diff options
author | Darren Embry <dse@webonastick.com> | 2012-03-22 21:25:58 -0400 |
---|---|---|
committer | Darren Embry <dse@webonastick.com> | 2012-03-22 21:25:58 -0400 |
commit | f97a5b0419d0350cc85b91d180238975c308ac07 (patch) | |
tree | 914f9207874cedb51200c1911df2c948186c299b /etc | |
parent | 95e174f18ce4604e1c69aebe0530dad06322dba8 (diff) | |
download | pfsense-f97a5b0419d0350cc85b91d180238975c308ac07.zip pfsense-f97a5b0419d0350cc85b91d180238975c308ac07.tar.gz |
Move CARP settings from pkg XML to a real PHP page
https://redmine.pfsense.org/issues/647
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 4 | ||||
-rw-r--r-- | etc/inc/globals.inc | 2 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 14 | ||||
-rw-r--r-- | etc/inc/upgrade_config.inc | 18 | ||||
-rwxr-xr-x | etc/rc.filter_synchronize | 291 |
5 files changed, 171 insertions, 158 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index ecf059a..386c062 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -3027,9 +3027,7 @@ function filter_process_carp_rules() { } $lines = ""; /* return if there are no carp configured items */ - if(isset($config['installedpackages']['carp']['config']) && - $config['installedpackages']['carpsettings']['config'] <> "" or - $config['virtualip']['vip'] <> "") { + if(isset($config['hasync']) && $config['hasync'] <> "" or $config['virtualip']['vip'] <> "") { $lines .= "block in log quick proto carp from (self) to any\n"; $lines .= "pass quick proto carp\n"; $lines .= "pass quick proto pfsync\n"; diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index ee9853d..dda1935 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -77,7 +77,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "8.3", + "latest_config" => "8.4", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 9603789..f04acbb 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -1723,15 +1723,11 @@ function interfaces_carp_setup() { } /* suck in configuration items */ - if($config['installedpackages']['carpsettings']) { - if($config['installedpackages']['carpsettings']['config']) { - foreach($config['installedpackages']['carpsettings']['config'] as $carp) { - $pfsyncenabled = $carp['pfsyncenabled']; - $balanacing = $carp['balancing']; - $pfsyncinterface = $carp['pfsyncinterface']; - $pfsyncpeerip = $carp['pfsyncpeerip']; - } - } + if($config['hasync']) { + $pfsyncenabled = $config['hasync']['pfsyncenabled']; + $balanacing = $config['hasync']['balancing']; + $pfsyncinterface = $config['hasync']['pfsyncinterface']; + $pfsyncpeerip = $config['hasync']['pfsyncpeerip']; } else { unset($pfsyncinterface); unset($balanacing); diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index 1e12de4..d8461ee 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -2736,4 +2736,22 @@ function upgrade_082_to_083() { } } +function upgrade_083_to_084() { + global $config; + if (!isset($config['hasync'])) { + if (!empty($config['installedpackages']) && + !empty($config['installedpackages']['carpsettings']) && + !empty($config['installedpackages']['carpsettings']['config'])) { + $config['hasync'] = $config['installedpackages']['carpsettings']['config'][0]; + unset($config['installedpackages']['carpsettings']); + } + if (empty($config['installedpackages']['carpsettings'])) { + unset($config['installedpackages']['carpsettings']); + } + if (empty($config['installedpackages'])) { + unset($config['installedpackages']); + } + } +} + ?> diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize index f4b319d..6caffe4 100755 --- a/etc/rc.filter_synchronize +++ b/etc/rc.filter_synchronize @@ -272,157 +272,158 @@ global $g; if (file_exists("{$g['varrun_path']}/booting") || $g['booting']) return; -if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])) { - update_filter_reload_status("Building CARP sync information"); - foreach($config['installedpackages']['carpsettings']['config'] as $carp) { - if (empty($carp['synchronizetoip'])) { - log_error("Config sync not being done because of missing sync IP (this is normal on secondary systems)."); +if (is_array($config['hasync'])) { + update_filter_reload_status("Building high availability sync information"); + $hasync = $config['hasync']; + + if (empty($hasync['synchronizetoip'])) { + log_error("Config sync not being done because of missing sync IP (this is normal on secondary systems)."); + break; + } + /* + * XXX: The way we're finding the port right now is really suboptimal - + * we can't assume that the other machine is setup identically. + */ + if (!empty($config['system']['webgui']['protocol'])) { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + + /* if port is empty lets rely on the protocol selection */ + $port = $config['system']['webgui']['port']; + if (empty($port)) { + if ($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + + if(is_ipaddrv6($hasync['synchronizetoip'])) + $hasync['synchronizetoip'] = "[{$hasync['synchronizetoip']}]"; + $synchronizetoip .= $hasync['synchronizetoip']; + if ($hasync['synchronizerules'] != "") { + if (!is_array($config['filter'])) + $config['filter'] = array(); + $sections[] = 'filter'; + } + if ($hasync['synchronizenat'] != "") { + if (!is_array($config['nat'])) + $config['nat'] = array(); + $sections[] = 'nat'; + } + if ($hasync['synchronizealiases'] != "") { + if (!is_array($config['aliases'])) + $config['aliases'] = array(); + $sections[] = 'aliases'; + } + if ($hasync['synchronizedhcpd'] != "" and is_array($config['dhcpd'])) + $sections[] = 'dhcpd'; + if ($hasync['synchronizewol'] != "") { + if (!is_array($config['wol'])) + $config['wol'] = array(); + $sections[] = 'wol'; + } + if ($hasync['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { + $sections[] = 'shaper'; + } + if ($hasync['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) { + $sections[] = 'dnshaper'; + } + if ($hasync['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) { + $sections[] = 'l7shaper'; + } + if ($hasync['synchronizestaticroutes'] != "") { + if (!is_array($config['staticroutes'])) + $config['staticroutes'] = array(); + if (!is_array($config['staticroutes']['route'])) + $config['staticroutes']['route'] = array(); + $sections[] = 'staticroutes'; + if (!is_array($config['gateways'])) + $config['gateways'] = array(); + $sections[] = 'gateways'; + } + if ($hasync['synchronizevirtualip'] != "") { + if (!is_array($config['virtualip'])) + $config['virtualip'] = array(); + $sections[] = 'virtualip'; + } + if ($hasync['synchronizelb'] != "") { + if (!is_array($config['load_balancer'])) + $config['load_balancer'] = array(); + $sections[] = 'load_balancer'; + } + if ($hasync['synchronizeipsec'] != "") { + if (!is_array($config['ipsec'])) + $config['ipsec'] = array(); + $sections[] = 'ipsec'; + } + if ($hasync['synchronizeopenvpn'] != "") { + if (!is_array($config['openvpn'])) + $config['openvpn'] = array(); + $sections[] = 'openvpn'; + } + if ($hasync['synchronizecerts'] != "" || $hasync['synchronizeopenvpn'] != "") { + if (!is_array($config['cert'])) + $config['cert'] = array(); + $sections[] = 'cert'; + + if (!is_array($config['ca'])) + $config['ca'] = array(); + $sections[] = 'ca'; + + if (!is_array($config['crl'])) + $config['crl'] = array(); + $sections[] = 'crl'; + } + if ($hasync['synchronizeusers'] != "") { + $sections[] = 'user'; + $sections[] = 'group'; + } + if ($hasync['synchronizednsforwarder'] != "" and is_array($config['dnsmasq'])) + $sections[] = 'dnsmasq'; + if ($hasync['synchronizeschedules'] != "") { + if (!is_array($config['schedules'])) + $config['schedules'] = array(); + $sections[] = 'schedules'; + } + if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['captiveportal'])) + $sections[] = 'captiveportal'; + if ($hasync['synchronizecaptiveportal'] != "" and is_array($config['vouchers'])) + $sections[] = 'vouchers'; + if (count($sections) > 0) { + if (empty($hasync['username'])) + $username = "admin"; + else + $username = $hasync['username']; + if (!carp_check_version($synchronizetoip, $username, $hasync['password'], $port)) break; - } - /* - * XXX: The way we're finding the port right now is really suboptimal - - * we can't assume that the other machine is setup identically. - */ - if (!empty($config['system']['webgui']['protocol'])) { - $synchronizetoip = $config['system']['webgui']['protocol']; - $synchronizetoip .= "://"; - } - /* if port is empty lets rely on the protocol selection */ - $port = $config['system']['webgui']['port']; - if (empty($port)) { - if ($config['system']['webgui']['protocol'] == "http") - $port = "80"; - else - $port = "443"; - } + update_filter_reload_status("Signaling CARP reload signal..."); + carp_sync_xml($synchronizetoip, $username, $hasync['password'], $sections, $port); + $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip, $port); + $params = array( + XML_RPC_encode($hasync['password']) + ); - if(is_ipaddrv6($carp['synchronizetoip'])) - $carp['synchronizetoip'] = "[{$carp['synchronizetoip']}]"; - $synchronizetoip .= $carp['synchronizetoip']; - if ($carp['synchronizerules'] != "") { - if (!is_array($config['filter'])) - $config['filter'] = array(); - $sections[] = 'filter'; - } - if ($carp['synchronizenat'] != "") { - if (!is_array($config['nat'])) - $config['nat'] = array(); - $sections[] = 'nat'; - } - if ($carp['synchronizealiases'] != "") { - if (!is_array($config['aliases'])) - $config['aliases'] = array(); - $sections[] = 'aliases'; - } - if ($carp['synchronizedhcpd'] != "" and is_array($config['dhcpd'])) - $sections[] = 'dhcpd'; - if ($carp['synchronizewol'] != "") { - if (!is_array($config['wol'])) - $config['wol'] = array(); - $sections[] = 'wol'; - } - if ($carp['synchronizetrafficshaper'] != "" and is_array($config['shaper'])) { - $sections[] = 'shaper'; - } - if ($carp['synchronizetrafficshaperlimiter'] != "" and is_array($config['dnshaper'])) { - $sections[] = 'dnshaper'; - } - if ($carp['synchronizetrafficshaperlayer7'] != "" and is_array($config['l7shaper'])) { - $sections[] = 'l7shaper'; - } - if ($carp['synchronizestaticroutes'] != "") { - if (!is_array($config['staticroutes'])) - $config['staticroutes'] = array(); - if (!is_array($config['staticroutes']['route'])) - $config['staticroutes']['route'] = array(); - $sections[] = 'staticroutes'; - if (!is_array($config['gateways'])) - $config['gateways'] = array(); - $sections[] = 'gateways'; - } - if ($carp['synchronizevirtualip'] != "") { - if (!is_array($config['virtualip'])) - $config['virtualip'] = array(); - $sections[] = 'virtualip'; - } - if ($carp['synchronizelb'] != "") { - if (!is_array($config['load_balancer'])) - $config['load_balancer'] = array(); - $sections[] = 'load_balancer'; - } - if ($carp['synchronizeipsec'] != "") { - if (!is_array($config['ipsec'])) - $config['ipsec'] = array(); - $sections[] = 'ipsec'; - } - if ($carp['synchronizeopenvpn'] != "") { - if (!is_array($config['openvpn'])) - $config['openvpn'] = array(); - $sections[] = 'openvpn'; - } - if ($carp['synchronizecerts'] != "" || $carp['synchronizeopenvpn'] != "") { - if (!is_array($config['cert'])) - $config['cert'] = array(); - $sections[] = 'cert'; - - if (!is_array($config['ca'])) - $config['ca'] = array(); - $sections[] = 'ca'; - - if (!is_array($config['crl'])) - $config['crl'] = array(); - $sections[] = 'crl'; - } - if ($carp['synchronizeusers'] != "") { - $sections[] = 'user'; - $sections[] = 'group'; - } - if ($carp['synchronizednsforwarder'] != "" and is_array($config['dnsmasq'])) - $sections[] = 'dnsmasq'; - if ($carp['synchronizeschedules'] != "") { - if (!is_array($config['schedules'])) - $config['schedules'] = array(); - $sections[] = 'schedules'; - } - if ($carp['synchronizecaptiveportal'] != "" and is_array($config['captiveportal'])) - $sections[] = 'captiveportal'; - if ($carp['synchronizecaptiveportal'] != "" and is_array($config['vouchers'])) - $sections[] = 'vouchers'; - if (count($sections) > 0) { - if (empty($carp['username'])) - $username = "admin"; - else - $username = $carp['username']; - if (!carp_check_version($synchronizetoip, $username, $carp['password'], $port)) - break; - - update_filter_reload_status("Signaling CARP reload signal..."); - carp_sync_xml($synchronizetoip, $username, $carp['password'], $sections, $port); - $cli = new XML_RPC_Client('/xmlrpc.php', $synchronizetoip, $port); - $params = array( - XML_RPC_encode($carp['password']) - ); - - $msg = new XML_RPC_Message('pfsense.filter_configure', $params); - $cli->setCredentials($username, $carp['password']); - $resp = $cli->send($msg, "900"); + $msg = new XML_RPC_Message('pfsense.filter_configure', $params); + $cli->setCredentials($username, $hasync['password']); + $resp = $cli->send($msg, "900"); - if(!is_object($resp)) { - $error = "A communications error occured while attempting Filter sync with username {$username} {$synchronizetoip}:{$port}."; - log_error($error); - file_notice("sync_settings", $error, "Settings Sync", ""); - } elseif($resp->faultCode()) { - $error = "An error code was received while attempting Filter sync with username {$username} {$synchronizetoip}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); - file_notice("sync_settings", $error, "Settings Sync", ""); - } else { - log_error("Filter sync successfully completed with {$synchronizetoip}:{$port}."); - $numberofruns = 3; - } + if(!is_object($resp)) { + $error = "A communications error occured while attempting Filter sync with username {$username} {$synchronizetoip}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "Settings Sync", ""); + } elseif($resp->faultCode()) { + $error = "An error code was received while attempting Filter sync with username {$username} {$synchronizetoip}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "Settings Sync", ""); + } else { + log_error("Filter sync successfully completed with {$synchronizetoip}:{$port}."); + $numberofruns = 3; } - break; } + break; + } ?> |