Commit 07a1b920 authored by Franco Fichtner's avatar Franco Fichtner

src: replace varetc_path

parent 501c35d4
...@@ -139,7 +139,7 @@ ...@@ -139,7 +139,7 @@
$this->_cacheFile = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.cache"; $this->_cacheFile = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.cache";
$this->_cacheFile_v6 = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}_v6.cache"; $this->_cacheFile_v6 = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}_v6.cache";
$this->_debugFile = "{$g['varetc_path']}/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.debug"; $this->_debugFile = "/var/etc/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.debug";
$this->_curlIpresolveV4 = $curlIpresolveV4; $this->_curlIpresolveV4 = $curlIpresolveV4;
$this->_curlSslVerifypeer = $curlSslVerifypeer; $this->_curlSslVerifypeer = $curlSslVerifypeer;
......
...@@ -441,7 +441,7 @@ function enable_rrd_graphing() { ...@@ -441,7 +441,7 @@ function enable_rrd_graphing() {
$rrdupdatesh .= " sleep 0.2\n"; $rrdupdatesh .= " sleep 0.2\n";
$rrdupdatesh .= " echo \"quit\"\n"; $rrdupdatesh .= " echo \"quit\"\n";
$rrdupdatesh .= "}\n"; $rrdupdatesh .= "}\n";
$rrdupdatesh .= "OVPN=`list_current_users | nc -U {$g['varetc_path']}/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n"; $rrdupdatesh .= "OVPN=`list_current_users | nc -U /var/etc/openvpn/server{$vpnid}.sock | awk -F\",\" '/^CLIENT_LIST/ {print \$2}' | wc -l | awk '{print $1}'`\n";
$rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\${OVPN}\n"; $rrdupdatesh .= "$rrdtool update $rrddbpath$ifname$vpnusers N:\${OVPN}\n";
} }
......
...@@ -120,26 +120,17 @@ function vpn_ipsec_configure($ipchg = false) ...@@ -120,26 +120,17 @@ function vpn_ipsec_configure($ipchg = false)
mwexec("/sbin/ifconfig enc0 up"); mwexec("/sbin/ifconfig enc0 up");
set_single_sysctl("net.inet.ip.ipsec_in_use", "1"); set_single_sysctl("net.inet.ip.ipsec_in_use", "1");
/* needed for config files */
if (!is_dir("/usr/local/etc/ipsec.d"))
mkdir("/usr/local/etc/ipsec.d");
if (!is_dir($capath))
mkdir($capath);
if (!is_dir($keypath))
mkdir($keypath);
if (!is_dir("/usr/local/etc/ipsec.d/crls"))
mkdir("/usr/local/etc/ipsec.d/crls");
if (!is_dir($certpath))
mkdir($certpath);
if (!is_dir("/usr/local/etc/ipsec.d/aacerts"))
mkdir("/usr/local/etc/ipsec.d/aacerts");
if (!is_dir("/usr/local/etc/ipsec.d/acerts"))
mkdir("/usr/local/etc/ipsec.d/acerts");
if (!is_dir("/usr/local/etc/ipsec.d/ocspcerts"))
mkdir("/usr/local/etc/ipsec.d/ocspcerts");
if (!is_dir("/usr/local/etc/ipsec.d/reqs"))
mkdir("/usr/local/etc/ipsec.d/reqs");
/* needed directories for config files */
@mkdir($capath);
@mkdir($keypath);
@mkdir($certpath);
@mkdir('/usr/local/etc/ipsec.d');
@mkdir('/usr/local/etc/ipsec.d/crls');
@mkdir('/usr/local/etc/ipsec.d/aacerts');
@mkdir('/usr/local/etc/ipsec.d/acerts');
@mkdir('/usr/local/etc/ipsec.d/ocspcerts');
@mkdir('/usr/local/etc/ipsec.d/reqs');
if (file_exists("/var/run/booting")) if (file_exists("/var/run/booting"))
echo gettext("Configuring IPsec VPN... "); echo gettext("Configuring IPsec VPN... ");
...@@ -948,13 +939,12 @@ function vpn_pptpd_configure() { ...@@ -948,13 +939,12 @@ function vpn_pptpd_configure() {
} }
/* make sure pptp-vpn directory exists */ /* make sure pptp-vpn directory exists */
if (!file_exists("{$g['varetc_path']}/pptp-vpn")) @mkdir('/var/etc/pptp-vpn');
mkdir("{$g['varetc_path']}/pptp-vpn");
switch ($pptpdcfg['mode']) { switch ($pptpdcfg['mode']) {
case 'server' : case 'server' :
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.conf", "w"); $fd = fopen('/var/etc/pptp-vpn/mpd.conf', 'w');
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_pptpd_configure().") . "\n"); printf(gettext("Error: cannot open mpd.conf in vpn_pptpd_configure().") . "\n");
return 1; return 1;
...@@ -1073,7 +1063,7 @@ EOD; ...@@ -1073,7 +1063,7 @@ EOD;
unset($mpdconf); unset($mpdconf);
/* write mpd.links */ /* write mpd.links */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.links", "w"); $fd = fopen('/var/etc/pptp-vpn/mpd.links', 'w');
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_pptpd_configure().") . "\n"); printf(gettext("Error: cannot open mpd.links in vpn_pptpd_configure().") . "\n");
return 1; return 1;
...@@ -1098,7 +1088,7 @@ EOD; ...@@ -1098,7 +1088,7 @@ EOD;
unset($mpdlinks); unset($mpdlinks);
/* write mpd.secret */ /* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/pptp-vpn/mpd.secret", "w"); $fd = fopen('/var/etc/pptp-vpn/mpd.secret', 'w');
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_pptpd_configure().") . "\n"); printf(gettext("Error: cannot open mpd.secret in vpn_pptpd_configure().") . "\n");
return 1; return 1;
...@@ -1117,12 +1107,12 @@ EOD; ...@@ -1117,12 +1107,12 @@ EOD;
fwrite($fd, $mpdsecret); fwrite($fd, $mpdsecret);
fclose($fd); fclose($fd);
unset($mpdsecret); unset($mpdsecret);
chmod("{$g['varetc_path']}/pptp-vpn/mpd.secret", 0600); chmod('/var/etc/pptp-vpn/mpd.secret', 0600);
vpn_netgraph_support(); vpn_netgraph_support();
/* fire up mpd */ /* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps"); mwexec('/usr/local/sbin/mpd4 -b -d /var/etc/pptp-vpn -p /var/run/pptp-vpn.pid -s pptps pptps');
break; break;
...@@ -1151,8 +1141,7 @@ function vpn_pppoe_configure(&$pppoecfg) { ...@@ -1151,8 +1141,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$syscfg = $config['system']; $syscfg = $config['system'];
/* create directory if it does not exist */ /* create directory if it does not exist */
if (!is_dir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn")) @mkdir("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn");
mkdir("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn");
if (file_exists("/var/run/booting")) { if (file_exists("/var/run/booting")) {
if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off")) if (!$pppoecfg['mode'] || ($pppoecfg['mode'] == "off"))
...@@ -1180,7 +1169,7 @@ function vpn_pppoe_configure(&$pppoecfg) { ...@@ -1180,7 +1169,7 @@ function vpn_pppoe_configure(&$pppoecfg) {
$paporchap = "set link enable pap"; $paporchap = "set link enable pap";
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w"); $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.conf", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n"); printf(gettext("Error: cannot open mpd.conf in vpn_pppoe_configure().") . "\n");
return 1; return 1;
...@@ -1289,7 +1278,7 @@ EOD; ...@@ -1289,7 +1278,7 @@ EOD;
unset($mpdconf); unset($mpdconf);
/* write mpd.links */ /* write mpd.links */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w"); $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.links", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n"); printf(gettext("Error: cannot open mpd.links in vpn_pppoe_configure().") . "\n");
return 1; return 1;
...@@ -1316,7 +1305,7 @@ EOD; ...@@ -1316,7 +1305,7 @@ EOD;
if ($pppoecfg['username']) { if ($pppoecfg['username']) {
/* write mpd.secret */ /* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w"); $fd = fopen("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_pppoe_configure().") . "\n"); printf(gettext("Error: cannot open mpd.secret in vpn_pppoe_configure().") . "\n");
return 1; return 1;
...@@ -1335,7 +1324,7 @@ EOD; ...@@ -1335,7 +1324,7 @@ EOD;
fwrite($fd, $mpdsecret); fwrite($fd, $mpdsecret);
fclose($fd); fclose($fd);
unset($mpdsecret); unset($mpdsecret);
chmod("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600); chmod("/var/etc/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600);
} }
/* Check if previous instance is still up */ /* Check if previous instance is still up */
...@@ -1344,7 +1333,7 @@ EOD; ...@@ -1344,7 +1333,7 @@ EOD;
/* Get support for netgraph(4) from the nic */ /* Get support for netgraph(4) from the nic */
pfSense_ngctl_attach(".", $pppoe_interface); pfSense_ngctl_attach(".", $pppoe_interface);
/* fire up mpd */ /* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p /var/run/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes"); mwexec("/usr/local/sbin/mpd4 -b -d /var/etc/pppoe{$pppoecfg['pppoeid']}-vpn -p /var/run/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes");
break; break;
} }
...@@ -1355,33 +1344,26 @@ EOD; ...@@ -1355,33 +1344,26 @@ EOD;
return 0; return 0;
} }
function vpn_l2tp_configure() { function vpn_l2tp_configure()
{
global $config, $g; global $config, $g;
$syscfg = $config['system']; $syscfg = $config['system'];
$l2tpcfg = $config['l2tp']; $l2tpcfg = $config['l2tp'];
/* create directory if it does not exist */
if (!is_dir("{$g['varetc_path']}/l2tp-vpn"))
mkdir("{$g['varetc_path']}/l2tp-vpn");
if (file_exists("/var/run/booting")) { if (file_exists("/var/run/booting")) {
if (!$l2tpcfg['mode'] || ($l2tpcfg['mode'] == "off")) if (!$l2tpcfg['mode'] || ($l2tpcfg['mode'] == "off"))
return 0; return 0;
echo gettext("Configuring l2tp VPN service... "); echo gettext("Configuring l2tp VPN service... ");
} else { } else {
/* kill mpd */ while (isvalidpid('/var/run/l2tp-vpn.pid')) {
killbypid('/var/run/l2tp-vpn.pid'); killbypid('/var/run/l2tp-vpn.pid');
usleep(250 * 1000);
/* wait for process to die */ }
sleep(8);
} }
/* make sure l2tp-vpn directory exists */ @mkdir('/var/etc/l2tp-vpn');
if (!file_exists("{$g['varetc_path']}/l2tp-vpn"))
mkdir("{$g['varetc_path']}/l2tp-vpn");
switch ($l2tpcfg['mode']) { switch ($l2tpcfg['mode']) {
...@@ -1392,7 +1374,7 @@ function vpn_l2tp_configure() { ...@@ -1392,7 +1374,7 @@ function vpn_l2tp_configure() {
$paporchap = "set link enable pap"; $paporchap = "set link enable pap";
/* write mpd.conf */ /* write mpd.conf */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.conf", "w"); $fd = fopen("/var/etc/l2tp-vpn/mpd.conf", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.conf in vpn_l2tp_configure().") . "\n"); printf(gettext("Error: cannot open mpd.conf in vpn_l2tp_configure().") . "\n");
return 1; return 1;
...@@ -1491,7 +1473,7 @@ EOD; ...@@ -1491,7 +1473,7 @@ EOD;
unset($mpdconf); unset($mpdconf);
/* write mpd.links */ /* write mpd.links */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.links", "w"); $fd = fopen("/var/etc/l2tp-vpn/mpd.links", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.links in vpn_l2tp_configure().") . "\n"); printf(gettext("Error: cannot open mpd.links in vpn_l2tp_configure().") . "\n");
return 1; return 1;
...@@ -1517,7 +1499,7 @@ EOD; ...@@ -1517,7 +1499,7 @@ EOD;
unset($mpdlinks); unset($mpdlinks);
/* write mpd.secret */ /* write mpd.secret */
$fd = fopen("{$g['varetc_path']}/l2tp-vpn/mpd.secret", "w"); $fd = fopen("/var/etc/l2tp-vpn/mpd.secret", "w");
if (!$fd) { if (!$fd) {
printf(gettext("Error: cannot open mpd.secret in vpn_l2tp_configure().") . "\n"); printf(gettext("Error: cannot open mpd.secret in vpn_l2tp_configure().") . "\n");
return 1; return 1;
...@@ -1533,12 +1515,12 @@ EOD; ...@@ -1533,12 +1515,12 @@ EOD;
fwrite($fd, $mpdsecret); fwrite($fd, $mpdsecret);
fclose($fd); fclose($fd);
unset($mpdsecret); unset($mpdsecret);
chmod("{$g['varetc_path']}/l2tp-vpn/mpd.secret", 0600); chmod('/var/etc/l2tp-vpn/mpd.secret', 0600);
vpn_netgraph_support(); vpn_netgraph_support();
/* fire up mpd */ /* fire up mpd */
mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps"); mwexec('/usr/local/sbin/mpd4 -b -d /var/etc/l2tp-vpn -p /var/run/l2tp-vpn.pid -s l2tps l2tps');
break; break;
......
...@@ -87,11 +87,11 @@ if (!empty($new_domain_name_servers)) { ...@@ -87,11 +87,11 @@ if (!empty($new_domain_name_servers)) {
} }
if (count($valid_ns > 0)) if (count($valid_ns > 0))
file_put_contents("{$g['varetc_path']}/nameserver_v6{$interface}", implode("\n", $valid_ns)); file_put_contents("/var/etc/nameserver_v6{$interface}", implode("\n", $valid_ns));
} }
$new_domain_name = getenv("new_domain_name"); $new_domain_name = getenv("new_domain_name");
if (!empty($new_domain_name)) if (!empty($new_domain_name))
file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $new_domain_name); file_put_contents("/var/etc/searchdomain_v6{$interface}", $new_domain_name);
/* write current WAN IPv6 to file */ /* write current WAN IPv6 to file */
if (is_ipaddrv6($curwanipv6)) if (is_ipaddrv6($curwanipv6))
......
...@@ -45,7 +45,7 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) { ...@@ -45,7 +45,7 @@ function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) {
} else { } else {
if (!empty($interface)) { if (!empty($interface)) {
$mode_id = $mode . $ovpn_settings['vpnid']; $mode_id = $mode . $ovpn_settings['vpnid'];
$fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.interface"; $fpath = "/var/etc/openvpn/{$mode_id}.interface";
if (file_exists($fpath)) { if (file_exists($fpath)) {
$current_device = file_get_contents($fpath); $current_device = file_get_contents($fpath);
$current_device = trim($current_device, " \t\n"); $current_device = trim($current_device, " \t\n");
......
...@@ -156,11 +156,11 @@ if ($_GET['act'] == "del") { ...@@ -156,11 +156,11 @@ if ($_GET['act'] == "del") {
else if ($_GET['act'] == "csv") { else if ($_GET['act'] == "csv") {
$privkey = base64_decode($config['voucher'][$cpzone]['privatekey']); $privkey = base64_decode($config['voucher'][$cpzone]['privatekey']);
if (strstr($privkey,"BEGIN RSA PRIVATE KEY")) { if (strstr($privkey,"BEGIN RSA PRIVATE KEY")) {
$fd = fopen("{$g['varetc_path']}/voucher_{$cpzone}.private","w"); $fd = fopen("/var/etc/voucher_{$cpzone}.private","w");
if (!$fd) { if (!$fd) {
$input_errors[] = gettext("Cannot write private key file") . ".\n"; $input_errors[] = gettext("Cannot write private key file") . ".\n";
} else { } else {
chmod("{$g['varetc_path']}/voucher_{$cpzone}.private", 0600); chmod("/var/etc/voucher_{$cpzone}.private", 0600);
fwrite($fd, $privkey); fwrite($fd, $privkey);
fclose($fd); fclose($fd);
$a_voucher = &$config['voucher'][$cpzone]['roll']; $a_voucher = &$config['voucher'][$cpzone]['roll'];
...@@ -170,11 +170,13 @@ else if ($_GET['act'] == "csv") { ...@@ -170,11 +170,13 @@ else if ($_GET['act'] == "csv") {
$count = $a_voucher[$id]['count']; $count = $a_voucher[$id]['count'];
header("Content-Type: application/octet-stream"); header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=vouchers_{$cpzone}_roll{$number}.csv"); header("Content-Disposition: attachment; filename=vouchers_{$cpzone}_roll{$number}.csv");
if (file_exists("{$g['varetc_path']}/voucher_{$cpzone}.cfg")) if (file_exists("/var/etc/voucher_{$cpzone}.cfg")) {
system("/usr/local/bin/voucher -c {$g['varetc_path']}/voucher_{$cpzone}.cfg -p {$g['varetc_path']}/voucher_{$cpzone}.private $number $count"); system("/usr/local/bin/voucher -c /var/etc/voucher_{$cpzone}.cfg -p /var/etc/voucher_{$cpzone}.private $number $count");
@unlink("{$g['varetc_path']}/voucher_{$cpzone}.private"); }
} else @unlink("/var/etc/voucher_{$cpzone}.private");
} else {
header("Location: services_captiveportal_vouchers.php?zone={$cpzone}"); header("Location: services_captiveportal_vouchers.php?zone={$cpzone}");
}
exit; exit;
} }
} else { } else {
......
...@@ -57,7 +57,7 @@ function kill_client($port, $remipp) { ...@@ -57,7 +57,7 @@ function kill_client($port, $remipp) {
global $g; global $g;
//$tcpsrv = "tcp://127.0.0.1:{$port}"; //$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv = "unix://{$g['varetc_path']}/openvpn/{$port}.sock"; $tcpsrv = "unix:///var/etc/openvpn/{$port}.sock";
$errval; $errval;
$errstr; $errstr;
......
...@@ -71,8 +71,7 @@ if ($_POST) { ...@@ -71,8 +71,7 @@ if ($_POST) {
if ($_GET['act'] == "del") { if ($_GET['act'] == "del") {
if ($a_pppoes[$_GET['id']]) { if ($a_pppoes[$_GET['id']]) {
killbypid("/var/run/pppoe{$a_pppoes[$_GET['id']]['pppoeid']}-vpn.pid"); killbypid("/var/run/pppoe{$a_pppoes[$_GET['id']]['pppoeid']}-vpn.pid");
if (is_dir("{$g['varetc_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid'])) mwexecf('/bin/rm -r %s', "/var/etc/pppoe{$a_pppoes[$_GET['id']]['pppoeid']}");
mwexec("/bin/rm -r {$g['varetc_path']}/pppoe" . $a_pppoes[$_GET['id']]['pppoeid']);
unset($a_pppoes[$_GET['id']]); unset($a_pppoes[$_GET['id']]);
write_config(); write_config();
header("Location: vpn_pppoe.php"); header("Location: vpn_pppoe.php");
......
<?php <?php
/* /*
Copyright (C) 2014 Deciso B.V. Copyright (C) 2014 Deciso B.V.
All rights reserved. All rights reserved.
...@@ -50,7 +51,7 @@ function kill_client($port, $remipp) { ...@@ -50,7 +51,7 @@ function kill_client($port, $remipp) {
global $g; global $g;
//$tcpsrv = "tcp://127.0.0.1:{$port}"; //$tcpsrv = "tcp://127.0.0.1:{$port}";
$tcpsrv = "unix://{$g['varetc_path']}/openvpn/{$port}.sock"; $tcpsrv = "unix:///var/etc/openvpn/{$port}.sock";
$errval; $errval;
$errstr; $errstr;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment