summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--etc/inc/filter.inc5
-rw-r--r--etc/inc/interfaces.inc64
-rw-r--r--etc/inc/openvpn.inc2
-rw-r--r--etc/inc/pfsense-utils.inc8
-rw-r--r--etc/inc/util.inc21
-rw-r--r--etc/inc/vpn.inc6
-rwxr-xr-xetc/rc.carpbackup7
-rwxr-xr-xetc/rc.carpmaster9
-rwxr-xr-xusr/local/www/carp_status.php5
-rw-r--r--usr/local/www/widgets/widgets/carp_status.widget.php5
10 files changed, 76 insertions, 56 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 4c35659..7b62d39 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -3481,7 +3481,10 @@ function filter_generate_ipsec_rules() {
}
}
- $parentinterface = $ph1ent['interface'];
+ if (strstr($ph1ent['interface'], "_vip"))
+ list($parentinterface, $vhid) = explode("_vhid", $ph1ent['interface']);
+ else
+ $parentinterface = $ph1ent['interface'];
if (empty($FilterIflist[$parentinterface]['descr'])) {
$ipfrules .= "# Could not locate interface for IPsec: {$descr}\n";
continue;
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 6703666..967326f 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -99,6 +99,7 @@ function does_vip_exist($vip) {
switch ($vip['mode']) {
case "carp":
case "ipalias":
+ /* XXX: Make proper checks? */
$realif = get_real_interface($vip['interface']);
if (!does_interface_exist($realif)) {
return false;
@@ -427,7 +428,7 @@ function interfaces_bridge_configure($checkmember = 0) {
if(empty($bridge['bridgeif']))
$bridge['bridgeif'] = "bridge{$i}";
if ($checkmember == 1) {
- if (strstr($bridge['if'], "@"))
+ if (strstr($bridge['if'], "_vip"))
continue;
$members = explode(',', $bridge['members']);
foreach ($members as $member) {
@@ -436,7 +437,7 @@ function interfaces_bridge_configure($checkmember = 0) {
}
}
else if ($checkmember == 2) {
- if (strstr($bridge['if'], "@"))
+ if (strstr($bridge['if'], "_vip"))
continue;
$members = explode(',', $bridge['members']);
foreach ($members as $member) {
@@ -814,13 +815,13 @@ function interfaces_gre_configure($checkparent = 0) {
if(empty($gre['greif']))
$gre['greif'] = "gre{$i}";
if ($checkparent == 1) {
- if (strstr($gre['if'], "@"))
+ if (strstr($gre['if'], "_vip"))
continue;
if (!empty($config['interfaces'][$gre['if']]) && $config['interfaces'][$gre['if']]['ipaddrv6'] == "track6")
continue;
}
else if ($checkparent == 2) {
- if (strstr($gre['if'], "@"))
+ if (strstr($gre['if'], "_vip"))
continue;
if (empty($config['interfaces'][$gre['if']]) || $config['interfaces'][$gre['if']]['ipaddrv6'] != "track6")
continue;
@@ -888,13 +889,13 @@ function interfaces_gif_configure($checkparent = 0) {
if(empty($gif['gifif']))
$gre['gifif'] = "gif{$i}";
if ($checkparent == 1) {
- if (strstr($gif['if'], "@"))
+ if (strstr($gif['if'], "_vip"))
continue;
if (!empty($config['interfaces'][$gif['if']]) && $config['interfaces'][$gif['if']]['ipaddrv6'] == "track6")
continue;
}
else if ($checkparent == 2) {
- if (strstr($gif['if'], "@"))
+ if (strstr($gif['if'], "_vip"))
continue;
if (empty($config['interfaces'][$gif['if']]) || $config['interfaces'][$gif['if']]['ipaddrv6'] != "track6")
continue;
@@ -1148,6 +1149,7 @@ function interface_vip_bring_down($vip) {
}
break;
case "carp":
+ /* XXX: Is enough to delete ip address? */
if (does_interface_exist($vipif))
pfSense_interface_deladdress($vipif, $vip['subnet']);
break;
@@ -4011,16 +4013,6 @@ function get_current_wan_address($interface = "wan") {
function convert_real_interface_to_friendly_interface_name($interface = "wan") {
global $config;
- if (stristr($interface, "@")) {
- foreach ($config['virtualip']['vip'] as $counter => $vip) {
- if ($vip['mode'] == "carp") {
- $carpif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
- if ($interface == $carpif)
- return $vip['interface'];
- }
- }
- }
-
/* XXX: For speed reasons reference directly the interface array */
$ifdescrs = &$config['interfaces'];
//$ifdescrs = get_configured_interface_list(false, true);
