diff options
| author | Scott Ullrich <sullrich@sullrich-MacBookPro.local> | 2009-02-28 20:19:24 -0500 |
|---|---|---|
| committer | Scott Ullrich <sullrich@sullrich-MacBookPro.local> | 2009-02-28 20:19:24 -0500 |
| commit | 5e041d5f15e34cf2f4946bb120d682a05998148e (patch) | |
| tree | e6a3b69a437205f348c1328e10e3fdfbb490ee32 /etc | |
| parent | 81203d1d7454a3fb66d384153064d835c34ebb16 (diff) | |
| download | pfsense-5e041d5f15e34cf2f4946bb120d682a05998148e.zip pfsense-5e041d5f15e34cf2f4946bb120d682a05998148e.tar.gz | |
Revert "Merge IPv6 changes"
This reverts commit 1f9f2a95b7b42cf33e730535092e56e214fdb848.
Conflicts:
etc/inc/filter.inc
etc/inc/interfaces.inc
etc/inc/pfsense-utils.inc
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 193 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 68 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 51 | ||||
| -rw-r--r-- | etc/inc/system.inc | 27 |
4 files changed, 86 insertions, 253 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index fc80488..d2f02cf 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -40,8 +40,7 @@ require_once("functions.inc"); require_once("pkg-utils.inc"); require_once("notices.inc"); -require_once("shaper.inc"); -require_once("IPv6.inc"); +require_once ("shaper.inc"); /* holds the items that will be executed *AFTER* the filter is fully loaded */ $after_filter_configure_run = array(); @@ -396,15 +395,12 @@ function generate_optcfg_array() $oic = array(); $oic['if'] = get_real_interface($if); $oic['ip'] = get_interface_ip($if); - $oic['ip6'] = get_interface_ip($if, 'ipv6'); if (!is_ipaddr($oc['ipaddr']) && !empty($oc['ipaddr'])) $oic['type'] = $oc['ipaddr']; $oic['sn'] = get_interface_subnet($if); - $oic['sn6'] = get_interface_subnet($if, 'ipv6'); $oic['mtu'] = $oc['mtu']; $oic['descr'] = $ifdetail; $oic['sa'] = gen_subnet($oic['ip'], $oic['sn']); - $oic['sa6'] = $oic['ip6'] != '' ? Net_IPv6::getNetmask($oic['ip6'], $oic['sn6']) : null; $oic['nonat'] = $oc['nonat']; $oic['ftpproxy'] = !isset($oc['disableftpproxy']); $oic['alias-address'] = $oc['alias-address']; @@ -1257,21 +1253,12 @@ function generate_user_filter_rule($rule) /* do not process reply-to for gateway'd rules */ if ($rule['gateway'] == "" && interface_has_gateway($rule['interface'])) { - if (Net_IPv6::checkIPv6($rule['source']['address']) || Net_IPv6::checkIPv6($rule['destination']['address'])) { - $rg = get_interface_gateway($rule['interface'], 'IPv6'); - - if (Net_IPv6::checkIPv6($rg)) - $aline['reply'] = "reply-to ( {$ifcfg['if']} {$rg} ) "; - else - log_error("Could not find gateway for interface({$rule['interface']})."); + $rg = get_interface_gateway($rule['interface']); + if (is_ipaddr($rg)) { + $aline['reply'] = "reply-to ( {$ifcfg['if']} {$rg} ) "; } else { - $rg = get_interface_gateway($rule['interface']); - - if (is_ipaddr($rg)) { - $aline['reply'] = "reply-to ( {$ifcfg['if']} {$rg} ) "; - } else { - if($rule['interface'] <> "pptp") - log_error("Could not find gateway for interface({$rule['interface']})."); + if($rule['interface'] <> "pptp") { + log_error("Could not find gateway for interface({$rule['interface']})."); } } } @@ -1332,29 +1319,12 @@ function generate_user_filter_rule($rule) } if (isset($rule['protocol'])) { - switch($rule['protocol']) { - case 'tcp/udp': - $aline['prot'] = " inet proto { tcp udp } "; - break; - case 'tcp6/udp6': - $aline['prot'] = " inet6 proto { tcp udp } "; - break; - case 'tcp6': - $aline['prot'] = " inet6 proto tcp "; - break; - case 'udp6': - $aline['prot'] = " inet6 proto udp "; - break; - case 'icmp': + if($rule['protocol'] == "tcp/udp") + $aline['prot'] = " proto { tcp udp } "; + elseif($rule['protocol'] == "icmp") $aline['prot'] = " inet proto icmp "; - break; - case 'icmp6': - $aline['prot'] = " inet6 proto ipv6-icmp "; - break; - default: + else $aline['prot'] = " proto {$rule['protocol']} "; - break; - } } else { if($rule['source']['port'] <> "" || $rule['destination']['port'] <> "") $aline['prot'] = " proto tcp "; @@ -1376,58 +1346,30 @@ function generate_user_filter_rule($rule) } } else { switch ($rule['source']['network']) { - case 'wanip': - if (isset($FilterIflist['wan']['ip6']) && isset($FilterIflist['wan']['ip'])) { - $src = "{ {$FilterIflist['wan']['ip6']}, {$FilterIflist['wan']['ip']} }"; - } else if (isset($FilterIflist['wan']['ip6'])) { - $src = $FilterIflist['wan']['ip6']; - } else { - $src = $FilterIflist['wan']['ip']; - } - - break; - case 'lanip': - if (isset($FilterIflist['lan']['ip6']) && isset($FilterIflist['lan']['ip'])) { - $src = "{ {$FilterIflist['lan']['ip6']}, {$FilterIflist['lan']['ip']} }"; - } else if (isset($FilterIflist['lan']['ip6'])) { - $src = $FilterIflist['lan']['ip6']; - } else { - $src = $FilterIflist['lan']['ip']; - } - - break; - case 'lan': - if ($FilterIflist['lan']['sa6'] != '' && $FilterIflist['lan']['sn6'] != '' && - $FilterIflist['lan']['sa'] != '' && $FilterIflist['lan']['sn'] != '') { - $lansa = $FilterIflist['lan']['sa']; - $lansn = $FilterIflist['lan']['sn']; - $lansa6 = $FilterIflist['lan']['sa6']; - $lansn6 = $FilterIflist['lan']['sn6']; - $src = "{ $lansa/$lansn, $lansa6/$lansn6 }"; - } else if ($FilterIflist['lan']['sa6'] != '' && $FilterIflist['lan']['sn6'] != '') { - $lansa6 = $FilterIflist['lan']['sa6']; - $lansn6 = $FilterIflist['lan']['sn6']; - $src = "{ $lansa6/$lansn6 }"; - } else { - $lansa = $FilterIflist['lan']['sa']; - $lansn = $FilterIflist['lan']['sn']; - $src = "{ $lansa/$lansn }"; + case 'wanip': + $src = $FilterIflist["wan"]['ip']; + break; + case 'lanip': + $src = $FilterIflist["lan"]['ip']; + break; + case 'lan': + $lansa = $FilterIflist['lan']['sa']; + $lansn = $FilterIflist['lan']['sn']; + $src = "{$lansa}/{$lansn}"; + break; + case 'pptp': + $pptpsa = gen_subnet($FilterIflist['pptp']['ip'], $FilterIflist['pptp']['sn']); + $pptpsn = $FilterIflist['pptp']['sn']; + $src = "{$pptpsa}/{$pptpsn}"; + break; + case 'pppoe': + $pppoesa = gen_subnet($FilterIflist['pppoe']['ip'], $FilterIflist['pppoe']['sn']); + $pppoesn = $FilterIflist['pppoe']['sn']; + $src = "{$pppoesa}/{$pppoesn}"; + break; } - - break; - case 'pptp': - $pptpsa = gen_subnet($FilterIflist['pptp']['ip'], $FilterIflist['pptp']['sn']); - $pptpsn = $FilterIflist['pptp']['sn']; - $src = "{$pptpsa}/{$pptpsn}"; - break; - case 'pppoe': - $pppoesa = gen_subnet($FilterIflist['pppoe']['ip'], $FilterIflist['pppoe']['sn']); - $pppoesn = $FilterIflist['pppoe']['sn']; - $src = "{$pppoesa}/{$pppoesn}"; - break; - } if (isset($rule['source']['not'])) $src = "!{$src}"; - } + } } else if ($rule['source']['address']) { $expsrc = alias_expand($rule['source']['address']); if (isset($rule['source']['not'])) @@ -1503,54 +1445,27 @@ function generate_user_filter_rule($rule) if (isset($rule['destination']['not'])) $dst = " !