Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
5497ae4e
Commit
5497ae4e
authored
Sep 15, 2016
by
Ad Schellevis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
revert carp to BSD standards
parent
c782d9e8
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
7 additions
and
79 deletions
+7
-79
interfaces.inc
src/etc/inc/interfaces.inc
+6
-58
system.inc
src/etc/inc/system.inc
+1
-3
rc.linkup
src/etc/rc.linkup
+0
-18
No files found.
src/etc/inc/interfaces.inc
View file @
5497ae4e
...
@@ -1770,77 +1770,25 @@ function interfaces_carp_setup()
...
@@ -1770,77 +1770,25 @@ function interfaces_carp_setup()
echo
gettext
(
"Configuring CARP settings..."
);
echo
gettext
(
"Configuring CARP settings..."
);
mute_kernel_msgs
();
mute_kernel_msgs
();
}
}
set_single_sysctl
(
"net.inet.carp.preempt"
=>
"1"
);
/* suck in configuration items */
if
(
!
empty
(
$config
[
'hasync'
][
'pfsyncinterface'
]))
{
if
(
isset
(
$config
[
'hasync'
]))
{
$carp_sync_int
=
get_real_interface
(
$config
[
'hasync'
][
'pfsyncinterface'
]);
if
(
isset
(
$config
[
'hasync'
][
'pfsyncenabled'
]))
{
$pfsyncenabled
=
$config
[
'hasync'
][
'pfsyncenabled'
];
}
if
(
isset
(
$config
[
'hasync'
][
'pfsyncinterface'
]))
{
$pfsyncinterface
=
$config
[
'hasync'
][
'pfsyncinterface'
];
}
if
(
isset
(
$config
[
'hasync'
][
'pfsyncpeerip'
]))
{
$pfsyncpeerip
=
$config
[
'hasync'
][
'pfsyncpeerip'
];
}
}
else
{
unset
(
$pfsyncinterface
);
unset
(
$pfsyncenabled
);
}
set_sysctl
(
array
(
"net.inet.carp.preempt"
=>
"1"
,
"net.inet.carp.log"
=>
"1"
));
if
(
!
empty
(
$pfsyncinterface
))
{
$carp_sync_int
=
get_real_interface
(
$pfsyncinterface
);
}
else
{
unset
(
$carp_sync_int
);
}
}
/* setup pfsync interface */
/* setup pfsync interface */
if
(
!
empty
(
$carp_sync_int
)
&&
isset
(
$
pfsyncenabled
))
{
if
(
!
empty
(
$carp_sync_int
)
&&
isset
(
$
config
[
'hasync'
][
'pfsyncenabled'
]
))
{
if
(
is
_ipaddr
(
$pfsyncpeerip
))
{
if
(
is
set
(
$config
[
'hasync'
][
'pfsyncpeerip'
])
&&
is_ipaddr
(
$config
[
'hasync'
][
'pfsyncpeerip'
]
))
{
$syncpeer
=
"syncpeer
{
$pfsyncpeerip
}
"
;
$syncpeer
=
"syncpeer
"
.
$config
[
'hasync'
][
'pfsyncpeerip'
]
;
}
else
{
}
else
{
$syncpeer
=
"-syncpeer"
;
$syncpeer
=
"-syncpeer"
;
}
}
mwexec
(
"/sbin/ifconfig pfsync0 syncdev
{
$carp_sync_int
}
{
$syncpeer
}
up"
,
false
);
mwexec
(
"/sbin/ifconfig pfsync0 syncdev
{
$carp_sync_int
}
{
$syncpeer
}
up"
,
false
);
sleep
(
1
);
/* XXX: Handle an issue with pfsync(4) and carp(4). In a cluster carp will come up before pfsync(4) has updated and so will cause issues
* for existing sessions.
*/
log_error
(
"waiting for pfsync..."
);
$i
=
0
;
while
(
intval
(
trim
(
`/sbin/ifconfig pfsync0 | /usr/bin/grep 'syncok: 0' | /usr/bin/grep -v grep | /usr/bin/wc -l`
))
==
0
&&
$i
<
30
)
{
$i
++
;
sleep
(
1
);
}
log_error
(
"pfsync done in
$i
seconds."
);
log_error
(
"Configuring CARP settings finalize..."
