diff options
| author | Shahid Sheikh <shahidsheikh10@yahoo.com> | 2013-09-02 21:23:21 -0400 |
|---|---|---|
| committer | Shahid Sheikh <shahidsheikh10@yahoo.com> | 2013-09-02 21:23:21 -0400 |
| commit | 330ecea1bf568f1284d31628668b84250641e066 (patch) | |
| tree | ad55dd066a494fc1acf049a5b6e240876b8f5ef7 /etc/inc/openvpn.inc | |
| parent | e7a209f57f895cc3ca80dbebee30deeedc970c10 (diff) | |
| download | pfsense-330ecea1bf568f1284d31628668b84250641e066.zip pfsense-330ecea1bf568f1284d31628668b84250641e066.tar.gz | |
Fix #3174 Handling of gateway groups in openvpn_restart()
If the underlying vip of a gateway group that an openvpn client is bound
to is in backup mode then the client should not start.
Diffstat (limited to 'etc/inc/openvpn.inc')
| -rw-r--r-- | etc/inc/openvpn.inc | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 6dbf27a..d01e547 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -789,6 +789,14 @@ function openvpn_restart($mode, $settings) { /* Do not start a client if we are a CARP backup on this vip! */ if (($mode == "client") && strstr($settings['interface'], "_vip") && (get_carp_interface_status($settings['interface']) == "BACKUP")) return; + + /* Check if client is bound to a gateway group */ + $a_groups = return_gateway_groups_array(); + if (is_array($a_groups[$settings['interface']])) { + /* the interface is a gateway group. If a vip is defined and its a CARP backup then do not start */ + if (($a_groups[$settings['interface']][0]['vip'] <> "") && (get_carp_interface_status($a_groups[$settings['interface']][0]['vip']) == "BACKUP")) + return; + } /* start the new process */ $fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf"; |
