diff options
| author | Chris Buechler <cmb@pfsense.org> | 2008-04-14 03:28:51 +0000 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2008-04-14 03:28:51 +0000 |
| commit | a04de17f1a5057dbeba74c202186255d854ef7a2 (patch) | |
| tree | 6aeb5d72f49a3c437b754c366643ede366d828fd | |
| parent | 47eaa4317246aa1a3303946b150911776a9b87f8 (diff) | |
| download | pfsense-a04de17f1a5057dbeba74c202186255d854ef7a2.zip pfsense-a04de17f1a5057dbeba74c202186255d854ef7a2.tar.gz | |
add IP alias support
TODO:
Remove IP aliases upon deletion
Add "type" icon
| -rw-r--r-- | etc/inc/interfaces.inc | 17 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 4 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 25 |
3 files changed, 38 insertions, 8 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index a681e8b..2665e33 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -616,6 +616,21 @@ function interfaces_carp_bring_up_final() { echo " done.\n"; } +function interfaces_ipalias_configure() { + global $g, $config, $debugging; + if(isset($config['system']['developerspew'])) { + $mt = microtime(); + echo "interfaces_ipalias_configure() being called $mt\n"; + } + $viparr = &$config['virtualip']['vip']; + foreach ($viparr as $vip) { + if ($vip['mode'] == "ipalias") { + $if = $vip['interface']; + mwexec("/sbin/ifconfig " . escapeshellarg($config['interfaces'][$if]['if']) . " " . $vip['subnet'] . "/" . escapeshellarg($vip['subnet_bits']) . " alias"); + } + } +} + function interfaces_wireless_configure($if, $wlcfg) { global $config, $g; @@ -1819,4 +1834,4 @@ function get_interface_mac($interface) { return $mac; } -?> +?>
\ No newline at end of file diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index ac439d0..8c2d9e4 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -56,7 +56,7 @@ if ($_POST) { reset_carp(); $retval |= filter_configure(); config_unlock(); - + interfaces_ipalias_configure(); $savemsg = get_std_save_message($retval); unlink_if_exists($d_vipconfdirty_path); } @@ -144,7 +144,7 @@ include("head.inc"); <?php if($vipent['mode'] == "carp") echo " (vhid {$vipent['vhid']})"; ?> </td> <td class="listlr" align="center" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> - <? if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP'>"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP'>"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other'>";?> + <? if($vipent['mode'] == "proxyarp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_parp.gif' title='Proxy ARP'>"; elseif($vipent['mode'] == "carp") echo "<img src='./themes/".$g['theme']."/images/icons/icon_carp.gif' title='CARP'>"; elseif($vipent['mode'] == "other") echo "<img src='./themes/".$g['theme']."/images/icons/icon_other.gif' title='Other'>"; elseif($vipent['mode'] == "ipalias") echo "<img src='./themes/".$g['theme']."/images/icons/icon_ipalias.gif' title='IP Alias'>";?> </td> <td class="listbg" ondblclick="document.location='firewall_virtual_ip_edit.php?id=<?=$i;?>';"> <font color="#FFFFFF"><?=htmlspecialchars($vipent['descr']);?> diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 8facc50..3e1df0c 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -86,8 +86,8 @@ if ($_POST) { if ($_POST['ipaddr'] == $config['interfaces']['lan']['ipaddr']) $input_errors[] = "The LAN IP address may not be used in a virtual entry."; - if($_POST['subnet_bits'] == "32" and $_POST['type'] == "carp") - $input_errors[] = "The /32 subnet mask is invalid for CARP IP's."; + if($_POST['subnet_bits'] == "32" and $_POST['type'] == "carp") + $input_errors[] = "The /32 subnet mask is invalid for CARP IPs."; /* check for overlaps with other virtual IP */ foreach ($a_vip as $vipent) { @@ -142,7 +142,7 @@ if ($_POST) { $can_post = false; } if($can_post == false) - $input_errors[] = "Sorry, we could not locate an interface with a matching subnet for {$cannot_find}. Please add an ip in this subnet on a real interface."; + $input_errors[] = "Sorry, we could not locate an interface with a matching subnet for {$cannot_find}. Please add an IP alias in this subnet on this interface."; } if (!$input_errors) { @@ -222,6 +222,7 @@ function enable_change(enable_over) { var note = document.getElementById("typenote"); var carpnote = document.createTextNode("This must be the network's subnet mask. It does not specify a CIDR range."); var proxyarpnote = document.createTextNode("This is a CIDR block of proxy ARP addresses."); + var ipaliasnote = document.createTextNode("This must be the network's subnet mask. It does not specify a CIDR range."); if ((get_radio_value(document.iform.mode) == "carp") || enable_over) { document.iform.vhid.disabled = 0; document.iform.password.disabled = 0; @@ -253,6 +254,12 @@ function enable_change(enable_over) { note.removeChild(note.firstChild); } } + if (get_radio_value(document.iform.mode) == "ipalias") { + document.iform.type.disabled = 1; + note.removeChild(note.firstChild); + note.appendChild(ipaliasnote); + document.iform.subnet_bits.disabled = 0; + } } function typesel_change() { @@ -275,6 +282,12 @@ function typesel_change() { //document.iform.range_from.disabled = 0; //document.iform.range_to.disabled = 0; break; + case 3: // IP alias + document.iform.subnet.disabled = 1; + document.iform.subnet_bits.disabled = 0; + //document.iform.range_from.disabled = 0; + //document.iform.range_to.disabled = 0; + break; } } //--> @@ -292,6 +305,8 @@ function typesel_change() { <?php if ($pconfig['mode'] == "carp") echo "checked";?>> CARP <input name="mode" type="radio" onclick="enable_change(false)" value="other" <?php if ($pconfig['mode'] == "other") echo "checked";?>> Other + <input name="mode" type="radio" onclick="enable_change(false)" value="ipalias" + <?php if ($pconfig['mode'] == "ipalias") echo "checked";?>> IP Alias </td> </tr> <tr> @@ -407,8 +422,8 @@ function typesel_change() { <span class="red"> <strong>Note:<br></strong> </span> - ProxyARP type IP addresses *DO NOT* work with the FTP Helper and addon packages such as squid. Use a CARP type address in this case. - <p> For more information on CARP and the above values, visit the OpenBSD <a href='http://www.openbsd.org/faq/pf/carp.html'>CARP faq</A>. + ProxyARP type IP addresses *DO NOT* work with the FTP Helper and addon packages such as squid. Use a CARP or IP Alias type address for these cases. + <p> For more information on CARP and the above values, visit the OpenBSD <a href='http://www.openbsd.org/faq/pf/carp.html'>CARP FAQ</A>. </span> </p> </td> |