{$dst}"; } else { switch ($rule['destination']['network']) { - case 'wanip': - if (isset($FilterIflist['wan']['ip6']) && isset($FilterIflist['wan']['ip'])) { - $dst = "{ {$FilterIflist['wan']['ip6']}, {$FilterIflist['wan']['ip']} }"; - } else if (isset($FilterIflist['wan']['ip6'])) { - $dst = $FilterIflist['wan']['ip6']; - } else { - $dst = $FilterIflist['wan']['ip']; - } - - break; - case 'lanip': - if (isset($FilterIflist['lan']['ip6']) && isset($FilterIflist['lan']['ip'])) { - $dst = "{ {$FilterIflist['lan']['ip6']}, {$FilterIflist['lan']['ip']} }"; - } else if (isset($FilterIflist['lan']['ip6'])) { - $dst = $FilterIflist['lan']['ip6']; - } else { - $dst = $FilterIflist['lan']['ip']; - } - - break; - case 'lan': - if (isset($FilterIflist['lan']['sa6']) && isset($FilterIflist['lan']['sn6']) && - isset($FilterIflist['lan']['sa']) && isset($FilterIflist['lan']['sn'])) { - $lansa = $FilterIflist['lan']['sa']; - $lansn = $FilterIflist['lan']['sn']; - $lansa6 = $FilterIflist['lan']['sa6']; - $lansn6 = $FilterIflist['lan']['sn6']; - $dst = "{ $lansa/$lansn, $lansa6/$lansn6 }"; - } else if (isset($FilterIflist['lan']['sa6']) && isset($FilterIflist['lan']['sn6'])) { - $lansa6 = $FilterIflist['lan']['sa6']; - $lansn6 = $FilterIflist['lan']['sn6']; - $dst = "{ $lansa6/$lansn6 }"; - } else { + case 'wanip': + $dst = $FilterIflist["wan"]['ip']; + break; + case 'lanip': + $dst = $FilterIflist["lan"]['ip']; + break; + case 'lan': $lansa = $FilterIflist['lan']['sa']; $lansn = $FilterIflist['lan']['sn']; - $dst = "{ $lansa/$lansn }"; - } - break; - case 'pptp': - $pptpsa = gen_subnet($FilterIflist['pptp']['ip'], $FilterIflist['pptp']['sn']); - $pptpsn = $FilterIflist['pptp']['sn']; - $dst = "{$pptpsa}/{$pptpsn}"; - break; - case 'pppoe': - $pppoesa = gen_subnet($FilterIflist['pppoe']['ip'], $FilterIflist['pppoe']['sn']); - $pppoesn = $FilterIflist['pppoe']['sn']; - $dst = "{$pppoesa}/{$pppoesn}"; - break; + $dst = "{$lansa}/{$lansn}"; + break; + case 'pptp': + $pptpsa = gen_subnet($FilterIflist['pptp']['ip'], $FilterIflist['pptp']['sn']); + $pptpsn = $FilterIflist['pptp']['sn']; + $dst = "{$pptpsa}/{$pptpsn}"; + break; + case 'pppoe': + $pppoesa = gen_subnet($FilterIflist['pppoe']['ip'], $FilterIflist['pppoe']['sn']); + $pppoesn = $FilterIflist['pppoe']['sn']; + $dst = "{$pppoesa}/{$pppoesn}"; + break; } if (isset($rule['destination']['not'])) $dst = " !{$dst}"; } @@ -1623,9 +1538,6 @@ function generate_user_filter_rule($rule) if (($rule['protocol'] == "icmp") && $rule['icmptype']) { $aline['icmp-type'] = "icmp-type {$rule['icmptype']} "; } - if (($rule['protocol'] == "icmp6") && $rule['icmp6type']) { - $aline['icmp-type'] = "icmp6-type {$rule['icmp6type']} "; - } if ($type == "pass") { if (!empty($rule['tag'])) $aline['tag'] = " tag " .$rule['tag']. " "; @@ -2532,7 +2444,7 @@ function generate_ipsec_filter_rules() { $interface = $FilterIflist[$parentinterface]['if']; /* Just in case */ - if ((!is_ipaddr($gateway) && !Net_IPv6::checkIPv6($gateway)) || empty($interface)) { + if (!is_ipaddr($gateway) || empty($interface)) { $route_to = " "; $reply_to = " "; } else { @@ -2540,7 +2452,6 @@ function generate_ipsec_filter_rules() { $reply_to = " reply-to ( $interface $gateway ) "; } - /* TODO: Put IPv6 here */ /* Add rules to allow IKE to pass */ $shorttunneldescr = substr($descr, 0, 36); $ipfrules .= <<<EOD diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 598eeb1..f825bdd 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -51,7 +51,6 @@ function interfaces_bring_up($interface) { function interfaces_loopback_configure() { mwexec("/sbin/ifconfig lo0 127.0.0.1"); - mwexec("/sbin/ifconfig lo0 inet6 ::1 prefixlen 128"); interfaces_bring_up("lo0"); return 0; } @@ -338,7 +337,6 @@ function interface_lagg_configure(&$lagg) { } else $laggif = exec("/sbin/ifconfig lagg create"); - /* Calculate smaller mtu and enforce it */ $smallermtu = 0; foreach ($members as $member) { @@ -972,8 +970,7 @@ EOD; } -function interfaces_ipalias_configure() -{ +function interfaces_ipalias_configure() { global $g, $config; if(isset($config['system']['developerspew'])) { $mt = microtime(); @@ -984,11 +981,7 @@ function interfaces_ipalias_configure() foreach ($viparr as $vip) { if ($vip['mode'] == "ipalias") { $if = get_real_interface($vip['interface']); - if ($vip['subnet_ipv6'] != '') { - mwexec("/sbin/ifconfig " . escapeshellarg($if) . " inet6 {$vip['subnet_ipv6']} alias"); - } else { - mwexec("/sbin/ifconfig " . escapeshellarg($if) . " " . $vip['subnet'] . "/" . escapeshellarg($vip['subnet_bits']) . " alias"); - } + mwexec("/sbin/ifconfig " . escapeshellarg($if) . " " . $vip['subnet'] . "/" . escapeshellarg($vip['subnet_bits']) . " alias"); } } } @@ -1333,32 +1326,15 @@ function interface_configure($interface = "wan") { escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet']) . " " . escapeshellarg($wancfg['pointtopoint']) . " up"); } else { - if($wancfg['ipaddr'] && $wancfg['subnet']) { + if($wancfg['ipaddr'] && $wancfg['subnet']) mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " " . escapeshellarg($wancfg['ipaddr'] . "/" . $wancfg['subnet'])); - } - } - } - - if ($wancfg['ipaddr_ipv6'] <> "" && $wancfg['subnet_ipv6'] <> "") { - if (isset($wancfg['ispointtopoint_ipv6']) && $wancfg['pointtopoint_ipv6']) { - // TODO: do something - } else { - mwexec("/sbin/ifconfig " . escapeshellarg($realif) . - " inet6 " . escapeshellarg($wancfg['ipaddr_ipv6'] . "/" . - $wancfg['subnet_ipv6'])); } } - if (is_ipaddr($wancfg['gateway'])) { + if (is_ipaddr($wancfg['gateway'])) file_put_contents("/tmp/{$realif}_router", $wancfg['gateway']); - } - - if (Net_IPv6::checkIPv6($wancfg['gateway_ipv6'])) { - // TODO: IPv6 needs to be configured too - file_put_contents("/tmp/{$realif}_router_ipv6", $wancfg['gateway_ipv6']); - } } if($wancfg['if']) interfaces_bring_up($wancfg['if']); @@ -1526,10 +1502,6 @@ pppoeclient: EOD; - /* - * XXX: mpd seems to use netgraph interfaces so ngX interfaces are created - * instead of pppoeX. =) -simoncpu- - */ if ($interface == "wan") $realif = "pppoe0"; else { @@ -1877,42 +1849,28 @@ function get_real_interface($interface = "wan") { return $wanif; } -function get_interface_ip($interface = "wan", $type = "ipv4") -{ - global $config, $g; - +function get_interface_ip($interface = "wan") { $realif = get_real_interface($interface); /* Do we really come here for these interfaces ?! */ if (in_array($realif, array("pptp", "pppoe", "l2tp", "openvpn", "enc0" /* , "ppp" */))) return ""; - $curip = find_interface_ip($realif, false, $type); - - if ($type == 'ipv6') { - if ($curip && Net_IPv6::checkIPv6($curip)) { - return $curip; - } - } else { - if ($curip && is_ipaddr($curip) && ($curip != "0.0.0.0")) { - return $curip; - } - } + $curip = find_interface_ip($realif); + if ($curip && is_ipaddr($curip) && ($curip != "0.0.0.0")) + return $curip; return null; } -function get_interface_subnet($interface = "wan", $type = "ipv4") -{ +function get_interface_subnet($interface = "wan") { $realif = get_real_interface($interface); /* Do we really come here for these interfaces ?! */ - if (in_array($realif, array("pptp", "pppoe", "openvpn", "enc0" /* , "ppp" */))) { + if (in_array($realif, array("pptp", "pppoe", "openvpn", "enc0" /* , "ppp" */))) return ""; - } - $cursn = find_interface_subnet($realif, false, $type); - if (!empty($cursn)) { + $cursn = find_interface_subnet($realif); + if (!empty($cursn)) return $cursn; - } return null; } @@ -2003,4 +1961,4 @@ function setup_pppoe_reset_file($interface, $status) { } } -?> +?>
\ No newline at end of file diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index a5dbd4a..85e7d54 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -1423,60 +1423,36 @@ function convert_ip_to_network_format($ip, $subnet) { /* * find_interface_ip($interface): return the interface ip (first found) */ -function find_interface_ip($interface, $flush = false, $type = "ipv4") { +function find_interface_ip($interface, $flush = false) { global $interface_ip_arr_cache; - global $interface_ip_arr_cache_ipv6; // putting this into a 2D array is a good idea $interface = str_replace("\n", "", $interface); if(does_interface_exist($interface) == false) return; /* Setup IP cache */ - if ($type == 'ipv4') { - if (!isset($interface_ip_arr_cache[$interface]) or $flush) { - $interface_ip_arr_cache[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet\" | /usr/bin/cut -d\" \" -f 2| /usr/bin/head -1"); - $interface_ip_arr_cache[$interface] = str_replace("\n", "", $interface_ip_arr_cache[$interface]); - } - - return $interface_ip_arr_cache[$interface]; - } else { - /* - This assumes that the first IP in ifconfig is the "real" IP. - What if the first IP is an alias? - */ - if (!isset($interface_ip_arr_cache_ipv6[$interface]) or $flush) { - $interface_ip_arr_cache_ipv6[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet6\" | /usr/bin/grep -v '%' | /usr/bin/cut -d\" \" -f 2| /usr/bin/head -1"); - $interface_ip_arr_cache_ipv6[$interface] = str_replace("\n", "", $interface_ip_arr_cache_ipv6[$interface]); - } - return $interface_ip_arr_cache_ipv6[$interface]; + if (!isset($interface_ip_arr_cache[$interface]) or $flush) { + $interface_ip_arr_cache[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet\" | /usr/bin/cut -d\" \" -f 2| /usr/bin/head -1"); + $interface_ip_arr_cache[$interface] = str_replace("\n", "", $interface_ip_arr_cache[$interface]); } + + return $interface_ip_arr_cache[$interface]; } -function find_interface_subnet($interface, $flush = false, $type = "ipv4") +function find_interface_subnet($interface, $flush = false) { global $interface_sn_arr_cache; - global $interface_sn_arr_cache_ipv6; $interface = str_replace("\n", "", $interface); - if (does_interface_exist($interface) == false) { + if (does_interface_exist($interface) == false) return; - } - if ($type == 'ipv4') { - if (!isset($interface_sn_arr_cache[$interface]) or $flush) { - $interface_sn_arr_cache[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet\" | /usr/bin/cut -d\" \" -f 4 | /usr/bin/head -1"); - $interface_sn_arr_cache[$interface] = strlen(str_replace("0", "", base_convert(str_replace("\n", "", $interface_sn_arr_cache[$interface]),16, 2))); - } - - return $interface_sn_arr_cache[$interface]; - } else { - if (!isset($interface_sn_arr_cache_ipv6[$interface]) or $flush) { - $interface_sn_arr_cache_ipv6[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet6\" | /usr/bin/grep -v '%' | /usr/bin/cut -d\" \" -f 4 | /usr/bin/head -1"); - log_error("int:{$interface} - IPv6 prefixlen {$interface_sn_arr_cache_ipv6[$interface]}"); - } - - return $interface_sn_arr_cache_ipv6[$interface]; + if (!isset($interface_sn_arr_cache[$interface]) or $flush) { + $interface_sn_arr_cache[$interface] = exec_command("/sbin/ifconfig {$interface} | /usr/bin/grep -w \"inet\" | /usr/bin/cut -d\" \" -f 4 | /usr/bin/head -1"); + $interface_sn_arr_cache[$interface] = strlen(str_replace("0", "", base_convert(str_replace("\n", "", $interface_sn_arr_cache[$interface]),16, 2))); } + + return $interface_sn_arr_cache[$interface]; } function guess_interface_from_ip($ipaddress) { @@ -3525,4 +3501,5 @@ function compare_hostname_to_dnscache($hostname) { } } + ?> diff --git a/etc/inc/system.inc b/etc/inc/system.inc index f9f226d..afbc275 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -318,17 +318,12 @@ function system_routing_configure() { function system_routing_enable() { global $config, $g; - $retval = false; - if(isset($config['system']['developerspew'])) { $mt = microtime(); echo "system_routing_enable() being called $mt\n"; } - $retval = mwexec("/sbin/sysctl net.inet.ip.forwarding=1") && mwexec("/sbin/sysctl net.inet6.ip6.forwarding=1"); - - return $retval; - + return mwexec("/sbin/sysctl net.inet.ip.forwarding=1"); } function system_syslogd_start() { @@ -628,9 +623,9 @@ function system_generate_lighty_config($filename, if($captive_portal == true) { $bin_environment = <<<EOC - "bin-environment" => ( - "PHP_FCGI_CHILDREN" => "16", - "PHP_FCGI_MAX_REQUESTS" => "{$max_requests}" + "bin-environment" => ( + "PHP_FCGI_CHILDREN" => "16", + "PHP_FCGI_MAX_REQUESTS" => "{$max_requests}" ), EOC; @@ -655,7 +650,7 @@ fastcgi.server = ( ".php" => ( "localhost" => ( "socket" => "/tmp/php-fastcgi.socket", - "min-procs" => 2, + "min-procs" => 1, "max-procs" => {$max_procs}, {$bin_environment} "bin-path" => "/usr/local/bin/php" @@ -838,8 +833,6 @@ expire.url = ( "" => "access 50 hours", ) -server.use-ipv6 = "enable" - EOD; $cert = str_replace("\r", "", $cert); @@ -859,7 +852,7 @@ EOD; fwrite($fd, "\n"); fwrite($fd, $key); fclose($fd); - + $lighty_config .= "\n"; $lighty_config .= "## ssl configuration\n"; $lighty_config .= "ssl.engine = \"enable\"\n"; $lighty_config .= "ssl.pemfile = \"{$g['varetc_path']}/{$cert_location}\"\n\n"; @@ -873,12 +866,6 @@ EOD; fwrite($fd, $lighty_config); fclose($fd); - /* - * Hard-code sysctl knob to ensure that lighttpd would work - * with IPv4 + IPv6. - */ - mwexec("/sbin/sysctl net.inet6.ip6.v6only=0"); - return 0; } @@ -942,7 +929,7 @@ function system_ntp_configure() { $ifaces = array_filter($ifaces, 'does_interface_exist'); $ips = array_map('find_interface_ip', $ifaces); foreach ($ips as $ip) { - if (is_ipaddr($ip) || Net_IPv6::checkIPv6($ip)) + if (is_ipaddr($ip)) fwrite($fd, "listen on $ip\n"); } } |
