1 files changed, 556 insertions, 0 deletions
diff --git a/src/etc/rc.initial.setlanip b/src/etc/rc.initial.setlanip
new file mode 100755
index 0000000..e33a05a
--- /dev/null
+++ b/src/etc/rc.initial.setlanip
@@ -0,0 +1,556 @@
+#!/usr/local/bin/php-cgi -q
+<?php
+/* $Id$ */
+/*
+	rc.initial.setlanip
+	part of m0n0wall (http://m0n0.ch/wall)
+
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$options = getopt("hn", array("dry-run", "help"));
+
+if (isset($options["h"]) || isset($options["help"])) {
+	echo "usage: /etc/rc.initial.setlanip [option ...]\n";
+	echo "  -h, --help       show this message\n";
+	echo "  -n, --dry-run    do not make any configuration changes\n";
+	return 0;
+}
+
+$dry_run = isset($options["n"]) || isset($options["dry-run"]);
+if ($dry_run) {
+	echo "DRY RUN MODE IS ON\n";
+}
+
+/* parse the configuration and include all functions used below */
+require_once("config.inc");
+require_once("functions.inc");
+require_once("filter.inc");
+require_once("shaper.inc");
+require_once("rrd.inc");
+
+function console_prompt_for_yn ($prompt_text) {
+	global $fp;
+
+	$good_answer = false;
+
+	do {
+		echo "\n" . $prompt_text . " (y/n) ";
+		$yn = strtolower(chop(fgets($fp)));
+		if (($yn == "y") || ($yn == "yes")) {
+			$boolean_answer = true;
+			$good_answer = true;
+		}
+		if (($yn == "n") || ($yn == "no")) {
+			$boolean_answer = false;
+			$good_answer = true;
+		}
+	} while (!$good_answer);
+
+	return $boolean_answer;
+}
+
+function console_get_interface_from_ppp($realif) {
+	global $config;
+
+	if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
+		foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
+			if ($realif == $ppp['if']) {
+				$ifaces = explode(",", $ppp['ports']);
+				return $ifaces[0];
+			}
+		}
+	}
+
+	return "";
+}
+
+function prompt_for_enable_dhcp_server($version = 4) {
+	global $config, $fp, $interface;
+	if ($interface == "wan") {
+		if ($config['interfaces']['lan']) {
+			return false;
+		}
+	}
+	/* only allow DHCP server to be enabled when static IP is
+	   configured on this interface */
+	if ($version === 6) {
+		$is_ipaddr = is_ipaddrv6($config['interfaces'][$interface]['ipaddrv6']);
+	} else {
+		$is_ipaddr = is_ipaddrv4($config['interfaces'][$interface]['ipaddr']);
+	}
+	if (!($is_ipaddr)) {
+		return false;
+	}
+
+	$label_DHCP = ($version === 6) ? "DHCP6" : "DHCP";
+	$upperifname = strtoupper($interface);
+	return console_prompt_for_yn (sprintf(gettext("Do you want to enable the %s server on %s?"), $label_DHCP, $upperifname));
+}
+
+function get_interface_config_description($iface) {
+	global $config;
+	$c = $config['interfaces'][$iface];
+	if (!$c) {
+		return null;
+	}
+	$if = $c['if'];
+	$result = $if;
+	$result2 = array();
+	$ipaddr = $c['ipaddr'];
+	$ipaddrv6 = $c['ipaddrv6'];
+	if (is_ipaddr($ipaddr)) {
+		$result2[] = "static";
+	} else if ($ipaddr == "dhcp") {
+		$result2[] = "dhcp";
+	}
+	if (is_ipaddr($ipaddrv6)) {
+		$result2[] = "staticv6";
+	} else if ($ipaddrv6 == "dhcp6") {
+		$result2[] = "dhcp6";
+	}
+	if (count($result2)) {
+		$result .= " - " . implode(", ", $result2);
+	}
+	return $result;
+}
+
+$fp = fopen('php://stdin', 'r');
+
+/* build an interface collection */
+$ifdescrs = get_configured_interface_with_descr(false, true);
+$count = count($ifdescrs);
+
