Merge remote-tracking branch 'mainline/master' into inc

author: Vinicius Coque <vinicius.coque@bluepex.com> 2011-05-25 14:35:40 -0300
committer: Vinicius Coque <vinicius.coque@bluepex.com> 2011-05-25 14:35:40 -0300
commit: 669113f9d12a43391cd480390dfbfbecf55d544e (patch)
tree: e80e743ca3b885a272485d02ad06712ef62aec5d /etc
parent: 19bd7032b2c35e60ea505220e696d69659452d92 (diff)
parent: dceff62e8144b56cb292e1a3fd69abe307072625 (diff)
download: pfsense-669113f9d12a43391cd480390dfbfbecf55d544e.zip
pfsense-669113f9d12a43391cd480390dfbfbecf55d544e.tar.gz
5 files changed, 92 insertions, 64 deletions
diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class
index 150dedc..01209b9 100644
--- a/etc/inc/dyndns.class
+++ b/etc/inc/dyndns.class
@@ -795,12 +795,13 @@
 			if($successful_update == true) {
 				/* Write WAN IP to cache file */
 				$wan_ip = $this->_checkIP();
-				$currentTime = time();				  
-				log_error("phpDynDNS: updating cache file {$this->_cacheFile}: {$wan_ip}");
 				conf_mount_rw();
-				$file = fopen($this->_cacheFile, 'w');
-				fwrite($file, $wan_ip.':'.$currentTime);
-				fclose($file);
+				if ($wan_ip > 0) {
+					$currentTime = time();				  
+					log_error("phpDynDNS: updating cache file {$this->_cacheFile}: {$wan_ip}");
+					@file_put_contents($this->_cacheFile, "{$wan_ip}:{$currentTime}");
+				} else
+					@unlink($this->_cacheFile);
 				conf_mount_ro();
 			}
 			$this->status = $status;
@@ -853,32 +854,37 @@
 		 *      | work with other systems. pfSense base is FreeBSD.
 		 */
 		function _detectChange() {
-			
-			log_error("DynDns: _detectChange() starting.");
+			global $debug;
+
+			if ($debug)
+				log_error("DynDns: _detectChange() starting.");
 		
 			$currentTime = time();
 
 			$wan_ip = $this->_checkIP();
+			if ($wan_ip == 0) {
+				log_error("DynDns: Current WAN IP could not be determined, skipping update process.");
+				return false;
+			}
 			$this->_dnsIP = $wan_ip;
-			log_error("DynDns: Current WAN IP: {$wan_ip}");
+			$log_error = "DynDns: Current WAN IP: {$wan_ip} ";
 
 			if (file_exists($this->_cacheFile)) {
 				$contents = file_get_contents($this->_cacheFile);
 				list($cacheIP,$cacheTime) = split(':', $contents);
 				$this->_debug($cacheIP.'/'.$cacheTime);
 				$initial = false;
-				log_error("DynDns: Cached IP: {$cacheIP}");
+				$log_error .= "Cached IP: {$cacheIP} ";
 			} else {
 				conf_mount_rw();
-				$file = fopen($this->_cacheFile, 'w');
-				fwrite($file, '0.0.0.0:'.$currentTime);
-				fclose($file);
-				conf_mount_ro();
 				$cacheIP = '0.0.0.0';
+				@file_put_contents($this->_cacheFile, "0.0.0.0:{$currentTime}");
+				conf_mount_ro();
 				$cacheTime = $currentTime;
 				$initial = true;
-				log_error("DynDns: No Cached IP found.");
+				$log_error .= "No Cached IP found.";
 			}
+			log_error($log_error);
 
 			/*   use 2419200 for dyndns, dhs, easydns, noip, hn
 			 *   zoneedit, dyns, ods
@@ -928,10 +934,14 @@
 			conf_mount_ro();
 		}
 		function _checkIP() {
+			global $debug;
 
-			log_error("DynDns: _checkIP() starting.");
+			if ($debug)
+				log_error("DynDns: _checkIP() starting.");
 
