diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-02-26 09:25:41 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-02-26 09:25:41 -0300 |
| commit | 7136682edea8e77ba04fa0ff738c0d07c86f3ae1 (patch) | |
| tree | a462b826c45929dc4bfe9f523b1146d02f8943b0 /etc | |
| parent | 777291a29349ae5e58891aa7898f07044cf747ab (diff) | |
| parent | a8efbde4aa59a2384c26ef8b0a5b0a847abcabec (diff) | |
| download | pfsense-7136682edea8e77ba04fa0ff738c0d07c86f3ae1.zip pfsense-7136682edea8e77ba04fa0ff738c0d07c86f3ae1.tar.gz | |
Merge pull request #1515 from phil-davis/Style-updates
Diffstat (limited to 'etc')
60 files changed, 1294 insertions, 1145 deletions
@@ -102,8 +102,8 @@ else # If /conf is a directory, convert it to a symlink to /cf/conf if [ -d "/conf" ]; then # If item is not a symlink then rm and recreate - CONFPOINTSTO=`readlink /conf` - if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then + CONFPOINTSTO=`readlink /conf` + if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then /bin/rm -rf /conf /bin/ln -s /cf/conf /conf fi @@ -225,8 +225,8 @@ if [ "$PLATFORM" = "cdrom" ] ; then /bin/mkdir /tmp/unionfs/confdefault /sbin/mount_unionfs /tmp/unionfs/usr /usr/ /sbin/mount_unionfs /tmp/unionfs/root /root/ - /sbin/mount_unionfs /tmp/unionfs/bin /bin/ - /sbin/mount_unionfs /tmp/unionfs/sbin /sbin/ + /sbin/mount_unionfs /tmp/unionfs/bin /bin/ + /sbin/mount_unionfs /tmp/unionfs/sbin /sbin/ /sbin/mount_unionfs /tmp/unionfs/boot /boot/ /sbin/mount_unionfs /tmp/unionfs/confdefault /conf.default/ echo "done." @@ -269,22 +269,22 @@ if [ ! -L /etc/hosts ]; then fi if [ ! -L /etc/resolv.conf ]; then - /bin/rm -rf /etc/resolv.conf - /bin/ln -s /var/etc/resolv.conf /etc/resolv.conf + /bin/rm -rf /etc/resolv.conf + /bin/ln -s /var/etc/resolv.conf /etc/resolv.conf fi if [ ! -L /etc/resolvconf.conf ]; then - /bin/rm -rf /etc/resolvconf.conf - /bin/ln -s /var/etc/resolvconf.conf /etc/resolvconf.conf + /bin/rm -rf /etc/resolvconf.conf + /bin/ln -s /var/etc/resolvconf.conf /etc/resolvconf.conf fi # Setup compatibility link for packages that # have trouble overriding the PREFIX configure # argument since we build our packages in a # separated PREFIX area -# Only create if symlink does not exist. +# Only create if symlink does not exist. if [ ! -h /tmp/tmp ]; then - /bin/ln -hfs / /tmp/tmp + /bin/ln -hfs / /tmp/tmp fi # Make sure our /tmp is 777 + Sticky @@ -296,13 +296,13 @@ fi if [ ! "$PLATFORM" = "cdrom" ] ; then # Malloc debugging check if [ -L /etc/malloc.conf ]; then - #ln -s aj /etc/malloc.conf + #ln -s aj /etc/malloc.conf /bin/rm /etc/malloc.conf fi fi if [ ! -L /etc/dhclient.conf ]; then - /bin/rm -rf /etc/dhclient.conf + /bin/rm -rf /etc/dhclient.conf fi if [ ! -d /var/tmp ]; then @@ -310,7 +310,7 @@ if [ ! -d /var/tmp ]; then fi if [ ! -d /cf/conf/backup/ ]; then - /bin/mkdir -p /cf/conf/backup/ + /bin/mkdir -p /cf/conf/backup/ fi set -T @@ -334,18 +334,18 @@ if [ ! ${DEFAULT_LOG_FILE_SIZE} ]; then fi for logfile in $LOG_FILES; do - if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then + if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then /usr/bin/touch /var/log/$logfile.log - else + else if [ ! -f /var/log/$logfile.log ]; then if [ "$ENABLEFIFOLOG" -gt "0" ]; then # generate fifolog files /usr/sbin/fifolog_create -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log - else + else /usr/local/sbin/clog -i -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log fi fi - fi + fi done # change permissions on newly created fifolog files. @@ -368,7 +368,7 @@ echo -n "." # Make sure /etc/rc.conf doesn't exist. if [ -f /etc/rc.conf ]; then - /bin/rm -rf /etc/rc.conf + /bin/rm -rf /etc/rc.conf fi if [ ! "$PLATFORM" = "jail" ]; then @@ -429,7 +429,7 @@ if [ -f $varrunpath/booting ]; then /bin/rm $varrunpath/booting fi -# If a shell was selected from recovery +# If a shell was selected from recovery # console then just drop to the shell now. if [ -f "/tmp/donotbootup" ]; then echo "Dropping to recovery shell." diff --git a/etc/rc.backup_rrd.sh b/etc/rc.backup_rrd.sh index 408068a..c14ffc7 100755 --- a/etc/rc.backup_rrd.sh +++ b/etc/rc.backup_rrd.sh @@ -7,7 +7,7 @@ if [ -d "${RRDDBPATH}" ]; then [ -z "$NO_REMOUNT" ] && /etc/rc.conf_mount_rw [ -f "${CF_CONF_PATH}/rrd.tgz" ] && /bin/rm -f "${CF_CONF_PATH}"/rrd.tgz - + tgzlist="" for rrdfile in "${RRDDBPATH}"/*.rrd ; do diff --git a/etc/rc.banner b/etc/rc.banner index 901286f..5fd95c2 100755 --- a/etc/rc.banner +++ b/etc/rc.banner @@ -42,50 +42,51 @@ $product = $g['product_name']; $machine = trim(`uname -m`); $hideplatform = $g['hideplatform']; - - if(!$hideplatform) + + if (!$hideplatform) { $platformbanner = "-{$platform}"; - + } + print "*** Welcome to {$product} {$version}{$platformbanner} ({$machine}) on {$hostname} ***\n"; $iflist = get_configured_interface_with_descr(false, true); - foreach($iflist as $ifname => $friendly) { + foreach ($iflist as $ifname => $friendly) { /* point to this interface's config */ $ifconf = $config['interfaces'][$ifname]; /* look for 'special cases' */ - switch($ifconf['ipaddr']) { - case "dhcp": - $class = "/DHCP4"; - break; - case "pppoe": - $class = "/PPPoE"; - break; - case "pptp": - $class = "/PPTP"; - break; - case "l2tp": - $class = "/L2TP"; - break; - default: - $class = ""; - break; + switch ($ifconf['ipaddr']) { + case "dhcp": + $class = "/DHCP4"; + break; + case "pppoe": + $class = "/PPPoE"; + break; + case "pptp": + $class = "/PPTP"; + break; + case "l2tp": + $class = "/L2TP"; + break; + default: + $class = ""; + break; } - switch($ifconf['ipaddrv6']) { - case "dhcp6": - $class6 = "/DHCP6"; - break; - case "slaac": - $class6 = "/SLAAC"; - break; - case "6rd": - $class6 = "/6RD"; - break; - case "6to4": - $class6 = "/6to4"; - break; - case "track6": - $class6 = "/t6"; - break; + switch ($ifconf['ipaddrv6']) { + case "dhcp6": + $class6 = "/DHCP6"; + break; + case "slaac": + $class6 = "/SLAAC"; + break; + case "6rd": + $class6 = "/6RD"; + break; + case "6to4": + $class6 = "/6to4"; + break; + case "track6": + $class6 = "/t6"; + break; } $ipaddr = get_interface_ip($ifname); $subnet = get_interface_subnet($ifname); diff --git a/etc/rc.bootup b/etc/rc.bootup index 1adbe15..50190e1 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -38,7 +38,7 @@ function rescue_detect_keypress() { // How long do you want the script to wait before moving on (in seconds) $timeout=9; echo "\n"; - echo "[ Press R to enter recovery mode or ]\n"; + echo "[ Press R to enter recovery mode or ]\n"; echo "[ press I to launch the installer ]\n\n"; echo "(R)ecovery mode can assist by rescuing config.xml\n"; echo "from a broken hard disk installation, etc.\n\n"; @@ -48,30 +48,31 @@ function rescue_detect_keypress() { echo "Timeout before auto boot continues (seconds): {$timeout}"; $key = null; exec("/bin/stty erase " . chr(8)); - while(!in_array($key, array("c", "C", "r","R", "i", "I", "~", "!"))) { - echo chr(8) . "{$timeout}"; - `/bin/stty -icanon min 0 time 25`; - $key = trim(`KEY=\`dd count=1 2>/dev/null\`; echo \$KEY`); - `/bin/stty icanon`; - // Decrement our timeout value - $timeout--; - // If we have reached 0 exit and continue on - if ($timeout == 0) - break; + while (!in_array($key, array("c", "C", "r","R", "i", "I", "~", "!"))) { + echo chr(8) . "{$timeout}"; + `/bin/stty -icanon min 0 time 25`; + $key = trim(`KEY=\`dd count=1 2>/dev/null\`; echo \$KEY`); + `/bin/stty icanon`; + // Decrement our timeout value + $timeout--; + // If we have reached 0 exit and continue on + if ($timeout == 0) { + break; + } } // If R or I was pressed do our logic here if (in_array($key, array("r", "R"))) { - putenv("TERM=cons25"); - echo "\n\nRecovery mode selected...\n"; - passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer_rescue"); + putenv("TERM=cons25"); + echo "\n\nRecovery mode selected...\n"; + passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer_rescue"); } elseif (in_array($key, array("i", "I"))) { - putenv("TERM=cons25"); - echo "\n\nInstaller mode selected...\n"; - passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer"); - if(file_exists("/tmp/install_complete")) { - passthru("/etc/rc.reboot"); - exit; - } + putenv("TERM=cons25"); + echo "\n\nInstaller mode selected...\n"; + passthru("/usr/bin/env TERM=cons25 /bin/tcsh -c /scripts/lua_installer"); + if (file_exists("/tmp/install_complete")) { + passthru("/etc/rc.reboot"); + exit; + } } elseif (in_array($key, array("!", "~"))) { putenv("TERM=cons25"); echo "\n\nRecovery shell selected...\n"; @@ -141,8 +142,9 @@ system_dmesg_save(); system_check_reset_button(); /* remove previous firmware upgrade if present */ -if (file_exists("/root/firmware.tgz")) +if (file_exists("/root/firmware.tgz")) { unlink("/root/firmware.tgz"); +} /* start devd (dhclient now uses it) */ echo "Starting device manager (devd)..."; @@ -153,14 +155,15 @@ unmute_kernel_msgs(); echo "done.\n"; // Display rescue configuration option -if($g['platform'] == "cdrom") - rescue_detect_keypress(); +if ($g['platform'] == "cdrom") { + rescue_detect_keypress(); +} echo "Loading configuration..."; parse_config_bootup(); echo "done.\n"; -if($g['platform'] == "jail") { +if ($g['platform'] == "jail") { /* We must determine what network settings have been configured for us */ $wanif = "lo0"; /* defaults, if the jail admin hasn't set us up */ $ipaddr = "127.0.0.1"; @@ -181,28 +184,32 @@ if($g['platform'] == "jail") { $config['interfaces']['wan']['ipaddr'] = $ipaddr; $config['interfaces']['wan']['subnet'] = "32"; /* XXX right? */ $config['interfaces']['wan']['enable'] = true; - if($config['dhcpd']['lan']) + if ($config['dhcpd']['lan']) { unset($config['dhcpd']['lan']['enable']); + } unlink_if_exists('/conf/trigger_initial_wizard'); write_config(); } else { /* - * Determine if we need to throw a interface exception - * and ask the user to reassign interfaces. This will - * avoid a reboot and thats a good thing. + * Determine if we need to throw a interface exception + * and ask the user to reassign interfaces. This will + * avoid a reboot and that is a good thing. */ - while(is_interface_mismatch() == true) { + while (is_interface_mismatch() == true) { led_assigninterfaces(); if (isset($config['revision'])) { - if (file_exists("{$g['tmp_path']}/missing_interfaces")) + if (file_exists("{$g['tmp_path']}/missing_interfaces")) { echo "Warning: Configuration references interfaces that do not exist: " . file_get_contents("{$g['tmp_path']}/missing_interfaces") . "\n"; + } echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; - } else + } else { echo "\nDefault interfaces not found -- Running interface assignment option.\n"; + } $ifaces = get_interface_list(); if (is_array($ifaces)) { - foreach($ifaces as $iface => $ifdata) + foreach ($ifaces as $iface => $ifdata) { interfaces_bring_up($iface); + } } set_networking_interfaces_ports(); led_kitt(); @@ -262,12 +269,14 @@ setup_microcode(); echo "done.\n"; /* set up interfaces */ -if(!$debugging) +if (!$debugging) { mute_kernel_msgs(); +} interfaces_configure(); interfaces_sync_setup(); -if(!$debugging) +if (!$debugging) { unmute_kernel_msgs(); +} /* re-make hosts file after configuring interfaces */ system_hosts_generate(); @@ -297,7 +306,7 @@ echo "Synchronizing user settings..."; local_sync_accounts(); echo "done.\n"; -if($realmem > 0 and $realmem < 65) { +if ($realmem > 0 and $realmem < 65) { echo "System has less than 65 megabytes of ram {$realmem}. Delaying webConfigurator startup.\n"; /* start webConfigurator up on final pass */ mwexec("/usr/local/sbin/pfSctl -c 'service restart webgui'"); @@ -339,7 +348,7 @@ system_console_configure(); /* start DHCP service */ services_dhcpd_configure(); -/* start dhcpleases dhpcp hosts leases program */ +/* start dhcpleases dhcp hosts leases program */ system_dhcpleases_configure(); /* start DHCP relay */ @@ -385,12 +394,12 @@ enable_rrd_graphing(); enable_watchdog(); /* if <system><afterbootupshellcmd> exists, execute the command */ -if($config['system']['afterbootupshellcmd'] <> "") { +if ($config['system']['afterbootupshellcmd'] <> "") { echo "Running afterbootupshellcmd {$config['system']['afterbootupshellcmd']}\n"; mwexec($config['system']['afterbootupshellcmd']); } -if($physmem < $g['minimum_ram_warning']) { +if ($physmem < $g['minimum_ram_warning']) { require_once("/etc/inc/notices.inc"); file_notice("{$g['product_name']}MemoryRequirements", "{$g['product_name']} requires at least {$g['minimum_ram_warning_text']} of RAM. Expect unusual performance. This platform is not supported.", "Memory", "", 1); set_sysctl(array( @@ -404,8 +413,9 @@ if($physmem < $g['minimum_ram_warning']) { $kern_hz = get_single_sysctl('kern.clockrate'); $kern_hz = substr($kern_hz, strpos($kern_hz, "hz = ") + 5); $kern_hz = substr($kern_hz, 0, strpos($kern_hz, ",")); -if($kern_hz == "1000") +if ($kern_hz == "1000") { set_single_sysctl("net.inet.tcp.rexmit_min" , "30"); +} /* start the igmpproxy daemon */ services_igmpproxy_configure(); @@ -420,14 +430,15 @@ activate_powerd(); prefer_ipv4_or_ipv6(); /* Remove the old shutdown binary if we kept it. */ -if (file_exists("/sbin/shutdown.old")) +if (file_exists("/sbin/shutdown.old")) { @unlink("/sbin/shutdown.old"); +} /* Resync / Reinstall packages if need be */ -if(file_exists('/conf/needs_package_sync')) { - if($config['installedpackages'] <> '' && is_array($config['installedpackages']['package'])) { +if (file_exists('/conf/needs_package_sync')) { + if ($config['installedpackages'] <> '' && is_array($config['installedpackages']['package'])) { require_once("pkg-utils.inc"); - if($g['platform'] == "pfSense" || $g['platform'] == "nanobsd") { + if ($g['platform'] == "pfSense" || $g['platform'] == "nanobsd") { mark_subsystem_dirty('packagelock'); pkg_reinstall_all(); clear_subsystem_dirty('packagelock'); diff --git a/etc/rc.captiveportal_configure b/etc/rc.captiveportal_configure index bd59361..c20dbdd 100755 --- a/etc/rc.captiveportal_configure +++ b/etc/rc.captiveportal_configure @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.captiveportal_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.captiveportal_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require("config.inc"); diff --git a/etc/rc.captiveportal_configure_mac b/etc/rc.captiveportal_configure_mac index b88c66d..d22b7c8 100755 --- a/etc/rc.captiveportal_configure_mac +++ b/etc/rc.captiveportal_configure_mac @@ -1,31 +1,31 @@ #!