From 25fec9b35a8e5c84778358100ca326b72ac3eec5 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 28 Sep 2010 11:12:37 -0400
Subject: Test before working on what could be an empty value, otherwise it
 ends up set and causing an unexpected duplication. Fixes duplicate groups
 when editing users, as reported here:
 http://forum.pfsense.org/index.php/topic,26612.0.html

---
 etc/inc/auth.inc | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'etc')

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index f5c84d8..ac1e4ec 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -454,6 +454,8 @@ function local_user_set_groups($user, $new_groups = NULL ) {
 	foreach ($cur_groups as $groupname) {
 		if (in_array($groupname,$new_groups))
 			continue;
+		if (!isset($config['system']['group'][$groupindex[$groupname]]))
+			continue;
 		$group = & $config['system']['group'][$groupindex[$groupname]];
 		if (is_array($group['member'])) {
 			$index = array_search($user['uid'], $group['member']);
-- 
cgit v1.1


From 2f13b10c145bb9677adcd91745870f036190d1a7 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 28 Sep 2010 18:29:25 -0400
Subject: Carry aliases around as a global so that discover_pkg_rules() can see
 aliases/macros, otherwise package rules that reference aliases/macros will
 never properly pass verification.

---
 etc/inc/filter.inc | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 4ddece2..9924e7e 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -172,7 +172,7 @@ function filter_delete_states_for_down_gateways() {
 /* reload filter sync */
 function filter_configure_sync() {
 	global $config, $g, $after_filter_configure_run, $FilterIflist;
-	global $time_based_rules, $filterdns;
+	global $time_based_rules, $filterdns, $aliases;
 
 	/* Use config lock to not allow recursion and config changes during this run. */
 	$filterlck = lock('config');
@@ -1093,7 +1093,7 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = "
 }
 
 function filter_nat_rules_generate() {
-	global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList;
+	global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList, $aliases;
 
 	$natrules = "nat-anchor \"natearly/*\"\n";
 
@@ -2687,7 +2687,7 @@ EOD;
 }
 
 function discover_pkg_rules($ruletype) {
-	global $config, $g;
+	global $config, $g, $aliases;
 
 	/* Bail if there is no pkg directory, or if the package files might be out of sync. */
 	if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync'))
@@ -2705,7 +2705,7 @@ function discover_pkg_rules($ruletype) {
 		if(function_exists($pkg_generate_rules)) {
 			update_filter_reload_status("Processing early {$ruletype} rules for package {$pkg_inc}");
 			$tmprules = $pkg_generate_rules("$ruletype");
-			file_put_contents("{$g['tmp_path']}/rules.test.packages", $tmprules);
+			file_put_contents("{$g['tmp_path']}/rules.test.packages", $aliases . $tmprules);
 			$status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages");
 			if ($status <> 0) {
 				$errorrules = "There was an error while parsing the package filter rules for {$pkg_inc}.\n";
-- 
cgit v1.1


From 8d1cd2db1ea9b37d08888a9cf5b76ee9e2453fe7 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 28 Sep 2010 18:31:38 -0400
Subject: Use a glob here instead of a shell exec.

---
 etc/inc/filter.inc | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 9924e7e..685fbb3 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2694,10 +2694,8 @@ function discover_pkg_rules($ruletype) {
 		return "";
 
 	$rules = "";
-	$files = split("\n", trim(`ls /usr/local/pkg/*.inc`));
+	$files = glob("/usr/local/pkg/*.inc");
 	foreach($files as $pkg_inc) {
-		if($pkg_inc == "ls: No match.")
-			continue;
 		update_filter_reload_status("Checking for {$ruletype} PF hooks in package {$pkg_inc}");
 		require_once($pkg_inc);
 		$pkg = basename($pkg_inc, ".inc");
-- 
cgit v1.1


From 59fe0814ccb28e912dc3967951563c7f3adb8755 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 28 Sep 2010 18:39:07 -0400
Subject: Define and explain $aliases as a global.

---
 etc/inc/filter.inc | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'etc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 685fbb3..80e1d46 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -57,6 +57,9 @@ $GatewaysList = array();
 /* Used for the hostname dns resolver */
 $filterdns = "";
 
+/* Used for aliases and interface macros */
+$aliases = "";
+
 function flowtable_configure() {
 	global $config, $g;
 	return;
-- 
cgit v1.1


From 9fd19334bf105ae1ad5604d4fea8cad48d3be293 Mon Sep 17 00:00:00 2001
From: gnhb <gnoahb@gmail.com>
Date: Thu, 30 Sep 2010 19:20:07 +0700
Subject: Don't refer to non-existent variable.

