summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/etc/inc/filter.inc22
-rw-r--r--src/etc/inc/gwlb.inc32
-rw-r--r--src/etc/inc/interfaces.inc278
-rw-r--r--src/etc/inc/ipsec.inc30
-rw-r--r--src/etc/inc/openvpn.inc37
-rw-r--r--src/etc/inc/pfsense-utils.inc14
-rw-r--r--src/etc/inc/services.inc105
-rw-r--r--src/etc/inc/system.inc16
-rw-r--r--src/etc/inc/util.inc150
-rw-r--r--src/etc/inc/vpn.inc50
-rw-r--r--src/usr/local/www/firewall_virtual_ip.php16
-rw-r--r--src/usr/local/www/firewall_virtual_ip_edit.php58
-rw-r--r--src/usr/local/www/interfaces_gre.php9
-rw-r--r--src/usr/local/www/services_ntpd.php17
-rw-r--r--src/usr/local/www/services_router_advertisements.php29
-rw-r--r--src/usr/local/www/status_carp.php79
-rw-r--r--src/usr/local/www/system_gateway_groups_edit.php66
-rw-r--r--src/usr/local/www/vpn_ipsec.php13
-rw-r--r--src/usr/local/www/vpn_ipsec_phase1.php15
-rwxr-xr-xsrc/usr/local/www/xmlrpc.php4
20 files changed, 350 insertions, 690 deletions
diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 81b7a7a..674bd0b 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -1053,7 +1053,9 @@ function filter_get_direct_networks_list($returnsubnetsonly = true) {
}
}
}
- foreach (get_configured_ip_aliases_list(true) as $vip) {
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vid => $address) {
+ $vip = get_configured_vip($vid);
$subnet = "{$vip['subnet']}/{$vip['subnet_bits']}";
if (is_subnet($subnet) && !(is_subnetv4($subnet) && $vip['subnet_bits'] == 32) && !(is_subnetv6($subnet) && $vip['subnet_bits'] == 128)) {
if (is_subnetv4($subnet)) {
@@ -4087,19 +4089,13 @@ function filter_generate_ipsec_rules($log = array()) {
}
}
- if (strpos($ph1ent['interface'], "_vip")) {
- $parentinterface = get_configured_carp_interface_list($ph1ent['interface'], '', 'iface');
- } else if (is_ipaddr($ph1ent['interface'])) {
- if (is_array($config['virtualip']['vip'])) {
- foreach ($config['virtualip']['vip'] as $vip) {
- if ($ph1ent['interface'] == $vip['subnet']) {
- $parentinterface = $vip['interface'];
- }
- }
- }
- } else {
+ if (substr($ph1ent['interface'], 0, 4) == "_vip") {
+ $parentinterface = get_configured_vip_interface($ph1ent['interface']);
+ /* IP Alias -> CARP */
+ if (substr($parentinterface, 0, 4) == "_vip")
+ $parentinterface = get_configured_vip_interface($parentinterface);
+ } else
$parentinterface = $ph1ent['interface'];
- }
if (empty($FilterIflist[$parentinterface]['descr'])) {
$ipfrules .= "# Could not locate interface for IPsec: {$descr}\n";
continue;
diff --git a/src/etc/inc/gwlb.inc b/src/etc/inc/gwlb.inc
index 86dcf1f..8c74d45 100644
--- a/src/etc/inc/gwlb.inc
+++ b/src/etc/inc/gwlb.inc
@@ -495,8 +495,6 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
// Ensure the interface cache is up to date first
$interfaces = get_interface_arr(true);
- $interfaces_v4 = array();
- $interfaces_v6 = array();
$i = -1;
/* Process/add all the configured gateways. */
@@ -562,10 +560,8 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
/* special treatment for tunnel interfaces */
if ($gateway['ipprotocol'] == "inet6") {
$gateway['interface'] = get_real_interface($gateway['interface'], "inet6", false, false);
- $interfaces_v6[$gateway['friendlyiface']] = $gateway['friendlyiface'];
} else {
- $gateway['interface'] = get_real_interface($gateway['interface'], "all", false, false);
- $interfaces_v4[$gateway['friendlyiface']] = $gateway['friendlyiface'];
+ $gateway['interface'] = get_real_interface($gateway['interface'], "inet", false, false);
}
/* entry has a default flag, use it */
@@ -619,10 +615,6 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
continue;
}
- if (isset($interfaces_v4[$ifname])) {
- continue;
- }
-
$ctype = "";
switch ($ifcfg['ipaddr']) {
case "dhcp":
@@ -715,10 +707,6 @@ function return_gateways_array($disabled = false, $localhost = false, $inactive
continue;
}
- if (isset($interfaces_v6[$ifname])) {
- continue;
- }
-
$ctype = "";
switch ($ifcfg['ipaddrv6']) {
case "slaac":
@@ -910,7 +898,7 @@ function return_gateway_groups_array() {
fixup_default_gateway("inet6", $gateways_status, $gateways_arr);
}
if (is_array($config['gateways']['gateway_group'])) {
- $carplist = get_configured_carp_interface_list();
+ $viplist = get_configured_vip_list();
foreach ($config['gateways']['gateway_group'] as $group) {
/* create array with group gateways members separated by tier */
$tiers = array();
@@ -919,10 +907,9 @@ function return_gateway_groups_array() {
foreach ($group['item'] as $item) {
list($gwname, $tier, $vipname) = explode("|", $item);
- if (is_ipaddr($carplist[$vipname])) {
- if (!is_array($gwvip_arr[$group['name']])) {
+ if (is_ipaddr($viplist[$vipname])) {
+ if (!is_array($gwvip_arr[$group['name']]))
$gwvip_arr[$group['name']] = array();
- }
$gwvip_arr[$group['name']][$gwname] = $vipname;
}
@@ -999,9 +986,8 @@ function return_gateway_groups_array() {
$groupmember['int'] = $int;
$groupmember['gwip'] = $gatewayip;
$groupmember['weight'] = isset($gateway['weight']) ? $gateway['weight'] : 1;
- if (is_array($gwvip_arr[$group['name']])&& !empty($gwvip_arr[$group['name']][$member])) {
+ if (is_array($gwvip_arr[$group['name']]) && !empty($gwvip_arr[$group['name']][$member]))
$groupmember['vip'] = $gwvip_arr[$group['name']][$member];
- }
$gateway_groups_array[$group['name']][] = $groupmember;
}
}
@@ -1079,7 +1065,9 @@ function get_interface_gateway($interface, &$dynamic = false) {
global $config, $g;
if (substr($interface, 0, 4) == '_vip') {
- $interface = get_configured_carp_interface_list($interface, 'inet', 'iface');
+ $interface = get_configured_vip_interface($interface);
+ if (substr($interface, 0, 4) == '_vip')
+ $interface = get_configured_vip_interface($interface);
}
$gw = NULL;
@@ -1114,7 +1102,9 @@ function get_interface_gateway_v6($interface, &$dynamic = false) {
global $config, $g;
if (substr($interface, 0, 4) == '_vip') {
- $interface = get_configured_carp_interface_list($interface, 'inet6', 'iface');
+ $interface = get_configured_vip_interface($interface);
+ if (substr($interface, 0, 4) == '_vip')
+ $interface = get_configured_vip_interface($interface);
}
$gw = NULL;
diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
