Check interfaces and VIP IP address overlap

- Check if interface IP overlaps other interfaces or localip from mpd based services - Check if VIPs IP overlaps interfaces or other VIPs address It fixes #1723
author: Renato Botelho <garga@FreeBSD.org> 2013-02-11 18:33:26 -0200
committer: Renato Botelho <garga@FreeBSD.org> 2013-02-11 18:35:50 -0200
commit: e6c60013283ea203853e0bc34158e185016f4df6 (patch)
tree: 0f9e643beb4cdd347379a63d708fdd27a2e9a434 /etc/inc
parent: 699125b18256a9270c28be75f8579b456f39035e (diff)
download: pfsense-e6c60013283ea203853e0bc34158e185016f4df6.zip
pfsense-e6c60013283ea203853e0bc34158e185016f4df6.tar.gz
2 files changed, 45 insertions, 11 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 63cc465..bba28dd 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -2431,22 +2431,42 @@ function load_mac_manufacturer_table() {
  *   returns true if the IP Address is
  *   configured and present on this device.
 */
-function is_ipaddr_configured($ipaddr) {
-	$interface_list_ips = get_configured_ip_addresses();
-	foreach($interface_list_ips as $ilips) {
-		if(strcasecmp($ipaddr, $ilips) == 0)
-			return true;
+function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $check_subnets = false) {
+	global $config;
+
+	if ($check_subnets) {
+		$iflist = get_configured_interface_list();
+		foreach ($iflist as $if => $ifname) {
+			if ($ignore_if == $if)
+				continue;
+			$bitmask = get_interface_subnet($if);
+			$subnet = gen_subnet(get_interface_ip($if), $bitmask);
+			if (ip_in_subnet($ipaddr, $subnet . '/' . $bitmask))
+				return true;
+		}
+	} else {
+		$interface_list_ips = get_configured_ip_addresses();
+		foreach($interface_list_ips as $if => $ilips) {
+			if ($ignore_if == $if)
+				continue;
+			if (strcasecmp($ipaddr, $ilips) == 0)
+				return true;
+		}
 	}
 
-	$interface_list_ips = get_configured_ip_aliases_list();
-	foreach($interface_list_ips as $key => $ilips) {
-		if(strcasecmp($ipaddr, $key) == 0)
+	$interface_list_vips = get_configured_vips_list();
+	foreach($interface_list_vips as $id => $vip) {
+		if ($ignore_if == "vip_" . $id)
+			continue;
+		if (strcasecmp($ipaddr, $vip['ipaddr']) == 0)
 			return true;
 	}
 
-	$interface_list_ips = get_configured_carp_interface_list();
-	foreach($interface_list_ips as $ilips) {
-		if(strcasecmp($ipaddr, $ilips) == 0)
+	if ($check_localip) {
+		if (isset($config['pptpd']['localip']) && (strcasecmp($ipaddr, $config['pptpd']['localip']) == 0))
+			return true;
+
+		if (isset($config['l2tp']['localip']) && (strcasecmp($ipaddr, $config['l2tp']['localip']) == 0))
 			return true;
 	}
 
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index 4404815..33914ae 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -740,6 +740,20 @@ function get_configured_ip_aliases_list($returnfullentry = false) {
 	return $alias_list;
 }
 
+/* return all configured aliases list (IP, carp, proxyarp and other) */
+function get_configured_vips_list() {
+	global $config;
+
+	$alias_list=array();
+
+	if(is_array($config['virtualip']['vip'])) {
+		$viparr = &$config['virtualip']['vip'];
+		foreach ($viparr as $vip)
+			$alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
+	}
+
+	return $alias_list;
+}
 
 /* comparison function for sorting by the order in which interfaces are normally created */
 function compare_interface_friendly_names($a, $b) {
author	Renato Botelho <garga@FreeBSD.org>	2013-02-11 18:33:26 -0200
committer	Renato Botelho <garga@FreeBSD.org>	2013-02-11 18:35:50 -0200
commit	e6c60013283ea203853e0bc34158e185016f4df6 (patch)
tree	0f9e643beb4cdd347379a63d708fdd27a2e9a434 /etc/inc
parent	699125b18256a9270c28be75f8579b456f39035e (diff)
download	pfsense-e6c60013283ea203853e0bc34158e185016f4df6.zip pfsense-e6c60013283ea203853e0bc34158e185016f4df6.tar.gz