From f0c9c1ca1e4be9fa78a3d4c16b14b8a412cc39ab Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Wed, 10 Jun 2015 08:20:43 +0200 Subject: [PATCH] src: some cleanups --- src/etc/inc/config.console.inc | 3 +- src/etc/inc/config.lib.inc | 9 ++-- src/etc/inc/dyndns.class | 2 +- src/etc/inc/filter_log.inc | 43 ++++++++++-------- src/etc/inc/gwlb.inc | 27 +++++++----- src/etc/inc/interfaces.inc | 14 +++--- src/etc/inc/rrd.inc | 9 ++-- src/etc/inc/system.inc | 44 ++++++++++--------- src/opnsense/scripts/suricata/getRuleJSON.py | 2 - .../service/conf/actions.d/actions_ids.conf | 1 - src/opnsense/service/configd_ctl.py | 1 - 11 files changed, 83 insertions(+), 72 deletions(-) diff --git a/src/etc/inc/config.console.inc b/src/etc/inc/config.console.inc index baa6faed5..54b65ef71 100644 --- a/src/etc/inc/config.console.inc +++ b/src/etc/inc/config.console.inc @@ -31,7 +31,6 @@ function set_networking_interfaces_ports() { global $noreboot; global $config; - global $g; global $fp; $yes_no_prompt = '[y|n]? '; @@ -430,7 +429,7 @@ EOD; function vlan_setup() { - global $iflist, $config, $g, $fp; + global $iflist, $config, $fp; $yes_no_prompt = '[y|n]? '; diff --git a/src/etc/inc/config.lib.inc b/src/etc/inc/config.lib.inc index 098c7c3c3..eee70989a 100644 --- a/src/etc/inc/config.lib.inc +++ b/src/etc/inc/config.lib.inc @@ -143,7 +143,7 @@ function convert_config() { /* save the system configuration */ function write_config($desc = 'Unknown', $backup = true) { - global $config, $g; + global $config; if (!empty($_SERVER['REMOTE_ADDR'])) { if (session_status() == PHP_SESSION_NONE) { @@ -219,7 +219,7 @@ function reset_factory_defaults($sync = true) function config_restore($conffile) { - global $config, $g; + global $config; if (!file_exists($conffile)) return 1; @@ -265,8 +265,9 @@ function security_checks_disabled() /** * remove old backups */ -function cleanup_backups() { - global $g, $config; +function cleanup_backups() +{ + global $config; $i = false; if (isset($config['system']['backupcount']) && is_numeric($config['system']['backupcount']) && ($config['system']['backupcount'] >= 0)) { diff --git a/src/etc/inc/dyndns.class b/src/etc/inc/dyndns.class index 4734e740d..f4e3db461 100644 --- a/src/etc/inc/dyndns.class +++ b/src/etc/inc/dyndns.class @@ -135,7 +135,7 @@ $dnsZoneID ='', $dnsTTL='', $dnsResultMatch = '', $dnsRequestIf = '', $dnsID = '', $dnsVerboseLog = false, $curlIpresolveV4 = false, $curlSslVerifypeer = true) { - global $config, $g; + global $config; $this->_cacheFile = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}.cache"; $this->_cacheFile_v6 = "/conf/dyndns_{$dnsIf}{$dnsService}" . escapeshellarg($dnsHost) . "{$dnsID}_v6.cache"; diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc index 4c459e976..24cbe9f02 100644 --- a/src/etc/inc/filter_log.inc +++ b/src/etc/inc/filter_log.inc @@ -35,8 +35,9 @@ $buffer_rules_rdr = array(); $buffer_rules_normal = array(); /* format filter logs */ -function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $filterinterface = null) { - global $config, $g; +function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = '', $filterinterface = null) +{ + global $config; /* Make sure this is a number before using it in a system call */ if (!