diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-06-29 17:02:37 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-06-29 17:02:37 +0000 |
| commit | c6e604d87565796bd3c0b291f2a731ef17f3ac46 (patch) | |
| tree | 1b2588f095518031ca99e59d0af918584001aa92 /etc | |
| parent | 80e7aa3e00a4682fd96ba05650bf9eee3e97abb1 (diff) | |
| download | pfsense-c6e604d87565796bd3c0b291f2a731ef17f3ac46.zip pfsense-c6e604d87565796bd3c0b291f2a731ef17f3ac46.tar.gz | |
Do a more graceful carp handover.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/interfaces.inc | 6 | ||||
| -rwxr-xr-x | etc/rc.bootup | 22 |
2 files changed, 16 insertions, 12 deletions
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 180d608..1e50208 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -267,14 +267,13 @@ function interfaces_carp_configure() { mwexec("/sbin/ifconfig pfsync0 create"); mwexec("/sbin/ifconfig pfsync0 syncdev " . $carp_sync_int); mwexec("/sbin/ifconfig pfsync0 syncif " . $carp_sync_int); - mwexec("/sbin/ifconfig {$carp_sync_int} up"); mwexec("/sbin/ifconfig pfsync0 up"); if($g['booting']) { /* install rules to alllow pfsync to sync up during boot * carp interfaces will remain down until the bootup sequence finishes */ exec("echo pass quick proto carp all keep state > /tmp/rules.boot"); - exec("echo pass quick proto pfsync all keep state >> /tmp/rules.boot"); + exec("echo pass quick proto pfsync all >> /tmp/rules.boot"); exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot"); exec("/sbin/pfctl -f /tmp/rules.boot"); } @@ -287,6 +286,7 @@ function interfaces_carp_configure() { * create the carp interface */ mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create"); + mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " down"); $broadcast_address = gen_subnet_max($carp['ipaddress'], $carp['netmask']); if($carp['password'] != "") { $password = " pass " . $carp['password']; @@ -310,6 +310,8 @@ function interfaces_carp_configure() { function interfaces_carp_bringup() { global $g, $config; /* lets bring the carp interfaces up now */ + if ($g['booting']) + sleep(5); $carp_ints = find_number_of_created_carp_interfaces(); for($x=0; $x<$carp_ints; $x++) mwexec("/sbin/ifconfig carp{$carp_instances_counter} up"); diff --git a/etc/rc.bootup b/etc/rc.bootup index cc7caaf..e3e897a 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -142,20 +142,18 @@ interfaces_optional_configure(); unmute_kernel_msgs(); echo "done.\n"; - - /* setup carp interfaces */ - interfaces_carp_configure(); - - unmute_kernel_msgs(); /* start pflog */ filter_pflog_start(); - + + /* bring up carp interfaces */ + interfaces_carp_bringup(); + /* setup altq + pf */ echo "Configuring firewall... "; - mute_kernel_msgs(); + //mute_kernel_msgs(); filter_configure(); - unmute_kernel_msgs(); + //unmute_kernel_msgs(); echo "done.\n"; /* start OpenVPN server & clients */ @@ -220,8 +218,12 @@ /* setup interface microcode which improves tcp/ip speed */ setup_microcode(); - /* bring up carp interfaces */ - interfaces_carp_bringup(); + /* setup carp interfaces */ + interfaces_carp_configure(); + + mwexec("/sbin/pfctl -f /tmp/rules.debug"); + + mwexec("/sbin/pfctl -f /tmp/rules.debug"); /* done */ unlink("{$g['varrun_path']}/booting"); |
