diff options
Diffstat (limited to 'src/etc/rc.initial.setlanip')
-rwxr-xr-x | src/etc/rc.initial.setlanip | 556 |
1 files changed, 556 insertions, 0 deletions
diff --git a/src/etc/rc.initial.setlanip b/src/etc/rc.initial.setlanip new file mode 100755 index 0000000..e33a05a --- /dev/null +++ b/src/etc/rc.initial.setlanip @@ -0,0 +1,556 @@ +#!/usr/local/bin/php-cgi -q +<?php +/* $Id$ */ +/* + rc.initial.setlanip + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +$options = getopt("hn", array("dry-run", "help")); + +if (isset($options["h"]) || isset($options["help"])) { + echo "usage: /etc/rc.initial.setlanip [option ...]\n"; + echo " -h, --help show this message\n"; + echo " -n, --dry-run do not make any configuration changes\n"; + return 0; +} + +$dry_run = isset($options["n"]) || isset($options["dry-run"]); +if ($dry_run) { + echo "DRY RUN MODE IS ON\n"; +} + +/* parse the configuration and include all functions used below */ +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("rrd.inc"); + +function console_prompt_for_yn ($prompt_text) { + global $fp; + + $good_answer = false; + + do { + echo "\n" . $prompt_text . " (y/n) "; + $yn = strtolower(chop(fgets($fp))); + if (($yn == "y") || ($yn == "yes")) { + $boolean_answer = true; + $good_answer = true; + } + if (($yn == "n") || ($yn == "no")) { + $boolean_answer = false; + $good_answer = true; + } + } while (!$good_answer); + + return $boolean_answer; +} + +function console_get_interface_from_ppp($realif) { + global $config; + + if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { + foreach ($config['ppps']['ppp'] as $pppid => $ppp) { + if ($realif == $ppp['if']) { + $ifaces = explode(",", $ppp['ports']); + return $ifaces[0]; + } + } + } + + return ""; +} + +function prompt_for_enable_dhcp_server($version = 4) { + global $config, $fp, $interface; + if ($interface == "wan") { + if ($config['interfaces']['lan']) { + return false; + } + } + /* only allow DHCP server to be enabled when static IP is + configured on this interface */ + if ($version === 6) { + $is_ipaddr = is_ipaddrv6($config['interfaces'][$interface]['ipaddrv6']); + } else { + $is_ipaddr = is_ipaddrv4($config['interfaces'][$interface]['ipaddr']); + } + if (!($is_ipaddr)) { + return false; + } + + $label_DHCP = ($version === 6) ? "DHCP6" : "DHCP"; + $upperifname = strtoupper($interface); + return console_prompt_for_yn (sprintf(gettext("Do you want to enable the %s server on %s?"), $label_DHCP, $upperifname)); +} + +function get_interface_config_description($iface) { + global $config; + $c = $config['interfaces'][$iface]; + if (!$c) { + return null; + } + $if = $c['if']; + $result = $if; + $result2 = array(); + $ipaddr = $c['ipaddr']; + $ipaddrv6 = $c['ipaddrv6']; + if (is_ipaddr($ipaddr)) { + $result2[] = "static"; + } else if ($ipaddr == "dhcp") { + $result2[] = "dhcp"; + } + if (is_ipaddr($ipaddrv6)) { + $result2[] = "staticv6"; + } else if ($ipaddrv6 == "dhcp6") { + $result2[] = "dhcp6"; + } + if (count($result2)) { + $result .= " - " . implode(", ", $result2); + } + return $result; +} + +$fp = fopen('php://stdin', 'r'); + +/* build an interface collection */ +$ifdescrs = get_configured_interface_with_descr(false, true); +$count = count($ifdescrs); + +/* grab interface that we will operate on, unless there is only one interface */ +if ($count > 1) { + echo "Available interfaces:\n\n"; + $x=1; + foreach ($ifdescrs as $iface => $ifdescr) { + $config_descr = get_interface_config_description($iface); + echo "{$x} - {$ifdescr} ({$config_descr})\n"; + $x++; + } + echo "\nEnter the number of the interface you wish to configure: "; + $intnum = chop(fgets($fp)); +} else { + $intnum = $count; +} + +if ($intnum < 1) { + return; +} +if ($intnum > $count) { + return; +} + +$index = 1; +foreach ($ifdescrs as $ifname => $ifdesc) { + if ($intnum == $index) { + $interface = $ifname; + break; + } else { + $index++; + } +} +if (!$interface) { + echo "Invalid interface!