system_advanced_misc.php 22.5 KB
Newer Older
Ad Schellevis's avatar
Ad Schellevis committed
1
<?php
2

Ad Schellevis's avatar
Ad Schellevis committed
3
/*
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
    Copyright (C) 2014-2015 Deciso B.V.
    Copyright (C) 2005-2007 Scott Ullrich
    Copyright (C) 2008 Shrew Soft Inc
    Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>
    All rights reserved.

    Redistribution and use in source and binary forms, with or without
    modification, are permitted provided that the following conditions are met:

    1. Redistributions of source code must retain the above copyright notice,
       this list of conditions and the following disclaimer.

    2. Redistributions in binary form must reproduce the above copyright
       notice, this list of conditions and the following disclaimer in the
       documentation and/or other materials provided with the distribution.

    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGE.
Ad Schellevis's avatar
Ad Schellevis committed
30 31
*/

32
require_once("guiconfig.inc");
Ad Schellevis's avatar
Ad Schellevis committed
33
require_once("filter.inc");
34
require_once("ipsec.inc");
35
require_once("system.inc");
36
require_once("services.inc");
37
require_once("interfaces.inc");
Ad Schellevis's avatar
Ad Schellevis committed
38

39 40
function crypto_modules()
{
41
    $modules = array(
42 43 44 45 46 47 48 49 50
        'aesni' => gettext('AES-NI CPU-based Acceleration'),
        'glxsb' => gettext('AMD Geode LX Security Block'),
        'hifn' => gettext('Hifn 7751/7951/7811/7955/7956 Crypto Accelerator'),
        'padlock' => gettext('Crypto and RNG in VIA C3, C7 and Eden Processors'),
        'safe' => gettext('SafeNet Crypto Accelerator'),
        'ubsec' => gettext('Broadcom and BlueSteel uBsec 5x0x crypto accelerator'),
    );
    $available = array();

51
    foreach ($modules as $name => $desc) {
52 53 54 55 56 57 58
        if (file_exists("/boot/kernel/{$name}.ko")) {
            $available[$name] = $desc;
        }
    }

    return $available;
}
59

60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
function thermal_modules()
{
    $modules = array(
        'amdtemp' => gettext('AMD K8, K10 and K11 CPU on-die thermal sensor'),
        'coretemp' => gettext('Intel Core* CPU on-die thermal sensor'),
    );
    $available = array();

    foreach ($modules as $name => $desc) {
        if (file_exists("/boot/kernel/{$name}.ko")) {
            $available[$name] = $desc;
        }
    }

    return $available;
}
76 77 78 79 80

if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig = array();
    $pconfig['powerd_enable'] = isset($config['system']['powerd_enable']);
    $pconfig['crypto_hardware'] = !empty($config['system']['crypto_hardware']) ? $config['system']['crypto_hardware'] : null;
81
    $pconfig['cryptodev_enable'] = isset($config['system']['cryptodev_enable']);
82 83
    $pconfig['thermal_hardware'] = !empty($config['system']['thermal_hardware']) ? $config['system']['thermal_hardware'] : null;
    $pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']);
84
    $pconfig['use_mfs_tmp'] = isset($config['system']['use_mfs_tmp']);
85
    $pconfig['powerd_ac_mode'] = "hadp";
86 87
    $pconfig['rrdbackup'] = !empty($config['system']['rrdbackup']) ? $config['system']['rrdbackup'] : null;
    $pconfig['dhcpbackup'] = !empty($config['system']['dhcpbackup']) ? $config['system']['dhcpbackup'] : null;
88
    $pconfig['netflowbackup'] = !empty($config['system']['netflowbackup']) ? $config['system']['netflowbackup'] : null;
89 90 91 92 93 94 95 96 97 98
    if (!empty($config['system']['powerd_ac_mode'])) {
        $pconfig['powerd_ac_mode'] = $config['system']['powerd_ac_mode'];
    }
    $pconfig['powerd_battery_mode'] = "hadp";
    if (!empty($config['system']['powerd_battery_mode'])) {
        $pconfig['powerd_battery_mode'] = $config['system']['powerd_battery_mode'];
    }
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
    //
    $input_errors = array();
99
    $pconfig = $_POST;
Ad Schellevis's avatar
Ad Schellevis committed
100

