diff --git a/src/etc/inc/IPv6.inc b/src/etc/inc/IPv6.inc index 251f3b315..e7b3a2838 100644 --- a/src/etc/inc/IPv6.inc +++ b/src/etc/inc/IPv6.inc @@ -258,7 +258,7 @@ class Net_IPv6 */ public static function getNetmask($ip, $bits = null) { - if (null==$bits) { + if (null == $bits) { $elements = explode('/', $ip); if (2 == count($elements)) { $addr = $elements[0]; @@ -271,7 +271,7 @@ class Net_IPv6 } $addr = Net_IPv6::uncompress($addr); - $binNetmask = str_repeat('1', $bits).str_repeat('0', 128 - $bits); + $binNetmask = str_repeat('1', $bits) . str_repeat('0', 128 - $bits); return Net_IPv6::_bin2Ip(Net_IPv6::_ip2Bin($addr) & $binNetmask); } @@ -318,9 +318,11 @@ class Net_IPv6 $binIp = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($ip)); $binNetmask = Net_IPv6::_ip2Bin(Net_IPv6::removeNetmaskSpec($netmask)); - if (null != $bits + if ( + null != $bits && "" != $bits - && 0 == strncmp($binNetmask, $binIp, $bits)) { + && 0 == strncmp($binNetmask, $binIp, $bits) + ) { return true; } @@ -367,9 +369,9 @@ class Net_IPv6 if (0 == strncmp(str_repeat('0', 128), $binip, 128)) { // ::/128 return NET_IPV6_UNSPECIFIED; - } elseif (0 == strncmp(str_repeat('0', 127).'1', $binip, 128)) { // ::/128 + } elseif (0 == strncmp(str_repeat('0', 127) . '1', $binip, 128)) { // ::/128 return NET_IPV6_LOOPBACK; - } elseif (0 == strncmp(str_repeat('0', 80).str_repeat('1', 16), $binip, 96)) { // ::ffff/96 + } elseif (0 == strncmp(str_repeat('0', 80) . str_repeat('1', 16), $binip, 96)) { // ::ffff/96 return NET_IPV6_IPV4MAPPING; } elseif (0 == strncmp('1111111010', $binip, 10)) { return NET_IPV6_LOCAL_LINK; @@ -381,14 +383,17 @@ class Net_IPv6 return NET_IPV6_MULTICAST; } elseif (0 == strncmp('00000000', $binip, 8)) { return NET_IPV6_RESERVED; - } elseif (0 == strncmp('00000001', $binip, 8) - || 0 == strncmp('1111110', $binip, 7)) { + } elseif ( + 0 == strncmp('00000001', $binip, 8) + || 0 == strncmp('1111110', $binip, 7) + ) { return NET_IPV6_UNASSIGNED; } elseif (0 == strncmp('0000001', $binip, 7)) { return NET_IPV6_RESERVED_NSAP; } elseif (0 == strncmp('0000010', $binip, 7)) { return NET_IPV6_RESERVED_IPX; - } elseif (0 == strncmp('0000011', $binip, 7) || + } elseif ( + 0 == strncmp('0000011', $binip, 7) || 0 == strncmp('111110', $binip, 6) || 0 == strncmp('11110', $binip, 5) || 0 == strncmp('00001', $binip, 5) || @@ -397,7 +402,8 @@ class Net_IPv6 0 == strncmp('001', $binip, 3) || 0 == strncmp('011', $binip, 3) || 0 == strncmp('101', $binip, 3) || - 0 == strncmp('110', $binip, 3)) { + 0 == strncmp('110', $binip, 3) + ) { return NET_IPV6_UNASSIGNED; } elseif (0 == strncmp('010', $binip, 3)) { return NET_IPV6_UNICAST_PROVIDER; @@ -446,7 +452,7 @@ class Net_IPv6 $prefix = ''; } else { $ip = Net_IPv6::removePrefixLength($ip); - $prefix = '/'.$prefix; + $prefix = '/' . $prefix; } $netmask = Net_IPv6::getNetmaskSpec($ip); @@ -482,13 +488,13 @@ class Net_IPv6 if (-1 == $c1 && -1 == $c2) { // :: $uip = "0:0:0:0:0:0:0:0"; } elseif (-1 == $c1) { // ::xxx - $fill = str_repeat('0:', 7-$c2); + $fill = str_repeat('0:', 7 - $c2); $uip = str_replace('::', $fill, $uip); } elseif (-1 == $c2) { // xxx:: - $fill = str_repeat(':0', 7-$c1); + $fill = str_repeat(':0', 7 - $c1); $uip = str_replace('::', $fill, $uip); } else { // xxx::xxx - $fill = str_repeat(':0:', max(1, 6-$c2-$c1)); + $fill = str_repeat(':0:', max(1, 6 - $c2 - $c1)); $uip = str_replace('::', $fill, $uip); $uip = str_replace('::', ':', $uip); } @@ -504,10 +510,10 @@ class Net_IPv6 } if ('' != $netmask) { - $uip = $uip.'/'.$netmask; + $uip = $uip . '/' . $netmask; } - return $uip.$prefix; + return $uip . $prefix; } // }}} @@ -558,7 +564,7 @@ class Net_IPv6 $prefix = ''; } else { $ip = Net_IPv6::removePrefixLength($ip); - $prefix = '/'.$prefix; + $prefix = '/' . $prefix; } $netmask = Net_IPv6::getNetmaskSpec($ip); @@ -588,10 +594,10 @@ class Net_IPv6 $cip = preg_replace('/((^:)|(:$))/', '::', $cip); if ('' != $netmask) { - $cip = $cip.'/'.$netmask; + $cip = $cip . '/' . $netmask; } - return $cip.$prefix; + return $cip . $prefix; } // }}} @@ -614,8 +620,10 @@ class Net_IPv6 // RFC5952 4.2.2 // The symbol "::" MUST NOT be used to shorten just one // 16-bit 0 field. - if ((substr_count($compressed, ':') == 7) && - (strpos($compressed, '::') !== false)) { + if ( + (substr_count($compressed, ':') == 7) && + (strpos($compressed, '::') !== false) + ) { $compressed = str_replace('::', ':0:', $compressed); } return $compressed; @@ -721,8 +729,10 @@ class Net_IPv6 $dec = hexdec($ipv6[$i]); $hex = strtoupper(preg_replace("/^[0]{1,3}(.*[0-9a-fA-F])$/", "\\1", $ipv6[$i])); - if ($ipv6[$i] >= 0 && $dec <= 65535 - && $hex == strtoupper(dechex($dec))) { + if ( + $ipv6[$i] >= 0 && $dec <= 65535 + && $hex == strtoupper(dechex($dec)) + ) { $count++; } } @@ -733,8 +743,10 @@ class Net_IPv6 $ipv4 = explode('.', $ipPart[1]); $count = 0; for ($i = 0; $i < count($ipv4); $i++) { - if ($ipv4[$i] >= 0 && (integer)$ipv4[$i] <= 255 - && preg_match("/^\d{1,3}$/", $ipv4[$i])) { + if ( + $ipv4[$i] >= 0 && (int)$ipv4[$i] <= 255 + && preg_match("/^\d{1,3}$/", $ipv4[$i]) + ) { $count++; } } @@ -790,7 +802,7 @@ class Net_IPv6 $bitmask = $bits; } - $binNetmask = str_repeat('1', $bitmask). + $binNetmask = str_repeat('1', $bitmask) . str_repeat('0', 128 - $bitmask); $maxNetmask = str_repeat('1', 128); @@ -856,7 +868,7 @@ class Net_IPv6 foreach ($parts as $v) { $str = base_convert($v, 2, 16); - $ip .= $str.":"; + $ip .= $str . ":"; } $ip = substr($ip, 0, -1); return $ip; diff --git a/src/etc/inc/XMLRPC_Client.inc b/src/etc/inc/XMLRPC_Client.inc index 9c03f2abb..be44ada81 100644 --- a/src/etc/inc/XMLRPC_Client.inc +++ b/src/etc/inc/XMLRPC_Client.inc @@ -1,31 +1,29 @@ getXml(); // setup http headers - $headers = 'Host: '. $this->server . "\r\n"; + $headers = 'Host: ' . $this->server . "\r\n"; $headers .= "User-Agent: XML_RPC\r\n"; $headers .