diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2004-12-05 19:56:11 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2004-12-05 19:56:11 +0000 |
| commit | a23d72487189307f63465c7150f6ca3a0cb027b3 (patch) | |
| tree | 7f336d3e8c377e7ad411984ac5f313f5046a8c6f /etc | |
| parent | 07bd3f83b401d8e9e9de3938e0a26c6e452660af (diff) | |
| download | pfsense-a23d72487189307f63465c7150f6ca3a0cb027b3.zip pfsense-a23d72487189307f63465c7150f6ca3a0cb027b3.tar.gz | |
Merge in m0n0wall 1.2b3 changes.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/interfaces.inc | 92 | ||||
| -rw-r--r-- | etc/inc/services.inc | 103 | ||||
| -rw-r--r-- | etc/inc/system.inc | 6 |
3 files changed, 170 insertions, 31 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 65e8b99..c0d88fb 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -329,22 +329,12 @@ function interfaces_wan_configure() { /* wait for processes to die */ sleep(2); - /* remove dhclient.conf, if it exists */ - if (file_exists("{$g['varetc_path']}/dhclient.conf")) { - unlink("{$g['varetc_path']}/dhclient.conf"); - } - /* remove mpd.conf, if it exists */ - if (file_exists("{$g['varetc_path']}/mpd.conf")) { - unlink("{$g['varetc_path']}/mpd.conf"); - } - /* remove mpd.links, if it exists */ - if (file_exists("{$g['varetc_path']}/mpd.links")) { - unlink("{$g['varetc_path']}/mpd.links"); - } - /* remove wanip, if it exists */ - if (file_exists("{$g['vardb_path']}/wanip")) { - unlink("{$g['vardb_path']}/wanip"); - } + unlink_if_exists("{$g['varetc_path']}/dhclient.conf"); + unlink_if_exists("{$g['varetc_path']}/mpd.conf"); + unlink_if_exists("{$g['varetc_path']}/mpd.links"); + unlink_if_exists("{$g['vardb_path']}/wanip"); + unlink_if_exists("{$g['varetc_path']}/nameservers.conf"); + } /* remove all addresses first */ @@ -389,9 +379,14 @@ function interfaces_wan_configure() { break; default: - mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . - escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet'])); - + if (isset($wancfg['ispointtopoint']) && $wancfg['pointtopoint']) { + mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . + escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']) . + " " . escapeshellarg($wancfg['pointtopoint']) . " up"); + } else { + mwexec("/sbin/ifconfig " . escapeshellarg($wancfg['if']) . " " . + escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet'])); + } /* install default route */ mwexec("/sbin/route delete default"); mwexec("/sbin/route add default " . escapeshellarg($wancfg['gateway'])); @@ -413,6 +408,9 @@ function interfaces_wan_configure() { /* restart ez-ipupdate */ services_dyndns_configure(); + /* force DNS update */ + services_dnsupdate_process(); + /* restart dnsmasq */ services_dnsmasq_configure(); } @@ -457,6 +455,16 @@ EOD; return 0; } +function interfaces_wan_dhcp_down() { + mwexec("/sbin/dhclient -r"); + sleep(3); +} + +function interfaces_wan_dhcp_up() { + interfaces_wan_dhcp_configure(); + sleep(3); +} + function interfaces_wan_pppoe_configure() { global $config, $g; @@ -509,8 +517,18 @@ EOD; set link mtu 1492 set ipcp yes vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 + +EOD; + + if (isset($config['system']['dnsallowoverride'])) { + $mpdconf .= <<<EOD set ipcp enable req-pri-dns set ipcp enable req-sec-dns + +EOD; + } + + $mpdconf .= <<<EOD open iface EOD; @@ -544,6 +562,18 @@ EOD; return 0; } +function interfaces_wan_pppoe_down() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2"); + sleep(3); +} + +function interfaces_wan_pppoe_up() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1"); + sleep(3); +} + function interfaces_wan_pptp_configure() { global $config, $g; @@ -579,7 +609,7 @@ EOD; if (isset($pptpcfg['ondemand'])) { $mpdconf .= <<<EOD - set iface addrs {$pptpcfg['local']} {$pptpcfg['remote']} + set iface addrs 10.0.0.1 10.0.0.2 EOD; } @@ -595,8 +625,18 @@ EOD; set link accept chap set ipcp no vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 + +EOD; + + if (isset($config['system']['dnsallowoverride'])) { + $mpdconf .= <<<EOD set ipcp enable req-pri-dns set ipcp enable req-sec-dns + +EOD; + } + + $mpdconf .