index 60ba40e..dc984fd 100644
--- a/src/etc/inc/interfaces.inc
+++ b/src/etc/inc/interfaces.inc
@@ -1188,20 +1188,7 @@ function interface_reconfigure($interface = "wan", $reloadall = false) {
function interface_vip_bring_down($vip) {
global $g;
- if (strpos($vip['interface'], '_vip')) {
- if (is_ipaddrv6($vip['subnet'])) {
- $family = 'inet6';
- } else {
- $family = 'inet';
- }
-
- $carpvip = get_configured_carp_interface_list($vip['interface'], $family, 'vip');
- $iface = $carpvip['interface'];
- } else {
- $iface = $vip['interface'];
- }
-
- $vipif = get_real_interface($iface);
+ $vipif = get_real_interface($vip['interface']);
switch ($vip['mode']) {
case "proxyarp":
if (file_exists("{$g['varrun_path']}/choparp_{$vipif}.pid")) {
@@ -2324,60 +2311,30 @@ function interface_ipalias_configure(&$vip) {
return;
}
- if ($vip['interface'] != 'lo0' && stripos($vip['interface'], '_vip') === false) {
- if (!isset($config['interfaces'][$vip['interface']])) {
+ $realif = get_real_interface("_vip{$vip['uniqid']}");
+ if ($realif != "lo0") {
+ $if = convert_real_interface_to_friendly_interface_name($realif);
+ if (!isset($config['interfaces'][$if])) {
return;
}
- if (!isset($config['interfaces'][$vip['interface']]['enable'])) {
+ if (!isset($config['interfaces'][$if]['enable'])) {
return;
}
}
$af = 'inet';
- if (is_ipaddrv6($vip['subnet'])) {
+ if (is_ipaddrv6($vip['subnet']))
$af = 'inet6';
- }
$iface = $vip['interface'];
- $vipadd = '';
- if (strpos($vip['interface'], '_vip')) {
- $carpvip = get_configured_carp_interface_list($vip['interface'], $af, 'vip');
+ $vhid = '';
+ if (substr($vip['interface'], 0, 4) == "_vip") {
+ $carpvip = get_configured_vip($vip['interface']);
$iface = $carpvip['interface'];
- $vipadd = "vhid {$carpvip['vhid']}";
- }
- $if = get_real_interface($iface);
- mwexec("/sbin/ifconfig " . escapeshellarg($if) ." {$af} ". escapeshellarg($vip['subnet']) ."/" . escapeshellarg($vip['subnet_bits']) . " alias {$vipadd}");
- unset($iface, $af, $if, $carpvip, $vipadd);
-}
-
-function interface_reload_carps($cif) {
- global $config;
-
- $carpifs = link_ip_to_carp_interface(find_interface_ip($cif));
- if (empty($carpifs)) {
- return;
- }
-
- $carps = explode(" ", $carpifs);
- if (is_array($config['virtualip']['vip'])) {
- $viparr = &$config['virtualip']['vip'];
- foreach ($viparr as $vip) {
- if (in_array($vip['carpif'], $carps)) {
- switch ($vip['mode']) {
- case "carp":
- interface_vip_bring_down($vip);
- sleep(1);
- interface_carp_configure($vip);
- break;
- case "ipalias":
- interface_vip_bring_down($vip);
- sleep(1);
- interface_ipalias_configure($vip);
- break;
- }
- }
- }
+ $vhid = "vhid {$carpvip['vhid']}";
}
+ mwexec("/sbin/ifconfig " . escapeshellarg($realif) ." {$af} ". escapeshellarg($vip['subnet']) ."/" . escapeshellarg($vip['subnet_bits']) . " alias {$vhid}");
+ unset($iface, $af, $realif, $carpvip, $vhid);
}
function interface_carp_configure(&$vip) {
@@ -4535,16 +4492,6 @@ function get_current_wan_address($interface = "wan") {
function convert_real_interface_to_friendly_interface_name($interface = "wan", $checkparent = false) {
global $config;
- if (stripos($interface, "_vip")) {
- foreach ($config['virtualip']['vip'] as $counter => $vip) {
- if ($vip['mode'] == "carp") {
- if ($interface == "_vip{$vip['uniqid']}") {
- return $vip['interface'];
- }
- }
- }
- }
-
/* XXX: For speed reasons reference directly the interface array */
$ifdescrs = &$config['interfaces'];
//$ifdescrs = get_configured_interface_list(false, true);
@@ -4781,10 +4728,9 @@ function get_real_interface($interface = "wan", $family = "all", $realv6iface =
break;
default:
if (substr($interface, 0, 4) == '_vip') {
- $wanif = get_configured_carp_interface_list($interface, $family, 'iface');
- if (!empty($wanif)) {
- $wanif = get_real_interface($wanif, $family);
- }
+ $wanif = get_configured_vip_interface($interface);
+ if (!empty($wanif))
+ $wanif = get_real_interface($wanif);
break;
} else if (substr($interface, 0, 5) == '_lloc') {
$interface = substr($interface, 5);
@@ -4961,123 +4907,6 @@ function find_virtual_ip_alias($ip, $bits = null) {
return false;
}
-/*
- * find_number_of_created_carp_interfaces: return the number of carp interfaces
- */
-function find_number_of_created_carp_interfaces() {
- return `/sbin/ifconfig | /usr/bin/grep "carp:" | /usr/bin/wc -l`;
-}
-
-/*
- * find_carp_interface($ip): return the carp interface where an ip is defined
- */
-function find_carp_interface($ip) {
- global $config;
- if (is_array($config['virtualip']['vip'])) {
- foreach ($config['virtualip']['vip'] as $vip) {
- if ($vip['mode'] == "carp") {
- if (is_ipaddrv4($ip)) {
- $carp_ip = get_interface_ip($vip['interface']);
- }
- if (is_ipaddrv6($ip)) {
- $carp_ip = get_interface_ipv6($vip['interface']);
- }
- exec("/sbin/ifconfig", $output, $return);
- foreach ($output as $line) {
- $elements = preg_split("/[ ]+/i", $line);
- if (strstr($elements[0], "vip")) {
- $curif = str_replace(":", "", $elements[0]);
- }
- if (stristr($line, $ip)) {
- $if = $curif;
- continue;
- }
- }
-
- if ($if) {
- return $if;
- }
- }
- }
- }
-}
-
-function link_carp_interface_to_parent($interface) {
- global $config;
-
- if (empty($interface)) {
- return;
- }
-
- $carp_ip = get_interface_ip($interface);
- $carp_ipv6 = get_interface_ipv6($interface);
-
- if ((!is_ipaddrv4($carp_ip)) && (!is_ipaddrv6($carp_ipv6))) {
- return;
- }
-
- /* if list */
- $ifdescrs = get_configured_interface_list();
- foreach ($ifdescrs as $ifdescr => $ifname) {
- /* check IPv4 */
- if (is_ipaddrv4($carp_ip)) {
- $interfaceip = get_interface_ip($ifname);
- $subnet_bits = get_interface_subnet($ifname);
- $subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
- if (ip_in_subnet($carp_ip, "{$subnet_ip}/{$subnet_bits}")) {
- return $ifname;
- }
- }
- /* Check IPv6 */
- if (is_ipaddrv6($carp_ipv6)) {
- $interfaceipv6 = get_interface_ipv6($ifname);
- $prefixlen = get_interface_subnetv6($ifname);
- if (ip_in_subnet($carp_ipv6, "{$interfaceipv6}/{$prefixlen}")) {
- return $ifname;
- }
- }
- }
- return "";
-}
-
-
-/****f* interfaces/link_ip_to_carp_interface
- * NAME
- * link_ip_to_carp_interface - Find where a CARP interface links to.
