function zfszpool_process_updatenotification($mode, $data)
{
global $config;
$retval = 0;
switch ($mode) {
case UPDATENOTIFY_MODE_NEW:
$retval = zfs_zpool_configure($data);
break;
case UPDATENOTIFY_MODE_MODIFIED:
$retval = zfs_zpool_properties($data);
break;
case UPDATENOTIFY_MODE_DIRTY:
$cnid = array_search_ex($data, $config['zfs']['pools']['pool'], "uuid");
if (FALSE !== $cnid) {
zfs_zpool_destroy($data);
unset($config['zfs']['pools']['pool'][$cnid]);
write_config();
// remove existing pool cache
conf_mount_rw();
unlink_if_exists("{$g['cf_path']}/boot/zfs/zpool.cache");
conf_mount_ro();
}
break;
}
return $retval;
}
function write_rule_file($content_changed, $received_file)
{
conf_mount_rw();
//read snort file with writing enabled
$filehandle = fopen($received_file, "w");
//delimiter for each new rule is a new line
$delimiter = "\n";
//implode the array back into a string for writing purposes
$fullfile = implode($delimiter, $content_changed);
//write data to file
fwrite($filehandle, $fullfile);
//close file handle
fclose($filehandle);
conf_mount_rw();
}
function snort_copy_rules($files, $snortdir, $snort_uuid, $if_real)
{
if (empty($files)) {
return;
}
conf_mount_rw();
foreach ($files as $file) {
if (!file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}")) {
@copy("{$snortdir}/rules/{$file}", "{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}");
}
if (substr($file, -9) == ".so.rules") {
$slib = substr($enabled_item, 6, -6);
if (!file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/dynamicrules/{$slib}")) {
@copy("/usr/local/lib/snort/dynamicrules/{$file}", "{$snortdir}/snort_{$snort_uuid}_{$if_real}/dynamicrules/{$slib}");
}
}
}
conf_mount_ro();
}
$toapplylist[$if]['ifcfg'] = $wancfg;
$toapplylist[$if]['ppps'] = $a_ppps;
/* we need to be able remove IP aliases for IPv6 */
file_put_contents("{$g['tmp_path']}/.interfaces.apply", serialize($toapplylist));
header("Location: interfaces.php?if={$if}");
exit;
} else {
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
if (is_numeric("0x" . $_POST['track6-prefix-id--hex'])) {
$pconfig['track6-prefix-id'] = intval($_POST['track6-prefix-id--hex'], 16);
} else {
$pconfig['track6-prefix-id'] = 0;
}
conf_mount_rw();
/* filter out spaces from descriptions */
$_POST['descr'] = remove_bad_chars($_POST['descr']);
/* okay first of all, cause we are just hiding the PPPoE HTML
* fields related to PPPoE resets, we are going to unset $_POST
* vars, if the reset feature should not be used. Otherwise the
* data validation procedure below, may trigger a false error
* message.
*/
if (empty($_POST['pppoe-reset-type'])) {
unset($_POST['pppoe_pr_type']);
unset($_POST['pppoe_resethour']);
unset($_POST['pppoe_resetminute']);
unset($_POST['pppoe_resetdate']);
unset($_POST['pppoe_pr_preset_val']);
}
function read_body_firmware($ch, $string)
{
global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version;
$length = strlen($string);
$downloaded += intval($length);
$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
$downloadProgress = 100 - $downloadProgress;
$a = $file_size;
$b = $downloaded;
$c = $downloadProgress;
$text = " Snort download in progress\\n";
$text .= "----------------------------------------------------\\n";
$text .= " Downloaded : {$b}\\n";
$text .= "----------------------------------------------------\\n";
$counter++;
if ($counter > 150) {
update_output_window($text);
update_progress_bar($downloadProgress);
flush();
$counter = 0;
}
conf_mount_rw();
fwrite($fout, $string);
conf_mount_ro();
return $length;
}
function show_recordings()
{
conf_mount_rw();
safe_mkdir("/etc/phpshellsessions");
if ($recording) {
conf_mount_ro();
}
echo "==> Sessions available for playback are:\n";
system("cd /etc/phpshellsessions && ls /etc/phpshellsessions");
echo "==> end of list.\n";
}
function read_lists()
{
global $config, $g;
$group_type = array();
$dir = "/usr/local/etc/dansguardian/lists";
#read dansguardian lists dirs
$groups = array("phraselists", "blacklists", "whitelists");
#assigns know list files
$types = array('domains', 'urls', 'banned', 'weighted', 'exception', 'expression');
#clean previous xml config for dansguardian lists
foreach ($config['installedpackages'] as $key => $values) {
if (preg_match("/dansguardian(phrase|black|white)lists/", $key)) {
unset($config['installedpackages'][$key]);
}
}
#find lists
foreach ($groups as $group) {
if (is_dir("{$dir}/{$group}/")) {
#read dir content and find lists
$lists = scandir("{$dir}/{$group}/");
foreach ($lists as $list) {
if (!preg_match("/^\\./", $list) && is_dir("{$dir}/{$group}/{$list}/")) {
$category = scandir("{$dir}/{$group}/{$list}/");
foreach ($category as $file) {
if (!preg_match("/^\\./", $file)) {
#assign list to array
$type = split("_", $file);
if (preg_match("/(\\w+)/", $type[0], $matches)) {
}
$xml_type = $matches[1];
if ($config['installedpackages']['dansguardianblacklist']['config'][0]["liston"] == "both" && $group == "blacklists") {
$config['installedpackages']['dansguardianwhitelists' . $xml_type]['config'][] = array("descr" => "{$list} {$file}", "list" => $list, "file" => "{$dir}/{$group}/{$list}/{$file}");
}
$config['installedpackages']['dansguardian' . $group . $xml_type]['config'][] = array("descr" => "{$list} {$file}", "list" => $list, "file" => "{$dir}/{$group}/{$list}/{$file}");
}
}
}
}
}
}
conf_mount_rw();
$files = array("site", "url");
foreach ($files as $edit_xml) {
$edit_file = file_get_contents("/usr/local/pkg/dansguardian_" . $edit_xml . "_acl.xml");
if (count($config['installedpackages']['dansguardianblacklistsdomains']['config']) > 18) {
$edit_file = preg_replace('/size.6/', 'size>20', $edit_file);
if ($config['installedpackages']['dansguardianblacklist']['config'][0]["liston"] == "both") {
$edit_file = preg_replace('/size.5/', 'size>19', $edit_file);
}
} else {
$edit_file = preg_replace('/size.20/', 'size>6', $edit_file);
}
if ($config['installedpackages']['dansguardianblacklist']['config'][0]["liston"] != "both") {
$edit_file = preg_replace('/size.19/', 'size>5', $edit_file);
}
file_put_contents("/usr/local/pkg/dansguardian_" . $edit_xml . "_acl.xml", $edit_file, LOCK_EX);
}
file_notice("Dansguardian - Blacklist applied, check site and URL access lists for categories", "");
#foreach($config['installedpackages'] as $key => $values)
# if (preg_match("/dansguardian(phrase|black|white)lists/",$key))
# print "$key\n";
write_config();
}
function snort_add_supplist_entry($suppress)
{
/************************************************/
/* Adds the passed entry to the Suppress List */
/* for the active interface. If a Suppress */
/* List is defined for the interface, it is */
/* used. If no list is defined, a new default */
/* list is created using the interface name. */
/* */
/* On Entry: */
/* $suppress --> suppression entry text */
/* */
/* Returns: */
/* TRUE if successful or FALSE on failure */
/************************************************/
global $config, $a_instance, $instanceid;
if (!is_array($config['installedpackages']['snortglobal']['suppress'])) {
$config['installedpackages']['snortglobal']['suppress'] = array();
}
if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) {
$config['installedpackages']['snortglobal']['suppress']['item'] = array();
}
$a_suppress =& $config['installedpackages']['snortglobal']['suppress']['item'];
$found_list = false;
/* If no Suppress List is set for the interface, then create one with the interface name */
if (empty($a_instance[$instanceid]['suppresslistname']) || $a_instance[$instanceid]['suppresslistname'] == 'default') {
$s_list = array();
$s_list['uuid'] = uniqid();
$s_list['name'] = $a_instance[$instanceid]['interface'] . "suppress" . "_" . $s_list['uuid'];
$s_list['descr'] = "Auto-generated list for Alert suppression";
$s_list['suppresspassthru'] = base64_encode($suppress);
$a_suppress[] = $s_list;
$a_instance[$instanceid]['suppresslistname'] = $s_list['name'];
$found_list = true;
$list_name = $s_list['name'];
} else {
/* If we get here, a Suppress List is defined for the interface so see if we can find it */
foreach ($a_suppress as $a_id => $alist) {
if ($alist['name'] == $a_instance[$instanceid]['suppresslistname']) {
$found_list = true;
$list_name = $alist['name'];
if (!empty($alist['suppresspassthru'])) {
$tmplist = base64_decode($alist['suppresspassthru']);
$tmplist .= "\n{$suppress}";
$alist['suppresspassthru'] = base64_encode($tmplist);
$a_suppress[$a_id] = $alist;
} else {
$alist['suppresspassthru'] = base64_encode($suppress);
$a_suppress[$a_id] = $alist;
}
}
}
}
/* If we created a new list or updated an existing one, save the change, */
/* tell Snort to load it, and return true; otherwise return false. */
if ($found_list) {
write_config("Snort pkg: modified Suppress List {$list_name}.");
conf_mount_rw();
sync_snort_package_config();
conf_mount_ro();
snort_reload_config($a_instance[$instanceid]);
return true;
} else {
return false;
}
}
function reset_snortgeneralsettingsFunc()
{
conf_mount_rw();
reset_snortgeneralsettings();
conf_mount_ro();
}
function write_db($stm, $table, $days)
{
global $postfix_dir, $config, $g;
conf_mount_rw();
$do_sync = array();
print "writing to database...";
foreach ($days as $day) {
if (strlen($stm[$day]) > 10 && is_array($config['installedpackages']['postfixsync']['config'])) {
foreach ($config['installedpackages']['postfixsync']['config'] as $rs) {
foreach ($rs['row'] as $sh) {
$sync_to_ip = $sh['ipaddress'];
$sync_type = $sh['sync_type'];
$password = $sh['password'];
$sql_file = '/var/db/postfix/' . $sync_to_ip . '.sql';
${$sync_to_ip} = "";
if (file_exists($sql_file)) {
${$sync_to_ip} = file_get_contents($sql_file);
}
if ($sync_to_ip && $sync_type == "share") {
${$sync_to_ip} .= serialize(array('day' => $day, 'sql' => base64_encode(gzcompress($stm[$day] . "COMMIT;", 9)))) . "\n";
if (!in_array($sync_to_ip, $do_sync)) {
$do_sync[] = $sync_to_ip;
}
}
}
}
/* Write local db file */
create_db($day . ".db");
if ($debug) {
print "writing to local db {$day}...";
}
$dbhandle = sqlite_open($postfix_dir . $day . ".db", 0666, $error);
if (!$dbhandle) {
die($error);
}
//file_put_contents("/tmp/" . $key . '-' . $update['day'] . ".sql", gzuncompress(base64_decode($update['sql'])), LOCK_EX);
$ok = sqlite_exec($dbhandle, $stm[$day] . "COMMIT;", $error);
if (!$ok) {
print "Cannot execute query. {$error}\n" . $stm[$day] . "COMMIT;\n";
} elseif ($debug) {
print "ok\n";
}
sqlite_close($dbhandle);
}
}
/* Write updated sql files */
if (count($do_sync) > 0) {
foreach ($do_sync as $ip) {
file_put_contents('/var/db/postfix/' . $ip . '.sql', ${$ip}, LOCK_EX);
}
}
conf_mount_ro();
/* Write local file */
}
