|
|
|
@ -30,7 +30,7 @@ require_once('pkg-utils.inc'); |
|
|
|
|
//Testing function, for template creating purpose |
|
|
|
|
function pfz_test(){ |
|
|
|
|
$line = "-------------------\n"; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$ovpn_servers = pfz_openvpn_get_all_servers(); |
|
|
|
|
echo "OPENVPN Servers:\n"; |
|
|
|
|
print_r($ovpn_servers); |
|
|
|
@ -43,11 +43,11 @@ function pfz_test(){ |
|
|
|
|
|
|
|
|
|
$ifdescrs = get_configured_interface_with_descr(true); |
|
|
|
|
$ifaces=array(); |
|
|
|
|
foreach ($ifdescrs as $ifdescr => $ifname){ |
|
|
|
|
foreach ($ifdescrs as $ifdescr => $ifname){ |
|
|
|
|
$ifinfo = get_interface_info($ifdescr); |
|
|
|
|
$ifaces[$ifname] = $ifinfo; |
|
|
|
|
} |
|
|
|
|
echo "Network Interfaces:\n"; |
|
|
|
|
echo "Network Interfaces:\n"; |
|
|
|
|
print_r($ifaces); |
|
|
|
|
print_r(get_interface_arr()); |
|
|
|
|
print_r(get_configured_interface_list()); |
|
|
|
@ -57,34 +57,34 @@ function pfz_test(){ |
|
|
|
|
echo "Services: \n"; |
|
|
|
|
print_r($services); |
|
|
|
|
echo $line; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "IPsec: \n"; |
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase1')); |
|
|
|
|
init_config_arr(array('ipsec', 'phase2')); |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase1')); |
|
|
|
|
init_config_arr(array('ipsec', 'phase2')); |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
$status = ipsec_list_sa(); |
|
|
|
|
echo "IPsec Status: \n"; |
|
|
|
|
print_r($status); |
|
|
|
|
|
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
echo "IPsec Config Phase 1: \n"; |
|
|
|
|
print_r($a_phase1); |
|
|
|
|
|
|
|
|
|
echo "IPsec Config Phase 2: \n"; |
|
|
|
|
print_r($a_phase2); |
|
|
|
|
|
|
|
|
|
echo $line; |
|
|
|
|
|
|
|
|
|
//Packages |
|
|
|
|
echo "Packages: \n"; |
|
|
|
|
require_once("pkg-utils.inc"); |
|
|
|
|
$installed_packages = get_pkg_info('all', false, true); |
|
|
|
|
print_r($installed_packages); |
|
|
|
|
echo "IPsec Status: \n"; |
|
|
|
|
print_r($status); |
|
|
|
|
|
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
echo "IPsec Config Phase 1: \n"; |
|
|
|
|
print_r($a_phase1); |
|
|
|
|
|
|
|
|
|
echo "IPsec Config Phase 2: \n"; |
|
|
|
|
print_r($a_phase2); |
|
|
|
|
|
|
|
|
|
echo $line; |
|
|
|
|
|
|
|
|
|
//Packages |
|
|
|
|
echo "Packages: \n"; |
|
|
|
|
require_once("pkg-utils.inc"); |
|
|
|
|
$installed_packages = get_pkg_info('all', false, true); |
|
|
|
|
print_r($installed_packages); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -94,9 +94,9 @@ function pfz_interface_discovery() { |
|
|
|
|
$ifdescrs = get_configured_interface_with_descr(true); |
|
|
|
|
$ifaces = get_interface_arr(); |
|
|
|
|
$ifcs=array(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$json_string = '['; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
foreach ($ifdescrs as $ifname => $ifdescr){ |
|
|
|
|
$ifinfo = get_interface_info($ifname); |
|
|
|
|
$ifinfo["description"] = $ifdescr; |
|
|
|
@ -141,7 +141,7 @@ function pfz_openvpn_serverdiscovery() { |
|
|
|
|
foreach ($servers as $server){ |
|
|
|
|
$name = trim(preg_replace('/\w{3}(\d)?\:\d{4,5}/i', '', $server['name'])); |
|
|
|
|
$json_string .= '{"{#SERVER}":"' . $server['vpnid'] . '"'; |
|
|
|
|
$json_string .= ',"{#NAME}":"' . $name . '"'; |
|
|
|
