diff options
| author | Chris Buechler <cmb@pfsense.org> | 2015-07-18 04:24:58 -0500 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2015-07-18 04:24:58 -0500 |
| commit | 6eb520938c518a958f09db67e5e9eba2dbdc02d2 (patch) | |
| tree | c052aa2d203d7aaa6aee325841d059fa2342ae45 | |
| parent | 896b85101323f37cef227cf236f7c5558a7b1ddf (diff) | |
| download | pfsense-6eb520938c518a958f09db67e5e9eba2dbdc02d2.zip pfsense-6eb520938c518a958f09db67e5e9eba2dbdc02d2.tar.gz | |
Handle OpenVPN bound to gateway groups using CARP IPs in rc.carpmaster/backup. Ticket #4854
| -rwxr-xr-x | etc/rc.carpbackup | 12 | ||||
| -rwxr-xr-x | etc/rc.carpmaster | 21 |
2 files changed, 31 insertions, 2 deletions
diff --git a/etc/rc.carpbackup b/etc/rc.carpbackup index e518e23..2a5ce2a 100755 --- a/etc/rc.carpbackup +++ b/etc/rc.carpbackup @@ -4,6 +4,7 @@ /* rc.carpbackup part of pfSense (https://www.pfsense.org) + Copyright (C) 2004-2015 Electric Sheep Fencing LLC Copyright (C) 2004 Scott Ullrich All rights reserved. @@ -61,6 +62,15 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client' log_error("Stopping OpenVPN client instance on {$friendly_descr} because of transition to CARP backup."); openvpn_restart('client', $settings); } + // check for gateway groups specifying CARP IPs + $a_groups = return_gateway_groups_array(); + if (is_array($a_groups[$settings['interface']])) { + // interface of this instance is a gateway group, check for CARP VIP + if (strstr($a_groups[$settings['interface']][0]['vip'], "_vip")) { + log_error("Stopping OpenVPN client instance on {$friendly_descr} because of transition to CARP backup."); + openvpn_restart('client', $settings); + } + } } } @@ -85,4 +95,4 @@ $pluginparams['event'] = 'rc.carpbackup'; $pluginparams['interface'] = $argument; pkg_call_plugins('plugin_carp', $pluginparams); -?> +?>
\ No newline at end of file diff --git a/etc/rc.carpmaster b/etc/rc.carpmaster index d9d9879..81f7b3b 100755 --- a/etc/rc.carpmaster +++ b/etc/rc.carpmaster @@ -4,6 +4,7 @@ /* rc.carpmaster part of pfSense (https://www.pfsense.org) + Copyright (C) 2004-2015 Electric Sheep Fencing LLC Copyright (C) 2004 Scott Ullrich All rights reserved. @@ -61,6 +62,15 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client' log_error("Starting OpenVPN client instance on {$friendly_descr} because of transition to CARP master."); openvpn_restart('client', $settings); } + // check for gateway groups specifying CARP IPs + $a_groups = return_gateway_groups_array(); + if (is_array($a_groups[$settings['interface']])) { + // interface of this instance is a gateway group, check for CARP VIP + if (strstr($a_groups[$settings['interface']][0]['vip'], "_vip")) { + log_error("Starting OpenVPN client instance on {$friendly_descr} because of transition to CARP master."); + openvpn_restart('client', $settings); + } + } } } if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) { @@ -69,6 +79,15 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server' log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master."); openvpn_restart('server', $settings); } + // check for gateway groups specifying CARP IPs + $a_groups = return_gateway_groups_array(); + if (is_array($a_groups[$settings['interface']])) { + // interface of this instance is a gateway group, check for CARP VIP + if (strstr($a_groups[$settings['interface']][0]['vip'], "_vip")) { + log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master."); + openvpn_restart('server', $settings); + } + } } } @@ -93,4 +112,4 @@ $pluginparams['event'] = 'rc.carpmaster'; $pluginparams['interface'] = $argument; pkg_call_plugins('plugin_carp', $pluginparams); -?> +?>
\ No newline at end of file |
