diff options
| author | Ermal <eri@pfsense.org> | 2012-04-05 20:13:44 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2012-04-05 20:22:01 +0000 |
| commit | 7b47bd4c3ce792e94eca430f22891eb1dd36bb3c (patch) | |
| tree | 8c983217d31e50eda49d5622d30616d2bab91704 /usr/local | |
| parent | c1a104c7c8cc61d103fe6eba8dd98a071074b4ec (diff) | |
| download | pfsense-7b47bd4c3ce792e94eca430f22891eb1dd36bb3c.zip pfsense-7b47bd4c3ce792e94eca430f22891eb1dd36bb3c.tar.gz | |
Make vips vhid be unique per parent interface!
Diffstat (limited to 'usr/local')
| -rwxr-xr-x | usr/local/www/carp_status.php | 4 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 28 | ||||
| -rw-r--r-- | usr/local/www/widgets/widgets/carp_status.widget.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/xmlrpc.php | 22 |
5 files changed, 21 insertions, 37 deletions
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php index 9058c38..f8fb7c3 100755 --- a/usr/local/www/carp_status.php +++ b/usr/local/www/carp_status.php @@ -84,7 +84,7 @@ if($_POST['disablecarp'] <> "") { sleep(1); break; case "ipalias": - if (substr($vip['interface'], 0, 3) == "vip") + if (strstr($vip['interface'], "_vip")) interface_ipalias_configure($vip); break; } @@ -159,7 +159,7 @@ include("head.inc"); $vhid = $carp['vhid']; $advskew = $carp['advskew']; $advbase = $carp['advbase']; - $carp_int = "vip{$vhid}"; + $carp_int = "{$carp['interface']}_vip{$vhid}"; $status = get_carp_interface_status($carp_int); echo "<tr>"; $align = "valign='middle'"; diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index 620c249..247fe90 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -118,7 +118,7 @@ if ($_GET['act'] == "del") { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by CARP") . " {$vip['descr']}."; } } else if ($a_vip[$_GET['id']]['mode'] == "carp") { - $vipiface = "vip{$a_vip[$_GET['id']]['vhid']}"; + $vipiface = "{$a_vip[$_GET['id']]['interface']}_vip{$a_vip[$_GET['id']]['vhid']}"; foreach ($a_vip as $vip) { if ($vipiface == $vip['interface'] && $vip['mode'] == "ipalias") $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by ip alias entry") . " {$vip['descr']}."; diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 3218001..58d30b2 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -146,11 +146,11 @@ if ($_POST) { /* verify against reusage of vhids */ $idtracker = 0; foreach($config['virtualip']['vip'] as $vip) { - if($vip['vhid'] == $_POST['vhid'] and $idtracker <> $id) - $input_errors[] = sprintf(gettext("VHID %s is already in use. Pick a unique number."),$_POST['vhid']); + if($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker <> $id) + $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."),$_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); $idtracker++; } - if($_POST['password'] == "") + if (empty($_POST['password'])) $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); if(is_ipaddrv4($_POST['subnet'])) { @@ -170,11 +170,11 @@ if ($_POST) { $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."),$cannot_find); } } - if (substr($_POST['interface'], 0, 3) == "vip") + if (strstr($_POST['interface'], "_vip")) $input_errors[] = gettext("For this type of vip a carp parent is not allowed."); break; case "ipalias": - if (substr($_POST['interface'], 0, 3) == "vip") { + if (strstr($_POST['interface'], "_vip")) { $parent_ip = get_interface_ip($_POST['interface']); $parent_sn = get_interface_subnet($_POST['interface']); if (!ip_in_subnet($_POST['subnet'], gen_subnet($parent_ip, $parent_sn) . "/" . $parent_sn) && !ip_in_interface_alias_subnet($_POST['interface'], $_POST['subnet'])) { @@ -184,28 +184,12 @@ if ($_POST) { } break; default: - if (substr($_POST['interface'], 0, 3) == "vip") + if (strstr($_POST['interface'], "_vip")) $input_errors[] = gettext("For this type of VIP, a CARP parent is not allowed."); break; } - /* XXX: Seems this code is to draconian and without a real usefulness. Leaving commented out for now and remove later on */ - if (0 && isset($id) && ($a_vip[$id])) { - if ($a_vip[$id]['mode'] != $_POST['mode']) { - $bringdown = false; - if ($a_vip[$id]['mode'] == "proxyarp") { - $vipiface = $a_vip[$id]['interface']; - foreach ($a_vip as $vip) { - if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") { - if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits'])) - $input_errors[] = gettext("This entry cannot be modified because it is still referenced by CARP") . " {$vip['descr']}."; - } - } - } - } - } - if (!$input_errors) { $vipent = array(); diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php index 849a924..9f29cb3 100644 --- a/usr/local/www/widgets/widgets/carp_status.widget.php +++ b/usr/local/www/widgets/widgets/carp_status.widget.php @@ -49,7 +49,7 @@ $carp_enabled = get_carp_status(); $netmask = $carp['subnet_bits']; $vhid = $carp['vhid']; $advskew = $carp['advskew']; - $carp_int = "vip{$vhid}"; + $carp_int = "{$carp['interface']}_vip{$vhid}"; $status = get_carp_interface_status($carp_int); ?> <tr> diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index 1554e70..88138ea 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -182,13 +182,13 @@ function restore_config_section_xmlrpc($raw_params) { $vipbackup = array(); $oldvips = array(); if (isset($params[0]['virtualip'])) { - if(is_array($config['virtualip']['vip'])) { + if (is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $vipindex => $vip) { if ($vip['mode'] == "carp") - $oldvips[$vip['vhid']] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; - else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip") + $oldvips["{$vip['interface']}_vip{$vip['vhid']}"] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; + else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip")) $oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}"; - else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && substr($vip['interface'], 0, 3) != "vip") + else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !strstr($vip['interface'], "_vip")) $vipbackup[] = $vip; } } @@ -219,15 +219,15 @@ function restore_config_section_xmlrpc($raw_params) { $carp_setuped = false; $anyproxyarp = false; foreach ($config['virtualip']['vip'] as $vip) { - if ($vip['mode'] == "carp" && isset($oldvips[$vip['vhid']])) { - if ($oldvips[$vip['vhid']] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { + if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) { + if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { if (does_vip_exist($vip)) { - unset($oldvips[$vip['vhid']]); + unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); continue; // Skip reconfiguring this vips since nothing has changed. } } - unset($oldvips[$vip['vhid']]); - } else if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 3) == "vip" && isset($oldvips[$vip['subnet']])) { + unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); + } else if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) { if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") { if (does_vip_exist($vip)) { unset($oldvips[$vip['subnet']]); @@ -256,8 +256,8 @@ function restore_config_section_xmlrpc($raw_params) { } /* Cleanup remaining old carps */ foreach ($oldvips as $oldvipif => $oldvippar) { - if (!is_ipaddr($oldvipif) && does_interface_exist("vip{$oldvipif}")) - pfSense_interface_destroy("vip{$oldvipif}"); + if (!is_ipaddr($oldvipif) && does_interface_exist($oldvipif)) + pfSense_interface_destroy($oldvipif); } if ($carp_setuped == true) interfaces_carp_setup(); |
