From ee440b7bfae142ee12aab675c3ff8b4919fcdfa3 Mon Sep 17 00:00:00 2001 From: Frank Brendel Date: Wed, 5 Oct 2016 14:36:17 +0200 Subject: [PATCH] move ftp-proxy instance logic to backend rc(8) script; closes #38 --- net/ftp-proxy/+POST_DEINSTALL | 28 --- net/ftp-proxy/+POST_INSTALL | 28 --- net/ftp-proxy/Makefile | 2 +- .../src/etc/inc/plugins.inc.d/ftpproxy.inc | 36 ++++ net/ftp-proxy/src/etc/rc.d/os-ftp-proxy | 163 ++++++++++++++++++ .../FtpProxy/Api/ServiceController.php | 131 ++++++++++++++ .../FtpProxy/Api/SettingsController.php | 95 ++++------ .../app/models/OPNsense/FtpProxy/FtpProxy.php | 48 ------ .../app/models/OPNsense/FtpProxy/FtpProxy.xml | 144 ++++++++-------- .../app/views/OPNsense/FtpProxy/index.volt | 2 +- .../scripts/OPNsense/FtpProxy/FtpProxy.sh | 120 ------------- .../conf/actions.d/actions_ftpproxy.conf | 21 ++- .../templates/OPNsense/FtpProxy/+TARGETS | 2 +- .../templates/OPNsense/FtpProxy/rc.conf.d | 13 +- 14 files changed, 455 insertions(+), 378 deletions(-) delete mode 100644 net/ftp-proxy/+POST_DEINSTALL delete mode 100644 net/ftp-proxy/+POST_INSTALL create mode 100644 net/ftp-proxy/src/etc/inc/plugins.inc.d/ftpproxy.inc create mode 100755 net/ftp-proxy/src/etc/rc.d/os-ftp-proxy delete mode 100644 net/ftp-proxy/src/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh diff --git a/net/ftp-proxy/+POST_DEINSTALL b/net/ftp-proxy/+POST_DEINSTALL deleted file mode 100644 index 9b8f25f33..000000000 --- a/net/ftp-proxy/+POST_DEINSTALL +++ /dev/null @@ -1,28 +0,0 @@ -DIFF='--- filter.inc.ftpproxy 2016-09-21 16:38:53.947075272 +0200 -+++ filter.inc.orig 2016-09-21 16:47:29.239370565 +0200 -@@ -1450,7 +1450,6 @@ - - $natrules = "no nat proto carp\n"; - $natrules .= "no rdr proto carp\n"; -- $natrules .= "nat-anchor \"ftp-proxy/*\"\n"; - $natrules .= "nat-anchor \"natearly/*\"\n"; - - $natrules .= "nat-anchor \"natrules/*\"\n\n"; -@@ -1703,7 +1702,6 @@ - unset($tonathosts, $tonathosts_array, $numberofnathosts); - } - -- $natrules .= "rdr-anchor \"ftp-proxy/*\"\n"; - $natrules .= "\n# Load balancing\n"; - $natrules .= "rdr-anchor \"relayd/*\"\n"; - -@@ -2482,7 +2480,6 @@ - - $ipfrules = ""; - -- $ipfrules .= "anchor \"ftp-proxy/*\"\n"; - /* relayd */ - $ipfrules .= "anchor \"relayd/*\"\n"; - /* OpenVPN user rules from radius */' - -echo "$DIFF" | patch -b -p1 /usr/local/etc/inc/filter.inc diff --git a/net/ftp-proxy/+POST_INSTALL b/net/ftp-proxy/+POST_INSTALL deleted file mode 100644 index 074888adf..000000000 --- a/net/ftp-proxy/+POST_INSTALL +++ /dev/null @@ -1,28 +0,0 @@ -DIFF='--- filter.inc.orig 2016-09-21 16:39:02.853045967 +0200 -+++ filter.inc.ftpproxy 2016-09-21 16:38:53.947075272 +0200 -@@ -1450,6 +1450,7 @@ - - $natrules = "no nat proto carp\n"; - $natrules .= "no rdr proto carp\n"; -+ $natrules .= "nat-anchor \"ftp-proxy/*\"\n"; - $natrules .= "nat-anchor \"natearly/*\"\n"; - - $natrules .= "nat-anchor \"natrules/*\"\n\n"; -@@ -1702,6 +1703,7 @@ - unset($tonathosts, $tonathosts_array, $numberofnathosts); - } - -+ $natrules .= "rdr-anchor \"ftp-proxy/*\"\n"; - $natrules .= "\n# Load balancing\n"; - $natrules .= "rdr-anchor \"relayd/*\"\n"; - -@@ -2480,6 +2482,7 @@ - - $ipfrules = ""; - -+ $ipfrules .= "anchor \"ftp-proxy/*\"\n"; - /* relayd */ - $ipfrules .