diff options
author | Seth Mos <seth.mos@dds.nl> | 2011-03-15 09:59:39 +0100 |
---|---|---|
committer | Seth Mos <seth.mos@dds.nl> | 2011-03-15 09:59:39 +0100 |
commit | 1ae43bfa8536bfe67d62722edfe8256c34834219 (patch) | |
tree | 03684f7aa902b476e0fc8f476347eda0ab0a6600 /etc | |
parent | d52a66f970d3620fcc515023235d356a0f2fffb9 (diff) | |
parent | 96f1a57a168fcca66d7c5079ff2b22f5ea444494 (diff) | |
download | pfsense-1ae43bfa8536bfe67d62722edfe8256c34834219.zip pfsense-1ae43bfa8536bfe67d62722edfe8256c34834219.tar.gz |
Merge remote branch 'upstream/master'
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 16 | ||||
-rw-r--r-- | etc/inc/easyrule.inc | 5 | ||||
-rw-r--r-- | etc/inc/filter.inc | 29 | ||||
-rw-r--r-- | etc/inc/pkg-utils.inc | 1 | ||||
-rwxr-xr-x | etc/rc | 2 | ||||
-rwxr-xr-x | etc/rc.initial.firmware_update | 24 | ||||
-rwxr-xr-x | etc/rc.shutdown | 2 |
7 files changed, 54 insertions, 25 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 1191c7f..0363f78 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -837,7 +837,8 @@ function captiveportal_prune_old() { } /* write database */ - captiveportal_write_db($cpdb, false, $unsetindexes); + if (!empty($unsetindexes)) + captiveportal_write_db($cpdb, false, $unsetindexes); } /* remove a single client according to the DB entry */ @@ -1285,16 +1286,19 @@ function captiveportal_read_db($locked = false) { } /* write captive portal DB */ -function captiveportal_write_db($cpdb, $locked = false, $remove = array()) { +function captiveportal_write_db($cpdb, $locked = false, $remove = false) { global $g; if ($locked == false) $cpdblck = lock('captiveportaldb', LOCK_EX); - if (!empty($remove)) { - $cpdb = captiveportal_read_db(true); - foreach ($remove as $key) - unset($cpdb[$key]); + if (is_array($remove)) { + if (!empty($remove)) { + $cpdb = captiveportal_read_db(true); + foreach ($remove as $key) + unset($cpdb[$key]); + } else + return; //This makes sure no record removal calls } $fd = @fopen("{$g['vardb_path']}/captiveportal.db", "w"); if ($fd) { diff --git a/etc/inc/easyrule.inc b/etc/inc/easyrule.inc index 45d3f74..63be652 100644 --- a/etc/inc/easyrule.inc +++ b/etc/inc/easyrule.inc @@ -79,11 +79,12 @@ function easyrule_block_rule_exists($int = 'wan') { } /* Search through the rules for one referencing our alias */ - foreach ($config['filter']['rule'] as $rule) + foreach ($config['filter']['rule'] as $rule) { if (!is_array($rule) || !is_array($rule['source'])) continue; if ($rule['source']['address'] == $blockaliasname . strtoupper($int) && ($rule['interface'] == $int)) return true; + } return false; } @@ -114,7 +115,7 @@ function easyrule_block_rule_create($int = 'wan') { $filterent['destination']['any'] = ''; $filterent['descr'] = "Easy Rule: Blocked from Firewall Log View"; - $a_filter[] = $filterent; + array_splice($a_filter, 0, 0, array($filterent)); return true; } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 7f5775a..77e27b4 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1571,6 +1571,16 @@ function filter_nat_rules_generate() { else sigkillbypid("/var/run/inetd.pid", "HUP"); } + + if (isset($config['pptpd']['mode']) && ($config['pptpd']['mode'] != "off")) { + if ($config['pptpd']['mode'] == "redir") { + $pptpdtarget = $config['pptpd']['redir']; + $natrules .= "# PPTP\n"; + $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto gre from any to any -> {$pptpdtarget}\n"; + $natrules .= "rdr on \${$FilterIflist['wan']['descr']} proto tcp from any to any port 1723 -> {$pptpdtarget}\n"; + } + } + $natrules .= discover_pkg_rules("nat"); $natrules .= filter_process_carp_nat_rules(); @@ -2525,7 +2535,7 @@ anchor "miniupnpd" EOD; - $upnp_interfaces = explode(",", $config['installedpackages']['miniupnpd']['config']['iface_array']); + $upnp_interfaces = explode(",", $config['installedpackages']['miniupnpd'][0]['config']['iface_array']); foreach($upnp_interfaces as $upnp_if) { if(is_array($FilterIflist[$upnp_if])) { $oc = $FilterIflist[$upnp_if]; @@ -2537,7 +2547,7 @@ EOD; if($sa) { $ipfrules .= <<<EOD -pass in quick on \${$oc['descr']} proto tcp from {$sa}/{$sn} to 239.255.255.250/32 port 1900 flags any keep state label "pass multicast traffic to miniupnpd" +pass in on \${$oc['descr']} proto tcp from {$sa}/{$sn} to 239.255.255.250/32 port 1900 keep state label "pass multicast traffic to miniupnpd" EOD; } @@ -2784,16 +2794,11 @@ function filter_setup_logging_interfaces() { echo "filter_setup_logging_interfaces() being called $mt\n"; } $rules = ""; - foreach ($FilterIflist as $ifdescr => $ifcfg) { - /* - * XXX: This should be cleared out after a discussion - * between pf(4) devs is cleared out. This breaks - * compatibility with OpenBSD. - */ - if(isset($ifcfg['virtual'])) - continue; - $rules .= "set loginterface {$ifcfg['if']}\n"; - } + if (isset($FilterIflist['lan'])) + $rules .= "set loginterface {$FilterIflist['lan']['if']}\n"; + else if (isset($FilterIflist['wan'])) + $rules .= "set loginterface {$FilterIflist['wan']['if']}\n"; + return $rules; } diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 9af1c43..5c21428 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -592,7 +592,6 @@ function install_package($package, $pkg_info = "") { write_config($changedesc); $static_output .= "done.\n"; update_output_window($static_output); - $static_output .= "Starting service.\n"; update_output_window($static_output); if($pkg_info['after_install_info']) update_output_window($pkg_info['after_install_info']); @@ -403,6 +403,4 @@ echo "Bootup complete" # Reset the cache. read-only requires this. /bin/rm /tmp/config.cache -/etc/rc.conf_mount_ro - exit 0 diff --git a/etc/rc.initial.firmware_update b/etc/rc.initial.firmware_update index 70e1dbc..8d16098 100755 --- a/etc/rc.initial.firmware_update +++ b/etc/rc.initial.firmware_update @@ -15,6 +15,25 @@ echo "."; $g['booting'] = false; +if(isset($config['system']['firmware']['alturl']['enable'])) + $updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}"; +else + $updater_url = $g['update_url']; + +$nanosize = ""; +if ($g['platform'] == "nanobsd") { + if (file_exists("/etc/nano_use_vga.txt")) + $nanosize = "-nanobsd-vga-"; + else + $nanosize = "-nanobsd-"; + + $nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt"))); + $update_filename = "latest{$nanosize}.img.gz"; +} else { + $update_filename = "latest.tgz"; +} +$autoupdateurl = "{$updater_url}/{$update_filename}"; + $fp = fopen('php://stdin', 'r'); echo ".\n\n"; @@ -37,12 +56,15 @@ switch ($command) { die; break; case "1": - echo "\nEnter the URL to the .tgz or .img.gz update file:\n> "; + echo "\nEnter the URL to the .tgz or .img.gz update file. \nType 'auto' to use {$autoupdateurl}\n> "; $url = chop(fgets($fp)); if(!$url) { fclose($fp); die; } + if($url == "auto") { + $url = $autoupdateurl; + } $status = does_url_exist($url); if($status) { conf_mount_rw(); diff --git a/etc/rc.shutdown b/etc/rc.shutdown index b122f3f..f8dd4a2 100755 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -28,7 +28,7 @@ export PATH # temporary files on shutdown from /tmp/ PLATFORM=`cat /etc/platform` if [ "$PLATFORM" = "pfSense" ]; then - find -x /tmp/ -exec rm -f {} \; + find -x /tmp/ -type f -exec rm -f {} \; else /etc/rc.backup_rrd.sh /etc/rc.backup_dhcpleases.sh |