 			$ip_address = find_interface_ip($this->_if);
+			if (!is_ipaddr($ip_address))
+				return 0;
 			$this->_ifIP = $ip_address;
 			if (is_private_ip($ip_address)) {
 				$hosttocheck = "checkip.dyndns.org";
@@ -944,7 +954,7 @@
 				}
 				if ($try >= 3) {
 					log_error("Dyndns debug information: Could not resolve {$hosttocheck} to ip using interface ip {$ip_address}.");
-					return $ip_address; /* XXX: Might return private ip address! */
+					return 0;
 				}
 				$ip_ch = curl_init("http://{$checkip}");
 				curl_setopt($ip_ch, CURLOPT_RETURNTRANSFER, 1);
@@ -957,7 +967,12 @@
 				$ip_result_decoded = urldecode($ip_result_page);
 				preg_match('/Current IP Address: (.*)<\/body>/', $ip_result_decoded, $matches);
 				$ip_address = trim($matches[1]);
-				log_error("DynDns debug information: {$ip_address} extracted from {$hosttocheck}");
+				if (is_ipaddr($ip_address))
+					log_error("DynDns debug information: {$ip_address} extracted from {$hosttocheck}");
+				else {
+					log_error("DynDns debug information: IP address could not be extracted from {$hosttocheck}");
+					return 0;
+				}
 			} else
 				log_error("DynDns debug information: {$ip_address} extracted from local system.");
 
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 1cabd29..78ad19f 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -514,8 +514,15 @@ function filter_generate_aliases() {
 	$aliases = "loopback = \"{ lo0 }\"\n";
 
 	foreach ($FilterIflist as $if => $ifcfg) {
-		$aliases .= "{$ifcfg['descr']} = \"{ {$ifcfg['if']}";
-		$aliases .= " }\"\n";
+		if (is_array($ifcfg[0])) {
+			if ($ifcfg[0]['if'] == 'pppoe') {
+				$aliases .= "{$ifcfg[0]['descr']} = \"{ {$ifcfg[0]['if']}";
+				$aliases .= " }\"\n";
+			}
+		} else {
+			$aliases .= "{$ifcfg['descr']} = \"{ {$ifcfg['if']}";
+			$aliases .= " }\"\n";
+		}
 	}
 
 	$aliases .= "\n#SSH Lockout Table\n";
@@ -696,9 +703,15 @@ function filter_get_vpns_list() {
 		}
 	}
 	/* pppoe */
-	if($config['pppoe']['remoteip']) {
-		if(is_subnet($tunnel['remote-subnet'])) {
-			$vpns_arr[] = $config['pppoe']['remoteip'] ."/". $config['pppoe']['pppoe_subnet'];
+	if (is_array($config['pppoes']['pppoe'])) {
+		foreach($config['pppoes']['pppoe'] as $pppoe) {
+			if ($pppoe['mode'] == "server") {
+				if(is_ipaddr($pppoe['remoteip'])) {
+					$pppoesub = gen_subnet($pppoe['remoteip'], $pppoe['pppoe_subnet']);
+					if (is_subnet($pppoesub))
+						$vpns_arr[] = $pppoesub;
+				}
+			}
 		}
 	}
 	if(!empty($vpns_arr)) {
@@ -789,19 +802,24 @@ function filter_generate_optcfg_array() {
 		$oic['virtual'] = true;
 		$FilterIflist['l2tp'] = $oic;
 	}
-	if($config['pppoe']['mode'] == "server") {
-		$oic = array();
-		$oic['if'] = 'pppoe';
-		$oic['descr'] = 'pppoe';
-		$oic['ip'] = $config['pppoe']['localip'];
-		$oic['sa'] = $config['pppoe']['remoteip'];
-		$oic['mode'] = $config['pppoe']['mode'];
-		$oic['virtual'] = true;
-		if($config['pppoe']['pppoe_subnet'] <> "")
-			$oic['sn'] = $config['pppoe']['pppoe_subnet'];
-		else
-			$oic['sn'] = "32";
-		$FilterIflist['pppoe'] = $oic;
+	if (is_array($config['pppoes']['pppoe'])) {
+		$FilterIflist['pppoe'] = array();
+		foreach($config['pppoes']['pppoe'] as $pppoe) {
+			if ($pppoe['mode'] == "server") {
+				$oic = array();
+				$oic['if'] = 'pppoe';
+				$oic['descr'] = 'pppoe';
+				$oic['ip'] = $pppoe['localip'];
+				$oic['sa'] = $pppoe['remoteip'];
+				$oic['mode'] = $pppoe['mode'];
+				$oic['virtual'] = true;
+				if($pppoe['pppoe_subnet'] <> "")
+					$oic['sn'] = $pppoe['pppoe_subnet'];
+				else
+					$oic['sn'] = "32";
+				$FilterIflist['pppoe'][] = $oic;
+			}
+		}
 	}
 	/* add ipsec interfaces */
 	if(isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) {
@@ -1022,7 +1040,6 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_
 			$target = $FilterIflist[$rule['target']]['ip'];
 		else
 			return "";
-
 		$starting_localhost_port_tmp = $starting_localhost_port;
 		$toomanyports = false;
 		/* only install reflection rules for < 19991 items */
@@ -1071,7 +1088,7 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_
 				$toadd_array = array_merge($toadd_array, range($loc_pt[0], $loc_pt[0] + $delta));
 
