Skip to content

O
OpnSense
Commit c2a5f03c authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) curly braces and spaces in pfsense-utils.inc

parent 1e884f54
Hide whitespace changes
Inline Side-by-side
Showing with 721 additions and 732 deletions
src/etc/inc/pfsense-utils.inc
View file @ c2a5f03c
<?php <?php
/* /*
* Copyright (C) 2004-2007 Scott Ullrich <sullrich@gmail.com> Copyright (C) 2004-2007 Scott Ullrich <sullrich@gmail.com>
* All rights reserved. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met: modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice, 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* RISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE RISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE. POSSIBILITY OF SUCH DAMAGE.
* */
*/
/****f* legacy/is_private_ip /****f* legacy/is_private_ip
* NAME * NAME
* is_private_ip * is_private_ip
* INPUTS * INPUTS
* none * none
* RESULT * RESULT
* returns true if an ip address is in a private range * returns true if an ip address is in a private range
******/ ******/
function is_private_ip($iptocheck) { function is_private_ip($iptocheck)
$isprivate = false; {
$ip_private_list=array( $isprivate = false;
"10.0.0.0/8", $ip_private_list=array(
"100.64.0.0/10", "10.0.0.0/8",
"172.16.0.0/12", "100.64.0.0/10",
"192.168.0.0/16", "172.16.0.0/12",
); "192.168.0.0/16",
foreach($ip_private_list as $private) { );
if(ip_in_subnet($iptocheck,$private)==true) foreach($ip_private_list as $private) {
$isprivate = true; if (ip_in_subnet($iptocheck,$private)==true) {
} $isprivate = true;
return $isprivate; }
}
return $isprivate;
} }
/****f* legacy/get_dns_servers /****f* legacy/get_dns_servers
* NAME * NAME
* get_dns_servres - get system dns servers * get_dns_servers - get system dns servers
* INPUTS * INPUTS
* $dns_servers - an array of the dns servers * $dns_servers - an array of the dns servers
* RESULT * RESULT
* null * null
******/ ******/
function get_dns_servers() { function get_dns_servers() {
$dns_servers = array(); $dns_servers = array();
$dns_s = file("/etc/resolv.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $dns_s = file("/etc/resolv.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach($dns_s as $dns) { foreach($dns_s as $dns) {
$matches = ""; $matches = "";
if (preg_match("/nameserver (.*)/", $dns, $matches)) if (preg_match("/nameserver (.*)/", $dns, $matches)) {
$dns_servers[] = $matches[1]; $dns_servers[] = $matches[1];
} }
return array_unique($dns_servers); }
return array_unique($dns_servers);
} }
/****f* legacy/enable_hardware_offloading /****f* legacy/enable_hardware_offloading
* NAME * NAME
* enable_hardware_offloading - Enable a NIC's supported hardware features. * enable_hardware_offloading - Enable a NIC's supported hardware features.
* INPUTS * INPUTS
* $interface - string containing the physical interface to work on. * $interface - string containing the physical interface to work on.
* RESULT * RESULT
* null * null
* NOTES * NOTES
...@@ -81,24 +83,24 @@ function get_dns_servers() { ...@@ -81,24 +83,24 @@ function get_dns_servers() {
******/ ******/
function enable_hardware_offloading($interface) function enable_hardware_offloading($interface)
{ {
global $config; global $config;
if (isset($config['system']['do_not_use_nic_microcode'])) { if (isset($config['system']['do_not_use_nic_microcode'])) {
return; return;
} }
/* translate wan, lan, opt -> real interface if needed */ /* translate wan, lan, opt -> real interface if needed */
$int = get_real_interface($interface); $int = get_real_interface($interface);
if (empty($int)) { if (empty($int)) {
return; return;
} }
$int_family = preg_split('/[0-9]+/', $int); $int_family = preg_split('/[0-9]+/', $int);
$supported_ints = array('fxp'); $supported_ints = array('fxp');
if (in_array($int_family, $supported_ints)) { if (in_array($int_family, $supported_ints)) {
if (does_interface_exist($int)) { if (does_interface_exist($int)) {
legacy_interface_flags($int, 'link0'); legacy_interface_flags($int, 'link0');
} }
} }
} }
/****f* legacy/setup_polling /****f* legacy/setup_polling
...@@ -113,13 +115,13 @@ function enable_hardware_offloading($interface) ...@@ -113,13 +115,13 @@ function enable_hardware_offloading($interface)
******/ ******/
function setup_polling() function setup_polling()
{ {
global $config; global $config;
if (isset($config['system']['polling'])) { if (isset($config['system']['polling'])) {
set_single_sysctl("kern.polling.idle_poll", "1"); set_single_sysctl("kern.polling.idle_poll", "1");
} else { } else {
set_single_sysctl("kern.polling.idle_poll", "0"); set_single_sysctl("kern.polling.idle_poll", "0");
} }
} }
/****f* legacy/setup_microcode /****f* legacy/setup_microcode
...@@ -134,34 +136,34 @@ function setup_polling() ...@@ -134,34 +136,34 @@ function setup_polling()
* This function only supports the fxp driver's loadable microcode. * This function only supports the fxp driver's loadable microcode.
