diff options
-rwxr-xr-x | sbin/dhclient-script | 8 | ||||
-rwxr-xr-x | tmp/post_upgrade_command.php | 13 | ||||
-rwxr-xr-x | usr/local/bin/3gstats.php | 6 | ||||
-rwxr-xr-x | usr/local/bin/beep.sh | 32 | ||||
-rw-r--r-- | usr/local/bin/captiveportal_gather_stats.php | 70 | ||||
-rwxr-xr-x | usr/local/bin/easyrule | 35 | ||||
-rwxr-xr-x | usr/local/bin/filterparser.php | 6 | ||||
-rwxr-xr-x | usr/local/bin/mail.php | 9 | ||||
-rwxr-xr-x | usr/local/bin/ping_hosts.sh | 6 | ||||
-rw-r--r-- | usr/local/captiveportal/index.php | 31 | ||||
-rw-r--r-- | usr/local/captiveportal/radius_accounting.inc | 40 | ||||
-rw-r--r-- | usr/local/captiveportal/radius_authentication.inc | 40 | ||||
-rw-r--r-- | usr/local/pkg/miniupnpd.inc | 171 | ||||
-rw-r--r-- | usr/local/pkg/miniupnpd.xml | 10 | ||||
-rwxr-xr-x | usr/local/sbin/WipePackages.php | 12 | ||||
-rw-r--r-- | usr/local/sbin/gmirror_status_check.php | 15 | ||||
-rwxr-xr-x | usr/local/sbin/openvpn.attributes.sh | 2 | ||||
-rwxr-xr-x | usr/local/sbin/ovpn-linkup | 2 | ||||
-rwxr-xr-x | usr/local/sbin/pfSsh.php | 176 | ||||
-rw-r--r-- | usr/local/sbin/prefixes.php | 27 | ||||
-rwxr-xr-x | usr/local/sbin/show_filter_reload_status.php | 30 |
21 files changed, 402 insertions, 339 deletions
diff --git a/sbin/dhclient-script b/sbin/dhclient-script index 3ce2b24..9d71aaf 100755 --- a/sbin/dhclient-script +++ b/sbin/dhclient-script @@ -187,7 +187,7 @@ delete_old_routes() { while [ $# -gt 1 ]; do $ROUTE delete "$1" "$2" shift; shift - /bin/rm -f /tmp/${interface}_router + /bin/rm -f /tmp/${interface}_router done fi @@ -236,7 +236,7 @@ add_new_routes() { else $ROUTE add default $router echo $ROUTE add default $router | $LOGGER - echo $router > /tmp/${interface}_router + echo $router > /tmp/${interface}_router fi ADDED_ROUTE=yes # 2nd and subsequent default routers error out, so explicitly @@ -251,7 +251,7 @@ add_new_routes() { while [ $# -gt 1 ]; do $ROUTE add $1 $2 if [ "$ADDED_ROUTE" = "no" ]; then - echo $2 > /tmp/${interface}_router + echo $2 > /tmp/${interface}_router fi shift; shift done @@ -266,7 +266,7 @@ add_new_resolv_conf() { $ROUTE delete $nameserver >/dev/null 2>&1 done fi - if [ -n "$new_domain_name_servers" ]; then + if [ -n "$new_domain_name_servers" ]; then /bin/rm -f /var/etc/nameserver_$interface ALLOWOVERRIDE=`/usr/bin/grep dnsallowoverride /conf/config.xml | /usr/bin/wc -l` for nameserver in $new_domain_name_servers; do diff --git a/tmp/post_upgrade_command.php b/tmp/post_upgrade_command.php index a33dbb6..c2b6901 100755 --- a/tmp/post_upgrade_command.php +++ b/tmp/post_upgrade_command.php @@ -6,18 +6,21 @@ require_once("config.inc"); require_once("functions.inc"); - if(file_exists("/usr/local/bin/git") && isset($config['system']['gitsync']['synconupgrade'])) { - if(!empty($config['system']['gitsync']['repositoryurl'])) + if (file_exists("/usr/local/bin/git") && isset($config['system']['gitsync']['synconupgrade'])) { + if (!empty($config['system']['gitsync']['repositoryurl'])) { exec("cd /root/pfsense/pfSenseGITREPO/pfSenseGITREPO && git config remote.origin.url " . escapeshellarg($config['system']['gitsync']['repositoryurl'])); - if(!empty($config['system']['gitsync']['branch'])) + } + if (!empty($config['system']['gitsync']['branch'])) { system("pfSsh.php playback gitsync " . escapeshellarg($config['system']['gitsync']['branch']) . " --upgrading"); + } } $newslicedir = ""; - if (isset($argv[1]) && $argv[1] != "") + if (isset($argv[1]) && $argv[1] != "") { $newslicedir = '/tmp/' . $argv[1]; + } - if($g['enableserial_force'] || file_exists("{$newslicedir}/enableserial_force")) { + if ($g['enableserial_force'] || file_exists("{$newslicedir}/enableserial_force")) { $config['system']['enableserial'] = true; write_config(); } diff --git a/usr/local/bin/3gstats.php b/usr/local/bin/3gstats.php index a8a8fec..daf0500 100755 --- a/usr/local/bin/3gstats.php +++ b/usr/local/bin/3gstats.php @@ -35,7 +35,7 @@ $record['bwdownstream'] = 0; $record['simstate'] = 0; $record['service'] = 0; -while(true) { +while (true) { $string = ""; $string = fgets($handle, 256); @@ -44,7 +44,7 @@ while(true) { $elements[0] = trim($elements[0]); $elements[1] = trim($elements[1]); - switch($elements[0]) { + switch ($elements[0]) { case "^MODE": $record['mode'] = $elements[1]; break; @@ -70,7 +70,7 @@ while(true) { break; } - if($i > 10) { + if ($i > 10) { $csv = $header; $csv .= implode(",", $record); $csv .= "\n"; diff --git a/usr/local/bin/beep.sh b/usr/local/bin/beep.sh index 29a918c..ed9382d 100755 --- a/usr/local/bin/beep.sh +++ b/usr/local/bin/beep.sh @@ -17,7 +17,7 @@ if [ -f /var/log/dmesg.boot ]; then fi fi -# Check for different HZ +# Check for different HZ if [ -f /boot/loader.conf ]; then HZ=`/usr/bin/grep -c kern.hz /boot/loader.conf` if [ "$HZ" = "1" ]; then @@ -25,19 +25,19 @@ if [ -f /boot/loader.conf ]; then fi fi -if [ -c "/dev/speaker" ]; then - if [ "$1" = "start" ]; then - /usr/local/bin/beep -p 500 $NOTELENGTH - /usr/local/bin/beep -p 400 $NOTELENGTH - /usr/local/bin/beep -p 600 $NOTELENGTH - /usr/local/bin/beep -p 800 $NOTELENGTH - /usr/local/bin/beep -p 800 $NOTELENGTH - fi - if [ "$1" = "stop" ]; then - /usr/local/bin/beep -p 600 $NOTELENGTH - /usr/local/bin/beep -p 800 $NOTELENGTH - /usr/local/bin/beep -p 500 $NOTELENGTH - /usr/local/bin/beep -p 400 $NOTELENGTH - /usr/local/bin/beep -p 400 $NOTELENGTH - fi +if [ -c "/dev/speaker" ]; then + if [ "$1" = "start" ]; then + /usr/local/bin/beep -p 500 $NOTELENGTH + /usr/local/bin/beep -p 400 $NOTELENGTH + /usr/local/bin/beep -p 600 $NOTELENGTH + /usr/local/bin/beep -p 800 $NOTELENGTH + /usr/local/bin/beep -p 800 $NOTELENGTH + fi + if [ "$1" = "stop" ]; then + /usr/local/bin/beep -p 600 $NOTELENGTH + /usr/local/bin/beep -p 800 $NOTELENGTH + /usr/local/bin/beep -p 500 $NOTELENGTH + /usr/local/bin/beep -p 400 $NOTELENGTH + /usr/local/bin/beep -p 400 $NOTELENGTH + fi fi diff --git a/usr/local/bin/captiveportal_gather_stats.php b/usr/local/bin/captiveportal_gather_stats.php