diff options
| author | Ermal <eri@pfsense.org> | 2010-12-17 22:53:40 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2010-12-17 22:55:33 +0000 |
| commit | 67b057a99332b33321bc08cd6f2b96d545f40665 (patch) | |
| tree | 18326c35f4999691d5673dcdce905630af4dfa55 /etc/inc | |
| parent | 0183a568f9156041fb6f16a405ded0aecf958d6a (diff) | |
| download | pfsense-67b057a99332b33321bc08cd6f2b96d545f40665.zip pfsense-67b057a99332b33321bc08cd6f2b96d545f40665.tar.gz | |
Do not attach ng_etther(4) to every system interface. Instead do a search if netgraph is needed on single/every interface during interface configuration. Also enable netgraph support for interface as needed when enabling pptp/l2tp/pppoe/... . This should prevent the netgraph queue to slow down network performance on fast links.
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/interfaces.inc | 42 | ||||
| -rw-r--r-- | etc/inc/vpn.inc | 15 |
2 files changed, 57 insertions, 0 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 4636c3e..ebd365f 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -84,6 +84,46 @@ function does_interface_exist($interface) { return false; } +function interface_netgraph_needed($interface = "wan") { + global $config; + + $found = false; + if (!empty($config['pptpd']) && + $config['pptpd']['mode'] == "server") + $found = true; + if ($found == false && !empty($config['l2tp']) && + $config['l2tp']['mode'] == "server") + $found = true; + if ($found == false && is_array($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoe) { + if ($pppoe['mode'] != "server") + continue; + if ($pppoe['interface'] == $interface) + $found = true; + break; + } + } + if ($found == false && !empty($config['interfaces'][$interface])) { + switch ($config['interfaces'][$interface]['ipaddr']) { + case "ppp": + case "pppoe": + case "l2tp": + case "pptp": + $found = true; + break; + default: + $found = false; + break; + } + } + + $realif = get_real_interface($interface); + if ($found == true) + pfSense_ngctl_attach(".", $realif); + else + pfSense_ngctl_detach("{$realif}:", $realif); +} + function interfaces_loopback_configure() { if($g['booting']) echo "Configuring loopback interface..."; @@ -2554,6 +2594,8 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven if(does_interface_exist($wancfg['if'])) interfaces_bring_up($wancfg['if']); + + interface_netgraph_needed($interface); if (!$g['booting']) { link_interface_to_vips($interface, "update"); diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 44c934c..ef06f61 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -963,6 +963,15 @@ function vpn_setup() { vpn_l2tp_configure(); } +function vpn_netgraph_support() { + $iflist = get_configured_interface_list(); + foreach ($iflist as $iface) { + $realif = get_real_interface($iface); + /* Get support for netgraph(4) from the nic */ + pfSense_ngctl_attach(".", $realif); + } +} + function vpn_pptpd_configure() { global $config, $g; @@ -1153,6 +1162,8 @@ EOD; fclose($fd); chmod("{$g['varetc_path']}/pptp-vpn/mpd.secret", 0600); + vpn_netgraph_support(); + /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pptp-vpn -p {$g['varrun_path']}/pptp-vpn.pid -s pptps pptps"); @@ -1356,6 +1367,8 @@ EOD; chmod("{$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn/mpd.secret", 0600); } + /* Get support for netgraph(4) from the nic */ + pfSense_ngctl_attach(".", $pppoe_interface); /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/pppoe{$pppoecfg['pppoeid']}-vpn -p {$g['varrun_path']}/pppoe{$pppoecfg['pppoeid']}-vpn.pid -s poes poes"); @@ -1537,6 +1550,8 @@ EOD; fclose($fd); chmod("{$g['varetc_path']}/l2tp-vpn/mpd.secret", 0600); + vpn_netgraph_support(); + /* fire up mpd */ mwexec("/usr/local/sbin/mpd4 -b -d {$g['varetc_path']}/l2tp-vpn -p {$g['varrun_path']}/l2tp-vpn.pid -s l2tps l2tps"); |
