diff options
author | Ermal <eri@pfsense.org> | 2014-11-10 14:34:35 +0100 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2014-11-10 14:34:35 +0100 |
commit | 9c97df267fd4f3c6c638466a54482e3d2c1b2986 (patch) | |
tree | 2e484e98577e4e1b90a721d09160f4ba882d7507 /usr/local/www/firewall_virtual_ip_edit.php | |
parent | 80be089f050f0f27398a2f35ff5d48f43c7cfa3f (diff) | |
download | pfsense-9c97df267fd4f3c6c638466a54482e3d2c1b2986.zip pfsense-9c97df267fd4f3c6c638466a54482e3d2c1b2986.tar.gz |
Ticket #3967. Allow to have carp as parent of ipaliases
Diffstat (limited to 'usr/local/www/firewall_virtual_ip_edit.php')
-rw-r--r-- | usr/local/www/firewall_virtual_ip_edit.php | 40 |
1 files changed, 35 insertions, 5 deletions
diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index d03c39f..74c035d 100644 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -166,7 +166,8 @@ if ($_POST) { /* make sure new ip is within the subnet of a valid ip * on one of our interfaces (wan, lan optX) */ - if ($_POST['mode'] == 'carp') { + switch ($_POST['mode']) { + case 'carp': /* verify against reusage of vhids */ $idtracker = 0; foreach($config['virtualip']['vip'] as $vip) { @@ -187,10 +188,36 @@ if ($_POST) { $subnet = gen_subnetv6($parent_ip, $parent_sn); } - if ($_POST['interface'] == "lo0") + if ($_POST['interface'] == 'lo0') $input_errors[] = gettext("For this type of vip localhost is not allowed."); - } else if ($_POST['mode'] != 'ipalias' && $_POST['interface'] == "lo0") - $input_errors[] = gettext("For this type of vip localhost is not allowed."); + else if (strpos($_POST['interface'], '_vip')) + $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); + break; + case 'ipalias': + if (strstr($_POST['interface'], "_vip")) { + if (is_ipaddrv4($_POST['subnet'])) { + $parent_ip = get_interface_ip($_POST['interface']); + $parent_sn = get_interface_subnet($_POST['interface']); + $subnet = gen_subnet($parent_ip, $parent_sn); + } else if (is_ipaddrv6($_POST['subnet'])) { + $parent_ip = get_interface_ipv6($_POST['interface']); + $parent_sn = get_interface_subnetv6($_POST['interface']); + $subnet = gen_subnetv6($parent_ip, $parent_sn); + } + if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && + !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { + $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; + $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); + } + } + break; + default: + if ($_POST['interface'] == 'lo0') + $input_errors[] = gettext("For this type of vip localhost is not allowed."); + else if (strpos($_POST['interface'], '_vip')) + $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); + break; + } if (!$input_errors) { $vipent = array(); @@ -370,7 +397,10 @@ function typesel_change() { <select name="interface" class="formselect"> <?php $interfaces = get_configured_interface_with_descr(false, true); - $interfaces['lo0'] = "Localhost"; + $carplist = get_configured_carp_interface_list(); + foreach ($carplist as $cif => $carpip) + $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')'; + $interfaces['lo0'] = 'Localhost'; foreach ($interfaces as $iface => $ifacename): ?> <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>> <?=htmlspecialchars($ifacename);?> |