Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
c0cc7626
Commit
c0cc7626
authored
Jul 08, 2015
by
Ad Schellevis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
(legacy) cleanups related to pfsense-utils.inc (remove unused, move single usage, isset issues)
parent
7e3edafe
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
208 additions
and
210 deletions
+208
-210
pfsense-utils.inc
src/etc/inc/pfsense-utils.inc
+10
-209
system.inc
src/etc/inc/system.inc
+44
-0
rc.php_ini_setup
src/etc/rc.php_ini_setup
+2
-1
rc.update_alias_url_data
src/etc/rc.update_alias_url_data
+67
-0
firewall_nat.php
src/www/firewall_nat.php
+16
-0
firewall_rules_edit.php
src/www/firewall_rules_edit.php
+17
-0
firewall_schedule_edit.php
src/www/firewall_schedule_edit.php
+31
-0
functions.inc.php
src/www/includes/functions.inc.php
+13
-0
system_advanced_firewall.php
src/www/system_advanced_firewall.php
+8
-0
No files found.
src/etc/inc/pfsense-utils.inc
View file @
c0cc7626
...
...
@@ -27,21 +27,6 @@
*
*/
/****f* legacy/have_natpfruleint_access
* NAME
* have_natpfruleint_access
* INPUTS
* none
* RESULT
* returns true if user has access to edit a specific firewall nat port forward interface
******/
function
have_natpfruleint_access
(
$if
)
{
$security_url
=
"firewall_nat_edit.php?if="
.
strtolower
(
$if
);
if
(
isAllowedPage
(
$security_url
))
return
true
;
return
false
;
}
/****f* legacy/have_ruleint_access
* NAME
* have_ruleint_access
...
...
@@ -132,36 +117,6 @@ function enable_hardware_offloading($interface)
}
}
/****f* legacy/is_schedule_inuse
* NAME
* checks to see if a schedule is currently in use by a rule
* INPUTS
*
* RESULT
* true or false
* NOTES
*
******/
function
is_schedule_inuse
(
$schedule
)
{
global
$config
;
if
(
$schedule
==
''
)
{
return
false
;
}
/* loop through firewall rules looking for schedule in use */
if
(
isset
(
$config
[
'filter'
][
'rule'
]))
{
foreach
(
$config
[
'filter'
][
'rule'
]
as
$rule
)
{
if
(
$rule
[
'sched'
]
==
$schedule
)
{
return
true
;
}
}
}
return
false
;
}
/****f* legacy/setup_polling
* NAME
* sets up polling
...
...
@@ -181,18 +136,6 @@ function setup_polling()
}
else
{
set_single_sysctl
(
"kern.polling.idle_poll"
,
"0"
);
}
if
(
$config
[
'system'
][
'polling_each_burst'
])
{
set_single_sysctl
(
"kern.polling.each_burst"
,
$config
[
'system'
][
'polling_each_burst'
]);
}
if
(
$config
[
'system'
][
'polling_burst_max'
])
{
set_single_sysctl
(
"kern.polling.burst_max"
,
$config
[
'system'
][
'polling_burst_max'
]);
}
if
(
$config
[
'system'
][
'polling_user_frac'
])
{
set_single_sysctl
(
"kern.polling.user_frac"
,
$config
[
'system'
][
'polling_user_frac'
]);
}
}
function
set_language
(
$lang
)
...
...
@@ -291,14 +234,14 @@ function restore_config_section($section_name, $new_contents)
fclose
(
$fout
);
$xml
=
parse_xml_config
(
$tmpxml
,
null
);
if
(
$xml
[
'pfsense'
]
)
{
if
(
isset
(
$xml
[
'pfsense'
])
)
{
$xml
=
$xml
[
'pfsense'
];
}
elseif
(
$xml
[
'm0n0wall'
]
)
{
}
elseif
(
isset
(
$xml
[
'm0n0wall'
])
)
{
$xml
=
$xml
[
'm0n0wall'
];
}
elseif
(
$xml
[
'opnsense'
]
)
{
}
elseif
(
isset
(
$xml
[
'opnsense'
])
)
{
$xml
=
$xml
[
'opnsense'
];
}
if
(
$xml
[
$section_name
]
)
{
if
(
isset
(
$xml
[
$section_name
])
)
{
$section_xml
=
$xml
[
$section_name
];
}
else
{
$section_xml
=
-
1
;
...
