Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
07a1b920
Commit
07a1b920
authored
Apr 24, 2015
by
Franco Fichtner
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
src: replace varetc_path
parent
501c35d4
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
51 additions
and
67 deletions
+51
-67
dyndns.class
src/etc/inc/dyndns.class
+1
-1
rrd.inc
src/etc/inc/rrd.inc
+1
-1
vpn.inc
src/etc/inc/vpn.inc
+34
-52
rc.newwanipv6
src/etc/rc.newwanipv6
+2
-2
rc.openvpn
src/etc/rc.openvpn
+1
-1
services_captiveportal_vouchers.php
src/www/services_captiveportal_vouchers.php
+8
-6
status_openvpn.php
src/www/status_openvpn.php
+1
-1
vpn_pppoe.php
src/www/vpn_pppoe.php
+1
-2
openvpn.widget.php
src/www/widgets/widgets/openvpn.widget.php
+2
-1
No files found.
src/etc/inc/dyndns.class
View file @
07a1b920
...
...
@@ -139,7 +139,7 @@
$this
->
_cacheFile
=
"/conf/dyndns_
{
$dnsIf
}{
$dnsService
}
"
.
escapeshellarg
(
$dnsHost
)
.
"
{
$dnsID
}
.cache"
;
$this
->
_cacheFile_v6
=
"/conf/dyndns_
{
$dnsIf
}{
$dnsService
}
"
.
escapeshellarg
(
$dnsHost
)
.
"
{
$dnsID
}
_v6.cache"
;
$this
->
_debugFile
=
"
{
$g
[
'varetc_path'
]
}
/dyndns_
{
$dnsIf
}{
$dnsService
}
"
.
escapeshellarg
(
$dnsHost
)
.
"
{
$dnsID
}
.debug"
;
$this
->
_debugFile
=
"
/var/etc
/dyndns_
{
$dnsIf
}{
$dnsService
}
"
.
escapeshellarg
(
$dnsHost
)
.
"
{
$dnsID
}
.debug"
;
$this
->
_curlIpresolveV4
=
$curlIpresolveV4
;
$this
->
_curlSslVerifypeer
=
$curlSslVerifypeer
;
...
...
src/etc/inc/rrd.inc
View file @
07a1b920
...
...
@@ -441,7 +441,7 @@ function enable_rrd_graphing() {
$rrdupdatesh
.=
" sleep 0.2
\n
"
;
$rrdupdatesh
.=
" echo
\"
quit
\"\n
"
;
$rrdupdatesh
.=
"}
\n
"
;
$rrdupdatesh
.=
"OVPN=`list_current_users | nc -U
{
$g
[
'varetc_path'
]
}
/openvpn/server
{
$vpnid
}
.sock | awk -F
\"
,
\"
'/^CLIENT_LIST/ {print
\$
2}' | wc -l | awk '{print $1}'`
\n
"
;
$rrdupdatesh
.=
"OVPN=`list_current_users | nc -U
/var/etc
/openvpn/server
{
$vpnid
}
.sock | awk -F
\"
,
\"
'/^CLIENT_LIST/ {print
\$
2}' | wc -l | awk '{print $1}'`
\n
"
;
$rrdupdatesh
.=
"
$rrdtool
update
$rrddbpath$ifname$vpnusers
N:
\$
{
OVPN
}
\n
"
;
}
...
...
src/etc/inc/vpn.inc
View file @
07a1b920
...
...
@@ -120,26 +120,17 @@ function vpn_ipsec_configure($ipchg = false)
mwexec
(
"/sbin/ifconfig enc0 up"
);
set_single_sysctl
(
"net.inet.ip.ipsec_in_use"
,
"1"
);
/* needed for config files */
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d"
))
mkdir
(
"/usr/local/etc/ipsec.d"
);
if
(
!
is_dir
(
$capath
))
mkdir
(
$capath
);
if
(
!
is_dir
(
$keypath
))
mkdir
(
$keypath
);
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d/crls"
))
mkdir
(
"/usr/local/etc/ipsec.d/crls"
);
if
(
!
is_dir
(
$certpath
))
mkdir
(
$certpath
);
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d/aacerts"
))
mkdir
(
"/usr/local/etc/ipsec.d/aacerts"
);
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d/acerts"
))
mkdir
(
"/usr/local/etc/ipsec.d/acerts"
);
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d/ocspcerts"
))
mkdir
(
"/usr/local/etc/ipsec.d/ocspcerts"
);
if
(
!