= <<<EOD open EOD; @@ -634,6 +674,18 @@ EOD; return 0; } +function interfaces_wan_pptp_down() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR2"); + sleep(3); +} + +function interfaces_wan_pptp_up() { + global $g; + sigkillbypid("{$g['varrun_path']}/mpd.pid", "SIGUSR1"); + sleep(3); +} + function interfaces_wan_bigpond_configure($curwanip) { global $config, $g; diff --git a/etc/inc/services.inc b/etc/inc/services.inc index bcc9dd9..cc98db1 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -418,17 +418,33 @@ function services_proxyarp_configure() { /* kill any running choparp */ killbyname("choparp"); - if (is_array($config['proxyarp']) && count($config['proxyarp']) && - (is_ipaddr($config['interfaces']['wan']['ipaddr']) || - ($config['interfaces']['wan']['ipaddr'] == "dhcp") || - ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) { + if (is_array($config['proxyarp']) && count($config['proxyarp'])) { - if(isset($config['proxyarp']['proxyarpnet']['interface'])) - $args = $config['proxyarp']['proxyarpnet']['interface']; - else - $args = $config['interfaces']['wan']['if'] . " auto"; + $paa = array(); + /* group by interface */ foreach ($config['proxyarp']['proxyarpnet'] as $paent) { + if ($paent['interface']) + $if = $paent['interface']; + else + $if = "wan"; + + if (!is_array($paa[$if])) + $paa[$if] = array(); + + $paa[$if][] = $paent; + } + + foreach ($paa as $paif => $paents) { + if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) || + ($config['interfaces']['wan']['ipaddr'] == "dhcp") || + ($config['interfaces']['wan']['ipaddr'] == "bigpond"))) + continue; + + $args = $config['interfaces'][$paif]['if'] . " auto"; + + foreach ($paents as $paent) { + if (isset($paent['network'])) $args .= " " . escapeshellarg($paent['network']); else if (isset($paent['range'])) @@ -438,6 +454,77 @@ function services_proxyarp_configure() { mwexec_bg("/usr/local/sbin/choparp " . $args); } + } +} + +function services_dnsupdate_process() { + global $config, $g; + + /* Dynamic DNS updating active? */ + if (isset($config['dnsupdate']['enable'])) { + + $wanip = get_current_wan_address(); + if ($wanip) { + + $keyname = $config['dnsupdate']['keyname']; + /* trailing dot */ + if (substr($keyname, -1) != ".") + $keyname .= "."; + + $hostname = $config['dnsupdate']['host']; + /* trailing dot */ + if (substr($hostname, -1) != ".") + $hostname .= "."; + + /* write private key file + this is dumb - public and private keys are the same for HMAC-MD5, + but nsupdate insists on having both */ + $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.private", "w"); + $privkey .= <<<EOD +Private-key-format: v1.2 +Algorithm: 157 (HMAC) +Key: {$config['dnsupdate']['keydata']} + +EOD; + fwrite($fd, $privkey); + fclose($fd); + + /* write public key file */ + if ($config['dnsupdate']['keytype'] == "zone") { + $flags = 257; + $proto = 3; + } else if ($config['dnsupdate']['keytype'] == "host") { + $flags = 513; + $proto = 3; + } else if ($config['dnsupdate']['keytype'] == "user") { + $flags = 0; + $proto = 2; + } + + $fd = fopen("{$g['varetc_path']}/K{$keyname}+157+00000.key", "w"); + fwrite($fd, "{$keyname} IN KEY {$flags} {$proto} 157 {$config['dnsupdate']['keydata']}\n"); + fclose($fd); + + /* generate update instructions */ + $upinst = "update delete {$config['dnsupdate']['host']} A\n"; + $upinst .= "update add {$config['dnsupdate']['host']} {$config['dnsupdate']['ttl']} A {$wanip}\n"; + $upinst .= "\n"; /* mind that trailing newline! */ + + $fd = fopen("{$g['varetc_path']}/nsupdatecmds", "w"); + fwrite($fd, $upinst); + fclose($fd); + + /* invoke nsupdate */ + $cmd = "/usr/sbin/nsupdate -k {$g['varetc_path']}:{$keyname}"; + if (isset($config['dnsupdate']['usetcp'])) + $cmd .= " -v"; + $cmd .= " {$g['varetc_path']}/nsupdatecmds"; + + mwexec_bg($cmd); + } + } + + return 0; } ?> diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 69470d6..afd25c6 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -237,7 +237,7 @@ EOD; if (isset($syslogcfg['system'])) { $syslogconf .= <<<EOD -*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local4.none;local7.none @{$syslogcfg['remoteserver']} +*.notice;kern.debug;lpr.info;mail.crit;news.err;local0.none;local3.none;local7.none @{$syslogcfg['remoteserver']} security.* @{$syslogcfg['remoteserver']} auth.info;authpriv.info;daemon.info @{$syslogcfg['remoteserver']} *.emerg @{$syslogcfg['remoteserver']} @@ -484,7 +484,7 @@ function system_do_shell_commands($early = 0) { } } -function system_do_extensions() { +function system_do_extensions($early = false) { global $config, $g; if (!is_dir("{$g['etc_path']}/inc/ext")) @@ -495,7 +495,7 @@ function system_do_extensions() { while (($extd = readdir($dh)) !== false) { if (($extd === ".") || ($extd === "..")) continue; - $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/rc"; + $rcfile = "{$g['etc_path']}/inc/ext/" . $extd . "/" . ($early ? "rc.early" : "rc"); if (file_exists($rcfile)) passthru($rcfile); } |
