summaryrefslogtreecommitdiffstats
path: root/src/etc
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc')
-rw-r--r--src/etc/inc/filter_log.inc15
-rw-r--r--src/etc/inc/openvpn.inc8
-rwxr-xr-xsrc/etc/rc.carpbackup15
-rwxr-xr-xsrc/etc/rc.carpmaster15
4 files changed, 36 insertions, 17 deletions
diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc
index 4e1fd94..8690ee0 100644
--- a/src/etc/inc/filter_log.inc
+++ b/src/etc/inc/filter_log.inc
@@ -34,8 +34,9 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil
return;
}
+ /* Safety belt to ensure we get enough lines for filtering without overloading the parsing code */
if ($filtertext) {
- $tail = 5000;
+ $tail = 10000;
}
/* Always do a reverse tail, to be sure we're grabbing the 'end' of the log. */
@@ -82,29 +83,29 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil
# Construct RegEx for specific log file type.
- if ($logfile_type == 'firewall') {
+ if ($logfile_type == 'firewall') {
$pattern = "filterlog:";
}
- else if ($logfile_type == 'system') {
+ else if ($logfile_type == 'system') {
$pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $log_message_pattern . "$";
}
- else if ($logfile_type == 'vpn_login') {
+ else if ($logfile_type == 'vpn_login') {
$action_pattern = "\(.*?\)";
$type_pattern = "\(.*?\)";
$ip_address_pattern = "\(.*?\)";
$user_pattern = "\(.*?\)";
$pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pattern . "\ +" . $action_pattern . "\,\ *" . $type_pattern . "\,\ *" . $ip_address_pattern . "\,\ *" . $user_pattern . "$";
}
- else if ($logfile_type == 'vpn_service') {
+ else if ($logfile_type == 'vpn_service') {
$type_pattern = "\(.*?\):";
$pid_pattern = "\(?:process\ +\([0-9:]*\)\)?";
$pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $type_pattern . "\ +" . $pid_pattern . "\ *" . $log_message_pattern . "$";
}
- else if ($logfile_type == 'unknown') {
+ else if ($logfile_type == 'unknown') {
$pattern = "^" . $date_pattern . "\ +" . $log_message_pattern . "$";
}
- else {
+ else {
$pattern = "^\(.*\)$";
}
diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc
index 75321f2..91dc59e 100644
--- a/src/etc/inc/openvpn.inc
+++ b/src/etc/inc/openvpn.inc
@@ -1100,8 +1100,8 @@ function openvpn_restart($mode, $settings) {
return;
}
- /* Do not start a client if we are a CARP backup on this vip! */
- if (($mode == "client") && (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) != "MASTER")) {
+ /* Do not start an instance if we are not CARP master on this vip! */
+ if (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) != "MASTER") {
return;
}
@@ -1209,10 +1209,6 @@ function openvpn_resync_csc(& $settings) {
openvpn_add_dhcpopts($settings, $conf);
- if ($settings['gwredir']) {
- $conf .= "push \"redirect-gateway def1\"\n";
- }
-
openvpn_add_custom($settings, $conf);
/* Loop through servers, find which ones can use this CSC */
if (is_array($config['openvpn']['openvpn-server'])) {
diff --git a/src/etc/rc.carpbackup b/src/etc/rc.carpbackup
index a1b3a8e..b537411 100755
--- a/src/etc/rc.carpbackup
+++ b/src/etc/rc.carpbackup
@@ -81,9 +81,20 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) {
foreach ($config['openvpn']['openvpn-server'] as $settings) {
+ if (substr($settings['interface'], 0, 4) == '_vip') {
+ $openvpn_vip = $settings['interface'];
+ } else if (is_array($a_groups[$settings['interface']])) {
+ // interface is a gateway group, check CARP VIP
+ if (substr($a_groups[$settings['interface']][0]['vip'], 0, 4) == '_vip') {
+ $openvpn_vip = $a_groups[$settings['interface']][0]['vip'];
+ }
+ } else {
+ // this OpenVPN instance not on a CARP IP
+ continue;
+ }
foreach ($vips as $vip) {
- if ($settings['interface'] == "_vip{$vip['uniqid']}") {
- log_error("Stopping OpenVPN instance on {$friendly_descr} because of transition to CARP backup.");
+ if ($openvpn_vip == "_vip{$vip['uniqid']}") {
+ log_error("Stopping OpenVPN server instance on {$friendly_descr} because of transition to CARP backup.");
openvpn_restart('server', $settings);
}
}
diff --git a/src/etc/rc.carpmaster b/src/etc/rc.carpmaster
index 0b355cc..d536948 100755
--- a/src/etc/rc.carpmaster
+++ b/src/etc/rc.carpmaster
@@ -80,9 +80,20 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client'
}
if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) {
foreach ($config['openvpn']['openvpn-server'] as $settings) {
+ if (substr($settings['interface'], 0, 4) == '_vip') {
+ $openvpn_vip = $settings['interface'];
+ } else if (is_array($a_groups[$settings['interface']])) {
+ // interface is a gateway group, check CARP VIP
+ if (substr($a_groups[$settings['interface']][0]['vip'], 0, 4) == '_vip') {
+ $openvpn_vip = $a_groups[$settings['interface']][0]['vip'];
+ }
+ } else {
+ // this OpenVPN instance not on a CARP IP
+ continue;
+ }
foreach ($vips as $vip) {
- if ($settings['interface'] == "_vip{$vip['uniqid']}") {
- log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master.");
+ if ($openvpn_vip == "_vip{$vip['uniqid']}") {
+ log_error("Starting OpenVPN server instance on {$friendly_descr} because of transition to CARP master.");
openvpn_restart('server', $settings);
}
}
OpenPOWER on IntegriCloud