- * INPUTS
- * $ip
- * RESULT
- * $carp_ints
- ******/
-function link_ip_to_carp_interface($ip) {
- global $config;
-
- if (!is_ipaddr($ip)) {
- return;
- }
-
- $carp_ints = "";
- if (is_array($config['virtualip']['vip'])) {
- $first = 0;
- $carp_int = array();
- foreach ($config['virtualip']['vip'] as $vip) {
- if ($vip['mode'] == "carp") {
- $carp_ip = $vip['subnet'];
- $carp_sn = $vip['subnet_bits'];
- $carp_nw = gen_subnet($carp_ip, $carp_sn);
- if (ip_in_subnet($ip, "{$carp_nw}/{$carp_sn}")) {
- $carp_int[] = get_real_interface($vip['interface']);
- }
- }
- }
- if (!empty($carp_int)) {
- $carp_ints = implode(" ", array_unique($carp_int));
- }
- }
-
- return $carp_ints;
-}
-
function link_interface_to_track6($int, $action = "") {
global $config;
@@ -5433,22 +5262,11 @@ function get_possible_listen_ips($include_ipv6_link_local=false) {
}
}
}
- /* XXX: Maybe use array_merge below? */
- $carplist = get_configured_carp_interface_list();
- foreach ($carplist as $cif => $carpip) {
- if (get_vip_descr($carpip)) {
- $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')';
- } else {
- $interfaces[$cif] = $carpip;
- }
- }
- $aliaslist = get_configured_ip_aliases_list();
- foreach ($aliaslist as $aliasip => $aliasif) {
- if (get_vip_descr($aliasip)) {
- $interfaces[$aliasip] = $aliasip . ' (' . get_vip_descr($aliasip) . ')';
- } else {
- $interfaces[$aliasip] = $aliasip;
- }
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vip => $address) {
+ $interfaces[$vip] = $address;
+ if (get_vip_descr($address))
+ $interfaces[$vip] .= " (". get_vip_descr($address) .")";
}
$interfaces['lo0'] = 'Localhost';
@@ -5476,7 +5294,7 @@ function get_possible_traffic_source_addresses($include_ipv6_link_local=false) {
function get_interface_ip($interface = "wan") {
if (substr($interface, 0, 4) == '_vip') {
- return get_configured_carp_interface_list($interface);
+ return get_configured_vip_ipv4($interface);
} else if (substr($interface, 0, 5) == '_lloc') {
/* No link-local address for v4. */
return null;
@@ -5488,7 +5306,7 @@ function get_interface_ip($interface = "wan") {
}
if (substr($realif, 0, 4) == '_vip') {
- return get_configured_carp_interface_list($realif, 'inet', 'ip');
+ return get_configured_vip_ipv4($realif);
} else if (substr($realif, 0, 5) == '_lloc') {
/* No link-local address for v4. */
return null;
@@ -5505,15 +5323,21 @@ function get_interface_ip($interface = "wan") {
function get_interface_ipv6($interface = "wan", $flush = false) {
global $config;
+ if (substr($interface, 0, 4) == '_vip') {
+ return get_configured_vip_ipv6($interface);
+ } else if (substr($interface, 0, 5) == '_lloc') {
+ return get_interface_linklocal($interface);
+ }
+
$realif = get_failover_interface($interface, 'inet6');
if (!$realif) {
return null;
}
- if (substr($interface, 0, 4) == '_vip') {
- return get_configured_carp_interface_list($interface, 'inet6', 'ip');
- } else if (substr($interface, 0, 5) == '_lloc') {
- return get_interface_linklocal($interface);
+ if (substr($realif, 0, 4) == '_vip') {
+ return get_configured_vip_ipv6($realif);
+ } else if (substr($realif, 0, 5) == '_lloc') {
+ return get_interface_linklocal($realif);
}
if (is_array($config['interfaces'][$interface])) {
@@ -5570,42 +5394,36 @@ function get_interface_linklocal($interface = "wan") {
function get_interface_subnet($interface = "wan") {
- if (substr($interface, 0, 4) == '_vip') {
- return get_configured_carp_interface_list($interface, 'inet', 'subnet');
- }
+ if (substr($interface, 0, 4) == '_vip')
+ return (get_configured_vip_subnetv4($interface));
$realif = get_real_interface($interface);
- if (!$realif) {
- return null;
- }
+ if (!$realif)
+ return (NULL);
$cursn = find_interface_subnet($realif);
- if (!empty($cursn)) {
- return $cursn;
- }
+ if (!empty($cursn))
+ return ($cursn);
- return null;
+ return (NULL);
}
function get_interface_subnetv6($interface = "wan") {
- if (substr($interface, 0, 4) == '_vip') {
- return get_configured_carp_interface_list($interface, 'inet6', 'subnet');
- } else if (substr($interface, 0, 5) == '_lloc') {
+ if (substr($interface, 0, 4) == '_vip')
+ return (get_configured_vip_subnetv6($interface));
+ else if (substr($interface, 0, 5) == '_lloc')
$interface = substr($interface, 5);
- }
$realif = get_real_interface($interface, 'inet6');
- if (!$realif) {
- return null;
- }
+ if (!$realif)
+ return (NULL);
$cursn = find_interface_subnetv6($realif);
- if (!empty($cursn)) {
- return $cursn;
- }
+ if (!empty($cursn))
+ return ($cursn);
- return null;
+ return (NULL);
}
/* return outside interfaces with a gateway */
diff --git a/src/etc/inc/ipsec.inc b/src/etc/inc/ipsec.inc
index b90c870..f3e8ef2 100644
--- a/src/etc/inc/ipsec.inc
+++ b/src/etc/inc/ipsec.inc
@@ -275,28 +275,16 @@ function ipsec_ikeid_next() {
function ipsec_get_phase1_src(& $ph1ent) {
if ($ph1ent['interface']) {
- if (!is_ipaddr($ph1ent['interface'])) {
- if (strpos($ph1ent['interface'], '_vip')) {
- $if = $ph1ent['interface'];
- } else {
- $if = get_failover_interface($ph1ent['interface']);
- }
- if ($ph1ent['protocol'] == "inet6") {
- $interfaceip = get_interface_ipv6($if);
- } else {
- $interfaceip = get_interface_ip($if);
- }
- } else {
- $interfaceip = $ph1ent['interface'];
- }
- } else {
+ if (substr($ph1ent['interface'], 0, 4) == "_vip")
+ $if = $ph1ent['interface'];
+ else
+ $if = get_failover_interface($ph1ent['interface']);
+ } else
$if = "wan";
- if ($ph1ent['protocol'] == "inet6") {
- $interfaceip = get_interface_ipv6($if);
- } else {
- $interfaceip = get_interface_ip($if);
- }
- }
+ if ($ph1ent['protocol'] == "inet6")
+ $interfaceip = get_interface_ipv6($if);
+ else
+ $interfaceip = get_interface_ip($if);
return $interfaceip;
}
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc
index c225727..06f44c6 100644
--- a/src/etc/inc/openvpn.inc
+++ b/src/etc/inc/openvpn.inc
@@ -160,25 +160,18 @@ function openvpn_build_if_list() {
$list = array();
$interfaces = get_configured_interface_with_descr();
- $carplist = get_configured_carp_interface_list();
-
- foreach ($carplist as $cif => $carpip) {
- $interfaces[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
- }
-
- $aliaslist = get_configured_ip_aliases_list();
-
- foreach ($aliaslist as $aliasip => $aliasif) {
- $interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vip => $address) {
+ $interfaces[$vip.'|'.$address] = $address;
+ if (get_vip_descr($address)) {
+ $interfaces[$vip.'|'.$address] .= " (";
+ $interfaces[$vip.'|'.$address] .= get_vip_descr($address);
+ $interfaces[$vip.'|'.$address] .= ")";
+ }
}
$grouplist = return_gateway_groups_array();
-
foreach ($grouplist as $name => $group) {
- if ($group['ipprotocol'] != inet) {
- continue;
- }
-
if ($group[0]['vip'] != "") {
$vipif = $group[0]['vip'];
} else {
@@ -277,16 +270,12 @@ function openvpn_build_bridge_list() {
$serverbridge_interface['none'] = "none";
$serverbridge_interface = array_merge($serverbridge_interface, get_configured_interface_with_descr());
- $carplist = get_configured_carp_interface_list();
