diff options
author | rbgarga <garga@FreeBSD.org> | 2013-05-07 08:15:40 -0700 |
---|---|---|
committer | rbgarga <garga@FreeBSD.org> | 2013-05-07 08:15:40 -0700 |
commit | ddae03adaa76750dc678e62a73de22ccee98757d (patch) | |
tree | d772e8452a182833df5461d3f5e59f20bee276e8 /etc | |
parent | 6d49e2ba8b0da497c06c667c3b7f683b5a9d6337 (diff) | |
parent | be00850b9db59c1a477656aa82a9daf7183532a6 (diff) | |
download | pfsense-ddae03adaa76750dc678e62a73de22ccee98757d.zip pfsense-ddae03adaa76750dc678e62a73de22ccee98757d.tar.gz |
Merge pull request #627 from phil-davis/master
Optimize which OpenVPN instances are restarted
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.inc | 3 | ||||
-rwxr-xr-x | etc/rc.openvpn | 25 |
2 files changed, 26 insertions, 2 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index a5244fd..bd92642 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -744,9 +744,12 @@ function openvpn_reconfigure($mode, $settings) { $fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.conf"; file_put_contents($fpath, $conf); unset($conf); + $fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.interface"; + file_put_contents($fpath, $interface); //chown($fpath, 'nobody'); //chgrp($fpath, 'nobody'); @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.conf", 0600); + @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.interface", 0600); @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.key", 0600); @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.tls-auth", 0600); @chmod("{$g['varetc_path']}/openvpn/{$mode_id}.conf", 0600); diff --git a/etc/rc.openvpn b/etc/rc.openvpn index d57594a..531fa40 100755 --- a/etc/rc.openvpn +++ b/etc/rc.openvpn @@ -38,6 +38,27 @@ require_once("filter.inc"); require_once("gwlb.inc"); require_once("openvpn.inc"); +function openvpn_resync_if_needed ($mode, $ovpn_settings, $interface) { + global $g, $config; + + $resync_needed = false; + if (empty($interface)) { + $resync_needed = true; + } else { + $mode_id = $mode . $ovpn_settings['vpnid']; + $fpath = "{$g['varetc_path']}/openvpn/{$mode_id}.interface"; + $current_device = file_get_contents($fpath); + $new_device = get_failover_interface($ovpn_settings['interface']); + $this_device = $config['interfaces'][$interface]['if']; + if (($current_device != $new_device) || ($current_device == $this_device) || ($new_device == $this_device)) + $resync_needed = true; + } + if ($resync_needed) { + log_error("OpenVPN: Resync " . $mode_id . " " . $ovpn_settings['description']); + openvpn_resync($mode, $ovpn_settings); + } +} + /* make sure to wait until the boot scripts have finished */ if (file_exists("{$g['varrun_path']}/booting")) return; @@ -70,14 +91,14 @@ else { if(is_array($config['openvpn']['openvpn-server'])) { foreach($config['openvpn']['openvpn-server'] as &$server) { if ($server['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($server['interface'], $gwgroups))) - openvpn_resync('server', $server); + openvpn_resync_if_needed('server', $server, $interface); } } if (is_array($config['openvpn']['openvpn-client'])) { foreach($config['openvpn']['openvpn-client'] as &$client) { if ($client['interface'] == $interface || empty($interface) || (!empty($gwgroups) && in_array($client['interface'], $gwgroups))) - openvpn_resync('client', $client); + openvpn_resync_if_needed('client', $client, $interface); } } |