is_dir
(
"/usr/local/etc/ipsec.d/reqs"
))
mkdir
(
"/usr/local/etc/ipsec.d/reqs"
);
/* needed directories for config files */
@
mkdir
(
$capath
);
@
mkdir
(
$keypath
);
@
mkdir
(
$certpath
);
@
mkdir
(
'/usr/local/etc/ipsec.d'
);
@
mkdir
(
'/usr/local/etc/ipsec.d/crls'
);
@
mkdir
(
'/usr/local/etc/ipsec.d/aacerts'
);
@
mkdir
(
'/usr/local/etc/ipsec.d/acerts'
);
@
mkdir
(
'/usr/local/etc/ipsec.d/ocspcerts'
);
@
mkdir
(
'/usr/local/etc/ipsec.d/reqs'
);
if
(
file_exists
(
"/var/run/booting"
))
echo
gettext
(
"Configuring IPsec VPN... "
);
...
...
@@ -948,13 +939,12 @@ function vpn_pptpd_configure() {
}
/* make sure pptp-vpn directory exists */
if
(
!
file_exists
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn"
))
mkdir
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn"
);
@
mkdir
(
'/var/etc/pptp-vpn'
);
switch
(
$pptpdcfg
[
'mode'
])
{
case
'server'
:
/* write mpd.conf */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn/mpd.conf"
,
"w"
);
$fd
=
fopen
(
'/var/etc/pptp-vpn/mpd.conf'
,
'w'
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.conf in vpn_pptpd_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1073,7 +1063,7 @@ EOD;
unset
(
$mpdconf
);
/* write mpd.links */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn/mpd.links"
,
"w"
);
$fd
=
fopen
(
'/var/etc/pptp-vpn/mpd.links'
,
'w'
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.links in vpn_pptpd_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1098,7 +1088,7 @@ EOD;
unset
(
$mpdlinks
);
/* write mpd.secret */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn/mpd.secret"
,
"w"
);
$fd
=
fopen
(
'/var/etc/pptp-vpn/mpd.secret'
,
'w'
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.secret in vpn_pptpd_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1117,12 +1107,12 @@ EOD;
fwrite
(
$fd
,
$mpdsecret
);
fclose
(
$fd
);
unset
(
$mpdsecret
);
chmod
(
"
{
$g
[
'varetc_path'
]
}
/pptp-vpn/mpd.secret"
,
0600
);
chmod
(
'/var/etc/pptp-vpn/mpd.secret'
,
0600
);
vpn_netgraph_support
();
/* fire up mpd */
mwexec
(
"/usr/local/sbin/mpd4 -b -d
{
$g
[
'varetc_path'
]
}
/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps"
);
mwexec
(
'/usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps'
);
break
;
...
...
@@ -1151,8 +1141,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$syscfg
=
$config
[
'system'
];
/* create directory if it does not exist */
if
(
!
is_dir
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn"
))
mkdir
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn"
);
@
mkdir
(
"/var/etc/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn"
);
if
(
file_exists
(
"/var/run/booting"
))
{
if
(
!
$pppoecfg
[
'mode'
]
||
(
$pppoecfg
[
'mode'
]
==
"off"
))
...
...
@@ -1180,7 +1169,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$paporchap
=
"set link enable pap"
;
/* write mpd.conf */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.conf"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.conf"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.conf in vpn_pppoe_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1289,7 +1278,7 @@ EOD;
unset
(
$mpdconf
);
/* write mpd.links */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.links"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.links"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.links in vpn_pppoe_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1316,7 +1305,7 @@ EOD;
if
(
$pppoecfg
[
'username'
])
{
/* write mpd.secret */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.secret"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.secret"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.secret in vpn_pppoe_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1335,7 +1324,7 @@ EOD;
fwrite
(
$fd
,
$mpdsecret
);
fclose
(
$fd
);
unset
(
$mpdsecret
);
chmod
(
"
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.secret"
,
0600
);
chmod
(
"
/var/etc
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn/mpd.secret"
,
0600
);
}
/* Check if previous instance is still up */
...
...
@@ -1344,7 +1333,7 @@ EOD;
/* Get support for netgraph(4) from the nic */
pfSense_ngctl_attach
(
"."
,
$pppoe_interface
);
/* fire up mpd */
mwexec
(
"/usr/local/sbin/mpd4 -b -d
{
$g
[
'varetc_path'
]
}
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn -p /var/run/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn.pid -s poes poes"
);
mwexec
(
"/usr/local/sbin/mpd4 -b -d
/var/etc
/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn -p /var/run/pppoe
{
$pppoecfg
[
'pppoeid'
]
}
-vpn.pid -s poes poes"
);
break
;
}
...
...
