diff options
author | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:41:26 -0300 |
---|---|---|
committer | Vinicius Coque <vinicius.coque@bluepex.com> | 2011-05-23 15:41:26 -0300 |
commit | d21d6e2090c6701041b8555cdaca9ad2c949d4f1 (patch) | |
tree | af0245350bcbb585909b9740c1ac51d3cb07aa80 /etc/inc/interfaces.inc | |
parent | a51493d1981175048bdccce51f6b4ad6720da679 (diff) | |
parent | 042578fd634f8c54a158417527d018e0f8f56b95 (diff) | |
download | pfsense-d21d6e2090c6701041b8555cdaca9ad2c949d4f1.zip pfsense-d21d6e2090c6701041b8555cdaca9ad2c949d4f1.tar.gz |
Merge remote-tracking branch 'mainline/master' into inc
Conflicts:
etc/inc/interfaces.inc
etc/inc/upgrade_config.inc
etc/inc/vpn.inc
Diffstat (limited to 'etc/inc/interfaces.inc')
-rw-r--r-- | etc/inc/interfaces.inc | 93 |
1 files changed, 74 insertions, 19 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 02eadf4..3f3b02d 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -255,6 +255,7 @@ function interface_qinq_configure(&$vlan, $fd = NULL) { /* make sure the parent is converted to ng_vlan(4) and is up */ interfaces_bring_up($qinqif); + pfSense_ngctl_attach(".", $qinqif); if (!empty($vlanif) && does_interface_exist($vlanif)) { fwrite($fd, "shutdown {$qinqif}qinq:\n"); exec("/usr/sbin/ngctl msg {$qinqif}qinq: gettable", $result); @@ -364,7 +365,7 @@ function interfaces_create_wireless_clones() { echo " " . gettext("done.") . "\n"; } -function interfaces_bridge_configure() { +function interfaces_bridge_configure($checkmember = 0) { global $config; $i = 0; @@ -372,6 +373,10 @@ function interfaces_bridge_configure() { foreach ($config['bridges']['bridged'] as $bridge) { if(empty($bridge['bridgeif'])) $bridge['bridgeif'] = "bridge{$i}"; + if ($checkmember == 1 && (strstr($bridge['members'], "gif") || strstr($bridge['members'], "gre"))) + continue; + if ($checkmember == 2 && !strstr($bridge['members'], "gif") && !strstr($bridge['members'], "gre")) + continue; /* XXX: Maybe we should report any errors?! */ interface_bridge_configure($bridge); $i++; @@ -411,6 +416,8 @@ function interface_bridge_configure(&$bridge) { $realif = get_real_interface($member); $opts = pfSense_get_interface_addresses($realif); $mtu = $opts['mtu']; + if (substr($realif, 0, 3) == "gif" && $mtu < 1500) + continue; if (!isset($opts['encaps']['txcsum'])) $commontx = false; if (!isset($opts['encaps']['rxcsum'])) @@ -685,13 +692,17 @@ function interface_lagg_configure(&$lagg) { return $laggif; } -function interfaces_gre_configure() { +function interfaces_gre_configure($checkparent = 0) { global $config; if (is_array($config['gres']['gre']) && count($config['gres']['gre'])) { foreach ($config['gres']['gre'] as $i => $gre) { if(empty($gre['greif'])) $gre['greif'] = "gre{$i}"; + if ($checkparent == 1 && strstr($gre['if'], "vip")) + continue; + if ($checkparent == 2 && !strstr($gre['if'], "vip")) + continue; /* XXX: Maybe we should report any errors?! */ interface_gre_configure($gre); } @@ -740,13 +751,17 @@ function interface_gre_configure(&$gre, $grekey = "") { return $greif; } -function interfaces_gif_configure() { +function interfaces_gif_configure($checkparent = 0) { global $config; if (is_array($config['gifs']['gif']) && count($config['gifs']['gif'])) { foreach ($config['gifs']['gif'] as $i => $gif) { if(empty($gif['gifif'])) $gre['gifif'] = "gif{$i}"; + if ($checkparent == 1 && strstr($gif['if'], "vip")) + continue; + if ($checkparent == 2 && !strstr($gif['if'], "vip")) + continue; /* XXX: Maybe we should report any errors?! */ interface_gif_configure($gif); } @@ -843,12 +858,30 @@ function interfaces_configure() { /* create the unconfigured wireless clones */ interfaces_create_wireless_clones(); + /* + * NOTE: The following function parameter consists of + * 1 - Do not load gre/gif/bridge with parent/member as vip + * 2 - Do load gre/gif/bridge with parent/member as vip + */ + /* set up GRE virtual interfaces */ - interfaces_gre_configure(); + interfaces_gre_configure(1); /* set up GIF virtual interfaces */ - interfaces_gif_configure(); - + interfaces_gif_configure(1); + + /* set up BRIDGe virtual interfaces */ + interfaces_bridge_configure(1); + + /* bring up vip interfaces */ + interfaces_vips_configure(); + + /* set up GRE virtual interfaces */ + interfaces_gre_configure(2); + + /* set up GIF virtual interfaces */ + interfaces_gif_configure(2); + foreach ($delayed_list as $if => $ifname) { if ($g['booting']) printf(gettext("Configuring %s interface..."), $ifname); @@ -862,7 +895,7 @@ function interfaces_configure() { } /* set up BRIDGe virtual interfaces */ - interfaces_bridge_configure(); + interfaces_bridge_configure(2); foreach ($bridge_list as $if => $ifname) { if ($g['booting']) @@ -876,9 +909,6 @@ function interfaces_configure() { echo gettext("done.") . "\n"; } - /* bring up vip interfaces */ - interfaces_vips_configure(); - /* configure interface groups */ interfaces_group_setup(); @@ -1578,7 +1608,6 @@ function interfaces_carp_setup() { unset($pfsyncenabled); } - $cmdchain->add(gettext("Allow CARP"), "/sbin/sysctl net.inet.carp.allow=1", true); if($balanacing) { $cmdchain->add(gettext("Enable CARP ARP-balancing"), "/sbin/sysctl net.inet.carp.arpbalance=1", true); $cmdchain->add(gettext("Disallow CARP preemption"), "/sbin/sysctl net.inet.carp.preempt=0", true); @@ -1595,8 +1624,8 @@ function interfaces_carp_setup() { */ $fd = fopen("{$g['tmp_path']}/rules.boot", "w"); if ($fd) { - fwrite($fd, "pass quick proto carp all keep state\n"); - fwrite($fd, "pass quick proto pfsync all\n"); + fwrite($fd, "block quick proto carp \n"); + fwrite($fd, "block quick proto pfsync \n"); fwrite($fd, "pass out quick from any to any keep state\n"); fclose($fd); mwexec("/sbin/pfctl -f {$g['tmp_path']}/rules.boot"); @@ -1725,10 +1754,8 @@ function interfaces_vips_configure($interface = "") { case "carp": if ($interface <> "" && $vip['interface'] <> $interface) continue; - if ($carp_setuped == false) { - interfaces_carp_setup(); + if ($carp_setuped == false) $carp_setuped = true; - } interface_carp_configure($vip); break; case "carpdev-dhcp": @@ -1738,7 +1765,8 @@ function interfaces_vips_configure($interface = "") { break; } } - + if ($carp_setuped == true) + interfaces_carp_setup(); if ($anyproxyarp == true) interface_proxyarp_configure(); } @@ -2490,7 +2518,8 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven // Need code to handle MLPPP if we ever use $realhwif for MLPPP handling $realhwif = $realhwif_array[0]; - if (!$g['booting']) { + + if (!$g['booting'] && !substr($realif, 0, 4) == "ovpn") { /* remove all IPv4 addresses */ while (mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " -alias", true) == 0); @@ -2552,6 +2581,11 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven } if (!empty($wancfg['mtu'])) pfSense_interface_mtu($realhwif, $wancfg['mtu']); + else { + $mtu = get_interface_default_mtu(remove_numbers($realhwif)); + if ($mtu != get_interface_mtu($realhwif)) + pfSense_interface_mtu($realhwif, $mtu); + } $options = pfSense_get_interface_addresses($realhwif); if (is_array($options) && isset($options['caps']['polling'])) { @@ -2633,7 +2667,7 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven } else if (substr($realif, 0, 3) == "gif") { if (is_array($config['gifs']['gif'])) { foreach ($config['gifs']['gif'] as $gif) - if($gif['gifif'] == $interface) + if($gif['gifif'] == $realif) interface_gif_configure($gif); } } else if (substr($realif, 0, 4) == "ovpn") { @@ -3662,6 +3696,27 @@ EOD; unlink_if_exists($cron_file); } +function get_interface_default_mtu($type = "ethernet") { + switch ($type) { + case "gre": + return 1476; + break; + case "gif": + return 1280; + break; + case "tun": + case "vlan": + case "tap": + case "ethernet": + default: + return 1500; + break; + } + + /* Never reached */ + return 1500; +} + function get_vip_descr($ipaddress) { global $config; |