= "Content-Type: text/xml\r\n"; $headers .= 'Content-Length: ' . $request->getLength() . "\r\n"; @@ -124,9 +122,9 @@ class SimpleXMLRPC_Client $headers .= $this->authHeader; } - $this->request_send = $headers.$request_xml; + $this->request_send = $headers . $request_xml; if ($this->debug) { - echo ">>> send : \n".$this->request_send."\n"; + echo ">>> send : \n" . $this->request_send . "\n"; } // setup a stream context @@ -136,9 +134,9 @@ class SimpleXMLRPC_Client 'content' => $request_xml, 'timeout' => $this->timeout ), - "ssl"=>array( - "verify_peer"=>false, - "verify_peer_name"=>false, + "ssl" => array( + "verify_peer" => false, + "verify_peer_name" => false, ) )); @@ -149,7 +147,7 @@ class SimpleXMLRPC_Client } if ($this->debug) { - echo ">>> received : \n".$this->response_received."\n"; + echo ">>> received : \n" . $this->response_received . "\n"; } $this->message = new IXR_Message($this->response_received); @@ -185,9 +183,9 @@ class SimpleXMLRPC_Client public function getDetails() { $result = "send >>> \n" . $this->request_send; - $result .= "received >>> \n".$this->response_received; + $result .= "received >>> \n" . $this->response_received; if ($this->error != null) { - $result .= "error >>> \n".$this->error; + $result .= "error >>> \n" . $this->error; } return $result; diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index b6ad93ea3..a77824dff 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -57,12 +57,16 @@ if (function_exists("display_error_form") && !isset($config['system']['webgui'][ $http_host = explode(":", $_SERVER['HTTP_HOST']); $http_host = $http_host[0]; } - if (is_ipaddr($http_host) || $_SERVER['SERVER_ADDR'] == "127.0.0.1" || - strcasecmp($http_host, "localhost") == 0 or $_SERVER['SERVER_ADDR'] == "::1") { + if ( + is_ipaddr($http_host) || $_SERVER['SERVER_ADDR'] == "127.0.0.1" || + strcasecmp($http_host, "localhost") == 0 or $_SERVER['SERVER_ADDR'] == "::1" + ) { $found_host = true; } - if (strcasecmp($http_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0 || - strcasecmp($http_host, $config['system']['hostname']) == 0) { + if ( + strcasecmp($http_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0 || + strcasecmp($http_host, $config['system']['hostname']) == 0 + ) { $found_host = true; } @@ -119,8 +123,10 @@ if (function_exists("display_error_form") && !isset($config['system']['webgui'][ $referrer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST); $referrer_host = str_replace(array("[", "]"), "", $referrer_host); if ($referrer_host) { - if (strcasecmp($referrer_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0 || - strcasecmp($referrer_host, $config['system']['hostname']) == 0) { + if ( + strcasecmp($referrer_host, $config['system']['hostname'] . "." . $config['system']['domain']) == 0 || + strcasecmp($referrer_host, $config['system']['hostname']) == 0 + ) { $found_host = true; } @@ -380,8 +386,10 @@ function auth_get_shells($uid = 0) $etc_shells = explode("\n", $etc_shells); foreach ($etc_shells as $shell) { $shell = trim($shell); - if (!empty($shell) && strpos($shell, '#') !== 0 && - strpos($shell, '/usr/local/sbin/opnsense-') !== 0) { + if ( + !empty($shell) && strpos($shell, '#') !== 0 && + strpos($shell, '/usr/local/sbin/opnsense-') !== 0 + ) { $shells[$shell] = $shell; } } @@ -521,9 +529,9 @@ function local_user_set(&$user, $force_password = false) $comment = str_replace(array(':', '!', '@'), ' ', $user['descr']); /* add or mod pw db */ - $cmd = "/usr/sbin/pw {$user_op} -q -u {$user_uid} -n {$user_name}". - " -g {$user_group} -s {$user_shell} -d {$user_home}". - " -c ".escapeshellarg($comment)." -H 0 2>&1"; + $cmd = "/usr/sbin/pw {$user_op} -q -u {$user_uid} -n {$user_name}" . + " -g {$user_group} -s {$user_shell} -d {$user_home}" . + " -c " . escapeshellarg($comment) . " -H 0 2>&1"; $fd = popen($cmd, 'w'); fwrite($fd, $user_pass); pclose($fd); @@ -773,7 +781,7 @@ function get_authenticator($authcfg = null) } } - $authFactory = new OPNsense\Auth\AuthenticationFactory; + $authFactory = new OPNsense\Auth\AuthenticationFactory(); return $authFactory->get($authName); } @@ -783,7 +791,7 @@ function authenticate_user($username, $password, $authcfg = null) if ($authenticator != null) { return $authenticator->authenticate($username, $password); } else { - log_error('Unable to retrieve authenticator for '. $username); + log_error('Unable to retrieve authenticator for ' . $username); return false; } } diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc index 7c2a67ab9..174346899 100644 --- a/src/etc/inc/certs.inc +++ b/src/etc/inc/certs.inc @@ -1,31 +1,31 @@ - Copyright (C) 2010 Jim Pingle - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ + * Copyright (C) 2008 Shrew Soft Inc. + * Copyright (C) 2010 Jim Pingle + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ $openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512"); @@ -191,8 +191,7 @@ function ca_create(&$ca, $keylen_curve, $lifetime, $dn, $digest_alg) return true; } - -function cert_import(& $cert, $crt_str, $key_str) +function cert_import(&$cert, $crt_str, $key_str) { $cert['crt'] = base64_encode($crt_str); $cert['prv'] = base64_encode($key_str); @@ -269,8 +268,10 @@ function cert_create(&$cert, $caref, $keylen_curve, $lifetime, $dn, $digest_alg, } // export our certificate data - if (!openssl_pkey_export($res_key, $str_key) || - !openssl_x509_export($res_crt, $str_crt)) { + if ( + !openssl_pkey_export($res_key, $str_key) || + !openssl_x509_export($res_crt, $str_crt) + ) { return false; } @@ -465,13 +466,15 @@ function cert_get_purpose($str_crt, $decode = true) $crt_details = openssl_x509_parse($str_crt); $purpose = array(); - $purpose['ca'] = (stristr($crt_details['extensions']['basicConstraints'], 'CA:TRUE') === false) ? 