|
$json_string .= ',"{#NAME}":"' . $name . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -154,14 +154,14 @@ function pfz_openvpn_serverdiscovery() { |
|
|
|
|
|
|
|
|
|
// Get OpenVPN Server Value |
|
|
|
|
function pfz_openvpn_servervalue($server_id,$valuekey){ |
|
|
|
|
$servers = pfz_openvpn_get_all_servers(); |
|
|
|
|
|
|
|
|
|
$servers = pfz_openvpn_get_all_servers(); |
|
|
|
|
|
|
|
|
|
foreach($servers as $server) { |
|
|
|
|
if($server['vpnid']==$server_id){ |
|
|
|
|
$value = $server[$valuekey]; |
|
|
|
|
if ($valuekey=="status") { |
|
|
|
|
if ( ($server['mode']=="server_user") || ($server['mode']=="server_tls_user") || ($server['mode']=="server_tls") ){ |
|
|
|
|
if ($value=="") $value="server_user_listening"; |
|
|
|
|
if ($value=="") $value="server_user_listening"; |
|
|
|
|
} else if ($server['mode']=="p2p_tls"){ |
|
|
|
|
// For p2p_tls, ensure we have one client, and return up if it's the case |
|
|
|
|
if ($value=="") |
|
|
|
@ -170,19 +170,19 @@ function pfz_openvpn_servervalue($server_id,$valuekey){ |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
switch ($valuekey){ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
switch ($valuekey){ |
|
|
|
|
|
|
|
|
|
case "conns": |
|
|
|
|
//Client Connections: is an array so it is sufficient to count elements |
|
|
|
|
//Client Connections: is an array so it is sufficient to count elements |
|
|
|
|
if (is_array($value)) |
|
|
|
|
$value = count($value); |
|
|
|
|
else |
|
|
|
|
$value = "0"; |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
case "status": |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$value = pfz_valuemap("openvpn.server.status", $value); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
@ -190,7 +190,7 @@ function pfz_openvpn_servervalue($server_id,$valuekey){ |
|
|
|
|
$value = pfz_valuemap("openvpn.server.mode", $value); |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//if ($value=="") $value="none"; |
|
|
|
|
echo $value; |
|
|
|
|
} |
|
|
|
@ -203,14 +203,14 @@ function pfz_openvpn_server_userdiscovery(){ |
|
|
|
|
|
|
|
|
|
foreach ($servers as $server){ |
|
|
|
|
if ( ($server['mode']=='server_user') || ($server['mode']=='server_tls_user') ) { |
|
|
|
|
if (is_array($server['conns'])) { |
|
|
|
|
if (is_array($server['conns'])) { |
|
|
|
|
$name = trim(preg_replace('/\w{3}(\d)?\:\d{4,5}/i', '', $server['name'])); |
|
|
|
|
|
|
|
|
|
foreach($server['conns'] as $conn) { |
|
|
|
|
|
|
|
|
|
foreach($server['conns'] as $conn) { |
|
|
|
|
$json_string .= '{"{#SERVERID}":"' . $server['vpnid'] . '"'; |
|
|
|
|
$json_string .= ',"{#SERVERNAME}":"' . $name . '"'; |
|
|
|
|
$json_string .= ',"{#UNIQUEID}":"' . $server['vpnid'] . '+' . $conn['common_name'] . '"'; |
|
|
|
|
$json_string .= ',"{#USERID}":"' . $conn['common_name'] . '"'; |
|
|
|
|
$json_string .= ',"{#UNIQUEID}":"' . $server['vpnid'] . '+' . $conn['common_name'] . '"'; |
|
|
|
|
$json_string .= ',"{#USERID}":"' . $conn['common_name'] . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
@ -229,15 +229,15 @@ function pfz_openvpn_server_uservalue($unique_id, $valuekey, $default=""){ |
|
|
|
|
$atpos=strpos($unique_id,'+'); |
|
|
|
|
$server_id = substr($unique_id,0,$atpos); |
|
|
|
|
