Use pfSync SYNCPEER directive if defined. Ticket #1317

2 files changed, 17 insertions, 3 deletions

diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 2c0c86b..7739981 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -379,6 +379,7 @@ function interfaces_carp_configure() {
 			$pfsyncenabled = $carp['pfsyncenabled'];
 			$balanacing = $carp['balancing'];
 			$pfsyncinterface = $carp['pfsyncinterface'];
+			$pfsyncpeerip = $carp['pfsyncpeerip'];
 		}
 	} else {
 		unset($pfsyncinterface);
@@ -402,10 +403,15 @@ function interfaces_carp_configure() {
 		exec("/sbin/pfctl -f /tmp/rules.boot");
 	}
 	/* setup pfsync interface */
-	if($carp_sync_int and $pfsyncenabled)
-		mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up");
-	else
+	if($carp_sync_int and $pfsyncenabled) {
+		if($pfsyncpeerip) {
+			mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up");
+		} else {
+			mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up");
+		}
+	} else {
 		mwexec("/sbin/ifconfig pfsync0 syncdev lo0 up");
+	}
 	$fd = fopen("/tmp/carp.sh", "w");
 	if($config['virtualip']['vip']) {
 		$viparr = &$config['virtualip']['vip'];
diff --git a/usr/local/pkg/carp_settings.xml b/usr/local/pkg/carp_settings.xml
index 4970d4c..704fb91 100644
--- a/usr/local/pkg/carp_settings.xml
+++ b/usr/local/pkg/carp_settings.xml
@@ -69,6 +69,14 @@
 			</description>
 		</field>
 		<field>
+			<fielddescr>pfSync sync peer IP</fielddescr>
+			<fieldname>pfsyncpeerip</fieldname>
+			<type>input</type>
+			<description>
+				Setting this option will force pfSync to synchronize its stable tables to this IP address.  The default is directed multicast.
+			</description>
+		</field>
+		<field>
 			<fielddescr>Synchronize rules</fielddescr>
 			<fieldname>synchronizerules</fieldname>
 			<description>When this option is enabled, this system will automatically sync the firewalls rules over to the other carp when changes are made..</description>