#!/usr/local/bin/php-cgi -f . * Copyright (c) 2009 Erik Kristensen * Copyright (c) 2005-2016 Electric Sheep Fencing, LLC. All rights reserved. * All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ require_once("pkg-utils.inc"); function rescue_detect_keypress() { // How long do you want the script to wait before moving on (in seconds) $timeout=9; echo "\n"; echo "[ Press R to enter recovery mode or ]\n"; echo "[ press I to launch the installer ]\n\n"; echo "(R)ecovery mode can assist by rescuing config.xml\n"; echo "from a broken hard disk installation, etc.\n\n"; echo "(I)nstaller will be invoked\n\n"; echo "Timeout before auto boot continues (seconds): {$timeout}"; $key = null; exec("/bin/stty erase " . chr(8)); while (!in_array($key, array("r", "R", "i", "I"))) { echo chr(8) . "{$timeout}"; `/bin/stty -icanon min 0 time 25`; $key = trim(`KEY=\`dd count=1 2>/dev/null\`; echo \$KEY`); `/bin/stty icanon`; // Decrement our timeout value $timeout--; // If we have reached 0 exit and continue on if ($timeout == 0) { break; } } // If R or I was pressed do our logic here if (in_array($key, array("r", "R"))) { putenv("TERM=xterm"); echo "\n\nRecovery mode selected...\n"; passthru("/usr/bin/env TERM=xterm /bin/tcsh"); } else { putenv("TERM=xterm"); echo "\n\nInstaller mode selected...\n"; passthru("/usr/bin/env TERM=xterm /bin/tcsh -c /scripts/lua_installer"); } passthru("/etc/rc.reboot"); exit; } echo " done.\n"; echo "Initializing..."; echo "."; require_once("/etc/inc/globals.inc"); echo "."; require_once("/etc/inc/led.inc"); led_normalize(); echo "."; if (led_count() >= 3) { led_kitt(); } /* let the other functions know we're booting */ $pkg_interface = 'console'; $g['booting'] = true; /* parse the configuration and include all functions used below */ require_once("/etc/inc/config.inc"); echo "."; require_once("/etc/inc/config.console.inc"); echo "."; require_once("/etc/inc/auth.inc"); echo "."; require_once("/etc/inc/functions.inc"); echo "."; require_once("/etc/inc/filter.inc"); echo "."; require_once("/etc/inc/shaper.inc"); echo "."; require_once("/etc/inc/ipsec.inc"); echo "."; require_once("/etc/inc/vpn.inc"); echo "."; require_once("/etc/inc/openvpn.inc"); echo "."; require_once("/etc/inc/captiveportal.inc"); echo "."; require_once("/etc/inc/rrd.inc"); echo "."; require_once("/etc/inc/pfsense-utils.inc"); echo "."; /* get system memory amount */ $memory = get_memory(); $physmem = $memory[0]; $realmem = $memory[1]; echo " done.\n"; conf_mount_rw(); /* save dmesg output to file */ system_dmesg_save(); /* check whether config reset is desired (via hardware button on WRAP/ALIX) */ system_check_reset_button(); /* remove previous firmware upgrade if present */ if (file_exists("/root/firmware.tgz")) { unlink("/root/firmware.tgz"); } /* Reinstall of packages after reboot has been requested */ if (file_exists('/conf/needs_package_sync_after_reboot')) { touch('/conf/needs_package_sync'); @unlink('/conf/needs_package_sync_after_reboot'); } /* Triggering of the initial setup wizard after reboot has been requested */ if (file_exists('/conf/trigger_initial_wizard_after_reboot')) { touch('/conf/trigger_initial_wizard'); @unlink('/conf/trigger_initial_wizard_after_reboot'); } /* start devd (dhclient now uses it) */ echo "Starting device manager (devd)..."; mute_kernel_msgs(); start_devd(); set_device_perms(); unmute_kernel_msgs(); echo "done.\n"; // Display rescue configuration option if ($g['platform'] == "cdrom") { rescue_detect_keypress(); } echo "Loading configuration..."; parse_config_bootup(); echo "done.\n"; /* run any early shell commands specified in config.xml */ system_do_shell_commands(1); if (file_exists("/conf/trigger_initial_wizard")) { check_for_alternate_interfaces(); } /* * Determine if we need to throw a interface exception * and ask the user to reassign interfaces. This will * avoid a reboot and that is a good thing. */ while (is_interface_mismatch() == true) { led_assigninterfaces(); if (isset($config['revision'])) { if (file_exists("{$g['tmp_path']}/missing_interfaces")) { echo "Warning: Configuration references interfaces that do not exist: " . file_get_contents("{$g['tmp_path']}/missing_interfaces") . "\n"; } echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; } else { echo "\nDefault interfaces not found -- Running interface assignment option.\n"; } $ifaces = get_interface_list(); if (is_array($ifaces)) { foreach ($ifaces as $iface => $ifdata) { interfaces_bring_up($iface); } } set_networking_interfaces_ports(); led_kitt(); } /* convert config and clean backups */ echo "Updating configuration..."; convert_config(); echo "done.\n"; echo "Cleaning backup cache..."; cleanup_backupcache(true); echo "done.\n"; /* read in /etc/sysctl.conf and set values if needed */ echo "Setting up extended sysctls..."; system_setup_sysctl(); echo "done.\n"; /* enable optional crypto modules */ load_crypto(); /* enable optional thermal sensor modules */ load_thermal_hardware(); /* set up our timezone */ system_timezone_configure(); /* set up our hostname */ system_hostname_configure(); /* make hosts file */ system_hosts_generate(); /* configure loopback interface */ interfaces_loopback_configure(); /* start syslogd */ system_syslogd_start(); /* restore alias tables */ restore_aliastables(); echo "Starting Secure Shell Services..."; send_event("service reload sshd"); echo "done.\n"; /* setup polling */ echo "Setting up polling defaults..."; setup_polling(); echo "done.\n"; /* setup interface microcode which improves tcp/ip speed */ echo "Setting up interfaces microcode..."; setup_microcode(); echo "done.\n"; /* set up interfaces */ if (!$debugging) { mute_kernel_msgs(); } interfaces_configure(); interfaces_sync_setup(); if (!$debugging) { unmute_kernel_msgs(); } /* re-make hosts file after configuring interfaces */ system_hosts_generate(); /* start OpenVPN server & clients */ echo "Syncing OpenVPN settings..."; openvpn_resync_all(); echo "done.\n"; /* generate resolv.conf */ system_resolvconf_generate(); /* setup altq + pf */ filter_configure_sync(); /* start pflog */ echo "Starting PFLOG..."; filter_pflog_start(); echo "done.\n"; /* reconfigure our gateway monitor */ echo "Setting up gateway monitors..."; setup_gateways_monitor(); echo "done.\n"; echo "Synchronizing user settings..."; local_sync_accounts(); echo "done.\n"; if ($realmem > 0 and $realmem < 65) { echo "System has less than 65 megabytes of ram {$realmem}. Delaying webConfigurator startup.\n"; /* start webConfigurator up on final pass */ mwexec("/usr/local/sbin/pfSctl -c 'service restart webgui'"); } else { /* start web server */ system_webgui_start(); } /* configure cron service */ echo "Configuring CRON..."; configure_cron(); echo "done.\n"; /* set up static routes */ system_routing_configure(); /* enable routing */ system_routing_enable(); /* start dnsmasq service */ services_dnsmasq_configure(); /* start unbound service */ services_unbound_configure(); /* Enable ntpd */ echo "Starting NTP time client..."; system_ntp_configure(); echo "done.\n"; /* start load balancer daemon */ relayd_configure(); /* configure console menu and serial port*/ setup_serial_port(); /* start DHCP service */ services_dhcpd_configure(); /* start dhcpleases dhcp hosts leases program */ system_dhcpleases_configure(); /* start DHCP relay */ services_dhcrelay_configure(); /* start DHCP6 relay */ services_dhcrelay6_configure(); /* dyndns service updates */ send_event("service reload dyndnsall"); /* Run a filter configure now that most all services have started */ filter_configure_sync(); /* setup pppoe and pptp */ vpn_setup(); /* start the captive portal */ captiveportal_configure(); /* start Voucher support */ voucher_configure(); /* run any shell commands specified in config.xml */ system_do_shell_commands(); /* start IPsec tunnels */ $ipsec_dynamic_hosts = vpn_ipsec_configure(); /* start SNMP service */ services_snmpd_configure(); /* power down hard drive if needed/set */ system_set_harddisk_standby(); /* lock down console if necessary */ reload_ttys(); /* load graphing functions */ enable_rrd_graphing(); /* enable watchdog if supported */ enable_watchdog(); /* if exists, execute the command */ if ($config['system']['afterbootupshellcmd'] <> "") { echo "Running afterbootupshellcmd {$config['system']['afterbootupshellcmd']}\n"; mwexec($config['system']['afterbootupshellcmd']); } if ($physmem < $g['minimum_ram_warning']) { require_once("/etc/inc/notices.inc"); file_notice("{$g['product_name']}MemoryRequirements", "{$g['product_name']} requires at least {$g['minimum_ram_warning_text']} of RAM. Expect unusual performance. This platform is not supported.", "Memory", "", 1); set_sysctl(array( "net.inet.tcp.recvspace" => "4096", "net.inet.tcp.sendspace" => "4096" )); } /* if we are operating at 1000 then increase timeouts. this was never accounted for after moving to 1000 hz */ $kern_hz = get_single_sysctl('kern.clockrate'); $kern_hz = substr($kern_hz, strpos($kern_hz, "hz = ") + 5); $kern_hz = substr($kern_hz, 0, strpos($kern_hz, ",")); if ($kern_hz == "1000") { set_single_sysctl("net.inet.tcp.rexmit_min" , "30"); } /* start the igmpproxy daemon */ services_igmpproxy_configure(); /* start the upnp daemon if it is enabled */ upnp_start(); /* If powerd is enabled, lets launch it */ activate_powerd(); /* Set preferred protocol */ prefer_ipv4_or_ipv6(); /* Remove the old shutdown binary if we kept it. */ if (file_exists("/sbin/shutdown.old")) { @unlink("/sbin/shutdown.old"); } /* Resync / Reinstall packages if need be */ if (file_exists('/conf/needs_package_sync') && ($g['platform'] == $g['product_name'] || $g['platform'] == "nanobsd")) { mark_subsystem_dirty('packagelock'); if (package_reinstall_all()) { @unlink('/conf/needs_package_sync'); } clear_subsystem_dirty('packagelock'); } /* Detect installed binary pkgs that are not registered in the system */ if ($g['platform'] != "cdrom") { register_all_installed_packages(); } /* Give syslogd a kick after everything else has been initialized, otherwise it can occasionally fail to route syslog messages properly on both IPv4 and IPv6 */ system_syslogd_start(); /* done */ unset($g['booting']); @unlink("{$g['varrun_path']}/booting"); /* If there are ipsec dynamic hosts try again to reload the tunnels as rc.newipsecdns does */ if ($ipsec_dynamic_hosts) { vpn_ipsec_configure(); } if ($ipsec_dynamic_hosts || !empty($filterdns)) { filter_configure(); } led_normalize(); conf_mount_ro(); ?>