$user_id = substr($unique_id,$atpos+1); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$servers = pfz_openvpn_get_all_servers(); |
|
|
|
|
foreach($servers as $server) { |
|
|
|
|
if($server['vpnid']==$server_id) { |
|
|
|
|
foreach($server['conns'] as $conn) { |
|
|
|
|
foreach($server['conns'] as $conn) { |
|
|
|
|
if ($conn['common_name']==$user_id){ |
|
|
|
|
$value = $conn[$valuekey]; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
if ($value=="") $value = $default; |
|
|
|
@ -264,14 +264,14 @@ function pfz_openvpn_clientdiscovery() { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function pfz_openvpn_clientvalue($client_id, $valuekey, $default="none"){ |
|
|
|
|
$clients = openvpn_get_active_clients(); |
|
|
|
|
$clients = openvpn_get_active_clients(); |
|
|
|
|
foreach($clients as $client) { |
|
|
|
|
if($client['vpnid']==$client_id) |
|
|
|
|
$value = $client[$valuekey]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
switch ($valuekey){ |
|
|
|
|
|
|
|
|
|
switch ($valuekey){ |
|
|
|
|
|
|
|
|
|
case "status": |
|
|
|
|
$value = pfz_valuemap("openvpn.client.status", $value); |
|
|
|
|
break; |
|
|
|
@ -292,24 +292,24 @@ function pfz_services_discovery(){ |
|
|
|
|
|
|
|
|
|
foreach ($services as $service){ |
|
|
|
|
if (!empty($service['name'])) { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$status = get_service_status($service); |
|
|
|
|
if ($status="") $status = 0; |
|
|
|
|
|
|
|
|
|
$id=""; |
|
|
|
|
//id for OpenVPN |
|
|
|
|
$id=""; |
|
|
|
|
//id for OpenVPN |
|
|
|
|
if (!empty($service['id'])) $id = "." . $service["id"]; |
|
|
|
|
//zone for Captive Portal |
|
|
|
|
if (!empty($service['zone'])) $id = "." . $service["zone"]; |
|
|
|
|
|
|
|
|
|
$json_string .= '{"{#SERVICE}":"' . str_replace(" ", "__", $service['name']) . $id . '"'; |
|
|
|
|
|
|
|
|
|
$json_string .= '{"{#SERVICE}":"' . str_replace(" ", "__", $service['name']) . $id . '"'; |
|
|
|
|
$json_string .= ',"{#DESCRIPTION}":"' . $service['description'] . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
$json_string = rtrim($json_string,","); |
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo $json_string; |
|
|
|
|
|
|
|
|
|
} |
|
|
|
@ -318,38 +318,38 @@ function pfz_services_discovery(){ |
|
|
|
|
// 2020-03-27: Added space replace in service name for issue #12 |
|
|
|
|
// 2020-09-28: Corrected Space Replace |
|
|
|
|
function pfz_service_value($name,$value){ |
|
|
|
|
$services = get_services(); |
|
|
|
|
$services = get_services(); |
|
|
|
|
$name = str_replace("__"," ",$name); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//List of service which are stopped on CARP Slave. |
|
|
|
|
//For now this is the best way i found for filtering out the triggers |
|
|
|
|
//Waiting for a way in Zabbix to use Global Regexp in triggers with items discovery |
|
|
|
|
$stopped_on_carp_slave = array("haproxy","openvpn.","openvpn"); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
foreach ($services as $service){ |
|
|
|
|
$namecfr = $service["name"]; |
|
|
|
|
$carpcfr = $service["name"]; |
|
|
|
|
$carpcfr = $service["name"]; |
|
|
|
|
|
|
|
|
|
//OpenVPN |
|
|
|
|
if (!empty($service['id'])) { |
|
|
|
|
//OpenVPN |
|
|
|
|
if (!empty($service['id'])) { |
|
|
|
|
$namecfr = $service['name'] . "." . $service["id"]; |
|
|
|
|
$carpcfr = $service['name'] . "."; |
|
|
|
|