******/ ******/
function setup_microcode() { function setup_microcode() {
/* if list */
$ifs = legacy_interface_listget();
/* if list */ foreach($ifs as $if) {
$ifs = legacy_interface_listget(); enable_hardware_offloading($if);
}
foreach($ifs as $if) {
enable_hardware_offloading($if);
}
} }
/* /*
* get_carp_interface_status($carpinterface): returns the status of a carp ip * get_carp_interface_status($carpinterface): returns the status of a carp ip
*/ */
function get_carp_interface_status($carpinterface) { function get_carp_interface_status($carpinterface) {
$carp_query = ""; $carp_query = "";
/* XXX: Need to fidn a better way for this! */ /* XXX: Need to fidn a better way for this! */
list ($interface, $vhid) = explode("_vip", $carpinterface); list ($interface, $vhid) = explode("_vip", $carpinterface);
$interface = get_real_interface($interface); $interface = get_real_interface($interface);
exec("/sbin/ifconfig $interface | /usr/bin/grep -v grep | /usr/bin/grep carp: | /usr/bin/grep 'vhid {$vhid}'", $carp_query); exec("/sbin/ifconfig $interface | /usr/bin/grep -v grep | /usr/bin/grep carp: | /usr/bin/grep 'vhid {$vhid}'", $carp_query);
foreach($carp_query as $int) { foreach($carp_query as $int) {
if(stristr($int, "MASTER")) if (stristr($int, "MASTER")) {
return gettext("MASTER"); return gettext("MASTER");
if(stristr($int, "BACKUP")) } elseif (stristr($int, "BACKUP")) {
return gettext("BACKUP"); return gettext("BACKUP");
if(stristr($int, "INIT")) } elseif(stristr($int, "INIT")) {
return gettext("INIT"); return gettext("INIT");
} }
return; }
return;
} }
/* /*
...@@ -169,12 +171,12 @@ function get_carp_interface_status($carpinterface) { ...@@ -169,12 +171,12 @@ function get_carp_interface_status($carpinterface) {
* the configuration section * the configuration section
*/ */
function backup_config_section($section_name) { function backup_config_section($section_name) {
global $config; global $config;
$new_section = &$config[$section_name]; $new_section = &$config[$section_name];
/* generate configuration XML */ /* generate configuration XML */
$xmlconfig = dump_xml_config($new_section, $section_name); $xmlconfig = dump_xml_config($new_section, $section_name);
$xmlconfig = str_replace("<?xml version=\"1.0\"?>", "", $xmlconfig); $xmlconfig = str_replace("<?xml version=\"1.0\"?>", "", $xmlconfig);
return $xmlconfig; return $xmlconfig;
} }
/* KEEP THIS: unbreaks syntax highlighting <?php */ /* KEEP THIS: unbreaks syntax highlighting <?php */
...@@ -186,60 +188,59 @@ function backup_config_section($section_name) { ...@@ -186,60 +188,59 @@ function backup_config_section($section_name) {
*/ */
function restore_config_section($section_name, $new_contents) function restore_config_section($section_name, $new_contents)
{ {
global $config; global $config;
$tmpxml = '/tmp/tmpxml';
$tmpxml = '/tmp/tmpxml';
$fout = fopen($tmpxml, 'w');
$fout = fopen($tmpxml, 'w'); fwrite($fout, $new_contents);
fwrite($fout, $new_contents); fclose($fout);
fclose($fout);
$xml = parse_xml_config($tmpxml, null);
$xml = parse_xml_config($tmpxml, null); if (isset($xml['pfsense'])) {
if (isset($xml['pfsense'])) { $xml = $xml['pfsense'];
$xml = $xml['pfsense']; } elseif (isset($xml['m0n0wall'])) {
} elseif (isset($xml['m0n0wall'])) { $xml = $xml['m0n0wall'];
$xml = $xml['m0n0wall']; } elseif (isset($xml['opnsense'])) {
} elseif (isset($xml['opnsense'])) { $xml = $xml['opnsense'];
$xml = $xml['opnsense']; }
} if (isset($xml[$section_name])) {
if (isset($xml[$section_name])) { $section_xml = $xml[$section_name];
$section_xml = $xml[$section_name]; } else {
} else { $section_xml = -1;
$section_xml = -1; }
}
@unlink($tmpxml);
@unlink($tmpxml);
if ($section_xml === -1) {
if ($section_xml === -1) { return false;
return false; }
}
$config[$section_name] = &$section_xml;
$config[$section_name] = &$section_xml; write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name));
write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name)); disable_security_checks();
disable_security_checks();
return true;
return true;
} }
/* /*
* merge_config_section($section_name, new_contents): restore a configuration section, * merge_config_section($section_name, new_contents): restore a configuration section,
* and write the configuration out * and write the configuration out
* to disk/cf. But preserve the prior * to disk/cf. But preserve the prior
* structure if needed * structure if needed
*/ */
function merge_config_section($section_name, $new_contents) function merge_config_section($section_name, $new_contents)
{ {
global $config; global $config;
$fname = '/tmp/tmp-' . time(); $fname = '/tmp/tmp-' . time();
$fout = fopen($fname, "w"); $fout = fopen($fname, "w");
fwrite($fout, $new_contents); fwrite($fout, $new_contents);
fclose($fout); fclose($fout);
$section_xml = parse_xml_config($fname, $section_name); $section_xml = parse_xml_config($fname, $section_name);
$config[$section_name] = $section_xml; $config[$section_name] = $section_xml;
unlink($fname); unlink($fname);
write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name)); write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name));
disable_security_checks(); disable_security_checks();
return; return;
} }
/* /*
...@@ -247,199 +248,202 @@ function merge_config_section($section_name, $new_contents) ...@@ -247,199 +248,202 @@ function merge_config_section($section_name, $new_contents)
*/ */
function host_firmware_version() function host_firmware_version()
{ {
global $config; global $config;
return array( return array(
'firmware' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense')), 'firmware' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense')),
'kernel' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense-update.kernel')), 'kernel' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense-update.kernel')),
'base' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense-update.base')), 'base' => array('version' => file_get_contents('/usr/local/opnsense/version/opnsense-update.base')),
'config_version' => $config['version'] 'config_version' => $config['version']
); );
} }
function reload_all() function reload_all()
{ {
configd_run('service reload all', true); configd_run('service reload all', true);
} }
function reload_interfaces() function reload_interfaces()
{ {
configd_run('interface reload'); configd_run('interface reload');
} }
function setup_serial_port($sync = true) function setup_serial_port($sync = true)
{ {
global $config; global $config;
$serialspeed = (is_numeric($config['system']['serialspeed'])) ? $config['system']['serialspeed'] : '115200'; $serialspeed = (is_numeric($config['system']['serialspeed'])) ? $config['system']['serialspeed'] : '115200';
$serial_enabled = isset($config['system']['enableserial']); $serial_enabled = isset($config['system']['enableserial']);
$loader_conf_file = '/boot/loader.conf'; $loader_conf_file = '/boot/loader.conf';
$boot_config_file = '/boot.config'; $boot_config_file = '/boot.config';
/* serial console - write out /boot.config */ /* serial console - write out /boot.config */
if (file_exists($boot_config_file)) { if (file_exists($boot_config_file)) {
$boot_config = file_get_contents($boot_config_file); $boot_config = file_get_contents($boot_config_file);
} else { } else {
$boot_config = ''; $boot_config = '';
} }
$boot_config_split = explode("\n", $boot_config); $boot_config_split = explode("\n", $boot_config);
$fd = @fopen($boot_config_file, 'w'); $fd = @fopen($boot_config_file, 'w');
if ($fd) { if ($fd) {
foreach ($boot_config_split as $bcs) { foreach ($boot_config_split as $bcs) {
if (stristr($bcs, '-D') || stristr($bcs, '-h')) { if (stristr($bcs, '-D') || stristr($bcs, '-h')) {
continue; continue;
} }
if ($bcs != '') { if ($bcs != '') {
@fwrite($fd, "{$bcs}\n"); @fwrite($fd, "{$bcs}\n");
} }
} }
if ($serial_enabled) { if ($serial_enabled) {
@fwrite($fd, "-S{$serialspeed} -D\n"); @fwrite($fd, "-S{$serialspeed} -D\n");
} }
fclose($fd); fclose($fd);
} }
$boot_config = @file_get_contents($loader_conf_file); $boot_config = @file_get_contents($loader_conf_file);
$boot_config_split = explode("\n", $boot_config); $boot_config_split = explode("\n", $boot_config);
if(count($boot_config_split) > 0) { if(count($boot_config_split) > 0) {
$new_boot_config = array(); $new_boot_config = array();
// Loop through and only add lines that are not empty, and which // Loop through and only add lines that are not empty, and which
// do not contain a console directive. // do not contain a console directive.
