diff options
| author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:57:23 -0300 |
|---|---|---|
| committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:57:23 -0300 |
| commit | 45d4b71e070a52bec9e14a82d2656f0e7af07ba1 (patch) | |
| tree | d238e7d6506d339c6da27c3a9e56e407c1b869c1 /etc | |
| parent | d21d6e2090c6701041b8555cdaca9ad2c949d4f1 (diff) | |
| parent | 7a18dfa4ed218ad7b114d9cd52c008a76c811614 (diff) | |
| download | pfsense-45d4b71e070a52bec9e14a82d2656f0e7af07ba1.zip pfsense-45d4b71e070a52bec9e14a82d2656f0e7af07ba1.tar.gz | |
Merge remote-tracking branch 'mainline/master' into inc
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/certs.inc | 19 | ||||
| -rw-r--r-- | etc/inc/dyndns.class | 36 | ||||
| -rw-r--r-- | etc/inc/filter.inc | 21 | ||||
| -rw-r--r-- | etc/inc/globals.inc | 2 | ||||
| -rw-r--r-- | etc/inc/gwlb.inc | 2 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 4 | ||||
| -rw-r--r-- | etc/inc/notices.inc | 2 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 44 | ||||
| -rw-r--r-- | etc/inc/pkg-utils.inc | 12 | ||||
| -rw-r--r-- | etc/inc/rrd.inc | 35 | ||||
| -rw-r--r-- | etc/inc/service-utils.inc | 14 | ||||
| -rw-r--r-- | etc/inc/services.inc | 2 | ||||
| -rw-r--r-- | etc/inc/upgrade_config.inc | 37 | ||||
| -rw-r--r-- | etc/inc/util.inc | 3 | ||||
| -rw-r--r-- | etc/inc/voucher.inc | 2 | ||||
| -rw-r--r-- | etc/inc/vpn.inc | 3 | ||||
| -rw-r--r-- | etc/phpshellsessions/gitsync | 2 | ||||
| -rwxr-xr-x | etc/rc.filter_synchronize | 7 | ||||
| -rwxr-xr-x | etc/rc.initial.setlanip | 2 | ||||
| -rwxr-xr-x | etc/rc.linkup | 2 | ||||
| -rwxr-xr-x | etc/rc.start_packages | 80 | ||||
| -rwxr-xr-x | etc/rc.stop_packages | 79 |
22 files changed, 319 insertions, 91 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 357ac05..3595f45 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -369,6 +369,25 @@ function cert_get_issuer($str_crt, $decode = true) { return $issuer; } +/* this function works on x509 (crt), rsa key (prv), and req(csr) */ +function cert_get_modulus($str_crt, $decode = true, $type = "crt"){ + if ($decode) + $str_crt = base64_decode($str_crt); + + $modulus = ""; + if ( in_array($type, array("crt", "prv", "csr")) ) { + $type = str_replace( array("crt","prv","csr"), array("x509","rsa","req"), $type); + $modulus = exec("echo \"{$str_crt}\" | openssl {$type} -noout -modulus"); + } + return $modulus; +} +function csr_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "csr"); +} +function prv_get_modulus($str_crt, $decode = true){ + return cert_get_modulus($str_crt, $decode, "prv"); +} + function is_user_cert($certref) { global $config; if (!is_array($config['system']['user'])) diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index dcde894..150dedc 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -18,6 +18,7 @@ * - DNSexit (dnsexit.com) * - OpenDNS (opendns.com) * - Namecheap (namecheap.com) + * - HE.net (dns.he.net) * +----------------------------------------------------+ * Requirements: * - PHP version 4.0.2 or higher with CURL Library @@ -49,6 +50,7 @@ * DNSexit - Last Tested: 20 July 2008 * OpenDNS - Last Tested: 4 August 2008 * Namecheap - Last Tested: 31 August 2010 + * HE.net - Last Tested: NEVER * +====================================================+ * * @author E.Kristensen @@ -152,6 +154,7 @@ case 'dnsexit': case 'opendns': case 'namecheap': + case 'he-net': $this->_update(); break; default: @@ -434,6 +437,19 @@ if (@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); curl_close($ch); $this->_checkStatus($data); + break; + case 'he-net': + $needsIP = FALSE; + log_error("HE.net: DNS update() starting."); + $server = "https://dyn.dns.he.net/nic/update?"; + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsHost . ':' . $this->_dnsPass); + curl_setopt($ch, CURLOPT_URL, $server . 'hostname=' . $this->_dnsHost); + $data = curl_exec($ch); + if(@curl_error($ch)) log_error("Curl error occurred: " . curl_error($ch)); + curl_close($ch); + $this->_checkStatus($data); + break; default: break; } @@ -754,6 +770,26 @@ $this->_debug($data); } break; + + case 'he-net': + if (preg_match("/badip/i", $data)) { + $status = "phpDynDNS: (Error) Bad Request - The IP provided was invalid."; + } else if (preg_match('/nohost/i', $data)) { + $status = "phpDynDNS: (Error) Bad Request - A hostname was not provided."; + } else if (preg_match('/badauth/i', $data)) { + $status = "phpDynDNS: (Error) Invalid username or password."; + } else if (preg_match('/good/i', $data)) { + $status = "phpDynDNS: (Success) IP Address Updated Successfully!"; + $successful_update = true; + } else if (preg_match('/nochg/i', $data)) { + $status = "phpDynDNS: (Success) No Change In IP Address."; + $successful_update = true; + } else { + $status = "phpDynDNS: (Unknown Response)"; + log_error("phpDynDNS: PAYLOAD: {$data}"); + $this->_debug($data); + } + break; } if($successful_update == true) { diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index edff4d5..1cabd29 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -533,7 +533,7 @@ function filter_generate_aliases() { /* Setup pf groups */ if(isset($config['aliases']['alias'])) { foreach ($config['aliases']['alias'] as $aliased) { - $extraalias = ""; + $extralias = ""; /* * XXX: i am not sure what this does so i am commenting it out for now, because as it is * its quite dangerous! @@ -543,7 +543,10 @@ function filter_generate_aliases() { $aliasnesting = array(); $aliasaddrnesting = array(); $addrlist = filter_generate_nested_alias($aliased['name'], $aliased['address'], $aliasnesting, $aliasaddrnesting); - if($aliased['type'] == "host" || $aliased['type'] == "network" || $aliased['type'] == "url") { + switch ($aliased['type']) { + case "host": + case "network": + case "url": $tableaddrs = "{$addrlist}{$extralias}"; if(empty($tableaddrs)) $aliases .= "table <{$aliased['name']}> persist\n"; @@ -551,7 +554,8 @@ function filter_generate_aliases() { $aliases .= "table <{$aliased['name']}> { {$addrlist}{$extralias} } \n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; - } else if($aliased['type'] == "openvpn") { + break; + case "openvpn": $openvpncfg = array(); if($config['openvpn']['user']) { /* XXX: Check if we have a correct ip? */ @@ -571,14 +575,21 @@ function filter_generate_aliases() { } $aliases .= "table <{$aliased['name']}> { {$newaddress}{$extralias} } \n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; - } elseif($aliased['type'] == "urltable") { + break; + case "urltable": $urlfn = alias_expand_urltable($aliased['name']); if ($urlfn) { $aliases .= "table <{$aliased['name']}> persist file \"{$urlfn}\"\n"; $aliases .= "{$aliased['name']} = \"<{$aliased['name']}>\"\n"; } - } else + break; + case "port": + $aliases .= "{$aliased['name']} = \"{ {$addrlist} }\"\n"; + break; + default: $aliases .= "{$aliased['name']} = \"{ {$aliased['address']}{$extralias} }\"\n"; + break; + } } } $result = "{$alias} \n"; diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 2168765..7037933 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -91,7 +91,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "7.7", + "latest_config" => "7.8", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index d2aaa39..f5c35ca 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -367,6 +367,7 @@ function return_gateway_groups_array() { $gateways_arr = return_gateways_array(); $gateway_groups_array = array(); + if (0) { /* * NOTE: The code below is meant to replace the default gateway when it goes down. * This facilitates services running on pfSense itself and are not handled by a PBR to continue working. @@ -400,6 +401,7 @@ function return_gateway_groups_array() { } } unset($upgw, $dfltgwfound, $dfltgwdown, $gwname, $gwsttng); + } if (is_array($config['gateways']['gateway_group'])) { foreach($config['gateways']['gateway_group'] as $group) { diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 3f3b02d..1858be4 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -932,9 +932,9 @@ function interfaces_configure() { return 0; } -function interface_reconfigure($interface = "wan") { +function interface_reconfigure($interface = "wan", $reloadall = false) { interface_bring_down($interface); - interface_configure($interface, true); + interface_configure($interface, $reloadall); } function interface_vip_bring_down($vip) { diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc index a35d148..314473d 100644 --- a/etc/inc/notices.inc +++ b/etc/inc/notices.inc @@ -295,7 +295,7 @@ function notify_via_smtp($message) { $smtp->host_port = empty($config['notifications']['smtp']['port']) ? 25 : $config['notifications']['smtp']['port']; $smtp->direct_delivery = 0; - $smtp->ssl = 0; + $smtp->ssl = ($config['notifications']['smtp']['ssl'] == "checked") ? 1 : 0; $smtp->debug = 0; $smtp->html_debug = 0; $smtp->localhost=$config['system']['hostname'].".".$config['system']['domain']; diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index a6a9c58..b2897dd 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -708,14 +708,14 @@ function call_pfsense_method($method, $params, $timeout = 0) { $proxyport = 0; $proxyuser = ""; $proxypass = ""; - if (!empty($config['system']['httpproxy'])) - $proxyurl = $config['system']['httpproxy']; - if (!empty($config['system']['httpproxyport']) && is_numeric($config['system']['httpproxyport'])) - $proxyport = $config['system']['httpproxyport']; - if (!empty($config['system']['httpproxyuser'])) - $proxyuser = $config['system']['httpproxyuser']; - if (!empty($config['system']['httpproxypass'])) - $proxypass = $config['system']['httpproxypass']; + if (!empty($config['system']['proxyurl'])) + $proxyurl = $config['system']['proxyurl']; + if (!empty($config['system']['proxyport']) && is_numeric($config['system']['proxyport'])) + $proxyport = $config['system']['proxyport']; + if (!empty($config['system']['proxyuser'])) + $proxyuser = $config['system']['proxyuser']; + if (!empty($config['system']['proxypass'])) + $proxypass = $config['system']['proxypass']; $cli = new XML_RPC_Client($xmlrpc_path, $xmlrpc_base_url, $port, $proxyurl, $proxyport, $proxyuser, $proxypass); // If the ALT PKG Repo has a username/password set, use it. if($config['system']['altpkgrepo']['username'] && @@ -1471,7 +1471,7 @@ function download_file_with_progress_bar($url_file, $destination_file, $readbody curl_setopt($ch, CURLOPT_PROXYPORT, $config['system']['proxyport']); if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { @curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_ANY | CURLAUTH_ANYSAFE); - curl_setopt($ch, CURLOPT_PROXYUSERPASS, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"); + curl_setopt($ch, CURLOPT_PROXYUSERPWD, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"); } } @@ -2181,4 +2181,30 @@ function filter_rules_compare($a, $b) { return compare_interface_friendly_names($a['interface'], $b['interface']); } +/****f* pfsense-utils/load_mac_manufacturer_table + * NAME + * load_mac_manufacturer_table + * INPUTS + * none + * RESULT + * returns associative array with MAC-Manufacturer pairs + ******/ +function load_mac_manufacturer_table() { + /* load MAC-Manufacture data from the file */ + $macs = false; + if (file_exists("/usr/local/share/nmap/nmap-mac-prefixes")) + $macs=file("/usr/local/share/nmap/nmap-mac-prefixes"); + if ($macs){ + foreach ($macs as $line){ + if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){ + /* store values like this $mac_man['000C29']='VMware' */ + $mac_man["$matches[1]"]=$matches[2]; + } + } + return $mac_man; + } else + return -1; + +} + ?> diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 1535e8a..1798f85 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -42,6 +42,7 @@ require_once("globals.inc"); require_once("xmlrpc.inc"); +require_once("service-utils.inc"); if(file_exists("/cf/conf/use_xmlreader")) require_once("xmlreader.inc"); else @@ -324,6 +325,8 @@ function uninstall_package($pkg_name) { } } + stop_service($pkg_name); + $id = get_pkg_id($pkg_name); if ($id >= 0) { $pkg_depends =& $config['installedpackages']['package'][$id]['depends_on_package']; @@ -892,7 +895,7 @@ function delete_package($pkg) { } function delete_package_xml($pkg) { - global $g, $config, $static_output, $pkg_interface; + global $g, $config, $static_output, $pkg_interface, $rcfileprefix; conf_mount_rw(); @@ -964,6 +967,13 @@ function delete_package_xml($pkg) { if($instservice['name'] == $service['name']) { if($g['booting'] != true) stop_service($service['name']); + if($service['rcfile']) { + $prefix = $rcfileprefix; + if (!empty($service['prefix'])) + $prefix = $service['prefix']; + if (file_exists("{$prefix}{$service['rcfile']}")) + @unlink("{$prefix}{$service['rcfile']}"); + } unset($services[$key]); } } diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index 0a806c3..cb6f321 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -742,42 +742,7 @@ function enable_rrd_graphing() { $rrdupdatesh .= "# polling Captive Portal for number of logged in users\n"; $rrdupdatesh .= "CP=`$php -q $captiveportal_gather loggedin`\n"; $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalloggedin \${CP}\n"; - - $ifname= "captiveportal"; - if (!file_exists("$rrddbpath$ifname$captiveportaltotalusers")) { - $rrdcreate = "$rrdtool create $rrddbpath$ifname$captiveportaltotalusers --step $rrdcaptiveportalinterval "; - $rrdcreate .= "DS:totalusers:GAUGE:$captiveportalvalid:0:10000 "; - $rrdcreate .= "RRA:AVERAGE:0.5:1:1000 "; - $rrdcreate .= "RRA:AVERAGE:0.5:5:1100 "; - $rrdcreate .= "RRA:AVERAGE:0.5:60:1175 "; - $rrdcreate .= "RRA:AVERAGE:0.5:720:3000 "; - $rrdcreate .= "RRA:MIN:0.5:1:1000 "; - $rrdcreate .= "RRA:MIN:0.5:5:1100 "; - $rrdcreate .= "RRA:MIN:0.5:60:1175 "; - $rrdcreate .= "RRA:MIN:0.5:720:3000 "; - $rrdcreate .= "RRA:MAX:0.5:1:1000 "; - $rrdcreate .= "RRA:MAX:0.5:5:1100 "; - $rrdcreate .= "RRA:MAX:0.5:60:1175 "; - $rrdcreate .= "RRA:MAX:0.5:720:3000 "; - $rrdcreate .= "RRA:LAST:0.5:1:1000 "; - $rrdcreate .= "RRA:LAST:0.5:5:1100 "; - $rrdcreate .= "RRA:LAST:0.5:60:1175 "; - $rrdcreate .= "RRA:LAST:0.5:720:3000 "; - create_new_rrd($rrdcreate); - } - - /* enter UNKNOWN values in the RRD so it knows we rebooted. */ - if($g['booting']) { - mwexec("$rrdtool update $rrddbpath$ifname$captiveportaltotalusers N:U"); - } - - /* the Captive Portal stats gathering function. */ - $rrdupdatesh .= "\n"; - $rrdupdatesh .= "# polling Captive Portal for number of concurrent users\n"; - $rrdupdatesh .= "CP=`$php -q $captiveportal_gather total`\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportaltotalusers \${CP}\n"; - } $rrdupdatesh .