Commit 07a1b920 authored by Franco Fichtner's avatar Franco Fichtner

src: replace varetc_path

parent 501c35d4
......@@ -139,7 +139,7 @@
$this->_cacheFile = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.cache";
$this->_cacheFile_v6 = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}_v6.cache";
$this->_debugFile = "{$g['varetc_path']}/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.debug";
$this->_debugFile = "/var/etc/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.debug";
$this->_curlIpresolveV4 = $curlIpresolveV4;
$this->_curlSslVerifypeer = $curlSslVerifypeer;
......
......@@ -441,7 +441,7 @@ function enable_rrd_graphing() {
$rrdupdatesh .= " sleep 0.2\n";
$rrdupdatesh .= " echo \"quit\"\n";
$rrdupdatesh .= "}\n";
$rrdupdatesh .= "OVPN=`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n";
$rrdupdatesh .= "OVPN=`list_current_users | nc -U /var/etc/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n";
$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\${OVPN}\n";
}
......
......@@ -120,26 +120,17 @@ function vpn_ipsec_configure($ipchg = false)
mwexec("/sbin/ifconfig enc0 up");
set_single_sysctl("net.inet.ip.ipsec_in_use", "1");
/* needed for config files */
if (!is_dir("/usr/local/etc/ipsec.d"))
mkdir("/usr/local/etc/ipsec.d");
if (!is_dir($capath))
mkdir($capath);
if (!is_dir($keypath))
mkdir($keypath);
if (!is_dir("/usr/local/etc/ipsec.d/crls"))
mkdir("/usr/local/etc/ipsec.d/crls");
if (!is_dir($certpath))
mkdir($certpath);
if (!is_dir("/usr/local/etc/ipsec.d/aacerts"))
mkdir("/usr/local/etc/ipsec.d/aacerts");
if (!is_dir("/usr/local/etc/ipsec.d/acerts"))
mkdir("/usr/local/etc/ipsec.d/acerts");
if (!is_dir("/usr/local/etc/ipsec.d/ocspcerts"))
mkdir("/usr/local/etc/ipsec.d/ocspcerts");
if (!is_dir("/usr/local/etc/ipsec.d/reqs"))
mkdir("/usr/local/etc/ipsec.d/reqs");
/* needed directories for config files */
@mkdir($capath);
@mkdir($keypath);
@mkdir($certpath);
@mkdir('/usr/local/etc/ipsec.d');
@mkdir('/usr/local/etc/ipsec.d/crls');
@mkdir('/usr/local/etc/ipsec.d/aacerts');
@mkdir('/usr/local/etc/ipsec.d/acerts');
@mkdir('/usr/local/etc/ipsec.d/ocspcerts');
@mkdir('/usr/local/etc/ipsec.d/reqs');
if (file_exists("/var/run/booting"))
echo gettext("Configuring IPsec VPN... ");
......@@ -948,13 +939,12 @@ function vpn_pptpd_configure() {
}
/* make sure pptp-vpn directory exists */
if (!file_exists("{$g['varetc_path']}/pptp-vpn"))
mkdir("{$g['varetc_path']}/pptp-vpn");
@mkdir('/var/etc/pptp-vpn');
switch ($pptpdcfg['mode']) {
case 'server' :
/* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.conf", "w");
$fd = fopen('/var/etc/pptp-vpn/mpd.conf', 'w');
if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_pptpd_configure().") . "\n");
return 1;
......@@ -1073,7 +1063,7 @@ EOD;
unset($mpdconf);
/* write mpd.links */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.links", "w");
$fd = fopen('/var/etc/pptp-vpn/mpd.links', 'w');
if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_pptpd_configure().") . "\n");
return 1;
......@@ -1098,7 +1088,7 @@ EOD;
unset($mpdlinks);
/* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.secret", "w");
$fd = fopen('/var/etc/pptp-vpn/mpd.secret', 'w');
if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_pptpd_configure().") . "\n");
return 1;
......@@ -1117,12 +1107,12 @@ EOD;
fwrite($fd, $mpdsecret);
fclose($fd);
unset($mpdsecret);
chmod("{$g['varetc_path']}/pptp-vpn/mpd.secret", 0600);
chmod('/var/etc/pptp-vpn/mpd.secret', 0600);
vpn_netgraph_support();
/* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps");
mwexec('/usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps');
break;
......@@ -1151,8 +1141,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$syscfg = $config['system'];
/* create directory if it does not exist */
if (!is_dir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn"))
mkdir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn");
@mkdir("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn");
if (file_exists("/var/run/booting")) {
if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off"))
......@@ -1180,7 +1169,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$paporchap = "set link enable pap";
/* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w");
$fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n");
return 1;
......@@ -1289,7 +1278,7 @@ EOD;
unset($mpdconf);
/* write mpd.links */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w");
$fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n");
return 1;
......@@ -1316,7 +1305,7 @@ EOD;
if ($pppoecfg['username']) {
/* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w");
$fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_pppoe_configure().") . "\n");
return 1;
......@@ -1335,7 +1324,7 @@ EOD;
fwrite($fd, $mpdsecret);
fclose($fd);
unset($mpdsecret);
chmod("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600);
chmod("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600);
}
/* Check if previous instance is still up */
......@@ -1344,7 +1333,7 @@ EOD;
/* Get support for netgraph(4) from the nic */
pfSense_ngctl_attach(".", $pppoe_interface);
/* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p /var/run/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes");
mwexec("/usr/local/sbin/mpd4 -b -d /var/etc/pppoe{$pppoecfg['pppoeid']}-vpn -p /var/run/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes");
break;
}
......@@ -1355,33 +1344,26 @@ EOD;
return 0;
}
function vpn_l2tp_configure() {
function vpn_l2tp_configure()
{
global $config, $g;
$syscfg = $config['system'];
$l2tpcfg = $config['l2tp'];
/* create directory if it does not exist */
if (!is_dir("{$g['varetc_path']}/l2tp-vpn"))
mkdir("{$g['varetc_path']}/l2tp-vpn");
if (file_exists("/var/run/booting")) {
if (!$l2tpcfg['mode'] || ($l2tpcfg['mode'] == "off"))
return 0;
echo gettext("Configuring l2tp VPN service... ");
} else {
/* kill mpd */
killbypid('/var/run/l2tp-vpn.pid');
/* wait for process to die */
sleep(8);
while (isvalidpid('/var/run/l2tp-vpn.pid')) {
killbypid('/var/run/l2tp-vpn.pid');
usleep(250 * 1000);
}
}
/* make sure l2tp-vpn directory exists */
if (!file_exists("{$g['varetc_path']}/l2tp-vpn"))
mkdir("{$g['varetc_path']}/l2tp-vpn");
@mkdir('/var/etc/l2tp-vpn');
switch ($l2tpcfg['mode']) {
......@@ -1392,7 +1374,7 @@ function vpn_l2tp_configure() {
$paporchap = "set link enable pap";
/* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.conf", "w");
$fd = fopen("/var/etc/l2tp-vpn/mpd.conf", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_l2tp_configure().") . "\n");
return 1;
......@@ -1491,7 +1473,7 @@ EOD;
unset($mpdconf);
/* write mpd.links */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.links", "w");
$fd = fopen("/var/etc/l2tp-vpn/mpd.links", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_l2tp_configure().") . "\n");
return 1;
......@@ -1517,7 +1499,7 @@ EOD;
unset($mpdlinks);
/* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.secret", "w");
$fd = fopen("/var/etc/l2tp-vpn/mpd.secret", "w");
if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_l2tp_configure().") . "\n");
return 1;
......@@ -1533,12 +1515,12 @@ EOD;
fwrite($fd, $mpdsecret);
fclose($fd);
unset($mpdsecret);
chmod("{$g['varetc_path']}/l2tp-vpn/mpd.secret", 0600);
chmod('/var/etc/l2tp-vpn/mpd.secret', 0600);
vpn_netgraph_support();
/* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps");
mwexec('/usr/local/sbin/mpd4 -b -d /var/etc/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps');
break;
......
......@@ -87,11 +87,11 @@ if (!empty($new_domain_name_servers)) {
}
if (count($valid_ns > 0))
file_put_contents("{$g['varetc_path']}/nameserver_v6{$interface}", implode("\n", $valid_ns));
file_put_contents("/var/etc/nameserver_v6{$interface}", implode("\n", $valid_ns));
}
$new_domain_name = getenv("new_domain_name");
if (!empty($new_domain_name))
file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $new_domain_name);
file_put_contents("/var/etc/searchdomain_v6{$interface}", $new_domain_name);
/* write current WAN IPv6 to file */
if (is_ipaddrv6($curwanipv6))
......
......@@ -45,7 +45,7 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) {
} else {
if (!empty($interface)) {
$mode_id = $mode . $ovpn_settings['vpnid'];
$fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.interface";
$fpath = "/var/etc/openvpn/{$mode_id}.interface";
if (file_exists($fpath)) {
$current_device = file_get_contents($fpath);
$current_device = trim($current_device, " \t\n");
......
......@@ -156,11 +156,11 @@ if ($_GET['act'] == "del") {
else if ($_GET['act'] == "csv") {
$privkey = base64_decode($config['voucher'][$cpzone]['privatekey']);
if (strstr($privkey,"BEGIN RSA PRIVATE KEY")) {
$fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.private","w");
$fd = fopen("/var/etc/voucher_{$cpzone}.private","w");
if (!$fd) {
$input_errors[] = gettext("Cannot write private key file") . ".\n";
} else {
chmod("{$g['varetc_path']}/voucher_{$cpzone}.private", 0600);
chmod("/var/etc/voucher_{$cpzone}.private", 0600);
fwrite($fd, $privkey);
fclose($fd);
$a_voucher = &$config['voucher'][$cpzone]['roll'];
......@@ -170,11 +170,13 @@ else if ($_GET['act'] == "csv") {
$count = $a_voucher[$id]['count'];
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=vouchers_{$cpzone}_roll{$number}.csv");
if (file_exists("{$g['varetc_path']}/voucher_{$cpzone}.cfg"))
system("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -p {$g['varetc_path']}/voucher_{$cpzone}.private $number $count");
@unlink("{$g['varetc_path']}/voucher_{$cpzone}.private");
} else
if (file_exists("/var/etc/voucher_{$cpzone}.cfg")) {
system("/usr/local/bin/voucher -c /var/etc/voucher_{$cpzone}.cfg -p /var/etc/voucher_{$cpzone}.private $number $count");
}
@unlink("/var/etc/voucher_{$cpzone}.private");
} else {
header("Location: services_captiveportal_vouchers.php?zone={$cpzone}");
}
exit;
}
} else {
......
......@@ -57,7 +57,7 @@ function kill_client($port, $remipp) {
global $g;
//$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv = "unix://{$g['varetc_path']}/openvpn/{$port}.sock";
$tcpsrv = "unix:///var/etc/openvpn/{$port}.sock";
$errval;
$errstr;
......
......@@ -71,8 +71,7 @@ if ($_POST) {
if ($_GET['act'] == "del") {
if ($a_pppoes[$_GET['id']]) {
killbypid("/var/run/pppoe{$a_pppoes[$_GET['id']]['pppoeid']}-vpn.pid");
if (is_dir("{$g['varetc_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid']))
mwexec("/bin/rm -r {$g['varetc_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid']);
mwexecf('/bin/rm -r %s', "/var/etc/pppoe{$a_pppoes[$_GET['id']]['pppoeid']}");
unset($a_pppoes[$_GET['id']]);
write_config();
header("Location: vpn_pppoe.php");
......
<?php
/*
Copyright (C) 2014 Deciso B.V.
All rights reserved.
......@@ -50,7 +51,7 @@ function kill_client($port, $remipp) {
global $g;
//$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv = "unix://{$g['varetc_path']}/openvpn/{$port}.sock";
$tcpsrv = "unix:///var/etc/openvpn/{$port}.sock";
$errval;
$errstr;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment