/**
* restart cron service
* @return array
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$backend = new Backend();
// generate template
$backend->configdRun("template reload OPNsense.Cron");
// (res)start daemon
$backend->configdRun("cron restart");
return array("status" => "ok");
} else {
return array("status" => "failed");
}
}
/**
* reconfigure ipfw, generate config and reload
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$backend = new Backend();
$backend->configdRun("template reload OPNsense.IPFW");
$bckresult = trim($backend->configdRun("ipfw reload"));
if ($bckresult == "OK") {
$status = "ok";
} else {
$status = "error reloading shaper (" . $bckresult . ")";
}
return array("status" => $status);
} else {
return array("status" => "failed");
}
}
/**
* reconfigure captive portal
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$backend = new Backend();
// the ipfw rules need to know about all the zones, so we need to reload ipfw for the portal to work
$backend->configdRun("template reload OPNsense.IPFW");
$bckresult = trim($backend->configdRun("ipfw reload"));
if ($bckresult == "OK") {
// TODO: implement portal webservers restart/reconfigure
$status = "ok";
} else {
$status = "error reloading captive portal (" . $bckresult . ")";
}
return array("status" => $status);
} else {
return array("status" => "failed");
}
}
/**
* test HelloWorld
*/
public function testAction()
{
if ($this->request->isPost()) {
$backend = new Backend();
$bckresult = json_decode(trim($backend->configdRun("helloworld test")), true);
if ($bckresult !== null) {
// only return valid json type responses
return $bckresult;
}
}
return array("message" => "unable to run config action");
}
/**
* reconfigure captive portal
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$backend = new Backend();
// the ipfw rules need to know about all the zones, so we need to reload ipfw for the portal to work
$backend->configdRun("template reload OPNsense.IPFW");
$bckresult = trim($backend->configdRun("ipfw reload"));
if ($bckresult == "OK") {
// generate captive portal config
$bckresult = trim($backend->configdRun("template reload OPNsense.Captiveportal"));
if ($bckresult == "OK") {
$mdlCP = new CaptivePortal();
if ($mdlCP->isEnabled()) {
$bckresult = trim($backend->configdRun("captiveportal restart"));
if ($bckresult == "OK") {
$status = "ok";
} else {
$status = "error reloading captive portal";
}
} else {
$backend->configdRun("captiveportal stop");
$status = "ok";
}
} else {
$status = "error reloading captive portal template";
}
} else {
$status = "error reloading captive portal rules (" . $bckresult . ")";
}
return array("status" => $status);
} else {
return array("status" => "failed");
}
}
/**
* generate validation data (list of known configd actions)
*/
public function eventPostLoading()
{
if (!array_key_exists($this->internalCacheKey, self::$internalOptionList)) {
self::$internalOptionList[$this->internalCacheKey] = array();
$backend = new Backend();
$service_tempfile = "/tmp/configdmodelfield.data";
// check configd daemon for list of available actions, cache results as long as configd is not restarted
if (!file_exists($service_tempfile) || filemtime($service_tempfile) < $backend->getLastRestart()) {
$response = $backend->configdRun("configd actions json", false, 20);
$actions = json_decode($response, true);
if (is_array($actions)) {
file_put_contents($service_tempfile, $response);
}
} else {
$actions = json_decode(file_get_contents($service_tempfile), true);
if (!is_array($actions)) {
$actions = array();
}
}
foreach ($actions as $key => $value) {
// use filters to determine relevance
$isMatched = true;
foreach ($this->internalFilters as $filterKey => $filterData) {
if (array_key_exists($filterKey, $value)) {
$fieldData = $value[$filterKey];
if (!preg_match($filterData, $fieldData)) {
$isMatched = false;
}
}
}
if ($isMatched) {
if (!isset($value['description']) || $value['description'] == '') {
self::$internalOptionList[$this->internalCacheKey][$key] = $key;
} else {
self::$internalOptionList[$this->internalCacheKey][$key] = $value['description'];
}
}
}
}
}
/**
* list all available logs
* @return array list of alert logs
* @throws \Exception
*/
public function getAlertLogsAction()
{
$backend = new Backend();
$response = $backend->configdRun("ids list alertlogs");
$result = json_decode($response, true);
if ($result != null) {
$logs = array();
foreach ($result as $log) {
$log['modified'] = date('Y/m/d G:i', $log['modified']);
$logs[] = $log;
}
return $logs;
} else {
return array();
}
}
/**
* Reconfigure zones ( generate and load ruleset )
*/
public function reconfigure()
{
$backend = new Backend();
if ($this->isEnabled()) {
