diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 2 | ||||
-rw-r--r-- | etc/inc/openvpn.inc | 9 | ||||
-rw-r--r-- | etc/inc/rrd.inc | 38 | ||||
-rw-r--r-- | etc/inc/shaper.inc | 6 | ||||
-rw-r--r-- | etc/inc/system.inc | 34 |
5 files changed, 43 insertions, 46 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8fd042f..41e3708 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1913,8 +1913,6 @@ function filter_generate_user_rule($rule) { $aline['flags'] .= "max-src-conn-rate " . $rule['max-src-conn-rate'] . " "; $aline['flags'] .= "/" . $rule['max-src-conn-rates'] . ", overload <virusprot> flush global "; } - if(!empty($aline['divert'])) - $aline['flags'] .= "max-packets 10 "; $aline['flags'] .= " ) "; } diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 08e5f92..8d71fd2 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -295,11 +295,11 @@ function openvpn_reconfigure($mode, $settings) { $vpnid = $settings['vpnid']; $mode_id = $mode.$vpnid; - if (isset($settings['dev_mode'])) - $tunname = "{$settings['dev_mode']}{$vpnid}"; + if (isset($settings['device_mode'])) + $tunname = "{$settings['device_mode']}{$vpnid}"; else { /* defaults to tun */ $tunname = "tun{$vpnid}"; - $settings['dev_mode'] = "tun"; + $settings['device_mode'] = "tun"; } if ($mode == "server") @@ -323,6 +323,7 @@ function openvpn_reconfigure($mode, $settings) { $pfile = $g['varrun_path'] . "/openvpn_{$mode_id}.pid"; $proto = ($settings['protocol'] == 'UDP' ? 'udp' : "tcp-{$mode}"); + $device_mode = $settings['device_mode']; $cipher = $settings['crypto']; $interface = $settings['interface']; @@ -340,7 +341,7 @@ function openvpn_reconfigure($mode, $settings) { } $conf = "dev {$devname}\n"; - $conf .= "dev-type {$settings['dev_mode']}\n"; + $conf .= "dev-type {$settings['device_mode']}\n"; $conf .= "dev-node /dev/{$tunname}\n"; $conf .= "writepid {$pfile}\n"; $conf .= "#user nobody\n"; diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index c45e885..7b7db68 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -186,7 +186,7 @@ function enable_rrd_graphing() { $pfctl = "/sbin/pfctl"; $sysctl = "/sbin/sysctl"; $php = "/usr/local/bin/php"; - $top = "/usr/bin/top"; + $cpustats = "/usr/local/sbin/cpustats"; $spamd_gather = "/usr/local/bin/spamd_gather_stats.php"; $ifconfig = "/sbin/ifconfig"; $captiveportal_gather = "/usr/local/bin/captiveportal_gather_stats.php"; @@ -356,8 +356,8 @@ function enable_rrd_graphing() { $rrdupdatesh .= "\n"; $rrdupdatesh .= "# polling wireless for interface $ifname $realif \n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$wireless N:\\\n"; - $rrdupdatesh .= "`$ifconfig {$realif} list sta| $awk 'gsub(\"M\", \"\") {getline 2;print substr(\$5, 0, length(\$5)-2) \":\" $4 \":\" $3}'`\n"; + $rrdupdatesh .= "WIFI=`$ifconfig {$realif} list sta| $awk 'gsub(\"M\", \"\") {getline 2;print substr(\$5, 0, length(\$5)-2) \":\" $4 \":\" $3}'`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$wireless N:${WIFI}\n"; } /* OpenVPN, set up the rrd file */ @@ -394,8 +394,8 @@ function enable_rrd_graphing() { $rrdupdatesh .= " sleep 0.2\n"; $rrdupdatesh .= " echo \"quit\"\n"; $rrdupdatesh .= "}\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\\\n"; - $rrdupdatesh .= "`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'` &\n"; + $rrdupdatesh .= "OVPN=`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'` &\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\${OVPN}\n"; } /* QUEUES, set up the queues databases */ @@ -567,11 +567,10 @@ function enable_rrd_graphing() { } /* the CPU stats gathering function. */ - $rrdupdatesh .= "`$top -d 2 -s 1 0 | $awk '{gsub(/%/, \"\")} BEGIN { \\\n"; - $rrdupdatesh .= "printf \"$rrdtool update $rrddbpath$ifname$proc \" } \\\n"; - $rrdupdatesh .= "{ if ( \$2 == \"processes:\" ) { processes = \$1; } \\\n"; - $rrdupdatesh .= "else if ( \$1 == \"CPU:\" ) { user = \$2; nice = \$4; sys = \$6; interrupt = \$8; } \\\n"; - $rrdupdatesh .= "} END { printf \"N:\"user\":\"nice\":\"sys\":\"interrupt\":\"processes }'`\n\n"; + $rrdupdatesh .= "CPU=`$cpustats | cut -f1-4 -d':'`\n"; + /* Using ps uxaH will count all processes including system threads. Top was undercounting. */ + $rrdupdatesh .= "PROCS=`ps uxaH | wc -l | awk '{print \$1;}'`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$proc N:\${CPU}:\${PROCS}\n"; /* End CPU statistics */ @@ -605,9 +604,10 @@ function enable_rrd_graphing() { } /* the Memory stats gathering function. */ - $rrdupdatesh .= "`$sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_active_count vm.stats.vm.v_inactive_count vm.stats.vm.v_free_count vm.stats.vm.v_cache_count vm.stats.vm.v_wire_count | "; - $rrdupdatesh .= " $awk '{getline active;getline inactive;getline free;getline cache;getline wire;printf \"$rrdtool update $rrddbpath$ifname$mem N:\""; - $rrdupdatesh .