'No': 'Yes'; - if (isset($crt_details['extensions']['extendedKeyUsage']) && + $purpose['ca'] = (stristr($crt_details['extensions']['basicConstraints'], 'CA:TRUE') === false) ? 'No' : 'Yes'; + if ( + isset($crt_details['extensions']['extendedKeyUsage']) && strstr($crt_details['extensions']['extendedKeyUsage'], 'TLS Web Server Authentication') !== false && isset($crt_details['extensions']['keyUsage']) && strpos($crt_details['extensions']['keyUsage'], 'Digital Signature') !== false && (strpos($crt_details['extensions']['keyUsage'], 'Key Encipherment') !== false || - strpos($crt_details['extensions']['keyUsage'], 'Key Agreement') !== false)) { + strpos($crt_details['extensions']['keyUsage'], 'Key Agreement') !== false) + ) { $purpose['server'] = 'Yes'; } else { $purpose['server'] = 'No'; @@ -594,7 +597,7 @@ function cert_in_use($certref) is_ipsec_cert($certref)); } -function crl_update(& $crl) +function crl_update(&$crl) { $ca =& lookup_ca($crl['caref']); if (!$ca) { @@ -618,7 +621,7 @@ function crl_update(& $crl) return $crl_res; } -function cert_revoke($cert, & $crl, $reason = OCSP_REVOKED_STATUS_UNSPECIFIED) +function cert_revoke($cert, &$crl, $reason = OCSP_REVOKED_STATUS_UNSPECIFIED) { if (is_cert_revoked($cert, $crl['refid'])) { return true; @@ -644,10 +647,12 @@ function cert_compare($cert1, $cert2) being identical. */ $c1 = base64_decode($cert1['crt']); $c2 = base64_decode($cert2['crt']); - if ((cert_get_issuer($c1, false) == cert_get_issuer($c2, false)) - && (cert_get_subject($c1, false) == cert_get_subject($c2, false)) - && (cert_get_serial($c1, false) == cert_get_serial($c2, false)) - && (cert_get_modulus($c1, false) == cert_get_modulus($c2, false))) { + if ( + (cert_get_issuer($c1, false) == cert_get_issuer($c2, false)) + && (cert_get_subject($c1, false) == cert_get_subject($c2, false)) + && (cert_get_serial($c1, false) == cert_get_serial($c2, false)) + && (cert_get_modulus($c1, false) == cert_get_modulus($c2, false)) + ) { return true; } else { return false; diff --git a/src/etc/inc/console.inc b/src/etc/inc/console.inc index 4248efd7d..397dff958 100644 --- a/src/etc/inc/console.inc +++ b/src/etc/inc/console.inc @@ -32,9 +32,9 @@ function timeout($timer = 5) { while (!isset($key)) { if ($timer >= 9) { - echo chr(8) . chr(8) . ($timer==9 ? chr(32) : null) . "{$timer}"; + echo chr(8) . chr(8) . ($timer == 9 ? chr(32) : null) . "{$timer}"; } else { - echo chr(8). "{$timer}"; + echo chr(8) . "{$timer}"; } shell_exec('/bin/stty -icanon min 0 time 25'); $key = shell_exec('/bin/dd count=1 status=none'); @@ -289,8 +289,8 @@ EOD; $ifarr = array_merge(array($lanif, $wanif), $optif); $again = false; - for ($k = 0; $k < (count($ifarr)-1); $k++) { - for ($j = ($k+1); $j < count($ifarr); $j++) { + for ($k = 0; $k < (count($ifarr) - 1); $k++) { + for ($j = ($k + 1); $j < count($ifarr); $j++) { if ($ifarr[$k] == $ifarr[$j]) { $again = true; echo << " . $lanif . "\n"; } for ($i = 0; $i < count($optif); $i++) { - echo "OPT" . ($i+1) . " -> " . $optif[$i] . "\n"; + echo "OPT" . ($i + 1) . " -> " . $optif[$i] . "\n"; } } else { echo "\nNo interfaces will be assigned!\n"; @@ -423,24 +423,24 @@ EOD; } for ($i = 0; $i < count($optif); $i++) { - config_read_array('interfaces', 'opt' . ($i+1)); - $config['interfaces']['opt' . ($i+1)]['if'] = $optif[$i]; + config_read_array('interfaces', 'opt' . ($i + 1)); + $config['interfaces']['opt' . ($i + 1)]['if'] = $optif[$i]; if (match_wireless_interface($optif[$i])) { - config_read_array('interfaces', 'opt' . ($i+1), 'wireless'); - } elseif (isset($config['interfaces']['opt' . ($i+1)]['wireless'])) { - unset($config['interfaces']['opt' . ($i+1)]['wireless']); + config_read_array('interfaces', 'opt' . ($i + 1), 'wireless'); + } elseif (isset($config['interfaces']['opt' . ($i + 1)]['wireless'])) { + unset($config['interfaces']['opt' . ($i + 1)]['wireless']); } - if (empty($config['interfaces']['opt' . ($i+1)]['descr'])) { - $config['interfaces']['opt' . ($i+1)]['descr'] = "OPT" . ($i+1); - unset($config['interfaces']['opt' . ($i+1)]['enable']); + if (empty($config['interfaces']['opt' . ($i + 1)]['descr'])) { + $config['interfaces']['opt' . ($i + 1)]['descr'] = "OPT" . ($i + 1); + unset($config['interfaces']['opt' . ($i + 1)]['enable']); } } /* remove all other (old) optional interfaces */ - for (; isset($config['interfaces']['opt' . ($i+1)]); $i++) { - unset($config['interfaces']['opt' . ($i+1)]); + for (; isset($config['interfaces']['opt' . ($i + 1)]); $i++) { + unset($config['interfaces']['opt' . ($i + 1)]); } echo "\nWriting configuration..."; diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index d2f429281..e57dee006 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -33,7 +33,6 @@ require_once('filter.lib.inc'); - function is_bogonsv6_used() { global $config; @@ -202,7 +201,7 @@ function filter_configure_sync($verbose = false, $flush_states = false, $load_al } /* disable rule, suffix label to mark end of schedule */ $rule['disabled'] = true; - $rule['descr'] = "[FIN]".$rule['descr']; + $rule['descr'] = "[FIN]" . $rule['descr']; } break; } @@ -213,8 +212,10 @@ function filter_configure_sync($verbose = false, $flush_states = false, $load_al } // manual outbound nat rules - if (!empty($config['nat']['outbound']['mode']) && - in_array($config['nat']['outbound']['mode'], array("advanced", "hybrid"))) { + if ( + !empty($config['nat']['outbound']['mode']) && + in_array($config['nat']['outbound']['mode'], array("advanced", "hybrid")) + ) { if (!empty($config['nat']['outbound']['rule'])) { foreach ($config['nat']['outbound']['rule'] as $rule) { $fw->registerSNatRule(100, $rule); @@ -222,8 +223,10 @@ function filter_configure_sync($verbose = false, $flush_states = false, $load_al } } - if (empty($config['nat']['outbound']['mode']) || - in_array($config['nat']['outbound']['mode'], array("automatic", "hybrid"))) { + if ( + empty($config['nat']['outbound']['mode']) || + in_array($config['nat']['outbound']['mode'], array("automatic", "hybrid")) + ) { // generate standard outbound rules when mode is automatic ot hybrid $intfv4 = array(); foreach ($fw->getInterfaceMapping() as $intf => $intfcf) { @@ -446,7 +449,7 @@ function filter_configure_sync($verbose = false, $flush_states = false, $load_al $line_number = $line_error[1]; $line_split = file('/tmp/rules.debug'); if (is_array($line_split)) { - $config_line = sprintf(' - ' . gettext('The line in question reads [%s]: %s'), $line_number, $line_split[$line_number-1]); + $config_line = sprintf(' - ' . gettext('The line in question reads [%s]: %s'), $line_number, $line_split[$line_number - 1]); } } @@ -537,12 +540,12 @@ function filter_generate_scrubing(&$FilterIflist) $interfaces[] = $FilterIflist[$interface]['if']; } } - $scrub_rule_out .