-
- foreach ($carplist as $cif => $carpip) {
- $serverbridge_interface[$cif.'|'.$carpip] = $carpip." (".get_vip_descr($carpip).")";
- }
-
- $aliaslist = get_configured_ip_aliases_list();
+ $viplist = get_configured_vip_list();
- foreach ($aliaslist as $aliasip => $aliasif) {
- $serverbridge_interface[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ foreach ($viplist as $vip => $address) {
+ $serverbridge_interface[$vip.'|'.$address] = $address;
+ if (get_vip_descr($address))
+ $serverbridge_interface[$vip.'|'.$address] .= " (". get_vip_descr($address) .")";
}
foreach ($serverbridge_interface as $iface => $ifacename) {
diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc
index 07364f2..5aa43f2 100644
--- a/src/etc/inc/pfsense-utils.inc
+++ b/src/etc/inc/pfsense-utils.inc
@@ -2714,20 +2714,6 @@ function where_is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = f
}
}
- $interface_list_vips = get_configured_vips_list(true);
- foreach ($interface_list_vips as $id => $vip) {
- /* Skip CARP interfaces here since they were already checked above */
- if ($id == $ignore_vip_id || (substr($ignore_if, 0, 4) == '_vip') && $ignore_vip_if === $vip['if']) {
- continue;
- }
- if (strcasecmp($ipaddr, $vip['ipaddr']) == 0) {
- $where_entry = array();
- $where_entry['if'] = $vip['if'];
- $where_entry['ip_or_subnet'] = $vip['ipaddr'];
- $where_configured[] = $where_entry;
- }
- }
-
if ($check_localip) {
if (!is_array($config['l2tp']) && !empty($config['l2tp']['localip']) && (strcasecmp($ipaddr, $config['l2tp']['localip']) == 0)) {
$where_entry = array();
diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc
index 6c29b8e..386afd7 100644
--- a/src/etc/inc/services.inc
+++ b/src/etc/inc/services.inc
@@ -73,7 +73,6 @@ function services_radvd_configure($blacklist = array()) {
$Iflist = get_configured_interface_list();
$Iflist = array_merge($Iflist, get_configured_pppoe_server_interfaces());
- $carplist = get_configured_carp_interface_list();
$radvdconf = "# Automatically Generated, do not edit\n";
@@ -106,26 +105,7 @@ function services_radvd_configure($blacklist = array()) {
$dhcpv6ifconf['rapriority'] = "medium";
}
- /* always start with the real parent, we override with the carp if later */
- $carpif = false;
- /* check if we need to listen on a CARP interface */
- if (!empty($dhcpv6ifconf['rainterface'])) {
- if (!empty($carplist[$dhcpv6ifconf['rainterface']])) {
- $dhcpv6if = $dhcpv6ifconf['rainterface'];
- $carpif = true;
- }
- }
-
- if (strstr($dhcpv6if, "_vip")) {
- // CARP IP, check if it's enabled and find parent
- if (!get_carp_status() || get_carp_interface_status($dhcpv6if) != "MASTER") {
- continue;
- }
- $ifparent = link_carp_interface_to_parent($dhcpv6if);
- $realif = convert_friendly_interface_to_real_interface_name($ifparent);
- } else {
- $realif = get_real_interface($dhcpv6if, "inet6");
- }
+ $realif = get_real_interface($dhcpv6if, "inet6");
if (isset($radvdifs[$realif])) {
continue;
@@ -178,11 +158,7 @@ function services_radvd_configure($blacklist = array()) {
break;
}
$radvdconf .= "\tprefix {$subnetv6}/{$ifcfgsnv6} {\n";
- if ($carpif == true) {
- $radvdconf .= "\t\tDeprecatePrefix off;\n";
- } else {
- $radvdconf .= "\t\tDeprecatePrefix on;\n";
- }
+ $radvdconf .= "\t\tDeprecatePrefix on;\n";
switch ($dhcpv6ifconf['ramode']) {
case "managed":
$radvdconf .= "\t\tAdvOnLink on;\n";
@@ -225,11 +201,7 @@ function services_radvd_configure($blacklist = array()) {
foreach ($dhcpv6ifconf['subnets']['item'] as $subnet) {
if (is_subnetv6($subnet)) {
$radvdconf .= "\tprefix {$subnet} {\n";
- if ($carpif == true) {
- $radvdconf .= "\t\tDeprecatePrefix off;\n";
- } else {
- $radvdconf .= "\t\tDeprecatePrefix on;\n";
- }
+ $radvdconf .= "\t\tDeprecatePrefix on;\n";
switch ($dhcpv6ifconf['ramode']) {
case "managed":
$radvdconf .= "\t\tAdvOnLink on;\n";
@@ -256,15 +228,9 @@ function services_radvd_configure($blacklist = array()) {
}
}
}
- if ($carpif === true) {
- $radvdconf .= "\troute ::/0 {\n";
- $radvdconf .= "\t\tRemoveRoute off;\n";
- $radvdconf .= "\t};\n";
- } else {
- $radvdconf .= "\troute ::/0 {\n";
- $radvdconf .= "\t\tRemoveRoute on;\n";
- $radvdconf .= "\t};\n";
- }
+ $radvdconf .= "\troute ::/0 {\n";
+ $radvdconf .= "\t\tRemoveRoute on;\n";
+ $radvdconf .= "\t};\n";
/* add DNS servers */
$dnslist = array();
@@ -322,13 +288,7 @@ function services_radvd_configure($blacklist = array()) {
continue;
}
- if (strstr($if, "_vip")) {
- // CARP IP, find parent
- $ifparent = link_carp_interface_to_parent($if);
- $realif = convert_friendly_interface_to_real_interface_name($ifparent);
- } else {
- $realif = get_real_interface($if, "inet6");
- }
+ $realif = get_real_interface($if, "inet6");
/* prevent duplicate entries, manual overrides */
if (isset($radvdifs[$realif])) {
@@ -1924,7 +1884,6 @@ function services_dyndns_configure_client($conf) {
$dns = new updatedns($dnsService = $conf['type'],
$dnsHost = $conf['host'],
- $dnsDomain = $conf['domainname'],
$dnsUser = $conf['username'],
$dnsPass = $conf['password'],
$dnsWildcard = $conf['wildcard'],
@@ -2054,43 +2013,23 @@ function services_dnsmasq_configure() {
if (isset($config['dnsmasq']['interface'])) {
$interfaces = explode(",", $config['dnsmasq']['interface']);
foreach ($interfaces as $interface) {
- if (is_ipaddrv4($interface)) {
- $listen_addresses .= " --listen-address={$interface} ";
- } else if (is_ipaddrv6($interface)) {
- /*
- * XXX: Since dnsmasq does not support link-local address
- * with scope specified. These checks are being done.
- */
- if (is_linklocal($interface) && strstr($interface, "%")) {
- $tmpaddrll6 = explode("%", $interface);
- $listen_addresses .= " --listen-address={$tmpaddrll6[0]} ";
- } else {
- $listen_addresses .= " --listen-address={$interface} ";
- }
- } else if (strstr($interface, "_vip")) {
- $laddr = get_configured_carp_interface_list($interface);
- if (is_ipaddr($laddr)) {
+ $if = get_real_interface($interface);
+ if (does_interface_exist($if)) {
+ $laddr = get_interface_ip($interface);
+ if (is_ipaddrv4($laddr)) {
$listen_addresses .= " --listen-address={$laddr} ";
}
- } else {
- $if = get_real_interface($interface);
- if (does_interface_exist($if)) {
- $laddr = get_interface_ip($interface);
- if (is_ipaddrv4($laddr)) {
- $listen_addresses .= " --listen-address={$laddr} ";
- }
- $laddr6 = get_interface_ipv6($interface);
- if (is_ipaddrv6($laddr6) && !isset($config['dnsmasq']['strictbind'])) {
- /*
- * XXX: Since dnsmasq does not support link-local address
- * with scope specified. These checks are being done.
- */
- if (is_linklocal($laddr6) && strstr($laddr6, "%")) {
- $tmpaddrll6 = explode("%", $laddr6);
- $listen_addresses .= " --listen-address={$tmpaddrll6[0]} ";
- } else {
- $listen_addresses .= " --listen-address={$laddr6} ";
- }
+ $laddr6 = get_interface_ipv6($interface);
+ if (is_ipaddrv6($laddr6) && !isset($config['dnsmasq']['strictbind'])) {
+ /*
+ * XXX: Since dnsmasq does not support link-local address
+ * with scope specified. These checks are being done.
