diff options
-rw-r--r-- | etc/inc/filter_log.inc | 187 | ||||
-rw-r--r-- | etc/inc/functions.inc | 189 | ||||
-rw-r--r-- | etc/inc/globals.inc | 120 | ||||
-rw-r--r-- | etc/inc/gmirror.inc | 59 | ||||
-rw-r--r-- | etc/inc/growl.class | 162 | ||||
-rw-r--r-- | etc/inc/gwlb.inc | 403 |
6 files changed, 634 insertions, 486 deletions
diff --git a/etc/inc/filter_log.inc b/etc/inc/filter_log.inc index 46c9b13..60f4ed5 100644 --- a/etc/inc/filter_log.inc +++ b/etc/inc/filter_log.inc @@ -45,33 +45,36 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil global $config, $g; /* Make sure this is a number before using it in a system call */ - if (!(is_numeric($tail))) + if (!(is_numeric($tail))) { return; + } - if ($filtertext) + if ($filtertext) { $tail = 5000; + } /* Always do a reverse tail, to be sure we're grabbing the 'end' of the log. */ $logarr = ""; - if(isset($config['system']['usefifolog'])) + if (isset($config['system']['usefifolog'])) { exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . " | /usr/bin/grep 'filterlog:' | /usr/bin/tail -r -n {$tail}", $logarr); - else + } else { exec("/usr/local/sbin/clog " . escapeshellarg($logfile) . " | grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/grep 'filterlog:' | /usr/bin/tail -r -n {$tail}", $logarr); + } $filterlog = array(); $counter = 0; $filterinterface = strtoupper($filterinterface); foreach ($logarr as $logent) { - if($counter >= $nentries) + if ($counter >= $nentries) { break; + } $flent = parse_filter_line($logent); - if (!$filterinterface || ($filterinterface == $flent['interface'])) - { - if ( ( ($flent != "") && (!is_array($filtertext)) && (match_filter_line ($flent, $filtertext))) || - ( ($flent != "") && ( is_array($filtertext)) && (match_filter_field($flent, $filtertext)) ) ) { + if (!$filterinterface || ($filterinterface == $flent['interface'])) { + if ((($flent != "") && (!is_array($filtertext)) && (match_filter_line ($flent, $filtertext))) || + (($flent != "") && ( is_array($filtertext)) && (match_filter_field($flent, $filtertext)))) { $counter++; $filterlog[] = $flent; } @@ -88,34 +91,40 @@ function escape_filter_regex($filtertext) { } function match_filter_line($flent, $filtertext = "") { - if (!$filtertext) + if (!$filtertext) { return true; + } $filtertext = escape_filter_regex(str_replace(' ', '\s+', $filtertext)); return @preg_match("/{$filtertext}/i", implode(" ", array_values($flent))); } function match_filter_field($flent, $fields) { foreach ($fields as $key => $field) { - if ($field == "All") + if ($field == "All") { continue; + } if ((strpos($field, '!') === 0)) { $field = substr($field, 1); if (strtolower($key) == 'act') { - if (in_arrayi($flent[$key], explode(" ", $field))) + if (in_arrayi($flent[$key], explode(" ", $field))) { return false; + } } else { $field_regex = escape_filter_regex($field); - if (@preg_match("/{$field_regex}/i", $flent[$key])) + if (@preg_match("/{$field_regex}/i", $flent[$key])) { return false; + } } } else { if (strtolower($key) == 'act') { - if (!in_arrayi($flent[$key], explode(" ", $field))) + if (!in_arrayi($flent[$key], explode(" ", $field))) { return false; + } } else { $field_regex = escape_filter_regex($field); - if (!@preg_match("/{$field_regex}/i", $flent[$key])) + if (!@preg_match("/{$field_regex}/i", $flent[$key])) { return false; + } } } } @@ -133,8 +142,9 @@ function parse_filter_line($line) { $flent = array(); $log_split = ""; - if (!preg_match("/(.*)\s(.*)\sfilterlog:\s(.*)$/", $line, $log_split)) + if (!preg_match("/(.*)\s(.*)\sfilterlog:\s(.*)$/", $line, $log_split)) { return ""; + } list($all, $flent['time'], $host, $rule) = $log_split; @@ -197,45 +207,45 @@ function parse_filter_line($line) { $flent['icmp_type'] = $rule_data[$field++]; switch ($flent['icmp_type']) { - case "request": - case "reply": - $flent['icmp_id'] = $rule_data[$field++]; - $flent['icmp_seq'] = $rule_data[$field++]; - break; - case "unreachproto": - $flent['icmp_dstip'] = $rule_data[$field++]; - $flent['icmp_protoid'] = $rule_data[$field++]; - break; - case "unreachport": - $flent['icmp_dstip'] = $rule_data[$field++]; - $flent['icmp_protoid'] = $rule_data[$field++]; - $flent['icmp_port'] = $rule_data[$field++]; - break; - case "unreach": - case "timexceed": - case "paramprob": - case "redirect": - case "maskreply": - $flent['icmp_descr'] = $rule_data[$field++]; - break; - case "needfrag": - $flent['icmp_dstip'] = $rule_data[$field++]; - $flent['icmp_mtu'] = $rule_data[$field++]; - break; - case "tstamp": - $flent['icmp_id'] = $rule_data[$field++]; - $flent['icmp_seq'] = $rule_data[$field++]; - break; - case "tstampreply": - $flent['icmp_id'] = $rule_data[$field++]; - $flent['icmp_seq'] = $rule_data[$field++]; - $flent['icmp_otime'] = $rule_data[$field++]; - $flent['icmp_rtime'] = $rule_data[$field++]; - $flent['icmp_ttime'] = $rule_data[$field++]; - break; - default : - $flent['icmp_descr'] = $rule_data[$field++]; - break; + case "request": + case "reply": + $flent['icmp_id'] = $rule_data[$field++]; + $flent['icmp_seq'] = $rule_data[$field++]; + break; + case "unreachproto": + $flent['icmp_dstip'] = $rule_data[$field++]; + $flent['icmp_protoid'] = $rule_data[$field++]; + break; + case "unreachport": + $flent['icmp_dstip'] = $rule_data[$field++]; + $flent['icmp_protoid'] = $rule_data[$field++]; + $flent['icmp_port'] = $rule_data[$field++]; + break; + case "unreach": + case "timexceed": + case "paramprob": + case "redirect": + case "maskreply": + $flent['icmp_descr'] = $rule_data[$field++]; + break; + case "needfrag": + $flent['icmp_dstip'] = $rule_data[$field++]; + $flent['icmp_mtu'] = $rule_data[$field++]; + break; + case "tstamp": + $flent['icmp_id'] = $rule_data[$field++]; + $flent['icmp_seq'] = $rule_data[$field++]; + break; + case "tstampreply": + $flent['icmp_id'] = $rule_data[$field++]; + $flent['icmp_seq'] = $rule_data[$field++]; + $flent['icmp_otime'] = $rule_data[$field++]; + $flent['icmp_rtime'] = $rule_data[$field++]; + $flent['icmp_ttime'] = $rule_data[$field++]; + break; + default : + $flent['icmp_descr'] = $rule_data[$field++]; + break; } } else if ($flent['protoid'] == '2') { // IGMP @@ -250,8 +260,9 @@ function parse_filter_line($line) { $flent['advbase'] = $rule_data[$field++]; } } else { - if($g['debug']) + if ($g['debug']) { log_error(sprintf(gettext("There was a error parsing rule number: %s. Please report to mailing list or forum."), $flent['rulenum'])); + } return ""; } @@ -259,7 +270,7 @@ function parse_filter_line($line) { if (!((trim($flent['src']) == "") || (trim($flent['dst']) == "") || (trim($flent['time']) == ""))) { return $flent; } else { - if($g['debug']) { + if ($g['debug']) { log_error(sprintf(gettext("There was a error parsing rule: %s. Please report to mailing list or forum."), $errline)); } return ""; @@ -267,8 +278,9 @@ function parse_filter_line($line) { } function get_port_with_service($port, $proto) { - if (!$port) + if (!$port) { return ''; + } $service = getservbyport($port, $proto); $portstr = ""; @@ -284,27 +296,31 @@ function find_rule_by_number($rulenum, $trackernum, $type="block") { global $g; /* Passing arbitrary input to grep could be a Very Bad Thing(tm) */ - if (!is_numeric($rulenum) || !is_numeric($trackernum) || !in_array($type, array('pass', 'block', 'match', 'rdr'))) + if (!is_numeric($rulenum) || !is_numeric($trackernum) || !in_array($type, array('pass', 'block', 'match', 'rdr'))) { return; + } - if ($trackernum == "0") + if ($trackernum == "0") { $lookup_pattern = "^@{$rulenum}\([0-9]+\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; - else + } else { $lookup_pattern = "^@[0-9]+\({$trackernum}\)[[:space:]]{$type}[[:space:]].*[[:space:]]log[[:space:]]"; + } /* At the moment, miniupnpd is the only thing I know of that generates logging rdr rules */ unset($buffer); - if ($type == "rdr") + if ($type == "rdr") { $_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | /usr/bin/egrep " . escapeshellarg("^@{$rulenum}"), $buffer); - else { - if (file_exists("{$g['tmp_path']}/rules.debug")) + } else { + if (file_exists("{$g['tmp_path']}/rules.debug")) { $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer); - else + } else { $_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep " . escapeshellarg($lookup_pattern), $buffer); + } } - if (is_array($buffer)) + if (is_array($buffer)) { return $buffer[0]; + } return ""; } @@ -325,10 +341,11 @@ function buffer_rules_load() { } } unset($buffer, $_gb); - if (file_exists("{$g['tmp_path']}/rules.debug")) + if (file_exists("{$g['tmp_path']}/rules.debug")) { $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]' | /usr/bin/egrep -v '^@[0-9]+\([0-9]+\)[[:space:]](nat|rdr|binat|no|scrub)'", $buffer); - else + } else { $_gb = exec("/sbin/pfctl -vvPsr | /usr/bin/egrep '^@[0-9]+\([0-9]+\)[[:space:]].*[[:space:]]log[[:space:]]'", $buffer); + } if (is_array($buffer)) { foreach ($buffer as $line) { @@ -336,10 +353,11 @@ function buffer_rules_load() { # pfctl rule number output with tracker number: @dd(dddddddddd) $matches = array(); if (preg_match('/\@(?P<rulenum>\d+)\((?<trackernum>\d+)\)/', $key, $matches) == 1) { - if ($matches['trackernum'] > 0) + if ($matches['trackernum'] > 0) { $key = $matches['trackernum']; - else + } else { $key = "@{$matches['rulenum']}"; + } } $buffer_rules_normal[$key] = $value; } @@ -352,13 +370,14 @@ function buffer_rules_clear() { unset($GLOBALS['buffer_rules_rdr']); } -function find_rule_by_number_buffer($rulenum, $trackernum, $type){ +function find_rule_by_number_buffer($rulenum, $trackernum, $type) { global $g, $buffer_rules_rdr, $buffer_rules_normal; - if ($trackernum == "0") + if ($trackernum == "0") { $lookup_key = "@{$rulenum}"; - else + } else { $lookup_key = $trackernum; + } if ($type == "rdr") { $ruleString = $buffer_rules_rdr[$lookup_key]; @@ -374,23 +393,26 @@ function find_rule_by_number_buffer($rulenum, $trackernum, $type){ function find_action_image($action) { global $g; - if ((strstr(strtolower($action), "p")) || (strtolower($action) == "rdr")) + if ((strstr(strtolower($action), "p")) || (strtolower($action) == "rdr")) { return "/themes/{$g['theme']}/images/icons/icon_pass.gif"; - else if(strstr(strtolower($action), "r")) + } else if (strstr(strtolower($action), "r")) { return "/themes/{$g['theme']}/images/icons/icon_reject.gif"; - else + } else { return "/themes/{$g['theme']}/images/icons/icon_block.gif"; + } } /* AJAX specific handlers */ function handle_ajax($nentries, $tail = 50) { global $config; - if($_GET['lastsawtime'] or $_POST['lastsawtime']) { + if ($_GET['lastsawtime'] or $_POST['lastsawtime']) { global $filter_logfile,$filterent; - if($_GET['lastsawtime']) + if ($_GET['lastsawtime']) { $lastsawtime = $_GET['lastsawtime']; - if($_POST['lastsawtime']) + } + if ($_POST['lastsawtime']) { $lastsawtime = $_POST['lastsawtime']; + } /* compare lastsawrule's time stamp to filter logs. * afterwards return the newer records so that client * can update AJAX interface screen. @@ -399,12 +421,13 @@ function handle_ajax($nentries, $tail = 50) { $filterlog = conv_log_filter($filter_logfile, $nentries, $tail); /* We need this to always be in forward order for the AJAX update to work properly */ $filterlog = isset($config['syslog']['reverse']) ? array_reverse($filterlog) : $filterlog; - foreach($filterlog as $log_row) { + foreach ($filterlog as $log_row) { $row_time = strtotime($log_row['time']); $img = "<img border='0' src='" . find_action_image($log_row['act']) . "' alt={$log_row['act']} title={$log_row['act']} />"; - if($row_time > $lastsawtime) { - if ($log_row['proto'] == "TCP") + if ($row_time > $lastsawtime) { + if ($log_row['proto'] == "TCP") { $log_row['proto'] .= ":{$log_row['tcpflags']}"; + } $img = "<a href=\"#\" onClick=\"javascript:getURL('diag_logs_filter.php?getrulenum={$log_row['rulenum']},{$log_row['rulenum']}', outputrule);\">{$img}</a>"; $new_rules .= "{$img}||{$log_row['time']}||{$log_row['interface']}||{$log_row['srcip']}||{$log_row['srcport']}||{$log_row['dstip']}||{$log_row['dstport']}||{$log_row['proto']}||{$log_row['version']}||" . time() . "||\n"; diff --git a/etc/inc/functions.inc b/etc/inc/functions.inc index a89aeff..ab9b73d 100644 --- a/etc/inc/functions.inc +++ b/etc/inc/functions.inc @@ -1,47 +1,47 @@ <?php /* $Id$ */ /* - functions.inc - Copyright (C) 2004-2006 Scott Ullrich - All rights reserved. - - originally part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + functions.inc + Copyright (C) 2004-2006 Scott Ullrich + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. pfSense_MODULE: utils */ /* BEGIN compatibility goo with HEAD */ -if(!function_exists("gettext")) { +if (!function_exists("gettext")) { function gettext($text) { return $text; } } -if(!function_exists("pfSenseHeader")) { +if (!function_exists("pfSenseHeader")) { /****f* pfsense-utils/pfSenseHeader * NAME * pfSenseHeader @@ -51,30 +51,33 @@ if(!function_exists("pfSenseHeader")) { * Javascript header change or browser Location: ******/ function pfSenseHeader($text) { - global $_SERVER; - if (isAjax()) { - if ($_SERVER['HTTPS'] == "on") - $protocol = "https"; - else - $protocol = "http"; - - $port = ":{$_SERVER['SERVER_PORT']}"; - if ($_SERVER['SERVER_PORT'] == "80" && $protocol == "http") - $port = ""; - if ($_SERVER['SERVER_PORT'] == "443" && $protocol == "https") - $port = ""; - $complete_url = "{$protocol}://{$_SERVER['SERVER_NAME']}{$port}/{$text}"; - echo "\ndocument.location.href = '{$complete_url}';\n"; - } else { - header("Location: $text"); - } + global $_SERVER; + if (isAjax()) { + if ($_SERVER['HTTPS'] == "on") { + $protocol = "https"; + } else { + $protocol = "http"; + } + + $port = ":{$_SERVER['SERVER_PORT']}"; + if ($_SERVER['SERVER_PORT'] == "80" && $protocol == "http") { + $port = ""; + } + if ($_SERVER['SERVER_PORT'] == "443" && $protocol == "https") { + $port = ""; + } + $complete_url = "{$protocol}://{$_SERVER['SERVER_NAME']}{$port}/{$text}"; + echo "\ndocument.location.href = '{$complete_url}';\n"; + } else { + header("Location: $text"); + } } } /* END compatibility goo with HEAD */ /*fetch menu notices function*/ -if(!function_exists("get_menu_messages")) { - function get_menu_messages(){ +if (!function_exists("get_menu_messages")) { + function get_menu_messages() { global $g,$config; if (are_notices_pending()) { $notices = get_notices(); @@ -82,63 +85,67 @@ if(!function_exists("get_menu_messages")) { ## Get Query Arguments from URL ### foreach ($_REQUEST as $key => $value) { - if ($key != "PHPSESSID") + if ($key != "PHPSESSID") { $requests[] = $key.'='.$value; } - if(is_array($requests)) + } + if (is_array($requests)) { $request_string = implode("&", $requests); + } - if(is_array($notices)) { - $notice_msgs = "<table colspan=\'6\' id=\'notice_table\'>"; - $alert_style="style=\'color:#ffffff; filter:Glow(color=#ff0000, strength=12);\' "; - $notice = "<a href=\'#\' onclick=notice_action(\'acknowledge\',\'all\');domTT_close(this); {$alert_style}>".gettext("Acknowledge All Notices")."</a>"; - $alert_link="title=\'".gettext("Click to Acknowledge")."\' {$alert_style}"; - $domtt_width=500; - foreach ($notices as $key => $value) { - $date = date("m-d-y H:i:s", $key); - $noticemsg = ($value['notice'] != "" ? $value['notice'] : $value['id']); - $noticemsg = preg_replace("/(\"|\'|\n|<.?\w+>)/i","",$noticemsg); - if ((strlen($noticemsg)* 8) > $domtt_width) - $domtt_width=(strlen($noticemsg) *8); - if ((strlen($noticemsg)* 8) > 900) - $domtt_width= 900; - $alert_action ="onclick=notice_action(\'acknowledge\',\'{$key}\');domTT_close(this);jQuery(this).parent().parent().remove();"; - $notice_msgs .= "<tr><td valign=\'top\' width=\'120\'><a href=\'#\' {$alert_link} {$alert_action}>{$date}</a></td><td valign=\'top\'><a href=\'#\' {$alert_link} {$alert_action}>[ ".htmlspecialchars($noticemsg)."]</a></td></tr>"; - } - $notice_msgs .="</table>"; - - $domtt= "onclick=\"domTT_activate(this, event, 'caption', '{$notice}','content', '<br />{$notice_msgs}', 'trail', false, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle','width','{$domtt_width}','y',5,'type', 'sticky');\""; - $menu_messages="<div id='alerts'>\n"; - if(count($notices)==1) - $msg= sprintf("%1$02d",count($notices))." ".gettext("unread notice"); - else - $msg= sprintf("%1$02d",count($notices))." ".gettext("unread notices"); - $menu_messages.="<div id='marquee-text' style='z-index:1001;'><a href='#' {$domtt}><b> .:. {$msg} .:. </b></a></div>\n"; - $menu_messages.="</div>\n"; - } + if (is_array($notices)) { + $notice_msgs = "<table colspan=\'6\' id=\'notice_table\'>"; + $alert_style="style=\'color:#ffffff; filter:Glow(color=#ff0000, strength=12);\' "; + $notice = "<a href=\'#\' onclick=notice_action(\'acknowledge\',\'all\');domTT_close(this); {$alert_style}>".gettext("Acknowledge All Notices")."</a>"; + $alert_link="title=\'".gettext("Click to Acknowledge")."\' {$alert_style}"; + $domtt_width=500; + foreach ($notices as $key => $value) { + $date = date("m-d-y H:i:s", $key); + $noticemsg = ($value['notice'] != "" ? $value['notice'] : $value['id']); + $noticemsg = preg_replace("/(\"|\'|\n|<.?