= count($interfaces) > 1 ? "{ ". implode(' ', $interfaces) . " } " : $interfaces[0]; + $scrub_rule_out .= count($interfaces) > 1 ? "{ " . implode(' ', $interfaces) . " } " : $interfaces[0]; $scrub_rule_out .= $scrub_rule['proto'] != 'any' ? " proto " . $scrub_rule['proto'] : ""; $scrub_rule_out .= " from "; if (is_alias($scrub_rule['src'])) { $scrub_rule_out .= !empty($scrub_rule['srcnot']) ? "!" : ""; - $scrub_rule_out .= '$'.$scrub_rule['src']; + $scrub_rule_out .= '$' . $scrub_rule['src']; } elseif (is_ipaddr($scrub_rule['src'])) { $scrub_rule_out .= !empty($scrub_rule['srcnot']) ? "!" : ""; $scrub_rule_out .= $scrub_rule['src'] . "/" . $scrub_rule['srcmask']; @@ -553,7 +556,7 @@ function filter_generate_scrubing(&$FilterIflist) $scrub_rule_out .= " to "; if (is_alias($scrub_rule['dst'])) { $scrub_rule_out .= !empty($scrub_rule['dstnot']) ? "!" : ""; - $scrub_rule_out .= '$'.$scrub_rule['dst']; + $scrub_rule_out .= '$' . $scrub_rule['dst']; } elseif (is_ipaddr($scrub_rule['dst'])) { $scrub_rule_out .= !empty($scrub_rule['dstnot']) ? "!" : ""; $scrub_rule_out .= $scrub_rule['dst'] . "/" . $scrub_rule['dstmask']; @@ -584,8 +587,10 @@ function filter_generate_scrubing(&$FilterIflist) } $mssclamp = ''; - if (!empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) && - !in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp'))) { + if ( + !empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) && + !in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp')) + ) { $mssclamp = 'max-mss ' . (intval($scrubcfg['mss'] - 40)); } @@ -818,7 +823,7 @@ function default_state_size() $physmem = $memory[0]; /* Be cautious and only allocate 10% of system memory to the state table */ - $max_states = (int) ($physmem/10)*1000; + $max_states = (int) ($physmem / 10) * 1000; return $max_states; } diff --git a/src/etc/inc/filter.lib.inc b/src/etc/inc/filter.lib.inc index d9073bd85..d31801834 100644 --- a/src/etc/inc/filter.lib.inc +++ b/src/etc/inc/filter.lib.inc @@ -126,8 +126,10 @@ function filter_core_get_antilockout() if ($config['system']['webgui']['protocol'] == 'https' && !isset($config['system']['webgui']['disablehttpredirect'])) { $lockout_ports[] = '80'; } - if (isset($config['system']['ssh']['enabled']) || - (!isset($config['system']['ssh']['noauto']) && is_install_media() && is_process_running('sshd'))) { + if ( + isset($config['system']['ssh']['enabled']) || + (!isset($config['system']['ssh']['noauto']) && is_install_media() && is_process_running('sshd')) + ) { $lockout_ports[] = empty($config['system']['ssh']['port']) ? '22' : $config['system']['ssh']['port']; } @@ -208,13 +210,13 @@ function filter_core_rules_system($fw, $defaults) // block All IPv6 except loopback traffic $fw->registerFilterRule( 1, - array('interface' => 'loopback', 'ipprotocol'=>'inet6', 'disabled' => isset($config['system']['ipv6allow']), + array('interface' => 'loopback', 'ipprotocol' => 'inet6', 'disabled' => isset($config['system']['ipv6allow']), 'descr' => 'Pass all loopback IPv6', '#ref' => 'system_advanced_firewall.php#ipv6allow'), $defaults['pass'] ); $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet6','descr' => 'Block all IPv6', 'disabled' => isset($config['system']['ipv6allow']), + array('ipprotocol' => 'inet6','descr' => 'Block all IPv6', 'disabled' => isset($config['system']['ipv6allow']), '#ref' => 'system_advanced_firewall.php#ipv6allow'), $defaults['block'] ); @@ -222,35 +224,35 @@ function filter_core_rules_system($fw, $defaults) // default Deny rule (when no other rules match) $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet46', 'descr' => 'Default deny rule', 'quick' => false), + array('ipprotocol' => 'inet46', 'descr' => 'Default deny rule', 'quick' => false), $defaults['block'] ); // IPv6 ICMP requirements $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '1,2,135,136', + array('ipprotocol' => 'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '1,2,135,136', 'statetype' => 'keep', 'descr' => 'IPv6 requirements (ICMP)'), $defaults['pass'] ); // Allow only bare essential icmpv6 packets $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '129,133,134,135,136', + array('ipprotocol' => 'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '129,133,134,135,136', 'statetype' => 'keep', 'descr' => 'IPv6 requirements (ICMP)', 'from' => '(self)', 'to' => 'fe80::/10,ff02::/16', 'direction' => 'out' ), $defaults['pass'] ); $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '128,133,134,135,136', + array('ipprotocol' => 'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '128,133,134,135,136', 'statetype' => 'keep', 'descr' => 'IPv6 requirements (ICMP)', 'from' => 'fe80::/10', 'to' => 'fe80::/10,ff02::/16', 'direction' => 'in' ), $defaults['pass'] ); $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '128,133,134,135,136', + array('ipprotocol' => 'inet6', 'protocol' => 'ipv6-icmp', 'icmp6-type' => '128,133,134,135,136', 'statetype' => 'keep', 'descr' => 'IPv6 requirements (ICMP)', 'from' => 'ff02::/16', 'to' => 'fe80::/10', 'direction' => 'in' ), $defaults['pass'] @@ -259,7 +261,7 @@ function filter_core_rules_system($fw, $defaults) foreach (array('from_port', 'to_port') as $target) { $fw->registerFilterRule( 1, - array('ipprotocol'=>'inet46', 'protocol' => 'tcp/udp', $target => '0', + array('ipprotocol' => 'inet46', 'protocol' => 'tcp/udp', $target => '0', 'descr' => 'block all targetting port 0'), $defaults['block'] ); @@ -306,7 +308,7 @@ function filter_core_rules_system($fw, $defaults) $fw->registerFilterRule( 5, array('from' => "", 'direction' => 'in', 'interface' => $intf, 'ipprotocol' => 'inet', - 'descr' => "Block bogon IPv4 networks from ".