532 lines
16 KiB
PHP
Executable File
532 lines
16 KiB
PHP
Executable File
#!/usr/local/bin/php -q
|
|
<?php
|
|
/* $Id$ */
|
|
/*
|
|
rc.initial.setlanip
|
|
part of m0n0wall (http://m0n0.ch/wall)
|
|
|
|
Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
|
All rights reserved.
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
modification, are permitted provided that the following conditions are met:
|
|
|
|
1. Redistributions of source code must retain the above copyright notice,
|
|
this list of conditions and the following disclaimer.
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
notice, this list of conditions and the following disclaimer in the
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
|
|
|
|
$options = getopt("hn", array("dry-run", "help"));
|
|
|
|
if (isset($options["h"]) || isset($options["help"])) {
|
|
echo "usage: /etc/rc.initial.setlanip [option ...]\n";
|
|
echo " -h, --help show this message\n";
|
|
echo " -n, --dry-run do not make any configuration changes\n";
|
|
exit(0);
|
|
}
|
|
|
|
$dry_run = isset($options["n"]) || isset($options["dry-run"]);
|
|
if ($dry_run) {
|
|
echo "DRY RUN MODE IS ON\n";
|
|
}
|
|
|
|
|
|
|
|
/* parse the configuration and include all functions used below */
|
|
require_once("config.inc");
|
|
require_once("functions.inc");
|
|
require_once("filter.inc");
|
|
require_once("shaper.inc");
|
|
require_once("rrd.inc");
|
|
|
|
function console_get_interface_from_ppp($realif) {
|
|
global $config;
|
|
|
|
if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) {
|
|
foreach ($config['ppps']['ppp'] as $pppid => $ppp) {
|
|
if ($realif == $ppp['if']) {
|
|
$ifaces = explode(",", $ppp['ports']);
|
|
return $ifaces[0];
|
|
}
|
|
}
|
|
}
|
|
|
|
return "";
|
|
}
|
|
|
|
function prompt_for_enable_dhcp_server($version = 4) {
|
|
global $config, $fp, $interface;
|
|
if($interface == "wan") {
|
|
if($config['interfaces']['lan'])
|
|
return "n";
|
|
}
|
|
/* only allow DHCP server to be enabled when static IP is
|
|
configured on this interface */
|
|
if ($version === 6) {
|
|
$is_ipaddr = is_ipaddrv6($config['interfaces'][$interface]['ipaddrv6']);
|
|
} else {
|
|
$is_ipaddr = is_ipaddrv4($config['interfaces'][$interface]['ipaddr']);
|
|
}
|
|
if ($is_ipaddr) {
|
|
$label_DHCP = ($version === 6) ? "DHCP6" : "DHCP";
|
|
do {
|
|
$good = false;
|
|
$upperifname = strtoupper($interface);
|
|
echo "\n" . sprintf(gettext("Do you want to enable the %s server on %s? [y|n]"),
|
|
$label_DHCP, $upperifname) . " ";
|
|
$yn = strtolower(chop(fgets($fp)));
|
|
if ($yn[0] == "y" or $yn[0] == "n")
|
|
$good = true;
|
|
} while (!$good);
|
|
}
|
|
return $yn;
|
|
}
|
|
|
|
function get_interface_config_description($iface) {
|
|
global $config;
|
|
$c = $config['interfaces'][$iface];
|
|
if (!$c) { return null; }
|
|
$if = $c['if'];
|
|
$result = $if;
|
|
$result2 = array();
|
|
$ipaddr = $c['ipaddr'];
|
|
$ipaddrv6 = $c['ipaddrv6'];
|
|
if (is_ipaddr($ipaddr)) {
|
|
$result2[] = "static";
|
|
} else if ($ipaddr == "dhcp") {
|
|
$result2[] = "dhcp";
|
|
}
|
|
if (is_ipaddr($ipaddrv6)) {
|
|
$result2[] = "staticv6";
|
|
} else if ($ipaddrv6 == "dhcp6") {
|
|
$result2[] = "dhcp6";
|
|
}
|
|
if (count($result2)) {
|
|
$result .= " - " . implode(", ", $result2);
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
$fp = fopen('php://stdin', 'r');
|
|
|
|
/* build an interface collection */
|
|
$ifdescrs = get_configured_interface_with_descr(false, true);
|
|
$count = count($ifdescrs);
|
|
|
|
/* grab interface that we will operate on, unless there is only one
|
|
interface */
|
|
if ($count > 1) {
|
|
echo "Available interfaces:\n\n";
|
|
$x=1;
|
|
foreach($ifdescrs as $iface => $ifdescr) {
|
|
$config_descr = get_interface_config_description($iface);
|
|
echo "{$x} - {$ifdescr} ({$config_descr})\n";
|
|
$x++;
|
|
}
|
|
echo "\nEnter the number of the interface you wish to configure: ";
|
|
$intnum = chop(fgets($fp));
|
|
} else {
|
|
$intnum = $count;
|
|
}
|
|
|
|
if($intnum < 1)
|
|
exit;
|
|
if($intnum > $count)
|
|
exit;
|
|
|
|
$index = 1;
|
|
foreach ($ifdescrs as $ifname => $ifdesc) {
|
|
if ($intnum == $index) {
|
|
$interface = $ifname;
|
|
break;
|
|
} else {
|
|
$index++;
|
|
}
|
|
}
|
|
if(!$interface) {
|
|
echo "Invalid interface!\n";
|
|
exit;
|
|
}
|
|
|
|
$ifaceassigned = "";
|
|
|
|
function next_unused_gateway_name($interface) {
|
|
global $g, $config;
|
|
$new_name = "GW_" . strtoupper($interface);
|
|
|
|
if (!is_array($config['gateways']['gateway_item'])) { return $new_name; }
|
|
$count = 1;
|
|
do {
|
|
$existing = false;
|
|
foreach ($config['gateways']['gateway_item'] as $item) {
|
|
if ($item['name'] === $new_name) {
|
|
$existing = true;
|
|
break;
|
|
}
|
|
}
|
|
if ($existing) {
|
|
$count += 1;
|
|
$new_name = "GW_" . strtoupper($interface) . "_" . $count;
|
|
}
|
|
} while ($existing);
|
|
return $new_name;
|
|
}
|
|
|
|
function add_gateway_to_config($interface, $gatewayip, $inet_type) {
|
|
global $g, $config, $dry_run;
|
|
if (!is_array($config['gateways']['gateway_item'])) {
|
|
$config['gateways']['gateway_item'] = array();
|
|
}
|
|
$a_gateways = &$config['gateways']['gateway_item'];
|
|
if ($dry_run) {
|
|
print_r($a_gateways);
|
|
}
|
|
$new_name = '';
|
|
$is_default = true;
|
|
foreach ($a_gateways as $item) {
|
|
if ($item['ipprotocol'] === $inet_type) {
|
|
if (isset($item['defaultgw']))
|
|
$is_default = false;
|
|
if (($item['interface'] === $interface) && ($item['gateway'] === $gatewayip))
|
|
$new_name = $item['name'];
|
|
}
|
|
}
|
|
if ($new_name == '') {
|
|
$new_name = next_unused_gateway_name($interface);
|
|
$item = array(
|
|
"interface" => $interface,
|
|
"gateway" => $gatewayip,
|
|
"name" => $new_name,
|
|
"weight" => 1,
|
|
"ipprotocol" => $inet_type,
|
|
"interval" => true,
|
|
"descr" => "Interface $interface Gateway",
|
|
"defaultgw" => $is_default
|
|
);
|
|
if ($dry_run) {
|
|
print_r($item);
|
|
}
|
|
$a_gateways[] = $item;
|
|
}
|
|
|
|
return $new_name;
|
|
}
|
|
|
|
function console_configure_ip_address($version) {
|
|
global $g, $config, $interface, $restart_dhcpd, $ifaceassigned, $fp;
|
|
|
|
$label_IPvX = ($version === 6) ? "IPv6" : "IPv4";
|
|
$maxbits = ($version === 6) ? 127 : 31;
|
|
$label_DHCP = ($version === 6) ? "DHCP6" : "DHCP";
|
|
|
|
$upperifname = strtoupper($interface);
|
|
|
|
if($interface == "wan") {
|
|
echo sprintf(gettext("Configure %s address %s interface via %s? [y|n]"),
|
|
$label_IPvX, $upperifname, $label_DHCP) . "\n> ";
|
|
$intdhcp = chop(fgets($fp));
|
|
if(strtolower($intdhcp) == "y" || strtolower($intdhcp) == "yes") {
|
|
$ifppp = console_get_interface_from_ppp(get_real_interface("wan"));
|
|
if (!empty($ifppp))
|
|
$ifaceassigned = $ifppp;
|
|
$intip = ($version === 6) ? "dhcp6" : "dhcp";
|
|
$intbits = "";
|
|
$isintdhcp = true;
|
|
$restart_dhcpd = true;
|
|
}
|
|
}
|
|
|
|
if($isintdhcp == false or $interface <> "wan") {
|
|
while(true) {
|
|
do {
|
|
echo "\n" . sprintf(gettext("Enter the new %s %s address. Press <ENTER> for none:"),
|
|
$upperifname, $label_IPvX) . "\n> ";
|
|
$intip = chop(fgets($fp));
|
|
$is_ipaddr = ($version === 6) ? is_ipaddrv6($intip) : is_ipaddrv4($intip);
|
|
if ($is_ipaddr && is_ipaddr_configured($intip, $interface, true)) {
|
|
$ip_conflict = true;
|
|
echo gettext("This IP address conflicts with another interface or a VIP") . "\n";
|
|
} else
|
|
$ip_conflict = false;
|
|
} while (($ip_conflict === true) || !($is_ipaddr || $intip == ''));
|
|
if ($intip != '') {
|
|
echo "\n" . sprintf(gettext("Subnet masks are entered as bit counts (as in CIDR notation) in %s."),
|
|
$g['product_name']) . "\n";
|
|
if ($version === 6) {
|
|
echo "e.g. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ff00 = 120\n";
|
|
echo " ffff:ffff:ffff:ffff:ffff:ffff:ffff:0 = 112\n";
|
|
echo " ffff:ffff:ffff:ffff:ffff:ffff:0:0 = 96\n";
|
|
echo " ffff:ffff:ffff:ffff:ffff:0:0:0 = 80\n";
|
|
echo " ffff:ffff:ffff:ffff:0:0:0:0 = 64\n";
|
|
} else {
|
|
echo "e.g. 255.255.255.0 = 24\n";
|
|
echo " 255.255.0.0 = 16\n";
|
|
echo " 255.0.0.0 = 8\n";
|
|
}
|
|
do {
|
|
$upperifname = strtoupper($interface);
|
|
echo "\n" . sprintf(gettext("Enter the new %s %s subnet bit count:"),
|
|
$upperifname, $label_IPvX) . "\n> ";
|
|
$intbits = chop(fgets($fp));
|
|
$intbits_ok = is_numeric($intbits) && (($intbits >= 1) || ($intbits <= $maxbits));
|
|
$restart_dhcpd = true;
|
|
|
|
if ($version === 4 && $intbits < $maxbits) {
|
|
if ($intip == gen_subnet($intip, $intbits)) {
|
|
echo gettext("You cannot set network address to an interface");
|
|
continue 2;
|
|
$intbits_ok = false;
|
|
} else if ($intip == gen_subnet_max($intip, $intbits)) {
|
|
echo gettext("You cannot set broadcast address to an interface");
|
|
continue 2;
|
|
$intbits_ok = false;
|
|
}
|
|
}
|
|
} while (!$intbits_ok);
|
|
|
|
if ($version === 6) {
|
|
$subnet = gen_subnetv6($intip, $intbits);
|
|
} else {
|
|
$subnet = gen_subnet($intip, $intbits);
|
|
}
|
|
do {
|
|
echo "\n" . sprintf(gettext("For a WAN, enter the new %s %s upstream gateway address."), $upperifname, $label_IPvX) . "\n" .
|
|
gettext("For a LAN, press <ENTER> for none:") . "\n> ";
|
|
$gwip = chop(fgets($fp));
|
|
$is_ipaddr = ($version === 6) ? is_ipaddrv6($gwip) : is_ipaddrv4($gwip);
|
|
$is_in_subnet = $is_ipaddr && ip_in_subnet($gwip, $subnet . "/" . $intbits);
|
|
if ($gwip != '') {
|
|
if (!$is_ipaddr) {
|
|
echo sprintf(gettext("not an %s IP address!"), $label_IPvX) . "\n";
|
|
} else if (!$is_in_subnet) {
|
|
echo gettext("not in subnet!") . "\n";
|
|
}
|
|
}
|
|
} while (!($gwip == '' || ($is_ipaddr && $is_in_subnet)));
|
|
|
|
if ($gwip != '') {
|
|
$inet_type = ($version === 6) ? "inet6" : "inet";
|
|
$gwname = add_gateway_to_config($interface, $gwip, $inet_type);
|
|
}
|
|
}
|
|
$ifppp = console_get_interface_from_ppp(get_real_interface($interface));
|
|
if (!empty($ifppp))
|
|
$ifaceassigned = $ifppp;
|
|
break;
|
|
}
|
|
}
|
|
|
|
return array($intip, $intbits, $gwname);
|
|
}
|
|
|
|
list($intip, $intbits, $gwname) = console_configure_ip_address(4);
|
|
list($intip6, $intbits6, $gwname6) = console_configure_ip_address(6);
|
|
|
|
if (!empty($ifaceassigned))
|
|
$config['interfaces'][$interface]['if'] = $ifaceassigned;
