diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/cmd_chain.inc | 132 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 65 |
2 files changed, 18 insertions, 179 deletions
diff --git a/etc/inc/cmd_chain.inc b/etc/inc/cmd_chain.inc deleted file mode 100644 index 4c1e69e..0000000 --- a/etc/inc/cmd_chain.inc +++ /dev/null @@ -1,132 +0,0 @@ -<?php -/* $Id$ */ -/* - cmd_chain.inc - Part of pfSense - Copyright (C) 2008 Scott Ullrich - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - - pfSense_MODULE: utils -*/ - -/* - * HANDY FOR STAND ALONE DEBUGGING OF CLASS. - * - - function log_error($text) { - echo $text . "\n"; - } - -*/ - -/* - * CmdCHAIN allows a chaining of commands into one call. - * If debugging is enabled verbose logging is applied. - * During the command(s) execution if it fails the result - * will be reported to syslog so that the problem can be reported. - */ -Class CmdCHAIN { - - var $cmd_chain_array = array(); - var $is_debugging; - var $halt_on_errors = true; - - /* clear() erases the current cmdchain */ - function clear() { - unset($cmd_chain_array); - $this->cmd_chain_array = array(); - } - - /* enables log_error() of each command we run */ - function setdebug() { - $this->is_debugging = true; - } - - /* no halt execution of CmdCHAIN if there is a failure */ - function nohaltonerror() { - $this->halt_on_errors = false; - } - - /* halts execution of CmdCHAIN if there is a failure */ - function sethaltonerror() { - $this->halt_on_errors = true; - } - - /* adds a command to the CmdCHAIN */ - function add($cmd_title = "", $command = "", $ignore_return_text = false) { - if(!$cmd_title) - return; - if(!$command) - return; - $temp = array(); - $temp['cmd_title'] = $cmd_title; - $temp['command'] = $command; - if($ignore_return_text) - $temp['ignore_return_text'] = true; - else - $temp['ignore_return_text'] = false; - $this->cmd_chain_array[] = $temp; // add array to class - return array(); - } - - /* executes the CmdCHAIN one command at a time */ - function execute() { - foreach($this->cmd_chain_array as $cmd) { - $cmd_title = $cmd['cmd_title']; - $command = $cmd['command']; - $ignore_return_text = $cmd['ignore_return_text']; - // Should we perform verbose debugging? - if($this->is_debugging == true) { - log_error(sprintf(gettext('CmdCHAIN is executing -> %1$s - %2$s'), $cmd_title, $command)); - usleep(100); // give network stack time to deliver network syslog message - } - // Execute command - $status = exec($command); - if($this->ignore_return_text == true) - continue; - if(intval($status) <> 0) { - log_error(sprintf(gettext('%1$s failed with return code -> %2$s. The command was %3$s'), $cmd_title, $status, $command)); - if($this->halt_on_errors == true) - return(sprintf(gettext('%1$s failed with return code -> %2$s. The command was %3$s'), $cmd_title, $status, $command)); - } - } - return; - } -} - -/* - * example usage: - * - -$cmdchain = new CmdCHAIN(); -$cmdchain->add("grab freebsd version", "uname -a", false); -$cmdchain->setdebug(); // optional for verbose logging -$cmdchain->nohaltonerror(); // tells cmdchain to keep processing commands if any of them fail -$cmdchain->execute(); - -$cmdchain->clear(); // clears the previous added entries - -*/ - -?> diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 3b6d6c5..07d621d 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -44,7 +44,6 @@ /* include all configuration functions */ require_once("globals.inc"); -require_once("cmd_chain.inc"); require_once("util.inc"); require_once("gwlb.inc"); @@ -1753,24 +1752,18 @@ EOD; function interfaces_carp_setup() { global $g, $config; - $balanacing = ""; - $pfsyncinterface = ""; - $pfsyncenabled = ""; - if(isset($config['system']['developerspew'])) { + if (isset($config['system']['developerspew'])) { $mt = microtime(); echo "interfaces_carp_setup() being called $mt\n"; } - // Prepare CmdCHAIN that will be used to execute commands. - $cmdchain = new CmdCHAIN(); - if ($g['booting']) { echo gettext("Configuring CARP settings..."); mute_kernel_msgs(); } /* suck in configuration items */ - if($config['hasync']) { + if ($config['hasync']) { $pfsyncenabled = $config['hasync']['pfsyncenabled']; $balanacing = $config['hasync']['balancing']; $pfsyncinterface = $config['hasync']['pfsyncinterface']; @@ -1781,46 +1774,30 @@ function interfaces_carp_setup() { unset($pfsyncenabled); } - if($balanacing) { - $cmdchain->add(gettext("Enable CARP ARP-balancing"), "/sbin/sysctl net.inet.carp.arpbalance=1", true); - $cmdchain->add(gettext("Disallow CARP preemption"), "/sbin/sysctl net.inet.carp.preempt=0", true); + if ($balanacing) { + mwexec("/sbin/sysctl net.inet.carp.arpbalance=1", true); + mwexec("/sbin/sysctl net.inet.carp.preempt=0", true); } else - $cmdchain->add(gettext("Enable CARP preemption"), "/sbin/sysctl net.inet.carp.preempt=1", true); + mwexec("/sbin/sysctl net.inet.carp.preempt=1", true); - $cmdchain->add(gettext("Enable CARP logging"), "/sbin/sysctl net.inet.carp.log=1", true); + mwexec("sbin/sysctl net.inet.carp.log=1", true); if (!empty($pfsyncinterface)) $carp_sync_int = get_real_interface($pfsyncinterface); - - if($g['booting']) { - /* install rules to alllow pfsync to sync up during boot - * carp interfaces will remain down until the bootup sequence finishes - */ - $fd = fopen("{$g['tmp_path']}/rules.boot", "w"); - if ($fd) { - fwrite($fd, "block quick proto carp \n"); - fwrite($fd, "block quick proto pfsync \n"); - fwrite($fd, "pass out quick from any to any keep state\n"); - fclose($fd); - mwexec("/sbin/pfctl -f {$g['tmp_path']}/rules.boot"); - } else - log_error(gettext("Could not create rules.boot file!")); - } + else + unset($carp_sync_int); /* setup pfsync interface */ - if($carp_sync_int and $pfsyncenabled) { + if ($carp_sync_int and $pfsyncenabled) { if (is_ipaddr($pfsyncpeerip)) - $cmdchain->add(gettext("Bring up pfsync0 syncpeer"), "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false); + mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} syncpeer {$pfsyncpeerip} up", false); else - $cmdchain->add(gettext("Bring up pfsync0 syncdev"), "/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false); - } else - $cmdchain->add(gettext("Bring up pfsync0"), "/sbin/ifconfig pfsync0 syncdev lo0 up", false); + mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up", false); - sleep(1); + sleep(1); - /* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issues - * for existing sessions. - */ - if ($config['hasync']['pfsyncenabled'] === "on"){ + /* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issues + * for existing sessions. + */ log_error("waiting for pfsync..."); $i = 0; while (intval(trim(`/sbin/ifconfig pfsync0 | /usr/bin/grep 'syncok: 0' | /usr/bin/grep -v grep | /usr/bin/wc -l`)) == 0 && $i < 30) { @@ -1832,16 +1809,10 @@ function interfaces_carp_setup() { } if($config['virtualip']['vip']) - $cmdchain->add(gettext("Allow CARP."), "/sbin/sysctl net.inet.carp.allow=1", true); + mwexec("/sbin/sysctl net.inet.carp.allow=1", true); else - $cmdchain->add(gettext("Disallow CARP."), "/sbin/sysctl net.inet.carp.allow=0", true); + mwexec("/sbin/sysctl net.inet.carp.allow=0", true); - if($g['debug']) - $cmdchain->setdebug(); // optional for verbose logging - - $cmdchain->execute(); - $cmdchain->clear(); - if ($g['booting']) { unmute_kernel_msgs(); echo gettext("done.") . "\n"; |