diff options
author | Bill Marquette <billm@pfsense.org> | 2005-07-04 21:00:59 +0000 |
---|---|---|
committer | Bill Marquette <billm@pfsense.org> | 2005-07-04 21:00:59 +0000 |
commit | 669e1adb5b8c4efce292681f83b8a76806e383bb (patch) | |
tree | bdc8578c5542166b69567415eb38b94507ae9e74 /etc | |
parent | 63637de9323161beccf84ed60f69696ce11a5c24 (diff) | |
download | pfsense-669e1adb5b8c4efce292681f83b8a76806e383bb.zip pfsense-669e1adb5b8c4efce292681f83b8a76806e383bb.tar.gz |
Various code cleanups and a few actual bugfixes courtesy of Zend
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 2 | ||||
-rw-r--r-- | etc/inc/config.inc | 6 | ||||
-rw-r--r-- | etc/inc/filter.inc | 337 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 89 | ||||
-rw-r--r-- | etc/inc/notices.inc | 9 | ||||
-rw-r--r-- | etc/inc/pfsense-utils.inc | 107 | ||||
-rw-r--r-- | etc/inc/pkg-utils.inc | 94 | ||||
-rw-r--r-- | etc/inc/service-utils.inc | 7 | ||||
-rw-r--r-- | etc/inc/services.inc | 1 | ||||
-rw-r--r-- | etc/inc/util.inc | 3 | ||||
-rw-r--r-- | etc/inc/vpn.inc | 1 |
11 files changed, 288 insertions, 368 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 449b1dd..dd8a7c1 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -319,6 +319,7 @@ function captiveportal_disconnect_client($id) { syslog(LOG_INFO,"Authenticated user $cpdb[$i][4] disconnected"); } + /* XXX: What's $ip? This can't be working?!?!?! --billm */ mwexec("/sbin/pfctl -t captiveportal -T delete {$ip}"); unset($cpdb[$i]); @@ -417,6 +418,7 @@ function captiveportal_allowedip_configure() { foreach ($config['captiveportal']['allowedip'] as $ipent) { /* record allowed ip so it can be recognized and removed later */ + /* XXX: What's $ruleno? This can't be working as expected!?!?! --billm */ fwrite($fd, $ipent['ip'] . "," . $ruleno ."\n"); /* insert pf table item to allow traffic */ diff --git a/etc/inc/config.inc b/etc/inc/config.inc index d7ebd84..7d552dc 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -299,7 +299,7 @@ function conf_mount_rw() { * null ******/ function conf_mount_ro() { - global $g, $do_not_mount_ro; + global $g; if($g['booting'] == true) return; @@ -330,7 +330,7 @@ function conf_mount_ro() { ******/ /* convert configuration, if necessary */ function convert_config() { - global $config, $pkg_config, $g; + global $config, $g; if ($config['version'] == $g['latest_config']) return; /* already at latest version */ @@ -1042,8 +1042,6 @@ function system_start_ftp_helpers() { } $wanip = get_current_wan_address(); mwexec("/usr/bin/killall pftpx"); - if($wanip <> "" and $wanip <> "0.0.0.0") - $pip = "-p {$wanip}"; mwexec("/usr/local/sbin/pftpx -g 8021 {$wanip}"); } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index cee1ad8..d00f8aa 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -38,22 +38,14 @@ require_once("functions.inc"); require_once("pkg-utils.inc"); function filter_resync() { - global $config, $g; - mwexec("/sbin/pfctl -y"); /* XXX */ } function filter_pflog_start() { - global $config, $g; - mute_kernel_msgs(); - - mwexec("/sbin/ifconfig pflog0 up && pflogd -sD"); - - mwexec_bg("/usr/sbin/tcpdump -n -e -ttt -i pflog0 | logger -t pf -p local0.info"); - + mwexec("/sbin/ifconfig pflog0 up && /sbin/pflogd -sD"); + mwexec_bg("/usr/sbin/tcpdump -n -e -ttt -i pflog0 | /usr/bin/logger -t pf -p local0.info"); unmute_kernel_msgs(); - } function filter_configure() { @@ -187,19 +179,6 @@ function filter_configure() { return 0; } -function filter_get_altq_queue_scheduler_type($associatedrule) { - global $config; - return $config['system']['schedulertype']; -} - -function filter_get_rule_interface($associatedrulenumber) { - global $config; - foreach ($config['shaper']['rule'] as $rule) { - if($rule['descr'] == $associatedrule) return $rule['interface']; - } - return $config['shaper']['rule'][$associatedrulenumber]['interface']; -} - function find_default_queue($interface) { global $config; $qconfig = $config; @@ -329,6 +308,7 @@ function filter_is_queue_being_used_on_interface($queuename, $interface) { } return; } + function filter_setup_altq_interfaces() { global $config; $altq_rules = ""; @@ -360,11 +340,10 @@ function filter_setup_altq_interfaces() { $is_first = "1"; } } else { - if(isset($q['parentqueue']) && ($q['parentqueue'] <> "")) { + if(isset($q['parentqueue']) && ($q['parentqueue'] <> "")) { if(is_subqueue_used_on_interface($q['name'], $workting_with_interface)) { - $queue_names .= " "; - $queue_names .= $q['name']; - $seen[$q['name']] = 1; + $queue_names .= " "; + $queue_names .= $q['name']; } } } @@ -374,7 +353,7 @@ function filter_setup_altq_interfaces() { if($queue_names <> ""){ $altq_rules .= "altq on " . $config['interfaces'][$ifname]['if'] . " "; if($config['interfaces'][$ifname]['bandwidth'] <> "") - $bandwidth = " bandwidth " . $config['interfaces'][$ifname]['bandwidth'] . $config['interfaces'][$ifname]['bandwidthtype']; + $bandwidth = " bandwidth " . $config['interfaces'][$ifname]['bandwidth'] . $config['interfaces'][$ifname]['bandwidthtype']; $altq_rules .= $config['system']['schedulertype'] . $bandwidth . " "; $altq_rules .= "queue { " . $queue_names . " }"; } @@ -385,9 +364,8 @@ function filter_setup_altq_interfaces() { } function is_queue_attached_children($name) { - global $config; - $status = ""; - if (!is_array($config['shaper']['queue'])) return 0; + global $config; + if (!is_array($config['shaper']['queue'])) return 0; foreach ($config['shaper']['queue'] as $queue) { if($queue['attachtoqueue'] == $name) return 1; } @@ -409,10 +387,9 @@ function queue_interface_recursive($queuename) { } function is_subqueue($name) { - global $config; + global $config; $queues = $config['shaper']['queue']; /* must assign to keep from corrupting in memory $config */ - $status = ""; - if (!is_array($queues)) return 0; + if (!is_array($queues)) return 0; foreach ($queues as $queue) { if($queue['attachtoqueue'] == $name) return 1; } @@ -424,8 +401,6 @@ function filter_generate_aliases() { $aliases = ""; - $i = 0; - $lanip = find_interface_ip($config['interfaces']['lan']['if']); $wanip = find_interface_ip(get_real_wan_interface()); @@ -459,7 +434,7 @@ function filter_generate_aliases() { $extraalias = ""; $ip = find_interface_ip($alias['address']); $extraalias = " " . link_ip_to_carp_interface($ip); - $aliases .