+/* grab interface that we will operate on, unless there is only one interface */
+if ($count > 1) {
+	echo "Available interfaces:\n\n";
+	$x=1;
+	foreach ($ifdescrs as $iface => $ifdescr) {
+		$config_descr = get_interface_config_description($iface);
+		echo "{$x} - {$ifdescr} ({$config_descr})\n";
+		$x++;
+	}
+	echo "\nEnter the number of the interface you wish to configure: ";
+	$intnum = chop(fgets($fp));
+} else {
+	$intnum = $count;
+}
+
+if ($intnum < 1) {
+	return;
+}
+if ($intnum > $count) {
+	return;
+}
+
+$index = 1;
+foreach ($ifdescrs as $ifname => $ifdesc) {
+	if ($intnum == $index) {
+		$interface = $ifname;
+		break;
+	} else {
+		$index++;
+	}
+}
+if (!$interface) {
+	echo "Invalid interface!\n";
+	return;
+}
+
+$ifaceassigned = "";
+
+function next_unused_gateway_name($interface) {
+	global $g, $config;
+	$new_name = "GW_" . strtoupper($interface);
+
+	if (!is_array($config['gateways']['gateway_item'])) {
+		return $new_name;
+	}
+	$count = 1;
+	do {
+		$existing = false;
+		foreach ($config['gateways']['gateway_item'] as $item) {
+			if ($item['name'] === $new_name) {
+				$existing = true;
+				break;
+			}
+		}
+		if ($existing) {
+			$count += 1;
+			$new_name = "GW_" . strtoupper($interface) . "_" . $count;
+		}
+	} while ($existing);
+	return $new_name;
+}
+
+function add_gateway_to_config($interface, $gatewayip, $inet_type) {
+	global $g, $config, $dry_run;
+	if (!is_array($config['gateways']['gateway_item'])) {
+		$config['gateways']['gateway_item'] = array();
+	}
+	$a_gateways = &$config['gateways']['gateway_item'];
+	if ($dry_run) {
+		print_r($a_gateways);
+	}
+	$new_name = '';
+	$is_default = true;
+	foreach ($a_gateways as $item) {
+		if ($item['ipprotocol'] === $inet_type) {
+			if (isset($item['defaultgw'])) {
+				$is_default = false;
+			}
+			if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip)) {
+				$new_name = $item['name'];
+			}
+		}
+	}
+	if ($new_name == '') {
+		$new_name = next_unused_gateway_name($interface);
+		$item = array(
+			"interface" => $interface,
+			"gateway" => $gatewayip,
+			"name" => $new_name,
+			"weight" => 1,
+			"ipprotocol" => $inet_type,
+			"interval" => true,
+			"descr" => "Interface $interface Gateway",
+			"defaultgw" => $is_default
+		);
+		if ($dry_run) {
+			print_r($item);
+		}
+		$a_gateways[] = $item;
+	}
+
+	return $new_name;
+}
+
+function console_configure_ip_address($version) {
+	global $g, $config, $interface, $restart_dhcpd, $ifaceassigned, $fp;
+
+	$label_IPvX = ($version === 6) ? "IPv6"   : "IPv4";
+	$maxbits    = ($version === 6) ? 127      : 31;
+	$label_DHCP = ($version === 6) ? "DHCP6"  : "DHCP";
+
+	$upperifname = strtoupper($interface);
+
+	if ($interface == "wan") {
+		if (console_prompt_for_yn (sprintf(gettext("Configure %s address %s interface via %s?"), $label_IPvX, $upperifname, $label_DHCP))) {
+			$ifppp = console_get_interface_from_ppp(get_real_interface("wan"));
+			if (!empty($ifppp)) {
+				$ifaceassigned = $ifppp;
+			}
+			$intip = ($version === 6) ? "dhcp6" : "dhcp";
+			$intbits = "";
+			$isintdhcp = true;
+			$restart_dhcpd = true;
+		}
+	}
+
+	if ($isintdhcp == false or $interface <> "wan") {
+		while (true) {
+			do {
+				echo "\n" . sprintf(gettext("Enter the new %s %s address.  Press <ENTER> for none:"),
+							$upperifname, $label_IPvX) . "\n> ";
+				$intip = chop(fgets($fp));
+				$is_ipaddr = ($version === 6) ? is_ipaddrv6($intip) : is_ipaddrv4($intip);
+				if ($is_ipaddr && is_ipaddr_configured($intip, $interface, true)) {
+					$ip_conflict = true;
+					echo gettext("This IP address conflicts with another interface or a VIP") . "\n";
+				} else {
+					$ip_conflict = false;
+				}
+			} while (($ip_conflict === true) || !($is_ipaddr || $intip == ''));
+			if ($intip != '') {
+				echo "\n" . sprintf(gettext("Subnet masks are entered as bit counts (as in CIDR notation) in %s."),
+							$g['product_name']) . "\n";
+				if ($version === 6) {
+					echo "e.g. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 = 120\n";
+					echo "     ffff:ffff:ffff:ffff:ffff:ffff:ffff:0    = 112\n";
+					echo "     ffff:ffff:ffff:ffff:ffff:ffff:0:0       =  96\n";
+					echo "     ffff:ffff:ffff:ffff:ffff:0:0:0          =  80\n";
+					echo "     ffff:ffff:ffff:ffff:0:0:0:0             =  64\n";
+				} else {
+					echo "e.g. 255.255.255.0 = 24\n";
+					echo "     255.255.0.0   = 16\n";
+					echo "     255.0.0.0     = 8\n";
+				}
+				do {
+					$upperifname = strtoupper($interface);
+					echo "\n" . sprintf(gettext("Enter the new %s %s subnet bit count (1 to %s):"),
+								$upperifname, $label_IPvX, $maxbits) . "\n> ";
+					$intbits = chop(fgets($fp));
+					$intbits_ok = is_numeric($intbits) && (($intbits >= 1) && ($intbits <= $maxbits));
+					$restart_dhcpd = true;
+
+					if ($version === 4 && $intbits < $maxbits) {
+						if ($intip == gen_subnet($intip, $intbits)) {
+							echo gettext("You cannot set network address to an interface");
+							continue 2;
+							$intbits_ok = false;
+						} else if ($intip == gen_subnet_max($intip, $intbits)) {
+							echo gettext("You cannot set broadcast address to an interface");
+							continue 2;
+							$intbits_ok = false;
+						}
+					}
+				} while (!$intbits_ok);
+
+				if ($version === 6) {
+					$subnet = gen_subnetv6($intip, $intbits);
+				} else {
+					$subnet = gen_subnet($intip, $intbits);
+				}
+				do {
+					echo "\n" . sprintf(gettext("For a WAN, enter the new %s %s upstream gateway address."), $upperifname, $label_IPvX) . "\n" .
+								gettext("For a LAN, press <ENTER> for none:") . "\n> ";
+					$gwip = chop(fgets($fp));
+					$is_ipaddr = ($version === 6) ? is_ipaddrv6($gwip) : is_ipaddrv4($gwip);
+					$is_in_subnet = $is_ipaddr && ip_in_subnet($gwip, $subnet . "/" . $intbits);
+					if ($gwip != '') {
+						if (!$is_ipaddr) {
+							echo sprintf(gettext("not an %s IP address!"), $label_IPvX) . "\n";
+						} else if (!$is_in_subnet) {
+							echo gettext("not in subnet!") . "\n";
+						}
+					}
+				} while (!($gwip == '' || ($is_ipaddr && $is_in_subnet)));
+
+				if ($gwip != '') {
+					$inet_type = ($version === 6) ? "inet6" : "inet";
+					$gwname = add_gateway_to_config($interface, $gwip, $inet_type);
+				}
+			}
+			$ifppp = console_get_interface_from_ppp(get_real_interface($interface));
+			if (!empty($ifppp)) {
+				$ifaceassigned = $ifppp;
+			}
+			break;
+		}
+	}
+
+	return array($intip, $intbits, $gwname);
+}
+
+list($intip,  $intbits,  $gwname)  = console_configure_ip_address(4);
+list($intip6, $intbits6, $gwname6) = console_configure_ip_address(6);
+
+if (!empty($ifaceassigned)) {