= "anchor \"relayd/*\"\n"; - /* OpenVPN user rules from radius */' - -echo "$DIFF" | patch -b -p1 /usr/local/etc/inc/filter.inc diff --git a/net/ftp-proxy/Makefile b/net/ftp-proxy/Makefile index 289c1f62c..a834535e3 100644 --- a/net/ftp-proxy/Makefile +++ b/net/ftp-proxy/Makefile @@ -1,5 +1,5 @@ PLUGIN_NAME= ftp-proxy -PLUGIN_VERSION= 0.1 +PLUGIN_VERSION= 0.2 PLUGIN_COMMENT= Control ftp-proxy processes PLUGIN_MAINTAINER= frank.brendel@eurolog.com PLUGIN_PRIVATE= yes diff --git a/net/ftp-proxy/src/etc/inc/plugins.inc.d/ftpproxy.inc b/net/ftp-proxy/src/etc/inc/plugins.inc.d/ftpproxy.inc new file mode 100644 index 000000000..924b81bed --- /dev/null +++ b/net/ftp-proxy/src/etc/inc/plugins.inc.d/ftpproxy.inc @@ -0,0 +1,36 @@ +registerAnchor("ftp-proxy/*", "nat"); + $fw->registerAnchor("ftp-proxy/*", "rdr"); + $fw->registerAnchor("ftp-proxy/*", "fw"); + } +} diff --git a/net/ftp-proxy/src/etc/rc.d/os-ftp-proxy b/net/ftp-proxy/src/etc/rc.d/os-ftp-proxy new file mode 100755 index 000000000..57bb960ee --- /dev/null +++ b/net/ftp-proxy/src/etc/rc.d/os-ftp-proxy @@ -0,0 +1,163 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: os-ftp-proxy +# REQUIRE: DAEMON pf +# KEYWORD: shutdown + +. /etc/rc.subr + +name="osftpproxy" +rcvar="osftpproxy_enable" +command="/usr/sbin/ftp-proxy" +extra_commands="reload" +reload_cmd="ftpproxy_reload" + +load_rc_config $name + +eval osftpproxy_flags=\$osftpproxy_${2} +pidfile="/var/run/osftpproxy.$2.pid" + +ftpproxy_start () { + ftpproxy_status + if [ $? -eq 0 ]; then # already running + return 0 + fi + run_rc_command "start" + if [ $? -eq 0 ]; then + cmd_string=`basename ${procname:-${command}}` + ps_pid=`ps ax -o pid= -o command= | grep $cmd_string | grep -e "$osftpproxy_flags" | grep -v grep | awk '{ print $1 }'` + if [ -z "$ps_pid" ]; then + err 1 "Cannot get pid for $cmd_string $osftpproxy_flags" + fi + echo $ps_pid > $pidfile + return $? + fi + return 1 +} + +ftpproxy_stop () { + ftpproxy_status + if [ $? -eq 1 ]; then # already stopped + return 0 + fi + run_rc_command "stop" + if [ $? -ne 0 ]; then + err 1 "Cannot stop ftp-proxy with pid from $pidfile" + fi + rm -f $pidfile + return $? +} + +ftpproxy_restart () { + ftpproxy_stop + if [ $? -ne 0 ]; then + return $? + fi + ftpproxy_start + return $? +} + +ftpproxy_status () { + if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then + err 1 "Instance name unknown" + fi + run_rc_command "status" + return $? +} + +ftpproxy_reload () { + osftpproxy_flags="" + pidfile="" + # get running instances + ps ax -o pid= -o command= | grep "ftp-proxy -b" | grep -v grep | while read line; do + # get instance name + instance=`echo $line | awk '{printf "%s_%s", $4, $6 }' | sed 's/\./_/g'` + # get instance flags + instance_flags="${line#*ftp-proxy}" + # check if it should run + eval osftpproxy_flags=\$osftpproxy_${instance} + if [ -n "$osftpproxy_flags" -a "$osftpproxy_flags" = "$instance_flags" ]; then + debug "running instance $instance match config" + continue + fi + debug "running instance $instance not configured" + osftpproxy_flags=$instance_flags + pidfile="/var/run/osftpproxy.$instance.pid" + ftpproxy_stop + done + # start configured instances + if [ -n "$osftpproxy_instances" ]; then + for i in $osftpproxy_instances; do + eval osftpproxy_flags=\$osftpproxy_${i} + pidfile="/var/run/osftpproxy.$i.pid" + ftpproxy_start + done + fi + return 0 +} + +case $1 in + start) + if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then + if [ -n "$osftpproxy_instances" ]; then + for i in $osftpproxy_instances; do + eval osftpproxy_flags=\$osftpproxy_${i} + pidfile="/var/run/osftpproxy.$i.pid" + ftpproxy_start + done + fi + else + ftpproxy_start + fi + exit $? + ;; + stop) + if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then + if [ -n "$osftpproxy_instances" ]; then + for i in $osftpproxy_instances; do + eval osftpproxy_flags=\$osftpproxy_${i} + pidfile="/var/run/osftpproxy.$i.pid" + ftpproxy_stop + done + fi + else + ftpproxy_stop + fi + exit $? + ;; + restart) + if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then + if [ -n "$osftpproxy_instances" ]; then + for i in $osftpproxy_instances; do + eval osftpproxy_flags=\$osftpproxy_${i} + pidfile="/var/run/osftpproxy.