Reported in forum http://forum.pfsense.org/index.php/topic,28643.0.html
---
 etc/inc/gwlb.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc
index ab72831..4a5b306 100644
--- a/etc/inc/gwlb.inc
+++ b/etc/inc/gwlb.inc
@@ -478,7 +478,7 @@ function lookup_gateway_monitor_ip_by_name($name) {
 		if(!is_ipaddr($gateway['monitor']))
 			return $gateway['gateway'];
 
-		return ($monitorip);
+		return $gateway['monitor'];
         }
 
         return (false);
-- 
cgit v1.1


From f5d3a5ce7f014c046215479f5a504aeec339f204 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 15:20:31 +0000
Subject: Do not support anymore an ip in the 'gateway' section of an
 interface.

---
 etc/inc/gwlb.inc | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc
index 4a5b306..b9c1f66 100644
--- a/etc/inc/gwlb.inc
+++ b/etc/inc/gwlb.inc
@@ -501,9 +501,7 @@ function get_interface_gateway($interface, &$dynamic = false) {
         $gw = NULL;
 
         $gwcfg =& $config['interfaces'][$interface];
-        if (is_ipaddr($gwcfg['gateway']))
-                $gw = $gwcfg['gateway'];
-        else if (!empty($gwcfg['gateway']) && is_array($config['gateways']['gateway_item'])) {
+        if (!empty($gwcfg['gateway']) && is_array($config['gateways']['gateway_item'])) {
                	foreach($config['gateways']['gateway_item'] as $gateway) {
                         if ($gateway['name'] == $gwcfg['gateway']) {
                                 $gw = $gateway['gateway'];
-- 
cgit v1.1


From dd8b859e2657c11557325d0dc226f24e968249ec Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 15:42:27 +0000
Subject: Remove support for this legacy code. The upgrade path handles this.

---
 etc/inc/interfaces.inc | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index d1d2fc0..a49c4da 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -2499,9 +2499,6 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven
 			} else if (substr($realif, 0, 4) == "ovpn") {
 				/* XXX: Should be done anything?! */
 			}
-
-			if (is_ipaddr($wancfg['gateway']))
-				file_put_contents("{$g['tmp_path']}/{$realif}_router", $wancfg['gateway']);
 			break;
 	}
 
-- 
cgit v1.1


From dd88e65afdded53cdfd5d66213c5ad71c540a242 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 15:53:04 +0000
Subject: Remove legacy code

---
 etc/inc/system.inc | 8 --------
 1 file changed, 8 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 292770d..8be930e 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -364,14 +364,6 @@ function system_routing_configure($interface = "") {
 			}
 			log_error("ROUTING: $action default route to $gatewayip");
 			mwexec("/sbin/route {$action} default " . escapeshellarg($gatewayip));
-		} else if (is_ipaddr($config['interfaces']['wan']['gateway'])) {
-			/* Adding gateway for 1.2-style configs without the new
-		  	 * gateway setup configured.
-		  	 * Force WAN to be default gateway because that is the 1.2 behavior.
-			 */
-			log_error("WARNING: There is no default gateway in the configuration.");
-			$gatewayip = $config['interfaces']['wan']['gateway'];
-			mwexec("/sbin/route add default " . escapeshellarg($gatewayip), true);
 		}
 	}
 
-- 
cgit v1.1


From 8d29cef48b243096580d1a9e5a83d11a76e1a310 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 15:54:42 +0000
Subject: Oops fix long standing variable name mistype.

---
 etc/inc/system.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 8be930e..81496ed 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -355,7 +355,7 @@ function system_routing_configure($interface = "") {
 	}
 
 	if ($dont_add_route == false ) {
-		if (!empty($interface) && $inteface != $interafegw)
+		if (!empty($interface) && $interface != $interfacegw)
 			;
 		else if (($interfacegw <> "bgpd") && (is_ipaddr($gatewayip))) {
 			$action = "add";
-- 
cgit v1.1


From ccea4c49c2602cf0644078e8ed4eab301c8c44c4 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 15:58:23 +0000
Subject: Remove legacy code for static routes.

