diff options
| -rw-r--r-- | etc/inc/cmd_chain.inc | 132 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 68 |
2 files changed, 21 insertions, 179 deletions
diff --git a/etc/inc/cmd_chain.inc b/etc/inc/cmd_chain.inc deleted file mode 100644 index eb81954..0000000 --- a/etc/inc/cmd_chain.inc +++ /dev/null @@ -1,132 +0,0 @@ -<?php -/* $Id$ */ -/* - cmd_chain.inc - Part of pfSense - Copyright (C) 2008 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - - pfSense_MODULE: utils -*/ - -/* - * HANDY FOR STAND ALONE DEBUGGING OF CLASS. - * - - function log_error($text) { - echo $text . "\n"; - } - -*/ - -/* - * CmdCHAIN allows a chaining of commands into one call. - * If debugging is enabled verbose logging is applied. - * During the command(s) execution if it fails the result - * will be reported to syslog so that the problem can be reported. - */ -Class CmdCHAIN { - - var $cmd_chain_array = array(); - var $is_debugging; - var $halt_on_errors = true; - - /* clear() erases the current cmdchain */ - function clear() { - unset($cmd_chain_array); - $this->cmd_chain_array = array(); - } - - /* enables log_error() of each command we run */ - function setdebug() { - $this->is_debugging = true; - } - - /* no halt execution of CmdCHAIN if there is a failure */ - function nohaltonerror() { - $this->halt_on_errors = false; - } - - /* halts execution of CmdCHAIN if there is a failure */ - function sethaltonerror() { - $this->halt_on_errors = true; - } - - /* adds a command to the CmdCHAIN */ - function add($cmd_title = "", $command = "", $ignore_return_text = false) { - if(!$cmd_title) - return; - if(!$command) - return; - $temp = array(); - $temp['cmd_title'] = $cmd_title; - $temp['command'] = $command; - if($ignore_return_text) - $temp['ignore_return_text'] = true; - else - $temp['ignore_return_text'] = false; - $this->cmd_chain_array[] = $temp; // add array to class - return array(); - } - - /* executes the CmdCHAIN one command at a time */ - function execute() { - foreach($this->cmd_chain_array as $cmd) { - $cmd_title = $cmd['cmd_title']; - $command = $cmd['command']; - $ignore_return_text = $cmd['ignore_return_text']; - // Should we perform verbose debugging? - if($this->is_debugging == true) { - log_error("CmdCHAIN is executing -> {$cmd_title} - {$command}"); - usleep(100); // give network stack time to deliver network syslog message - } - // Execute command - $status = exec($command); - if($this->ignore_return_text == true) - continue; - if(intval($status) <> 0) { - log_error("{$cmd_title} failed with return code -> {$status}. The command was {$command}"); - if($this->halt_on_errors == true) - return("{$cmd_title} failed with return code -> {$status}. The command was {$command}"); - } - } - return; - } -} - -/* - * example usage: - * - -$cmdchain = new CmdCHAIN(); -$cmdchain->add("grab freebsd version", "uname -a", false); -$cmdchain->setdebug(); // optional for verbose logging -$cmdchain->nohaltonerror(); // tells cmdchain to keep processing commands if any of them fail -$cmdchain->execute(); - -$cmdchain->clear(); // clears the previous added entries - -*/ - -?>
\ No newline at end of file diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 5edb85a..d02258b 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -1625,17 +1625,11 @@ EOD; function interfaces_carp_setup() { global $g, $config; - $balanacing = ""; - $pfsyncinterface = ""; - $pfsyncenabled = ""; if(isset($config['system']['developerspew'])) { $mt = microtime(); echo "interfaces_carp_setup() being called $mt\n"; } - // Prepare CmdCHAIN that will be used to execute commands. - $cmdchain = new CmdCHAIN(); - if ($g['booting']) { echo "Configuring CARP settings..."; mute_kernel_msgs(); @@ -1658,61 +1652,41 @@ function interfaces_carp_setup() { } if($balanacing) { - $cmdchain->add("Enable CARP ARP-balancing", "/sbin/sysctl net.inet.carp.arpbalance=1", true); - $cmdchain->add("Disallow CARP preemption", "/sbin/sysctl net.inet.carp.preempt=0", true); + mwexec("/sbin/sysctl net.inet.carp.arpbalance=1", true); + mwexec("/sbin/sysctl net.inet.carp.preempt=0", true); } else - $cmdchain->add("Enable CARP preemption", "/sbin/sysctl net.inet.carp.preempt=1", true); + mwexec("/sbin/sysctl net.inet.carp.preempt=1", true); - $cmdchain->add("Enable CARP logging", "/sbin/sysctl net.inet.carp.log=1", true); + mwexec("sbin/sysctl net.inet.carp.log=1", true); if (!empty($pfsyncinterface)) $carp_sync_int = get_real_interface($pfsyncinterface); - - if($g['booting']) { - /* install rules to alllow pfsync to sync up during boot - * carp interfaces will remain down until the bootup sequence finishes - */ - $fd = fopen("{$g['tmp_path']}/rules.boot", "w"); - if ($fd) { - fwrite($fd, "block quick proto carp \n"); - fwrite($fd, "block quick proto pfsync \n"); - fwrite($fd, "pass out quick from any to any keep state\n"); - fclose($fd); - mwexec("/sbin/pfctl -f {$g['tmp_path']}/rules.boot"); - } else - log_error("Could not create rules.boot file!"); - } + else + unset($carp_sync_int); /* setup pfsync interface */ - if($carp_sync_int and $pfsyncenabled) { + if ($carp_sync_int and $pfsyncenabled) { if (is_ipaddr($pfsyncpeerip)) - $cmdchain->add("Bring up pfsync0 syncpeer", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false); + mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false); else - $cmdchain->add("Bring up pfsync0 syncdev", "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false); - } else - $cmdchain->add("Bring up pfsync0", "/sbin/ifconfig pfsync0 syncdev lo0 up", false); - - sleep(1); + mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false); - /* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issuese - * for exiting sessions. - */ - $i = 0; - while (intval(trim(`/sbin/ifconfig pfsync0 | /usr/bin/grep 'syncok: 0' | /usr/bin/grep -v grep | /usr/bin/wc -l`)) == 0 && $i < 30) { - $i++; sleep(1); + + /* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issuese + * for exiting sessions. + */ + $i = 0; + while (intval(trim(`/sbin/ifconfig pfsync0 | /usr/bin/grep 'syncok: 0' | /usr/bin/grep -v grep | /usr/bin/wc -l`)) == 0 && $i < 30) { + $i++; + sleep(1); + } } - if($config['virtualip']['vip']) - $cmdchain->add("Allow CARP.", "/sbin/sysctl net.inet.carp.allow=1", true); + if ($config['virtualip']['vip']) + mwexec("/sbin/sysctl net.inet.carp.allow=1", true); else - $cmdchain->add("Disallow CARP.", "/sbin/sysctl net.inet.carp.allow=0", true); + mwexec("/sbin/sysctl net.inet.carp.allow=0", true); - if($g['debug']) - $cmdchain->setdebug(); // optional for verbose logging - - $cmdchain->execute(); - $cmdchain->clear(); - if ($g['booting']) { unmute_kernel_msgs(); echo "done.\n"; |