$i.pid" + ftpproxy_restart + done + fi + else + ftpproxy_restart + fi + exit $? + ;; + status) + if [ -z "$osftpproxy_flags" -o -z "$pidfile" ]; then + if [ -n "$osftpproxy_instances" ]; then + for i in $osftpproxy_instances; do + eval osftpproxy_flags=\$osftpproxy_${i} + pidfile="/var/run/osftpproxy.$i.pid" + ftpproxy_status + done + fi + else + ftpproxy_status + fi + exit $? + ;; + reload) + ftpproxy_reload; + exit $? + ;; +esac diff --git a/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/ServiceController.php b/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/ServiceController.php index cb125671b..526e86be0 100644 --- a/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/ServiceController.php +++ b/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/ServiceController.php @@ -31,12 +31,143 @@ namespace OPNsense\FtpProxy\Api; use \OPNsense\Base\ApiControllerBase; +use \OPNsense\Core\Backend; use \OPNsense\FtpProxy\FtpProxy; + /** * Class ServiceController * @package OPNsense\FtpProxy */ class ServiceController extends ApiControllerBase { + public function statusAction($uuid) + { + $result = array("result" => "failed", "function" => "status"); + if ($this->request->isPost()) { + $this->sessionClose(); + } + if ($uuid != null) { + $mdlFtpProxy = new FtpProxy(); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); + if ($node != null) { + $result['result'] = $this->callBackend('status', $node); + } + } + return $result; + } + + /** + * start a ftp-proxy process + * @param $uuid item unique id + * @return array + */ + public function startAction($uuid) + { + $result = array("result" => "failed", "function" => "start"); + if ($this->request->isPost()) { + $this->sessionClose(); + } + if ($uuid != null) { + $mdlFtpProxy = new FtpProxy(); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); + if ($node != null) { + $result['result'] = $this->callBackend('start', $node); + } + } + return $result; + } + + /** + * stop a ftp-proxy process + * @param $uuid item unique id + * @return array + */ + public function stopAction($uuid) + { + $result = array("result" => "failed", "function" => "stop"); + if ($this->request->isPost()) { + $this->sessionClose(); + } + if ($uuid != null) { + $mdlFtpProxy = new FtpProxy(); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); + if ($node != null) { + $result['result'] = $this->callBackend('stop', $node); + } + } + return $result; + } + + /** + * restart a ftp-proxy process + * @param $uuid item unique id + * @return array + */ + public function restartAction($uuid) + { + if ($this->request->isPost()) { + $this->sessionClose(); + } + if ($uuid != null) { + $mdlFtpProxy = new FtpProxy(); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); + if ($node != null) { + $result['result'] = $this->callBackend('restart', $node); + } + } + return $result; + } + + /** + * recreate configuration file from template + * @return array + */ + public function configAction() + { + $result = array("result" => "failed", "function" => "config"); + if ($this->request->isPost()) { + $this->sessionClose(); + } + $result['result'] = $this->callBackend('template'); + return $result; + } + + /** + * reload configuration + * @return array + */ + public function reloadAction() + { + if ($this->request->isPost()) { + $this->sessionClose(); + } + $result = $this->configAction(); + if ($result['result'] == 'OK') { + $result['function'] = "reload"; + $result['result'] = $this->callBackend('reload'); + } + return $result; + } + + /** + * call