1
|
<?php
|
2
|
/* $Id$ */
|
3
|
/* Run various commands and collect their output into HTML tables.
|
4
|
* Jim McBeath <jimmc@macrovision.com> Nov 2003
|
5
|
*
|
6
|
* (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)
|
7
|
* (modified for pfSense by Scott Ullrich geekgod@pfsense.com)
|
8
|
*/
|
9
|
/*
|
10
|
Redistribution and use in source and binary forms, with or without
|
11
|
modification, are permitted provided that the following conditions are met:
|
12
|
|
13
|
1. Redistributions of source code must retain the above copyright notice,
|
14
|
this list of conditions and the following disclaimer.
|
15
|
|
16
|
2. Redistributions in binary form must reproduce the above copyright
|
17
|
notice, this list of conditions and the following disclaimer in the
|
18
|
documentation and/or other materials provided with the distribution.
|
19
|
|
20
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
21
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
22
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
23
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
24
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
25
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
26
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
27
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
28
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
29
|
POSSIBILITY OF SUCH DAMAGE.
|
30
|
*/
|
31
|
/*
|
32
|
pfSense_BUILDER_BINARIES: /usr/bin/vmstat /usr/bin/netstat /sbin/dmesg /sbin/mount /sbin/setkey /usr/local/sbin/pftop
|
33
|
pfSense_BUILDER_BINARIES: /sbin/pfctl /sbin/sysctl /usr/bin/top /usr/bin/netstat /sbin/pfctl /sbin/ifconfig
|
34
|
pfSense_MODULE: support
|
35
|
*/
|
36
|
|
37
|
##|+PRIV
|
38
|
##|*IDENT=page-hidden-detailedstatus
|
39
|
##|*NAME=Hidden: Detailed Status page
|
40
|
##|*DESCR=Allow access to the 'Hidden: Detailed Status' page.
|
41
|
##|*MATCH=status.php*
|
42
|
##|-PRIV
|
43
|
|
44
|
/* Execute a command, with a title, and generate an HTML table
|
45
|
* showing the results.
|
46
|
*/
|
47
|
|
48
|
/* include all configuration functions */
|
49
|
require_once("guiconfig.inc");
|
50
|
require_once("functions.inc");
|
51
|
|
52
|
function doCmdT($title, $command) {
|
53
|
$rubbish = array('|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
|
54
|
echo "\n<a name=\"" . str_replace($rubbish,'',$title) . "\" id=\"" . str_replace($rubbish,'',$title) . "\"></a>\n";
|
55
|
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" summary=\"" . $title . "\">\n";
|
56
|
echo "\t<tr><td class=\"listtopic\">" . $title . "</td></tr>\n";
|
57
|
echo "\t<tr>\n\t\t<td class=\"listlr\">\n\t\t\t<pre>"; /* no newline after pre */
|
58
|
|
59
|
if ($command == "dumpconfigxml") {
|
60
|
$fd = @fopen("/conf/config.xml", "r");
|
61
|
if ($fd) {
|
62
|
while (!feof($fd)) {
|
63
|
$line = fgets($fd);
|
64
|
/* remove sensitive contents */
|
65
|
$line = preg_replace("/<password>.*?<\\/password>/", "<password>xxxxx</password>", $line);
|
66
|
$line = preg_replace("/<pre-shared-key>.*?<\\/pre-shared-key>/", "<pre-shared-key>xxxxx</pre-shared-key>", $line);
|
67
|
$line = preg_replace("/<rocommunity>.*?<\\/rocommunity>/", "<rocommunity>xxxxx</rocommunity>", $line);
|
68
|
$line = preg_replace("/<prv>.*?<\\/prv>/", "<prv>xxxxx</prv>", $line);
|
69
|
$line = preg_replace("/<ipsecpsk>.*?<\\/ipsecpsk>/", "<ipsecpsk>xxxxx</ipsecpsk>", $line);
|
70
|
$line = preg_replace("/<md5-hash>.*?<\\/md5-hash>/", "<md5-hash>xxxxx</md5-hash>", $line);
|
71
|
$line = preg_replace("/<md5password>.*?<\\/md5password>/", "<md5password>xxxxx</md5password>", $line);
|
72
|