= "((active/$0) * 100)\":\"((inactive/$0) * 100)\":\"((free/$0) * 100)\":\"((cache/$0) * 100)\":\"(wire/$0 * 100)}'`\n\n"; + $rrdupdatesh .= "MEM=`$sysctl -n vm.stats.vm.v_page_count vm.stats.vm.v_active_count vm.stats.vm.v_inactive_count vm.stats.vm.v_free_count vm.stats.vm.v_cache_count vm.stats.vm.v_wire_count | "; + $rrdupdatesh .= " $awk '{getline active;getline inactive;getline free;getline cache;getline wire;printf "; + $rrdupdatesh .= "((active/$0) * 100)\":\"((inactive/$0) * 100)\":\"((free/$0) * 100)\":\"((cache/$0) * 100)\":\"(wire/$0 * 100)}'`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$mem N:\${MEM}\n"; /* End Memory statistics */ @@ -705,8 +705,8 @@ function enable_rrd_graphing() { /* the Captive Portal stats gathering function. */ $rrdupdatesh .= "\n"; $rrdupdatesh .= "# polling Captive Portal for number of concurrent users\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalconcurrent \\\n"; - $rrdupdatesh .= "`$php -q $captiveportal_gather concurrent`\n"; + $rrdupdatesh .= "CP=`$php -q $captiveportal_gather concurrent`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalconcurrent \${CP}\n"; $ifname= "captiveportal"; if (!file_exists("$rrddbpath$ifname$captiveportalloggedin")) { @@ -740,8 +740,8 @@ function enable_rrd_graphing() { /* the Captive Portal stats gathering function. */ $rrdupdatesh .= "\n"; $rrdupdatesh .= "# polling Captive Portal for number of logged in users\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalloggedin \\\n"; - $rrdupdatesh .= "`$php -q $captiveportal_gather loggedin`\n"; + $rrdupdatesh .= "CP=`$php -q $captiveportal_gather loggedin`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportalloggedin \${CP}\n"; $ifname= "captiveportal"; if (!file_exists("$rrddbpath$ifname$captiveportaltotalusers")) { @@ -775,8 +775,8 @@ function enable_rrd_graphing() { /* the Captive Portal stats gathering function. */ $rrdupdatesh .= "\n"; $rrdupdatesh .= "# polling Captive Portal for number of concurrent users\n"; - $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportaltotalusers \\\n"; - $rrdupdatesh .= "`$php -q $captiveportal_gather total`\n"; + $rrdupdatesh .= "CP=`$php -q $captiveportal_gather total`\n"; + $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$captiveportaltotalusers \${CP}\n"; } diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index c56543a..4b24f9b 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -2770,8 +2770,10 @@ class dummynet_class { $reqdfieldsn[] = "Bandwidth"; $reqdfields[] = "bandwidthtype"; $reqdfieldsn[] = "Bandwidthtype"; - $reqdfields[] = "name"; - $reqdfieldsn[] = "Name"; + if (!empty($data['newname'])) { + $reqdfields[] = "newname"; + $reqdfieldsn[] = "Name"; + } shaper_do_input_validation($data, $reqdfields, $reqdfieldsn, $input_errors); diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 4a8214d..4821a8a 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -1147,22 +1147,13 @@ function system_timezone_configure() { function system_ntp_configure() { global $config, $g; - $syscfg =& $config['system']; - - /* open configuration for wrting or bail */ - $fd = fopen("{$g['varetc_path']}/ntpd.conf","w"); - if(!$fd) { - log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing"); - return; - } - - fwrite($fd, "# \n"); - fwrite($fd, "# pfSense OpenNTPD configuration file \n"); - fwrite($fd, "# \n\n"); + $ntpcfg = "# \n"; + $ntpcfg .= "# pfSense OpenNTPD configuration file \n"; + $ntpcfg .= "# \n\n"; /* foreach through servers and write out to ntpd.conf */ - foreach (explode(' ', $syscfg['timeservers']) as $ts) - fwrite($fd, "servers {$ts}\n"); + foreach (explode(' ', $config['system']['timeservers']) as $ts) + $ntpcfg .= "servers {$ts}\n"; /* Setup listener(s) if the user has configured one */ if ($config['installedpackages']['openntpd']) { @@ -1175,12 +1166,19 @@ function system_ntp_configure() { $ips = array_map('find_interface_ip', $ifaces); foreach ($ips as $ip) { if (is_ipaddr($ip)) - fwrite($fd, "listen on $ip\n"); + $ntpdcfg .= "listen on $ip\n"; } } } + $ntpdcfg .= "\n"; - fwrite($fd, "\n"); + /* open configuration for wrting or bail */ + $fd = fopen("{$g['varetc_path']}/ntpd.conf","w"); + if(!$fd) { + log_error("Could not open {$g['varetc_path']}/ntpd.conf for writing"); + return; + } + fwrite($fd, $ntpcfg); /* slurp! */ fclose($fd); @@ -1208,13 +1206,11 @@ function system_ntp_configure() { function sync_system_time() { global $config, $g; - $syscfg = $config['system']; - if ($g['booting']) echo "Syncing system time before startup..."; /* foreach through servers and write out to ntpd.conf */ - foreach (explode(' ', $syscfg['timeservers']) as $ts) { + foreach (explode(' ', $config['system']['timeservers']) as $ts) { mwexec("/usr/sbin/ntpdate -s $ts"); } |