backend + * @param action, node + * @return string + */ + protected function callBackend($action, &$node = null) + { + $backend = new Backend(); + if ($node != null) { + $instance = preg_replace("/\./", "_", $node->listenaddress->__toString()) . "_" . $node->listenport->__toString(); + return trim($backend->configdpRun('ftpproxy ' . $action, array($instance))); + } + if ($action == 'template') { + return trim($backend->configdRun("template reload OPNsense.FtpProxy")); + } + if ($action == 'reload') { + return trim($backend->configdRun("ftpproxy reload")); + } + return "Wrong action defined"; + } } diff --git a/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/SettingsController.php b/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/SettingsController.php index fdd14e0b7..01ac35827 100644 --- a/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/SettingsController.php +++ b/net/ftp-proxy/src/opnsense/mvc/app/controllers/OPNsense/FtpProxy/Api/SettingsController.php @@ -32,7 +32,6 @@ namespace OPNsense\FtpProxy\Api; use \OPNsense\Base\ApiControllerBase; use \OPNsense\Core\Config; -use \OPNsense\Core\Backend; use \OPNsense\FtpProxy\FtpProxy; use \OPNsense\Base\UIModelGrid; @@ -51,14 +50,14 @@ class SettingsController extends ApiControllerBase { $mdlFtpProxy = new FtpProxy(); if ($uuid != null) { - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); if ($node != null) { // return node return array("ftpproxy" => $node->getNodes()); } } else { // generate new node, but don't save to disc - $node = $mdlFtpProxy->ftpproxies->ftpproxy->Add(); + $node = $mdlFtpProxy->ftpproxy->Add(); return array("ftpproxy" => $node->getNodes()); } return array(); @@ -71,16 +70,15 @@ class SettingsController extends ApiControllerBase */ public function setProxyAction($uuid) { + $result = array("result" => "failed"); if ($this->request->isPost() && $this->request->hasPost("ftpproxy")) { $mdlFtpProxy = new FtpProxy(); // keep a list to detect duplicates later $CurrentProxies = $mdlFtpProxy->getNodes(); if ($uuid != null) { - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); if ($node != null) { $Enabled = $node->enabled->__toString(); - // get current ftp-proxy flags for stopping it later - $OldFlags = $mdlFtpProxy->configToFlags($node); $result = array("result" => "failed", "validations" => array()); $proxyInfo = $this->request->getPost("ftpproxy"); @@ -93,7 +91,7 @@ class SettingsController extends ApiControllerBase if (count($result['validations']) == 0) { // check for duplicates - foreach ($CurrentProxies['ftpproxies']['ftpproxy'] as $CurrentUUID => &$CurrentProxy) { + foreach ($CurrentProxies['ftpproxy'] as $CurrentUUID => &$CurrentProxy) { if ($node->listenaddress->__toString() == $CurrentProxy['listenaddress'] && $node->listenport->__toString() == $CurrentProxy['listenport'] && $uuid != $CurrentUUID) { @@ -106,32 +104,18 @@ class SettingsController extends ApiControllerBase ); } } - // retrieve ftp-proxy flags and set defaults - $NewFlags = $mdlFtpProxy->configToFlags($node); + // save config if validated correctly $mdlFtpProxy->serializeToConfig(); Config::getInstance()->save(); - - $backend = new Backend(); - // apply new settings to the ftp-proxy process - // stop ftp-proxy with old flags - if ($Enabled == 1) { - $backend->configdpRun('ftpproxy stop ', array($OldFlags)); - } - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid); - // start ftp-proxy with new flags - if ($node != null && $node->enabled->__toString() == 1) { - $backend->configdpRun('ftpproxy start ', array($NewFlags)); - } - // make the changes boot resistant in /etc/rc.conf.d/ftpproxy - $backend->configdRun("template reload OPNsense.FtpProxy"); - $result = array("result" => "saved"); + // reload config + $svcFtpProxy = new ServiceController(); + $result= $svcFtpProxy->reloadAction(); } - return $result; } } } - return array("result" => "failed"); + return $result; } /** @@ -146,7 +130,7 @@ class SettingsController extends ApiControllerBase $mdlFtpProxy = new FtpProxy(); // keep a list to detect duplicates later $CurrentProxies = $mdlFtpProxy->getNodes(); - $node = $mdlFtpProxy->ftpproxies->ftpproxy->Add(); + $node = $mdlFtpProxy->ftpproxy->Add(); $node->setNodes($this->request->getPost("ftpproxy")); $valMsgs = $mdlFtpProxy->performValidation(); @@ -157,7 +141,7 @@ class SettingsController extends ApiControllerBase } if (count($result['validations']) == 0) { - foreach ($CurrentProxies['ftpproxies']['ftpproxy'] as &$CurrentProxy) { + foreach ($CurrentProxies['ftpproxy'] as &$CurrentProxy) { if ($node->listenaddress->__toString() == $CurrentProxy['listenaddress'] && $node->listenport->__toString() == $CurrentProxy['listenport']) { return array( @@ -169,20 +153,14 @@ class SettingsController extends ApiControllerBase ); } } - // retrieve ftp-proxy flags and set defaults - $Flags = $mdlFtpProxy->configToFlags($node); + // save config if validated correctly $mdlFtpProxy->serializeToConfig(); Config::getInstance()->save(); - if ($node->enabled->__toString() == 1) { - $backend = new Backend(); - $backend->configdpRun('ftpproxy start ', array($Flags)); - // add it to /etc/rc.conf.d/ftpproxy - $backend->configdRun("template reload OPNsense.FtpProxy"); - } - $result = array("result" => "saved"); + // reload config + $svcFtpProxy = new ServiceController(); + $result= $svcFtpProxy->reloadAction(); } - return $result; } return $result; } @@ -199,20 +177,15 @@ class SettingsController extends ApiControllerBase if ($this->request->isPost()) { $mdlFtpProxy = new FtpProxy(); if ($uuid != null) { - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); if ($node != null) { - $backend = new Backend(); - // stop if the ftp-proxy is running - if ($node->enabled->__toString() == 1) { - $backend->configdpRun('ftpproxy stop ', array($mdlFtpProxy->configToFlags($node))); - } - if ($mdlFtpProxy->ftpproxies->ftpproxy->del($uuid) == true) { + if ($mdlFtpProxy->ftpproxy->del($uuid) == true) { // if item is removed, serialize to config and save $mdlFtpProxy->serializeToConfig(); Config::getInstance()->save(); - $result['result'] = 'deleted'; - // remove it from /etc/rc.conf.d/ftpproxy - $backend->configdRun("template reload OPNsense.FtpProxy"); + // reload config + $svcFtpProxy = new ServiceController(); + $result= $svcFtpProxy->reloadAction(); } } else { $result['result'] = 'not found'; @@ -231,27 +204,22 @@ class SettingsController extends ApiControllerBase { $result = array("result" => "failed"); - if ($this->request->isPost()) { $mdlFtpProxy = new FtpProxy(); if ($uuid != null) { - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $uuid); + $node = $mdlFtpProxy->getNodeByReference('ftpproxy.' . $uuid); if ($node != null) { - $backend = new Backend(); if ($node->enabled->__toString() == "1") { - $result['result'] = "Disabled"; $node->enabled = "0"; - $response = $backend->configdpRun('ftpproxy stop ', array($mdlFtpProxy->configToFlags($node))); } else { - $result['result'] = "Enabled"; $node->enabled = "1"; - $response = $backend->configdpRun('ftpproxy start ', array($mdlFtpProxy->configToFlags($node))); } - // if item has toggled, serialize to config and save $mdlFtpProxy->serializeToConfig(); Config::getInstance()->save(); - $backend->configdRun("template reload OPNsense.FtpProxy"); + // reload config + $svcFtpProxy = new