\n"; + return; +} + +$ifaceassigned = ""; + +function next_unused_gateway_name($interface) { + global $g, $config; + $new_name = "GW_" . strtoupper($interface); + + if (!is_array($config['gateways']['gateway_item'])) { + return $new_name; + } + $count = 1; + do { + $existing = false; + foreach ($config['gateways']['gateway_item'] as $item) { + if ($item['name'] === $new_name) { + $existing = true; + break; + } + } + if ($existing) { + $count += 1; + $new_name = "GW_" . strtoupper($interface) . "_" . $count; + } + } while ($existing); + return $new_name; +} + +function add_gateway_to_config($interface, $gatewayip, $inet_type) { + global $g, $config, $dry_run; + if (!is_array($config['gateways']['gateway_item'])) { + $config['gateways']['gateway_item'] = array(); + } + $a_gateways = &$config['gateways']['gateway_item']; + if ($dry_run) { + print_r($a_gateways); + } + $new_name = ''; + $is_default = true; + foreach ($a_gateways as $item) { + if ($item['ipprotocol'] === $inet_type) { + if (isset($item['defaultgw'])) { + $is_default = false; + } + if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip)) { + $new_name = $item['name']; + } + } + } + if ($new_name == '') { + $new_name = next_unused_gateway_name($interface); + $item = array( + "interface" => $interface, + "gateway" => $gatewayip, + "name" => $new_name, + "weight" => 1, + "ipprotocol" => $inet_type, + "interval" => true, + "descr" => "Interface $interface Gateway", + "defaultgw" => $is_default + ); + if ($dry_run) { + print_r($item); + } + $a_gateways[] = $item; + } + + return $new_name; +} + +function console_configure_ip_address($version) { + global $g, $config, $interface, $restart_dhcpd, $ifaceassigned, $fp; + + $label_IPvX = ($version === 6) ? "IPv6" : "IPv4"; + $maxbits = ($version === 6) ? 127 : 31; + $label_DHCP = ($version === 6) ? "DHCP6" : "DHCP"; + + $upperifname = strtoupper($interface); + + if ($interface == "wan") { + if (console_prompt_for_yn (sprintf(gettext("Configure %s address %s interface via %s?"), $label_IPvX, $upperifname, $label_DHCP))) { + $ifppp = console_get_interface_from_ppp(get_real_interface("wan")); + if (!empty($ifppp)) { + $ifaceassigned = $ifppp; + } + $intip = ($version === 6) ? "dhcp6" : "dhcp"; + $intbits = ""; + $isintdhcp = true; + $restart_dhcpd = true; + } + } + + if ($isintdhcp == false or $interface <> "wan") { + while (true) { + do { + echo "\n" . sprintf(gettext("Enter the new %s %s address. Press <ENTER> for none:"), + $upperifname, $label_IPvX) . "\n> "; + $intip = chop(fgets($fp)); + $is_ipaddr = ($version === 6) ? is_ipaddrv6($intip) : is_ipaddrv4($intip); + if ($is_ipaddr && is_ipaddr_configured($intip, $interface, true)) { + $ip_conflict = true; + echo gettext("This IP address conflicts with another interface or a VIP") . "\n"; + } else { + $ip_conflict = false; + } + } while (($ip_conflict === true) || !($is_ipaddr || $intip == '')); + if ($intip != '') { + echo "\n" . sprintf(gettext("Subnet masks are entered as bit counts (as in CIDR notation) in %s."), + $g['product_name']) . "\n"; + if ($version === 6) { + echo "e.g. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 = 120\n"; + echo " ffff:ffff:ffff:ffff:ffff:ffff:ffff:0 = 112\n"; + echo " ffff:ffff:ffff:ffff:ffff:ffff:0:0 = 96\n"; + echo " ffff:ffff:ffff:ffff:ffff:0:0:0 = 80\n"; + echo " ffff:ffff:ffff:ffff:0:0:0:0 = 64\n"; + } else { + echo "e.g. 255.255.255.0 = 24\n"; + echo " 255.255.0.0 = 16\n"; + echo " 255.0.0.0 = 8\n"; + } + do { + $upperifname = strtoupper($interface); + echo "\n" . sprintf(gettext("Enter the new %s %s subnet bit count (1 to %s):"), + $upperifname, $label_IPvX, $maxbits) . "\n> "; + $intbits = chop(fgets($fp)); + $intbits_ok = is_numeric($intbits) && (($intbits >= 1) && ($intbits <= $maxbits)); + $restart_dhcpd = true; + + if ($version === 4 && $intbits < $maxbits) { + if ($intip == gen_subnet($intip, $intbits)) { + echo gettext("You cannot set network address to an interface"); + continue 2; + $intbits_ok = false; + } else if ($intip == gen_subnet_max($intip, $intbits)) { + echo gettext("You cannot set broadcast address to an interface"); + continue 2; + $intbits_ok = false; + } + } + } while (!