diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/etc/inc/filter.inc | 8 | ||||
-rw-r--r-- | src/etc/inc/services.inc | 6 | ||||
-rw-r--r-- | src/etc/inc/unbound.inc | 2 | ||||
-rw-r--r-- | src/etc/inc/util.inc | 6 | ||||
-rwxr-xr-x | src/etc/rc.newroutedns | 3 |
5 files changed, 18 insertions, 7 deletions
diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index c37306e..fb6ac8d 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -1085,7 +1085,8 @@ function filter_get_direct_networks_list($returnsubnetsonly = true) { } } } - foreach (get_staticroutes() as $netent) { + // Add any enabled static routes + foreach (get_staticroutes(false, false, true) as $netent) { if (is_subnet($netent['network'])) { if ($returnsubnetsonly) { $networks_arr[] = $netent['network']; @@ -1602,7 +1603,8 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) { $tonathosts = array("127.0.0.0/8"); $descriptions = array(gettext("localhost")); - foreach (get_staticroutes() as $route) { + // Add any enabled static routes + foreach (get_staticroutes(false, false, true) as $route) { $netip = explode("/", $route['network']); if (isset($GatewaysList[$route['gateway']])) { $gateway =& $GatewaysList[$route['gateway']]; @@ -3711,7 +3713,7 @@ EOD; */ if (isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) { $ipfrules .= "# Add rules to bypass firewall rules for static routes\n"; - foreach (get_staticroutes() as $route) { + foreach (get_staticroutes(false, false, true) as $route) { // Parameter 3 returnenabledroutesonly $friendly = $GatewaysList[$route['gateway']]['friendlyiface']; if (is_array($FilterIflist[$friendly])) { $oc = $FilterIflist[$friendly]; diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index d6c68d6..d7f0221 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -1774,7 +1774,8 @@ function services_dhcrelay_configure() { } } if (!isset($destif)) { - foreach (get_staticroutes() as $rtent) { + // For each enabled static route + foreach (get_staticroutes(false, false, true) as $rtent) { if (ip_in_subnet($srvip, $rtent['network'])) { $a_gateways = return_gateways_array(true); $destif = $a_gateways[$rtent['gateway']]['interface']; @@ -1907,6 +1908,9 @@ function services_dhcrelay6_configure() { if (!isset($destif)) { if (is_array($config['staticroutes']['route'])) { foreach ($config['staticroutes']['route'] as $rtent) { + if (isset($rtent['disabled'])) { + continue; + } if (ip_in_subnet($srvip, $rtent['network'])) { $a_gateways = return_gateways_array(true); $destif = $a_gateways[$rtent['gateway']]['interface']; diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc index d8f4849..f4575ec 100644 --- a/src/etc/inc/unbound.inc +++ b/src/etc/inc/unbound.inc @@ -747,7 +747,7 @@ function unbound_acls_config($cfgsubdir = "") { // add for IPv6 static routes to local networks // for safety, we include only routes reachable on an interface with no // gateway specified - read: not an Internet connection. - $static_routes = get_staticroutes(); + $static_routes = get_staticroutes(false, false, true); // Parameter 3 returnenabledroutesonly foreach ($static_routes as $route) { if ((lookup_gateway_interface_by_name($route['gateway']) == $ubif) && !interface_has_gateway($ubif)) { // route is on this interface, interface doesn't have gateway, add it diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc index e74001a..d7094be 100644 --- a/src/etc/inc/util.inc +++ b/src/etc/inc/util.inc @@ -2362,7 +2362,7 @@ function explode_assoc($delimiter, $string) { return $result; } -function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false) { +function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false, $returnenabledroutesonly = false) { global $config, $aliastable; /* Bail if there are no routes, but return an array always so callers don't have to check. */ @@ -2374,6 +2374,10 @@ function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false) $allsubnets = array(); /* Loop through routes and expand aliases as we find them. */ foreach ($config['staticroutes']['route'] as $route) { + if ($returnenabledroutesonly && isset($route['disabled'])) { + continue; + } + if (is_alias($route['network'])) { if (!isset($aliastable[$route['network']])) { continue; diff --git a/src/etc/rc.newroutedns b/src/etc/rc.newroutedns index 8ae48c3..e6457ef 100755 --- a/src/etc/rc.newroutedns +++ b/src/etc/rc.newroutedns @@ -63,7 +63,8 @@ if (file_exists("{$g['varrun_path']}/booting")) { return; } -$staticroutes = get_staticroutes(); +// Get enabled static routes +$staticroutes = get_staticroutes(false, false, true); if (count($staticroutes)) { log_error("Static Routes: One or more aliases used for routing has changed its IP. Refreshing."); |