summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorDarren Embry <dse@webonastick.com>2012-03-22 21:25:58 -0400
committerDarren Embry <dse@webonastick.com>2012-03-22 21:25:58 -0400
commitf97a5b0419d0350cc85b91d180238975c308ac07 (patch)
tree914f9207874cedb51200c1911df2c948186c299b /etc
parent95e174f18ce4604e1c69aebe0530dad06322dba8 (diff)
downloadpfsense-f97a5b0419d0350cc85b91d180238975c308ac07.zip
pfsense-f97a5b0419d0350cc85b91d180238975c308ac07.tar.gz
Move CARP settings from pkg XML to a real PHP page
https://redmine.pfsense.org/issues/647
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/filter.inc4
-rw-r--r--etc/inc/globals.inc2
-rw-r--r--etc/inc/interfaces.inc14
-rw-r--r--etc/inc/upgrade_config.inc18
-rwxr-xr-xetc/rc.filter_synchronize291
5 files changed, 171 insertions, 158 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index ecf059a..386c062 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -3027,9 +3027,7 @@ function filter_process_carp_rules() {
}
$lines = "";
/* return if there are no carp configured items */
- if(isset($config['installedpackages']['carp']['config']) &&
- $config['installedpackages']['carpsettings']['config'] <> "" or
- $config['virtualip']['vip'] <> "") {
+ if(isset($config['hasync']) && $config['hasync'] <> "" or $config['virtualip']['vip'] <> "") {
$lines .= "block in log quick proto carp from (self) to any\n";
$lines .= "pass quick proto carp\n";
$lines .= "pass quick proto pfsync\n";
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index ee9853d..dda1935 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -77,7 +77,7 @@ $g = array(
"disablecrashreporter" => false,
"crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php",
"debug" => false,
- "latest_config" => "8.3",
+ "latest_config" => "8.4",
"nopkg_platforms" => array("cdrom"),
"minimum_ram_warning" => "101",
"minimum_ram_warning_text" => "128 MB",
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 9603789..f04acbb 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -1723,15 +1723,11 @@ function interfaces_carp_setup() {
}
/* suck in configuration items */
- if($config['installedpackages']['carpsettings']) {
- if($config['installedpackages']['carpsettings']['config']) {
- foreach($config['installedpackages']['carpsettings']['config'] as $carp) {
- $pfsyncenabled = $carp['pfsyncenabled'];
- $balanacing = $carp['balancing'];
- $pfsyncinterface = $carp['pfsyncinterface'];
- $pfsyncpeerip = $carp['pfsyncpeerip'];
- }
- }
+ if($config['hasync']) {
+ $pfsyncenabled = $config['hasync']['pfsyncenabled'];
+ $balanacing = $config['hasync']['balancing'];
+ $pfsyncinterface = $config['hasync']['pfsyncinterface'];
+ $pfsyncpeerip = $config['hasync']['pfsyncpeerip'];
} else {
unset($pfsyncinterface);
unset($balanacing);
diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc
index 1e12de4..d8461ee 100644
--- a/etc/inc/upgrade_config.inc
+++ b/etc/inc/upgrade_config.inc
@@ -2736,4 +2736,22 @@ function upgrade_082_to_083() {
}
}
+function upgrade_083_to_084() {
+ global $config;
+ if (!isset($config['hasync'])) {
+ if (!empty($config['installedpackages']) &&
+ !empty($config['installedpackages']['carpsettings']) &&
+ !empty($config['installedpackages']['carpsettings']['config'])) {
+ $config['hasync'] = $config['installedpackages']['carpsettings']['config'][0];
+ unset($config['installedpackages']['carpsettings']);
+ }
+ if (empty($config['installedpackages']['carpsettings'])) {
+ unset($config['installedpackages']['carpsettings']);
+ }
+ if (empty($config['installedpackages'])) {
+ unset($config['installedpackages']);
+ }
+ }
+}
+
?>
diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index f4b319d..6caffe4 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -272,157 +272,158 @@ global $g;
if (file_exists("{$g['varrun_path']}/booting") || $g['booting'])
return;
-if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])) {
- update_filter_reload_status("Building CARP sync information");
- foreach($config['installedpackages']['carpsettings']['config'] as $carp) {
- if (empty($carp['synchronizetoip'])) {
- log_error("Config sync not being done because of missing sync IP (this is normal on secondary systems).");
+if (is_array($config['hasync'])) {
+ update_filter_reload_status("Building high availability sync information");
+ $hasync = $config['hasync'];
+
+ if (empty($hasync['synchronizetoip'])) {
+ log_error("Config sync not being done because of missing sync IP (this is normal on secondary systems).");
+ break;
+ }
+ /*
+ * XXX: The way we're finding the port right now is really suboptimal -
+ * we can't assume that the other machine is setup identically.
+ */
+ if (!empty($config['system']['webgui']['protocol'])) {
+ $synchronizetoip = $config['system']['webgui']['protocol'];
+ $synchronizetoip .= "://";
+ }
+
+ /* if port is empty lets rely on the protocol selection */
+ $port = $config['system']['webgui']['port'];
+ if (empty($port)) {
+ if ($config['system']['webgui']['protocol'] == "http")
+ $port = "80";
+ else
+ $port = "443";
+ }
+
+ if(is_ipaddrv6($hasync['synchronizetoip']))
+ $hasync['synchronizetoip'] = "[{$hasync['synchronizetoip']}]";
+ $synchronizetoip .= $hasync['synchronizetoip'];
+ if ($hasync['synchronizerules'] != "") {
+ if (!is_array($config['filter']))
+ $config['filter'] = array();
+ $sections[] = 'filter';
+ }
+ if ($hasync['synchronizenat'] != "") {
+ if (!is_array($config['nat']))
+ $config['nat'] = array();
+ $sections[] = 'nat';
+ }
+ if ($hasync['synchronizealiases'] != "") {
+ if (!is_array($config['aliases']))
+ $config['aliases'] = array();
+ $sections[] = 'aliases';
+ }
+ if ($hasync['synchronizedhcpd'] != "" and is_array($config['dhcpd']))
+ $sections[] = 'dhcpd';
+ if ($hasync['synchronizewol'] != "") {
+ if (!is_array($config['wol']))
+ $config['wol'] = array();
+ $sections[] = 'wol';
+ }
+ if ($hasync['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) {
+ $sections[] = 'shaper';
+ }
+ if ($hasync['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) {
+ $sections[] = 'dnshaper';
+ }
+ if ($hasync['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) {
+ $sections[] = 'l7shaper';
+ }
+ if ($hasync['synchronizestaticroutes'] != "") {
+ if (!is_array($config['staticroutes']))
+ $config['staticroutes'] = array();
+ if (!is_array($config['staticroutes']['route']))
+ $config['staticroutes']['route'] = array();
+ $sections[] = 'staticroutes';
+ if (!is_array($config['gateways']))
+ $config['gateways'] = array();
+ $sections[] = 'gateways';
+ }
+ if ($hasync['synchronizevirtualip'] != "") {
+ if (!is_array($config['virtualip']))
+ $config['virtualip'] = array();
+ $sections[] = 'virtualip';
+ }
+ if ($hasync['synchronizelb'] != "") {
+ if (!is_array($config['load_balancer']))
+ $config['load_balancer'] = array();
+ $sections[] = 'load_balancer';
+ }
+ if ($hasync['synchronizeipsec'] != "") {
+ if (!is_array($config['ipsec']))
+ $config['ipsec'] = array();
+ $sections[] = 'ipsec';
+ }
+ if ($hasync['synchronizeopenvpn'] != "") {
+ if (!is_array($config['openvpn']))
+ $config['openvpn'] = array();
+ $sections[] = 'openvpn';
+ }
+ if ($hasync['synchronizecerts'] != "" || $hasync['synchronizeopenvpn'] != "") {
+ if (!is_array($config['cert']))
+ $config['cert'] = array();
+ $sections[] = 'cert';
+
+ if (!is_array($config['ca']))
+ $config['ca'] = array();
+ $sections[] = 'ca';
+
+ if (!is_array($config['crl']))
+ $config['crl'] = array();
+ $sections[] = 'crl';
+ }
+ if ($hasync['synchronizeusers'] != "") {
+ $sections[] = 'user';
+ $sections[] = 'group';
+ }
+ if ($hasync['synchronizednsforwarder'] != "" and is_array($config['dnsmasq']))
+ $sections[] = 'dnsmasq';
+ if ($hasync['synchronizeschedules'] != "") {
+ if (!is_array($config['schedules']))
+ $config['schedules'] = array();
+ $sections[] = 'schedules';
+ }
+ if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['captiveportal']))
+ $sections[] = 'captiveportal';
+ if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['vouchers']))
+ $sections[] = 'vouchers';
+ if (count($sections) > 0) {
+ if (empty($hasync['username']))
+ $username = "admin";
+ else
+ $username = $hasync['username'];
+ if (!carp_check_version($synchronizetoip, $username, $hasync['password'], $port))
break;
- }
- /*
- * XXX: The way we're finding the port right now is really suboptimal -
- * we can't assume that the other machine is setup identically.
- */
- if (!empty($config['system']['webgui']['protocol'])) {
- $synchronizetoip = $config['system']['webgui']['protocol'];
- $synchronizetoip .= "://";
- }
- /* if port is empty lets rely on the protocol selection */
- $port = $config['system']['webgui']['port'];
- if (empty($port)) {
- if ($config['system']['webgui']['protocol'] == "http")
- $port = "80";
- else
- $port = "443";
- }
+ update_filter_reload_status("Signaling CARP reload signal...");
+ carp_sync_xml($synchronizetoip, $username, $hasync['password'], $sections, $port);
+ $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip, $port);
+ $params = array(
+ XML_RPC_encode($hasync['password'])
+ );
- if(is_ipaddrv6($carp['synchronizetoip']))
- $carp['synchronizetoip'] = "[{$carp['synchronizetoip']}]";
- $synchronizetoip .= $carp['synchronizetoip'];
- if ($carp['synchronizerules'] != "") {
- if (!is_array($config['filter']))
- $config['filter'] = array();
- $sections[] = 'filter';
- }
- if ($carp['synchronizenat'] != "") {
- if (!is_array($config['nat']))
- $config['nat'] = array();
- $sections[] = 'nat';
- }
- if ($carp['synchronizealiases'] != "") {
- if (!is_array($config['aliases']))
- $config['aliases'] = array();
- $sections[] = 'aliases';
- }
- if ($carp['synchronizedhcpd'] != "" and is_array($config['dhcpd']))
- $sections[] = 'dhcpd';
- if ($carp['synchronizewol'] != "") {
- if (!is_array($config['wol']))
- $config['wol'] = array();
- $sections[] = 'wol';
- }
- if ($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) {
- $sections[] = 'shaper';
- }
- if ($carp['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) {
- $sections[] = 'dnshaper';
- }
- if ($carp['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) {
- $sections[] = 'l7shaper';
- }
- if ($carp['synchronizestaticroutes'] != "") {
- if (!is_array($config['staticroutes']))
- $config['staticroutes'] = array();
- if (!is_array($config['staticroutes']['route']))
- $config['staticroutes']['route'] = array();
- $sections[] = 'staticroutes';
- if (!is_array($config['gateways']))
- $config['gateways'] = array();
- $sections[] = 'gateways';
- }
- if ($carp['synchronizevirtualip'] != "") {
- if (!is_array($config['virtualip']))
- $config['virtualip'] = array();
- $sections[] = 'virtualip';
- }
- if ($carp['synchronizelb'] != "") {
- if (!is_array($config['load_balancer']))
- $config['load_balancer'] = array();
- $sections[] = 'load_balancer';
- }
- if ($carp['synchronizeipsec'] != "") {
- if (!is_array($config['ipsec']))
- $config['ipsec'] = array();
- $sections[] = 'ipsec';
- }
- if ($carp['synchronizeopenvpn'] != "") {
- if (!is_array($config['openvpn']))
- $config['openvpn'] = array();
- $sections[] = 'openvpn';
- }
- if ($carp['synchronizecerts'] != "" || $carp['synchronizeopenvpn'] != "") {
- if (!is_array($config['cert']))
- $config['cert'] = array();
- $sections[] = 'cert';
-
- if (!is_array($config['ca']))
- $config['ca'] = array();
- $sections[] = 'ca';
-
- if (!is_array($config['crl']))
- $config['crl'] = array();
- $sections[] = 'crl';
- }
- if ($carp['synchronizeusers'] != "") {
- $sections[] = 'user';
- $sections[] = 'group';
- }
- if ($carp['synchronizednsforwarder'] != "" and is_array($config['dnsmasq']))
- $sections[] = 'dnsmasq';
- if ($carp['synchronizeschedules'] != "") {
- if (!is_array($config['schedules']))
- $config['schedules'] = array();
- $sections[] = 'schedules';
- }
- if ($carp['synchronizecaptiveportal'] != "" and is_array($config['captiveportal']))
- $sections[] = 'captiveportal';
- if ($carp['synchronizecaptiveportal'] != "" and is_array($config['vouchers']))
- $sections[] = 'vouchers';
- if (count($sections) > 0) {
- if (empty($carp['username']))
- $username = "admin";
- else
- $username = $carp['username'];
- if (!carp_check_version($synchronizetoip, $username, $carp['password'], $port))
- break;
-
- update_filter_reload_status("Signaling CARP reload signal...");
- carp_sync_xml($synchronizetoip, $username, $carp['password'], $sections, $port);
- $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip, $port);
- $params = array(
- XML_RPC_encode($carp['password'])
- );
-
- $msg = new XML_RPC_Message('pfsense.filter_configure', $params);
- $cli->setCredentials($username, $carp['password']);
- $resp = $cli->send($msg, "900");
+ $msg = new XML_RPC_Message('pfsense.filter_configure', $params);
+ $cli->setCredentials($username, $hasync['password']);
+ $resp = $cli->send($msg, "900");
- if(!is_object($resp)) {
- $error = "A communications error occured while attempting Filter sync with username {$username} {$synchronizetoip}:{$port}.";
- log_error($error);
- file_notice("sync_settings", $error, "Settings Sync", "");
- } elseif($resp->faultCode()) {
- $error = "An error code was received while attempting Filter sync with username {$username} {$synchronizetoip}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
- log_error($error);
- file_notice("sync_settings", $error, "Settings Sync", "");
- } else {
- log_error("Filter sync successfully completed with {$synchronizetoip}:{$port}.");
- $numberofruns = 3;
- }
+ if(!is_object($resp)) {
+ $error = "A communications error occured while attempting Filter sync with username {$username} {$synchronizetoip}:{$port}.";
+ log_error($error);
+ file_notice("sync_settings", $error, "Settings Sync", "");
+ } elseif($resp->faultCode()) {
+ $error = "An error code was received while attempting Filter sync with username {$username} {$synchronizetoip}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ log_error($error);
+ file_notice("sync_settings", $error, "Settings Sync", "");
+ } else {
+ log_error("Filter sync successfully completed with {$synchronizetoip}:{$port}.");
+ $numberofruns = 3;
}
- break;
}
+ break;
+
}
?>
OpenPOWER on IntegriCloud