101 102 103 104 105 106 107 108
    if (!empty($pconfig['crypto_hardware']) && !array_key_exists($pconfig['crypto_hardware'], crypto_modules())) {
        $input_errors[] = gettext("Please select a valid Cryptographic Accelerator.");
    }

    if (!empty($pconfig['thermal_hardware']) && !array_key_exists($pconfig['thermal_hardware'], thermal_modules())) {
        $input_errors[] = gettext("Please select a valid Thermal Hardware Sensor.");
    }

109
    if (count($input_errors) == 0) {
110
        if (!empty($pconfig['powerd_enable'])) {
111
            $config['system']['powerd_enable'] = true;
112
        } elseif (isset($config['system']['powerd_enable'])) {
113 114 115
            unset($config['system']['powerd_enable']);
        }

116 117
        $config['system']['powerd_ac_mode'] = $pconfig['powerd_ac_mode'];
        $config['system']['powerd_battery_mode'] = $pconfig['powerd_battery_mode'];
118

119 120 121
        if ($pconfig['crypto_hardware']) {
            $config['system']['crypto_hardware'] = $pconfig['crypto_hardware'];
        } elseif (isset($config['system']['crypto_hardware'])) {
122 123 124
            unset($config['system']['crypto_hardware']);
        }

125 126 127 128 129 130
        if (!empty($pconfig['cryptodev_enable'])) {
            $config['system']['cryptodev_enable'] = true;
        } elseif (isset($config['system']['cryptodev_enable'])) {
            unset($config['system']['cryptodev_enable']);
        }

131 132 133
        if (!empty($pconfig['thermal_hardware'])) {
            $config['system']['thermal_hardware'] = $pconfig['thermal_hardware'];
        } elseif (isset($config['system']['thermal_hardware'])) {
134 135 136
            unset($config['system']['thermal_hardware']);
        }

137
        if (!empty($pconfig['use_mfs_tmpvar'])) {
138
            $config['system']['use_mfs_tmpvar'] = true;
139
        } elseif (isset($config['system']['use_mfs_tmpvar'])) {
140 141 142
            unset($config['system']['use_mfs_tmpvar']);
        }

143 144 145 146 147 148
        if (!empty($pconfig['use_mfs_tmp'])) {
            $config['system']['use_mfs_tmp'] = true;
        } elseif (isset($config['system']['use_mfs_tmp'])) {
            unset($config['system']['use_mfs_tmp']);
        }

149
        if (!empty($pconfig['rrdbackup'])) {
150
            $config['system']['rrdbackup'] = $pconfig['rrdbackup'];
151 152
        } elseif (isset($config['system']['rrdbackup'])) {
            unset($config['system']['rrdbackup']);
153
        }
154

155 156 157 158
        if (!empty($pconfig['dhcpbackup'])) {
            $config['system']['dhcpbackup'] = $pconfig['dhcpbackup'];
        } elseif (isset($config['system']['dhcpbackup'])) {
            unset($config['system']['dhcpbackup']);
159 160
        }

161 162 163 164 165 166
        if (!empty($pconfig['netflowbackup'])) {
            $config['system']['netflowbackup'] = $pconfig['netflowbackup'];
        } elseif (isset($config['system']['netflowbackup'])) {
            unset($config['system']['netflowbackup']);
        }

167
        write_config();
168
        $savemsg = get_std_save_message();
169 170

        system_resolvconf_generate(true);
171
        configure_cron();
172
        activate_powerd();
173 174
        load_crypto_module();
        load_thermal_module();
175
    }
Ad Schellevis's avatar
Ad Schellevis committed
176 177
}

178
legacy_html_escape_form_data($pconfig);
179

Ad Schellevis's avatar
Ad Schellevis committed
180 181 182 183
include("head.inc");