ServiceController(); + $result= $svcFtpProxy->reloadAction(); } } } @@ -281,23 +249,22 @@ class SettingsController extends ApiControllerBase "description" ); $mdlFtpProxy = new FtpProxy(); - - $grid = new UIModelGrid($mdlFtpProxy->ftpproxies->ftpproxy); + + $grid = new UIModelGrid($mdlFtpProxy->ftpproxy); $response = $grid->fetchBindRequest( $this->request, $fields, "listenport" ); - - $backend = new Backend(); + $svcFtpProxy = new ServiceController(); foreach($response['rows'] as &$row) { - $node = $mdlFtpProxy->getNodeByReference('ftpproxies.ftpproxy.' . $row['uuid']); - $status = trim($backend->configdpRun('ftpproxy status ', array($mdlFtpProxy->configToFlags($node)))); - if ($status == 'OK') { + $result = $svcFtpProxy->statusAction($row['uuid']); + if ($result['result'] == 'OK') { $row['status'] = 0; continue; } $row['status'] = 2; + } return $response; diff --git a/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.php b/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.php index 3820ed0b9..2630e3773 100644 --- a/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.php +++ b/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.php @@ -38,52 +38,4 @@ use OPNsense\Base\BaseModel; */ class FtpProxy extends BaseModel { - /** - * map config to ftp-proxy flags - * and set default values - * @param $node configuration - * @return string - */ - public function configToFlags($node) - { - $flags = ' -b ' . $node->listenaddress->__toString(); - $flags .= ' -p ' . $node->listenport->__toString(); - if ($node->sourceaddress->__toString() != "") { - $flags .= ' -a ' . $node->sourceaddress->__toString(); - } - if ($node->rewritesourceport->__toString() == 1) { - $flags .= ' -r '; - } - if ($node->idletimeout->__toString() == "") { - $node->__set('idletimeout', 86400); - } - if ($node->idletimeout->__toString() != 86400) { - $flags .= ' -t ' . $node->idletimeout->__toString(); - } - if ($node->maxsessions->__toString() == "") { - $node->__set('maxsessions', 100); - } - if ($node->maxsessions->__toString() != 100) { - $flags .= ' -m ' . $node->maxsessions->__toString(); - } - if ($node->reverseaddress->__toString() != "") { - $flags .= ' -R ' . $node->reverseaddress->__toString(); - } - if ($node->reverseport->__toString() == "") { - $node->__set('reverseport', 21); - } - if ($node->reverseport->__toString() != 21) { - $flags .= ' -P ' . $node->reverseport->__toString(); - } - if ($node->logconnections->__toString() == 1) { - $flags .= ' -v '; - } - if ($node->debuglevel->__toString() == "") { - $node->__set('debuglevel', 5); - } - if ($node->debuglevel->__toString() != 5) { - $flags .= ' -D ' . $node->debuglevel->__toString(); - } - return $flags; - } } diff --git a/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.xml b/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.xml index 984e61bb2..80974456f 100644 --- a/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.xml +++ b/net/ftp-proxy/src/opnsense/mvc/app/models/OPNsense/FtpProxy/FtpProxy.xml @@ -1,78 +1,76 @@ - //OPNsense/ftpproxy + //OPNsense/ftpproxies Ftp Proxy settings - - - - 1 - Y - - - Y - 127.0.0.1 - /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ - Listen address must be a valid IPv4 address - - - 8021 - Y - 1 - 65535 - Listen port needs to be an integer value between 1 and 65535 - - - N - /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ - Source address must be a valid IPv4 address - - - 0 - N - - - 86400 - N - 1 - 86400 - Idle timeout needs to be an integer value between 1 and 86400 - - - 100 - N - 1 - 500 - Maximum number of concurrent FTP sessions needs to be an integer value between 1 and 500 - - - N - /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ - Reverse address must be a valid IPv4 address - - - 21 - N - 1 - 65535 - Reverse port needs to be an integer value between 1 and 65535 - - - 0 - N - - - 5 - N - 0 - 7 - Debug level needs to be an integer value between 0 and 7 - - - N - /^([\t\n\v\f\r 0-9a-zA-Z.,_\x{00A0}-\x{FFFF}]){1,255}$/u - Enter a description. - - - + + + 1 + Y + + + Y + 127.0.0.1 + /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ + Listen address must be a valid IPv4 address + + + 8021 + Y + 1 + 65535 + Listen port needs to be an integer value between 1 and 65535 + + + N + /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ + Source address must be a valid IPv4 address + + + 0 + N + + + 86400 + N + 1 + 86400 + Idle timeout needs to be an integer value between 1 and 86400 + + + 100 + N + 1 + 500 + Maximum number of concurrent FTP sessions needs to be an integer value between 1 and 500 + + + N + /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-4]|2[0-5][0-9]|[01]?[0-9][0-9]?)$/ + Reverse address must be a valid IPv4 address + + + 21 + N + 1 + 65535 + Reverse port needs to be an integer value between 1 and 65535 + + + 0 + N + + + 5 + N + 0 + 7 + Debug level needs to be an integer value between 0 and 7 + + + N + /^([\t\n\v\f\r 0-9a-zA-Z.,_\x{00A0}-\x{FFFF}]){1,255}$/u + Enter a description. + + diff --git a/net/ftp-proxy/src/opnsense/mvc/app/views/OPNsense/FtpProxy/index.volt b/net/ftp-proxy/src/opnsense/mvc/app/views/OPNsense/FtpProxy/index.volt index e8f9c7fda..00dfd0508 100644 --- a/net/ftp-proxy/src/opnsense/mvc/app/views/OPNsense/FtpProxy/index.volt +++ b/net/ftp-proxy/src/opnsense/mvc/app/views/OPNsense/FtpProxy/index.volt @@ -103,7 +103,7 @@ POSSIBILITY OF SUCH DAMAGE. - + diff --git a/net/ftp-proxy/src/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh b/net/ftp-proxy/src/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh deleted file mode 100644 index 0cc261cde..000000000 --- a/net/ftp-proxy/src/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh +++ /dev/null @@ -1,120 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2016 EURO-LOG AG -# -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are met: -# -# 1. Redistributions of source code must retain the above copyright notice, -# this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, -# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. -# - -ACTION=$1 -shift -FLAGS=$@ - -# determine listenaddress and listenport to identify ftp-proxy process -for FLAG in $FLAGS; do - if [ "$FLAG" == "-b" ]; then - NEXT_FLAG="LISTENADDRESS" - continue - fi - if [ "$FLAG" == "-p" ]; then - NEXT_FLAG="LISTENPORT" - continue - fi - if [ "X$NEXT_FLAG" != "X" ]; then - if [ "$NEXT_FLAG" == "LISTENADDRESS" -a "X$FLAG" != "X" ]; then - LISTENADDRESS=$FLAG - NEXT_FLAG="" - fi - if [ "$NEXT_FLAG" == "LISTENPORT" -a "X$FLAG" != "X" ]; then - LISTENPORT=$FLAG - NEXT_FLAG="" - fi - fi - if [ "X$LISTENADDRESS" != "X" -a "X$LISTENPORT" != "X" ]; then - break - fi -done - -if [ "X$LISTENADDRESS" == "X" -o "X$LISTENPORT" == "X" ]; then - ( >&2 echo "Either listenaddress or listenport not given. Check -b and -p flags." ) - exit 999 -fi - -ftpproxy_start () { - ftpproxy_status - if [ $? -gt 0 ]; then # already running - return 0 - fi - - /usr/sbin/ftp-proxy $FLAGS - return $? -} - -ftpproxy_stop () { - ftpproxy_status - PID=$? - if [ $PID -eq 0 ]; then # already stopped - return 0 - fi - kill $PID - return $? -} - -ftpproxy_restart () { - ftpproxy_stop - if [ $? -ne 0 ]; then - return $? - fi - ftpproxy_start - return $? -} - -ftpproxy_status () { - PID=`ps ax -o pid= -o command= | grep "/usr/sbin/ftp-proxy -b $LISTENADDRESS -p $LISTENPORT" | grep -v grep | awk '{ print $1 }'` - if [ "X$PID" != "X" ]; then - return $PID - fi - return 0 -} - -case $ACTION in - start) - ftpproxy_start - exit $? - ;; - stop) - ftpproxy_stop - exit $? - ;; - restart) - ftpproxy_restart - exit $? - ;; - status) - ftpproxy_status - if [ $? -gt 0 ]; then - exit 0 - fi - exit 1 - ;; -esac diff --git a/net/ftp-proxy/src/opnsense/service/conf/actions.d/actions_ftpproxy.conf b/net/ftp-proxy/src/opnsense/service/conf/actions.d/actions_ftpproxy.conf index 9514ef01e..0924a54fc 100644 --- a/net/ftp-proxy/src/opnsense/service/conf/actions.d/actions_ftpproxy.conf +++ b/net/ftp-proxy/src/opnsense/service/conf/actions.d/actions_ftpproxy.conf @@ -1,23 +1,28 @@ [start] -command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh start +command:/usr/local/etc/rc.d/os-ftp-proxy start parameters:%s type:script -message:starting ftpproxy +message:starting ftpproxy instance [stop] -command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh stop +command:/usr/local/etc/rc.d/os-ftp-proxy stop parameters:%s type:script -message:stopping ftpproxy +message:stopping ftpproxy instance [status] -command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh status +command:/usr/local/etc/rc.d/os-ftp-proxy status parameters:%s type:script -message:get ftpproxy status +message:get ftpproxy instance status [restart] -command:/usr/local/opnsense/scripts/OPNsense/FtpProxy/FtpProxy.sh restart +command:/usr/local/etc/rc.d/os-ftp-proxy restart parameters:%s type:script -message:restarting ftpproxy +message:restarting ftpproxy instance + +[reload] +command:/usr/local/etc/rc.d/os-ftp-proxy reload +type:script +message:reload ftpproxy diff --git a/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/+TARGETS b/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/+TARGETS index e38d1d0cb..edd452b90 100644 --- a/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/+TARGETS +++ b/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/+TARGETS @@ -1 +1 @@ -rc.conf.d:/etc/rc.conf.d/ftpproxy +rc.conf.d:/etc/rc.conf.d/osftpproxy diff --git a/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/rc.conf.d b/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/rc.conf.d index 3f5e65ad3..782021392 100644 --- a/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/rc.conf.d +++ b/net/ftp-proxy/src/opnsense/service/templates/OPNsense/FtpProxy/rc.conf.d @@ -1,8 +1,8 @@ # DO NOT EDIT THIS FILE -- OPNsense auto-generated file -{% if helpers.exists('OPNsense.ftpproxy.ftpproxies.ftpproxy') %} -ftpproxy_enable="YES" +{% if helpers.exists('OPNsense.ftpproxies.ftpproxy') %} +osftpproxy_enable="YES" {% set Instances=[] %} -{% for ftpproxy in helpers.toList('OPNsense.ftpproxy.ftpproxies.ftpproxy') %} +{% for ftpproxy in helpers.toList('OPNsense.ftpproxies.ftpproxy') %} {% if ftpproxy.enabled|default('0') == '1' %} {% set Parameters=[] %} {% do Parameters.append("-b " ~ ftpproxy.listenaddress) %} @@ -31,9 +31,10 @@ ftpproxy_enable="YES" {% if ftpproxy.debuglevel|default('5') != '5' %} {% do Parameters.append("-D " ~ ftpproxy.debuglevel) %} {% endif %} -ftpproxy_id{{loop.index}}="{% for Parameter in Parameters %} {{Parameter}}{% endfor %}" -{% do Instances.append(loop.index) %} +{% set Instance=ftpproxy.listenaddress|replace(".", "_") ~ "_" ~ ftpproxy.listenport %} +osftpproxy_{{Instance}}="{% for Parameter in Parameters %} {{Parameter}}{% endfor %}" +{% do Instances.append(Instance) %} {% endif %} {% endfor %} -ftpproxy_instances="{% for Instance in Instances %} {{"id" ~ Instance}}{% endfor %}" +osftpproxy_instances="{% for Instance in Instances %} {{Instance}}{% endfor %}" {% endif %}