$carpcfr = $service['name'] . "."; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
//Captive Portal |
|
|
|
|
if (!empty($service['zone'])) { |
|
|
|
|
if (!empty($service['zone'])) { |
|
|
|
|
$namecfr = $service['name'] . "." . $service["zone"]; |
|
|
|
|
$carpcfr = $service['name'] . "."; |
|
|
|
|
} |
|
|
|
|
$carpcfr = $service['name'] . "."; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if ($namecfr == $name){ |
|
|
|
|
switch ($value) { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "status": |
|
|
|
|
$status = get_service_status($service); |
|
|
|
|
if ($status=="") $status = 0; |
|
|
|
|
echo $status; |
|
|
|
|
break; |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
case "name": |
|
|
|
|
echo $namecfr; |
|
|
|
@ -368,11 +368,11 @@ function pfz_service_value($name,$value){ |
|
|
|
|
else |
|
|
|
|
echo 1; |
|
|
|
|
break; |
|
|
|
|
default: |
|
|
|
|
default: |
|
|
|
|
echo $service[$value]; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -393,13 +393,13 @@ function pfz_gw_discovery() { |
|
|
|
|
$gws = return_gateways_status(true); |
|
|
|
|
|
|
|
|
|
$json_string = '['; |
|
|
|
|
foreach ($gws as $gw){ |
|
|
|
|
$json_string .= '{"{#GATEWAY}":"' . $gw['name'] . '"'; |
|
|
|
|
foreach ($gws as $gw){ |
|
|
|
|
$json_string .= '{"{#GATEWAY}":"' . $gw['name'] . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
$json_string = rtrim($json_string,","); |
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo $json_string; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -409,52 +409,52 @@ function pfz_gw_value($gw, $valuekey) { |
|
|
|
|
if(array_key_exists($gw,$gws)) { |
|
|
|
|
$value = $gws[$gw][$valuekey]; |
|
|
|
|
if ($valuekey=="status") |
|
|
|
|
$value = pfz_valuemap("gateway.status", $value); |
|
|
|
|
echo $value; |
|
|
|
|
$value = pfz_valuemap("gateway.status", $value); |
|
|
|
|
echo $value; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// IPSEC Discovery |
|
|
|
|
function pfz_ipsec_discovery_ph1(){ |
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase1')); |
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$json_string = '['; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
foreach ($a_phase1 as $data) { |
|
|
|
|
$json_string .= '{"{#IKEID}":"' . $data['ikeid'] . '"'; |
|
|
|
|
$json_string .= ',"{#NAME}":"' . $data['descr'] . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$json_string = rtrim($json_string,","); |
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
echo $json_string; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function pfz_ipsec_ph1($ikeid,$valuekey){ |
|
|
|
|
function pfz_ipsec_ph1($ikeid,$valuekey){ |
|
|
|
|
// Get Value from IPsec Phase 1 Configuration |
|
|
|
|
// If Getting "disabled" value only check item presence in config array |
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase1')); |
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
|
|
|
|
|
$value = ""; |
|
|
|
|
$value = ""; |
|
|
|
|
switch ($valuekey) { |
|
|
|
|
case 'status': |
|
|
|
|
$value = pfz_ipsec_status($ikeid); |
|
|
|
|
break; |
|
|
|
|
case 'disabled': |
|
|
|
|
$value = "0"; |
|
|
|
|
$value = "0"; |
|
|
|
|
default: |
|
|
|
|
foreach ($a_phase1 as $data) { |
|
|
|
|
if ($data['ikeid'] == $ikeid) { |
|
|
|
