diff options
| author | gnhb <gnoahb@gmail.com> | 2010-06-06 10:34:01 +0700 |
|---|---|---|
| committer | gnhb <gnoahb@gmail.com> | 2010-06-06 10:34:01 +0700 |
| commit | ba7b2b86cc80f5664da36feff6d361b60600989d (patch) | |
| tree | 24f86072398345b04332418ce7236f283e59b584 /etc | |
| parent | 659828681076b48c696da5bb0ffb3717092f83c0 (diff) | |
| parent | 5523fa3d2d35067a33504f9d143039d60e957adf (diff) | |
| download | pfsense-ba7b2b86cc80f5664da36feff6d361b60600989d.zip pfsense-ba7b2b86cc80f5664da36feff6d361b60600989d.tar.gz | |
Merge branch 'master' of rcs.pfsense.org:pfsense/mainline
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/captiveportal.inc | 14 | ||||
| -rw-r--r-- | etc/inc/config.lib.inc | 6 | ||||
| -rw-r--r-- | etc/inc/filter.inc | 7 | ||||
| -rw-r--r-- | etc/inc/gwlb.inc | 19 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 376 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 61 | ||||
| -rw-r--r-- | etc/inc/rrd.inc | 2 | ||||
| -rw-r--r-- | etc/inc/services.inc | 23 | ||||
| -rw-r--r-- | etc/inc/system.inc | 29 | ||||
| -rw-r--r-- | etc/inc/upgrade_config.inc | 7 | ||||
| -rwxr-xr-x | etc/rc | 4 | ||||
| -rwxr-xr-x | etc/rc.bootup | 14 | ||||
| -rwxr-xr-x | etc/rc.initial | 4 | ||||
| -rwxr-xr-x | etc/rc.reboot | 7 |
14 files changed, 275 insertions, 298 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 885040b..ce2a834 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -34,7 +34,7 @@ added rules which may have been created by other per-user code (index.php, etc). These changes are (c) 2004 Keycom PLC. - pfSense_BUILDER_BINARIES: /sbin/ifconfig /sbin/ipfw /sbin/sysctl /sbin/kldunload + pfSense_BUILDER_BINARIES: /sbin/ipfw /sbin/sysctl /sbin/kldunload pfSense_BUILDER_BINARIES: /usr/local/sbin/lighttpd /usr/local/bin/minicron /sbin/pfctl pfSense_BUILDER_BINARIES: /bin/hostname /bin/cp pfSense_MODULE: captiveportal @@ -58,7 +58,7 @@ function captiveportal_configure() { $ifaces = get_configured_interface_list(); foreach ($ifaces as $kiface => $kiface2) { $tmpif = get_real_interface($kiface); - mwexec("/sbin/ifconfig {$tmpif} -ipfwfilter"); + pfSense_interface_flags($tmpif, -IFF_IPFW_FILTER); } $cpinterfaces = explode(",", $config['captiveportal']['interface']); $firsttime = 0; @@ -77,14 +77,14 @@ function captiveportal_configure() { if (!empty($carpif)) { $carpsif = explode(" ", $carpif); foreach ($carpsif as $cpcarp) { - mwexec("/sbin/ifconfig {$cpcarp} ipfwfilter"); + pfSense_interface_flags($cpcarp, IFF_IPFW_FILTER); $carpip = find_interface_ip($cpcarp); if (is_ipaddr($carpip)) $cpips[] = $carpip; } } $cpips[] = $cpipm; - mwexec("/sbin/ifconfig {$tmpif} ipfwfilter"); + pfSense_interface_flags($tmpif, IFF_IPFW_FILTER); } } } @@ -108,7 +108,7 @@ function captiveportal_configure() { unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_ip.db"); unlink_if_exists("{$g['vardb_path']}/captiveportal_radius.db"); - mwexec("/sbin/ipfw -q table all flush"); + mwexec("/sbin/ipfw -q table all flush", true); /* setup new database in case someone tries to access the status -> captive portal page */ touch("{$g['vardb_path']}/captiveportal.db"); @@ -391,12 +391,12 @@ EOD; foreach ($listifs as $listrealif => $listif) { if (!empty($listrealif)) { if (does_interface_exist($listrealif)) { - mwexec("/sbin/ifconfig {$listrealif} -ipfwfilter"); + pfSense_interface_flags($listrealif, -IFF_IPFW_FILTER); $carpif = link_ip_to_carp_interface(find_interface_ip($listrealif)); if (!empty($carpif)) { $carpsif = explode(" ", $carpif); foreach ($carpsif as $cpcarp) - mwexec("/sbin/ifconfig {$cpcarp} -ipfwfilter"); + pfSense_interface_flags($cpcarp, -IFF_IPFW_FILTER); } } } diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index 435949f..707dee8 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -359,7 +359,7 @@ function convert_config() { global $config, $g; $now = date("H:i:s"); log_error("Start Configuration upgrade at $now, set execution timeout to 15 minutes"); - ini_set("max_execution_time", "900"); + //ini_set("max_execution_time", "900"); /* special case upgrades */ /* fix every minute crontab bogons entry */ @@ -932,7 +932,7 @@ EODD; if (strcasecmp(chop(fgets($fp)), "y") == 0) { if($config['interfaces']['lan']['if']) - mwexec("/sbin/ifconfig delete " . $config['interfaces']['lan']['if']); + mwexec("/sbin/ifconfig " . $config['interfaces']['lan']['if'] . " delete"); } if(isset($config['interfaces']['lan'])) unset($config['interfaces']['lan']); @@ -950,7 +950,7 @@ EODD; unset($config['nat']); } else { if(isset($config['interfaces']['lan']['if'])) - mwexec("/sbin/ifconfig delete " . $config['interfaces']['lan']['if']); + mwexec("/sbin/ifconfig " . $config['interfaces']['lan']['if'] . " delete"); if(isset($config['interfaces']['lan'])) unset($config['interfaces']['lan']); if(isset($config['dhcpd']['lan'])) diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index ee9317e..0bbcf58 