$intbits_ok); + + if ($version === 6) { + $subnet = gen_subnetv6($intip, $intbits); + } else { + $subnet = gen_subnet($intip, $intbits); + } + do { + echo "\n" . sprintf(gettext("For a WAN, enter the new %s %s upstream gateway address."), $upperifname, $label_IPvX) . "\n" . + gettext("For a LAN, press <ENTER> for none:") . "\n> "; + $gwip = chop(fgets($fp)); + $is_ipaddr = ($version === 6) ? is_ipaddrv6($gwip) : is_ipaddrv4($gwip); + $is_in_subnet = $is_ipaddr && ip_in_subnet($gwip, $subnet . "/" . $intbits); + if ($gwip != '') { + if (!$is_ipaddr) { + echo sprintf(gettext("not an %s IP address!"), $label_IPvX) . "\n"; + } else if (!$is_in_subnet) { + echo gettext("not in subnet!") . "\n"; + } + } + } while (!($gwip == '' || ($is_ipaddr && $is_in_subnet))); + + if ($gwip != '') { + $inet_type = ($version === 6) ? "inet6" : "inet"; + $gwname = add_gateway_to_config($interface, $gwip, $inet_type); + } + } + $ifppp = console_get_interface_from_ppp(get_real_interface($interface)); + if (!empty($ifppp)) { + $ifaceassigned = $ifppp; + } + break; + } + } + + return array($intip, $intbits, $gwname); +} + +list($intip, $intbits, $gwname) = console_configure_ip_address(4); +list($intip6, $intbits6, $gwname6) = console_configure_ip_address(6); + +if (!empty($ifaceassigned)) { + $config['interfaces'][$interface]['if'] = $ifaceassigned; +} +$config['interfaces'][$interface]['ipaddr'] = $intip; +$config['interfaces'][$interface]['subnet'] = $intbits; +$config['interfaces'][$interface]['gateway'] = $gwname; +$config['interfaces'][$interface]['ipaddrv6'] = $intip6; +$config['interfaces'][$interface]['subnetv6'] = $intbits6; +$config['interfaces'][$interface]['gatewayv6'] = $gwname6; +$config['interfaces'][$interface]['enable'] = true; + +function console_configure_dhcpd($version = 4) { + global $g, $config, $restart_dhcpd, $fp, $interface, $dry_run, $intip, $intbits, $intip6, $intbits6; + + $label_IPvX = ($version === 6) ? "IPv6" : "IPv4"; + $dhcpd = ($version === 6) ? "dhcpdv6" : "dhcpd"; + + if ($g['services_dhcp_server_enable'] && prompt_for_enable_dhcp_server($version)) { + $subnet_start = ($version === 6) ? gen_subnetv6($intip6, $intbits6) : gen_subnet($intip, $intbits); + $subnet_end = ($version === 6) ? gen_subnetv6_max($intip6, $intbits6) : gen_subnet_max($intip, $intbits); + do { + do { + echo sprintf(gettext("Enter the start address of the %s client address range:"), $label_IPvX) . " "; + $dhcpstartip = chop(fgets($fp)); + if ($dhcpstartip === "") { + fclose($fp); + return 0; + } + $is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpstartip) : is_ipaddrv4($dhcpstartip); + $is_inrange = is_inrange($dhcpstartip, $subnet_start, $subnet_end); + if (!$is_inrange) { + echo gettext("This IP address must be in the interface's subnet") . "\n"; + } + } while (!$is_ipaddr || !$is_inrange); + + do { + echo sprintf(gettext("Enter the end address of the %s client address range:"), $label_IPvX) . " "; + $dhcpendip = chop(fgets($fp)); + if ($dhcpendip === "") { + fclose($fp); + return 0; + } + $is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpendip) : is_ipaddrv4($dhcpendip); + $is_inrange = is_inrange($dhcpendip, $subnet_start, $subnet_end); + if (!$is_inrange) { + echo gettext("This IP address must be in the interface's subnet") . "\n"; + } + $not_inorder = ($version === 6) ? (inet_pton($dhcpendip) < inet_pton($dhcpstartip)) : ip_less_than($dhcpendip, $dhcpstartip); + if ($not_inorder) { + echo gettext("The end address of the DHCP range must be >= the start address") . "\n"; + } + } while (!$is_ipaddr || !