diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/globals.inc | 2 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 410 | ||||
-rw-r--r-- | etc/inc/pfsense-utils.inc | 14 | ||||
-rw-r--r-- | etc/inc/priv.defs.inc | 6 | ||||
-rw-r--r-- | etc/inc/upgrade_config.inc | 95 |
5 files changed, 490 insertions, 37 deletions
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 782251a..6e2b1f6 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -88,7 +88,7 @@ $g = array( "disablehelpmenu" => false, "disablehelpicon" => false, "debug" => false, - "latest_config" => "6.3", + "latest_config" => "6.4", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "105", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 19af755..ca0af88 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -817,13 +817,10 @@ function interface_bring_down($interface = "wan", $destroy = false) { $realif = get_real_interface($interface); switch ($ifcfg['ipaddr']) { + case "ppp": case "pppoe": - killbypid("{$g['varrun_path']}/pppoe_{$interface}.pid"); - sleep(2); - unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf"); - break; case "pptp": - killbypid("{$g['varrun_path']}/pptp_{$interface}.pid"); + killbypid("{$g['varrun_path']}/{$ifcfg['ipaddr']}_{$interface}.pid"); sleep(2); unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf"); break; @@ -844,11 +841,6 @@ function interface_bring_down($interface = "wan", $destroy = false) { mwexec("/usr/sbin/arp -d -i {$realif} -a"); } break; - case "ppp": - killbypid("{$g['varrun_path']}/ppp_{$interface}.pid"); - sleep(2); - unlink_if_exists("{$g['varetc_path']}/mpd_{$interface}.conf"); - break; default: if(does_interface_exist("$realif")) { mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); @@ -881,22 +873,26 @@ function interface_bring_down($interface = "wan", $destroy = false) { function interface_ppp_configure($interface) { global $config, $g; - $wancfg =& $config['interfaces'][$interface]; + $wancfg = &$config['interfaces'][$interface]; if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { - foreach ($config['ppps']['ppp'] as $ppp) { - if ($wancfg['if'] == basename($ppp['port'])) + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + if ($wancfg['ptpid'] == $ppp['ptpid']) break; } } - if (!$ppp || empty($ppp['port'])) - return; - + if (!$ppp || $wancfg['ptpid'] != $ppp['ptpid'] || stristr($ppp['ports'], ",")){ + log_error("PPP configuration error."); + return; + } +/* if ($interface == "wan") $pppid = "0"; else $pppid = substr($interface, 3); $pppif = "ppp{$pppid}"; +*/ + $pppif = $wancfg['if']; // mpd5 requires a /var/spool/lock directory if(!is_dir("/var/spool/lock")) { @@ -993,7 +989,7 @@ EOD; EOD; $mpdconf .= <<<EOD - set modem device {$ppp['port']} + set modem device {$ppp['ports']} set modem script DialPeer set modem idle-script Ringback set modem watch -cd @@ -1036,11 +1032,359 @@ EOD; fclose($fd); // Launch specified ppp instance - if (file_exists("{$ppp['port']}")) { + if (file_exists("{$ppp['ports']}")) { /* fire up mpd */ mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/ppp_{$interface}.pid -s {$interface} pppclient"); } else - log_error("Device {$ppp['port']} has disappeared."); + log_error("Device {$ppp['ports']} has disappeared."); +} + +/* This function can configure PPPoE, MLPPP (PPPoE), PPtP. +* It writes the mpd config file to /var/etc every time the interfaces is brought up. +*/ + +function interface_ppps_configure($interface) { + global $config, $g; + + $intcfg = &$config['interfaces'][$interface]; + if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + if ($intcfg['ptpid'] == $ppp['ptpid']) + break; + } + } + if (!