+ */
+ if (is_linklocal($laddr6) && strstr($laddr6, "%")) {
+ $tmpaddrll6 = explode("%", $laddr6);
+ $listen_addresses .= " --listen-address={$tmpaddrll6[0]} ";
+ } else {
+ $listen_addresses .= " --listen-address={$laddr6} ";
}
}
}
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index e9a53b9..ca3af44 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -1792,17 +1792,15 @@ function system_ntp_configure($start_ntpd=true) {
}
if (is_array($interfaces) && count($interfaces)) {
+ $finterfaces = array();
$ntpcfg .= "interface ignore all\n";
foreach ($interfaces as $interface) {
- if (strstr($interface, "_vip")) {
- $interface = get_configured_carp_interface_list($interface);
- }
- if (!is_ipaddr($interface)) {
- $interface = get_real_interface($interface);
- }
- if (!empty($interface)) {
- $ntpcfg .= "interface listen {$interface}\n";
- }
+ $interface = get_real_interface($interface);
+ if (!empty($interface))
+ $finterfaces[] = $interface;
+ }
+ foreach ($finterfaces as $interface) {
+ $ntpcfg .= "interface listen {$interface}\n";
}
}
diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc
index 5a23f9f..3ec908f 100644
--- a/src/etc/inc/util.inc
+++ b/src/etc/inc/util.inc
@@ -1132,108 +1132,98 @@ function is_inrange($test, $start, $end) {
return is_ipaddrv6($test) ? is_inrange_v6($test, $start, $end) : is_inrange_v4($test, $start, $end);
}
-/* XXX: return the configured carp interface list */
-function get_configured_carp_interface_list($carpinterface = '', $family = 'inet', $what = 'ip') {
+function get_configured_vip_list($family = 'all') {
global $config;
- $iflist = array();
-
- if (!is_array($config['virtualip']['vip']) || empty($config['virtualip']['vip'])) {
- return $iflist;
- }
+ $list = array();
+ if (!is_array($config['virtualip']['vip']) || empty($config['virtualip']['vip']))
+ return ($list);
$viparr = &$config['virtualip']['vip'];
foreach ($viparr as $vip) {
- if ($vip['mode'] != "carp") {
+ if ($vip['mode'] != "carp" && $vip['mode'] != "ipalias")
continue;
+
+ if ($family == 'all' ||
+ ($family == 'inet' && is_ipaddrv4($vip['subnet'])) ||
+ ($family == 'inet6' && is_ipaddrv6($vip['subnet']))) {
+ $list["_vip{$vip['uniqid']}"] = $vip['subnet'];
}
+ }
+ return ($list);
+}
+
+function get_configured_vip($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'all', 'vip'));
+}
+
+function get_configured_vip_interface($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'all', 'iface'));
+}
+
+function get_configured_vip_ipv4($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'inet', 'ip'));
+}
- if (empty($carpinterface)) {
- $iflist["_vip{$vip['uniqid']}"] = $vip['subnet'];
+function get_configured_vip_ipv6($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'inet6', 'ip'));
+}
+
+function get_configured_vip_subnetv4($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'inet', 'subnet'));
+}
+
+function get_configured_vip_subnetv6($vipinterface = '') {
+
+ return (get_configured_vip_detail($vipinterface, 'inet6', 'subnet'));
+}
+
+function get_configured_vip_detail($vipinterface = '', $family = 'inet', $what = 'ip') {
+ global $config;
+
+ if (empty($vipinterface) || !is_array($config['virtualip']['vip']) ||
+ empty($config['virtualip']['vip'])) {
+ return (NULL);
+ }
+
+ $viparr = &$config['virtualip']['vip'];
+ foreach ($viparr as $vip) {
+ if ($vip['mode'] != "carp" && $vip['mode'] != "ipalias")
continue;
- }
- if ($carpinterface != "_vip{$vip['uniqid']}") {
+ if ($vipinterface != "_vip{$vip['uniqid']}")
continue;
- }
switch ($what) {
case 'subnet':
- if ($family == 'inet' && is_ipaddrv4($vip['subnet'])) {
- return $vip['subnet_bits'];
- } else if ($family == 'inet6' && is_ipaddrv6($vip['subnet'])) {
- return $vip['subnet_bits'];
- }
+ if ($family == 'inet' && is_ipaddrv4($vip['subnet']))
+ return ($vip['subnet_bits']);
+ else if ($family == 'inet6' && is_ipaddrv6($vip['subnet']))
+ return ($vip['subnet_bits']);
break;
case 'iface':
- if ($family == 'inet' && is_ipaddrv4($vip['subnet'])) {
- return $vip['interface'];
- } else if ($family == 'inet6' && is_ipaddrv6($vip['subnet'])) {
- return $vip['interface'];
- }
+ return ($vip['interface']);
break;
case 'vip':
- if ($family == 'inet' && is_ipaddrv4($vip['subnet'])) {
- return $vip;
- } else if ($family == 'inet6' && is_ipaddrv6($vip['subnet'])) {
- return $vip;
- }
+ return ($vip);
break;
case 'ip':
default:
- if ($family == 'inet' && is_ipaddrv4($vip['subnet'])) {
- return $vip['subnet'];
- } else if ($family == 'inet6' && is_ipaddrv6($vip['subnet'])) {
- return $vip['subnet'];
- }
+ if ($family == 'inet' && is_ipaddrv4($vip['subnet']))
+ return ($vip['subnet']);
+ else if ($family == 'inet6' && is_ipaddrv6($vip['subnet']))
+ return ($vip['subnet']);
break;
}
break;
}
- return $iflist;
-}
-
-/* return the configured IP aliases list */
-function get_configured_ip_aliases_list($returnfullentry = false) {
- global $config;
-
- $alias_list = array();
-
- if (is_array($config['virtualip']['vip'])) {
- $viparr = &$config['virtualip']['vip'];
- foreach ($viparr as $vip) {
- if ($vip['mode'] == "ipalias") {
- if ($returnfullentry) {
- $alias_list[$vip['subnet']] = $vip;
- } else {
- $alias_list[$vip['subnet']] = $vip['interface'];
- }
- }
- }
- }
-
- return $alias_list;
-}
-
-/* return all configured aliases list (IP, carp, proxyarp and other) */
-function get_configured_vips_list() {
- global $config;
-
- $alias_list = array();
-
- if (is_array($config['virtualip']['vip'])) {
- $viparr = &$config['virtualip']['vip'];
- foreach ($viparr as $vip) {
- if ($vip['mode'] == "carp") {
- $alias_list[] = array("ipaddr" => $vip['subnet'], "if" => "_vip{$vip['uniqid']}");
- } else {
- $alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
- }
- }
- }
-
- return $alias_list;
+ return ($list);
}
/* comparison function for sorting by the order in which interfaces are normally created */
@@ -1319,7 +1309,7 @@ function get_configured_interface_with_descr($only_opt = false, $withdisabled =
/*
* get_configured_ip_addresses() - Return a list of all configured
- * interfaces IP Addresses
+ * IPv4 addresses.
*
*/
function get_configured_ip_addresses() {
@@ -1336,7 +1326,7 @@ function get_configured_ip_addresses() {
$ip_array[$int] = $ipaddr;
}
}
- $interfaces = get_configured_carp_interface_list();
+ $interfaces = get_configured_vip_list('inet');
if (is_array($interfaces)) {
foreach ($interfaces as $int => $ipaddr) {
$ip_array[$int] = $ipaddr;
@@ -1360,7 +1350,7 @@ function get_configured_ip_addresses() {
/*
* get_configured_ipv6_addresses() - Return a list of all configured
- * interfaces IPv6 Addresses
+ * IPv6 addresses.
*
*/
function get_configured_ipv6_addresses() {
@@ -1373,7 +1363,7 @@ function get_configured_ipv6_addresses() {
$ipv6_array[$int] = $ipaddrv6;
}
}
- $interfaces = get_configured_carp_interface_list();
+ $interfaces = get_configured_vip_list('inet6');
if (is_array($interfaces)) {
foreach ($interfaces as $int => $ipaddrv6) {
$ipv6_array[$int] = $ipaddrv6;
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc
index c79a761..c7d6662 100644
--- a/src/etc/inc/vpn.inc
+++ b/src/etc/inc/vpn.inc
@@ -275,7 +275,6 @@ function vpn_ipsec_configure($restart = false) {
$ipmap = array();
$rgmap = array();
$filterdns_list = array();
- $listeniflist = array();
$aggressive_mode_psk = false;
unset($iflist);
$ifacesuse = array();
@@ -289,14 +288,14 @@ function vpn_ipsec_configure($restart = false) {
continue;
}
- if (strpos($ph1ent['interface'], '_vip')) {
- $vpninterface = explode('_vip', $ph1ent['interface']);
- $ifacesuse[] = get_real_interface($vpninterface[0]);
+ if (substr($ph1ent['interface'], 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($ph1ent['interface']);
+ $ifacesuse[] = get_real_interface($vpninterface);
} else {
$vpninterface = get_failover_interface($ph1ent['interface']);
- if (strpos($vpninterface, '_vip')) {
- $vpninterface = explode('_vip', $vpninterface);
- $ifacesuse[] = get_real_interface($vpninterface[0]);
+ if (substr($vpninterface, 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($vpninterface);
+ $ifacesuse[] = get_real_interface($vpninterface);
} elseif (!empty($vpninterface)) {
$ifacesuse[] = $vpninterface;
}
@@ -307,7 +306,6 @@ function vpn_ipsec_configure($restart = false) {
}
$ikeid = $ph1ent['ikeid'];
- $listeniflist = get_real_interface($a_phase1['interface']);
$ep = ipsec_get_phase1_src($ph1ent);
if (!is_ipaddr($ep)) {
@@ -388,10 +386,10 @@ function vpn_ipsec_configure($restart = false) {
}
/* if no valid src IP was found in configured interfaces, try the vips */
if (is_null($srcip)) {
- $viplist = get_configured_vips_list();
- foreach ($viplist as $vip) {
- if (ip_in_subnet($vip['ipaddr'], $local_subnet)) {
- $srcip = $vip['ipaddr'];
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vip => $address) {
+ if (ip_in_subnet($address, $local_subnet)) {
+ $srcip = $address;
break;
}
}
@@ -897,16 +895,14 @@ EOD;
}
if ($ph1ent['protocol'] == 'inet') {
