diff options
author | Ermal <eri@pfsense.org> | 2010-08-26 16:47:10 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-08-26 16:47:10 +0000 |
commit | a3733a0c356cc13dfe2067b60a2fa3e6c6a01aa8 (patch) | |
tree | 454b0a8d4c8d402aa741ff39dd2ecb7201356b83 /usr | |
parent | e19b7d1ea849f40f1de194cadeefb3c289812442 (diff) | |
download | pfsense-a3733a0c356cc13dfe2067b60a2fa3e6c6a01aa8.zip pfsense-a3733a0c356cc13dfe2067b60a2fa3e6c6a01aa8.tar.gz |
Do not allow proxy arp to be edited if it references a carp.
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index bdad11a..8951435 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -154,8 +154,22 @@ if ($_POST) { } if (isset($id) && ($a_vip[$id])) { - if ($a_vip[$id]['mode'] != $_POST['mode']) - interface_vip_bring_down($a_vip[$id]); + if ($a_vip[$id]['mode'] != $_POST['mode']) { + $bringdown = false; + if ($a_vip[$id]['mode'] == "proxyarp") { + $vipiface = $a_vip[$id]['interface']; + foreach ($a_vip as $vip) { + if ($vip['interface'] == $vipiface && $vip['mode'] == "carp") { + if (ip_in_subnet($vip['subnet'], gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits'])) { + $input_errors[] = gettext("This entry cannot be modified because it is still referenced by CARP") . " {$vip['descr']}."; + $bringdown = false; + } + } + } + } + if (bringdown == false) + interface_vip_bring_down($a_vip[$id]); + } if ($a_vip[$id]['interface'] != $_POST['interface']) interface_vip_bring_down($a_vip[$id]); } |