$line = preg_replace("/<nt-hash>.*?<\\/nt-hash>/", "<nt-hash>xxxxx</nt-hash>", $line);
|
73
|
$line = preg_replace("/<radius_secret>.*?<\\/radius_secret>/", "<radius_secret>xxxxx</radius_secret>", $line);
|
74
|
$line = preg_replace("/<ldap_bindpw>.*?<\\/ldap_bindpw>/", "<ldap_bindpw>xxxxx</ldap_bindpw>", $line);
|
75
|
$line = preg_replace("/<passwordagain>.*?<\\/passwordagain>/", "<passwordagain>xxxxx</passwordagain>", $line);
|
76
|
$line = preg_replace("/<crypto_password>.*?<\\/crypto_password>/", "<crypto_password>xxxxx</crypto_password>", $line);
|
77
|
$line = preg_replace("/<crypto_password2>.*?<\\/crypto_password2>/", "<crypto_password2>xxxxx</crypto_password2>", $line);
|
78
|
$line = str_replace("\t", " ", $line);
|
79
|
echo htmlspecialchars($line,ENT_NOQUOTES);
|
80
|
}
|
81
|
}
|
82
|
fclose($fd);
|
83
|
} else {
|
84
|
$execOutput = "";
|
85
|
$execStatus = "";
|
86
|
exec ($command . " 2>&1", $execOutput, $execStatus);
|
87
|
for ($i = 0; isset($execOutput[$i]); $i++) {
|
88
|
if ($i > 0) {
|
89
|
echo "\n";
|
90
|
}
|
91
|
echo htmlspecialchars($execOutput[$i],ENT_NOQUOTES);
|
92
|
}
|
93
|
}
|
94
|
echo "\n\t\t\t</pre>\n\t\t</td>\n\t</tr>\n";
|
95
|
echo "</table>\n";
|
96
|
}
|
97
|
|
98
|
/* Execute a command, giving it a title which is the same as the command. */
|
99
|
function doCmd($command) {
|
100
|
doCmdT($command,$command);
|
101
|
}
|
102
|
|
103
|
/* Define a command, with a title, to be executed later. */
|
104
|
function defCmdT($title, $command) {
|
105
|
global $commands;
|
106
|
$title = htmlspecialchars($title,ENT_NOQUOTES);
|
107
|
$commands[] = array($title, $command);
|
108
|
}
|
109
|
|
110
|
/* Define a command, with a title which is the same as the command,
|
111
|
* to be executed later.
|
112
|
*/
|
113
|
function defCmd($command) {
|
114
|
defCmdT($command,$command);
|
115
|
}
|
116
|
|
117
|
/* List all of the commands as an index. */
|
118
|
function listCmds() {
|
119
|
global $commands;
|
120
|
$rubbish = array('|', '-', '/', '.', ' '); /* fixes the <a> tag to be W3C compliant */
|
121
|
echo "\n<p>" . gettext("This status page includes the following information") . ":\n";
|
122
|
echo "<ul>\n";
|
123
|
for ($i = 0; isset($commands[$i]); $i++ ) {
|
124
|
echo "\t<li><strong><a href=\"#" . str_replace($rubbish,'',$commands[$i][0]) . "\">" . $commands[$i][0] . "</a></strong></li>\n";
|
125
|
}
|
126
|
echo "</ul>\n";
|
127
|
}
|
128
|
|
129
|
/* Execute all of the commands which were defined by a call to defCmd. */
|
130
|
function execCmds() {
|
131
|
global $commands;
|
132
|
for ($i = 0; isset($commands[$i]); $i++ ) {
|
133
|
doCmdT($commands[$i][0], $commands[$i][1]);
|
134
|
}
|
135
|
}
|
136
|
|
137
|
global $g, $config;
|
138
|
|
139
|
/* Set up all of the commands we want to execute. */
|
140
|
defCmdT("System uptime","uptime");
|
141
|
defCmdT("Interfaces","/sbin/ifconfig -a");
|
142
|
|
143
|
defCmdT("PF Info","/sbin/pfctl -s info");
|
144
|
|
145
|
defCmdT("Routing tables","netstat -nr");
|
146
|
|
147
|
defCmdT("top | head -n5", "/usr/bin/top | /usr/bin/head -n5");
|
148
|
|
149
|
defCmdT("sysctl hw.physmem","/sbin/sysctl hw.physmem");
|
150
|
|
151
|
if (isset($config['captiveportal']) && is_array($config['captiveportal'])) {
|
152
|
foreach ($config['captiveportal'] as $cpZone => $cpdata) {
|
153
|
if (isset($cpdata['enable']))
|
154
|
defCmdT("ipfw -x {$cpdata['zoneid']} show", "/sbin/ipfw -x {$cpdata['zoneid']} show");
|
155
|
}
|
156
|
}
|
157
|
|
158
|
defCmdT("pfctl -sn", "/sbin/pfctl -sn");
|
159
|
defCmdT("pfctl -sr", "/sbin/pfctl -sr");
|
160
|
defCmdT("pfctl -ss", "/sbin/pfctl -ss");
|
161
|
defCmdT("pfctl -si", "/sbin/pfctl -si");
|
