Merge in virtual IP code

This changeset does the following:
	merges proxy arp and carp setup menus
	removes proxy arp menu from left side
	upgrades config file from 1.7 to 1.8
	moves existing carp virtual IP and proxy arp config to new <virtualip> tag
	removes server NAT (why duplicate work?)

5 files changed, 111 insertions, 55 deletions

diff --git a/etc/inc/config.inc b/etc/inc/config.inc
index 940d779..e802a93 100644
--- a/etc/inc/config.inc
+++ b/etc/inc/config.inc
@@ -600,6 +600,54 @@ function convert_config() {
 		$config['shaper']['enable'] = FALSE;
 		$config['version'] = "1.7";	
 	}
+	/* Convert 1.7 -> 1.8 */
+	if ($config['version'] == "1.7") {
+		if(isset($config['proxyarp']) && is_array($config['proxyarp']['proxyarpnet'])) {
+			$proxyarp = &$config['proxyarp']['proxyarpnet'];
+			foreach($proxyarp as $arpent){
+				$vip = array();
+				$vip['mode'] = "proxyarp";
+				$vip['interface'] = $arpent['interface'];
+				$vip['descr'] = $arpent['descr'];
+				if (isset($arpent['range'])) {
+					$vip['range'] = $arpent['range'];
+					$vip['type'] = "range";
+				} else {
+					$subnet = explode('/', $arpent['network']);
+					$vip['subnet'] = $subnet[0];
+					if (isset($subnet[1])) {
+						$vip['subnet_bits'] = $subnet[1];
+						$vip['type'] = "network";
+					} else {
+						$vip['subnet_bits'] = "32";
+						$vip['type'] = "single";
+					}
+				}
+				$config['virtualip']['vip'][] = $vip;
+			}
+			unset($config['proxyarp']);
+		}
+		if(isset($config['installedpackages']) && isset($config['installedpackages']['carp']) && is_array($config['installedpackages']['carp']['config'])) {
+			$carp = &$config['installedpackages']['carp']['config'];
+			foreach($carp as $carpent){
+				$vip = array();
+				$vip['mode'] = "carp";
+				$vip['interface'] = "AUTO";
+				$vip['descr'] = "CARP vhid {$carpent['vhid']}";
+				$vip['type'] = "single";
+				$vip['vhid'] = $carpent['vhid'];
+				$vip['advskew'] = $carpent['advskew'];
+				$vip['password'] = $carpent['password'];
+				$vip['subnet'] = $carpent['ipaddress'];
+				$vip['subnet_bits'] = "32";
+				$config['virtualip']['vip'][] = $vip;
+			}
+			unset($config['installedpackages']['carp']);
+		}
+		
+		$config['version'] = "1.8";
+	}
+	
 
 	if ($prev_version != $config['version'])
 		write_config("Upgraded config version level from {$prev_version} to {$config['version']}");
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index cb43bf1..d0b9803 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -50,7 +50,7 @@ $g = array(
     "n_pptp_units" => 16, /* this value can be overriden in pptp->n_pptp_units */
     "pptp_subnet" => 28,  /* this value can be overriden in pptp->pptp_subnet  */
     "debug" => false,
-    "latest_config" => "1.7",
+    "latest_config" => "1.8",
     "nopkg_platforms" => array("cdrom"),
     "nopccard_platforms" => array("wrap", "net48xx"),
     "xmlrpcbaseurl" => "www.pfsense.com",
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 8d760df..0efdac6 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -254,49 +254,54 @@ function interfaces_carp_configure() {
 	unlink_if_exists("/usr/local/pkg/pf/carp_rules.sh");
 	$carp_instances_counter = 0;
 	$pfsync_instances_counter = 0;
-	if($config['installedpackages']['carpsettings']['config'] != "") {
-		foreach($config['installedpackages']['carpsettings']['config'] as $carp)
-		if($carp['pfsyncenabled'] != "") {
-			if($carp['premption'] != "")
-			mwexec("/sbin/sysctl net.inet.carp.preempt=1");
-			if($carp['balancing'] != "")
-			mwexec("/sbin/sysctl net.inet.arpbalance=1");
-			$carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);
-			mwexec("/sbin/ifconfig pfsync0 create");
-			mwexec("/sbin/ifconfig pfsync0 syncdev " . $carp_sync_int);
-			mwexec("/sbin/ifconfig pfsync0 syncif " . $carp_sync_int);
-			mwexec("/sbin/ifconfig {$carp_sync_int} up");
-			mwexec("/sbin/ifconfig pfsync0 up");
-			if($g['booting']) {
-				/* install rules to alllow pfsync to sync up during boot
-				* carp interfaces will remain down until the bootup sequence finishes
-				*/
-				exec("echo pass quick proto carp all keep state > /tmp/rules.boot");
-				exec("echo pass quick proto pfsync all >> /tmp/rules.boot");
-				exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot");
-				exec("/sbin/pfctl -f /tmp/rules.boot");
+	if (is_array($config['virtualip']['vip'])) {
+		if(is_array($config['installedpackages']['carpsettings']['config'])) {
+			foreach($config['installedpackages']['carpsettings']['config'] as $carp)
+			if($carp['pfsyncenabled'] != "") {
+				if($carp['premption'] != "")
+				mwexec("/sbin/sysctl net.inet.carp.preempt=1");
+				if($carp['balancing'] != "")
+				mwexec("/sbin/sysctl net.inet.arpbalance=1");
+				$carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);
+				mwexec("/sbin/ifconfig pfsync0 create");
+				mwexec("/sbin/ifconfig pfsync0 syncdev " . $carp_sync_int);
+				mwexec("/sbin/ifconfig pfsync0 syncif " . $carp_sync_int);
+				mwexec("/sbin/ifconfig {$carp_sync_int} up");
+				mwexec("/sbin/ifconfig pfsync0 up");
+				if($g['booting']) {
+					/* install rules to alllow pfsync to sync up during boot
+					* carp interfaces will remain down until the bootup sequence finishes
+					*/
+					exec("echo pass quick proto carp all keep state > /tmp/rules.boot");
+					exec("echo pass quick proto pfsync all >> /tmp/rules.boot");
+					exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot");
+					exec("/sbin/pfctl -f /tmp/rules.boot");
+				}
+				$pfsync_instances_counter++;
 			}
-			$pfsync_instances_counter++;
 		}
-	}
-	if($config['installedpackages']['carp']['config'] != "") {
-		foreach($config['installedpackages']['carp']['config'] as $carp) {
-			/*
-			*  create the carp interface
-			*/
-			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create");
-			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " down");
-			$broadcast_address = gen_subnet_max($carp['ipaddress'], $carp['netmask']);
-			if($carp['password'] != "") {
-				$password = " pass " . $carp['password'];
-			}
-			$carpdev = "";
-			if($carp['interface'] <> "AUTO" and $carp['interface'] <> "") {
-				$ci = filter_opt_interface_to_real($carp['interface']);
-				$carpdev = " carpdev {$ci} ";
+		$viparr = &$config['virtualip']['vip'];
+		foreach ($viparr as $vip) {
+			if ($vip['mode'] == "carp") {
+				/*
+				*  create the carp interface
+				*/
+				mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create");
+				mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " down");
+				$broadcast_address = gen_subnet_max($vip['subnet'], $vip['subnet_bits']);
+				if($vip['password'] != "") {
+					$password = " pass " . $vip['password'];
+				}
+				/* XXX: billm - carpdev not in our build?
+				$carpdev = "";
+				if(isset($vip['interface']) && ($vip['interface'] != "AUTO" && $vip['interface'] != "")) {
+					$ci = filter_opt_interface_to_real($vip['interface']);
+					$carpdev = " carpdev {$ci} ";
+				}
+				*/
+				mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " " . $vip['subnet'] . "/" . $vip['subnet_bits'] . " broadcast " . $broadcast_address . " vhid " . $vip['vhid'] . "{$carpdev} advskew " . $vip['advskew'] . $password);
+				$carp_instances_counter++;
 			}
-			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " " . $carp['ipaddress'] . "/" . $carp['netmask'] . " broadcast " . $broadcast_address . " vhid " . $carp['vhid'] . "{$carpdev} advskew " . $carp['advskew'] . $password);
-			$carp_instances_counter++;
 		}
 	}
 	unmute_kernel_msgs();
@@ -903,4 +908,4 @@ function get_current_wan_address() {
 	}
 }
 
-?>
\ No newline at end of file
+?>
diff --git a/etc/inc/services.inc b/etc/inc/services.inc
index 45a61b8..4d45c5c 100644
--- a/etc/inc/services.inc
+++ b/etc/inc/services.inc
@@ -557,23 +557,25 @@ function services_proxyarp_configure() {
 	/* kill any running choparp */
 	killbyname("choparp");
 
-	if (is_array($config['proxyarp']) && count($config['proxyarp'])) {
-
+	if (isset($config['virtualip']) && is_array($config['virtualip']['vip'])) {
 		$paa = array();
 
 		/* group by interface */
-		foreach ($config['proxyarp']['proxyarpnet'] as $paent) {
-			if ($paent['interface'])
-				$if = $paent['interface'];
-			else
-				$if = "wan";
+		foreach ($config['virtualip']['vip'] as $vipent) {
+			if ($vipent['mode'] === "proxyarp") {
+				if ($vipent['interface'])
+					$if = $vipent['interface'];
+				else
+					$if = "wan";
 
-			if (!is_array($paa[$if]))
-				$paa[$if] = array();
+				if (!is_array($paa[$if]))
+					$paa[$if] = array();
 
-			$paa[$if][] = $paent;
+				$paa[$if][] = $vipent;
+			}
 		}
 
+		if (count($paa))
 		foreach ($paa as $paif => $paents) {
 			if ($paif == "wan" && !(is_ipaddr($config['interfaces']['wan']['ipaddr']) ||
                                        ($config['interfaces']['wan']['ipaddr'] == "dhcp") ||
@@ -584,8 +586,8 @@ function services_proxyarp_configure() {
 
 			foreach ($paents as $paent) {
 
-				if (isset($paent['network']))
-					$args .= " " . escapeshellarg($paent['network']);
+				if (isset($paent['subnet']))
+					$args .= " " . escapeshellarg("{$paent['subnet']}/{$paent['subnet_bits']}");
 				else if (isset($paent['range']))
 					$args .= " " . escapeshellarg($paent['range']['from'] . "-" .
 						$paent['range']['to']);
diff --git a/etc/inc/xmlparse.inc b/etc/inc/xmlparse.inc
index 9d0e7ce..bb16495 100644
--- a/etc/inc/xmlparse.inc
+++ b/etc/inc/xmlparse.inc
@@ -35,7 +35,8 @@ function listtags() {
 	$ret = explode(" ", "cacert row config package columnitem option item fieldname field rule user key subqueue " .
                 "dnsserver winsserver encryption-algorithm-option hash-algorithm-option hosts tunnel " .
                 "onetoone staticmap route alias queue shellcmd earlyshellcmd mobilekey " .
-                "service servernat proxyarpnet passthrumac allowedip wolentry vlan menu domainoverrides");
+                "service servernat proxyarpnet passthrumac allowedip wolentry vlan menu domainoverrides " .
+		"vip");
 
 	return $ret;
 }