diff options
author | Renato Botelho <renato@netgate.com> | 2015-08-25 08:08:24 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-08-25 14:49:54 -0300 |
commit | 46bc6e545a17e77202aaf01ec0cd8d5a46567525 (patch) | |
tree | 32d18dda436ec739c67c489ceb771e8629cd926f /src/etc/rc.newwanipv6 | |
parent | 4d9801c2dbd2b3e54a39578ee62b93af66607227 (diff) | |
download | pfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.zip pfsense-46bc6e545a17e77202aaf01ec0cd8d5a46567525.tar.gz |
Move main pfSense content to src/
Diffstat (limited to 'src/etc/rc.newwanipv6')
-rwxr-xr-x | src/etc/rc.newwanipv6 | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/src/etc/rc.newwanipv6 b/src/etc/rc.newwanipv6 new file mode 100755 index 0000000..1030d96 --- /dev/null +++ b/src/etc/rc.newwanipv6 @@ -0,0 +1,204 @@ +#!/usr/local/bin/php-cgi -f +<?php +/* + rc.newwanipv6 + Copyright (C) 2006 Scott Ullrich (sullrich@gmail.com) + part of pfSense (https://www.pfsense.org) + + Originally part of m0n0wall (http://m0n0.ch) + Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* parse the configuration and include all functions used below */ +require_once("globals.inc"); +require_once("config.inc"); +require_once("functions.inc"); +require_once("filter.inc"); +require_once("shaper.inc"); +require_once("ipsec.inc"); +require_once("vpn.inc"); +require_once("openvpn.inc"); +require_once("IPv6.inc"); +require_once("services.inc"); +require_once("rrd.inc"); + +function restart_packages() { + global $oldipv6, $curwanipv6, $g; + + /* restart packages */ + system_ntp_configure(false); + mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true); + log_error("{$g['product_name']} package system has detected an IP change or dynamic WAN reconnection - $oldipv6 -> $curwanipv6 - Restarting packages."); + send_event("service reload packages"); +} + +/* Interface IP address has changed */ +if (isset($_GET['interface'])) { + $argument = $_GET['interface']; +} else { + $argument = trim($argv[1], " \n\t"); +} + +log_error("rc.newwanipv6: Info: starting on {$argument}."); + +if (empty($argument)) { + $interface = "wan"; + $interface_real = get_real_interface($interface, "inet6"); + $curwanipv6 = get_interface_ipv6($interface, true); +} else { + $interface_real = $argument; + $interface = convert_real_interface_to_friendly_interface_name($interface_real); + $curwanipv6 = get_interface_ipv6($interface, true); +} + +$interface_descr = convert_friendly_interface_to_friendly_descr($interface); + +if (empty($interface)) { + filter_configure(); + // restart_packages(); + return; +} + +//Do not process while booting +if (platform_booting() && $config['interfaces'][$interface]['ipaddrv6'] != "dhcp6") { + return; +} + +/* + * NOTE: Take care of openvpn and similar if you generate the event to reconfigure an interface. + * i.e. OpenVPN might be in tap mode and not have an ip. + */ +if ((empty($curwanipv6) || !is_ipaddrv6($curwanipv6)) && substr($interface_real, 0, 4) != "ovpn") { + log_error("rc.newwanipv6: Failed to update {$interface_descr}[{$interface}] IPv6, restarting..."); + // send_event("interface reconfigure {$interface}"); + return; +} + +if (isset($_GET['dmips'])) { + $new_domain_name_servers = $_GET['dmips']; +} else { + $new_domain_name_servers = getenv("new_domain_name_servers"); +} + +if (!empty($new_domain_name_servers)) { + $name_servers = explode(" ", $new_domain_name_servers); + $valid_ns = array(); + foreach ($name_servers as $ns) { + if (is_ipaddrv6(trim($ns))) { + $valid_ns[] = trim($ns); + } + } + + if (count($valid_ns > 0)) { + file_put_contents("{$g['varetc_path']}/nameserver_v6{$interface}", implode("\n", $valid_ns)); + } +} +if (isset($_GET['dmnames'])) { + $new_domain_name = $_GET['dmnames']; +} else { + $new_domain_name = getenv("new_domain_name"); +} + +if (!empty($new_domain_name)) { + file_put_contents("{$g['varetc_path']}/searchdomain_v6{$interface}", $new_domain_name); +} + +/* write current WAN IPv6 to file */ +if (is_ipaddrv6($curwanipv6)) { + @file_put_contents("{$g['vardb_path']}/{$interface}_ipv6", $curwanipv6); +} + +log_error("rc.newwanipv6: on (IP address: {$curwanipv6}) (interface: {$interface}) (real interface: {$interface_real})."); + +$oldipv6 = ''; +if (file_exists("{$g['vardb_path']}/{$interface}_cacheipv6")) { + $oldipv6 = file_get_contents("{$g['vardb_path']}/{$interface}_cacheipv6"); +} + +$grouptmp = link_interface_to_group($interface); +if (!empty($grouptmp)) { + array_walk($grouptmp, 'interface_group_add_member'); +} + +link_interface_to_track6($interface, "update"); + +/* regenerate resolv.conf if DNS overrides are allowed */ +system_resolvconf_generate(true); + +/* reconfigure static routes (kernel may have deleted them) */ +system_routing_configure($interface); + +/* reconfigure our gateway monitor */ +setup_gateways_monitor(); + +/* signal filter reload */ +filter_configure(); + +if (empty($oldipv6) || is_ipaddrv6($oldipv6)) { + if ($curwanipv6 == $oldipv6) { + // Still need to sync VPNs on PPPoE and such, as even with the same IP the VPN software is unhappy with the IP disappearing. + if (in_array($config['interfaces'][$interface]['ipaddrv6'], array('pppoe', 'pptp', 'ppp'))) { + /* reconfigure IPsec tunnels */ + vpn_ipsec_force_reload($interface); + + /* start OpenVPN server & clients */ + if (substr($interface_real, 0, 4) != "ovpn") { + openvpn_resync_all($interface); + } + } + return; + } else if (does_interface_exist($interface_real) && !empty($oldipv6)) { + mwexec("/sbin/ifconfig {$interface_real} inet6 {$oldipv6} delete"); + } + + file_put_contents("{$g['vardb_path']}/{$interface}_cacheipv6", $curwanipv6); +} + +/* reload unbound */ +services_unbound_configure(); + +/* perform RFC 2136 DNS update */ +services_dnsupdate_process($interface); + +/* signal dyndns update */ +services_dyndns_configure($interface); + +/* reconfigure IPsec tunnels */ +vpn_ipsec_force_reload($interface); + +/* start OpenVPN server & clients */ +if (substr($interface_real, 0, 4) != "ovpn") { + openvpn_resync_all($interface); +} + +/* reload graphing functions */ +enable_rrd_graphing(); + +/* reload igmpproxy */ +services_igmpproxy_configure(); + +restart_packages(); + +?> |