Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Safe webGUI

    Scheduled Pinned Locked Moved webGUI
    5 Posts 2 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dvserg
      last edited by

      pfSense 2.0
      While booting pfSense, have error webgui starting, if any file '/usr/local/pkg/*.inc' contains php syntax error or function name
      duplication.

      This is /etc/inc/filter.inc

      
      function discover_pkg_rules($ruletype) {
      	global $config, $g, $aliases;
      
      	/* Bail if there is no pkg directory, or if the package files might be out of sync. */
      	if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync'))
      		return "";
      
      	$rules = "";
      	$files = glob("/usr/local/pkg/*.inc");
      	foreach($files as $pkg_inc) {
      		update_filter_reload_status("Checking for {$ruletype} PF hooks in package {$pkg_inc}");
      # here need safe >>
      		require_once($pkg_inc);
      		$pkg = basename($pkg_inc, ".inc");
      		$pkg_generate_rules = "{$pkg}_generate_rules";
      		if(function_exists($pkg_generate_rules)) {
      			update_filter_reload_status("Processing early {$ruletype} rules for package {$pkg_inc}");
      			$tmprules = $pkg_generate_rules("$ruletype");
      			file_put_contents("{$g['tmp_path']}/rules.test.packages", $aliases . $tmprules);
      			$status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages");
      			if ($status <> 0) {
      				$errorrules = "There was an error while parsing the package filter rules for {$pkg_inc}.\n";
      				log_error($errorrules);
      				file_put_contents("{$g['tmp_path']}/rules.packages.{$pkg}", "#{$errorrules}\n");
      				continue;
      			}
      			$rules .= $tmprules;
      		}
      # here need safe >>
      	}
      	return $rules;
      }
      
      

      This is need safe code. Probably as here:

      
      # here need safe >>
      if (exec("php -l $pkg_inc") )  {
      		require_once($pkg_inc);
                      ...
      }else {
      # " package source $pkg_inc error "
      ... 
      }
      # here need safe >>
      

      Or other variant.

      Sorry for my English.
      Thanks.

      boot_bug.png
      boot_bug.png_thumb

      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        That has always been the case, we have tried to ensure that no packages declare the same functions with the same name.

        Code to catch exceptions may prevent the execution from stopping but it would cause unpredictable behavior if two packages had functions with the same name but different functionality.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          dvserg
          last edited by

          In the screenshot error matching function names, but it is not so common mistake. I'm talking about the need to check the syntax of the INC files before their inclusion.

          What do you think is needed?

          SquidGuardDoc EN  RU Tutorial
          Localization ru_PFSense

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Ah, yeah, I see what you mean now.

            I went ahead and opened ticket http://redmine.pfsense.org/issues/1310 for it.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • D
              dvserg
              last edited by

              Thank you for your work !!!

              SquidGuardDoc EN  RU Tutorial
              Localization ru_PFSense

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.