(is_numeric($tail))) @@ -279,9 +280,8 @@ function get_port_with_service($port, $proto) { return ':' . $portstr; } -function find_rule_by_number($rulenum, $type="block") { - global $g; - +function find_rule_by_number($rulenum, $type = 'block') +{ /* Passing arbitrary input to grep could be a Very Bad Thing(tm) */ if (!is_numeric($rulenum) || !in_array($type, array('pass', 'block', 'match', 'rdr'))) return; @@ -305,8 +305,9 @@ function find_rule_by_number($rulenum, $type="block") { return ""; } -function buffer_rules_load() { - global $g, $buffer_rules_rdr, $buffer_rules_normal; +function buffer_rules_load() +{ + global $buffer_rules_rdr, $buffer_rules_normal; unset($buffer, $buffer_rules_rdr, $buffer_rules_normal); /* Redeclare globals after unset to work around PHP */ global $buffer_rules_rdr, $buffer_rules_normal; @@ -340,13 +341,15 @@ function buffer_rules_load() { unset($_gb, $buffer); } -function buffer_rules_clear() { +function buffer_rules_clear() +{ unset($GLOBALS['buffer_rules_normal']); unset($GLOBALS['buffer_rules_rdr']); } -function find_rule_by_number_buffer($rulenum, $type){ - global $g, $buffer_rules_rdr, $buffer_rules_normal; +function find_rule_by_number_buffer($rulenum, $type) +{ + global $buffer_rules_rdr, $buffer_rules_normal; $lookup_key = "@{$rulenum}"; @@ -362,15 +365,17 @@ function find_rule_by_number_buffer($rulenum, $type){ return "{$rulename} ({$lookup_key})"; } -function find_action_image($action) { - // This function will now return a glyphicon class - global $g; - if ((strstr(strtolower($action), "p")) || (strtolower($action) == "rdr")) - return "glyphicon glyphicon-play text-success"; - else if(strstr(strtolower($action), "r")) - return "glyphicon glyphicon-remove text-warning"; - else - return "glyphicon glyphicon-remove text-danger"; +function find_action_image($action) +{ + if ((strstr(strtolower($action), 'p')) || (strtolower($action) == 'rdr')) { + return 'glyphicon glyphicon-play text-success'; + } + + if (strstr(strtolower($action), 'r')) { + return 'glyphicon glyphicon-remove text-warning'; + } + + return 'glyphicon glyphicon-remove text-danger'; } /* AJAX specific handlers */ diff --git a/src/etc/inc/gwlb.inc b/src/etc/inc/gwlb.inc index 980b105e5..569903366 100644 --- a/src/etc/inc/gwlb.inc +++ b/src/etc/inc/gwlb.inc @@ -50,7 +50,7 @@ function return_apinger_defaults() { */ function setup_gateways_monitor() { - global $config, $g; + global $config; @mkdir('/var/db/rrd', 0775); @chown('/var/db/rrd', 'nobody'); @@ -425,8 +425,9 @@ function return_gateways_status($byname = false) } /* Return all configured gateways on the system */ -function return_gateways_array($disabled = false, $localhost = false, $inactive = false) { - global $config, $g; +function return_gateways_array($disabled = false, $localhost = false, $inactive = false) +{ + global $config; $gateways_arr = array(); @@ -722,8 +723,9 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive return($gateways_arr); } -function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) { - global $config, $g; +function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) +{ + global $config; /* * NOTE: The code below is meant to replace the default gateway when it goes down. * This facilitates services running on OPNsense itself and are not handled by a PBR to continue working. @@ -781,8 +783,9 @@ function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) { * Return an array with all gateway groups with name as key * All gateway groups will be processed before returning the array. */ -function return_gateway_groups_array() { - global $config, $g; +function return_gateway_groups_array() +{ + global $config; /* fetch the current gateways status */ $gateways_status = return_gateways_status(true); @@ -934,8 +937,9 @@ function lookup_gateway_interface_by_name($name) { return (false); } -function get_interface_gateway($interface, &$dynamic = false) { - global $config, $g; +function get_interface_gateway($interface, &$dynamic = false) +{ + global $config; $gw = NULL; @@ -965,8 +969,9 @@ function get_interface_gateway($interface, &$dynamic = false) { return ($gw); } -function get_interface_gateway_v6($interface, &$dynamic = false) { - global $config, $g; +function get_interface_gateway_v6($interface, &$dynamic = false) +{ + global $config; $gw = NULL; $gwcfg = $config['interfaces'][$interface]; diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index cf0297e09..04174d127 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -2375,8 +2375,9 @@ function interface_sync_wireless_clones(&$ifcfg, $sync_changes = false) } } -function interface_wireless_configure($if, &$wl, &$wlcfg) { - global $config, $g; +function interface_wireless_configure($if, &$wl, &$wlcfg) +{ + global $config; /* open up a shell script that will be used to output the commands. * since wireless is changing a lot, these series of commands are fragile @@ -2396,7 +2397,7 @@ function interface_wireless_configure($if, &$wl, &$wlcfg) { $fd_set = fopen("/tmp/{$if}_setup.sh","w"); fwrite($fd_set, "#!/bin/sh\n"); - fwrite($fd_set, "# {$g['product_name']} wireless configuration script.\n\n"); + fwrite($fd_set, "# wireless configuration script.\n\n"); /* set values for /path/program */ $hostapd = "/usr/sbin/hostapd"; @@ -4289,8 +4290,9 @@ function interface_get_wireless_clone($wlif) { } } -function get_real_interface($interface = "wan", $family = "all", $realv6iface = false, $flush = true) { - global $config, $g; +function get_real_interface($interface = "wan", $family = "all", $realv6iface = false, $flush = true) +{ + global $config; $wanif = NULL; @@ -5058,7 +5060,7 @@ function is_altq_capable($int) ******/ function is_interface_wireless($interface) { - global $config, $g; + global $config; $friendly = convert_real_interface_to_friendly_interface_name($interface); if (!isset($config['interfaces'][$friendly]['wireless'])) { diff --git a/src/etc/inc/rrd.inc b/src/etc/inc/rrd.inc index 2cc23e5ae..dc8b7696c 100644 --- a/src/etc/inc/rrd.inc +++ b/src/etc/inc/rrd.inc @@ -43,7 +43,7 @@ function dump_rrd_to_xml($rrddatabase, $xmldumpfile) function restore_rrd() { - global $g, $config; + global $config; $rrddbpath = '/var/db/rrd/'; $rrdtool = '/usr/local/bin/rrdtool'; @@ -190,7 +190,7 @@ function migrate_rrd_format($rrdoldxml, $rrdnewxml) { } function enable_rrd_graphing() { - global $config, $g, $altq_list_queues; + global $config, $altq_list_queues; if(file_exists("/var/run/booting")) echo gettext("Generating RRD graphs..."); @@ -888,9 +888,8 @@ function enable_rrd_graphing() { } -# Create gateway quality RRD with settings suitable for OPNsense graph set. -function create_gateway_quality_rrd($rrd_file) { - global $g; +function create_gateway_quality_rrd($rrd_file) +{ $rrdinterval = 60; $valid = $rrdinterval * 2; $rrdtool = "/usr/local/bin/rrdtool"; diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index 445f36edb..9f4263af5 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -28,7 +28,7 @@ function activate_powerd() { - global $config, $g; + global $config; if (is_process_running('powerd')) { exec('/usr/bin/killall powerd'); @@ -60,7 +60,7 @@ function get_default_sysctl_value($id) { function activate_sysctls() { - global $config, $g; + global $config; $sysctls = array( "net.enc.out.ipsec_bpf_mask" => "0x0001", @@ -85,7 +85,7 @@ function activate_sysctls() function system_resolvconf_generate($dynupdate = false) { - global $config, $g; + global $config; $syscfg = $config['system']; @@ -170,8 +170,9 @@ function system_resolvconf_generate($dynupdate = false) return 0; } -function get_searchdomains() { - global $config, $g; +function get_searchdomains() +{ + global $config; $master_list = array(); @@ -192,8 +193,9 @@ function get_searchdomains() { return $master_list; } -function get_nameservers() { - global $config, $g; +function get_nameservers() +{ + global $config; $master_list = array(); // Read in dhclient nameservers @@ -225,7 +227,7 @@ function get_nameservers() { function system_hosts_generate() { - global $config, $g; + global $config; $syscfg = $config['system']; $dnsmasqcfg = $config['dnsmasq']; @@ -362,7 +364,7 @@ function system_dhcpleases_configure() function system_hostname_configure() { - global $config, $g; + global $config; $syscfg = $config['system']; @@ -378,7 +380,7 @@ function system_hostname_configure() function system_routing_configure($interface = '') { - global $config, $g; + global $config; $gatewayip = ""; $interfacegw = ""; @@ -459,8 +461,9 @@ function system_routing_configure($interface = '') return 0; } -function system_staticroutes_configure($interface = "", $update_dns = false) { - global $config, $g, $aliastable; +function system_staticroutes_configure($interface = '', $update_dns = false) +{ + global $config, $aliastable; $filterdns_list = array(); @@ -568,7 +571,7 @@ function system_staticroutes_configure($interface = "", $update_dns = false) { function system_routing_enable() { - global $config, $g; + global $config; set_sysctl(array( "net.inet.ip.forwarding" => "1", @@ -911,7 +914,7 @@ function system_generate_lighty_config( $ca_location = 'ca.pem', $captive_portal = false) { - global $config, $g; + global $config; @mkdir('/tmp/lighttpdcompress'); @@ -940,7 +943,7 @@ url.rewrite-if-not-file = ( "^/ui/(.*)$" => "/ui/index.php?_url=/$1" , EOD; $captive_portal_mod_evasive = ""; - $server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"/tmp/\", \"/var/\" )\n"; + $server_upload_dirs = "server.upload-dirs = ( \"/root/\", \"/tmp/\", \"/var/\" )\n"; $server_max_request_size = "server.max-request-size = 2097152"; $cgi_config = "cgi.assign = ( \".cgi\" => \"\" )"; } @@ -1248,7 +1251,7 @@ EOD; function system_timezone_configure() { - global $config, $g; + global $config; $syscfg = $config['system']; @@ -1276,8 +1279,9 @@ function system_timezone_configure() echo gettext("done.") . "\n"; } -function system_ntp_setup_gps($serialport) { - global $config, $g; +function system_ntp_setup_gps($serialport) +{ + global $config; $gps_device = '/dev/gps0'; $serialport = '/dev/'.$serialport; @@ -1345,7 +1349,7 @@ function system_ntp_setup_pps($serialport) function system_ntp_configure($start_ntpd = true) { - global $config, $g; + global $config; $driftfile = '/var/db/ntpd.drift'; $statsdir = '/var/log/ntp'; @@ -1645,7 +1649,7 @@ function system_console_configure() function system_set_harddisk_standby() { - global $g, $config; + global $config; if (isset($config['system']['harddiskstandby'])) { if (file_exists("/var/run/booting")) { diff --git a/src/opnsense/scripts/suricata/getRuleJSON.py b/src/opnsense/scripts/suricata/getRuleJSON.py index 21d4cac12..b6e2e1d1a 100755 --- a/src/opnsense/scripts/suricata/getRuleJSON.py +++ b/src/opnsense/scripts/suricata/getRuleJSON.py @@ -60,5 +60,3 @@ if __name__ == '__main__': result=rc.search(**parameters) result['parameters'] = parameters print (json.dumps(result)) - - diff --git a/src/opnsense/service/conf/actions.d/actions_ids.conf b/src/opnsense/service/conf/actions.d/actions_ids.conf index e993019ed..288be01a0 100644 --- a/src/opnsense/service/conf/actions.d/actions_ids.conf +++ b/src/opnsense/service/conf/actions.d/actions_ids.conf @@ -3,4 +3,3 @@ command:/usr/local/opnsense/scripts/suricata/getRuleJSON.py parameters:/limit %s /offset %s /filter %s /filter_fields %s /sort_by %s type:script_output message:request installed suricata rules - diff --git a/src/opnsense/service/configd_ctl.py b/src/opnsense/service/configd_ctl.py index 25c796b20..d8d78b82e 100755 --- a/src/opnsense/service/configd_ctl.py +++ b/src/opnsense/service/configd_ctl.py @@ -108,4 +108,3 @@ else: if result is None: sys.exit(-1) print('%s'%(result)) -