= $alias['name'] . " = \"{ " . $alias['address'] . "{$extralias} }\"\n"; + $aliases .= $alias['name'] . " = \"{ " . $alias['address'] . "{$extraalias} }\"\n"; } } @@ -497,20 +472,17 @@ function generate_optcfg_array(& $optcfg) { } } -/* XXX - billm - need to do the outqueue portion too */ function filter_generate_pf_altq_rules() { /* I don't think we're in IPFW anymore Toto */ global $config, $g; - $wancfg = $config['interfaces']['wan']; $lancfg = $config['interfaces']['lan']; $pptpdcfg = $config['pptpd']; $lanif = $lancfg['if']; $wanif = get_real_wan_interface(); - $lanip = $lancfg['ipaddr']; $lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']); $lansn = $lancfg['subnet']; @@ -519,7 +491,6 @@ function filter_generate_pf_altq_rules() { generate_optcfg_array($optcfg); if ($pptpdcfg['mode'] == "server") { - $pptpip = $pptpdcfg['localip']; $pptpsa = $pptpdcfg['remoteip']; $pptpsn = $g['pptp_subnet']; if($config['pptp']['pptp_subnet'] <> "") @@ -819,30 +790,28 @@ function is_one_to_one_or_server_nat_rule($iptocheck) { global $config; if($config['nat']['onetoone'] <> "") - foreach($config['nat']['onetoone'] as $onetoone) { - if(ip_in_subnet($iptocheck,$onetoone['internal']."/".$onetoone['subnet']) == true) - return true; - if($onetoone['internal'] == $target) - return true; - } + foreach($config['nat']['onetoone'] as $onetoone) { + if(ip_in_subnet($iptocheck,$onetoone['internal']."/".$onetoone['subnet']) == true) + return true; + if($onetoone['internal'] == $target) + return true; + } if($config['nat']['servernat'] <> "") - foreach($config['nat']['servernat'] as $onetoone) { - $int = explode("/", $onetoone['ipaddr']); - if(ip_in_subnet($iptocheck,$onetoone['ipaddr']."/".$onetoone['subnet']) == true) - return true; - if($onetoone['ipaddr'] == $target) - return true; - } + foreach($config['nat']['servernat'] as $onetoone) { + if(ip_in_subnet($iptocheck,$onetoone['ipaddr']."/".$onetoone['subnet']) == true) + return true; + if($onetoone['ipaddr'] == $target) + return true; + } if($config['nat']['rule'] <> "") - foreach($config['nat']['rule'] as $onetoone) { - $int = explode("/", $onetoone['target']); - if(ip_in_subnet($iptocheck,$onetoone['target']."/".$onetoone['subnet']) == true) - return true; - if($onetoone['target'] == $target) - return true; - } + foreach($config['nat']['rule'] as $onetoone) { + if(ip_in_subnet($iptocheck,$onetoone['target']."/".$onetoone['subnet']) == true) + return true; + if($onetoone['target'] == $target) + return true; + } return FALSE; } @@ -850,7 +819,6 @@ function is_one_to_one_or_server_nat_rule($iptocheck) { function filter_nat_rules_generate() { global $config, $g; - $wancfg = $config['interfaces']['wan']; $lancfg = $config['interfaces']['lan']; $pptpdcfg = $config['pptpd']; @@ -1068,14 +1036,9 @@ function run_command_return_string($cmd) { function generate_user_filter_rule($rule, $ngcounter) { global $config, $g; - $wancfg = $config['interfaces']['wan']; $lancfg = $config['interfaces']['lan']; $pptpdcfg = $config['pptpd']; - $lanif = $lancfg['if']; - $wanif = get_real_wan_interface(); - - $lanip = $lancfg['ipaddr']; $lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']); $lansn = $lancfg['subnet']; @@ -1095,7 +1058,6 @@ function generate_user_filter_rule($rule, $ngcounter) { $pptpdcfg = $config['pptpd']; if ($pptpdcfg['mode'] == "server") { - $pptpip = $pptpdcfg['localip']; $pptpsa = $pptpdcfg['remoteip']; $pptpsn = $g['pptp_subnet']; if($config['pptp']['pptp_subnet'] <> "") @@ -1462,19 +1424,11 @@ function filter_rules_generate() { # BEGIN OF firewall rules $ipfrules="anchor \"firewallrules\"\n"; - if ($pptpdcfg['mode'] == "server") { - $pptpip = $pptpdcfg['localip']; - $pptpsa = $pptpdcfg['remoteip']; - $pptpsn = $g['pptp_subnet']; - if($config['pptp']['pptp_subnet'] <> "") - $pptpsn = $config['pptp']['pptp_subnet']; - } - /* default block logging? */ if (!isset($config['syslog']['nologdefaultblock'])) - $log = "log"; + $log = "log"; else - $log = ""; + $log = ""; /* if squid is installed, lets install its rule */ if (is_package_installed("squid") == 1) { @@ -1499,7 +1453,7 @@ anchor "carp" EOD; if(!isset($config['system']['disableftpproxy'])) { - $ipfrules .= <<<EOD + $ipfrules .= <<<EOD # enable ftp-proxy anchor "ftpproxy" @@ -1510,7 +1464,7 @@ EOD; if(isset($config['system']['rfc959workaround'])) { - $ipfrules .= <<<EOD + $ipfrules .= <<<EOD # Fix sites that violate RFC 959 which specifies that the data connection # be sourced from the command port - 1 (typically port 20) @@ -1521,10 +1475,10 @@ pass in quick on $wanif inet proto tcp from any to ($wanif) port > 49000 user pr EOD; $optcfg = array(); - generate_optcfg_array($optcfg); + generate_optcfg_array($optcfg); foreach($optcfg as $oc) { if($oc['gateway'] <> "") - $ipfrules .= "pass in quick on {$oc['if']} inet proto tcp from any to ({$oc['if']}) port > 49000 user proxy flags S/SA keep state label \"FTP PROXY: RFC959 violation workaround\" \n"; + $ipfrules .= "pass in quick on {$oc['if']} inet proto tcp from any to ({$oc['if']}) port > 49000 user proxy flags S/SA keep state label \"FTP PROXY: RFC959 violation workaround\" \n"; } } } @@ -1556,8 +1510,8 @@ EOD; } /* pass traffic between statically routed subnets and the subnet on the - interface in question to avoid problems with complicated routing - topologies */ + interface in question to avoid problems with complicated routing + topologies */ if (is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) { foreach ($config['staticroutes']['route'] as $route) { unset($sa); @@ -1598,7 +1552,7 @@ EOD; foreach ($optcfg as $oc) { if (!