diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2008-05-25 03:44:06 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2008-05-25 03:44:06 +0000 |
| commit | 499994ff94210eefdbdede7b347bdc928334bb7e (patch) | |
| tree | 055813c2aba948c57df14dea459d06ad3114d525 | |
| parent | 93ca4555dd7fda77073c5693150c03f5c05db8d7 (diff) | |
| download | pfsense-499994ff94210eefdbdede7b347bdc928334bb7e.zip pfsense-499994ff94210eefdbdede7b347bdc928334bb7e.tar.gz | |
CarpDEV-DHCP fixes
| -rw-r--r-- | etc/inc/filter.inc | 6 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 12 | ||||
| -rwxr-xr-x | etc/rc.bootup | 14 |
3 files changed, 16 insertions, 16 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 26917c5..f586d99 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -335,7 +335,7 @@ function filter_generate_aliases() { if($config['interfaces']['lan']) $aliases .= "lan = \"{ {$config['interfaces']['lan']['if']}{$lan_aliases} }\"\n"; - $wanif = $config['interfaces']['wan']['if']; + $wanif = get_real_wan_interface(); /* carpdev support on WAN */ if($config['interfaces']['wan']['ipaddr'] == "carpdev-dhcp") { @@ -344,7 +344,7 @@ function filter_generate_aliases() { foreach ($viparr as $vip) { if ($vip['mode'] == "carpdev-dhcp") { if($vip['interface'] == "wan") - $wanif = " carp{$counter}"; + $wanif = "carp{$counter}"; $counter++; } } @@ -357,7 +357,7 @@ function filter_generate_aliases() { $aliases .= "pptp0 = \"{ " . $wanif . " " . get_real_wan_interface() . " }\" \n"; $aliases .= "wan = \"{ " . $wanif . "{$wan_aliases} pptp0 }\"\n"; } else { - $aliases .= "wan = \"{ " . get_real_wan_interface() . "{$wan_aliases} }\"\n"; + $aliases .= "wan = \"{ " . $wanif . "{$wan_aliases} }\"\n"; } $aliases .= "enc0 = \"{ enc0 }\"\n"; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index dce2ab2..edf7a15 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -41,7 +41,7 @@ require_once("globals.inc"); function interfaces_loopback_configure() { mwexec("/sbin/ifconfig lo0 127.0.0.1"); - + mwexec("/sbin/ifconfig lo0 up"); return 0; } @@ -105,9 +105,6 @@ function interfaces_vlan_configure() { } } - /* CARP interfaces can be attached to VLAN's, too. */ - interfaces_carp_bring_up_final(); - return 0; } @@ -481,6 +478,7 @@ function interfaces_carp_configure() { unset($balanacing); unset($pfsyncenabled); } + mwexec("/sbin/sysctl net.inet.carp.allow=1"); if($balanacing) { mwexec("/sbin/sysctl net.inet.carp.arpbalance=1"); mwexec("/sbin/sysctl net.inet.carp.preempt=0"); @@ -494,8 +492,8 @@ function interfaces_carp_configure() { */ exec("echo pass quick proto carp all keep state > /tmp/rules.boot"); exec("echo pass quick proto pfsync all >> /tmp/rules.boot"); - exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot"); - exec("/sbin/pfctl -f /tmp/rules.boot"); + exec("echo pass out quick from any to any keep state >> /tmp/rules.boot"); +// exec("/sbin/pfctl -f /tmp/rules.boot"); } /* setup pfsync interface */ if($carp_sync_int and $pfsyncenabled) { @@ -569,6 +567,7 @@ function interfaces_carp_configure() { mwexec("ifconfig carp{$carp_instances_counter} carpdev $interface"); mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " vhid " . $vip['vhid'] . " advskew " . $vip['advskew'] . $password); mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " up"); + sleep(1); mwexec("/sbin/dhclient -b carp{$carp_instances_counter}"); } else { log_error("Could not determine CarpDEV parent interface for {$vip['descr']}."); @@ -1180,6 +1179,7 @@ function interfaces_wan_carpdev_dhcp_configure() { global $config, $g; $wancfg = $config['interfaces']['wan']; + $wanif = $wancfg['if']; /* bring wan interface up before starting dhclient */ mwexec("/sbin/ifconfig {$wanif} up"); diff --git a/etc/rc.bootup b/etc/rc.bootup index 8a8bdee..a82dfb7 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -173,6 +173,13 @@ /* bring ip IP aliases */ interfaces_ipalias_configure(); + /* setup altq + pf */ + echo "Configuring firewall..."; + //mute_kernel_msgs(); + filter_configure_sync(); + //unmute_kernel_msgs(); + echo "done.\n"; + /* generate resolv.conf */ system_resolvconf_generate(); @@ -194,13 +201,6 @@ /* start OpenVPN server & clients */ openvpn_resync_all(); - /* setup altq + pf */ - echo "Configuring firewall..."; - //mute_kernel_msgs(); - filter_configure_sync(); - //unmute_kernel_msgs(); - echo "done.\n"; - if($avail > 0 and $avail < 65) { echo "System has less than 65 megabytes of ram {$avail}. Delaying webConfigurator startup.\n"; /* start webConfigurator up on final pass */ |