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -140,8 +140,9 @@ function filter_configure() { touch($g['tmp_path'] . "/filter_dirty"); } -function delete_states_for_down_gateways() { +function filter_delete_states_for_down_gateways() { global $config; + $a_gateways = return_gateways_status(); foreach ($a_gateways as $gateway) { if ($gateway['status'] == "down") { @@ -369,7 +370,7 @@ function filter_configure_sync() { echo "."; update_filter_reload_status("Processing down interface states"); - delete_states_for_down_gateways(); + filter_delete_states_for_down_gateways(); update_filter_reload_status("Running plugins"); @@ -2084,7 +2085,7 @@ EOD; /* if antilockout is enabled, LAN exists and has * an IP and subnet mask assigned */ - $lanif = $FilterIflist["lan"]['if']; + $lanif = $FilterIflist['lan']['if']; $ipfrules .= <<<EOD # make sure the user cannot lock himself out of the webConfigurator or SSH anchor "anti-lockout" diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 846d33d..70bfd52 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -243,9 +243,7 @@ EOD; /* return the status of the apinger targets as a array */ function return_gateways_status() { - global $config; - global $g; - $gateways_arr = return_gateways_array(); + global $config, $g; $apingerstatus = array(); if (file_exists("{$g['tmp_path']}/apinger.status")) { @@ -253,21 +251,6 @@ function return_gateways_status() { } $status = array(); - $i = 2; - /* assign a dummy IP address for dynamic interfaces in case we need it */ - $monitor = array(); - foreach($gateways_arr as $name => $gateway) { - if($gateway['monitor'] == "dynamic") { - $gateway['monitor'] = "127.0.0.{$i}"; - $i++; - } - $status[$gateway['monitor']]['monitor'] = $gateway['monitor']; - $status[$gateway['monitor']]['interface'] = $gateway['interface']; - $status[$gateway['monitor']]['gateway'] = $gateway['gateway']; - $status[$gateway['monitor']]['name'] = $gateway['name']; - $status[$gateway['monitor']]['status'] = "down"; - - } foreach($apingerstatus as $line) { $info = explode("|", $line); $target = $info[0]; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 9ff2c40..7ade954 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -51,7 +51,7 @@ function interfaces_bring_up($interface) { log_error( "Backtrace: " . debug_backtrace() ); return; } - mwexec("/sbin/ifconfig " . escapeshellarg($interface) . " up"); + pfSense_interface_flags($interface, IFF_UP); } /* @@ -62,7 +62,7 @@ function get_interface_arr($flush = false) { /* If the cache doesn't exist, build it */ if (!isset($interface_arr_cache) or $flush) - $interface_arr_cache = `/sbin/ifconfig -l`; + $interface_arr_cache = explode(" ", `/sbin/ifconfig -l`); return $interface_arr_cache; } @@ -78,7 +78,7 @@ function does_interface_exist($interface) { return false; $ints = get_interface_arr(); - if(stristr($ints, $interface) !== false) + if (in_array($interface, $ints)) return true; else return false; @@ -87,7 +87,7 @@ function does_interface_exist($interface) { function interfaces_loopback_configure() { if($g['booting']) echo "Configuring loopback interface..."; - mwexec("/sbin/ifconfig lo0 127.0.0.1"); + pfSense_interface_setaddress("lo0", "127.0.0.1"); interfaces_bring_up("lo0"); exec("/sbin/route add 127.0.0.2 127.0.0.1"); if($g['booting']) @@ -122,7 +122,7 @@ function interface_vlan_configure(&$vlan) { $vlanif = empty($vlan['vlanif']) ? "{$if}_vlan{$vlan['tag']}" : $vlan['vlanif']; $tag = $vlan['tag']; - if(empty($if)) { + if (empty($if)) { log_error("interface_vlan_confgure called with if undefined."); return; } @@ -130,37 +130,23 @@ function interface_vlan_configure(&$vlan) { /* make sure the parent interface is up */ interfaces_bring_up($if); /* Since we are going to add vlan(4) try to enable all that hardware supports. */ - mwexec("/sbin/ifconfig {$if} vlanhwtag"); - mwexec("/sbin/ifconfig {$if} vlanmtu"); - mwexec("/sbin/ifconfig {$if} vlanhwfilter"); + pfSense_interface_capabilities($if, IFCAP_VLAN_HWTAGGING|IFCAP_VLAN_MTU|IFCAP_VLAN_HWFILTER); if (!empty($vlanif) && does_interface_exist($vlanif)) { interface_bring_down($vlanif); } else { - $tmpvlanif = exec("/sbin/ifconfig vlan create"); - mwexec("/sbin/ifconfig {$tmpvlanif} name {$vlanif}"); - mwexec("/usr/sbin/ngctl name {$tmpvlanif}: {$vlanif}"); + $tmpvlanif = pfSense_interface_create("vlan"); + pfSense_interface_rename($tmpvlanif, $vlanif); + pfSense_ngctl_name("{$tmpvlanif}:", $vlanif); } - - mwexec("/sbin/ifconfig {$vlanif} vlan " . - escapeshellarg($tag) . " vlandev " . - escapeshellarg($if)); + + pfSense_vlan_create($vlanif, $if, $tag); interfaces_bring_up($vlanif); /* invalidate interface cache */ get_interface_arr(true); - /* all vlans need to spoof their parent mac address, too. see - * ticket #1514: http://cvstrac.pfsense.com/tktview?tn=1514,33 - */ - foreach($config['interfaces'] as $interfaces) { - if($interfaces['if'] == $if && $interfaces['spoofmac']) { - mwexec("/sbin/ifconfig " . escapeshellarg($vlanif) . - " link " . escapeshellarg($interfaces['spoofmac'])); - } - } - /* XXX: ermal -- for now leave it here at the moment it does not hurt. */ interfaces_bring_up($if); @@ -333,12 +319,11 @@ function interface_bridge_configure(&$bridge) { $checklist = get_configured_interface_list(); if ($g['booting'] || !empty($bridge['bridgeif'])) { - mwexec("/sbin/ifconfig {$bridge['bridgeif']} destroy"); - mwexec("/sbin/ifconfig {$bridge['bridgeif']} create"); + pfSense_interface_destroy($bridge['bridgeif']); + pfSense_interface_create($bridge['bridgeif']); $bridgeif = $bridge['bridgeif']; - } else { - $bridgeif = exec("/sbin/ifconfig bridge create"); - } + } else + $bridgeif = pfSense_interface_create("bridge"); /* Calculate smaller mtu and enforce it */ $smallermtu = 0; @@ -362,7 +347,7 @@ function interface_bridge_configure(&$bridge) { $realif1 = get_real_interface($member); $realif = escapeshellarg($realif1); /* make sure the parent interface is up */ - mwexec("/sbin/ifconfig {$realif} mtu {$smallermtu}"); + pfSense_interface_mtu($realif, $smallermtu); if(!$realif) log_error("realif not defined in interfaces bridge - up"); interfaces_bring_up($realif1); @@ -486,7 +471,7 @@ function interface_bridge_add_member($bridgeif, $interface) { $mtum = get_interface_mtu($interface); if ($mtu != $mtum) - mwexec("/sbin/ifconfig {$interface} mtu {$mtu}"); + pfSense_interface_mtu($interface, $mtu); interfaces_bring_up($interface); mwexec("/sbin/ifconfig {$bridgeif} addm {$interface}"); @@ -524,11 +509,11 @@ function interface_lagg_configure(&$lagg) { $checklist = get_interface_list(); if ($g['booting'] || !(empty($lagg['laggif']))) { - mwexec("/sbin/ifconfig {$lagg['laggif']} destroy"); - mwexec("/sbin/ifconfig {$lagg['laggif']} create"); + pfSense_interface_destroy($lagg['laggif']); + pfSense_interface_create($lagg['laggif']); $laggif = $lagg['laggif']; } else - $laggif = exec("/sbin/ifconfig lagg create"); + $laggif = pfSense_interface_create("lagg"); /* Calculate smaller mtu and enforce it */ $smallermtu = 0; @@ -548,7 +533,7 @@ function interface_lagg_configure(&$lagg) { if (!array_key_exists($member, $checklist)) continue; /* make sure the parent interface is up */ - mwexec("/sbin/ifconfig {$member} mtu {$smallermtu}"); + pfSense_interface_mtu($member, $smallermtu); interfaces_bring_up($member); mwexec("/sbin/ifconfig {$laggif} laggport {$member}"); } @@ -588,22 +573,21 @@ function interface_gre_configure(&$gre) { interfaces_bring_up($realif); if ($g['booting'] || !(empty($gre['greif']))) { - mwexec("/sbin/ifconfig {$gre['greif']} destroy"); - mwexec("/sbin/ifconfig {$gre['greif']} create"); + pfSense_interface_destroy($gre['greif']); + pfSense_interface_create($gre['greif']); $greif = $gre['greif']; - } else { - $greif = exec("/sbin/ifconfig gre create"); - } + } else + $greif = pfSense_interface_create("gre"); /* Do not change the order here for more see gre(4) NOTES section. */ mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} {$gre['remote-addr']}"); mwexec("/sbin/ifconfig {$greif} {$gre['tunnel-local-addr']} {$gre['tunnel-remote-addr']} netmask " . gen_subnet_mask($gre['tunnel-remote-net'])); if (isset($gre['link0']) && $gre['link0']) - mwexec("/sbin/ifconfig {$greif} link0"); + pfSense_interface_flags($greif, IFF_LINK0); if (isset($gre['link1']) && $gre['link1']) - mwexec("/sbin/ifconfig {$greif} link1"); + pfSense_interface_flags($greif, IFF_LINK1); if (isset($gre['link2']) && $gre['link2']) - mwexec("/sbin/ifconfig {$greif} link2"); + pfSense_interface_flags($greif, IFF_LINK2); if($greif) interfaces_bring_up($greif); @@ -647,19 +631,19 @@ function interface_gif_configure(&$gif) { log_error("could not bring realif up -- variable not defined -- interface_gif_configure()"); if ($g['booting'] || !(empty($gif['gifif']))) { - mwexec("/sbin/ifconfig {$gif['gifif']} destroy"); - mwexec("/sbin/ifconfig {$gif['gifif']} create"); + pfSense_interface_destroy($gif['gifif']); + pfSense_interface_create($gif['gifif']); $gifif = $gif['gifif']; } else - $gifif = exec("/sbin/ifconfig gif create"); + $gifif = pfSense_interface_create("gif"); /* Do not change the order here for more see gif(4) NOTES section. */ mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} {$gif['remote-addr']}"); mwexec("/sbin/ifconfig {$gifif} {$gif['tunnel-local-addr']} {$gif['tunnel-remote-addr']} netmask " . gen_subnet_mask($gif['tunnel-remote-net'])); if (isset($gif['link0']) && $gif['link0']) - mwexec("/sbin/ifconfig {$gifif} link0"); + pfSense_interface_flags($gifif, IFF_LINK0); if (isset($gif['link1']) && $gif['link1']) - mwexec("/sbin/ifconfig {$gifif} link1"); + pfSense_interface_flags($gifif, IFF_LINK1); if($gifif) interfaces_bring_up($gifif); else @@ -690,6 +674,11 @@ function interfaces_configure() { $delayed_list = array(); $bridge_list = array(); + /* This is needed to speedup interfaces on bootup. */ + $reload = false; + if ($g['booting']) + $reload = true; + foreach($iflist as $if => $ifname) { $realif = $config['interfaces'][$if]['if']; if(is_array($config['interfaces'][$if]['pppoe']) && isset($config['interfaces'][$if]['pppoe']['pppoe-reset-type'])) @@ -707,7 +696,7 @@ function interfaces_configure() { echo "Configuring {$ifname} interface..."; if($g['debug']) log_error("Configuring {$ifname}"); - interface_configure($if, true); + interface_configure($if, $reload); if ($g['booting']) echo "done.\n"; } @@ -728,7 +717,7 @@ function interfaces_configure() { if ($g['debug']) log_error("Configuring {$ifname}"); - interface_configure($if, true); + interface_configure($if, $reload); if ($g['booting']) echo "done.\n"; @@ -743,7 +732,7 @@ function interfaces_configure() { if($g['debug']) log_error("Configuring {$ifname}"); - interface_configure($if, true); + interface_configure($if, $reload); if ($g['booting']) echo "done.\n"; @@ -780,7 +769,7 @@ function interfaces_configure() { function interface_reconfigure($interface = "wan") { interface_bring_down($interface); - interface_configure($interface); + interface_configure($interface, true); } function interface_vip_bring_down(&$vip) { @@ -791,17 +780,17 @@ function interface_vip_bring_down(&$vip) { case "ipalias": $vipif = get_real_interface($vip['interface']); if(does_interface_exist($vipif)) - mwexec("/sbin/ifconfig {$vipif} delete {$vip['subnet']}"); + pfSense_interface_deladdress($vipif, $vip['subnet']); break; case "carp": $vipif = "vip" . $vip['vhid']; if(does_interface_exist($vipif)) - mwexec("/sbin/ifconfig {$vipif} destroy"); + pfSense_interface_destroy($vipif); break; case "carpdev-dhcp": $vipif = "vip" . $vip['vhid']; if(does_interface_exist($vipif)) - mwexec("/sbin/ifconfig {$vipif} destroy"); + pfSense_interface_destroy($vipif); break; } } @@ -840,7 +829,7 @@ function interface_bring_down($interface = "wan", $destroy = false) { unlink_if_exists("{$g['varetc_path']}/dhclient_{$interface}.conf"); if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " down"); + pfSense_interface_flags($realif, -IFF_UP); mwexec("/usr/sbin/arp -d -i {$realif} -a"); } break; @@ -852,7 +841,7 @@ function interface_bring_down($interface = "wan", $destroy = false) { default: if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " down"); + pfSense_interface_flags($realif, -IFF_UP); mwexec("/usr/sbin/arp -d -i {$realif} -a"); } break; @@ -872,7 +861,7 @@ function interface_bring_down($interface = "wan", $destroy = false) { if ($destroy == true) { if (preg_match("/^tun|^ovpn|^gif|^gre|^lagg|^bridge|vlan/i", $realif)) - mwexec("/sbin/ifconfig {$realif} destroy"); + pfSense_interface_destroy($realif); } return; @@ -880,7 +869,10 @@ function interface_bring_down($interface = "wan", $destroy = false) { function interface_ppp_configure($interface) { global $config, $g; - + + if (!is_array($config['interfaces'][$interface])) + return; + $wancfg =& $config['interfaces'][$interface]; if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { foreach ($config['ppps']['ppp'] as $ppp) { @@ -893,8 +885,9 @@ function interface_ppp_configure($interface) { if ($interface == "wan") $pppid = "0"; - else + else { $pppid = substr($interface, 3); + } $pppif = "ppp{$pppid}"; @@ -1311,11 +1304,11 @@ function interface_carp_configure(&$vip) { /* create the carp interface and setup */ if (does_interface_exist($vipif)) { - interface_bring_down($vipif); + pfSense_interface_flags($vipif, -IFF_UP); } else { - $carpif = exec("/sbin/ifconfig carp create"); - mwexec("/sbin/ifconfig {$carpif} name {$vipif}"); - mwexec("/usr/sbin/ngctl name {$carpif}: {$vipif}"); + $carpif = pfSense_interface_create("carp"); + pfSense_interface_rename($carpif, $vipif); + pfSense_ngctl_name("{$carpif}:", $vipif); } /* invalidate interface cache */ @@ -1361,7 +1354,7 @@ function interface_carpdev_configure(&$vip) { } else { $carpdevif = exec("/sbin/ifconfig carp create"); mwexec("/sbin/ifconfig {$carpdevif} name {$vipif}"); - mwexec("/usr/sbin/ngctl name {$carpdevif}: {$vipif}"); + pfSense_ngctl_name("{$carpdevif}:", $vipif); } mwexec("/sbin/ifconfig {$vipif} carpdev {$realif} vhid {$vip['vhid']} advskew {$vip['advskew']} {$password}"); @@ -1449,7 +1442,7 @@ function interface_wireless_clone($realif, $wlcfg) { if($needs_clone == true) { /* remove previous instance if it exists */ if(does_interface_exist($realif)) - mwexec("/sbin/ifconfig {$realif} destroy"); + pfSense_interface_destroy($realif); log_error("Cloning new wireless interface {$realif}"); // Create the new wlan interface. FreeBSD returns the new interface name. @@ -1461,7 +1454,7 @@ function interface_wireless_clone($realif, $wlcfg) { } $newif = trim($out[0]); // Rename the interface to {$parentnic}_wlan{$number}#: EX: ath0_wlan0 - mwexec("/sbin/ifconfig {$newif} name {$realif} 2>&1", false); + pfSense_interface_rename($newif, $realif); // FIXME: not sure what ngctl is for. Doesn't work. // mwexec("/usr/sbin/ngctl name {$newif}: {$realif}", false); } @@ -1896,6 +1889,18 @@ function interface_configure($interface = "wan", $reloadall = false) { if ($wancfg['spoofmac']) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " link " . escapeshellarg($wancfg['spoofmac'])); + + /* + * All vlans need to spoof their parent mac address, too. see + * ticket #1514: http://cvstrac.pfsense.com/tktview?tn=1514,33 + */ + if (is_array($config['vlans']['vlan'])) { + foreach ($config['vlans']['vlan'] as $vlan) { + if ($vlan['if'] == $realif) + mwexec("/sbin/ifconfig " . escapeshellarg($vlan['vlanif']) . + " link " . escapeshellarg($wancfg['spoofmac'])); + } + } } else { $mac = get_interface_mac(get_real_interface($wancfg['if'])); if($mac == "ff:ff:ff:ff:ff:ff") { @@ -1922,7 +1927,7 @@ function interface_configure($interface = "wan", $reloadall = false) { mwexec($cmd); } if (!empty($wancfg['mtu'])) - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " mtu {$wancfg['mtu']}"); + pfSense_interface_mtu($realif, $wancfg['mtu']); /* invalidate interface/ip/sn cache */ get_interface_arr(true); @@ -1948,10 +1953,7 @@ function interface_configure($interface = "wan", $reloadall = false) { break; default: if ($wancfg['ipaddr'] <> "" && $wancfg['subnet'] <> "") { - if($wancfg['ipaddr'] && $wancfg['subnet']) - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . - " " . escapeshellarg($wancfg['ipaddr'] . "/" . - $wancfg['subnet'])); + pfSense_interface_setaddress($realif, "{$wancfg['ipaddr']}/{$wancfg['subnet']}"); } else if (substr($realif, 0, 3) == "gre") { if (is_array($config['gres']['gre'])) { foreach ($config['gres']['gre'] as $gre) @@ -2027,8 +2029,6 @@ function interface_configure($interface = "wan", $reloadall = false) { } } - unmute_kernel_msgs(); - return 0; } @@ -2112,7 +2112,10 @@ EOD; function interface_pppoe_configure($interface = "wan") { global $config, $g; - $wancfg = $config['interfaces'][$interface]; + if (!is_array($config['interfaces'][$interface])) + return; + + $wancfg =& $config['interfaces'][$interface]; /* generate mpd.conf */ $fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w"); @@ -2146,7 +2149,8 @@ EOD; $realif = "pppoe0"; else { // Here code assumes only that strings of form "opt#" will be passed. - $realif = "pppoe" . substr($interface, 3); + $pppoeidx = substr($interface, 3); + $realif = "pppoe{$pppoeidx}"; } $mpdconf .= <<<EOD @@ -2270,7 +2274,10 @@ EOD; function interface_pptp_configure($interface) { global $config, $g; - $wancfg = $config['interfaces'][$interface]; + if (!is_array($config['interfaces'][$interface])) + return; + + $wancfg =& $config['interfaces'][$interface]; /* generate mpd.conf */ $fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w"); @@ -2304,8 +2311,9 @@ EOD; $realif = "pptp0"; else { // Here code assumes only that strings of form "opt#" will be passed. - $realif = "pptp" . substr($interface, 3); - } + $pptpidx = substr($interface, 3); + $realif = "pptp{$pptpidx}"; + } $mpdconf .= <<<EOD create bundle static {$interface} @@ -2444,52 +2452,66 @@ function convert_real_interface_to_friendly_interface_name($interface = "wan") { global $config; if (stristr($interface, "pppoe")) { - $index = substr($interface, 5); - if (intval($index) > 0) + $index = intval(substr($interface, 5)); + if ($interface == "pppoe") + return "lan"; + if ($index > 0) return "opt{$index}"; else return "wan"; } else if (stristr($interface, "pptp")) { - $index = substr($interface, 4); - if (intval($index) > 0) + $index = intval(substr($interface, 4)); + if ($interface == "pptp") + return "lan"; + if ($index > 0) + return "opt{$index}"; + else + return "wan"; + } else if (stristr($interface, "ppp")) { + $index = intval(substr($interface, 3)); + if ($interface == "ppp") + return "lan"; + if ($index > 0) + return "opt{$index}"; + else + return "wan"; + } else if (stristr($interface, "l2tp")) { + $index = intval(substr($interface, 4)); + if ($interface == "l2tp") + return "lan"; + if ($index > 0) return "opt{$index}"; else return "wan"; } else if (stristr($interface, "vip")) { - $index = substr($interface, 3); - $counter = 0; - foreach ($config['virtualip']['vip'] as $vip) { + $index = intval(substr($interface, 3)); + foreach ($config['virtualip']['vip'] as $counter => $vip) { if ($vip['mode'] == "carpdev-dhcp" || $vip['mode'] == "carp") { - if (intval($index) == $counter) + if ($index == $counter) return $vip['interface']; - $counter++; } } } else if (stristr($interface, "carp")) { - $index = substr($interface, 4); - $counter = 0; - foreach ($config['virtualip']['vip'] as $vip) { + $index = intval(substr($interface, 4)); + foreach ($config['virtualip']['vip'] as $counter => $vip) { if ($vip['mode'] == "carpdev-dhcp" || $vip['mode'] == "carp") { - if (intval($index) == $counter) + if ($index == $counter) return $vip['interface']; - $counter++; } } } - /* if list */ - $ifdescrs = get_configured_interface_list(false, true); + /* XXX: For speed reasons reference directly the interface array */ + $ifdescrs = $config['interfaces']; + //$ifdescrs = get_configured_interface_list(false, true); foreach ($ifdescrs as $if => $ifname) { - if($config['interfaces'][$if]['if'] == $interface) - return $ifname; + if ($config['interfaces'][$if]['if'] == $interface) + return $if; /* XXX: ermal - The 3 lines below are totally bogus code. */ $int = interface_translate_type_to_real($if); - if($ifname == $interface) - return $ifname; - - if($int == $interface) + if ($int == $interface) return $ifname; } return NULL; @@ -2580,7 +2602,7 @@ function interface_get_wireless_clone($wlif) { } function get_real_interface($interface = "wan") { - global $config; + global $config; $wanif = NULL; @@ -2605,78 +2627,60 @@ function get_real_interface($interface = "wan") { $wanif = "ppp"; break; default: - $iflist = get_configured_interface_with_descr(false, true); - - foreach ($iflist as $if => $ifdesc) { - // If a real interface was alread passed simply - // pass the real interface back. This encourages - // the usage of this function in more cases so that - // we can combine logic for more flexibility. - if($config['interfaces'][$if]['if'] == $interface) { - if(does_interface_exist($interface)) { - $wanif = $interface; - break; - } - } - - if ($interface == $if || $interface == $ifdesc) { - - $cfg = $config['interfaces'][$if]; + // If a real interface was alread passed simply + // pass the real interface back. This encourages + // the usage of this function in more cases so that + // we can combine logic for more flexibility. + if(does_interface_exist($interface)) { + $wanif = $interface; + break; + } + if (empty($config['interfaces'][$interface])) + break; - // Wireless cloned NIC support (FreeBSD 8+) - // interface name format: $parentnic_wlanparentnic# - // example: ath0_wlan0 - if(is_interface_wireless($cfg['if'])) { - $wanif = interface_get_wireless_clone($cfg['if']); - break; - } + $cfg =& $config['interfaces'][$interface]; - if (empty($cfg['ipaddr'])) { - $wanif = $cfg['if']; - break; - } + // Wireless cloned NIC support (FreeBSD 8+) + // interface name format: $parentnic_wlanparentnic# + // example: ath0_wlan0 + if (is_interface_wireless($cfg['if'])) { + $wanif = interface_get_wireless_clone($cfg['if']); + break; + } + /* + if (empty($cfg['if'])) { + $wancfg = $cfg['if']; + break; + } + */ - switch ($cfg['ipaddr']) { - case "carpdev-dhcp": - $viparr = &$config['virtualip']['vip']; - $counter = 0; - if(is_array($viparr)) - foreach ($viparr as $vip) { - if ($vip['mode'] == "carpdev-dhcp") { - if($vip['interface'] == $if) { - $wanif = "carp{$counter}"; - break; - } - $counter++; - } else if ($vip['mode'] = "carp") - $counter++; + switch ($cfg['ipaddr']) { + case "carpdev-dhcp": + $viparr = &$config['virtualip']['vip']; + if(is_array($viparr)) + foreach ($viparr as $counter => $vip) { + if ($vip['mode'] == "carpdev-dhcp") { + if($vip['interface'] == $interface) { + $wanif = "carp{$counter}"; + break; + } } - break; - case "pppoe": - if ($if == "wan") - $wanif = "pppoe0"; - else - $wanif = "pppoe" . substr($if,3); - break; - case "pptp": - if ($if == "wan") - $wanif = "pptp0"; - else - $wanif = "pptp" . substr($if, 3); - break; - case "ppp": - if ($if == "wan") - $wanif = "ppp0"; - else - $wanif = "ppp" . substr($if, 3); - break; - default: - $wanif = $cfg['if']; - break; } - break; - } + case "pppoe": + case "pptp": + case "l2tp": + case "ppp": + if ($interface == "wan") + $wanif = "{$cfg['ipaddr']}0"; + else { + $idx = substr($interface, 3); + $wanif = "{$cfg['ipaddr']}{$idx}"; + } + break; + default: + $wanif = $cfg['if']; + break; } break; } @@ -2924,10 +2928,6 @@ function get_interface_ip($interface = "wan") return null; } - /* Do we really come here for these interfaces ?! */ - if (in_array($realif, array("pptp", "pppoe", "l2tp", "openvpn", "enc0" /* , "ppp" */))) - return ""; - $curip = find_interface_ip($realif); if ($curip && is_ipaddr($curip) && ($curip != "0.0.0.0")) return $curip; @@ -2947,10 +2947,6 @@ function get_interface_subnet($interface = "wan") return null; } - /* Do we really come here for these interfaces ?! */ - if (in_array($realif, array("pptp", "pppoe", "l2tp", "openvpn", "enc0" /* , "ppp" */))) - return ""; - $cursn = find_interface_subnet($realif); if (!empty($cursn)) return $cursn; @@ -2972,12 +2968,13 @@ function get_interfaces_with_gateway() { case "carpdev-dhcp": case "pppoe": case "pptp": + case "l2tp": case "ppp"; - $ints[] = $ifdescr; + $ints[$ifdescr] = $ifdescr; break; default: if (!empty($ifname['gateway'])) - $ints[] = $ifdescr; + $ints[$ifdescr] = $ifdescr; break; } } @@ -2986,10 +2983,25 @@ function get_interfaces_with_gateway() { /* return true if interface has a gateway */ function interface_has_gateway($friendly) { + global $config; - $friendly = strtolower($friendly); - if (in_array($friendly, get_interfaces_with_gateway())) - return true; + if (!empty($config['interfaces'][$friendly])) { + $ifname =& $config['interfaces'][$friendly]; + switch ($ifname['ipaddr']) { + case "dhcp": + case "carpdev-dhcp": + case "pppoe": + case "pptp": + case "l2tp": + case "ppp"; + return true; + break; + default: + if (!empty($ifname['gateway'])) + return true; + break; + } + } return false; } diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 614183b..466101b 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -188,13 +188,15 @@ function enable_hardware_offloading($interface) { if($int <> "") $interface = $int; $int_family = preg_split("/[0-9]+/", $interface); - $options = strtolower(`/sbin/ifconfig -m {$interface} | grep capabilities`); + $options = pfSense_get_interface_addresses($interface); + if (!is_array($options)) + return; $supported_ints = array('fxp'); if (in_array($int_family, $supported_ints)) { if(isset($config['system']['do_not_use_nic_microcode'])) continue; if(does_interface_exist($interface)) - mwexec("/sbin/ifconfig {$interface} link0"); + pfSense_interface_flags($interface, IFF_LINK0); } /* skip vlans for checksumming and polling */ @@ -202,26 +204,24 @@ function enable_hardware_offloading($interface) { return; if($config['system']['disablechecksumoffloading']) { - if(stristr($options, "txcsum") == true) - mwexec("/sbin/ifconfig {$interface} -txcsum 2>/dev/null"); - if(stristr($options, "rxcsum") == true) - mwexec("/sbin/ifconfig {$interface} -rxcsum 2>/dev/null"); + if (isset($options['encaps']['txcsum'])) + pfSense_interface_capabilities($interface, -IFCAP_TXCSUM); + if (isset($options['encaps']['rxcsum'])) + pfSense_interface_capabilities($interface, -IFCAP_RXCSUM); } else { - if(stristr($options, "txcsum") == true) - mwexec("/sbin/ifconfig {$interface} txcsum 2>/dev/null"); - if(stristr($options, "rxcsum") == true) - mwexec("/sbin/ifconfig {$interface} rxcsum 2>/dev/null"); + if (isset($options['caps']['txcsum'])) + pfSense_interface_capabilities($interface, IFCAP_TXCSUM); + if (isset($options['caps']['rxcsum'])) + pfSense_interface_capabilities($interface, IFCAP_RXCSUM); } /* if the NIC supports polling *AND* it is enabled in the GUI */ - if(interface_supports_polling($interface)) { - $polling = isset($config['system']['polling']); - if($polling) { - mwexec("/sbin/ifconfig {$interface} polling 2>/dev/null"); - } else { - mwexec("/sbin/ifconfig {$interface} -polling 2>/dev/null"); - } - } + $polling = isset($config['system']['polling']); + if($polling && isset($options['caps']['polling'])) + pfSense_interface_capabilities($interface, IFCAP_POLLING); + else + pfSense_interface_capabilities($interface, -IFCAP_POLLING); + return; } @@ -236,29 +236,10 @@ function enable_hardware_offloading($interface) { * ******/ function interface_supports_polling($iface) { - $pattern = '/([a-z].*)[0-9]/'; - preg_match($pattern, $iface, $iface2); - $interface=$iface2[1]; - $supported_ints = array("bge", - "dc", - "em", - "fwe", - "fwip", - "fxp", - "ixgb", - "nfe", - "vge", - "re", - "rl", - "sf", - "sis", - "ste", - "stge", - "vge", - "vr", - "xl"); - if(in_array($interface, $supported_ints)) + $opts = pfSense_get_interface_addresses($iface); + if (is_array($opts) && isset($opts['caps']['polling'])) return true; + return false; } diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index fa2920e..7f9b13c 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -634,7 +634,7 @@ function enable_rrd_graphing() { } function kill_traffic_collector() { - mwexec("/bin/pkill -f updaterrd.sh"); + mwexec("/bin/pkill -f updaterrd.sh", true); } /* This xml 2 array function is courtesy of the php.net comment section on xml_parse. diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 013351b..94f69cd 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -38,26 +38,6 @@ pfSense_MODULE: utils */ -function services_parse_dhcpd_hostnames() { - global $g, $config; - - // Launch if option enabled - if (isset($config['dnsmasq']['regdhcp'])) { - /* Make sure we do not error out */ - @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); - if (!file_exists("{$g['varetc_path']}/hosts")) - system_hosts_generate(); - if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) - sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP"); - else - mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$config['system']['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts"); - } else { - sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM"); - @unlink("{$g['varrun_path']}/dhcpleases.pid"); - } - -} - function services_dhcpd_configure() { global $config, $g; @@ -648,9 +628,6 @@ function services_dnsmasq_configure() { $return = 1; } - // restart isc-dhcpd parser - services_parse_dhcpd_hostnames(); - return $return; } diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 6281a14..a7c3423 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -225,6 +225,19 @@ function system_hosts_generate() { fwrite($fd, $hosts); fclose($fd); + /* Start the monitoring process for dynamic dhcpclients. */ + if (isset($config['dnsmasq']['regdhcp'])) { + /* Make sure we do not error out */ + @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases"); + if (file_exists("{$g['varrun_path']}/dhcpleases.pid")) + sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "HUP"); + else + mwexec("/usr/local/sbin/dhcpleases -l {$g['dhcpd_chroot_path']}/var/db/dhcpd.leases -d {$syscfg['domain']} -p {$g['varrun_path']}/dnsmasq.pid -h {$g['varetc_path']}/hosts"); + } else { + sigkillbypid("{$g['varrun_path']}/dhcpleases.pid", "TERM"); + @unlink("{$g['varrun_path']}/dhcpleases.pid"); + } + return 0; } @@ -263,15 +276,29 @@ function system_routing_configure() { $interfacegw = ""; /* tack on all the hard defined gateways as well */ if (is_array($config['gateways']['gateway_item'])) { + mwexec("/bin/rm {$g['tmp_path']}/*_defaultgw"); + $foundgw = false; foreach ($config['gateways']['gateway_item'] as $gateway) { if (isset($gateway['defaultgw'])) { if ($gateway['gateway'] == "dynamic") $gateway['gateway'] = get_interface_gateway($gateway['interface']); $gatewayip = $gateway['gateway']; $interfacegw = $gateway['interface']; + if (!empty($interfacegw)) { + $defaultif = get_real_interface($gateway['interface']); + if ($defaultif) + @file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gatewayip); + } + $foundgw = true; break; } } + if ($foundgw == false) { + $defaultif = get_real_interface("wan"); + $interfacegw = "wan"; + $gatewayip = get_interface_gateway("wan"); + @touch("{$g['tmp_path']}/{$defaultif}_defaultgw"); + } } $dont_add_route = false; /* if OLSRD is enabled, allow WAN to house DHCP. */ @@ -1418,4 +1445,4 @@ function system_get_dmesg_boot() { return file_get_contents("{$g['varlog_path']}/dmesg.boot"); } -?>
\ No newline at end of file +?> diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index cb690d6..81ee8f6 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1539,6 +1539,11 @@ function upgrade_051_to_052() { $csc['wins_server1'] = $csc['dhcp_wins']; unset($csc['dhcp_wins']); + if (!empty($csc['disable'])) + $csc['disable'] = true; + else + unset($csc['disable']); + $config['openvpn']['openvpn-csc'][] = $csc; } @@ -1669,7 +1674,7 @@ function upgrade_054_to_055() { global $g; /* RRD files changed for quality, traffic and packets graphs */ - ini_set("max_execution_time", "1800"); + //ini_set("max_execution_time", "1800"); /* convert traffic RRD file */ global $parsedcfg, $listtags; $listtags = array("ds", "v", "rra", "row"); @@ -171,7 +171,9 @@ if [ ! -h /tmp/tmp ]; then fi # Make sure our /tmp is 777 + Sticky -rm -rf /tmp/* +if [ ! "$PLATFORM" = "cdrom" ] ; then + rm -rf /tmp/* +fi chmod 1777 /tmp if [ ! "$PLATFORM" = "cdrom" ] ; then diff --git a/etc/rc.bootup b/etc/rc.bootup index e50d14d..4f67a7b 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -161,7 +161,6 @@ $wan_if = get_real_interface(); * and ask the user to reassign interfaces. This will * avoid a reboot and thats a good thing. */ -unmute_kernel_msgs(); while(is_interface_mismatch() == true) { echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; set_networking_interfaces_ports(); @@ -199,6 +198,10 @@ system_hosts_generate(); /* configure loopback interface */ interfaces_loopback_configure(); +echo "Starting Secure Shell Services..."; +mwexec_bg("/etc/sshd"); +echo "done.\n"; + /* set up interfaces */ if(!$debugging) mute_kernel_msgs(); @@ -261,10 +264,6 @@ system_routing_configure(); /* enable routing */ system_routing_enable(); -echo "Starting Secure Shell Services..."; -mwexec_bg("/etc/sshd"); -echo "done.\n"; - /* configure console menu */ system_console_configure(); @@ -330,9 +329,6 @@ enable_rrd_graphing(); /* start DHCP service */ services_dhcpd_configure(); -/* start DHCP logging service which populates /etc/hosts */ -services_parse_dhcpd_hostnames(); - /* startup OLSR if needed */ setup_wireless_olsr(); @@ -379,4 +375,4 @@ led_normalize(); conf_mount_ro(); -?>
\ No newline at end of file +?> diff --git a/etc/rc.initial b/etc/rc.initial index 7485e0d..13fcbba 100755 --- a/etc/rc.initial +++ b/etc/rc.initial @@ -62,7 +62,7 @@ echo "10) Filter Logs" echo "11) Restart webConfigurator" echo "12) ${product} Developer Shell" echo "13) Upgrade from console" -SSHD=`netstat -an | grep "*.22" | wc -l` +SSHD=`/usr/bin/sockstat -4l | grep "*.22" | wc -l` if [ "$SSHD" -gt 0 ]; then echo "14) Disable Secure Shell (sshd)"; else @@ -155,7 +155,7 @@ case ${opmode} in fi ;; "") - killall login ; exit + kill $PPID ; exit ;; esac diff --git a/etc/rc.reboot b/etc/rc.reboot index af5d874..ecc47c2 100755 --- a/etc/rc.reboot +++ b/etc/rc.reboot @@ -23,11 +23,4 @@ fi sleep 1 -echo -n "Downing interfaces: " -for INTERFACE in `/sbin/ifconfig -l`; do - echo -n "$INTERFACE " - /sbin/ifconfig $INTERFACE down -done - /sbin/shutdown -r now - |