foreach($boot_config_split as $bcs) { foreach($boot_config_split as $bcs) {
if(!empty($bcs) if(!empty($bcs)
&& (stripos($bcs, "console") === false) && (stripos($bcs, "console") === false)
&& (stripos($bcs, "boot_multicons") === false) && (stripos($bcs, "boot_multicons") === false)
&& (stripos($bcs, "boot_serial") === false) && (stripos($bcs, "boot_serial") === false)
&& (stripos($bcs, "hw.usb.no_pf") === false) && (stripos($bcs, "hw.usb.no_pf") === false)
&& (stripos($bcs, "autoboot_delay") === false)) { && (stripos($bcs, "autoboot_delay") === false)) {
$new_boot_config[] = $bcs; $new_boot_config[] = $bcs;
} }
} }
if ($serial_enabled) { if ($serial_enabled) {
$new_boot_config[] = 'boot_multicons="YES"'; $new_boot_config[] = 'boot_multicons="YES"';
$new_boot_config[] = 'boot_serial="YES"'; $new_boot_config[] = 'boot_serial="YES"';
$primaryconsole = $config['system']['primaryconsole']; $primaryconsole = $config['system']['primaryconsole'];
switch ($primaryconsole) { switch ($primaryconsole) {
case "video": case "video":
$new_boot_config[] = 'console="vidconsole,comconsole"'; $new_boot_config[] = 'console="vidconsole,comconsole"';
break; break;
case "serial": case "serial":
default: default:
$new_boot_config[] = 'console="comconsole,vidconsole"'; $new_boot_config[] = 'console="comconsole,vidconsole"';
} }
} }
$new_boot_config[] = 'comconsole_speed="' . $serialspeed . '"'; $new_boot_config[] = 'comconsole_speed="' . $serialspeed . '"';
$new_boot_config[] = 'hw.usb.no_pf="1"'; $new_boot_config[] = 'hw.usb.no_pf="1"';
$new_boot_config[] = 'autoboot_delay="3"'; $new_boot_config[] = 'autoboot_delay="3"';
@file_put_contents($loader_conf_file, implode("\n", $new_boot_config) . "\n"); @file_put_contents($loader_conf_file, implode("\n", $new_boot_config) . "\n");
} }
$ttys = file_get_contents("/etc/ttys"); $ttys = file_get_contents("/etc/ttys");
$ttys_split = explode("\n", $ttys); $ttys_split = explode("\n", $ttys);
$fd = fopen("/etc/ttys", "w"); $fd = fopen("/etc/ttys", "w");
$on_off = $serial_enabled ? 'on' : 'off'; $on_off = $serial_enabled ? 'on' : 'off';
if (isset($config['system']['disableconsolemenu'])) { if (isset($config['system']['disableconsolemenu'])) {
$console_type = 'Pc'; $console_type = 'Pc';
$serial_type = 'std.' . $serialspeed; $serial_type = 'std.' . $serialspeed;
} else { } else {
$console_type = 'al.Pc'; $console_type = 'al.Pc';
$serial_type = 'al.' . $serialspeed; $serial_type = 'al.' . $serialspeed;
} }
foreach($ttys_split as $tty) { foreach($ttys_split as $tty) {
if (stristr($tty, "ttyv0")) if (stristr($tty, "ttyv0")) {
fwrite($fd, "ttyv0 \"/usr/libexec/getty {$console_type}\" cons25 on secure\n"); fwrite($fd, "ttyv0 \"/usr/libexec/getty {$console_type}\" cons25 on secure\n");
else if (stristr($tty, "ttyu0")) } elseif (stristr($tty, "ttyu0")) {
fwrite($fd, "ttyu0 \"/usr/libexec/getty {$serial_type}\" cons25 {$on_off} secure\n"); fwrite($fd, "ttyu0 \"/usr/libexec/getty {$serial_type}\" cons25 {$on_off} secure\n");
else } else {
fwrite($fd, $tty . "\n"); fwrite($fd, $tty . "\n");
} }
}
unset($on_off, $console_type, $serial_type);
fclose($fd); unset($on_off, $console_type, $serial_type);
fclose($fd);
if ($sync) {
reload_ttys(); if ($sync) {
} reload_ttys();
}
} }
function reload_ttys() function reload_ttys()
{ {
/* force init(8) to reload /etc/ttys */ /* force init(8) to reload /etc/ttys */
exec('/bin/kill -HUP 1'); exec('/bin/kill -HUP 1');
} }
/* Any PPPoE servers enabled? */ /* Any PPPoE servers enabled? */
function is_pppoe_server_enabled() { function is_pppoe_server_enabled()
global $config; {
global $config;
$pppoeenable = false; $pppoeenable = false;
if (!isset($config['pppoes']['pppoe']) || !is_array($config['pppoes']['pppoe'])) {
if (!isset($config['pppoes']['pppoe']) || !is_array($config['pppoes']['pppoe'])) return false;
return false; }
foreach ($config['pppoes']['pppoe'] as $pppoes) foreach ($config['pppoes']['pppoe'] as $pppoes) {
if ($pppoes['mode'] == 'server') if ($pppoes['mode'] == 'server') {
$pppoeenable = true; $pppoeenable = true;
}
return $pppoeenable; }
return $pppoeenable;
} }
function add_hostname_to_watch($hostname) { function add_hostname_to_watch($hostname) {
if(!is_dir("/var/db/dnscache")) { if (!is_dir("/var/db/dnscache")) {
mkdir("/var/db/dnscache"); mkdir("/var/db/dnscache");
} }
$result = array(); $result = array();
if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) {
$domrecords = array(); $domrecords = array();
$domips = array(); $domips = array();
exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost); exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost);
if($rethost == 0) { if($rethost == 0) {
foreach($domrecords as $domr) { foreach($domrecords as $domr) {
$doml = explode(" ", $domr); $doml = explode(" ", $domr);
$domip = $doml[3]; $domip = $doml[3];
/* fill array with domain ip addresses */ /* fill array with domain ip addresses */
if(is_ipaddr($domip)) { if(is_ipaddr($domip)) {
$domips[] = $domip; $domips[] = $domip;
} }
} }
} }
sort($domips); sort($domips);
$contents = ""; $contents = "";
if(! empty($domips)) { if(! empty($domips)) {
foreach($domips as $ip) { foreach($domips as $ip) {
$contents .= "$ip\n"; $contents .= "$ip\n";
} }
} }
file_put_contents("/var/db/dnscache/$hostname", $contents); file_put_contents("/var/db/dnscache/$hostname", $contents);
/* Remove empty elements */ /* Remove empty elements */
$result = array_filter(explode("\n", $contents), 'strlen'); $result = array_filter(explode("\n", $contents), 'strlen');
} }
return $result; return $result;
} }
function is_fqdn($fqdn) { function is_fqdn($fqdn) {
$hostname = false; $hostname = false;
if(preg_match("/[-A-Z0-9\.]+\.[-A-Z0-9\.]+/i", $fqdn)) { if (preg_match("/[-A-Z0-9\.]+\.[-A-Z0-9\.]+/i", $fqdn)) {
$hostname = true; $hostname = true;
} }
if(preg_match("/\.\./", $fqdn)) { if (preg_match("/\.\./", $fqdn)) {
$hostname = false; $hostname = false;