index c076636..11cb2b9 100644 --- a/usr/local/bin/captiveportal_gather_stats.php +++ b/usr/local/bin/captiveportal_gather_stats.php @@ -2,31 +2,31 @@ <?php /* $Id$ */ /* - captiveportal_gather_stats.php - Copyright (C) 2011 Warren Baker - Copyright (C) 2013-2015 Electric Sheep Fencing, LP - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + captiveportal_gather_stats.php + Copyright (C) 2011 Warren Baker + Copyright (C) 2013-2015 Electric Sheep Fencing, LP + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("functions.inc"); @@ -51,8 +51,9 @@ $current_user_count = 0; /* tmp file to use to store old data (per interface)*/ $tmpfile = "{$g['vardb_path']}/captiveportal_online_users"; -if(empty($type)) +if (empty($type)) { exit; +} /* echo the rrd required syntax */ echo "N:"; @@ -68,22 +69,24 @@ if ($type == "loggedin") { if ($fd) { while (!feof($fd)) { $line = trim(fgets($fd)); - if($line) + if ($line) { $previous_user_timestamp = $line; - else + } else { $previous_user_timestamp = 0; + } } } else { $previous_user_timestamp = 0; } @fclose($fd); - foreach($cpdb as $user) { + foreach ($cpdb as $user) { $user_ip = $user[2]; // Record the timestamp $timestamp = $user[0]; - if ($timestamp > $previous_user_timestamp) + if ($timestamp > $previous_user_timestamp) { $current_user_count = $current_user_count + 1; + } } // Write out the latest timestamp but not if it is empty @@ -98,13 +101,14 @@ if ($type == "loggedin") { /* If $timestamp is less than or equal to previous_user_timestamp return 0, * as we only want the 'X' number of users logged in since last RRD poll. */ - if($timestamp <= $previous_user_timestamp) + if ($timestamp <= $previous_user_timestamp) { $result = 0; - else { + } else { $result = $current_user_count; } -} elseif ($type == "concurrent") +} elseif ($type == "concurrent") { $result = $no_users; +} echo "$result"; diff --git a/usr/local/bin/easyrule b/usr/local/bin/easyrule index 9850aee..f00a7cb 100755 --- a/usr/local/bin/easyrule +++ b/usr/local/bin/easyrule @@ -10,11 +10,11 @@ modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY @@ -50,29 +50,32 @@ function pconfig_to_address(&$adr, $padr, $pmask, $pnot=false, $pbeginport=0, $p $adr = array(); - if ($padr == "any") + if ($padr == "any") { $adr['any'] = true; - else if (is_specialnet($padr)) + } else if (is_specialnet($padr)) { $adr['network'] = $padr; - else { + } else { $adr['address'] = $padr; - if ($pmask != 32) + if ($pmask != 32) { $adr['address'] .= "/" . $pmask; + } } - if ($pnot) + if ($pnot) { $adr['not'] = true; - else + } else { unset($adr['not']); + } if (($pbeginport != 0) && ($pbeginport != "any")) { - if ($pbeginport != $pendport) + if ($pbeginport != $pendport) { $adr['port'] = $pbeginport . "-" . $pendport; - else + } else { $adr['port'] = $pbeginport; + } } - if(is_alias($pbeginport)) { + if (is_alias($pbeginport)) { $adr['port'] = $pbeginport; } } @@ -81,12 +84,14 @@ function pconfig_to_address(&$adr, $padr, $pmask, $pnot=false, $pbeginport=0, $p function is_specialnet($net) { global $specialsrcdst; - if(!$net) + if (!$net) { return false; - if (in_array($net, $specialsrcdst)) + } + if (in_array($net, $specialsrcdst)) { return true; - else + } else { return false; + } } diff --git a/usr/local/bin/filterparser.php b/usr/local/bin/filterparser.php index da1f98e..bec8016 100755 --- a/usr/local/bin/filterparser.php +++ b/usr/local/bin/filterparser.php @@ -31,8 +31,8 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - A quick CLI log parser. - Examples: + A quick CLI log parser. + Examples: clog /var/log/filter.log | tail -50 | /usr/local/www/filterparser.php clog -f /var/log/filter.log | /usr/local/www/filterparser.php */ @@ -45,7 +45,7 @@ include_once("filter_log.inc"); $log = fopen("php://stdin", "r"); $lastline = ""; -while(!feof($log)) { +while (!feof($log)) { $line = fgets($log); $line = rtrim($line); $flent = parse_filter_line(trim($line)); diff --git a/usr/local/bin/mail.php b/usr/local/bin/mail.php index a09f5c6..1e62b81 100755 --- a/usr/local/bin/mail.php +++ b/usr/local/bin/mail.php @@ -7,18 +7,19 @@ $options = getopt("s::"); $message = ""; -if($options['s'] <> "") { +if ($options['s'] <> "") { $subject = $options['s']; } $in = file("php://stdin"); -foreach($in as $line){ +foreach ($in as $line){ $message .= "$line"; } -if (!empty($subject)) +if (!empty($subject)) { send_smtp_message($message, $subject); -else +} else { send_smtp_message($message); +} ?>
\ No newline at end of file diff --git a/usr/local/bin/ping_hosts.sh b/usr/local/bin/ping_hosts.sh index d584dd1..eef64f3 100755 --- a/usr/local/bin/ping_hosts.sh +++ b/usr/local/bin/ping_hosts.sh @@ -5,9 +5,9 @@ # (C)2006 Scott Ullrich # All rights reserved. -# Format of file should be deliminted by | -# Field 1: Source ip -# Field 2: Destination ip +# Format of file should be delimited by | +# Field 1: Source IP +# Field 2: Destination IP # Field 3: Ping count # Field 4: Script to run when service is down # Field 5: Script to run once service is restored diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 19b35d7..357537f 100644 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -83,12 +83,13 @@ if ($orig_host != $ourhostname) { return; } -if (!empty($cpcfg['redirurl'])) +if (!empty($cpcfg['redirurl'])) { $redirurl = $cpcfg['redirurl']; -else if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) +} else if (preg_match("/redirurl=(.