summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2012-05-08 18:21:50 -0400
committerjim-p <jimp@pfsense.org>2012-05-08 18:22:12 -0400
commit30274157b2361f0fac14f0eaa86ae08dc02678a7 (patch)
tree8ff7de6cb0087db653ca09999c267f4619c4c0b7 /usr/local
parent8a4b381f579a8b5ee67aab4c4f3964cdc64fec92 (diff)
downloadpfsense-30274157b2361f0fac14f0eaa86ae08dc02678a7.zip
pfsense-30274157b2361f0fac14f0eaa86ae08dc02678a7.tar.gz
Revert "Make vips vhid be unique per parent interface!" - per cmb, this should not have been on RELENG_2_0 see ticket #2415
This reverts commit 4d0c032c528b10221a2ef894b5eca34f6fda39a7. Conflicts: etc/inc/openvpn.inc etc/inc/upgrade_config.inc etc/rc.filter_synchronize
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/carp_status.php4
-rwxr-xr-xusr/local/www/firewall_virtual_ip.php2
-rwxr-xr-xusr/local/www/firewall_virtual_ip_edit.php28
-rw-r--r--usr/local/www/widgets/widgets/carp_status.widget.php2
-rwxr-xr-xusr/local/www/xmlrpc.php24
5 files changed, 38 insertions, 22 deletions
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php
index 1b06563..e893dad 100755
--- a/usr/local/www/carp_status.php
+++ b/usr/local/www/carp_status.php
@@ -84,7 +84,7 @@ if($_POST['disablecarp'] <> "") {
sleep(1);
break;
case "ipalias":
- if (strstr($vip['interface'], "_vip"))
+ if (substr($vip['interface'], 0, 3) == "vip")
interface_ipalias_configure($vip);
break;
}
@@ -159,7 +159,7 @@ include("head.inc");
$vhid = $carp['vhid'];
$advskew = $carp['advskew'];
$advbase = $carp['advbase'];
- $carp_int = "{$carp['interface']}_vip{$vhid}";
+ $carp_int = "vip{$vhid}";
$status = get_carp_interface_status($carp_int);
echo "<tr>";
$align = "valign='middle'";
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php
index 9ed320d..ae3a1f7 100755
--- a/usr/local/www/firewall_virtual_ip.php
+++ b/usr/local/www/firewall_virtual_ip.php
@@ -118,7 +118,7 @@ if ($_GET['act'] == "del") {
$input_errors[] = gettext("This entry cannot be deleted because it is still referenced by CARP") . " {$vip['descr']}.";
}
} else if ($a_vip[$_GET['id']]['mode'] == "carp") {
- $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}";
+ $vipiface = "vip{$a_vip[$_GET['id']]['vhid']}";
foreach ($a_vip as $vip) {
if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias")
$input_errors[] = gettext("This entry cannot be deleted because it is still referenced by ip alias entry") . " {$vip['descr']}.";
diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php
index 651f016..3de259b 100755
--- a/usr/local/www/firewall_virtual_ip_edit.php
+++ b/usr/local/www/firewall_virtual_ip_edit.php
@@ -141,11 +141,11 @@ if ($_POST) {
/* verify against reusage of vhids */
$idtracker = 0;
foreach($config['virtualip']['vip'] as $vip) {
- if($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker <> $id)
- $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."),$_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface']));
+ if($vip['vhid'] == $_POST['vhid'] and $idtracker <> $id)
+ $input_errors[] = sprintf(gettext("VHID %s is already in use. Pick a unique number."),$_POST['vhid']);
$idtracker++;
}
- if (empty($_POST['password']))
+ if($_POST['password'] == "")
$input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members.");
$parent_ip = get_interface_ip($_POST['interface']);
@@ -154,11 +154,11 @@ if ($_POST) {
$cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ;
$input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find);
}
- if (strstr($_POST['interface'], "_vip"))
+ if (substr($_POST['interface'], 0, 3) == "vip")
$input_errors[] = gettext("For this type of vip a carp parent is not allowed.");
break;
case "ipalias":
- if (strstr($_POST['interface'], "_vip")) {
+ if (substr($_POST['interface'], 0, 3) == "vip") {
$parent_ip = get_interface_ip($_POST['interface']);
$parent_sn = get_interface_subnet($_POST['interface']);
if (!ip_in_subnet($_POST['subnet'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) {
@@ -168,12 +168,28 @@ if ($_POST) {
}
break;
default:
- if (strstr($_POST['interface'], "_vip"))
+ if (substr($_POST['interface'], 0, 3) == "vip")
$input_errors[] = gettext("For this type of VIP, a CARP parent is not allowed.");
break;
}
+ /* XXX: Seems this code is to draconian and without a real usefulness. Leaving commented out for now and remove later on */
+ if (0 && isset($id) && ($a_vip[$id])) {
+ if ($a_vip[$id]['mode'] != $_POST['mode']) {
+ $bringdown = false;
+ if ($a_vip[$id]['mode'] == "proxyarp") {
+ $vipiface = $a_vip[$id]['interface'];
+ foreach ($a_vip as $vip) {
+ if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") {
+ if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits']))
+ $input_errors[] = gettext("This entry cannot be modified because it is still referenced by CARP") . " {$vip['descr']}.";
+ }
+ }
+ }
+ }
+ }
+
if (!$input_errors) {
$vipent = array();
diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php
index e86f59e..8fbb9b1 100644
--- a/usr/local/www/widgets/widgets/carp_status.widget.php
+++ b/usr/local/www/widgets/widgets/carp_status.widget.php
@@ -49,7 +49,7 @@ $carp_enabled = get_carp_status();
$netmask = $carp['subnet_bits'];
$vhid = $carp['vhid'];
$advskew = $carp['advskew'];
- $carp_int = "{$carp['interface']}_vip{$vhid}";
+ $carp_int = "vip{$vhid}";
$status = get_carp_interface_status($carp_int);
?>
<tr>
diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php
index 2c2e879..e3dad6f 100755
--- a/usr/local/www/xmlrpc.php
+++ b/usr/local/www/xmlrpc.php
@@ -186,13 +186,13 @@ function restore_config_section_xmlrpc($raw_params) {
$vipbackup = array();
$oldvips = array();
if (isset($params[0]['virtualip'])) {
- if (is_array($config['virtualip']['vip'])) {
+ if(is_array($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $vipindex => $vip) {
if ($vip['mode'] == "carp")
- $oldvips["{$vip['interface']}_vip{$vip['vhid']}"] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}";
- else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip"))
+ $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}";
+ else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip")
$oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}";
- else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !strstr($vip['interface'], "_vip"))
+ else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && substr($vip['interface'], 0, 3) != "vip")
$vipbackup[] = $vip;
}
}
@@ -223,15 +223,15 @@ function restore_config_section_xmlrpc($raw_params) {
$carp_setuped = false;
$anyproxyarp = false;
foreach ($config['virtualip']['vip'] as $vip) {
- if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) {
- if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") {
+ if ($vip['mode'] == "carp" && isset($oldvips[$vip['vhid']])) {
+ if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") {
if (does_vip_exist($vip)) {
- unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]);
+ unset($oldvips[$vip['vhid']]);
continue; // Skip reconfiguring this vips since nothing has changed.
}
}
- unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]);
- } else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) {
+ unset($oldvips[$vip['vhid']]);
+ } else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip" && isset($oldvips[$vip['subnet']])) {
if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") {
if (does_vip_exist($vip)) {
unset($oldvips[$vip['subnet']]);
@@ -260,8 +260,8 @@ function restore_config_section_xmlrpc($raw_params) {
}
/* Cleanup remaining old carps */
foreach ($oldvips as $oldvipif => $oldvippar) {
- if (!is_ipaddr($oldvipif) && does_interface_exist($oldvipif))
- pfSense_interface_destroy($oldvipif);
+ if (!is_ipaddr($oldvipif) && does_interface_exist("vip{$oldvipif}"))
+ pfSense_interface_destroy("vip{$oldvipif}");
}
if ($carp_setuped == true)
interfaces_carp_setup();
@@ -518,4 +518,4 @@ unlock($xmlrpclockkey);
return $a1;
}
-?>
+?> \ No newline at end of file
OpenPOWER on IntegriCloud