diff options
author | jim-p <jimp@pfsense.org> | 2016-02-16 13:00:47 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-02-16 13:00:47 -0500 |
commit | 8209517de8a4d09dbbb5837a587539255926e4b9 (patch) | |
tree | e3b58c0aeb21bc1498d2c5a6867221399cd2e8b3 /src | |
parent | 3185f659cd3ec7157595b3b701a371b21292e706 (diff) | |
download | pfsense-8209517de8a4d09dbbb5837a587539255926e4b9.zip pfsense-8209517de8a4d09dbbb5837a587539255926e4b9.tar.gz |
Prevent "Ignore denied clients" and "Failover Peer IP" from being combined in the DHCP server settings for IPv4. The daemon fails to start when configured in this way, it apparently only allows "allow" or "deny" in failover mode. Fixes #5898
Diffstat (limited to 'src')
-rw-r--r-- | src/etc/inc/services.inc | 2 | ||||
-rw-r--r-- | src/usr/local/www/services_dhcp.php | 6 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 177299b..61dc997 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -793,7 +793,7 @@ EOPP; $dhcpdconf .= " allow members of \"" . str_replace(':', '', $mac) . "\";\n"; } $deny_action = "deny"; - if (isset($poolconf['nonak'])) { + if (isset($poolconf['nonak']) && empty($poolconf['failover_peerip'])) { $deny_action = "ignore"; } $mac_deny_list = array_unique(explode(',', $poolconf['mac_deny'])); diff --git a/src/usr/local/www/services_dhcp.php b/src/usr/local/www/services_dhcp.php index f5dc6e4..f477320 100644 --- a/src/usr/local/www/services_dhcp.php +++ b/src/usr/local/www/services_dhcp.php @@ -266,6 +266,10 @@ if (isset($_POST['submit'])) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); + if (($_POST['nonak']) && !empty($_POST['failover_peerip'])) { + $input_errors[] = gettext("Ignore Denied Clients may not be used when a Failover Peer IP is defined."); + } + if (($_POST['range_from'] && !is_ipaddrv4($_POST['range_from']))) { $input_errors[] = gettext("A valid range must be specified."); } @@ -803,7 +807,7 @@ $section->addInput(new Form_Checkbox( 'Ignore denied clients', 'Denied clients will be ignored rather than rejected.', $pconfig['nonak'] -)); +))->setHelp("This option is not compatible with failover and cannot be enabled when a Failover Peer IP address is configured."); if (is_numeric($pool) || ($act == "newpool")) { |