public function __construct()
{
// Is firewall enabled and active?
try {
$this->fwobj = \FreePBX::Firewall();
$this->fw = $this->fwobj->isEnabled();
} catch (\Exception $e) {
// Firewall not active, or not enabled, don't do anything
return;
}
}
public function getSettings()
{
$retarr = array("ssf" => true, "period" => 60, "responsive" => false);
$retarr['rprotocols'] = array("pjsip" => array("state" => true, "descr" => _("SIP Protocol (pjsip)")), "chansip" => array("state" => true, "descr" => _("Legacy SIP (chan_sip)")), "iax" => array("state" => false, "descr" => _("IAX Protocol")));
if (\FreePBX::Firewall()->getConfig("responsivefw")) {
$retarr['responsive'] = true;
foreach ($retarr['rprotocols'] as $id => $null) {
$retarr['rprotocols'][$id]['state'] = \FreePBX::Firewall()->getConfig($id, "rfw");
}
}
return $retarr;
}
private function &getCurrentIptables()
{
if (!$this->currentconf) {
// Am I root?
if (posix_getuid() === 0) {
// Parse iptables-save output
exec('/sbin/iptables-save 2>&1', $ipv4, $ret);
exec('/sbin/ip6tables-save 2>&1', $ipv6, $ret);
$this->currentconf = array("ipv4" => $this->parseIptablesOutput($ipv4), "ipv6" => $this->parseIptablesOutput($ipv6));
} else {
// Not root, need to run a hook.
@unlink("/tmp/iptables.out");
\FreePBX::Firewall()->runHook("getiptables");
// Wait for up to 5 seconds for the output.
$crashafter = time() + 5;
while (!file_exists("/tmp/iptables.out")) {
if ($crashafter > time()) {
throw new \Exception("/tmp/iptables.out wasn't created");
}
usleep(200000);
}
// OK, it exists. We should be able to parse it as json
while (true) {
$json = file_get_contents("/tmp/iptables.out");
$res = json_decode($json, true);
if (!is_array($res)) {
if ($crashafter > time()) {
throw new \Exception("/tmp/iptables.out wasn't valid json");
}
usleep(200000);
} else {
$this->currentconf = $res;
break;
}
}
}
}
// Return as a ref, people may want to mangle it.
return $this->currentconf;
}
