summaryrefslogtreecommitdiffstats
path: root/src/etc/phpshellsessions
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2015-08-25 08:08:24 -0300
committerRenato Botelho <renato@netgate.com>2015-08-25 14:49:54 -0300
commit46bc6e545a17e77202aaf01ec0cd8d5a46567525 (patch)
tree32d18dda436ec739c67c489ceb771e8629cd926f /src/etc/phpshellsessions
parent4d9801c2dbd2b3e54a39578ee62b93af66607227 (diff)
downloadpfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.zip
pfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.tar.gz
Move main pfSense content to src/
Diffstat (limited to 'src/etc/phpshellsessions')
-rw-r--r--src/etc/phpshellsessions/changepassword79
-rw-r--r--src/etc/phpshellsessions/disablecarp17
-rw-r--r--src/etc/phpshellsessions/disabledhcpd13
-rw-r--r--src/etc/phpshellsessions/disablereferercheck11
-rw-r--r--src/etc/phpshellsessions/enableallowallwan36
-rw-r--r--src/etc/phpshellsessions/enablecarp23
-rw-r--r--src/etc/phpshellsessions/enablesshd12
-rw-r--r--src/etc/phpshellsessions/externalconfiglocator3
-rw-r--r--src/etc/phpshellsessions/generateguicert8
-rw-r--r--src/etc/phpshellsessions/gitsync434
-rw-r--r--src/etc/phpshellsessions/installpkg36
-rw-r--r--src/etc/phpshellsessions/listpkg16
-rw-r--r--src/etc/phpshellsessions/removepkgconfig8
-rw-r--r--src/etc/phpshellsessions/removeshaper25
-rw-r--r--src/etc/phpshellsessions/restartdhcpd4
-rw-r--r--src/etc/phpshellsessions/restartipsec7
-rw-r--r--src/etc/phpshellsessions/svc99
-rw-r--r--src/etc/phpshellsessions/uninstallpkg34
18 files changed, 865 insertions, 0 deletions
diff --git a/src/etc/phpshellsessions/changepassword b/src/etc/phpshellsessions/changepassword
new file mode 100644
index 0000000..6243fb8
--- /dev/null
+++ b/src/etc/phpshellsessions/changepassword
@@ -0,0 +1,79 @@
+require_once("config.inc");
+require("auth.inc");
+require_once("functions.inc");
+
+global $g, $config, $argv, $userindex;
+$userindex = index_users();
+
+$args = array_slice($argv, 3);
+
+$password = "";
+$confpassword = "";
+$username = "";
+
+$fp = fopen('php://stdin', 'r');
+
+// If the first parameter is empty, ask for username
+if (empty($args[0])) {
+ echo gettext("Enter username: ");
+ $username = fgets($fp);
+} else {
+ $username = $args[0];
+}
+$username = trim($username);
+
+// If the user does not exist, bail
+$user =& getUserEntry($username);
+if ($user == NULL) {
+ printf(gettext("User '%s' does not exist.\n"), $username);
+ exit(-1);
+} else {
+ printf(gettext("Changing password for '%s'.\n"), $username);
+}
+
+// If the user does exist, prompt for password
+while (empty($password)) {
+ echo gettext("New Password") . ": ";
+ exec('/bin/stty -echo');
+ $password = trim(fgets($fp));
+ exec('/bin/stty echo');
+ echo "\n";
+}
+
+// Confirm password
+while (empty($confpassword)) {
+ echo gettext("Confirm New Password") . ": ";
+ exec('/bin/stty -echo');
+ $confpassword = trim(fgets($fp));
+ exec('/bin/stty echo');
+ echo "\n";
+}
+
+// Check if user is disabled
+if (is_account_disabled($username)) {
+ echo gettext("Account is disabled, would you like to re-enable? [y|n]") . ": ";
+ if (strcasecmp(chop(fgets($fp)), "y") == 0) {
+ unset($user['disabled']);
+ }
+}
+// Check if user is expired
+if (is_account_expired($username)) {
+ echo gettext("Account is expired, would you like to clear the expiration date? [y|n]") . ": ";
+ if (strcasecmp(chop(fgets($fp)), "y") == 0) {
+ unset($user['expires']);
+ }
+}
+
+fclose($fp);
+
+// Compare password and confirm
+if ($password == $confpassword) {
+ //Reset password
+ local_user_set_password($user, $password);
+ local_user_set($user);
+ write_config(sprintf(gettext("password changed for user '%s' from console."), $username));
+ exit(0);
+} else {
+ echo gettext("New and Confirm passwords did not match.") . "\n";
+ exit(-1);
+} \ No newline at end of file
diff --git a/src/etc/phpshellsessions/disablecarp b/src/etc/phpshellsessions/disablecarp
new file mode 100644
index 0000000..1673269
--- /dev/null
+++ b/src/etc/phpshellsessions/disablecarp
@@ -0,0 +1,17 @@
+! echo "Disabling CARP..."