...
@@ -354,22 +297,6 @@ function host_firmware_version()
}
/****f* legacy/strncpy
* NAME
* strncpy - copy strings
* INPUTS
* &$dst, $src, $length
* RESULT
* none
******/
function
strncpy
(
&
$dst
,
$src
,
$length
)
{
if
(
strlen
(
$src
)
>
$length
)
{
$dst
=
substr
(
$src
,
0
,
$length
);
}
else
{
$dst
=
$src
;
}
}
/****f* legacy/reload_interfaces_sync
* NAME
* reload_interfaces - reload all interfaces
...
...
@@ -599,7 +526,7 @@ function is_dhcpv6_server_enabled() {
}
}
if
(
!
is_array
(
$config
[
'dhcpdv6'
]))
if
(
!
is
set
(
$config
[
'dhcpdv6'
])
||
!
is
_array
(
$config
[
'dhcpdv6'
]))
return
false
;
foreach
(
$config
[
'dhcpdv6'
]
as
$dhcpv6if
=>
$dhcpv6ifconf
)
{
...
...
@@ -668,7 +595,7 @@ function is_pppoe_server_enabled() {
$pppoeenable
=
false
;
if
(
!
is
_array
(
$config
[
'pppoes
'
])
||
!
is_array
(
$config
[
'pppoes'
][
'pppoe'
]))
if
(
!
is
set
(
$config
[
'pppoes'
][
'pppoe
'
])
||
!
is_array
(
$config
[
'pppoes'
][
'pppoe'
]))
return
false
;
foreach
(
$config
[
'pppoes'
][
'pppoe'
]
as
$pppoes
)
...
...
@@ -958,19 +885,6 @@ function get_interface_info($ifdescr)
return
$ifinfo
;
}
function
get_uptime_sec
()
{
$boottime
=
""
;
$matches
=
""
;
$boottime
=
get_single_sysctl
(
"kern.boottime"
);
preg_match
(
"/sec = (\d+)/"
,
$boottime
,
$matches
);
$boottime
=
$matches
[
1
];
if
(
intval
(
$boottime
)
==
0
)
return
0
;
$uptime
=
time
()
-
$boottime
;
return
$uptime
;
}
function
add_hostname_to_watch
(
$hostname
)
{
if
(
!
is_dir
(
"/var/db/dnscache"
))
{
mkdir
(
"/var/db/dnscache"
);
...
...
@@ -1033,56 +947,6 @@ function default_state_size()
return
$max_states
;
}
function
default_table_entries_size
()
{
$current
=
`pfctl -sm | grep table-entries | awk '{print $4};'`
;
return
$current
;
}
/* Compare the current hostname DNS to the DNS cache we made
* if it has changed we return the old records
* if no change we return false */
function
compare_hostname_to_dnscache
(
$hostname
)
{
if
(
!
is_dir
(
"/var/db/dnscache"
))
{
mkdir
(
"/var/db/dnscache"
);
}
$hostname
=
trim
(
$hostname
);
if
(
is_readable
(
"/var/db/dnscache/
{
$hostname
}
"
))
{
$oldcontents
=
file_get_contents
(
"/var/db/dnscache/
{
$hostname
}
"
);
}
else
{
$oldcontents
=
""
;
}
if
((
is_fqdn
(
$hostname
))
&&
(
!
is_ipaddr
(
$hostname
)))
{
$domrecords
=
array
();
$domips
=
array
();
exec
(
"host -t A "
.
escapeshellarg
(
$hostname
),
$domrecords
,
$rethost
);
if
(
$rethost
==
0
)
{
foreach
(
$domrecords
as
$domr
)
{
$doml
=
explode
(
" "
,
$domr
);
$domip
=
$doml
[
3
];
/* fill array with domain ip addresses */
if
(
is_ipaddr
(
$domip
))
{
$domips
[]
=
$domip
;
}
}
}
sort
(
$domips
);
$contents
=
""
;
if
(
!
empty
(
$domips
))
{
foreach
(
$domips
as
$ip
)
{
$contents
.=
"
$ip
\n
"
;
}
}
}
if
(
trim
(
$oldcontents
)
!=
trim
(
$contents
))
{
log_error
(
sprintf
(
gettext
(
'DNSCACHE: Found old IP %1$s and new IP %2$s'
),
$oldcontents
,
$contents
));
return
(
$oldcontents
);
}
else
{
return
false
;
}
}
/*
* load_crypto() - Load crypto modules if enabled in config.
...
...
@@ -1093,7 +957,7 @@ function load_crypto()
$crypto_modules
=
array
(
'glxsb'
,
'aesni'
);
if
(
!
in_array
(
$config
[
'system'
][
'crypto_hardware'
],
$crypto_modules
))
{
if
(
!
i
sset
(
$config
[
'system'
][
'crypto_hardware'
])
||
!
i
n_array
(
$config
[
'system'
][
'crypto_hardware'
],
$crypto_modules
))
{
return
false
;
}
...
...
@@ -1112,7 +976,7 @@ function load_thermal_hardware()
$thermal_hardware_modules
=
array
(
'coretemp'
,
'amdtemp'
);
if
(
!
in_array
(
$config
[
'system'
][
'thermal_hardware'
],
$thermal_hardware_modules
))
{
if
(
!
i
sset
(
$config
[
'system'
][
'thermal_hardware'
])
||
!
i
n_array
(
$config
[
'system'
][
'thermal_hardware'
],
$thermal_hardware_modules
))
{
return
false
;
}
...
...
@@ -1201,71 +1065,6 @@ function update_alias_names_upon_change($section, $field, $new_alias_name, $orig
}
}
function
update_alias_url_data
()
{
global
$config
;
$updated
=
false
;
/* item is a url type */
$lockkey
=
lock
(
'aliasurl'
);
if
(
is_array
(
$config
[
'aliases'
][
'alias'
]))
{
foreach
(
$config
[
'aliases'
][
'alias'
]
as
$x
=>
$alias
)
{
if
(
empty
(
$alias
[
'aliasurl'
]))
continue
;
$address
=
""
;
$isfirst
=
0
;
foreach
(
$alias
[
'aliasurl'
]
as
$alias_url
)
{
/* fetch down and add in */
$temp_filename
=
tempnam
(
'/tmp/'
,
'alias_import'
);
unlink
(
$temp_filename
);
$verify_ssl
=
isset
(
$config
[
'system'
][
'checkaliasesurlcert'
]);
mkdir
(
$temp_filename
);
download_file
(
$alias_url
,
$temp_filename
.
"/aliases"
,
$verify_ssl
);
/* if the item is tar gzipped then extract */
if
(
stripos
(
$alias_url
,
'.tgz'
))
{
if
(
!
process_alias_tgz
(
$temp_filename
))
continue
;
}
else
if
(
stripos
(
$alias_url
,
'.zip'
))
{
if
(
!
process_alias_unzip
(
$temp_filename
))
continue
;
}
if
(
file_exists
(
"
{
$temp_filename
}
/aliases"
))
{
$fd
=
@
fopen
(
"
{
$temp_filename
}
/aliases"
,
'r'
);
if
(
!