162
|
defCmdT("pfctl -sa", "/sbin/pfctl -sa");
|
163
|
defCmdT("pfctl -s rules -vv","/sbin/pfctl -s rules -vv");
|
164
|
defCmdT("pfctl -s queue -v","/sbin/pfctl -s queue -v");
|
165
|
defCmdT("pfctl -s nat -v","/sbin/pfctl -s nat -v");
|
166
|
|
167
|
defCmdT("PF OSFP","/sbin/pfctl -s osfp");
|
168
|
|
169
|
|
170
|
defCmdT("netstat -s -ppfsync","netstat -s -ppfsync");
|
171
|
|
172
|
defCmdT("pfctl -vsq","/sbin/pfctl -vsq");
|
173
|
|
174
|
defCmdT("pfctl -vs Tables","/sbin/pfctl -vs Tables");
|
175
|
|
176
|
defCmdT("Load Balancer","/sbin/pfctl -a slb -s nat");
|
177
|
|
178
|
defCmdT("pftop -w 150 -a -b","/usr/local/sbin/pftop -a -b");
|
179
|
defCmdT("pftop -w 150 -a -b -v long","/usr/local/sbin/pftop -w 150 -a -b -v long");
|
180
|
defCmdT("pftop -w 150 -a -b -v queue","/usr/local/sbin/pftop -w 150 -a -b -v queue");
|
181
|
defCmdT("pftop -w 150 -a -b -v rules","/usr/local/sbin/pftop -w 150 -a -b -v rules");
|
182
|
defCmdT("pftop -w 150 -a -b -v size","/usr/local/sbin/pftop -w 150 -a -b -v size");
|
183
|
defCmdT("pftop -w 150 -a -b -v speed","/usr/local/sbin/pftop -w 150 -a -b -v speed");
|
184
|
|
185
|
defCmdT("resolv.conf","cat /etc/resolv.conf");
|
186
|
|
187
|
defCmdT("Processes","ps xauww");
|
188
|
defCmdT("dhcpd.conf","cat /var/dhcpd/etc/dhcpd.conf");
|
189
|
|
190
|
defCmdT("df","/bin/df");
|
191
|
|
192
|
defCmdT("ipsec.conf","cat /var/etc/ipsec/ipsec.conf");
|
193
|
defCmdT("SPD","/sbin/setkey -DP");
|
194
|
defCmdT("SAD","/sbin/setkey -D");
|
195
|
|
196
|
if(isset($config['system']['usefifolog'])) {
|
197
|
defCmdT("last 200 system log entries","/usr/sbin/fifolog_reader /var/log/system.log 2>&1 | tail -n 200");
|
198
|
defCmdT("last 50 filter log entries","/usr/sbin/fifolog_reader /var/log/filter.log 2>&1 | tail -n 50");
|
199
|
} else {
|
200
|
defCmdT("last 200 system log entries","/usr/local/sbin/clog /var/log/system.log 2>&1 | tail -n 200");
|
201
|
defCmdT("last 50 filter log entries","/usr/local/sbin/clog /var/log/filter.log 2>&1 | tail -n 50");
|
202
|
}
|
203
|
|
204
|
defCmd("ls /conf");
|
205
|
defCmd("ls /var/run");
|
206
|
|
207
|
defCmd("/sbin/mount");
|
208
|
|
209
|
defCmdT("cat {$g['tmp_path']}/rules.debug","cat {$g['tmp_path']}/rules.debug");
|
210
|
|
211
|
defCmdT("VMStat", "vmstat -afimsz");
|
212
|
|
213
|
defCmdT("config.xml","dumpconfigxml");
|
214
|
|
215
|
defCmdT("DMESG","/sbin/dmesg -a");
|
216
|
|
217
|
defCmdT("netstat -mb","netstat -mb");
|
218
|
defCmdT("vmstat -z","vmstat -z");
|
219
|
|
220
|
exec("/bin/date", $dateOutput, $dateStatus);
|
221
|
$currentDate = $dateOutput[0];
|
222
|
|
223
|
$pgtitle = array("{$g['product_name']}","status");
|
224
|
include("head.inc");
|
225
|
|
226
|
?>
|
227
|
<style type="text/css">
|
228
|
/*<![CDATA[*/
|
229
|
pre {
|
230
|
margin: 0px;
|
231
|
font-family: courier new, courier;
|
232
|
font-weight: normal;
|
233
|
font-size: 9pt;
|
234
|
}
|
235
|
/*]]>*/
|
236
|
</style>
|
237
|
|
238
|
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
|
239
|
<?php include("fbegin.inc"); ?>
|
240
|
<strong><?=$currentDate;?></strong>
|
241
|
<p><span class="red"><strong><?=gettext("Note: make sure to remove any sensitive information " .
|
242
|
"(passwords, maybe also IP addresses) before posting " .
|
243
|
"information from this page in public places (like mailing lists)"); ?>!</strong></span><br />
|
244
|
<?=gettext("Passwords in config.xml have been automatically removed"); ?>.
|
245
|
|
246
|
<div id="cmdspace" style="width:700px">
|
247
|
<?php listCmds(); ?>
|
248
|
|
249
|
<?php execCmds(); ?>
|
250
|
</div>
|
251
|
|
252
|
<?php include("fend.inc"); ?>
|
253
|
</body>
|
254
|
</html>
|