$oc['bridge']) - $ipfrules .= "block in $log quick on $wanif from {$oc['sa']}/{$oc['sn']} to any label \"interface spoof check\"\n"; + $ipfrules .= "block in $log quick on $wanif from {$oc['sa']}/{$oc['sn']} to any label \"interface spoof check\"\n"; } /* allow PPTP traffic if PPTP client is enabled on WAN */ @@ -1635,7 +1589,7 @@ EOD; /* OPT spoof check */ foreach ($optcfg as $on => $oc) { if ($oc['ip']) - $ipfrules .= filter_rules_spoofcheck_generate($on, $oc['if'], $oc['sa'], $oc['sn'], $log); + $ipfrules .= filter_rules_spoofcheck_generate($on, $oc['if'], $oc['sa'], $oc['sn'], $log); } /* block private networks on WAN? */ @@ -1653,17 +1607,17 @@ block in $log quick on $wanif from 192.168.0.0/16 to any label "block private ne EOD; } - + /* - * Support for allow limiting of TCP connections by establishment rate - * Useful for protecting against sudden outburts, etc. - */ - $ipfrules .= <<<EODF + * Support for allow limiting of TCP connections by establishment rate + * Useful for protecting against sudden outburts, etc. + */ + $ipfrules .= <<<EOD # Support for allow limiting of TCP connections by establishment rate anchor "limitingesr" table <virusprot> -EODF; +EOD; /* block bogon networks on WAN */ /* http://www.cymru.com/Documents/bogon-bn-nonagg.txt */ @@ -1693,7 +1647,6 @@ EOD; foreach ($optcfg as $on => $oc) { $ipfrules .= <<<EOD - # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on {$oc['if']} all keep state label "let out anything from firewall host itself" @@ -1703,7 +1656,7 @@ EOD; if (!isset($config['system']['webgui']['noantilockout'])) { - $ipfrules .= <<<EOD + $ipfrules .= <<<EOD # make sure the user cannot lock himself out of the webGUI or SSH anchor "anti-lockout" @@ -1711,15 +1664,15 @@ pass in quick from $lansa/$lansn to $lanip keep state label "anti-lockout web ru EOD; } - + /* PPTPd enabled? */ if ($pptpdcfg['mode'] && ($pptpdcfg['mode'] != "off")) { - + if ($pptpdcfg['mode'] == "server") - $pptpdtarget = "127.0.0.1"; + $pptpdtarget = "127.0.0.1"; else - $pptpdtarget = $pptpdcfg['redir']; - + $pptpdtarget = $pptpdcfg['redir']; + $ipfrules .= <<<EOD # PPTPd rules @@ -1754,11 +1707,11 @@ EOD; /* * captive portal, pf version - * first pass captive portal interface traffic to port 8000 - * then block every incoming packet on the interface (non quick) - * then follow up with an allow items in the captiveportal anchor to flow + * first pass captive portal interface traffic to port 8000 + * then block every incoming packet on the interface (non quick) + * then follow up with an allow items in the captiveportal anchor to flow */ - if(isset($config['captiveportal']['enable'])) { + if(isset($config['captiveportal']['enable'])) { $cp_interface = filter_translate_type_to_real_interface($config['captiveportal']['interface']); $cp_ip = find_interface_ip($cp_interface); $lan_ip = $config['interfaces']['lan']['ipaddr']; @@ -1782,41 +1735,42 @@ EOD; $ipfrules .= "anchor {$queue['name']} tagged {$queue['name']}\n"; /* Create rules for anchors */ - $fd = fopen("{$g['tmp_path']}/{$queue['name']}.rules", "w"); + $fd = fopen("{$g['tmp_path']}/{$queue['name']}.rules", "w"); /* aliases don't recurse to anchors */ $line = filter_generate_aliases(); fwrite($fd, $line); - if (isset($config['filter']['rule'])) { + if (isset($config['filter']['rule'])) { foreach ($config['filter']['rule'] as $rule) { $line = ""; if (!isset($rule['disabled'])) { if ($rule['interface'] == "pptp") { - $n_pptp_units = $g['n_pptp_units']; if($config['pptp']['n_pptp_units'] <> "") - $nif = $config['pptp']['n_pptp_units']; - for($xxx=0; $xxx < $n_pptp_units; $xxx++) { + $n_pptp_units = $config['pptp']['n_pptp_units']; + else + $n_pptp_units = $g['n_pptp_units']; + for($xxx=0; $xxx < $n_pptp_units; $xxx++) { /* - * now that PPTP server are user rules, detect - * that user is setting the pptp server rule - * and setup for all netgraph interfaces - */ + * now that PPTP server are user rules, detect + * that user is setting the pptp server rule + * and setup for all netgraph interfaces + */ $line = generate_user_filter_rule($rule, $xxx); $ackq = get_ack_queue($rule['interface']); if($ackq != "") - $line .= " queue ({$queue['name']}, {$ackq}) "; - if($line <> "") - $ipfrules .= $line . "\n"; + $line .= " queue ({$queue['name']}, {$ackq}) "; + if($line <> "") + $ipfrules .= $line . "\n"; } } else { $line = generate_user_filter_rule($rule, 0); - $ackq = get_ack_queue($rule['interface']); - if ($ackq != "") - $line .= " queue ({$queue['name']}, {$ackq}) "; + $ackq = get_ack_queue($rule['interface']); + if ($ackq != "") + $line .= " queue ({$queue['name']}, {$ackq}) "; // label if($rule['descr'] <> "" and $line <> "") - $line .= " label \"USER_RULE: " . $rule['descr'] . "\" "; - else - $line .= " label \"USER_RULE\" "; + $line .= " label \"USER_RULE: " . $rule['descr'] . "\" "; + else + $line .= " label \"USER_RULE\" "; } } $line .= "\n"; @@ -1826,52 +1780,42 @@ EOD; fclose($fd); } } - if (isset($config['filter']['rule'])) { + if (isset($config['filter']['rule'])) { foreach ($config['filter']['rule'] as $rule) { $line = ""; if (!isset($rule['disabled'])) { if ($rule['interface'] == "pptp") { - $n_pptp_units = $g['n_pptp_units']; - if($config['pptp']['n_pptp_units'] <> "") - $nif = $config['pptp']['n_pptp_units']; - for($xxx=0; $xxx < $n_pptp_units; $xxx++) { - /* - * now that PPTP server are user rules, detect - * that user is setting the pptp server rule - * and setup for all netgraph interfaces - */ - $line = generate_user_filter_rule($rule, $xxx); - if($line <> "") { - if (isset($config['shaper']['enable']) && is_array($config['shaper']['queue'])) { - $defq = find_default_queue($rule['interface']); - $ackq = get_ack_queue($rule['interface']); - if (($defq != "") and ($ackq != "")) - $line .