@ -466,21 +466,21 @@ function pfz_ipsec_ph1($ikeid,$valuekey){ |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
echo $value; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function pfz_ipsec_discovery_ph2(){ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase2')); |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$json_string = '['; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
foreach ($a_phase2 as $data) { |
|
|
|
|
$json_string .= '{"{#IKEID}":"' . $data['ikeid'] . '"'; |
|
|
|
|
$json_string .= ',"{#NAME}":"' . $data['descr'] . '"'; |
|
|
|
@ -488,23 +488,23 @@ function pfz_ipsec_discovery_ph2(){ |
|
|
|
|
$json_string .= ',"{#REQID}":"' . $data['reqid'] . '"'; |
|
|
|
|
$json_string .= ',"{#EXTID}":"' . $data['ikeid'] . '.' . $data['reqid'] . '"'; |
|
|
|
|
$json_string .= '},'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$json_string = rtrim($json_string,","); |
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
echo $json_string; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function pfz_ipsec_ph2($uniqid, $valuekey){ |
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase2')); |
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
$a_phase2 = &$config['ipsec']['phase2']; |
|
|
|
|
|
|
|
|
|
$valuecfr = explode(".",$valuekey); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
switch ($valuecfr[0]) { |
|
|
|
|
case 'status': |
|
|
|
|
$idarr = explode(".", $uniqid); |
|
|
|
@ -514,8 +514,8 @@ function pfz_ipsec_ph2($uniqid, $valuekey){ |
|
|
|
|
break; |
|
|
|
|
case 'disabled': |
|
|
|
|
$value = "0"; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
foreach ($a_phase2 as $data) { |
|
|
|
|
if ($data['uniqid'] == $uniqid) { |
|
|
|
|
if(array_key_exists($valuekey,$data)) { |
|
|
|
@ -531,20 +531,20 @@ function pfz_ipsec_ph2($uniqid, $valuekey){ |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
require_once("ipsec.inc"); |
|
|
|
|
global $config; |
|
|
|
|
init_config_arr(array('ipsec', 'phase1')); |
|
|
|
|
$a_phase1 = &$config['ipsec']['phase1']; |
|
|
|
|
$status = ipsec_list_sa(); |
|
|
|
|
$ipsecconnected = array(); |
|
|
|
|
|
|
|
|
|
$ipsecconnected = array(); |
|
|
|
|
|
|
|
|
|
$carp_status = pfz_carp_status(false); |
|
|
|
|
|
|
|
|
|
//Phase-Status match borrowed from status_ipsec.php |
|
|
|
|
if (is_array($status)) { |
|
|
|
|
foreach ($status as $l_ikeid=>$ikesa) { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//Phase-Status match borrowed from status_ipsec.php |
|
|
|
|
if (is_array($status)) { |
|
|
|
|
foreach ($status as $l_ikeid=>$ikesa) { |
|
|
|
|
|
|
|
|
|
if(isset($ikesa['con-id'])){ |
|
|
|
|
$con_id = substr($ikesa['con-id'], 3); |
|
|
|
|
}else{ |
|
|
|
@ -574,20 +574,20 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){ |
|
|
|
|
$tmp_value = $childsas[$valuekey]; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
$tmp_value = $ikesa[$valuekey]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
switch($valuekey) { |
|
|
|
|
case 'state': |
|
|
|
|
$value = pfz_valuemap('ipsec.state', strtolower($tmp_value)); |
|
|
|
|
$value = $value + (10 * ($carp_status-1)); |
|
|
|
|
$value = $value + (10 * ($carp_status-1)); |
|
|
|
|
break; |
|
|
|
|
default: |
|
|
|
|
$value = $tmp_value; |
|
|
|
@ -606,18 +606,18 @@ function pfz_carp_status($echo = true){ |