|
|
$config['interfaces'][$interface]['ipaddr'] = $intip;
|
|
$config['interfaces'][$interface]['subnet'] = $intbits;
|
|
$config['interfaces'][$interface]['gateway'] = $gwname;
|
|
$config['interfaces'][$interface]['ipaddrv6'] = $intip6;
|
|
$config['interfaces'][$interface]['subnetv6'] = $intbits6;
|
|
$config['interfaces'][$interface]['gatewayv6'] = $gwname6;
|
|
$config['interfaces'][$interface]['enable'] = true;
|
|
|
|
function console_configure_dhcpd($version = 4) {
|
|
global $g, $config, $restart_dhcpd, $fp, $interface, $dry_run, $intip, $intbits, $intip6, $intbits6;
|
|
|
|
$label_IPvX = ($version === 6) ? "IPv6" : "IPv4";
|
|
$dhcpd = ($version === 6) ? "dhcpdv6" : "dhcpd";
|
|
|
|
if($g['services_dhcp_server_enable'])
|
|
$yn = prompt_for_enable_dhcp_server($version);
|
|
if ($yn == "y") {
|
|
$subnet_start = ($version === 6) ? gen_subnetv6($intip6, $intbits6) : gen_subnet($intip, $intbits);
|
|
$subnet_end = ($version === 6) ? gen_subnetv6_max($intip6, $intbits6) : gen_subnet_max($intip, $intbits);
|
|
do {
|
|
do {
|
|
echo sprintf(gettext("Enter the start address of the %s client address range:"), $label_IPvX) . " ";
|
|
$dhcpstartip = chop(fgets($fp));
|
|
if ($dhcpstartip === "") {
|
|
fclose($fp);
|
|
exit(0);
|
|
}
|
|
$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpstartip) : is_ipaddrv4($dhcpstartip);
|
|
$is_inrange = is_inrange($dhcpstartip, $subnet_start, $subnet_end);
|
|
if (!$is_inrange)
|
|
echo gettext("This IP address must be in the interface's subnet") . "\n";
|
|
} while (!$is_ipaddr || !$is_inrange);
|
|
|
|
do {
|
|
echo sprintf(gettext("Enter the end address of the %s client address range:"), $label_IPvX) . " ";
|
|
$dhcpendip = chop(fgets($fp));
|
|
if ($dhcpendip === "") {
|
|
fclose($fp);
|
|
exit(0);
|
|
}
|
|
$is_ipaddr = ($version === 6) ? is_ipaddrv6($dhcpendip) : is_ipaddrv4($dhcpendip);
|
|
$is_inrange = is_inrange($dhcpendip, $subnet_start, $subnet_end);
|
|
if (!$is_inrange)
|
|
echo gettext("This IP address must be in the interface's subnet") . "\n";
|
|
$not_inorder = ($version === 6) ? (inet_pton($dhcpendip) < inet_pton($dhcpstartip)) : ip_less_than($dhcpendip, $dhcpstartip);
|
|
if ($not_inorder) {
|
|
echo gettext("The end address of the DHCP range must be >= the start address") . "\n";
|
|
}
|
|
} while (!$is_ipaddr || !$is_inrange);
|
|
} while ($not_inorder);
|
|
$restart_dhcpd = true;
|
|
$config[$dhcpd][$interface]['enable'] = true;
|
|
$config[$dhcpd][$interface]['range']['from'] = $dhcpstartip;
|
|
$config[$dhcpd][$interface]['range']['to'] = $dhcpendip;
|
|
} else {
|
|
if(isset($config[$dhcpd][$interface]['enable'])) {
|
|
unset($config[$dhcpd][$interface]['enable']);
|
|
printf(gettext("Disabling %s DHCPD..."), $label_IPvX);
|
|
$restart_dhcpd = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
console_configure_dhcpd(4);
|
|
console_configure_dhcpd(6);
|
|
|
|
//*****************************************************************************
|
|
|
|
if ($config['system']['webgui']['protocol'] == "https") {
|
|
|
|
do {
|
|
$good = false;
|
|
echo "\n" . gettext("Do you want to revert to HTTP as the webConfigurator protocol? (y/n)") . " ";
|
|
$yn = strtolower(chop(fgets($fp)));
|
|
if ($yn[0] == "y" or $yn[0] == "n")
|
|
$good = true;
|
|
} while (!$good);
|
|
|
|
if ($yn == "y") {
|
|
$config['system']['webgui']['protocol'] = "http";
|
|
$restart_webgui = true;
|
|
}
|
|
}
|
|
|
|
if (isset($config['system']['webgui']['noantilockout'])) {
|
|
echo "\n" . sprintf(gettext("Note: the anti-lockout rule on %s has been re-enabled."), $interface) . "\n";
|
|
unset($config['system']['webgui']['noantilockout']);
|
|
}
|
|
|
|
if($config['interfaces']['lan']) {
|
|
if($config['dhcpd'])
|
|
if($config['dhcpd']['wan'])
|
|
unset($config['dhcpd']['wan']);
|
|
if($config['dhcpdv6'])
|
|
if($config['dhcpdv6']['wan'])
|
|
unset($config['dhcpdv6']['wan']);
|
|
}
|
|
|
|
if(!$config['interfaces']['lan']) {
|
|
unset($config['interfaces']['lan']);
|
|
if($config['dhcpd']['lan'])
|
|
unset($config['dhcpd']['lan']);
|
|
if($config['dhcpdv6']['lan'])
|
|
unset($config['dhcpdv6']['lan']);
|
|
unset($config['shaper']);
|
|
unset($config['ezshaper']);
|
|
unset($config['nat']);
|
|
if (!$dry_run) {
|
|
system("rm /var/dhcpd/var/db/* >/dev/null 2>/dev/null");
|
|
$restart_dhcpd = true;
|
|
}
|
|
}
|
|
|
|
$upperifname = strtoupper($interface);
|
|
if (!$dry_run) {
|
|
echo "\nPlease wait while the changes are saved to {$upperifname}...";
|
|
write_config(sprintf(gettext("%s IP configuration from console menu"), $interface));
|
|
interface_reconfigure(strtolower($upperifname));
|
|
echo "\n Reloading filter...";
|
|
filter_configure_sync();
|
|
if($restart_dhcpd) {
|
|
echo "\n DHCPD...";
|
|
services_dhcpd_configure();
|
|
}
|
|
if($restart_webgui) {
|
|
echo "\n Restarting webConfigurator... ";
|
|
mwexec("/etc/rc.restart_webgui");
|
|
}
|
|
}
|
|
|
|
if ($intip != '') {
|
|
if (is_ipaddr($intip)) {
|
|
echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),
|
|
$upperifname, "{$intip}/{$intbits}") . "\n";
|
|
} else {
|
|
echo "\n\n" . sprintf(gettext("The IPv4 %s address has been set to %s"),
|
|
$upperifname, $intip) . "\n";
|
|
}
|
|
}
|
|
if ($intip6 != '') {
|
|
if (is_ipaddr($intip6)) {
|
|
echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),
|
|
$upperifname, "${intip6}/${intbits6}") . "\n";
|
|
} else {
|
|
echo "\n\n" . sprintf(gettext("The IPv6 %s address has been set to %s"),
|
|
$upperifname, $intip6) . "\n";
|
|
}
|
|
}
|
|
|
|
if ($intip != '' || $intip6 != '') {
|
|
if (count($ifdescrs) == "1" or $interface == "lan") {
|
|
if ($debug) {
|
|
echo "ifdescrs count is " . count($ifdescrs) . "\n";
|
|
echo "interface is {$interface} \n";
|
|
}
|
|
echo gettext('You can now access the webConfigurator by opening the following URL in your web browser:') . "\n";
|
|
if(!empty($config['system']['webgui']['port'])) {
|
|
$webuiport = $config['system']['webgui']['port'];
|
|
if ($intip != '') {
|
|
echo " {$config['system']['webgui']['protocol']}://{$intip}:{$webuiport}/\n";
|
|
}
|
|
if ($intip6 != '') {
|
|
if (is_ipaddr($intip6)) {
|
|
echo " {$config['system']['webgui']['protocol']}://[{$intip6}]:{$webuiport}/\n";
|
|
} else {
|
|
echo " {$config['system']['webgui']['protocol']}://{$intip6}:{$webuiport}/\n";
|
|
}
|
|
}
|
|
} else {
|
|
if ($intip != '') {
|
|
echo " {$config['system']['webgui']['protocol']}://{$intip}/\n";
|
|
}
|
|
if ($intip6 != '') {
|
|
if (is_ipaddr($intip6)) {
|
|
echo " {$config['system']['webgui']['protocol']}://[{$intip6}]/\n";
|
|
} else {
|
|
echo " {$config['system']['webgui']['protocol']}://{$intip6}/\n";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
echo "\n" . gettext('Press <ENTER> to continue.');
|
|
|
|
fgets($fp);
|
|
fclose($fp);
|
|
|
|
?>
|