- if (strpos($ph1ent['interface'], '_vip')) {
- $vpninterface = explode('_vip', $ph1ent['interface']);
- $ifacesuse = get_real_interface($vpninterface[0]);
- $vpninterface = $vpninterface[0];
+ if (substr($ph1ent['interface'], 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($ph1ent['interface']);
+ $ifacesuse = get_real_interface($vpninterface);
} else {
$ifacesuse = get_failover_interface($ph1ent['interface']);
- if (strpos($ifacesuse, '_vip')) {
- $vpninterface = explode('_vip', $ifacesuse);
- $ifacesuse = get_real_interface($vpninterface[0]);
- $vpninterface = $vpninterface[0];
+ if (substr($ifacesuse, 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($ifacesuse);
+ $ifacesuse = get_real_interface($vpninterface);
} else {
$vpninterface = convert_real_interface_to_friendly_interface_name($ifacesuse);
}
@@ -926,16 +922,14 @@ EOD;
}
}
} else if ($ph1ent['protocol'] == 'inet6') {
- if (strpos($ph1ent['interface'], '_vip')) {
- $vpninterface = explode('_vip', $ph1ent['interface']);
- $ifacesuse = get_real_interface($vpninterface[0]);
- $vpninterface = $vpninterface[0];
+ if (substr($ph1ent['interface'], 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($ph1ent['interface']);
+ $ifacesuse = get_real_interface($vpninterface);
} else {
$ifacesuse = get_failover_interface($ph1ent['interface']);
- if (strpos($ifacesuse, '_vip')) {
- $vpninterface = explode('_vip', $ifacesuse);
- $ifacesuse = get_real_interface($vpninterface[0]);
- $vpninterface = $vpninterface[0];
+ if (substr($ifacesuse, 0, 4) == "_vip") {
+ $vpninterface = get_configured_vip_interface($ifacesuse);
+ $ifacesuse = get_real_interface($vpninterface);
} else {
$vpninterface = convert_real_interface_to_friendly_interface_name($ifacesuse);
}
diff --git a/src/usr/local/www/firewall_virtual_ip.php b/src/usr/local/www/firewall_virtual_ip.php
index 964ba69..4e8226c 100644
--- a/src/usr/local/www/firewall_virtual_ip.php
+++ b/src/usr/local/www/firewall_virtual_ip.php
@@ -302,10 +302,18 @@ display_top_tabs($tab_array);
<tbody>
<?php
$interfaces = get_configured_interface_with_descr(false, true);
-$carplist = get_configured_carp_interface_list();
-
-foreach ($carplist as $cif => $carpip) {
- $interfaces[$cif] = $carpip." (".get_vip_descr($carpip).")";
+$viplist = get_configured_vip_list();
+
+foreach ($viplist as $vipname => $address) {
+ $interfaces[$vipname] = $address;
+ $interfaces[$vipname] .= " (";
+ if (get_vip_descr($address))
+ $interfaces[$vipname] .= get_vip_descr($address);
+ else {
+ $vip = get_configured_vip($vipname);
+ $interfaces[$vipname] .= "vhid: {$vip['vhid']}";
+ }
+ $interfaces[$vipname] .= ")";
}
$interfaces['lo0'] = "Localhost";
diff --git a/src/usr/local/www/firewall_virtual_ip_edit.php b/src/usr/local/www/firewall_virtual_ip_edit.php
index f459813..d3beb92 100644
--- a/src/usr/local/www/firewall_virtual_ip_edit.php
+++ b/src/usr/local/www/firewall_virtual_ip_edit.php
@@ -141,23 +141,18 @@ if ($_POST) {
if (isset($id) && isset($a_vip[$id])) {
$ignore_if = $a_vip[$id]['interface'];
$ignore_mode = $a_vip[$id]['mode'];
- if (isset($a_vip[$id]['uniqid'])) {
+ if (isset($a_vip[$id]['uniqid']))
$ignore_uniqid = $a_vip[$id]['uniqid'];
- }
} else {
$ignore_if = $_POST['interface'];
$ignore_mode = $_POST['mode'];
}
- if (!isset($ignore_uniqid)) {
+ if (!isset($ignore_uniqid))
$ignore_uniqid = $_POST['uniqid'];
- }
- if ($ignore_mode == 'carp') {
+ if ($ignore_mode == 'carp' || $ignore_mode == 'ipalias')
$ignore_if = "_vip{$ignore_uniqid}";
- } else {
- $ignore_if .= "_virtualip{$id}";
- }
if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) {
$input_errors[] = gettext("This IP address is being used by another interface or VIP.");
@@ -215,37 +210,18 @@ if ($_POST) {
if ($_POST['interface'] == 'lo0') {
$input_errors[] = gettext("For this type of vip localhost is not allowed.");
- } else if (strpos($_POST['interface'], '_vip')) {
+ } else if (strstr($_POST['interface'], '_vip')) {
$input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs.");
}
break;
case 'ipalias':
- if (strstr($_POST['interface'], "_vip")) {
- if (is_ipaddrv4($_POST['subnet'])) {
- $parent_ip = get_interface_ip($_POST['interface']);
- $parent_sn = get_interface_subnet($_POST['interface']);
- $subnet = gen_subnet($parent_ip, $parent_sn);
- } else if (is_ipaddrv6($_POST['subnet'])) {
- $parent_ip = get_interface_ipv6($_POST['interface']);
- $parent_sn = get_interface_subnetv6($_POST['interface']);
- $subnet = gen_subnetv6($parent_ip, $parent_sn);
- }
-
- if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") &&
- !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) {
- $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits'] ;
- $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."), $cannot_find);
- }
-
- unset($parent_ip, $parent_sn, $subnet);
- }
-
+ /* ipalias works fine with localhost and CARP. */
break;
default:
if ($_POST['interface'] == 'lo0') {
$input_errors[] = gettext("For this type of vip localhost is not allowed.");
- } else if (strpos($_POST['interface'], '_vip')) {
+ } else if (strstr($_POST['interface'], '_vip')) {
$input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs.");
}
@@ -283,6 +259,10 @@ if ($_POST) {
}
}
+ /* IPalias specific fields */
+ if ($_POST['mode'] === "ipalias")
+ $vipent['uniqid'] = $_POST['uniqid'];
+
/* Common fields */
$vipent['descr'] = $_POST['descr'];
if (isset($_POST['type'])) {
@@ -343,10 +323,20 @@ function build_if_list() {
$list = array();
$interfaces = get_configured_interface_with_descr(false, true);
- $carplist = get_configured_carp_interface_list();
-
- foreach ($carplist as $cif => $carpip) {
- $interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')';
+ $carplist = get_configured_vip_list();
+
+ foreach ($carplist as $vipname => $address) {
+ $vip = get_configured_vip($vipname);
+ if ($vip['mode'] != 'carp')
+ continue;
+
+ $interfaces[$vipname] = $address;
+ $interfaces[$vipname] .= " (";
+ if (get_vip_descr($address))
+ $interfaces[$vipname] .= get_vip_descr($address);
+ else
+ $interfaces[$vipname] .= "vhid: {$vip['vhid']}";
+ $interfaces[$vipname] .= ")";
}
$interfaces['lo0'] = 'Localhost';
diff --git a/src/usr/local/www/interfaces_gre.php b/src/usr/local/www/interfaces_gre.php
index 76da5dc..0acbf1e 100644
--- a/src/usr/local/www/interfaces_gre.php
+++ b/src/usr/local/www/interfaces_gre.php
@@ -135,10 +135,15 @@ display_top_tabs($tab_array);
</tr>
</thead>
<tbody>
-<?php foreach ($a_gres as $i => $gre): ?>
+<?php foreach ($a_gres as $i => $gre):
+ if (substr($gre['if'], 0, 4) == "_vip")
+ $if = convert_real_interface_to_friendly_descr(get_real_interface($gre['if']));
+ else
+ $if = $gre['if'];
+?>
<tr>
<td>
- <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($gre['if']))?>
+ <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($if))?>
</td>
<td>
<?=htmlspecialchars($gre['remote-addr'])?>
diff --git a/src/usr/local/www/services_ntpd.php b/src/usr/local/www/services_ntpd.php
index 7892456..e91545b 100644
--- a/src/usr/local/www/services_ntpd.php
+++ b/src/usr/local/www/services_ntpd.php
@@ -229,22 +229,9 @@ function build_interface_list() {
$iflist = array('options' => array(), 'selected' => array());
$interfaces = get_configured_interface_with_descr();
- $carplist = get_configured_carp_interface_list();
-
- foreach ($carplist as $cif => $carpip) {
- $interfaces[$cif] = $carpip . " (" . get_vip_descr($carpip) .")";
- }
-
- $aliaslist = get_configured_ip_aliases_list();
-
- foreach ($aliaslist as $aliasip => $aliasif) {
- $interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
- }
-
- $size = (count($interfaces) < 10) ? count($interfaces) : 10;
-
foreach ($interfaces as $iface => $ifacename) {
- if (!is_ipaddr(get_interface_ip($iface)) && !is_ipaddr($iface)) {
+ if (!is_ipaddr(get_interface_ip($iface)) &&
+ !is_ipaddrv6(get_interface_ipv6($iface))) {
continue;
}
diff --git a/src/usr/local/www/services_router_advertisements.php b/src/usr/local/www/services_router_advertisements.php
index dd13ed1..c7a221b 100644
--- a/src/usr/local/www/services_router_advertisements.php
+++ b/src/usr/local/www/services_router_advertisements.php
@@ -122,7 +122,6 @@ if (is_array($config['dhcpdv6'][$if])) {
$pconfig['ravalidlifetime'] = $config['dhcpdv6'][$if]['ravalidlifetime'];
$pconfig['rapreferredlifetime'] = $config['dhcpdv6'][$if]['rapreferredlifetime'];
- $pconfig['rainterface'] = $config['dhcpdv6'][$if]['rainterface'];
$pconfig['radomainsearchlist'] = $config['dhcpdv6'][$if]['radomainsearchlist'];
list($pconfig['radns1'], $pconfig['radns2'], $pconfig['radns3']) = $config['dhcpdv6'][$if]['radnsserver'];
$pconfig['rasamednsasdhcp6'] = isset($config['dhcpdv6'][$if]['rasamednsasdhcp6']);
@@ -144,7 +143,6 @@ $priority_modes = array(
"low" => gettext("Low"),
"medium" => gettext("Normal"),
"high" => gettext("High"));
-$carplist = get_configured_carp_interface_list();
$subnets_help = '<span class="help-block">' .
gettext("Subnets are specified in CIDR format. " .
@@ -206,7 +204,6 @@ if ($_POST) {
$config['dhcpdv6'][$if]['ramode'] = $_POST['ramode'];
$config['dhcpdv6'][$if]['rapriority'] = $_POST['rapriority'];
- $config['dhcpdv6'][$if]['rainterface'] = $_POST['rainterface'];
$config['dhcpdv6'][$if]['ravalidlifetime'] = $_POST['ravalidlifetime'];
$config['dhcpdv6'][$if]['rapreferredlifetime'] = $_POST['rapreferredlifetime'];
@@ -325,37 +322,11 @@ $section->addInput(new Form_Input(
))->setHelp('Seconds. The length of time in seconds (relative to the time the packet is sent) that addresses generated from the prefix via stateless address autoconfiguration remain preferred.' . ' <br />' .
'The default is 14400 seconds.');
-$carplistif = array();
-if (count($carplist) > 0) {
- foreach ($carplist as $ifname => $vip) {
- if ((preg_match("/^{$if}_/", $ifname)) && (is_ipaddrv6($vip))) {
- $carplistif[$ifname] = $vip;
- }
- }
-}
-
-if (count($carplistif) > 0) {
- $list = array();
-
- foreach ($carplistif as $ifname => $vip) {
- $list['interface'] = strtoupper($if);
- $list[$ifname] = $ifname . ' - ' . $vip;
- }
-
- $section->addInput(new Form_Select(
- 'rainterface',
- 'RA Interface',
- $pconfig['rainterface'],
- $list
- ))->setHelp('Select the Interface for the Router Advertisement (RA) Daemon.');
-}
-
$section->addInput(new Form_StaticText(
'RA Subnets',
$subnets_help
));
-
if (empty($pconfig['subnets'])) {
$pconfig['subnets'] = array('0' => '/128');
}
diff --git a/src/usr/local/www/status_carp.php b/src/usr/local/www/status_carp.php
index 39d2a64..748c36b 100644
--- a/src/usr/local/www/status_carp.php
+++ b/src/usr/local/www/status_carp.php
@@ -64,11 +64,25 @@ require_once("guiconfig.inc");
require_once("globals.inc");
unset($interface_arr_cache);
-unset($carp_interface_count_cache);
unset($interface_ip_arr_cache);
+
+function find_ipalias($carpif) {
+ global $config;
+
+ $ips = array();
+ foreach ($config['virtualip']['vip'] as $vip) {
+ if ($vip['mode'] != "ipalias")
+ continue;
+ if ($vip['interface'] != $carpif)
+ continue;
+ $ips[] = "{$vip['subnet']}/{$vip['subnet_bits']}";
+ }
+
+ return ($ips);
+}
+
$status = get_carp_status();
-$status = intval($status);
if ($_POST['carp_maintenancemode'] != "") {
interfaces_carp_set_maintenancemode(!isset($config["virtualip_carp_maintenancemode"]));
@@ -80,28 +94,27 @@ if ($_POST['disablecarp'] != "") {
if (is_array($config['virtualip']['vip'])) {
$viparr = &$config['virtualip']['vip'];
foreach ($viparr as $vip) {
- switch ($vip['mode']) {
- case "carp":
- interface_vip_bring_down($vip);
-
- /*
- * Reconfigure radvd when necessary
- * XXX: Is it the best way to do it?
- */
- if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) {
- foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) {
- if ($dhcpv6if !== $vip['interface'] ||
- $dhcpv6ifconf['ramode'] === "disabled") {
- continue;
- }
-
- services_radvd_configure();
- break;
- }
+ if ($vip['mode'] != "carp" && $vip['mode'] != "ipalias")
+ continue;
+ if ($vip['mode'] == "ipalias" && substr($vip['interface'], 0, 4) != "_vip")
+ continue;
+
+ interface_vip_bring_down($vip);
+
+ /*
+ * Reconfigure radvd when necessary
+ * XXX: Is it the best way to do it?
