#!/usr/local/bin/php-cgi -f . * Copyright (c) 2009 Erik Kristensen * Copyright (c) 2005-2016 Rubicon Communications, LLC (Netgate). All rights reserved. * All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ require_once("pkg-utils.inc"); echo " done.\n"; echo "Initializing..."; echo "."; require_once("/etc/inc/globals.inc"); echo "."; require_once("/etc/inc/led.inc"); led_normalize(); echo "."; if (led_count() >= 3) { led_kitt(); } /* let the other functions know we're booting */ $pkg_interface = 'console'; $g['booting'] = true; /* parse the configuration and include all functions used below */ require_once("/etc/inc/config.inc"); echo "."; require_once("/etc/inc/config.console.inc"); echo "."; require_once("/etc/inc/auth.inc"); echo "."; require_once("/etc/inc/functions.inc"); echo "."; require_once("/etc/inc/filter.inc"); echo "."; require_once("/etc/inc/shaper.inc"); echo "."; require_once("/etc/inc/ipsec.inc"); echo "."; require_once("/etc/inc/vpn.inc"); echo "."; require_once("/etc/inc/openvpn.inc"); echo "."; require_once("/etc/inc/captiveportal.inc"); echo "."; require_once("/etc/inc/rrd.inc"); echo "."; require_once("/etc/inc/pfsense-utils.inc"); echo "."; /* get system memory amount */ $memory = get_memory(); $physmem = $memory[0]; $realmem = $memory[1]; echo " done.\n"; /* save dmesg output to file */ system_dmesg_save(); /* check whether config reset is desired (via hardware button on WRAP/ALIX) */ system_check_reset_button(); /* remove previous firmware upgrade if present */ if (file_exists("/root/firmware.tgz")) { unlink("/root/firmware.tgz"); } /* Reinstall of packages after reboot has been requested */ if (file_exists('/conf/needs_package_sync_after_reboot')) { touch('/conf/needs_package_sync'); @unlink('/conf/needs_package_sync_after_reboot'); } /* Triggering of the initial setup wizard after reboot has been requested */ if (file_exists('/conf/trigger_initial_wizard_after_reboot')) { touch('/conf/trigger_initial_wizard'); @unlink('/conf/trigger_initial_wizard_after_reboot'); } /* start devd (dhclient now uses it) */ echo "Starting device manager (devd)..."; mute_kernel_msgs(); start_devd(); set_device_perms(); unmute_kernel_msgs(); echo "done.\n"; echo "Loading configuration..."; parse_config_bootup(); echo "done.\n"; mwexec("/usr/sbin/gnid > {$g['vardb_path']}/uniqueid 2>/dev/null"); /* run any early shell commands specified in config.xml */ system_do_shell_commands(1); // Only do the alternate interface checks if: // 1) The user has not yet run the initial wizard; and // 2) The user has not used the console menu to setup interface assignments if (file_exists("/conf/trigger_initial_wizard") && !file_exists("/conf/assign_complete")) { check_for_alternate_interfaces(); } /* Convert configuration * This must happen before the interface mismatch test, see * https://redmine.pfsense.org/issues/7809 */ echo "Updating configuration..."; convert_config(); echo "done.\n"; /* * Determine if we need to throw a interface exception * and ask the user to reassign interfaces. This will * avoid a reboot and that is a good thing. */ while (is_interface_mismatch() == true) { led_assigninterfaces(); if (isset($config['revision'])) { if (file_exists("{$g['tmp_path']}/missing_interfaces")) { echo "Warning: Configuration references interfaces that do not exist: " . file_get_contents("{$g['tmp_path']}/missing_interfaces") . "\n"; } echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; } else { echo "\nDefault interfaces not found -- Running interface assignment option.\n"; } $ifaces = get_interface_list(); if (is_array($ifaces)) { foreach ($ifaces as $iface => $ifdata) { interfaces_bring_up($iface); } } set_networking_interfaces_ports(); led_kitt(); } echo "Checking config backups consistency..."; cleanup_backupcache(true); echo "done.\n"; /* read in /etc/sysctl.conf and set values if needed */ echo "Setting up extended sysctls..."; system_setup_sysctl(); echo "done.\n"; /* enable optional crypto modules */ load_crypto(); /* enable optional thermal sensor modules */ load_thermal_hardware(); /* set up our timezone */ system_timezone_configure(); /* set up our hostname */ system_hostname_configure(); /* make hosts file */ system_hosts_generate(); /* configure loopback interface */ interfaces_loopback_configure(); /* start syslogd */ system_syslogd_start(); /* Log the RAM disk restore messages. */ if (file_exists("/var/log/restore_ramdisk_store.boot")) { exec("logger -f /var/log/restore_ramdisk_store.boot"); } echo "Starting Secure Shell Services..."; send_event("service reload sshd"); echo "done.\n"; /* setup interface microcode which improves tcp/ip speed */ echo "Setting up interfaces microcode..."; setup_microcode(); echo "done.