|
|
|
|
$status = get_carp_status(); |
|
|
|
|
$carp_detected_problems = get_single_sysctl("net.inet.carp.demotion"); |
|
|
|
|
|
|
|
|
|
//CARP is disabled |
|
|
|
|
$ret = 0; |
|
|
|
|
|
|
|
|
|
//CARP is disabled |
|
|
|
|
$ret = 0; |
|
|
|
|
|
|
|
|
|
if ($status != 0) { //CARP is enabled |
|
|
|
|
|
|
|
|
|
if ($carp_detected_problems != 0) { |
|
|
|
|
//There's some Major Problems with CARP |
|
|
|
|
if ($carp_detected_problems != 0) { |
|
|
|
|
//There's some Major Problems with CARP |
|
|
|
|
$ret = 4; |
|
|
|
|
if ($echo == true) echo $ret; |
|
|
|
|
if ($echo == true) echo $ret; |
|
|
|
|
return $ret; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$status_changed = false; |
|
|
|
|
$prev_status = ""; |
|
|
|
|
foreach ($config['virtualip']['vip'] as $carp) { |
|
|
|
@ -630,40 +630,40 @@ function pfz_carp_status($echo = true){ |
|
|
|
|
if ($prev_status!="") $status_changed = true; |
|
|
|
|
$prev_status = $if_status; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
if ($status_changed) { |
|
|
|
|
//CARP Status is inconsistent across interfaces |
|
|
|
|
$ret=3; |
|
|
|
|
echo 3; |
|
|
|
|
echo 3; |
|
|
|
|
} else { |
|
|
|
|
if ($prev_status=="MASTER") |
|
|
|
|
$ret = 1; |
|
|
|
|
$ret = 1; |
|
|
|
|
else |
|
|
|
|
$ret = 2; |
|
|
|
|
} |
|
|
|
|
$ret = 2; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if ($echo == true) echo $ret; |
|
|
|
|
|
|
|
|
|
if ($echo == true) echo $ret; |
|
|
|
|
return $ret; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
function pfz_dhcpfailover_discovery(){ |
|
|
|
|
//System functions regarding DHCP Leases will be available in the upcoming release of pfSense, so let's wait |
|
|
|
|
require_once("system.inc"); |
|
|
|
|
$leases = system_get_dhcpleases(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$json_string = '['; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (count($leases['failover']) > 0){ |
|
|
|
|
foreach ($leases['failover'] as $data){ |
|
|
|
|
$json_string .= '{"{#FAILOVER_GROUP}":"' . str_replace(" ", "__", $data['name']) . '"'; |
|
|
|
|
$json_string .= '{"{#FAILOVER_GROUP}":"' . str_replace(" ", "__", $data['name']) . '"'; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$json_string = rtrim($json_string,","); |
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
$json_string .= "]"; |
|
|
|
|
|
|
|
|
|
echo $json_string; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -671,7 +671,7 @@ function pfz_dhcpfailover_discovery(){ |
|
|
|
|
function pfz_packages_uptodate(){ |
|
|
|
|
require_once("pkg-utils.inc"); |
|
|
|
|
$installed_packages = get_pkg_info('all', false, true); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$ret = 0; |
|
|
|
|
|
|
|
|
|
foreach ($installed_packages as $package){ |
|
|
|
@ -679,7 +679,7 @@ function pfz_packages_uptodate(){ |
|
|
|
|
$ret ++; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return $ret; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -701,7 +701,7 @@ function pfz_get_system_value($section){ |
|
|
|
|
break; |
|
|
|
|
case "packages_update": |
|
|
|
|
echo pfz_packages_uptodate(); |
|
|
|
|
break; |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
@ -711,24 +711,24 @@ function pfz_get_system_value($section){ |
|
|
|
|
// Each value map is represented by an associative array |