---
 etc/inc/system.inc | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 81496ed..10f785c 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -373,12 +373,10 @@ function system_routing_configure($interface = "") {
 		foreach ($config['staticroutes']['route'] as $rtent) {
 			$gatewayip = "";
 			if (isset($gateways_arr[$rtent['gateway']])) {
-				$gatewayip = $gateways_arr[$rtent['gateway']]['gateway'];
-				$interfacegw = $gateways_arr[$rtent['gateway']]['interface'];
 				if ($interface == $gateways_arr[$rtent['gateway']]['friendlyiface'])
 					continue;
-			} else if (is_ipaddr($rtent['gateway'])) {
-				$gatewayip = $rtent['gateway'];
+				$gatewayip = $gateways_arr[$rtent['gateway']]['gateway'];
+				$interfacegw = $gateways_arr[$rtent['gateway']]['interface'];
 			} else {
 				log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
 				continue;
-- 
cgit v1.1


From a02708b12becb467d2d1ce4a60802e1d804d670b Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 16:04:54 +0000
Subject: Make this code more readble and clear on what it does.

---
 etc/inc/system.inc | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index 10f785c..e728910 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -372,16 +372,15 @@ function system_routing_configure($interface = "") {
 
 		foreach ($config['staticroutes']['route'] as $rtent) {
 			$gatewayip = "";
-			if (isset($gateways_arr[$rtent['gateway']])) {
-				if ($interface == $gateways_arr[$rtent['gateway']]['friendlyiface'])
-					continue;
-				$gatewayip = $gateways_arr[$rtent['gateway']]['gateway'];
-				$interfacegw = $gateways_arr[$rtent['gateway']]['interface'];
-			} else {
+			if (empty($gateways_arr[$rtent['gateway']])) {
 				log_error("Static Routes: Gateway IP could not be found for {$rtent['network']}");
 				continue;
 			}
-
+			$gateway = $gateways_arr[$rtent['gateway']];
+			if ($interface == $gateway['friendlyiface'])
+				continue;
+			$gatewayip = $gateway['gateway'];
+			$interfacegw = $gateway['interface'];
 			$action = "add";
 			if (isset($route_arr[$rtent['network']]))
 				$action = "change";
-- 
cgit v1.1


From 3640c5676522f993d15a55f6d12852276bd9440d Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 30 Sep 2010 16:52:25 +0000
Subject: Ticket #921. Actually reconfigure apinger in case of newip event
 because it might impact a previous down event.

---
 etc/rc.newwanip | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'etc')

diff --git a/etc/rc.newwanip b/etc/rc.newwanip
index 9d3d484..c018cb0 100755
--- a/etc/rc.newwanip
+++ b/etc/rc.newwanip
@@ -78,15 +78,15 @@ system_resolvconf_generate(true);
 file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip);
 file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip);
 
-if (is_ipaddr($oldip) && $curwanip == $oldip)
-	exit;
-
 /* reconfigure static routes (kernel may have deleted them) */
 system_routing_configure($interface);
 
 /* reconfigure our gateway monitor */
 setup_gateways_monitor();
 
+if (is_ipaddr($oldip) && $curwanip == $oldip)
+	exit;
+
 /* perform RFC 2136 DNS update */
 services_dnsupdate_process($interface);
 
-- 
cgit v1.1


From e0df9716e79f4b2945a9ae0e2a458e217d23b5a3 Mon Sep 17 00:00:00 2001
From: gnhb <gnoahb@gmail.com>
Date: Fri, 1 Oct 2010 07:01:23 +0700
Subject: cbuechler says monitorip should not be stored in <interfaces><$if>.
 See ticket #919

---
 etc/inc/gwlb.inc | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc
index b9c1f66..3ccbbb7 100644
--- a/etc/inc/gwlb.inc
+++ b/etc/inc/gwlb.inc
@@ -339,11 +339,7 @@ function return_gateways_array($disabled = false) {
 			}
 		}
 
-		/* retrieve a proper monitor IP? */
-		$ifcfg =& $config['interfaces'][$ifname];
-		if (is_ipaddr($ifcfg['monitorip']))
-			$gateway['monitor'] = $ifcfg['monitorip'];
-		else
+		if (is_ipaddr($gateway['gateway']))
 			$gateway['monitor'] = $gateway['gateway'];
 
 		$gateway['descr'] = "Interface {$friendly} Dynamic Gateway";
-- 
cgit v1.1