Use _vip as identified for CARP vip IPs to allow easier upgrade code. This way only ipaliases on carp need to be upgraded.

author: Ermal <eri@pfsense.org> 2013-12-06 19:16:34 +0000
committer: Ermal <eri@pfsense.org> 2013-12-06 19:16:34 +0000
commit: 0c21eb70b6f830e2c1edc06597c2e0bd443ed855 (patch)
tree: 44ec1b7260627acf632391edb9814fb5eb5401f0
parent: 86c135def224d010ac057f283b3a02f9699cb91a (diff)
download: pfsense-0c21eb70b6f830e2c1edc06597c2e0bd443ed855.zip
pfsense-0c21eb70b6f830e2c1edc06597c2e0bd443ed855.tar.gz
10 files changed, 76 insertions, 56 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 4c35659..7b62d39 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -3481,7 +3481,10 @@ function filter_generate_ipsec_rules() {
 				}
 			}
 
-			$parentinterface = $ph1ent['interface'];
+			if (strstr($ph1ent['interface'], "_vip"))
+				list($parentinterface, $vhid) = explode("_vhid", $ph1ent['interface']);
+			else
+				$parentinterface = $ph1ent['interface'];
 			if (empty($FilterIflist[$parentinterface]['descr'])) {
 				$ipfrules .= "# Could not locate interface for IPsec: {$descr}\n";
 				continue;
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 6703666..967326f 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -99,6 +99,7 @@ function does_vip_exist($vip) {
 	switch ($vip['mode']) {
 	case "carp":
 	case "ipalias":
+		/* XXX: Make proper checks? */
 		$realif = get_real_interface($vip['interface']);
 		if (!does_interface_exist($realif)) {
 			return false;
@@ -427,7 +428,7 @@ function interfaces_bridge_configure($checkmember = 0) {
 			if(empty($bridge['bridgeif']))
 				$bridge['bridgeif'] = "bridge{$i}";
 			if ($checkmember == 1) {
-				if (strstr($bridge['if'], "@"))
+				if (strstr($bridge['if'], "_vip"))
 					continue;
 				$members = explode(',', $bridge['members']);
 				foreach ($members as $member) {
@@ -436,7 +437,7 @@ function interfaces_bridge_configure($checkmember = 0) {
 				}
 			}
 			else if ($checkmember == 2) {
-				if (strstr($bridge['if'], "@"))
+				if (strstr($bridge['if'], "_vip"))
 					continue;
 				$members = explode(',', $bridge['members']);
 				foreach ($members as $member) {
@@ -814,13 +815,13 @@ function interfaces_gre_configure($checkparent = 0) {
 			if(empty($gre['greif']))
 				$gre['greif'] = "gre{$i}";
 			if ($checkparent == 1) {
-				if (strstr($gre['if'], "@"))
+				if (strstr($gre['if'], "_vip"))
 					continue;
 				if (!empty($config['interfaces'][$gre['if']]) && $config['interfaces'][$gre['if']]['ipaddrv6'] == "track6")
 					continue;
 			}
 			else if ($checkparent == 2) {
-				if (strstr($gre['if'], "@"))
+				if (strstr($gre['if'], "_vip"))
 					continue;
 				if (empty($config['interfaces'][$gre['if']]) || $config['interfaces'][$gre['if']]['ipaddrv6'] != "track6")
 					continue;
@@ -888,13 +889,13 @@ function interfaces_gif_configure($checkparent = 0) {
 			if(empty($gif['gifif']))
 				$gre['gifif'] = "gif{$i}";
 			if ($checkparent == 1) {
-				if (strstr($gif['if'], "@"))
+				if (strstr($gif['if'], "_vip"))
 					continue;
 				if (!empty($config['interfaces'][$gif['if']]) && $config['interfaces'][$gif['if']]['ipaddrv6'] == "track6")
 					continue;
 			}
 			else if ($checkparent == 2) {
-				if (strstr($gif['if'], "@"))
+				if (strstr($gif['if'], "_vip"))
 					continue;
 				if (empty($config['interfaces'][$gif['if']]) || $config['interfaces'][$gif['if']]['ipaddrv6'] != "track6")
 					continue;
@@ -1148,6 +1149,7 @@ function interface_vip_bring_down($vip) {
 		}
 		break;
 	case "carp":
+		/* XXX: Is enough to delete ip address? */
 		if (does_interface_exist($vipif))
 			pfSense_interface_deladdress($vipif, $vip['subnet']);
 		break;
@@ -4011,16 +4013,6 @@ function get_current_wan_address($interface = "wan") {
 function convert_real_interface_to_friendly_interface_name($interface = "wan") {
 	global $config;
 
-	if (stristr($interface, "@")) {
-		foreach ($config['virtualip']['vip'] as $counter => $vip) {
-			if ($vip['mode'] == "carp")  {
-				$carpif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
-				if ($interface == $carpif)
-					return $vip['interface'];
-			}
-		}
-	}
-
 	/* XXX: For speed reasons reference directly the interface array */
 	$ifdescrs = &$config['interfaces'];
 	//$ifdescrs = get_configured_interface_list(false, true);
@@ -4072,12 +4064,11 @@ function convert_friendly_interface_to_friendly_descr($interface) {
 			else
 				$ifdesc = strtoupper($config['interfaces'][$interface]['descr']);
 			break;
-		} else if (stristr($interface, "@")) {
+		} else if (stristr($interface, "_vip")) {
 			if (is_array($config['virtualip']['vip'])) {
 				foreach ($config['virtualip']['vip'] as $counter => $vip) {
 					if ($vip['mode'] == "carp")  {
-						$carpif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
-						if ($interface == $carpif)
+						if ($interface == "{$vip['interface']}_vip{$vip['vhid']}")
 							return "{$vip['subnet']} - {$vip['descr']}";
 					}
 				}
@@ -4765,8 +4756,8 @@ function ip_in_interface_alias_subnet($interface, $ipalias) {
 function get_interface_ip($interface = "wan") {
 	$realif = get_failover_interface($interface);
 	if (!$realif) {
-		if (preg_match("/^carp/i", $interface))
-			$realif = $interface;
+		if (strstr($interface, "_vip"))
+			return get_configured_carp_interface_list($interface);
 		else
 			return null;
 	}
@@ -4782,8 +4773,12 @@ function get_interface_ipv6($interface = "wan", $flush = false) {
 	global $config;
 
 	$realif = get_failover_interface($interface, "inet6");
-	if (!$realif)
-		return null;
+	if (!$realif) {
+		if (strstr($interface, "_vip"))
+			return get_configured_carp_interface_list($interface, "inet6");
+		else
+			return null;
+	}
 
 	/*
 	 * NOTE: On the case when only the prefix is requested,
@@ -4817,9 +4812,10 @@ function get_interface_linklocal($interface = "wan") {
 
 	$realif = get_failover_interface($interface, "inet6");
 	if (!$realif) {
-		if (preg_match("/^carp/i", $interface))
-			$realif = $interface;
-		else
+		if (strstr($interface, "_vip")) {
+			list($interface, $vhid) = explode("_vip", $interface);
+			$realif = get_real_interface($interface);
+		} else
 			return null;
 	}
 
@@ -4833,9 +4829,10 @@ function get_interface_linklocal($interface = "wan") {
 function get_interface_subnet($interface = "wan") {
 	$realif = get_real_interface($interface);
 	if (!$realif) {
-		if (preg_match("/^carp/i", $interface))
-			$realif = $interface;
-		else
+		if (strstr($interface, "_vip")) {
+			list($interface, $vhid) = explode("_vip", $interface);
+			$realif = get_real_interface($interface);
+		} else
 			return null;
 	}
 
@@ -4850,8 +4847,13 @@ function get_interface_subnetv6($interface = "wan") {
 	global $config;
 
 	$realif = get_real_interface($interface, "inet6");
-	if (!$realif)
-		return null;
+	if (!$realif) {
+		if (strstr($interface, "_vip")) {
+			list($interface, $vhid) = explode("_vip", $interface);
+			$realif = get_real_interface($interface);
+		} else
+			return null;
+	}
 
 	$cursn = find_interface_subnetv6($realif);
 	if (!empty($cursn))
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 649baad..da4f5ce 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -811,7 +811,7 @@ function openvpn_restart($mode, $settings) {
 		return;
 
 	/* Do not start a client if we are a CARP backup on this vip! */
-	if (($mode == "client") && (strstr($settings['interface'], "@") && get_carp_interface_status($settings['interface']) == "BACKUP"))
+	if (($mode == "client") && (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) == "BACKUP"))
 		return;
 		
 	/* Check if client is bound to a gateway group */    
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 0f75a3a..52ca57b 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -326,7 +326,8 @@ function get_carp_interface_status($carpinterface) {
 	$carp_query = "";
 
 	/* XXX: Need to fidn a better way for this! */
-	list ($interface, $vhid) = explode('@', $carpinterface);
+	list ($interface, $vhid) = explode("_vip", $carpinterface);
+	$interface = get_real_interface($interface);
 	exec("/sbin/ifconfig $interface | /usr/bin/grep -v grep | /usr/bin/grep carp: | /usr/bin/grep 'vhid {$vhid}'", $carp_query);
 	foreach($carp_query as $int) {
 		if(stristr($int, "MASTER"))
@@ -2534,17 +2535,16 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false,
 
 		foreach($interface_list_ips as $if => $ilips) {
 			/* Also ignore CARP interfaces, it'll be checked below */
-			if ($ignore_if == $if)
+			if ($ignore_if == $if || strstr($ignore_if, "_vip"))
 				continue;
 			if (strcasecmp($ipaddr, $ilips) == 0)
 				return true;
 		}
 	}
 
-	/* XXX: Need to correct this! */
 	$interface_list_vips = get_configured_vips_list(true);
 	foreach ($interface_list_vips as $id => $vip) {
-		if ($ignore_if == "vip_{$id}")
+		if ($ignore_if == $vip['if'])
 			continue;
 		if (strcasecmp($ipaddr, $vip['ipaddr']) == 0)
 			return true;
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index 69fcbf5..67646a3 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -800,7 +800,7 @@ function is_inrange($test, $start, $end) {
 }
 
 /* XXX: return the configured carp interface list */
-function get_configured_carp_interface_list() {
+function get_configured_carp_interface_list($carpinterface = "", $family = "inet") {
 	global $config;
 
 	$iflist = array();
@@ -810,8 +810,16 @@ function get_configured_carp_interface_list() {
 		foreach ($viparr as $vip) {
 			switch ($vip['mode']) {
 			case "carp":
-				$vipif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
-				$iflist[$vipif] = $vip['subnet'];
+				if (!empty($carpinterface)) {
+					if ($carpinterface == "{$vip['interface']}_vip{$vip['vhid']}") {
+						if ($family == "inet" && is_ipaddrv4($vip['subnet']))
+							return $vip['subnet'];
+						else if ($family == "inet6" && is_ipaddrv6($vip['subnet']))
+							return $vip['subnet'];
+					}
+				} else {
+					$iflist["{$vip['interface']}_vip{$vip['vhid']}"] = $vip['subnet'];
+				}
 				break;
 			}
 		}
@@ -849,8 +857,11 @@ function get_configured_vips_list() {
 
 	if(is_array($config['virtualip']['vip'])) {
 		$viparr = &$config['virtualip']['vip'];
-		foreach ($viparr as $vip)
-			$alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
+		foreach ($viparr as $vip) {
+			if ($vip['mode'] == "carp")
+				$alias_list[] = array("ipaddr" => $vip['subnet'], "if" => "$vip['interface']}_vip{$vip['vhid']}");
+			else
+				$alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
 	}
 
 	return $alias_list;
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 6d31b50..4c12f30 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -905,6 +905,7 @@ EOD;
 				}
 
 				/* static route needed? */
+				$vip = "";
 				if (is_ipaddr($ph1ent['interface'])) {
 					$vip = find_virtual_ip_alias($ph1ent['interface']);
 					$parentinterface = $vip['interface'];
@@ -915,7 +916,10 @@ EOD;
 					/* add endpoint routes to correct gateway on interface */
 					if (interface_has_gateway($parentinterface)) {
 						$gatewayip = get_interface_gateway("$parentinterface");
-						$interfaceip = get_interface_ip($parentinterface);
+						if (empty($vip))
+							$interfaceip = get_interface_ip($parentinterface);
+						else
+							$interfaceip = $vip['subnet'];
 						$subnet_bits = get_interface_subnet($parentinterface);
 						$subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
 						/* if the remote gateway is in the local subnet, then don't add a route */
diff --git a/etc/rc.carpbackup b/etc/rc.carpbackup
index 0068589..9e469c3 100755
--- a/etc/rc.carpbackup
+++ b/etc/rc.carpbackup
@@ -42,8 +42,9 @@ if (!strstr($argument, "@"))
 list($vhid, $iface) = explode("@", $argument);
 
 $friendly = convert_real_interface_to_friendly_interface_name($iface);
-$friendly_descr = convert_friendly_interface_to_friendly_descr($friendly);
-$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "BACKUP"', $argument, $friendly_descr);
+$carp_iface = "{$friendly}_vip{$vhid}";
+$friendly_descr = convert_friendly_interface_to_friendly_descr($carp_iface);
+$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "BACKUP" for vhid %s', $argument, $friendly_descr, $vhid);
 
 notify_via_smtp($notificationmsg);
 notify_via_growl($notificationmsg);
@@ -53,7 +54,7 @@ log_error($notificationmsg);
 global $config;
 if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'])) {
 	foreach ($config['openvpn']['openvpn-client'] as $settings) {
-		if ($settings['interface'] == $friendly) {
+		if ($settings['interface'] == $carp_iface) {
 			log_error("Stopping OpenVPN client instance on {$friendly_descr} because of transition to CARP backup.");
 			openvpn_restart('client', $settings);
 		}
diff --git a/etc/rc.carpmaster b/etc/rc.carpmaster
index d4c122e..5bae592 100755
--- a/etc/rc.carpmaster
+++ b/etc/rc.carpmaster
@@ -42,8 +42,9 @@ if (!strstr($argument, "@"))
 list($vhid, $iface) = explode("@", $argument);
 
 $friendly = convert_real_interface_to_friendly_interface_name($iface);
-$friendly_descr = convert_friendly_interface_to_friendly_descr($friendly);
-$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "MASTER"', $argument, $friendly_descr);
+$carp_iface = "{$friendly}_vip${vhid}";
+$friendly_descr = convert_friendly_interface_to_friendly_descr($carp_iface);
+$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "MASTER" for vhid %s', $argument, $friendly_descr, $vhid);
 
 notify_via_smtp($notificationmsg);
 notify_via_growl($notificationmsg);
@@ -53,7 +54,7 @@ log_error($notificationmsg);
 global $config;
 if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'])) {
 	foreach ($config['openvpn']['openvpn-client'] as $settings) {
-		if ($settings['interface'] == $friendly) {
+		if ($settings['interface'] == $carp_iface) {
 			log_error("Starting OpenVPN client instance on {$friendly_descr} because of transition to CARP master.");
 			openvpn_restart('client', $settings);
 		}
@@ -61,7 +62,7 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'
 }
 if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) {
 	foreach ($config['openvpn']['openvpn-server'] as $settings) {
-		if ($settings['interface'] == $friendly) {
+		if ($settings['interface'] == $carp_iface) {
 			log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master.");
 			openvpn_restart('server', $settings);
 		}
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php
index 5129047..9967484 100755
--- a/usr/local/www/carp_status.php
+++ b/usr/local/www/carp_status.php
@@ -148,8 +148,7 @@ include("head.inc");
 						$vhid = $carp['vhid'];
 						$advskew = $carp['advskew'];
 						$advbase = $carp['advbase'];
-						$carp_int = get_real_interface($carp['interface']) . "@{$carp['vhid']}";
-						$status = get_carp_interface_status($carp_int);
+						$status = get_carp_interface_status("{$carp['interface']}_vip{$carp['vhid']}");
 						echo "<tr>";
 						$align = "valign='middle'";
 						if($carp_enabled == false) {
@@ -164,7 +163,7 @@ include("head.inc");
 								$icon = "<img {$align} src='/themes/".$g['theme']."/images/icons/icon_log.gif'>";
 							}
 						}
-						echo "<td class=\"listlr\"><center>" . $carp_int . "&nbsp;</td>";
+						echo "<td class=\"listlr\"><center>" . convert_friendly_interface_to_friendly_descr($carp['interface']) . "@{$vhid} &nbsp;</td>";
 						echo "<td class=\"listlr\"><center>" . $ipaddress . "&nbsp;</td>";
 						echo "<td class=\"listlr\"><center>{$icon}&nbsp;&nbsp;" . $status . "&nbsp;</td>";
 						echo "</tr>";
diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php
index e7cff99..3b52fd8 100644
--- a/usr/local/www/widgets/widgets/carp_status.widget.php
+++ b/usr/local/www/widgets/widgets/carp_status.widget.php
@@ -49,14 +49,13 @@ $carp_enabled = get_carp_status();
 			$netmask = $carp['subnet_bits'];
 			$vhid = $carp['vhid'];
 			$advskew = $carp['advskew'];
-			$carp_int = get_real_interface($carp['interface']) . "@{$carp['vhid']}";
-			$status = get_carp_interface_status($carp_int);
+			$status = get_carp_interface_status("{$carp['interface']}_vip{$vhid}");
 ?>
 <tr>
 	<td class="vncellt" width="35%">
 		<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_cablenic.gif" alt="cablenic" />&nbsp;
 		<strong><a href="/system_hasync.php">
-		<span style="color:#000000"><?=htmlspecialchars($carp_int);?></span></a></strong>
+		<span style="color:#000000"><?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($carp['interface']) . "@{$vhid}");?></span></a></strong>
 	</td>
 	<td width="65%"  class="listr">
 <?php
author	Ermal <eri@pfsense.org>	2013-12-06 19:16:34 +0000
committer	Ermal <eri@pfsense.org>	2013-12-06 19:16:34 +0000
commit	0c21eb70b6f830e2c1edc06597c2e0bd443ed855 (patch)
tree	44ec1b7260627acf632391edb9814fb5eb5401f0
parent	86c135def224d010ac057f283b3a02f9699cb91a (diff)
download	pfsense-0c21eb70b6f830e2c1edc06597c2e0bd443ed855.zip pfsense-0c21eb70b6f830e2c1edc06597c2e0bd443ed855.tar.gz