summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/etc/inc/filter.inc8
-rw-r--r--src/etc/inc/services.inc6
-rw-r--r--src/etc/inc/unbound.inc2
-rw-r--r--src/etc/inc/util.inc6
-rwxr-xr-xsrc/etc/rc.newroutedns3
5 files changed, 18 insertions, 7 deletions
diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index c37306e..fb6ac8d 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -1085,7 +1085,8 @@ function filter_get_direct_networks_list($returnsubnetsonly = true) {
}
}
}
- foreach (get_staticroutes() as $netent) {
+ // Add any enabled static routes
+ foreach (get_staticroutes(false, false, true) as $netent) {
if (is_subnet($netent['network'])) {
if ($returnsubnetsonly) {
$networks_arr[] = $netent['network'];
@@ -1602,7 +1603,8 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) {
$tonathosts = array("127.0.0.0/8");
$descriptions = array(gettext("localhost"));
- foreach (get_staticroutes() as $route) {
+ // Add any enabled static routes
+ foreach (get_staticroutes(false, false, true) as $route) {
$netip = explode("/", $route['network']);
if (isset($GatewaysList[$route['gateway']])) {
$gateway =& $GatewaysList[$route['gateway']];
@@ -3711,7 +3713,7 @@ EOD;
*/
if (isset($config['filter']['bypassstaticroutes']) && is_array($config['staticroutes']['route']) && count($config['staticroutes']['route'])) {
$ipfrules .= "# Add rules to bypass firewall rules for static routes\n";
- foreach (get_staticroutes() as $route) {
+ foreach (get_staticroutes(false, false, true) as $route) { // Parameter 3 returnenabledroutesonly
$friendly = $GatewaysList[$route['gateway']]['friendlyiface'];
if (is_array($FilterIflist[$friendly])) {
$oc = $FilterIflist[$friendly];
diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc
index d6c68d6..d7f0221 100644
--- a/src/etc/inc/services.inc
+++ b/src/etc/inc/services.inc
@@ -1774,7 +1774,8 @@ function services_dhcrelay_configure() {
}
}
if (!isset($destif)) {
- foreach (get_staticroutes() as $rtent) {
+ // For each enabled static route
+ foreach (get_staticroutes(false, false, true) as $rtent) {
if (ip_in_subnet($srvip, $rtent['network'])) {
$a_gateways = return_gateways_array(true);
$destif = $a_gateways[$rtent['gateway']]['interface'];
@@ -1907,6 +1908,9 @@ function services_dhcrelay6_configure() {
if (!isset($destif)) {
if (is_array($config['staticroutes']['route'])) {
foreach ($config['staticroutes']['route'] as $rtent) {
+ if (isset($rtent['disabled'])) {
+ continue;
+ }
if (ip_in_subnet($srvip, $rtent['network'])) {
$a_gateways = return_gateways_array(true);
$destif = $a_gateways[$rtent['gateway']]['interface'];
diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index d8f4849..f4575ec 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -747,7 +747,7 @@ function unbound_acls_config($cfgsubdir = "") {
// add for IPv6 static routes to local networks
// for safety, we include only routes reachable on an interface with no
// gateway specified - read: not an Internet connection.
- $static_routes = get_staticroutes();
+ $static_routes = get_staticroutes(false, false, true); // Parameter 3 returnenabledroutesonly
foreach ($static_routes as $route) {
if ((lookup_gateway_interface_by_name($route['gateway']) == $ubif) && !interface_has_gateway($ubif)) {
// route is on this interface, interface doesn't have gateway, add it
diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc
index e74001a..d7094be 100644
--- a/src/etc/inc/util.inc
+++ b/src/etc/inc/util.inc
@@ -2362,7 +2362,7 @@ function explode_assoc($delimiter, $string) {
return $result;
}
-function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false) {
+function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false, $returnenabledroutesonly = false) {
global $config, $aliastable;
/* Bail if there are no routes, but return an array always so callers don't have to check. */
@@ -2374,6 +2374,10 @@ function get_staticroutes($returnsubnetsonly = false, $returnhostnames = false)
$allsubnets = array();
/* Loop through routes and expand aliases as we find them. */
foreach ($config['staticroutes']['route'] as $route) {
+ if ($returnenabledroutesonly && isset($route['disabled'])) {
+ continue;
+ }
+
if (is_alias($route['network'])) {
if (!isset($aliastable[$route['network']])) {
continue;
diff --git a/src/etc/rc.newroutedns b/src/etc/rc.newroutedns
index 8ae48c3..e6457ef 100755
--- a/src/etc/rc.newroutedns
+++ b/src/etc/rc.newroutedns
@@ -63,7 +63,8 @@ if (file_exists("{$g['varrun_path']}/booting")) {
return;
}
-$staticroutes = get_staticroutes();
+// Get enabled static routes
+$staticroutes = get_staticroutes(false, false, true);
if (count($staticroutes)) {
log_error("Static Routes: One or more aliases used for routing has changed its IP. Refreshing.");
OpenPOWER on IntegriCloud