= "sleep 60\n"; diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 895eb57..57b1719 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -82,6 +82,9 @@ function start_service($name) { global $config; global $rcfileprefix; + if (empty($name)) + return; + /* make sure service is stopped before starting */ stop_service($name); sleep(2); @@ -114,6 +117,9 @@ function stop_service($name) { global $config; global $rcfileprefix; + if (empty($name)) + return; + if ($config['installedpackages']['service']) { foreach($config['installedpackages']['service'] as $service) { if(strtolower($service['name']) == strtolower($name)) { @@ -122,7 +128,10 @@ function stop_service($name) { if(!empty($service['prefix'])) { $prefix =& $service['prefix']; } - mwexec_bg("{$prefix}{$service['rcfile']} stop"); + if(file_exists("{$prefix}{$service['rcfile']}")) { + mwexec_bg("{$prefix}{$service['rcfile']} stop"); + } + return; } if (!empty($service['stopcmd'])) eval($service['stopcmd']); @@ -144,6 +153,9 @@ function stop_service($name) { function restart_service($name) { global $config; + if (empty($name)) + return; + stop_service($name); start_service($name); diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 291b2b5..df0914c 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -557,7 +557,7 @@ function services_dhcrelay_configure() { foreach($route_str as $routeline) { $items = preg_split("/[ ]+/i", $routeline); if (ip_in_subnet($srvip, $items[0])) { - $destif = trim($items[2]); + $destif = trim($items[6]); break; } } diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index b3d7bf6..60490aa 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1804,13 +1804,26 @@ function upgrade_053_to_054() { $lbpool_srv_arr = array(); $gateway_group_arr = array(); $gateways = return_gateways_array(); + $group_name_changes = array(); if (! is_array($config['gateways']['gateway_item'])) $config['gateways']['gateway_item'] = array(); $a_gateways =& $config['gateways']['gateway_item']; foreach($lbpool_arr as $lbpool) { if($lbpool['type'] == "gateway") { - $gateway_group['name'] = $lbpool['name']; + // Gateway Groups have to have valid names in pf, old lb pools did not. Clean them up. + $group_name = ereg_replace("[^A-Za-z0-9]", "", $lbpool['name'] ); + // If we made and changes, check for collisions and note the change. + if ($group_name != $lbpool['name']) { + // Make sure the name isn't already in use. + foreach ($gateway_group_arr as $gwg) { + // If the name is in use, add some random bits to avoid collision. + if ($gwg['name'] == $group_name) + $group_name .= uniqid(); + } + $group_name_changes[$lbpool['name']] = $group_name; + } + $gateway_group['name'] = $group_name; $gateway_group['descr'] = $lbpool['descr']; $gateway_group['trigger'] = "down"; $gateway_group['item'] = array(); @@ -1855,6 +1868,11 @@ function upgrade_053_to_054() { // Only set the gateway group array if we converted any if (count($gateway_group_arr) != 0) { $config['gateways']['gateway_group'] = $gateway_group_arr; + // Update any rules that had a gateway change, if any. + if (count($group_name_changes) > 0) + foreach ($config['filter']['rule'] as & $rule) + if (!empty($rule["gateway"]) && array_key_exists($rule["gateway"], $group_name_changes)) + $rule["gateway"] = $group_name_changes[$rule["gateway"]]; } } @@ -2455,4 +2473,21 @@ function upgrade_076_to_077() { } } +function upgrade_077_to_078() { + if (is_array($config['pptpd']) && is_array($config['pptpd']['radius']) + && !is_array($config['pptpd']['radius']['server'])) { + $radarr = array(); + $radsvr = array(); + $radsvr['ip'] = $config['pptpd']['radius']['server']; + $radsvr['secret'] = $config['pptpd']['radius']['secret']; + $radsvr['port'] = 1812; + $radsvr['acctport'] = 1813; + $radsvr['enable'] = isset($config['pptpd']['radius']['enable']); + $radarr['accounting'] = isset($config['pptpd']['radius']['accounting']); + if ($radarr['accounting']) + $radarr['acct_update'] = $radsvr['ip']; + $radarr['server'] = $radsvr; + $config['pptpd']['radius'] = $radarr; + } +} ?