} }
if(preg_match("/^\./i", $fqdn)) { if (preg_match("/^\./i", $fqdn)) {
$hostname = false; $hostname = false;
} }
if(preg_match("/\//i", $fqdn)) { if (preg_match("/\//i", $fqdn)) {
$hostname = false; $hostname = false;
} }
return($hostname); return($hostname);
} }
/* /*
...@@ -447,18 +451,18 @@ function is_fqdn($fqdn) { ...@@ -447,18 +451,18 @@ function is_fqdn($fqdn) {
*/ */
function load_crypto() function load_crypto()
{ {
global $config; global $config;
$crypto_modules = array('glxsb', 'aesni'); $crypto_modules = array('glxsb', 'aesni');
if (!isset($config['system']['crypto_hardware']) || !in_array($config['system']['crypto_hardware'], $crypto_modules)) { if (!isset($config['system']['crypto_hardware']) || !in_array($config['system']['crypto_hardware'], $crypto_modules)) {
return false; return false;
} }
if (!empty($config['system']['crypto_hardware']) && !is_module_loaded($config['system']['crypto_hardware'])) { if (!empty($config['system']['crypto_hardware']) && !is_module_loaded($config['system']['crypto_hardware'])) {
log_error("Loading {$config['system']['crypto_hardware']} cryptographic accelerator module."); log_error("Loading {$config['system']['crypto_hardware']} cryptographic accelerator module.");
mwexec("/sbin/kldload {$config['system']['crypto_hardware']}"); mwexec("/sbin/kldload {$config['system']['crypto_hardware']}");
} }
} }
/* /*
...@@ -466,202 +470,203 @@ function load_crypto() ...@@ -466,202 +470,203 @@ function load_crypto()
*/ */
function load_thermal_hardware() function load_thermal_hardware()
{ {
global $config; global $config;
$thermal_hardware_modules = array('coretemp', 'amdtemp'); $thermal_hardware_modules = array('coretemp', 'amdtemp');
if (!isset($config['system']['thermal_hardware']) || !in_array($config['system']['thermal_hardware'], $thermal_hardware_modules)) { if (!isset($config['system']['thermal_hardware']) || !in_array($config['system']['thermal_hardware'], $thermal_hardware_modules)) {
return false; return false;
} }
if (!empty($config['system']['thermal_hardware']) && !is_module_loaded($config['system']['thermal_hardware'])) { if (!empty($config['system']['thermal_hardware']) && !is_module_loaded($config['system']['thermal_hardware'])) {
log_error("Loading {$config['system']['thermal_hardware']} thermal monitor module."); log_error("Loading {$config['system']['thermal_hardware']} thermal monitor module.");
mwexec("/sbin/kldload {$config['system']['thermal_hardware']}"); mwexec("/sbin/kldload {$config['system']['thermal_hardware']}");
} }
} }
function download_file($url, $destination, $verify_ssl = false, $connect_timeout = 60, $timeout = 0) function download_file($url, $destination, $verify_ssl = false, $connect_timeout = 60, $timeout = 0)
{ {
global $config, $g; global $config, $g;
$fp = fopen($destination, "wb"); $fp = fopen($destination, "wb");
if (!$fp) if (!$fp) {
return false; return false;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url); $ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl); curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $verify_ssl);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $connect_timeout); curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $connect_timeout);
curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/usr/local/opnsense/version/opnsense"))); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/usr/local/opnsense/version/opnsense")));
if (!empty($config['system']['proxyurl'])) {
curl_setopt($ch, CURLOPT_PROXY, $config['system']['proxyurl']); if (!empty($config['system']['proxyurl'])) {
if (!empty($config['system']['proxyport'])) curl_setopt($ch, CURLOPT_PROXY, $config['system']['proxyurl']);
curl_setopt($ch, CURLOPT_PROXYPORT, $config['system']['proxyport']); if (!empty($config['system']['proxyport'])) {
if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { curl_setopt($ch, CURLOPT_PROXYPORT, $config['system']['proxyport']);
@curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_ANY | CURLAUTH_ANYSAFE); }
curl_setopt($ch, CURLOPT_PROXYUSERPWD, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"); if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) {
} @curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_ANY | CURLAUTH_ANYSAFE);
} curl_setopt($ch, CURLOPT_PROXYUSERPWD, "{$config['system']['proxyuser']}:{$config['system']['proxypass']}");
}
@curl_exec($ch); }
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
fclose($fp); @curl_exec($ch);
curl_close($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
return ($http_code == 200) ? true : $http_code; fclose($fp);
curl_close($ch);
return ($http_code == 200) ? true : $http_code;
} }
/* Split() is being DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. */ /* Split() is being DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. */
if(!function_exists("split")) { if (!function_exists("split")) {
function split($separator, $haystack, $limit = null) { function split($separator, $haystack, $limit = null) {
log_error("deprecated split() call with separator '{$separator}'"); log_error("deprecated split() call with separator '{$separator}'");
return preg_split($separator, $haystack, $limit); return preg_split($separator, $haystack, $limit);
} }
} }
function update_alias_names_upon_change($section, $field, $new_alias_name, $origname) function update_alias_names_upon_change($section, $field, $new_alias_name, $origname)
{ {
global $config, $pconfig; global $config;
if (!$origname) {
if (!$origname) { return;
return; }
}
$sectionref = &$config;
$sectionref = &$config; foreach($section as $sectionname) {
foreach($section as $sectionname) { if (is_array($sectionref) && isset($sectionref[$sectionname])) {
if(is_array($sectionref) && isset($sectionref[$sectionname])) $sectionref = &$sectionref[$sectionname];
$sectionref = &$sectionref[$sectionname]; } else {
else return;
