From 0a532641b4c9875b7ec5ab5869545b8407baf4a3 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Sun, 3 Feb 2008 05:06:05 +0000
Subject: Do not load CARP IP address if we cannot find a matching subnet on a
 real interface.

---
 etc/inc/interfaces.inc | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 053b163..2a933c5 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -437,6 +437,21 @@ function interfaces_carp_configure() {
 		if ($vip['mode'] == "carp") {
 			$vip_password = $vip['password'];
 			$vip_password = str_replace(" ", "", $vip_password);
+			
+			/* ensure CARP IP really exists prior to loading up */
+			$found = false;
+			$iflist = array("lan", "wan");
+			for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
+				$iflist['opt' . $i] = 'opt' . $i;
+			foreach($iflist as $if) {
+				$ww_subnet_ip = $config['interfaces'][$if]['ipaddr'];
+				$ww_subnet_bits = $config['interfaces'][$if]['subnet'];
+				if (ip_in_subnet($vip['subnet'], gen_subnet($ww_subnet_ip, $ww_subnet_bits) . "/" . $ww_subnet_bits))
+					$found = true;
+			}
+			if($found == false)
+					continue;			
+			
 			/* create the carp interface and setup */
 			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create");
 
-- 
cgit v1.1