= " queue ({$defq}, {$ackq}) "; - } - $ipfrules .= $line . "\n"; - } - } - } else { - $line = generate_user_filter_rule($rule, 0); - if($line <> "") + $line = generate_user_filter_rule($rule, $xxx); + if($line <> "") { if (isset($config['shaper']['enable']) && is_array($config['shaper']['queue'])) { $defq = find_default_queue($rule['interface']); $ackq = get_ack_queue($rule['interface']); if (($defq != "") and ($ackq != "")) - $line .= " queue ({$defq}, {$ackq}) "; + $line .= " queue ({$defq}, {$ackq}) "; } - // label - if($rule['descr'] <> "" and $line <> "") - $line .= " label \"USER_RULE: " . $rule['descr'] . "\" "; - else - $line .= " label \"USER_RULE\" "; + $ipfrules .= $line . "\n"; + } + } + } else { + $line = generate_user_filter_rule($rule, 0); + if($line <> "") + if (isset($config['shaper']['enable']) && is_array($config['shaper']['queue'])) { + $defq = find_default_queue($rule['interface']); + $ackq = get_ack_queue($rule['interface']); + if (($defq != "") and ($ackq != "")) + $line .= " queue ({$defq}, {$ackq}) "; } + // label + if($rule['descr'] <> "" and $line <> "") + $line .= " label \"USER_RULE: " . $rule['descr'] . "\" "; + else + $line .= " label \"USER_RULE\" "; } - $line .= "\n"; - $ipfrules .= $line; } + $line .= "\n"; + $ipfrules .= $line; } - + $ipfrules .= process_carp_rules(); $ipfrules .= "\n# VPN Rules\n"; @@ -1882,9 +1826,9 @@ EOD; $internal_subnet = gen_subnet($lan_ip, $lan_subnet) . "/" . $config['interfaces']['lan']['subnet']; /* Is IP Compression enabled? */ if(isset($config['ipsec']['ipcomp'])) - exec("/sbin/sysctl net.inet.ipcomp.ipcomp_enable=1"); + exec("/sbin/sysctl net.inet.ipcomp.ipcomp_enable=1"); else - exec("/sbin/sysctl net.inet.ipcomp.ipcomp_enable=0"); + exec("/sbin/sysctl net.inet.ipcomp.ipcomp_enable=0"); if(is_array($config['ipsec']['tunnel'])) { foreach ($config['ipsec']['tunnel'] as $tunnel) { $remote_gateway = $tunnel['remote-gateway']; @@ -1917,19 +1861,13 @@ EOD; } function filter_rules_spoofcheck_generate($ifname, $if, $sa, $sn, $log) { - - global $g, $config; - $ipfrules = "antispoof for " . $if . "\n"; - return $ipfrules; - } function setup_logging_interfaces() { global $config; $rules = ""; - $i = 0; $ifdescrs = array('wan', 'lan'); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { $ifdescrs['opt' . $j] = "opt" . $j; @@ -1945,7 +1883,6 @@ function setup_logging_interfaces() { function create_firewall_outgoing_rules_to_itself() { global $config, $g; - $i = 0; $rule .= "# pass traffic from firewall -> out\n"; $rule .= "anchor \"firewallout\"\n"; $ifdescrs = array('wan', 'lan'); @@ -1955,7 +1892,6 @@ function create_firewall_outgoing_rules_to_itself() { /* go through primary and optional interfaces */ foreach ($ifdescrs as $ifdescr => $ifname) { - $return_gateway = $config['interfaces'][$ifname]['gateway']; $int = filter_translate_type_to_real_interface($ifname); if ($config['interfaces'][$ifname]['ipaddr'] == "pppoe") $int = "ng0"; @@ -2003,19 +1939,19 @@ function process_carp_nat_rules() { global $g, $config; $lines = ""; if($config['installedpackages']['carp']['config'] != "") - foreach($config['installedpackages']['carp']['config'] as $carp) { + foreach($config['installedpackages']['carp']['config'] as $carp) { $ip = $carp['ipaddress']; if($ip <> "any") { $ipnet = "any"; } else { $int = find_ip_interface($ip); - $carp_int = find_carp_interface($ip); + $carp_int = find_carp_interface($ip); } if($int != false and $int != $wan_interface) { - $ipnet = convert_ip_to_network_format($ip, $carp['netmask']); - $lines .= "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n"; + $ipnet = convert_ip_to_network_format($ip, $carp['netmask']); + $lines .= "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n"; } - } + } return $lines; } @@ -2038,46 +1974,45 @@ function carp_sync_xml($url, $password, $section, $section_xml, $method = 'pfsen $cli = new XML_RPC_Client('/xmlrpc.php', $url); $cli->setCredentials('admin', $password); $resp = $cli->send($msg); + return $resp; } function carp_sync_client() { global $config; if($config['installedpackages']['carpsettings']['config'] != "" and - is_array($config['installedpackages']['carpsettings']['config'])) { - $already_processed = 1; - foreach($config['installedpackages']['carpsettings']['config'] as $carp) { - if($carp['synchronizetoip'] != "" ) { - $synchronizetoip = $carp['synchronizetoip']; - $sections = array(); - $sections_xml = array(); - if($carp['synchronizerules'] != "" and is_array($config['filter'])) { - $sections_xml[] = new XML_RPC_Value(backup_config_section("filter"), 'string'); - $sections[] = new XML_RPC_Value('filter', 'string'); - } - if($carp['synchronizenat'] != "" and is_array($config['nat'])) { - $sections_xml[] = new XML_RPC_Value(backup_config_section("nat"), 'string'); - $sections[] = new XML_RPC_Value('nat', 'string'); - } - if($carp['synchronizealiases'] != "" and is_array($config['aliases'])) { - $sections_xml[] = new XML_RPC_Value(backup_config_section("aliases"), 'string'); - $sections[] = new XML_RPC_Value('aliases', 'string'); - } - if($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { - $sections_xml[] = new XML_RPC_Value(backup_config_section("shaper"), 'string'); - $sections[] = new XML_RPC_Value('shaper', 'string'); - } - if(count($sections) > 0) { - carp_sync_xml($synchronizetoip, $carp['password'], $sections, $sections_xml); - $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip); - $msg = new XML_RPC_Message('pfsense.filter_configure', array(new XML_RPC_Value($carp['password'], 'string'))); - $cli->setCredentials('admin', $carp['password']); - $cli->send($msg); - } + is_array($config['installedpackages']['carpsettings']['config'])) { + foreach($config['installedpackages']['carpsettings']['config'] as $carp) { + if($carp['synchronizetoip'] != "" ) { + $synchronizetoip = $carp['synchronizetoip']; + $sections = array(); + $sections_xml = array(); + if($carp['synchronizerules'] != "" and is_array($config['filter'])) { + $sections_xml[] = new XML_RPC_Value(backup_config_section("filter"), 'string'); + $sections[] = new XML_RPC_Value('filter', 'string'); + } + if($carp['synchronizenat'] != "" and is_array($config['nat'])) { + $sections_xml[] = new XML_RPC_Value(backup_config_section("nat"), 'string'); + $sections[] = new XML_RPC_Value('nat', 'string'); + } + if($carp['synchronizealiases'] != "" and is_array($config['aliases'])) { + $sections_xml[] = new XML_RPC_Value(backup_config_section("aliases"), 'string'); + $sections[] = new XML_RPC_Value('aliases', 'string'); + } + if($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { + $sections_xml[] = new XML_RPC_Value(backup_config_section("shaper"), 'string'); + $sections[] = new XML_RPC_Value('shaper', 'string'); + } + if(count($sections) > 0) { + carp_sync_xml($synchronizetoip, $carp['password'], $sections, $sections_xml); + $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip); + $msg = new XML_RPC_Message('pfsense.filter_configure', array(new XML_RPC_Value($carp['password'], 'string'))); + $cli->setCredentials('admin', $carp['password']); + $cli->send($msg); + } + } } - } } - } ?>
\ No newline at end of file diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 3d5b6d9..8b4886e 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -35,15 +35,13 @@ require_once("functions.inc"); function interfaces_loopback_configure() { - global $config, $g; - mwexec("/sbin/ifconfig lo0 127.0.0.1"); return 0; } function interfaces_vlan_configure() { - global $config, $g; + global $config; if (is_array($config['vlans']['vlan']) && count($config['vlans']['vlan'])) { @@ -211,7 +209,7 @@ function interfaces_optional_configure_if($opti) { /* OpenVPN configuration? */ if (isset($optcfg['ovpn'])) { - if (strstr($if, "tap")) + if (strstr($optcfg['if'], "tap")) ovpn_link_tap(); } @@ -246,7 +244,7 @@ function interfaces_carp_configure() { if ($g['booting']) { echo "Configuring CARP interfaces..."; mute_kernel_msgs(); - } + } unlink_if_exists("/usr/local/etc/rc.d/carp.sh"); unlink_if_exists("/usr/local/pkg/pf/carp.sh"); unlink_if_exists("/usr/local/pkg/pf/carp_rules.sh"); @@ -255,64 +253,63 @@ function interfaces_carp_configure() { if($config['installedpackages']['carpsettings']['config'] != "") { foreach($config['installedpackages']['carpsettings']['config'] as $carp) if($carp['pfsyncenabled'] != "") { - $pfsync = 1; - if($carp['premption'] != "") - mwexec("/sbin/sysctl net.inet.carp.preempt=1"); - if($carp['balancing'] != "") - mwexec("/sbin/sysctl net.inet.arpbalance=1"); - $carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']); - mwexec("/sbin/ifconfig pfsync0 create"); - mwexec("/sbin/ifconfig pfsync0 syncdev " . $carp_sync_int); - mwexec("/sbin/ifconfig pfsync0 syncif " . $carp_sync_int); - mwexec("/sbin/ifconfig {$carp_sync_int} up"); - mwexec("/sbin/ifconfig pfsync0 up"); - if($g['booting']) { - /* install rules to alllow pfsync to sync up during boot - * carp interfaces will remain down until the bootup sequence finishes - */ - exec("echo pass quick proto carp all keep state > /tmp/rules.boot"); - exec("echo pass quick proto pfsync all >> /tmp/rules.boot"); - exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot"); - exec("/sbin/pfctl -f /tmp/rules.boot"); - } - $pfsync_instances_counter++; + if($carp['premption'] != "") + mwexec("/sbin/sysctl net.inet.carp.preempt=1"); + if($carp['balancing'] != "") + mwexec("/sbin/sysctl net.inet.arpbalance=1"); + $carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']); + mwexec("/sbin/ifconfig pfsync0 create"); + mwexec("/sbin/ifconfig pfsync0 syncdev " . $carp_sync_int); + mwexec("/sbin/ifconfig pfsync0 syncif " . $carp_sync_int); + mwexec("/sbin/ifconfig {$carp_sync_int} up"); + mwexec("/sbin/ifconfig pfsync0 up"); + if($g['booting']) { + /* install rules to alllow pfsync to sync up during boot + * carp interfaces will remain down until the bootup sequence finishes + */ + exec("echo pass quick proto carp all keep state > /tmp/rules.boot"); + exec("echo pass quick proto pfsync all >> /tmp/rules.boot"); + exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot"); + exec("/sbin/pfctl -f /tmp/rules.boot"); + } + $pfsync_instances_counter++; } - } + } if($config['installedpackages']['carp']['config'] != "") { foreach($config['installedpackages']['carp']['config'] as $carp) { - /* - * create the carp interface - */ - mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create"); - mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " down"); - $broadcast_address = gen_subnet_max($carp['ipaddress'], $carp['netmask']); - if($carp['password'] != "") { - $password = " pass " . $carp['password']; - } - $carpdev = ""; - if($carp['interface'] <> "AUTO" and $carp['interface'] <> "") { - $ci = filter_opt_interface_to_real($carp['interface']); - $carpdev = " carpdev {$ci} "; - } - mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " " . $carp['ipaddress'] . "/" . $carp['netmask'] . " broadcast " . $broadcast_address . " vhid " . $carp['vhid'] . "{$carpdev} advskew " . $carp['advskew'] . $password); - $carp_instances_counter++; + /* + * create the carp interface + */ + mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create"); + mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " down"); + $broadcast_address = gen_subnet_max($carp['ipaddress'], $carp['netmask']); + if($carp['password'] != "") { + $password = " pass " . $carp['password']; + } + $carpdev = ""; + if($carp['interface'] <> "AUTO" and $carp['interface'] <> "") { + $ci = filter_opt_interface_to_real($carp['interface']); + $carpdev = " carpdev {$ci} "; + } + mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " " . $carp['ipaddress'] . "/" . $carp['netmask'] . " broadcast " . $broadcast_address . " vhid " . $carp['vhid'] . "{$carpdev} advskew " . $carp['advskew'] . $password); + $carp_instances_counter++; } } unmute_kernel_msgs(); if ($g['booting']) { unmute_kernel_msgs(); echo "done.\n"; - } + } } function interfaces_carp_bringup() { - global $g, $config; + global $g; /* lets bring the carp interfaces up now */ if ($g['booting']) sleep(5); $carp_ints = find_number_of_created_carp_interfaces(); for($x=0; $x<$carp_ints; $x++) - mwexec("/sbin/ifconfig carp{$carp_instances_counter} up"); + mwexec("/sbin/ifconfig carp{$x} up"); } function interfaces_wireless_configure($if, $wlcfg) { diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc index 0c23ed2..11d7445 100644 --- a/etc/inc/notices.inc +++ b/etc/inc/notices.inc @@ -103,10 +103,11 @@ function close_notice($id) { break; } } - $queueout = fopen($notice_path, "w"); - fwrite($queueout, serialize($queue)); - fclose($queueout); - return; + /* XXX: what's $queue? This does nothing right now so I commented it out --Bill */ +/* $queueout = fopen($notice_path, "w"); + fwrite($queueout, serialize($queue)); + fclose($queueout);*/ + return; } function dump_xml_notices() { diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 7b01a02..3337a2c 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -86,7 +86,6 @@ function return_dir_as_array($dir) { * This function only supports the fxp driver's loadable microcode. ******/ function enable_hardware_offloading($interface) { - global $config; global $g; if($g['booting']) { $supported_ints = array('fxp'); @@ -112,8 +111,6 @@ function enable_hardware_offloading($interface) { ******/ function setup_microcode() { global $config; - if($ip == "") return; - $i = 0; $ifdescrs = array('wan', 'lan'); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { $ifdescrs['opt' . $j] = "opt" . $j; @@ -226,35 +223,33 @@ function find_number_of_created_carp_interfaces() { * $carp_ints ******/ function link_ip_to_carp_interface($ip) { - global $config; - if($ip == "") return; - $i = 0; + global $config; + if($ip == "") return; - $ifdescrs = array('wan', 'lan'); - for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { - $ifdescrs['opt' . $j] = "opt" . $j; - } + $ifdescrs = array('wan', 'lan'); + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { + $ifdescrs['opt' . $j] = "opt" . $j; + } - $ft = split("\.", $ip); - $ft_ip = $ft[0] . "." . $ft[1] . "." . $ft[2] . "."; + $ft = split("\.", $ip); + $ft_ip = $ft[0] . "." . $ft[1] . "." . $ft[2] . "."; - $carp_ints = ""; - $num_carp_ints = find_number_of_created_carp_interfaces(); - foreach ($ifdescrs as $ifdescr => $ifname) { - for($x=0; $x<$num_carp_ints; $x++) { - $carp_int = "carp{$x}"; - $carp_ip = find_interface_ip($carp_int); - $carp_ft = split("\.", $carp_ip); - $carp_ft_ip = $carp_ft[0] . "." . $carp_ft[1] . "." . $carp_ft[2] . "."; - $result = does_interface_exist($carp_int); - if($result <> true) break; - $interface = filter_opt_interface_to_real($ifname); - if($ft_ip == $carp_ft_ip) - if(stristr($carp_ints,$carp_int) == false) - $carp_ints .= " " . $carp_int; + $carp_ints = ""; + $num_carp_ints = find_number_of_created_carp_interfaces(); + foreach ($ifdescrs as $ifdescr => $ifname) { + for($x=0; $x<$num_carp_ints; $x++) { + $carp_int = "carp{$x}"; + $carp_ip = find_interface_ip($carp_int); + $carp_ft = split("\.", $carp_ip); + $carp_ft_ip = $carp_ft[0] . "." . $carp_ft[1] . "." . $carp_ft[2] . "."; + $result = does_interface_exist($carp_int); + if($result <> true) break; + if($ft_ip == $carp_ft_ip) + if(stristr($carp_ints,$carp_int) == false) + $carp_ints .= " " . $carp_int; + } } - } - return $carp_ints; + return $carp_ints; } /****f* pfsense-utils/exec_command @@ -329,14 +324,13 @@ function filter_get_opt_interface_descr($opt) { function get_friendly_interface_list_as_array() { global $config; $ints = array(); - $i = 0; $ifdescrs = array('wan', 'lan'); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { - $ifdescrs['opt' . $j] = "opt" . $j; + $ifdescrs['opt' . $j] = "opt" . $j; } $ifdescrs = get_interface_list(); foreach ($ifdescrs as $ifdescr => $ifname) { - array_push($ints,$ifdescr); + array_push($ints,$ifdescr); } return $ints; } @@ -346,7 +340,6 @@ function get_friendly_interface_list_as_array() { */ function find_ip_interface($ip) { global $config; - $i = 0; $ifdescrs = array('wan', 'lan'); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { $ifdescrs['opt' . $j] = "opt" . $j; @@ -373,22 +366,24 @@ function filter_translate_type_to_real_interface($interface) { * get_carp_interface_status($carpinterface): returns the status of a carp ip */ function get_carp_interface_status($carpinterface) { - /* basically cache the contents of ifconfig statement - to speed up this routine */ - global $carp_query; - if($carp_query == "") + /* basically cache the contents of ifconfig statement + to speed up this routine */ + global $carp_query; + if($carp_query == "") $carp_query = split("\n", `/sbin/ifconfig | /usr/bin/grep carp`); - $found_interface = 0; - foreach($carp_query as $int) { - if($found_interface == 1) { - if(stristr($int, "MASTER") == true) return "MASTER"; - if(stristr($int, "BACKUP") == true) return "BACKUP"; - if(stristr($int, "INIT") == true) return "INIT"; - return false; + $found_interface = 0; + foreach($carp_query as $int) { + if($found_interface == 1) { + if(stristr($int, "MASTER") == true) return "MASTER"; + if(stristr($int, "BACKUP") == true) return "BACKUP"; + if(stristr($int, "INIT") == true) return "INIT"; + return false; + } + if(stristr($int, $carpinterface) == true) + $found_interface=1; } - if(stristr($int, $carpinterface) == true) $found_interface=1; - } - return $status; + /* XXX: Should never reach this */ + return; } /* @@ -470,7 +465,6 @@ function add_text_to_file($file, $text) { } else { return false; } - return false; } /* @@ -514,14 +508,13 @@ function update_status($status) { * exec_command_and_return_text_array: execute command and return output */ function exec_command_and_return_text_array($command) { - $counter = 0; - $fd = popen($command . " 2>&1 ", "r"); - while(!feof($fd)) { - $tmp .= fread($fd,49); - } - fclose($fd); - $temp_array = split("\n", $tmp); - return $tmp_array; + $fd = popen($command . " 2>&1 ", "r"); + while(!feof($fd)) { + $tmp .= fread($fd,49); + } + fclose($fd); + $temp_array = split("\n", $tmp); + return $temp_array; } /* @@ -576,7 +569,6 @@ function convert_friendly_interface_to_real_interface_name($interface) { $lc_interface = strtolower($interface); if($lc_interface == "lan") return $config['interfaces']['lan']['if']; if($lc_interface == "wan") return $config['interfaces']['wan']['if']; - $i = 0; $ifdescrs = array(); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) $ifdescrs['opt' . $j] = "opt" . $j; @@ -594,7 +586,6 @@ function convert_friendly_interface_to_real_interface_name($interface) { */ function convert_real_interface_to_friendly_interface_name($interface) { global $config; - $i = 0; $ifdescrs = array('wan', 'lan'); for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) $ifdescrs['opt' . $j] = "opt" . $j; @@ -741,7 +732,7 @@ if (!function_exists('php_check_syntax')){ $code = str_replace("<?php", "", $code); $code = str_replace("?>", "", $code); fwrite($fout, "<?php\n\n"); - fwrite($fout, $code); + fwrite($fout, $code_to_check); fwrite($fout, "\n\n?>\n"); fclose($fout); $command = "/usr/local/bin/php -l /tmp/codetocheck.php"; diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 85c3ea0..fbfd6de 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -212,49 +212,52 @@ function get_pkg_depends($pkg_name, $filetype = ".xml", $format = "files", $retu * sync_package($pkg_name, $sync_depends = true, $show_message = false) Force a package to setup its configuration and rc.d files. */ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { - global $config; + global $config; - if(!file_exists("/usr/local/pkg")) mwexec("/bin/mkdir -p /usr/local/pkg/pf"); - if(!$config['installedpackages']['package']) return; - if(!is_numeric($pkg_name)) { - $pkg_id = get_pkg_id($pkg_name); - if($pkg_id == -1) return -1; // This package doesn't really exist - exit the function. - } else { - $pkg_id = $pkg_name; - if(!isset($config['installedpackages']['package'][$pkg_id])) - return; // No package belongs to the pkg_id passed to this function. - } - $package = $config['installedpackages']['package'][$pkg_id]; - if(!file_exists("/usr/local/pkg/" . $package['configurationfile'])) { - file_notice($package['name'], "The {$package['name']} package is missing its configuration file and must be reinstalled.", "Packages", "/pkg_mgr_install.php?mode=reinstallpkg&pkg={$package['name']}", 1); - } else { - $pkg_config = parse_xml_config_pkg("/usr/local/pkg/" . $package['configurationfile'], "packagegui"); - if(isset($pkg_config['nosync'])) continue; - if($pkg['custom_php_global_functions'] <> "") - eval($pkg['custom_php_global_functions']); - if($pkg_config['custom_php_resync_config_command'] <> "") - eval($pkg_config['custom_php_resync_config_command']); - if($sync_depends == true) { - $depends = get_pkg_depends($pkg_name, ".xml", "files", 1); // Call dependency handler and do a little more error checking. - if(is_array($depends)) { - foreach($depends as $item) { + if(!file_exists("/usr/local/pkg")) mwexec("/bin/mkdir -p /usr/local/pkg/pf"); + if(!$config['installedpackages']['package']) return; + if(!is_numeric($pkg_name)) { + $pkg_id = get_pkg_id($pkg_name); + if($pkg_id == -1) return -1; // This package doesn't really exist - exit the function. + } else { + $pkg_id = $pkg_name; + if(!isset($config['installedpackages']['package'][$pkg_id])) + return; // No package belongs to the pkg_id passed to this function. + } + $package = $config['installedpackages']['package'][$pkg_id]; + if(!file_exists("/usr/local/pkg/" . $package['configurationfile'])) { + file_notice($package['name'], "The {$package['name']} package is missing its configuration file and must be reinstalled.", "Packages", "/pkg_mgr_install.php?mode=reinstallpkg&pkg={$package['name']}", 1); + } else { + $pkg_config = parse_xml_config_pkg("/usr/local/pkg/" . $package['configurationfile'], "packagegui"); + /* XXX: Zend complains about the next line "Wrong break depth" + * The code is obviously wrong, but I'm not sure what it's supposed to do? + */ + if(isset($pkg_config['nosync'])) continue; + if($pkg['custom_php_global_functions'] <> "") + eval($pkg['custom_php_global_functions']); + if($pkg_config['custom_php_resync_config_command'] <> "") + eval($pkg_config['custom_php_resync_config_command']); + if($sync_depends == true) { + $depends = get_pkg_depends($pkg_name, ".xml", "files", 1); // Call dependency handler and do a little more error checking. + if(is_array($depends)) { + foreach($depends as $item) { if(!file_exists("/usr/local/pkg" . $item)) { file_notice($package['name'], "The {$package['name']} package is missing required dependencies and must be reinstalled.", "Packages", "/pkg_mgr_install.php?mode=reinstallpkg&pkg={$package['name']}", 1); } else { - $item_config = parse_xml_config_pkg("/usr/local/pkg/" . $item, "packagegui"); - if(isset($item_config['nosync'])) continue; - if($item_config['custom_php_command_before_form'] <> "") { - eval($item_config['custom_php_command_before_form']); - } - if($item_config['custom_php_resync_config_command'] <> "") { - eval($item_config['custom_php_resync_config_command']); - } - if($show_message == true) print " " . $item_config['name']; - } - } - } - } - } + $item_config = parse_xml_config_pkg("/usr/local/pkg/" . $item, "packagegui"); + if(isset($item_config['nosync'])) continue; + if($item_config['custom_php_command_before_form'] <> "") { + eval($item_config['custom_php_command_before_form']); + } + if($item_config['custom_php_resync_config_command'] <> "") { + eval($item_config['custom_php_resync_config_command']); + } + if($show_message == true) print " " . $item_config['name']; + } + } + } + } + } } /* @@ -264,7 +267,7 @@ function sync_package($pkg_name, $sync_depends = true, $show_message = false) { * XXX: This function needs to return where a pkg_add fails. Our current error messages aren't very descriptive. */ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = 'http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.4-release/Latest') { - global $pkgent, $static_status, $static_output, $g, $pkg_interface, $fd_log; + global $pkgent, $static_output, $g, $fd_log; $pkg_extension = strrchr($filename, '.'); $static_output .= "\n" . str_repeat(" ", $dependlevel * 2) . $pkgname . " "; $fetchto = "/tmp/apkg_" . $pkgname . $pkg_extension; @@ -275,7 +278,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = $raw_depends_list = array_values(preg_grep("/\@pkgdep/", $slaveout)); if($raw_depends_list != "") { if($pkgent['exclude_dependency'] != "") - $raw_depends_list = array_values(preg_grep($pkent['exclude_dependency'], PREG_GREP_INVERT)); + $raw_depends_list = array_values(preg_grep($pkgent['exclude_dependency'], PREG_GREP_INVERT)); foreach($raw_depends_list as $adepend) { $working_depend = explode(" ", $adepend); //$working_depend = explode("-", $working_depend[1]); @@ -295,7 +298,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = } function download_file_with_progress_bar($url_file, $destination_file) { - global $ch, $fout, $file_size, $downloaded, $counter, $pkg_interface; + global $ch, $fout, $file_size, $downloaded, $pkg_interface; $file_size = 1; $downloaded = 1; /* open destination file */ @@ -320,7 +323,7 @@ function download_file_with_progress_bar($url_file, $destination_file) { } function read_header($ch, $string) { - global $file_size, $ch, $fout; + global $file_size, $fout; $length = strlen($string); ereg("(Content-Length:) (.*)", $string, $regs); if($regs[2] <> "") { @@ -330,7 +333,7 @@ function read_header($ch, $string) { } function read_body($ch, $string) { - global $fout, $file_size, $downloaded, $counter, $sendto, $static_output, $lastseen, $pkg_interface; + global $fout, $file_size, $downloaded, $sendto, $static_status, $static_output, $lastseen, $pkg_interface; $length = strlen($string); $downloaded += intval($length); $downloadProgress = round(100 * (1 - $downloaded / $file_size), 0); @@ -354,7 +357,7 @@ function install_package($package, $pkg_info = "") { global $g, $config, $pkg_interface, $fd_log, $static_output; /* open logfiles and begin installation */ if(!$fd_log) { - if(!$fd_log = fopen("{$g['tmp_path']}/pkg_mgr_{$pkg}.log", "w")) { + if(!$fd_log = fopen("{$g['tmp_path']}/pkg_mgr_{$package}.log", "w")) { update_output_window("Warning, could not open log for writing."); } } @@ -801,7 +804,6 @@ function get_package_install_size($pkg = 'all', $pkg_info = "") { $pkgdb = get_pkg_db(); if(!$pkg_info) $pkg_info = get_pkg_sizes($pkg); foreach($pkg as $apkg) { - $size = 0; if(!$pkg_info[$apkg]) continue; $toreturn[$apkg] = expand_to_bytes(walk_depend(array($pkg_info[$apkg]), $pkgdb)); } diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 46df94e..bc7b02e 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -34,7 +34,6 @@ */ function write_rcfile($params) { - global $config, $g; $fileprefix = "/usr/local/etc/rc.d/"; if(!(is_writable($fileprefix . $params['file']) or $params['start'])) return false; $towrite .= "#!/bin/sh\n# This file was automatically generated\n# by the pfSense service handler.\n\n"; @@ -61,7 +60,7 @@ function write_rcfile($params) { } function start_service($name) { - global $config, $g; + global $config; if($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { @@ -83,7 +82,7 @@ function start_service($name) { } function stop_service($name) { - global $config, $g; + global $config; if($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { @@ -108,7 +107,7 @@ function stop_service($name) { } function restart_service($name) { - global $config, $g; + global $config; stop_service($name); start_service($name); if($config['installedpackages']['service']) { diff --git a/etc/inc/services.inc b/etc/inc/services.inc index c7baeea..ca30659 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -298,7 +298,6 @@ function services_dyndns_configure() { sigkillbypid("{$g['varrun_path']}/ez-ipupdate.pid", "QUIT"); $dyndnscfg = $config['dyndns']; - $wancfg = $config['interfaces']['wan']; if (isset($dyndnscfg['enable'])) { diff --git a/etc/inc/util.inc b/etc/inc/util.inc index fcd1f98..31c6a11 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -218,9 +218,6 @@ function is_port($port) { /* returns a list of interfaces with MAC addresses (skips VLAN and other virtual interfaces) */ function get_interface_list() { - - global $g; - /* build interface list with netstat */ exec("/usr/bin/netstat -inW -f link", $linkinfo); array_shift($linkinfo); diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 7f9ad42..dd5c137 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -75,7 +75,6 @@ function vpn_ipsec_configure($ipchg = false) { vpn_ipsec_failover_configure(); - $syscfg = $config['system']; $ipseccfg = $config['ipsec']; $lancfg = $config['interfaces']['lan']; $lanip = $lancfg['ipaddr']; |