return; }
} }
if(is_array($sectionref)) { if (is_array($sectionref)) {
foreach($sectionref as $itemkey => $item) { foreach($sectionref as $itemkey => $item) {
$fieldfound = true; $fieldfound = true;
$fieldref = &$sectionref[$itemkey]; $fieldref = &$sectionref[$itemkey];
foreach($field as $fieldname) { foreach($field as $fieldname) {
if(is_array($fieldref) && isset($fieldref[$fieldname])) if (is_array($fieldref) && isset($fieldref[$fieldname])) {
$fieldref = &$fieldref[$fieldname]; $fieldref = &$fieldref[$fieldname];
else { } else {
$fieldfound = false; $fieldfound = false;
break; break;
} }
} }
if($fieldfound && $fieldref == $origname) { if ($fieldfound && $fieldref == $origname) {
$fieldref = $new_alias_name; $fieldref = $new_alias_name;
} }
} }
} }
} }
function process_alias_unzip($temp_filename) { function process_alias_unzip($temp_filename) {
if(!file_exists("/usr/local/bin/unzip")) { if (!file_exists("/usr/local/bin/unzip")) {
log_error(gettext("Alias archive is a .zip file which cannot be decompressed because utility is missing!")); log_error(gettext("Alias archive is a .zip file which cannot be decompressed because utility is missing!"));
return false; return false;
} }
rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.zip"); rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.zip");
mwexec("/usr/local/bin/unzip {$temp_filename}/aliases.tgz -d {$temp_filename}/aliases/"); mwexec("/usr/local/bin/unzip {$temp_filename}/aliases.tgz -d {$temp_filename}/aliases/");
unlink("{$temp_filename}/aliases.zip"); unlink("{$temp_filename}/aliases.zip");
$files_to_process = return_dir_as_array("{$temp_filename}/"); $files_to_process = return_dir_as_array("{$temp_filename}/");
/* foreach through all extracted files and build up aliases file */ /* foreach through all extracted files and build up aliases file */
$fd = @fopen("{$temp_filename}/aliases", "w"); $fd = @fopen("{$temp_filename}/aliases", "w");
if (!$fd) { if (!$fd) {
log_error(sprintf(gettext('Could not open %s/aliases for writing!'), $temp_filename)); log_error(sprintf(gettext('Could not open %s/aliases for writing!'), $temp_filename));
return false; return false;
} }
foreach($files_to_process as $f2p) { foreach($files_to_process as $f2p) {
$tmpfd = @fopen($f2p, 'r'); $tmpfd = @fopen($f2p, 'r');
if (!$tmpfd) { if (!$tmpfd) {
log_error(sprintf(gettext('The following file could not be read %s from %s'), $f2p, $temp_filename)); log_error(sprintf(gettext('The following file could not be read %s from %s'), $f2p, $temp_filename));
continue; continue;
} }
while (($tmpbuf = fread($tmpfd, 65536)) !== FALSE) while (($tmpbuf = fread($tmpfd, 65536)) !== FALSE) {
fwrite($fd, $tmpbuf); fwrite($fd, $tmpbuf);
fclose($tmpfd); }
unlink($f2p); fclose($tmpfd);
} unlink($f2p);
fclose($fd); }
unset($tmpbuf); fclose($fd);
unset($tmpbuf);
return true;
return true;
} }
function process_alias_tgz($temp_filename) { function process_alias_tgz($temp_filename) {
if(!file_exists('/usr/bin/tar')) { if (!file_exists('/usr/bin/tar')) {
log_error(gettext("Alias archive is a .tar/tgz file which cannot be decompressed because utility is missing!")); log_error(gettext("Alias archive is a .tar/tgz file which cannot be decompressed because utility is missing!"));
return false; return false;
} }
rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.tgz"); rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.tgz");
mwexec("/usr/bin/tar xzf {$temp_filename}/aliases.tgz -C {$temp_filename}/aliases/"); mwexec("/usr/bin/tar xzf {$temp_filename}/aliases.tgz -C {$temp_filename}/aliases/");
unlink("{$temp_filename}/aliases.tgz"); unlink("{$temp_filename}/aliases.tgz");
$files_to_process = return_dir_as_array("{$temp_filename}/"); $files_to_process = return_dir_as_array("{$temp_filename}/");
/* foreach through all extracted files and build up aliases file */ /* foreach through all extracted files and build up aliases file */
$fd = @fopen("{$temp_filename}/aliases", "w"); $fd = @fopen("{$temp_filename}/aliases", "w");
if (!$fd) { if (!$fd) {
log_error(sprintf(gettext('Could not open %s/aliases for writing!'), $temp_filename)); log_error(sprintf(gettext('Could not open %s/aliases for writing!'), $temp_filename));
return false; return false;
} }
foreach($files_to_process as $f2p) { foreach($files_to_process as $f2p) {
$tmpfd = @fopen($f2p, 'r'); $tmpfd = @fopen($f2p, 'r');
if (!$tmpfd) { if (!$tmpfd) {
log_error(sprintf(gettext('The following file could not be read %s from %s'), $f2p, $temp_filename)); log_error(sprintf(gettext('The following file could not be read %s from %s'), $f2p, $temp_filename));
continue; continue;
} }
while (($tmpbuf = fread($tmpfd, 65536)) !== FALSE) while (($tmpbuf = fread($tmpfd, 65536)) !== FALSE) {
fwrite($fd, $tmpbuf); fwrite($fd, $tmpbuf);
fclose($tmpfd); }
unlink($f2p); fclose($tmpfd);
} unlink($f2p);
fclose($fd); }
unset($tmpbuf); fclose($fd);
unset($tmpbuf);
return true;
return true;
} }
function process_alias_urltable($name, $url, $freq, $forceupdate=false) { function process_alias_urltable($name, $url, $freq, $forceupdate=false) {
global $config; global $config;
$urltable_prefix = "/var/db/aliastables/"; $urltable_prefix = "/var/db/aliastables/";
$urltable_filename = $urltable_prefix . $name . ".txt"; $urltable_filename = $urltable_prefix . $name . ".txt";
// Make the aliases directory if it doesn't exist // Make the aliases directory if it doesn't exist
if (!file_exists($urltable_prefix)) { if (!file_exists($urltable_prefix)) {
mkdir($urltable_prefix); mkdir($urltable_prefix);
} elseif (!is_dir($urltable_prefix)) { } elseif (!is_dir($urltable_prefix)) {
unlink($urltable_prefix); unlink($urltable_prefix);
mkdir($urltable_prefix); mkdir($urltable_prefix);
} }
// If the file doesn't exist or is older than update_freq days, fetch a new copy. // If the file doesn't exist or is older than update_freq days, fetch a new copy.
