summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2014-04-12 06:20:32 +0000
committerErmal <eri@pfsense.org>2014-04-12 06:20:32 +0000
commitf96b9a1830ee2b08c142207ebfa4f695d0628853 (patch)
treeee62a2a5a5e9779188b66b8a17b311becbcc3fc7
parentd22169cfd68a26c04ca6d1aa997575f1b3e4cc80 (diff)
downloadpfsense-f96b9a1830ee2b08c142207ebfa4f695d0628853.zip
pfsense-f96b9a1830ee2b08c142207ebfa4f695d0628853.tar.gz
Take care of the loops reported for OpenVPN in tap mode. Also fixes the problems of tap disappearing from bridge if its a member.
-rwxr-xr-xetc/rc.linkup3
-rwxr-xr-xetc/rc.newwanip21
-rwxr-xr-xetc/rc.newwanipv617
3 files changed, 29 insertions, 12 deletions
diff --git a/etc/rc.linkup b/etc/rc.linkup
index 1994336..b39f876 100755
--- a/etc/rc.linkup
+++ b/etc/rc.linkup
@@ -60,7 +60,8 @@ function handle_argument_group($iface, $argument2) {
interfaces_staticarp_configure($iface);
$iface = get_real_interface($iface);
interfaces_bring_up($iface);
- if ($argument2 == "start" || $argument2 == "up")
+ /* NOTE: Do not generate event for OpenVPN since the daemon does that for us. */
+ if (($argument2 == "start" || $argument2 == "up") && substr($iface, 0, 4) != "ovpn")
send_event("interface newip {$iface}");
} else {
switch ($argument2) {
diff --git a/etc/rc.newwanip b/etc/rc.newwanip
index 2fa450c..df00148 100755
--- a/etc/rc.newwanip
+++ b/etc/rc.newwanip
@@ -62,7 +62,7 @@ $argument = str_replace("\n", "", $argv[1]);
log_error("rc.newwanip: Informational is starting {$argument}.");
-if(empty($argument)) {
+if (empty($argument)) {
$interface = "wan";
$interface_real = get_real_interface();
} else {
@@ -70,13 +70,15 @@ if(empty($argument)) {
$interface_real = $argument;
}
+$interface_descr = convert_friendly_interface_to_friendly_descr($interface);
+
/* If the interface is configured and not enabled, bail. We do not need to change settings for disabled interfaces. #3313 */
if (is_array($config['interfaces'][$interface]) && !isset($config['interfaces'][$interface]['enable'])) {
log_error("Interface is disabled, nothing to do.");
return;
}
-if(empty($argument))
+if (empty($argument))
$curwanip = get_interface_ip();
else {
$curwanip = find_interface_ip($interface_real, true);
@@ -88,14 +90,19 @@ else {
}
}
-log_error("rc.newwanip: on (IP address: {$curwanip}) (interface: {$interface}) (real interface: {$interface_real}).");
+log_error("rc.newwanip: on (IP address: {$curwanip}) (interface: {$interface_descr}[{$interface}]) (real interface: {$interface_real}).");
-if($curwanip == "0.0.0.0" || !is_ipaddr($curwanip)) {
+/*
+ * NOTE: Take care of openvpn and similar if you generate the event to reconfigure an interface.
+ * i.e. OpenVPN might be in tap mode and not have an ip.
+ */
+if (($curwanip == "0.0.0.0" || !is_ipaddr($curwanip)) && susbstr($interface_real, 0, 4) != "ovpn") {
log_error("rc.newwanip: Failed to update {$interface} IP, restarting...");
send_event("interface reconfigure {$interface}");
exit;
}
+/* XXX: This really possible? */
if (empty($interface)) {
filter_configure();
restart_packages();
@@ -110,7 +117,8 @@ if (file_exists("{$g['vardb_path']}/{$interface}_cacheip"))
system_resolvconf_generate(true);
/* write current WAN IP to file */
-file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip);
+if (is_ipaddr($curwanip))
+ @file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip);
link_interface_to_vips($interface, "update");
@@ -180,7 +188,8 @@ if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interface
/* reconfigure our gateway monitor */
setup_gateways_monitor();
- file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip);
+ if (is_ipaddr($curnwanip))
+ @file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip);
/* perform RFC 2136 DNS update */
services_dnsupdate_process($interface);
diff --git a/etc/rc.newwanipv6 b/etc/rc.newwanipv6
index 92fe5ea..3da6ac9 100755
--- a/etc/rc.newwanipv6
+++ b/etc/rc.newwanipv6
@@ -59,7 +59,7 @@ $argument = trim($argv[1], " \n\t");
log_error("rc.newwanipv6: Informational is starting {$argument}.");
-if(empty($argument)) {
+if (empty($argument)) {
$interface = "wan";
$interface_real = get_real_interface($interface, "inet6");
$curwanipv6 = get_interface_ipv6($interface, true);
@@ -69,6 +69,8 @@ if(empty($argument)) {
$curwanipv6 = get_interface_ipv6($interface, true);
}
+$interface_descr = convert_friendly_interface_to_friendly_descr($interface);
+
if (empty($interface)) {
filter_configure();
// restart_packages();
@@ -79,8 +81,12 @@ if (empty($interface)) {
if ($g['booting'] && $config['interfaces'][$interface]['ipaddrv6'] != "dhcp6")
exit;
+/*
+ * NOTE: Take care of openvpn and similar if you generate the event to reconfigure an interface.
+ * i.e. OpenVPN might be in tap mode and not have an ip.
+ */
if (empty($curwanipv6) || !is_ipaddrv6($curwanipv6)) {
- log_error("rc.newwanipv6: Failed to update {$interface} IPv6, restarting...");
+ log_error("rc.newwanipv6: Failed to update {$interface_descr}[{$interface}] IPv6, restarting...");
// send_event("interface reconfigure {$interface}");
exit;
}
@@ -100,7 +106,8 @@ if (!empty($_ENV['new_domain_name']))
file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $_ENV['new_domain_name']);
/* write current WAN IPv6 to file */
-file_put_contents("{$g['vardb_path']}/{$interface}_ipv6", $curwanipv6);
+if (is_ipaddrv6($curwanipv6))
+ @file_put_contents("{$g['vardb_path']}/{$interface}_ipv6", $curwanipv6);
log_error("rc.newwanipv6: on (IP address: {$curwanipv6}) (interface: {$interface}) (real interface: {$interface_real}).");
@@ -140,9 +147,9 @@ if (is_ipaddrv6($oldipv6)) {
exit;
} else if (does_interface_exist($interface_real))
mwexec("/sbin/ifconfig {$interface_real} inet6 {$oldipv6} delete");
-}
-file_put_contents("{$g['vardb_path']}/{$interface}_cacheipv6", $curwanipv6);
+ file_put_contents("{$g['vardb_path']}/{$interface}_cacheipv6", $curwanipv6);
+}
/* perform RFC 2136 DNS update */
services_dnsupdate_process($interface);
OpenPOWER on IntegriCloud