<?php $debug = true; $thissvc = "firewall"; include 'lock.php'; use FreePBX\modules\Firewall\Lock; if (!Lock::canLock($thissvc)) { print "Firewall Service already running, not restarting...\n"; syslog(LOG_WARNING | LOG_LOCAL0, "Firewall Service already running, not restarting..."); exit; } require 'common.php'; fwLog("Starting firewall service"); // Load our validator $v = new \FreePBX\modules\Firewall\Validator($sig); if (posix_geteuid() !== 0) { throw new \Exception("I must be run as root."); } // Grab what our database connection settings are $f = file_get_contents("/etc/freepbx.conf"); preg_match_all("/amp_conf\\[['\"](.+)['\"]\\]\\s?=\\s?['\"](.+)['\"];/m", $f, $out); $mysettings = array(); foreach ($out[1] as $id => $val) { $mysettings[$val] = $out[2][$id]; } $fwconf = getSettings($mysettings); if (!$fwconf['active']) { // Don't need to log this // print "Not active. Shutting down\n"; shutdown(); } else {
// Record the startup stats so we can check if we've been modified, so we // know when to restart. $startup = array("filename" => $thisphar, "starthash" => hash_file('sha256', $thisphar)); // Save the mtime (modified timestamp) of the phar. $s = stat($thisphar); $startup['mtime'] = $s['mtime']; // Create the Validator object require '/usr/lib/sysadmin/includes.php'; $g = new \Sysadmin\GPG(); $sigfile = \Sysadmin\FreePBX::Config()->get('AMPWEBROOT') . "/admin/modules/firewall/module.sig"; $sig = $g->checkSig($sigfile); if (!isset($sig['config']['hash']) || $sig['config']['hash'] !== "sha256") { throw new \Exception("Invalid sig file.. Hash is not sha256 - check {$sigfile}"); } require 'validator.php'; $v = new \FreePBX\modules\Firewall\Validator($sig); // Global // Grab the driver for this machine $v->secureInclude('Driver.class.php'); $d = new \FreePBX\modules\Firewall\Driver(); $driver = $d->getDriver(); // End of 'common' functions. We can now return to the caller. return; // 'Check myself' function // This makes sure that I haven't been upgraded and replaced. If something HAS changed, // then return true. Otherwise return false. Crash if crazy. function pharChanged() { global $startup; if (!isset($startup['mtime'])) { throw new \Exception("startup global corrupted");