$ppp || $intcfg['ptpid'] != $ppp['ptpid']){ + log_error("PPP configuration error in interface_ppps_configure()."); + return; + } + + $pppif = $intcfg['if']; + if ($ppp['type'] == "ppp") + $type = "modem"; + else + $type = $ppp['type']; + $upper_type = strtoupper($ppp['type']); + + // mpd5 requires a /var/spool/lock directory for PPP modem links. + if(!is_dir("/var/spool/lock")) { + exec("/bin/mkdir -p /var/spool/lock"); + exec("/bin/chmod a+rw /var/spool/lock/."); + } + // mpd5 modem chat script expected in the same directory as the mpd_xxx.conf files + if (!file_exists("{$g['varetc_path']}/mpd.script")) + mwexec("/bin/ln -s /usr/local/sbin/mpd.script {$g['varetc_path']}/."); + + if($g['booting']) + echo " configuring {$upper_type} on {$pppif} interface...\n"; + + /* generate mpd.conf */ + $fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w"); + if (!$fd) { + log_error("Error: cannot open mpd_{$interface}.conf in interface_ppps_configure().\n"); + return 1; + } + $ports = explode(',',$ppp['ports']); + + if (is_array($ports) && count($ports) > 1) + $multilink = "enable"; + else + $multilink = "disable"; + + if ($type == "modem"){ + if (is_ipaddr($ppp['localip'])) + $localip = $ppp['localip']; + else + $localip = '0.0.0.0'; + + if (is_ipaddr($ppp['gateway'])) + $gateway = $ppp['gateway']; + else + $gateway = "10.0.0.{$pppid}"; + $ranges = "{$localip}/0 {$gateway}/0"; + } + else + $ranges = "0.0.0.0/0 0.0.0.0/0"; + + if (isset($ppp['ondemand'])) + $ondemand = "enable"; + else + $ondemand = "disable"; + if (!isset($ppp['idletimeout'])) + $ppp['idletimeout'] = 0; + + if (empty($ppp['username']) && $type == "modem"){ + $ppp['username'] = "user"; + $ppp['password'] = "none"; + } + if (empty($ppp['password']) && $type == "modem") + $passwd = "none"; + else + $passwd = base64_decode($ppp['password']); + if (isset($ppp['bandwidth'])) + $bandwidths = explode(',',$ppp['bandwidth']); + if (isset($ppp['mtu'])) + $mtus = explode(',',$ppp['mtu']); + if (isset($ppp['mru'])) + $mrus = explode(',',$ppp['mru']); + // Construct the mpd.conf file + $mpdconf = <<<EOD +startup: + # configure the console + set console close + # configure the web server + set web close + +default: +{$ppp['type']}client: + create bundle static {$interface} + set iface name {$pppif} + +EOD; + + if (isset($ppp['defaultgw'])) { + $mpdconf .= <<<EOD + set iface route default + +EOD; + } + + $mpdconf .= <<<EOD + set iface {$ondemand} on-demand + set iface idle {$ppp['idletimeout']} + +EOD; + + if (isset($ppp['ondemand'])) { + $mpdconf .= <<<EOD + set iface addrs 10.10.1.1 10.10.1.2 + +EOD; + } + if (isset($ppp['tcpmssfix'])) { + $mpdconf .= <<<EOD + set iface enable tcpmssfix + +EOD; + } + $mpdconf .= <<<EOD + set iface up-script /usr/local/sbin/ppp-linkup + set iface down-script /usr/local/sbin/ppp-linkdown + set ipcp ranges {$ranges} + +EOD; + if (isset($ppp['vjcomp'])){ + $mpdconf .= <<<EOD + set ipcp no vjcomp + +EOD; + } + + if (isset($config['system']['dnsallowoverride']) && isset($ppp['defaultgw'])) { + $mpdconf .= <<<EOD + set ipcp enable req-pri-dns + set ipcp enable req-sec-dns + +EOD; + } +/* + if (!isset($intcfg['dnsnosec']) && isset($config['system']['dnsallowoverride'])) { + $mpdconf .= <<<EOD + set ipcp enable req-sec-dns + +EOD; + } +*/ + foreach($ports as $pid => $port){ + $mpdconf .= <<<EOD + + create link static link{$pid}-{$interface} {$type} + set link action bundle {$interface} + set link {$multilink} multilink + set link keep-alive 10 60 + set link max-redial 0 + +EOD; + if (isset($ppp['shortseq'])){ + $mpdconf .= <<<EOD + set link no shortseq + +EOD; + } + if (isset($ppp['acfcomp'])){ + $mpdconf .