> diff --git a/etc/inc/util.inc b/etc/inc/util.inc index c1a57cf..b353004 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -473,8 +473,7 @@ function is_validaliasname($name) { $reserved = array("port", "pass"); if (in_array($name, $reserved, true)) return; /* return NULL */ - - if (!preg_match("/[^a-zA-Z0-9_]/", $name)) + if (!preg_match("/[^a-zA-Z0-9_]/", $name) && (strlen($name) < 32)) return true; else return false; diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index fee5d12..3b9f1ba 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -129,7 +129,7 @@ EOF; log_error("CaptivePortalVoucherSync XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } $toreturn = XML_RPC_Decode($resp->value()); - if(count($toreturn['voucher']['roll']) <> count($config['voucher']['roll'])) { + if (is_array($toreturn['voucher']) && (count($toreturn['voucher']['roll']) <> count($config['voucher']['roll']))) { $config['voucher']['roll'] = $toreturn['voucher']['roll']; write_config("Captive Portal Voucher database synchronized with {$url}"); voucher_configure(true); diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 6311072..455c07d 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -265,7 +265,8 @@ function vpn_ipsec_configure($ipchg = false) break; } - $pskconf .= "{$peerid_data}\t{$ph1ent['pre-shared-key']}\n"; + if (!empty($peerid_data) && !empty($ph1ent['pre-shared-key'])) + $pskconf .= trim($peerid_data) . "\t" . trim($ph1ent['pre-shared-key']) . "\n"; } } diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 0ff40e1..81ea653 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -13,7 +13,7 @@ require_once("pfsense-utils.inc"); conf_mount_rw(); -$GIT_REPO="http://gitweb.pfsense.org/pfsense/mainline.git"; +$GIT_REPO="git://github.com/bsdperimeter/pfsense.git"; $CODIR = "/root/pfsense/"; global $g; diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index 7039722..6acadc0 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -321,9 +321,10 @@ if (is_array($config['installedpackages']['carpsettings']['config'])) { if ($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { $sections[] = 'shaper'; } - if ($carp['synchronizetrafficshaper'] != "") { - if (!is_array($config['l7shaper'])) - $config['l7shaper'] = array(); + if ($carp['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) { + $sections[] = 'dnshaper'; + } + if ($carp['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) { $sections[] = 'l7shaper'; } if ($carp['synchronizestaticroutes'] != "") { diff --git a/etc/rc.initial.setlanip b/etc/rc.initial.setlanip index c1f6ddc..e95acd4 100755 --- a/etc/rc.initial.setlanip +++ b/etc/rc.initial.setlanip @@ -219,7 +219,7 @@ $upperifname = strtoupper($interface); echo "\nPlease wait, saving and activating your changes to {$upperifname}..."; write_config(gettext("{$interface} IP configuration from console menu")); - interface_configure(strtolower($upperifname)); + interface_reconfigure(strtolower($upperifname)); echo " Reloading filter..."; filter_configure_sync(); echo "\n"; diff --git a/etc/rc.linkup b/etc/rc.linkup index 2e8bbcd..ea0fb90 100755 --- a/etc/rc.linkup +++ b/etc/rc.linkup @@ -45,6 +45,8 @@ function handle_argument_group($iface, $argument2) { $iface = get_real_interface($iface); interfaces_bring_up($iface); exec("/usr/sbin/arp -d -i {$iface} -a"); + if ($argument2 == "start" || $argument2 == "up") + send_event("interface newip {$iface}"); } else { switch ($argument2) { case "stop": diff --git a/etc/rc.start_packages b/etc/rc.start_packages index 4025e58..4b78718 100755 --- a/etc/rc.start_packages +++ b/etc/rc.start_packages @@ -1,17 +1,73 @@ -#!