+	$config['interfaces'][$interface]['if'] = $ifaceassigned;
+}
+$config['interfaces'][$interface]['ipaddr']    = $intip;
+$config['interfaces'][$interface]['subnet']    = $intbits;
+$config['interfaces'][$interface]['gateway']   = $gwname;
+$config['interfaces'][$interface]['ipaddrv6']  = $intip6;
+$config['interfaces'][$interface]['subnetv6']  = $intbits6;
+$config['interfaces'][$interface]['gatewayv6'] = $gwname6;
+$config['interfaces'][$interface]['enable']    = true;
+
+function console_configure_dhcpd($version = 4) {
+	global $g, $config, $restart_dhcpd, $fp, $interface, $dry_run, $intip, $intbits, $intip6, $intbits6;
+
+	$label_IPvX = ($version === 6) ? "IPv6"    : "IPv4";
+	$dhcpd      = ($version === 6) ? "dhcpdv6" : "dhcpd";
+
+	if ($g['services_dhcp_server_enable'] && prompt_for_enable_dhcp_server($version)) {
+		$subnet_start = ($version === 6) ? gen_subnetv6($intip6, $intbits6) : gen_subnet($intip, $intbits);
+		$subnet_end = ($version === 6) ? gen_subnetv6_max($intip6, $intbits6) : gen_subnet_max($intip, $intbits);
+		do {
+			do {
+				echo sprintf(gettext("Enter the start address of the %s client address range:"), $label_IPvX) . " ";
+				$dhcpstartip = chop(fgets($fp));
+				if ($dhcpstartip === "") {
+					fclose($fp);
+					return 0;
+				}
+				$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpstartip) : is_ipaddrv4($dhcpstartip);
+				$is_inrange = is_inrange($dhcpstartip, $subnet_start, $subnet_end);
+				if (!$is_inrange) {
+					echo gettext("This IP address must be in the interface's subnet") . "\n";
+				}
+			} while (!$is_ipaddr || !$is_inrange);
+
+			do {
+				echo sprintf(gettext("Enter the end address of the %s client address range:"), $label_IPvX) . " ";
+				$dhcpendip = chop(fgets($fp));
+				if ($dhcpendip === "") {
+					fclose($fp);
+					return 0;
+				}
+				$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpendip) : is_ipaddrv4($dhcpendip);
+				$is_inrange = is_inrange($dhcpendip, $subnet_start, $subnet_end);
+				if (!$is_inrange) {
+					echo gettext("This IP address must be in the interface's subnet") . "\n";
+				}
+				$not_inorder = ($version === 6) ? (inet_pton($dhcpendip) < inet_pton($dhcpstartip)) : ip_less_than($dhcpendip, $dhcpstartip);
+				if ($not_inorder) {
+					echo gettext("The end address of the DHCP range must be >= the start address") . "\n";
+				}
+			} while (!$is_ipaddr || !$is_inrange);
+		} while ($not_inorder);
+		$restart_dhcpd = true;
+		$config[$dhcpd][$interface]['enable'] = true;
+		$config[$dhcpd][$interface]['range']['from'] = $dhcpstartip;
+		$config[$dhcpd][$interface]['range']['to'] = $dhcpendip;
+	} else {
+		if (isset($config[$dhcpd][$interface]['enable'])) {
+			unset($config[$dhcpd][$interface]['enable']);
+			printf(gettext("Disabling %s DHCPD..."), $label_IPvX);
+			$restart_dhcpd = true;
+		}
+	}
+	return 1;
+}
+
+if (console_configure_dhcpd(4) == 0) {
+	return 0;
+}
+if (console_configure_dhcpd(6) == 0) {
+	return 0;
+}
+
+//*****************************************************************************
+
+if ($config['system']['webgui']['protocol'] == "https") {
+
+	if (console_prompt_for_yn (gettext("Do you want to revert to HTTP as the webConfigurator protocol?"))) {
+		$config['system']['webgui']['protocol'] = "http";
+		$restart_webgui = true;
+	}
+}
+
+if (isset($config['system']['webgui']['noantilockout'])) {
+	echo "\n" . sprintf(gettext("Note: the anti-lockout rule on %s has been re-enabled."), $interface) . "\n";
+	unset($config['system']['webgui']['noantilockout']);
+}
+
+if ($config['interfaces']['lan']) {
+	if ($config['dhcpd']) {
+		if ($config['dhcpd']['wan']) {
+			unset($config['dhcpd']['wan']);
+		}
+	}
+	if ($config['dhcpdv6']) {
+		if ($config['dhcpdv6']['wan']) {
+			unset($config['dhcpdv6']['wan']);
+		}
+	}
+}
+
+if (!$config['interfaces']['lan']) {
+	unset($config['interfaces']['lan']);
+	if ($config['dhcpd']['lan']) {
+		unset($config['dhcpd']['lan']);
+	}
+	if ($config['dhcpdv6']['lan']) {
+		unset($config['dhcpdv6']['lan']);
+	}
+	unset($config['shaper']);
+	unset($config['ezshaper']);
+	unset($config['nat']);
+	if (!$dry_run) {
+		system("rm /var/dhcpd/var/db/* >/dev/null 2>/dev/null");
+		$restart_dhcpd = true;
+	}
+}
+
+$upperifname = strtoupper($interface);
+if (!$dry_run) {
+	echo "\nPlease wait while the changes are saved to {$upperifname}...";
+	write_config(sprintf(gettext("%s IP configuration from console menu"), $interface));
+	interface_reconfigure(strtolower($upperifname));
+	echo "\n Reloading filter...";
+	filter_configure_sync();
+	echo "\n Reloading routing configuration...";
+	system_routing_configure();
+	if ($restart_dhcpd) {
+		echo "\n DHCPD...";
+		services_dhcpd_configure();
+	}
+	if ($restart_webgui) {
+		echo "\n Restarting webConfigurator... ";
+		mwexec("/etc/rc.restart_webgui");
+	}
+}
+
+if ($intip != '') {
+	if (is_ipaddr($intip)) {
+		echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),
+							  $upperifname, "{$intip}/{$intbits}") . "\n";
+	} else {
+		echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),
+							  $upperifname, $intip) . "\n";
+	}
+}
+if ($intip6 != '') {
+	if (is_ipaddr($intip6)) {
+		echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),
+							  $upperifname, "${intip6}/${intbits6}") . "\n";
+	} else {
+		echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),
+							  $upperifname, $intip6) . "\n";
+	}
+}
+
+if ($intip != '' || $intip6 != '') {
+	if (count($ifdescrs) == "1" or $interface == "lan") {
+		if ($debug) {
+			echo "ifdescrs count is " . count($ifdescrs) . "\n";
+			echo "interface is {$interface} \n";
+		}
+		echo gettext('You can now access the webConfigurator by opening the following URL in your web browser:') . "\n";
+		if (!empty($config['system']['webgui']['port'])) {
+			$webuiport = $config['system']['webgui']['port'];
+			if ($intip != '') {
+				echo "		{$config['system']['webgui']['protocol']}://{$intip}:{$webuiport}/\n";
+			}
+			if ($intip6 != '') {
+				if (is_ipaddr($intip6)) {
+					echo "		{$config['system']['webgui']['protocol']}://[{$intip6}]:{$webuiport}/\n";
+				} else {
+					echo "		{$config['system']['webgui']['protocol']}://{$intip6}:{$webuiport}/\n";
+				}
+			}
+		} else {
+			if ($intip != '') {
+				echo "		{$config['system']['webgui']['protocol']}://{$intip}/\n";
+			}
+			if ($intip6 != '') {
+				if (is_ipaddr($intip6)) {
+					echo "		{$config['system']['webgui']['protocol']}://[{$intip6}]/\n";
+				} else {
+					echo "		{$config['system']['webgui']['protocol']}://{$intip6}/\n";
+				}
+			}
+		}
+	}
+}
+
+echo "\n" . gettext('Press <ENTER> to continue.');
+
+fgets($fp);
+fclose($fp);
+
+?>