$fd
)
{
log_error
(
sprintf
(
_
(
'Could not process aliases from alias: %s'
),
$alias_url
));
continue
;
}
/* NOTE: fgetss() is not a typo RTFM before being smart */
while
((
$fc
=
fgetss
(
$fd
))
!==
FALSE
)
{
$tmp
=
trim
(
$fc
,
"
\t\n\r
"
);
if
(
empty
(
$tmp
))
continue
;
$tmp_str
=
strstr
(
$tmp
,
'#'
,
true
);
if
(
!
empty
(
$tmp_str
))
$tmp
=
$tmp_str
;
if
(
$isfirst
==
1
)
$address
.=
' '
;
$address
.=
$tmp
;
$isfirst
=
1
;
}
fclose
(
$fd
);
mwexec
(
"/bin/rm -rf
{
$temp_filename
}
"
);
}
}
if
(
!
empty
(
$address
))
{
$config
[
'aliases'
][
'alias'
][
$x
][
'address'
]
=
$address
;
$updated
=
true
;
}
}
}
unlock
(
$lockkey
);
/* Report status to callers as well */
return
$updated
;
}
function
process_alias_unzip
(
$temp_filename
)
{
if
(
!
file_exists
(
"/usr/local/bin/unzip"
))
{
...
...
@@ -1638,6 +1437,8 @@ function calculate_ipv6_delegation_length($if) {
if(!isset(
$config['interfaces'][$if]
) || !is_array(
$config['interfaces'][$if]
)) {
return false;
} elseif (!isset(
$config['interfaces'][$if]['ipaddrv6']
)) {
return (0);
}
switch(
$config['interfaces'][$if]['ipaddrv6']
) {
...
...
src/etc/inc/system.inc
View file @
c0cc7626
...
...
@@ -483,6 +483,50 @@ function system_routing_configure($interface = '')
return
0
;
}
/* Compare the current hostname DNS to the DNS cache we made
* if it has changed we return the old records
* if no change we return false */
function
compare_hostname_to_dnscache
(
$hostname
)
{
if
(
!
is_dir
(
"/var/db/dnscache"
))
{
mkdir
(
"/var/db/dnscache"
);
}
$hostname
=
trim
(
$hostname
);
if
(
is_readable
(
"/var/db/dnscache/
{
$hostname
}
"
))
{
$oldcontents
=
file_get_contents
(
"/var/db/dnscache/
{
$hostname
}
"
);
}
else
{
$oldcontents
=
""
;
}
if
((
is_fqdn
(
$hostname
))
&&
(
!
is_ipaddr
(
$hostname
)))
{
$domrecords
=
array
();
$domips
=
array
();
exec
(
"host -t A "
.
escapeshellarg
(
$hostname
),
$domrecords
,
$rethost
);
if
(
$rethost
==
0
)
{
foreach
(
$domrecords
as
$domr
)
{
$doml
=
explode
(
" "
,
$domr
);
$domip
=
$doml
[
3
];
/* fill array with domain ip addresses */
if
(
is_ipaddr
(
$domip
))
{
$domips
[]
=
$domip
;
}
}
}
sort
(
$domips
);
$contents
=
""
;
if
(
!
empty
(
$domips
))
{
foreach
(
$domips
as
$ip
)
{
$contents
.=
"
$ip
\n
"
;
}
}
}
if
(
trim
(
$oldcontents
)
!=
trim
(
$contents
))
{
log_error
(
sprintf
(
gettext
(
'DNSCACHE: Found old IP %1$s and new IP %2$s'
),
$oldcontents
,
$contents
));
return
(
$oldcontents
);
}
else
{
return
false
;
}
}
function
system_staticroutes_configure
(
$interface
=
''
,
$update_dns
=
false
)
{
global
$config
,
$aliastable
;
...
...
src/etc/rc.php_ini_setup
View file @
c0cc7626
...
...