+ */
+ if (isset($config['dhcpdv6']) && is_array($config['dhcpdv6'])) {
+ foreach ($config['dhcpdv6'] as $dhcpv6if => $dhcpv6ifconf) {
+ if ($dhcpv6if !== $vip['interface'] ||
+ $dhcpv6ifconf['ramode'] === "disabled") {
+ continue;
}
- sleep(1);
+ services_radvd_configure();
break;
+ }
}
}
}
@@ -115,12 +128,10 @@ if ($_POST['disablecarp'] != "") {
switch ($vip['mode']) {
case "carp":
interface_carp_configure($vip);
- sleep(1);
break;
case 'ipalias':
- if (strpos($vip['interface'], '_vip')) {
+ if (substr($vip['interface'], 0, 4) == "_vip")
interface_ipalias_configure($vip);
- }
break;
}
}
@@ -219,9 +230,9 @@ if ($carpcount == 0) {
continue;
}
- $ipaddress = $carp['subnet'];
$vhid = $carp['vhid'];
$status = get_carp_interface_status("_vip{$carp['uniqid']}");
+ $aliases = find_ipalias("_vip{$carp['uniqid']}");
if ($carp_enabled == false) {
$icon = 'times-circle';
@@ -238,7 +249,13 @@ if ($carpcount == 0) {
?>
<tr>
<td><?=convert_friendly_interface_to_friendly_descr($carp['interface'])?>@<?=$vhid?></td>
- <td><?=$ipaddress?></td>
+ <td>
+<?php
+ printf("{$carp['subnet']}/{$carp['subnet_bits']}");
+ for ($i = 0; $i < count($aliases); $i++)
+ printf("<br>{$aliases[$i]}");
+?>
+ </td>
<td><i class="fa fa-<?=$icon?>"></i>&nbsp;<?=$status?></td>
</tr>
<?php }?>
@@ -253,8 +270,14 @@ if ($carpcount == 0) {
<div class="panel-body">
<ul>
<?php
- foreach (explode("\n", exec_command("/sbin/pfctl -vvss | /usr/bin/grep creator | /usr/bin/cut -d\" \" -f7 | /usr/bin/sort -u")) as $node) {
- echo '<li>'. $node .'</li>';
+
+ $nodes = array();
+ $states = pfSense_get_pf_states();
+ for ($i = 0; $states != NULL && $i < count($states); $i++) {
+ $nodes[$states[$i]['creatorid']] = 1;
+ }
+ foreach ($nodes as $node => $nenabled) {
+ echo "<li>$node</li>";
}
?>
</ul>
diff --git a/src/usr/local/www/system_gateway_groups_edit.php b/src/usr/local/www/system_gateway_groups_edit.php
index e875ffa..c083794 100644
--- a/src/usr/local/www/system_gateway_groups_edit.php
+++ b/src/usr/local/www/system_gateway_groups_edit.php
@@ -189,21 +189,15 @@ function build_gateway_protocol_map (&$a_gateways) {
return $result;
}
-function build_carp_list() {
- global $carplist, $gateway;
+function build_vip_list($family = 'all') {
$list = array('address' => gettext('Interface Address'));
- foreach ($carplist as $vip => $address) {
- if (($gateway['ipprotocol'] == "inet") && (!is_ipaddrv4($address))) {
- continue;
- }
- if (($gateway['ipprotocol'] == "inet6") && (!is_ipaddrv6($address))) {
- continue;
- }
- if ($gateway['friendlyiface'] == link_carp_interface_to_parent($vip)) {
- $list[$vip] = "$address";
- }
+ $viplist = get_configured_vip_list($family);
+ foreach ($viplist as $vip => $address) {
+ $list[$vip] = "$address";
+ if (get_vip_descr($address))
+ $list[$vip] .= " (". get_vip_descr($address) .")";
}
return($list);
@@ -231,11 +225,16 @@ $section->addInput(new Form_Input(
$pconfig['name']
));
-
-$carplist = get_configured_carp_interface_list();
$row = 0;
$numrows = count($a_gateways) - 1;
+$group = new Form_Group('Gateway Priority');
+$group->add(new Form_StaticText('', ''))->setReadonly();
+$group->add(new Form_StaticText('', ''))->setReadonly();
+$group->add(new Form_StaticText('', ''))->setReadonly();
+$group->add(new Form_StaticText('', ''))->setWidth(3)->setReadonly();
+$section->add($group);
+
foreach ($a_gateways as $gwname => $gateway) {
if (!empty($pconfig['item'])) {
$af = explode("|", $pconfig['item'][0]);
@@ -246,17 +245,19 @@ foreach ($a_gateways as $gwname => $gateway) {
}
}
+ $selected = '0';
+ $vaddress = '';
foreach ((array)$pconfig['item'] as $item) {
$itemsplit = explode("|", $item);
if ($itemsplit[0] == $gwname) {
$selected = $itemsplit[1];
+ if (count($itemsplit) >= 3)
+ $vaddress = $itemsplit[2];
break;
- } else {
- $selected = '0';
}
}
- $group = new Form_Group($row == 0 ? 'Gateway Priority':null);
+ $group = new Form_Group(null);
$group->addClass($gateway['ipprotocol']);
$group->add(new Form_Input(
@@ -264,8 +265,7 @@ foreach ($a_gateways as $gwname => $gateway) {
'Group Name',
'text',
$gateway['name']
- ))->setHelp($row == $numrows ? 'Gateway':null)
- ->setReadonly();
+ ))->setReadonly();
$tr = gettext("Tier");
$group->add(new Form_Select(
@@ -280,38 +280,34 @@ foreach ($a_gateways as $gwname => $gateway) {
'4' => $tr . ' 4',
'5' => $tr . ' 5'
)
- ))->setHelp($row == $numrows ? 'Tier':null)->addClass('row')->addClass($gateway['ipprotocol']);
-
- foreach ((array)$pconfig['item'] as $item) {
- $itemsplit = explode("|", $item);
- if ($itemsplit[0] == $gwname) {
- $selected = $itemsplit[2];
- break;
- } else {
- $selected = "0";
- }
- }
+ ))->addClass('row')->addClass($gateway['ipprotocol']);
$group->add(new Form_Select(
$gwname . '_vip',
'Virtual IP',
- $selected,
- build_carp_list()
- ))->setHelp($row == $numrows ? 'Virtual IP':null);
+ $vaddress,
+ build_vip_list($gateway['ipprotocol'])
+ ));
$group->add(new Form_Input(
'description',
'Group Name',
'text',
$gateway['descr']
- ))->setWidth(3)->setHelp($row == $numrows ? 'Description':null)
- ->setReadonly();
+ ))->setWidth(3)->setReadonly();
$section->add($group);
$row++;
} // e-o-foreach
+$group = new Form_Group(null);
+$group->add(new Form_StaticText('', ''))->setHelp('Gateway')->setReadonly();
+$group->add(new Form_StaticText('', ''))->setHelp('Tier')->setReadonly();
+$group->add(new Form_StaticText('', ''))->setHelp('Virtual IP')->setReadonly();
+$group->add(new Form_StaticText('', ''))->setWidth(3)->setHelp('Description')->setReadonly();
+$section->add($group);
+
$section->addInput(new Form_StaticText(
'Link Priority',
'The priority selected here defines in what order failover and balancing of links will be done. ' .
diff --git a/src/usr/local/www/vpn_ipsec.php b/src/usr/local/www/vpn_ipsec.php
index c4345cb..81f1dfe 100644
--- a/src/usr/local/www/vpn_ipsec.php
+++ b/src/usr/local/www/vpn_ipsec.php
@@ -323,14 +323,11 @@ display_top_tabs($tab_array);
if ($ph1ent['interface']) {
$iflabels = get_configured_interface_with_descr();
- $carplist = get_configured_carp_interface_list();
- foreach ($carplist as $cif => $carpip) {
- $iflabels[$cif] = $carpip." (".get_vip_descr($carpip).")";
- }
-
- $aliaslist = get_configured_ip_aliases_list();
- foreach ($aliaslist as $aliasip => $aliasif) {
- $iflabels[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vip => $address) {
+ $iflabels[$vip] = $address;
+ if (get_vip_descr($address))
+ $iflabels[$vip] .= " (". get_vip_descr($address) .")";
}
$grouplist = return_gateway_groups_array();
diff --git a/src/usr/local/www/vpn_ipsec_phase1.php b/src/usr/local/www/vpn_ipsec_phase1.php
index 5cd751e..aba06f3 100644
--- a/src/usr/local/www/vpn_ipsec_phase1.php
+++ b/src/usr/local/www/vpn_ipsec_phase1.php
@@ -524,16 +524,11 @@ if ($_POST) {
function build_interface_list() {
$interfaces = get_configured_interface_with_descr();
- $carplist = get_configured_carp_interface_list();
-
- foreach ($carplist as $cif => $carpip) {
- $interfaces[$cif] = $carpip . " (" . get_vip_descr($carpip) . ")";
- }
-
- $aliaslist = get_configured_ip_aliases_list();
-
- foreach ($aliaslist as $aliasip => $aliasif) {
- $interfaces[$aliasip] = $aliasip." (".get_vip_descr($aliasip).")";
+ $viplist = get_configured_vip_list();
+ foreach ($viplist as $vip => $address) {
+ $interfaces[$vip] = $address;
+ if (get_vip_descr($address))
+ $interfaces[$vip] .= " (". get_vip_descr($address) .")";
}
$grouplist = return_gateway_groups_array();
diff --git a/src/usr/local/www/xmlrpc.php b/src/usr/local/www/xmlrpc.php
index 559a168..d2d8ded 100755
--- a/src/usr/local/www/xmlrpc.php
+++ b/src/usr/local/www/xmlrpc.php
@@ -244,11 +244,11 @@ function restore_config_section_xmlrpc($raw_params) {
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['content'] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}";
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['interface'] = $vip['interface'];
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"]['subnet'] = $vip['subnet'];
- } else if ($vip['mode'] == "ipalias" && (substr($vip['interface'], 0, 4) == '_vip' || strpos($vip['interface'], "lo0"))) {
+ } else if ($vip['mode'] == "ipalias" && (substr($vip['interface'], 0, 4) == '_vip' || strstr($vip['interface'], "lo0"))) {
$oldvips[$vip['subnet']]['content'] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}";
$oldvips[$vip['subnet']]['interface'] = $vip['interface'];
$oldvips[$vip['subnet']]['subnet'] = $vip['subnet'];
- } else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !(substr($vip['interface'], 0, 4) == '_vip') || strpos($vip['interface'], "lo0")) {
+ } else if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !(substr($vip['interface'], 0, 4) == '_vip') || strstr($vip['interface'], "lo0")) {
$vipbackup[] = $vip;
}
}
OpenPOWER on IntegriCloud