if (!empty($ovip)) {
interface_vip_bring_down($ovip);
}
if ($a_vip[$vid]) {
switch ($a_vip[$vid]['mode']) {
case "ipalias":
interface_ipalias_configure($a_vip[$vid]);
break;
case "proxyarp":
interface_proxyarp_configure($a_vip[$vid]['interface']);
break;
case "carp":
interface_carp_configure($a_vip[$vid]);
break;
case "carpdev-dhcp":
interface_carpdev_configure($a_vip[$vid]);
break;
default:
break;
}
}
}
@unlink("{$g['tmp_path']}/.firewall_virtual_ip.apply");
}
$retval = 0;
$retval |= filter_configure();
$savemsg = get_std_save_message($retval);
clear_subsystem_dirty('vip');
}
}
if ($_GET['act'] == "del") {
}
}
}
$savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot."), $carp_counter);
} else {
$savemsg = gettext("CARP has been enabled.");
if (is_array($config['virtualip']['vip'])) {
$viparr =& $config['virtualip']['vip'];
foreach ($viparr as $vip) {
switch ($vip['mode']) {
case "carp":
interface_carp_configure($vip);
sleep(1);
break;
case "carpdev-dhcp":
interface_carpdev_configure($vip);
sleep(1);
break;
case "ipalias":
if (strstr($vip['interface'], "_vip")) {
interface_ipalias_configure($vip);
}
break;
}
}
}
interfaces_carp_setup();
mwexec("/sbin/sysctl net.inet.carp.allow=1");
}
}
$status = get_carp_status();
function restore_config_section_xmlrpc($raw_params)
{
global $config, $xmlrpc_g;
$params = xmlrpc_params_to_php($raw_params);
if (!xmlrpc_auth($params)) {
xmlrpc_authfail();
return $xmlrpc_g['return']['authfail'];
}
// Some sections should just be copied and not merged or we end
// up unable to sync the deletion of the last item in a section
$sync_full = array('ipsec', 'aliases', 'wol', 'load_balancer', 'openvpn', 'cert', 'ca', 'crl', 'schedules');
$sync_full_done = array();
foreach ($sync_full as $syncfull) {
if (isset($params[0][$syncfull])) {
$config[$syncfull] = $params[0][$syncfull];
unset($params[0][$syncfull]);
$sync_full_done[] = $syncfull;
}
}
$vipbackup = array();
$oldvips = array();
if (isset($params[0]['virtualip'])) {
if (is_array($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $vipindex => $vip) {
if ($vip['mode'] == "carp") {
$oldvips["{$vip['interface']}_vip{$vip['vhid']}"] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}";
} else {
if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip")) {
$oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}";
} else {
if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !strstr($vip['interface'], "_vip")) {
$vipbackup[] = $vip;
}
}
}
}
}
}
// For vip section, first keep items sent from the master
$config = array_merge_recursive_unique($config, $params[0]);
/* Then add ipalias and proxyarp types already defined on the backup */
if (is_array($vipbackup) && !empty($vipbackup)) {
if (!is_array($config['virtualip'])) {
$config['virtualip'] = array();
}
if (!is_array($config['virtualip']['vip'])) {
$config['virtualip']['vip'] = array();
}
foreach ($vipbackup as $vip) {
array_unshift($config['virtualip']['vip'], $vip);
}
}
/* Log what happened */
$mergedkeys = implode(",", array_merge(array_keys($params[0]), $sync_full_done));
write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."), $mergedkeys));
/*
* The real work on handling the vips specially
* This is a copy of intefaces_vips_configure with addition of not reloading existing/not changed carps
*/
if (isset($params[0]['virtualip']) && is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) {
$carp_setuped = false;
$anyproxyarp = false;
foreach ($config['virtualip']['vip'] as $vip) {
if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) {
if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") {
if (does_vip_exist($vip)) {
unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]);
continue;
// Skip reconfiguring this vips since nothing has changed.
}
}
unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]);
} else {
if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) {
if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") {
if (does_vip_exist($vip)) {
unset($oldvips[$vip['subnet']]);
continue;
// Skip reconfiguring this vips since nothing has changed.
}
}
unset($oldvips[$vip['subnet']]);
}
}
switch ($vip['mode']) {
case "proxyarp":
$anyproxyarp = true;
break;
case "ipalias":
interface_ipalias_configure(&$vip);
break;
case "carp":
if ($carp_setuped == false) {
$carp_setuped = true;
}
interface_carp_configure($vip);
break;
case "carpdev-dhcp":
interface_carpdev_configure($vip);
break;
}
}
/* Cleanup remaining old carps */
foreach ($oldvips as $oldvipif => $oldvippar) {
if (!is_ipaddr($oldvipif) && does_interface_exist($oldvipif)) {
pfSense_interface_destroy($oldvipif);
}
}
if ($carp_setuped == true) {
interfaces_carp_setup();
}
if ($anyproxyarp == true) {
interface_proxyarp_configure();
}
}
return $xmlrpc_g['return']['true'];
}
