Skip to content

O
OpnSense
Commit 1ae3cd2d authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

src: more path pruning

parent 6b3bff0f
Hide whitespace changes
Inline Side-by-side
Showing with 43 additions and 40 deletions
src/etc/inc/filter.inc
View file @ 1ae3cd2d
...@@ -100,14 +100,13 @@ function flowtable_configure() { ...@@ -100,14 +100,13 @@ function flowtable_configure() {
} }
} }
function filter_pflog_start($kill_first = false) function filter_pflog_start()
{ {
global $config, $g; if (isvalidpid('/var/run/filterlog.pid')) {
return;
if (!file_exists("{$g['varrun_path']}/filterlog.pid") ||
!isvalidpid("{$g['varrun_path']}/filterlog.pid")) {
mwexec("/usr/local/sbin/filterlog -i pflog0 -p {$g['varrun_path']}/filterlog.pid");
} }
mwexec('/usr/local/sbin/filterlog -i pflog0 -p /var/run/filterlog.pid');
} }
/* reload filter async */ /* reload filter async */
...@@ -321,31 +320,32 @@ function filter_configure_sync($delete_states_if_needed = true) ...@@ -321,31 +320,32 @@ function filter_configure_sync($delete_states_if_needed = true)
} }
# If we are not using bogonsv6 then we can remove any bogonsv6 table from the running pf (if the table is not there, the kill is still fine). # If we are not using bogonsv6 then we can remove any bogonsv6 table from the running pf (if the table is not there, the kill is still fine).
if (!is_bogonsv6_used()) if (!is_bogonsv6_used()) {
$_grbg = exec("/sbin/pfctl -t bogonsv6 -T kill 2>/dev/null"); $_grbg = exec('/sbin/pfctl -t bogonsv6 -T kill 2>/dev/null');
}
update_filter_reload_status(gettext("Starting up layer7 daemon")); update_filter_reload_status(gettext("Starting up layer7 daemon"));
layer7_start_l7daemon(); layer7_start_l7daemon();
if(!empty($filterdns)) { if (!empty($filterdns)) {
@file_put_contents("{$g['varetc_path']}/filterdns.conf", implode("", $filterdns)); @file_put_contents('/var/etc/filterdns.conf', implode('', $filterdns));
unset($filterdns); unset($filterdns);
if (isvalidpid("{$g['varrun_path']}/filterdns.pid")) { if (isvalidpid('/var/run/filterdns.pid')) {
killbypid("{$g['varrun_path']}/filterdns.pid", 'HUP'); killbypid('/var/run/filterdns.pid', 'HUP');
} else { } else {
/* /*
* FilterDNS has three debugging levels. The default choosen is 1. * FilterDNS has three debugging levels. The default choosen is 1.
* Availabe are level 2 and greater then 2. * Availabe are level 2 and greater then 2.
*/ */
if (isset($config['system']['aliasesresolveinterval']) && is_numeric($config['system']['aliasesresolveinterval'])) if (isset($config['system']['aliasesresolveinterval']) && is_numeric($config['system']['aliasesresolveinterval'])) {
$resolve_interval = $config['system']['aliasesresolveinterval']; $resolve_interval = $config['system']['aliasesresolveinterval'];
else } else {
$resolve_interval = 300; $resolve_interval = 300;
mwexec("/usr/local/sbin/filterdns -p {$g['varrun_path']}/filterdns.pid -i {$resolve_interval} -c {$g['varetc_path']}/filterdns.conf -d 1"); }
mwexec("/usr/local/sbin/filterdns -p /var/run/filterdns.pid -i {$resolve_interval} -c /var/etc/filterdns.conf -d 1");
} }
} else { } else {
killbypid("{$g['varrun_path']}/filterdns.pid"); killbypid('/var/run/filterdns.pid');
@unlink("{$g['varrun_path']}/filterdns.pid");
} }
/* run items scheduled for after filter configure run */ /* run items scheduled for after filter configure run */
......
src/etc/inc/gwlb.inc
View file @ 1ae3cd2d
...@@ -48,20 +48,22 @@ function return_apinger_defaults() { ...@@ -48,20 +48,22 @@ function return_apinger_defaults() {
* Creates monitoring configuration file and * Creates monitoring configuration file and
* adds appropriate static routes. * adds appropriate static routes.
*/ */
function setup_gateways_monitor() { function setup_gateways_monitor()
{
global $config, $g; global $config, $g;
$gateways_arr = return_gateways_array(); $gateways_arr = return_gateways_array();
if (!is_array($gateways_arr)) { if (!is_array($gateways_arr)) {
log_error("No gateways to monitor. Apinger will not be run."); log_error("No gateways to monitor. Apinger will not be run.");
killbypid("{$g['varrun_path']}/apinger.pid"); killbypid('/var/run/apinger.pid');
@unlink("{$g['varrun_path']}/apinger.status"); @unlink('/var/run/apinger.status');
return; return;
} }
$apinger_debug = ""; $apinger_debug = "";
if (isset($config['system']['apinger_debug'])) if (isset($config['system']['apinger_debug'])) {
$apinger_debug = "debug on"; $apinger_debug = "debug on";
}
$apinger_default = return_apinger_defaults(); $apinger_default = return_apinger_defaults();
$apingerconfig = <<<EOD $apingerconfig = <<<EOD
...@@ -78,14 +80,14 @@ group "wheel" ...@@ -78,14 +80,14 @@ group "wheel"
#mailer "/var/qmail/bin/qmail-inject" #mailer "/var/qmail/bin/qmail-inject"
## Location of the pid-file (default: "/var/run/apinger.pid") ## Location of the pid-file (default: "/var/run/apinger.pid")
pid_file "{$g['varrun_path']}/apinger.pid" pid_file "/var/run/apinger.pid"
## Format of timestamp (%s macro) (default: "%b %d %H:%M:%S") ## Format of timestamp (%s macro) (default: "%b %d %H:%M:%S")
#timestamp_format "%Y%m%d%H%M%S" #timestamp_format "%Y%m%d%H%M%S"
status { status {
## File where the status information should be written to ## File where the status information should be written to
file "{$g['varrun_path']}/apinger.status" file "/var/run/apinger.status"
## Interval between file updates ## Interval between file updates
## when 0 or not set, file is written only when SIGUSR1 is received ## when 0 or not set, file is written only when SIGUSR1 is received
interval 5s interval 5s
...@@ -334,7 +336,7 @@ EOD; ...@@ -334,7 +336,7 @@ EOD;
# match the OPNsense gateway quality graph set. # match the OPNsense gateway quality graph set.
create_gateway_quality_rrd("{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd"); create_gateway_quality_rrd("{$g['vardb_path']}/rrd/{$gateway['name']}-quality.rrd");
} }
@file_put_contents("{$g['varetc_path']}/apinger.conf", $apingerconfig); @file_put_contents('/var/etc/apinger.conf', $apingerconfig);
unset($apingerconfig); unset($apingerconfig);
@chmod('/tmp', 01777); @chmod('/tmp', 01777);
...@@ -342,15 +344,15 @@ EOD; ...@@ -342,15 +344,15 @@ EOD;
@chown("{$g['vardb_path']}/rrd", "nobody"); @chown("{$g['vardb_path']}/rrd", "nobody");
/* Restart apinger process */ /* Restart apinger process */
if (isvalidpid("{$g['varrun_path']}/apinger.pid")) { if (isvalidpid('/var/run/apinger.pid')) {
killbypid("{$g['varrun_path']}/apinger.pid", 'HUP'); killbypid('/var/run/apinger.pid', 'HUP');
} else { } else {
/* start a new apinger process */ /* start a new apinger process */
@unlink("{$g['varrun_path']}/apinger.status"); @unlink('/var/run/apinger.status');
sleep(1); sleep(1);
mwexec_bg("/usr/local/sbin/apinger -c {$g['varetc_path']}/apinger.conf"); mwexec_bg('/usr/local/sbin/apinger -c /var/etc/apinger.conf');
sleep(1); sleep(1);
killbypid("{$g['varrun_path']}/apinger.pid", 'USR1'); killbypid('/var/run/apinger.pid', 'USR1');
} }
return 0; return 0;
...@@ -359,23 +361,24 @@ EOD; ...@@ -359,23 +361,24 @@ EOD;
/* return the status of the apinger targets as a array */ /* return the status of the apinger targets as a array */
function return_gateways_status($byname = false) function return_gateways_status($byname = false)
{ {
global $config, $g; global $config;
$apingerstatus = array(); $apingerstatus = array();
/* Always get the latest status from apinger */ /* Always get the latest status from apinger */
killbypid("{$g['varrun_path']}/apinger.pid", 'USR1'); killbypid('/var/run/apinger.pid', 'USR1');
if (file_exists("{$g['varrun_path']}/apinger.status")) { if (file_exists('/var/run/apinger.status')) {
$apingerstatus = file("{$g['varrun_path']}/apinger.status"); $apingerstatus = file('/var/run/apinger.status');
} }
$status = array(); $status = array();
foreach($apingerstatus as $line) { foreach ($apingerstatus as $line) {
$info = explode("|", $line); $info = explode('|', $line);
if ($byname == false) if ($byname == false) {
$target = $info[0]; $target = $info[0];
else } else {
$target = $info[2]; $target = $info[2];
}
$status[$target] = array(); $status[$target] = array();
$status[$target]['monitorip'] = $info[0]; $status[$target]['monitorip'] = $info[0];
......
src/www/diag_logs_settings.php
View file @ 1ae3cd2d
...@@ -164,7 +164,7 @@ if ($_POST['resetlogs'] == gettext("Reset Log Files")) { ...@@ -164,7 +164,7 @@ if ($_POST['resetlogs'] == gettext("Reset Log Files")) {
$savemsg .= "<br />" . gettext("WebGUI process is restarting."); $savemsg .= "<br />" . gettext("WebGUI process is restarting.");
} }
filter_pflog_start(true); filter_pflog_start();
} }
} }
......
src/www/system_general.php
View file @ 1ae3cd2d
...@@ -70,8 +70,8 @@ if (!$pconfig['timeservers']) ...@@ -70,8 +70,8 @@ if (!$pconfig['timeservers'])
$changedesc = gettext("System") . ": "; $changedesc = gettext("System") . ": ";
$changecount = 0; $changecount = 0;
if($pconfig['timezone'] <> $_POST['timezone']) { if ($pconfig['timezone'] <> $_POST['timezone']) {
filter_pflog_start(true); filter_pflog_start();
} }
$timezonelist = array_map( $timezonelist = array_map(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023