$ruleset_filename = FactoryDefault::getDefault()->get('config')->globals->temp_path . "/ipfw.rules";
$response = $backend->configdRun("template reload OPNsense.IPFW");
if (trim($response) == "OK") {
// load ruleset when ruleset is successfully loaded
$this->shell->exec("/etc/rc.d/ipfw start");
}
// update tables
$this->update();
// after reinit all accounting rules are vanished, reapply them for active sessions
$this->loadAccounting();
} else {
// captiveportal is disabled, create new config and reload ipfw
$response = $backend->configdRun("template reload OPNsense.IPFW");
$this->shell->exec("/etc/rc.d/ipfw start");
}
}
/**
* toggle usage of rule file or set enabled / disabled depending on parameters
* @param $filename (target) rule file name
* @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle
* @return array status 0/1 or error
* @throws \Exception
* @throws \Phalcon\Validation\Exception
*/
public function toggleInstalledRulesetAction($filename, $enabled = null)
{
$result = array("status" => "none");
if ($this->request->isPost()) {
$backend = new Backend();
$response = $backend->configdRun("ids list installablerulesets");
$data = json_decode($response, true);
if ($data != null && array_key_exists("items", $data) && array_key_exists($filename, $data['items'])) {
$node = $this->getModel()->getFileNode($filename);
if ($enabled == "0" || $enabled == "1") {
$node->enabled = (string) $enabled;
} elseif ((string) $node->enabled == "1") {
$node->enabled = "0";
} else {
$node->enabled = "1";
}
$result['status'] = $node->enabled;
$this->getModel()->serializeToConfig();
Config::getInstance()->save();
} else {
$result['status'] = "error";
}
}
return $result;
}
/**
* reconfigure IDS
*/
public function reconfigureAction()
{
$status = "failed";
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$mdlIDS = new IDS();
$runStatus = $this->statusAction();
if ($runStatus['status'] == "running" && (string) $mdlIDS->general->enabled == 0) {
$this->stopAction();
}
$backend = new Backend();
$bckresult = trim($backend->configdRun("template reload OPNsense.IDS"));
if ($bckresult == "OK") {
if ((string) $mdlIDS->general->enabled == 1) {
$bckresult = trim($backend->configdRun("ids install rules"));
if ($bckresult == "OK") {
if ($runStatus['status'] == 'running') {
$status = $this->restartAction()['response'];
} else {
$status = $this->startAction()['response'];
}
} else {
$status = "error installing ids rules (" . $bckresult . ")";
}
} else {
$status = "OK";
}
} else {
$status = "error generating ids template (" . $bckresult . ")";
}
}
return array("status" => $status);
}
/**
* fetch acls
* @return array
*/
public function fetchaclsAction()
{
if ($this->request->isPost()) {
$backend = new Backend();
// generate template
$backend->configdRun("template reload OPNsense.Proxy");
// fetch files
$response = $backend->configdRun("proxy fetchacls");
return array("response" => $response, "status" => "ok");
} else {
return array("response" => array());
}
}
/**
* reconfigure squid, generate config and reload
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
// close session for long running action
$this->sessionClose();
$mdlProxy = new Proxy();
$backend = new Backend();
$runStatus = $this->statusAction();
// stop squid when disabled
if ($runStatus['status'] == "running" && $mdlProxy->general->enabled->__toString() == 0) {
$this->stopAction();
}
// generate template
$backend->configdRun("template reload OPNsense.Proxy");
// (res)start daemon
if ($mdlProxy->general->enabled->__toString() == 1) {
if ($runStatus['status'] == "running") {
$backend->configdRun("proxy reconfigure");
} else {
$this->startAction();
}
}
return array("status" => "ok");
} else {
return array("status" => "failed");
}
}
/**
* retrieve upgrade status (and log file of current process)
*/
public function upgradestatusAction()
{
$backend = new Backend();
$result = array("status" => "running");
$cmd_result = trim($backend->configdRun("firmware upgrade_status"));
$result['log'] = $cmd_result;
if (trim($cmd_result) == "Execute error") {
$result["status"] = "error";
} elseif (strpos($cmd_result, '***DONE***') !== false) {
$result["status"] = "done";
} elseif (strpos($cmd_result, '***REBOOT***') !== false) {
$result["status"] = "reboot";
}
return $result;
}
/**
* list local and remote packages
* @return array
*/
public function infoAction()
{
$this->sessionClose();
// long running action, close session
$response = array('local' => array(), 'remote' => array());
$backend = new Backend();
$remote = $backend->configdRun('firmware remote');
$local = $backend->configdRun('firmware local');
/*
* pkg(8) returns malformed json by simply outputting each
* indivudual package json block... fix it up for now.