?>

184
<body>
185 186

<?php include("fbegin.inc"); ?>
187 188

<section class="page-content-main">
189 190 191 192 193 194 195 196 197 198 199 200
  <div class="container-fluid">
    <div class="row">
<?php
    if (isset($input_errors) && count($input_errors) > 0) {
        print_input_errors($input_errors);
    }
    if (isset($savemsg)) {
        print_info_box($savemsg);
    }
?>
      <section class="col-xs-12">
        <div class="content-box tab-content table-responsive">
201
          <form method="post" name="iform" id="iform">
202
            <table class="table table-striped opnsense_standard_table_form">
203
              <tr>
204
                <td width="22%"><strong><?= gettext('Cryptographic Hardware Acceleration') ?></strong></td>
205
                <td width="78%" align="right">
206
                  <small><?=gettext("full help"); ?> </small>
Ad Schellevis's avatar
Ad Schellevis committed
207
                  <i class="fa fa-toggle-off text-danger"  style="cursor: pointer;" id="show_all_help_page" type="button"></i>
208 209 210 211 212 213 214 215
                </td>
              </tr>
              <tr>
                <td><a id="help_for_crypto_hardware" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Hardware");?></td>
                <td>
                  <select name="crypto_hardware" id="crypto_hardware" class="selectpicker" data-style="btn-default">
                    <option value=""><?=gettext("None"); ?></option>
<?php
216
                    foreach (crypto_modules() as $cryptomod_name => $cryptomod_descr) :?>
217 218 219 220 221 222 223 224
                      <option value="<?=$cryptomod_name; ?>" <?=$pconfig['crypto_hardware'] == $cryptomod_name ? "selected=\"selected\"" :"";?>>
                        <?="{$cryptomod_descr} ({$cryptomod_name})"; ?>
                      </option>
<?php
                    endforeach; ?>
                  </select>
                  <div class="hidden" for="help_for_crypto_hardware">
                    <?=gettext("A cryptographic accelerator module will use hardware support to speed up some " .
225 226 227 228 229 230
                                            "cryptographic functions on systems which have the chip. Do not enable this " .
                                            "option if you have a Hifn cryptographic acceleration card, as this will take " .
                                            "precedence and the Hifn card will not be used. Acceleration should be automatic " .
                                            "for IPsec when using a cipher supported by your chip, such as AES-128. OpenVPN " .
                                            "should be set for AES-128-CBC and have cryptodev enabled for hardware " .
                                            "acceleration."); ?>
231 232 233 234 235
                  <br /><br />
                  <?=gettext("If you do not have a crypto chip in your system, this option will have no " .
                                      "effect. To unload the selected module, set this option to 'none' and then reboot."); ?>
                </td>
              </tr>
236 237 238 239
              <tr>
                <td><a id="help_for_cryptodev_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use /dev/crypto");?> </td>
                <td>
                  <input name="cryptodev_enable" type="checkbox" id="cryptodev_enable" value="yes" <?= !empty($pconfig['cryptodev_enable']) ? "checked=\"checked\"" : "";?> />
240
                  <strong><?=gettext("Enable old userland device for cryptographic acceleration"); ?></strong>
241
                  <div class="hidden" for="help_for_cryptodev_enable">
242 243
                    <?=gettext("Old hardware accelerators like 'safe', 'hifn' or 'ubsec' may only provide userland acceleration to e.g. " .
                                            "OpenVPN by means of the /dev/crypto interface, which can be accessed via the OpenSSL " .
244 245 246 247 248 249
                                            "engine framework. Note that LibreSSL does not have support for this device and " .
                                            "instead solely relies on embedded acceleration methods e.g. AES-NI. The default is " .
                                            "to disable this device as it is likely not needed on modern systems."); ?>
                  </div>
                </td>
              </tr>
250 251 252 253 254 255 256 257 258
              <tr>
                <th colspan="2" valign="top" class="listtopic"><?=gettext("Thermal Sensors"); ?></th>
              </tr>
              <tr>
                <td><a id="help_for_thermal_hardware" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Hardware");?> </td>
                <td>
                  <select name="thermal_hardware" class="selectpicker" data-style="btn-default">
                    <option value=""><?=gettext("None/ACPI"); ?></option>
<?php
259
                    foreach (thermal_modules() as $themalmod_name => $themalmod_descr) :?>
260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276
                      <option value="<?=$themalmod_name; ?>" <?=$pconfig['thermal_hardware'] == $themalmod_name ? " selected=\"selected\"" :"";?>>
                        <?="{$themalmod_descr} ({$themalmod_name})"; ?>
                      </option>
<?php
                    endforeach; ?>
                  </select>
                  <div class="hidden" for="help_for_thermal_hardware">
                    <?=gettext("If you have a supported CPU, selecting a themal sensor will load the appropriate " .
                                              "driver to read its temperature. Setting this to 'None' will attempt to read the " .
                                              "temperature from an ACPI-compliant motherboard sensor instead, if one is present."); ?>
                    <br /><br />
                    <?=gettext("If you do not have a supported thermal sensor chip in your system, this option will have no " .
                                          "effect. To unload the selected module, set this option to 'none' and then reboot."); ?>
                  </div>
                </td>
              </tr>
              <tr>
277
                <th colspan="2" valign="top" class="listtopic"><?=gettext("Periodic Backups"); ?></th>
278 279 280
              </tr>
              <tr>
                <td><a id="help_for_rrdbackup" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Periodic RRD Backup");?></td>
281 282 283
                <td>
                  <select name="rrdbackup" class="selectpicker" data-style="btn-default" id="rrdbackup">
                    <option value='0' <?=!$pconfig['rrdbackup'] == 0 ? 'selected="selected"' : ''; ?>><?=gettext("Disabled"); ?></option>
284
<?php
285 286 287 288
                    for ($x = 1; $x <= 24; $x++): ?>
                    <option value="<?= $x ?>" <?= $pconfig['rrdbackup'] == $x ? 'selected="selected"' : ''; ?>>
                      <?= $x == 1 ? gettext('1 hour') : sprintf(gettext('%s hours'), $x) ?>
                    </option>
289 290 291 292 293
<?php
                      endfor; ?>
                  </select>
                  <br />
                  <div class="hidden" for="help_for_rrdbackup">
294
                    <?=gettext("This will periodically backup the RRD data so it can be restored automatically on the next boot.");?>
295 296 297 298 299 300
                  </div>
                </td>
              </tr>
              <tr>
                <td><a id="help_for_dhcpbackup" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Periodic DHCP Leases Backup");?></td>
                <td>
301
                  <select name="dhcpbackup" class="selectpicker" data-style="btn-default" id="dhcpbackup">
302
                    <option value='0' <?= $pconfig['dhcpbackup'] == 0 ? "selected='selected'" : ''; ?>><?=gettext('Disabled'); ?></option>
303
<?php
304 305 306
                    for ($x = 1; $x <= 24; $x++): ?>
                    <option value="<?= $x ?>" <?= $pconfig['dhcpbackup'] == $x ? 'selected="selected"' : '';?>>
                      <?= $x == 1 ? gettext('1 hour') : sprintf(gettext('%s hours'), $x) ?>
307 308 309 310 311
                    </option>
<?php
                    endfor; ?>
                  </select>
                  <div class="hidden" for="help_for_dhcpbackup">
312 313 314 315 316 317 318 319
                    <?=gettext("This will periodically backup the DHCP leases data so it can be restored automatically on the next boot.");?>
                  </div>
                </td>
              </tr>
              <tr>
                <td><a id="help_for_netflowbackup" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Periodic NetFlow Backup");?></td>
                <td>
                  <select name="netflowbackup" class="selectpicker" data-style="btn-default" id="netflowbackup">
320
                    <option value='0' <?= $pconfig['netflowbackup'] == 0 ? 'selected="selected"' : ''; ?>><?=gettext('Disabled'); ?></option>
321
<?php
322 323 324
                    for ($x = 1; $x <= 24; $x++): ?>
                    <option value="<?= $x ?>" <?= $pconfig['netflowbackup'] == $x ? 'selected="selected"' : '';?>>
                      <?= $x == 1 ? gettext('1 hour') : sprintf(gettext('%s hours'), $x) ?>
325 326 327 328 329 330
                    </option>
<?php
                    endfor; ?>
                  </select>
                  <div class="hidden" for="help_for_netflowbackup">
                    <?=gettext("This will periodically backup the NetFlow data aggregation so it can be restored automatically on the next boot.");?>
331 332 333
                  </div>
                </td>
              </tr>
334 335 336 337 338 339 340 341 342
              <tr>
                <th colspan="2" valign="top" class="listtopic"><?=gettext("Power Savings"); ?></th>
              </tr>
              <tr>
                <td><a id="help_for_powerd_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Use PowerD"); ?></td>
                <td>
                  <input name="powerd_enable" type="checkbox" id="powerd_enable" value="yes" <?=!empty($pconfig['powerd_enable']) ? "checked=\"checked\"" : "";?> />
                  <div class="hidden" for="help_for_powerd_enable">
                    <?=gettext("The powerd utility monitors the system state and sets various power control " .
343
                                        "options accordingly. It offers four modes (maximum, minimum, adaptive " .
344 345
                                        "and hiadaptive) that can be individually selected while on AC power or batteries. " .
                                        "The modes maximum, minimum, adaptive and hiadaptive may be abbreviated max, " .
346
                                        "min, adp, hadp. Maximum mode chooses the highest performance values. Minimum " .
347 348
                                        "mode selects the lowest performance values to get the most power savings. " .
                                        "Adaptive mode attempts to strike a balance by degrading performance when " .
349
                                        "the system appears idle and increasing it when the system is busy. It " .
350
                                        "offers a good balance between a small performance loss for greatly " .
351
                                        "increased power savings. Hiadaptive mode is alike adaptive mode, but " .
352
                                        "tuned for systems where performance and interactivity are more important " .
353
                                        "than power consumption. It raises frequency faster, drops slower and " .
354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394
                                        "keeps twice lower CPU load."); ?>
                  </div>
                </td>
              </tr>
              <tr>
                <td><i class="fa fa-info-circle text-muted"></i>  <?=gettext('On AC Power Mode') ?></td>
                <td>
                  <select name="powerd_ac_mode" class="selectpicker" data-style="btn-default" data-width="auto">
                    <option value="hadp" <?=$pconfig['powerd_ac_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Hiadaptive");?>
                    </option>
                    <option value="adp" <?=$pconfig['powerd_ac_mode']=="adp" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Adaptive");?>
                    </option>
                    <option value="min" <?=$pconfig['powerd_ac_mode']=="min" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Minimum");?>
                    </option>
                    <option value="max" <?=$pconfig['powerd_ac_mode']=="max" ? " selected=\"selected\"" : "";?>>
                      <?=gettext("Maximum");?>
                    </option>
                  </select>
                </td>
              <tr>
                <td><i class="fa fa-info-circle text-muted"></i>  <?=gettext('On Battery Power Mode') ?></td>
                <td>
                  <select name="powerd_battery_mode" class="selectpicker" data-style="btn-default" data-width="auto">
                    <option value="hadp"<?=$pconfig['powerd_battery_mode']=="hadp" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Hiadaptive");?>
                    </option>
                    <option value="adp" <?=$pconfig['powerd_battery_mode']=="adp" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Adaptive");?>
                    </option>
                    <option value="min" <?=$pconfig['powerd_battery_mode']=="min" ? "selected=\"selected\"" :"";?>>
                      <?=gettext("Minimum");?>
                    </option>
                    <option value="max" <?=$pconfig['powerd_battery_mode']=="max" ? "selected=\"selected\"" : "";?>>
                      <?=gettext("Maximum");?>
                    </option>
                  </select>
                </td>
              </tr>
395 396 397 398
              <tr>
                <th colspan="2" valign="top" class="listtopic"><?=gettext("RAM Disk Settings (Reboot to Apply Changes)"); ?></th>
              </tr>
              <tr>
399
                <td><a id="help_for_use_mfs_tmpvar" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext('/tmp and /var RAM disks'); ?></td>
400
                <td>
401
                  <input name="use_mfs_tmpvar" type="checkbox" id="use_mfs_tmpvar" value="yes" <?=!empty($pconfig['use_mfs_tmpvar']) ? 'checked="checked"' : '';?>/>
402
                  <strong><?=gettext("Use memory file system for /tmp and /var"); ?></strong>
403
                  <div class="hidden" for="help_for_use_mfs_tmpvar">
404 405 406 407 408 409 410 411 412 413 414 415
                    <?=gettext("Set this if you wish to use /tmp and /var as RAM disks (memory file system disks) " .
                      "rather than use the hard disk. Setting this will cause the data /var to be lost on reboot, including log data."); ?>
                  </div>
                </td>
              </tr>
              <tr>
                <td><a id="help_for_use_mfs_tmp" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext('/tmp RAM disk'); ?></td>
                <td>
                  <input name="use_mfs_tmp" type="checkbox" id="use_mfs_tmp" value="yes" <?=!empty($pconfig['use_mfs_tmp']) ? 'checked="checked"' : '';?>/>
                  <strong><?=gettext('Use memory file system for /tmp'); ?></strong>
                  <div class="hidden" for="help_for_use_mfs_tmp">
                    <?= gettext('Set this if you wish to use /tmp as a RAM disk (memory file system disk) rather than use the hard disk.') ?>
416 417 418
                  </div>
                </td>
              </tr>
419 420 421 422 423 424 425 426
              <tr>
                <td>&nbsp;</td>
                <td>
                  <input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
                </td>
              </tr>
            </table>
          </form>
427
        </div>
428 429 430
      </section>
    </div>
  </div>
431 432
</section>

433
<?php include("foot.inc");