\w+>)/i","",$noticemsg); + if ((strlen($noticemsg)* 8) > $domtt_width) { + $domtt_width=(strlen($noticemsg) *8); + } + if ((strlen($noticemsg)* 8) > 900) { + $domtt_width= 900; + } + $alert_action ="onclick=notice_action(\'acknowledge\',\'{$key}\');domTT_close(this);jQuery(this).parent().parent().remove();"; + $notice_msgs .= "<tr><td valign=\'top\' width=\'120\'><a href=\'#\' {$alert_link} {$alert_action}>{$date}</a></td><td valign=\'top\'><a href=\'#\' {$alert_link} {$alert_action}>[ ".htmlspecialchars($noticemsg)."]</a></td></tr>"; + } + $notice_msgs .="</table>"; + + $domtt= "onclick=\"domTT_activate(this, event, 'caption', '{$notice}','content', '<br />{$notice_msgs}', 'trail', false, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle','width','{$domtt_width}','y',5,'type', 'sticky');\""; + $menu_messages="<div id='alerts'>\n"; + if (count($notices)==1) { + $msg= sprintf("%1$02d",count($notices))." ".gettext("unread notice"); + } else { + $msg= sprintf("%1$02d",count($notices))." ".gettext("unread notices"); + } + $menu_messages.="<div id='marquee-text' style='z-index:1001;'><a href='#' {$domtt}><b> .:. {$msg} .:. </b></a></div>\n"; + $menu_messages.="</div>\n"; } - else { + } else { $menu_messages='<div id="hostname">'; - $menu_messages.=$config['system']['hostname'] . "." . $config['system']['domain']; + $menu_messages.=$config['system']['hostname'] . "." . $config['system']['domain']; $menu_messages.='</div>'; - } - return ($menu_messages); } + return ($menu_messages); + } } - -if(!function_exists("dom_title")) { - function dom_title($title_msg,$width=NULL){ + +if (!function_exists("dom_title")) { + function dom_title($title_msg,$width=NULL) { $width=preg_replace("/\D+/","",$width); - if (!empty($width)){ + if (!empty($width)) { $width=",'width',$width"; - } - if (!empty($title_msg)){ + } + if (!empty($title_msg)) { $title_msg=preg_replace("/\s+/"," ",$title_msg); - $title_msg=preg_replace("/'/","\'",$title_msg); + $title_msg=preg_replace("/'/","\'",$title_msg); return "onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '{$title_msg}', 'trail', true, 'delay', 250, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle' $width);\""; - } } } +} /* include all configuration functions */ require_once("interfaces.inc"); require_once("gwlb.inc"); diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 1d16e70..2194de1 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -1,34 +1,34 @@ <?php /* $Id$ */ /* - globals.inc - part of pfSense (https://www.pfsense.org) - Copyright (C) 2004-2010 Scott Ullrich - - Originally Part of m0n0wall - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + globals.inc + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004-2010 Scott Ullrich + + Originally Part of m0n0wall + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. pfSense_MODULE: utils @@ -36,7 +36,7 @@ global $g; $g = array( - "base_packages" => "siproxd", + "base_packages" => "siproxd", "event_address" => "unix:///var/run/check_reload_status", "factory_shipped_username" => "admin", "factory_shipped_password" => "pfsense", @@ -77,7 +77,7 @@ $g = array( "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", - "wan_interface_name" => "wan", + "wan_interface_name" => "wan", "nopccard_platforms" => array("wrap", "net48xx"), "xmlrpcbaseurl" => "https://packages.pfsense.org", "captiveportal_path" => "/usr/local/captiveportal", @@ -96,7 +96,7 @@ $iptos = array("lowdelay", "throughput", "reliability"); /* TCP flags */ $tcpflags = array("syn", "ack", "fin", "rst", "psh", "urg", "ece", "cwr"); -if(file_exists("/etc/platform")) { +if (file_exists("/etc/platform")) { $arch = php_uname("m"); $current_version = trim(file_get_contents("{$g['etc_path']}/version")); @@ -113,7 +113,7 @@ if(file_exists("/etc/platform")) { } $g['platform'] = trim(file_get_contents("/etc/platform")); - if($g['platform'] == "nanobsd") { + if ($g['platform'] == "nanobsd") { $g['firmware_update_text']="pfSense-*.img.gz"; $g['hidedownloadbackup'] = true; $g['hidebackupbeforeupgrade'] = true; @@ -124,30 +124,30 @@ if(file_exists("/etc/platform")) { } /* Default sysctls */ -$sysctls = array("net.inet.ip.portrange.first" => "1024", - "net.inet.tcp.blackhole" => "2", - "net.inet.udp.blackhole" => "1", - "net.inet.ip.random_id" => "1", - "net.inet.tcp.drop_synfin" => "1", - "net.inet.ip.redirect" => "1", - "net.inet6.ip6.redirect" => "1", +$sysctls = array("net.inet.ip.portrange.first" => "1024", + "net.inet.tcp.blackhole" => "2", + "net.inet.udp.blackhole" => "1", + "net.inet.ip.random_id" => "1", + "net.inet.tcp.drop_synfin" => "1", + "net.inet.ip.redirect" => "1", + "net.inet6.ip6.redirect" => "1", "net.inet6.ip6.use_tempaddr" => "0", "net.inet6.ip6.prefer_tempaddr" => "0", - "net.inet.tcp.syncookies" => "1", - "net.inet.tcp.recvspace" => "65228", - "net.inet.tcp.sendspace" => "65228", - "net.inet.ip.fastforwarding" => "0", - "net.inet.tcp.delayed_ack" => "0", - "net.inet.udp.maxdgram" => "57344", - "net.link.bridge.pfil_onlyip" => "0", - "net.link.bridge.pfil_member" => "1", - "net.link.bridge.pfil_bridge" => "0", - "net.link.tap.user_open" => "1", - "kern.randompid" => "347", - "net.inet.ip.intr_queue_maxlen" => "1000", - "hw.syscons.kbd_reboot" => "0", - "net.inet.tcp.log_debug" => "0", - "net.inet.tcp.tso" => "1", + "net.inet.tcp.syncookies" => "1", + "net.inet.tcp.recvspace" => "65228", + "net.inet.tcp.sendspace" => "65228", + "net.inet.ip.fastforwarding" => "0", + "net.inet.tcp.delayed_ack" => "0", + "net.inet.udp.maxdgram" => "57344", + "net.link.bridge.pfil_onlyip" => "0", + "net.link.bridge.pfil_member" => "1", + "net.link.bridge.pfil_bridge" => "0", + "net.link.tap.user_open" => "1", + "kern.randompid" => "347", + "net.inet.ip.intr_queue_maxlen" => "1000", + "hw.syscons.kbd_reboot" => "0", + "net.inet.tcp.log_debug" => "0", + "net.inet.tcp.tso" => "1", "net.inet.icmp.icmplim" => "0", "vfs.read_max" => "32", "kern.ipc.maxsockbuf" => "4262144", @@ -169,21 +169,25 @@ $sysctls = array("net.inet.ip.portrange.first" => "1024", ); /* Include override values for the above if needed. If the file doesn't exist, don't try to load it. */ -if (file_exists("/etc/inc/globals_override.inc")) +if (file_exists("/etc/inc/globals_override.inc")) { @include("globals_override.inc"); +} function platform_booting($on_console = false) { global $g; - if ($g['booting'] || file_exists("{$g['varrun_path']}/booting")) - if ($on_console == false || php_sapi_name() != 'fpm-fcgi') + if ($g['booting'] || file_exists("{$g['varrun_path']}/booting")) { + if ($on_console == false || php_sapi_name() != 'fpm-fcgi') { return true; + } + } return false; } -if (file_exists("{$g['cf_conf_path']}/enableserial_force")) +if (file_exists("{$g['cf_conf_path']}/enableserial_force")) { $g['enableserial_force'] = true; +} $config_parsed = false; diff --git a/etc/inc/gmirror.inc b/etc/inc/gmirror.inc index 01d21c4..9e26dfb 100644 --- a/etc/inc/gmirror.inc +++ b/etc/inc/gmirror.inc @@ -46,13 +46,14 @@ function gmirror_get_status() { $currentmirror = basename($all[0]); $mirrors[$currentmirror]['name'] = basename($all[0]); $mirrors[$currentmirror]['status'] = $all[1]; - if (!is_array($mirrors[$currentmirror]['components'])) + if (!is_array($mirrors[$currentmirror]['components'])) { $mirrors[$currentmirror]['components'] = array(); + } $mirrors[$currentmirror]['components'][] = $all[2]; } } } - /* Return an hash of mirrors and components */ + /* Return an hash of mirrors and components */ return $mirrors; } @@ -113,8 +114,9 @@ function gmirror_get_unused_consumers() { $all_consumers = array(); foreach ($consumerlist as $cl) { $parts = explode(" ", $cl); - foreach ($parts as $part) + foreach ($parts as $part) { $all_consumers[] = $part; + } } foreach ($disklist as $d) { if (!is_consumer_used($d) && !in_array($d, $all_consumers)) { @@ -134,8 +136,9 @@ function gmirror_get_mirrors() { /* List all consumers for a given mirror */ function gmirror_get_consumers_in_mirror($mirror) { - if (!is_valid_mirror($mirror)) + if (!is_valid_mirror($mirror)) { return array(); + } $consumers = array(); exec("/sbin/gmirror status -s " . escapeshellarg($mirror) . " | /usr/bin/awk '{print $3;}'", $consumers); @@ -144,8 +147,9 @@ function gmirror_get_consumers_in_mirror($mirror) { /* Test if a given consumer is a member of an existing mirror */ function is_consumer_in_mirror($consumer, $mirror) { - if (!is_valid_consumer($consumer) || !is_valid_mirror($mirror)) + if (!is_valid_consumer($consumer) || !is_valid_mirror($mirror)) { return false; + } $mirrorconsumers = gmirror_get_consumers_in_mirror($mirror); return in_array(basename($consumer), $mirrorconsumers); @@ -169,8 +173,9 @@ function is_consumer_used($consumer) { $mirrors = gmirror_get_mirrors(); foreach ($mirrors as $mirror) { $consumers = gmirror_get_consumers_in_mirror($mirror); - if (in_array($consumer, $consumers)) + if (in_array($consumer, $consumers)) { return true; + } } return false; } @@ -188,36 +193,41 @@ function is_valid_consumer($consumer) { /* Remove all disconnected drives from a mirror */ function gmirror_forget_disconnected($mirror) { - if (!is_valid_mirror($mirror)) + if (!is_valid_mirror($mirror)) { return false; + } return mwexec("/sbin/gmirror forget " . escapeshellarg($mirror)); } /* Insert another consumer into a mirror */ function gmirror_insert_consumer($mirror, $consumer) { - if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) + if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror insert " . escapeshellarg($mirror) . " " . escapeshellarg($consumer)); } /* Remove consumer from a mirror and clear its metadata */ function gmirror_remove_consumer($mirror, $consumer) { - if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) + if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror remove " . escapeshellarg($mirror) . " " . escapeshellarg($consumer)); } /* Wipe geom info from drive (if mirror is not running) */ function gmirror_clear_consumer($consumer) { - if (!is_valid_consumer($consumer)) + if (!is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror clear " . escapeshellarg($consumer)); } /* Find the balance method used by a given mirror */ function gmirror_get_mirror_balance($mirror) { - if (!is_valid_mirror($mirror)) + if (!is_valid_mirror($mirror)) { return false; + } $balancemethod = ""; exec("/sbin/gmirror list " . escapeshellarg($mirror) . " | /usr/bin/grep '^Balance:' | /usr/bin/awk '{print $2;}'", $balancemethod); return $balancemethod[0]; @@ -226,22 +236,25 @@ function gmirror_get_mirror_balance($mirror) { /* Change balance algorithm of the mirror */ function gmirror_configure_balance($mirror, $balancemethod) { global $balance_methods; - if (!is_valid_mirror($mirror) || !in_array($balancemethod, $balance_methods)) + if (!is_valid_mirror($mirror) || !in_array($balancemethod, $balance_methods)) { return false; + } return mwexec("/sbin/gmirror configure -b " . escapeshellarg($balancemethod) . " " . escapeshellarg($mirror)); } /* Force a mirror member to rebuild */ function gmirror_force_rebuild($mirror, $consumer) { - if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) + if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror rebuild " . escapeshellarg($mirror) . " " . escapeshellarg($consumer)); } /* Show all metadata on the physical consumer */ function gmirror_get_consumer_metadata($consumer) { - if (!is_valid_consumer($consumer)) + if (!is_valid_consumer($consumer)) { return array(); + } $output = ""; exec("/sbin/gmirror dump " . escapeshellarg($consumer), $output); return array_map('trim', $output); @@ -254,8 +267,9 @@ function gmirror_consumer_has_metadata($consumer) { /* Find the mirror to which this consumer belongs */ function gmirror_get_consumer_metadata_mirror($consumer) { - if (!is_valid_consumer($consumer)) + if (!is_valid_consumer($consumer)) { return array(); + } $metadata = gmirror_get_consumer_metadata($consumer); foreach ($metadata as $line) { if (substr($line, 0, 5) == "name:") { @@ -267,22 +281,25 @@ function gmirror_get_consumer_metadata_mirror($consumer) { /* Deactivate consumer, removing it from service in the mirror, but leave metadata intact */ function gmirror_deactivate_consumer($mirror, $consumer) { - if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) + if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror deactivate " . escapeshellarg($mirror) . " " . escapeshellarg($consumer)); } /* Reactivate a deactivated consumer */ function gmirror_activate_consumer($mirror, $consumer) { - if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) + if (!is_valid_mirror($mirror) || !is_valid_consumer($consumer)) { return false; + } return mwexec("/sbin/gmirror activate " . escapeshellarg($mirror) . " " . escapeshellarg($consumer)); } /* Find the size of the given mirror */ function gmirror_get_mirror_size($mirror) { - if (!is_valid_mirror($mirror)) + if (!is_valid_mirror($mirror)) { return false; + } $mirrorsize = ""; exec("/sbin/gmirror list " . escapeshellarg($mirror) . " | /usr/bin/grep 'Mediasize:' | /usr/bin/head -n 1 | /usr/bin/awk '{print $2;}'", $mirrorsize); return $mirrorsize[0]; @@ -292,8 +309,9 @@ function gmirror_get_mirror_size($mirror) { list output is a little odd, we can't get the output for just the disk, if the disk contains slices those get output also. */ function gmirror_get_all_unused_consumer_sizes_on_disk($disk) { - if (!is_valid_disk($disk) || !is_consumer_unused($disk)) + if (!is_valid_disk($disk) || !is_consumer_unused($disk)) { return array(); + } $output = ""; exec("/sbin/geom part list " . escapeshellarg($disk) . " | /usr/bin/egrep '(Name:|Mediasize:)' | /usr/bin/cut -c4- | /usr/bin/sed -l -e 'N;s/\\nMediasize://;P;D;' | /usr/bin/cut -c7-", $output); if (empty($output)) { @@ -315,8 +333,9 @@ function gmirror_get_all_unused_consumer_sizes_on_disk($disk) { function gmirror_get_unused_consumer_size($consumer) { $consumersizes = gmirror_get_all_unused_consumer_sizes_on_disk($consumer); foreach ($consumersizes as $csize) { - if ($csize['name'] == $consumer) + if ($csize['name'] == $consumer) { return $csize['size']; + } } return -1; } diff --git a/etc/inc/growl.class b/etc/inc/growl.class index 33650ca..8f639e5 100644 --- a/etc/inc/growl.class +++ b/etc/inc/growl.class @@ -3,100 +3,100 @@ pfSense_MODULE: notifications */ - class Growl - { - const GROWL_PRIORITY_LOW = -2; - const GROWL_PRIORITY_MODERATE = -1; - const GROWL_PRIORITY_NORMAL = 0; - const GROWL_PRIORITY_HIGH = 1; - const GROWL_PRIORITY_EMERGENCY = 2; + class Growl + { + const GROWL_PRIORITY_LOW = -2; + const GROWL_PRIORITY_MODERATE = -1; + const GROWL_PRIORITY_NORMAL = 0; + const GROWL_PRIORITY_HIGH = 1; + const GROWL_PRIORITY_EMERGENCY = 2; - private $appName; - private $address; - private $notifications; - private $password; - private $port; + private $appName; + private $address; + private $notifications; + private $password; + private $port; - public function __construct($address, $password = '', $app_name = 'PHP-Growl') - { - $this->appName = utf8_encode($app_name); - $this->address = $address; - $this->notifications = array(); - $this->password = $password; - $this->port = 9887; - } - - public function addNotification($name, $enabled = true) - { - $this->notifications[] = array('name' => utf8_encode($name), 'enabled' => $enabled); - } + public function __construct($address, $password = '', $app_name = 'PHP-Growl') + { + $this->appName = utf8_encode($app_name); + $this->address = $address; + $this->notifications = array(); + $this->password = $password; + $this->port = 9887; + } - public function register() - { - $data = ''; - $defaults = ''; - $num_defaults = 0; + public function addNotification($name, $enabled = true) + { + $this->notifications[] = array('name' => utf8_encode($name), 'enabled' => $enabled); + } - for($i = 0; $i < count($this->notifications); $i++) - { - $data .= pack('n', strlen($this->notifications[$i]['name'])) . $this->notifications[$i]['name']; - if($this->notifications[$i]['enabled']) - { - $defaults .= pack('c', $i); - $num_defaults++; - } - } + public function register() + { + $data = ''; + $defaults = ''; + $num_defaults = 0; - // pack(Protocol version, type, app name, number of notifications to register) - $data = pack('c2nc2', 1, 0, strlen($this->appName), count($this->notifications), $num_defaults) . $this->appName . $data . $defaults; - $data .= pack('H32', md5($data . $this->password)); + for ($i = 0; $i < count($this->notifications); $i++) + { + $data .= pack('n', strlen($this->notifications[$i]['name'])) . $this->notifications[$i]['name']; + if ($this->notifications[$i]['enabled']) + { + $defaults .= pack('c', $i); + $num_defaults++; + } + } - return $this->send($data); - } + // pack(Protocol version, type, app name, number of notifications to register) + $data = pack('c2nc2', 1, 0, strlen($this->appName), count($this->notifications), $num_defaults) . $this->appName . $data . $defaults; + $data .= pack('H32', md5($data . $this->password)); - public function notify($name, $title, $message, $priority = 0, $sticky = false) - { - $name = utf8_encode($name); - $title = utf8_encode($title); - $message = utf8_encode($message); - $priority = intval($priority); + return $this->send($data); + } - $flags = ($priority & 7) * 2; - if($priority < 0) $flags |= 8; - if($sticky) $flags |= 1; + public function notify($name, $title, $message, $priority = 0, $sticky = false) + { + $name = utf8_encode($name); + $title = utf8_encode($title); + $message = utf8_encode($message); + $priority = intval($priority); - // pack(protocol version, type, priority/sticky flags, notification name length, title length, message length. app name length) - $data = pack('c2n5', 1, 1, $flags, strlen($name), strlen($title), strlen($message), strlen($this->appName)); - $data .= $name . $title . $message . $this->appName; - $data .= pack('H32', md5($data . $this->password)); + $flags = ($priority & 7) * 2; + if ($priority < 0) $flags |= 8; + if ($sticky) $flags |= 1; - return $this->send($data); - } + // pack(protocol version, type, priority/sticky flags, notification name length, title length, message length. app name length) + $data = pack('c2n5', 1, 1, $flags, strlen($name), strlen($title), strlen($message), strlen($this->appName)); + $data .= $name . $title . $message . $this->appName; + $data .= pack('H32', md5($data . $this->password)); - private function send($data) - { - if(function_exists('socket_create') && function_exists('socket_sendto')) - { - $sck = @socket_create(AF_INET, SOCK_DGRAM, SOL_UDP); - if ($sck) { - socket_sendto($sck, $data, strlen($data), 0x100, $this->address, $this->port); - return true; + return $this->send($data); } - } - elseif(function_exists('fsockopen')) - { - if ($this->address) { - $fp = @fsockopen('udp://' . $this->address, $this->port); - if ($fp) { - fwrite($fp, $data); - fclose($fp); - return true; + + private function send($data) + { + if (function_exists('socket_create') && function_exists('socket_sendto')) + { + $sck = @socket_create(AF_INET, SOCK_DGRAM, SOL_UDP); + if ($sck) { + socket_sendto($sck, $data, strlen($data), 0x100, $this->address, $this->port); + return true; + } + } + elseif (function_exists('fsockopen')) + { + if ($this->address) { + $fp = @fsockopen('udp://' . $this->address, $this->port); + if ($fp) { + fwrite($fp, $data); + fclose($fp); + return true; + } + } } - } - } - return false; - } - } + return false; + } + } ?>
\ No newline at end of file diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index df6a613..a1aedb1 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -63,8 +63,9 @@ function setup_gateways_monitor() { } $apinger_debug = ""; - if (isset($config['system']['apinger_debug'])) + if (isset($config['system']['apinger_debug'])) { $apinger_debug = "debug on"; + } $apinger_default = return_apinger_defaults(); $apingerconfig = <<<EOD @@ -153,23 +154,26 @@ target default { EOD; $monitor_ips = array(); - foreach($gateways_arr as $name => $gateway) { + foreach ($gateways_arr as $name => $gateway) { /* Do not monitor if such was requested */ - if (isset($gateway['monitor_disable'])) + if (isset($gateway['monitor_disable'])) { continue; + } if (empty($gateway['monitor']) || !is_ipaddr($gateway['monitor'])) { - if (is_ipaddr($gateway['gateway'])) + if (is_ipaddr($gateway['gateway'])) { $gateway['monitor'] = $gateway['gateway']; - else /* No chance to get an ip to monitor skip target. */ + } else { /* No chance to get an ip to monitor skip target. */ continue; + } } /* if the monitor address is already used before, skip */ - if(in_array($gateway['monitor'], $monitor_ips)) + if (in_array($gateway['monitor'], $monitor_ips)) { continue; + } - /* Interface ip is needed since apinger will bind a socket to it. - * However the config GUI should already have checked this and when + /* Interface ip is needed since apinger will bind a socket to it. + * However the config GUI should already have checked this and when * PPoE is used the IP address is set to "dynamic". So using is_ipaddrv4 * or is_ipaddrv6 to identify packet type would be wrong, especially as * further checks (that can cope with the "dynamic" case) are present inside @@ -177,11 +181,13 @@ EOD; */ if ($gateway['ipprotocol'] == "inet") { // This is an IPv4 gateway... $gwifip = find_interface_ip($gateway['interface'], true); - if (!is_ipaddrv4($gwifip)) + if (!is_ipaddrv4($gwifip)) { continue; //Skip this target + } - if ($gwifip == "0.0.0.0") + if ($gwifip == "0.0.0.0") { continue; //Skip this target - the gateway is still waiting for DHCP + } /* * If the gateway is the same as the monitor we do not add a @@ -191,12 +197,13 @@ EOD; */ if (is_ipaddrv4($gateway['gateway']) && $gateway['monitor'] != $gateway['gateway']) { log_error("Removing static route for monitor {$gateway['monitor']} and adding a new route through {$gateway['gateway']}"); - if (interface_isppp_type($gateway['friendlyiface'])) + if (interface_isppp_type($gateway['friendlyiface'])) { mwexec("/sbin/route change -host " . escapeshellarg($gateway['monitor']) . " -iface " . escapeshellarg($gateway['interface']), true); - else + } else { mwexec("/sbin/route change -host " . escapeshellarg($gateway['monitor']) . " " . escapeshellarg($gateway['gateway']), true); + } pfSense_kill_states("0.0.0.0/0", $gateway['monitor'], $gateway['interface'], "icmp"); } @@ -204,8 +211,9 @@ EOD; if ($gateway['monitor'] == $gateway['gateway']) { /* link locals really need a different src ip */ if (is_linklocal($gateway['gateway'])) { - if (!strpos($gateway['gateway'], '%')) + if (!strpos($gateway['gateway'], '%')) { $gateway['gateway'] .= '%' . $gateway['interface']; + } $gwifip = find_interface_ipv6_ll($gateway['interface'], true); } else { $gwifip = find_interface_ipv6($gateway['interface'], true); @@ -220,13 +228,16 @@ EOD; } /* Make sure srcip and target have scope defined when they are ll */ - if (is_linklocal($gwifip) && !strpos($gwifip, '%')) + if (is_linklocal($gwifip) && !strpos($gwifip, '%')) { $gwifip .= '%' . $gateway['interface']; - if (is_linklocal($gateway['monitor']) && !strpos($gateway['monitor'], '%')) + } + if (is_linklocal($gateway['monitor']) && !strpos($gateway['monitor'], '%')) { $gateway['monitor'] .= "%{$gateway['interface']}"; + } - if (!is_ipaddrv6($gwifip)) + if (!is_ipaddrv6($gwifip)) { continue; //Skip this target + } /* * If the gateway is the same as the monitor we do not add a @@ -236,17 +247,19 @@ EOD; */ if ($gateway['gateway'] != $gateway['monitor']) { log_error("Removing static route for monitor {$gateway['monitor']} and adding a new route through {$gateway['gateway']}"); - if (interface_isppp_type($gateway['friendlyiface'])) + if (interface_isppp_type($gateway['friendlyiface'])) { mwexec("/sbin/route change -host -inet6 " . escapeshellarg($gateway['monitor']) . " -iface " . escapeshellarg($gateway['interface']), true); - else + } else { mwexec("/sbin/route change -host -inet6 " . escapeshellarg($gateway['monitor']) . " " . escapeshellarg($gateway['gateway']), true); + } pfSense_kill_states("::0.0.0.0/0", $gateway['monitor'], $gateway['interface'], "icmpv6"); } - } else + } else { continue; + } $monitor_ips[] = $gateway['monitor']; $apingercfg = "target \"{$gateway['monitor']}\" {\n"; @@ -261,7 +274,7 @@ EOD; $apingercfg .= " interval " . $interval . "s\n"; } - ## How many replies should be used to compute average delay + ## How many replies should be used to compute average delay ## for controlling "delay" alarms if (!empty($gateway['avg_delay_samples']) && is_numeric($gateway['avg_delay_samples'])) { $avg_delay_samples = intval($gateway['avg_delay_samples']); # Restrict to Integer @@ -273,18 +286,24 @@ EOD; ## How many probes should be used to compute average loss if (!empty($gateway['avg_loss_samples']) && is_numeric($gateway['avg_loss_samples'])) { $avg_loss_samples = intval($gateway['avg_loss_samples']); # Restrict to Integer - if ($avg_loss_samples < 1) $avg_loss_samples = 1; # Minimum - if ($avg_loss_samples != $apinger_default['avg_loss_samples']) # If not default value + if ($avg_loss_samples < 1) { + $avg_loss_samples = 1; # Minimum + } + if ($avg_loss_samples != $apinger_default['avg_loss_samples']) { # If not default value $apingercfg .= " avg_loss_samples " . $avg_loss_samples . "\n"; + } } ## The delay (in samples) after which loss is computed ## without this delays larger than interval would be treated as loss if (!empty($gateway['avg_loss_delay_samples']) && is_numeric($gateway['avg_loss_delay_samples'])) { $avg_loss_delay_samples = intval($gateway['avg_loss_delay_samples']); # Restrict to Integer - if ($avg_loss_delay_samples < 1) $avg_loss_delay_samples = 1; # Minimum - if ($avg_loss_delay_samples != $apinger_default['avg_loss_delay_samples']) # If not default value + if ($avg_loss_delay_samples < 1) { + $avg_loss_delay_samples = 1; # Minimum + } + if ($avg_loss_delay_samples != $apinger_default['avg_loss_delay_samples']) { # If not default value $apingercfg .