= <<<EOD + set link no acfcomp + +EOD; + } + if (isset($ppp['protocomp'])){ + $mpdconf .= <<<EOD + set link no protocomp + +EOD; + } + $mpdconf .= <<<EOD + set link disable chap pap + set link accept chap pap eap + set link disable incoming + +EOD; + + + if (isset($bandwidths)){ + $mpdconf .= <<<EOD + set link bandwidth {$bandwidths[$pid]} + +EOD; + } + if (isset($mtus)){ + $mpdconf .= <<<EOD + set link mtu {$mtus[$pid]} + +EOD; + } + if (isset($mrus)){ + $mpdconf .= <<<EOD + set link mru {$mrus[$pid]} + +EOD; + } + $mpdconf .= <<<EOD + set auth authname "{$ppp['username']}" + set auth password {$passwd} + +EOD; + if ($type == "modem") { + $mpdconf .= <<<EOD + set modem device {$ppp['ports']} + set modem script DialPeer + set modem idle-script Ringback + set modem watch -cd + set modem var \$DialPrefix "DT" + set modem var \$Telephone "{$ppp['phone']}" + +EOD; + } + if (isset($ppp['connect-timeout']) && $type == "modem") { + $mpdconf .= <<<EOD + set modem var \$ConnectTimeout "{$ppp['connect-timeout']}" + +EOD; + } + if (isset($ppp['initstr']) && $type == "modem") { + $initstr = base64_decode($ppp['initstr']); + $mpdconf .= <<<EOD + set modem var \$InitString "{$initstr}" + +EOD; + } + if (isset($ppp['simpin']) && $type == "modem") { + $mpdconf .= <<<EOD + set modem var \$SimPin "{$ppp['simpin']}" + set modem var \$PinWait "{$ppp['pin-wait']}" + +EOD; + } + if (isset($ppp['apn']) && $type == "modem") { + $mpdconf .= <<<EOD + set modem var \$APN "{$ppp['apn']}" + set modem var \$APNum "{$ppp['apnum']}" + +EOD; + } + + if (isset($ppp['provider']) && $type == "pppoe") { + $mpdconf .= <<<EOD + set pppoe service "{$ppp['provider']}" + +EOD; + } + if ($type == "pppoe") { + $mpdconf .= <<<EOD + set pppoe iface {$port} + +EOD; + } + if ($type == "pptp") { + $mpdconf .= <<<EOD + set bundle no noretry + set pptp self {$ppp['localip']} + set pptp peer {$ppp['gateway']} + set pptp disable windowing + +EOD; + } + $mpdconf .= "\topen\r\n"; + } //end foreach($port) + + // Write out configuration for mpd_ppp.conf and mpd.secret + fwrite($fd, $mpdconf); + fclose($fd); + + // Create the uptime log if requested and if it doesn't exist already, or delete it if it is no longer requested. + if (isset($ppp['uptime'])) { + if (!file_exists("/conf/{$pppif}.log")) { + conf_mount_rw(); + mwexec("echo /dev/null > /conf/{$pppif}.log"); + conf_mount_ro(); + } + } else { + if (file_exists("/conf/{$pppif}.log")) { + conf_mount_rw(); + mwexec("rm -f /conf/{$pppif}.log"); + conf_mount_ro(); + } + } + // Check for PPPoE periodic reset request + if ($type == "pppoe") + if (isset($ppp['pppoe-reset-type'])) + setup_pppoe_reset_file($ppp['ptpid'], $interface); + else + setup_pppoe_reset_file($ppp['ptpid']); + + if(file_exists("{$g['varrun_path']}/{$ppp['type']}_{$interface}.pid") and $g['booting']) { + /* if we are booting and mpd has already been started then don't start again. */ + } else { + foreach($ports as $port){ + switch ($ppp['type']) { + case "pppoe": + /* Bring the parent interface up */ + if($port) + interfaces_bring_up($port); + else + log_error("Could not bring up interface {$port} for {$ppp['type']} link on {$interface} in interface_ppps_configure()."); + break; + case "pptp": + /* configure interface */ + if($port) + mwexec("/sbin/ifconfig " . escapeshellarg($port) . " " . + escapeshellarg($ppp['localip'] . "/" . $ppp['subnet']) . " up"); + else + log_error("Could not bring up interface {$port} for {$ppp['type']} link on {$interface} in interface_ppps_configure()."); + break; + case "ppp": + if (!file_exists("{$port}")) { + log_error("Device {$port} does not exist. PPP link cannot start without the modem device."); + return 1; + } + break; + default: + break; + } + } + + /* fire up mpd */ + mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/{$ppp['type']}_{$interface}.pid -s ppp {$ppp['type']}client"); + } + + /* sleep until wan is up - or 30 seconds, whichever comes first */ + for ($count = 0; $count < 30; $count++) { + if(file_exists("{$g['tmp_path']}/{$pppif}up")) { + break; + } + sleep(1); + } + + return 0; } function interfaces_carp_setup() { @@ -1938,13 +2282,13 @@ function interface_configure($interface = "wan", $reloadall = false) { interface_dhcp_configure($interface); break; case 'pppoe': - interface_pppoe_configure($interface); + interface_ppps_configure($interface); break; case 'pptp': - interface_pptp_configure($interface); + interface_ppps_configure($interface); break; case 'ppp': - interface_ppp_configure($interface); + interface_ppps_configure($interface); break; default: if ($wancfg['ipaddr'] <> "" && $wancfg['subnet'] <> "") { @@ -2637,7 +2981,7 @@ function get_real_interface($interface = "wan") { $counter++; } break; - case "pppoe": +/* case "pppoe": if ($if == "wan") $wanif = "pppoe0"; else @@ -2655,6 +2999,7 @@ function get_real_interface($interface = "wan") { else $wanif = "ppp" . substr($if, 3); break; +*/ default: $wanif = $cfg['if']; break; @@ -3152,16 +3497,17 @@ function is_jumbo_capable($int) { return false; } -function setup_pppoe_reset_file($interface, $status) { - define("CRON_PPPOE_CMD_FILE", "/conf/pppoe{$interface}restart"); - define("CRON_PPPOE_CMD", "#!/bin/sh\necho '<?php require(\"config.inc\"); require(\"interfaces.inc\"); interface_reconfigure({$interface}); ?>' | /usr/local/bin/php -q"); - if ($status == true) { - if (!file_exists(CRON_PPPOE_CMD_FILE)) { - file_put_contents(CRON_PPPOE_CMD_FILE, CRON_PPPOE_CMD); - chmod(CRON_PPPOE_CMD_FILE, 0700); - } +function setup_pppoe_reset_file($ptpid, $iface="") { + global $g; + $cron_file = "{$g['varetc_path']}/pppoe_restart_{$ptpid}"; + + if(!empty($iface) && !empty($ptpid)){ + $cron_cmd = "#!/bin/sh\necho '<?php require(\"config.inc\"); require(\"interfaces.inc\"); interface_reconfigure({$iface}); log_error(\"PPPoE periodic reset executed on {$iface}\"); ?>' | /usr/local/bin/php -q"; + file_put_contents($cron_file, $cron_cmd); + chmod($cron_file, 0700); + sigkillbypid("{$g['varrun_path']}/cron.pid", "HUP"); } else - unlink_if_exists(CRON_PPPOE_CMD_FILE); + unlink_if_exists($cron_file); } ?> diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 703d421..b653010 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1306,11 +1306,17 @@ function get_interface_info($ifdescr) { $ifinfo['ppplink'] = "down" ; if (empty($ifinfo['status'])) $ifinfo['status'] = "down"; - - $dev = $config['interfaces'][$if]['if']; - if (empty($dev)) + + if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + if ($config['interfaces'][$if]['ptpid'] == $ppp['ptpid']) + break; + } + } + $dev = $ppp['ports']; + if ($config['interfaces'][$if]['ptpid'] != $ppp['ptpid'] || empty($dev)) break; - if (file_exists("/dev/{$dev}")) { + if (file_exists($dev)) { if (file_exists("{$g['varrun_path']}/ppp_{$if}.pid")) { $ifinfo['pppinfo'] = "{$ifinfo['if']}"; $sec = trim(`/usr/local/sbin/ppp-uptime.sh {$ifinfo['if']}`); diff --git a/etc/inc/priv.defs.inc b/etc/inc/priv.defs.inc index 2c4543d..7c900fe 100644 --- a/etc/inc/priv.defs.inc +++ b/etc/inc/priv.defs.inc @@ -318,6 +318,12 @@ $priv_list['page-getstats']['descr'] = "Allow access to the 'AJAX: Get Stats' pa $priv_list['page-getstats']['match'] = array(); $priv_list['page-getstats']['match'][] = "getstats.php*"; +$priv_list['page-status-systemlogs-ppp'] = array(); +$priv_list['page-status-systemlogs-ppp']['name'] = "WebCfg - Status: System