*)/", $orig_request, $matches)) { $redirurl = urldecode($matches[1]); -else if ($_REQUEST['redirurl']) +} else if ($_REQUEST['redirurl']) { $redirurl = $_REQUEST['redirurl']; +} $macfilter = !isset($cpcfg['nomacfilter']); $passthrumac = isset($cpcfg['passthrumacadd']); @@ -111,14 +112,16 @@ if ($macfilter || $passthrumac) { /* find out if we need RADIUS + RADIUSMAC or not */ if (file_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db")) { $radius_enable = TRUE; - if (isset($cpcfg['radmac_enable'])) + if (isset($cpcfg['radmac_enable'])) { $radmac_enable = TRUE; + } } /* find radius context */ $radiusctx = 'first'; -if ($_POST['auth_user2']) +if ($_POST['auth_user2']) { $radiusctx = 'second'; +} if ($_POST['logout_id']) { echo <<<EOD @@ -141,10 +144,11 @@ EOD; } else if ($macfilter && $clientmac && captiveportal_blocked_mac($clientmac)) { captiveportal_logportalauth($clientmac,$clientmac,$clientip,"Blocked MAC address"); - if (!empty($cpcfg['blockedmacsurl'])) + if (!empty($cpcfg['blockedmacsurl'])) { portal_reply_page($cpcfg['blockedmacsurl'], "redir"); - else + } else { portal_reply_page($redirurl, "error", "This MAC address has been blocked"); + } } else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip, $radiusctx)) { /* radius functions handle everything so we exit here since we're done */ @@ -203,12 +207,13 @@ EOD; portal_reply_page($redirurl, $type, $auth_list['reply_message'] ? $auth_list['reply_message'] : $errormsg); } } else { - if (!empty($_POST['auth_user'])) + if (!empty($_POST['auth_user'])) { $user = $_POST['auth_user']; - else if (!empty($_POST['auth_user2'])) + } else if (!empty($_POST['auth_user2'])) { $user = $_POST['auth_user2']; - else + } else { $user = 'unknown'; + } captiveportal_logportalauth($user ,$clientmac,$clientip,"ERROR"); portal_reply_page($redirurl, "error", $errormsg); } @@ -218,8 +223,9 @@ EOD; //check against local user manager $loginok = local_backed($_POST['auth_user'], $_POST['auth_pass']); - if ($loginok && isset($cpcfg['localauth_priv'])) + if ($loginok && isset($cpcfg['localauth_priv'])) { $loginok = userHasPrivilege(getUserEntry($_POST['auth_user']), "user-services-captiveportal-login"); + } if ($loginok){ captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"LOGIN"); @@ -228,8 +234,9 @@ EOD; captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"FAILURE"); portal_reply_page($redirurl, "error", $errormsg); } - } else + } else { portal_reply_page($redirurl, "error", $errormsg); + } } else if ($_POST['accept'] && $clientip && $cpcfg['auth_method'] == "none") { captiveportal_logportalauth("unauthenticated",$clientmac,$clientip,"ACCEPT"); diff --git a/usr/local/captiveportal/radius_accounting.inc b/usr/local/captiveportal/radius_accounting.inc index ed072cf..b583429 100644 --- a/usr/local/captiveportal/radius_accounting.inc +++ b/usr/local/captiveportal/radius_accounting.inc @@ -7,30 +7,30 @@ Copyright (c) 2006, Jonathan De Graeve <jonathan.de.graeve@imelda.be> All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - 3. The names of the authors may not be used to endorse or promote products + 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND - ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY - OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - This code cannot simply be copied and put under the GNU Public License or + This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. This code is made possible thx to samples made by Michael Bretterklieber <michael@bretterklieber.com> @@ -45,7 +45,7 @@ define('GIGAWORDS_RIGHT_OPERAND', '4294967296'); // 2^32 /* -RADIUS ACCOUNTING START +RADIUS ACCOUNTING START ----------------------- */ @@ -202,9 +202,9 @@ function RADIUS_ACCOUNTING_STOP($ruleno,$username,$sessionid,$start_time,$radius $racct = new Auth_RADIUS_Acct_Stop; /* - Add support for more then one radiusserver. - At most 10 servers may be specified. - When multiple servers are given, they are tried in round-robin fashion until a valid response is received + Add support for more then one radiusserver. + At most 10 servers may be specified. + When multiple servers are given, they are tried in round-robin fashion until a valid response is received */ foreach ($radiusservers as $radsrv) { // Add a new server to our instance diff --git a/usr/local/captiveportal/radius_authentication.inc b/usr/local/captiveportal/radius_authentication.inc index 5f24506..9938e24 100644 --- a/usr/local/captiveportal/radius_authentication.inc +++ b/usr/local/captiveportal/radius_authentication.inc @@ -6,30 +6,30 @@ Copyright (c) 2006, Jonathan De Graeve <jonathan.de.graeve@imelda.be> All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright + 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - 3. The names of the authors may not be used to endorse or promote products + 3. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND - ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY - OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - This code cannot simply be copied and put under the GNU Public License or + This code cannot simply be copied and put under the GNU Public License or any other GPL-like (LGPL, GPL2) License. This code is made possible thx to samples made by Michael Bretterklieber <michael@bretterklieber.com> @@ -80,9 +80,9 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli $rauth = new $classname($username, $password); /* - * Add support for more then one radiusserver. - * At most 10 servers may be specified. - * When multiple servers are given, they are tried in round-robin fashion until a valid response is received + * Add support for more then one radiusserver. + * At most 10 servers may be specified. + * When multiple servers are given, they are tried in round-robin fashion until a valid response is received */ foreach ($radiusservers as $radsrv) { // Add a new server to our instance @@ -126,7 +126,7 @@ function RADIUS_AUTHENTICATION($username,$password,$radiusservers,$clientip,$cli if (PEAR::isError($rauth->start())) { $retvalue['auth_val'] = 1; - $retvalue['error'] = $rauth->getError(); + $retvalue['error'] = $rauth->getError(); // If we encounter an error immediately stop this function and go back $rauth->close(); diff --git a/usr/local/pkg/miniupnpd.inc b/usr/local/pkg/miniupnpd.inc index 34fab47..0c816a1 100644 --- a/usr/local/pkg/miniupnpd.inc +++ b/usr/local/pkg/miniupnpd.inc @@ -8,18 +8,24 @@ /* MiniUPnPd */ - function upnp_notice ($msg) { log_error("miniupnpd: {$msg}"); } - function upnp_warn ($msg) { log_error("miniupnpd: {$msg}"); } + function upnp_notice($msg) { + log_error("miniupnpd: {$msg}"); + } + + function upnp_warn($msg) { + log_error("miniupnpd: {$msg}"); + } function upnp_running () { - if((int)exec('/bin/pgrep -a miniupnpd | /usr/bin/wc -l') > 0) + if ((int)exec('/bin/pgrep -a miniupnpd | /usr/bin/wc -l') > 0) { return true; + } return false; } function upnp_write_config($file, $text) { $handle = fopen($file, 'w'); - if(!