);
}
else
{
}
else
{
mwexec
(
"/sbin/ifconfig pfsync0 -syncdev -syncpeer down"
,
false
);
mwexec
(
"/sbin/ifconfig pfsync0 -syncdev -syncpeer down"
,
false
);
}
}
$has_carp_vips
=
false
;
if
(
isset
(
$config
[
'virtualip'
][
'vip'
])
&&
count
(
$config
[
'virtualip'
][
'vip'
])
>
0
)
{
foreach
(
$config
[
'virtualip'
][
'vip'
]
as
$vip
)
{
if
(
$vip
[
'mode'
]
==
'carp'
)
{
$has_carp_vips
=
true
;
break
;
}
}
}
if
(
$has_carp_vips
)
{
set_single_sysctl
(
"net.inet.carp.allow"
,
"1"
);
}
else
{
set_single_sysctl
(
"net.inet.carp.allow"
,
"0"
);
}
if
(
file_exists
(
"/var/run/booting"
))
{
if
(
file_exists
(
"/var/run/booting"
))
{
unmute_kernel_msgs
();
unmute_kernel_msgs
();
echo
gettext
(
"done."
)
.
"
\n
"
;
echo
gettext
(
"done."
)
.
"
\n
"
;
...
...
src/etc/inc/system.inc
View file @
5497ae4e
...
@@ -118,9 +118,7 @@ function activate_sysctls()
...
@@ -118,9 +118,7 @@ function activate_sysctls()
"net.enc.in.ipsec_bpf_mask"
=>
"0x0002"
,
"net.enc.in.ipsec_bpf_mask"
=>
"0x0002"
,
"net.enc.in.ipsec_filter_mask"
=>
"0x0002"
,
"net.enc.in.ipsec_filter_mask"
=>
"0x0002"
,
"net.enc.out.ipsec_bpf_mask"
=>
"0x0001"
,
"net.enc.out.ipsec_bpf_mask"
=>
"0x0001"
,
"net.enc.out.ipsec_filter_mask"
=>
"0x0001"
,
"net.enc.out.ipsec_filter_mask"
=>
"0x0001"
'net.inet.carp.senderr_demotion_factor'
=>
'0'
,
'net.pfsync.carp_demotion_factor'
=>
'0'
,
);
);
if
(
isset
(
$config
[
'sysctl'
][
'item'
]))
{
if
(
isset
(
$config
[
'sysctl'
][
'item'
]))
{
...
...
src/etc/rc.linkup
View file @
5497ae4e
...
@@ -38,23 +38,6 @@ require_once("system.inc");
...
@@ -38,23 +38,6 @@ require_once("system.inc");
require_once
(
"unbound.inc"
);
require_once
(
"unbound.inc"
);
require_once
(
"services.inc"
);
require_once
(
"services.inc"
);
/**
* signal CARP to go down when there's a ip configured on the provided interface
* interfaces_carp_setup will enable carp when pfsync completes.
*/
function
interface_signal_carp
(
$intf
)
{
global
$config
;
if
(
!
empty
(
$config
[
'virtualip'
][
'vip'
]))
{
foreach
(
$config
[
'virtualip'
][
'vip'
]
as
$vip
)
{
if
(
$vip
[
'interface'
]
==
$intf
&&
$vip
[
'mode'
]
==
'carp'
)
{
set_single_sysctl
(
"net.inet.carp.allow"
,
"0"
);
}
}
}
}
function
handle_argument_group
(
$iface
,
$argument2
)
{
function
handle_argument_group
(
$iface
,
$argument2
)
{
global
$config
;
global
$config
;
...
@@ -85,7 +68,6 @@ function handle_argument_group($iface, $argument2) {
...
@@ -85,7 +68,6 @@ function handle_argument_group($iface, $argument2) {
case
"stop"
:
case
"stop"
:
log_error
(
"DEVD Ethernet detached event for
{
$iface
}
"
);
log_error
(
"DEVD Ethernet detached event for
{
$iface
}
"
);
interface_bring_down
(
$iface
);
interface_bring_down
(
$iface
);
interface_signal_carp
(
$iface
);
break
;
break
;
case
"start"
:
case
"start"
:
log_error
(
"DEVD Ethernet attached event for
{
$iface
}
"
);
log_error
(
"DEVD Ethernet attached event for
{
$iface
}
"
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment