("functions.inc"); diff --git a/usr/local/www/widgets/widgets/wake_on_lan.widget.php b/usr/local/www/widgets/widgets/wake_on_lan.widget.php new file mode 100644 index 0000000..598dc1f --- /dev/null +++ b/usr/local/www/widgets/widgets/wake_on_lan.widget.php @@ -0,0 +1,76 @@ +<?php +/* + wake_on_lan.widget.php + Copyright (C) 2010 Yehuda Katz + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +$nocsrf = true; + +require_once("/usr/local/www/widgets/include/wake_on_lan.inc"); + +if (is_array($config['wol']['wolentry'])) + $wolcomputers = $config['wol']['wolentry']; +else + $wolcomputers = array(); + +?> +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <? + echo '<td class="widgetsubheader"><b><center>' . gettext("Computer / Device") . '</center></b></td>'; + echo '<td class="widgetsubheader"><b><center>' . gettext("Interface") . '</center></b></td>'; + echo '<td class="widgetsubheader"><b><center>' . gettext("Status") . '</center></b></td>'; + ?> + <td class="widgetsubheader"> </td> + </tr> +<?php + +if (count($wolcomputers) > 0) { + foreach($wolcomputers as $wolent) { + echo '<tr><td class="listlr">' . $wolent['descr'] . '<br />' . $wolent['mac'] . '</td>' . "\n"; + echo '<td class="listr">' . convert_friendly_interface_to_friendly_descr($wolent['interface']) . '</td>' . "\n"; + + $is_active = exec("/usr/sbin/arp -an |/usr/bin/grep {$wolent['mac']}| /usr/bin/wc -l|/usr/bin/awk '{print $1;}'"); + if($is_active == 1) { + echo '<td class="listr"><center>' . "\n"; + echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_pass.gif\"> " . gettext("Online") . "</td>\n"; + } else { + echo '<td class="listbg"><center>' . "\n"; + echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_block.gif\"> <font color=\"white\">" . gettext("Offline") . "</td>\n"; + } + echo '<td valign="middle" class="list" nowrap>'; + /*if($is_active) { */ + /* Will always show wake-up button even if pfsense thinks it is awake */ + /* } else { */ + echo "<a href='services_wol.php?mac={$wolent['mac']}&if={$wolent['interface']}'> "; + echo "<img title='" . gettext("Wake Up") . "' border='0' src='./themes/".$g['theme']."/images/icons/icon_wol_all.gif'></a>\n"; + /* } */ + echo "</td></tr>\n"; + } +} else { + echo "<tr><td colspan=\"3\"><center>" . gettext("No saved WoL addresses") . ".</td></tr>\n"; +} +?> +</table> +<center><a href="status_dhcp_leases.php" class="navlink">DHCP Leases Status</a></center> diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index 35bca7c..5af4510 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -321,6 +321,15 @@ function step10_stepbeforeformdisplay() { $opt['value'] = $name; $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; } + } else if ($field['name'] == "engine") { + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); + $engines = openvpn_get_engines(); + foreach ($engines as $name => $desc) { + $opt = array(); + $opt['name'] = $desc; + $opt['value'] = $name; + $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'][] = $opt; + } } else if ($field['name'] == "nbttype") { $pkg['step'][$stepid]['fields']['field'][$idx]['options']['option'] = array(); foreach ($netbios_nodetypes as $type => $name) { @@ -550,6 +559,8 @@ function step12_submitphpaction() { $server['passtos'] = $pconfig['step10']['tos']; if (isset($pconfig['step10']['interclient'])) $server['client2client'] = $pconfig['step10']['interclient']; + if (isset($pconfig['step10']['duplicate_cn'])) + $server['duplicate_cn'] = $pconfig['step10']['duplicate_cn']; if (isset($pconfig['step10']['dynip'])) $server['dynamic_ip'] = $pconfig['step10']['dynip']; if (isset($pconfig['step10']['addrpool'])) @@ -579,6 +590,7 @@ function step12_submitphpaction() { $server['netbios_enable'] = $pconfig['step10']['nbtenable']; } $server['crypto'] = $pconfig['step10']['crypto']; + $server['engine'] = $pconfig['step10']['engine']; if (isset($pconfig['step11']['ovpnrule'])) { $rule = array(); diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml index c7c561e..5a7ca5b 100644 --- a/usr/local/www/wizards/openvpn_wizard.xml +++ b/usr/local/www/wizards/openvpn_wizard.xml @@ -692,6 +692,19 @@ <description><br/>The method used to encrypt traffic between endpoints. This setting must match on the client and server side, but is otherwise set however you like. Certain algorithms will perform better on different hardware, depending on the availability of supported VPN accelerator chips.</description> </field> <field> + <name>engine</name> + <type>select</type> + <displayname>Hardware Crypto</displayname> + <bindstofield>ovpnserver->step10->engine</bindstofield> + <options> + <option> + <name>dummy</name> + <value>dummy</value> + </option> + </options> + <description><br/>The hardware cryptographic accelerator to use for this VPN connection, if any.</description> + </field> + <field> <type>listtopic</type> <name>Tunnel Settings</name> </field> @@ -748,6 +761,13 @@ <bindstofield>ovpnserver->step10->interclient</bindstofield> </field> <field> + <displayname>Duplicate Connections</displayname> + <name>duplicate_cn</name> + <type>checkbox</type> + <description>Allow multiple concurrent connections from clients using the same Common Name.<br/>NOTE: This is not generally recommended, but may be needed for some scenarios.</description> + <bindstofield>ovpnserver->step10->duplicate_cn</bindstofield> + </field> + <field> <type>listtopic</type> <name>Client Settings</name> </field> @@ -820,6 +840,7 @@ <name>nbtenable</name> <type>checkbox</type> <displayname>NetBIOS Options</displayname> + <bindstofield>ovpnserver->step10->nbtenable</bindstofield> <description>Enable NetBIOS over TCP/IP. <br/>If this option is not set, all NetBIOS-over-TCP/IP options (including WINS) will be disabled. </description> </field> <field> @@ -941,4 +962,4 @@ <stepsubmitphpaction>step12_submitphpaction();</stepsubmitphpaction> <includefile>/usr/local/www/wizards/openvpn_wizard.inc</includefile> </step> -</pfsensewizard> +</pfsensewizard>
\ No newline at end of file diff --git a/usr/local/www/wizards/setup_wizard.xml b/usr/local/www/wizards/setup_wizard.xml index 6b0627c..5a33d39 100644 --- a/usr/local/www/wizards/setup_wizard.xml +++ b/usr/local/www/wizards/setup_wizard.xml @@ -218,13 +218,6 @@ <type>listtopic</type> </field> <field> - <name>interface</name> - <type>interface_select</type> - <donotdisable>true</donotdisable> - <displayname>Interface</displayname> - <bindstofield>interfaces->wan->if</bindstofield> - </field> - <field> <donotdisable>true</donotdisable> <name>MAC Address</name> <bindstofield>interfaces->wan->spoofmac</bindstofield> diff --git a/usr/local/www/wizards/traffic_shaper_wizard.inc b/usr/local/www/wizards/traffic_shaper_wizard.inc index 05c3671..b684fb6 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard.inc @@ -223,7 +223,7 @@ function step2_stepsubmitphpaction() { /* Input Validation */ $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - for ($j = $i + 1; $j < $steps; $j++) { + for ($j = $i + 1; $j <= $steps; $j++) { $wannum = $i+1; if ($_POST["conn{$i}interface"] == $_POST["conn{$j}interface"]) { $savemsg=gettext("You cannot select the same interface for WAN# {$wannum} and WAN #{$j}."); @@ -436,6 +436,9 @@ function step3_stepsubmitphpaction() { global $config; global $stepid, $savemsg; + if (!$_POST['enable']) + return; + if($_POST['address']) { if(!is_ipaddroralias($_POST['address'])) { /* item is not an ip or alias. error out */ @@ -447,24 +450,22 @@ function step3_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - if ($_POST["conn{$i}upload"]) { - if (!is_numeric($_POST["conn{$i}upload"])) { - $wannum = $i + 1; - $savemsg = gettext("Upload bandwidth of WAN #{$wannum} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $friendly_interface = $i+1; - $savemsg=gettext("You cannot set the VoIP upload bandwidth on WAN #{$friendly_interface} higher than 80% of the connection."); - $stepid--; - return; - } + if (!is_numeric($_POST["conn{$i}upload"])) { + $wannum = $i + 1; + $savemsg = gettext("Upload bandwidth of WAN #{$wannum} is not valid."); + $stepid--; + return; } + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); + $input_bw = $factor * floatval($_POST["conn{$i}upload"]); + if ((0.8 * $ifbw) < $input_bw) { + $friendly_interface = $i+1; + $savemsg=gettext("You cannot set the VoIP upload bandwidth on WAN #{$friendly_interface} higher than 80% of the connection."); + $stepid--; + return; + } } $config['ezshaper']['step3']['download'] = $_POST['download']; @@ -515,7 +516,7 @@ function step5_stepsubmitphpaction() { global $stepid, $savemsg; if ( $_POST['enable'] ) { - if (isset($_POST['bandwidth']) && $_POST['bandwidth'] <> "") { + if ($_POST['p2pcatchall']) { if(!is_numeric($_POST['bandwidth'])) { $savemsg="Posted value is not a valid bandwidth."; $stepid--; @@ -586,7 +587,7 @@ function apply_all_choosen_items() { $lanbw = 0; for ($i = 0; $i < $steps; $i++) { $down = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $input_bw = $config['ezshaper']['step2']["conn{$i}download"] * $down; + $input_bw = floatval($config['ezshaper']['step2']["conn{$i}download"]) * $down; $lanbw += $input_bw; } @@ -623,45 +624,42 @@ function apply_all_choosen_items() { $upbw = floatval($config['ezshaper']['step2']["conn{$i}upload"]) * $upfactor; if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; - $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; - if ($sched != "HFSC") { - if ($voipbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } else - $remainbw += 32000; /* 32Kbit/s forHFSC linksharing */ + $voip = true; + $voipbw = floatval($config['ezshaper']['step3']["conn{$i}upload"]); + $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; + if ($voipbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($voipbwunit); + $remainbw += $voipbw * $factor; } if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += $penaltybw * $factor; } else { - $penalty = false; - $penaltybw = 0; + $penalty = false; + $penaltybw = 0; } if ($config['ezshaper']['step5']['enable']) { $p2p = true; if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += $p2pcatchbw * $factor; } else { - $p2pcatchall = false; - $p2pcatchbw = 0; + $p2pcatchall = false; + $p2pcatchbw = 0; } } else { $p2p = false; @@ -943,392 +941,6 @@ function apply_all_choosen_items() { array_pop($tmppath); } -/* LAN bandwidth ----------------------------------------------------------------------------------------- */ - - $tmppath = array(); - $altq =& new altq_root_queue(); - - $altq->SetInterface('lan'); - $altq->SetScheduler($config['ezshaper']['step2']["downloadscheduler"]); - $altq->SetBandwidth($lanbw/1000); - $altq->SetBwscale("Kb"); - $altq->SetEnabled("on"); - $altq_list_queues[$altq->GetQname()] =& $altq; - array_push($tmppath, 'lan'); - $altq->SetLink($tmppath); - //var_dump($input_errors); - $altq->wconfig(); - - $sched = $config['ezshaper']['step2']["downloadscheduler"]; - $voipbw =0; - $voipbwunit = "%"; - $voip = false; - $penalty = false; - $penaltybw = 0; - $penaltybwunit = "%"; - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - $games = false; - $otherpriority = false; - $remainbw = 0; - - - if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["download"]; - $voipbwunit = $config['ezshaper']['step3']["downloadspeed"]; - if ($sched != "HFSC") { - if ($voipbwunit == "%") - $factor = $lanbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } else - $remainbw += 32000; /* 32Kbit/s forHFSC linksharing */ - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $lanbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $lanbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; - } else { - $p2pcatchall = false; - $p2pcatchbw = 0; - } - } else { - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - } - if ($config['ezshaper']['step6']['enable']) { - $games = true; - } else { - $games = false; - } - - if ($config['ezshaper']['step7']['enable']) { - $otherpriority = true; - } else { - $otherpriority = false; - } - $remainbw = round($remainbw / $lanbw * 100, 2); - - if ($remainbw > 0 && $remainbw > 30) { - $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; - } - - if ($sched != "PRIQ") { - if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qInternet"; - //$tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['bandwidth'] = $lanbw/1000; - $tmpcf['bandwidthtype'] = "Kb"; - } - else if ($sched == "HFSC") { - $tmpcf['linkshare3'] = $lanbw/1000 ."Kb"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = $lanbw/1000 ."Kb"; - $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lanbw/1000; - $tmpcf['bandwidthtype'] = "Kb"; - } - array_push($tmppath, "qInternet"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - //array_pop($tmppath); - //echo "qInternet <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - $altq =& $qtmp; - } - - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qACK"; - $tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; - $tmpcf['bandwidthtype'] = "%"; - } - else if ($sched == "HFSC") { - $lkbw = 0.20 * $remainbw; - $tmpcf['linkshare3'] = "{$lkbw}%"; - $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lkbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qACK"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qACK <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - if ($p2pcatchall) - $tmpcf['name'] = "qOthersDefault"; - else - $tmpcf['name'] = "qDefault"; - $tmpcf['priority'] = 3; - $tmpcf['enabled'] = "on"; - if (!$p2pcatchall) - $tmpcf['default'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, $tmpcf['name']); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qDefault <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($p2p) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qP2P"; - $tmpcf['priority'] = 1; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($p2pcatchall) { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } - $tmpcf['default'] = "on"; - - } else { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpbw = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$tmpbw}%"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$tmpbw}%"; - $tmpcf['bandwidth'] = $tmpbw; - $tmpcf['bandwidthtype'] = "%"; - } - } - array_push($tmppath, "qP2P"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qP2P <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($voip) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qVoIP"; - $tmpcf['priority'] = 7; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($voipbw > 0) { - $tmpcf['bandwidth'] = $voipbw; - $tmpcf['bandwidthtype'] = $voipbwunit; - } else { - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - } else if ($sched == "HFSC") { - if ($voipbw > 0) { - $tmpcf['realtime3'] = "{$voipbw}{$voipbwunit}"; - } else { - $voipbw = $remainbw * 0.20; /* 20% bandwidth */ - $tmpcf['realtime3'] = "{$voipbw}%"; - } - $tmpcf['realtime'] = "on"; - $tmpcf['bandwidth'] = 32; - $tmpcf['bandwidthtype'] = "Kb"; - } - array_push($tmppath, "qVoIP"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qVoIP <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($games) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qGames"; - $tmpcf['priority'] = 5; - $tmpcf['enabled'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $gamesbw = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$gamesbw}%"; - $tmpcf['bandwidth'] = "{$gamesbw}"; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qGames"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qGames <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($otherpriority) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersHigh"; - $tmpcf['priority'] = 4; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $otherbw = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['linkshare3'] = "{$otherbw}%"; - $tmpcf['bandwidth'] = $otherbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qOthersHigh"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qHigh <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersLow"; - $tmpcf['priority'] = 2; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($penalty) - $tmpcf['bandwidth'] = $penaltybw; - else - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - if ($penalty) { - $tmpcf['linkshare3'] = "{$penaltybw}{$penaltybwunit}"; - $tmpcf['bandwidth'] = $penaltybw; - $tmpcf['bandwidthtype'] = $penaltybwunit; - } else { - $lsbw = $remainbw * 0.05; - $tmpcf['linkshare3'] = "{$lsbw}%"; /* 5% bandwidth */ - $tmpcf['bandwidth'] = $lsbw; - $tmpcf['bandwidthtype'] = "%"; - } - $tmpcf['linkshare'] = "on"; - } - array_push($tmppath, "qOthersLow"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qLow <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - array_pop($tmppath); - -/* End LAN bandwidth ------------------------------------------------------------------------------------- */ - - if (!is_array($config['filter']['rule'])) $config['filter']['rule'] = array(); @@ -1504,23 +1116,23 @@ function apply_all_choosen_items() { write_config(); } -function wizard_get_bandwidthtype_scale($type) { +function wizard_get_bandwidthtype_scale($type = "b") { switch ($type) { case "Gb": - $factor = 1000 * 1000 * 1000; + $factor = 1024 * 1024 * 1024; break; case "Mb": - $factor = 1000 * 1000; + $factor = 1024 * 1024; break; case "Kb": - $factor = 1000; + $factor = 1024; break; case "b": default: $factor = 1; break; } - return floatval($factor); + return intval($factor); } ?> diff --git a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc index 50fa627..b59c5a7 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_dedicated.inc @@ -246,7 +246,7 @@ function step2_stepsubmitphpaction() { /* Input Validation */ $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - for ($j = $i + 1; $j < $steps; $j++) { + for ($j = $i + 1; $j <= $steps; $j++) { if ($_POST["conn{$i}interface"] == $_POST["conn{$j}interface"] || $_POST["conn{$i}interface"] == $_POST["local{$j}interface"]) { $savemsg=gettext("You cannot select the same interface for connections {$i} and {$j}."); $stepid--; @@ -450,6 +450,9 @@ function step3_stepsubmitphpaction() { global $config; global $stepid, $savemsg; + if (!$_POST['enable']) + return; + if($_POST['address']) { if(!is_ipaddroralias($_POST['address'])) { /* item is not an ip or alias. error out */ @@ -461,39 +464,35 @@ function step3_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - if ($_POST["conn{$i}upload"]) { - if (!is_numeric($_POST["conn{$i}upload"])) { - $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; - } + if (!is_numeric($_POST["conn{$i}upload"])) { + $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); + $stepid--; + return; } + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); + $input_bw = $factor * floatval($_POST["conn{$i}upload"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } - if ($_POST["local{$i}download"]) { - if (!is_numeric($_POST["local{$i}download"])) { - $savemsg = gettext("Download bandwidth of connection {$i} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); - $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); - $input_bw = $factor * floatval($_POST["local{$i}download"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; - } + if (!is_numeric($_POST["local{$i}download"])) { + $savemsg = gettext("Download bandwidth of connection {$i} is not valid."); + $stepid--; + return; } + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); + $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); + $input_bw = $factor * floatval($_POST["local{$i}download"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } for ($i = 0; $i < $steps; $i++) { @@ -543,7 +542,7 @@ function step5_stepsubmitphpaction() { global $stepid, $savemsg; if ( $_POST['enable'] ) { - if (isset($_POST['bandwidth']) && $_POST['bandwidth'] <> "") { + if ($_POST['p2pcatchall']) { if(!is_numeric($_POST['bandwidth'])) { $savemsg="Posted value is not a valid bandwidth."; $stepid--; @@ -560,7 +559,7 @@ function step5_stepsubmitphpaction() { $stepid--; return; } - } + } } } @@ -645,48 +644,42 @@ function apply_all_choosen_items() { $upbw = floatval($config['ezshaper']['step2']["conn{$i}upload"]) * $upfactor; if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; - $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; - if ($sched != "HFSC") { - if ($voipbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } else - $remainbw += 32000; /* 32Kbit/s forHFSC linksharing */ - //echo "<br/>" .$remainbw . " : hmmm " .intval($config['ezshaper']['step3']["conn{$i}upload"]) ."/". $factor; + $voip = true; + $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; + $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; + if ($voipbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($voipbwunit); + $remainbw += $voipbw * $factor; } if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; - //echo "<br/>".$remainbw . " : hmmm " . ($config['ezshaper']['step4']['bandwidth']) . " / " .$factor; + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += $penaltybw * $factor; } else { - $penalty = false; - $penaltybw = 0; + $penalty = false; + $penaltybw = 0; } if ($config['ezshaper']['step5']['enable']) { $p2p = true; if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; - //echo "<br/>".$remainbw . " : hmmm " . floatval($config['ezshaper']['step5']['bandwidth']) ."/".$factor; + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += $p2pcatchbw * $factor; } else { - $p2pcatchall = false; - $p2pcatchbw = 0; + $p2pcatchall = false; + $p2pcatchbw = 0; } } else { $p2p = false; @@ -704,7 +697,6 @@ function apply_all_choosen_items() { } else { $otherpriority = false; } - //echo "<br/>" .$remainbw . " <br/>"; $remainbw = round($remainbw / $upbw * 100, 2); if (intval($remainbw) > 0 && intval($remainbw) > 30) { @@ -1002,389 +994,6 @@ function apply_all_choosen_items() { } array_pop($tmppath); - $downfactor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $downbw = floatval($config['ezshaper']['step2']["conn{$i}download"]) * $downfactor; - - $tmppath = array(); - $altq =& new altq_root_queue(); - - $altq->SetInterface($config['ezshaper']['step2']["local{$i}interface"]); - $altq->SetScheduler($config['ezshaper']['step2']["local{$i}downloadscheduler"]); - $altq->SetBandwidth($config['ezshaper']['step2']["conn{$i}download"]); - $altq->SetBwscale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $altq->SetEnabled("on"); - $altq_list_queues[$altq->GetQname()] =& $altq; - array_push($tmppath, $config['ezshaper']['step2']["local{$i}interface"]); - $altq->SetLink($tmppath); - //var_dump($input_errors); - $altq->wconfig(); - - $sched = $config['ezshaper']['step2']["local{$i}downloadscheduler"]; - $voipbw =0; - $voipbwunit = "%"; - $voip = false; - $penalty = false; - $penaltybw = 0; - $penaltybwunit = "%"; - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - $games = false; - $otherpriority = false; - $remainbw = 0; - - - if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["local{$i}download"]; - $voipbwunit = $config['ezshaper']['step3']["local{$i}downloadspeed"]; - if ($sched != HFSC) { - if ($penaltybwunit == "%") - $factor = $downbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += floatval($voipbw) * $factor; - } else - $remainbw += 32000; /* 32Kbit/s reserved for HFSC linksharing */ - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $downbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += floatval($penaltybw) * $factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $downbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += floatval($p2pcatchbw) * $factor; - } else { - $p2pcatchall = false; - $p2pcatchbw = 0; - } - } else { - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - } - if ($config['ezshaper']['step6']['enable']) { - $games = true; - } else { - $games = false; - } - - if ($config['ezshaper']['step7']['enable']) { - $otherpriority = true; - } else { - $otherpriority = false; - } - $remainbw = round($remainbw / $downbw * 100, 2); - if (intval($remainbw) > 0 && intval($remainbw) > 40) { - $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard_dedicated.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; - } - - if ($sched != "PRIQ") { - if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qInternet"; - //$tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['bandwidth'] = floatval($config['ezshaper']['step2']["conn{$i}download"]); - $tmpcf['bandwidthtype'] = $config['ezshaper']['step2']["conn{$i}downloadspeed"]; - } - else if ($sched == "HFSC") { - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = floatval($config['ezshaper']['step2']["conn{$i}download"]) . $config['ezshaper']['step2']["conn{$i}downloadspeed"]; - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = floatval($config['ezshaper']['step2']["conn{$i}download"]) . $config['ezshaper']['step2']["conn{$i}downloadspeed"]; - $tmpcf['bandwidth'] = floatval($config['ezshaper']['step2']["conn{$i}download"]); - $tmpcf['bandwidthtype'] = $config['ezshaper']['step2']["conn{$i}downloadspeed"]; - } - array_push($tmppath, "qInternet"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - //array_pop($tmppath); - //echo "qInternet <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - $altq =& $qtmp; - } - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qACK"; - $tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; - $tmpcf['bandwidthtype'] = "%"; - } - else if ($sched == "HFSC") { - $lkbw = 0.20 * $remainbw; - $tmpcf['linkshare3'] = "{$lkbw}%"; - $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lkbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qACK"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qACK $remainbw <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - if ($p2pcatchall) - $tmpcf['name'] = "qOthersDefault"; - else - $tmpcf['name'] = "qDefault"; - $tmpcf['priority'] = 3; - $tmpcf['enabled'] = "on"; - if (!$p2pcatchall) - $tmpcf['default'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, $tmpcf['name']); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qDefault <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($p2p) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qP2P"; - $tmpcf['priority'] = 1; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($p2pcatchall) { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } - $tmpcf['default'] = "on"; - - } else { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpbw = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$tmpbw}%"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$tmpbw}%"; - $tmpcf['bandwidth'] = $tmpbw; - $tmpcf['bandwidthtype'] = "%"; - } - } - array_push($tmppath, "qP2P"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qP2P <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($voip) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qVoIP"; - $tmpcf['priority'] = 7; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($voipbw > 0) { - $tmpcf['bandwidth'] = $voipbw; - $tmpcf['bandwidthtype'] = $voipbwunit; - } else { - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - } else if ($sched == "HFSC") { - if ($voipbw > 0) { - $tmpcf['realtime3'] = "{$voipbw}{$voipbwunit}"; - } else { - $voipbw = $remainbw * 0.20; /* 20% bandwidth */ - $tmpcf['realtime3'] = "{$voipbw}%"; - } - $tmpcf['realtime'] = "on"; - $tmpcf['bandwidth'] = 32; - $tmpcf['bandwidthtype'] = "Kb"; - } - array_push($tmppath, "qVoIP"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qVoIP <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($games) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qGames"; - $tmpcf['priority'] = 5; - $tmpcf['enabled'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $gamesbw = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$gamesbw}%"; - $tmpcf['bandwidth'] = "{$gamesbw}"; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qGames"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qGames <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($otherpriority) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersHigh"; - $tmpcf['priority'] = 4; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $otherbw = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['linkshare3'] = "{$otherbw}%"; - $tmpcf['bandwidth'] = $otherbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qOthersHigh"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qHigh <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersLow"; - $tmpcf['priority'] = 2; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($penalty) { - $tmpcf['bandwidth'] = $penaltybw; - $tmpcf['bandwidthtype'] = $penaltybwunit; - } else { - $tmpcf['bandwidthtype'] = "%"; - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - } - } else if ($sched == "HFSC") { - if ($penalty) { - $tmpcf['linkshare3'] = "{$penaltybw}{$penaltybwunit}"; - $tmpcf['bandwidth'] = $penaltybw; - $tmpcf['bandwidthtype'] = $penaltybwunit; - } else { - $lsbw = $remainbw * 0.05; - $tmpcf['linkshare3'] = "{$lsbw}%"; /* 5% bandwidth */ - $tmpcf['bandwidth'] = $lsbw; - $tmpcf['bandwidthtype'] = "%"; - } - $tmpcf['linkshare'] = "on"; - } - array_push($tmppath, "qOthersLow"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qLow <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - array_pop($tmppath); } @@ -1564,16 +1173,16 @@ function apply_all_choosen_items() { write_config(); } -function wizard_get_bandwidthtype_scale($type) { +function wizard_get_bandwidthtype_scale($type = "b") { switch ($type) { case "Gb": - $factor = 1000 * 1000 * 1000; + $factor = 1024 * 1024 * 1024; break; case "Mb": - $factor = 1000 * 1000; + $factor = 1024 * 1024; break; case "Kb": - $factor = 1000; + $factor = 1024; break; case "b": default: diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc index 83c3e49..c6347da 100755 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_all.inc @@ -254,7 +254,7 @@ function step2_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); $localint = intval($config['ezshaper']['step1']['numberoflocalinterfaces']); for ($i = 0; $i < $steps; $i++) { - for ($j = $i + 1; $j < $steps; $j++) { + for ($j = $i + 1; $j <= $steps; $j++) { if ($_POST["conn{$i}interface"] == $_POST["conn{$j}interface"]) { $savemsg=gettext("You cannot select the same interface for connections {$i} and {$j}."); $stepid--; @@ -480,6 +480,9 @@ function step3_stepsubmitphpaction() { global $config; global $stepid, $savemsg; + if (!$_POST['enable']) + return; + if($_POST['address']) { if(!is_ipaddroralias($_POST['address'])) { /* item is not an ip or alias. error out */ @@ -491,8 +494,7 @@ function step3_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - if ($_POST["conn{$i}upload"]) { - if (!is_numeric($_POST["conn{$i}upload"])) { + if (!is_numeric($_POST["conn{$i}upload"])) { $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); $stepid--; return; @@ -505,27 +507,24 @@ function step3_stepsubmitphpaction() { $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); $stepid--; return; - } - } + } } $localint = intval($config['ezshaper']['step1']['numberoflocalinterfaces']); for ($i = 0; $i < $localint; $i++) { - if ($_POST["local{$i}download"]) { - if (!is_numeric($_POST["local{$i}download"])) { - $savemsg = gettext("Download bandwidth of connection {$i} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); - $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); - $input_bw = $factor * floatval($_POST["local{$i}download"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; - } + if (!is_numeric($_POST["local{$i}download"])) { + $savemsg = gettext("Download bandwidth of connection {$i} is not valid."); + $stepid--; + return; + } + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}download"]); + $factor = wizard_get_bandwidthtype_scale($_POST["local{$i}downloadspeed"]); + $input_bw = $factor * floatval($_POST["local{$i}download"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP download bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; } } @@ -570,14 +569,14 @@ function step4_stepsubmitphpaction() { /* item is not an ip or alias. error out */ $savemsg=gettext("Address must be a valid IP address or Firewall Alias. Please correct this value to continue."); $stepid--; - } + } } } function step5_stepsubmitphpaction() { global $stepid, $savemsg; if ( $_POST['enable'] ) { - if (isset($_POST['bandwidth']) && $_POST['bandwidth'] <> "") { + if ($_POST['p2pcatchall']) { if(!is_numeric($_POST['bandwidth'])) { $savemsg="Posted value is not a valid bandwidth."; $stepid--; @@ -681,75 +680,69 @@ function apply_all_choosen_items() { $voip = true; $voipbw = $config['ezshaper']['step3']["conn{$i}upload"]; $voipbwunit = $config['ezshaper']['step3']["conn{$i}uploadspeed"]; - if ($sched != "HFSC") { - if ($voipbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } else - $remainbw += 32000; /* 32Kbit/s forHFSC linksharing */ - //echo "<br/>" .$remainbw . " : hmmm " .intval($config['ezshaper']['step3']["conn{$i}upload"]) ."/". $factor; - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") + if ($voipbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($voipbwunit); + $remainbw += $voipbw * $factor; + } + if ($config['ezshaper']['step4']['enable']) { + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += $penaltybw * $factor; + } else { + $penalty = false; + $penaltybw = 0; + } + if ($config['ezshaper']['step5']['enable']) { + $p2p = true; + if ($config['ezshaper']['step5']['p2pcatchall']) { + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") $factor = $upbw/100; else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; - //echo "<br/>".$remainbw . " : hmmm " . ($config['ezshaper']['step4']['bandwidth']) . " / " .$factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; - //echo "<br/>".$remainbw . " : hmmm " . floatval($config['ezshaper']['step5']['bandwidth']) ."/".$factor; - } else { - $p2pcatchall = false; - $p2pcatchbw = 0; - } + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += $p2pcatchbw * $factor; } else { - $p2p = false; $p2pcatchall = false; $p2pcatchbw = 0; } - if ($config['ezshaper']['step6']['enable']) { - $games = true; - } else { - $games = false; - } + } else { + $p2p = false; + $p2pcatchall = false; + $p2pcatchbw = 0; + } + if ($config['ezshaper']['step6']['enable']) { + $games = true; + } else { + $games = false; + } - if ($config['ezshaper']['step7']['enable']) { - $otherpriority = true; - } else { - $otherpriority = false; - } - - $remainbw = round($remainbw / $upbw * 100, 2); - - if (intval($remainbw) > 0 && intval($remainbw) > 30) { - $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard_multi_all.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; - } + if ($config['ezshaper']['step7']['enable']) { + $otherpriority = true; + } else { + $otherpriority = false; + } + + $remainbw = round($remainbw / $upbw * 100, 2); + + if (intval($remainbw) > 0 && intval($remainbw) > 30) { + $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); + header("Location: wizard.php?xml=traffic_shaper_wizard_multi_all.xml&stepid=2&message={$savemsg}"); + exit; + } else { + $remainbw = 100 - $remainbw; + } - if ($sched != "PRIQ") { - if ($sched == "CBQ") + if ($sched != "PRIQ") { + if ($sched == "CBQ") $q =& new cbq_queue(); else if ($sched == "HFSC") $q =& new hfsc_queue(); @@ -1039,404 +1032,6 @@ function apply_all_choosen_items() { array_pop($tmppath); } -/* LAN bandwidth ----------------------------------------------------------------------------------------- */ - $localint = intval($config['ezshaper']['step1']['numberoflocalinterfaces']); - $lanbw = 0; - for ($i = 0; $i < $steps; $i++) { - $down = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}downloadspeed"]); - $input_bw = floatval($config['ezshaper']['step2']["conn{$i}download"]) * $down; - $lanbw += $input_bw; - } - - for ($i = 0; $i < $localint; $i++) { - - $tmppath = array(); - $altq =& new altq_root_queue(); - - $altq->SetInterface($config['ezshaper']['step2']["local{$i}interface"]); - $altq->SetScheduler($config['ezshaper']['step2']["local{$i}downloadscheduler"]); - $altq->SetBandwidth($lanbw/1000); - $altq->SetBwscale("Kb"); - $altq->SetEnabled("on"); - $altq_list_queues[$altq->GetQname()] =& $altq; - array_push($tmppath, $config['ezshaper']['step2']["local{$i}interface"]); - $altq->SetLink($tmppath); - //var_dump($input_errors); - $altq->wconfig(); - - $sched = $config['ezshaper']['step2']["local{$i}downloadscheduler"]; - $voipbw =0; - $voipbwunit = "%"; - $voip = false; - $penalty = false; - $penaltybw = 0; - $penaltybwunit = "%"; - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - $games = false; - $otherpriority = false; - $remainbw = 0; - - - if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["local{$i}download"]; - $voipbwunit = $config['ezshaper']['step3']["local{$i}downloadspeed"]; - if ($sched != HFSC) { - if ($penaltybwunit == "%") - $factor = $lanbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += floatval($voipbw) * $factor; - } else - $remainbw += 32000; /* 32Kbit/s reserved for HFSC linksharing */ - } - if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $lanbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += floatval($penaltybw) * $factor; - } else { - $penalty = false; - $penaltybw = 0; - } - if ($config['ezshaper']['step5']['enable']) { - $p2p = true; - if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += floatval($p2pcatchbw) * $factor; - } else { - $p2pcatchall = false; - $p2pcatchbw = 0; - } - } else { - $p2p = false; - $p2pcatchall = false; - $p2pcatchbw = 0; - } - if ($config['ezshaper']['step6']['enable']) { - $games = true; - } else { - $games = false; - } - - if ($config['ezshaper']['step7']['enable']) { - $otherpriority = true; - } else { - $otherpriority = false; - } - $remainbw = round($remainbw / $lanbw * 100, 2); - - if (intval($remainbw) > 0 && intval($remainbw) > 40) { - $savemsg=gettext("Custom Bandwidths are greater than 30%. Please lower them for the wizard to continue."); - header("Location: wizard.php?xml=traffic_shaper_wizard_multi_all.xml&stepid=2&message={$savemsg}"); - exit; - } else { - $remainbw = 100 - $remainbw; - } - - if ($sched != "PRIQ") { - if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qInternet"; - //$tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['bandwidth'] = $lanbw/1000; - $tmpcf['bandwidthtype'] = "Kb"; - } - else if ($sched == "HFSC") { - $tmpcf['linkshare3'] = $lanbw/1000 . "Kb"; - $tmpcf['upperlimit3'] = $lanbw/1000 . "Kb"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lanbw/1000; - $tmpcf['bandwidthtype'] = "Kb"; - } - array_push($tmppath, "qInternet"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - //array_pop($tmppath); - //echo "qInternet <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - $altq =& $qtmp; - } - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qACK"; - $tmpcf['priority'] = 6; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - If ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; - $tmpcf['bandwidthtype'] = "%"; - } - else if ($sched == "HFSC") { - $lkbw = 0.20 * $remainbw; - $tmpcf['linkshare3'] = "{$lkbw}%"; - $tmpcf['linkshare'] = "on"; - $tmpcf['bandwidth'] = $lkbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qACK"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qACK <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - if ($p2pcatchall) - $tmpcf['name'] = "qOthersDefault"; - else - $tmpcf['name'] = "qDefault"; - $tmpcf['priority'] = 3; - $tmpcf['enabled'] = "on"; - if (!$p2pcatchall) - $tmpcf['default'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, $tmpcf['name']); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qDefault <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - if ($p2p) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qP2P"; - $tmpcf['priority'] = 1; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($p2pcatchall) { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$p2pcatchbw}{$p2pcatchbwunit}"; - $tmpcf['bandwidth'] = $p2pcatchbw; - $tmpcf['bandwidthtype'] = $p2pcatchbwunit; - } - $tmpcf['default'] = "on"; - - } else { - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpbw = $remainbw * 0.05; /* 5% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$tmpbw}%"; - $tmpcf['upperlimit'] = "on"; - $tmpcf['upperlimit3'] = "{$tmpbw}%"; - $tmpcf['bandwidth'] = $tmpbw; - $tmpcf['bandwidthtype'] = "%"; - } - } - array_push($tmppath, "qP2P"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qP2P <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($voip) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qVoIP"; - $tmpcf['priority'] = 7; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($voipbw > 0) { - $tmpcf['bandwidth'] = $voipbw; - $tmpcf['bandwidthtype'] = $voipbwunit; - } else { - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } - } else if ($sched == "HFSC") { - if ($voipbw > 0) { - $tmpcf['realtime3'] = "{$voipbw}{$voipbwunit}"; - } else { - $voipbw = $remainbw * 0.20; /* 20% bandwidth */ - $tmpcf['realtime3'] = "{$voipbw}%"; - } - $tmpcf['realtime'] = "on"; - $tmpcf['bandwidth'] = 32; - $tmpcf['bandwidthtype'] = "Kb"; - } - array_push($tmppath, "qVoIP"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qVoIP <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($games) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qGames"; - $tmpcf['priority'] = 5; - $tmpcf['enabled'] = "on"; - $tmpcf['ecn'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $gamesbw = $remainbw * 0.2; /* 20% bandwidth */ - $tmpcf['linkshare'] = "on"; - $tmpcf['linkshare3'] = "{$gamesbw}%"; - $tmpcf['bandwidth'] = "{$gamesbw}"; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qGames"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qGames <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - - if ($otherpriority) { - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersHigh"; - $tmpcf['priority'] = 4; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - $tmpcf['bandwidth'] = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['bandwidthtype'] = "%"; - } else if ($sched == "HFSC") { - $tmpcf['linkshare'] = "on"; - $otherbw = $remainbw * 0.1; /* 10% bandwidth */ - $tmpcf['linkshare3'] = "{$otherbw}%"; - $tmpcf['bandwidth'] = $otherbw; - $tmpcf['bandwidthtype'] = "%"; - } - array_push($tmppath, "qOthersHigh"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qHigh <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - - - if ($sched == "PRIQ") - $q =& new priq_queue(); - else if ($sched == "CBQ") - $q =& new cbq_queue(); - else if ($sched == "HFSC") - $q =& new hfsc_queue(); - $tmpcf = array(); - $tmpcf['name'] = "qOthersLow"; - $tmpcf['priority'] = 2; - $tmpcf['ecn'] = "on"; - $tmpcf['enabled'] = "on"; - if ($sched == "CBQ") { - $tmpcf['borrow'] = "on"; - if ($penalty) { - $tmpcf['bandwidth'] = $penaltybw; - $tmpcf['bandwidthtype'] = $penaltybwunit; - } else { - $tmpcf['bandwidthtype'] = "%"; - $tmpcf['bandwidth'] = $remainbw * 0.05; /* 5% bandwidth */ - } - } else if ($sched == "HFSC") { - if ($penalty) { - $tmpcf['linkshare3'] = "{$penaltybw}{$penaltybwunit}"; - $tmpcf['bandwidth'] = $penaltybw; - $tmpcf['bandwidthtype'] = $penaltybwunit; - } else { - $lsbw = $remainbw * 0.05; - $tmpcf['linkshare3'] = "{$lsbw}%"; /* 5% bandwidth */ - $tmpcf['bandwidth'] = $lsbw; - $tmpcf['bandwidthtype'] = "%"; - } - $tmpcf['linkshare'] = "on"; - } - array_push($tmppath, "qOthersLow"); - $qtmp =& $altq->add_queue($q, &$tmpcf, &$tmppath, $input_errors); - array_pop($tmppath); - //echo "qLow <br />"; - //var_dump($input_errors); - $qtmp->wconfig(); - } - array_pop($tmppath); - } - -/* End LAN bandwidth ------------------------------------------------------------------------------------- */ - - - if (!is_array($config['filter']['rule'])) $config['filter']['rule'] = array(); @@ -1611,16 +1206,16 @@ function apply_all_choosen_items() { write_config(); } -function wizard_get_bandwidthtype_scale($type) { +function wizard_get_bandwidthtype_scale($type = "b") { switch ($type) { case "Gb": - $factor = 1000 * 1000 * 1000; + $factor = 1024 * 1024 * 1024; break; case "Mb": - $factor = 1000 * 1000; + $factor = 1024 * 1024; break; case "Kb": - $factor = 1000; + $factor = 1024; break; case "b": default: diff --git a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc index b5f8d63..a5de47e 100644 --- a/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc +++ b/usr/local/www/wizards/traffic_shaper_wizard_multi_lan.inc @@ -228,7 +228,7 @@ function step2_stepsubmitphpaction() { /* Input Validation */ $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - for ($j = $j; $j < $steps; $j++) { + for ($j = $i + 1; $j <= $steps; $j++) { if ($_POST["conn{$i}interface"] == $_POST["conn{$j}interface"]) { $savemsg=gettext("You cannot select the same interface for different LAN #{$i} and LAN #{$j}."); $stepid--; @@ -284,6 +284,9 @@ function step3_stepsubmitphpaction() { global $config; global $stepid, $savemsg; + if (!$_POST['enable']) + return; + if($_POST['address']) { if(!is_ipaddroralias($_POST['address'])) { /* item is not an ip or alias. error out */ @@ -295,22 +298,20 @@ function step3_stepsubmitphpaction() { $steps = intval($config['ezshaper']['step1']['numberofconnections']); for ($i = 0; $i < $steps; $i++) { - if ($_POST["connupload"]) { - if (!is_numeric($_POST["connupload"])) { - $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); - $stepid--; - return; - } - $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); - $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); - $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); - $input_bw = $factor * floatval($_POST["conn{$i}upload"]); - if ((0.8 * $ifbw) < $input_bw) { - $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); - $stepid--; - return; - } + if (!is_numeric($_POST["connupload"])) { + $savemsg = gettext("Upload bandwidth of connection {$i} is not valid."); + $stepid--; + return; } + $factor = wizard_get_bandwidthtype_scale($config['ezshaper']['step2']["conn{$i}uploadspeed"]); + $ifbw = $factor * floatval($config['ezshaper']['step2']["conn{$i}upload"]); + $factor = wizard_get_bandwidthtype_scale($_POST["conn{$i}uploadspeed"]); + $input_bw = $factor * floatval($_POST["conn{$i}upload"]); + if ((0.8 * $ifbw) < $input_bw) { + $savemsg=gettext("You cannot set the VoIP upload bandwidth on connection {$i} higher than 80% of the connection."); + $stepid--; + return; + } } } @@ -357,7 +358,7 @@ function step5_stepsubmitphpaction() { global $stepid, $savemsg; if ( $_POST['enable'] ) { - if (isset($_POST['bandwidth']) && $_POST['bandwidth'] <> "") { + if ($_POST['p2pcatchall']) { if(!is_numeric($_POST['bandwidth'])) { $savemsg="Posted value is not a valid bandwidth."; $stepid--; @@ -458,45 +459,42 @@ function apply_all_choosen_items() { $upbw = floatval($config['ezshaper']['step2']["conndownload"]) * $upfactor; if ($config['ezshaper']['step3']['enable']) { - $voip = true; - $voipbw = $config['ezshaper']['step3']["conndownload"]; - $voipbwunit = $config['ezshaper']['step3']["conndownloadspeed"]; - if ($sched != "HFSC") { - if ($voipbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($voipbwunit); - $remainbw += $voipbw * $factor; - } else - $remainbw += 32000; /* 32Kbit/s forHFSC linksharing */ + $voip = true; + $voipbw = $config['ezshaper']['step3']["conndownload"]; + $voipbwunit = $config['ezshaper']['step3']["conndownloadspeed"]; + if ($voipbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($voipbwunit); + $remainbw += $voipbw * $factor; } if ($config['ezshaper']['step4']['enable']) { - $penalty = true; - $penaltybw = $config['ezshaper']['step4']['bandwidth']; - $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; - if ($penaltybwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($penaltybwunit); - $remainbw += $penaltybw * $factor; + $penalty = true; + $penaltybw = $config['ezshaper']['step4']['bandwidth']; + $penaltybwunit = $config['ezshaper']['step4']['bandwidthunit']; + if ($penaltybwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($penaltybwunit); + $remainbw += $penaltybw * $factor; } else { - $penalty = false; - $penaltybw = 0; + $penalty = false; + $penaltybw = 0; } if ($config['ezshaper']['step5']['enable']) { $p2p = true; if ($config['ezshaper']['step5']['p2pcatchall']) { - $p2pcatchall = true; - $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; - $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; - if ($p2pcatchbwunit == "%") - $factor = $upbw/100; - else - $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); - $remainbw += $p2pcatchbw * $factor; + $p2pcatchall = true; + $p2pcatchbw = $config['ezshaper']['step5']['bandwidth']; + $p2pcatchbwunit = $config['ezshaper']['step5']['bandwidthunit']; + if ($p2pcatchbwunit == "%") + $factor = $upbw/100; + else + $factor = wizard_get_bandwidthtype_scale($p2pcatchbwunit); + $remainbw += $p2pcatchbw * $factor; } else { - $p2pcatchall = false; - $p2pcatchbw = 0; + $p2pcatchall = false; + $p2pcatchbw = 0; } } else { $p2p = false; @@ -1348,23 +1346,23 @@ function apply_all_choosen_items() { write_config(); } -function wizard_get_bandwidthtype_scale($type) { +function wizard_get_bandwidthtype_scale($type = "b") { switch ($type) { - case "Gb": - $factor = 1000 * 1000 * 1000; - break; - case "Mb": - $factor = 1000 * 1000; - break; - case "Kb": - $factor = 1000; - break; - case "b": - default: + case "Gb": + $factor = 1024 * 1024 * 1024; + break; + case "Mb": + $factor = 1024 * 1024; + break; + case "Kb": + $factor = 1024; + break; + case "b": + default: $factor = 1; - break; + break; } - return floatval($factor); + return intval($factor); } ?> diff --git a/usr/sbin/pc-sysinstall/backend-query/Makefile b/usr/sbin/pc-sysinstall/backend-query/Makefile index 0f14446..3b65d4e 100644 --- a/usr/sbin/pc-sysinstall/backend-query/Makefile +++ b/usr/sbin/pc-sysinstall/backend-query/Makefile @@ -1,10 +1,10 @@ -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/Makefile,v 1.5 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/Makefile,v 1.6 2010/08/19 05:59:27 imp Exp $ FILES= detect-laptop.sh detect-nics.sh detect-emulation.sh disk-info.sh \ disk-list.sh disk-part.sh enable-net.sh get-packages.sh list-config.sh \ list-components.sh list-mirrors.sh list-packages.sh list-rsync-backups.sh \ - list-tzones.sh query-langs.sh send-logs.sh setup-ssh-keys.sh sys-mem.sh \ - test-live.sh test-netup.sh update-part-list.sh xkeyboard-layouts.sh \ + list-tzones.sh query-langs.sh send-logs.sh set-mirror.sh setup-ssh-keys.sh \ + sys-mem.sh test-live.sh test-netup.sh update-part-list.sh xkeyboard-layouts.sh \ xkeyboard-models.sh xkeyboard-variants.sh FILESMODE= ${BINMODE} FILESDIR=${SHAREDIR}/pc-sysinstall/backend-query diff --git a/usr/sbin/pc-sysinstall/backend-query/disk-info.sh b/usr/sbin/pc-sysinstall/backend-query/disk-info.sh index 75c0386..f64bdb8 100755 --- a/usr/sbin/pc-sysinstall/backend-query/disk-info.sh +++ b/usr/sbin/pc-sysinstall/backend-query/disk-info.sh @@ -23,28 +23,20 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-info.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-info.sh,v 1.6 2010/10/28 06:45:20 imp Exp $ # Query a disk for partitions and display them -############################# +############################################################################# . ${PROGDIR}/backend/functions.sh . ${PROGDIR}/backend/functions-disk.sh -if [ -z "${1}" ] -then - echo "Error: No disk specified!" - exit 1 -fi - -if [ ! -e "/dev/${1}" ] -then - echo "Error: Disk /dev/${1} does not exist!" - exit 1 -fi - DISK="${1}" +[ -z "${DISK}" ] && { echo 'Error: No disk specified!'; exit 1; } +[ ! -e "/dev/${DISK}" ] && \ + { echo "Error: Disk /dev/${DISK} does not exist!"; exit 1; } + get_disk_cyl "${DISK}" CYLS="${VAL}" @@ -54,15 +46,15 @@ HEADS="${VAL}" get_disk_sectors "${DISK}" SECS="${VAL}" -echo "cylinders=${CYLS}" -echo "heads=${HEADS}" -echo "sectors=${SECS}" - # Now get the disks size in MB KB="`diskinfo -v ${1} | grep 'bytes' | cut -d '#' -f 1 | tr -s '\t' ' ' | tr -d ' '`" MB=$(convert_byte_to_megabyte ${KB}) -echo "size=$MB" # Now get the Controller Type CTYPE="`dmesg | grep "^${1}:" | grep "B <" | cut -d '>' -f 2 | cut -d ' ' -f 3-10`" -echo "type=$CTYPE" + +echo "cylinders=${CYLS}" +echo "heads=${HEADS}" +echo "sectors=${SECS}" +echo "size=${MB}" +echo "type=${CTYPE}" diff --git a/usr/sbin/pc-sysinstall/backend-query/disk-list.sh b/usr/sbin/pc-sysinstall/backend-query/disk-list.sh index 06bf04b..d836a82 100755 --- a/usr/sbin/pc-sysinstall/backend-query/disk-list.sh +++ b/usr/sbin/pc-sysinstall/backend-query/disk-list.sh @@ -23,10 +23,40 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-list.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-list.sh,v 1.5 2010/09/08 20:10:24 imp Exp $ + +ARGS=$1 +FLAGS_MD="" +FLAGS_CD="" +FLAGS_VERBOSE="" + +shift +while [ -n "$1" ] +do + case "$1" in + -m) + FLAGS_MD=1 + ;; + -v) + FLAGS_VERBOSE=1 + ;; + -c) + FLAGS_CD=1 + ;; + esac + shift +done # Create our device listing SYSDISK=$(sysctl -n kern.disks) +if [ -n "${FLAGS_MD}" ] +then + MDS=`mdconfig -l` + if [ -n "${MDS}" ] + then + SYSDISK="${SYSDISK} ${MDS}" + fi +fi # Now loop through these devices, and list the disk drives for i in ${SYSDISK} @@ -36,9 +66,12 @@ do DEV="${i}" # Make sure we don't find any cd devices - case "${DEV}" in - acd[0-9]*|cd[0-9]*|scd[0-9]*) continue ;; - esac + if [ -z "${FLAGS_CD}" ] + then + case "${DEV}" in + acd[0-9]*|cd[0-9]*|scd[0-9]*) continue ;; + esac + fi # Check the dmesg output for some more info about this device NEWLINE=$(dmesg | sed -n "s/^$DEV: .*<\(.*\)>.*$/ <\1>/p" | head -n 1) @@ -46,6 +79,16 @@ do NEWLINE=" <Unknown Device>" fi + if [ -n "${FLAGS_MD}" ] && echo "${DEV}" | grep -E '^md[0-9]+' >/dev/null 2>/dev/null + then + NEWLINE=" <Memory Disk>" + fi + + if [ -n "${FLAGS_VERBOSE}" ] + then + : + fi + # Save the disk list if [ ! -z "$DLIST" ] then diff --git a/usr/sbin/pc-sysinstall/backend-query/disk-part.sh b/usr/sbin/pc-sysinstall/backend-query/disk-part.sh index 9ddd47d..6e921ee 100755 --- a/usr/sbin/pc-sysinstall/backend-query/disk-part.sh +++ b/usr/sbin/pc-sysinstall/backend-query/disk-part.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-part.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/disk-part.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Query a disk for partitions and display them ############################# @@ -51,8 +51,6 @@ MB=$(convert_byte_to_megabyte ${KB}) TOTALSIZE="$MB" TOTALB="`diskinfo -v ${1} | grep 'in sectors' | tr -s '\t' ' ' | cut -d ' ' -f 2`" - - gpart show ${1} >/dev/null 2>/dev/null if [ "$?" != "0" ] ; then # No partitions on this disk, display entire disk size and exit @@ -85,14 +83,14 @@ do # First get the sysid / label for this partition if [ "$TYPE" = "MBR" ] ; then - get_partition_sysid_mbr "${DISK}" "${curpart}" - echo "${curpart}-sysid: ${VAL}" - get_partition_label_mbr "${DISK}" "${curpart}" - echo "${curpart}-label: ${VAL}" + get_partition_sysid_mbr "${DISK}" "${curpart}" + echo "${curpart}-sysid: ${VAL}" + get_partition_label_mbr "${DISK}" "${curpart}" + echo "${curpart}-label: ${VAL}" else - get_partition_label_gpt "${DISK}" "${curpart}" - echo "${curpart}-sysid: ${VAL}" - echo "${curpart}-label: ${VAL}" + get_partition_label_gpt "${DISK}" "${curpart}" + echo "${curpart}-sysid: ${VAL}" + echo "${curpart}-label: ${VAL}" fi # Now get the startblock, blocksize and MB size of this partition diff --git a/usr/sbin/pc-sysinstall/backend-query/enable-net.sh b/usr/sbin/pc-sysinstall/backend-query/enable-net.sh index 9d40142..339a562 100755 --- a/usr/sbin/pc-sysinstall/backend-query/enable-net.sh +++ b/usr/sbin/pc-sysinstall/backend-query/enable-net.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/enable-net.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/enable-net.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Script which enables networking with specified options ########################################################################### @@ -60,6 +60,6 @@ else fi case ${MIRRORFETCH} in - ON|on|yes|YES) fetch -o /tmp/mirrors-list.txt ${MIRRORLIST} >/dev/null 2>/dev/null;; - *) ;; + ON|on|yes|YES) fetch -o /tmp/mirrors-list.txt ${MIRRORLIST} >/dev/null 2>/dev/null;; + *) ;; esac diff --git a/usr/sbin/pc-sysinstall/backend-query/get-packages.sh b/usr/sbin/pc-sysinstall/backend-query/get-packages.sh index 4ff17f6..7427326 100755 --- a/usr/sbin/pc-sysinstall/backend-query/get-packages.sh +++ b/usr/sbin/pc-sysinstall/backend-query/get-packages.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/get-packages.sh,v 1.1 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/get-packages.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Script which lists the available packages for this release ########################################################################### @@ -31,30 +31,22 @@ . ${PROGDIR}/backend/functions.sh . ${PROGDIR}/backend/functions-packages.sh -DEFAULT_FTP_SERVER="ftp.freebsd.org" -FTP_SERVER="${1}" ID=`id -u` - if [ "${ID}" -ne "0" ] then - echo "Error: must be root!" - exit 1 -fi - -if [ -z "${FTP_SERVER}" ] -then - FTP_SERVER="${DEFAULT_FTP_SERVER}" + echo "Error: must be root!" + exit 1 fi if [ ! -f "${PKGDIR}/INDEX" ] then - get_package_index "${FTP_SERVER}" + get_package_index fi if [ -f "${PKGDIR}/INDEX" ] then - echo "${PKGDIR}/INDEX" - exit 0 + echo "${PKGDIR}/INDEX" + exit 0 fi exit 1 diff --git a/usr/sbin/pc-sysinstall/backend-query/list-components.sh b/usr/sbin/pc-sysinstall/backend-query/list-components.sh index 299ce28..e55233e 100755 --- a/usr/sbin/pc-sysinstall/backend-query/list-components.sh +++ b/usr/sbin/pc-sysinstall/backend-query/list-components.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-components.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-components.sh,v 1.3 2010/10/21 17:23:48 imp Exp $ # Script which lists the available components for this release ########################################################################### @@ -32,23 +32,24 @@ echo "Available Components:" -cd ${COMPDIR} -for i in `ls -d *` -do - if [ -e "${i}/component.cfg" -a -e "${i}/install.sh" -a -e "${i}/distfiles" ] - then - NAME="`grep 'name:' ${i}/component.cfg | cut -d ':' -f 2`" - DESC="`grep 'description:' ${i}/component.cfg | cut -d ':' -f 2`" - TYPE="`grep 'type:' ${i}/component.cfg | cut -d ':' -f 2`" - echo " " - echo "name: ${i}" - echo "desc:${DESC}" - echo "type:${TYPE}" - if [ -e "${i}/component.png" ] +if [ -d "${COMPDIR}" ] +then + cd ${COMPDIR} + for i in `ls -d *` + do + if [ -e "${i}/component.cfg" -a -e "${i}/install.sh" -a -e "${i}/distfiles" ] then - echo "icon: ${COMPDIR}/${i}/component.png" + NAME="`grep 'name:' ${i}/component.cfg | cut -d ':' -f 2`" + DESC="`grep 'description:' ${i}/component.cfg | cut -d ':' -f 2`" + TYPE="`grep 'type:' ${i}/component.cfg | cut -d ':' -f 2`" + echo " " + echo "name: ${i}" + echo "desc:${DESC}" + echo "type:${TYPE}" + if [ -e "${i}/component.png" ] + then + echo "icon: ${COMPDIR}/${i}/component.png" + fi fi - fi - -done - + done +fi diff --git a/usr/sbin/pc-sysinstall/backend-query/list-packages.sh b/usr/sbin/pc-sysinstall/backend-query/list-packages.sh index dcf7c00..97bec8c 100755 --- a/usr/sbin/pc-sysinstall/backend-query/list-packages.sh +++ b/usr/sbin/pc-sysinstall/backend-query/list-packages.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-packages.sh,v 1.1 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-packages.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Script which lists the available packages for this release ########################################################################### @@ -37,38 +37,50 @@ NARGS=0 if [ ! -f "${PKGDIR}/INDEX" ] then - echo "Error: please fetch package index with get-packages!" - exit 1 + echo "Error: please fetch package index with get-packages!" + exit 1 fi if [ ! -f "${PKGDIR}/INDEX.parsed" ] then - parse_package_index + parse_package_index fi if [ -n "${PACKAGE_CATEGORY}" ] then - NARGS=$((NARGS+1)) + NARGS=$((NARGS+1)) fi if [ -n "${PACKAGE_NAME}" ] then - NARGS=$((NARGS+1)) + NARGS=$((NARGS+1)) fi -echo "Available Packages:" if [ "${NARGS}" -eq "0" ] then - show_packages + show_packages elif [ "${NARGS}" -eq "1" ] then - show_packages_by_category "${PACKAGE_CATEGORY}" + + if [ "${PACKAGE_CATEGORY}" = "@INDEX@" ] + then + if [ -f "${PKGDIR}/INDEX" ] + then + echo "${PKGDIR}/INDEX" + exit 0 + else + exit 1 + fi + + else + show_packages_by_category "${PACKAGE_CATEGORY}" + fi elif [ "${NARGS}" -eq "2" ] then - show_package_by_name "${PACKAGE_CATEGORY}" "${PACKAGE_NAME}" + show_package_by_name "${PACKAGE_CATEGORY}" "${PACKAGE_NAME}" else - show_packages + show_packages fi diff --git a/usr/sbin/pc-sysinstall/backend-query/list-tzones.sh b/usr/sbin/pc-sysinstall/backend-query/list-tzones.sh index 973f892..7e4bac4 100755 --- a/usr/sbin/pc-sysinstall/backend-query/list-tzones.sh +++ b/usr/sbin/pc-sysinstall/backend-query/list-tzones.sh @@ -23,21 +23,12 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-tzones.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ - -rm ${TMPDIR}/.tzonetmp >/dev/null 2>/dev/null +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/list-tzones.sh,v 1.3 2010/10/19 15:18:40 emaste Exp $ # Backend script which lists all the available timezones for front-ends to display -while read line -do - echo "$line" | grep "^#" >/dev/null 2>/dev/null - if [ "$?" != "0" ] - then - echo "$line" | tr -s "\t" ":" | cut -d ":" -f 3-4 >>${TMPDIR}/.tzonetmp - fi -done < /usr/share/zoneinfo/zone.tab - -sort ${TMPDIR}/.tzonetmp -rm -f ${TMPDIR}/.tzonetmp >/dev/null 2>/dev/null +egrep -v '^#' /usr/share/zoneinfo/zone.tab |\ + tr -s "\t" ":" |\ + cut -d ":" -f 3-4 |\ + sort exit 0 diff --git a/usr/sbin/pc-sysinstall/backend-query/query-langs.sh b/usr/sbin/pc-sysinstall/backend-query/query-langs.sh index 044f41b..336e8dd 100755 --- a/usr/sbin/pc-sysinstall/backend-query/query-langs.sh +++ b/usr/sbin/pc-sysinstall/backend-query/query-langs.sh @@ -23,9 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/query-langs.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ - -FOUND="0" +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/query-langs.sh,v 1.3 2010/10/22 00:10:48 imp Exp $ cat ${PROGDIR}/conf/avail-langs diff --git a/usr/sbin/pc-sysinstall/backend-query/set-mirror.sh b/usr/sbin/pc-sysinstall/backend-query/set-mirror.sh new file mode 100644 index 0000000..fe4daf8 --- /dev/null +++ b/usr/sbin/pc-sysinstall/backend-query/set-mirror.sh @@ -0,0 +1,40 @@ +#!/bin/sh +#- +# Copyright (c) 2010 iXSystems, Inc. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/set-mirror.sh,v 1.2 2010/08/24 06:11:46 imp Exp $ + +. ${PROGDIR}/backend/functions.sh +. ${PROGDIR}/backend/functions-ftp.sh + +MIRROR="${1}" + +if [ -z "${MIRROR}" ] +then + echo "Error: No mirror specified!" + exit 1 +fi + +set_ftp_mirror "${MIRROR}" +exit 0 diff --git a/usr/sbin/pc-sysinstall/backend-query/sys-mem.sh b/usr/sbin/pc-sysinstall/backend-query/sys-mem.sh index 6fcf9b2..8577c29 100755 --- a/usr/sbin/pc-sysinstall/backend-query/sys-mem.sh +++ b/usr/sbin/pc-sysinstall/backend-query/sys-mem.sh @@ -23,9 +23,6 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/sys-mem.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/sys-mem.sh,v 1.3 2010/10/19 15:12:16 emaste Exp $ -MEM=`sysctl hw.realmem | sed "s|hw.realmem: ||g"` -MEM=`expr $MEM / 1024` -MEM=`expr $MEM / 1024` -echo $MEM +expr $(sysctl -n hw.realmem) / 1048576 diff --git a/usr/sbin/pc-sysinstall/backend-query/test-live.sh b/usr/sbin/pc-sysinstall/backend-query/test-live.sh index 7c61cae..43f4298 100755 --- a/usr/sbin/pc-sysinstall/backend-query/test-live.sh +++ b/usr/sbin/pc-sysinstall/backend-query/test-live.sh @@ -23,18 +23,11 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/test-live.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/test-live.sh,v 1.3 2010/10/22 00:11:55 imp Exp $ # Script which checks if we are running from install media, or real system ############################################################################# -dmesg | grep "md0: Preloaded image" >/dev/null 2>/dev/null -if [ "$?" = "0" ] -then - echo "INSTALL-MEDIA" - exit 0 -else - echo "REAL-DISK" - exit 1 -fi +dmesg | grep -q 'md0: Preloaded image' || { echo 'REAL-DISK'; exit 1; } +echo 'INSTALL-MEDIA' diff --git a/usr/sbin/pc-sysinstall/backend-query/test-netup.sh b/usr/sbin/pc-sysinstall/backend-query/test-netup.sh index dc8c71a..aa3e277 100755 --- a/usr/sbin/pc-sysinstall/backend-query/test-netup.sh +++ b/usr/sbin/pc-sysinstall/backend-query/test-netup.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/test-netup.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/test-netup.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Script which tests "fetch" when using a network connection, and saves @@ -35,15 +35,15 @@ rm ${TMPDIR}/.testftp >/dev/null 2>/dev/null ping -c 2 www.pcbsd.org >/dev/null 2>/dev/null if [ "$?" = "0" ] then - echo "ftp: Up" - exit 0 + echo "ftp: Up" + exit 0 fi ping -c 2 www.freebsd.org >/dev/null 2>/dev/null if [ "$?" = "0" ] then - echo "ftp: Up" - exit 0 + echo "ftp: Up" + exit 0 fi echo "ftp: Down" diff --git a/usr/sbin/pc-sysinstall/backend-query/update-part-list.sh b/usr/sbin/pc-sysinstall/backend-query/update-part-list.sh index 9a2a77e..7fb87ec 100755 --- a/usr/sbin/pc-sysinstall/backend-query/update-part-list.sh +++ b/usr/sbin/pc-sysinstall/backend-query/update-part-list.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/update-part-list.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/update-part-list.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Need access to a some unmount functions . ${PROGDIR}/backend/functions-unmount.sh @@ -35,16 +35,17 @@ rm ${TMPDIR}/AvailUpgrades >/dev/null 2>/dev/null FSMNT="/mnt" # Get the freebsd version on this partition -get_fbsd_ver() { +get_fbsd_ver() +{ VER="`file ${FSMNT}/bin/sh | grep 'for FreeBSD' | sed 's|for FreeBSD |;|g' | cut -d ';' -f 2 | cut -d ',' -f 1`" if [ "$?" = "0" ] ; then - file ${FSMNT}/bin/sh | grep '32-bit' >/dev/null 2>/dev/null - if [ "${?}" = "0" ] ; then - echo "${1}: FreeBSD ${VER} (32bit)" - else - echo "${1}: FreeBSD ${VER} (64bit)" - fi + file ${FSMNT}/bin/sh | grep '32-bit' >/dev/null 2>/dev/null + if [ "${?}" = "0" ] ; then + echo "${1}: FreeBSD ${VER} (32bit)" + else + echo "${1}: FreeBSD ${VER} (64bit)" + fi fi } @@ -62,7 +63,7 @@ do # Make sure we don't find any cd devices echo "${DEV}" | grep -e "^acd[0-9]" -e "^cd[0-9]" -e "^scd[0-9]" >/dev/null 2>/dev/null if [ "$?" != "0" ] ; then - DEVS="${DEVS} `ls /dev/${i}*`" + DEVS="${DEVS} `ls /dev/${i}*`" fi done @@ -70,25 +71,25 @@ done # Search for regular UFS / Geom Partitions to upgrade for i in $DEVS do - if [ ! -e "${i}a.journal" -a ! -e "${i}a" -a ! -e "${i}p2" -a ! -e "${i}p2.journal" ] ; then - continue - fi + if [ ! -e "${i}a.journal" -a ! -e "${i}a" -a ! -e "${i}p2" -a ! -e "${i}p2.journal" ] ; then + continue + fi - if [ -e "${i}a.journal" ] ; then - _dsk="${i}a.journal" - elif [ -e "${i}a" ] ; then - _dsk="${i}a" - elif [ -e "${i}p2" ] ; then - _dsk="${i}p2" - elif [ -e "${i}p2.journal" ] ; then - _dsk="${i}p2.journal" - fi + if [ -e "${i}a.journal" ] ; then + _dsk="${i}a.journal" + elif [ -e "${i}a" ] ; then + _dsk="${i}a" + elif [ -e "${i}p2" ] ; then + _dsk="${i}p2" + elif [ -e "${i}p2.journal" ] ; then + _dsk="${i}p2.journal" + fi - mount -o ro ${_dsk} ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} - if [ "${?}" = "0" -a -e "${FSMNT}/bin/sh" ] ; then - get_fbsd_ver "`echo ${_dsk} | sed 's|/dev/||g'`" - umount -f ${FSMNT} >/dev/null 2>/dev/null - fi + mount -o ro ${_dsk} ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} + if [ "${?}" = "0" -a -e "${FSMNT}/bin/sh" ] ; then + get_fbsd_ver "`echo ${_dsk} | sed 's|/dev/||g'`" + umount -f ${FSMNT} >/dev/null 2>/dev/null + fi done # Now search for any ZFS root partitions @@ -101,9 +102,9 @@ umount_all_dir "${FSMNT}" _zps="`zpool list | grep -v 'NAME' | cut -d ' ' -f 1`" for _zpools in ${_zps} do - mount -o ro -t zfs ${_zpools} ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} - if [ "${?}" = "0" -a -e "${FSMNT}/bin/sh" ] ; then - get_fbsd_ver "${_zpools}" - umount -f ${FSMNT} >/dev/null 2>/dev/null - fi + mount -o ro -t zfs ${_zpools} ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} + if [ "${?}" = "0" -a -e "${FSMNT}/bin/sh" ] ; then + get_fbsd_ver "${_zpools}" + umount -f ${FSMNT} >/dev/null 2>/dev/null + fi done diff --git a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh index 5257d5c..372696f 100755 --- a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh +++ b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-layouts.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ FOUND="0" @@ -36,7 +36,7 @@ do echo $line | grep '! ' >/dev/null 2>/dev/null if [ "$?" = "0" ] then - exit 0 + exit 0 else echo "$line" fi diff --git a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-models.sh b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-models.sh index 4fdf652..f8e72c2 100755 --- a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-models.sh +++ b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-models.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-models.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-models.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ FOUND="0" @@ -36,7 +36,7 @@ do echo $line | grep '! ' >/dev/null 2>/dev/null if [ "$?" = "0" ] then - exit 0 + exit 0 else model="`echo $line | sed 's|(|[|g'`" model="`echo $model | sed 's|)|]|g'`" diff --git a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh index 8886bc8..cff6b0e 100755 --- a/usr/sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh +++ b/usr/sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend-query/xkeyboard-variants.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ FOUND="0" @@ -36,7 +36,7 @@ do echo $line | grep '! ' >/dev/null 2>/dev/null if [ "$?" = "0" ] then - exit 0 + exit 0 else echo "$line" fi diff --git a/usr/sbin/pc-sysinstall/backend/Makefile b/usr/sbin/pc-sysinstall/backend/Makefile index b4c517b..2b4693d 100755 --- a/usr/sbin/pc-sysinstall/backend/Makefile +++ b/usr/sbin/pc-sysinstall/backend/Makefile @@ -1,13 +1,13 @@ -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/Makefile,v 1.4 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/Makefile,v 1.6 2010/09/08 20:10:24 imp Exp $ FILES= functions-bsdlabel.sh functions-cleanup.sh functions-disk.sh \ functions-extractimage.sh functions-ftp.sh functions-installcomponents.sh \ - functions-localize.sh functions-mountdisk.sh \ + functions-installpackages.sh functions-localize.sh functions-mountdisk.sh \ functions-mountoptical.sh functions-networking.sh \ functions-newfs.sh functions-packages.sh functions-parse.sh \ functions-runcommands.sh functions-unmount.sh \ functions-upgrade.sh functions-users.sh \ - functions.sh parseconfig.sh startautoinstall.sh + functions.sh parseconfig.sh startautoinstall.sh installimage.sh FILESMODE= ${BINMODE} FILESDIR=${SHAREDIR}/pc-sysinstall/backend NO_OBJ= diff --git a/usr/sbin/pc-sysinstall/backend/functions-bsdlabel.sh b/usr/sbin/pc-sysinstall/backend/functions-bsdlabel.sh index c8cb4f1..316b46c 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-bsdlabel.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-bsdlabel.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-bsdlabel.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-bsdlabel.sh,v 1.9 2010/10/21 22:46:10 imp Exp $ # Functions related to disk operations using bsdlabel @@ -58,20 +58,13 @@ get_fs_line_xvars() echo $LINE | grep '^ZFS' >/dev/null 2>/dev/null if [ "$?" = "0" ] ; then ZTYPE="NONE" - ZFSVARS="`echo $LINE | cut -d '(' -f 2- | cut -d ')' -f 1`" + ZFSVARS="`echo $LINE | cut -d '(' -f 2- | cut -d ')' -f 1 | xargs`" - # Check if we are doing raidz setup - echo $ZFSVARS | grep "^raidz:" >/dev/null 2>/dev/null - if [ "$?" = "0" ] ; then - ZTYPE="raidz" - ZFSVARS="`echo $ZFSVARS | sed 's|raidz: ||g' | sed 's|raidz:||g'`" - fi - - echo $ZFSVARS | grep "^mirror:" >/dev/null 2>/dev/null - if [ "$?" = "0" ] ; then - ZTYPE="mirror" - ZFSVARS="`echo $ZFSVARS | sed 's|mirror: ||g' | sed 's|mirror:||g'`" - fi + echo $ZFSVARS | grep -E "^(disk|file|mirror|raidz(1|2)?|spare|log|cache):" >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then + ZTYPE=`echo $ZFSVARS | cut -f1 -d:` + ZFSVARS=`echo $ZFSVARS | sed "s|$ZTYPE: ||g" | sed "s|$ZTYPE:||g"` + fi # Return the ZFS options if [ "${ZTYPE}" = "NONE" ] ; then @@ -83,7 +76,6 @@ get_fs_line_xvars() return fi # End of ZFS block - fi # End of xtra-options block # If we got here, set VAR to empty and export @@ -93,30 +85,31 @@ get_fs_line_xvars() }; # Init each zfs mirror disk with a boot sector so we can failover -setup_zfs_mirror_parts() { - - _nZFS="" - # Using mirroring, setup boot partitions on each disk - _mirrline="`echo ${1} | sed 's|mirror ||g'`" - for _zvars in $_mirrline - do - echo "Looping through _zvars: $_zvars" >>${LOGOUT} - echo "$_zvars" | grep "${2}" >/dev/null 2>/dev/null - if [ "$?" = "0" ] ; then continue ; fi - if [ -z "$_zvars" ] ; then continue ; fi - - is_disk "$_zvars" >/dev/null 2>/dev/null - if [ "$?" = "0" ] ; then - echo "Setting up ZFS mirror disk $_zvars" >>${LOGOUT} - init_gpt_full_disk "$_zvars" >/dev/null 2>/dev/null - rc_halt "gpart bootcode -p /boot/gptzfsboot -i 1 ${_zvars}" >/dev/null 2>/dev/null - rc_halt "gpart add -t freebsd-zfs ${_zvars}" >/dev/null 2>/dev/null - _nZFS="$_nZFS ${_zvars}p2" - else - _nZFS="$_nZFS ${_zvars}" - fi - done - echo "mirror $2 `echo $_nZFS | tr -s ' '`" +setup_zfs_mirror_parts() +{ + _nZFS="" + + # Using mirroring, setup boot partitions on each disk + _mirrline="`echo ${1} | sed 's|mirror ||g'`" + for _zvars in $_mirrline + do + echo "Looping through _zvars: $_zvars" >>${LOGOUT} + echo "$_zvars" | grep "${2}" >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then continue ; fi + if [ -z "$_zvars" ] ; then continue ; fi + + is_disk "$_zvars" >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then + echo "Setting up ZFS mirror disk $_zvars" >>${LOGOUT} + init_gpt_full_disk "$_zvars" >/dev/null 2>/dev/null + rc_halt "gpart bootcode -p /boot/gptzfsboot -i 1 ${_zvars}" >/dev/null 2>/dev/null + rc_halt "gpart add -t freebsd-zfs ${_zvars}" >/dev/null 2>/dev/null + _nZFS="$_nZFS ${_zvars}p2" + else + _nZFS="$_nZFS ${_zvars}" + fi + done + echo "mirror $2 `echo $_nZFS | tr -s ' '`" } ; # Function which creates a unique label name for the specified mount @@ -168,12 +161,10 @@ gen_glabel_name() # Function to setup / stamp a legacy MBR bsdlabel setup_mbr_partitions() { - DISKTAG="$1" WRKSLICE="$2" FOUNDPARTS="1" - # Lets setup the BSDLABEL BSDLABEL="${TMPDIR}/bsdLabel-${WRKSLICE}" export BSDLABEL @@ -201,6 +192,11 @@ setup_mbr_partitions() SIZE=`echo $STRING | tr -s '\t' ' ' | cut -d ' ' -f 2` MNT=`echo $STRING | tr -s '\t' ' ' | cut -d ' ' -f 3` + if echo $STRING | grep -E '^/.+' >/dev/null 2>&1 + then + IMAGE=`echo ${STRING} | cut -f1 -d' '` + fi + # Check if we have a .eli extension on this FS echo ${FS} | grep ".eli" >/dev/null 2>/dev/null if [ "$?" = "0" ] @@ -223,9 +219,17 @@ setup_mbr_partitions() USINGENCROOT="0" ; export USINGENCROOT fi + if [ -n "${IMAGE}" ] + then + FS="IMAGE" + SIZE=`ls -l "${IMAGE}" | awk '{ print $5 }'` + MNT=`echo $STRING | tr -s '\t' ' ' | cut -d ' ' -f 2` + SIZE=`convert_byte_to_megabyte $SIZE` + fi + # Now check that these values are sane case $FS in - UFS|UFS+S|UFS+J|ZFS|SWAP) ;; + UFS|UFS+S|UFS+J|UFS+SUJ|ZFS|SWAP|IMAGE) ;; *) exit_err "ERROR: Invalid file system specified on $line" ;; esac @@ -262,20 +266,20 @@ setup_mbr_partitions() # Check if we found a valid root partition check_for_mount "${MNT}" "/" if [ "$?" = "0" ] ; then - FOUNDROOT="0" ; export FOUNDROOT + FOUNDROOT="0" ; export FOUNDROOT fi # Check if we have a "/boot" instead check_for_mount "${MNT}" "/boot" if [ "${?}" = "0" ] ; then USINGBOOTPART="0" ; export USINGBOOTPART - if [ "${FS}" != "UFS" -a "${FS}" != "UFS+S" -a "${FS}" != "UFS+J" ] + if [ "${FS}" != "UFS" -a "${FS}" != "UFS+S" -a "${FS}" != "UFS+J" -a "${FS}" != "UFS+SUJ" ] then exit_err "/boot partition must be formatted with UFS" fi fi - else + else # Done with the a: partitions # Check if we found a valid root partition not on a: @@ -314,7 +318,7 @@ setup_mbr_partitions() fi # Save this data to our partition config dir - echo "${FS}:${MNT}:${ENC}:${PLABEL}:MBR:${XTRAOPTS}" >${PARTDIR}/${WRKSLICE}${PARTLETTER} + echo "${FS}:${MNT}:${ENC}:${PLABEL}:MBR:${XTRAOPTS}:${IMAGE}" >${PARTDIR}/${WRKSLICE}${PARTLETTER} # If we have a enc password, save it as well if [ ! -z "${ENCPASS}" ] ; then @@ -323,18 +327,20 @@ setup_mbr_partitions() # This partition letter is used, get the next one case ${PARTLETTER} in - a) PARTLETTER="b" ;; - b) # When we hit b, add the special c: setup for bsdlabel - echo "c: * * unused" >>${BSDLABEL} - PARTLETTER="d" ;; - d) PARTLETTER="e" ;; - e) PARTLETTER="f" ;; - f) PARTLETTER="g" ;; - g) PARTLETTER="h" ;; - h) PARTLETTER="ERR" ;; - *) exit_err "ERROR: bsdlabel only supports up to letter h for partitions." ;; + a) PARTLETTER="b" ;; + b) # When we hit b, add the special c: setup for bsdlabel + echo "c: * * unused" >>${BSDLABEL} + PARTLETTER="d" ;; + d) PARTLETTER="e" ;; + e) PARTLETTER="f" ;; + f) PARTLETTER="g" ;; + g) PARTLETTER="h" ;; + h) PARTLETTER="ERR" ;; + *) exit_err "ERROR: bsdlabel only supports up to letter h for partitions." ;; esac + unset IMAGE + fi # End of subsection locating a slice in config echo $line | grep "^commitDiskLabel" >/dev/null 2>/dev/null @@ -409,7 +415,7 @@ setup_gpt_partitions() # Now check that these values are sane case $FS in - UFS|UFS+S|UFS+J|ZFS|SWAP) ;; + UFS|UFS+S|UFS+J|UFS+SUJ|ZFS|SWAP) ;; *) exit_err "ERROR: Invalid file system specified on $line" ;; esac @@ -446,7 +452,7 @@ setup_gpt_partitions() if [ "${?}" = "0" ] ; then if [ "${CURPART}" = "2" ] ; then USINGBOOTPART="0" ; export USINGBOOTPART - if [ "${FS}" != "UFS" -a "${FS}" != "UFS+S" -a "${FS}" != "UFS+J" ] + if [ "${FS}" != "UFS" -a "${FS}" != "UFS+S" -a "${FS}" != "UFS+J" -a "${FS}" != "UFS+SUJ" ] then exit_err "/boot partition must be formatted with UFS" fi @@ -471,9 +477,9 @@ setup_gpt_partitions() # Figure out the gpart type to use case ${FS} in - ZFS) PARTYPE="freebsd-zfs" ;; - SWAP) PARTYPE="freebsd-swap" ;; - *) PARTYPE="freebsd-ufs" ;; + ZFS) PARTYPE="freebsd-zfs" ;; + SWAP) PARTYPE="freebsd-swap" ;; + *) PARTYPE="freebsd-ufs" ;; esac # Create the partition @@ -514,8 +520,8 @@ setup_gpt_partitions() # If this is the boot disk, stamp the right gptboot if [ ! -z "${BOOTTYPE}" ] ; then case ${BOOTTYPE} in - freebsd-ufs) rc_halt "gpart bootcode -p /boot/gptboot -i 1 ${DISK}" ;; - freebsd-zfs) rc_halt "gpart bootcode -p /boot/gptzfsboot -i 1 ${DISK}" ;; + freebsd-ufs) rc_halt "gpart bootcode -p /boot/gptboot -i 1 ${DISK}" ;; + freebsd-zfs) rc_halt "gpart bootcode -p /boot/gptzfsboot -i 1 ${DISK}" ;; esac fi @@ -574,7 +580,6 @@ populate_disk_label() setup_disk_label() { # We are ready to start setting up the label, lets read the config and do the actions - # First confirm that we have a valid WORKINGSLICES if [ -z "${WORKINGSLICES}" ]; then exit_err "ERROR: No slices were setup! Please report this to the maintainers" @@ -639,3 +644,176 @@ setup_disk_label() fi }; +check_fstab_mbr() +{ + local SLICE + local FSTAB + + if [ -z "$2" ] + then + return 1 + fi + + SLICE="$1" + FSTAB="$2/etc/fstab" + + if [ -f "${FSTAB}" ] + then + PARTLETTER=`echo "$SLICE" | sed -E 's|^.+([a-h])$|\1|'` + + cat "${FSTAB}" | awk '{ print $2 }' | grep -E '^/$' >/dev/null 2>&1 + if [ "$?" = "0" ] + then + if [ "${PARTLETTER}" = "a" ] + then + FOUNDROOT="0" + else + FOUNDROOT="1" + fi + + ROOTIMAGE="1" + + export FOUNDROOT + export ROOTIMAGE + fi + + cat "${FSTAB}" | awk '{ print $2 }' | grep -E '^/boot$' >/dev/null 2>&1 + if [ "$?" = "0" ] + then + if [ "${PARTLETTER}" = "a" ] + then + USINGBOOTPART="0" + else + exit_err "/boot partition must be first partition" + fi + export USINGBOOTPART + fi + + return 0 + fi + + return 1 +}; + +check_fstab_gpt() +{ + local SLICE + local FSTAB + + if [ -z "$2" ] + then + return 1 + fi + + SLICE="$1" + FSTAB="$2/etc/fstab" + + if [ -f "${FSTAB}" ] + then + PARTNUMBER=`echo "${SLICE}" | sed -E 's|^.+p([0-9]*)$|\1|'` + + cat "${FSTAB}" | awk '{ print $2 }' | grep -E '^/$' >/dev/null 2>&1 + if [ "$?" = "0" ] + then + if [ "${PARTNUMBER}" = "2" ] + then + FOUNDROOT="0" + else + FOUNDROOT="1" + fi + + ROOTIMAGE="1" + + export FOUNDROOT + export ROOTIMAGE + fi + + cat "${FSTAB}" | awk '{ print $2 }' | grep -E '^/boot$' >/dev/null 2>&1 + if [ "$?" = "0" ] + then + if [ "${PARTNUMBER}" = "2" ] + then + USINGBOOTPART="0" + else + exit_err "/boot partition must be first partition" + fi + export USINGBOOTPART + fi + + return 0 + fi + + + return 1 +}; + +check_disk_layout() +{ + local SLICES + local TYPE + local DISK + local RES + local F + + DISK="$1" + TYPE="MBR" + + if [ -z "${DISK}" ] + then + return 1 + fi + + SLICES_MBR=`ls /dev/${DISK}s[1-4]*[a-h]* 2>/dev/null` + SLICES_GPT=`ls /dev/${DISK}p[0-9]* 2>/dev/null` + SLICES_SLICE=`ls /dev/${DISK}[a-h]* 2>/dev/null` + + if [ -n "${SLICES_MBR}" ] + then + SLICES="${SLICES_MBR}" + TYPE="MBR" + RES=0 + fi + if [ -n "${SLICES_GPT}" ] + then + SLICES="${SLICES_GPT}" + TYPE="GPT" + RES=0 + fi + if [ -n "${SLICES_SLICE}" ] + then + SLICES="${SLICES_SLICE}" + TYPE="MBR" + RES=0 + fi + + for slice in ${SLICES} + do + F=1 + mount ${slice} /mnt 2>/dev/null + if [ "$?" != "0" ] + then + continue + fi + + if [ "${TYPE}" = "MBR" ] + then + check_fstab_mbr "${slice}" "/mnt" + F="$?" + + elif [ "${TYPE}" = "GPT" ] + then + check_fstab_gpt "${slice}" "/mnt" + F="$?" + fi + + if [ "${F}" = "0" ] + then + #umount /mnt + break + fi + + #umount /mnt + done + + return ${RES} +}; diff --git a/usr/sbin/pc-sysinstall/backend/functions-cleanup.sh b/usr/sbin/pc-sysinstall/backend/functions-cleanup.sh index ff2729f..be316c4 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-cleanup.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-cleanup.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh,v 1.3 2010/07/31 19:25:51 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-cleanup.sh,v 1.5 2010/10/21 17:14:44 imp Exp $ # Functions which perform the final cleanup after an install @@ -99,9 +99,9 @@ zfs_cleanup_unmount() do if [ "${ZMNT}" != "/" ] then - #rc_halt "/sbin/zfs set mountpoint=${ZMNT} ${ZPOOLNAME}${ZMNT}" - #rc_halt "/sbin/zfs unmount ${ZPOOLNAME}${ZMNT}" - #sleep 2 + rc_halt "zfs set mountpoint=${ZMNT} ${ZPOOLNAME}${ZMNT}" + rc_halt "zfs unmount ${ZPOOLNAME}${ZMNT}" + sleep 2 fi done fi @@ -166,8 +166,8 @@ setup_fstab() # Set mount options for file-systems case $PARTFS in UFS+J) MNTOPTS="rw,noatime,async" ;; - SWAP) MNTOPTS="sw" ;; - *) MNTOPTS="rw,noatime" ;; + SWAP) MNTOPTS="sw" ;; + *) MNTOPTS="rw,noatime" ;; esac @@ -296,7 +296,7 @@ setup_geli_loading() # If we have a passphrase, set it up now if [ -e "${PARTDIR}-enc/${PART}-encpass" ] ; then - cat ${PARTDIR}-enc/${PART}-encpass | geli setkey -S -n 0 -p -k ${KEYFILE} -K ${KEYFILE} ${PART} + geli setkey -J ${PARTDIR}-enc/${PART}-encpass -n 0 -p -k ${KEYFILE} -K ${KEYFILE} ${PART} geli configure -b ${PART} fi @@ -349,9 +349,9 @@ setup_hostname() mv ${FSMNT}/etc/rc.conf.new ${FSMNT}/etc/rc.conf # Set the hostname now -# echo_log "Setting hostname: ${HOSTNAME}" -# echo "hostname=\"${HOSTNAME}\"" >> ${FSMNT}/etc/rc.conf -# sed -i -e "s|my.domain|${HOSTNAME} ${HOSTNAME}|g" ${FSMNT}/etc/hosts + echo_log "Setting hostname: ${HOSTNAME}" + echo "hostname=\"${HOSTNAME}\"" >> ${FSMNT}/etc/rc.conf + sed -i -e "s|my.domain|${HOSTNAME} ${HOSTNAME}|g" ${FSMNT}/etc/hosts }; @@ -391,30 +391,28 @@ set_root_pw() run_final_cleanup() { + # Check if we need to run any gmirror setup + ls ${MIRRORCFGDIR}/* >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Lets setup gmirror now + setup_gmirror + fi - # Check if we need to run any gmirror setup - ls ${MIRRORCFGDIR}/* >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Lets setup gmirror now - setup_gmirror - fi - - # Check if we need to save any geli keys - ls ${GELIKEYDIR}/* >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Lets setup geli loading - setup_geli_loading - fi - - # Set a hostname on the install system - setup_hostname + # Check if we need to save any geli keys + ls ${GELIKEYDIR}/* >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Lets setup geli loading + setup_geli_loading + fi - # Set the root_pw if it is specified - set_root_pw + # Set a hostname on the install system + setup_hostname - # Generate the fstab for the installed system - setup_fstab + # Set the root_pw if it is specified + set_root_pw + # Generate the fstab for the installed system + setup_fstab }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-disk.sh b/usr/sbin/pc-sysinstall/backend/functions-disk.sh index 3ab86dd..2bb3ecc 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-disk.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-disk.sh @@ -23,18 +23,19 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-disk.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-disk.sh,v 1.8 2010/11/10 05:32:36 imp Exp $ # Functions related to disk operations using gpart # See if device is a full disk or partition/slice -is_disk() { - for _dsk in `sysctl -n kern.disks` - do - if [ "$_dsk" = "${1}" ] ; then return 0 ; fi - done +is_disk() +{ + for _dsk in `sysctl -n kern.disks` + do + if [ "$_dsk" = "${1}" ] ; then return 0 ; fi + done - return 1 + return 1 } # Get a MBR partitions sysid @@ -190,9 +191,9 @@ get_disk_partitions() for i in ${SLICES} do case $type in - MBR) name="${1}s${i}" ;; - GPT) name="${1}p${i}";; - *) name="${1}s${i}";; + MBR) name="${1}s${i}" ;; + GPT) name="${1}p${i}";; + *) name="${1}s${i}";; esac if [ -z "${RSLICES}" ] then @@ -226,8 +227,16 @@ get_disk_heads() VAL="${head}" ; export VAL }; +# Function which returns a target disks mediasize in sectors +get_disk_mediasize() +{ + mediasize=`diskinfo -v ${1} | grep "# mediasize in sectors" | tr -s ' ' | cut -f 2` + VAL="${mediasize}" ; export VAL +}; + # Function which exports all zpools, making them safe to overwrite potentially -export_all_zpools() { +export_all_zpools() +{ # Export any zpools for i in `zpool list -H -o name` do @@ -324,144 +333,216 @@ setup_disk_slice() # We are ready to start setting up the disks, lets read the config and do the actions while read line do - echo $line | grep "^disk${disknum}=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - - # Found a disk= entry, lets get the disk we are working on - get_value_from_string "${line}" - strip_white_space "$VAL" - DISK="$VAL" + echo $line | grep "^disk${disknum}=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + + # Found a disk= entry, lets get the disk we are working on + get_value_from_string "${line}" + strip_white_space "$VAL" + DISK="$VAL" - # Before we go further, lets confirm this disk really exists - if [ ! -e "/dev/${DISK}" ] - then - exit_err "ERROR: The disk ${DISK} does not exist!" - fi + # Before we go further, lets confirm this disk really exists + if [ ! -e "/dev/${DISK}" ] + then + exit_err "ERROR: The disk ${DISK} does not exist!" + fi - # Make sure we stop any gmirrors on this disk - stop_all_gmirror ${DISK} + # Make sure we stop any gmirrors on this disk + stop_all_gmirror ${DISK} - # Make sure we stop any geli stuff on this disk - stop_all_geli ${DISK} + # Make sure we stop any geli stuff on this disk + stop_all_geli ${DISK} - # Make sure we don't have any zpools loaded - stop_all_zfs + # Make sure we don't have any zpools loaded + stop_all_zfs - fi + fi - # Lets look if this device will be mirrored on another disk - echo $line | grep "^mirror=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then + # Lets look if this device will be mirrored on another disk + echo $line | grep "^mirror=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then - # Found a disk= entry, lets get the disk we are working on - get_value_from_string "${line}" - strip_white_space "$VAL" - MIRRORDISK="$VAL" + # Found a disk= entry, lets get the disk we are working on + get_value_from_string "${line}" + strip_white_space "$VAL" + MIRRORDISK="$VAL" - # Before we go further, lets confirm this disk really exists - if [ ! -e "/dev/${MIRRORDISK}" ] - then - exit_err "ERROR: The mirror disk ${MIRRORDISK} does not exist!" - fi - fi + # Before we go further, lets confirm this disk really exists + if [ ! -e "/dev/${MIRRORDISK}" ] + then + exit_err "ERROR: The mirror disk ${MIRRORDISK} does not exist!" + fi + fi - # Lets see if we have been given a mirror balance choice - echo $line | grep "^mirrorbal=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then + # Lets see if we have been given a mirror balance choice + echo $line | grep "^mirrorbal=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then - # Found a disk= entry, lets get the disk we are working on - get_value_from_string "${line}" - strip_white_space "$VAL" - MIRRORBAL="$VAL" - fi + # Found a disk= entry, lets get the disk we are working on + get_value_from_string "${line}" + strip_white_space "$VAL" + MIRRORBAL="$VAL" + fi - echo $line | grep "^partition=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Found a partition= entry, lets read / set it - get_value_from_string "${line}" - strip_white_space "$VAL" - PTYPE="$VAL" - - # We are using free space, figure out the slice number - if [ "${PTYPE}" = "free" -o "${PTYPE}" = "FREE" ] - then - # Lets figure out what number this slice will be - LASTSLICE="`gpart show ${DISK} | grep -v ${DISK} | grep -v ' free' |tr -s '\t' ' ' | cut -d ' ' -f 4 | sed '/^$/d' | tail -n 1`" - if [ -z "${LASTSLICE}" ] - then - LASTSLICE="1" - else - LASTSLICE="`expr $LASTSLICE + 1`" - fi - - if [ $LASTSLICE -gt 4 ] - then - exit_err "ERROR: BSD only supports primary partitions, and there are none availble on $DISK" - fi + echo $line | grep "^partition=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found a partition= entry, lets read / set it + get_value_from_string "${line}" + strip_white_space "$VAL" + PTYPE=`echo $VAL|tr A-Z a-z` + + # We are using free space, figure out the slice number + if [ "${PTYPE}" = "free" ] + then + # Lets figure out what number this slice will be + LASTSLICE="`gpart show ${DISK} \ + | grep -v ${DISK} \ + | grep -v ' free' \ + | tr -s '\t' ' ' \ + | cut -d ' ' -f 4 \ + | sed '/^$/d' \ + | tail -n 1`" + + if [ -z "${LASTSLICE}" ] + then + LASTSLICE="1" + else + LASTSLICE="`expr $LASTSLICE + 1`" + fi + + if [ $LASTSLICE -gt 4 ] + then + exit_err "ERROR: BSD only supports primary partitions, and there are none availble on $DISK" + fi + + fi + fi - fi - fi + # Check if we have an image file defined + echo $line | grep "^image=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then + # Found an image= entry, lets read / set it + get_value_from_string "${line}" + strip_white_space "$VAL" + IMAGE="$VAL" + if [ ! -f "$IMAGE" ] ; then + exit_err "$IMAGE file does not exist" + fi + fi - echo $line | grep "^bootManager=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Found a bootManager= entry, lets read /set it - get_value_from_string "${line}" - strip_white_space "$VAL" - BMANAGER="$VAL" - fi + # Check if we have a partscheme specified + echo $line | grep "^partscheme=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then + # Found a partscheme= entry, lets read / set it + get_value_from_string "${line}" + strip_white_space "$VAL" + PSCHEME="$VAL" + if [ "$PSCHEME" != "GPT" -a "$PSCHEME" != "MBR" ] ; then + exit_err "Unknown partition scheme: $PSCHEME" + fi + fi - echo $line | grep "^commitDiskPart" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Found our flag to commit this disk setup / lets do sanity check and do it - if [ ! -z "${DISK}" -a ! -z "${PTYPE}" ] - then - case ${PTYPE} in - all|ALL) tmpSLICE="${DISK}p1" - run_gpart_full "${DISK}" "${BMANAGER}" ;; - s1|s2|s3|s4) tmpSLICE="${DISK}${PTYPE}" - # Get the number of the slice we are working on - s="`echo ${PTYPE} | awk '{print substr($0,length,1)}'`" - run_gpart_slice "${DISK}" "${BMANAGER}" "${s}" ;; - free|FREE) tmpSLICE="${DISK}s${LASTSLICE}" - run_gpart_free "${DISK}" "${LASTSLICE}" "${BMANAGER}" ;; - *) exit_err "ERROR: Unknown PTYPE: $PTYPE" ;; - esac - - # Now save which disk<num> this is, so we can parse it later during slice partition setup - echo "disk${disknum}" >${SLICECFGDIR}/$tmpSLICE - - # Save any mirror config - if [ ! -z "$MIRRORDISK" ] - then - # Default to round-robin if the user didn't specify - if [ -z "$MIRRORBAL" ] - then - MIRRORBAL="round-robin" - fi - echo "$MIRRORDISK:$MIRRORBAL" >${MIRRORCFGDIR}/$DISK - fi - - - # Increment our disk counter to look for next disk and unset - unset BMANAGER PTYPE DISK MIRRORDISK MIRRORBAL - disknum="`expr $disknum + 1`" - else - exit_err "ERROR: commitDiskPart was called without procceding disk<num>= and partition= entries!!!" - fi - fi + echo $line | grep "^bootManager=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found a bootManager= entry, lets read /set it + get_value_from_string "${line}" + strip_white_space "$VAL" + BMANAGER="$VAL" + fi + + echo $line | grep "^commitDiskPart" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found our flag to commit this disk setup / lets do sanity check and do it + if [ ! -z "${DISK}" -a ! -z "${PTYPE}" ] + then + case ${PTYPE} in + all) + if [ "$PSCHEME" = "MBR" -o -z "$PSCHEME" ] ; then + PSCHEME="MBR" + tmpSLICE="${DISK}s1" + else + tmpSLICE="${DISK}p1" + fi + + run_gpart_full "${DISK}" "${BMANAGER}" "${PSCHEME}" + ;; + + s1|s2|s3|s4) + tmpSLICE="${DISK}${PTYPE}" + # Get the number of the slice we are working on + s="`echo ${PTYPE} | awk '{print substr($0,length,1)}'`" + run_gpart_slice "${DISK}" "${BMANAGER}" "${s}" + ;; + + free) + tmpSLICE="${DISK}s${LASTSLICE}" + run_gpart_free "${DISK}" "${LASTSLICE}" "${BMANAGER}" + ;; + + image) + if [ -z "${IMAGE}" ] + then + exit_err "ERROR: partition type image specified with no image!" + fi + ;; + + *) exit_err "ERROR: Unknown PTYPE: $PTYPE" ;; + esac + + + if [ -n "${IMAGE}" ] + then + local DEST + + if [ -n "${tmpSLICE}" ] + then + DEST="${tmpSLICE}" + else + DEST="${DISK}" + fi + + write_image "${IMAGE}" "${DEST}" + check_disk_layout "${DEST}" + fi + + # Now save which disk<num> this is, so we can parse it later during slice partition setup + if [ -z "${IMAGE}" ] + then + echo "disk${disknum}" >${SLICECFGDIR}/$tmpSLICE + fi + + # Save any mirror config + if [ ! -z "$MIRRORDISK" ] + then + # Default to round-robin if the user didn't specify + if [ -z "$MIRRORBAL" ] + then + MIRRORBAL="round-robin" + fi + echo "$MIRRORDISK:$MIRRORBAL" >${MIRRORCFGDIR}/$DISK + fi + + # Increment our disk counter to look for next disk and unset + unset BMANAGER PTYPE DISK MIRRORDISK MIRRORBAL PSCHEME IMAGE + disknum="`expr $disknum + 1`" + else + exit_err "ERROR: commitDiskPart was called without procceding disk<num>= and partition= entries!!!" + fi + fi done <${CFGF} }; # Stop all gjournals on disk / slice -stop_gjournal() { +stop_gjournal() +{ _gdsk="$1" # Check if we need to shutdown any journals on this drive ls /dev/${_gdsk}*.journal >/dev/null 2>/dev/null @@ -477,7 +558,7 @@ stop_gjournal() { fi } ; -# Function which runs gpart and creates a single large slice +# Function which runs gpart and creates a single large GPT partition scheme init_gpt_full_disk() { _intDISK=$1 @@ -506,14 +587,88 @@ init_gpt_full_disk() } +# Function which runs gpart and creates a single large MBR partition scheme +init_mbr_full_disk() +{ + _intDISK=$1 + _intBOOT=$2 + + startblock="63" + + # Set our sysctl so we can overwrite any geom using drives + sysctl kern.geom.debugflags=16 >>${LOGOUT} 2>>${LOGOUT} + + # Stop any journaling + stop_gjournal "${_intDISK}" + + # Remove any existing partitions + delete_all_gpart "${_intDISK}" + + #Erase any existing bootloader + echo_log "Cleaning up ${_intDISK}" + rc_halt "dd if=/dev/zero of=/dev/${_intDISK} count=2048" + + sleep 2 + + echo_log "Running gpart on ${_intDISK}" + rc_halt "gpart create -s mbr ${_intDISK}" + + # Lets figure out disk size in blocks + # Get the cyl of this disk + get_disk_cyl "${_intDISK}" + cyl="${VAL}" + + # Get the heads of this disk + get_disk_heads "${_intDISK}" + head="${VAL}" + + # Get the tracks/sectors of this disk + get_disk_sectors "${_intDISK}" + sec="${VAL}" + + # Multiply them all together to get our total blocks + totalblocks="`expr ${cyl} \* ${head}`" + totalblocks="`expr ${totalblocks} \* ${sec}`" + if [ -z "${totalblocks}" ] + then + totalblocks=`gpart show "${_intDISK}"|tail -2|head -1|awk '{ print $2 }'` + fi + + # Now set the ending block to the total disk block size + sizeblock="`expr ${totalblocks} - ${startblock}`" + + # Install new partition setup + echo_log "Running gpart add on ${_intDISK}" + rc_halt "gpart add -b ${startblock} -s ${sizeblock} -t freebsd -i 1 ${_intDISK}" + sleep 2 + + echo_log "Cleaning up ${_intDISK}s1" + rc_halt "dd if=/dev/zero of=/dev/${_intDISK}s1 count=1024" + + if [ "$_intBOOT" = "bsd" ] ; then + echo_log "Stamping boot0 on ${_intDISK}" + rc_halt "gpart bootcode -b /boot/boot0 ${_intDISK}" + else + echo_log "Stamping boot1 on ${_intDISK}" + rc_halt "gpart bootcode -b /boot/boot1 ${_intDISK}" + fi + +} + # Function which runs gpart and creates a single large slice run_gpart_full() { DISK=$1 + BOOT=$2 + SCHEME=$3 - init_gpt_full_disk "$DISK" - - slice="${DISK}-1-gpt" + if [ "$SCHEME" = "MBR" ] ; then + init_mbr_full_disk "$DISK" "$BOOT" + slice="${DISK}-1-mbr" + else + init_gpt_full_disk "$DISK" + slice="${DISK}-1-gpt" + fi # Lets save our slice, so we know what to look for in the config file later on if [ -z "$WORKINGSLICES" ] diff --git a/usr/sbin/pc-sysinstall/backend/functions-extractimage.sh b/usr/sbin/pc-sysinstall/backend/functions-extractimage.sh index 1853e26..aeb585f 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-extractimage.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-extractimage.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-extractimage.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-extractimage.sh,v 1.8 2010/10/21 23:08:42 imp Exp $ # Functions which perform the extraction / installation of system to disk @@ -54,39 +54,41 @@ start_extract_uzip_tar() echo_log "pc-sysinstall: Starting Extraction" case ${PACKAGETYPE} in - uzip) # Start by mounting the uzip image - MDDEVICE=`mdconfig -a -t vnode -o readonly -f ${INSFILE}` - mkdir -p ${FSMNT}.uzip - mount -r /dev/${MDDEVICE}.uzip ${FSMNT}.uzip - if [ "$?" != "0" ] - then - exit_err "ERROR: Failed mounting the ${INSFILE}" - fi - cd ${FSMNT}.uzip - - # Copy over all the files now! - tar cvf - . 2>/dev/null | tar -xpv -C ${FSMNT} ${TAROPTS} -f - 2>&1 | tee -a ${FSMNT}/.tar-extract.log - if [ "$?" != "0" ] - then - cd / - echo "TAR failure occured:" >>${LOGOUT} - cat ${FSMNT}/.tar-extract.log | grep "tar:" >>${LOGOUT} - umount ${FSMNT}.uzip - mdconfig -d -u ${MDDEVICE} - exit_err "ERROR: Failed extracting the tar image" - fi - - # All finished, now lets umount and cleanup - cd / - umount ${FSMNT}.uzip - mdconfig -d -u ${MDDEVICE} - ;; - tar) tar -xpv -C ${FSMNT} -f ${INSFILE} ${TAROPTS} >&1 2>&1 - if [ "$?" != "0" ] - then - exit_err "ERROR: Failed extracting the tar image" - fi - ;; + uzip) + # Start by mounting the uzip image + MDDEVICE=`mdconfig -a -t vnode -o readonly -f ${INSFILE}` + mkdir -p ${FSMNT}.uzip + mount -r /dev/${MDDEVICE}.uzip ${FSMNT}.uzip + if [ "$?" != "0" ] + then + exit_err "ERROR: Failed mounting the ${INSFILE}" + fi + cd ${FSMNT}.uzip + + # Copy over all the files now! + tar cvf - . 2>/dev/null | tar -xpv -C ${FSMNT} ${TAROPTS} -f - 2>&1 | tee -a ${FSMNT}/.tar-extract.log + if [ "$?" != "0" ] + then + cd / + echo "TAR failure occurred:" >>${LOGOUT} + cat ${FSMNT}/.tar-extract.log | grep "tar:" >>${LOGOUT} + umount ${FSMNT}.uzip + mdconfig -d -u ${MDDEVICE} + exit_err "ERROR: Failed extracting the tar image" + fi + + # All finished, now lets umount and cleanup + cd / + umount ${FSMNT}.uzip + mdconfig -d -u ${MDDEVICE} + ;; + tar) + tar -xpv -C ${FSMNT} -f ${INSFILE} ${TAROPTS} >&1 2>&1 + if [ "$?" != "0" ] + then + exit_err "ERROR: Failed extracting the tar image" + fi + ;; esac # Check if this was a FTP download and clean it up now @@ -120,10 +122,10 @@ start_extract_split() DIRS=`ls -d ${INSDIR}/*|grep -Ev '(uzip|kernels|src)'` for dir in ${DIRS} do - cd "${dir}" - if [ -f "install.sh" ] - then - echo "Extracting" `basename ${dir}` + cd "${dir}" + if [ -f "install.sh" ] + then + echo_log "Extracting" `basename ${dir}` echo "y" | sh install.sh >/dev/null if [ "$?" != "0" ] then @@ -139,13 +141,14 @@ start_extract_split() cd "${KERNELS}" if [ -f "install.sh" ] then - echo "Extracting" `basename ${KERNELS}` + echo_log "Extracting" `basename ${KERNELS}` echo "y" | sh install.sh generic >/dev/null if [ "$?" != "0" ] then exit_err "ERROR: Failed extracting ${KERNELS}" fi - echo 'kernel="GENERIC"' > "${FSMNT}/boot/loader.conf" + rm -rf "${FSMNT}/boot/kernel" + mv "${FSMNT}/boot/GENERIC" "${FSMNT}/boot/kernel" else exit_err "ERROR: ${KERNELS}/install.sh does not exist" fi @@ -155,7 +158,7 @@ start_extract_split() cd "${SOURCE}" if [ -f "install.sh" ] then - echo "Extracting" `basename ${SOURCE}` + echo_log "Extracting" `basename ${SOURCE}` echo "y" | sh install.sh all >/dev/null if [ "$?" != "0" ] then @@ -203,7 +206,76 @@ fetch_install_file() }; -# Function which does the rsync download from the server specifed in cfg +# Function which will download freebsd install files +fetch_split_files() +{ + get_ftpHost + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpHost was provided!" + fi + FTPHOST="${VAL}" + + get_ftpDir + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpDir was provided!" + fi + FTPDIR="${VAL}" + + # Check if we have a /usr partition to save the download + if [ -d "${FSMNT}/usr" ] + then + OUTFILE="${FSMNT}/usr/.fetch-${INSFILE}" + else + OUTFILE="${FSMNT}/.fetch-${INSFILE}" + fi + + DIRS="base catpages dict doc games info manpages proflibs kernels src" + if [ "${FBSD_ARCH}" = "amd64" ] + then + DIRS="${DIRS} lib32" + fi + + for d in ${DIRS} + do + mkdir -p "${OUTFILE}/${d}" + done + + + NETRC="${OUTFILE}/.netrc" + cat<<EOF>"${NETRC}" +machine ${FTPHOST} +login anonymous +password anonymous +macdef INSTALL +bin +prompt +EOF + + for d in ${DIRS} + do + cat<<EOF>>"${NETRC}" +cd ${FTPDIR}/${d} +lcd ${OUTFILE}/${d} +mreget * +EOF + done + + cat<<EOF>>"${NETRC}" +bye + + +EOF + + # Fetch the files via ftp + echo "$ INSTALL" | ftp -N "${NETRC}" "${FTPHOST}" + + # Done fetching, now reset the INSFILE to our downloaded archived + INSFILE="${OUTFILE}" ; export INSFILE +} + +# Function which does the rsync download from the server specified in cfg start_rsync_copy() { # Load our rsync config values @@ -257,6 +329,46 @@ start_rsync_copy() }; +start_image_install() +{ + if [ -z "${IMAGE_FILE}" ] + then + exit_err "ERROR: installMedium set to image but no image file specified!" + fi + + # We are ready to start mounting, lets read the config and do it + while read line + do + echo $line | grep "^disk0=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found a disk= entry, lets get the disk we are working on + get_value_from_string "${line}" + strip_white_space "$VAL" + DISK="$VAL" + fi + + echo $line | grep "^commitDiskPart" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found our flag to commit this disk setup / lets do sanity check and do it + if [ ! -z "${DISK}" ] + then + + # Write the image + write_image "${IMAGE_FILE}" "${DISK}" + + # Increment our disk counter to look for next disk and unset + unset DISK + break + + else + exit_err "ERROR: commitDiskPart was called without procceding disk<num>= and partition= entries!!!" + fi + fi + + done <${CFGF} +}; # Entrance function, which starts the installation process init_extraction() @@ -272,19 +384,19 @@ init_extraction() if [ "$INSTALLTYPE" = "FreeBSD" ] then case $PACKAGETYPE in - uzip) INSFILE="${FBSD_UZIP_FILE}" ;; - tar) INSFILE="${FBSD_TAR_FILE}" ;; - split) - INSDIR="${FBSD_BRANCH_DIR}" - - # This is to trick opt_mount into not failing - INSFILE="${INSDIR}" - ;; + uzip) INSFILE="${FBSD_UZIP_FILE}" ;; + tar) INSFILE="${FBSD_TAR_FILE}" ;; + split) + INSDIR="${FBSD_BRANCH_DIR}" + + # This is to trick opt_mount into not failing + INSFILE="${INSDIR}" + ;; esac else case $PACKAGETYPE in - uzip) INSFILE="${UZIP_FILE}" ;; - tar) INSFILE="${TAR_FILE}" ;; + uzip) INSFILE="${UZIP_FILE}" ;; + tar) INSFILE="${TAR_FILE}" ;; esac fi export INSFILE diff --git a/usr/sbin/pc-sysinstall/backend/functions-ftp.sh b/usr/sbin/pc-sysinstall/backend/functions-ftp.sh index 93d9eae..fa05e3f 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-ftp.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-ftp.sh @@ -23,13 +23,15 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-ftp.sh,v 1.2 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-ftp.sh,v 1.4 2010/08/24 06:11:46 imp Exp $ # Functions which runs commands on the system . ${BACKEND}/functions.sh . ${BACKEND}/functions-parse.sh +DEFAULT_FTP_SERVER="ftp.freebsd.org" + MAIN_FTP_SERVERS="\ Main Site: ftp.freebsd.org" @@ -274,7 +276,48 @@ show_mirrors() done IFS="${SAVE_IFS}" fi -} +}; + +set_ftp_mirror() +{ + MIRROR="${1}" + echo "${MIRROR}" > "${CONFDIR}/mirrors.conf" +}; + +get_ftp_mirror() +{ + MIRROR="${DEFAULT_FTP_SERVER}" + if [ -f "${CONFDIR}/mirrors.conf" ] + then + MIRROR=`cat "${CONFDIR}/mirrors.conf"` + fi + + VAL="${MIRROR}" + export VAL +}; + + +get_ftpHost() +{ + get_value_from_cfg ftpPath + ftpPath="$VAL" + + ftpHost=`echo "${ftpPath}" | sed -E 's|^(ftp://)([^/]*)(.*)|\2|'` + VAL="${ftpHost}" + + export VAL +}; + +get_ftpDir() +{ + get_value_from_cfg ftpPath + ftpPath="$VAL" + + ftpDir=`echo "${ftpPath}" | sed -E 's|^(ftp://)([^/]*)(.*)|\3|'` + VAL="${ftpDir}" + + export VAL +}; get_ftp_mirrors() { @@ -371,4 +414,4 @@ get_ftp_mirrors() fi export VAL -} +}; diff --git a/usr/sbin/pc-sysinstall/backend/functions-installcomponents.sh b/usr/sbin/pc-sysinstall/backend/functions-installcomponents.sh index 4744765..5aa6f84 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-installcomponents.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-installcomponents.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-installcomponents.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-installcomponents.sh,v 1.4 2010/09/08 20:10:24 imp Exp $ # Functions which check and load any optional modules specified in the config @@ -52,23 +52,27 @@ copy_component() CFILEMD5="`echo $line | cut -d ':' -f 2`" CFILE2MD5="`echo $line | cut -d ':' -f 3`" - case ${INSTALLMEDIUM} in - dvd|usb) # On both dvd / usb, we can just copy the file - cp ${CDMNT}/${COMPFILEDIR}/${SUBDIR}/${CFILE} \ - ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} - RESULT="$?" - ;; - ftp) get_value_from_cfg ftpPath - if [ -z "$VAL" ] - then - exit_err "ERROR: Install medium was set to ftp, but no ftpPath was provided!" - fi - FTPPATH="${VAL}" - - fetch_file "${FTPPATH}/${COMPFILEDIR}/${SUBDIR}/${CFILE}" "${FSMNT}/${COMPTMPDIR}/${CFILE}" "0" + dvd|usb) + # On both dvd / usb, we can just copy the file + cp ${CDMNT}/${COMPFILEDIR}/${SUBDIR}/${CFILE} \ + ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} RESULT="$?" - ;; + ;; + + ftp) + get_value_from_cfg ftpPath + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpPath was provided!" + fi + FTPPATH="${VAL}" + + fetch_file "${FTPPATH}/${COMPFILEDIR}/${SUBDIR}/${CFILE}" "${FSMNT}/${COMPTMPDIR}/${CFILE}" "0" + RESULT="$?" + ;; + + sftp) ;; esac if [ "${RESULT}" != "0" ] @@ -120,47 +124,44 @@ export CFILE sh ${COMPTMPDIR}/install.sh " >${FSMNT}/.componentwrapper.sh - chmod 755 ${FSMNT}/.componentwrapper.sh + chmod 755 ${FSMNT}/.componentwrapper.sh - # Copy over the install script for this component - cp ${COMPDIR}/${COMPONENT}/install.sh ${FSMNT}/${COMPTMPDIR}/ - - echo_log "INSTALL COMPONENT: ${i}" - chroot ${FSMNT} /.componentwrapper.sh >>${LOGOUT} 2>>${LOGOUT} - rm ${FSMNT}/.componentwrapper.sh + # Copy over the install script for this component + cp ${COMPDIR}/${COMPONENT}/install.sh ${FSMNT}/${COMPTMPDIR}/ + echo_log "INSTALL COMPONENT: ${i}" + chroot ${FSMNT} /.componentwrapper.sh >>${LOGOUT} 2>>${LOGOUT} + rm ${FSMNT}/.componentwrapper.sh }; # Check for any modules specified, and begin loading them install_components() { - # First, lets check and see if we even have any optional modules - get_value_from_cfg installComponents - if [ ! -z "${VAL}" ] - then - # Lets start by cleaning up the string and getting it ready to parse - strip_white_space ${VAL} - COMPONENTS=`echo ${VAL} | sed -e "s|,| |g"` - for i in $COMPONENTS - do - if [ ! -e "${COMPDIR}/${i}/install.sh" -o ! -e "${COMPDIR}/${i}/distfiles" ] - then - echo_log "WARNING: Component ${i} doesn't seem to exist" - else - - # Make the tmpdir on the disk - mkdir -p ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} - - # Start by grabbing the component files - copy_component ${i} + # First, lets check and see if we even have any optional modules + get_value_from_cfg installComponents + if [ ! -z "${VAL}" ] + then + # Lets start by cleaning up the string and getting it ready to parse + strip_white_space ${VAL} + COMPONENTS=`echo ${VAL} | sed -e "s|,| |g"` + for i in $COMPONENTS + do + if [ ! -e "${COMPDIR}/${i}/install.sh" -o ! -e "${COMPDIR}/${i}/distfiles" ] + then + echo_log "WARNING: Component ${i} doesn't seem to exist" + else - # Remove the tmpdir now - rm -rf ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} + # Make the tmpdir on the disk + mkdir -p ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} - fi - done + # Start by grabbing the component files + copy_component ${i} - fi + # Remove the tmpdir now + rm -rf ${FSMNT}/${COMPTMPDIR} >>${LOGOUT} 2>>${LOGOUT} + fi + done + fi }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-installpackages.sh b/usr/sbin/pc-sysinstall/backend/functions-installpackages.sh new file mode 100644 index 0000000..b8f383a --- /dev/null +++ b/usr/sbin/pc-sysinstall/backend/functions-installpackages.sh @@ -0,0 +1,125 @@ +#!/bin/sh +#- +# Copyright (c) 2010 iXsystems, Inc. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-installpackages.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ + +# Functions which check and load any optional packages specified in the config + +. ${BACKEND}/functions.sh +. ${BACKEND}/functions-parse.sh + +# Recursively determine all dependencies for this package +determine_package_dependencies() +{ + local PKGNAME="${1}" + local DEPFILE="${2}" + + grep "${PKGNAME}" "${DEPFILE}" >/dev/null + if [ "$?" -ne "0" ] + then + echo "${PKGNAME}" >> "${DEPFILE}" + get_package_dependencies "${PKGNAME}" "1" + + local DEPS="${VAL}" + for d in ${DEPS} + do + determine_package_dependencies "${d}" "${DEPFILE}" + done + fi +}; + +# Fetch packages dependencies from a file +fetch_package_dependencies() +{ + local DEPFILE + local DEPS + local SAVEDIR + + DEPFILE="${1}" + DEPS=`cat "${DEPFILE}"` + SAVEDIR="${2}" + + for d in ${DEPS} + do + get_package_short_name "${d}" + SNAME="${VAL}" + + get_package_category "${SNAME}" + CATEGORY="${VAL}" + + fetch_package "${CATEGORY}" "${d}" "${SAVEDIR}" + done +}; + +# Check for any packages specified, and begin loading them +install_packages() +{ + # First, lets check and see if we even have any packages to install + get_value_from_cfg installPackages + if [ ! -z "${VAL}" ] + then + HERE=`pwd` + rc_nohalt "mkdir -p ${FSMNT}/${PKGTMPDIR}" + rc_nohalt "cd ${FSMNT}/${PKGTMPDIR}" + + if [ ! -f "${CONFDIR}/INDEX" ] + then + get_package_index + fi + + if [ ! -f "${CONFDIR}/INDEX.parsed" ] + then + parse_package_index + fi + + # Lets start by cleaning up the string and getting it ready to parse + strip_white_space ${VAL} + PACKAGES=`echo ${VAL} | sed -e "s|,| |g"` + for i in $PACKAGES + do + if get_package_name "${i}" + then + PKGNAME="${VAL}" + DEPFILE="${FSMNT}/${PKGTMPDIR}/.${PKGNAME}.deps" + + rc_nohalt "touch ${DEPFILE}" + determine_package_dependencies "${PKGNAME}" "${DEPFILE}" + fetch_package_dependencies "${DEPFILE}" "${FSMNT}/${PKGTMPDIR}" + + # If the package is not already installed, install it! + if ! run_chroot_cmd "pkg_info -e ${PKGNAME}" + then + rc_nohalt "pkg_add -C ${FSMNT} ${PKGTMPDIR}/${PKGNAME}.tbz" + fi + + rc_nohalt "rm ${DEPFILE}" + fi + + rc_nohalt "cd ${HERE}" + done + + rm -rf "${FSMNT}/${PKGTMPDIR}" + fi +}; diff --git a/usr/sbin/pc-sysinstall/backend/functions-localize.sh b/usr/sbin/pc-sysinstall/backend/functions-localize.sh index 107a6ae..a56f957 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-localize.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-localize.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-localize.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-localize.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Functions which runs commands on the system @@ -63,66 +63,66 @@ localize_pcbsd() localize_x_keyboard() { - KEYMOD="$1" - KEYLAY="$2" - KEYVAR="$3" - COUNTRY="$4" - OPTION="grp:alt_shift_toggle" - SETXKBMAP="" - - if [ "${COUNTRY}" = "NONE" -o "${COUNTRY}" = "us" -o "${COUNTRY}" = "C" ] ; then - #In this case we don't need any additional language - COUNTRY="" - OPTION="" - else - COUNTRY=",${COUNTRY}" - fi - - if [ "${KEYMOD}" != "NONE" ] - then - SETXKBMAP="-model ${KEYMOD}" - KXMODEL="${KEYMOD}" - else - KXMODEL="pc104" - fi - - if [ "${KEYLAY}" != "NONE" ] - then - localize_key_layout "$KEYLAY" - SETXKBMAP="${SETXKBMAP} -layout ${KEYLAY}" - KXLAYOUT="${KEYLAY}" - else - KXLAYOUT="us" - fi - - if [ "${KEYVAR}" != "NONE" ] - then - SETXKBMAP="${SETXKBMAP} -variant ${KEYVAR}" - KXVAR="(${KEYVAR})" - else - KXVAR="" - fi - - # Setup .xprofile with our setxkbmap call now - if [ ! -z "${SETXKBMAP}" ] - then - if [ ! -e "${FSMNT}/usr/share/skel/.xprofile" ] - then - echo "#!/bin/sh" >${FSMNT}/usr/share/skel/.xprofile - fi - - # Save the keyboard layout for user / root X logins - echo "setxkbmap ${SETXKBMAP}" >>${FSMNT}/usr/share/skel/.xprofile - chmod 755 ${FSMNT}/usr/share/skel/.xprofile - cp ${FSMNT}/usr/share/skel/.xprofile ${FSMNT}/root/.xprofile - - # Save it for KDM - echo "setxkbmap ${SETXKBMAP}" >>${FSMNT}/usr/local/kde4/share/config/kdm/Xsetup - fi + KEYMOD="$1" + KEYLAY="$2" + KEYVAR="$3" + COUNTRY="$4" + OPTION="grp:alt_shift_toggle" + SETXKBMAP="" + + if [ "${COUNTRY}" = "NONE" -o "${COUNTRY}" = "us" -o "${COUNTRY}" = "C" ] ; then + #In this case we don't need any additional language + COUNTRY="" + OPTION="" + else + COUNTRY=",${COUNTRY}" + fi + + if [ "${KEYMOD}" != "NONE" ] + then + SETXKBMAP="-model ${KEYMOD}" + KXMODEL="${KEYMOD}" + else + KXMODEL="pc104" + fi + + if [ "${KEYLAY}" != "NONE" ] + then + localize_key_layout "$KEYLAY" + SETXKBMAP="${SETXKBMAP} -layout ${KEYLAY}" + KXLAYOUT="${KEYLAY}" + else + KXLAYOUT="us" + fi + + if [ "${KEYVAR}" != "NONE" ] + then + SETXKBMAP="${SETXKBMAP} -variant ${KEYVAR}" + KXVAR="(${KEYVAR})" + else + KXVAR="" + fi + + # Setup .xprofile with our setxkbmap call now + if [ ! -z "${SETXKBMAP}" ] + then + if [ ! -e "${FSMNT}/usr/share/skel/.xprofile" ] + then + echo "#!/bin/sh" >${FSMNT}/usr/share/skel/.xprofile + fi + + # Save the keyboard layout for user / root X logins + echo "setxkbmap ${SETXKBMAP}" >>${FSMNT}/usr/share/skel/.xprofile + chmod 755 ${FSMNT}/usr/share/skel/.xprofile + cp ${FSMNT}/usr/share/skel/.xprofile ${FSMNT}/root/.xprofile + + # Save it for KDM + echo "setxkbmap ${SETXKBMAP}" >>${FSMNT}/usr/local/kde4/share/config/kdm/Xsetup + fi # Create the kxkbrc configuration using these options - echo "[Layout] + echo "[Layout] DisplayNames=${KXLAYOUT}${COUNTRY} IndicatorOnly=false LayoutList=${KXLAYOUT}${KXVAR}${COUNTRY} @@ -211,157 +211,194 @@ localize_get_codes() TARGETLANG="${1}" # Setup the presets for the specific lang case $TARGETLANG in - af) COUNTRY="C" - SETLANG="af" - LOCALE="af_ZA" - ;; - ar) COUNTRY="C" - SETLANG="ar" - LOCALE="en_US" - ;; - az) COUNTRY="C" - SETLANG="az" - LOCALE="en_US" - ;; - ca) COUNTRY="es" - SETLANG="es:ca" - LOCALE="ca_ES" - ;; - be) COUNTRY="be" - SETLANG="be" - LOCALE="be_BY" - ;; - bn) COUNTRY="bn" - SETLANG="bn" - LOCALE="en_US" - ;; - bg) COUNTRY="bg" - SETLANG="bg" - LOCALE="bg_BG" - ;; - cs) COUNTRY="cz" - SETLANG="cs" - LOCALE="cs_CZ" - ;; - da) COUNTRY="dk" - SETLANG="da" - LOCALE="da_DK" - ;; - de) COUNTRY="de" - SETLANG="de" - LOCALE="de_DE" - ;; - en_GB) COUNTRY="gb" - SETLANG="en_GB:cy" - LOCALE="en_GB" - ;; - el) COUNTRY="gr" - SETLANG="el:gr" - LOCALE="el_GR" - ;; - es) COUNTRY="es" - SETLANG="es" - LOCALE="es_ES" - ;; - es_LA) COUNTRY="us" - SETLANG="es:en_US" - LOCALE="es_ES" - ;; - et) COUNTRY="ee" - SETLANG="et" - LOCALE="et_EE" - ;; - fr) COUNTRY="fr" - SETLANG="fr" - LOCALE="fr_FR" - ;; - he) COUNTRY="il" - SETLANG="he:ar" - LOCALE="he_IL" - ;; - hr) COUNTRY="hr" - SETLANG="hr" - LOCALE="hr_HR" - ;; - hu) COUNTRY="hu" - SETLANG="hu" - LOCALE="hu_HU" - ;; - it) COUNTRY="it" - SETLANG="it" - LOCALE="it_IT" - ;; - ja) COUNTRY="jp" - SETLANG="ja" - LOCALE="ja_JP" - ;; - ko) COUNTRY="kr" - SETLANG="ko" - LOCALE="ko_KR" - ;; - nl) COUNTRY="nl" - SETLANG="nl" - LOCALE="nl_NL" - ;; - nn) COUNTRY="no" - SETLANG="nn" - LOCALE="en_US" - ;; - pa) COUNTRY="pa" - SETLANG="pa" - LOCALE="en_US" - ;; - pl) COUNTRY="pl" - SETLANG="pl" - LOCALE="pl_PL" - ;; - pt) COUNTRY="pt" - SETLANG="pt" - LOCALE="pt_PT" - ;; - pt_BR) COUNTRY="br" - SETLANG="pt_BR" - LOCALE="pt_BR" - ;; - ru) COUNTRY="ru" - SETLANG="ru" - LOCALE="ru_RU" - ;; - sl) COUNTRY="si" - SETLANG="sl" - LOCALE="sl_SI" - ;; - sk) COUNTRY="sk" - SETLANG="sk" - LOCALE="sk_SK" - ;; - sv) COUNTRY="se" - SETLANG="sv" - LOCALE="sv_SE" - ;; - uk) COUNTRY="ua" - SETLANG="uk" - LOCALE="uk_UA" - ;; - vi) COUNTRY="vn" - SETLANG="vi" - LOCALE="en_US" - ;; - zh_CN) COUNTRY="cn" - SETLANG="zh_CN" - LOCALE="zh_CN" - ;; - zh_TW) COUNTRY="tw" - SETLANG="zh_TW" - LOCALE="zh_TW" - ;; - *) COUNTRY="C" + af) + COUNTRY="C" + SETLANG="af" + LOCALE="af_ZA" + ;; + ar) + COUNTRY="C" + SETLANG="ar" + LOCALE="en_US" + ;; + az) + COUNTRY="C" + SETLANG="az" + LOCALE="en_US" + ;; + ca) + COUNTRY="es" + SETLANG="es:ca" + LOCALE="ca_ES" + ;; + be) + COUNTRY="be" + SETLANG="be" + LOCALE="be_BY" + ;; + bn) + COUNTRY="bn" + SETLANG="bn" + LOCALE="en_US" + ;; + bg) + COUNTRY="bg" + SETLANG="bg" + LOCALE="bg_BG" + ;; + cs) + COUNTRY="cz" + SETLANG="cs" + LOCALE="cs_CZ" + ;; + da) + COUNTRY="dk" + SETLANG="da" + LOCALE="da_DK" + ;; + de) + COUNTRY="de" + SETLANG="de" + LOCALE="de_DE" + ;; + en_GB) + COUNTRY="gb" + SETLANG="en_GB:cy" + LOCALE="en_GB" + ;; + el) + COUNTRY="gr" + SETLANG="el:gr" + LOCALE="el_GR" + ;; + es) + COUNTRY="es" + SETLANG="es" + LOCALE="es_ES" + ;; + es_LA) + COUNTRY="us" + SETLANG="es:en_US" + LOCALE="es_ES" + ;; + et) + COUNTRY="ee" + SETLANG="et" + LOCALE="et_EE" + ;; + fr) + COUNTRY="fr" + SETLANG="fr" + LOCALE="fr_FR" + ;; + he) + COUNTRY="il" + SETLANG="he:ar" + LOCALE="he_IL" + ;; + hr) + COUNTRY="hr" + SETLANG="hr" + LOCALE="hr_HR" + ;; + hu) + COUNTRY="hu" + SETLANG="hu" + LOCALE="hu_HU" + ;; + it) + COUNTRY="it" + SETLANG="it" + LOCALE="it_IT" + ;; + ja) + COUNTRY="jp" + SETLANG="ja" + LOCALE="ja_JP" + ;; + ko) + COUNTRY="kr" + SETLANG="ko" + LOCALE="ko_KR" + ;; + nl) + COUNTRY="nl" + SETLANG="nl" + LOCALE="nl_NL" + ;; + nn) + COUNTRY="no" + SETLANG="nn" + LOCALE="en_US" + ;; + pa) + COUNTRY="pa" + SETLANG="pa" + LOCALE="en_US" + ;; + pl) + COUNTRY="pl" + SETLANG="pl" + LOCALE="pl_PL" + ;; + pt) + COUNTRY="pt" + SETLANG="pt" + LOCALE="pt_PT" + ;; + pt_BR) + COUNTRY="br" + SETLANG="pt_BR" + LOCALE="pt_BR" + ;; + ru) + COUNTRY="ru" + SETLANG="ru" + LOCALE="ru_RU" + ;; + sl) + COUNTRY="si" + SETLANG="sl" + LOCALE="sl_SI" + ;; + sk) + COUNTRY="sk" + SETLANG="sk" + LOCALE="sk_SK" + ;; + sv) + COUNTRY="se" + SETLANG="sv" + LOCALE="sv_SE" + ;; + uk) + COUNTRY="ua" + SETLANG="uk" + LOCALE="uk_UA" + ;; + vi) + COUNTRY="vn" + SETLANG="vi" + LOCALE="en_US" + ;; + zh_CN) + COUNTRY="cn" + SETLANG="zh_CN" + LOCALE="zh_CN" + ;; + zh_TW) + COUNTRY="tw" + SETLANG="zh_TW" + LOCALE="zh_TW" + ;; + *) + COUNTRY="C" SETLANG="${TARGETLANG}" LOCALE="en_US" ;; esac - export COUNTRY SETLANG LOCALE + export COUNTRY SETLANG LOCALE }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-mountdisk.sh b/usr/sbin/pc-sysinstall/backend/functions-mountdisk.sh index e4f94af..9424a62 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-mountdisk.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-mountdisk.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-mountdisk.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-mountdisk.sh,v 1.5 2010/10/09 08:52:09 imp Exp $ # Functions related mounting the newly formatted disk partitions @@ -52,32 +52,32 @@ mount_partition() #We are on ZFS, lets setup this mount-point if [ "${PARTFS}" = "ZFS" ] then - ZPOOLNAME=$(get_zpool_name "${PART}") - - # Check if we have multiple zfs mounts specified - for ZMNT in `echo ${MNTPOINT} | sed 's|,| |g'` - do - # First make sure we create the mount point - if [ ! -d "${FSMNT}${ZMNT}" ] ; then - mkdir -p ${FSMNT}${ZMNT} >>${LOGOUT} 2>>${LOGOUT} - fi - - if [ "${ZMNT}" = "/" ] ; then - ZNAME="" - else - ZNAME="${ZMNT}" - echo_log "zfs create -p ${ZPOOLNAME}${ZNAME}" - rc_halt "zfs create -p ${ZPOOLNAME}${ZNAME}" - fi - sleep 2 - rc_halt "zfs set mountpoint=${FSMNT}${ZNAME} ${ZPOOLNAME}${ZNAME}" - - # Disable atime for this zfs partition, speed increase - rc_nohalt "zfs set atime=off ${ZPOOLNAME}${ZNAME}" - done + ZPOOLNAME=$(get_zpool_name "${PART}") + + # Check if we have multiple zfs mounts specified + for ZMNT in `echo ${MNTPOINT} | sed 's|,| |g'` + do + # First make sure we create the mount point + if [ ! -d "${FSMNT}${ZMNT}" ] ; then + mkdir -p ${FSMNT}${ZMNT} >>${LOGOUT} 2>>${LOGOUT} + fi + + if [ "${ZMNT}" = "/" ] ; then + ZNAME="" + else + ZNAME="${ZMNT}" + echo_log "zfs create -p ${ZPOOLNAME}${ZNAME}" + rc_halt "zfs create -p ${ZPOOLNAME}${ZNAME}" + fi + sleep 2 + rc_halt "zfs set mountpoint=${FSMNT}${ZNAME} ${ZPOOLNAME}${ZNAME}" + + # Disable atime for this zfs partition, speed increase + rc_nohalt "zfs set atime=off ${ZPOOLNAME}${ZNAME}" + done else - # If we are not on ZFS, lets do the mount now + # If we are not on ZFS, lets do the mount now # First make sure we create the mount point if [ ! -d "${FSMNT}${MNTPOINT}" ] then @@ -94,17 +94,17 @@ mount_partition() # Mounts all the new file systems to prepare for installation mount_all_filesystems() { - # Make sure our mount point exists - mkdir -p ${FSMNT} >/dev/null 2>/dev/null - - # First lets find and mount the / partition - ######################################################### - for PART in `ls ${PARTDIR}` - do - if [ ! -e "/dev/${PART}" ] - then - exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" - fi + # Make sure our mount point exists + mkdir -p ${FSMNT} >/dev/null 2>/dev/null + + # First lets find and mount the / partition + ######################################################### + for PART in `ls ${PARTDIR}` + do + if [ ! -e "/dev/${PART}" ] + then + exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" + fi PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" @@ -122,69 +122,70 @@ mount_all_filesystems() if [ "$?" = "0" -o "$PARTMNT" = "/" ] then case ${PARTFS} in - UFS) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" - ;; - UFS+S) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" - ;; - UFS+J) mount_partition ${PART}${EXT}.journal ${PARTFS} ${PARTMNT} "async,noatime" - ;; - ZFS) mount_partition ${PART} ${PARTFS} ${PARTMNT} - ;; - *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; + UFS) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+S) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+SUJ) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+J) mount_partition ${PART}${EXT}.journal ${PARTFS} ${PARTMNT} "async,noatime" ;; + ZFS) mount_partition ${PART} ${PARTFS} ${PARTMNT} ;; + IMAGE) mount_partition ${PART} ${PARTFS} ${PARTMNT} ;; + *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; esac - fi + done + + # Now that we've mounted "/" lets do any other remaining mount-points + ################################################################## + for PART in `ls ${PARTDIR}` + do + if [ ! -e "/dev/${PART}" ] + then + exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" + fi - done - - # Now that we've mounted "/" lets do any other remaining mount-points - ################################################################## - for PART in `ls ${PARTDIR}` - do - if [ ! -e "/dev/${PART}" ] - then - exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" - fi - - PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" - PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" - PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" - - if [ "${PARTENC}" = "ON" ] - then - EXT=".eli" - else - EXT="" - fi - - # Check if we've found "/" again, don't need to mount it twice - echo "$PARTMNT" | grep "/," >/dev/null - if [ "$?" != "0" -a "$PARTMNT" != "/" ] - then + PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" + PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" + PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" + + if [ "${PARTENC}" = "ON" ] + then + EXT=".eli" + else + EXT="" + fi + + # Check if we've found "/" again, don't need to mount it twice + echo "$PARTMNT" | grep "/," >/dev/null + if [ "$?" != "0" -a "$PARTMNT" != "/" ] + then case ${PARTFS} in - UFS) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" - ;; - UFS+S) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" - ;; - UFS+J) mount_partition ${PART}${EXT}.journal ${PARTFS} ${PARTMNT} "async,noatime" - ;; - ZFS) mount_partition ${PART} ${PARTFS} ${PARTMNT} - ;; - SWAP) # Lets enable this swap now - if [ "$PARTENC" = "ON" ] - then - echo_log "Enabling encrypted swap on /dev/${PART}" - rc_halt "geli onetime -d -e 3des ${PART}" - sleep 5 - rc_halt "swapon /dev/${PART}.eli" - else - echo_log "swapon ${PART}" - sleep 5 - rc_halt "swapon /dev/${PART}" - fi - ;; - *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; - esac - fi - done + UFS) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+S) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+SUJ) mount_partition ${PART}${EXT} ${PARTFS} ${PARTMNT} "noatime" ;; + UFS+J) mount_partition ${PART}${EXT}.journal ${PARTFS} ${PARTMNT} "async,noatime" ;; + ZFS) mount_partition ${PART} ${PARTFS} ${PARTMNT} ;; + SWAP) + # Lets enable this swap now + if [ "$PARTENC" = "ON" ] + then + echo_log "Enabling encrypted swap on /dev/${PART}" + rc_halt "geli onetime -d -e 3des ${PART}" + sleep 5 + rc_halt "swapon /dev/${PART}.eli" + else + echo_log "swapon ${PART}" + sleep 5 + rc_halt "swapon /dev/${PART}" + fi + ;; + IMAGE) + if [ ! -d "${PARTMNT}" ] + then + mkdir -p "${PARTMNT}" + fi + mount_partition ${PART} ${PARTFS} ${PARTMNT} + ;; + *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; + esac + fi + done }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-mountoptical.sh b/usr/sbin/pc-sysinstall/backend/functions-mountoptical.sh index e9147ca..1e0eff3 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-mountoptical.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-mountoptical.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-mountoptical.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-mountoptical.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Functions which perform mounting / unmounting and switching of # optical / usb media @@ -34,114 +34,114 @@ # Displays an optical failure message opt_fail() { - # If we got here, we must not have a DVD/USB we can find :( - get_value_from_cfg installInteractive - if [ "${VAL}" = "yes" ] - then - # We are running interactive, and didn't find a DVD, prompt user again - echo_log "DISK ERROR: Unable to find installation disk!" - echo_log "Please insert the installation disk and press enter." - read tmp - else - exit_err "ERROR: Unable to locate installation DVD/USB" - fi + # If we got here, we must not have a DVD/USB we can find :( + get_value_from_cfg installInteractive + if [ "${VAL}" = "yes" ] + then + # We are running interactive, and didn't find a DVD, prompt user again + echo_log "DISK ERROR: Unable to find installation disk!" + echo_log "Please insert the installation disk and press enter." + read tmp + else + exit_err "ERROR: Unable to locate installation DVD/USB" + fi }; # Performs the extraction of data to disk opt_mount() { - FOUND="0" - - # Ensure we have a directory where its supposed to be - if [ ! -d "${CDMNT}" ] - then - mkdir -p ${CDMNT} - fi - - - # Start by checking if we already have a cd mounted at CDMNT - mount | grep "${CDMNT} " >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - if [ -e "${CDMNT}/${INSFILE}" ] - then - echo "MOUNTED" >${TMPDIR}/cdmnt - echo_log "FOUND DVD: MOUNTED" - FOUND="1" - return - fi - - # failed to find optical disk - opt_fail - return - fi - -# Setup our loop to search for installation media - while - z=1 - do - - # Loop though and look for an installation disk - for i in `ls -1 /dev/acd* /dev/cd* /dev/scd* /dev/rscd* 2>/dev/null` - do - # Find the CD Device - /sbin/mount_cd9660 $i ${CDMNT} - - # Check the package type to see if we have our install data - if [ -e "${CDMNT}/${INSFILE}" ] - then - echo "${i}" >${TMPDIR}/cdmnt - echo_log "FOUND DVD: ${i}" - FOUND="1" - break - fi - /sbin/umount ${CDMNT} >/dev/null 2>/dev/null - done - - # If no DVD found, try USB - if [ "$FOUND" != "1" ] - then - # Loop though and look for an installation disk - for i in `ls -1 /dev/da* 2>/dev/null` - do - # Check if we can mount this device UFS - /sbin/mount -r $i ${CDMNT} - - # Check the package type to see if we have our install data - if [ -e "${CDMNT}/${INSFILE}" ] - then - echo "${i}" >${TMPDIR}/cdmnt - echo_log "FOUND USB: ${i}" - FOUND="1" - break - fi - /sbin/umount ${CDMNT} >/dev/null 2>/dev/null - - # Also check if it is a FAT mount - /sbin/mount -r -t msdosfs $i ${CDMNT} - - # Check the package type to see if we have our install data - if [ -e "${CDMNT}/${INSFILE}" ] - then - echo "${i}" >${TMPDIR}/cdmnt - echo_log "FOUND USB: ${i}" - FOUND="1" - break - fi - /sbin/umount ${CDMNT} >/dev/null 2>/dev/null - done - fi # End of USB Check - - - if [ "$FOUND" = "1" ] - then - break - fi + FOUND="0" + + # Ensure we have a directory where its supposed to be + if [ ! -d "${CDMNT}" ] + then + mkdir -p ${CDMNT} + fi + + + # Start by checking if we already have a cd mounted at CDMNT + mount | grep "${CDMNT} " >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + if [ -e "${CDMNT}/${INSFILE}" ] + then + echo "MOUNTED" >${TMPDIR}/cdmnt + echo_log "FOUND DVD: MOUNTED" + FOUND="1" + return + fi + + # failed to find optical disk + opt_fail + return + fi + + # Setup our loop to search for installation media + while + z=1 + do + + # Loop though and look for an installation disk + for i in `ls -1 /dev/acd* /dev/cd* /dev/scd* /dev/rscd* 2>/dev/null` + do + # Find the CD Device + /sbin/mount_cd9660 $i ${CDMNT} + + # Check the package type to see if we have our install data + if [ -e "${CDMNT}/${INSFILE}" ] + then + echo "${i}" >${TMPDIR}/cdmnt + echo_log "FOUND DVD: ${i}" + FOUND="1" + break + fi + #/sbin/umount ${CDMNT} >/dev/null 2>/dev/null + done + + # If no DVD found, try USB + if [ "$FOUND" != "1" ] + then + # Loop though and look for an installation disk + for i in `ls -1 /dev/da* 2>/dev/null` + do + # Check if we can mount this device UFS + /sbin/mount -r $i ${CDMNT} + + # Check the package type to see if we have our install data + if [ -e "${CDMNT}/${INSFILE}" ] + then + echo "${i}" >${TMPDIR}/cdmnt + echo_log "FOUND USB: ${i}" + FOUND="1" + break + fi + #/sbin/umount ${CDMNT} >/dev/null 2>/dev/null + + # Also check if it is a FAT mount + /sbin/mount -r -t msdosfs $i ${CDMNT} + + # Check the package type to see if we have our install data + if [ -e "${CDMNT}/${INSFILE}" ] + then + echo "${i}" >${TMPDIR}/cdmnt + echo_log "FOUND USB: ${i}" + FOUND="1" + break + fi + #/sbin/umount ${CDMNT} >/dev/null 2>/dev/null + done + fi # End of USB Check + + + if [ "$FOUND" = "1" ] + then + break + fi - # Failed to find a disk, take action now - opt_fail + # Failed to find a disk, take action now + opt_fail - done + done }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-networking.sh b/usr/sbin/pc-sysinstall/backend/functions-networking.sh index 95eeaad..fa0fa06 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-networking.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-networking.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-networking.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-networking.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Functions which perform our networking setup @@ -68,8 +68,8 @@ get_first_wired_nic() check_is_wifi ${NIC} if [ "$?" != "0" ] then - VAL="${NIC}" ; export VAL - return + VAL="${NIC}" ; export VAL + return fi done < ${TMPDIR}/.niclist fi @@ -241,22 +241,23 @@ enable_auto_dhcp() is_nic_active "${NIC}" if [ "$?" = "0" ] ; then - echo_log "Trying DHCP on $NIC $DESC" - dhclient ${NIC} >/dev/null 2>/dev/null - if [ "$?" = "0" ] ; then - # Got a valid DHCP IP, we can return now - WRKNIC="$NIC" ; export WRKNIC - return 0 - fi + echo_log "Trying DHCP on $NIC $DESC" + dhclient ${NIC} >/dev/null 2>/dev/null + if [ "$?" = "0" ] ; then + # Got a valid DHCP IP, we can return now + WRKNIC="$NIC" ; export WRKNIC + return 0 + fi fi done < ${TMPDIR}/.niclist }; # Get the mac address of a target NIC -get_nic_mac() { - FOUNDMAC="`ifconfig ${1} | grep 'ether' | tr -d '\t' | cut -d ' ' -f 2`" - export FOUNDMAC +get_nic_mac() +{ + FOUNDMAC="`ifconfig ${1} | grep 'ether' | tr -d '\t' | cut -d ' ' -f 2`" + export FOUNDMAC } # Function which performs the manual setup of a target nic in the cfg diff --git a/usr/sbin/pc-sysinstall/backend/functions-newfs.sh b/usr/sbin/pc-sysinstall/backend/functions-newfs.sh index ec333f9..5525d1c 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-newfs.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-newfs.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-newfs.sh,v 1.3 2010/07/31 19:27:43 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-newfs.sh,v 1.6 2010/10/09 08:52:09 imp Exp $ # Functions related to disk operations using newfs @@ -81,102 +81,137 @@ setup_zfs_filesystem() setup_filesystems() { - # Create the keydir - rm -rf ${GELIKEYDIR} >/dev/null 2>/dev/null - mkdir ${GELIKEYDIR} - - # Lets go ahead and read through the saved partitions we created, and determine if we need to run - # newfs on any of them - for PART in `ls ${PARTDIR}` - do - if [ ! -e "/dev/${PART}" ] - then - exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" - fi + # Create the keydir + rm -rf ${GELIKEYDIR} >/dev/null 2>/dev/null + mkdir ${GELIKEYDIR} + + # Lets go ahead and read through the saved partitions we created, and determine if we need to run + # newfs on any of them + for PART in `ls ${PARTDIR}` + do + if [ ! -e "/dev/${PART}" ] + then + exit_err "ERROR: The partition ${PART} does not exist. Failure in bsdlabel?" + fi - PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" - PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" - PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" - PARTLABEL="`cat ${PARTDIR}/${PART} | cut -d ':' -f 4`" - PARTGEOM="`cat ${PARTDIR}/${PART} | cut -d ':' -f 5`" - PARTXTRAOPTS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 6`" - - # Make sure journaling isn't enabled on this device - if [ -e "/dev/${PART}.journal" ] - then - rc_nohalt "gjournal stop -f ${PART}.journal" - rc_nohalt "gjournal clear ${PART}" - fi - - # Setup encryption if necessary - if [ "${PARTENC}" = "ON" -a "${PARTFS}" != "SWAP" ] - then - echo_log "Creating geli provider for ${PART}" - rc_halt "dd if=/dev/random of=${GELIKEYDIR}/${PART}.key bs=64 count=1" - rc_halt "geli init -b -s 4096 -P -K ${GELIKEYDIR}/${PART}.key /dev/${PART}" - rc_halt "geli attach -p -k ${GELIKEYDIR}/${PART}.key /dev/${PART}" - - EXT=".eli" - else - # No Encryption - EXT="" - fi - - case ${PARTFS} in - UFS) echo_log "NEWFS: /dev/${PART} - ${PARTFS}" - sleep 2 - rc_halt "newfs /dev/${PART}${EXT}" - sleep 2 - rc_halt "sync" - rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" - rc_halt "sync" - - # Set flag that we've found a boot partition - if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then - HAVEBOOT="YES" - fi - sleep 2 - ;; - UFS+S) echo_log "NEWFS: /dev/${PART} - ${PARTFS}" - sleep 2 - rc_halt "newfs -U /dev/${PART}${EXT}" - sleep 2 - rc_halt "sync" - rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" - rc_halt "sync" - # Set flag that we've found a boot partition - if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then - HAVEBOOT="YES" - fi - sleep 2 - ;; - UFS+J) echo_log "NEWFS: /dev/${PART} - ${PARTFS}" - sleep 2 - rc_halt "newfs /dev/${PART}${EXT}" - sleep 2 - rc_halt "gjournal label -f /dev/${PART}${EXT}" - sleep 2 - rc_halt "newfs -O 2 -J /dev/${PART}${EXT}.journal" - sleep 2 - rc_halt "sync" - rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal" - rc_halt "sync" - # Set flag that we've found a boot partition - if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then - HAVEBOOT="YES" - fi - sleep 2 - ;; - ZFS) echo_log "NEWFS: /dev/${PART} - ${PARTFS}" - setup_zfs_filesystem "${PART}" "${PARTFS}" "${PARTMNT}" "${EXT}" "${PARTGEOM}" "${PARTXTRAOPTS}" - ;; - SWAP) rc_halt "sync" - rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" - rc_halt "sync" - sleep 2 - ;; - *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; - esac - - done + PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" + PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" + PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" + PARTLABEL="`cat ${PARTDIR}/${PART} | cut -d ':' -f 4`" + PARTGEOM="`cat ${PARTDIR}/${PART} | cut -d ':' -f 5`" + PARTXTRAOPTS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 6`" + PARTIMAGE="`cat ${PARTDIR}/${PART} | cut -d ':' -f 7`" + + # Make sure journaling isn't enabled on this device + if [ -e "/dev/${PART}.journal" ] + then + rc_nohalt "gjournal stop -f ${PART}.journal" + rc_nohalt "gjournal clear ${PART}" + fi + + # Setup encryption if necessary + if [ "${PARTENC}" = "ON" -a "${PARTFS}" != "SWAP" ] + then + echo_log "Creating geli provider for ${PART}" + rc_halt "dd if=/dev/random of=${GELIKEYDIR}/${PART}.key bs=64 count=1" + rc_halt "geli init -b -s 4096 -P -K ${GELIKEYDIR}/${PART}.key /dev/${PART}" + rc_halt "geli attach -p -k ${GELIKEYDIR}/${PART}.key /dev/${PART}" + + EXT=".eli" + else + # No Encryption + EXT="" + fi + + case ${PARTFS} in + UFS) + echo_log "NEWFS: /dev/${PART} - ${PARTFS}" + sleep 2 + rc_halt "newfs /dev/${PART}${EXT}" + sleep 2 + rc_halt "sync" + rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" + rc_halt "sync" + + # Set flag that we've found a boot partition + if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then + HAVEBOOT="YES" + fi + sleep 2 + ;; + + UFS+S) + echo_log "NEWFS: /dev/${PART} - ${PARTFS}" + sleep 2 + rc_halt "newfs -U /dev/${PART}${EXT}" + sleep 2 + rc_halt "sync" + rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" + rc_halt "sync" + # Set flag that we've found a boot partition + if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then + HAVEBOOT="YES" + fi + sleep 2 + ;; + + UFS+SUJ) + echo_log "NEWFS: /dev/${PART} - ${PARTFS}" + sleep 2 + rc_halt "newfs -U /dev/${PART}${EXT}" + sleep 2 + rc_halt "sync" + rc_halt "tunefs -j enable /dev/${PART}${EXT}" + sleep 2 + rc_halt "sync" + rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" + rc_halt "sync" + # Set flag that we've found a boot partition + if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then + HAVEBOOT="YES" + fi + sleep 2 + ;; + + + UFS+J) + echo_log "NEWFS: /dev/${PART} - ${PARTFS}" + sleep 2 + rc_halt "newfs /dev/${PART}${EXT}" + sleep 2 + rc_halt "gjournal label -f /dev/${PART}${EXT}" + sleep 2 + rc_halt "newfs -O 2 -J /dev/${PART}${EXT}.journal" + sleep 2 + rc_halt "sync" + rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal" + rc_halt "sync" + # Set flag that we've found a boot partition + if [ "$PARTMNT" = "/boot" -o "${PARTMNT}" = "/" ] ; then + HAVEBOOT="YES" + fi + sleep 2 + ;; + + ZFS) + echo_log "NEWFS: /dev/${PART} - ${PARTFS}" + setup_zfs_filesystem "${PART}" "${PARTFS}" "${PARTMNT}" "${EXT}" "${PARTGEOM}" "${PARTXTRAOPTS}" + ;; + + SWAP) + rc_halt "sync" + rc_halt "glabel label ${PARTLABEL} /dev/${PART}${EXT}" + rc_halt "sync" + sleep 2 + ;; + + IMAGE) + write_image "${PARTIMAGE}" "${PART}" + sleep 2 + ;; + + *) exit_err "ERROR: Got unknown file-system type $PARTFS" ;; + esac + + done }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-packages.sh b/usr/sbin/pc-sysinstall/backend/functions-packages.sh index 4166f9e..ac5e213 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-packages.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-packages.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-packages.sh,v 1.1 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-packages.sh,v 1.6 2010/09/08 20:10:24 imp Exp $ # Functions which runs commands on the system @@ -32,117 +32,345 @@ . ${BACKEND}/functions-ftp.sh +get_package_index_by_ftp() +{ + local INDEX_FILE + local FTP_SERVER + + FTP_SERVER="${1}" + INDEX_FILE="INDEX" + USE_BZIP2=0 + + if [ -f "/usr/bin/bzip2" ] + then + INDEX_FILE="${INDEX_FILE}.bz2" + USE_BZIP2=1 + fi + + INDEX_PATH="${CONFDIR}/${INDEX_FILE}" + fetch_file "${FTP_SERVER}/${INDEX_FILE}" "${INDEX_PATH}" "1" + if [ -f "${INDEX_PATH}" ] && [ "${USE_BZIP2}" -eq "1" ] + then + bzip2 -d "${INDEX_PATH}" + fi +}; + +get_package_index_by_fs() +{ + local INDEX_FILE + + INDEX_FILE="${CDMNT}/packages/INDEX" + fetch_file "${INDEX_FILE}" "${CONFDIR}/" "0" +}; + +get_package_index_size() +{ + if [ -f "${CONFDIR}/INDEX" ] + then + SIZE=`ls -l ${CONFDIR}/INDEX | awk '{ print $5 }'` + else + get_ftp_mirror + FTPHOST="${VAL}" + + FTPDIR="/pub/FreeBSD/releases/${FBSD_ARCH}/${FBSD_BRANCH}" + FTPPATH="ftp://${FTPHOST}${FTPDIR}/packages" + + fetch -s "${FTPPATH}/INDEX.bz2" + fi +}; + get_package_index() { - FTP_SERVER="${1}" - FTP_DIR="ftp://${FTP_SERVER}/pub/FreeBSD/releases/${FBSD_ARCH}/${FBSD_BRANCH}/packages" - INDEX_FILE="INDEX" - USE_BZIP2=0 - - if [ -f "/usr/bin/bzip2" ] - then - INDEX_FILE="${INDEX_FILE}.bz2" - USE_BZIP2=1 - fi - - ftp "${FTP_DIR}/${INDEX_FILE}" - if [ -f "${INDEX_FILE}" ] - then - if [ "${USE_BZIP2}" -eq "1" ] - then - bzip2 -d "${INDEX_FILE}" - INDEX_FILE="${INDEX_FILE%.bz2}" - fi - - mv "${INDEX_FILE}" "${PKGDIR}" - fi -} + RES=0 + + if [ -z "${INSTALLMODE}" ] + then + get_ftp_mirror + FTPHOST="${VAL}" + + FTPDIR="/pub/FreeBSD/releases/${FBSD_ARCH}/${FBSD_BRANCH}" + FTPPATH="ftp://${FTPHOST}${FTPDIR}/packages" + + get_package_index_by_ftp "${FTPPATH}" + + else + get_value_from_cfg ftpHost + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpHost was provided!" + fi + + FTPHOST="${VAL}" + + get_value_from_cfg ftpDir + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpDir was provided!" + fi + + FTPDIR="${VAL}" + FTPPATH="ftp://${FTPHOST}${FTPDIR}" + + case "${INSTALLMEDIUM}" in + usb|dvd) get_package_index_by_fs ;; + ftp) get_package_index_by_ftp "${FTPPATH}" ;; + sftp) ;; + *) RES=1 ;; + esac + + fi + + return ${RES} +}; parse_package_index() { - INDEX_FILE="${PKGDIR}/INDEX" + INDEX_FILE="${PKGDIR}/INDEX" + + exec 3<&0 + exec 0<"${INDEX_FILE}" + + while read -r line + do + PKGNAME="" + CATEGORY="" + PACKAGE="" + DESC="" + DEPS="" + i=0 - exec 3<&0 - exec 0<"${INDEX_FILE}" + SAVE_IFS="${IFS}" + IFS="|" - while read -r line - do - CATEGORY="" - PACKAGE="" - DESC="" - i=0 + for part in ${line} + do + if [ "${i}" -eq "0" ] + then + PKGNAME="${part}" - SAVE_IFS="${IFS}" - IFS="|" + elif [ "${i}" -eq "1" ] + then + PACKAGE=`basename "${part}"` - for part in ${line} - do - if [ "${i}" -eq "1" ] - then - PACKAGE=`basename "${part}"` + elif [ "${i}" -eq "3" ] + then + DESC="${part}" - elif [ "${i}" -eq "3" ] - then - DESC="${part}" + elif [ "${i}" -eq "6" ] + then + CATEGORY=`echo "${part}" | cut -f1 -d' '` - elif [ "${i}" -eq "6" ] - then - CATEGORY=`echo "${part}" | cut -f1 -d' '` - fi + elif [ "${i}" -eq "8" ] + then + DEPS="${part}" + fi - i=$((i+1)) - done + i=$((i+1)) + done - echo "${CATEGORY}|${PACKAGE}|${DESC}" >> "${INDEX_FILE}.parsed" - IFS="${SAVE_IFS}" - done + echo "${CATEGORY}|${PACKAGE}|${DESC}" >> "${INDEX_FILE}.parsed" + echo "${PACKAGE}|${PKGNAME}|${DEPS}" >> "${INDEX_FILE}.deps" - exec 0<&3 -} + IFS="${SAVE_IFS}" + done + + exec 0<&3 +}; show_package_file() { - PKGFILE="${1}" + PKGFILE="${1}" + + echo "Available Packages:" - exec 3<&0 - exec 0<"${PKGFILE}" + exec 3<&0 + exec 0<"${PKGFILE}" - while read -r line - do - CATEGORY=`echo "${line}" | cut -f1 -d'|'` - PACKAGE=`echo "${line}" | cut -f2 -d'|'` - DESC=`echo "${line}" | cut -f3 -d'|'` + while read -r line + do + CATEGORY=`echo "${line}" | cut -f1 -d'|'` + PACKAGE=`echo "${line}" | cut -f2 -d'|'` + DESC=`echo "${line}" | cut -f3 -d'|'` - echo "${CATEGORY}/${PACKAGE}:${DESC}" - done + echo "${CATEGORY}/${PACKAGE}:${DESC}" + done - exec 0<&3 -} + exec 0<&3 +}; show_packages_by_category() { - CATEGORY="${1}" - INDEX_FILE="${PKGDIR}/INDEX.parsed" - TMPFILE="/tmp/.pkg.cat" + CATEGORY="${1}" + INDEX_FILE="${PKGDIR}/INDEX.parsed" + TMPFILE="/tmp/.pkg.cat" - grep "^${CATEGORY}|" "${INDEX_FILE}" > "${TMPFILE}" - show_package_file "${TMPFILE}" - rm "${TMPFILE}" -} + grep "^${CATEGORY}|" "${INDEX_FILE}" > "${TMPFILE}" + show_package_file "${TMPFILE}" + rm "${TMPFILE}" +}; show_package_by_name() { - CATEGORY="${1}" - PACKAGE="${2}" - INDEX_FILE="${PKGDIR}/INDEX.parsed" - TMPFILE="/tmp/.pkg.cat.pak" + CATEGORY="${1}" + PACKAGE="${2}" + INDEX_FILE="${PKGDIR}/INDEX.parsed" + TMPFILE="/tmp/.pkg.cat.pak" - grep "^${CATEGORY}|${PACKAGE}" "${INDEX_FILE}" > "${TMPFILE}" - show_package_file "${TMPFILE}" - rm "${TMPFILE}" -} + grep "^${CATEGORY}|${PACKAGE}" "${INDEX_FILE}" > "${TMPFILE}" + show_package_file "${TMPFILE}" + rm "${TMPFILE}" +}; show_packages() { - show_package_file "${PKGDIR}/INDEX.parsed" -} + show_package_file "${PKGDIR}/INDEX.parsed" +}; + +get_package_dependencies() +{ + PACKAGE="${1}" + LONG="${2:-0}" + RES=0 + + INDEX_FILE="${PKGDIR}/INDEX.deps" + REGEX="^${PACKAGE}|" + + if [ "${LONG}" -ne "0" ] + then + REGEX="^.*|${PACKAGE}|" + fi + + LINE=`grep "${REGEX}" "${INDEX_FILE}" 2>/dev/null` + DEPS=`echo "${LINE}"|cut -f3 -d'|'` + + VAL="${DEPS}" + export VAL + + if [ -z "${VAL}" ] + then + RES=1 + fi + + return ${RES} +}; + +get_package_name() +{ + PACKAGE="${1}" + RES=0 + + INDEX_FILE="${PKGDIR}/INDEX.deps" + REGEX="^${PACKAGE}|" + + LINE=`grep "${REGEX}" "${INDEX_FILE}" 2>/dev/null` + NAME=`echo "${LINE}"|cut -f2 -d'|'` + + VAL="${NAME}" + export VAL + + if [ -z "${VAL}" ] + then + RES=1 + fi + + return ${RES} +}; + +get_package_short_name() +{ + PACKAGE="${1}" + RES=0 + + INDEX_FILE="${PKGDIR}/INDEX.deps" + REGEX="^.*|${PACKAGE}|" + + LINE=`grep "${REGEX}" "${INDEX_FILE}" 2>/dev/null` + NAME=`echo "${LINE}"|cut -f1 -d'|'` + + VAL="${NAME}" + export VAL + + if [ -z "${VAL}" ] + then + RES=1 + fi + + return ${RES} +}; + +get_package_category() +{ + PACKAGE="${1}" + INDEX_FILE="${PKGDIR}/INDEX.parsed" + RES=0 + + LINE=`grep "|${PACKAGE}|" "${INDEX_FILE}" 2>/dev/null` + NAME=`echo "${LINE}"|cut -f1 -d'|'` + + VAL="${NAME}" + export VAL + + if [ -z "${VAL}" ] + then + RES=1 + fi + + return ${RES} +}; + +fetch_package_by_ftp() +{ + CATEGORY="${1}" + PACKAGE="${2}" + SAVEDIR="${3}" + + get_value_from_cfg ftpHost + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpHost was provided!" + fi + FTPHOST="${VAL}" + + get_value_from_cfg ftpDir + if [ -z "$VAL" ] + then + exit_err "ERROR: Install medium was set to ftp, but no ftpDir was provided!" + fi + FTPDIR="${VAL}" + + PACKAGE="${PACKAGE}.tbz" + FTP_SERVER="ftp://${FTPHOST}${FTPDIR}" + + if [ ! -f "${SAVEDIR}/${PACKAGE}" ] + then + PKGPATH="${CATEGORY}/${PACKAGE}" + FTP_PATH="${FTP_HOST}/packages/${PKGPATH}" + fetch_file "${FTP_PATH}" "${SAVEDIR}/" "0" + fi +}; + +fetch_package_by_fs() +{ + CATEGORY="${1}" + PACKAGE="${2}" + SAVEDIR="${3}" + + PACKAGE="${PACKAGE}.tbz" + if [ ! -f "${SAVEDIR}/${PACKAGE}" ] + then + fetch_file "${CDMNT}/packages/${CATEGORY}/${PACKAGE}" "${SAVEDIR}/" "0" + fi +}; + +fetch_package() +{ + CATEGORY="${1}" + PACKAGE="${2}" + SAVEDIR="${3}" + + case "${INSTALLMEDIUM}" in + usb|dvd) fetch_package_by_fs "${CATEGORY}" "${PACKAGE}" "${SAVEDIR}" ;; + ftp) fetch_package_by_ftp "${CATEGORY}" "${PACKAGE}" "${SAVEDIR}" ;; + sftp) ;; + esac +}; diff --git a/usr/sbin/pc-sysinstall/backend/functions-parse.sh b/usr/sbin/pc-sysinstall/backend/functions-parse.sh index a9453cc..d8e5723 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-parse.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-parse.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-parse.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-parse.sh,v 1.4 2010/09/08 20:10:24 imp Exp $ # functions.sh # Library of functions which pc-sysinstall may call upon for parsing the config @@ -85,6 +85,7 @@ if_check_value_exists() VALID="1" for i in ${2} do + VAL=`echo "$VAL"|tr A-Z a-z` if [ "$VAL" = "${i}" ] then VALID="0" @@ -132,19 +133,19 @@ file_sanity_check() then for i in $1 do - grep "^${i}=" $CFGF >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - LN=`grep "^${i}=" ${CFGF} | head -n 1 | cut -d '=' -f 2 | tr -d ' '` - if [ -z "${LN}" ] - then - echo "Error: Config fails sanity test! ${i}= is empty" - exit 1 - fi - else - echo "Error: Config fails sanity test! Missing ${i}=" - exit 1 - fi + grep "^${i}=" $CFGF >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + LN=`grep "^${i}=" ${CFGF} | head -n 1 | cut -d '=' -f 2 | tr -d ' '` + if [ -z "${LN}" ] + then + echo "Error: Config fails sanity test! ${i}= is empty" + exit 1 + fi + else + echo "Error: Config fails sanity test! Missing ${i}=" + exit 1 + fi done else echo "Error: Missing config file, and / or values to sanity check for!" diff --git a/usr/sbin/pc-sysinstall/backend/functions-runcommands.sh b/usr/sbin/pc-sysinstall/backend/functions-runcommands.sh index daa8e6d..29e3606 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-runcommands.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-runcommands.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-runcommands.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-runcommands.sh,v 1.3 2010/08/19 05:59:27 imp Exp $ # Functions which runs commands on the system @@ -37,7 +37,10 @@ run_chroot_cmd() echo "$CMD" >${FSMNT}/.runcmd.sh chmod 755 ${FSMNT}/.runcmd.sh chroot ${FSMNT} sh /.runcmd.sh + RES=$? + rm ${FSMNT}/.runcmd.sh + return ${RES} }; run_chroot_script() @@ -50,8 +53,10 @@ run_chroot_script() echo_log "Running chroot script: ${SCRIPT}" chroot ${FSMNT} /.${SBASE} + RES=$? rm ${FSMNT}/.${SBASE} + return ${RES} }; @@ -64,7 +69,10 @@ run_ext_cmd() echo "${CMD}"> ${TMPDIR}/.runcmd.sh chmod 755 ${TMPDIR}/.runcmd.sh sh ${TMPDIR}/.runcmd.sh + RES=$? + rm ${TMPDIR}/.runcmd.sh + return ${RES} }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-unmount.sh b/usr/sbin/pc-sysinstall/backend/functions-unmount.sh index d0121dd..367cb27 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-unmount.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-unmount.sh @@ -23,18 +23,19 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-unmount.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-unmount.sh,v 1.4 2010/10/09 07:45:24 imp Exp $ # Functions which unmount all mounted disk filesystems # Unmount all mounted partitions under specified dir -umount_all_dir() { - _udir="$1" - _umntdirs=`mount | sort -r | grep "on $_udir" | cut -d ' ' -f 3` - for _ud in $_umntdirs - do - umount -f ${_ud} - done +umount_all_dir() +{ + _udir="$1" + _umntdirs=`mount | sort -r | grep "on $_udir" | cut -d ' ' -f 3` + for _ud in $_umntdirs + do + umount -f ${_ud} + done } # Script that adds our gmirror devices for syncing @@ -58,93 +59,95 @@ start_gmirror_sync() # Unmounts all our mounted file-systems unmount_all_filesystems() { - # Copy the logfile to disk before we unmount - cp ${LOGOUT} ${FSMNT}/root/pc-sysinstall.log - cd / + # Copy the logfile to disk before we unmount + cp ${LOGOUT} ${FSMNT}/root/pc-sysinstall.log + cd / - # Start by unmounting any ZFS partitions - zfs_cleanup_unmount + # Start by unmounting any ZFS partitions + zfs_cleanup_unmount - # Lets read our partition list, and unmount each - ################################################################## - for PART in `ls ${PARTDIR}` - do - - PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" - PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" - PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" - PARTLABEL="`cat ${PARTDIR}/${PART} | cut -d ':' -f 4`" - - if [ "${PARTENC}" = "ON" ] - then - EXT=".eli" - else - EXT="" - fi - - #if [ "${PARTFS}" = "SWAP" ] - #then - # rc_nohalt "swapoff /dev/${PART}${EXT}" - #fi - - # Check if we've found "/", and unmount that last - if [ "$PARTMNT" != "/" -a "${PARTMNT}" != "none" -a "${PARTFS}" != "ZFS" ] - then - #rc_halt "umount -f /dev/${PART}${EXT}" - - # Re-check if we are missing a label for this device and create it again if so - if [ ! -e "/dev/label/${PARTLABEL}" ] - then - case ${PARTFS} in - UFS) glabel label ${PARTLABEL} /dev/${PART}${EXT} ;; - UFS+S) glabel label ${PARTLABEL} /dev/${PART}${EXT} ;; - UFS+J) glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal ;; - *) ;; - esac - fi - fi - - # Check if we've found "/" and make sure the label exists - if [ "$PARTMNT" = "/" -a "${PARTFS}" != "ZFS" ] - then - if [ ! -e "/dev/label/${PARTLABEL}" ] - then - case ${PARTFS} in - UFS) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}" ;; - UFS+S) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}" ;; - UFS+J) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal" ;; - *) ;; - esac - fi - fi - done - - # Last lets the /mnt partition - ######################################################### - #rc_nohalt "umount -f ${FSMNT}" - - # If are using a ZFS on "/" set it to legacy - if [ ! -z "${FOUNDZFSROOT}" ] - then - #rc_halt "zfs set mountpoint=legacy ${FOUNDZFSROOT}" - fi + # Lets read our partition list, and unmount each + ################################################################## + for PART in `ls ${PARTDIR}` + do + + PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" + PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" + PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" + PARTLABEL="`cat ${PARTDIR}/${PART} | cut -d ':' -f 4`" - # If we need to relabel "/" do it now - if [ ! -z "${ROOTRELABEL}" ] - then - ${ROOTRELABEL} - fi + if [ "${PARTENC}" = "ON" ] + then + EXT=".eli" + else + EXT="" + fi - # Unmount our CDMNT - #rc_nohalt "umount -f ${CDMNT}" >/dev/null 2>/dev/null + #if [ "${PARTFS}" = "SWAP" ] + #then + # rc_nohalt "swapoff /dev/${PART}${EXT}" + #fi - # Check if we need to run any gmirror syncing - ls ${MIRRORCFGDIR}/* >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Lets start syncing now - start_gmirror_sync - fi + # Check if we've found "/", and unmount that last + if [ "$PARTMNT" != "/" -a "${PARTMNT}" != "none" -a "${PARTFS}" != "ZFS" ] + then + #rc_halt "umount -f /dev/${PART}${EXT}" + + # Re-check if we are missing a label for this device and create it again if so + if [ ! -e "/dev/label/${PARTLABEL}" ] + then + case ${PARTFS} in + UFS) glabel label ${PARTLABEL} /dev/${PART}${EXT} ;; + UFS+S) glabel label ${PARTLABEL} /dev/${PART}${EXT} ;; + UFS+SUJ) glabel label ${PARTLABEL} /dev/${PART}${EXT} ;; + UFS+J) glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal ;; + *) ;; + esac + fi + fi + + # Check if we've found "/" and make sure the label exists + if [ "$PARTMNT" = "/" -a "${PARTFS}" != "ZFS" ] + then + if [ ! -e "/dev/label/${PARTLABEL}" ] + then + case ${PARTFS} in + UFS) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}" ;; + UFS+S) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}" ;; + UFS+SUJ) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}" ;; + UFS+J) ROOTRELABEL="glabel label ${PARTLABEL} /dev/${PART}${EXT}.journal" ;; + *) ;; + esac + fi + fi + done + + # Last lets the /mnt partition + ######################################################### + #rc_nohalt "umount -f ${FSMNT}" + + # If are using a ZFS on "/" set it to legacy + if [ ! -z "${FOUNDZFSROOT}" ] + then + rc_halt "zfs set mountpoint=legacy ${FOUNDZFSROOT}" + fi + + # If we need to relabel "/" do it now + if [ ! -z "${ROOTRELABEL}" ] + then + ${ROOTRELABEL} + fi + + # Unmount our CDMNT + #rc_nohalt "umount -f ${CDMNT}" >/dev/null 2>/dev/null + + # Check if we need to run any gmirror syncing + ls ${MIRRORCFGDIR}/* >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Lets start syncing now + start_gmirror_sync + fi }; @@ -164,43 +167,43 @@ unmount_all_filesystems_failure() for PART in `ls ${PARTDIR}` do - PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" - PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" - PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" - - #if [ "${PARTFS}" = "SWAP" ] - #then - # if [ "${PARTENC}" = "ON" ] - # then - # rc_nohalt "swapoff /dev/${PART}.eli" - # else - # rc_nohalt "swapoff /dev/${PART}" - # fi - #fi - - # Check if we've found "/" again, don't need to mount it twice - if [ "$PARTMNT" != "/" -a "${PARTMNT}" != "none" -a "${PARTFS}" != "ZFS" ] - then - #rc_nohalt "umount -f /dev/${PART}" - #rc_nohalt "umount -f ${FSMNT}${PARTMNT}" - fi - done - - # Last lets the /mnt partition - ######################################################### - #rc_nohalt "umount -f ${FSMNT}" + PARTFS="`cat ${PARTDIR}/${PART} | cut -d ':' -f 1`" + PARTMNT="`cat ${PARTDIR}/${PART} | cut -d ':' -f 2`" + PARTENC="`cat ${PARTDIR}/${PART} | cut -d ':' -f 3`" + + #if [ "${PARTFS}" = "SWAP" ] + #then + # if [ "${PARTENC}" = "ON" ] + # then + # rc_nohalt "swapoff /dev/${PART}.eli" + # else + # rc_nohalt "swapoff /dev/${PART}" + # fi + #fi + + # Check if we've found "/" again, don't need to mount it twice + if [ "$PARTMNT" != "/" -a "${PARTMNT}" != "none" -a "${PARTFS}" != "ZFS" ] + then + #rc_nohalt "umount -f /dev/${PART}" + #rc_nohalt "umount -f ${FSMNT}${PARTMNT}" + fi + done + + # Last lets the /mnt partition + ######################################################### + #rc_nohalt "umount -f ${FSMNT}" - fi - else - # We are doing a upgrade, try unmounting any of these filesystems - chroot ${FSMNT} /sbin/umount -a >>${LOGOUT} >>${LOGOUT} - umount -f ${FSMNT}/usr >>${LOGOUT} 2>>${LOGOUT} - umount -f ${FSMNT}/dev >>${LOGOUT} 2>>${LOGOUT} - umount -f ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} - rc_nohalt "sh ${TMPDIR}/.upgrade-unmount" fi + else + # We are doing a upgrade, try unmounting any of these filesystems + chroot ${FSMNT} /sbin/umount -a >>${LOGOUT} >>${LOGOUT} + umount -f ${FSMNT}/usr >>${LOGOUT} 2>>${LOGOUT} + umount -f ${FSMNT}/dev >>${LOGOUT} 2>>${LOGOUT} + umount -f ${FSMNT} >>${LOGOUT} 2>>${LOGOUT} + rc_nohalt "sh ${TMPDIR}/.upgrade-unmount" + fi - # Unmount our CDMNT - #rc_nohalt "umount ${CDMNT}" + # Unmount our CDMNT + #rc_nohalt "umount ${CDMNT}" }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-upgrade.sh b/usr/sbin/pc-sysinstall/backend/functions-upgrade.sh index bf9e704..0b06630 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-upgrade.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-upgrade.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-upgrade.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-upgrade.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Functions which perform the mounting / unmount for upgrades @@ -43,8 +43,8 @@ mount_target_slice() if [ -e "/dev/${MPART}" ] ; then rc_nohalt "mount /dev/${MPART} ${FSMNT}" if [ "$?" != "0" ] ; then - # Check if we have ZFS tank name - rc_halt "mount -t zfs ${MPART} ${FSMNT}" + # Check if we have ZFS tank name + rc_halt "mount -t zfs ${MPART} ${FSMNT}" fi else # Check if we have ZFS tank name @@ -104,7 +104,7 @@ done run_chroot_cmd "rm -rf /libexec" >/dev/null 2>/dev/null fi -} +}; # Mount the target upgrade partitions mount_upgrade() @@ -116,33 +116,33 @@ mount_upgrade() # We are ready to start mounting, lets read the config and do it while read line do - echo $line | grep "^disk0=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - - # Found a disk= entry, lets get the disk we are working on - get_value_from_string "${line}" - strip_white_space "$VAL" - DISK="$VAL" - fi - - echo $line | grep "^commitDiskPart" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Found our flag to commit this disk setup / lets do sanity check and do it - if [ ! -z "${DISK}" ] - then - - # Start mounting this slice - mount_target_slice "${DISK}" - - # Increment our disk counter to look for next disk and unset - unset DISK - break - else - exit_err "ERROR: commitDiskPart was called without procceding disk<num>= and partition= entries!!!" - fi - fi + echo $line | grep "^disk0=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + + # Found a disk= entry, lets get the disk we are working on + get_value_from_string "${line}" + strip_white_space "$VAL" + DISK="$VAL" + fi + + echo $line | grep "^commitDiskPart" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found our flag to commit this disk setup / lets do sanity check and do it + if [ ! -z "${DISK}" ] + then + + # Start mounting this slice + mount_target_slice "${DISK}" + + # Increment our disk counter to look for next disk and unset + unset DISK + break + else + exit_err "ERROR: commitDiskPart was called without procceding disk<num>= and partition= entries!!!" + fi + fi done <${CFGF} @@ -151,8 +151,8 @@ mount_upgrade() copy_skel_files_upgrade() { - # Now make sure we fix any user profile scripts, which cause problems from 7.x->8.x - echo '#!/bin/sh + # Now make sure we fix any user profile scripts, which cause problems from 7.x->8.x + echo '#!/bin/sh cd /home for i in `ls` @@ -179,17 +179,17 @@ do done ' >${FSMNT}/.fixUserProfile.sh - chmod 755 ${FSMNT}/.fixUserProfile.sh - chroot ${FSMNT} /.fixUserProfile.sh >/dev/null 2>/dev/null - rm ${FSMNT}/.fixUserProfile.sh + chmod 755 ${FSMNT}/.fixUserProfile.sh + chroot ${FSMNT} /.fixUserProfile.sh >/dev/null 2>/dev/null + rm ${FSMNT}/.fixUserProfile.sh - # if the user wants to keep their original .kde4 profile - ########################################################################### - get_value_from_cfg "upgradeKeepDesktopProfile" - if [ "$VAL" = "YES" -o "$VAL" = "yes" ] ; then - echo '#!/bin/sh + # if the user wants to keep their original .kde4 profile + ########################################################################### + get_value_from_cfg "upgradeKeepDesktopProfile" + if [ "$VAL" = "YES" -o "$VAL" = "yes" ] ; then + echo '#!/bin/sh cd /home for i in `ls` do @@ -202,11 +202,11 @@ do fi done ' >${FSMNT}/.fixUserProfile.sh - chmod 755 ${FSMNT}/.fixUserProfile.sh - chroot ${FSMNT} /.fixUserProfile.sh >/dev/null 2>/dev/null - rm ${FSMNT}/.fixUserProfile.sh + chmod 755 ${FSMNT}/.fixUserProfile.sh + chroot ${FSMNT} /.fixUserProfile.sh >/dev/null 2>/dev/null + rm ${FSMNT}/.fixUserProfile.sh - fi + fi }; @@ -230,18 +230,18 @@ merge_old_configs() unmount_upgrade() { - # If on PC-BSD, make sure we copy any fixed skel files - if [ "$INSTALLTYPE" != "FreeBSD" ] ; then - copy_skel_files_upgrade - fi + # If on PC-BSD, make sure we copy any fixed skel files + if [ "$INSTALLTYPE" != "FreeBSD" ] ; then + copy_skel_files_upgrade + fi - cd / + cd / - # Unmount FS - umount_all_dir "${FSMNT}" + # Unmount FS + umount_all_dir "${FSMNT}" - # Run our saved unmount script for these file-systems - rc_nohalt "umount -f ${FSMNT}" + # Run our saved unmount script for these file-systems + rc_nohalt "umount -f ${FSMNT}" - umount ${CDMNT} + umount ${CDMNT} }; diff --git a/usr/sbin/pc-sysinstall/backend/functions-users.sh b/usr/sbin/pc-sysinstall/backend/functions-users.sh index 0c66279..be786a1 100755 --- a/usr/sbin/pc-sysinstall/backend/functions-users.sh +++ b/usr/sbin/pc-sysinstall/backend/functions-users.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-users.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions-users.sh,v 1.3 2010/08/24 06:11:46 imp Exp $ # Functions which runs commands on the system @@ -72,99 +72,99 @@ setup_users() while read line do - echo $line | grep "^userName=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - USERNAME="$VAL" - fi - - echo $line | grep "^userComment=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - USERCOMMENT="$VAL" - fi - - echo $line | grep "^userPass=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - USERPASS="$VAL" - fi - - echo $line | grep "^userShell=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - strip_white_space "$VAL" - USERSHELL="$VAL" - fi - - echo $line | grep "^userHome=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - USERHOME="$VAL" - fi - - echo $line | grep "^userGroups=" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - get_value_from_string "${line}" - USERGROUPS="$VAL" - fi - - - echo $line | grep "^commitUser" >/dev/null 2>/dev/null - if [ "$?" = "0" ] - then - # Found our flag to commit this user, lets check and do it - if [ ! -z "${USERNAME}" ] - then - - # Now add this user to the system, by building our args list - ARGS="-n ${USERNAME}" - - if [ ! -z "${USERCOMMENT}" ] - then - ARGS="${ARGS} -c \"${USERCOMMENT}\"" - fi + echo $line | grep "^userName=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERNAME="$VAL" + fi + + echo $line | grep "^userComment=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERCOMMENT="$VAL" + fi + + echo $line | grep "^userPass=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERPASS="$VAL" + fi + + echo $line | grep "^userShell=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + strip_white_space "$VAL" + USERSHELL="$VAL" + fi + + echo $line | grep "^userHome=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERHOME="$VAL" + fi + + echo $line | grep "^userGroups=" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + get_value_from_string "${line}" + USERGROUPS="$VAL" + fi + + + echo $line | grep "^commitUser" >/dev/null 2>/dev/null + if [ "$?" = "0" ] + then + # Found our flag to commit this user, lets check and do it + if [ ! -z "${USERNAME}" ] + then + + # Now add this user to the system, by building our args list + ARGS="-n ${USERNAME}" + + if [ ! -z "${USERCOMMENT}" ] + then + ARGS="${ARGS} -c \"${USERCOMMENT}\"" + fi - if [ ! -z "${USERPASS}" ] - then - ARGS="${ARGS} -h 0" - echo "${USERPASS}" >${FSMNT}/.tmpPass - else - ARGS="${ARGS} -h -" - rm ${FSMNT}/.tmpPass 2>/dev/null 2>/dev/null - fi - - if [ ! -z "${USERSHELL}" ] - then - ARGS="${ARGS} -s \"${USERSHELL}\"" - else - ARGS="${ARGS} -s \"/nonexistant\"" - fi + if [ ! -z "${USERPASS}" ] + then + ARGS="${ARGS} -h 0" + echo "${USERPASS}" >${FSMNT}/.tmpPass + else + ARGS="${ARGS} -h -" + rm ${FSMNT}/.tmpPass 2>/dev/null 2>/dev/null + fi + + if [ ! -z "${USERSHELL}" ] + then + ARGS="${ARGS} -s \"${USERSHELL}\"" + else + ARGS="${ARGS} -s \"/nonexistant\"" + fi - if [ ! -z "${USERHOME}" ] - then - ARGS="${ARGS} -m -d \"${USERHOME}\"" - fi - - if [ ! -z "${USERGROUPS}" ] - then - ARGS="${ARGS} -G \"${USERGROUPS}\"" - fi - - add_user "${ARGS}" - - # Unset our vars before looking for any more users - unset USERNAME USERCOMMENT USERPASS USERSHELL USERHOME USERGROUPS - else - exit_err "ERROR: commitUser was called without any userName= entry!!!" - fi - fi + if [ ! -z "${USERHOME}" ] + then + ARGS="${ARGS} -m -d \"${USERHOME}\"" + fi + + if [ ! -z "${USERGROUPS}" ] + then + ARGS="${ARGS} -G \"${USERGROUPS}\"" + fi + + add_user "${ARGS}" + + # Unset our vars before looking for any more users + unset USERNAME USERCOMMENT USERPASS USERSHELL USERHOME USERGROUPS + else + exit_err "ERROR: commitUser was called without any userName= entry!!!" + fi + fi done <${CFGF} diff --git a/usr/sbin/pc-sysinstall/backend/functions.sh b/usr/sbin/pc-sysinstall/backend/functions.sh index 6221087..5d52009 100755 --- a/usr/sbin/pc-sysinstall/backend/functions.sh +++ b/usr/sbin/pc-sysinstall/backend/functions.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/functions.sh,v 1.7 2010/10/21 22:33:50 imp Exp $ # functions.sh # Library of functions which pc-sysinstall may call upon @@ -98,18 +98,18 @@ strip_white_space() # Displays an error message and exits with error 1 exit_err() { - # Echo the message for the users benefit - echo "$1" + # Echo the message for the users benefit + echo "$1" - # Save this error to the log file - echo "${1}" >>$LOGOUT + # Save this error to the log file + echo "${1}" >>$LOGOUT - # Check if we need to unmount any file-systems after this failure - unmount_all_filesystems_failure + # Check if we need to unmount any file-systems after this failure + unmount_all_filesystems_failure - echo "For more details see log file: $LOGOUT" + echo "For more details see log file: $LOGOUT" - exit 1 + exit 1 }; # Run-command, don't halt if command exits with non-0 @@ -138,7 +138,7 @@ rc_halt() fi echo "Running: ${CMD}" >>${LOGOUT} - ${CMD} >>${LOGOUT} 2>>${LOGOUT} + eval ${CMD} >>${LOGOUT} 2>>${LOGOUT} STATUS="$?" if [ "${STATUS}" != "0" ] then @@ -195,66 +195,67 @@ echo_log() }; # Make sure we have a numeric -is_num() { - expr $1 + 1 2>/dev/null - return $? +is_num() +{ + expr $1 + 1 2>/dev/null + return $? } # Function which uses "fetch" to download a file, and display a progress report fetch_file() { -FETCHFILE="$1" -FETCHOUTFILE="$2" -EXITFAILED="$3" - -SIZEFILE="${TMPDIR}/.fetchSize" -EXITFILE="${TMPDIR}/.fetchExit" - -rm ${SIZEFILE} 2>/dev/null >/dev/null -rm ${FETCHOUTFILE} 2>/dev/null >/dev/null - -fetch -s "${FETCHFILE}" >${SIZEFILE} -SIZE="`cat ${SIZEFILE}`" -SIZE="`expr ${SIZE} / 1024`" -echo "FETCH: ${FETCHFILE}" -echo "FETCH: ${FETCHOUTFILE}" >>${LOGOUT} - -( fetch -o ${FETCHOUTFILE} "${FETCHFILE}" >/dev/null 2>/dev/null ; echo "$?" > ${EXITFILE} ) & -PID="$!" -while -z=1 -do - - if [ -e "${FETCHOUTFILE}" ] - then - DSIZE=`du -k ${FETCHOUTFILE} | tr -d '\t' | cut -d '/' -f 1` - if [ $(is_num "$DSIZE") ] ; then - if [ $SIZE -lt $DSIZE ] ; then DSIZE="$SIZE"; fi + FETCHFILE="$1" + FETCHOUTFILE="$2" + EXITFAILED="$3" + + SIZEFILE="${TMPDIR}/.fetchSize" + EXITFILE="${TMPDIR}/.fetchExit" + + rm ${SIZEFILE} 2>/dev/null >/dev/null + rm ${FETCHOUTFILE} 2>/dev/null >/dev/null + + fetch -s "${FETCHFILE}" >${SIZEFILE} + SIZE="`cat ${SIZEFILE}`" + SIZE="`expr ${SIZE} / 1024`" + echo "FETCH: ${FETCHFILE}" + echo "FETCH: ${FETCHOUTFILE}" >>${LOGOUT} + + ( fetch -o ${FETCHOUTFILE} "${FETCHFILE}" >/dev/null 2>/dev/null ; echo "$?" > ${EXITFILE} ) & + PID="$!" + while + z=1 + do + + if [ -e "${FETCHOUTFILE}" ] + then + DSIZE=`du -k ${FETCHOUTFILE} | tr -d '\t' | cut -d '/' -f 1` + if [ $(is_num "$DSIZE") ] ; then + if [ $SIZE -lt $DSIZE ] ; then DSIZE="$SIZE"; fi echo "SIZE: ${SIZE} DOWNLOADED: ${DSIZE}" echo "SIZE: ${SIZE} DOWNLOADED: ${DSIZE}" >>${LOGOUT} + fi fi - fi - # Check if the download is finished - ps -p ${PID} >/dev/null 2>/dev/null - if [ "$?" != "0" ] - then - break; - fi + # Check if the download is finished + ps -p ${PID} >/dev/null 2>/dev/null + if [ "$?" != "0" ] + then + break; + fi - sleep 2 -done + sleep 2 + done -echo "FETCHDONE" + echo "FETCHDONE" -EXIT="`cat ${EXITFILE}`" -if [ "${EXIT}" != "0" -a "$EXITFAILED" = "1" ] -then - exit_err "Error: Failed to download ${FETCHFILE}" -fi + EXIT="`cat ${EXITFILE}`" + if [ "${EXIT}" != "0" -a "$EXITFAILED" = "1" ] + then + exit_err "Error: Failed to download ${FETCHFILE}" + fi -return $EXIT + return $EXIT }; @@ -282,3 +283,215 @@ get_zpool_name() return fi }; + +iscompressed() +{ + local FILE + local RES + + FILE="$1" + RES=1 + + if echo "${FILE}" | \ + grep -iE '\.(Z|lzo|lzw|lzma|gz|bz2|xz|zip)$' >/dev/null 2>&1 + then + RES=0 + fi + + return ${RES} +} + +get_compression_type() +{ + local FILE + local SUFFIX + + FILE="$1" + SUFFIX=`echo "${FILE}" | sed -E 's|^(.+)\.(.+)$|\2|'` + + VAL="" + SUFFIX=`echo "${SUFFIX}" | tr A-Z a-z` + case "${SUFFIX}" in + z) VAL="lzw" ;; + lzo) VAL="lzo" ;; + lzw) VAL="lzw" ;; + lzma) VAL="lzma" ;; + gz) VAL="gzip" ;; + bz2) VAL="bzip2" ;; + xz) VAL="xz" ;; + zip) VAL="zip" ;; + esac + + export VAL +} + +write_image() +{ + local DEVICE_FILE + + IMAGE_FILE="$1" + DEVICE_FILE="$2" + + if [ -z "${IMAGE_FILE}" ] + then + exit_err "ERROR: Image file not specified!" + fi + + if [ -z "${DEVICE_FILE}" ] + then + exit_err "ERROR: Device file not specified!" + fi + + if [ ! -f "${IMAGE_FILE}" ] + then + exit_err "ERROR: '${IMAGE_FILE}' does not exist!" + fi + + DEVICE_FILE="${DEVICE_FILE#/dev/}" + DEVICE_FILE="/dev/${DEVICE_FILE}" + + if [ ! -c "${DEVICE_FILE}" ] + then + exit_err "ERROR: '${DEVICE_FILE}' is not a character device!" + fi + + if iscompressed "${IMAGE_FILE}" + then + local COMPRESSION + + get_compression_type "${IMAGE_FILE}" + COMPRESSION="${VAL}" + + case "${COMPRESSION}" in + lzw) + rc_halt "uncompress ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.Z}" + ;; + + lzo) + rc_halt "lzop -d $IMAGE_{FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.lzo}" + ;; + + lzma) + rc_halt "lzma -d ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.lzma}" + ;; + + gzip) + rc_halt "gunzip ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.gz}" + ;; + + bzip2) + rc_halt "bunzip2 ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.bz2}" + ;; + + xz) + rc_halt "xz -d ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.xz}" + ;; + + zip) + rc_halt "unzip ${IMAGE_FILE} -c | dd of=${DEVICE_FILE}" + IMAGE_FILE="${IMAGE_FILE%.zip}" + ;; + + *) + exit_err "ERROR: ${COMPRESSION} compression is not supported" + ;; + esac + + else + rc_halt "dd if=${IMAGE_FILE} of=${DEVICE_FILE}" + + fi +}; + +install_fresh() +{ + # Lets start setting up the disk slices now + setup_disk_slice + + if [ -z "${ROOTIMAGE}" ] + then + + # Disk setup complete, now lets parse WORKINGSLICES and setup the bsdlabels + setup_disk_label + + # Now we've setup the bsdlabels, lets go ahead and run newfs / zfs + # to setup the filesystems + setup_filesystems + + # Lets mount the partitions now + mount_all_filesystems + + # We are ready to begin extraction, lets start now + init_extraction + + # Check if we have any optional modules to load + install_components + + # Check if we have any packages to install + install_packages + + # Do any localization in configuration + run_localize + + # Save any networking config on the installed system + save_networking_install + + # Now add any users + setup_users + + # Now run any commands specified + run_commands + + # Do any last cleanup / setup before unmounting + run_final_cleanup + + # Unmount and finish up + unmount_all_filesystems + fi + + echo_log "Installation finished!" +}; + +install_image() +{ + # We are ready to begin extraction, lets start now + init_extraction + + echo_log "Installation finished!" +}; + +install_upgrade() +{ + # We're going to do an upgrade, skip all the disk setup + # and start by mounting the target drive/slices + mount_upgrade + + # Start the extraction process + init_extraction + + # Do any localization in configuration + run_localize + + # ow run any commands specified + run_commands + + # Merge any old configuration files + merge_old_configs + + # Check if we have any optional modules to load + install_components + + # Check if we have any packages to install + install_packages + + # All finished, unmount the file-systems + unmount_upgrade + + echo_log "Upgrade finished!" +}; diff --git a/usr/sbin/pc-sysinstall/backend/installimage.sh b/usr/sbin/pc-sysinstall/backend/installimage.sh new file mode 100644 index 0000000..3ef77dd --- /dev/null +++ b/usr/sbin/pc-sysinstall/backend/installimage.sh @@ -0,0 +1,34 @@ +#!/bin/sh +#- +# Copyright (c) 2010 iXsystems, Inc. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/installimage.sh,v 1.1 2010/09/09 03:33:07 imp Exp $ + +# Source our functions scripts +. ${BACKEND}/functions.sh + +IMAGE_FILE="${1}" +DEVICE_FILE="${2}" + +write_image "${IMAGE_FILE}" "${DEVICE_FILE}" diff --git a/usr/sbin/pc-sysinstall/backend/parseconfig.sh b/usr/sbin/pc-sysinstall/backend/parseconfig.sh index 7d4a800..83c6042 100755 --- a/usr/sbin/pc-sysinstall/backend/parseconfig.sh +++ b/usr/sbin/pc-sysinstall/backend/parseconfig.sh @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/parseconfig.sh,v 1.2 2010/06/27 16:46:11 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/backend/parseconfig.sh,v 1.6 2010/10/09 08:52:09 imp Exp $ # Main install configuration parsing script # @@ -35,12 +35,15 @@ . ${BACKEND}/functions-disk.sh . ${BACKEND}/functions-extractimage.sh . ${BACKEND}/functions-installcomponents.sh +. ${BACKEND}/functions-installpackages.sh . ${BACKEND}/functions-localize.sh . ${BACKEND}/functions-mountdisk.sh . ${BACKEND}/functions-networking.sh . ${BACKEND}/functions-newfs.sh +. ${BACKEND}/functions-packages.sh . ${BACKEND}/functions-parse.sh . ${BACKEND}/functions-runcommands.sh +. ${BACKEND}/functions-ftp.sh . ${BACKEND}/functions-unmount.sh . ${BACKEND}/functions-upgrade.sh . ${BACKEND}/functions-users.sh @@ -95,73 +98,23 @@ PACKAGETYPE="${VAL}" ; export PACKAGETYPE start_networking # If we are not doing an upgrade, lets go ahead and setup the disk -if [ "${INSTALLMODE}" = "fresh" ] -then - - # Lets start setting up the disk slices now - setup_disk_slice - - # Disk setup complete, now lets parse WORKINGSLICES and setup the bsdlabels - setup_disk_label - - # Now we've setup the bsdlabels, lets go ahead and run newfs / zfs - # to setup the filesystems - setup_filesystems - - # Lets mount the partitions now - mount_all_filesystems - - # We are ready to begin extraction, lets start now - init_extraction - - # Check if we have any optional modules to load - install_components - - # Do any localization in configuration - run_localize - - # Save any networking config on the installed system - save_networking_install - - # Now add any users - setup_users - - # Now run any commands specified - run_commands - - # Do any last cleanup / setup before unmounting - run_final_cleanup - - # Unmount and finish up - unmount_all_filesystems - - echo_log "Installation finished!" - exit 0 - -else - # We're going to do an upgrade, skip all the disk setup - # and start by mounting the target drive/slices - mount_upgrade - - # Start the extraction process - init_extraction - - # Do any localization in configuration - run_localize - - # Now run any commands specified - run_commands - - # Merge any old configuration files - merge_old_configs - - # Check if we have any optional modules to load - install_components - - # All finished, unmount the file-systems - unmount_upgrade - - echo_log "Upgrade finished!" - exit 0 -fi - +case "${INSTALLMODE}" in + fresh) + if [ "${INSTALLMEDIUM}" = "image" ] + then + install_image + else + install_fresh + fi + ;; + + upgrade) + install_upgrade + ;; + + *) + exit 1 + ;; +esac + +exit 0 diff --git a/usr/sbin/pc-sysinstall/conf/pc-sysinstall.conf b/usr/sbin/pc-sysinstall/conf/pc-sysinstall.conf index 83ae443..92a5b3e 100644 --- a/usr/sbin/pc-sysinstall/conf/pc-sysinstall.conf +++ b/usr/sbin/pc-sysinstall/conf/pc-sysinstall.conf @@ -1,5 +1,5 @@ #!/bin/sh -# $FreeBSD: src/usr.sbin/pc-sysinstall/conf/pc-sysinstall.conf,v 1.2 2010/06/27 17:04:03 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/conf/pc-sysinstall.conf,v 1.4 2010/10/09 08:52:09 imp Exp $ # Configuration options for pc-sysinstall TMPDIR="/tmp/.pc-sysinstall" @@ -51,6 +51,10 @@ export COMPFILEDIR COMPTMPDIR="/usr/.componenttmp" export COMPTMPDIR +# set the package temp directory, which is relative to FSMNT +PKGTMPDIR="/usr/.pkgtmp" +export PKGTMPDIR + # Variables to set the location of installation data UZIP_FILE="PCBSD.ufs.uzip" TAR_FILE="PCBSD.tbz" @@ -64,6 +68,10 @@ FBSD_BRANCH_DIR="${FBSD_BRANCH}" FBSD_ARCH=`uname -m` export FBSD_UZIP_FILE FBSD_TAR_FILE FBSD_BRANCH FBSD_BRANCH_DIR FBSD_ARCH +# Location of image file +IMAGE_FILE="/home/john/tmp/PCBSD8.1-x86-USB.img" +export IMAGE_FILE + # Our internet mirror listing file location NETSERVER="http://updates.pcbsd.org" ARCH="`uname -m`" diff --git a/usr/sbin/pc-sysinstall/doc/help-index b/usr/sbin/pc-sysinstall/doc/help-index index d9e52b5..bad401f 100644 --- a/usr/sbin/pc-sysinstall/doc/help-index +++ b/usr/sbin/pc-sysinstall/doc/help-index @@ -9,6 +9,8 @@ Help Commands Display the help data for the specified command System Query Commands + install-image <image> <device> + Installs an image file to a device file disk-list Provides a listing of the disk drives detected on this system @@ -34,10 +36,10 @@ System Query Commands list-components Returns a listing of the available components which can be installed - list-mirrors + list-mirrors [country] Returns a listing of the available FTP mirrors - list-packages + list-packages [category] [package] Returns a listing of the available packages list-rsync-backups <user> <host> <port> @@ -55,6 +57,9 @@ System Query Commands sys-mem Return the size of installed system RAM in MegaBytes + set-mirror <mirror> + Set FTP mirror + test-netup Test if an internet connection is available diff --git a/usr/sbin/pc-sysinstall/examples/README b/usr/sbin/pc-sysinstall/examples/README index 20cb019..7d9fd5e 100644 --- a/usr/sbin/pc-sysinstall/examples/README +++ b/usr/sbin/pc-sysinstall/examples/README @@ -114,7 +114,7 @@ root zpool of the target system to update. I.E: # disk0=ada0s1a -# partition=(all, free, s1, s1, s3, s4) +# partition=(all, free, s1, s1, s3, s4, image) After setting disk[0-9], the partition= variable is used to specify which target partition we will be working with for this device. @@ -124,10 +124,17 @@ Setting this to "all" will setup the disk with a single FreeBSD slice as "s1" Setting this to "free" will allow pc-sysinstall to search for the first available primary slice with free space, and create the slice. -Setting this to "s1, s2, s3 or s4" will use the specified MBR slice +Setting this to "s1, s2, s3 or s4" will use the specified MBR slice. + +Setting this to "image" will use an image to configure the disk. (This tag is unused for upgrades) +# partscheme=(MBR/GPT) + +When performing a "full" disk (partition=all), the partscheme= variable is used +to determine the partition scheme type gpart will be using on the disk. Valid +choices are MBR or GPT. # mirror=(disk device such as ad1) @@ -146,6 +153,11 @@ specified this defaults to "round-robin" Setting this option will instruct pc-sysinstall to install the BSD boot Manager, or leave it empty +# image=(/path/to/image/file) (/mountpoint) + +Setting this option will instruct pc-sysinstall to write the image file +specified by the path to the disk. + # commitDiskPart This command must be placed at the end of the diskX= section, before starting @@ -177,13 +189,14 @@ The notation is as follows: Available FileSystems: UFS - Standard UFS2 FileSystem UFS+S - UFS2 + Softupdates enabled +UFS+SUJ - UFS2 + Soft Updates + Journaling enabled UFS+J - UFS2 + Journaling through gjournal ZFS - Z File System, pools / mounts created automatically SWAP - BSD Swap space partition, mountpoint should be set to "none" Adding the ".eli" extension to any of the above file systems will enable disk encryption via geli -(UFS.eli, UFS+S.eli, UFS+J.eli, ZFS.eli, SWAP.eli) +(UFS.eli, UFS+S.eli, UFS+SUJ.eli, UFS+J.eli, ZFS.eli, SWAP.eli) If you with to use a passphrase with this encrypted partition, on the next line the flag "encpass=" should be entered: @@ -205,7 +218,7 @@ If you with to just include the disk into the pool in "basic" mode, then use (ad The following settings specify the type, locations and sources for this installation -# installMedium=(dvd, usb, ftp, rsync) +# installMedium=(dvd, usb, ftp, rsync, image) Set installMedium= to the source type we will be using for this install. @@ -214,6 +227,7 @@ Available Types: usb - Search for and mount the USB drive which contains the install archive ftp - The install archive will be fetched from a FTP / HTTP server before install rsync - Pull the system data from a ssh + rsync server, specified with variables below +image - Install system from an image # installType=(PCBSD, FreeBSD) @@ -352,4 +366,4 @@ localizeKeyVariant is used to update the xorg config to set the keyboard variant Setting autoLoginUser will enable the specified user to log into the desktop automatically without entering a password -$FreeBSD: src/usr.sbin/pc-sysinstall/examples/README,v 1.1 2010/06/24 22:21:47 imp Exp $ +$FreeBSD: src/usr.sbin/pc-sysinstall/examples/README,v 1.5 2010/10/09 08:52:09 imp Exp $ diff --git a/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8 b/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8 index 69556f4..2b42bbb 100644 --- a/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8 +++ b/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/usr.sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8,v 1.2 2010/07/06 23:29:55 imp Exp $ +.\" $FreeBSD: src/usr.sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.8,v 1.5 2010/10/08 12:40:16 uqs Exp $ .\" .Dd June 24, 2010 .Dt PC-SYSINSTALL 8 @@ -53,16 +53,15 @@ Perform an installation as directed by The .Cm command can be any one of the following: -.Pp .Bl -tag -width indent .It help Display a list of all commands. .It help Ar command -Dispay the help data for the specified command. +Display the help data for the specified command. .It disk-list Provide a listing of the storage devices detected on this system. .It disk-part Ar disk -Queries the specified storage device and returns information about its +Queries the specified storage device and returns information about its partitions. .It disk-info Ar disk Returns information about a storage device's size, cylinders, heads, and @@ -106,6 +105,7 @@ used by automated install scripts. .It setup-ssh-keys Ar user Ar host Ar port Setup SSH without a password for the target host, user, and port. Used to prompt the user to log into a server before doing a rsync + ssh restore. +.El .Sh HISTORY This version of .Nm @@ -117,4 +117,4 @@ first appeared in This utility was written to install PC-BSD and has seen limited use as an installer for FreeBSD. It's likely that usage to install FreeBSD will expose edge cases that PC-BSD doesn't, as well as generate feature requests based -on unforseen needs. +on unforeseen needs. diff --git a/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh b/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh index 3ad2854..9f91e85 100755 --- a/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh +++ b/usr/sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh @@ -30,21 +30,27 @@ # IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # -# $FreeBSD: src/usr.sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh,v 1.6 2010/07/13 23:47:12 imp Exp $ +# $FreeBSD: src/usr.sbin/pc-sysinstall/pc-sysinstall/pc-sysinstall.sh,v 1.11 2010/09/08 20:10:24 imp Exp $ ##################################################################### # User-editable configuration variables # Set this to the program location -PROGDIR="/usr/sbin/pc-sysinstall" -export PROGDIR +if [ -z "${PROGDIR}" ] +then + PROGDIR="/usr/sbin/pc-sysinstall" + export PROGDIR +fi # Set this to the components location COMPDIR="${PROGDIR}/components" export COMPDIR +CONFDIR="${PROGDIR}/conf" +export CONFDIR + # Set this to the packages location -PKGDIR="${PROGDIR}/conf" +PKGDIR="${CONFDIR}" export PKGDIR # End of user-editable configuration @@ -83,29 +89,35 @@ fi # Check if we are called without any flags and display help if [ -z "${1}" ] then - # Display the help index - display_help - exit 0 + # Display the help index + display_help + exit 0 fi case $1 in # The -c flag has been given, time to parse the script - -c) if [ -z "${2}" ] - then - display_help - else - ${BACKEND}/parseconfig.sh ${2} - exit $? - fi + -c) + if [ -z "${2}" ] + then + display_help + else + ${BACKEND}/parseconfig.sh ${2} + exit $? + fi ;; # The user requsted help - help) if [ -z "${2}" ] - then - display_help - else - display_command_help ${2} - fi + help) + if [ -z "${2}" ] + then + display_help + else + display_command_help ${2} + fi + ;; + + # Install an image file to a device + install-image) ${BACKEND}/installimage.sh "${2}" "${3}" ;; # Parse an auto-install directive, and begin the installation @@ -137,7 +149,7 @@ case $1 in ;; # The user is wanting to query which disks are available - disk-list) ${QUERYDIR}/disk-list.sh + disk-list) ${QUERYDIR}/disk-list.sh $* ;; # The user is wanting to query a disk's partitions @@ -184,6 +196,10 @@ case $1 in get-packages) ${QUERYDIR}/get-packages.sh "${2}" ;; + # Function to set FTP mirror + set-mirror) ${QUERYDIR}/set-mirror.sh "${2}" + ;; + # Function which allows setting up of SSH keys setup-ssh-keys) ${QUERYDIR}/setup-ssh-keys.sh "${2}" "${3}" "${4}" ;; |
