Skip to content

O
OpnSense
Commit 956aaa3f authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

routes: fix null routes add / delete; closes #638 

(cherry picked from commit 714729af)
(cherry picked from commit 01c41cdc)
parent 9b27695a
Hide whitespace changes
Inline Side-by-side
Showing with 38 additions and 12 deletions
src/etc/inc/system.inc
View file @ 956aaa3f
...@@ -680,13 +680,18 @@ function system_staticroutes_configure($interface = '', $update_dns = false) ...@@ -680,13 +680,18 @@ function system_staticroutes_configure($interface = '', $update_dns = false)
continue; continue;
} }
$interfacegw = $gateway['interface'];
$gatewayip = $gateway['gateway']; $gatewayip = $gateway['gateway'];
$fargw = isset($gateway['fargw']); $fargw = isset($gateway['fargw']);
$interfacegw = $gateway['interface']; $blackhole = '';
$blackhole = ""; switch ($rtent['gateway']) {
if (!strcasecmp("Null", substr($rtent['gateway'], 0, 3))) { case 'Null4':
$blackhole = "-blackhole"; case 'Null6':
$blackhole = '-blackhole';
break;
default:
break;
} }
if (!is_fqdn($rtent['network']) && !is_subnet($rtent['network'])) { if (!is_fqdn($rtent['network']) && !is_subnet($rtent['network'])) {
...@@ -712,30 +717,49 @@ function system_staticroutes_configure($interface = '', $update_dns = false) ...@@ -712,30 +717,49 @@ function system_staticroutes_configure($interface = '', $update_dns = false)
} }
$ips = add_hostname_to_watch($rtent['network']); $ips = add_hostname_to_watch($rtent['network']);
} }
foreach ($dnscache as $ip) { foreach ($dnscache as $ip) {
if (in_array($ip, $ips)) { if (in_array($ip, $ips)) {
continue; continue;
} }
mwexec("/sbin/route delete " . escapeshellarg($ip), true);
if (!is_subnet($ip)) {
if (is_ipaddrv4($ip)) {
$ip .= "/32";
} elseif (is_ipaddrv6($ip)) {
$ip .= "/128";
}
}
$inet = (is_subnetv6($ip) ? "-inet6" : "-inet");
mwexec("/sbin/route delete {$inet} " . escapeshellarg($ip));
} }
if (isset($rtent['disabled'])) { if (isset($rtent['disabled'])) {
/* XXX: This is a bit dangerous in case of routing daemons!? */
foreach ($ips as $ip) { foreach ($ips as $ip) {
mwexec("/sbin/route delete " . escapeshellarg($ip), true); if (!is_subnet($ip)) {
if (is_ipaddrv4($ip)) {
$ip .= "/32";
} elseif (is_ipaddrv6($ip)) {
$ip .= "/128";
}
}
$inet = (is_subnetv6($ip) ? "-inet6" : "-inet");
mwexec("/sbin/route delete {$inet} " . escapeshellarg($ip));
} }
continue; continue;
} }
foreach ($ips as $ip) { foreach ($ips as $ip) {
if (is_ipaddrv4($ip)) { if (!is_subnet($ip)) {
$ip .= "/32"; if (is_ipaddrv4($ip)) {
} elseif (is_ipaddrv6($ip)) { $ip .= "/32";
$ip .= "/128"; } elseif (is_ipaddrv6($ip)) {
$ip .= "/128";
}
} }
$inet = (is_subnetv6($ip) ? "-inet6" : "-inet"); $inet = (is_subnetv6($ip) ? "-inet6" : "-inet");
$cmd = " {$inet} {$blackhole} " . escapeshellarg($ip) . " "; $cmd = " {$inet} {$blackhole} " . escapeshellarg($ip) . " ";
if (is_subnet($ip)) { if (is_subnet($ip)) {
if (is_ipaddr($gatewayip)) { if (is_ipaddr($gatewayip)) {
mwexec("/sbin/route delete".$cmd . escapeshellarg($gatewayip)); mwexec("/sbin/route delete".$cmd . escapeshellarg($gatewayip));
...@@ -748,6 +772,8 @@ function system_staticroutes_configure($interface = '', $update_dns = false) ...@@ -748,6 +772,8 @@ function system_staticroutes_configure($interface = '', $update_dns = false)
mwexec("/sbin/route delete".$cmd . "-interface " . escapeshellarg($interfacegw)); mwexec("/sbin/route delete".$cmd . "-interface " . escapeshellarg($interfacegw));
mwexec("/sbin/route add".$cmd . "-interface " . escapeshellarg($interfacegw)); mwexec("/sbin/route add".$cmd . "-interface " . escapeshellarg($interfacegw));
} }
} else {
log_error(sprintf('Cannot add static route to: %s', $ip));
} }
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023