@@ -1355,33 +1344,26 @@ EOD;
return
0
;
}
function
vpn_l2tp_configure
()
{
function
vpn_l2tp_configure
()
{
global
$config
,
$g
;
$syscfg
=
$config
[
'system'
];
$l2tpcfg
=
$config
[
'l2tp'
];
/* create directory if it does not exist */
if
(
!
is_dir
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn"
))
mkdir
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn"
);
if
(
file_exists
(
"/var/run/booting"
))
{
if
(
!
$l2tpcfg
[
'mode'
]
||
(
$l2tpcfg
[
'mode'
]
==
"off"
))
return
0
;
echo
gettext
(
"Configuring l2tp VPN service... "
);
}
else
{
/* kill mpd */
killbypid
(
'/var/run/l2tp-vpn.pid'
);
/* wait for process to die */
sleep
(
8
);
while
(
isvalidpid
(
'/var/run/l2tp-vpn.pid'
))
{
killbypid
(
'/var/run/l2tp-vpn.pid'
);
usleep
(
250
*
1000
);
}
}
/* make sure l2tp-vpn directory exists */
if
(
!
file_exists
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn"
))
mkdir
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn"
);
@
mkdir
(
'/var/etc/l2tp-vpn'
);
switch
(
$l2tpcfg
[
'mode'
])
{
...
...
@@ -1392,7 +1374,7 @@ function vpn_l2tp_configure() {
$paporchap
=
"set link enable pap"
;
/* write mpd.conf */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn/mpd.conf"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/l2tp-vpn/mpd.conf"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.conf in vpn_l2tp_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1491,7 +1473,7 @@ EOD;
unset
(
$mpdconf
);
/* write mpd.links */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn/mpd.links"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/l2tp-vpn/mpd.links"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.links in vpn_l2tp_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1517,7 +1499,7 @@ EOD;
unset
(
$mpdlinks
);
/* write mpd.secret */
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn/mpd.secret"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/l2tp-vpn/mpd.secret"
,
"w"
);
if
(
!
$fd
)
{
printf
(
gettext
(
"Error: cannot open mpd.secret in vpn_l2tp_configure()."
)
.
"
\n
"
);
return
1
;
...
...
@@ -1533,12 +1515,12 @@ EOD;
fwrite
(
$fd
,
$mpdsecret
);
fclose
(
$fd
);
unset
(
$mpdsecret
);
chmod
(
"
{
$g
[
'varetc_path'
]
}
/l2tp-vpn/mpd.secret"
,
0600
);
chmod
(
'/var/etc/l2tp-vpn/mpd.secret'
,
0600
);
vpn_netgraph_support
();
/* fire up mpd */
mwexec
(
"/usr/local/sbin/mpd4 -b -d
{
$g
[
'varetc_path'
]
}
/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps"
);
mwexec
(
'/usr/local/sbin/mpd4 -b -d /var/etc/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps'
);
break
;
...
...
src/etc/rc.newwanipv6
View file @
07a1b920
...
...
@@ -87,11 +87,11 @@ if (!empty($new_domain_name_servers)) {
}
if
(
count
(
$valid_ns
>
0
))
file_put_contents
(
"
{
$g
[
'varetc_path'
]
}
/nameserver_v6
{
$interface
}
"
,
implode
(
"
\n
"
,
$valid_ns
));
file_put_contents
(
"
/var/etc
/nameserver_v6
{
$interface
}
"
,
implode
(
"
\n
"
,
$valid_ns
));
}
$new_domain_name
=
getenv
(
"new_domain_name"
);
if
(
!
empty
(
$new_domain_name
))
file_put_contents
(
"
{
$g
[
'varetc_path'
]
}
/searchdomain_v6
{
$interface
}
"
,
$new_domain_name
);
file_put_contents
(
"
/var/etc
/searchdomain_v6
{
$interface
}
"
,
$new_domain_name
);
/* write current WAN IPv6 to file */
if
(
is_ipaddrv6
(
$curwanipv6
))
...
...
src/etc/rc.openvpn
View file @
07a1b920
...
...
@@ -45,7 +45,7 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) {
}
else
{
if
(
!
empty
(
$interface
))
{
$mode_id
=
$mode
.
$ovpn_settings
[
'vpnid'
];
$fpath
=
"
{
$g
[
'varetc_path'
]
}
/openvpn/
{
$mode_id
}
.interface"
;
$fpath
=
"
/var/etc
/openvpn/
{
$mode_id
}
.interface"
;
if
(
file_exists
(
$fpath
))
{
$current_device
=
file_get_contents
(
$fpath
);
$current_device
=
trim
(
$current_device
,
"
\t\n
"
);
...
...
src/www/services_captiveportal_vouchers.php
View file @
07a1b920
...
...
@@ -156,11 +156,11 @@ if ($_GET['act'] == "del") {
else
if
(
$_GET
[
'act'
]
==
"csv"
)
{
$privkey
=
base64_decode
(
$config
[
'voucher'
][
$cpzone
][
'privatekey'
]);
if
(
strstr
(
$privkey
,
"BEGIN RSA PRIVATE KEY"
))
{
$fd
=
fopen
(
"
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.private"
,
"w"
);
$fd
=
fopen
(
"
/var/etc
/voucher_
{
$cpzone
}
.private"
,
"w"
);
if
(
!
$fd
)
{
$input_errors
[]
=
gettext
(
"Cannot write private key file"
)
.
".
\n
"
;
}
else
{
chmod
(
"
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.private"
,
0600
);
chmod
(
"
/var/etc
/voucher_
{
$cpzone
}
.private"
,
0600
);
fwrite
(
$fd
,
$privkey
);
fclose
(
$fd
);
$a_voucher
=
&
$config
[
'voucher'
][
$cpzone
][
'roll'
];
...
...
@@ -170,11 +170,13 @@ else if ($_GET['act'] == "csv") {
$count
=
$a_voucher
[
$id
][
'count'
];
header
(
"Content-Type: application/octet-stream"
);
header
(
"Content-Disposition: attachment; filename=vouchers_
{
$cpzone
}
_roll
{
$number
}
.csv"
);
if
(
file_exists
(
"
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.cfg"
))
system
(
"/usr/local/bin/voucher -c
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.cfg -p
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.private
$number
$count
"
);
@
unlink
(
"
{
$g
[
'varetc_path'
]
}
/voucher_
{
$cpzone
}
.private"
);
}
else
if
(
file_exists
(
"/var/etc/voucher_
{
$cpzone
}
.cfg"
))
{
system
(
"/usr/local/bin/voucher -c /var/etc/voucher_
{
$cpzone
}
.cfg -p /var/etc/voucher_
{
$cpzone
}
.private
$number
$count
"
);
}
@
unlink
(
"/var/etc/voucher_
{
$cpzone
}
.private"
);
}
else
{
header
(
"Location: services_captiveportal_vouchers.php?zone=
{
$cpzone
}
"
);
}
exit
;
}
}
else
{
...
...
src/www/status_openvpn.php
View file @
07a1b920
...
...
@@ -57,7 +57,7 @@ function kill_client($port, $remipp) {
global
$g
;
//$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv
=
"unix://
{
$g
[
'varetc_path'
]
}
/openvpn/
{
$port
}
.sock"
;
$tcpsrv
=
"unix://
/var/etc
/openvpn/
{
$port
}
.sock"
;
$errval
;
$errstr
;
...
...
src/www/vpn_pppoe.php
View file @
07a1b920
...
...
@@ -71,8 +71,7 @@ if ($_POST) {
if
(
$_GET
[
'act'
]
==
"del"
)
{
if
(
$a_pppoes
[
$_GET
[
'id'
]])
{
killbypid
(
"/var/run/pppoe
{
$a_pppoes
[
$_GET
[
'id'
]][
'pppoeid'
]
}
-vpn.pid"
);
if
(
is_dir
(
"
{
$g
[
'varetc_path'
]
}
/pppoe"
.
$a_pppoes
[
$_GET
[
'id'
]][
'pppoeid'
]))
mwexec
(
"/bin/rm -r
{
$g
[
'varetc_path'
]
}
/pppoe"
.
$a_pppoes
[
$_GET
[
'id'
]][
'pppoeid'
]);
mwexecf
(
'/bin/rm -r %s'
,
"/var/etc/pppoe
{
$a_pppoes
[
$_GET
[
'id'
]][
'pppoeid'
]
}
"
);
unset
(
$a_pppoes
[
$_GET
[
'id'
]]);
write_config
();
header
(
"Location: vpn_pppoe.php"
);
...
...
src/www/widgets/widgets/openvpn.widget.php
View file @
07a1b920
<?php
/*
Copyright (C) 2014 Deciso B.V.
All rights reserved.
...
...
@@ -50,7 +51,7 @@ function kill_client($port, $remipp) {
global
$g
;
//$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv
=
"unix://
{
$g
[
'varetc_path'
]
}
/openvpn/
{
$port
}
.sock"
;
$tcpsrv
=
"unix://
/var/etc
/openvpn/
{
$port
}
.sock"
;
$errval
;
$errstr
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment