diff options
-rw-r--r-- | etc/inc/pfsense-utils.inc | 16 | ||||
-rw-r--r-- | usr/local/www/firewall_virtual_ip_edit.php | 9 |
2 files changed, 21 insertions, 4 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 3892ba6..acca2df 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -2510,6 +2510,7 @@ function load_mac_manufacturer_table() { * is_ipaddr_configured * INPUTS * IP Address to check. + * If ignore_if is a VIP (not carp), vip array index is passed after string _virtualip * RESULT * returns true if the IP Address is * configured and present on this device. @@ -2517,6 +2518,15 @@ function load_mac_manufacturer_table() { function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $check_subnets = false) { global $config; + $pos = strpos($ignore_if, '_virtualip'); + if ($pos !== false) { + $ignore_vip_id = substr($ignore_if, $pos+10); + $ignore_vip_if = substr($ignore_if, 0, $pos); + } else { + $ignore_vip_id = -1; + $ignore_vip_if = $ignore_if; + } + $isipv6 = is_ipaddrv6($ipaddr); if ($check_subnets) { @@ -2543,8 +2553,7 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $interface_list_ips = get_configured_ip_addresses(); foreach($interface_list_ips as $if => $ilips) { - /* Also ignore CARP interfaces, it'll be checked below */ - if ($ignore_if == $if || strstr($ignore_if, "_vip")) + if ($ignore_if == $if) continue; if (strcasecmp($ipaddr, $ilips) == 0) return true; @@ -2553,7 +2562,8 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false, $interface_list_vips = get_configured_vips_list(true); foreach ($interface_list_vips as $id => $vip) { - if ($ignore_if == $vip['if']) + /* Skip CARP interfaces here since they were already checked above */ + if ($id == $ignore_vip_id || (strstr($ignore_if, '_vip') && $ignore_vip_if == $vip['if'])) continue; if (strcasecmp($ipaddr, $vip['ipaddr']) == 0) return true; diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 049b99f..9f4413c 100644 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -119,13 +119,20 @@ if ($_POST) { if (isset($id) && isset($a_vip[$id])) { $ignore_if = $a_vip[$id]['interface']; $ignore_mode = $a_vip[$id]['mode']; + if (isset($a_vip[$id]['vhid'])) + $ignore_vhid = $a_vip[$id]['vhid']; } else { $ignore_if = $_POST['interface']; $ignore_mode = $_POST['mode']; } + if (!isset($ignore_vhid)) + $ignore_vhid = $_POST['vhid']; + if ($ignore_mode == 'carp') - $ignore_if .= "_vip{$id}"; + $ignore_if .= "_vip{$ignore_vhid}"; + else + $ignore_if .= "_virtualip{$id}"; if (is_ipaddr_configured($_POST['subnet'], $ignore_if)) $input_errors[] = gettext("This IP address is being used by another interface or VIP."); |