$is_inrange); + } while ($not_inorder); + $restart_dhcpd = true; + $config[$dhcpd][$interface]['enable'] = true; + $config[$dhcpd][$interface]['range']['from'] = $dhcpstartip; + $config[$dhcpd][$interface]['range']['to'] = $dhcpendip; + } else { + if (isset($config[$dhcpd][$interface]['enable'])) { + unset($config[$dhcpd][$interface]['enable']); + printf(gettext("Disabling %s DHCPD..."), $label_IPvX); + $restart_dhcpd = true; + } + } + return 1; +} + +if (console_configure_dhcpd(4) == 0) { + return 0; +} +if (console_configure_dhcpd(6) == 0) { + return 0; +} + +//***************************************************************************** + +if ($config['system']['webgui']['protocol'] == "https") { + + if (console_prompt_for_yn (gettext("Do you want to revert to HTTP as the webConfigurator protocol?"))) { + $config['system']['webgui']['protocol'] = "http"; + $restart_webgui = true; + } +} + +if (isset($config['system']['webgui']['noantilockout'])) { + echo "\n" . sprintf(gettext("Note: the anti-lockout rule on %s has been re-enabled."), $interface) . "\n"; + unset($config['system']['webgui']['noantilockout']); +} + +if ($config['interfaces']['lan']) { + if ($config['dhcpd']) { + if ($config['dhcpd']['wan']) { + unset($config['dhcpd']['wan']); + } + } + if ($config['dhcpdv6']) { + if ($config['dhcpdv6']['wan']) { + unset($config['dhcpdv6']['wan']); + } + } +} + +if (!$config['interfaces']['lan']) { + unset($config['interfaces']['lan']); + if ($config['dhcpd']['lan']) { + unset($config['dhcpd']['lan']); + } + if ($config['dhcpdv6']['lan']) { + unset($config['dhcpdv6']['lan']); + } + unset($config['shaper']); + unset($config['ezshaper']); + unset($config['nat']); + if (!$dry_run) { + system("rm /var/dhcpd/var/db/* >/dev/null 2>/dev/null"); + $restart_dhcpd = true; + } +} + +$upperifname = strtoupper($interface); +if (!$dry_run) { + echo "\nPlease wait while the changes are saved to {$upperifname}..."; + write_config(sprintf(gettext("%s IP configuration from console menu"), $interface)); + interface_reconfigure(strtolower($upperifname)); + echo "\n Reloading filter..."; + filter_configure_sync(); + echo "\n Reloading routing configuration..."; + system_routing_configure(); + if ($restart_dhcpd) { + echo "\n DHCPD..."; + services_dhcpd_configure(); + } + if ($restart_webgui) { + echo "\n Restarting webConfigurator... "; + mwexec("/etc/rc.restart_webgui"); + } +} + +if ($intip != '') { + if (is_ipaddr($intip)) { + echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"), + $upperifname, "{$intip}/{$intbits}") . "\n"; + } else { + echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"), + $upperifname, $intip) . "\n"; + } +} +if ($intip6 != '') { + if (is_ipaddr($intip6)) { + echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"), + $upperifname, "${intip6}/${intbits6}") . "\n"; + } else { + echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"), + $upperifname, $intip6) . "\n"; + } +} + +if ($intip != '' || $intip6 != '') { + if (count($ifdescrs) == "1" or $interface == "lan") { + if ($debug) { + echo "ifdescrs count is " . count($ifdescrs) . "\n"; + echo "interface is {$interface} \n"; + } + echo gettext('You can now access the webConfigurator by opening the following URL in your web browser:') . "\n"; + if (!empty($config['system']['webgui']['port'])) { + $webuiport = $config['system']['webgui']['port']; + if ($intip != '') { + echo " {$config['system']['webgui']['protocol']}://{$intip}:{$webuiport}/\n"; + } + if ($intip6 != '') { + if (is_ipaddr($intip6)) { + echo " {$config['system']['webgui']['protocol']}://[{$intip6}]:{$webuiport}/\n"; + } else { + echo " {$config['system']['webgui']['protocol']}://{$intip6}:{$webuiport}/\n"; + } + } + } else { + if ($intip != '') { + echo " {$config['system']['webgui']['protocol']}://{$intip}/\n"; + } + if ($intip6 != '') { + if (is_ipaddr($intip6)) { + echo " {$config['system']['webgui']['protocol']}://[{$intip6}]/\n"; + } else { + echo " {$config['system']['webgui']['protocol']}://{$intip6}/\n"; + } + } + } + } +} + +echo "\n" . gettext('Press <ENTER> to continue.'); + +fgets($fp); +fclose($fp); + +?> |