/bin/sh +#!/usr/local/bin/php -f +<?php +/* $Id$ */ +/* + rc.start_packages + part of pfSense (http://www.pfSense.com) + Copyright (C) 2004 Scott Ullrich + All rights reserved. -# Set our operating platform -PLATFORM=`cat /etc/platform` + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: -if [ ! "$PLATFORM" = "cdrom" ]; then + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - /etc/rc.packages 2>/dev/null + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - echo "Executing rc.d items... " - for FILE in /usr/local/etc/rc.d/*.sh; do - echo -n " Starting ${FILE}..." - sh $FILE start >>/tmp/bootup_messages 2>&1 & - echo "done." - done -fi + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("captiveportal.inc"); +require_once("pkg-utils.inc"); +require_once("pfsense-utils.inc"); +require_once("service-utils.inc"); + +log_error("Restarting/Starting all packages."); + +$rcfiles = glob("{$rcfileprefix}*.sh"); +if (!$rcfiles) + $rcfiles = array(); +else { + $rcfiles = array_flip($rcfiles); + if (!$rcfiles) + $rcfiles = array(); +} + +if (is_array($config['installedpackages']['package'])) { + foreach($config['installedpackages']['package'] as $package) { + echo " Starting package {$package['name']}..."; + sync_package($package['name']); + start_service($package['name']); + unset($rcfiles["{$rcfileprefix}{$package['name']}.sh"]); + echo "done.\n"; + } +} + +$shell = @popen("/bin/sh", "w"); +if ($shell) { + foreach ($rcfiles as $rcfile => $number) { + echo " Starting {$rcfile}..."; + fwrite($shell, "{$rcfile} start >>/tmp/bootup_messages 2>&1 &"); + echo "done.\n"; + } + + pclose($shell); +} + +?> diff --git a/etc/rc.stop_packages b/etc/rc.stop_packages index 4ff9ed9..95e77fd 100755 --- a/etc/rc.stop_packages +++ b/etc/rc.stop_packages @@ -1,18 +1,71 @@ -#!/bin/sh +#!/usr/local/bin/php -f +<?php +/* $Id$ */ +/* + rc.stop_packages + part of pfSense (http://www.pfSense.com) + Copyright (C) 2004 Scott Ullrich + All rights reserved. -# Set our operating platform -PLATFORM=`cat /etc/platform` + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: -if [ ! "$PLATFORM" = "cdrom" ]; then + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - echo "Syncing packages..." - /etc/rc.packages 2>/dev/null + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - echo "Executing rc.d items... " - for FILE in /usr/local/etc/rc.d/*.sh; do - echo -n " Stopping ${FILE}..." - sh $FILE stop >>/tmp/bootup_messages 2>&1 - echo "done." - done -fi + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("captiveportal.inc"); +require_once("pkg-utils.inc"); +require_once("pfsense-utils.inc"); +require_once("service-utils.inc"); + +log_error("Stopping all packages."); + +$rcfiles = glob("{$rcfileprefix}*.sh"); +if (!$rcfiles) + $rcfiles = array(); +else { + $rcfiles = array_flip($rcfiles); + if (!$rcfiles) + $rcfiles = array(); +} + +if (is_array($config['installedpackages']['package'])) { + foreach($config['installedpackages']['package'] as $package) { + echo " Stoping package {$package['name']}..."; + stop_service($package['name']); + unset($rcfiles["{$rcfileprefix}{$package['name']}.sh"]); + echo "done.\n"; + } +} + +$shell = @popen("/bin/sh", "w"); +if ($shell) { + foreach ($rcfiles as $rcfile => $number) { + echo " Stoping {$rcfile}..."; + fwrite($shell, "{$rcfile} stop >>/tmp/bootup_messages 2>&1"); + echo "done.\n"; + } + + pclose($shell); +} +?> |