if (!file_exists($urltable_filename) if (!file_exists($urltable_filename) || ((time() - filemtime($urltable_filename)) > ($freq * 86400 - 90)) || $forceupdate) {
|| ((time() - filemtime($urltable_filename)) > ($freq * 86400 - 90)) // Try to fetch the URL supplied
|| $forceupdate) { @unlink("{$urltable_filename}.tmp");
$verify_ssl = isset($config['system']['checkaliasesurlcert']);
// Try to fetch the URL supplied if (download_file($url, "{$urltable_filename}.tmp", $verify_ssl)) {
@unlink("{$urltable_filename}.tmp"); mwexec("/usr/bin/sed -E 's/\;.*//g; /^[[:space:]]*($|#)/d' ". escapeshellarg($urltable_filename . ".tmp") . " > " . escapeshellarg($urltable_filename));
$verify_ssl = isset($config['system']['checkaliasesurlcert']); if (alias_get_type($name) == "urltable_ports") {
if (download_file($url, "{$urltable_filename}.tmp", $verify_ssl)) { $ports = explode("\n", file_get_contents($urltable_filename));
mwexec("/usr/bin/sed -E 's/\;.*//g; /^[[:space:]]*($|#)/d' ". escapeshellarg($urltable_filename . ".tmp") . " > " . escapeshellarg($urltable_filename)); $ports = group_ports($ports);
if (alias_get_type($name) == "urltable_ports") { file_put_contents($urltable_filename, implode("\n", $ports));
$ports = explode("\n", file_get_contents($urltable_filename)); }
$ports = group_ports($ports); @unlink("{$urltable_filename}.tmp");
file_put_contents($urltable_filename, implode("\n", $ports)); } else {
} touch($urltable_filename);
@unlink("{$urltable_filename}.tmp"); }
} else { return true;
touch($urltable_filename); } else {
} // File exists, and it doesn't need updated.
return true; return -1;
} else { }
// File exists, and it doesn't need updated.
return -1;
}
} }
...@@ -673,159 +678,134 @@ function process_alias_urltable($name, $url, $freq, $forceupdate=false) { ...@@ -673,159 +678,134 @@ function process_alias_urltable($name, $url, $freq, $forceupdate=false) {
*/ */
function xml2array($contents, $get_attributes = 1, $priority = 'tag') function xml2array($contents, $get_attributes = 1, $priority = 'tag')
{ {
if (!function_exists('xml_parser_create')) if (!function_exists('xml_parser_create'))
{ {
return array (); return array ();
} }
$parser = xml_parser_create(''); $parser = xml_parser_create('');
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8"); xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, "UTF-8");
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0); xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, 0);
xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1); xml_parser_set_option($parser, XML_OPTION_SKIP_WHITE, 1);
xml_parse_into_struct($parser, trim($contents), $xml_values); xml_parse_into_struct($parser, trim($contents), $xml_values);
xml_parser_free($parser); xml_parser_free($parser);
if (!$xml_values) if (!$xml_values) {
return; //Hmm... return; //Hmm...
$xml_array = array (); }
$parents = array (); $xml_array = array ();
$opened_tags = array (); $parents = array ();
$arr = array (); $opened_tags = array ();
$current = & $xml_array; $arr = array ();
$repeated_tag_index = array (); $current = & $xml_array;
foreach ($xml_values as $data) $repeated_tag_index = array ();
{ foreach ($xml_values as $data) {
unset ($attributes, $value); unset ($attributes, $value);
extract($data); extract($data);
$result = array (); $result = array ();
$attributes_data = array (); $attributes_data = array ();
if (isset ($value)) if (isset ($value))
{ {
if ($priority == 'tag') if ($priority == 'tag') {
$result = $value; $result = $value;
else } else {
$result['value'] = $value; $result['value'] = $value;
} }
if (isset ($attributes) and $get_attributes) }
{ if (isset ($attributes) and $get_attributes) {
foreach ($attributes as $attr => $val) foreach ($attributes as $attr => $val) {
{ if ($priority == 'tag') {
if ($priority == 'tag') $attributes_data[$attr] = $val;
$attributes_data[$attr] = $val; } else {
else $result['attr'][$attr] = $val; //Set all the attributes in a array called 'attr'
$result['attr'][$attr] = $val; //Set all the attributes in a array called 'attr' }
} }
} }
if ($type == "open") if ($type == "open") {
{ $parent[$level -1] = & $current;
$parent[$level -1] = & $current; if (!is_array($current) || (!in_array($tag, array_keys($current)))) {
if (!is_array($current) or (!in_array($tag, array_keys($current)))) $current[$tag] = $result;
{ if ($attributes_data) {
$current[$tag] = $result; $current[$tag . '_attr'] = $attributes_data;
if ($attributes_data) }
$current[$tag . '_attr'] = $attributes_data; $repeated_tag_index[$tag . '_' . $level] = 1;
$repeated_tag_index[$tag . '_' . $level] = 1; $current = & $current[$tag];
$current = & $current[$tag]; } else {
} if (isset ($current[$tag][0])) {
else $current[$tag][$repeated_tag_index[$tag . '_' . $level]] = $result;
{ $repeated_tag_index[$tag . '_' . $level]++;
if (isset ($current[$tag][0])) } else {
{ $current[$tag] = array ($current[$tag], $result );
$current[$tag][$repeated_tag_index[$tag . '_' . $level]] = $result; $repeated_tag_index[$tag . '_' . $level] = 2;
$repeated_tag_index[$tag . '_' . $level]++; if (isset ($current[$tag . '_attr'])) {
} $current[$tag]['0_attr'] = $current[$tag . '_attr'];
else unset ($current[$tag . '_attr']);
{ }
$current[$tag] = array ( }
$current[$tag], $last_item_index = $repeated_tag_index[$tag . '_' . $level] - 1;
$result $current = & $current[$tag][$last_item_index];
); }
$repeated_tag_index[$tag . '_' . $level] = 2; } elseif ($type == "complete") {
if (isset ($current[$tag . '_attr'])) if (!isset ($current[$tag])) {
{ $current[$tag] = $result;