/usr/local/bin/php -f <?php /* - rc.captiveportal_configure_mac - part of pfSense (https://www.pfsense.org) - Copyright (C) 2015 Ermal LUÇi - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.captiveportal_configure_mac + part of pfSense (https://www.pfsense.org) + Copyright (C) 2015 Ermal LUÇi + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require("config.inc"); diff --git a/etc/rc.carpbackup b/etc/rc.carpbackup index a5a951e..744e323 100755 --- a/etc/rc.carpbackup +++ b/etc/rc.carpbackup @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.carpbackup - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.carpbackup + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("functions.inc"); @@ -35,12 +35,14 @@ require_once("notices.inc"); require_once("openvpn.inc"); require_once("interfaces.inc"); -if (isset($_GET)) - $argument = $_GET['interface']; -else +if (isset($_GET)) { + $argument = $_GET['interface']; +} else { $argument = str_replace("\n", "", $argv[1]); -if (!strstr($argument, "@")) - log_error("Carp MASTER event triggered from wrong source {$argument}"); +} +if (!strstr($argument, "@")) { + log_error("Carp MASTER event triggered from wrong source {$argument}"); +} list($vhid, $iface) = explode("@", $argument); @@ -73,15 +75,17 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client' if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { $found = false; foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { - if ($dhcpv6ifconf['rainterface'] != $carp_iface) + if ($dhcpv6ifconf['rainterface'] != $carp_iface) { continue; + } $found = true; break; } - if ($found === true) + if ($found === true) { services_radvd_configure(); + } } $pluginparams = array(); diff --git a/etc/rc.carpmaster b/etc/rc.carpmaster index 93f6004..d313b31 100755 --- a/etc/rc.carpmaster +++ b/etc/rc.carpmaster @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.carpmaster - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.carpmaster + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("functions.inc"); @@ -35,12 +35,14 @@ require_once("notices.inc"); require_once("openvpn.inc"); require_once("interfaces.inc"); -if (isset($_GET)) +if (isset($_GET)) { $argument = $_GET['interface']; -else +} else { $argument = str_replace("\n", "", $argv[1]); -if (!strstr($argument, "@")) +} +if (!strstr($argument, "@")) { log_error("Carp MASTER event triggered from wrong source {$argument}"); +} list($vhid, $iface) = explode("@", $argument); @@ -81,15 +83,17 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server' if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) { $found = false; foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) { - if ($dhcpv6ifconf['rainterface'] != $carp_iface) + if ($dhcpv6ifconf['rainterface'] != $carp_iface) { continue; + } $found = true; break; } - if ($found === true) + if ($found === true) { services_radvd_configure(); + } } $pluginparams = array(); diff --git a/etc/rc.cdrom b/etc/rc.cdrom index 2018fe9..f368644 100755 --- a/etc/rc.cdrom +++ b/etc/rc.cdrom @@ -12,9 +12,9 @@ partsize="6m" export VARMFS_COPYDBPKG=yes for i in tmp varmfs etcmfs; do - if [ -f /etc/rc.d/$i ]; then - sh /etc/rc.d/$i start - fi + if [ -f /etc/rc.d/$i ]; then + sh /etc/rc.d/$i start + fi done # Start PFI @@ -24,13 +24,13 @@ done # a tiny mfs under /conf and populate with stock # configuration. if [ ! -f /conf/config.xml ]; then - echo -n "Generating a MFS /conf partition... " - device=$(mdconfig -a -t malloc -s ${partsize}) - newfs /dev/${device} > /dev/null 2>&1 - mount /dev/${device} /conf - cp /conf.default/* /conf - mount_nullfs /conf /cf/conf - echo "done." + echo -n "Generating a MFS /conf partition... " + device=$(mdconfig -a -t malloc -s ${partsize}) + newfs /dev/${device} > /dev/null 2>&1 + mount /dev/${device} /conf + cp /conf.default/* /conf + mount_nullfs /conf /cf/conf + echo "done." fi echo -n "Generating a MFS /home partition... " diff --git a/etc/rc.conf_mount_ro b/etc/rc.conf_mount_ro index 9e82fec..f1d95c4 100755 --- a/etc/rc.conf_mount_ro +++ b/etc/rc.conf_mount_ro @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.conf_mount_ro - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.conf_mount_ro + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.conf_mount_rw b/etc/rc.conf_mount_rw index 45d25e2..b333f37 100755 --- a/etc/rc.conf_mount_rw +++ b/etc/rc.conf_mount_rw @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.conf_mount_rw - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.conf_mount_rw + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.dhclient_cron b/etc/rc.dhclient_cron index 3ffb46e..7020748 100755 --- a/etc/rc.dhclient_cron +++ b/etc/rc.dhclient_cron @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.dhclient_cron - part of pfSense (https://www.pfsense.org) - Copyright (C) 2006 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.dhclient_cron + part of pfSense (https://www.pfsense.org) + Copyright (C) 2006 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); @@ -40,9 +40,9 @@ unlink_if_exists("/tmp/config.cache"); $iflist = get_configured_interface_with_descr(); foreach($iflist as $ifname => $interface) { $real_interface = get_real_interface($ifname); - if($config['interfaces'][$ifname]['ipaddr'] == "dhcp") { + if ($config['interfaces'][$ifname]['ipaddr'] == "dhcp") { $pid = find_dhclient_process($real_interface); - if($pid == 0 or !$pid) { + if ($pid == 0 or !$pid) { /* dhclient is not running for interface, kick it */ log_error("DHCLIENT was not running for {$real_interface} ... Launching new instance."); exec("/sbin/dhclient $real_interface"); diff --git a/etc/rc.dyndns.update b/etc/rc.dyndns.update index b350c22..717d71a 100755 --- a/etc/rc.dyndns.update +++ b/etc/rc.dyndns.update @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.dyndns.update - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.dyndns.update + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); @@ -37,18 +37,20 @@ require_once("shaper.inc"); /* Interface IP address has changed */ -if (isset($_GET['dyndns'])) +if (isset($_GET['dyndns'])) { $argument = $_GET['dyndns']; -else +} else { $argument = trim($argv[1], " \n"); +} -if(empty($argument) || $argument == "all") { +if (empty($argument) || $argument == "all") { services_dyndns_configure(); services_dnsupdate_process(); } else { $interface = lookup_gateway_interface_by_name($argument); - if (empty($interface)) + if (empty($interface)) { $interface = $argument; + } services_dyndns_configure($interface); services_dnsupdate_process($interface); } diff --git a/etc/rc.expireaccounts b/etc/rc.expireaccounts index a2d4554..0bf578e 100755 --- a/etc/rc.expireaccounts +++ b/etc/rc.expireaccounts @@ -4,20 +4,20 @@ /* rc.expireaccounts part of pfSense - + Copyright (C) 2009 Shrew Soft Inc. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -39,16 +39,16 @@ $count = count($config['system']['user']); $index = 0; - for(; $index < $count; $index++) { + for (; $index < $count; $index++) { $user =& $config['system']['user'][$index]; - if($user['scope'] == "system") + if ($user['scope'] == "system") continue; echo "1\n"; echo "User {$user['name']} expires {$user['expires']}\n"; - if(!$user['expires'] || isset($user['disabled'])) + if (!$user['expires'] || isset($user['disabled'])) continue; echo "1\n"; - if(strtotime("-1 day") > strtotime($user['expires'])) { + if (strtotime("-1 day") > strtotime($user['expires'])) { echo "Disabling user {$user['name']} at index #{$index}\n"; //unset($config['system']['user'][$index]); $user['disabled'] = true; @@ -58,8 +58,9 @@ } } - if($removed > 0) + if ($removed > 0) { write_config("Expired {$removed} user accounts"); + } //print_r($config); diff --git a/etc/rc.filter_configure b/etc/rc.filter_configure index 92be68d..4fb1a45 100755 --- a/etc/rc.filter_configure +++ b/etc/rc.filter_configure @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.filter_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.filter_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.filter_configure_sync b/etc/rc.filter_configure_sync index 1f36681..b0d60d9 100755 --- a/etc/rc.filter_configure_sync +++ b/etc/rc.filter_configure_sync @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.filter_configure_sync - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.filter_configure_sync + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.filter_configure_xmlrpc b/etc/rc.filter_configure_xmlrpc index bd1f785..6fa2491 100755 --- a/etc/rc.filter_configure_xmlrpc +++ b/etc/rc.filter_configure_xmlrpc @@ -1,37 +1,37 @@ #!/usr/local/bin/php -f <?php /* - rc.filter_configure_xmlrpc - Copyright (C) 2004-2006 Scott Ullrich - Copyright (C) 2005 Bill Marquette - Copyright (C) 2006 Peter Allgeyer - Copyright (C) 2008 Ermal Luci - All rights reserved. - - originally part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.filter_configure_xmlrpc + Copyright (C) 2004-2006 Scott Ullrich + Copyright (C) 2005 Bill Marquette + Copyright (C) 2006 Peter Allgeyer + Copyright (C) 2008 Ermal Luci + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index a17e50e..e411e7e 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -3,9 +3,9 @@ /* rc.filter_synchronize Copyright (C) 2004-2006 Scott Ullrich - Copyright (C) 2005 Bill Marquette - Copyright (C) 2006 Peter Allgeyer - Copyright (C) 2008 Ermal Luci + Copyright (C) 2005 Bill Marquette + Copyright (C) 2006 Peter Allgeyer + Copyright (C) 2008 Ermal Luci All rights reserved. originally part of m0n0wall (http://m0n0.ch/wall) @@ -54,7 +54,7 @@ function backup_vip_config_section() { return; $temp = array(); $temp['vip'] = array(); - foreach($config['virtualip']['vip'] as $section) { + foreach ($config['virtualip']['vip'] as $section) { if (($section['mode'] == 'proxyarp' || $section['mode'] == 'ipalias') && (strpos($section['interface'], '_vip') === FALSE) && (strpos($section['interface'], 'lo0') === FALSE)) @@ -62,14 +62,16 @@ function backup_vip_config_section() { if ($section['advskew'] <> "") { $section_val = intval($section['advskew']); $section_val=$section_val+100; - if ($section_val > 254) + if ($section_val > 254) { $section_val = 254; + } $section['advskew'] = $section_val; } if ($section['advbase'] <> "") { $section_val = intval($section['advbase']); - if ($section_val > 254) + if ($section_val > 254) { $section_val = 254; + } $section['advbase'] = $section_val; } $temp['vip'][] = $section; @@ -82,8 +84,9 @@ function remove_special_characters($string) { preg_match_all("/[a-zA-Z0-9\_\-]+/",$string,$match_array); $string = ""; foreach ($match_array[0] as $ma) { - if ($string <> "") + if ($string <> "") { $string .= " "; + } $string .= $ma; } return $string; @@ -92,7 +95,7 @@ function remove_special_characters($string) { function carp_check_version($url, $username, $password, $port = 80, $method = 'pfsense.host_firmware_version') { global $config, $g; - if(file_exists("{$g['varrun_path']}/booting") || platform_booting()) + if (file_exists("{$g['varrun_path']}/booting") || platform_booting()) return; $params = array( @@ -104,17 +107,18 @@ function carp_check_version($url, $username, $password, $port = 80, $method = 'p $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($numberofruns > 0) + if ($numberofruns > 0) { $cli->setDebug(1); + } /* send our XMLRPC message and timeout after 240 seconds */ $resp = $cli->send($msg, "240"); - if(!is_object($resp)) { + if (!is_object($resp)) { $error = "A communications error occurred while attempting XMLRPC sync with username {$username} {$url}:{$port}."; - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); } else { $parsed_response = XML_RPC_decode($resp->value()); - if(!is_array($parsed_response)) { + if (!is_array($parsed_response)) { if (trim($parsed_response) == "Authentication failed") { $error = "An authentication failure occurred while trying to access {$url}:{$port} ({$method})."; log_error($error); @@ -127,8 +131,9 @@ function carp_check_version($url, $username, $password, $port = 80, $method = 'p update_filter_reload_status("The other member is on older configuration version of {$g['product_name']}. Sync will not be done to prevent problems!"); log_error("The other member is on older configuration version of {$g['product_name']}. Sync will not be done to prevent problems!"); return false; - } else + } else { return true; + } } } log_error($error); @@ -142,7 +147,7 @@ function carp_check_version($url, $username, $password, $port = 80, $method = 'p function carp_sync_xml($url, $username, $password, $sections, $port = 80, $method = 'pfsense.restore_config_section') { global $config, $g; - if(file_exists("{$g['varrun_path']}/booting") || platform_booting()) + if (file_exists("{$g['varrun_path']}/booting") || platform_booting()) return; update_filter_reload_status("Syncing CARP data to {$url}"); @@ -155,54 +160,60 @@ function carp_sync_xml($url, $username, $password, $sections, $port = 80, $metho $rulescnt = count($config_copy['nat']['outbound']['rule']); for ($x = 0; $x < $rulescnt; $x++) { $config_copy['nat']['outbound']['rule'][$x]['descr'] = remove_special_characters($config_copy['nat']['outbound']['rule'][$x]['descr']); - if (isset ($config_copy['nat']['outbound']['rule'][$x]['nosync'])) + if (isset ($config_copy['nat']['outbound']['rule'][$x]['nosync'])) { unset ($config_copy['nat']['outbound']['rule'][$x]); + } } } if (is_array($config_copy['nat']['rule'])) { $natcnt = count($config_copy['nat']['rule']); for ($x = 0; $x < $natcnt; $x++) { $config_copy['nat']['rule'][$x]['descr'] = remove_special_characters($config_copy['nat']['rule'][$x]['descr']); - if (isset ($config_copy['nat']['rule'][$x]['nosync'])) + if (isset ($config_copy['nat']['rule'][$x]['nosync'])) { unset ($config_copy['nat']['rule'][$x]); + } } } if (is_array($config_copy['filter']['rule'])) { $filtercnt = count($config_copy['filter']['rule']); for ($x = 0; $x < $filtercnt; $x++) { $config_copy['filter']['rule'][$x]['descr'] = remove_special_characters($config_copy['filter']['rule'][$x]['descr']); - if (isset ($config_copy['filter']['rule'][$x]['nosync'])) + if (isset ($config_copy['filter']['rule'][$x]['nosync'])) { unset ($config_copy['filter']['rule'][$x]); + } } } if (is_array($config_copy['aliases']['alias'])) { $aliascnt = count($config_copy['aliases']['alias']); for ($x = 0; $x < $aliascnt; $x++) { $config_copy['aliases']['alias'][$x]['descr'] = remove_special_characters($config_copy['aliases']['alias'][$x]['descr']); - if (isset ($config_copy['aliases']['alias'][$x]['nosync'])) + if (isset ($config_copy['aliases']['alias'][$x]['nosync'])) { unset ($config_copy['aliases']['alias'][$x]); + } } } if (is_array($config_copy['dnsmasq']['hosts'])) { $dnscnt = count($config_copy['dnsmasq']['hosts']); for ($x = 0; $x < $dnscnt; $x++) { $config_copy['dnsmasq']['hosts'][$x]['descr'] = remove_special_characters($config_copy['dnsmasq']['hosts'][$x]['descr']); - if (isset ($config_copy['dnsmasq']['hosts'][$x]['nosync'])) + if (isset ($config_copy['dnsmasq']['hosts'][$x]['nosync'])) { unset ($config_copy['dnsmasq']['hosts'][$x]); + } } } if (is_array($config_copy['ipsec']['tunnel'])) { $ipseccnt = count($config_copy['ipsec']['tunnel']); for ($x = 0; $x < $ipseccnt; $x++) { $config_copy['ipsec']['tunnel'][$x]['descr'] = remove_special_characters($config_copy['ipsec']['tunnel'][$x]['descr']); - if (isset ($config_copy['ipsec']['tunnel'][$x]['nosync'])) + if (isset ($config_copy['ipsec']['tunnel'][$x]['nosync'])) { unset ($config_copy['ipsec']['tunnel'][$x]); + } } } if (is_array($config_copy['dhcpd'])) { - foreach($config_copy['dhcpd'] as $dhcpif => $dhcpifconf) { - if($dhcpifconf['failover_peerip'] <> "") { + foreach ($config_copy['dhcpd'] as $dhcpif => $dhcpifconf) { + if ($dhcpifconf['failover_peerip'] <> "") { $int = guess_interface_from_ip($dhcpifconf['failover_peerip']); $intip = find_interface_ip($int); $config_copy['dhcpd'][$dhcpif]['failover_peerip'] = $intip; @@ -244,21 +255,22 @@ function carp_sync_xml($url, $username, $password, $sections, $port = 80, $metho $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($numberofruns > 0) + if ($numberofruns > 0) { $cli->setDebug(1); + } /* send our XMLRPC message and timeout after 240 seconds */ $resp = $cli->send($msg, "240"); - if(!is_object($resp)) { + if (!is_object($resp)) { $error = "A communications error occurred while attempting XMLRPC sync with username {$username} {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $error = "An error code was received while attempting XMLRPC sync with username {$username} {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "Settings Sync", ""); } else { $parsed_response = XML_RPC_decode($resp->value()); - if(!is_array($parsed_response) && trim($parsed_response) == "Authentication failed") { + if (!is_array($parsed_response) && trim($parsed_response) == "Authentication failed") { $error = "An authentication failure occurred while trying to access {$url}:{$port} ($method)."; log_error($error); file_notice("sync_settings", $error, "Settings Sync", ""); @@ -297,118 +309,144 @@ if (is_array($config['hasync'])) { /* if port is empty lets rely on the protocol selection */ $port = $config['system']['webgui']['port']; if (empty($port)) { - if ($config['system']['webgui']['protocol'] == "http") + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; + } } - if(is_ipaddrv6($hasync['synchronizetoip'])) + if (is_ipaddrv6($hasync['synchronizetoip'])) { $hasync['synchronizetoip'] = "[{$hasync['synchronizetoip']}]"; + } $synchronizetoip .= $hasync['synchronizetoip']; if ($hasync['synchronizerules'] != "") { - if (!is_array($config['filter'])) + if (!is_array($config['filter'])) { $config['filter'] = array(); + } $sections[] = 'filter'; } if ($hasync['synchronizenat'] != "") { - if (!is_array($config['nat'])) + if (!is_array($config['nat'])) { $config['nat'] = array(); + } $sections[] = 'nat'; } if ($hasync['synchronizealiases'] != "") { - if (!is_array($config['aliases'])) + if (!is_array($config['aliases'])) { $config['aliases'] = array(); + } $sections[] = 'aliases'; } - if ($hasync['synchronizedhcpd'] != "" and is_array($config['dhcpd'])) + if ($hasync['synchronizedhcpd'] != "" and is_array($config['dhcpd'])) { $sections[] = 'dhcpd'; + } if ($hasync['synchronizewol'] != "") { - if (!is_array($config['wol'])) + if (!is_array($config['wol'])) { $config['wol'] = array(); + } $sections[] = 'wol'; } - if ($hasync['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) + if ($hasync['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { $sections[] = 'shaper'; - if ($hasync['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) + } + if ($hasync['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) { $sections[] = 'dnshaper'; - if ($hasync['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) + } + if ($hasync['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) { $sections[] = 'l7shaper'; + } if ($hasync['synchronizestaticroutes'] != "") { - if (!is_array($config['staticroutes'])) + if (!is_array($config['staticroutes'])) { $config['staticroutes'] = array(); - if (!is_array($config['staticroutes']['route'])) + } + if (!is_array($config['staticroutes']['route'])) { $config['staticroutes']['route'] = array(); + } $sections[] = 'staticroutes'; - if (!is_array($config['gateways'])) + if (!is_array($config['gateways'])) { $config['gateways'] = array(); + } $sections[] = 'gateways'; } if ($hasync['synchronizevirtualip'] != "") { - if (!is_array($config['virtualip'])) + if (!is_array($config['virtualip'])) { $config['virtualip'] = array(); + } $sections[] = 'virtualip'; } if ($hasync['synchronizelb'] != "") { - if (!is_array($config['load_balancer'])) + if (!is_array($config['load_balancer'])) { $config['load_balancer'] = array(); + } $sections[] = 'load_balancer'; } if ($hasync['synchronizeipsec'] != "") { - if (!is_array($config['ipsec'])) + if (!is_array($config['ipsec'])) { $config['ipsec'] = array(); + } $sections[] = 'ipsec'; } if ($hasync['synchronizeopenvpn'] != "") { - if (!is_array($config['openvpn'])) + if (!is_array($config['openvpn'])) { $config['openvpn'] = array(); + } $sections[] = 'openvpn'; } if ($hasync['synchronizecerts'] != "" || $hasync['synchronizeopenvpn'] != "") { - if (!is_array($config['cert'])) + if (!is_array($config['cert'])) { $config['cert'] = array(); + } $sections[] = 'cert'; - if (!is_array($config['ca'])) + if (!is_array($config['ca'])) { $config['ca'] = array(); + } $sections[] = 'ca'; - if (!is_array($config['crl'])) + if (!is_array($config['crl'])) { $config['crl'] = array(); + } $sections[] = 'crl'; } if ($hasync['synchronizeusers'] != "") { $sections[] = 'user'; $sections[] = 'group'; - } + } if ($hasync['synchronizeauthservers'] != "") { $sections[] = 'authserver'; } if ($hasync['synchronizednsforwarder'] != "") { - if (is_array($config['dnsmasq'])) + if (is_array($config['dnsmasq'])) { $sections[] = 'dnsmasq'; - if (is_array($config['unbound'])) + } + if (is_array($config['unbound'])) { $sections[] = 'unbound'; + } } if ($hasync['synchronizeschedules'] != "" || $hasync['synchronizerules'] != "") { - if (!is_array($config['schedules'])) + if (!is_array($config['schedules'])) { $config['schedules'] = array(); + } $sections[] = 'schedules'; } - if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['captiveportal'])) + if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['captiveportal'])) { $sections[] = 'captiveportal'; - if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['vouchers'])) + } + if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['vouchers'])) { $sections[] = 'vouchers'; + } if (count($sections) <= 0) { log_error("Nothing has been configured to be synched. Skipping...."); return; } - if (empty($hasync['username'])) + if (empty($hasync['username'])) { $username = "admin"; - else + } else { $username = $hasync['username']; + } if (!carp_check_version($synchronizetoip, $username, $hasync['password'], $port)) return; @@ -429,7 +467,7 @@ if (is_array($config['hasync'])) { $error = "A communications error occurred while attempting Filter sync with username {$username} {$synchronizetoip}:{$port}."; log_error($error); file_notice("sync_settings", $error, "Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $error = "An error code was received while attempting Filter sync with username {$username} {$synchronizetoip}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); log_error($error); file_notice("sync_settings", $error, "Settings Sync", ""); diff --git a/etc/rc.firmware b/etc/rc.firmware index 3912291..bde99db 100755 --- a/etc/rc.firmware +++ b/etc/rc.firmware @@ -29,7 +29,7 @@ fi file_notice() { /usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF <?php - require_once("globals.inc"); + require_once("globals.inc"); require_once("functions.inc"); file_notice("$1", "$2", "$1", ""); ?> @@ -39,7 +39,7 @@ ENDOFF output_env_to_log() { date >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt - + ls -lah /dev/ >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt @@ -59,7 +59,7 @@ output_env_to_log() { backup_chflags() { TOPROCESS="bin lib libexec sbin usr" for files in $TOPROCESS; do - /usr/sbin/mtree -Pcp /${files} | bzip2 -9 > /tmp/chflags.dist.${files}.bz2 2>> /conf/upgrade_log.txt + /usr/sbin/mtree -Pcp /${files} | bzip2 -9 > /tmp/chflags.dist.${files}.bz2 2>> /conf/upgrade_log.txt done } @@ -89,30 +89,30 @@ binary_update() { remove_chflags cd /tmp/patches for i in `/usr/bin/tar tvzf $TGZ | egrep -v "(^d|_md5)" | nawk '{print $9;}'`; - do - FILE=`basename ${i}` - echo "Working on ${i}" - # Untar patch file and md5 files - /usr/bin/tar xzf ${TGZ} ${i} ${i}.old_file_md5 ${i}.new_patch_md5 ${i}.new_file_md5 2>>${ERR_F} - - # Apply patch - oldfile newfile patchfile - /usr/local/bin/bspatch /${i} /tmp/patched/${FILE} /tmp/patches/${i} 2>>${ERR_F} - - OLD_FILE_MD5=`cat /tmp/patches/${i}.old_file_md5 2>/dev/null` - NEW_PATCH_MD5=`cat /tmp/patches/${i}.new_patch_md5 2>/dev/null` - NEW_FILE_MD5=`cat /tmp/patches/${i}.new_file_md5 2>/dev/null` - PATCHED_MD5=`/sbin/md5 -q /tmp/patched/${FILE} 2>/dev/null` - - if [ "$PATCHED_MD5" = "$NEW_PATCH_MD5" ]; then - /usr/bin/install -S /tmp/patched/${FILE} /${i} - else - #echo "${i} file does not match intended final md5." - echo "${i} file does not match intended final md5." >> ${ERR_F} - fi - - /bin/rm /tmp/patched/${FILE} >> ${ERR_F} - /bin/rm /tmp/patches/${i} >> ${ERR_F} - /bin/rm /tmp/patches/${i}.* >> ${ERR_F} + do + FILE=`basename ${i}` + echo "Working on ${i}" + # Untar patch file and md5 files + /usr/bin/tar xzf ${TGZ} ${i} ${i}.old_file_md5 ${i}.new_patch_md5 ${i}.new_file_md5 2>>${ERR_F} + + # Apply patch - oldfile newfile patchfile + /usr/local/bin/bspatch /${i} /tmp/patched/${FILE} /tmp/patches/${i} 2>>${ERR_F} + + OLD_FILE_MD5=`cat /tmp/patches/${i}.old_file_md5 2>/dev/null` + NEW_PATCH_MD5=`cat /tmp/patches/${i}.new_patch_md5 2>/dev/null` + NEW_FILE_MD5=`cat /tmp/patches/${i}.new_file_md5 2>/dev/null` + PATCHED_MD5=`/sbin/md5 -q /tmp/patched/${FILE} 2>/dev/null` + + if [ "$PATCHED_MD5" = "$NEW_PATCH_MD5" ]; then + /usr/bin/install -S /tmp/patched/${FILE} /${i} + else + #echo "${i} file does not match intended final md5." + echo "${i} file does not match intended final md5." >> ${ERR_F} + fi + + /bin/rm /tmp/patched/${FILE} >> ${ERR_F} + /bin/rm /tmp/patches/${i} >> ${ERR_F} + /bin/rm /tmp/patches/${i}.* >> ${ERR_F} done /bin/rm -rf /tmp/patched /tmp/patches >> ${ERR_F} restore_chflags @@ -123,7 +123,7 @@ enable) touch /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt echo "Enable" >> /conf/upgrade_log.txt - echo "" >> /conf/upgrade_log.txt + echo "" >> /conf/upgrade_log.txt /etc/rc.conf_mount_ro ;; auto) @@ -148,7 +148,7 @@ pfSenseNanoBSDupgrade) echo "You cannot use a full file for upgrade. Please use a file labelled nanobsd upgrade." file_notice "NanoBSDUpgradeFailure" "You have attempted to use a full NanoBSD installation file as an upgrade. Please use a NanoBSD file labelled 'upgrade' instead." rm -f $IMG - /etc/rc.conf_mount_ro + /etc/rc.conf_mount_ro exit 1 fi @@ -157,7 +157,7 @@ pfSenseNanoBSDupgrade) echo "NanoBSD Firmware upgrade in progress..." >> /conf/upgrade_log.txt 2>&1 echo "NanoBSD Firmware upgrade in progress..." | wall /etc/rc.notify_message -e -g -m "NanoBSD Firmware upgrade in progress..." - + # backup config /bin/mkdir -p /tmp/configbak cp -Rp /conf/* /tmp/configbak 2>/dev/null @@ -177,7 +177,7 @@ pfSenseNanoBSDupgrade) # grab the boot device, example ad1, ad0 BOOT_DRIVE=`/sbin/glabel list | /usr/bin/grep -B2 ufs/pfsense | /usr/bin/head -n 1 | /usr/bin/cut -f3 -d' ' | /usr/bin/cut -d's' -f1` # test the slice. if we are on slice 1 we need to flash 2 and vice versa - if [ `echo $REAL_BOOT_DEVICE | /usr/bin/grep "s1"` ]; then + if [ `echo $REAL_BOOT_DEVICE | /usr/bin/grep "s1"` ]; then SLICE="2" OLDSLICE="1" TOFLASH="${BOOT_DRIVE}s${SLICE}" @@ -187,7 +187,7 @@ pfSenseNanoBSDupgrade) OLD_UFS_ID="0" else SLICE="1" - OLDSLICE="2" + OLDSLICE="2" TOFLASH="${BOOT_DRIVE}s${SLICE}" COMPLETE_PATH="${BOOT_DRIVE}s${SLICE}a" GLABEL_SLICE="pfsense0" @@ -202,7 +202,7 @@ pfSenseNanoBSDupgrade) echo "COMPLETE_PATH ${COMPLETE_PATH}" >> /conf/upgrade_log.txt echo "GLABEL_SLICE ${GLABEL_SLICE}" >> /conf/upgrade_log.txt - # First ensure the new file can fit inside the + # First ensure the new file can fit inside the # slice that we are going to be operating on. NEW_IMG_SIZE=`echo $((\`gzip -l ${IMG} | grep -v compressed | awk '{ print $2}'\` / 1024 / 1024))` SIZE=`/sbin/fdisk ${COMPLETE_PATH} | /usr/bin/grep Meg | /usr/bin/awk '{ print $5 }' | /usr/bin/cut -d"(" -f2` @@ -218,13 +218,13 @@ pfSenseNanoBSDupgrade) rm -f /var/run/firmwarelock.dirty rm -f /var/run/firmware.lock rm -f ${IMG} - /etc/rc.conf_mount_ro + /etc/rc.conf_mount_ro exit 1 fi # Output environment information to log file output_env_to_log - + # Grab a before upgrade look at fdisk echo "" >> /conf/fdisk_upgrade_log.txt echo "Before upgrade fdisk/bsdlabel" >> /conf/fdisk_upgrade_log.txt @@ -234,7 +234,7 @@ pfSenseNanoBSDupgrade) bsdlabel -A ${BOOT_DRIVE}s3 >> /conf/fdisk_upgrade_log.txt echo "---------------------------------------------------------------" >> /conf/fdisk_upgrade_log.txt echo "" >> /conf/fdisk_upgrade_log.txt - + # Log that we are really doing a NanoBSD upgrade echo "" >> /conf/upgrade_log.txt echo "NanoBSD upgrade starting" >> /conf/upgrade_log.txt @@ -242,7 +242,7 @@ pfSenseNanoBSDupgrade) # Remove TOFLASH and get ready for new flash image echo "" >> /conf/upgrade_log.txt - echo "dd if=/dev/zero of=/dev/${TOFLASH} bs=1m count=1" >> /conf/upgrade_log.txt + echo "dd if=/dev/zero of=/dev/${TOFLASH} bs=1m count=1" >> /conf/upgrade_log.txt dd if=/dev/zero of=/dev/${TOFLASH} bs=1m count=1 >> /conf/upgrade_log.txt 2>&1 # Stream gzipped image to dd and explode image to new area @@ -259,7 +259,7 @@ pfSenseNanoBSDupgrade) bsdlabel -A ${BOOT_DRIVE}s3 >> /conf/fdisk_upgrade_log.txt echo "---------------------------------------------------------------" >> /conf/fdisk_upgrade_log.txt echo "" >> /conf/fdisk_upgrade_log.txt - + # Ensure that our new system is sound and bail if it is not and file a notice echo "" >> /conf/upgrade_log.txt echo "/sbin/fsck_ufs -y /dev/${COMPLETE_PATH}" >> /conf/upgrade_log.txt @@ -269,7 +269,7 @@ pfSenseNanoBSDupgrade) rm -f $IMG rm -f /var/run/firmwarelock.dirty rm -f /var/run/firmware.lock - /etc/rc.conf_mount_ro + /etc/rc.conf_mount_ro exit 1 fi @@ -297,7 +297,7 @@ pfSenseNanoBSDupgrade) cp /boot/loader.conf.local /tmp/$GLABEL_SLICE/boot/loader.conf.local fi - # If /tmp/$GLABEL_SLICE/tmp/post_upgrade_command exists + # If /tmp/$GLABEL_SLICE/tmp/post_upgrade_command exists # after update then execute the command. echo "Checking for post_upgrade_command..." >> /conf/upgrade_log.txt if [ -f /tmp/$GLABEL_SLICE/tmp/post_upgrade_command ]; then @@ -327,7 +327,7 @@ pfSenseNanoBSDupgrade) # Unmount newly prepared slice umount /tmp/$GLABEL_SLICE - + sync # Set active mount slice in fdisk @@ -417,7 +417,7 @@ pfSenseupgrade) remove_chflags # Do we have a pre-upgrade hook in the update file? - if [ `tar tvzf $IMG | grep /tmp/pre_upgrade_command | wc -l` -gt 0 ]; then + if [ `tar tvzf $IMG | grep /tmp/pre_upgrade_command | wc -l` -gt 0 ]; then tar xzvf $IMG -C / ./tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 chmod a+rx /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 sh /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 @@ -426,7 +426,7 @@ pfSenseupgrade) echo "Firmware upgrade in progress..." >> /conf/upgrade_log.txt 2>&1 echo "Firmware upgrade in progress..." | wall /etc/rc.notify_message -e -g -m "Firmware upgrade in progress..." - + # backup config [ -d /tmp/configbak ] && rm -rf /tmp/configbak /bin/mkdir -p /tmp/configbak @@ -443,17 +443,17 @@ pfSenseupgrade) /usr/local/sbin/check_reload_status echo "Image installed $IMG." >> /conf/upgrade_log.txt 2>&1 - # process custom image if its passed - if [ $# -eq 3 ]; then - if [ -f $CUSTOMIMG ]; then - echo "Custom image $CUSTOMIMG found." >> /conf/upgrade_log.txt 2>&1 - echo "Custom image ($CUSTOMIMG) found." >> /conf/upgrade_log.txt 2>&1 - PWD_DIR=`pwd` - cd / && /usr/bin/tar xzPUf $CUSTOMIMG >> /conf/upgrade_log.txt 2>&1 - cd $PWD_DIR - echo "Custom image $CUSTOMIMG installed." >> /conf/upgrade_log.txt 2>&1 - fi - fi + # process custom image if its passed + if [ $# -eq 3 ]; then + if [ -f $CUSTOMIMG ]; then + echo "Custom image $CUSTOMIMG found." >> /conf/upgrade_log.txt 2>&1 + echo "Custom image ($CUSTOMIMG) found." >> /conf/upgrade_log.txt 2>&1 + PWD_DIR=`pwd` + cd / && /usr/bin/tar xzPUf $CUSTOMIMG >> /conf/upgrade_log.txt 2>&1 + cd $PWD_DIR + echo "Custom image $CUSTOMIMG installed." >> /conf/upgrade_log.txt 2>&1 + fi + fi # restore config cp -Rp /tmp/configbak/* /conf 2>/dev/null diff --git a/etc/rc.firmware_auto b/etc/rc.firmware_auto index be5da91..33ef2b6 100755 --- a/etc/rc.firmware_auto +++ b/etc/rc.firmware_auto @@ -34,53 +34,53 @@ echo " Package MD5: ${PMD}" | logger -p daemon.info -i -t AutoUpgrade echo "Downloaded MD5: ${MD}" | logger -p daemon.info -i -t AutoUpgrade if [ "$PMD" = "" ]; then - echo "Package MD5 is null md5. Require proxy auth?" | logger -p daemon.info -i -t AutoUpgrade - exit 1 + echo "Package MD5 is null md5. Require proxy auth?" | logger -p daemon.info -i -t AutoUpgrade + exit 1 fi if [ "$MD" = "" ]; then - echo "Downloaded MD5 is null md5. Require proxy auth?" | logger -p daemon.info -i -t AutoUpgrade - exit 1 + echo "Downloaded MD5 is null md5. Require proxy auth?" | logger -p daemon.info -i -t AutoUpgrade + exit 1 fi if [ "$PMD" = "$MD" ]; then - echo "MD5's match." | logger -p daemon.info -i -t AutoUpgrade - echo "Beginning ${product} upgrade." | wall - if [ "$PLATFORM" = "net45xx" ]; then - /usr/local/bin/php /etc/rc.conf_mount_rw - fi - if [ "$PLATFORM" = "wrap" ]; then - /usr/local/bin/php /etc/rc.conf_mount_rw - fi - if [ "$PLATFORM" = "nanobsd" ]; then - /usr/local/bin/php /etc/rc.conf_mount_rw - fi - if [ -r "/tmp/custom.tgz" ]; then - sh /etc/rc.firmware pfSenseupgrade /tmp/latest.tgz /tmp/custom.tgz - else - if [ "$PLATFORM" = "nanobsd" ]; then - sh /etc/rc.firmware pfSenseNanoBSDupgrade /tmp/latest.tgz - else - sh /etc/rc.firmware pfSenseupgrade /tmp/latest.tgz - fi - fi - if [ "$PLATFORM" = "wrap" ]; then - /bin/sync - sleep 5 - /usr/local/bin/php /etc/rc.conf_mount_ro - if [ -e /etc/init_bootloader.sh ]; then - sh /etc/init_bootloader.sh - fi - fi - if [ "$PLATFORM" = "net45xx" ]; then - /bin/sync - sleep 5 - /usr/local/bin/php /etc/rc.conf_mount_ro - if [ -e /etc/init_bootloader.sh ]; then - sh /etc/init_bootloader.sh - fi - fi - exit 0 + echo "MD5's match." | logger -p daemon.info -i -t AutoUpgrade + echo "Beginning ${product} upgrade." | wall + if [ "$PLATFORM" = "net45xx" ]; then + /usr/local/bin/php /etc/rc.conf_mount_rw + fi + if [ "$PLATFORM" = "wrap" ]; then + /usr/local/bin/php /etc/rc.conf_mount_rw + fi + if [ "$PLATFORM" = "nanobsd" ]; then + /usr/local/bin/php /etc/rc.conf_mount_rw + fi + if [ -r "/tmp/custom.tgz" ]; then + sh /etc/rc.firmware pfSenseupgrade /tmp/latest.tgz /tmp/custom.tgz + else + if [ "$PLATFORM" = "nanobsd" ]; then + sh /etc/rc.firmware pfSenseNanoBSDupgrade /tmp/latest.tgz + else + sh /etc/rc.firmware pfSenseupgrade /tmp/latest.tgz + fi + fi + if [ "$PLATFORM" = "wrap" ]; then + /bin/sync + sleep 5 + /usr/local/bin/php /etc/rc.conf_mount_ro + if [ -e /etc/init_bootloader.sh ]; then + sh /etc/init_bootloader.sh + fi + fi + if [ "$PLATFORM" = "net45xx" ]; then + /bin/sync + sleep 5 + /usr/local/bin/php /etc/rc.conf_mount_ro + if [ -e /etc/init_bootloader.sh ]; then + sh /etc/init_bootloader.sh + fi + fi + exit 0 fi echo "MD5's do not match. Upgrade aborted." | logger -p daemon.info -i -t AutoUpgrade diff --git a/etc/rc.initial b/etc/rc.initial index df42588..45b781c 100755 --- a/etc/rc.initial +++ b/etc/rc.initial @@ -69,14 +69,14 @@ else fi for i in /var/db/pfi/capable_*; do - if [ -f $i -a ! -L /cf/conf ]; then - option98="98) Move configuration file to removable device" - break - fi + if [ -f $i -a ! -L /cf/conf ]; then + option98="98) Move configuration file to removable device" + break + fi done if [ "$PLATFORM" = "cdrom" ]; then - option99="99) Install ${product} to a hard drive, etc." + option99="99) Install ${product} to a hard drive, etc." fi # display a cheap menu @@ -103,78 +103,78 @@ echo # see what the user has chosen case ${opmode} in 0) - exit && exit && logout - ;; + exit && exit && logout + ;; 1) - /etc/rc.initial.setports - ;; + /etc/rc.initial.setports + ;; 2) - /etc/rc.initial.setlanip - ;; + /etc/rc.initial.setlanip + ;; 3) - /etc/rc.initial.password - ;; + /etc/rc.initial.password + ;; 4) - /etc/rc.initial.defaults - ;; + /etc/rc.initial.defaults + ;; 5) - /etc/rc.initial.reboot - ;; + /etc/rc.initial.reboot + ;; 6) - /etc/rc.initial.halt - ;; + /etc/rc.initial.halt + ;; 7) - /etc/rc.initial.ping - ;; + /etc/rc.initial.ping + ;; 8) - /bin/tcsh - ;; + /bin/tcsh + ;; 9) - /usr/local/sbin/pftop - ;; + /usr/local/sbin/pftop + ;; 10) - /usr/local/sbin/clog -f /var/log/filter.log - ;; + /usr/local/sbin/clog -f /var/log/filter.log + ;; 11 | 111) - /etc/rc.restart_webgui - ;; + /etc/rc.restart_webgui + ;; 12) - /usr/local/sbin/pfSsh.php - ;; -13) - php -f /etc/rc.initial.firmware_update - ;; -14) - php -f /etc/rc.initial.toggle_sshd - ;; + /usr/local/sbin/pfSsh.php + ;; +13) + php -f /etc/rc.initial.firmware_update + ;; +14) + php -f /etc/rc.initial.toggle_sshd + ;; 15) - /etc/rc.restore_config_backup - ;; + /etc/rc.restore_config_backup + ;; 16) - /etc/rc.php-fpm_restart - ;; + /etc/rc.php-fpm_restart + ;; 98) - if [ ! -f /tmp/config_moved ]; then - /etc/rc.initial.store_config_to_removable_device - fi - ;; + if [ ! -f /tmp/config_moved ]; then + /etc/rc.initial.store_config_to_removable_device + fi + ;; 99) - if [ -e /dev/ukbd0 ]; then - env TERM=cons25 /scripts/lua_installer - else - /scripts/lua_installer - fi - ;; + if [ -e /dev/ukbd0 ]; then + env TERM=cons25 /scripts/lua_installer + else + /scripts/lua_installer + fi + ;; 100) - if grep "$WORD" "$CONFIG"; then - links "https://localhost" - else - links "http://localhost" - fi - ;; + if grep "$WORD" "$CONFIG"; then + links "https://localhost" + else + links "http://localhost" + fi + ;; "") - kill $PPID ; exit - ;; + kill $PPID ; exit + ;; esac done diff --git a/etc/rc.initial.defaults b/etc/rc.initial.defaults index 5e7442c..6c7d13d 100755 --- a/etc/rc.initial.defaults +++ b/etc/rc.initial.defaults @@ -57,6 +57,6 @@ EOD; system_reboot_sync(); } - + fclose($fp); ?> diff --git a/etc/rc.initial.firmware_update b/etc/rc.initial.firmware_update index 5c8a3e8..3c6a4ee 100755 --- a/etc/rc.initial.firmware_update +++ b/etc/rc.initial.firmware_update @@ -11,17 +11,19 @@ echo "Starting the {$g['product_name']} console firmware update system"; require("functions.inc"); echo "."; -if(isset($config['system']['firmware']['alturl']['enable'])) +if(isset($config['system']['firmware']['alturl']['enable'])) { $updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}"; -else +} else { $updater_url = $g['update_url']; +} $nanosize = ""; if ($g['platform'] == "nanobsd") { - if (file_exists("/etc/nano_use_vga.txt")) + if (file_exists("/etc/nano_use_vga.txt")) { $nanosize = "-nanobsd-vga-"; - else + } else { $nanosize = "-nanobsd-"; + } $nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt"))); $update_filename = "latest{$nanosize}.img.gz"; @@ -55,28 +57,28 @@ switch ($command) { case "1": echo "\nEnter the URL to the .tgz or .img.gz update file. \nType 'auto' to use {$autoupdateurl}\n> "; $url = chop(fgets($fp)); - if(!$url) { + if (!$url) { fclose($fp); die; } - if($url == "auto") { + if ($url == "auto") { $url = $autoupdateurl; } $status = does_url_exist($url); - if($status) { + if ($status) { conf_mount_rw(); mark_subsystem_dirty('firmware'); unlink_if_exists("/root/firmware.tgz"); echo "\nFetching file... "; download_file_with_progress_bar($url, '/root/firmware.tgz'); - if(!file_exists("/root/firmware.tgz")) { + if (!file_exists("/root/firmware.tgz")) { echo "Something went wrong during file transfer. Exiting.\n\n"; fclose($fp); clear_subsystem_dirty('firmware'); die; } $status = does_url_exist("$url.sha256"); - if($status) { + if ($status) { echo "\nFetching sha256... "; download_file_with_progress_bar($url . ".sha256", '/root/firmware.tgz.sha256'); echo "\n"; @@ -92,12 +94,12 @@ switch ($command) { die; } } - if(file_exists("/root/firmware.tgz.sha256")) { + if (file_exists("/root/firmware.tgz.sha256")) { $source_sha256 = trim(`cat /root/firmware.tgz.sha256 | awk '{ print \$4 }'`,"\r"); $file_sha256 = trim(`sha256 /root/firmware.tgz | awk '{ print \$4 }'`,"\r"); echo "URL sha256: $source_sha256\n"; echo "Downloaded file sha256: $file_sha256\n"; - if($source_sha256 <> $file_sha256) { + if ($source_sha256 <> $file_sha256) { echo "\n\nsha256 checksum does not match. Cancelling upgrade.\n\n"; unlink_if_exists("/root/firmware.tgz.sha256"); fclose($fp); @@ -107,10 +109,10 @@ switch ($command) { echo "\nsha256 checksum matches.\n"; unlink_if_exists("/root/firmware.tgz.sha256"); } - if(strstr($url,"bdiff")) { + if (strstr($url,"bdiff")) { echo "Binary DIFF upgrade file detected...\n"; $type = "bdiff"; - } elseif(strstr($url,"nanobsd")) { + } elseif (strstr($url,"nanobsd")) { echo "NanoBSD upgrade file detected...\n"; $type = "nanobsd"; } else { @@ -123,15 +125,17 @@ switch ($command) { case "2": echo "\nEnter the complete path to the .tgz or .img.gz update file: "; $path = chop(fgets($fp)); - if(!$path) { + if (!$path) { fclose($fp); die; } - if(stristr($path,"bdiff")) + if (stristr($path,"bdiff")) { $type = "bdiff"; - if(stristr($path,"nanobsd")) - $type = "nanobsd"; - if(file_exists($path)) { + } + if (stristr($path,"nanobsd")) { + $type = "nanobsd"; + } + if (file_exists($path)) { mark_subsystem_dirty('firmware'); do_upgrade($path, $type); clear_subsystem_dirty('firmware'); @@ -144,15 +148,16 @@ switch ($command) { function do_upgrade($path, $type) { global $g, $fp; - + $sigchk = verify_digital_signature($path); - if ($sigchk == 1) + if ($sigchk == 1) { $sig_warning = "The digital signature on this image is invalid."; - else if ($sigchk == 2) + } elseif ($sigchk == 2) { $sig_warning = "This image is not digitally signed."; - else if (($sigchk == 3) || ($sigchk == 4)) + } elseif (($sigchk == 3) || ($sigchk == 4)) { $sig_warning = "There has been an error verifying the signature on this image."; - if($sig_warning) { + } + if ($sig_warning) { $sig_warning = "\nWARNING! ACHTUNG! DANGER!\n\n{$sig_warning}\n\n" . "This means that the image you uploaded is not an official/supported image and\n" . "may lead to unexpected behavior or security compromises.\n\n" . @@ -161,7 +166,7 @@ function do_upgrade($path, $type) { "Do you want to install this image anyway at your own risk [n]?"; echo $sig_warning; $command = strtoupper(chop(fgets($fp))); - if(strtoupper($command) == "Y" or strtoupper($command) == "Y" or strtoupper($command) == "YES") { + if (strtoupper($command) == "Y" or strtoupper($command) == "Y" or strtoupper($command) == "YES") { echo "\nContinuing upgrade..."; } else { echo "\nUpgrade cancelled.\n\n"; @@ -170,14 +175,15 @@ function do_upgrade($path, $type) { } mark_subsystem_dirty('firmwarelock'); echo "\nOne moment please...