+require_once("config.inc");
+require_once("interfaces.inc");
+require_once("util.inc");
+
+set_single_sysctl("net.inet.carp.allow", "0");
+if (is_array($config['virtualip']['vip'])) {
+ $viparr = &$config['virtualip']['vip'];
+ foreach ($viparr as $vip) {
+ switch ($vip['mode']) {
+ case "carp":
+ interface_vip_bring_down($vip);
+ sleep(1);
+ break;
+ }
+ }
+}
diff --git a/src/etc/phpshellsessions/disabledhcpd b/src/etc/phpshellsessions/disabledhcpd
new file mode 100644
index 0000000..4dc029c
--- /dev/null
+++ b/src/etc/phpshellsessions/disabledhcpd
@@ -0,0 +1,13 @@
+global $config;
+
+$config = parse_config(true);
+
+unset($config['dhcpd']);
+
+echo "Disabling DHCP Server on all interfaces...";
+
+write_config("pfSsh.php disabled dhcp on all interfaces");
+
+services_dhcpd_configure();
+
+echo "done.\n"; \ No newline at end of file
diff --git a/src/etc/phpshellsessions/disablereferercheck b/src/etc/phpshellsessions/disablereferercheck
new file mode 100644
index 0000000..97d444a
--- /dev/null
+++ b/src/etc/phpshellsessions/disablereferercheck
@@ -0,0 +1,11 @@
+global $config;
+
+$config = parse_config(true);
+
+$config['system']['webgui']['nohttpreferercheck'] = true;
+
+echo "Disabling HTTP referer check...";
+
+write_config("PHP shell disabled HTTP referer check");
+
+echo "done.\n";
diff --git a/src/etc/phpshellsessions/enableallowallwan b/src/etc/phpshellsessions/enableallowallwan
new file mode 100644
index 0000000..5ce4f0f
--- /dev/null
+++ b/src/etc/phpshellsessions/enableallowallwan
@@ -0,0 +1,36 @@
+global $config;
+require_once("filter.inc");
+require("shaper.inc");
+$config = parse_config(true);
+echo "Adding allow all rule...\n";
+$filterent = array();
+$filterent["type"] = "pass";
+$filterent["interface"] = "wan";
+$filterent["source"]["any"] = "";
+$filterent["destination"]["any"] = "";
+$filterent["statetype"] = "keep state";
+$filterent["os"] = "";
+$filterent["descr"] = "Allow all ipv4 via pfSsh.php";
+$config["filter"]["rule"][] = $filterent;
+$filterent = array();
+$filterent["type"] = "pass";
+$filterent["ipprotocol"] = "inet6";
+$filterent["interface"] = "wan";
+$filterent["source"]["any"] = "";
+$filterent["destination"]["any"] = "";
+$filterent["statetype"] = "keep state";
+$filterent["os"] = "";
+$filterent["descr"] = "Allow all ipv6 via pfSsh.php";
+$config["filter"]["rule"][] = $filterent;
+echo "Turning off block private networks (if on)...\n";
+unset($config["interfaces"]["wan"]["blockpriv"]);
+echo "Turning off block bogon networks (if on)...\n";
+unset($config["interfaces"]["wan"]["blockbogons"]);
+unlink_if_exists("/tmp/config.cache");
+write_config("pfSsh.php added allow all wan rule");
+unlink_if_exists("/tmp/config.cache");
+unset($config['interfaces']['wan']['blockbogons']);
+$config = parse_config(true);
+echo "Reloading the filter configuration...";
+filter_configure_sync();
+echo "\n\n"; \ No newline at end of file
diff --git a/src/etc/phpshellsessions/enablecarp b/src/etc/phpshellsessions/enablecarp
new file mode 100644
index 0000000..276f29a
--- /dev/null
+++ b/src/etc/phpshellsessions/enablecarp
@@ -0,0 +1,23 @@
+! echo "Enabling CARP..."
+require_once("config.inc");
+require_once("interfaces.inc");
+require_once("util.inc");
+
+if (is_array($config['virtualip']['vip'])) {
+ $viparr = &$config['virtualip']['vip'];
+ foreach ($viparr as $vip) {
+ switch ($vip['mode']) {
+ case "carp":
+ interface_carp_configure($vip);
+ sleep(1);
+ break;
+ case "ipalias":
+ if (strpos($vip['interface'], '_vip')) {
+ interface_ipalias_configure($vip);
+ }
+ break;
+ }
+ }
+}
+interfaces_sync_setup();
+set_single_sysctl("net.inet.carp.allow", "1");
diff --git a/src/etc/phpshellsessions/enablesshd b/src/etc/phpshellsessions/enablesshd
new file mode 100644
index 0000000..0dc76de
--- /dev/null
+++ b/src/etc/phpshellsessions/enablesshd
@@ -0,0 +1,12 @@
+global $config;
+echo "Starting enablesshd...";
+require("config.inc");
+echo ".";
+$config = parse_config(true);
+echo ".";
+$config['system']['enablesshd'] = true;
+echo ".";
+write_config("pfSsh.php enabled sshd");
+echo "\nEnabling SSHD, please wait...";
+send_event("service reload sshd");
+echo "\n\n";
diff --git a/src/etc/phpshellsessions/externalconfiglocator b/src/etc/phpshellsessions/externalconfiglocator
new file mode 100644
index 0000000..84534b3
--- /dev/null
+++ b/src/etc/phpshellsessions/externalconfiglocator
@@ -0,0 +1,3 @@
+
+include("/etc/ecl.php");
+
diff --git a/src/etc/phpshellsessions/generateguicert b/src/etc/phpshellsessions/generateguicert
new file mode 100644
index 0000000..925ab60
--- /dev/null
+++ b/src/etc/phpshellsessions/generateguicert
@@ -0,0 +1,8 @@
+require_once("system.inc");
+
+echo gettext("Generating a new self-signed SSL certificate for the GUI...");
+$cert = system_webgui_create_certificate();
+echo gettext("Done.\n");
+echo gettext("Restarting webConfigurator...");
+send_event("service restart webgui");
+echo gettext("Done.\n"); \ No newline at end of file
diff --git a/src/etc/phpshellsessions/gitsync b/src/etc/phpshellsessions/gitsync
new file mode 100644
index 0000000..aced804
--- /dev/null
+++ b/src/etc/phpshellsessions/gitsync
@@ -0,0 +1,434 @@
+/* cvs_sync
+ * Written by Scott Ullrich
+ * (C)2005-2007 Scott Ullrich
+ * (C)2010-2012 Erik Fonnesbeck
+ * Part of the pfSense project pfSsh.php subsystem
+ */
+
+require_once("globals.inc");
+require_once("filter.inc");
+require_once("shaper.inc");
+require_once("rrd.inc");
+require_once("pfsense-utils.inc");
+
+$GIT_PKG = "git"; // Either "git" or the full package URL
+$GIT_BIN= "/usr/local/bin/git";
+$GIT_REPO = "git://github.com/pfsense/pfsense.git";
+$DEFAULT_BRANCH = "master";
+$CODIR = "/root/pfsense";
+$GITSYNC_MERGE = "/root/.gitsync_merge";
+
+/* NOTE: Set branches here */
+$branches = array(
+ "master" => "2.2 development branch",
+ "RELENG_2_2" => "2.2.* release branch",
+ "RELENG_2_1" => "2.1.* release branch",
+ "RELENG_2_0" => "2.0.* release branch",
+ "RELENG_1_2" => "1.2.* release branch",
+ "build_commit" => "The commit originally used to build the image"
+);
+
+global $g;
+global $argv;
+global $command_split;
+
+if (is_array($command_split)) {
+ $temp_args = array_slice($command_split, 2);
+} else {
+ $temp_args = array_slice($argv, 3);
+}
+
+$valid_args = array(
+ "--minimal" => "\tPerform a minimal copy of only the updated files.\n" .
+ "\tNot recommended if the system has files modified by any method other\n" .
+ "\tthan gitsync.\n",
+ "--help" => "\tDisplay this help list.\n"
+ );
+$args = array();
+$arg_count = 0;
+while (!empty($temp_args)) {
+ $arg = array_shift($temp_args);
+ if ($arg[0] == '-') {
+ switch ($arg) {
+ case "--help":
+ echo "Usage: playback gitsync [options] [[repository] <branch>]\nOptions:\n";
+ foreach($valid_args as $arg_name => $arg_desc) {
+ echo $arg_name . "\n" . $arg_desc;
+ }
+ exit;
+ case "--upgrading":
+ // Disables all interactive functions and neither PHP
+ // nor the web GUI will be killed or restarted.
+ $upgrading = true;
+ case (isset($valid_args[$arg])):
+ $args[$arg] = true;
+ break;
+ default:
+ echo "Invalid option: {$arg}\nUse --help for usage information.\n";
+ exit;
+ }
+ } else {
+ $args[$arg_count++] = $arg;
+ }
+}
+
+unlink_if_exists("/tmp/config.cache");
+conf_mount_rw();
+
+if (!file_exists($GIT_BIN)) {
+ require_once("pkg-utils.inc");
+
+ echo "Cannot find git, installing...\n";
+ if (!pkg_call('install -y -q git-lite')) {
+ echo "\nERROR: Unable to install git pkg.\n";
+ return;
+ }
+}
+
+# Remove mainline if exists (older)
+if (is_dir("/root/pfsense/mainline")) {
+ exec("rm -rf /root/pfsense/mainline");
+}
+
+# Remove RELENG_1_2 if exists (older)
+if (is_dir("/root/pfsense/RELENG_1_2")) {
+ exec("rm -rf /root/pfsense/RELENG_1_2");
+}
+
+# Remove HEAD if exists (older)
+if (is_dir("/root/pfsense/HEAD")) {
+ exec("rm -rf /root/pfsense/HEAD");
+}
+
+if (file_exists("/root/cvssync_backup.tgz")) {
+ $backup_date = `ls -lah /root/cvssync_backup.tgz | awk '{ print $6,$7,$8 }'`;
+ $tmp = array("RESTORE" => "Restores prior CVSSync backup data performed at {$backup_date}");
+ $branches = array_merge($branches, $tmp);
+}
+
+if (is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) {
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} config remote.origin.url", $output_str, $ret);
+ if (is_array($output_str) && !empty($output_str[0])) {
+ $GIT_REPO = $output_str[0];
+ }
+ unset($output_str);
+}
+
+if (!$args[0] && !$upgrading) {
+ echo "\nCurrent repository is $GIT_REPO\n";
+ echo "\nPlease select which branch you would like to sync against:\n\n";
+ foreach ($branches as $branchname => $branchdesc) {
+ echo "{$branchname} \t {$branchdesc}\n";
+ }
+ echo "\nOr alternatively you may enter a custom RCS branch URL (Git or HTTP).\n\n";
+ $branch = readline("> ");
+ echo "\n";
+} else {
+ $branch = $args[0];
+}
+
+if ($args[1] == "NOBACKUP") {
+ $nobackup = true;
+} else {
+ $nobackup = false;
+}
+
+// If the repository has been fetched before, build a list of its branches.
+if (is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) {
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} branch -r", $branch_list, $ret);
+ if ($ret == 0 && is_array($branch_list)) {
+ foreach ($branch_list as $branch_item) {
+ $branch_item = substr(strrchr($branch_item, "/"), 1);
+ if (!isset($branches[$branch_item])) {
+ $branches[$branch_item] = " ";
+ }
+ }
+ }
+}
+
+$found = false;
+foreach ($branches as $branchname => $branchdesc) {
+ if ($branchname == $branch) {
+ $found = true;
+ }
+}
+if (!$found) {
+ if (isURL($branch) && !$upgrading) {
+ if ($args[1]) {
+ $GIT_REPO = $branch;
+ $branch = $args[1];
+ $found = true;
+ } else {
+ echo "\n";
+ echo "NOTE: $branch was not found.\n\n";
+ $command = readline("Is this a custom GIT URL? [y]? ");
+ if (strtolower($command) == "y" or $command == "") {
+ $GIT_REPO = $branch;
+ $command = readline("Checkout which branch [${DEFAULT_BRANCH}]? ");
+ if ($command == "") {
+ $branch = $DEFAULT_BRANCH;
+ }
+ if ($command) {
+ $branch = $command;
+ }
+ $found = true;
+ }
+ }
+ }
+ if (!$found) {
+ echo "\nNo valid branch found. Exiting.\n\n";
+ conf_mount_ro();
+ exit;
+ }
+}
+
+$merge_repos = array();
+if (file_exists($GITSYNC_MERGE)) {
+ $gitsync_merges = file($GITSYNC_MERGE, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
+ if (!empty($gitsync_merges) && is_array($gitsync_merges)) {
+ echo "\n===> Automatic merge list read from ${GITSYNC_MERGE}\n";
+ foreach ($gitsync_merges as $merge_line_num => $merge_line) {
+ $merge_comments = explode("#", trim($merge_line));
+ if (empty($merge_comments[0])) {
+ continue;
+ }
+
+ $merge_line = explode(" ", trim($merge_comments[0]));
+ if (count($merge_line) != 2 || empty($merge_line[0]) || empty($merge_line[1])) {
+ echo "\nLine " . ($merge_line_num + 1) . " does not have the correct parameter count or has improper spacing.\n";
+ echo "Expected parameters: repository_url branch\n";
+ echo "Line read: " . implode(" ", $merge_line) . "\n\n";
+ echo "Aborting automatic merge.\n\n";
+ $merge_repos = array();
+ break;
+ }
+ $merge_repos[] = array('repo' => $merge_line[0], 'branch' => $merge_line[1]);
+ }
+ }
+}
+if (!$args[0] && !$upgrading) {
+ do {
+ echo "\nAdd a custom RCS branch URL (Git or HTTP) to merge in or press enter if done.\n\n";
+ $merge_repo = readline("> ");
+ if (!empty($merge_repo)) {
+ $merge_branch = readline("Merge which branch [${DEFAULT_BRANCH}]? ");
+ if ($merge_branch == "") {
+ $merge_repos[] = array('repo' => $merge_repo, 'branch' => $DEFAULT_BRANCH);
+ } else if ($merge_branch) {
+ $merge_repos[] = array('repo' => $merge_repo, 'branch' => $merge_branch);
+ }
+ }
+ } while (!empty($merge_repo));
+}
+
+if ($branch == "RESTORE" && $g['platform'] == "pfSense") {
+ if (!file_exists("/root/cvssync_backup.tgz")) {
+ echo "Sorry, we could not find a previous CVSSync backup file.\n";
+ conf_mount_ro();
+ exit();
+ }
+ echo "===> Restoring previous CVSSync backup... Please wait...\n";
+ exec("tar Uxpf /root/cvssync_backup.tgz -C /");
+ post_cvssync_commands();
+ conf_mount_ro();
+ exit();
+} else {
+ $nobackup = true; // do not backup embedded, livecd
+}
+
+if ($nobackup == false) {
+ echo "===> Backing up current pfSense information...\n";
+ echo "===> Please wait... ";
+ exec("tar czPf /root/cvssync_backup.tgz --exclude /root --exclude /dev --exclude /tmp --exclude /var/run --exclude /var/empty /");
+ $size = filesize("/root/cvssync_backup.tgz");
+ echo "{$size} bytes.\n\n";
+ sleep(5);
+}
+
+echo "===> Checking out $branch\n";
+
+// Git commands for resetting to the specified branch
+if ($branch == "build_commit") {
+ $git_cmd = array(
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} branch " . escapeshellarg($branch) . " 2>/dev/null",
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} checkout -f " . escapeshellarg($branch) . " 2>/dev/null",
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} reset --hard " . escapeshellarg(trim(file_get_contents("/etc/version.lastcommit")))
+ );
+} else {
+ $git_cmd = array(
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} branch " . escapeshellarg($branch) . " " . escapeshellarg("origin/{$branch}") . " 2>/dev/null",
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} checkout -f " . escapeshellarg($branch) . " 2>/dev/null",
+ "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} reset --hard " . escapeshellarg("origin/{$branch}")
+ );
+}
+
+// Git 'er done!
+if (is_dir("$CODIR/pfSenseGITREPO/pfSenseGITREPO")) {
+ echo "===> Fetching updates...\n";
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} config remote.origin.url " . escapeshellarg($GIT_REPO));
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} fetch");
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} clean -f -f -x -d");
+ run_cmds($git_cmd);
+} else {
+ exec("mkdir -p $CODIR/pfSenseGITREPO");
+ echo "Executing cd $CODIR/pfSenseGITREPO && {$GIT_BIN} clone $GIT_REPO pfSenseGITREPO\n";
+ exec("cd $CODIR/pfSenseGITREPO && {$GIT_BIN} clone " . escapeshellarg($GIT_REPO) . " pfSenseGITREPO");
+ if (is_dir("$CODIR/pfSenseGITREPO/pfSense")) {
+ exec("mv $CODIR/pfSenseGITREPO/pfSense $CODIR/pfSenseGITREPO/pfSenseGITREPO");
+ }
+ if (is_dir("$CODIR/pfSenseGITREPO/mainline")) {
+ exec("mv $CODIR/pfSenseGITREPO/mainline $CODIR/pfSenseGITREPO/pfSenseGITREPO");
+ }
+ run_cmds($git_cmd);
+}
+
+foreach ($merge_repos as $merge_repo) {
+ echo "===> Merging branch {$merge_repo['branch']} from {$merge_repo['repo']}\n";
+ exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} pull " . escapeshellarg($merge_repo['repo']) . " " . escapeshellarg($merge_repo['branch']), $output_str, $ret);
+ unset($output_str);
+ if ($ret <> 0) {
+ echo "\nMerge failed. Aborting sync.\n\n";
+ run_cmds($git_cmd);
+ conf_mount_ro();
+ exit;
+ }
+}
+
+if (isset($args["--minimal"])) {
+ if (file_exists("/etc/version.gitsync")) {
+ $old_revision = trim(file_get_contents("/etc/version.gitsync"));
+ } else if (file_exists("/etc/version.lastcommit")) {
+ $old_revision = trim(file_get_contents("/etc/version.lastcommit"));
+ }
+ $files_to_copy = strtr(shell_exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} diff --name-only " . escapeshellarg($old_revision)), "\n", " ");
+} else {
+ $files_to_copy = '--exclude .git .';
+}
+
+// Save new commit ID for later minimal file copies
+exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} rev-parse -q --verify HEAD > /etc/version.gitsync");
+
+exec("mkdir -p /tmp/lighttpd/cache/compress/");
+
+// Nuke CVS and pfSense tarballs
+exec("cd ${CODIR}/pfSenseGITREPO/pfSenseGITREPO && find . -name CVS -exec rm -rf {} \; 2>/dev/null");
+exec("cd ${CODIR}/pfSenseGITREPO/pfSenseGITREPO && find . -name pfSense.tgz -exec rm {} \; 2>/dev/null");
+
+// Remove files that we do not want to overwrite the system with
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/crontab 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/master.passwd 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/passwd 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/fstab 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/ttys 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/group 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/fstab 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/platform 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/boot/device.hints 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/boot/loader.conf 2>/dev/null");
+exec("rm ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/boot/loader.rc 2>/dev/null");
+exec("rm -rf ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/conf*");
+exec("rm -rf ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/cf 2>/dev/null");
+exec("rm -rf ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/root/.shrc");
+exec("rm -rf ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/root/.tcshrc");
+exec("rm -f ${CODIR}/pfSenseGITREPO/pfSenseGITREPO/etc/syslog.conf 2>/dev/null");
+
+echo "===> Installing new files...\n";
+
+if ($g['platform'] == "pfSense") {
+ $command = "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO ; tar -cpf - {$files_to_copy} | (cd / ; tar -Uxpf -)";
+} else {
+ $command = "cd $CODIR/pfSenseGITREPO/pfSenseGITREPO ; tar -cpf - {$files_to_copy} | (cd / ; tar -xpf -) 2>/dev/null";
+}
+
+if (!empty($files_to_copy)) {
+ exec($command);
+} else {
+ echo "Already up-to-date.\n";
+ $upgrading = true;
+}
+
+// Reset the repository to restore the deleted files
+exec("cd $CODIR/pfSenseGITREPO/pfSenseGITREPO && {$GIT_BIN} reset --hard >/dev/null 2>/dev/null");
+
+// Remove obsolete files
+$files_to_remove = file("/etc/pfSense.obsoletedfiles");
+foreach ($files_to_remove as $file_to_remove) {
+ if (file_exists($file_to_remove)) {
+ exec("/bin/rm -f $file_to_remove");
+ }
+}
+
+if (!$upgrading) {
+ post_cvssync_commands();
+}
+
+echo "===> Checkout complete.\n";
+echo "\n";
+if (!$upgrading) {
+ echo "Your system is now sync'd and PHP and Lighty will be restarted in 5 seconds.\n\n";
+} else {
+ echo "Your system is now sync'd.\n\n";
+}
+
+function post_cvssync_commands() {
+ echo "===> Removing FAST-CGI temporary files...\n";
+ exec("find /tmp -name \"php-fastcgi.socket*\" -exec rm -rf {} \;");
+ exec("find /tmp -name \"*.tmp\" -exec rm -rf {} \;");
+
+ exec("rm -rf /tmp/xcache/* 2>/dev/null");
+
+ echo "===> Upgrading configuration (if needed)...\n";
+ convert_config();
+
+ echo "===> Configuring filter...";
+ exec("/etc/rc.filter_configure_sync");
+ exec("pfctl -f /tmp/rules.debug");
+ echo "\n";
+
+ if (file_exists("/etc/rc.php_ini_setup")) {
+ echo "===> Running /etc/rc.php_ini_setup...";
+ exec("/etc/rc.php_ini_setup");
+ echo "\n";
+ }
+
+ /* lock down console if necessary */
+ echo "===> Locking down the console if needed...\n";
+ reload_ttys();
+
+ echo "===> Signaling PHP and Lighty restart...";
+ $fd = fopen("/tmp/restart_lighty", "w");
+ fwrite($fd, "#!/bin/sh\n");
+ fwrite($fd, "sleep 5\n");
+ fwrite($fd, "/usr/local/sbin/pfSctl -c 'service restart webgui'\n");
+ if (file_exists("/var/etc/lighty-CaptivePortal.conf")) {
+ fwrite($fd, "/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf\n");
+ }
+ fclose($fd);
+ mwexec_bg("sh /tmp/restart_lighty");
+ echo "\n";
+
+}
+
+function isUrl($url = "") {
+ if ($url) {
+ if (strstr($url, "rcs.pfsense.org") or
+ strstr($url, "mainline") or
+ strstr($url, ".git") or
+ strstr($url, "git://")) {
+ return true;
+ }
+ }
+ return false;
+}
+
+function run_cmds($cmds) {
+ global $debug;
+ foreach ($cmds as $cmd) {
+ if ($debug) {
+ echo "Running $cmd";
+ }
+ exec($cmd);
+ }
+}
+
+conf_mount_ro();
diff --git a/src/etc/phpshellsessions/installpkg b/src/etc/phpshellsessions/installpkg
new file mode 100644
index 0000000..1ac71bf
--- /dev/null
+++ b/src/etc/phpshellsessions/installpkg
@@ -0,0 +1,36 @@
+require_once("config.inc");
+require_once("util.inc");
+require_once("pkg-utils.inc");
+
+global $g, $config, $argv, $command_split;
+
+if (is_array($command_split)) {
+ $args = array_slice($command_split, 1);
+} else {
+ $args = array_slice($argv, 2);
+}
+
+$pkg_name = $args[0];
+
+echo "Installing package \"{$pkg_name}\"...\n";
+
+echo "Trying to fetch package info...";
+$pkg_info = get_pkg_info();
+if ($pkg_info) {
+ echo " Done.\n";
+} else {
+ echo "\n" . gettext(' >>> Unable to get pkg info.') . "\n";
+ return;
+}
+
+$static_output = "";
+$pkg_interface = "console";
+
+if (empty($pkg_info[$pkg_name])) {
+ echo "\nPackage not found.\n";
+ return;
+}
+
+install_package($pkg_name);
+
+echo "\nDone.\n";
diff --git a/src/etc/phpshellsessions/listpkg b/src/etc/phpshellsessions/listpkg
new file mode 100644
index 0000000..ed2c793
--- /dev/null
+++ b/src/etc/phpshellsessions/listpkg
@@ -0,0 +1,16 @@
+require_once("config.inc");
+require_once("util.inc");
+
+global $g, $config;
+
+echo "Installed packages:\n";
+
+foreach ($config['installedpackages']['package'] as $package) {
+ $name = str_pad("{$package['name']}-{$package['version']}", 30);
+ $descr = $package['descr'];
+ $line = "{$name} {$descr}";
+ if (strlen($line) > 80) {
+ $line = substr($line, 0, 77) . "...";
+ }
+ echo "{$line}\n";
+}
diff --git a/src/etc/phpshellsessions/removepkgconfig b/src/etc/phpshellsessions/removepkgconfig
new file mode 100644
index 0000000..ea365bf
--- /dev/null
+++ b/src/etc/phpshellsessions/removepkgconfig
@@ -0,0 +1,8 @@
+global $config;
+$config = parse_config(true);
+unset($config['installedpackages']);
+echo "Clearing package configuration information...\n";
+write_config("pfSsh.php cleared package configuration data.");
+$config = parse_config(true);
+echo "Removing startup files from /usr/local/etc/rc.d/...\n";
+exec("rm /usr/local/etc/rc.d/*");
diff --git a/src/etc/phpshellsessions/removeshaper b/src/etc/phpshellsessions/removeshaper
new file mode 100644
index 0000000..298e618
--- /dev/null
+++ b/src/etc/phpshellsessions/removeshaper
@@ -0,0 +1,25 @@
+require("config.inc");
+require_once("functions.inc");
+require_once("filter.inc");
+require_once("shaper.inc");
+require_once("rrd.inc");
+
+/* Much of this borrowed from firewall_shaper.php */
+
+echo gettext("Removing shaper settings...\n");
+
+unset($config['shaper']['queue']);
+unset($queue);
+unset($altq);
+
+foreach ($config['filter']['rule'] as $key => $rule) {
+ if (isset($rule['wizard']) && $rule['wizard'] == "yes") {
+ unset($config['filter']['rule'][$key]);
+ }
+}
+if (write_config()) {
+ echo gettext("Shaper Successfully Removed.\n");
+} else {
+ echo gettext("Unable to write config.xml (Access Denied?)\n");
+}
+filter_configure(); \ No newline at end of file
diff --git a/src/etc/phpshellsessions/restartdhcpd b/src/etc/phpshellsessions/restartdhcpd
new file mode 100644
index 0000000..e24c842
--- /dev/null
+++ b/src/etc/phpshellsessions/restartdhcpd
@@ -0,0 +1,4 @@
+! echo "Killing dhcp server..."
+! killall dhcpd
+! echo "Restarting dhcp server..."
+services_dhcpd_configure();
diff --git a/src/etc/phpshellsessions/restartipsec b/src/etc/phpshellsessions/restartipsec
new file mode 100644
index 0000000..ebbe9b3
--- /dev/null
+++ b/src/etc/phpshellsessions/restartipsec
@@ -0,0 +1,7 @@
+! echo "Restarting ipsec..."
+require_once("config.inc");
+require_once("filter.inc");
+require_once("auth.inc");
+require_once("ipsec.inc");
+require_once("vpn.inc");
+vpn_ipsec_configure(true);
diff --git a/src/etc/phpshellsessions/svc b/src/etc/phpshellsessions/svc
new file mode 100644
index 0000000..ee1ab40
--- /dev/null
+++ b/src/etc/phpshellsessions/svc
@@ -0,0 +1,99 @@
+require_once("config.inc");
+require_once("util.inc");
+require_once("service-utils.inc");
+
+function usage() {
+ echo "Usage: playback svc <action> <service name> [service-specific options]\n\n";
+ echo "Examples:\n";
+ echo "playback svc stop dhcpd\n";
+ echo "playback svc restart openvpn client 2\n";
+ echo "playback svc stop captiveportal zone1\n";
+ echo "\n";
+}
+
+global $g, $config, $argv, $command_split;
+
+if (is_array($command_split)) {
+ $args = array_slice($command_split, 2);
+} else {
+ $args = array_slice($argv, 3);
+}
+
+if (empty($args[0])) {
+ usage();
+}
+
+$extras = array();
+
+// start, stop, restart
+$action = $args[0];
+
+// dhcpd, openvpn, etc.
+$svc_name = $args[1];
+
+// Handle servive-specific options.
+switch ($svc_name) {
+ case "openvpn":
+ if (in_array($args[2], array("server", "client"))) {
+ $extras['vpnmode'] = $args[2];
+ } else {
+ echo "Invalid OpenVPN mode (server, client)\n";
+ return;
+ }
+ if (is_numeric($args[3])) {
+ $extras['id'] = $args[3];
+ } else {
+ echo "Invalid OpenVPN ID, must be numeric\n";
+ return;
+ }
+ $vpnsvc = find_service_by_openvpn_vpnid($extras['id']);
+ if (empty($vpnsvc)) {
+ echo "No OpenVPN client or server found with that ID.\n";
+ return;
+ }
+ break;
+ case "captiveportal":
+ if (is_validaliasname($args[2])) {
+ $extras['zone'] = $args[2];
+ } else {
+ echo "Invalid Captive Portal Zone.\n";
+ return;
+ }
+ $cpzone = find_service_by_cp_zone($extras['zone']);
+ if (empty($cpzone)) {
+ echo "No Captive Portal Zone found with that name.\n";
+ return;
+ }
+ break;
+}
+
+switch ($action) {
+ case "restart":
+ echo "Attempting to issue {$action} to {$svc_name} service...\n";
+ $savemsg = service_control_restart($svc_name, $extras);
+ break;
+ case "start":
+ echo "Attempting to issue {$action} to {$svc_name} service...\n";
+ $savemsg = service_control_start($svc_name, $extras);
+ break;
+ case "stop":
+ echo "Attempting to issue {$action} to {$svc_name} service...\n";
+ $savemsg = service_control_stop($svc_name, $extras);
+ break;
+ case "status":
+ switch ($svc_name) {
+ case "openvpn":
+ $service = $vpnsvc;
+ break;
+ case "captiveportal":
+ $service = $cpzone;
+ break;
+ default:
+ $service = find_service_by_name($svc_name);
+ break;
+ }
+ $savemsg = get_service_status($service) ? "Service {$svc_name} is running." : "Service {$svc_name} is stopped.";
+ break;
+}
+
+echo "\n{$savemsg}\n";
diff --git a/src/etc/phpshellsessions/uninstallpkg b/src/etc/phpshellsessions/uninstallpkg
new file mode 100644
index 0000000..9030e56
--- /dev/null
+++ b/src/etc/phpshellsessions/uninstallpkg
@@ -0,0 +1,34 @@
+require_once("config.inc");
+require_once("util.inc");
+require_once("pkg-utils.inc");
+
+global $g, $config, $argv, $command_split;
+
+if (is_array($command_split)) {
+ $args = array_slice($command_split, 1);
+} else {
+ $args = array_slice($argv, 2);
+}
+
+$pkg_name = $args[0];
+$pkg_info = array();
+
+echo "Removing package \"{$pkg_name}\"...\n";
+
+foreach ($config['installedpackages']['package'] as $package) {
+ if ($pkg_name == $package['name']) {
+ $pkg_info = $package;
+ }
+}
+
+$static_output = "";
+$pkg_interface = "console";
+
+if (empty($pkg_info)) {
+ echo "\nPackage not installed.\n";
+ return;
+}
+
+uninstall_package($pkg_name);
+
+echo "\nDone.\n";
OpenPOWER on IntegriCloud