$current[$tag]['0_attr'] = $current[$tag . '_attr']; $repeated_tag_index[$tag . '_' . $level] = 1;
unset ($current[$tag . '_attr']); if ($priority == 'tag' and $attributes_data) {
} $current[$tag . '_attr'] = $attributes_data;
} }
$last_item_index = $repeated_tag_index[$tag . '_' . $level] - 1; } else {
$current = & $current[$tag][$last_item_index]; if (isset ($current[$tag][0]) and is_array($current[$tag])) {
} $current[$tag][$repeated_tag_index[$tag . '_' . $level]] = $result;
} if ($priority == 'tag' and $get_attributes and $attributes_data) {
elseif ($type == "complete") $current[$tag][$repeated_tag_index[$tag . '_' . $level] . '_attr'] = $attributes_data;
{ }
if (!isset ($current[$tag])) $repeated_tag_index[$tag . '_' . $level]++;
{ } else {
$current[$tag] = $result; $current[$tag] = array ($current[$tag], $result );
$repeated_tag_index[$tag . '_' . $level] = 1; $repeated_tag_index[$tag . '_' . $level] = 1;
if ($priority == 'tag' and $attributes_data) if ($priority == 'tag' and $get_attributes) {
$current[$tag . '_attr'] = $attributes_data; if (isset ($current[$tag . '_attr'])) {
} $current[$tag]['0_attr'] = $current[$tag . '_attr'];
else unset ($current[$tag . '_attr']);
{ }
if (isset ($current[$tag][0]) and is_array($current[$tag])) if ($attributes_data) {
{ $current[$tag][$repeated_tag_index[$tag . '_' . $level] . '_attr'] = $attributes_data;
$current[$tag][$repeated_tag_index[$tag . '_' . $level]] = $result; }
if ($priority == 'tag' and $get_attributes and $attributes_data) }
{ $repeated_tag_index[$tag . '_' . $level]++; //0 and 1 index is already taken
$current[$tag][$repeated_tag_index[$tag . '_' . $level] . '_attr'] = $attributes_data; }
} }
$repeated_tag_index[$tag . '_' . $level]++; } elseif ($type == 'close') {
} $current = & $parent[$level -1];
else }
{ }
$current[$tag] = array ( return ($xml_array);
$current[$tag],
$result
);
$repeated_tag_index[$tag . '_' . $level] = 1;
if ($priority == 'tag' and $get_attributes)
{
if (isset ($current[$tag . '_attr']))
{
$current[$tag]['0_attr'] = $current[$tag . '_attr'];
unset ($current[$tag . '_attr']);
}
if ($attributes_data)
{
$current[$tag][$repeated_tag_index[$tag . '_' . $level] . '_attr'] = $attributes_data;
}
}
$repeated_tag_index[$tag . '_' . $level]++; //0 and 1 index is already taken
}
}
}
elseif ($type == 'close')
{
$current = & $parent[$level -1];
}
}
return ($xml_array);
} }
/* sort by interface only, retain the original order of rules that apply to /* sort by interface only, retain the original order of rules that apply to
the same interface */ the same interface */
function filter_rules_sort() { function filter_rules_sort() {
global $config; global $config;
/* mark each rule with the sequence number (to retain the order while sorting) */ /* mark each rule with the sequence number (to retain the order while sorting) */
for ($i = 0; isset($config['filter']['rule'][$i]); $i++) for ($i = 0; isset($config['filter']['rule'][$i]); $i++) {
$config['filter']['rule'][$i]['seq'] = $i; $config['filter']['rule'][$i]['seq'] = $i;
}
usort($config['filter']['rule'], "filter_rules_compare"); usort($config['filter']['rule'], "filter_rules_compare");
/* strip the sequence numbers again */
/* strip the sequence numbers again */ for ($i = 0; isset($config['filter']['rule'][$i]); $i++) {
for ($i = 0; isset($config['filter']['rule'][$i]); $i++) unset($config['filter']['rule'][$i]['seq']);
unset($config['filter']['rule'][$i]['seq']); }
} }
function filter_rules_compare($a, $b) { function filter_rules_compare($a, $b) {
if (isset($a['floating']) && isset($b['floating'])) if (isset($a['floating']) && isset($b['floating'])) {
return $a['seq'] - $b['seq']; return $a['seq'] - $b['seq'];
else if (isset($a['floating'])) } elseif (isset($a['floating'])) {
return -1; return -1;
else if (isset($b['floating'])) } elseif (isset($b['floating'])) {
return 1; return 1;
else if ($a['interface'] == $b['interface']) } elseif ($a['interface'] == $b['interface']) {
return $a['seq'] - $b['seq']; return $a['seq'] - $b['seq'];
else } else {
return compare_interface_friendly_names($a['interface'], $b['interface']); return compare_interface_friendly_names($a['interface'], $b['interface']);
}
} }
...@@ -838,20 +818,22 @@ function filter_rules_compare($a, $b) { ...@@ -838,20 +818,22 @@ function filter_rules_compare($a, $b) {
* returns associative array with MAC-Manufacturer pairs * returns associative array with MAC-Manufacturer pairs
******/ ******/
function load_mac_manufacturer_table() { function load_mac_manufacturer_table() {
/* load MAC-Manufacture data from the file */ /* load MAC-Manufacture data from the file */
$macs = false; $macs = false;
if (file_exists("/usr/local/share/nmap/nmap-mac-prefixes")) if (file_exists("/usr/local/share/nmap/nmap-mac-prefixes")) {
$macs=file("/usr/local/share/nmap/nmap-mac-prefixes"); $macs=file("/usr/local/share/nmap/nmap-mac-prefixes");
if ($macs){ }
foreach ($macs as $line){ if ($macs){
if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){ foreach ($macs as $line){
/* store values like this $mac_man['000C29']='VMware' */ if (preg_match('/([0-9A-Fa-f]{6}) (.*)$/', $line, $matches)){
$mac_man["$matches[1]"]=$matches[2]; /* store values like this $mac_man['000C29']='VMware' */
} $mac_man["$matches[1]"]=$matches[2];
} }
return $mac_man; }
} else return $mac_man;
return -1; } else {
return -1;
}
} }
...@@ -865,59 +847,66 @@ function load_mac_manufacturer_table() { ...@@ -865,59 +847,66 @@ function load_mac_manufacturer_table() {
* configured and present on this device. * configured and present on this device.