logs: IPsec VPN page"; +$priv_list['page-status-systemlogs-ppp']['descr'] = "Allow access to the 'Status: System logs: IPsec VPN' page."; +$priv_list['page-status-systemlogs-ppp']['match'] = array(); +$priv_list['page-status-systemlogs-ppp']['match'][] = "diag_logs_ppp.php*"; + $priv_list['page-diagnostics-nanobsd'] = array(); $priv_list['page-diagnostics-nanobsd']['name'] = "WebCfg - Diagnostics: NanoBSD"; $priv_list['page-diagnostics-nanobsd']['descr'] = "Allow access to the 'Diagnostics: NanoBSD' page."; diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index cb690d6..25b7456 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1965,4 +1965,99 @@ function upgrade_062_to_063() { } } + +function upgrade_063_to_064() { + global $config; + if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + if (isset($ppp['port'])){ + $config['ppps']['ppp'][$pppid]['ports'] = $ppp['port']; + unset($config['ppps']['ppp'][$pppid]['port']); + } + if (!isset($ppp['type'])){ + $config['ppps']['ppp'][$pppid]['type'] = "ppp"; + } + if (!isset($ppp['ptpid'])){ + $config['ppps']['ppp'][$pppid]['ptpid'] = uniqid('', true); + } + } + } + + $ifcfg = &$config['interfaces']; + + if (!is_array($config['ppps']['ppp'])) + $config['ppps']['ppp'] = array(); + $a_ppps = &$config['ppps']['ppp']; + + foreach ($ifcfg as $ifname => $ifinfo) { + $ppp = array(); + // For pppoe conversion + if ($ifinfo['ipaddr'] == "pppoe" || $ifinfo['ipaddr'] == "pptp"){ + if (isset($ifinfo['ptpid'])) + continue; + $ppp['ptpid'] = uniqid('', true); + $ppp['type'] = $ifinfo['ipaddr']; + $ppp['ports'] = $ifinfo['if']; + if ($ifinfo['ipaddr'] == "pppoe"){ + $ppp['username'] = $ifinfo['pppoe_username']; + $ppp['password'] = base64_encode($ifinfo['pppoe_password']); + } + if ($ifinfo['ipaddr'] == "pptp"){ + $ppp['username'] = $ifinfo['pptp_username']; + $ppp['password'] = base64_encode($ifinfo['pptp_password']); + } + foreach ($config['gateways']['gateway_item'] as $gateway){ + if ($gateway['name'] == $ifname && isset($gateway['defaultgw'])){ + $ppp['defaultgw'] = true; + } + } + + if (isset($ifinfo['provider'])) + $ppp['provider'] = $ifinfo['provider']; + if (isset($ifinfo['ondemand'])) + $ppp['ondemand'] = true; + if (isset($ifinfo['timeout'])) + $ppp['idletimeout'] = $ifinfo['timeout']; + if (isset($ifinfo['pppoe']['pppoe-reset-type'])){ + $ppp['pppoe-reset-type'] = $ifinfo['pppoe']['pppoe-reset-type']; + if (is_array($config['cron']['item'])) { + for ($i = 0; $i < count($config['cron']['item']); $i++) { + $item = $config['cron']['item'][$i]; + if (strpos($item['command'], "/conf/pppoe{$ifname}restart") !== false) + $config['cron']['item'][$i]['command'] = "/var/etc/pppoe_restart_" . $ppp['ptpid']; + } + } + } + if (isset($ifinfo['local'])) + $ppp['localip'] = $ifinfo['local']; + if (isset($ifinfo['subnet'])) + $ppp['subnet'] = $ifinfo['subnet']; + if (isset($ifinfo['remote'])) + $ppp['gateway'] = $ifinfo['remote']; + + $ifcfg[$ifname]['ptpid'] = $ppp['ptpid']; + if ($ifname == "wan") + $ifcfg[$ifname]['if'] = $ifinfo['ipaddr'] ."0"; + else + $ifcfg[$ifname]['if'] = $ifinfo['ipaddr'] . substr($ifname,3); + unset($ifcfg[$ifname]['pppoe_username']); + unset($ifcfg[$ifname]['pppoe_password']); + unset($ifcfg[$ifname]['provider']); + unset($ifcfg[$ifname]['ondemand']); + unset($ifcfg[$ifname]['timeout']); + unset($ifcfg[$ifname]['pppoe_reset']); + unset($ifcfg[$ifname]['pppoe_preset']); + unset($ifcfg[$ifname]['pppoe']); + unset($ifcfg[$ifname]['pptp_username']); + unset($ifcfg[$ifname]['pptp_password']); + unset($ifcfg[$ifname]['local']); + unset($ifcfg[$ifname]['subnet']); + unset($ifcfg[$ifname]['remote']); + + $a_ppps[] = $ppp; + + } + } +} + ?> |