= " avg_loss_delay_samples " . $avg_loss_delay_samples . "\n"; + } } $alarms = ""; @@ -298,8 +317,9 @@ EOD; $alarms .= "\"{$name}loss\""; $override = true; } else { - if ($override == true) + if ($override == true) { $alarms .= ","; + } $alarms .= "\"loss\""; $override = true; } @@ -308,13 +328,15 @@ EOD; $alarmscfg .= "\tdelay_low {$gateway['latencylow']}ms\n"; $alarmscfg .= "\tdelay_high {$gateway['latencyhigh']}ms\n"; $alarmscfg .= "}\n"; - if ($override == true) + if ($override == true) { $alarms .= ","; + } $alarms .= "\"{$name}delay\""; $override = true; } else { - if ($override == true) + if ($override == true) { $alarms .= ","; + } $alarms .= "\"delay\""; $override = true; } @@ -322,21 +344,25 @@ EOD; $alarmscfg .= "alarm down \"{$name}down\" {\n"; $alarmscfg .= "\ttime {$gateway['down']}s\n"; $alarmscfg .= "}\n"; - if ($override == true) + if ($override == true) { $alarms .= ","; + } $alarms .= "\"{$name}down\""; $override = true; } else { - if ($override == true) + if ($override == true) { $alarms .= ","; + } $alarms .= "\"down\""; $override = true; } - if ($override == true) + if ($override == true) { $apingercfg .= "\talarms override {$alarms};\n"; + } - if (isset($gateway['force_down'])) + if (isset($gateway['force_down'])) { $apingercfg .= "\tforce_down on\n"; + } $apingercfg .= " rrd file \"{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd\"\n"; $apingercfg .= "}\n"; @@ -345,18 +371,18 @@ EOD; $apingerconfig .= $alarmscfg; $apingerconfig .= $apingercfg; - # Create gateway quality RRD with settings more suitable for pfSense graph set, - # since apinger uses default step (300; 5 minutes) and other settings that don't + # Create gateway quality RRD with settings more suitable for pfSense graph set, + # since apinger uses default step (300; 5 minutes) and other settings that don't # match the pfSense gateway quality graph set. create_gateway_quality_rrd("{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd"); } @file_put_contents("{$g['varetc_path']}/apinger.conf", $apingerconfig); unset($apingerconfig); - /* Restart apinger process */ - if (isvalidpid("{$g['varrun_path']}/apinger.pid")) + /* Restart apinger process */ + if (isvalidpid("{$g['varrun_path']}/apinger.pid")) { sigkillbypid("{$g['varrun_path']}/apinger.pid", "HUP"); - else { + } else { /* start a new apinger process */ @unlink("{$g['varrun_path']}/apinger.status"); sleep(1); @@ -374,20 +400,23 @@ function return_gateways_status($byname = false) { $apingerstatus = array(); /* Always get the latest status from apinger */ - if (file_exists("{$g['varrun_path']}/apinger.pid")) - sigkillbypid("{$g['varrun_path']}/apinger.pid", "USR1"); + if (file_exists("{$g['varrun_path']}/apinger.pid")) { + sigkillbypid("{$g['varrun_path']}/apinger.pid", "USR1"); + } if (file_exists("{$g['varrun_path']}/apinger.status")) { $apingerstatus = file("{$g['varrun_path']}/apinger.status"); - } else + } else { $apingerstatus = array(); + } $status = array(); - foreach($apingerstatus as $line) { + foreach ($apingerstatus as $line) { $info = explode("|", $line); - if ($byname == false) + if ($byname == false) { $target = $info[0]; - else + } else { $target = $info[2]; + } $status[$target] = array(); $status[$target]['monitorip'] = $info[0]; @@ -402,26 +431,29 @@ function return_gateways_status($byname = false) { /* tack on any gateways that have monitoring disabled * or are down, which could cause gateway groups to fail */ $gateways_arr = return_gateways_array(); - foreach($gateways_arr as $gwitem) { - if(!isset($gwitem['monitor_disable'])) + foreach ($gateways_arr as $gwitem) { + if (!isset($gwitem['monitor_disable'])) { continue; - if(!is_ipaddr($gwitem['monitorip'])) { + } + if (!is_ipaddr($gwitem['monitorip'])) { $realif = $gwitem['interface']; $tgtip = get_interface_gateway($realif); - if (!is_ipaddr($tgtip)) + if (!is_ipaddr($tgtip)) { $tgtip = "none"; + } $srcip = find_interface_ip($realif); } else { $tgtip = $gwitem['monitorip']; $srcip = find_interface_ip($realif); } - if($byname == true) + if ($byname == true) { $target = $gwitem['name']; - else + } else { $target = $tgtip; + } /* failsafe for down interfaces */ - if($target == "none") { + if ($target == "none") { $target = $gwitem['name']; $status[$target]['name'] = $gwitem['name']; $status[$target]['lastcheck'] = date('r'); @@ -464,16 +496,18 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive $i++; if (empty($config['interfaces'][$gateway['interface']])) { - if ($inactive === false) + if ($inactive === false) { continue; - else + } else { $gateway['inactive'] = true; + } } $wancfg = $config['interfaces'][$gateway['interface']]; /* skip disabled interfaces */ - if ($disabled === false && (!isset($wancfg['enable']))) + if ($disabled === false && (!isset($wancfg['enable']))) { continue; + } /* if the gateway is dynamic and we can find the IPv4, Great! */ if (empty($gateway['gateway']) || $gateway['gateway'] == "dynamic") { @@ -481,8 +515,9 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive /* we know which interfaces is dynamic, this should be made a function */ $gateway['gateway'] = get_interface_gateway($gateway['interface']); /* no IP address found, set to dynamic */ - if (!is_ipaddrv4($gateway['gateway'])) + if (!is_ipaddrv4($gateway['gateway'])) { $gateway['gateway'] = "dynamic"; + } $gateway['dynamic'] = true; } @@ -491,23 +526,26 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive /* we know which interfaces is dynamic, this should be made a function, and for v6 too */ $gateway['gateway'] = get_interface_gateway_v6($gateway['interface']); /* no IPv6 address found, set to dynamic */ - if (!is_ipaddrv6($gateway['gateway'])) + if (!is_ipaddrv6($gateway['gateway'])) { $gateway['gateway'] = "dynamic"; + } $gateway['dynamic'] = true; } } else { /* getting this detection right is hard at this point because we still don't * store the address family in the gateway item */ - if (is_ipaddrv4($gateway['gateway'])) + if (is_ipaddrv4($gateway['gateway'])) { $gateway['ipprotocol'] = "inet"; - else if(is_ipaddrv6($gateway['gateway'])) + } else if (is_ipaddrv6($gateway['gateway'])) { $gateway['ipprotocol'] = "inet6"; + } } - if (isset($gateway['monitor_disable'])) + if (isset($gateway['monitor_disable'])) { $gateway['monitor_disable'] = true; - else if (empty($gateway['monitor'])) + } else if (empty($gateway['monitor'])) { $gateway['monitor'] = $gateway['gateway']; + } $gateway['friendlyiface'] = $gateway['interface']; @@ -538,38 +576,45 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive $gateways_arr_temp[$gateway['name']] = $gateway; /* skip disabled gateways if the caller has not asked for them to be returned. */ - if (!($disabled === false && isset($gateway['disabled']))) + if (!($disabled === false && isset($gateway['disabled']))) { $gateways_arr[$gateway['name']] = $gateway; + } } } unset($gateway); /* Loop through all interfaces with a gateway and add it to a array */ - if ($disabled == false) + if ($disabled == false) { $iflist = get_configured_interface_with_descr(); - else + } else { $iflist = get_configured_interface_with_descr(false, true); + } /* Process/add dynamic v4 gateways. */ - foreach($iflist as $ifname => $friendly ) { - if(! interface_has_gateway($ifname)) + foreach ($iflist as $ifname => $friendly ) { + if (! interface_has_gateway($ifname)) { continue; + } - if (empty($config['interfaces'][$ifname])) + if (empty($config['interfaces'][$ifname])) { continue; + } $ifcfg = &$config['interfaces'][$ifname]; - if(!isset($ifcfg['enable'])) + if (!isset($ifcfg['enable'])) { continue; + } - if(!empty($ifcfg['ipaddr']) && is_ipaddrv4($ifcfg['ipaddr'])) + if (!empty($ifcfg['ipaddr']) && is_ipaddrv4($ifcfg['ipaddr'])) { continue; + } - if (isset($interfaces_v4[$ifname])) + if (isset($interfaces_v4[$ifname])) { continue; + } $ctype = ""; - switch($ifcfg['ipaddr']) { + switch ($ifcfg['ipaddr']) { case "dhcp": case "pppoe": case "pptp": @@ -585,15 +630,17 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive if (is_array($config['openvpn']['openvpn-server'])) { foreach ($config['openvpn']['openvpn-server'] as & $ovpnserverconf) { if ($ovpnserverconf['vpnid'] == $ovpnid) { - if ($ovpnserverconf['dev_mode'] == "tap") + if ($ovpnserverconf['dev_mode'] == "tap") { continue 3; + } } } } } $ctype = "VPNv4"; - } else if ($tunnelif == "gif" || $tunnelif == "gre") + } else if ($tunnelif == "gif" || $tunnelif == "gre") { $ctype = "TUNNELv4"; + } break; } $ctype = "_". strtoupper($ctype); @@ -613,18 +660,21 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive $found_defaultv4 = 1; } /* Loopback dummy for dynamic interfaces without a IP */ - if (!is_ipaddrv4($gateway['gateway']) && $gateway['dynamic'] == true) + if (!is_ipaddrv4($gateway['gateway']) && $gateway['dynamic'] == true) { $gateway['gateway'] = "dynamic"; + } /* automatically skip known static and dynamic gateways that were previously processed */ - foreach($gateways_arr_temp as $gateway_item) { + foreach ($gateways_arr_temp as $gateway_item) { if ((($ifname == $gateway_item['friendlyiface'] && $friendly == $gateway_item['name'])&& ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) || - ($ifname == $gateway_item['friendlyiface'] && $gateway_item['dynamic'] == true) && ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) - continue 2; + ($ifname == $gateway_item['friendlyiface'] && $gateway_item['dynamic'] == true) && ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) { + continue 2; + } } - if (is_ipaddrv4($gateway['gateway'])) + if (is_ipaddrv4($gateway['gateway'])) { $gateway['monitor'] = $gateway['gateway']; + } $gateway['descr'] = "Interface {$friendly}{$ctype} Gateway"; $gateways_arr[$gateway['name']] = $gateway; @@ -632,29 +682,35 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive unset($gateway); /* Process/add dynamic v6 gateways. */ - foreach($iflist as $ifname => $friendly ) { + foreach ($iflist as $ifname => $friendly ) { /* If the user has disabled IPv6, they probably don't want any IPv6 gateways. */ - if (!isset($config['system']['ipv6allow'])) + if (!isset($config['system']['ipv6allow'])) { break; + } - if(! interface_has_gatewayv6($ifname)) + if (! interface_has_gatewayv6($ifname)) { continue; + } - if (empty($config['interfaces'][$ifname])) + if (empty($config['interfaces'][$ifname])) { continue; + } $ifcfg = &$config['interfaces'][$ifname]; - if(!isset($ifcfg['enable'])) + if (!isset($ifcfg['enable'])) { continue; + } - if(!empty($ifcfg['ipaddrv6']) && is_ipaddrv6($ifcfg['ipaddrv6'])) + if (!empty($ifcfg['ipaddrv6']) && is_ipaddrv6($ifcfg['ipaddrv6'])) { continue; + } - if(isset($interfaces_v6[$ifname])) + if (isset($interfaces_v6[$ifname])) { continue; + } $ctype = ""; - switch($ifcfg['ipaddrv6']) { + switch ($ifcfg['ipaddrv6']) { case "slaac": case "dhcp6": case "6to4": @@ -670,15 +726,17 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive if (is_array($config['openvpn']['openvpn-server'])) { foreach ($config['openvpn']['openvpn-server'] as & $ovpnserverconf) { if ($ovpnserverconf['vpnid'] == $ovpnid) { - if ($ovpnserverconf['dev_mode'] == "tap") + if ($ovpnserverconf['dev_mode'] == "tap") { continue 3; + } } } } } $ctype = "VPNv6"; - } else if ($tunnelif == "gif" || $tunnelif == "gre") + } else if ($tunnelif == "gif" || $tunnelif == "gre") { $ctype = "TUNNELv6"; + } break; } $ctype = "_". strtoupper($ctype); @@ -688,7 +746,7 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive $gateway['ipprotocol'] = "inet6"; $gateway['gateway'] = get_interface_gateway_v6($ifname, $gateway['dynamic']); $gateway['interface'] = get_real_interface($ifname, "inet6"); - switch($ifcfg['ipaddrv6']) { + switch ($ifcfg['ipaddrv6']) { case "6rd": case "6to4": $gateway['dynamic'] = "default"; @@ -705,18 +763,21 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive } /* Loopback dummy for dynamic interfaces without a IP */ - if (!is_ipaddrv6($gateway['gateway']) && $gateway['dynamic'] == true) + if (!is_ipaddrv6($gateway['gateway']) && $gateway['dynamic'] == true) { $gateway['gateway'] = "dynamic"; + } /* automatically skip known static and dynamic gateways that were previously processed */ - foreach($gateways_arr_temp as $gateway_item) { + foreach ($gateways_arr_temp as $gateway_item) { if ((($ifname == $gateway_item['friendlyiface'] && $friendly == $gateway_item['name']) && ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) || - ($ifname == $gateway_item['friendlyiface'] && $gateway_item['dynamic'] == true) && ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) - continue 2; + ($ifname == $gateway_item['friendlyiface'] && $gateway_item['dynamic'] == true) && ($gateway['ipprotocol'] == $gateway_item['ipprotocol'])) { + continue 2; + } } - if (is_ipaddrv6($gateway['gateway'])) + if (is_ipaddrv6($gateway['gateway'])) { $gateway['monitor'] = $gateway['gateway']; + } $gateway['descr'] = "Interface {$friendly}{$ctype} Gateway"; $gateways_arr[$gateway['name']] = $gateway; @@ -744,7 +805,7 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive } } - if($localhost === true) { + if ($localhost === true) { /* attach localhost for Null routes */ $gwlo4 = array(); $gwlo4['name'] = "Null4"; @@ -776,27 +837,32 @@ function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) { if (($gwsttng['ipprotocol'] == $ipprotocol) && isset($gwsttng['defaultgw'])) { $dfltgwfound = true; $dfltgwname = $gwname; - if (!isset($gwsttng['monitor_disable']) && stristr($gateways_status[$gwname]['status'], "down")) + if (!isset($gwsttng['monitor_disable']) && stristr($gateways_status[$gwname]['status'], "down")) { $dfltgwdown = true; + } } /* Keep a record of the last up gateway */ /* XXX: Blacklist lan for now since it might cause issues to those who have a gateway set for it */ - if (empty($upgw) && ($gwsttng['ipprotocol'] == $ipprotocol) && (isset($gwsttng['monitor_disable']) || !stristr($gateways_status[$gwname]['status'], "down")) && $gwsttng[$gwname]['friendlyiface'] != "lan") + if (empty($upgw) && ($gwsttng['ipprotocol'] == $ipprotocol) && (isset($gwsttng['monitor_disable']) || !stristr($gateways_status[$gwname]['status'], "down")) && $gwsttng[$gwname]['friendlyiface'] != "lan") { $upgw = $gwname; - if ($dfltgwdown == true && !empty($upgw)) + } + if ($dfltgwdown == true && !empty($upgw)) { break; + } } if ($dfltgwfound == false) { $gwname = convert_friendly_interface_to_friendly_descr("wan"); - if (!empty($gateways_status[$gwname]) && stristr($gateways_status[$gwname]['status'], "down")) + if (!empty($gateways_status[$gwname]) && stristr($gateways_status[$gwname]['status'], "down")) { $dfltgwdown = true; + } } if ($dfltgwdown == true && !empty($upgw)) { - if ($gateways_arr[$upgw]['gateway'] == "dynamic") + if ($gateways_arr[$upgw]['gateway'] == "dynamic") { $gateways_arr[$upgw]['gateway'] = get_interface_gateway($gateways_arr[$upgw]['friendlyiface']); + } if (is_ipaddr($gateways_arr[$upgw]['gateway'])) { log_error("Default gateway down setting {$upgw} as default!"); - if(is_ipaddrv6($gateways_arr[$upgw]['gateway'])) { + if (is_ipaddrv6($gateways_arr[$upgw]['gateway'])) { $inetfamily = "-inet6"; } else { $inetfamily = "-inet"; @@ -805,12 +871,15 @@ function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) { } } else if (!empty($dfltgwname)) { $defaultgw = trim(exec("/sbin/route -n get -{$ipprotocol} default | /usr/bin/awk '/gateway:/ {print $2}'"), " \n"); - if ($ipprotocol == 'inet6' && !is_ipaddrv6($gateways_arr[$dfltgwname]['gateway'])) + if ($ipprotocol == 'inet6' && !is_ipaddrv6($gateways_arr[$dfltgwname]['gateway'])) { return; - if ($ipprotocol == 'inet' && !is_ipaddrv4($gateways_arr[$dfltgwname]['gateway'])) + } + if ($ipprotocol == 'inet' && !is_ipaddrv4($gateways_arr[$dfltgwname]['gateway'])) { return; - if ($defaultgw != $gateways_arr[$dfltgwname]['gateway']) + } + if ($defaultgw != $gateways_arr[$dfltgwname]['gateway']) { mwexec("/sbin/route change -{$ipprotocol} default {$gateways_arr[$dfltgwname]['gateway']}"); + } } } @@ -841,14 +910,16 @@ function return_gateway_groups_array() { list($gwname, $tier, $vipname) = explode("|", $item); if (is_ipaddr($carplist[$vipname])) { - if (!is_array($gwvip_arr[$group['name']])) + if (!is_array($gwvip_arr[$group['name']])) { $gwvip_arr[$group['name']] = array(); + } $gwvip_arr[$group['name']][$gwname] = $vipname; } /* Do it here rather than reiterating again the group in case no member is up. */ - if (!is_array($backupplan[$tier])) + if (!is_array($backupplan[$tier])) { $backupplan[$tier] = array(); + } $backupplan[$tier][] = $gwname; /* check if the gateway is available before adding it to the array */ @@ -873,12 +944,14 @@ function return_gateway_groups_array() { notify_via_smtp($msg); } else { /* Online add member */ - if (!is_array($tiers[$tier])) + if (!is_array($tiers[$tier])) { $tiers[$tier] = array(); + } $tiers[$tier][] = $gwname; } - } else if (isset($gateways_arr[$gwname]['monitor_disable'])) + } else if (isset($gateways_arr[$gwname]['monitor_disable'])) { $tiers[$tier][] = $gwname; + } } $tiers_count = count($tiers); if ($tiers_count == 0) { @@ -903,10 +976,11 @@ function return_gateway_groups_array() { $gateway = $gateways_arr[$member]; $int = $gateway['interface']; $gatewayip = ""; - if(is_ipaddr($gateway['gateway'])) + if (is_ipaddr($gateway['gateway'])) { $gatewayip = $gateway['gateway']; - else if (!empty($int)) + } else if (!empty($int)) { $gatewayip = get_interface_gateway($gateway['friendlyiface']); + } if (!empty($int)) { $gateway_groups_array[$group['name']]['ipprotocol'] = $gateway['ipprotocol']; @@ -915,18 +989,20 @@ function return_gateway_groups_array() { $groupmember['int'] = $int; $groupmember['gwip'] = $gatewayip; $groupmember['weight'] = isset($gateway['weight']) ? $gateway['weight'] : 1; - if (is_array($gwvip_arr[$group['name']])&& !empty($gwvip_arr[$group['name']][$member])) + if (is_array($gwvip_arr[$group['name']])&& !empty($gwvip_arr[$group['name']][$member])) { $groupmember['vip'] = $gwvip_arr[$group['name']][$member]; + } $gateway_groups_array[$group['name']][] = $groupmember; } } } } /* we should have the 1st available tier now, exit stage left */ - if (count($gateway_groups_array[$group['name']]) > 0) + if (count($gateway_groups_array[$group['name']]) > 0) { break; - else + } else { log_error("GATEWAYS: Group {$group['name']} did not have any gateways up on tier {$tieridx}!"); + } } } } @@ -937,25 +1013,27 @@ function return_gateway_groups_array() { /* Update DHCP WAN Interface ip address in gateway group item */ function dhclient_update_gateway_groups_defaultroute($interface = "wan") { global $config, $g; - foreach($config['gateways']['gateway_item'] as & $gw) { - if($gw['interface'] == $interface) { + foreach ($config['gateways']['gateway_item'] as & $gw) { + if ($gw['interface'] == $interface) { $current_gw = get_interface_gateway($interface); - if($gw['gateway'] <> $current_gw) { + if ($gw['gateway'] <> $current_gw) { $gw['gateway'] = $current_gw; $changed = true; } } } - if($changed && $current_gw) + if ($changed && $current_gw) { write_config(sprintf(gettext('Updating gateway group gateway for %1$s - new gateway is %2$s'), $interfac, $current_gw)); + } } function lookup_gateway_ip_by_name($name) { $gateways_arr = return_gateways_array(false, true); foreach ($gateways_arr as $gname => $gw) { - if ($gw['name'] === $name || $gname === $name) + if ($gw['name'] === $name || $gname === $name) { return $gw['gateway']; + } } return false; @@ -966,8 +1044,9 @@ function lookup_gateway_monitor_ip_by_name($name) { $gateways_arr = return_gateways_array(false, true); if (!empty($gateways_arr[$name])) { $gateway = $gateways_arr[$name]; - if(!is_ipaddr($gateway['monitor'])) + if (!is_ipaddr($gateway['monitor'])) { return $gateway['gateway']; + } return $gateway['monitor']; } @@ -989,14 +1068,15 @@ function lookup_gateway_interface_by_name($name) { function get_interface_gateway($interface, &$dynamic = false) { global $config, $g; - if (substr($interface, 0, 4) == '_vip') + if (substr($interface, 0, 4) == '_vip') { $interface = get_configured_carp_interface_list($interface, 'inet', 'iface'); + } $gw = NULL; $gwcfg = $config['interfaces'][$interface]; if (!empty($gwcfg['gateway']) && is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gateway) { - if(($gateway['name'] == $gwcfg['gateway']) && (is_ipaddrv4($gateway['gateway']))) { + foreach ($config['gateways']['gateway_item'] as $gateway) { + if (($gateway['name'] == $gwcfg['gateway']) && (is_ipaddrv4($gateway['gateway']))) { $gw = $gateway['gateway']; break; } @@ -1007,11 +1087,12 @@ function get_interface_gateway($interface, &$dynamic = false) { if (($gw == NULL || !is_ipaddrv4($gw)) && !is_ipaddrv4($gwcfg['ipaddr'])) { $realif = get_real_interface($interface); if (file_exists("{$g['tmp_path']}/{$realif}_router")) { - $gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_router"), " \n"); + $gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_router"), " \n"); $dynamic = true; } - if (file_exists("{$g['tmp_path']}/{$realif}_defaultgw")) + if (file_exists("{$g['tmp_path']}/{$realif}_defaultgw")) { $dynamic = "default"; + } } @@ -1022,14 +1103,15 @@ function get_interface_gateway($interface, &$dynamic = false) { function get_interface_gateway_v6($interface, &$dynamic = false) { global $config, $g; - if (substr($interface, 0, 4) == '_vip') + if (substr($interface, 0, 4) == '_vip') { $interface = get_configured_carp_interface_list($interface, 'inet6', 'iface'); + } $gw = NULL; $gwcfg = $config['interfaces'][$interface]; if (!empty($gwcfg['gatewayv6']) && is_array($config['gateways']['gateway_item'])) { - foreach($config['gateways']['gateway_item'] as $gateway) { - if(($gateway['name'] == $gwcfg['gatewayv6']) && (is_ipaddrv6($gateway['gateway']))) { + foreach ($config['gateways']['gateway_item'] as $gateway) { + if (($gateway['name'] == $gwcfg['gatewayv6']) && (is_ipaddrv6($gateway['gateway']))) { $gw = $gateway['gateway']; break; } @@ -1038,14 +1120,14 @@ function get_interface_gateway_v6($interface, &$dynamic = false) { // for dynamic interfaces we handle them through the $interface_router file. if (($gw == NULL || !is_ipaddrv6($gw)) && !is_ipaddrv6($gwcfg['ipaddrv6'])) { - $realif = get_real_interface($interface); - if (file_exists("{$g['tmp_path']}/{$realif}_routerv6")) { - $gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_routerv6"), " \n"); - $dynamic = true; - } - if (file_exists("{$g['tmp_path']}/{$realif}_defaultgwv6")) - $dynamic = "default"; - + $realif = get_real_interface($interface); + if (file_exists("{$g['tmp_path']}/{$realif}_routerv6")) { + $gw = trim(file_get_contents("{$g['tmp_path']}/{$realif}_routerv6"), " \n"); + $dynamic = true; + } + if (file_exists("{$g['tmp_path']}/{$realif}_defaultgwv6")) { + $dynamic = "default"; + } } /* return gateway */ return ($gw); @@ -1059,29 +1141,37 @@ function validate_address_family($ipaddr, $gwname) { $v4gw = false; $v6gw = false; - if(is_ipaddrv4($ipaddr)) + if (is_ipaddrv4($ipaddr)) { $v4ip = true; - if(is_ipaddrv6($ipaddr)) + } + if (is_ipaddrv6($ipaddr)) { $v6ip = true; - if(is_ipaddrv4($gwname)) + } + if (is_ipaddrv4($gwname)) { $v4gw = true; - if(is_ipaddrv6($gwname)) + } + if (is_ipaddrv6($gwname)) { $v6gw = true; + } - if($v4ip && $v4gw) + if ($v4ip && $v4gw) { return true; - if($v6ip && $v6gw) + } + if ($v6ip && $v6gw) { return true; + } /* still no match, carry on, lookup gateways */ - if(is_ipaddrv4(lookup_gateway_ip_by_name($gwname))) + if (is_ipaddrv4(lookup_gateway_ip_by_name($gwname))) { $v4gw = true; - if(is_ipaddrv6(lookup_gateway_ip_by_name($gwname))) + } + if (is_ipaddrv6(lookup_gateway_ip_by_name($gwname))) { $v6gw = true; + } $gw_array = return_gateways_array(); - if(is_array($gw_array[$gwname])) { - switch($gw_array[$gwname]['ipprotocol']) { + if (is_array($gw_array[$gwname])) { + switch ($gw_array[$gwname]['ipprotocol']) { case "inet": $v4gw = true; break; @@ -1091,10 +1181,12 @@ function validate_address_family($ipaddr, $gwname) { } } - if($v4ip && $v4gw) + if ($v4ip && $v4gw) { return true; - if($v6ip && $v6gw) + } + if ($v6ip && $v6gw) { return true; + } return false; } @@ -1103,15 +1195,16 @@ function validate_address_family($ipaddr, $gwname) { function interface_gateway_group_member($interface) { global $config; - if (is_array($config['gateways']['gateway_group'])) + if (is_array($config['gateways']['gateway_group'])) { $groups = $config['gateways']['gateway_group']; - else + } else { return false; + } $gateways_arr = return_gateways_array(false, true); - foreach($groups as $group) { - if(is_array($group['item'])) { - foreach($group['item'] as $item) { + foreach ($groups as $group) { + if (is_array($group['item'])) { + foreach ($group['item'] as $item) { $elements = explode("|", $item); $gwname = $elements[0]; if ($interface == $gateways_arr[$gwname]['interface']) { @@ -1129,19 +1222,21 @@ function interface_gateway_group_member($interface) { function gateway_is_gwgroup_member($name) { global $config; - if (is_array($config['gateways']['gateway_group'])) + if (is_array($config['gateways']['gateway_group'])) { $groups = $config['gateways']['gateway_group']; - else + } else { return false; + } $members = array(); - foreach($groups as $group) { + foreach ($groups as $group) { if (is_array($group['item'])) { - foreach($group['item'] as $item) { + foreach ($group['item'] as $item) { $elements = explode("|", $item); $gwname = $elements[0]; - if ($name == $elements[0]) + if ($name == $elements[0]) { $members[] = $group['name']; + } } } } |