summaryrefslogtreecommitdiffstats
path: root/src/etc/inc/util.inc
diff options
context:
space:
mode:
authorPhil Davis <phil.davis@inf.org>2016-12-27 16:54:40 +0545
committerPhil Davis <phil.davis@inf.org>2016-12-27 16:54:40 +0545
commitcf08b49e20810a0aa953561892b1d5bee353957e (patch)
treef09a42d70ef8b2e9e3403b5a0fa11dd86ac0bbba /src/etc/inc/util.inc
parentc01bdca9ba2ddfed14285ff36e1f6508c4452717 (diff)
downloadpfsense-cf08b49e20810a0aa953561892b1d5bee353957e.zip
pfsense-cf08b49e20810a0aa953561892b1d5bee353957e.tar.gz
Fix #3560 correctly handle disabled static routes
1) util.inc - add parameter to get_staticroutes() so the caller can choose to see all static routes or only the ones that are currently enabled. 2) filter.inc - just process enabled static routes when making direct networks list, tonathosts etc. 3) services.inc - only include enabled static routes when making confogs for DHCP(6) Relay. 4) unbound.inc - only include enable static routes in unbound_acls_config 5) rc.newroutedns - only trigger if there is an enabled static route. Note: GUI validation has been left as-is. e.g. in system_gateways we don not allow to delete a gateway if there is a disabled static route using it... If people want to delete "higher level" stuff, then they need to first delete the disabled static route(s). Otherwise it will get rather "risky" having disabled static routes in the config that refer to gateways that no longer exist, or have a subnet range that now matches a local interafce or...
Diffstat (limited to 'src/etc/inc/util.inc')
-rw-r--r--src/etc/inc/util.inc6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc
index 528fe0e..78bf1b6 100644
--- a/src/etc/inc/util.inc
+++ b/src/etc/inc/util.inc
@@ -2343,7 +2343,7 @@ function route_add_or_change($args) {
return ($rc == 0);
}
-function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false) {
+function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false, $returnenabledroutesonly = false) {
global $config, $aliastable;
/* Bail if there are no routes, but return an array always so callers don't have to check. */
@@ -2355,6 +2355,10 @@ function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false)
$allsubnets = array();
/* Loop through routes and expand aliases as we find them. */
foreach ($config['staticroutes']['route'] as $route) {
+ if ($returnenabledroutesonly && isset($route['disabled'])) {
+ continue;
+ }
+
if (is_alias($route['network'])) {
if (!isset($aliastable[$route['network']])) {
continue;
OpenPOWER on IntegriCloud