$handle) { + if (!$handle) { upnp_warn("Could not open {$file} for writing."); return; } @@ -45,30 +51,37 @@ } function upnp_validate_ip($ip, $check_cdir) { - /* validate cidr */ + /* validate cidr */ $ip_array = array(); - if($check_cdir) { + if ($check_cdir) { $ip_array = explode('/', $ip); - if(count($ip_array) == 2) { - if($ip_array[1] < 1 || $ip_array[1] > 32) + if (count($ip_array) == 2) { + if ($ip_array[1] < 1 || $ip_array[1] > 32) { return false; - } else - if(count($ip_array) != 1) + } + } else { + if (count($ip_array) != 1) { return false; - } else + } + } + } else { $ip_array[] = $ip; + } /* validate ip */ - if (!is_ipaddr($ip_array[0])) + if (!is_ipaddr($ip_array[0])) { return false; + } return true; } function upnp_validate_port($port) { - foreach(explode('-', $port) as $sub) - if($sub < 0 || $sub > 65535) + foreach (explode('-', $port) as $sub) { + if ($sub < 0 || $sub > 65535) { return false; - return true; + } + } + return true; } function before_form_miniupnpd(&$pkg) { @@ -77,48 +90,58 @@ } function validate_form_miniupnpd($post, &$input_errors) { - if($post['enable'] && (!$post['enable_upnp'] && !$post['enable_natpmp'])) + if ($post['enable'] && (!$post['enable_upnp'] && !$post['enable_natpmp'])) { $input_errors[] = 'At least one of \'UPnP\' or \'NAT-PMP\' must be allowed'; - if($post['iface_array']) - foreach($post['iface_array'] as $iface) { - if($iface == 'wan') + } + if ($post['iface_array']) { + foreach ($post['iface_array'] as $iface) { + if ($iface == 'wan') { $input_errors[] = 'It is a security risk to specify WAN in the \'Interface\' field'; - elseif ($iface == $post['ext_iface']) + } elseif ($iface == $post['ext_iface']) { $input_errors[] = 'You cannot select the external interface as an internal interface.'; + } } - if($post['overridewanip'] && !upnp_validate_ip($post['overridewanip'],false)) + } + if ($post['overridewanip'] && !upnp_validate_ip($post['overridewanip'],false)) { $input_errors[] = 'You must specify a valid ip address in the \'Override WAN address\' field'; - if(($post['download'] && !$post['upload']) || ($post['upload'] && !$post['download'])) + } + if (($post['download'] && !$post['upload']) || ($post['upload'] && !$post['download'])) { $input_errors[] = 'You must fill in both \'Maximum Download Speed\' and \'Maximum Upload Speed\' fields'; - if($post['download'] && $post['download'] <= 0) + } + if ($post['download'] && $post['download'] <= 0) { $input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Download Speed\' field'; - if($post['upload'] && $post['upload'] <= 0) + } + if ($post['upload'] && $post['upload'] <= 0) { $input_errors[] = 'You must specify a value greater than 0 in the \'Maximum Upload Speed\' field'; - if($post['upnpqueue'] && !upnp_validate_queue($post['upnpqueue'])) + } + if ($post['upnpqueue'] && !upnp_validate_queue($post['upnpqueue'])) { $input_errors[] = 'You must specify a valid traffic shaping queue.'; + } /* user permissions validation */ $j = substr_count(implode(array_keys($post)), "permuser"); for ($i=0; $i<$j; $i++){ - if($post["permuser{$i}"]) { + if ($post["permuser{$i}"]) { $perm = explode(' ',$post["permuser{$i}"]); /* should explode to 4 args */ - if(count($perm) != 4) { + if (count($perm) != 4) { $input_errors[] = "You must follow the specified format in the 'User specified permissions {$i}' field"; } else { /* must with allow or deny */ - if(!($perm[0] == 'allow' || $perm[0] == 'deny')) + if (!($perm[0] == 'allow' || $perm[0] == 'deny')) { $input_errors[] = "You must begin with allow or deny in the 'User specified permissions {$i}' field"; + } /* verify port or port range */ - if(!upnp_validate_port($perm[1]) || !upnp_validate_port($perm[3])) - $input_errors[] = "You must specify a port or port range between 0 and 65535 in the 'User specified - permissions {$i}' field"; + if (!upnp_validate_port($perm[1]) || !upnp_validate_port($perm[3])) { + $input_errors[] = "You must specify a port or port range between 0 and 65535 in the 'User specified permissions {$i}' field"; + } /* verify ip address */ - if(!upnp_validate_ip($perm[2],true)) + if (!upnp_validate_ip($perm[2],true)) { $input_errors[] = "You must specify a valid ip address in the 'User specified permissions {$i}' field"; + } } } - } + } } function sync_package_miniupnpd() { @@ -128,13 +151,13 @@ $upnp_config = $config['installedpackages']['miniupnpd']['config'][0]; $config_file = '/var/etc/miniupnpd.conf'; - if (!isset($upnp_config['ext_iface']) || empty($upnp_config['ext_iface'])) + if (!isset($upnp_config['ext_iface']) || empty($upnp_config['ext_iface'])) { $ext_ifname = get_real_interface(); - else { + } else { $if = convert_friendly_interface_to_real_interface_name($upnp_config['ext_iface']); - if ($if != $upnp_config['ext_iface']) + if ($if != $upnp_config['ext_iface']) { $ext_ifname = $if; - else { + } else { $ext_ifname = get_real_interface(); upnp_warn("Could not resolve real interface for {$upnp_config['ext_iface']}, defaulting to WAN"); } @@ -145,60 +168,68 @@ $ifaces_active = ''; - /* since config is written before this file invoked we don't need to read post data */ - if($upnp_config['enable'] && !empty($upnp_config['iface_array'])) { + /* since config is written before this file is invoked we don't need to read post data */ + if ($upnp_config['enable'] && !empty($upnp_config['iface_array'])) { $iface_array = explode(',', $upnp_config['iface_array']); - foreach($iface_array as $iface) { + foreach ($iface_array as $iface) { /* Setting the same internal and external interface is not allowed. */ - if ($iface == $upnp_config['ext_iface']) + if ($iface == $upnp_config['ext_iface']) { continue; + } $if = convert_friendly_interface_to_real_interface_name($iface); /* above function returns iface if fail */ - if($if!