@@ -107,7 +107,8 @@ zlib.output_compression = Off
zlib.output_compression_level = 1
include_path = ".:/usr/local/etc/inc:/usr/local/www:/usr/local/opnsense/mvc:/usr/local/share/pear:/usr/local/opnsense/contrib"
ignore_repeated_errors = on
error_reporting = E_ALL ^ (E_NOTICE | E_DEPRECATED | E_STRICT)
error_reporting = E_ALL
;^ (E_NOTICE | E_DEPRECATED | E_STRICT)
display_errors=on
log_errors=on
error_log=/tmp/PHP_errors.log
...
...
src/etc/rc.update_alias_url_data
View file @
c0cc7626
...
...
@@ -30,6 +30,73 @@
require_once
(
"config.inc"
);
require_once
(
"functions.inc"
);
function
update_alias_url_data
()
{
global
$config
;
$updated
=
false
;
/* item is a url type */
$lockkey
=
lock
(
'aliasurl'
);
if
(
isset
(
$config
[
'aliases'
][
'alias'
])
&&
is_array
(
$config
[
'aliases'
][
'alias'
]))
{
foreach
(
$config
[
'aliases'
][
'alias'
]
as
$x
=>
$alias
)
{
if
(
empty
(
$alias
[
'aliasurl'
]))
continue
;
$address
=
""
;
$isfirst
=
0
;
foreach
(
$alias
[
'aliasurl'
]
as
$alias_url
)
{
/* fetch down and add in */
$temp_filename
=
tempnam
(
'/tmp/'
,
'alias_import'
);
unlink
(
$temp_filename
);
$verify_ssl
=
isset
(
$config
[
'system'
][
'checkaliasesurlcert'
]);
mkdir
(
$temp_filename
);
download_file
(
$alias_url
,
$temp_filename
.
"/aliases"
,
$verify_ssl
);
/* if the item is tar gzipped then extract */
if
(
stripos
(
$alias_url
,
'.tgz'
))
{
if
(
!
process_alias_tgz
(
$temp_filename
))
continue
;
}
else
if
(
stripos
(
$alias_url
,
'.zip'
))
{
if
(
!
process_alias_unzip
(
$temp_filename
))
continue
;
}
if
(
file_exists
(
"
{
$temp_filename
}
/aliases"
))
{
$fd
=
@
fopen
(
"
{
$temp_filename
}
/aliases"
,
'r'
);
if
(
!
$fd
)
{
log_error
(
sprintf
(
_
(
'Could not process aliases from alias: %s'
),
$alias_url
));
continue
;
}
/* NOTE: fgetss() is not a typo RTFM before being smart */
while
((
$fc
=
fgetss
(
$fd
))
!==
FALSE
)
{
$tmp
=
trim
(
$fc
,
"
\t\n\r
"
);
if
(
empty
(
$tmp
))
continue
;
$tmp_str
=
strstr
(
$tmp
,
'#'
,
true
);
if
(
!
empty
(
$tmp_str
))
$tmp
=
$tmp_str
;
if
(
$isfirst
==
1
)
$address
.=
' '
;
$address
.=
$tmp
;
$isfirst
=
1
;
}
fclose
(
$fd
);
mwexec
(
"/bin/rm -rf
{
$temp_filename
}
"
);
}
}
if
(
!
empty
(
$address
))
{
$config
[
'aliases'
][
'alias'
][
$x
][
'address'
]
=
$address
;
$updated
=
true
;
}
}
}
unlock
(
$lockkey
);
/* Report status to callers as well */
return
$updated
;
}
if
(
update_alias_url_data
())
{
write_config
();
configd_run
(
"filter reload"
);
...
...
src/www/firewall_nat.php
View file @
c0cc7626
...
...
@@ -32,6 +32,22 @@ require_once("functions.inc");
require_once
(
"filter.inc"
);
require_once
(
"itemid.inc"
);
/****f* legacy/have_natpfruleint_access
* NAME
* have_natpfruleint_access
* INPUTS
* none
* RESULT
* returns true if user has access to edit a specific firewall nat port forward interface
******/
function
have_natpfruleint_access
(
$if
)
{
$security_url
=
"firewall_nat_edit.php?if="
.
strtolower
(
$if
);
if
(
isAllowedPage
(
$security_url
))
return
true
;
return
false
;
}
if
(
!
is_array
(
$config
[
'nat'
][
'rule'
]))
$config
[
'nat'
][
'rule'
]
=
array
();
...
