summaryrefslogtreecommitdiffstats
path: root/src/etc/inc/gwlb.inc
diff options
context:
space:
mode:
authorPhil Davis <phil.davis@inf.org>2016-12-07 21:22:17 +0545
committerPhil Davis <phil.davis@inf.org>2016-12-07 21:22:17 +0545
commitf396d2b715b27312c9bc056b3423db8198f7d52a (patch)
treeb9aeaf7d32857dc8a6179a95975c1e0201501826 /src/etc/inc/gwlb.inc
parent9f834c4b50b37eab809e815796201c2d2d8342cf (diff)
downloadpfsense-f396d2b715b27312c9bc056b3423db8198f7d52a.zip
pfsense-f396d2b715b27312c9bc056b3423db8198f7d52a.tar.gz
Feature #3151 Disable gateway monitoring actions
without disabling gateway monitoring. This allows the user to continue to monitor the gateway with dpinger, so they can see how it is performing, but for the system not to take any real action if the latency/loss exceeds the given limits. A typical use case for this would be on a single-WAN system. There is no failover option, so there is no point taking any real action when the latency/loss is high. Having stuff try to failover (and stop/start stuff...) is just disruptive. In ths case the use could have disabled monitoring completely, but then they get no feedback abut gateway performance.
Diffstat (limited to 'src/etc/inc/gwlb.inc')
-rw-r--r--src/etc/inc/gwlb.inc37
1 files changed, 28 insertions, 9 deletions
diff --git a/src/etc/inc/gwlb.inc b/src/etc/inc/gwlb.inc
index 4e91f34..696f150 100644
--- a/src/etc/inc/gwlb.inc
+++ b/src/etc/inc/gwlb.inc
@@ -115,7 +115,9 @@ function start_dpinger($gateway) {
$params .= "-B {$gateway['gwifip']} "; /* Bind src address */
$params .= "-p {$pidfile} "; /* PID filename */
$params .= "-u {$socket} "; /* Status Socket */
- $params .= "-C \"{$alarm_cmd}\" "; /* Command to run on alarm */
+ if (!$gateway['action_disable']) {
+ $params .= "-C \"{$alarm_cmd}\" "; /* Command to run on alarm */
+ }
$params .= "-d " .
(isset($gateway['data_payload']) && is_numeric($gateway['data_payload'])
@@ -298,7 +300,7 @@ function setup_gateways_monitor() {
return;
}
-function get_dpinger_status($gwname) {
+function get_dpinger_status($gwname, $detailed = false) {
global $g;
$running_processes = running_dpinger_processes();
@@ -368,9 +370,18 @@ function get_dpinger_status($gwname) {
}
}
- if ($r['latency_avg'] > $settings['latencyhigh'] ||
- $r['loss'] > $settings['losshigh']) {
- $r['status'] = "down";
+ if ($r['latency_avg'] > $settings['latencyhigh']) {
+ if ($detailed) {
+ $r['status'] = "highdelay";
+ } else {
+ $r['status'] = "down";
+ }
+ } else if ($r['loss'] > $settings['losshigh']) {
+ if ($detailed) {
+ $r['status'] = "highloss";
+ } else {
+ $r['status'] = "down";
+ }
} else if ($r['latency_avg'] > $settings['latencylow']) {
$r['status'] = "delay";
} else if ($r['loss'] > $settings['losslow']) {
@@ -391,7 +402,11 @@ function return_gateways_status($byname = false) {
$gateways_arr = return_gateways_array();
foreach ($dpinger_gws as $gwname => $gwdata) {
- $dpinger_status = get_dpinger_status($gwname);
+ // If action is disabled for this gateway, then we want a detailed status.
+ // That reports "highdelay" or "highloss" rather than just "down".
+ // Because reporting the gateway down would be misleading (gateway action is disabled)
+ $detailed = $gateways_arr[$gwname]['action_disable'];
+ $dpinger_status = get_dpinger_status($gwname, $detailed);
if ($dpinger_status === false) {
continue;
}
@@ -527,6 +542,10 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
$gateway['monitor'] = $gateway['gateway'];
}
+ if (isset($gateway['action_disable'])) {
+ $gateway['action_disable'] = true;
+ }
+
$gateway['friendlyiface'] = $gateway['interface'];
/* special treatment for tunnel interfaces */
@@ -808,13 +827,13 @@ function fixup_default_gateway($ipprotocol, $gateways_status, $gateways_arr) {
if (($gwsttng['ipprotocol'] == $ipprotocol) && isset($gwsttng['defaultgw'])) {
$dfltgwfound = true;
$dfltgwname = $gwname;
- if (!isset($gwsttng['monitor_disable']) && $gateways_status[$gwname]['status'] != "none") {
+ if (!isset($gwsttng['monitor_disable']) && !isset($gwsttng['action_disable']) && $gateways_status[$gwname]['status'] != "none") {
$dfltgwdown = true;
}
}
/* Keep a record of the last up gateway */
/* XXX: Blacklist lan for now since it might cause issues to those who have a gateway set for it */
- if (empty($upgw) && ($gwsttng['ipprotocol'] == $ipprotocol) && (isset($gwsttng['monitor_disable']) || $gateways_status[$gwname]['status'] == "none") && $gwsttng[$gwname]['friendlyiface'] != "lan") {
+ if (empty($upgw) && ($gwsttng['ipprotocol'] == $ipprotocol) && (isset($gwsttng['monitor_disable']) || isset($gwsttng['action_disable']) || $gateways_status[$gwname]['status'] == "none") && $gwsttng[$gwname]['friendlyiface'] != "lan") {
$upgw = $gwname;
}
if ($dfltgwdown == true && !empty($upgw)) {
@@ -943,7 +962,7 @@ function return_gateway_groups_array() {
notify_via_smtp($msg);
}
}
- } else if (isset($gateways_arr[$gwname]['monitor_disable'])) {
+ } else if (isset($gateways_arr[$gwname]['monitor_disable']) || isset($gateways_arr[$gwname]['action_disable'])) {
$tiers[$tier][] = $gwname;
}
}
OpenPOWER on IntegriCloud