=$iface) { + if ($if!=$iface) { $addr = find_interface_ip($if); $bits = find_interface_subnet($if); /* check that the interface has an ip address before adding parameters */ if (is_ipaddr($addr)) { $config_text .= "listening_ip={$if}\n"; - if(!$ifaces_active) { + if (!$ifaces_active) { $webgui_ip = $addr; $ifaces_active = $iface; - } else + } else { $ifaces_active .= ", {$iface}"; - } else + } + } else { upnp_warn("Interface {$iface} has no ip address, ignoring"); - } else + } + } else { upnp_warn("Could not resolve real interface for {$iface}"); + } } if (!empty($ifaces_active)) { /* override wan ip address, common for carp, etc */ - if($upnp_config['overridewanip']) + if ($upnp_config['overridewanip']) { $config_text .= "ext_ip={$upnp_config['overridewanip']}\n"; + } $download = $upnp_config['download']*1000; $upload = $upnp_config['upload']*1000; /* set upload and download bitrates */ - if(!empty($download) && !empty($upload)) { + if (!empty($download) && !empty($upload)) { $config_text .= "bitrate_down={$download}\n"; $config_text .= "bitrate_up={$upload}\n"; } - + /* enable logging of packets handled by miniupnpd rules */ - if($upnp_config['logpackets']) + if ($upnp_config['logpackets']) { $config_text .= "packet_log=yes\n"; - + } + /* enable system uptime instead of miniupnpd uptime */ - if($upnp_config['sysuptime']) + if ($upnp_config['sysuptime']) { $config_text .= "system_uptime=yes\n"; + } /* set webgui url */ - if(!empty($config['system']['webgui']['protocol'])) { + if (!empty($config['system']['webgui']['protocol'])) { $config_text .= "presentation_url={$config['system']['webgui']['protocol']}://{$webgui_ip}"; - if(!empty($config['system']['webgui']['port'])) + if (!empty($config['system']['webgui']['port'])) { $config_text .= ":{$config['system']['webgui']['port']}"; + } $config_text .= "/\n"; } @@ -208,23 +239,27 @@ /* set model number */ $config_text .= "model_number=".file_get_contents("/etc/version")."\n"; - + /* upnp access restrictions */ foreach($upnp_config['row'] as $row){ - if($row['permuser']) + if($row['permuser']) { $config_text .= "{$row["permuser"]}\n"; + } } - if($upnp_config['permdefault']) + if ($upnp_config['permdefault']) { $config_text .= "deny 0-65535 0.0.0.0/0 0-65535\n"; + } /* Recheck if queue is valid */ - if (!upnp_validate_queue($upnp_config['upnpqueue'])) + if (!upnp_validate_queue($upnp_config['upnpqueue'])) { unset($upnp_config['upnpqueue']); + } /* Add shaper queue */ - if($upnp_config['upnpqueue']) + if($upnp_config['upnpqueue']) { $config_text .= "queue={$upnp_config['upnpqueue']}\n"; + } /* Allow UPnP or NAT-PMP as requested */ $config_text .= "enable_upnp=" . ( $upnp_config['enable_upnp'] ? "yes\n" : "no\n" ); @@ -232,14 +267,13 @@ /* write out the configuration */ upnp_write_config($config_file, $config_text); - + /* if miniupnpd not running start it */ - if(!upnp_running()) { + if (!upnp_running()) { upnp_notice("Starting service on interface: {$ifaces_active}"); - upnp_action('start'); - } - /* or restart miniupnpd if settings were changed */ - else { + upnp_action('start'); + } else { + /* restart miniupnpd if settings were changed */ upnp_notice("Restarting service on interface: {$ifaces_active}"); upnp_action('restart'); } @@ -249,10 +283,11 @@ /* lets stop the service and remove the rc file */ if (file_exists($config_file)) { - if(!$upnp_config['enable']) + if (!$upnp_config['enable']) { upnp_notice('Stopping service: miniupnpd disabled'); - else - upnp_notice('Stopping service: no interfaces selected'); + } else { + upnp_notice('Stopping service: no interfaces selected'); + } upnp_action('stop'); @unlink($config_file); diff --git a/usr/local/pkg/miniupnpd.xml b/usr/local/pkg/miniupnpd.xml index c26587b..e15bbd7 100644 --- a/usr/local/pkg/miniupnpd.xml +++ b/usr/local/pkg/miniupnpd.xml @@ -13,13 +13,13 @@ </menu> <additional_files_needed> <item>https://packages.pfsense.org/packages/config/miniupnpd/miniupnpd.inc</item> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> <item>https://packages.pfsense.org/packages/config/miniupnpd/status_upnp.php</item> - <prefix>/usr/local/www/</prefix> - <chmod>0755</chmod> + <prefix>/usr/local/www/</prefix> + <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/sbin/</prefix> @@ -42,7 +42,7 @@ <fieldname>enable</fieldname> <type>checkbox</type> <enablefields>enable_upnp,enable_natpmp,ext_iface,iface_array,download,upload,overridewanip,upnpqueue,logpackets,sysuptime,permdefault</enablefields> - </field> + </field> <field> <fielddescr>Allow UPnP Port Mapping</fielddescr> <fieldname>enable_upnp</fieldname> diff --git a/usr/local/sbin/WipePackages.php b/usr/local/sbin/WipePackages.php index d802521..44f24bf 100755 --- a/usr/local/sbin/WipePackages.php +++ b/usr/local/sbin/WipePackages.php @@ -30,7 +30,7 @@ POSSIBILITY OF SUCH DAMAGE. */ -if(!function_exists("readline")) { +if (!function_exists("readline")) { echo "\nThis script requires the readline() libary which is not present on this system."; echo "\n\nSorry, but we cannot continue.\n"; die("Need readline() library"); @@ -42,23 +42,23 @@ require("config.inc"); echo "\nThis script will wipe all installed packages off of your pfSense installation.\n"; $command = readline("\nAre you sure you would like to continue [y/N]? "); -if(strtoupper($command) == "Y" || strtoupper($command) == "YES") { +if (strtoupper($command) == "Y" || strtoupper($command) == "YES") { $rmconfig = readline("\nWould you like to remove all package configuration information as well [y/N]? "); echo "\n\nStarting package wipe... One moment please... "; exec("cd /var/db/pkg/ && find . -exec 'pkg_delete {}' \; "); exec("rm -rf /var/db/pkg/*"); - - if(strtoupper($rmconfig) == "Y" || strtoupper($rmconfig) == "YES") { + + if (strtoupper($rmconfig) == "Y" || strtoupper($rmconfig) == "YES") { echo "\nRemoving pfSense package configuration information..."; - if($config['installedpackages']['package']) { + if ($config['installedpackages']['package']) { unset($config['installedpackages']['package']); write_config("Package wipe procedure completed."); } echo "\n"; } - + echo "\npfSense package wipe procedure has completed.\n\n"; } diff --git a/usr/local/sbin/gmirror_status_check.php b/usr/local/sbin/gmirror_status_check.php index d5a55c1..4f73baf 100644 --- a/usr/local/sbin/gmirror_status_check.php +++ b/usr/local/sbin/gmirror_status_check.php @@ -9,11 +9,11 @@ modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY @@ -54,8 +54,9 @@ if (file_exists($status_file)) { sort($previous_mirror_list); if (count($previous_mirror_status) > 0) { // Check list of current mirrors vs old mirrors, notify if one has appeared/disappeared - if ($mirror_list != $previous_mirror_list) + if ($mirror_list != $previous_mirror_list) { $notices[] = sprintf(gettext("List of mirrors changed. Old: (%s) New: (%s)"), implode(", ", $previous_mirror_list), implode(", ", $mirror_list)); + } // For each mirror, check the mirror status, notify if changed foreach ($mirror_list as $mirror) { @@ -73,11 +74,12 @@ if (file_exists($status_file)) { // Check the drive status as it may be different. asort($mirror_status[$mirror]['components']); asort($previous_mirror_status[$mirror]['components']); - if ($mirror_status[$mirror]['components'] != $previous_mirror_status[$mirror]['components']) + if ($mirror_status[$mirror]['components'] != $previous_mirror_status[$mirror]['components']) { $notices[] = sprintf(gettext("Mirror %s drive status changed. Old: (%s) New: (%s)"), $mirror, implode(", ", $previous_mirror_status[$mirror]['components']), implode(", ", $mirror_status[$mirror]['components'])); + } } } } @@ -87,7 +89,8 @@ if (count($notices)) { file_notice("gmirror", implode("\n ", $notices), "GEOM Mirror Status Change", 1); } // Write out current status if changed -if ($mirror_status != $previous_mirror_status) +if ($mirror_status != $previous_mirror_status) { file_put_contents($status_file, serialize($mirror_status)); +} ?> diff --git a/usr/local/sbin/openvpn.attributes.sh b/usr/local/sbin/openvpn.attributes.sh index b88d1df..add8e32 100755 --- a/usr/local/sbin/openvpn.attributes.sh +++ b/usr/local/sbin/openvpn.attributes.sh @@ -8,7 +8,7 @@ if [ "$script_type" = "client-connect" ]; then fi elif [ "$script_type" = "client-disconnect" ]; then command="/sbin/pfctl -a 'openvpn/$common_name' -F rules" - eval $command + eval $command /sbin/pfctl -k $ifconfig_pool_remote_ip /sbin/pfctl -K $ifconfig_pool_remote_ip fi diff --git a/usr/local/sbin/ovpn-linkup b/usr/local/sbin/ovpn-linkup index 7c9817a..1164835 100755 --- a/usr/local/sbin/ovpn-linkup +++ b/usr/local/sbin/ovpn-linkup @@ -16,6 +16,6 @@ if [ "${dev_type}" = "tun" ]; then fi /usr/bin/touch /tmp/${1}up -# reload filter +# reload filter /usr/local/sbin/pfSctl -c "interface newip ${1}" exit 0 diff --git a/usr/local/sbin/pfSsh.php b/usr/local/sbin/pfSsh.php index 16aaa0a..068198f 100755 --- a/usr/local/sbin/pfSsh.php +++ b/usr/local/sbin/pfSsh.php @@ -1,5 +1,5 @@ #!/usr/local/bin/php -f - + <?php require_once("globals.inc"); @@ -11,39 +11,39 @@ echo "."; require_once("util.inc"); echo "."; -$shell_cmds = array("alias", "alloc", "bg", "bind", "bindkey", "break", - "breaksw", "builtins", "case", "cd", "chdir", "command", "complete", "continue", "default", - "dirs", "do", "done", "echo", "echotc", "elif", "else", "end", "endif", "endsw", "esac", "eval", - "exec", "exit", "export", "false", "fc", "fg", "filetest", "fi", "for", "foreach", "getopts", - "glob", "goto", "hash", "hashstat", "history", "hup", "if", "jobid", "jobs", "kill", "limit", - "local", "log", "login", "logout", "ls-F", "nice", "nohup", "notify", "onintr", "popd", - "printenv", "pushd", "pwd", "read", "readonly", "rehash", "repeat", "return", "sched", "set", - "setenv", "settc", "setty", "setvar", "shift", "source", "stop", "suspend", "switch", - "telltc", "test", "then", "time", "trap", "true", "type", "ulimit", "umask", "unalias", - "uncomplete", "unhash", "unlimit", "unset", "unsetenv", "until", "wait", "where", "which", - "while"); +$shell_cmds = array("alias", "alloc", "bg", "bind", "bindkey", "break", + "breaksw", "builtins", "case", "cd", "chdir", "command", "complete", "continue", "default", + "dirs", "do", "done", "echo", "echotc", "elif", "else", "end", "endif", "endsw", "esac", "eval", + "exec", "exit", "export", "false", "fc", "fg", "filetest", "fi", "for", "foreach", "getopts", + "glob", "goto", "hash", "hashstat", "history", "hup", "if", "jobid", "jobs", "kill", "limit", + "local", "log", "login", "logout", "ls-F", "nice", "nohup", "notify", "onintr", "popd", + "printenv", "pushd", "pwd", "read", "readonly", "rehash", "repeat", "return", "sched", "set", + "setenv", "settc", "setty", "setvar", "shift", "source", "stop", "suspend", "switch", + "telltc", "test", "then", "time", "trap", "true", "type", "ulimit", "umask", "unalias", + "uncomplete", "unhash", "unlimit", "unset", "unsetenv", "until", "wait", "where", "which", + "while"); function pipe_cmd($command, $text_to_pipe) { $descriptorspec = array( - 0 => array("pipe", "r"), // stdin - 1 => array("pipe", "w"), // stdout - 2 => array("pipe", "w")); // stderr ?? instead of a file - + 0 => array("pipe", "r"), // stdin + 1 => array("pipe", "w"), // stdout + 2 => array("pipe", "w")); // stderr ?? instead of a file + $fd = proc_open("$command", $descriptorspec, $pipes); if (is_resource($fd)) { - fwrite($pipes[0], "{$text_to_pipe}"); - fclose($pipes[0]); - while($s= fgets($pipes[1], 1024)) { - // read from the pipe - $buffer .= $s; - } - fclose($pipes[1]); - fclose($pipes[2]); + fwrite($pipes[0], "{$text_to_pipe}"); + fclose($pipes[0]); + while ($s= fgets($pipes[1], 1024)) { + // read from the pipe + $buffer .