diff options
Diffstat (limited to 'src/etc')
-rw-r--r-- | src/etc/inc/filter_log.inc | 15 | ||||
-rw-r--r-- | src/etc/inc/openvpn.inc | 8 | ||||
-rwxr-xr-x | src/etc/rc.carpbackup | 15 | ||||
-rwxr-xr-x | src/etc/rc.carpmaster | 15 |
4 files changed, 36 insertions, 17 deletions
diff --git a/src/etc/inc/filter_log.inc b/src/etc/inc/filter_log.inc index 4e1fd94..8690ee0 100644 --- a/src/etc/inc/filter_log.inc +++ b/src/etc/inc/filter_log.inc @@ -34,8 +34,9 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil return; } + /* Safety belt to ensure we get enough lines for filtering without overloading the parsing code */ if ($filtertext) { - $tail = 5000; + $tail = 10000; } /* Always do a reverse tail, to be sure we're grabbing the 'end' of the log. */ @@ -82,29 +83,29 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil # Construct RegEx for specific log file type. - if ($logfile_type == 'firewall') { + if ($logfile_type == 'firewall') { $pattern = "filterlog:"; } - else if ($logfile_type == 'system') { + else if ($logfile_type == 'system') { $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pid_pattern . "\ +" . $log_message_pattern . "$"; } - else if ($logfile_type == 'vpn_login') { + else if ($logfile_type == 'vpn_login') { $action_pattern = "\(.*?\)"; $type_pattern = "\(.*?\)"; $ip_address_pattern = "\(.*?\)"; $user_pattern = "\(.*?\)"; $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $process_pattern . "\ +" . $action_pattern . "\,\ *" . $type_pattern . "\,\ *" . $ip_address_pattern . "\,\ *" . $user_pattern . "$"; } - else if ($logfile_type == 'vpn_service') { + else if ($logfile_type == 'vpn_service') { $type_pattern = "\(.*?\):"; $pid_pattern = "\(?:process\ +\([0-9:]*\)\)?"; $pattern = "^" . $date_pattern . "\ +" . $host_pattern . "\ +" . $type_pattern . "\ +" . $pid_pattern . "\ *" . $log_message_pattern . "$"; } - else if ($logfile_type == 'unknown') { + else if ($logfile_type == 'unknown') { $pattern = "^" . $date_pattern . "\ +" . $log_message_pattern . "$"; } - else { + else { $pattern = "^\(.*\)$"; } diff --git a/src/etc/inc/openvpn.inc b/src/etc/inc/openvpn.inc index 75321f2..91dc59e 100644 --- a/src/etc/inc/openvpn.inc +++ b/src/etc/inc/openvpn.inc @@ -1100,8 +1100,8 @@ function openvpn_restart($mode, $settings) { return; } - /* Do not start a client if we are a CARP backup on this vip! */ - if (($mode == "client") && (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) != "MASTER")) { + /* Do not start an instance if we are not CARP master on this vip! */ + if (strstr($settings['interface'], "_vip") && get_carp_interface_status($settings['interface']) != "MASTER") { return; } @@ -1209,10 +1209,6 @@ function openvpn_resync_csc(& $settings) { openvpn_add_dhcpopts($settings, $conf); - if ($settings['gwredir']) { - $conf .= "push \"redirect-gateway def1\"\n"; - } - openvpn_add_custom($settings, $conf); /* Loop through servers, find which ones can use this CSC */ if (is_array($config['openvpn']['openvpn-server'])) { diff --git a/src/etc/rc.carpbackup b/src/etc/rc.carpbackup index a1b3a8e..b537411 100755 --- a/src/etc/rc.carpbackup +++ b/src/etc/rc.carpbackup @@ -81,9 +81,20 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client' if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) { foreach ($config['openvpn']['openvpn-server'] as $settings) { + if (substr($settings['interface'], 0, 4) == '_vip') { + $openvpn_vip = $settings['interface']; + } else if (is_array($a_groups[$settings['interface']])) { + // interface is a gateway group, check CARP VIP + if (substr($a_groups[$settings['interface']][0]['vip'], 0, 4) == '_vip') { + $openvpn_vip = $a_groups[$settings['interface']][0]['vip']; + } + } else { + // this OpenVPN instance not on a CARP IP + continue; + } foreach ($vips as $vip) { - if ($settings['interface'] == "_vip{$vip['uniqid']}") { - log_error("Stopping OpenVPN instance on {$friendly_descr} because of transition to CARP backup."); + if ($openvpn_vip == "_vip{$vip['uniqid']}") { + log_error("Stopping OpenVPN server instance on {$friendly_descr} because of transition to CARP backup."); openvpn_restart('server', $settings); } } diff --git a/src/etc/rc.carpmaster b/src/etc/rc.carpmaster index 0b355cc..d536948 100755 --- a/src/etc/rc.carpmaster +++ b/src/etc/rc.carpmaster @@ -80,9 +80,20 @@ if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-client' } if (is_array($config['openvpn']) && is_array($config['openvpn']['openvpn-server'])) { foreach ($config['openvpn']['openvpn-server'] as $settings) { + if (substr($settings['interface'], 0, 4) == '_vip') { + $openvpn_vip = $settings['interface']; + } else if (is_array($a_groups[$settings['interface']])) { + // interface is a gateway group, check CARP VIP + if (substr($a_groups[$settings['interface']][0]['vip'], 0, 4) == '_vip') { + $openvpn_vip = $a_groups[$settings['interface']][0]['vip']; + } + } else { + // this OpenVPN instance not on a CARP IP + continue; + } foreach ($vips as $vip) { - if ($settings['interface'] == "_vip{$vip['uniqid']}") { - log_error("Starting OpenVPN instance on {$friendly_descr} because of transition to CARP master."); + if ($openvpn_vip == "_vip{$vip['uniqid']}") { + log_error("Starting OpenVPN server instance on {$friendly_descr} because of transition to CARP master."); openvpn_restart('server', $settings); } } |