$intfinfo['descr'], + 'descr' => "Block bogon IPv4 networks from " . $intfinfo['descr'], '#ref' => "interfaces.php?if=" . $intf . "#blockbogons", 'disabled' => !isset($intfinfo['blockbogons'])), $bogontmpl @@ -316,14 +318,14 @@ function filter_core_rules_system($fw, $defaults) array('from' => "", 'direction' => 'in', 'interface' => $intf, 'ipprotocol' => 'inet6', 'disabled' => !isset($config['system']['ipv6allow']) || !isset($intfinfo['blockbogons']), '#ref' => "interfaces.php?if=" . $intf . "#blockbogons", - 'descr' => "Block bogon IPv6 networks from ".$intfinfo['descr']), + 'descr' => "Block bogon IPv6 networks from " . $intfinfo['descr']), $bogontmpl ); $fw->registerFilterRule( 5, array('direction' => 'in', 'interface' => $intf, 'ipprotocol' => 'inet', '#ref' => "interfaces.php?if=" . $intf . "#blockpriv", - 'descr' => "Block private networks from ".$intfinfo['descr'], + 'descr' => "Block private networks from " . $intfinfo['descr'], 'disabled' => !isset($intfinfo['blockpriv'])), $privtmpl ); @@ -331,7 +333,7 @@ function filter_core_rules_system($fw, $defaults) 5, array('direction' => 'in', 'interface' => $intf, 'ipprotocol' => 'inet6', '#ref' => "interfaces.php?if=" . $intf . "#blockpriv", - 'descr' => "Block private networks from ".$intfinfo['descr'], 'from' => 'fc00::/7', + 'descr' => "Block private networks from " . $intfinfo['descr'], 'from' => 'fc00::/7', 'disabled' => !isset($intfinfo['blockpriv'])), $privtmpl ); @@ -344,14 +346,14 @@ function filter_core_rules_system($fw, $defaults) $fw->registerFilterRule( 1, array('protocol' => 'udp', 'from' => 'fe80::/10', 'from_port' => 546, 'to' => 'fe80::/10', - 'interface' => $intf, 'to_port' => 546, 'descr' =>'allow dhcpv6 client in ' . $intfinfo['descr'], + 'interface' => $intf, 'to_port' => 546, 'descr' => 'allow dhcpv6 client in ' . $intfinfo['descr'], '#ref' => 'system_advanced_firewall.php#ipv6allow'), $defaults['pass'] ); $fw->registerFilterRule( 1, array('protocol' => 'udp', 'from_port' => 547,'to_port' => 546, 'direction' => 'in', - 'interface' => $intf, 'descr' =>'allow dhcpv6 client in ' . $intfinfo['descr'], + 'interface' => $intf, 'descr' => 'allow dhcpv6 client in ' . $intfinfo['descr'], '#ref' => 'system_advanced_firewall.php#ipv6allow'), $defaults['pass'] ); @@ -376,14 +378,14 @@ function filter_core_rules_system($fw, $defaults) 5, array('protocol' => 'tcp','to_port' => 1723, 'direction' => 'in', 'statetype' => 'modulate', 'quick' => false, '#ref' => "interfaces.php?if=" . $intf . "#type", - 'interface' => $intf, 'flags' => 'S/SA', 'descr' =>'allow PPTP client on ' . $intfinfo['descr']), + 'interface' => $intf, 'flags' => 'S/SA', 'descr' => 'allow PPTP client on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => 'gre', 'direction' => 'in', 'statetype' => 'keep', 'quick' => false, '#ref' => "interfaces.php?if=" . $intf . "#type", - 'interface' => $intf, 'descr' =>'allow PPTP client on ' . $intfinfo['descr']), + 'interface' => $intf, 'descr' => 'allow PPTP client on ' . $intfinfo['descr']), $defaults['pass'] ); break; @@ -392,14 +394,14 @@ function filter_core_rules_system($fw, $defaults) 5, array('protocol' => 'udp', 'direction' => 'in', 'quick' => false, 'from_port' => 67, 'to_port' => 68, '#ref' => "interfaces.php?if=" . $intf . "#type", - 'interface' => $intf, 'descr' =>'allow DHCP client on ' . $intfinfo['descr']), + 'interface' => $intf, 'descr' => 'allow DHCP client on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => 'udp', 'direction' => 'out', 'quick' => false, 'from_port' => 68, 'to_port' => 67, '#ref' => "interfaces.php?if=" . $intf . "#type", - 'interface' => $intf, 'descr' =>'allow DHCP client on ' . $intfinfo['descr']), + 'interface' => $intf, 'descr' => 'allow DHCP client on ' . $intfinfo['descr']), $defaults['pass'] ); break; @@ -409,21 +411,21 @@ function filter_core_rules_system($fw, $defaults) 5, array('protocol' => 'udp', 'direction' => 'in', 'from_port' => 68, 'to' => '255.255.255.255', '#ref' => "services_dhcp.php?if=" . $intf . "#enable", - 'to_port' => 67, 'interface' => $intf, 'descr' =>'allow access to DHCP server'), + 'to_port' => 67, 'interface' => $intf, 'descr' => 'allow access to DHCP server'), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => 'udp', 'direction' => 'in', 'from_port' => 68, 'to' => '(self)', '#ref' => "services_dhcp.php?if=" . $intf . "#enable", - 'to_port' => 67, 'interface' => $intf, 'descr' =>'allow access to DHCP server'), + 'to_port' => 67, 'interface' => $intf, 'descr' => 'allow access to DHCP server'), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => 'udp', 'direction' => 'out', 'from_port' => 67, 'from' => '(self)', '#ref' => "services_dhcp.php?if=" . $intf . "#enable", - 'to_port' => 68, 'interface' => $intf, 'descr' =>'allow access to DHCP server'), + 'to_port' => 68, 'interface' => $intf, 'descr' => 'allow access to DHCP server'), $defaults['pass'] ); if (!empty($config['dhcpd'][$intf]['failover_peerip'])) { @@ -432,7 +434,7 @@ function filter_core_rules_system($fw, $defaults) array('protocol' => 'tcp/udp', 'direction' => 'in', 'to' => '(self)', 'to_port' => '519,520', '#ref' => "services_dhcp.php?if=" . $intf . "#failover_peerip", 'from' => $config['dhcpd'][$intf]['failover_peerip'], - 'interface' => $intf, 'descr' =>'allow access to DHCP failover'), + 'interface' => $intf, 'descr' => 'allow access to DHCP failover'), $defaults['pass'] ); } @@ -446,14 +448,14 @@ function filter_core_rules_system($fw, $defaults) 5, array('protocol' => '41', 'direction' => 'in', 'from' => $config['interfaces'][$intf]['gateway-6rd'], '#ref' => "interfaces.php?if=" . $intf . "#type6", - 'quick'=>false, 'interface' => $intf, 'descr' =>'Allow 6in4 traffic in for 6rd on '.