diff options
author | Ermal <eri@pfsense.org> | 2010-06-16 16:07:16 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-06-16 16:07:16 +0000 |
commit | 962fd685516ae137674ed0cde2445ebbeeefbdff (patch) | |
tree | 4c4eb2f210e97c9fdd81319ffe92c4c2d02e7b7e | |
parent | 096ee9c22de0afd71a17518bcb112807e46fe49a (diff) | |
download | pfsense-962fd685516ae137674ed0cde2445ebbeeefbdff.zip pfsense-962fd685516ae137674ed0cde2445ebbeeefbdff.tar.gz |
Fixes #632. When bringing down a vip of proxyarp use the new pidfile introduced. Also teach about interface argument to proxyarp function so it can start only a instance of an interface.
-rw-r--r-- | etc/inc/interfaces.inc | 33 | ||||
-rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 3 |
2 files changed, 27 insertions, 9 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 65d61d5..58091d8 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -775,9 +775,13 @@ function interface_reconfigure($interface = "wan") { } function interface_vip_bring_down(&$vip) { + global $g; + switch ($vip['mode']) { case "proxyarp": - interface_proxyarp_configure(); + $vipif = get_real_interface($vip['interface']); + if (file_exists("{$g['varrun_path']}/{$vipif}.pid")) + killbypid("{$g['varrun_path']}/{$vipif}.pid"); break; case "ipalias": $vipif = get_real_interface($vip['interface']); @@ -1470,7 +1474,7 @@ function interfaces_carp_setup() { } } -function interface_proxyarp_configure() { +function interface_proxyarp_configure($interface = "") { global $config, $g; if(isset($config['system']['developerspew'])) { $mt = microtime(); @@ -1478,7 +1482,8 @@ function interface_proxyarp_configure() { } /* kill any running choparp */ - killbyname("choparp"); + if (empty($interface)) + killbyname("choparp"); if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) { $paa = array(); @@ -1496,26 +1501,38 @@ function interface_proxyarp_configure() { $paa[$proxyif][] = $vipent; } + } } - if (count($paa)) + if (!empty($interface)) { + if (is_array($paa[$interface])) { + $paaifip = get_interface_ip($interface); + if (!is_ipaddr($paaifip)) + return; + $args = get_real_interface($interface) . " auto"; + foreach ($paa[$interface] as $paent) { + if (isset($paent['subnet'])) + $args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}"); + else if (isset($paent['range'])) + $args .= " " . escapeshellarg($paent['range']['from'] . "-" . $paent['range']['to']); + } + mwexec_bg("/usr/local/sbin/choparp " . $args); + } + } else if (count($paa)) { foreach ($paa as $paif => $paents) { $paaifip = get_interface_ip($paif); if (!(is_ipaddr($paaifip))) continue; $args = get_real_interface($paif) . " auto"; foreach ($paents as $paent) { - if (isset($paent['subnet'])) $args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}"); else if (isset($paent['range'])) - $args .= " " . escapeshellarg($paent['range']['from'] . "-" . - $paent['range']['to']); + $args .= " " . escapeshellarg($paent['range']['from'] . "-" . $paent['range']['to']); } mwexec_bg("/usr/local/sbin/choparp " . $args); } } - } function interfaces_vips_configure($interface = "") { diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index 1d2e634..f4b4567 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -72,7 +72,7 @@ if ($_POST) { interface_ipalias_configure($a_vip[$vid]); break; case "proxyarp": - interface_proxyarp_configure(); + interface_proxyarp_configure($a_vip[$vid]['interface']); break; case "carp": interface_carp_configure($a_vip[$vid]); @@ -85,6 +85,7 @@ if ($_POST) { } } } + @unlink("{$g['tmp_path']}/firewall_virtual_ip.apply"); $retval = 0; $retval |= filter_configure(); $savemsg = get_std_save_message($retval); |