\nInvoking firmware upgrade..."; - if($type == "bdiff") + if ($type == "bdiff") { mwexec_bg("/etc/rc.firmware delta_update $path"); - elseif($type == "nanobsd") + } elseif ($type == "nanobsd") { mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade $path"); - else + } else { mwexec_bg("/etc/rc.firmware pfSenseupgrade $path"); + } sleep(10); - while(is_subsystem_dirty('firmwarelock')) { + while (is_subsystem_dirty('firmwarelock')) { sleep(1); echo "."; } diff --git a/etc/rc.initial.halt b/etc/rc.initial.halt index b26a49e..39c4086 100755 --- a/etc/rc.initial.halt +++ b/etc/rc.initial.halt @@ -55,7 +55,7 @@ EOD; system_halt(); } - + fclose($fp); - + ?> diff --git a/etc/rc.initial.password b/etc/rc.initial.password index 1de1a79..f694739 100755 --- a/etc/rc.initial.password +++ b/etc/rc.initial.password @@ -45,20 +45,22 @@ The webConfigurator admin password and privileges will be reset to the default ( if (strcasecmp(chop(fgets($fp)), "y") == 0) { if (isset($config['system']['webgui']['authmode']) && - $config['system']['webgui']['authmode'] != "Local Database") { + $config['system']['webgui']['authmode'] != "Local Database") { echo "\n" . gettext(' The User manager authentication server is set to "' . $config['system']['webgui']['authmode'] . '".') . "\n" . gettext('Do you want to set it back to Local Database [y|n]?'); - if (strcasecmp(chop(fgets($fp)), "y") == 0) + if (strcasecmp(chop(fgets($fp)), "y") == 0) { $config['system']['webgui']['authmode'] = "Local Database"; + } } $admin_user =& getUserEntryByUID(0); if (!$admin_user) { echo "Failed to locate the admin user account! Attempting to restore access.\n"; $admin_user = array(); $admin_user['uid'] = 0; - if (!is_array($config['system']['user'])) + if (!is_array($config['system']['user'])) { $config['system']['user'] = array(); + } $config['system']['user'][] = $admin_user; } @@ -66,8 +68,9 @@ The User manager authentication server is set to "' . $config['system']['webgui' $admin_user['scope'] = "system"; $admin_user['priv'] = array("user-shell-access"); - if (isset($admin_user['disabled'])) + if (isset($admin_user['disabled'])) { unset($admin_user['disabled']); + } local_user_set_password($admin_user, strtolower($g['product_name'])); local_user_set($admin_user); diff --git a/etc/rc.initial.ping b/etc/rc.initial.ping index ff10487..32bd756 100755 --- a/etc/rc.initial.ping +++ b/etc/rc.initial.ping @@ -4,20 +4,20 @@ /* rc.initial.ping part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -33,9 +33,9 @@ /* parse the configuration and include all functions used below */ require_once("config.inc"); require_once("functions.inc"); - + $fp = fopen('php://stdin', 'r'); - + echo "\nEnter a host name or IP address: "; $pinghost = chop(fgets($fp)); @@ -50,6 +50,6 @@ echo "\nPress ENTER to continue.\n"; fgets($fp); } - + fclose($fp); ?> diff --git a/etc/rc.initial.reboot b/etc/rc.initial.reboot index f3143e0..fdc426e 100755 --- a/etc/rc.initial.reboot +++ b/etc/rc.initial.reboot @@ -55,7 +55,7 @@ EOD; system_reboot_sync(); } - + fclose($fp); ?> diff --git a/etc/rc.initial.setlanip b/etc/rc.initial.setlanip index 01f2676..62ca93b 100755 --- a/etc/rc.initial.setlanip +++ b/etc/rc.initial.setlanip @@ -30,8 +30,6 @@ POSSIBILITY OF SUCH DAMAGE. */ - - $options = getopt("hn", array("dry-run", "help")); if (isset($options["h"]) || isset($options["help"])) { @@ -46,8 +44,6 @@ if ($dry_run) { echo "DRY RUN MODE IS ON\n"; } - - /* parse the configuration and include all functions used below */ require_once("config.inc"); require_once("functions.inc"); @@ -93,9 +89,10 @@ function console_get_interface_from_ppp($realif) { function prompt_for_enable_dhcp_server($version = 4) { global $config, $fp, $interface; - if($interface == "wan") { - if($config['interfaces']['lan']) + if ($interface == "wan") { + if ($config['interfaces']['lan']) { return false; + } } /* only allow DHCP server to be enabled when static IP is configured on this interface */ @@ -116,7 +113,9 @@ function prompt_for_enable_dhcp_server($version = 4) { function get_interface_config_description($iface) { global $config; $c = $config['interfaces'][$iface]; - if (!$c) { return null; } + if (!$c) { + return null; + } $if = $c['if']; $result = $if; $result2 = array(); @@ -143,28 +142,27 @@ $fp = fopen('php://stdin', 'r'); /* build an interface collection */ $ifdescrs = get_configured_interface_with_descr(false, true); $count = count($ifdescrs); - -/* grab interface that we will operate on, unless there is only one - interface */ + +/* grab interface that we will operate on, unless there is only one interface */ if ($count > 1) { echo "Available interfaces:\n\n"; $x=1; - foreach($ifdescrs as $iface => $ifdescr) { + foreach ($ifdescrs as $iface => $ifdescr) { $config_descr = get_interface_config_description($iface); echo "{$x} - {$ifdescr} ({$config_descr})\n"; $x++; } echo "\nEnter the number of the interface you wish to configure: "; - $intnum = chop(fgets($fp)); + $intnum = chop(fgets($fp)); } else { $intnum = $count; } - -if($intnum < 1) + +if ($intnum < 1) return; -if($intnum > $count) +if ($intnum > $count) return; - + $index = 1; foreach ($ifdescrs as $ifname => $ifdesc) { if ($intnum == $index) { @@ -173,8 +171,8 @@ foreach ($ifdescrs as $ifname => $ifdesc) { } else { $index++; } -} -if(!$interface) { +} +if (!$interface) { echo "Invalid interface!\n"; return; } @@ -185,7 +183,9 @@ function next_unused_gateway_name($interface) { global $g, $config; $new_name = "GW_" . strtoupper($interface); - if (!is_array($config['gateways']['gateway_item'])) { return $new_name; } + if (!is_array($config['gateways']['gateway_item'])) { + return $new_name; + } $count = 1; do { $existing = false; @@ -216,10 +216,12 @@ function add_gateway_to_config($interface, $gatewayip, $inet_type) { $is_default = true; foreach ($a_gateways as $item) { if ($item['ipprotocol'] === $inet_type) { - if (isset($item['defaultgw'])) + if (isset($item['defaultgw'])) { $is_default = false; - if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip)) + } + if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip)) { $new_name = $item['name']; + } } } if ($new_name == '') { @@ -252,34 +254,36 @@ function console_configure_ip_address($version) { $upperifname = strtoupper($interface); - if($interface == "wan") { + if ($interface == "wan") { if (console_prompt_for_yn (sprintf(gettext("Configure %s address %s interface via %s?"), $label_IPvX, $upperifname, $label_DHCP))) { $ifppp = console_get_interface_from_ppp(get_real_interface("wan")); - if (!empty($ifppp)) + if (!empty($ifppp)) { $ifaceassigned = $ifppp; + } $intip = ($version === 6) ? "dhcp6" : "dhcp"; $intbits = ""; $isintdhcp = true; $restart_dhcpd = true; - } + } } - - if($isintdhcp == false or $interface <> "wan") { - while(true) { + + if ($isintdhcp == false or $interface <> "wan") { + while (true) { do { echo "\n" . sprintf(gettext("Enter the new %s %s address. Press <ENTER> for none:"), - $upperifname, $label_IPvX) . "\n> "; + $upperifname, $label_IPvX) . "\n> "; $intip = chop(fgets($fp)); $is_ipaddr = ($version === 6) ? is_ipaddrv6($intip) : is_ipaddrv4($intip); if ($is_ipaddr && is_ipaddr_configured($intip, $interface, true)) { $ip_conflict = true; echo gettext("This IP address conflicts with another interface or a VIP") . "\n"; - } else + } else { $ip_conflict = false; + } } while (($ip_conflict === true) || !($is_ipaddr || $intip == '')); if ($intip != '') { echo "\n" . sprintf(gettext("Subnet masks are entered as bit counts (as in CIDR notation) in %s."), - $g['product_name']) . "\n"; + $g['product_name']) . "\n"; if ($version === 6) { echo "e.g. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 = 120\n"; echo " ffff:ffff:ffff:ffff:ffff:ffff:ffff:0 = 112\n"; @@ -294,7 +298,7 @@ function console_configure_ip_address($version) { do { $upperifname = strtoupper($interface); echo "\n" . sprintf(gettext("Enter the new %s %s subnet bit count (1 to %s):"), - $upperifname, $label_IPvX, $maxbits) . "\n> "; + $upperifname, $label_IPvX, $maxbits) . "\n> "; $intbits = chop(fgets($fp)); $intbits_ok = is_numeric($intbits) && (($intbits >= 1) && ($intbits <= $maxbits)); $restart_dhcpd = true; @@ -338,8 +342,9 @@ function console_configure_ip_address($version) { } } $ifppp = console_get_interface_from_ppp(get_real_interface($interface)); - if (!empty($ifppp)) + if (!empty($ifppp)) { $ifaceassigned = $ifppp; + } break; } } @@ -350,8 +355,9 @@ function console_configure_ip_address($version) { list($intip, $intbits, $gwname) = console_configure_ip_address(4); list($intip6, $intbits6, $gwname6) = console_configure_ip_address(6); -if (!empty($ifaceassigned)) +if (!empty($ifaceassigned)) { $config['interfaces'][$interface]['if'] = $ifaceassigned; +} $config['interfaces'][$interface]['ipaddr'] = $intip; $config['interfaces'][$interface]['subnet'] = $intbits; $config['interfaces'][$interface]['gateway'] = $gwname; @@ -366,7 +372,7 @@ function console_configure_dhcpd($version = 4) { $label_IPvX = ($version === 6) ? "IPv6" : "IPv4"; $dhcpd = ($version === 6) ? "dhcpdv6" : "dhcpd"; - if($g['services_dhcp_server_enable'] && prompt_for_enable_dhcp_server($version)) { + if ($g['services_dhcp_server_enable'] && prompt_for_enable_dhcp_server($version)) { $subnet_start = ($version === 6) ? gen_subnetv6($intip6, $intbits6) : gen_subnet($intip, $intbits); $subnet_end = ($version === 6) ? gen_subnetv6_max($intip6, $intbits6) : gen_subnet_max($intip, $intbits); do { @@ -379,8 +385,9 @@ function console_configure_dhcpd($version = 4) { } $is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpstartip) : is_ipaddrv4($dhcpstartip); $is_inrange = is_inrange($dhcpstartip, $subnet_start, $subnet_end); - if (!$is_inrange) + if (!$is_inrange) { echo gettext("This IP address must be in the interface's subnet") . "\n"; + } } while (!$is_ipaddr || !$is_inrange); do { @@ -392,8 +399,9 @@ function console_configure_dhcpd($version = 4) { } $is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpendip) : is_ipaddrv4($dhcpendip); $is_inrange = is_inrange($dhcpendip, $subnet_start, $subnet_end); - if (!$is_inrange) + if (!$is_inrange) { echo gettext("This IP address must be in the interface's subnet") . "\n"; + } $not_inorder = ($version === 6) ? (inet_pton($dhcpendip) < inet_pton($dhcpstartip)) : ip_less_than($dhcpendip, $dhcpstartip); if ($not_inorder) { echo gettext("The end address of the DHCP range must be >= the start address") . "\n"; @@ -405,7 +413,7 @@ function console_configure_dhcpd($version = 4) { $config[$dhcpd][$interface]['range']['from'] = $dhcpstartip; $config[$dhcpd][$interface]['range']['to'] = $dhcpendip; } else { - if(isset($config[$dhcpd][$interface]['enable'])) { + if (isset($config[$dhcpd][$interface]['enable'])) { unset($config[$dhcpd][$interface]['enable']); printf(gettext("Disabling %s DHCPD..."), $label_IPvX); $restart_dhcpd = true; @@ -418,7 +426,7 @@ if (console_configure_dhcpd(4) == 0) return 0; if (console_configure_dhcpd(6) == 0) return 0; - + //***************************************************************************** if ($config['system']['webgui']['protocol'] == "https") { @@ -434,21 +442,27 @@ if (isset($config['system']['webgui']['noantilockout'])) { unset($config['system']['webgui']['noantilockout']); } -if($config['interfaces']['lan']) { - if($config['dhcpd']) - if($config['dhcpd']['wan']) - unset($config['dhcpd']['wan']); - if($config['dhcpdv6']) - if($config['dhcpdv6']['wan']) +if ($config['interfaces']['lan']) { + if ($config['dhcpd']) { + if ($config['dhcpd']['wan']) { + unset($config['dhcpd']['wan']); + } + } + if ($config['dhcpdv6']) { + if ($config['dhcpdv6']['wan']) { unset($config['dhcpdv6']['wan']); + } + } } -if(!$config['interfaces']['lan']) { +if (!$config['interfaces']['lan']) { unset($config['interfaces']['lan']); - if($config['dhcpd']['lan']) + if ($config['dhcpd']['lan']) { unset($config['dhcpd']['lan']); - if($config['dhcpdv6']['lan']) + } + if ($config['dhcpdv6']['lan']) { unset($config['dhcpdv6']['lan']); + } unset($config['shaper']); unset($config['ezshaper']); unset($config['nat']); @@ -467,32 +481,32 @@ if (!$dry_run) { filter_configure_sync(); echo "\n Reloading routing configuration..."; system_routing_configure(); - if($restart_dhcpd) { - echo "\n DHCPD..."; + if ($restart_dhcpd) { + echo "\n DHCPD..."; services_dhcpd_configure(); } - if($restart_webgui) { + if ($restart_webgui) { echo "\n Restarting webConfigurator... "; mwexec("/etc/rc.restart_webgui"); } } - + if ($intip != '') { if (is_ipaddr($intip)) { echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"), - $upperifname, "{$intip}/{$intbits}") . "\n"; + $upperifname, "{$intip}/{$intbits}") . "\n"; } else { echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"), - $upperifname, $intip) . "\n"; + $upperifname, $intip) . "\n"; } } if ($intip6 != '') { if (is_ipaddr($intip6)) { echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"), - $upperifname, "${intip6}/${intbits6}") . "\n"; + $upperifname, "${intip6}/${intbits6}") . "\n"; } else { echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"), - $upperifname, $intip6) . "\n"; + $upperifname, $intip6) . "\n"; } } @@ -503,7 +517,7 @@ if ($intip != '' || $intip6 != '') { echo "interface is {$interface} \n"; } echo gettext('You can now access the webConfigurator by opening the following URL in your web browser:') . "\n"; - if(!empty($config['system']['webgui']['port'])) { + if (!empty($config['system']['webgui']['port'])) { $webuiport = $config['system']['webgui']['port']; if ($intip != '') { echo " {$config['system']['webgui']['protocol']}://{$intip}:{$webuiport}/\n"; @@ -534,5 +548,5 @@ echo "\n" . gettext('Press <ENTER> to continue.'); fgets($fp); fclose($fp); - + ?> diff --git a/etc/rc.initial.setports b/etc/rc.initial.setports index aca5419..e85e323 100755 --- a/etc/rc.initial.setports +++ b/etc/rc.initial.setports @@ -44,8 +44,8 @@ set_networking_interfaces_ports(); reload_interfaces_sync(); - + /* reload graphing functions */ - enable_rrd_graphing(); + enable_rrd_graphing(); ?>
\ No newline at end of file diff --git a/etc/rc.initial.store_config_to_removable_device b/etc/rc.initial.store_config_to_removable_device index aacc512..bd92446 100755 --- a/etc/rc.initial.store_config_to_removable_device +++ b/etc/rc.initial.store_config_to_removable_device @@ -40,15 +40,15 @@ do { $dirs = array(); $dirs = return_dir_as_array("/var/db/pfi/"); - if(!is_array($dirs)) { + if (!is_array($dirs)) { echo "\nNo capable storage devices detected.\n"; fclose($fp); return; } echo "\nDevices capable of config.xml storage:\n"; - foreach($dirs as $dir) { + foreach ($dirs as $dir) { preg_match_all("/capable\_(.*)/",$dir,$match_array); - echo $match_array[1][0] . " "; + echo $match_array[1][0] . " "; } echo "\n\n"; echo "Enter the device that you wish the"; @@ -58,13 +58,13 @@ if ($move_config_to_device == "") { fclose($fp); return 0; - } + } } while (!$move_config_to_device); - + mwexec("/bin/mkdir -p /tmp/mnt/cf"); $status = mwexec("/sbin/mount -w -t msdosfs /dev/{$move_config_to_device} /tmp/mnt/cf"); - if(!$status) { + if (!$status) { echo "Error while mounting {$move_config_to_device}.\n"; fclose($fp); return; @@ -79,7 +79,7 @@ echo " nullfs... "; system("/sbin/umount /cf/conf"); system("/sbin/umount /conf"); - mwexec("/bin/rm -rf /conf/*.*"); + mwexec("/bin/rm -rf /conf/*.*"); /* use nullfs to mount */ system("/sbin/mount_nullfs /tmp/mnt/cf/conf /conf"); system("/sbin/mount_nullfs /tmp/mnt/cf /cf"); diff --git a/etc/rc.initial.toggle_sshd b/etc/rc.initial.toggle_sshd index ad1d868..997f3c1 100755 --- a/etc/rc.initial.toggle_sshd +++ b/etc/rc.initial.toggle_sshd @@ -53,7 +53,7 @@ if (isset($config['system']['enablesshd'])) { echo " done.\n"; exec("ps awux | grep '/usr/sbin/sshd' | grep -v grep | awk '{print $2}' | xargs kill"); } - + } else { echo "SSHD is currently disabled. Would you like to enable? [y/n]? "; $yn = chop(fgets($fp)); @@ -67,7 +67,7 @@ if (isset($config['system']['enablesshd'])) { echo "\nReloading firewall rules."; filter_configure(); echo " done.\n\n"; - } + } } fclose($fp); diff --git a/etc/rc.interfaces_carp_configure b/etc/rc.interfaces_carp_configure index fb1f113..050fbc8 100755 --- a/etc/rc.interfaces_carp_configure +++ b/etc/rc.interfaces_carp_configure @@ -2,37 +2,37 @@ <?php /* $Id$ */ /* - rc.interfaces_carp_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.interfaces_carp_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("functions.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); interfaces_carp_configure(); diff --git a/etc/rc.interfaces_lan_configure b/etc/rc.interfaces_lan_configure index eafe74d..ed41fba 100755 --- a/etc/rc.interfaces_lan_configure +++ b/etc/rc.interfaces_lan_configure @@ -2,37 +2,37 @@ <?php /* $Id$ */ /* - rc.interfaces_lan_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.interfaces_lan_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("functions.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); interface_configure("lan"); diff --git a/etc/rc.interfaces_opt_configure b/etc/rc.interfaces_opt_configure index 57da341..aaa27c6 100755 --- a/etc/rc.interfaces_opt_configure +++ b/etc/rc.interfaces_opt_configure @@ -2,40 +2,40 @@ <?php /* $Id$ */ /* - rc.interfaces_opt_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.interfaces_opt_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("functions.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); require_once("vpn.inc"); require_once("captiveportal.inc"); - + interfaces_configure(); ?> diff --git a/etc/rc.interfaces_wan_configure b/etc/rc.interfaces_wan_configure index c291ee8..7e7eb7b 100755 --- a/etc/rc.interfaces_wan_configure +++ b/etc/rc.interfaces_wan_configure @@ -2,47 +2,49 @@ <?php /* $Id$ */ /* - rc.interfaces_wan_configure - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.interfaces_wan_configure + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); require_once("functions.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); -if (isset($_GET['interface'])) +if (isset($_GET['interface'])) { $argument = $_GET['interface']; -else +} else { $argument = str_replace("\n", "", $argv[1]); -if (empty($argument)) +} +if (empty($argument)) { interface_configure("wan"); -else { - if (!empty($config['interfaces'][$argument])) +} else { + if (!empty($config['interfaces'][$argument])) { interface_configure($argument); + } } ?> diff --git a/etc/rc.kill_states b/etc/rc.kill_states index a20753a..fe5a296 100755 --- a/etc/rc.kill_states +++ b/etc/rc.kill_states @@ -51,8 +51,9 @@ if (empty($interface) || !does_interface_exist($interface)) { if (!empty($local_ip)) { list($local_ip, $subnet_bits) = explode("/", $local_ip); - if (empty($subnet_bits)) + if (empty($subnet_bits)) { $subnet_bits = "32"; + } if (!is_ipaddr($local_ip)) { log_error("rc.kill_states: Invalid IP address '{$local_ip}'"); @@ -67,15 +68,17 @@ if (!isset($config['system']['kill_states'])) { "/usr/bin/egrep '\-> +{$local_ip}:[0-9]+ +\->'"); $cleared_states = array(); - foreach(explode("\n", $nat_states) as $nat_state) { - if (preg_match_all('/([\d\.]+):[\d]+[\s->]+/i', $nat_state, $matches, PREG_SET_ORDER) != 3) + foreach (explode("\n", $nat_states) as $nat_state) { + if (preg_match_all('/([\d\.]+):[\d]+[\s->]+/i', $nat_state, $matches, PREG_SET_ORDER) != 3) { continue; + } $src = $matches[0][1]; $dst = $matches[2][1]; - if (empty($src) || empty($dst) || in_array("{$src},{$dst}", $cleared_states)) + if (empty($src) || empty($dst) || in_array("{$src},{$dst}", $cleared_states)) { continue; + } $cleared_states[] = "{$src},{$dst}"; pfSense_kill_states($src, $dst); diff --git a/etc/rc.linkup b/etc/rc.linkup index aa5e0d8..f5d4034 100755 --- a/etc/rc.linkup +++ b/etc/rc.linkup @@ -32,15 +32,16 @@ /* parse the configuration and include all functions used below */ require_once("globals.inc"); require_once("config.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); require_once("interfaces.inc"); -if (platform_booting()) +if (platform_booting()) { return; +} function handle_argument_group($iface, $argument2) { - global $config; + global $config; if (!is_array($config['interfaces'][$iface])) { log_error("Cannot find interface configuration for {$iface}"); @@ -48,59 +49,64 @@ function handle_argument_group($iface, $argument2) { } if (!isset($config['interfaces'][$iface]['enable'])) { - if (!platform_booting()) + if (!platform_booting()) { log_error("Linkup detected on disabled interface...Ignoring"); + } return; } $ipaddr = $config['interfaces'][$iface]['ipaddr']; $ip6addr = $config['interfaces'][$iface]['ipaddrv6']; $staticv4 = false; - if (empty($ipaddr)) + if (empty($ipaddr)) { $staticv4 = true; - else + } else { $staticv4 = is_ipaddrv4($ipaddr); + } $staticv6 = false; - if (empty($ip6addr)) + if (empty($ip6addr)) { $staticv6 = true; - else + } else { $staticv6 = is_ipaddrv6($ip6addr); + } if ($staticv4 === true && $staticv6 === true) { $friendly = convert_friendly_interface_to_friendly_descr($iface); log_error("Hotplug event detected for {$friendly}({$iface}) but ignoring since interface is configured with static IP ({$ipaddr} {$ip6addr})"); interfaces_staticarp_configure($iface); switch ($argument2) { - case 'start': - case 'up': - $iface = get_real_interface($iface); - /* NOTE: Do not generate event for OpenVPN since the daemon does that for us. */ - if (substr($iface, 0, 4) != "ovpn") - send_event("interface newip {$iface}"); - break; + case 'start': + case 'up': + $iface = get_real_interface($iface); + /* NOTE: Do not generate event for OpenVPN since the daemon does that for us. */ + if (substr($iface, 0, 4) != "ovpn") { + send_event("interface newip {$iface}"); + } + break; } } else { switch ($argument2) { - case "stop": - case "down": - log_error("DEVD Ethernet detached event for {$iface}"); - interface_bring_down($iface); - break; - case "start": - case "up": - log_error("DEVD Ethernet attached event for {$iface}"); - log_error("HOTPLUG: Configuring interface {$iface}"); - require_once("vpn.inc"); - require_once("captiveportal.inc"); - // Do not try to readd to bridge otherwise em(4) has problems - interface_configure($iface, true, true); - break; + case "stop": + case "down": + log_error("DEVD Ethernet detached event for {$iface}"); + interface_bring_down($iface); + break; + case "start": + case "up": + log_error("DEVD Ethernet attached event for {$iface}"); + log_error("HOTPLUG: Configuring interface {$iface}"); + require_once("vpn.inc"); + require_once("captiveportal.inc"); + // Do not try to readd to bridge otherwise em(4) has problems + interface_configure($iface, true, true); + break; } } } if (isset($_GET['interface'])) { - if (!empty($_GET['interface'])) + if (!empty($_GET['interface'])) { $realiface = $_GET['interface']; + } $action = $_GET['action']; } else { if ($argc < 3) { @@ -112,14 +118,14 @@ if (isset($_GET['interface'])) { } switch($action) { -case "start": -case "stop": - break; -default: - log_error("HOTPLUG event: Action parameter ($action) passed is wrong - only start/stop/up/down are allowed!"); - return; - /* NOTREACHED */ - break; + case "start": + case "stop": + break; + default: + log_error("HOTPLUG event: Action parameter ($action) passed is wrong - only start/stop/up/down are allowed!"); + return; + /* NOTREACHED */ + break; } if (!empty($realiface)) { @@ -129,23 +135,27 @@ if (!empty($realiface)) { } $rclinkuplock = lock("rclinkup{$realiface}", LOCK_EX); $interface = convert_real_interface_to_friendly_interface_name($realiface); - if (!empty($interface)) + if (!empty($interface)) { handle_argument_group($interface, $action); + } if ($action == 'start') { /* Check if there is any child on this one as ppp types and trigger them */ if (is_array($config['ppps']['ppp'])) { foreach ($config['ppps']['ppp'] as $pppidx => $ppp) { - if ($ppp['type'] == 'ppp') + if ($ppp['type'] == 'ppp') { continue; + } $ports = explode(',', $ppp['ports']); foreach ($ports as $pid => $parent_if) { /* The loop here is because ppp types can have real and assigned interfaces as members */ $tmpiface = get_real_interface($parent_if); - if ($tmpiface != $realiface) + if ($tmpiface != $realiface) { continue; + } $tmpiface = convert_real_interface_to_friendly_interface_name($ppp['if']); - if (!empty($tmpiface)) + if (!empty($tmpiface)) { interface_configure($tmpiface, true, true); + } } } } diff --git a/etc/rc.newipsecdns b/etc/rc.newipsecdns index 870283a..7fecff8 100755 --- a/etc/rc.newipsecdns +++ b/etc/rc.newipsecdns @@ -3,21 +3,21 @@ /* rc.newipsecdns part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2007 Manuel Kasper <mk@neon1.net>. Copyright (C) 2009 Seth Mos <seth.mos@dds.nl>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -35,20 +35,22 @@ require_once("util.inc"); require_once("config.inc"); require_once("gwlb.inc"); require_once("functions.inc"); -require_once("filter.inc"); -require_once("shaper.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); require_once("ipsec.inc"); require_once("vpn.inc"); /* make sure to wait until the boot scripts have finished */ -if (file_exists("{$g['varrun_path']}/booting")) +if (file_exists("{$g['varrun_path']}/booting")) { return; +} if (isset($config['ipsec']['enable'])) { sleep(15); log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing."); -} else +} else { return; +} $ipseclck = lock('ipsecdns', LOCK_EX); diff --git a/etc/rc.newroutedns b/etc/rc.newroutedns index dfc766b..ba8ca32 100755 --- a/etc/rc.newroutedns +++ b/etc/rc.newroutedns @@ -34,15 +34,17 @@ require_once("functions.inc"); require_once("system.inc"); /* make sure to wait until the boot scripts have finished */ -if (file_exists("{$g['varrun_path']}/booting")) +if (file_exists("{$g['varrun_path']}/booting")) { return; +} $staticroutes = get_staticroutes(); -if (count($staticroutes)) +if (count($staticroutes)) { log_error("Static Routes: One or more aliases used for routing has changed its IP. Refreshing."); -else +} else { return; +} $routelck = lock('routedns', LOCK_EX); diff --git a/etc/rc.newwanip b/etc/rc.newwanip index d992c71..79d07a4 100755 --- a/etc/rc.newwanip +++ b/etc/rc.newwanip @@ -54,10 +54,11 @@ function restart_packages() { } /* Interface IP address has changed */ -if (isset($_GET['interface'])) +if (isset($_GET['interface'])) { $argument = $_GET['interface']; -else +} else { $argument = str_replace("\n", "", $argv[1]); +} log_error("rc.newwanip: Info: starting on {$argument}."); @@ -77,16 +78,18 @@ if (is_array($config['interfaces'][$interface]) && !isset($config['interfaces'][ return; } -if (empty($argument)) +if (empty($argument)) { $curwanip = get_interface_ip(); -else { +} else { $curwanip = find_interface_ip($interface_real, true); - if($curwanip == "") + if($curwanip == "") { $curwanip = get_interface_ip($interface); + } } -if (!platform_booting()) +if (!platform_booting()) { log_error("rc.newwanip: on (IP address: {$curwanip}) (interface: {$interface_descr}[{$interface}]) (real interface: {$interface_real})."); +} /* * NOTE: Take care of openvpn, no-ip or similar interfaces if you generate the event to reconfigure an interface. @@ -104,54 +107,64 @@ if ($curwanip == "0.0.0.0" || !is_ipaddr($curwanip)) { /* XXX: This really possible? */ if (empty($interface)) { - if (platform_booting()) + if (platform_booting()) { return; + } filter_configure(); restart_packages(); return; } $oldip = "0.0.0.0"; -if (file_exists("{$g['vardb_path']}/{$interface}_cacheip")) +if (file_exists("{$g['vardb_path']}/{$interface}_cacheip")) { $oldip = file_get_contents("{$g['vardb_path']}/{$interface}_cacheip"); +} /* regenerate resolv.conf if DNS overrides are allowed */ -if (!platform_booting()) +if (!platform_booting()) { system_resolvconf_generate(true); +} /* write the current interface IP to file */ -if (is_ipaddr($curwanip)) +if (is_ipaddr($curwanip)) { @file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip); +} link_interface_to_vips($interface, "update"); unset($gre); $gre = link_interface_to_gre($interface); -if (!empty($gre)) +if (!empty($gre)) { array_walk($gre, 'interface_gre_configure'); +} + unset($gif); $gif = link_interface_to_gif($interface); -if (!empty($gif)) +if (!empty($gif)) { array_walk($gif, 'interface_gif_configure'); +} $grouptmp = link_interface_to_group($interface); -if (!empty($grouptmp)) +if (!empty($grouptmp)) { array_walk($grouptmp, 'interface_group_add_member'); +} unset($bridgetmp); $bridgetmp = link_interface_to_bridge($interface); -if (!empty($bridgetmp)) +if (!empty($bridgetmp)) { interface_bridge_add_member($bridgetmp, $interface_real); +} // Do not process while booting -if (platform_booting()) +if (platform_booting()) { return; +} /* make new hosts file */ system_hosts_generate(); -/* check tunneled IPv6 interface tracking */ -switch($config['interfaces'][$interface]['ipaddrv6']) { +/* check tunnelled IPv6 interface tracking */ +switch ($config['interfaces'][$interface]['ipaddrv6']) { case "6to4": interface_6to4_configure($interface, $config['interfaces'][$interface]); break; @@ -159,14 +172,15 @@ switch($config['interfaces'][$interface]['ipaddrv6']) { interface_6rd_configure($interface, $config['interfaces'][$interface]); break; case "dhcp6": - if (isset($config['interfaces'][$interface]['dhcp6usev4iface'])) + if (isset($config['interfaces'][$interface]['dhcp6usev4iface'])) { interface_dhcpv6_configure($interface, $config['interfaces'][$interface]); + } break; } /* Check Gif tunnels */ if (!empty($gif)) { - foreach($gif as $giftun) { + foreach ($gif as $giftun) { $confif = convert_real_interface_to_friendly_interface_name($giftun['gifif']); if (!empty($confif)) { interface_configure($confif); @@ -200,9 +214,9 @@ if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interface filter_flush_state_table(); } } - + /* - * Some services (e.g. dyndns, see ticket #4066) depends of + * Some services (e.g. dyndns, see ticket #4066) depend on * filter_configure() to be called before, otherwise pass out * route-to rules have the old ip set in 'from' and connection * do not go through correct link @@ -214,12 +228,13 @@ if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interface /* reconfigure our gateway monitor */ setup_gateways_monitor(); - + /* reload unbound */ services_unbound_configure(); - if (is_ipaddr($curwanip)) + if (is_ipaddr($curwanip)) { @file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip); + } /* perform RFC 2136 DNS update */ services_dnsupdate_process($interface); @@ -231,8 +246,9 @@ if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interface vpn_ipsec_force_reload($interface); /* start OpenVPN server & clients */ - if (substr($interface_real, 0, 4) != "ovpn") + if (substr($interface_real, 0, 4) != "ovpn") { openvpn_resync_all($interface); + } /* reload graphing functions */ enable_rrd_graphing(); diff --git a/etc/rc.newwanipv6 b/etc/rc.newwanipv6 index 72aabf7..827fcaa 100755 --- a/etc/rc.newwanipv6 +++ b/etc/rc.newwanipv6 @@ -50,15 +50,16 @@ function restart_packages() { /* restart packages */ system_ntp_configure(false); mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true); - log_error("{$g['product_name']} package system has detected an IP change or dynamic WAN reconnection - $oldipv6 -> $curwanipv6 - Restarting packages."); + log_error("{$g['product_name']} package system has detected an IP change or dynamic WAN reconnection - $oldipv6 -> $curwanipv6 - Restarting packages."); send_event("service reload packages"); } /* Interface IP address has changed */ -if (isset($_GET['interface'])) +if (isset($_GET['interface'])) { $argument = $_GET['interface']; -else +} else { $argument = trim($argv[1], " \n\t"); +} log_error("rc.newwanipv6: Info: starting on {$argument}."); @@ -81,54 +82,65 @@ if (empty($interface)) { } //Do not process while booting -if (platform_booting() && $config['interfaces'][$interface]['ipaddrv6'] != "dhcp6") +if (platform_booting() && $config['interfaces'][$interface]['ipaddrv6'] != "dhcp6") { return; +} /* * NOTE: Take care of openvpn and similar if you generate the event to reconfigure an interface. * i.e. OpenVPN might be in tap mode and not have an ip. */ if ((empty($curwanipv6) || !is_ipaddrv6($curwanipv6)) && substr($interface_real, 0, 4) != "ovpn") { - log_error("rc.newwanipv6: Failed to update {$interface_descr}[{$interface}] IPv6, restarting..."); + log_error("rc.newwanipv6: Failed to update {$interface_descr}[{$interface}] IPv6, restarting..."); // send_event("interface reconfigure {$interface}"); - return; + return; } -if (isset($_GET['dmips'])) +if (isset($_GET['dmips'])) { $new_domain_name_servers = $_GET['dmips']; -else +} else { $new_domain_name_servers = getenv("new_domain_name_servers"); +} + if (!empty($new_domain_name_servers)) { $name_servers = explode(" ", $new_domain_name_servers); $valid_ns = array(); - foreach($name_servers as $ns) { - if (is_ipaddrv6(trim($ns))) + foreach ($name_servers as $ns) { + if (is_ipaddrv6(trim($ns))) { $valid_ns[] = trim($ns); + } } - if (count($valid_ns > 0)) + if (count($valid_ns > 0)) { file_put_contents("{$g['varetc_path']}/nameserver_v6{$interface}", implode("\n", $valid_ns)); + } } -if (isset($_GET['dmnames'])) +if (isset($_GET['dmnames'])) { $new_domain_name = $_GET['dmnames']; -else +} else { $new_domain_name = getenv("new_domain_name"); -if (!empty($new_domain_name)) +} + +if (!empty($new_domain_name)) { file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $new_domain_name); +} /* write current WAN IPv6 to file */ -if (is_ipaddrv6($curwanipv6)) +if (is_ipaddrv6($curwanipv6)) { @file_put_contents("{$g['vardb_path']}/{$interface}_ipv6", $curwanipv6); +} log_error("rc.newwanipv6: on (IP address: {$curwanipv6}) (interface: {$interface}) (real interface: {$interface_real})."); $oldipv6 = ''; -if (file_exists("{$g['vardb_path']}/{$interface}_cacheipv6")) +if (file_exists("{$g['vardb_path']}/{$interface}_cacheipv6")) { $oldipv6 = file_get_contents("{$g['vardb_path']}/{$interface}_cacheipv6"); +} $grouptmp = link_interface_to_group($interface); -if (!empty($grouptmp)) +if (!empty($grouptmp)) { array_walk($grouptmp, 'interface_group_add_member'); +} link_interface_to_track6($interface, "update"); @@ -152,19 +164,21 @@ if (empty($oldipv6) || is_ipaddrv6($oldipv6)) { vpn_ipsec_force_reload($interface); /* start OpenVPN server & clients */ - if (substr($interface_real, 0, 4) != "ovpn") + if (substr($interface_real, 0, 4) != "ovpn") { openvpn_resync_all($interface); + } } return; - } else if (does_interface_exist($interface_real) && !empty($oldipv6)) + } else if (does_interface_exist($interface_real) && !empty($oldipv6)) { mwexec("/sbin/ifconfig {$interface_real} inet6 {$oldipv6} delete"); + } file_put_contents("{$g['vardb_path']}/{$interface}_cacheipv6", $curwanipv6); } /* reload unbound */ services_unbound_configure(); - + /* perform RFC 2136 DNS update */ services_dnsupdate_process($interface); @@ -175,8 +189,9 @@ services_dyndns_configure($interface); vpn_ipsec_force_reload($interface); /* start OpenVPN server & clients */ -if (substr($interface_real, 0, 4) != "ovpn") +if (substr($interface_real, 0, 4) != "ovpn") { openvpn_resync_all($interface); +} /* reload graphing functions */ enable_rrd_graphing(); diff --git a/etc/rc.notify_message b/etc/rc.notify_message index 5075e8b..87988d3 100755 --- a/etc/rc.notify_message +++ b/etc/rc.notify_message @@ -1,31 +1,31 @@ #!/usr/local/bin/php <?php /* - rc.notify_message - part of pfSense (https://www.pfsense.org) - Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> - All rights reserved. + rc.notify_message + part of pfSense (https://www.pfsense.org) + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); @@ -38,8 +38,8 @@ $send_email = false; $send_growl = false; $message = ""; -foreach($arguments as $item => $arg) { - switch($item) { +foreach ($arguments as $item => $arg) { + switch ($item) { case "e": $send_email = true; break; @@ -52,11 +52,11 @@ foreach($arguments as $item => $arg) { } } -if($message) { - if($send_email) { +if ($message) { + if ($send_email) { notify_via_smtp($message); } - if($send_growl) { + if ($send_growl) { notify_via_growl($message); } } diff --git a/etc/rc.ntpdate b/etc/rc.ntpdate index 4d64577..4272acb 100755 --- a/etc/rc.ntpdate +++ b/etc/rc.ntpdate @@ -6,17 +6,17 @@ part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2003-2004 Scott Ullrich <sullrich@gmail.com>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -34,6 +34,6 @@ require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); - + system_ntp_configure(); ?> diff --git a/etc/rc.openvpn b/etc/rc.openvpn index 303f91c..96a80a0 100755 --- a/etc/rc.openvpn +++ b/etc/rc.openvpn @@ -3,21 +3,21 @@ /* rc.openvpn part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2007 Manuel Kasper <mk@neon1.net>. Copyright (C) 2009 Seth Mos <seth.mos@dds.nl>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -54,8 +54,9 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) { $new_device = get_failover_interface($ovpn_settings['interface']); if (isset($config['interfaces'][$interface])) { $this_device = $config['interfaces'][$interface]['if']; - if (($current_device == $new_device) && ($current_device != $this_device)) + if (($current_device == $new_device) && ($current_device != $this_device)) { $resync_needed = false; + } } } } @@ -67,26 +68,29 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) { } /* make sure to wait until the boot scripts have finished */ -if (file_exists("{$g['varrun_path']}/booting")) +if (file_exists("{$g['varrun_path']}/booting")) { return; +} /* Input argument is a comma-separated list of gateway names, blank or "all". */ -if (isset($_GET['interface'])) +if (isset($_GET['interface'])) { $argument = $_GET['interface']; -else +} else { $argument = trim($argv[1], " \n"); +} -if((is_array($config['openvpn']['openvpn-server']) && count($config['openvpn']['openvpn-server'])) || - (is_array($config['openvpn']['openvpn-client']) && count($config['openvpn']['openvpn-client']))) { +if ((is_array($config['openvpn']['openvpn-server']) && count($config['openvpn']['openvpn-server'])) || + (is_array($config['openvpn']['openvpn-client']) && count($config['openvpn']['openvpn-client']))) { if (empty($argument) || $argument == "all") { - $argument = "all"; + $argument = "all"; $log_text = "all"; } else { $log_text = "endpoints that may use " . $argument; } log_error("OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading " . $log_text . "."); -} else +} else { return; +} $openvpnlck = try_lock('openvpn', 10); if (!$openvpnlck) { @@ -98,29 +102,32 @@ if (!$openvpnlck) { $arg_array = explode(",",$argument); foreach ($arg_array as $arg_element) { $gwgroups = array(); - if ($arg_element == "all") - $interface = ""; - else { + if ($arg_element == "all") { + $interface = ""; + } else { // e.g. $arg_element = "WANGW", $interface = "wan" $interface = lookup_gateway_interface_by_name($arg_element); - if (empty($interface)) + if (empty($interface)) { $interface = $arg_element; - else + } else { // e.g. $arg_element = "WANGW", $gwgroups = array of gateway groups that use "wan" $gwgroups = gateway_is_gwgroup_member($arg_element); + } } - if(is_array($config['openvpn']['openvpn-server'])) { - foreach($config['openvpn']['openvpn-server'] as &$server) { - if ($server['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($server['interface'], $gwgroups))) + if (is_array($config['openvpn']['openvpn-server'])) { + foreach ($config['openvpn']['openvpn-server'] as &$server) { + if ($server['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($server['interface'], $gwgroups))) { openvpn_resync_if_needed('server', $server, $interface); + } } } if (is_array($config['openvpn']['openvpn-client'])) { - foreach($config['openvpn']['openvpn-client'] as &$client) { - if ($client['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($client['interface'], $gwgroups))) + foreach ($config['openvpn']['openvpn-client'] as &$client) { + if ($client['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($client['interface'], $gwgroups))) { openvpn_resync_if_needed('client', $client, $interface); + } } } } diff --git a/etc/rc.packages b/etc/rc.packages index c56cf84..7561c0e 100755 --- a/etc/rc.packages +++ b/etc/rc.packages @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.packages - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + rc.packages + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.php-fpm_restart b/etc/rc.php-fpm_restart index fff4455..6ce04c6 100755 --- a/etc/rc.php-fpm_restart +++ b/etc/rc.php-fpm_restart @@ -1,7 +1,7 @@ #!/bin/sh echo ">>> Killing php-fpm" -/bin/pkill -F /var/run/php-fpm.pid +/bin/pkill -F /var/run/php-fpm.pid sleep 2 # Run the php.ini setup file and populate diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 94de766..46ccb29 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -40,7 +40,7 @@ fi # Grab amount of memory that is detected if [ -f /var/log/dmesg.boot ]; then AVAILMEM=`/bin/cat /var/log/dmesg.boot |/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}'` -else +else AVAILMEM=`/sbin/dmesg -a |/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}'` fi @@ -61,7 +61,7 @@ if [ ${REALMEM} -lt $MIN_REALMEM_FOR_APC ]; then echo ">>> Under $MIN_REALMEM_FOR_APC megabytes of ram detected. Not enabling APC." | /usr/bin/logger -p daemon.info -i -t rc.php_ini_setup else - # Calculate APC SHM size according + # Calculate APC SHM size according # to detected memory values if [ "$AVAILMEM" -gt "135" ]; then APCSHMEMSIZE="10M" @@ -83,11 +83,11 @@ fi # Set upload directory if [ "$PLATFORM" = "nanobsd" ]; then UPLOADTMPDIR=`/usr/bin/grep upload_path /etc/inc/globals.inc | /usr/bin/cut -d'"' -f4` -else +else UPLOADTMPDIR="/tmp" fi -# Define php modules. Do not add .so, it will +# Define php modules. Do not add .so, it will # be done automatically by the script below. PHPMODULES="standard" if [ "$LOWMEM" != "TRUE" ]; then @@ -98,7 +98,7 @@ PHPMODULES="$PHPMODULES xml libxml dom" PHPMODULES="$PHPMODULES simplexml xmlreader xmlwriter" # Downloading via HTTP/FTP (pkg mgr, etc) PHPMODULES="$PHPMODULES curl date" -# Internationalization +# Internationalization PHPMODULES="$PHPMODULES gettext" # User manager PHPMODULES="$PHPMODULES ldap openssl pcntl" @@ -379,7 +379,7 @@ fi # Remove old log file if it exists. if [ -f /var/run/php_modules_load_errors.txt ]; then /bin/rm /var/run/php_modules_load_errors.txt -fi +fi for EXT in $PHPMODULES; do PHPMODULESLC="$PHPMODULESLC `echo "$EXT" | /usr/bin/tr '[:upper:]' '[:lower:]'`" @@ -392,7 +392,7 @@ for EXT in $PHPMODULESLC; do for LM in $LOADED_MODULES; do if [ "$EXT" = "$LM" ]; then SHOULDREMOVE="false" - fi + fi done # Handle low memory situations if [ "$LOWMEM" = "TRUE" ]; then diff --git a/etc/rc.prunecaptiveportal b/etc/rc.prunecaptiveportal index c7011a5..7dff6a2 100755 --- a/etc/rc.prunecaptiveportal +++ b/etc/rc.prunecaptiveportal @@ -4,20 +4,20 @@ /* rc.prunecaptiveportal part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -31,7 +31,7 @@ */ /* parse the configuration and include all functions used below */ -/* config.inc retrives the util.inc and globals.inc */ +/* config.inc retrieves the util.inc and globals.inc */ require_once("config.inc"); require_once("functions.inc"); require_once("filter.inc"); @@ -51,10 +51,10 @@ $cpzoneid = $config['captiveportal'][$cpzone]['zoneid']; if (file_exists("{$g['tmp_path']}/.rc.prunecaptiveportal.{$cpzone}.running")) { $stat = stat("{$g['tmp_path']}/.rc.prunecaptiveportal.{$cpzone}.running"); - if (time() - $stat['mtime'] >= 120) + if (time() - $stat['mtime'] >= 120) { @unlink("{$g['tmp_path']}/.rc.prunecaptiveportal.{$cpzone}.running"); - else { - log_error("Skipping CP prunning process because previous/another instance is already running"); + } else { + log_error("Skipping CP pruning process because previous/another instance is already running"); return; } } diff --git a/etc/rc.reload_all b/etc/rc.reload_all index 00dc4ef..6dcc55b 100755 --- a/etc/rc.reload_all +++ b/etc/rc.reload_all @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.reload_all - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.reload_all + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.reload_interfaces b/etc/rc.reload_interfaces index 329bf47..edf34a8 100755 --- a/etc/rc.reload_interfaces +++ b/etc/rc.reload_interfaces @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.reload_interfaces - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.reload_interfaces + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); diff --git a/etc/rc.restart_webgui b/etc/rc.restart_webgui index eef8c01..8efcf9d 100755 --- a/etc/rc.restart_webgui +++ b/etc/rc.restart_webgui @@ -13,8 +13,8 @@ echo "Restarting webConfigurator..."; sigkillbyname("lighttpd", "KILL"); while (is_process_running("lighttpd")) { - echo '.'; - sleep(1); + echo '.'; + sleep(1); } system_webgui_start(); diff --git a/etc/rc.restore_config_backup b/etc/rc.restore_config_backup index ca1728d..a1a3022 100755 --- a/etc/rc.restore_config_backup +++ b/etc/rc.restore_config_backup @@ -9,10 +9,11 @@ unset($confvers['versions']); $fp = fopen('php://stdin', 'r'); function print_backup_info($backup_info, $number) { - if($backup_info['time'] != 0) + if($backup_info['time'] != 0) { $date = date(gettext("n/j/y H:i:s"), $backup_info['time']); - else + } else { $date = gettext("Unknown"); + } list($page, $reason) = explode(": ", $backup_info['description'], 2); if (empty($reason)) { @@ -35,8 +36,9 @@ function list_backups($which="all", $return=false) { } for ($c = count($confvers)-1; $c >= 0; $c--) { - if (is_numeric($which) && ($c != $which)) + if (is_numeric($which) && ($c != $which)) { continue; + } print_backup_info($confvers[$c], $c+1); echo "\n"; } @@ -70,7 +72,7 @@ function restore_history_backup($number) { $confirm = strtoupper(chop(fgets($fp))); if ($confirm == gettext("Y")) { conf_mount_rw(); - if(config_restore($g['conf_path'] . '/backup/config-' . $thisbackup['time'] . '.xml') == 0) { + if (config_restore($g['conf_path'] . '/backup/config-' . $thisbackup['time'] . '.xml') == 0) { echo "\n"; echo sprintf(gettext('Successfully reverted to timestamp %1$s with description "%2$s".'), date(gettext("n/j/y H:i:s"), $thisbackup['time']), $thisbackup['description']); echo "\n" . gettext("You may need to reboot the firewall or restart services before the restored configuration is fully active.") . "\n\n"; @@ -79,10 +81,10 @@ function restore_history_backup($number) { } conf_mount_ro(); } else { - echo gettext("Restore canceled.") . "\n"; + echo gettext("Restore cancelled.") . "\n"; } } else { - echo gettext("Restore canceled due to invalid input.") . "\n"; + echo gettext("Restore cancelled due to invalid input.") . "\n"; } } diff --git a/etc/rc.restore_full_backup b/etc/rc.restore_full_backup index 05bb060..57cf7cb 100755 --- a/etc/rc.restore_full_backup +++ b/etc/rc.restore_full_backup @@ -8,7 +8,7 @@ if [ `tar tzPf $1 /etc/rc 2>/dev/null` ]; then EXCLUDE="--exclude /cf/conf/config.xml" rm /tmp/do_not_restore_config.xml else - EXCLUDE="" + EXCLUDE="" fi tar xzPfU $1 $EXCLUDE -C / 2>/var/etc/restore_log.txt echo "Restore of $1 complete." diff --git a/etc/rc.savevoucher b/etc/rc.savevoucher index 29b18d6..8f2d88d 100755 --- a/etc/rc.savevoucher +++ b/etc/rc.savevoucher @@ -2,20 +2,20 @@ <?php /* part of m0n0wall (http://m0n0.ch/wall) - + Copyright (C) 2007 Marcel Wiget <mwiget@mac.com>. All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -35,6 +35,6 @@ require_once("shaper.inc"); require_once("captiveportal.inc"); require_once("voucher.inc"); - + voucher_save_db_to_config(); ?> diff --git a/etc/rc.shutdown b/etc/rc.shutdown index 2102ff4..aa6468a 100755 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -6,7 +6,7 @@ if ! /usr/bin/lockf -s -t 30 /tmp/config.lock /usr/bin/true; then fi product=`cat /etc/inc/globals.inc | grep product_name | cut -d'"' -f4` - + echo echo "${product} is now shutting down ..." echo diff --git a/etc/rc.start_packages b/etc/rc.start_packages index 37be693..c1edf19 100755 --- a/etc/rc.start_packages +++ b/etc/rc.start_packages @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - rc.start_packages - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004 Scott Ullrich - All rights reserved. + rc.start_packages + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004 Scott Ullrich + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("config.inc"); @@ -39,13 +39,13 @@ require_once("pfsense-utils.inc"); require_once("service-utils.inc"); if (file_exists("{$g['tmp_path']}/.rc.start_packages.running")) { - $stat = stat("{$g['tmp_path']}/.rc.start_packages.running"); - if (time() - $stat['mtime'] >= 90) - @unlink("{$g['tmp_path']}/.rc.start_packages.running"); - else { - log_error("Skipping STARTing packages process because previous/another instance is already running"); - return; - } + $stat = stat("{$g['tmp_path']}/.rc.start_packages.running"); + if (time() - $stat['mtime'] >= 90) { + @unlink("{$g['tmp_path']}/.rc.start_packages.running"); + } else { + log_error("Skipping STARTing packages process because previous/another instance is already running"); + return; + } } @file_put_contents("{$g['tmp_path']}/.rc.start_packages.running", ""); @@ -53,16 +53,17 @@ if (file_exists("{$g['tmp_path']}/.rc.start_packages.running")) { log_error("Restarting/Starting all packages."); $rcfiles = glob(RCFILEPREFIX . "*.sh"); -if (!$rcfiles) +if (!$rcfiles) { $rcfiles = array(); -else { +} else { $rcfiles = array_flip($rcfiles); - if (!$rcfiles) + if (!$rcfiles) { $rcfiles = array(); + } } if (is_array($config['installedpackages']['package'])) { - foreach($config['installedpackages']['package'] as $pkgid => $package) { + foreach ($config['installedpackages']['package'] as $pkgid => $package) { echo " Starting package {$package['name']}..."; sync_package($pkgid); $internal_name = get_pkg_internal_name($package); diff --git a/etc/rc.update_alias_url_data b/etc/rc.update_alias_url_data index 2dfdc71..bf4f48f 100755 --- a/etc/rc.update_alias_url_data +++ b/etc/rc.update_alias_url_data @@ -2,22 +2,22 @@ <?php /* $Id$ */ /* - rc.update_alias_url_data.sh + rc.update_alias_url_data part of pfSense (https://www.pfsense.org) - + Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> All rights reserved. - + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - + 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -31,7 +31,7 @@ */ /* parse the configuration and include all functions used below */ -/* config.inc retrives the util.inc and globals.inc */ +/* config.inc retrieves the util.inc and globals.inc */ require_once("config.inc"); require_once("functions.inc"); diff --git a/etc/rc.update_bogons.sh b/etc/rc.update_bogons.sh index 6dd2a5f..85cb7df 100755 --- a/etc/rc.update_bogons.sh +++ b/etc/rc.update_bogons.sh @@ -13,14 +13,14 @@ process_url() { local url=$2 local filename=${url##*/} local ext=${filename#*.} - + /usr/bin/fetch -a -w 600 -T 30 -q -o $file "${url}" - + if [ ! -f $file ]; then echo "Could not download ${url}" | logger proc_error="true" fi - + case "$ext" in tar) mv $file $file.tmp @@ -41,11 +41,11 @@ process_url() { *) ;; esac - + if [ -f $file.tmp ]; then rm $file.tmp fi - + if [ ! -f $file ]; then echo "Could not extract ${filename}" | logger proc_error="true" @@ -56,11 +56,11 @@ echo "rc.update_bogons.sh is starting up." | logger # Sleep for some time, unless an argument is specified. if [ "$1" = "" ]; then - # Grab a random value - value=`od -A n -d -N2 /dev/random | awk '{ print $1 }'` - echo "rc.update_bogons.sh is sleeping for $value" | logger - sleep $value -fi + # Grab a random value + value=`od -A n -d -N2 /dev/random | awk '{ print $1 }'` + echo "rc.update_bogons.sh is sleeping for $value" | logger + sleep $value +fi echo "rc.update_bogons.sh is beginning the update cycle." | logger @@ -92,9 +92,9 @@ ON_DISK_V6_CKSUM=`md5 /tmp/bogonsv6 | awk '{ print $4 }'` if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ] || [ "$BOGON_V6_CKSUM" = "$ON_DISK_V6_CKSUM" ]; then # At least one of the downloaded checksums matches, so mount RW /etc/rc.conf_mount_rw - + ENTRIES_MAX=`pfctl -s memory | awk '/table-entries/ { print $4 }'` - + if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ]; then ENTRIES_TOT=`pfctl -vvsTables | awk '/Addresses/ {s+=$2}; END {print s}'` ENTRIES_V4=`pfctl -vvsTables | awk '/-\tbogons$/ {getline; print $2}'` @@ -138,14 +138,14 @@ if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ] || [ "$BOGON_V6_CKSUM" = "$ON_DIS echo "Could not download ${v6url} (checksum mismatch)" | logger checksum_error="true" fi - + # We mounted RW, so switch back to RO /etc/rc.conf_mount_ro fi if [ "$checksum_error" != "" ]; then # Relaunch and sleep - sh /etc/rc.update_bogons.sh & + sh /etc/rc.update_bogons.sh & exit fi diff --git a/etc/rc.update_urltables b/etc/rc.update_urltables index de40631..1c2913a 100755 --- a/etc/rc.update_urltables +++ b/etc/rc.update_urltables @@ -40,10 +40,11 @@ if (count($todo) > 0) { if ($r == 1) { $result = ""; // TODO: Change it when pf supports tables with ports - if ($t['type'] == "urltable") + if ($t['type'] == "urltable") { exec("/sbin/pfctl -t " . escapeshellarg($t['name']) . " -T replace -f /var/db/aliastables/" . escapeshellarg($t['name']) . ".txt 2>&1", $result); - else + } else { $filter_reload = true; + } log_error("{$argv[0]}: Updated {$t['name']} content from {$t['url']}: {$result[0]}"); } elseif ($r == -1) { log_error("{$argv[0]}: {$t['name']} does not need updating."); @@ -52,7 +53,8 @@ if (count($todo) > 0) { } } - if ($filter_reload) + if ($filter_reload) { send_event("filter reload"); + } } ?> @@ -60,21 +60,22 @@ } /* restore ssh data for nanobsd platform */ - if($g['platform'] == "nanobsd" and file_exists("/conf/sshd/ssh_host_key") and !file_exists("{$sshConfigDir}/ssh_host_key.pub")) { + if ($g['platform'] == "nanobsd" and file_exists("/conf/sshd/ssh_host_key") and !file_exists("{$sshConfigDir}/ssh_host_key.pub")) { echo "Restoring SSH from /conf/sshd/"; exec("/bin/cp -p /conf/sshd/* {$sshConfigDir}/"); /* make sure host private key permissions aren't too open so sshd won't complain */ - foreach($keyfiles as $f2c) { - if(file_exists("{$sshConfigDir}/{$f2c}")) + foreach ($keyfiles as $f2c) { + if (file_exists("{$sshConfigDir}/{$f2c}")) { chmod("{$sshConfigDir}/{$f2c}", 0600); + } } } /* if any of these files are 0 bytes then they are corrupted. * remove them */ - foreach($keyfiles as $f2c) { + foreach ($keyfiles as $f2c) { if (!file_exists("{$sshConfigDir}/{$f2c}") || filesize("{$sshConfigDir}/{$f2c}") == 0) { /* Make sure we remove both files */ unlink_if_exists($sshConfigDir . '/' . basename($f2c, ".pub")); @@ -87,15 +88,16 @@ mkdir("/var/empty", 0555); } - if(!file_exists("/var/log/lastlog")) { + if (!file_exists("/var/log/lastlog")) { /* Login related files. */ @touch("/var/log/lastlog"); } - if (is_array($config['system']['ssh']) && !empty($config['system']['ssh']['port'])) + if (is_array($config['system']['ssh']) && !empty($config['system']['ssh']['port'])) { $sshport = $config['system']['ssh']['port']; - else + } else { $sshport = 22; + } /* Include default configuration for pfSense */ $sshconf = "# This file is automatically generated at startup\n"; @@ -124,7 +126,7 @@ $sshconf .= "Port $sshport\n"; /* Hide FreeBSD version */ $sshconf .= "VersionAddendum \n"; - + /* Apply package SSHDCond settings if config file exists */ if (file_exists("/etc/sshd_extra")) { $fdExtra = fopen("/etc/sshd_extra", 'r'); @@ -137,7 +139,7 @@ @file_put_contents("{$sshConfigDir}/sshd_config", $sshconf); /* mop up from a badly implemented ssh keys -> cf backup */ - if($config['ssh']['dsa_key'] <> "") { + if ($config['ssh']['dsa_key'] <> "") { unset($config['ssh']['dsa_key']); unset($config['ssh']['ecdsa_key']); unset($config['ssh']['ed25519_key']); @@ -151,16 +153,16 @@ } /* are we already running? if so exit */ - if(is_subsystem_dirty('sshdkeys')) { + if (is_subsystem_dirty('sshdkeys')) { unset($keys, $keyfiles); return; } - + // Check for all needed key files. If any are missing, the keys need to be regenerated. $generate_keys = array(); foreach ($keys as $key) { if (!file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key") || - !file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key.pub")) { + !file_exists("{$sshConfigDir}/ssh_host_{$key['suffix']}key.pub")) { $generate_keys[] = $key; } } @@ -179,13 +181,13 @@ /* kill existing sshd process, server only, not the childs */ $sshd_pid = exec("ps ax | egrep '/usr/sbin/[s]shd' | awk '{print $1}'"); - if($sshd_pid <> "") { + if ($sshd_pid <> "") { echo "stopping ssh process $sshd_pid \n"; @posix_kill($sshd_pid, SIGTERM); } /* Launch new server process */ $status = mwexec("/usr/sbin/sshd"); - if($status <> 0) { + if ($status <> 0) { file_notice("sshd_startup", "SSHD failed to start.", "SSHD Daemon", ""); echo "error!\n"; } else { @@ -193,9 +195,10 @@ } // NanoBSD - if($g['platform'] == "nanobsd") { - if(!is_dir("/conf/sshd")) + if ($g['platform'] == "nanobsd") { + if (!is_dir("/conf/sshd")) { mkdir("/conf/sshd", 0750); + } $_gb = exec("/bin/cp -p {$sshConfigDir}/ssh_host* /conf/sshd"); } conf_mount_ro(); |
