diff options
author | Ermal <eri@pfsense.org> | 2014-04-28 07:19:35 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2014-04-28 07:19:35 +0000 |
commit | 8227e80115bef560e723c6f89aeca6f3f0bc9147 (patch) | |
tree | 06ef3d06c04d42135424a17b6840daf9002998f6 | |
parent | c6f7dce8d7bdeb1870f3b24f242c01b7fcddd24d (diff) | |
parent | dd8d9bdcaabe14ae4d4047f0dc48169f409dbe92 (diff) | |
download | pfsense-8227e80115bef560e723c6f89aeca6f3f0bc9147.zip pfsense-8227e80115bef560e723c6f89aeca6f3f0bc9147.tar.gz |
Merge pull request #1098 from camlin/master
-rw-r--r-- | etc/inc/gwlb.inc | 38 |
1 files changed, 30 insertions, 8 deletions
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 79e9ccd..e5c5058 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -161,8 +161,14 @@ EOD; if(in_array($gateway['monitor'], $monitor_ips)) continue; - /* Interface ip is needed since apinger will bind a socket to it. */ - if (is_ipaddrv4($gateway['gateway'])) { + /* Interface ip is needed since apinger will bind a socket to it. + * However the config GUI should already have checked this and when + * PPoE is used the IP address is set to "dynamic". So using is_ipaddrv4 + * or is_ipaddrv6 to identify packet type would be wrong, especially as + * further checks (that can cope with the "dynamic" case) are present inside + * the if block. So using $gateway['ipprotocol'] is the better option. + */ + if ($gateway['ipprotocol'] == "inet") { // This is an IPv4 gateway... $gwifip = find_interface_ip($gateway['interface'], true); if (!is_ipaddrv4($gwifip)) continue; //Skip this target @@ -178,15 +184,31 @@ EOD; mwexec("/sbin/route change -host " . escapeshellarg($gateway['monitor']) . " " . escapeshellarg($gateway['gateway']), true); } - } else if (is_ipaddrv6($gateway['gateway'])) { - /* link locals really need a different src ip */ - if(is_linklocal($gateway['gateway'])) { - $gwifip = find_interface_ipv6_ll($gateway['interface'], true); + } else if ($gateway['ipprotocol'] == "inet6") { // This is an IPv6 gateway... + if ($gateway['monitor'] == $gateway['gateway']) { + /* link locals really need a different src ip */ + if (is_linklocal($gateway['gateway'])) { + $gwifip = find_interface_ipv6_ll($gateway['interface'], true); + } else { + $gwifip = find_interface_ipv6($gateway['interface'], true); + } } else { + /* 'monitor' has been set, so makes sure it has precedence over + * 'gateway' in defining the source IP. Otherwise if 'gateway' + * is a local link and 'monitor' is global routable then the + * ICMP6 response would not find its way back home... + */ $gwifip = find_interface_ipv6($gateway['interface'], true); + if (is_linklocal($gateway['monitor'])) { + if (!strstr($gateway['monitor'], '%')) { + $gateway['monitor'] .= "%{$gateway['interface']}"; + } + } else { + // Monitor is a routable address, so use a routable address for the "src" part + $gwifip = find_interface_ipv6($gateway['interface'], true); + } } - if (is_linklocal($gateway['monitor']) && !strstr($gateway['monitor'], '%')) - $gateway['monitor'] .= "%{$gateway['interface']}"; + if (!is_ipaddrv6($gwifip)) continue; //Skip this target |