diff options
author | jim-p <jimp@pfsense.org> | 2012-05-08 18:21:50 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-05-08 18:22:12 -0400 |
commit | 30274157b2361f0fac14f0eaa86ae08dc02678a7 (patch) | |
tree | 8ff7de6cb0087db653ca09999c267f4619c4c0b7 /usr/local | |
parent | 8a4b381f579a8b5ee67aab4c4f3964cdc64fec92 (diff) | |
download | pfsense-30274157b2361f0fac14f0eaa86ae08dc02678a7.zip pfsense-30274157b2361f0fac14f0eaa86ae08dc02678a7.tar.gz |
Revert "Make vips vhid be unique per parent interface!" - per cmb, this should not have been on RELENG_2_0 see ticket #2415
This reverts commit 4d0c032c528b10221a2ef894b5eca34f6fda39a7.
Conflicts:
etc/inc/openvpn.inc
etc/inc/upgrade_config.inc
etc/rc.filter_synchronize
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/carp_status.php | 4 | ||||
-rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 28 | ||||
-rw-r--r-- | usr/local/www/widgets/widgets/carp_status.widget.php | 2 | ||||
-rwxr-xr-x | usr/local/www/xmlrpc.php | 24 |
5 files changed, 38 insertions, 22 deletions
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php index 1b06563..e893dad 100755 --- a/usr/local/www/carp_status.php +++ b/usr/local/www/carp_status.php @@ -84,7 +84,7 @@ if($_POST['disablecarp'] <> "") { sleep(1); break; case "ipalias": - if (strstr($vip['interface'], "_vip")) + if (substr($vip['interface'], 0, 3) == "vip") interface_ipalias_configure($vip); break; } @@ -159,7 +159,7 @@ include("head.inc"); $vhid = $carp['vhid']; $advskew = $carp['advskew']; $advbase = $carp['advbase']; - $carp_int = "{$carp['interface']}_vip{$vhid}"; + $carp_int = "vip{$vhid}"; $status = get_carp_interface_status($carp_int); echo "<tr>"; $align = "valign='middle'"; diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index 9ed320d..ae3a1f7 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -118,7 +118,7 @@ if ($_GET['act'] == "del") { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by CARP") . " {$vip['descr']}."; } } else if ($a_vip[$_GET['id']]['mode'] == "carp") { - $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}"; + $vipiface = "vip{$a_vip[$_GET['id']]['vhid']}"; foreach ($a_vip as $vip) { if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by ip alias entry") . " {$vip['descr']}."; diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 651f016..3de259b 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -141,11 +141,11 @@ if ($_POST) { /* verify against reusage of vhids */ $idtracker = 0; foreach($config['virtualip']['vip'] as $vip) { - if($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker <> $id) - $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."),$_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); + if($vip['vhid'] == $_POST['vhid'] and $idtracker <> $id) + $input_errors[] = sprintf(gettext("VHID %s is already in use. Pick a unique number."),$_POST['vhid']); $idtracker++; } - if (empty($_POST['password'])) + if($_POST['password'] == "") $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); $parent_ip = get_interface_ip($_POST['interface']); @@ -154,11 +154,11 @@ if ($_POST) { $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ; $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); } - if (strstr($_POST['interface'], "_vip")) + if (substr($_POST['interface'], 0, 3) == "vip") $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); break; case "ipalias": - if (strstr($_POST['interface'], "_vip")) { + if (substr($_POST['interface'], 0, 3) == "vip") { $parent_ip = get_interface_ip($_POST['interface']); $parent_sn = get_interface_subnet($_POST['interface']); if (!ip_in_subnet($_POST['subnet'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) { @@ -168,12 +168,28 @@ if ($_POST) { } break; default: - if (strstr($_POST['interface'], "_vip")) + if (substr($_POST['interface'], 0, 3) == "vip") $input_errors[] = gettext("For this type of VIP, a CARP parent is not allowed."); break; } + /* XXX: Seems this code is to draconian and without a real usefulness. Leaving commented out for now and remove later on */ + if (0 && isset($id) && ($a_vip[$id])) { + if ($a_vip[$id]['mode'] != $_POST['mode']) { + $bringdown = false; + if ($a_vip[$id]['mode'] == "proxyarp") { + $vipiface = $a_vip[$id]['interface']; + foreach ($a_vip as $vip) { + if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") { + if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits'])) + $input_errors[] = gettext("This entry cannot be modified because it is still referenced by CARP") . " {$vip['descr']}."; + } + } + } + } + } + if (!$input_errors) { $vipent = array(); diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php index e86f59e..8fbb9b1 100644 --- a/usr/local/www/widgets/widgets/carp_status.widget.php +++ b/usr/local/www/widgets/widgets/carp_status.widget.php @@ -49,7 +49,7 @@ $carp_enabled = get_carp_status(); $netmask = $carp['subnet_bits']; $vhid = $carp['vhid']; $advskew = $carp['advskew']; - $carp_int = "{$carp['interface']}_vip{$vhid}"; + $carp_int = "vip{$vhid}"; $status = get_carp_interface_status($carp_int); ?> <tr> diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 2c2e879..e3dad6f 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -186,13 +186,13 @@ function restore_config_section_xmlrpc($raw_params) { $vipbackup = array(); $oldvips = array(); if (isset($params[0]['virtualip'])) { - if (is_array($config['virtualip']['vip'])) { + if(is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $vipindex => $vip) { if ($vip['mode'] == "carp") - $oldvips["{$vip['interface']}_vip{$vip['vhid']}"] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; - else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip")) + $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; + else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip") $oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}"; - else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !strstr($vip['interface'], "_vip")) + else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && substr($vip['interface'], 0, 3) != "vip") $vipbackup[] = $vip; } } @@ -223,15 +223,15 @@ function restore_config_section_xmlrpc($raw_params) { $carp_setuped = false; $anyproxyarp = false; foreach ($config['virtualip']['vip'] as $vip) { - if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) { - if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { + if ($vip['mode'] == "carp" && isset($oldvips[$vip['vhid']])) { + if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { if (does_vip_exist($vip)) { - unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); + unset($oldvips[$vip['vhid']]); continue; // Skip reconfiguring this vips since nothing has changed. } } - unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); - } else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) { + unset($oldvips[$vip['vhid']]); + } else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip" && isset($oldvips[$vip['subnet']])) { if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") { if (does_vip_exist($vip)) { unset($oldvips[$vip['subnet']]); @@ -260,8 +260,8 @@ function restore_config_section_xmlrpc($raw_params) { } /* Cleanup remaining old carps */ foreach ($oldvips as $oldvipif => $oldvippar) { - if (!is_ipaddr($oldvipif) && does_interface_exist($oldvipif)) - pfSense_interface_destroy($oldvipif); + if (!is_ipaddr($oldvipif) && does_interface_exist("vip{$oldvipif}")) + pfSense_interface_destroy("vip{$oldvipif}"); } if ($carp_setuped == true) interfaces_carp_setup(); @@ -518,4 +518,4 @@ unlock($xmlrpclockkey); return $a1; } -?> +?>
\ No newline at end of file |