\n"; /* set up interfaces */ if (!$debugging) { mute_kernel_msgs(); } interfaces_configure(); interfaces_sync_setup(); if (!$debugging) { unmute_kernel_msgs(); } /* re-make hosts file after configuring interfaces */ system_hosts_generate(); /* start OpenVPN server & clients */ echo "Syncing OpenVPN settings..."; openvpn_resync_all(); echo "done.\n"; /* generate resolv.conf */ system_resolvconf_generate(); /* setup altq + pf */ filter_configure_sync(); /* start pflog */ echo "Starting PFLOG..."; filter_pflog_start(); echo "done.\n"; /* reconfigure our gateway monitor */ echo "Setting up gateway monitors..."; setup_gateways_monitor(); echo "done.\n"; /* set up static routes */ system_routing_configure(); /* start dnsmasq service */ services_dnsmasq_configure(); /* start unbound service */ services_unbound_configure(); echo "Synchronizing user settings..."; local_sync_accounts(); echo "done.\n"; if ($realmem > 0 and $realmem < 65) { echo "System has less than 65 megabytes of ram {$realmem}. Delaying webConfigurator startup.\n"; /* start webConfigurator up on final pass */ mwexec("/usr/local/sbin/pfSctl -c 'service restart webgui'"); } else { /* start web server */ system_webgui_start(); } /* configure cron service */ echo "Configuring CRON..."; configure_cron(); echo "done.\n"; /* enable routing */ system_routing_enable(); /* Enable ntpd */ echo "Starting NTP time client..."; system_ntp_configure(); echo "done.\n"; /* start load balancer daemon */ relayd_configure(); /* configure console menu and serial port*/ setup_serial_port(); /* start DHCP service */ services_dhcpd_configure(); /* start dhcpleases dhcp hosts leases program */ system_dhcpleases_configure(); /* start DHCP relay */ services_dhcrelay_configure(); /* start DHCP6 relay */ services_dhcrelay6_configure(); /* dyndns service updates */ send_event("service reload dyndnsall"); /* Run a filter configure now that most all services have started */ filter_configure_sync(); /* setup pppoe and pptp */ vpn_setup(); /* start the captive portal */ captiveportal_configure(); /* start Voucher support */ voucher_configure(); /* run any shell commands specified in config.xml */ system_do_shell_commands(); /* start IPsec tunnels */ $ipsec_dynamic_hosts = vpn_ipsec_configure(); /* start SNMP service */ services_snmpd_configure(); /* power down hard drive if needed/set */ system_set_harddisk_standby(); /* lock down console if necessary */ reload_ttys(); /* load graphing functions */ enable_rrd_graphing(); /* enable watchdog if supported */ enable_watchdog(); /* if exists, execute the command */ if ($config['system']['afterbootupshellcmd'] <> "") { echo "Running afterbootupshellcmd {$config['system']['afterbootupshellcmd']}\n"; mwexec($config['system']['afterbootupshellcmd']); } if ($physmem < $g['minimum_ram_warning']) { require_once("/etc/inc/notices.inc"); file_notice("{$g['product_name']}MemoryRequirements", "{$g['product_name']} requires at least {$g['minimum_ram_warning_text']} of RAM. Expect unusual performance. This platform is not supported.", "Memory", "", 1); set_sysctl(array( "net.inet.tcp.recvspace" => "4096", "net.inet.tcp.sendspace" => "4096" )); } /* if we are operating at 1000 then increase timeouts. this was never accounted for after moving to 1000 hz */ $kern_hz = get_single_sysctl('kern.clockrate'); $kern_hz = substr($kern_hz, strpos($kern_hz, "hz = ") + 5); $kern_hz = substr($kern_hz, 0, strpos($kern_hz, ",")); if ($kern_hz == "1000") { set_single_sysctl("net.inet.tcp.rexmit_min" , "30"); } /* start the igmpproxy daemon */ services_igmpproxy_configure(); /* start the upnp daemon if it is enabled */ upnp_start(); /* If powerd is enabled, lets launch it */ activate_powerd(); /* Set preferred protocol */ prefer_ipv4_or_ipv6(); /* Resync / Reinstall packages if need be */ if (file_exists('/conf/needs_package_sync')) { mark_subsystem_dirty('packagelock'); if (package_reinstall_all()) { @unlink('/conf/needs_package_sync'); } clear_subsystem_dirty('packagelock'); } /* Detect installed binary pkgs that are not registered in the system */ register_all_installed_packages(); /* Give syslogd a kick after everything else has been initialized, otherwise it can occasionally fail to route syslog messages properly on both IPv4 and IPv6 */ system_syslogd_start(); /* done */ unset($g['booting']); @unlink("{$g['varrun_path']}/booting"); /* If there are ipsec dynamic hosts try again to reload the tunnels as rc.newipsecdns does */ if ($ipsec_dynamic_hosts) { vpn_ipsec_configure(); } if ($ipsec_dynamic_hosts || !empty($filterdns)) { filter_configure(); } led_normalize(); ?>