$intfinfo['descr']), + 'quick' => false, 'interface' => $intf, 'descr' => 'Allow 6in4 traffic in for 6rd on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => '41', 'direction' => 'out', 'to' => $config['interfaces'][$intf]['gateway-6rd'], '#ref' => "interfaces.php?if=" . $intf . "#type6", - 'quick'=>false, 'interface' => $intf, 'descr' =>'Allow 6in4 traffic out for 6rd on '.$intfinfo['descr']), + 'quick' => false, 'interface' => $intf, 'descr' => 'Allow 6in4 traffic out for 6rd on ' . $intfinfo['descr']), $defaults['pass'] ); break; @@ -462,14 +464,14 @@ function filter_core_rules_system($fw, $defaults) 5, array('protocol' => '41', 'direction' => 'in', 'to' => '(self)','interface' => $intf, '#ref' => "interfaces.php?if=" . $intf . "#type6", - 'quick'=>false, 'descr' =>'Allow 6in4 traffic in for 6to4 on '.$intfinfo['descr']), + 'quick' => false, 'descr' => 'Allow 6in4 traffic in for 6to4 on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 5, array('protocol' => '41', 'direction' => 'out', 'from' => '(self)','interface' => $intf, '#ref' => "interfaces.php?if=" . $intf . "#type6", - 'quick'=>false, 'descr' =>'Allow 6in4 traffic out for 6to4 on '.$intfinfo['descr']), + 'quick' => false, 'descr' => 'Allow 6in4 traffic out for 6to4 on ' . $intfinfo['descr']), $defaults['pass'] ); break; @@ -485,35 +487,35 @@ function filter_core_rules_system($fw, $defaults) 1, array('protocol' => 'udp','ipprotocol' => 'inet6', 'from' => 'fe80::/10', 'to' => 'fe80::/10,ff02::/16', 'to_port' => 546, 'interface' => $intf, - 'descr' =>'allow access to DHCPv6 server on '.$intfinfo['descr']), + 'descr' => 'allow access to DHCPv6 server on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 1, array('protocol' => 'udp','ipprotocol' => 'inet6', 'from' => 'fe80::/10', 'to' => 'ff02::/16', 'to_port' => 547, 'interface' => $intf, - 'descr' =>'allow access to DHCPv6 server on '.$intfinfo['descr']), + 'descr' => 'allow access to DHCPv6 server on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 1, array('protocol' => 'udp','ipprotocol' => 'inet6', 'from' => 'ff02::/16', 'to' => 'fe80::/10', 'to_port' => 547, 'interface' => $intf, - 'descr' =>'allow access to DHCPv6 server on '.$intfinfo['descr']), + 'descr' => 'allow access to DHCPv6 server on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 1, array('protocol' => 'udp','ipprotocol' => 'inet6', 'from' => 'fe80::/10', 'to' => '(self)', 'to_port' => 546, 'interface' => $intf, 'direction' => 'in', - 'descr' =>'allow access to DHCPv6 server on '.$intfinfo['descr']), + 'descr' => 'allow access to DHCPv6 server on ' . $intfinfo['descr']), $defaults['pass'] ); $fw->registerFilterRule( 1, array('protocol' => 'udp','ipprotocol' => 'inet6', 'from' => '(self)', 'to' => 'fe80::/10', 'from_port' => 547, 'interface' => $intf, 'direction' => 'out', - 'descr' =>'allow access to DHCPv6 server on '.$intfinfo['descr']), + 'descr' => 'allow access to DHCPv6 server on ' . $intfinfo['descr']), $defaults['pass'] ); } @@ -521,11 +523,11 @@ function filter_core_rules_system($fw, $defaults) } } // loopback - $fw->registerFilterRule(5, array('interface' => 'loopback', 'descr' =>'pass loopback'), $defaults['pass']); + $fw->registerFilterRule(5, array('interface' => 'loopback', 'descr' => 'pass loopback'), $defaults['pass']); // out from this Firewall $fw->registerFilterRule( 5, - array('direction' => 'out', 'statetype' =>'keep', 'allowopts' => true, + array('direction' => 'out', 'statetype' => 'keep', 'allowopts' => true, 'quick' => false, "descr" => "let out anything from firewall host itself"), $defaults['pass'] ); @@ -535,7 +537,7 @@ function filter_core_rules_system($fw, $defaults) 5, array('direction' => 'out', 'statetype' => 'keep', 'quick' => false, 'interface' => 'enc0', '#ref' => 'vpn_ipsec.php#enable', - 'descr' =>'IPsec internal host to host'), + 'descr' => 'IPsec internal host to host'), $defaults['pass'] ); } @@ -563,13 +565,13 @@ function filter_core_rules_system($fw, $defaults) $fw->registerFilterRule( 5, array('direction' => 'in', 'interface' => 'wan', 'statetype' => 'modulate','protocol' => 'tcp', - 'to' => '(self)', 'to_port' => '1723', 'quick' => false, 'descr' =>'allow pptpd'), + 'to' => '(self)', 'to_port' => '1723', 'quick' => false, 'descr' => 'allow pptpd'), $defaults['pass'] ); $fw->registerFilterRule( 5, array('direction' => 'in', 'interface' => 'wan', 'statetype' => 'modulate', - 'protocol' => 'gre', 'descr' =>'allow pptpd', 'quick' => false), + 'protocol' => 'gre', 'descr' => 'allow pptpd', 'quick' => false), $defaults['pass'] ); } @@ -594,7 +596,7 @@ function filter_core_rules_system($fw, $defaults) $fw->registerFilterRule( 100000, array('from' => $ifcfg['if'], 'direction' => 'out', 'gateway' => $gwname, - 'destination' => array('network'=> $ifdescr, "not" => true), + 'destination' => array('network' => $ifdescr, "not" => true), 'statetype' => 'keep', 'allowopts' => true, 'quick' => false, diff --git a/src/etc/inc/interfaces.lib.inc b/src/etc/inc/interfaces.lib.inc index 4f2b01513..d64af0822 100644 --- a/src/etc/inc/interfaces.lib.inc +++ b/src/etc/inc/interfaces.lib.inc @@ -157,7 +157,7 @@ function legacy_bridge_member($ifs, $member) function legacy_vlan_tag($ifs, $member, $tag, $pcp) { - $cmd = '/sbin/ifconfig ' . escapeshellarg($ifs) . ' vlandev ' . escapeshellarg($member) . ' vlan ' . escapeshellarg($tag) . ' vlanpcp '.escapeshellarg($pcp); + $cmd = '/sbin/ifconfig ' . escapeshellarg($ifs) . ' vlandev ' . escapeshellarg($member) . ' vlan ' . escapeshellarg($tag) . ' vlanpcp ' . escapeshellarg($pcp); exec($cmd . ' 2>&1', $out, $ret); if ($ret) { @@ -169,7 +169,7 @@ function legacy_interface_stats($ifs = null) { if ($ifs != null) { // only request data for selected interface - $cmd = '/usr/local/sbin/ifinfo '. escapeshellarg($ifs); + $cmd = '/usr/local/sbin/ifinfo ' . escapeshellarg($ifs); } else { // all interfaces $cmd = '/usr/local/sbin/ifinfo'; @@ -263,7 +263,7 @@ function legacy_interfaces_details($intf = null) if ($line_parts[$i] == 'netmask') { $mask = substr_count(base_convert(hexdec($line_parts[$i + 1]), 10, 2), '1'); } elseif ($line_parts[$i] == 'vhid') { - $vhid = $line_parts[$i+1]; + $vhid = $line_parts[$i + 1]; } } if (isset($mask)) { @@ -284,11 +284,11 @@ function legacy_interfaces_details($intf = null) if ($line_parts[$i] == 'prefixlen') { $tmp['subnetbits'] = intval($line_parts[$i + 1]); } elseif ($line_parts[$i] == 'vhid') { - $tmp['vhid'] = $line_parts[$i+1]; + $tmp['vhid'] = $line_parts[$i + 1]; } if ($line_parts[$i] == '-->') { $tmp['tunnel'] = true; - $tmp['endpoint'] = $line_parts[$i+1]; + $tmp['endpoint'] = $line_parts[$i + 1]; } } if (isset($tmp['subnetbits'])) { diff --git a/src/etc/inc/legacy_bindings.inc b/src/etc/inc/legacy_bindings.inc index eb8b46111..310d863fb 100644 --- a/src/etc/inc/legacy_bindings.inc +++ b/src/etc/inc/legacy_bindings.inc @@ -141,7 +141,7 @@ function legacy_move_config_list_items($source, $id, $items) } /* copy all rules > $id and not selected */ - for ($i = $id+1; $i < count($source); $i++) { + for ($i = $id + 1; $i < count($source); $i++) { if (!in_array($i, $items)) { $new_config[] = $source[$i]; } diff --git a/src/etc/inc/plugins.inc b/src/etc/inc/plugins.inc index ae1458030..ef725e308 100644 --- a/src/etc/inc/plugins.inc +++ b/src/etc/inc/plugins.inc @@ -263,7 +263,9 @@ function plugins_configure($hook, $verbose = false, $args = array()) } syslog(LOG_NOTICE, sprintf( 'plugins_configure %s (execute task : %s(%s))', - $hook, $argf, implode(',', array_slice($args, 0, $argc)) + $hook, + $argf, + implode(',', array_slice($args, 0, $argc)) )); call_user_func_array($argf, array_slice($args, 0, $argc)); } @@ -303,7 +305,10 @@ function plugins_run($hook, $verbose = false, $args = array()) $argc = count($args); } syslog(LOG_NOTICE, sprintf( - 'plugins_run %s (execute task : %s(%s))', $hook, $argf, implode(',', array_slice($args, 0, $argc)) + 'plugins_run %s (execute task : %s(%s))', + $hook, + $argf, + implode(',', array_slice($args, 0, $argc)) )); $ret[$name] = call_user_func_array($argf, array_slice($args, 0, $argc)); } diff --git a/src/etc/inc/rrd.inc b/src/etc/inc/rrd.inc index cb22562c1..cf21a8230 100644 --- a/src/etc/inc/rrd.inc +++ b/src/etc/inc/rrd.inc @@ -90,7 +90,7 @@ function rrd_configure($verbose = false) $trafficvalid = $rrdtrafficinterval * 2; $wirelessvalid = $rrdwirelessinterval * 2; $packetsvalid = $rrdpacketsinterval * 2; - $statesvalid = $rrdstatesinterval*2; + $statesvalid = $rrdstatesinterval * 2; $procvalid = $rrdlbpoolinterval * 2; $memvalid = $rrdmeminterval * 2; $mbufvalid = $rrdmbufinterval * 2; diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index 553b8abe1..a7588b734 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -548,17 +548,17 @@ function system_staticroutes_configure($interface = '') $inet = (is_subnetv6($ip) ? "-inet6" : "-inet"); $cmd = " {$inet} {$blackhole} " . escapeshellarg($ip) . " "; if (is_ipaddr($gatewayip)) { - mwexec("/sbin/route delete".$cmd . escapeshellarg($gatewayip), true); + mwexec("/sbin/route delete" . $cmd . escapeshellarg($gatewayip), true); if ($fargw) { mwexecf('/sbin/route delete %s %s -interface %s ', array($inet, $gatewayip, $interfacegw), true); mwexecf('/sbin/route add %s %s -interface %s', array($inet, $gatewayip, $interfacegw), true); } elseif (is_linklocal($gatewayip) && strpos($gatewayip, '%') === false) { $gatewayip .= "%{$interfacegw}"; } - mwexec("/sbin/route add".$cmd . escapeshellarg($gatewayip), true); + mwexec("/sbin/route add" . $cmd . escapeshellarg($gatewayip), true); } elseif (!empty($interfacegw)) { - mwexec("/sbin/route delete".$cmd . "-interface " . escapeshellarg($interfacegw), true); - mwexec("/sbin/route add".$cmd . "-interface " . escapeshellarg($interfacegw), true); + mwexec("/sbin/route delete" . $cmd . "-interface " . escapeshellarg($interfacegw), true); + mwexec("/sbin/route add" . $cmd . "-interface " . escapeshellarg($interfacegw), true); } } } @@ -613,7 +613,7 @@ function system_syslogd_start($verbose = false, $restart = false) $separatelogfacilities = array(); foreach ($syslogconfs as $logTopic => $logConfig) { - $syslogconf .= "!".implode(',', $logConfig['facility'])."\n"; + $syslogconf .= "!" . implode(',', $logConfig['facility']) . "\n"; $separatelogfacilities = array_merge($logConfig['facility'], $separatelogfacilities); if (!isset($syslogcfg['disablelocallogging'])) { $syslogconf .= "*.* {$log_directive}/var/log/{$logTopic}.log\n"; @@ -652,7 +652,7 @@ EOD; $syslog_files = array_keys($syslogconfs); $syslog_files = array_merge($syslog_files, array('system', 'vpn')); foreach ($syslog_files as $syslog_fn) { - $filename = "/var/log/".basename($syslog_fn).".log"; + $filename = "/var/log/" . basename($syslog_fn) . ".log"; if (!file_exists($filename)) { mwexecf('/usr/local/sbin/clog -i -s %s %s', array($default_logfile_size, $filename)); } @@ -739,7 +739,7 @@ function get_memory() $physmem = get_single_sysctl("hw.physmem"); $realmem = get_single_sysctl("hw.realmem"); /* convert from bytes to megabytes */ - return array(($physmem/1048576),($realmem/1048576)); + return array(($physmem / 1048576),($realmem / 1048576)); } function system_firmware_configure($verbose = false) @@ -820,8 +820,10 @@ function system_timezone_configure($verbose = false) $timezones = get_zoneinfo(); /* reset to default if empty or nonexistent */ - if (empty($timezone) || !in_array($timezone, $timezones) || - !file_exists(sprintf('/usr/share/zoneinfo/%s', $timezone))) { + if ( + empty($timezone) || !in_array($timezone, $timezones) || + !file_exists(sprintf('/usr/share/zoneinfo/%s', $timezone)) + ) { $timezone = 'Etc/UTC'; } @@ -1085,7 +1087,7 @@ function system_login_configure($verbose = false) if ($serial_enabled) { @file_put_contents('/boot.config', "-S{$serialspeed} -D\n"); - $new_boot_config['comconsole_speed'] = '"'.