summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/openvpn.inc4
-rwxr-xr-xetc/rc.carpbackup10
-rwxr-xr-xetc/rc.carpmaster10
3 files changed, 24 insertions, 0 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 9729217..01a6f6a 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -672,6 +672,10 @@ function openvpn_restart($mode, $settings) {
if (isset($settings['disable']))
return;
+ /* Do not start if we are a CARP backup on this vip! */
+ if ((substr($settings['interface'], 0, 3) == "vip") && (get_carp_interface_status($settings['interface']) == "BACKUP"))
+ return;
+
/* start the new process */
$fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf";
mwexec_bg("/usr/local/sbin/openvpn --config {$fpath}");
diff --git a/etc/rc.carpbackup b/etc/rc.carpbackup
index 68f4e2c..165dd9e 100755
--- a/etc/rc.carpbackup
+++ b/etc/rc.carpbackup
@@ -32,10 +32,20 @@
require_once("functions.inc");
require_once("config.inc");
require_once("notices.inc");
+require_once("openvpn.inc");
$notificationmsg = "A carp cluster member has resumed the state 'BACKUP'";
notify_via_smtp($notificationmsg);
notify_via_growl($notificationmsg);
+/* Stop OpenVPN clients running on this VIP, since multiple active OpenVPN clients on a CARP cluster can be problematic. */
+global $config;
+foreach ($config['openvpn']['openvpn-client'] as $settings) {
+ if ($settings['interface'] == $argv[1]) {
+ log_error("Stopping OpenVPN instance on {$settings['interface']} because of transition to CARP backup.");
+ openvpn_restart('client', $settings);
+ }
+}
+
?> \ No newline at end of file
diff --git a/etc/rc.carpmaster b/etc/rc.carpmaster
index 5b85e03..aaac868 100755
--- a/etc/rc.carpmaster
+++ b/etc/rc.carpmaster
@@ -32,10 +32,20 @@
require_once("functions.inc");
require_once("config.inc");
require_once("notices.inc");
+require_once("openvpn.inc");
$notificationmsg = "A carp cluster member has resumed the state 'MASTER'";
notify_via_smtp($notificationmsg);
notify_via_growl($notificationmsg);
+/* Start OpenVPN clients running on this VIP, since they should be in the stopped state while the VIP is CARP Backup. */
+global $config;
+foreach ($config['openvpn']['openvpn-client'] as $settings) {
+ if ($settings['interface'] == $argv[1]) {
+ log_error("Starting OpenVPN instance on {$settings['interface']} because of transition to CARP master.");
+ openvpn_restart('client', $settings);
+ }
+}
+
?> \ No newline at end of file
OpenPOWER on IntegriCloud