...
src/www/firewall_rules_edit.php
View file @
c0cc7626
...
...
@@ -59,6 +59,23 @@ $firewall_rules_dscp_types = array("af11",
$referer
=
(
isset
(
$_SERVER
[
'HTTP_REFERER'
])
?
$_SERVER
[
'HTTP_REFERER'
]
:
'/firewall_rules.php'
);
/****f* legacy/strncpy
* NAME
* strncpy - copy strings
* INPUTS
* &$dst, $src, $length
* RESULT
* none
******/
function
strncpy
(
&
$dst
,
$src
,
$length
)
{
if
(
strlen
(
$src
)
>
$length
)
{
$dst
=
substr
(
$src
,
0
,
$length
);
}
else
{
$dst
=
$src
;
}
}
function
is_posnumericint
(
$arg
)
{
// Note that to be safe we do not allow any leading zero - "01", "007"
return
(
is_numericint
(
$arg
)
&&
$arg
[
0
]
!=
'0'
&&
$arg
>
0
);
...
...
src/www/firewall_schedule_edit.php
View file @
c0cc7626
...
...
@@ -27,6 +27,37 @@
POSSIBILITY OF SUCH DAMAGE.
*/
/****f* legacy/is_schedule_inuse
* NAME
* checks to see if a schedule is currently in use by a rule
* INPUTS
*
* RESULT
* true or false
* NOTES
*
******/
function
is_schedule_inuse
(
$schedule
)
{
global
$config
;
if
(
$schedule
==
''
)
{
return
false
;
}
/* loop through firewall rules looking for schedule in use */
if
(
isset
(
$config
[
'filter'
][
'rule'
]))
{
foreach
(
$config
[
'filter'
][
'rule'
]
as
$rule
)
{
if
(
$rule
[
'sched'
]
==
$schedule
)
{
return
true
;
}
}
}
return
false
;
}
function
schedulecmp
(
$a
,
$b
)
{
return
strcmp
(
$a
[
'name'
],
$b
[
'name'
]);
}
...
...
src/www/includes/functions.inc.php
View file @
c0cc7626
...
...
@@ -7,6 +7,19 @@ if(Connection_Aborted()) {
require_once
(
"config.inc"
);
require_once
(
"pfsense-utils.inc"
);
function
get_uptime_sec
()
{
$boottime
=
""
;
$matches
=
""
;
$boottime
=
get_single_sysctl
(
"kern.boottime"
);
preg_match
(
"/sec = (\d+)/"
,
$boottime
,
$matches
);
$boottime
=
$matches
[
1
];
if
(
intval
(
$boottime
)
==
0
)
return
0
;
$uptime
=
time
()
-
$boottime
;
return
$uptime
;
}
function
get_stats
()
{
$stats
[
'cpu'
]
=
cpu_usage
();
$stats
[
'mem'
]
=
mem_usage
();
...
...
src/www/system_advanced_firewall.php
View file @
c0cc7626
...
...
@@ -33,6 +33,14 @@ require_once("guiconfig.inc");
require_once
(
"functions.inc"
);
require_once
(
"filter.inc"
);
function
default_table_entries_size
()
{
$current
=
`pfctl -sm | grep table-entries | awk '{print $4};'`
;
return
$current
;
}
$pconfig
[
'disablefilter'
]
=
$config
[
'system'
][
'disablefilter'
];
$pconfig
[
'rfc959workaround'
]
=
$config
[
'system'
][
'rfc959workaround'
];
$pconfig
[
'scrubnodf'
]
=
$config
[
'system'
][
'scrubnodf'
];
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment