"; } else { echo "\n"; echo " \n"; $tabscounter = 0; foreach ($tab_array as $ta) { if ($ta[1] == true) { echo " \n"; } else { echo " \n"; } $tabscounter++; } echo "\n\n"; foreach ($tab_array as $ta) { if ($ta[1] == true) { echo " \n"; } else { echo " \n"; } } echo "\n\n"; foreach ($tab_array as $ta) { if ($ta[1] == true) { echo " \n"; } else { echo " \n"; } $tabscounter++; } echo " \n"; echo "

{$ta[0]}"; echo "   "; echo "	"; echo "{$ta[0]}   "; echo "

\n"; echo ""; } } /****f* pfsense-utils/display_topbar * NAME * display_topbar - top a table off with rounded edges * INPUTS * $text - (optional) Text to include in bar * RESULT * null ******/ function display_topbar($text = "", $bg_color="#990000", $replace_color="#FFFFFF", $rounding_style="smooth") { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; if ($text != "") echo " \n"; else echo " \n"; echo " \n"; echo "

"; echo "
{$text}

"; echo ""; } /****f* pfsense-utils/strncpy * NAME * strncpy - copy strings * INPUTS * &$dst, $src, $length * RESULT * none ******/ function strncpy(&$dst, $src, $length) { if (strlen($src) > $length) { $dst = substr($src, 0, $length); } else { $dst = $src; } } /****f* pfsense-utils/reload_interfaces_sync * NAME * reload_interfaces - reload all interfaces * INPUTS * none * RESULT * none ******/ function reload_interfaces_sync() { global $config, $g; $shutdown_webgui_needed = false; touch("{$g['tmp_path']}/reloading_all"); if($g['debug']) log_error("reload_interfaces_sync() is starting."); if(file_exists("{$g['tmp_path']}/config.cache")) unlink("{$g['tmp_path']}/config.cache"); /* parse config.xml again */ $config = parse_config(true); $wan_if = $config['interfaces']['wan']['if']; if (isset($config['interfaces']['lan'])) $lan_if = $config['interfaces']['lan']['if']; else $lan_if = ""; if($g['debug']) log_error("Cleaning up Interfaces"); /* if list */ $iflist = get_configured_interface_list(true); foreach ($iflist as $ifent => $ifname) { $ifname_real = convert_friendly_interface_to_real_interface_name($ifname); if(stristr($ifname, "lo0") == true) continue; /* do not process wan interface, its mandatory */ if(stristr($ifname, "$wan_if") == true) continue; /* do not process lan interface, its mandatory */ if(stristr($ifname, "$lan_if") == true) continue; if($g['debug']) log_error("Downing and deleting $ifname_real - $ifname"); mwexec("/sbin/ifconfig {$ifname_real} down"); mwexec("/sbin/ifconfig {$ifname_real} delete"); } /* set up interfaces */ interfaces_configure(); /* set up static routes */ if($g['debug']) log_error("Configuring system Routing"); system_routing_configure(); /* enable routing */ if($g['debug']) log_error("Enabling system routing"); system_routing_enable(); /* setup captive portal if needed */ if($g['debug']) log_error("Configuring Captive portal"); captiveportal_configure(); /* restart webConfigurator if needed */ if($shutdown_webgui_needed == true) touch("/tmp/restart_webgui"); /* start devd back up */ mwexec("/bin/rm /tmp/reload*"); /* remove reloading_all trigger */ if($g['debug']) log_error("Removing {$g['tmp_path']}/reloading_all"); unlink_if_exists("{$g['tmp_path']}/reloading_all"); } /****f* pfsense-utils/reload_all * NAME * reload_all - triggers a reload of all settings * * INPUTS * none * RESULT * none ******/ function reload_all() { touch("/tmp/reload_all"); } /****f* pfsense-utils/reload_interfaces * NAME * reload_interfaces - triggers a reload of all interfaces * INPUTS * none * RESULT * none ******/ function reload_interfaces() { touch("/tmp/reload_interfaces"); } /****f* pfsense-utils/reload_all_sync * NAME * reload_all - reload all settings * * INPUTS * none * RESULT * none ******/ function reload_all_sync() { global $config, $g; $g['booting'] = false; touch("{$g['tmp_path']}/reloading_all"); $shutdown_webgui_needed = false; if(file_exists("{$g['tmp_path']}/config.cache")) unlink("{$g['tmp_path']}/config.cache"); /* parse config.xml again */ $config = parse_config(true); /* set up our timezone */ system_timezone_configure(); /* set up our hostname */ system_hostname_configure(); /* make hosts file */ system_hosts_generate(); /* generate resolv.conf */ system_resolvconf_generate(); /* Set up our loopback interface */ interfaces_loopback_configure(); $wan_if = $config['interfaces']['wan']['if']; if (isset($config['interfaces']['lan'])) $lan_if = $config['interfaces']['lan']['if']; else $lan_if = ""; /* if list */ $iflist = get_configured_interface_list(); foreach ($iflist as $ifent => $ifname) { $ifname_real = convert_friendly_interface_to_real_interface_name($ifname); if(stristr($ifname, "lo0") == true) continue; /* do not process wan interface, its mandatory */ if($wan_if == $ifname_real) continue; /* do not process lan interface, its mandatory */ if($lan_if == $ifname_real) continue; mwexec("/sbin/ifconfig {$ifname_real} down"); mwexec("/sbin/ifconfig {$ifname_real} delete"); } /* set up interfaces */ interfaces_configure(); /* set up static routes */ system_routing_configure(); /* enable routing */ system_routing_enable(); /* ensure passwords are sync'd */ // system_password_configure(); /* start dnsmasq service */ services_dnsmasq_configure(); /* start dyndns service */ services_dyndns_configure(); /* start DHCP service */ services_dhcpd_configure(); /* configure cron service */ configure_cron(); /* start the NTP client */ system_ntp_configure(); /* start the captive portal */ captiveportal_configure(); /* reload the filter */ filter_configure_sync(); /* sync pw database */ conf_mount_rw(); mwexec("/usr/sbin/pwd_mkdb -d /etc/ /etc/master.passwd"); conf_mount_ro(); /* restart sshd */ touch("/tmp/start_sshd"); /* restart webConfigurator if needed */ if($shutdown_webgui_needed == true) touch("/tmp/restart_webgui"); mwexec("/bin/rm /tmp/reload*"); unlink_if_exists("{$g['tmp_path']}/reloading_all"); } function auto_login($status) { $gettytab = file_get_contents("/etc/gettytab"); $getty_split = split("\n", $gettytab); conf_mount_rw(); $fd = fopen("/etc/gettytab", "w"); foreach($getty_split as $gs) { if(stristr($gs, ":ht:np:sp#115200") ) { if($status == true) { fwrite($fd, " :ht:np:sp#115200:al=root:\n"); } else { fwrite($fd, " :ht:np:sp#115200:\n"); } } else { fwrite($fd, "{$gs}\n"); } } fclose($fd); conf_mount_ro(); } function setup_serial_port() { global $g, $config; conf_mount_rw(); /* serial console - write out /boot.config */ if(file_exists("/boot.config")) $boot_config = file_get_contents("/boot.config"); else $boot_config = ""; if($g['platform'] <> "cdrom") { $boot_config_split = split("\n", $boot_config); $fd = fopen("/boot.config","w"); if($fd) { foreach($boot_config_split as $bcs) { if(stristr($bcs, "-D")) { /* DONT WRITE OUT, WE'LL DO IT LATER */ } else { if($bcs <> "") fwrite($fd, "{$bcs}\n"); } } if(isset($config['system']['enableserial'])) { fwrite($fd, "-D"); } fclose($fd); } /* serial console - write out /boot/loader.conf */ $boot_config = file_get_contents("/boot/loader.conf"); $boot_config_split = split("\n", $boot_config); $fd = fopen("/boot/loader.conf","w"); if($fd) { foreach($boot_config_split as $bcs) { if(stristr($bcs, "console")) { /* DONT WRITE OUT, WE'LL DO IT LATER */ } else { if($bcs <> "") fwrite($fd, "{$bcs}\n"); } } if(isset($config['system']['enableserial'])) { fwrite($fd, "console=\"comconsole\"\n"); } fclose($fd); } } $ttys = file_get_contents("/etc/ttys"); $ttys_split = split("\n", $ttys); $fd = fopen("/etc/ttys", "w"); foreach($ttys_split as $tty) { if(stristr($tty, "ttyd0")) { if(isset($config['system']['enableserial'])) { fwrite($fd, "ttyd0 \"/usr/libexec/getty bootupcli\" dialup on secure\n"); } else { fwrite($fd, "ttyd0 \"/usr/libexec/getty bootupcli\" dialup off secure\n"); } } else { fwrite($fd, $tty . "\n"); } } fclose($fd); if(isset($config['system']['disableconsolemenu'])) { auto_login(false); } else { auto_login(true); } conf_mount_ro(); return; } function print_value_list($list, $count = 10, $separator = ",") { $list = implode($separator, array_slice($list, 0, $count)); if(count($list) < $count) { $list .= "."; } else { $list .= "..."; } return $list; } /* DHCP enabled on any interfaces? */ function is_dhcp_server_enabled() { global $config; $dhcpdenable = false; if (!is_array($config['dhcpd'])) return false; $Iflist = get_configured_interface_list(); foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { if (isset($dhcpifconf['enable']) && isset($Iflist[$dhcpif])) { $dhcpdenable = true; break; } } return $dhcpdenable; } /****f* pfsense-utils/isAjax * NAME * isAjax - reports if the request is driven from prototype * INPUTS * none * RESULT * true/false ******/ function isAjax() { return isset ($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'; } //returns interface information function get_interface_info($ifdescr) { global $config, $linkinfo, $netstatrninfo; $ifinfo = array(); /* if list */ $iflist = get_configured_interface_with_descr(false,true); $found = false; foreach ($iflist as $if => $ifname) { if ($ifdescr == $if || $ifdescr == $ifname) { $ifinfo['hwif'] = $config['interfaces'][$if]['if']; $ifinfo['if'] = get_real_interface($if); $found = true; break; } } if ($found == false) return; /* run netstat to determine link info */ unset($linkinfo); if ($ifinfo['if'] != $ifinfo['hwif']) $chkif = $ifinfo['hwif']; else $chkif = $ifinfo['if']; exec("/usr/bin/netstat -I {$chkif} -nWb -f link", $linkinfo); $linkinfo = preg_split("/\s+/", $linkinfo[1]); if ("{$chkif}*" == $linkinfo[0]) $ifinfo['status'] = "down"; else if ($chkif == $linkinfo[0]) $ifinfo['status'] = "up"; else $ifinfo['status'] = "down"; if (preg_match("/^enc|^tun|^ppp|^pptp|^ovpn/i", $ifinfo['if'])) { $ifinfo['inpkts'] = $linkinfo[3]; $ifinfo['outpkts'] = $linkinfo[6]; } else { $ifinfo['macaddr'] = $linkinfo[3]; $ifinfo['inerrs'] = $linkinfo[5]; $ifinfo['outerrs'] = $linkinfo[8]; $ifinfo['collisions'] = $linkinfo[10]; } /* Use pfctl for non wrapping 64 bit counters */ /* Pass */ exec("/sbin/pfctl -vvsI -i {$ifinfo['if']}", $pfctlstats); $pf_in4_pass = preg_split("/ +/ ", $pfctlstats[3]); $pf_out4_pass = preg_split("/ +/", $pfctlstats[5]); $in4_pass = $pf_in4_pass[5]; $out4_pass = $pf_out4_pass[5]; $in4_pass_packets = $pf_in4_pass[3]; $out4_pass_packets = $pf_out4_pass[3]; $ifinfo['inbytespass'] = $in4_pass; $ifinfo['outbytespass'] = $out4_pass; $ifinfo['inpktspass'] = $in4_pass_packets; $ifinfo['outpktspass'] = $out4_pass_packets; /* Block */ $pf_in4_block = preg_split("/ +/", $pfctlstats[4]); $pf_out4_block = preg_split("/ +/", $pfctlstats[6]); $in4_block = $pf_in4_block[5]; $out4_block = $pf_out4_block[5]; $in4_block_packets = $pf_in4_block[3]; $out4_block_packets = $pf_out4_block[3]; $ifinfo['inbytesblock'] = $in4_block; $ifinfo['outbytesblock'] = $out4_block; $ifinfo['inpktsblock'] = $in4_block_packets; $ifinfo['outpktsblock'] = $out4_block_packets; $ifinfo['inbytes'] = $in4_pass + $in4_block; $ifinfo['outbytes'] = $out4_pass + $out4_block; $ifinfo['inpkts'] = $in4_pass_packets + $in4_block_packets; $ifinfo['outpkts'] = $in4_pass_packets + $out4_block_packets; $ifconfiginfo = ""; unset($ifconfiginfo, $link0); exec("/sbin/ifconfig " . $ifinfo['if'], $ifconfiginfo); foreach ($ifconfiginfo as $ici) { if (preg_match("/inet (\S+)/", $ici, $matches)) { $ifinfo['ipaddr'] = $matches[1]; } if (preg_match("/netmask (\S+)/", $ici, $matches)) { if (preg_match("/^0x/", $matches[1])) { $ifinfo['subnet'] = long2ip(hexdec($matches[1])); } } if (strpos($ici, 'LINK0') !== false) { $link0 = "down"; } } switch ($config['interfaces'][$if]['ipaddr']) { /* DHCP? -> see if dhclient is up */ case "dhcp": /* see if dhclient is up */ if (is_dhcp_running($ifinfo['if']) == true) $ifinfo['dhcplink'] = "up"; else $ifinfo['dhcplink'] = "down"; break; case "carpdev-dhcp": /* see if dhclient is up */ if (is_dhcp_running($ifinfo['if']) == true) $ifinfo['dhcplink'] = "up"; else $ifinfo['dhcplink'] = "down"; break; /* PPPoE interface? -> get status from virtual interface */ case "pppoe": unset($linkinfo); exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo); $linkinfo = preg_split("/\s+/", $linkinfo[1]); if ("{$ifinfo['if']}*" == $linkinfo[0]) $ifinfo['pppoelink'] = "down"; else if ($ifinfo['if'] == $linkinfo[0] && !isset($link0)) /* get PPPoE link status for dial on demand */ $ifinfo['pppoelink'] = "up"; else $ifinfo['pppoelink'] = "down"; break; /* PPTP interface? -> get status from virtual interface */ case "pptp": unset($linkinfo); exec("/usr/bin/netstat -I " . $ifinfo['if'] . " -nWb -f link", $linkinfo); $linkinfo = preg_split("/\s+/", $linkinfo[1]); if ("{$ifinfo['if']}*" == $linkinfo[0]) $ifinfo['pptplink'] = "down"; else if ($ifinfo['if'] == $linkinfo[0] && !isset($link0)) /* get PPTP link status for dial on demand */ $ifinfo['pptplink'] = "up"; else $ifinfo['pptplink'] = "down"; break; default: break; } if ($ifinfo['status'] == "up") { /* try to determine media with ifconfig */ unset($ifconfiginfo); exec("/sbin/ifconfig " . $ifinfo['hwif'], $ifconfiginfo); $matches = ""; foreach ($ifconfiginfo as $ici) { /* don't list media/speed for wireless cards, as it always displays 2 Mbps even though clients can connect at 11 Mbps */ if (preg_match("/media: .*? \((.*?)\)/", $ici, $matches)) { $ifinfo['media'] = $matches[1]; } else if (preg_match("/media: Ethernet (.*)/", $ici, $matches)) { $ifinfo['media'] = $matches[1]; } else if (preg_match("/media: IEEE 802.11 Wireless Ethernet (.*)/", $ici, $matches)) { $ifinfo['media'] = $matches[1]; } if (preg_match("/status: (.*)$/", $ici, $matches)) { if ($matches[1] != "active") $ifinfo['status'] = $matches[1]; } if (preg_match("/channel (\S*)/", $ici, $matches)) { $ifinfo['channel'] = $matches[1]; } if (preg_match("/ssid (\".*?\"|\S*)/", $ici, $matches)) { if ($matches[1][0] == '"') $ifinfo['ssid'] = substr($matches[1], 1, -1); else $ifinfo['ssid'] = $matches[1]; } } /* lookup the gateway */ if (interface_has_gateway($if)) $ifinfo['gateway'] = get_interface_gateway($if); } $bridge = ""; $bridge = link_interface_to_bridge($ifdescr); if($bridge) { $bridge_text = `/sbin/ifconfig {$bridge}`; if(stristr($bridge_text, "blocking") <> false) { $ifinfo['bridge'] = "blocking - check for ethernet loops"; $ifinfo['bridgeint'] = $bridge; } else if(stristr($bridge_text, "learning") <> false) { $ifinfo['bridge'] = "learning"; $ifinfo['bridgeint'] = $bridge; } else if(stristr($bridge_text, "forwarding") <> false) { $ifinfo['bridge'] = "forwarding"; $ifinfo['bridgeint'] = $bridge; } } return $ifinfo; } //returns cpu speed of processor. Good for determining capabilities of machine function get_cpu_speed() { return exec("sysctl hw.clockrate | awk '{ print $2 }'"); } /* check if the wan interface is up * Wait for a maximum of 10 seconds * If the interface is up before then continue */ function is_wan_interface_up($interface) { global $g; global $config; $i = 0; while($i < 10) { if(get_interface_gateway($interface)) { return true; } else { sleep(1); } $i++; } return false; } function add_hostname_to_watch($hostname) { if(!is_dir("/var/db/dnscache")) { mkdir("/var/db/dnscache"); } if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { $domrecords = array(); $domips = array(); exec("host -t A $hostname", $domrecords, $rethost); if($rethost == 0) { foreach($domrecords as $domr) { $doml = explode(" ", $domr); $domip = $doml[3]; /* fill array with domain ip addresses */ if(is_ipaddr($domip)) { $domips[] = $domip; } } } sort($domips); $contents = ""; if(! empty($domips)) { foreach($domips as $ip) { $contents .= "$ip\n"; } } file_put_contents("/var/db/dnscache/$hostname", $contents); } } function find_dns_aliases() { global $config, $g; foreach((array) $config['aliases']['alias'] as $alias) { $alias_value = $alias['address']; $alias_name = $alias['name']; if(stristr($alias_value, " ")) { $alias_split = split(" ", $alias_value); foreach($alias_split as $as) { if(is_fqdn($as)) add_hostname_to_watch($as); } } else { if(is_fqdn($alias_value)) add_hostname_to_watch($alias_value); } } } function is_fqdn($fqdn) { $hostname = false; if(preg_match("/[-A-Z0-9\.]+\.[-A-Z0-9\.]+/i", $fqdn)) { $hostname = true; } if(preg_match("/\.\./", $fqdn)) { $hostname = false; } if(preg_match("/^\./i", $fqdn)) { $hostname = false; } if(preg_match("/\//i", $fqdn)) { $hostname = false; } return($hostname); } function pfsense_default_state_size() { /* get system memory amount */ $memory = get_memory(); $avail = $memory[0]; /* Be cautious and only allocate 10% of system memory to the state table */ $max_states = (int) ($avail/10)*1000; return $max_states; } function rule_popup($src,$srcport,$dst,$dstport){ global $config; $aliases_array = array(); if($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias'])) { $span_begin = ""; $alias_src_span_begin = ""; $alias_src_span_end = ""; $alias_src_port_span_begin = ""; $alias_src_port_span_end = ""; $alias_dst_span_begin = ""; $alias_dst_span_end = ""; $alias_dst_port_span_begin = ""; $alias_dst_port_span_end = ""; $alias_content_text = ""; foreach($config['aliases']['alias'] as $alias_name) { $alias_addresses = explode (" ", $alias_name['address']); $alias_details = explode ("||", $alias_name['detail']); $alias_objects_with_details = ""; $counter = 0; foreach($alias_addresses as $alias_ports_address) { $alias_objects_with_details .= $alias_addresses[$counter]; $alias_detail_default = strpos ($alias_details[$counter],"Entry added"); if ($alias_details[$counter] != "" && $alias_detail_default === False){ $alias_objects_with_details .=" - " . $alias_details[$counter]; } $alias_objects_with_details .= "
"; $counter++; } //max character length for caption field $maxlength = 60; $alias_descr_substr = $alias_name['descr']; $alias_content_text = htmlspecialchars($alias_objects_with_details); $alias_caption = htmlspecialchars($alias_descr_substr . ":"); $strlength = strlen ($alias_caption); if ($strlength >= $maxlength) $alias_caption = substr($alias_caption, 0, $maxlength) . "..."; $span_begin = "$alias_caption

$alias_content_text