diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2006-05-30 20:30:28 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2006-05-30 20:30:28 +0000 |
commit | 900d98d0ed2d48910d2b117c4e218bb396c355ab (patch) | |
tree | b938a3a369ee12c150a73b54a8bc29e081f54db9 /usr/local/www/firewall_virtual_ip_edit.php | |
parent | 5b67f7acd5a63167ada8d7cbae841310473bee04 (diff) | |
download | pfsense-900d98d0ed2d48910d2b117c4e218bb396c355ab.zip pfsense-900d98d0ed2d48910d2b117c4e218bb396c355ab.tar.gz |
* Force CARP ip's with a subnet of /32 to avoid foot shooting aka kernel panics
* Use reset_carp()
Diffstat (limited to 'usr/local/www/firewall_virtual_ip_edit.php')
-rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index e62fbc6..e85488d 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -170,6 +170,10 @@ if ($_POST) { $vipent['subnet'] = $_POST['subnet']; } + /* force a netmask of /32 for carp ip's */ + if ($vipent['type'] == "carp") + $vipent['subnet_bits'] = "32"; + if (isset($id) && $a_vip[$id]) { /* modify all virtual IP rules with this address */ for ($i = 0; isset($config['nat']['rule'][$i]); $i++) { @@ -183,8 +187,7 @@ if ($_POST) { touch($d_vipconfdirty_path); /* setup carp interfaces */ - interfaces_carp_configure(); - interfaces_carp_bring_up_final(); + reset_carp(); write_config(); |