$serialspeed.'"'; + $new_boot_config['comconsole_speed'] = '"' . $serialspeed . '"'; $new_boot_config['boot_serial'] = '"YES"'; } elseif (!$output_enabled) { @file_put_contents('/boot.config', "-q -m\n"); diff --git a/src/etc/inc/xmlrpc.inc b/src/etc/inc/xmlrpc.inc index 88dce2c73..7e8ed0f31 100644 --- a/src/etc/inc/xmlrpc.inc +++ b/src/etc/inc/xmlrpc.inc @@ -47,10 +47,10 @@ class XMLRPCServer // load all xmlrpc published functions foreach (glob(__DIR__ . "/xmlrpc/*.inc") as $filename) { require_once($filename); - $publ_func = "xmlrpc_publishable_" .str_replace(".inc", "", basename($filename)); + $publ_func = "xmlrpc_publishable_" . str_replace(".inc", "", basename($filename)); if (function_exists($publ_func)) { foreach ($publ_func() as $function) { - $publish_name = $this->prefix.".".str_replace("_xmlrpc", "", $function); + $publish_name = $this->prefix . "." . str_replace("_xmlrpc", "", $function); $this->xmlrpc_callbacks[$publish_name] = $function; } } diff --git a/src/etc/inc/xmlrpc/legacy.inc b/src/etc/inc/xmlrpc/legacy.inc index fa0b9aebe..f540c532c 100644 --- a/src/etc/inc/xmlrpc/legacy.inc +++ b/src/etc/inc/xmlrpc/legacy.inc @@ -83,10 +83,11 @@ function merge_config_attributes(&$cnf_source, &$cnf_dest) { foreach ($cnf_source as $cnf_key => &$cnf_value) { if (is_array($cnf_value)) { - if (!isset($cnf_dest[$cnf_key]) || !is_array($cnf_dest[$cnf_key]) || // new + if ( + !isset($cnf_dest[$cnf_key]) || !is_array($cnf_dest[$cnf_key]) || // new (count($cnf_dest[$cnf_key]) > 0 && isset($cnf_dest[$cnf_key][0])) || // sequenced item (count($cnf_dest[$cnf_key]) > 0 && isset($cnf_dest[$cnf_key]['@attributes']['uuid'])) // mvc array - ) { + ) { // (re)set destination array when new or containing a sequenced list of items $cnf_dest[$cnf_key] = array(); } diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/InterfaceController.php b/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/InterfaceController.php index 611e1d3ff..4fc2aa553 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/InterfaceController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/InterfaceController.php @@ -1,29 +1,29 @@ request->isPost() && $this->request->hasPost("destination") - && $this->request->hasPost("gateway")) { + if ( + $this->request->isPost() && $this->request->hasPost("destination") + && $this->request->hasPost("gateway") + ) { $backend = new Backend(); $dest = $this->request->getPost("destination", "striptags", null); $gw = $this->request->getPost("gateway", "striptags", null); diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_4.php b/src/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_4.php index 84f9e4cc7..9544a1604 100644 --- a/src/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_4.php +++ b/src/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_4.php @@ -69,31 +69,31 @@ class M1_0_4 extends BaseModelMigration } } // map rulesets - if (!empty($csets['emerging-malware.rules']) && $csets['emerging-malware.rules']->enabled == "1"){ + if (!empty($csets['emerging-malware.rules']) && $csets['emerging-malware.rules']->enabled == "1") { $nsets['emerging-adware_pup.rules']->enabled = "1"; $nsets['emerging-adware_pup.rules']->filter = (string)$csets['emerging-malware.rules']->filter; } - if (!empty($csets['emerging-current_events.rules']) && $csets['emerging-current_events.rules']->enabled == "1"){ + if (!empty($csets['emerging-current_events.rules']) && $csets['emerging-current_events.rules']->enabled == "1") { $nsets['emerging-phishing.rules']->enabled = "1"; $nsets['emerging-phishing.rules']->filter = (string)$csets['emerging-current_events.rules']->filter; $nsets['emerging-exploit_kit.rules']->enabled = "1"; $nsets['emerging-exploit_kit.rules']->filter = (string)$csets['emerging-current_events.rules']->filter; } - if (!empty($csets['emerging-trojan.rules']) && $csets['emerging-trojan.rules']->enabled == "1"){ + if (!empty($csets['emerging-trojan.rules']) && $csets['emerging-trojan.rules']->enabled == "1") { $nsets['emerging-coinminer.rules']->enabled = "1"; $nsets['emerging-coinminer.rules']->filter = (string)$csets['emerging-trojan.rules']->filter; $nsets['emerging-malware.rules']->enabled = "1"; $nsets['emerging-malware.rules']->filter = (string)$csets['emerging-malware.rules']->filter; } - if (!empty($csets['emerging-info.rules']) && $csets['emerging-info.rules']->enabled == "1"){ + if (!empty($csets['emerging-info.rules']) && $csets['emerging-info.rules']->enabled == "1") { $nsets['emerging-hunting.rules']->enabled = "1"; $nsets['emerging-hunting.rules']->filter = (string)$csets['emerging-info.rules']->filter; } - if (!empty($csets['emerging-policy.rules']) && $csets['emerging-policy.rules']->enabled == "1"){ + if (!empty($csets['emerging-policy.rules']) && $csets['emerging-policy.rules']->enabled == "1") { $nsets['emerging-hunting.rules']->enabled = "1"; $nsets['emerging-hunting.rules']->filter = (string)$csets['emerging-policy.rules']->filter; } - if (!empty($csets['emerging-trojan.rules'])){ + if (!empty($csets['emerging-trojan.rules'])) { // deprecated ruleset $model->files->file->del($csets['emerging-trojan.rules']->getAttribute('uuid')); }