*/
$local = str_replace("\n}\n", "\n},\n", trim($local));
$local = json_decode('[' . $local . ']', true);
if ($local != null) {
$keep = array('name', 'version', 'comment', 'www', 'flatsize', 'licenses', 'desc', 'categories');
foreach ($local as $infos) {
$stripped = array();
foreach ($infos as $key => $info) {
if (in_array($key, $keep)) {
$stripped[$key] = $info;
}
}
$response['local'][] = $stripped;
}
}
/* Remote packages are only a flat list */
$remote = explode("\n", trim($remote));
foreach ($remote as $name) {
/* keep layout compatible with the above */
$response['remote'][] = array('name' => $name);
}
return $response;
}
/**
* toggle usage of rule file or set enabled / disabled depending on parameters
* @param $filenames (target) rule file name, or list of filenames separated by a comma
* @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle
* @return array status 0/1 or error
* @throws \Exception
* @throws \Phalcon\Validation\Exception
*/
public function toggleInstalledRulesetAction($filenames, $enabled = null)
{
$update_count = 0;
$result = array("status" => "none");
if ($this->request->isPost()) {
$backend = new Backend();
$response = $backend->configdRun("ids list installablerulesets");
$data = json_decode($response, true);
foreach (explode(",", $filenames) as $filename) {
if ($data != null && array_key_exists("items", $data) && array_key_exists($filename, $data['items'])) {
$node = $this->getModel()->getFileNode($filename);
if ($enabled == "0" || $enabled == "1") {
$node->enabled = (string) $enabled;
} elseif ((string) $node->enabled == "1") {
$node->enabled = "0";
} else {
$node->enabled = "1";
}
// only update result state if all items until now are ok
if ($result['status'] != 'error') {
$result['status'] = $node->enabled;
}
$update_count++;
} else {
$result['status'] = "error";
}
}
if ($update_count > 0) {
$this->getModel()->serializeToConfig();
Config::getInstance()->save();
}
}
return $result;
}
/**
* list local and remote packages
* @return array
*/
public function infoAction()
{
$this->sessionClose();
// long running action, close session
$keys = array('name', 'version', 'comment', 'flatsize', 'locked');
$backend = new Backend();
$response = array();
/* package infos are flat lists with 3 pipes as delimiter */
foreach (array('local', 'remote') as $type) {
$current = $backend->configdRun("firmware {$type}");
$current = explode("\n", trim($current));
$response[$type] = array();
foreach ($current as $line) {
$expanded = explode('|||', $line);
$translated = array();
$index = 0;
if (count($expanded) != count($keys)) {
continue;
}
foreach ($keys as $key) {
$translated[$key] = $expanded[$index++];
}
$response[$type][] = $translated;
}
}
return $response;
}
/**
* list available classtypes
* @return array
* @throws \Exception
*/
public function listRuleClasstypesAction()
{
$backend = new Backend();
$response = $backend->configdRun("ids list classtypes");
$data = json_decode($response, true);
if ($data != null && array_key_exists("items", $data)) {
return $data;
} else {
return array();
}
}