@@ -4072,12 +4064,11 @@ function convert_friendly_interface_to_friendly_descr($interface) {
else
$ifdesc = strtoupper($config['interfaces'][$interface]['descr']);
break;
- } else if (stristr($interface, "@")) {
+ } else if (stristr($interface, "_vip")) {
if (is_array($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $counter => $vip) {
if ($vip['mode'] == "carp") {
- $carpif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
- if ($interface == $carpif)
+ if ($interface == "{$vip['interface']}_vip{$vip['vhid']}")
return "{$vip['subnet']} - {$vip['descr']}";
}
}
@@ -4765,8 +4756,8 @@ function ip_in_interface_alias_subnet($interface, $ipalias) {
function get_interface_ip($interface = "wan") {
$realif = get_failover_interface($interface);
if (!$realif) {
- if (preg_match("/^carp/i", $interface))
- $realif = $interface;
+ if (strstr($interface, "_vip"))
+ return get_configured_carp_interface_list($interface);
else
return null;
}
@@ -4782,8 +4773,12 @@ function get_interface_ipv6($interface = "wan", $flush = false) {
global $config;
$realif = get_failover_interface($interface, "inet6");
- if (!$realif)
- return null;
+ if (!$realif) {
+ if (strstr($interface, "_vip"))
+ return get_configured_carp_interface_list($interface, "inet6");
+ else
+ return null;
+ }
/*
* NOTE: On the case when only the prefix is requested,
@@ -4817,9 +4812,10 @@ function get_interface_linklocal($interface = "wan") {
$realif = get_failover_interface($interface, "inet6");
if (!$realif) {
- if (preg_match("/^carp/i", $interface))
- $realif = $interface;
- else
+ if (strstr($interface, "_vip")) {
+ list($interface, $vhid) = explode("_vip", $interface);
+ $realif = get_real_interface($interface);
+ } else
return null;
}
@@ -4833,9 +4829,10 @@ function get_interface_linklocal($interface = "wan") {
function get_interface_subnet($interface = "wan") {
$realif = get_real_interface($interface);
if (!$realif) {
- if (preg_match("/^carp/i", $interface))
- $realif = $interface;
- else
+ if (strstr($interface, "_vip")) {
+ list($interface, $vhid) = explode("_vip", $interface);
+ $realif = get_real_interface($interface);
+ } else
return null;
}
@@ -4850,8 +4847,13 @@ function get_interface_subnetv6($interface = "wan") {
global $config;
$realif = get_real_interface($interface, "inet6");
- if (!$realif)
- return null;
+ if (!$realif) {
+ if (strstr($interface, "_vip")) {
+ list($interface, $vhid) = explode("_vip", $interface);
+ $realif = get_real_interface($interface);
+ } else
+ return null;
+ }
$cursn = find_interface_subnetv6($realif);
if (!empty($cursn))
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 649baad..da4f5ce 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -811,7 +811,7 @@ function openvpn_restart($mode, $settings) {
return;
/* Do not start a client if we are a CARP backup on this vip! */
- if (($mode == "client") && (strstr($settings['interface'], "@") && get_carp_interface_status($settings['interface']) == "BACKUP"))
+ if (($mode == "client") && (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) == "BACKUP"))
return;
/* Check if client is bound to a gateway group */
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 0f75a3a..52ca57b 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -326,7 +326,8 @@ function get_carp_interface_status($carpinterface) {
$carp_query = "";
/* XXX: Need to fidn a better way for this! */
- list ($interface, $vhid) = explode('@', $carpinterface);
+ list ($interface, $vhid) = explode("_vip", $carpinterface);
+ $interface = get_real_interface($interface);
exec("/sbin/ifconfig $interface | /usr/bin/grep -v grep | /usr/bin/grep carp: | /usr/bin/grep 'vhid {$vhid}'", $carp_query);
foreach($carp_query as $int) {
if(stristr($int, "MASTER"))
@@ -2534,17 +2535,16 @@ function is_ipaddr_configured($ipaddr, $ignore_if = "", $check_localip = false,
foreach($interface_list_ips as $if => $ilips) {
/* Also ignore CARP interfaces, it'll be checked below */
- if ($ignore_if == $if)
+ if ($ignore_if == $if || strstr($ignore_if, "_vip"))
continue;
if (strcasecmp($ipaddr, $ilips) == 0)
return true;
}
}
- /* XXX: Need to correct this! */
$interface_list_vips = get_configured_vips_list(true);
foreach ($interface_list_vips as $id => $vip) {
- if ($ignore_if == "vip_{$id}")
+ if ($ignore_if == $vip['if'])
continue;
if (strcasecmp($ipaddr, $vip['ipaddr']) == 0)
return true;
diff --git a/etc/inc/util.inc b/etc/inc/util.inc
index 69fcbf5..67646a3 100644
--- a/etc/inc/util.inc
+++ b/etc/inc/util.inc
@@ -800,7 +800,7 @@ function is_inrange($test, $start, $end) {
}
/* XXX: return the configured carp interface list */
-function get_configured_carp_interface_list() {
+function get_configured_carp_interface_list($carpinterface = "", $family = "inet") {
global $config;
$iflist = array();
@@ -810,8 +810,16 @@ function get_configured_carp_interface_list() {
foreach ($viparr as $vip) {
switch ($vip['mode']) {
case "carp":
- $vipif = get_real_interface($vip['interface']) . "@{$vip['vhid']}";
- $iflist[$vipif] = $vip['subnet'];
+ if (!empty($carpinterface)) {
+ if ($carpinterface == "{$vip['interface']}_vip{$vip['vhid']}") {
+ if ($family == "inet" && is_ipaddrv4($vip['subnet']))
+ return $vip['subnet'];
+ else if ($family == "inet6" && is_ipaddrv6($vip['subnet']))
+ return $vip['subnet'];
+ }
+ } else {
+ $iflist["{$vip['interface']}_vip{$vip['vhid']}"] = $vip['subnet'];
+ }
break;
}
}
@@ -849,8 +857,11 @@ function get_configured_vips_list() {
if(is_array($config['virtualip']['vip'])) {
$viparr = &$config['virtualip']['vip'];
- foreach ($viparr as $vip)
- $alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
+ foreach ($viparr as $vip) {
+ if ($vip['mode'] == "carp")
+ $alias_list[] = array("ipaddr" => $vip['subnet'], "if" => "$vip['interface']}_vip{$vip['vhid']}");
+ else
+ $alias_list[] = array("ipaddr" => $vip['subnet'], "if" => $vip['interface']);
}
return $alias_list;
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 6d31b50..4c12f30 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -905,6 +905,7 @@ EOD;
}
/* static route needed? */
+ $vip = "";
if (is_ipaddr($ph1ent['interface'])) {
$vip = find_virtual_ip_alias($ph1ent['interface']);
$parentinterface = $vip['interface'];
@@ -915,7 +916,10 @@ EOD;
/* add endpoint routes to correct gateway on interface */
if (interface_has_gateway($parentinterface)) {
$gatewayip = get_interface_gateway("$parentinterface");
- $interfaceip = get_interface_ip($parentinterface);
+ if (empty($vip))
+ $interfaceip = get_interface_ip($parentinterface);
+ else
+ $interfaceip = $vip['subnet'];
$subnet_bits = get_interface_subnet($parentinterface);
$subnet_ip = gen_subnet("{$interfaceip}", "{$subnet_bits}");
/* if the remote gateway is in the local subnet, then don't add a route */
diff --git a/etc/rc.carpbackup b/etc/rc.carpbackup
index 0068589..9e469c3 100755
--- a/etc/rc.carpbackup
+++ b/etc/rc.carpbackup
@@ -42,8 +42,9 @@ if (!strstr($argument, "@"))
list($vhid, $iface) = explode("@", $argument);
$friendly = convert_real_interface_to_friendly_interface_name($iface);
-$friendly_descr = convert_friendly_interface_to_friendly_descr($friendly);
-$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "BACKUP"', $argument, $friendly_descr);
+$carp_iface = "{$friendly}_vip{$vhid}";
+$friendly_descr = convert_friendly_interface_to_friendly_descr($carp_iface);
+$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "BACKUP" for vhid %s', $argument, $friendly_descr, $vhid);
notify_via_smtp($notificationmsg);
notify_via_growl($notificationmsg);
@@ -53,7 +54,7 @@ log_error($notificationmsg);
global $config;
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'])) {
foreach ($config['openvpn']['openvpn-client'] as $settings) {
- if ($settings['interface'] == $friendly) {
+ if ($settings['interface'] == $carp_iface) {