= $s; + } + fclose($pipes[1]); + fclose($pipes[2]); } return $buffer; } -if(!function_exists("readline")) { +if (!function_exists("readline")) { function readline() { $fp = fopen('php://stdin', 'r'); $textinput = chop(fgets($fp)); @@ -53,21 +53,22 @@ if(!function_exists("readline")) { } function more($text, $count=24) { - $counter=0; - $lines = explode("\n", $text); - foreach($lines as $line) { - if($counter > $count) { - echo "Press RETURN to continue ..."; - $fp = fopen('php://stdin', 'r'); - $pressreturn = chop(fgets($fp)); - if($pressreturn == "q" || $pressreturn == "quit") - return; - fclose($fp); - $counter = 0; - } - echo "{$line}\n"; - $counter++; - } + $counter=0; + $lines = explode("\n", $text); + foreach ($lines as $line) { + if ($counter > $count) { + echo "Press RETURN to continue ..."; + $fp = fopen('php://stdin', 'r'); + $pressreturn = chop(fgets($fp)); + if ($pressreturn == "q" || $pressreturn == "quit") { + return; + } + fclose($fp); + $counter = 0; + } + echo "{$line}\n"; + $counter++; + } } function show_help() { @@ -75,7 +76,7 @@ function show_help() { $show_help_text = <<<EOF Enter a series of commands and then execute the set with "exec". - + For example: echo "foo"; // php command echo "foo2"; // php command @@ -95,54 +96,54 @@ $show_help_text = <<<EOF /* to output a configuration array */ print_r(\$config); - + /* to output the interfaces configuration portion of config.xml */ print_r(\$config['interfaces']); - + /* to output the dhcp server configuration */ print_r(\$config['dhcpd']); /* to exit the {$g['product_name']} developer shell */ exit - + /* to output supported wireless modes for an interface */ print_r(get_wireless_modes(\"ath0\")); - + /* to enable SSH */ \$config['system']['enablesshd'] = true; - + /* change OPTX to the OPT interface name such as BACKHAUL */ \$config['interfaces']['optx']['wireless']['standard'] = "11a"; \$config['interfaces']['optx']['wireless']['mode'] = "hostap"; \$config['interfaces']['optx']['wireless']['channel'] = "6"; - + /* to enable dhcp server for an optx interface */ \$config['dhcpd']['optx']['enable'] = true; \$config['dhcpd']['optx']['range']['from'] = "192.168.31.100"; \$config['dhcpd']['optx']['range']['to'] = "192.168.31.150"; - + /* to disable the firewall filter */ \$config['system']['disablefilter'] = true; - + /* to enable an interface and configure it as a DHCP client */ \$config['interfaces']['optx']['disabled'] = false; \$config['interfaces']['optx']['ipaddr'] = "dhcp"; - + /* to enable an interface and set a static IPv4 address */ \$config['interfaces']['wan']['enable'] = true; \$config['interfaces']['wan']['ipaddr'] = "192.168.100.1"; \$config['interfaces']['wan']['subnet'] = "24"; - + /* to save out the new configuration (config.xml) */ write_config(); - + /* to reboot the system after saving */ system_reboot_sync(); - + EOF; more($show_help_text); - + } $fp = fopen('php://stdin', 'r'); @@ -161,16 +162,16 @@ function completion($string, $index) { readline_completion_function("completion"); -if($argc < 2) { +if ($argc < 2) { echo "Welcome to the {$g['product_name']} developer shell\n"; echo "\nType \"help\" to show common usage scenarios.\n"; echo "\nAvailable playback commands:\n "; $files = scandir("/etc/phpshellsessions/"); $tccommands[] = "playback"; - foreach($files as $file) { - if($file <> "." and $file <> "..") { + foreach ($files as $file) { + if ($file <> "." and $file <> "..") { echo $file . " "; - if(function_exists("readline_add_history")) { + if (function_exists("readline_add_history")) { readline_add_history("playback $file"); $tccommands[] = "$file"; } @@ -183,8 +184,8 @@ $recording = false; $playback_file_split = array(); $playbackbuffer = ""; -if($argv[1]=="playback" or $argv[1]=="run") { - if(!file_exists("/etc/phpshellsessions/{$argv[2]}")) { +if ($argv[1]=="playback" or $argv[1]=="run") { + if (!file_exists("/etc/phpshellsessions/{$argv[2]}")) { echo "Could not locate playback file."; exit; } @@ -205,14 +206,14 @@ $tccommands[] = "reset"; $tccommands[] = "master"; $tccommands[] = "RELENG_1_2"; -while($shell_active == true) { +while ($shell_active == true) { $command = readline("{$g['product_name']} shell: "); readline_add_history($command); - $command_split = explode(" ", $command); - $first_command = $command_split[0]; - if($first_command == "playback" || $first_command == "run") { + $command_split = explode(" ", $command); + $first_command = $command_split[0]; + if ($first_command == "playback" || $first_command == "run") { $playback_file = $command_split[1]; - if(!$playback_file || !file_exists("/etc/phpshellsessions/{$playback_file}")) { + if (!$playback_file || !file_exists("/etc/phpshellsessions/{$playback_file}")) { $command = ""; echo "Could not locate playback file.\n"; } else { @@ -222,42 +223,43 @@ while($shell_active == true) { continue; } } - if($first_command == "exit" or $first_command == "quit") + if ($first_command == "exit" or $first_command == "quit") { die; - if($first_command == "help" or $first_command == "?") { + } + if ($first_command == "help" or $first_command == "?") { show_help(); $playbackbuffer = ""; continue; } - if($first_command == "exec" or $first_command == "exec;") { + if ($first_command == "exec" or $first_command == "exec;") { playback_text($playbackbuffer); $playbackbuffer = ""; continue; } - if($first_command == "stoprecording" || $first_command == "stoprecord" || $first_command == "stop") { - if($recording) { + if ($first_command == "stoprecording" || $first_command == "stoprecord" || $first_command == "stop") { + if ($recording) { fwrite($recording_fd, $playbackbuffer); fclose($recording_fd); $command = ""; conf_mount_ro(); echo "Recording stopped.\n"; - $recording = false; + $recording = false; } else { echo "No recording session in progress.\n"; $command = ""; } } - if($first_command == "showrecordings") { + if ($first_command == "showrecordings") { show_recordings(); - $command = ""; + $command = ""; } - if($first_command == "reset") { + if ($first_command == "reset") { $playbackbuffer = ""; echo "\nBuffer reset.\n\n"; continue; } - if($first_command == "record") { - if(!$command_split[1]) { + if ($first_command == "record") { + if (!$command_split[1]) { echo "usage: record playbackname\n"; $command = ""; } else { @@ -265,10 +267,10 @@ while($shell_active == true) { conf_mount_rw(); safe_mkdir("/etc/phpshellsessions"); $recording_fd = fopen("/etc/phpshellsessions/{$command_split[1]}","w"); - if(!$recording_fd) { + if (!$recording_fd) { echo "Could not start recording session.\n"; $command = ""; - } else { + } else { $recording = true; echo "Recording of {$command_split[1]} started.\n"; $command = ""; @@ -281,28 +283,30 @@ while($shell_active == true) { function show_recordings() { conf_mount_rw(); safe_mkdir("/etc/phpshellsessions"); - if($recording) + if ($recording) { conf_mount_ro(); + } echo "==> Sessions available for playback are:\n"; system("cd /etc/phpshellsessions && ls /etc/phpshellsessions"); - echo "==> end of list.\n"; + echo "==> end of list.\n"; } function returnlastchar($command) { $commandlen = strlen($command); $endofstring = substr($command, ($commandlen-1)); - return $endofstring; + return $endofstring; } function returnfirstchar($command) { $commandlen = strlen($command); $endofstring = substr($command, 0, 1); - return $endofstring; + return $endofstring; } function str_replace_all($search,$replace,$subject) { - while(strpos($subject,$search)!==false) + while (strpos($subject,$search)!==false) { $subject = str_replace($search,$replace,$subject); + } return $subject; } @@ -312,11 +316,11 @@ function playback_text($playback_file_contents) { $playback_text .= "require_once('globals.inc');\n"; $playback_text .= "require_once('config.inc');\n"; $toquote = '"'; - $toquotereplace = '\\"'; - foreach($playback_file_split as $pfs) { + $toquotereplace = '\\"'; + foreach ($playback_file_split as $pfs) { $firstchar = returnfirstchar($pfs); $currentline = $pfs; - if($firstchar == "!") { + if ($firstchar == "!") { /* XXX: encode " in $pfs */ $pfsa = str_replace($toquote, $toquotereplace, $currentline); $playback_text .= str_replace("!", "system(\"", $pfsa) . "\");\n"; diff --git a/usr/local/sbin/prefixes.php b/usr/local/sbin/prefixes.php index 85cb496..118bd9e 100644 --- a/usr/local/sbin/prefixes.php +++ b/usr/local/sbin/prefixes.php @@ -1,7 +1,7 @@ <?php $leases_file = "/var/dhcpd/var/db/dhcpd6.leases"; -if(!file_exists($leases_file)) { +if (!file_exists($leases_file)) { exit(1); } @@ -10,31 +10,31 @@ $fd = fopen($leases_file, 'r'); $duid_arr = array(); while (( $line = fgets($fd, 4096)) !== false) { // echo "$line"; - if(preg_match("/^(ia-[np][ad])[ ]+\"(.*?)\"/i", $line, $duidmatch)) { + if (preg_match("/^(ia-[np][ad])[ ]+\"(.*?)\"/i", $line, $duidmatch)) { $type = $duidmatch[1]; $duid = $duidmatch[2]; continue; } /* is it active? otherwise just discard */ - if(preg_match("/binding state active/i", $line, $activematch)) { + if (preg_match("/binding state active/i", $line, $activematch)) { $active = true; continue; } - if(preg_match("/iaaddr[ ]+([0-9a-f:]+)[ ]+/i", $line, $addressmatch)) { + if (preg_match("/iaaddr[ ]+([0-9a-f:]+)[ ]+/i", $line, $addressmatch)) { $ia_na = $addressmatch[1]; continue; } - if(preg_match("/iaprefix[ ]+([0-9a-f:\/]+)[ ]+/i", $line, $prefixmatch)) { + if (preg_match("/iaprefix[ ]+([0-9a-f:\/]+)[ ]+/i", $line, $prefixmatch)) { $ia_pd = $prefixmatch[1]; continue; } /* closing bracket */ - if(preg_match("/^}/i", $line)) { - switch($type) { + if (preg_match("/^}/i", $line)) { + switch ($type) { case "ia-na": $duid_arr[$duid][$type] = $ia_na; break; @@ -54,13 +54,13 @@ fclose($fd); $routes = array(); foreach ($duid_arr as $entry) { - if(!empty($entry['ia-pd'])) { + if (!empty($entry['ia-pd'])) { $routes[$entry['ia-na']] = $entry['ia-pd']; } } // echo "add routes\n"; -if(count($routes) > 0) { +if (count($routes) > 0) { foreach ($routes as $address => $prefix) { echo "/sbin/route change -inet6 {$prefix} {$address}\n"; } @@ -69,13 +69,14 @@ if(count($routes) > 0) { /* get clog from dhcpd */ $dhcpdlogfile = "/var/log/dhcpd.log"; $expires = array(); -if(file_exists($dhcpdlogfile)) { +if (file_exists($dhcpdlogfile)) { $fd = popen("clog $dhcpdlogfile", 'r'); while (($line = fgets($fd)) !== false) { //echo $line; - if(preg_match("/releases[ ]+prefix[ ]+([0-9a-f:]+\/[0-9]+)/i", $line, $expire)) { - if(in_array($expire[1], $routes)) + if (preg_match("/releases[ ]+prefix[ ]+([0-9a-f:]+\/[0-9]+)/i", $line, $expire)) { + if (in_array($expire[1], $routes)) { continue; + } $expires[$expire[1]] = $expire[1]; } } @@ -83,7 +84,7 @@ if(file_exists($dhcpdlogfile)) { } // echo "remove routes\n"; -if(count($expires) > 0) { +if (count($expires) > 0) { foreach ($expires as $prefix) { echo "/sbin/route delete -inet6 {$prefix['prefix']}\n"; } diff --git a/usr/local/sbin/show_filter_reload_status.php b/usr/local/sbin/show_filter_reload_status.php index 5251c3e..daa35ad 100755 --- a/usr/local/sbin/show_filter_reload_status.php +++ b/usr/local/sbin/show_filter_reload_status.php @@ -3,24 +3,24 @@ $last_text = ""; -while(!stristr($status, "Done")) { - $status = get_status(); - if($status <> "") { - echo $status . "\n"; - } - sleep(1); +while (!stristr($status, "Done")) { + $status = get_status(); + if ($status <> "") { + echo $status . "\n"; + } + sleep(1); } function get_status() { - global $last_text; - $status = file_get_contents("/var/run/filter_reload_status"); - $status = str_replace("...", "", $status); - $status .= "..."; - if($status <> $last_text) { - $last_text = $status; - return $status; - } - return ""; + global $last_text; + $status = file_get_contents("/var/run/filter_reload_status"); + $status = str_replace("...", "", $status); + $status .= "..."; + if ($status <> $last_text) { + $last_text = $status; + return $status; + } + return ""; } ?> |