*/ */
function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $check_subnets = false) { function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $check_subnets = false) {
global $config; global $config;
$isipv6 = is_ipaddrv6($ipaddr); $isipv6 = is_ipaddrv6($ipaddr);
if ($check_subnets) {
if ($check_subnets) { $iflist = get_configured_interface_list();
$iflist = get_configured_interface_list(); foreach ($iflist as $if => $ifname) {
foreach ($iflist as $if => $ifname) { if ($ignore_if == $if) {
if ($ignore_if == $if) continue;
continue; }
if ($isipv6 === true) { if ($isipv6 === true) {
$bitmask = get_interface_subnetv6($if); $bitmask = get_interface_subnetv6($if);
$subnet = gen_subnetv6(get_interface_ipv6($if), $bitmask); $subnet = gen_subnetv6(get_interface_ipv6($if), $bitmask);
} else { } else {
$bitmask = get_interface_subnet($if); $bitmask = get_interface_subnet($if);
$subnet = gen_subnet(get_interface_ip($if), $bitmask); $subnet = gen_subnet(get_interface_ip($if), $bitmask);
} }
if (ip_in_subnet($ipaddr, $subnet . '/' . $bitmask)) if (ip_in_subnet($ipaddr, $subnet . '/' . $bitmask)) {
return true; return true;
} }
} else { }
if ($isipv6 === true) } else {
$interface_list_ips = get_configured_ipv6_addresses(); if ($isipv6 === true) {
else $interface_list_ips = get_configured_ipv6_addresses();
$interface_list_ips = get_configured_ip_addresses(); } else {
$interface_list_ips = get_configured_ip_addresses();
foreach($interface_list_ips as $if => $ilips) { }
/* Also ignore CARP interfaces, it'll be checked below */ foreach($interface_list_ips as $if => $ilips) {
if ($ignore_if == $if || strstr($ignore_if, "_vip")) /* Also ignore CARP interfaces, it'll be checked below */
continue; if ($ignore_if == $if || strstr($ignore_if, "_vip")) {
if (strcasecmp($ipaddr, $ilips) == 0) continue;
return true; }
} if (strcasecmp($ipaddr, $ilips) == 0) {
} return true;
}
$interface_list_vips = get_configured_vips_list(true); }
foreach ($interface_list_vips as $id => $vip) { }
if ($ignore_if == $vip['if'])
continue; $interface_list_vips = get_configured_vips_list(true);
if (strcasecmp($ipaddr, $vip['ipaddr']) == 0) foreach ($interface_list_vips as $id => $vip) {
return true; if ($ignore_if == $vip['if']) {
} continue;
}
if ($check_localip) { if (strcasecmp($ipaddr, $vip['ipaddr']) == 0) {
if (is_array($config['pptpd']) && !empty($config['pptpd']['localip']) && (strcasecmp($ipaddr, $config['pptpd']['localip']) == 0)) return true;
return true; }
}
if (!is_array($config['l2tp']) && !empty($config['l2tp']['localip']) && (strcasecmp($ipaddr, $config['l2tp']['localip']) == 0))
return true; if ($check_localip) {
} if (is_array($config['pptpd']) && !empty($config['pptpd']['localip']) && (strcasecmp($ipaddr, $config['pptpd']['localip']) == 0)) {
return true;
return false; }
if (!is_array($config['l2tp']) && !empty($config['l2tp']['localip']) && (strcasecmp($ipaddr, $config['l2tp']['localip']) == 0)) {
return true;
}
}
return false;
} }
...@@ -927,30 +916,30 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, ...@@ -927,30 +916,30 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false,
/* 6rd is variable, calculate from 64 - (v6 prefixlen - (32 - v4 prefixlen)) */ /* 6rd is variable, calculate from 64 - (v6 prefixlen - (32 - v4 prefixlen)) */
/* 6to4 is 16 bits, e.g. 65535 */ /* 6to4 is 16 bits, e.g. 65535 */
function calculate_ipv6_delegation_length($if) { function calculate_ipv6_delegation_length($if) {
global $config; global $config;
if(!isset($config['interfaces'][$if]) || !is_array($config['interfaces'][$if])) { if(!isset($config['interfaces'][$if]) || !is_array($config['interfaces'][$if])) {
return false; return false;
} elseif (!isset($config['interfaces'][$if]['ipaddrv6'])) { } elseif (!isset($config['interfaces'][$if]['ipaddrv6'])) {
return (0); return 0;
} }
switch($config['interfaces'][$if]['ipaddrv6']) { switch($config['interfaces'][$if]['ipaddrv6']) {
case "6to4": case "6to4":
$pdlen = 16; $pdlen = 16;
break; break;
case "6rd": case "6rd":
$rd6cfg = $config['interfaces'][$if]; $rd6cfg = $config['interfaces'][$if];
$rd6plen = explode("/", $rd6cfg['prefix-6rd']); $rd6plen = explode("/", $rd6cfg['prefix-6rd']);
$pdlen = (64 - ($rd6plen[1] + (32 - $rd6cfg['prefix-6rd-v4plen']))); $pdlen = (64 - ($rd6plen[1] + (32 - $rd6cfg['prefix-6rd-v4plen'])));
break; break;
case "dhcp6": case "dhcp6":
$dhcp6cfg = $config['interfaces'][$if]; $dhcp6cfg = $config['interfaces'][$if];
$pdlen = $dhcp6cfg['dhcp6-ia-pd-len']; $pdlen = $dhcp6cfg['dhcp6-ia-pd-len'];
break; break;
default: default:
$pdlen = 0; $pdlen = 0;
break; break;
} }
return($pdlen); return $pdlen;
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023