 				if(!empty($toadd_array)) {
-					$target = explode(" ", trim($target));
+					$rtarget = explode(" ", trim($target));
 					foreach($toadd_array as $tda) {
 						if (empty($tda))
 							continue;
@@ -1083,7 +1100,7 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_
 								$socktype = "stream";
 								$dash_u = "";
 							}
-							foreach ($target as $targip) {
+							foreach ($rtarget as $targip) {
 								if (empty($targip))
 									continue;
 								$reflection_txt[] = "{$inetdport}\t{$socktype}\t{$reflect_proto}\tnowait/0\tnobody\t/usr/bin/nc\tnc {$dash_u}-w {$reflectiontimeout} {$targip} {$tda}\n";
@@ -1327,19 +1344,18 @@ function filter_nat_rules_generate() {
 			}
 		}
 		/* PPTP subnet */
-		if(isset($FilterIflist['pptp']) && $FilterIflist['pptp']['mode'] == "server" ) {
-			$pptp_subnet = $FilterIflist['pptp']['sn'];
-			if(is_private_ip($FilterIflist['pptp']['sa']) && !empty($pptp_subnet)) {
-				$numberofnathosts++;
-				$tonathosts .= "{$FilterIflist['pptp']['sa']}/{$pptp_subnet} ";
-			}
+		if(($config['pptpd']['mode'] == "server" ) && is_private_ip($config['pptpd']['remoteip'])) {
+			$pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+$config['pptpd']['n_pptp_units']));
+			$numberofnathosts += count($pptp_subnets);
+			$tonathosts .= implode(" ", $pptp_subnets) . " ";
 		}
 		/* PPPoE subnet */
-		if(isset($FilterIflist['pppoe']) && $FilterIflist['pppoe']['mode'] == "server") {
-			$pppoe_subnet = $FilterIflist['pppoe']['sn'];
-			if(is_private_ip($FilterIflist['pppoe']['sa']) && !empty($pppoe_subnet)) {
-				$numberofnathosts++;
-				$tonathosts .= "{$FilterIflist['pppoe']['sa']}/{$pppoe_subnet} ";
+		if (is_array($FilterIflist['pppoe'])) {
+			foreach ($FilterIflist['pppoe'] as $pppoe) {
+				if(is_private_ip($pppoe['ip'])) {
+					$numberofnathosts++;
+					$tonathosts .= "{$pppoe['sa']}/{$pppoe['sn']} ";
+				}
 			}
 		}
 		/* L2TP subnet */
@@ -1643,9 +1659,12 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) {
 					$src = "{$pptpsa}/{$pptpsn}";
 					break;
 				case 'pppoe':
-					$pppoesa = gen_subnet($FilterIflist['pppoe']['ip'], $FilterIflist['pppoe']['sn']);
-					$pppoesn = $FilterIflist['pppoe']['sn'];
-					$src = "{$pppoesa}/{$pppoesn}";
+					/* XXX: This needs to be fixed somehow! */
+					if (is_array($FilterIflist['pppoe'])) {
+						$pppoesa = gen_subnet($FilterIflist['pppoe'][0]['ip'], $FilterIflist['pppoe'][0]['sn']);
+						$pppoesn = $FilterIflist['pppoe'][0]['sn'];
+						$src = "{$pppoesa}/{$pppoesn}";
+					}
 					break;
 			}
 			if(isset($rule[$target]['not']))
@@ -1704,7 +1723,6 @@ function filter_generate_user_rule($rule) {
 	}
 	update_filter_reload_status("Creating filter rules {$rule['descr']} ...");
 	$pptpdcfg = $config['pptpd'];
-	$pppoecfg = $config['pppoe'];
 	$int = "";
 	$aline = array();
 
@@ -2014,7 +2032,6 @@ function filter_rules_generate() {
 	}
 
 	$pptpdcfg = $config['pptpd'];
-	$pppoecfg = $config['pppoe'];
 
 	$ipfrules = "";
 	//$ipfrules .= discover_pkg_rules("filter");
diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc
index cb6f321..17ab2ab 100644
--- a/etc/inc/rrd.inc
+++ b/etc/inc/rrd.inc
@@ -394,7 +394,7 @@ function enable_rrd_graphing() {
 				$rrdupdatesh .= " sleep 0.2\n";
 				$rrdupdatesh .= " echo \"quit\"\n";
 				$rrdupdatesh .= "}\n";
-				$rrdupdatesh .= "OVPN=`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'` &\n";
+				$rrdupdatesh .= "OVPN=`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n";
 				$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\${OVPN}\n";
 			}
 
diff --git a/etc/inc/services.inc b/etc/inc/services.inc
index df0914c..3f3225c 100644
--- a/etc/inc/services.inc
+++ b/etc/inc/services.inc
@@ -275,7 +275,7 @@ EOPP;
 			$dhcpdconf .= "		deny dynamic bootp clients;\n";
 
 		if (isset($dhcpifconf['denyunknown']))
-		   $dhcpdconf .= "		deny unknown clients;\n";
+		   $dhcpdconf .= "		deny unknown-clients;\n";
 
 		if ($dhcpifconf['gateway'])
 			$routers = $dhcpifconf['gateway'];
@@ -606,8 +606,6 @@ function services_dyndns_configure_client($conf) {
 	/* load up the dyndns.class */
 	require_once("dyndns.class");
 
-	log_error("DynDns: Running updatedns()");
-
 	$dns = new updatedns($dnsService = $conf['type'],
 		$dnsHost = $conf['host'],
 		$dnsUser = $conf['username'],
diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc
index 3b9f1ba..f7f5b01 100644
--- a/etc/inc/voucher.inc
+++ b/etc/inc/voucher.inc
@@ -164,8 +164,7 @@ function voucher_auth($voucher_received, $test = 0) {
 	$tickets_per_roll = array();
 	$minutes_per_roll = array();
 	if (is_array($config['voucher']['roll'])) {
-		$a_roll = &$config['voucher']['roll'];
-		foreach ($a_roll as $rollent) {
+		foreach ($config['voucher']['roll'] as $rollent) {
 			$tickets_per_roll[$rollent['number']] = $rollent['count'];
 			$minutes_per_roll[$rollent['number']] = $rollent['minutes'];
 		}
@@ -192,7 +191,7 @@ function voucher_auth($voucher_received, $test = 0) {
         list($status, $roll, $nr) = explode(" ", $result);
         if ($status == "OK") {
             if (!$first_voucher) {
-				// store first voucher. Thats the one we give the timecredit
+		// store first voucher. Thats the one we give the timecredit
                 $first_voucher = $voucher;
                 $first_voucher_roll = $roll;
             }
@@ -352,11 +351,10 @@ function voucher_configure($sync = false) {
 
         if (($g['booting'] || $sync == true) && is_array($config['voucher']['roll'])) {
 
-            // create active and used DB per roll on ramdisk from config
-            $a_roll = &$config['voucher']['roll'];
 		$voucherlck = lock('voucher', LOCK_EX);
 
-            foreach ($a_roll as $rollent) {
+            // create active and used DB per roll on ramdisk from config
+            foreach ($config['voucher']['roll'] as $rollent) {
 
                 $roll = $rollent['number'];
                 voucher_write_used_db($roll, $rollent['used']);
author	Vinicius Coque <vinicius.coque@bluepex.com>	2011-05-25 14:35:40 -0300
committer	Vinicius Coque <vinicius.coque@bluepex.com>	2011-05-25 14:35:40 -0300
commit	669113f9d12a43391cd480390dfbfbecf55d544e (patch)
tree	e80e743ca3b885a272485d02ad06712ef62aec5d /etc
parent	19bd7032b2c35e60ea505220e696d69659452d92 (diff)
parent	dceff62e8144b56cb292e1a3fd69abe307072625 (diff)
download	pfsense-669113f9d12a43391cd480390dfbfbecf55d544e.zip pfsense-669113f9d12a43391cd480390dfbfbecf55d544e.tar.gz