|
|
|
|
function pfz_valuemap($valuename, $value, $default="0"){ |
|
|
|
|
|
|
|
|
|
switch ($valuename){ |
|
|
|
|
switch ($valuename){ |
|
|
|
|
|
|
|
|
|
case "openvpn.server.status": |
|
|
|
|
case "openvpn.server.status": |
|
|
|
|
$valuemap = array( |
|
|
|
|
"down" => "0", |
|
|
|
|
"up" => "1", |
|
|
|
|
"none" => "2", |
|
|
|
|
"reconnecting; ping-restart" => "3", |
|
|
|
|
"waiting" => "4", |
|
|
|
|
"server_user_listening" => "5"); |
|
|
|
|
"server_user_listening" => "5"); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
case "openvpn.client.status": |
|
|
|
|
|
|
|
|
|
case "openvpn.client.status": |
|
|
|
|
$valuemap = array( |
|
|
|
|
"up" => "1", |
|
|
|
|
"down" => "0", |
|
|
|
|
"none" => "0", |
|
|
|
|
"reconnecting; ping-restart" => "2"); |
|
|
|
|
"reconnecting; ping-restart" => "2"); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
case "openvpn.server.mode": |
|
|
|
@ -737,9 +737,9 @@ function pfz_valuemap($valuename, $value, $default="0"){ |
|
|
|
|
"p2p_shared_key" => "2", |
|
|
|
|
"server_tls" => "3", |
|
|
|
|
"server_user" => "4", |
|
|
|
|
"server_tls_user" => "5"); |
|
|
|
|
"server_tls_user" => "5"); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "gateway.status": |
|
|
|
|
$valuemap = array( |
|
|
|
|
"none" => "0", |
|
|
|
@ -747,36 +747,36 @@ function pfz_valuemap($valuename, $value, $default="0"){ |
|
|
|
|
"highdelay" => "2", |
|
|
|
|
"highloss" => "3", |
|
|
|
|
"force_down" => "4", |
|
|
|
|
"down" => "5"); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
"down" => "5"); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
case "ipsec.iketype": |
|
|
|
|
$valuemap = array ( |
|
|
|
|
"auto" => 0, |
|
|
|
|
"ikev1" => 1, |
|
|
|
|
"ikev2" => 2); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "ipsec.mode": |
|
|
|
|
$valuemap = array ( |
|
|
|
|
"main" => 0, |
|
|
|
|
"aggressive" => 1); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "ipsec.protocol": |
|
|
|
|
$valuemap = array ( |
|
|
|
|
"both" => 0, |
|
|
|
|
"inet" => 1, |
|
|
|
|
"inet6" => 2); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "ipsec_ph2.mode": |
|
|
|
|
$valuemap = array ( |
|
|
|
|
"transport" => 0, |
|
|
|
|
"tunnel" => 1, |
|
|
|
|
"tunnel6" => 2); |
|
|
|
|
break; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
case "ipsec_ph2.protocol": |
|
|
|
|
$valuemap = array ( |
|
|
|
|
"esp" => 1, |
|
|
|
@ -801,7 +801,7 @@ function pfz_valuemap($valuename, $value, $default="0"){ |
|
|
|
|
|
|
|
|
|
//Argument parsers for Discovery |
|
|
|
|
function pfz_discovery($section){ |
|
|
|
|
switch (strtolower($section)){ |
|
|
|
|
switch (strtolower($section)){ |
|
|
|
|
case "gw": |
|
|
|
|
pfz_gw_discovery(); |
|
|
|
|
break; |
|
|
|
@ -829,17 +829,17 @@ function pfz_discovery($section){ |
|
|
|
|
case "dhcpfailover": |
|
|
|
|
pfz_dhcpfailover_discovery(); |
|
|
|
|
break; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
//Main Code |
|
|
|
|
switch (strtolower($argv[1])){ |
|
|
|
|
switch (strtolower($argv[1])){ |
|
|
|
|
case "discovery": |
|
|
|
|
pfz_discovery($argv[2]); |
|
|
|
|
break; |
|
|
|
|
case "gw_value": |
|
|
|
|
pfz_gw_value($argv[2],$argv[3]); |
|
|
|
|
break; |
|
|
|
|
break; |
|
|
|
|
case "gw_status": |
|
|
|
|
pfz_gw_rawstatus(); |
|
|
|
|
break; |
|
|
|
|