diff options
author | PiBa-NL <pba_2k3@yahoo.com> | 2012-10-01 14:38:03 +0200 |
---|---|---|
committer | PiBa-NL <pba_2k3@yahoo.com> | 2012-10-01 14:38:03 +0200 |
commit | d8cdfd3e34fd57bfde7061620007a712321c4d12 (patch) | |
tree | b41e4bbd5ba58ca0595058725856554f2b768379 /etc/inc/gwlb.inc | |
parent | 90763c7fabf9dbcba50dcb15748c7c6d5dc148ec (diff) | |
parent | 19d61d2731c1fb0baf877632e8e482bf3ff57bdd (diff) | |
download | pfsense-d8cdfd3e34fd57bfde7061620007a712321c4d12.zip pfsense-d8cdfd3e34fd57bfde7061620007a712321c4d12.tar.gz |
Merge branch 'master' of git://github.com/bsdperimeter/pfsense
Diffstat (limited to 'etc/inc/gwlb.inc')
-rw-r--r-- | etc/inc/gwlb.inc | 104 |
1 files changed, 54 insertions, 50 deletions
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index 20149b4..1068e48 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -657,6 +657,58 @@ function return_gateways_array($disabled = false, $localhost = false) { return($gateways_arr); } +function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) { + global $config, $g; + /* + * NOTE: The code below is meant to replace the default gateway when it goes down. + * This facilitates services running on pfSense itself and are not handled by a PBR to continue working. + */ + $upgw = ""; + $dfltgwdown = false; + $dfltgwfound = false; + foreach ($gateways_arr as $gwname => $gwsttng) { + if (($gwsttng['ipprotocol'] == $ipprotocol) && isset($gwsttng['defaultgw'])) { + $dfltgwfound = true; + $dfltgwname = $gwname; + if (!isset($gwsttng['monitor_disable']) && stristr($gateways_status[$gwname]['status'], "down")) + $dfltgwdown = true; + } + /* Keep a record of the last up gateway */ + /* XXX: Blacklist lan for now since it might cause issues to those who have a gateway set for it */ + if (empty($upgw) && ($gwsttng['ipprotocol'] == $ipprotocol) && (isset($gwsttng['monitor_disable']) || !stristr($gateways_status[$gwname]['status'], "down")) && $gwsttng[$gwname]['friendlyiface'] != "lan") + $upgw = $gwname; + if ($dfltgwdown == true && !empty($upgw)) + break; + } + if ($dfltgwfound == false) { + $gwname = convert_friendly_interface_to_friendly_descr("wan"); + if (!empty($gateways_status[$gwname]) && stristr($gateways_status[$gwname]['status'], "down")) + $dfltgwdown = true; + } + if ($dfltgwdown == true && !empty($upgw)) { + if (preg_match("/dynamic/i", $gateways_arr[$upgw]['gateway'])) + $gateways_arr[$upgw]['gateway'] = get_interface_gateway($gateways_arr[$upgw]['friendlyiface']); + if (is_ipaddr($gateways_arr[$upgw]['gateway'])) { + log_error("Default gateway down setting {$upgw} as default!"); + if(is_ipaddrv6($gateways_arr[$upgw]['gateway'])) { + $inetfamily = "-inet6"; + } else { + $inetfamily = "-inet"; + } + mwexec("/sbin/route change {$inetfamily} default {$gateways_arr[$upgw]['gateway']}"); + } + } else { + $defaultgw = trim(`/sbin/route -n get -{$ipprotocol} default | /usr/bin/grep gateway | /usr/bin/sed 's/gateway://g'`, " \n"); + if(is_ipaddrv6($gateways_arr[$dfltgwname]['gateway'])) { + $inetfamily = "-inet6"; + } else { + $inetfamily = "-inet"; + } + if ($defaultgw != $gateways_arr[$dfltgwname]['gateway']) + mwexec("/sbin/route change {$inetfamily} default {$gateways_arr[$dfltgwname]['gateway']}"); + } +} + /* * Return an array with all gateway groups with name as key * All gateway groups will be processed before returning the array. @@ -671,56 +723,8 @@ function return_gateway_groups_array() { $carplist = get_configured_carp_interface_list(); if (isset($config['system']['gw_switch_default'])) { - /* - * NOTE: The code below is meant to replace the default gateway when it goes down. - * This facilitates services running on pfSense itself and are not handled by a PBR to continue working. - */ - $upgw = ""; - $dfltgwdown = false; - $dfltgwfound = false; - foreach ($gateways_arr as $gwname => $gwsttng) { - if (isset($gwsttng['defaultgw'])) { - $dfltgwfound = true; - $dfltgwname = $gwname; - if (!isset($gwsttng['monitor_disable']) && stristr($gateways_status[$gwname]['status'], "down")) - $dfltgwdown = true; - } - /* Keep a record of the last up gateway */ - /* XXX: Blacklist lan for now since it might cause issues to those who have a gateway set for it */ - if (empty($upgw) && (isset($gwsttng['monitor_disable']) || !stristr($gateways_status[$gwname]['status'], "down")) && $gwsttng[$gwname]['friendlyiface'] != "lan") - $upgw = $gwname; - if ($dfltgwdown == true && !empty($upgw)) - break; - } - if ($dfltgwfound == false) { - $gwname = convert_friendly_interface_to_friendly_descr("wan"); - if (!empty($gateways_status[$gwname]) && stristr($gateways_status[$gwname]['status'], "down")) - $dfltgwdown = true; - } - if ($dfltgwdown == true && !empty($upgw)) { - if (preg_match("/dynamic/i", $gateways_arr[$upgw]['gateway'])) - $gateways_arr[$upgw]['gateway'] = get_interface_gateway($gateways_arr[$upgw]['friendlyiface']); - if (is_ipaddr($gateways_arr[$upgw]['gateway'])) { - log_error("Default gateway down setting {$upgw} as default!"); - if(is_ipaddrv6($gateways_arr[$upgw]['gateway'])) { - $inetfamily = "-inet6"; - } else { - $inetfamily = "-inet"; - } - mwexec("/sbin/route change {$inetfamily} default {$gateways_arr[$upgw]['gateway']}"); - } - } else { - $defaultgw = trim(`/sbin/route -n get -inet default | /usr/bin/grep gateway | /usr/bin/sed 's/gateway://g'`, " \n"); - if(is_ipaddrv6($gateways_arr[$dfltgwname]['gateway'])) { - $inetfamily = "-inet6"; - } else { - $inetfamily = "-inet"; - } - if ($defaultgw != $gateways_arr[$dfltgwname]['gateway']) - mwexec("/sbin/route change {$inetfamily} default {$gateways_arr[$dfltgwname]['gateway']}"); - } - - unset($upgw, $dfltgwfound, $dfltgwdown, $gwname, $gwsttng); + fixup_default_gateway("inet", $gateways_status, $gateways_arr); + fixup_default_gateway("inet6", $gateways_status, $gateways_arr); } if (is_array($config['gateways']['gateway_group'])) { foreach($config['gateways']['gateway_group'] as $group) { |