diff options
-rw-r--r-- | etc/inc/config.lib.inc | 12 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 2 | ||||
-rw-r--r-- | etc/inc/voucher.inc | 28 | ||||
-rw-r--r-- | etc/inc/vpn.inc | 4 | ||||
-rwxr-xr-x | sbin/dhclient-script | 2 | ||||
-rwxr-xr-x | usr/local/www/vpn_ipsec_mobile.php | 2 |
6 files changed, 24 insertions, 26 deletions
diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index c527fd7..2edcea3 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -311,23 +311,23 @@ function conf_mount_rw() { if (refcount_reference(1000) > 1) return; - $status = mwexec("/sbin/mount -u -w {$g['cf_path']}"); + $status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}"); if($status <> 0) { if($g['booting']) echo "Disk is dirty. Running fsck -y\n"; mwexec("/sbin/fsck -y {$g['cf_path']}"); - $status = mwexec("/sbin/mount -u -w {$g['cf_path']}"); + $status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}"); } /* if the platform is soekris or wrap or pfSense, lets mount the * compact flash cards root. */ - $status = mwexec("/sbin/mount -u -w /"); + $status = mwexec("/sbin/mount -u -w -o sync,noatime /"); /* we could not mount this correctly. kick off fsck */ if($status <> 0) { log_error("File system is dirty. Launching FSCK for /"); mwexec("/sbin/fsck -y /"); - $status = mwexec("/sbin/mount -u -w /"); + $status = mwexec("/sbin/mount -u -w -o sync,noatime /"); } mark_subsystem_dirty('mount'); @@ -355,8 +355,8 @@ function conf_mount_ro() { clear_subsystem_dirty('mount'); /* sync data, then force a remount of /cf */ pfSense_sync(); - mwexec("/sbin/mount -u -r -f {$g['cf_path']}"); - mwexec("/sbin/mount -u -r -f /"); + mwexec("/sbin/mount -u -r -f -o sync,noatime {$g['cf_path']}"); + mwexec("/sbin/mount -u -r -f -o sync,noatime /"); } /****f* config/convert_config diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 3405838..07a5320 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -3666,7 +3666,7 @@ function is_altq_capable($int) { * Only the following drivers have ALTQ support */ $capable = array("age", "alc", "ale", "an", "ath", "aue", "awi", "bce", - "bfe", "bge", "bridge", "dc", "de", "ed", "em", "ep", "fxp", "gem", + "bfe", "bge", "bridge", "cas", "dc", "de", "ed", "em", "ep", "fxp", "gem", "hme", "igb", "ipw", "iwi", "jme", "le", "lem", "msk", "mxge", "my", "nfe", "npe", "nve", "ral", "re", "rl", "rum", "run", "bwn", "sf", "sis", "sk", "ste", "stge", "txp", "udav", "ural", "vge", "vr", "wi", "xl", diff --git a/etc/inc/voucher.inc b/etc/inc/voucher.inc index febb0f7..3b34e93 100644 --- a/etc/inc/voucher.inc +++ b/etc/inc/voucher.inc @@ -100,11 +100,11 @@ EOF; function voucher_auth($voucher_received, $test = 0) { global $g, $config; - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); // XMLRPC Call over to the master Voucher node $a_voucher = &$config['voucher']; - if($a_voucher['vouchersyncdbip']) { + if(!empty($a_voucher['vouchersyncdbip'])) { $syncip = $a_voucher['vouchersyncdbip']; $syncport = $a_voucher['vouchersyncport']; $syncpass = $a_voucher['vouchersyncpass']; @@ -154,10 +154,10 @@ function voucher_auth($voucher_received, $test = 0) { if (!isset($active_vouchers[$roll])) $active_vouchers[$roll] = voucher_read_active_db($roll); // valid voucher. Store roll# and ticket# - if ($line = $active_vouchers[$roll][$voucher]) { - list($timestamp,$minutes) = explode(",", $line); + if (!empty($active_vouchers[$roll][$voucher])) { + list($timestamp,$minutes) = explode(",", $active_vouchers[$roll][$voucher]); // we have an already active voucher here. - $remaining = intval((($timestamp + 60*$minutes) - time())/60); + $remaining = intval((($timestamp + (60*$minutes)) - time())/60); $test_result[] = "$voucher ($roll/$nr) active and good for $remaining Minutes"; $total_minutes += $remaining; } else { @@ -215,7 +215,7 @@ function voucher_auth($voucher_received, $test = 0) { } // If we did a XMLRPC sync earlier check the timeleft - if($a_voucher['vouchersyncdbip']) + if(!empty($a_voucher['vouchersyncdbip'])) if($remote_time_used['timeleft'] < $total_minutes) $total_minutes = $remote_time_used['timeleft']; @@ -238,8 +238,8 @@ function voucher_auth($voucher_received, $test = 0) { // log in later using just the first voucher. It also keeps username limited // to one voucher and that voucher shows the correct time credit in 'active vouchers' - if ($line = $active_vouchers[$first_voucher_roll][$first_voucher]) { - list($timestamp, $minutes) = explode(",", $line); + if (!empty($active_vouchers[$first_voucher_roll][$first_voucher])) { + list($timestamp, $minutes) = explode(",", $active_vouchers[$first_voucher_roll][$first_voucher]); } else { $timestamp = time(); // new voucher $minutes = $total_minutes; @@ -298,13 +298,13 @@ function voucher_configure() { fwrite($fd, "{$config['voucher']['rollbits']},{$config['voucher']['ticketbits']},{$config['voucher']['checksumbits']},{$config['voucher']['magic']},{$config['voucher']['charset']}\n"); fclose($fd); @chmod("{$g['varetc_path']}/voucher.cfg", 0600); - unlock($voucherlck); + unlock($voucherlck); if ($g['booting'] && is_array($config['voucher']['roll'])) { // create active and used DB per roll on ramdisk from config $a_roll = &$config['voucher']['roll']; - $voucherlck = lock('voucher'); + $voucherlck = lock('voucher', LOCK_EX); foreach ($a_roll as $rollent) { @@ -325,8 +325,8 @@ function voucher_configure() { } voucher_write_active_db($roll, $active_vouchers); } - - unlock($voucherlck); + + unlock($voucherlck); echo "done\n"; } @@ -363,7 +363,7 @@ function voucher_read_active_db($roll) { $line = trim(fgets($fd)); if ($line) { list($voucher,$timestamp,$minutes) = explode(",", $line); // voucher,timestamp - if ((($timestamp + 60*$minutes) - time()) > 0) + if ((($timestamp + (60*$minutes)) - time()) > 0) $active[$voucher] = "$timestamp,$minutes"; else $dirty=1; @@ -477,4 +477,4 @@ function voucher_save_db_to_config() { return; } -?>
\ No newline at end of file +?> diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0e21224..6f48820 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -886,9 +886,7 @@ EOD; /* mange racoon process */ if (is_process_running("racoon")) { sleep("0.1"); - /* XXX: This seems to not work in ipsec-tools 0.7.3 but a HUP signal is equivalent. */ - //mwexec("/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config", false); - sigkillbypid("{$g['varrun_path']}/racoon.pid", "HUP"); + mwexec("/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config", false); /* load SPD without flushing to be safe on config additions or changes. */ mwexec("/usr/local/sbin/setkey -f {$g['varetc_path']}/spd.conf", false); } else { diff --git a/sbin/dhclient-script b/sbin/dhclient-script index aaa8144..e7fee7a 100755 --- a/sbin/dhclient-script +++ b/sbin/dhclient-script @@ -189,7 +189,7 @@ add_new_routes() { if [ -f "/tmp/${interface}_defaultgw" -o $EXISTSGW -eq 0 ]; then $ROUTE delete default for router in $new_routers; do - if [ "$new_ip_address" = "$router" ]; then + if [ "$new_ip_address" = "$router" -o "$router" = "255.255.255.255" ]; then $ROUTE add default -iface $interface echo $ROUTE add default -iface $interface | $LOGGER echo $router > /tmp/${interface}_router diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 4e9c537..b4b1b05 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -386,7 +386,7 @@ function login_banner_change() { <input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?=$chk;?> onClick="pool_change()"> </td> <td> - <?=gettext("Provide a vitual IP address to clients"); ?><br> + <?=gettext("Provide a virtual IP address to clients"); ?><br> </td> </tr> </table> |