log_error("Stopping OpenVPN client instance on {$friendly_descr} because of transition to CARP backup.");
openvpn_restart('client', $settings);
}
diff --git a/etc/rc.carpmaster b/etc/rc.carpmaster
index d4c122e..5bae592 100755
--- a/etc/rc.carpmaster
+++ b/etc/rc.carpmaster
@@ -42,8 +42,9 @@ if (!strstr($argument, "@"))
list($vhid, $iface) = explode("@", $argument);
$friendly = convert_real_interface_to_friendly_interface_name($iface);
-$friendly_descr = convert_friendly_interface_to_friendly_descr($friendly);
-$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "MASTER"', $argument, $friendly_descr);
+$carp_iface = "{$friendly}_vip${vhid}";
+$friendly_descr = convert_friendly_interface_to_friendly_descr($carp_iface);
+$notificationmsg = sprintf('Carp cluster member "%2$s (%1$s)" has resumed the state "MASTER" for vhid %s', $argument, $friendly_descr, $vhid);
notify_via_smtp($notificationmsg);
notify_via_growl($notificationmsg);
@@ -53,7 +54,7 @@ log_error($notificationmsg);
global $config;
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'])) {
foreach ($config['openvpn']['openvpn-client'] as $settings) {
- if ($settings['interface'] == $friendly) {
+ if ($settings['interface'] == $carp_iface) {
log_error("Starting OpenVPN client instance on {$friendly_descr} because of transition to CARP master.");
openvpn_restart('client', $settings);
}
@@ -61,7 +62,7 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'
}
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) {
foreach ($config['openvpn']['openvpn-server'] as $settings) {
- if ($settings['interface'] == $friendly) {
+ if ($settings['interface'] == $carp_iface) {
log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master.");
openvpn_restart('server', $settings);
}
diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php
index 5129047..9967484 100755
--- a/usr/local/www/carp_status.php
+++ b/usr/local/www/carp_status.php
@@ -148,8 +148,7 @@ include("head.inc");
$vhid = $carp['vhid'];
$advskew = $carp['advskew'];
$advbase = $carp['advbase'];
- $carp_int = get_real_interface($carp['interface']) . "@{$carp['vhid']}";
- $status = get_carp_interface_status($carp_int);
+ $status = get_carp_interface_status("{$carp['interface']}_vip{$carp['vhid']}");
echo "<tr>";
$align = "valign='middle'";
if($carp_enabled == false) {
@@ -164,7 +163,7 @@ include("head.inc");
$icon = "<img {$align} src='/themes/".$g['theme']."/images/icons/icon_log.gif'>";
}
}
- echo "<td class=\"listlr\"><center>" . $carp_int . "&nbsp;</td>";
+ echo "<td class=\"listlr\"><center>" . convert_friendly_interface_to_friendly_descr($carp['interface']) . "@{$vhid} &nbsp;</td>";
echo "<td class=\"listlr\"><center>" . $ipaddress . "&nbsp;</td>";
echo "<td class=\"listlr\"><center>{$icon}&nbsp;&nbsp;" . $status . "&nbsp;</td>";
echo "</tr>";
diff --git a/usr/local/www/widgets/widgets/carp_status.widget.php b/usr/local/www/widgets/widgets/carp_status.widget.php
index e7cff99..3b52fd8 100644
--- a/usr/local/www/widgets/widgets/carp_status.widget.php
+++ b/usr/local/www/widgets/widgets/carp_status.widget.php
@@ -49,14 +49,13 @@ $carp_enabled = get_carp_status();
$netmask = $carp['subnet_bits'];
$vhid = $carp['vhid'];
$advskew = $carp['advskew'];
- $carp_int = get_real_interface($carp['interface']) . "@{$carp['vhid']}";
- $status = get_carp_interface_status($carp_int);
+ $status = get_carp_interface_status("{$carp['interface']}_vip{$vhid}");
?>
<tr>
<td class="vncellt" width="35%">
<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_cablenic.gif" alt="cablenic" />&nbsp;
<strong><a href="/system_hasync.php">
- <span style="color:#000000"><?=htmlspecialchars($carp_int);?></span></a></strong>
+ <span style="color:#000000"><?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($carp['interface']) . "@{$vhid}");?></span></a></strong>
</td>
<td width="65%" class="listr">
<?php
OpenPOWER on IntegriCloud