From 46bc6e545a17e77202aaf01ec0cd8d5a46567525 Mon Sep 17 00:00:00 2001
From: Renato Botelho <renato@netgate.com>
Date: Tue, 25 Aug 2015 08:08:24 -0300
Subject: Move main pfSense content to src/

---
 src/etc/rc.newwanipv6 | 204 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 204 insertions(+)
 create mode 100755 src/etc/rc.newwanipv6

(limited to 'src/etc/rc.newwanipv6')

diff --git a/src/etc/rc.newwanipv6 b/src/etc/rc.newwanipv6
new file mode 100755
index 0000000..1030d96
--- /dev/null
+++ b/src/etc/rc.newwanipv6
@@ -0,0 +1,204 @@
+#!/usr/local/bin/php-cgi -f
+<?php
+/*
+	rc.newwanipv6
+	Copyright (C) 2006 Scott Ullrich (sullrich@gmail.com)
+	part of pfSense (https://www.pfsense.org)
+
+	Originally part of m0n0wall (http://m0n0.ch)
+	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/* parse the configuration and include all functions used below */
+require_once("globals.inc");
+require_once("config.inc");
+require_once("functions.inc");
+require_once("filter.inc");
+require_once("shaper.inc");
+require_once("ipsec.inc");
+require_once("vpn.inc");
+require_once("openvpn.inc");
+require_once("IPv6.inc");
+require_once("services.inc");
+require_once("rrd.inc");
+
+function restart_packages() {
+	global $oldipv6, $curwanipv6, $g;
+
+	/* restart packages */
+	system_ntp_configure(false);
+	mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true);
+	log_error("{$g['product_name']} package system has detected an IP change or dynamic WAN reconnection - $oldipv6 -> $curwanipv6 - Restarting packages.");
+	send_event("service reload packages");
+}
+
+/* Interface IP address has changed */
+if (isset($_GET['interface'])) {
+	$argument = $_GET['interface'];
+} else {
+	$argument = trim($argv[1], " \n\t");
+}
+
+log_error("rc.newwanipv6: Info: starting on {$argument}.");
+
+if (empty($argument)) {
+	$interface = "wan";
+	$interface_real = get_real_interface($interface, "inet6");
+	$curwanipv6 = get_interface_ipv6($interface, true);
+} else {
+	$interface_real = $argument;
+	$interface = convert_real_interface_to_friendly_interface_name($interface_real);
+	$curwanipv6 = get_interface_ipv6($interface, true);
+}
+
+$interface_descr = convert_friendly_interface_to_friendly_descr($interface);
+
+if (empty($interface)) {
+	filter_configure();
+	// restart_packages();
+	return;
+}
+
+//Do not process while booting
+if (platform_booting() && $config['interfaces'][$interface]['ipaddrv6'] != "dhcp6") {
+	return;
+}
+
+/*
+ * NOTE: Take care of openvpn and similar if you generate the event to reconfigure an interface.
+ *	i.e. OpenVPN might be in tap mode and not have an ip.
+ */
+if ((empty($curwanipv6) || !is_ipaddrv6($curwanipv6)) && substr($interface_real, 0, 4) != "ovpn") {
+	log_error("rc.newwanipv6: Failed to update {$interface_descr}[{$interface}] IPv6, restarting...");
+	// send_event("interface reconfigure {$interface}");
+	return;
+}
+
+if (isset($_GET['dmips'])) {
+	$new_domain_name_servers = $_GET['dmips'];
+} else {
+	$new_domain_name_servers = getenv("new_domain_name_servers");
+}
+
+if (!empty($new_domain_name_servers)) {
+	$name_servers = explode(" ", $new_domain_name_servers);
+	$valid_ns = array();
+	foreach ($name_servers as $ns) {
+		if (is_ipaddrv6(trim($ns))) {
+			$valid_ns[] = trim($ns);
+		}
+	}
+
+	if (count($valid_ns > 0)) {
+		file_put_contents("{$g['varetc_path']}/nameserver_v6{$interface}", implode("\n", $valid_ns));
+	}
+}
+if (isset($_GET['dmnames'])) {
+	$new_domain_name = $_GET['dmnames'];
+} else {
+	$new_domain_name = getenv("new_domain_name");
+}
+
+if (!empty($new_domain_name)) {
+	file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $new_domain_name);
+}
+
+/* write current WAN IPv6 to file */
+if (is_ipaddrv6($curwanipv6)) {
+	@file_put_contents("{$g['vardb_path']}/{$interface}_ipv6", $curwanipv6);
+}
+
+log_error("rc.newwanipv6: on (IP address: {$curwanipv6}) (interface: {$interface}) (real interface: {$interface_real}).");
+
+$oldipv6 = '';
+if (file_exists("{$g['vardb_path']}/{$interface}_cacheipv6")) {
+	$oldipv6 = file_get_contents("{$g['vardb_path']}/{$interface}_cacheipv6");
+}
+
+$grouptmp = link_interface_to_group($interface);
+if (!empty($grouptmp)) {
+	array_walk($grouptmp, 'interface_group_add_member');
+}
+
+link_interface_to_track6($interface, "update");
+
+/* regenerate resolv.conf if DNS overrides are allowed */
+system_resolvconf_generate(true);
+
+/* reconfigure static routes (kernel may have deleted them) */
+system_routing_configure($interface);
+
+/* reconfigure our gateway monitor */
+setup_gateways_monitor();
+
+/* signal filter reload */
+filter_configure();
+
+if (empty($oldipv6) || is_ipaddrv6($oldipv6)) {
+	if ($curwanipv6 == $oldipv6) {
+		// Still need to sync VPNs on PPPoE and such, as even with the same IP the VPN software is unhappy with the IP disappearing.
+		if (in_array($config['interfaces'][$interface]['ipaddrv6'], array('pppoe', 'pptp', 'ppp'))) {
+			/* reconfigure IPsec tunnels */
+			vpn_ipsec_force_reload($interface);
+
+			/* start OpenVPN server & clients */
+			if (substr($interface_real, 0, 4) != "ovpn") {
+				openvpn_resync_all($interface);
+			}
+		}
+		return;
+	} else if (does_interface_exist($interface_real) && !empty($oldipv6)) {
+		mwexec("/sbin/ifconfig {$interface_real} inet6 {$oldipv6} delete");
+	}
+
+	file_put_contents("{$g['vardb_path']}/{$interface}_cacheipv6", $curwanipv6);
+}
+
+/* reload unbound */
+services_unbound_configure();
+
+/* perform RFC 2136 DNS update */
+services_dnsupdate_process($interface);
+
+/* signal dyndns update */
+services_dyndns_configure($interface);
+
+/* reconfigure IPsec tunnels */
+vpn_ipsec_force_reload($interface);
+
+/* start OpenVPN server & clients */
+if (substr($interface_real, 0, 4) != "ovpn") {
+	openvpn_resync_all($interface);
+}
+
+/* reload graphing functions */
+enable_rrd_graphing();
+
+/* reload igmpproxy */
+services_igmpproxy_configure();
+
+restart_packages();
+
+?>
-- 
cgit v1.1