if (!empty($ovip)) { interface_vip_bring_down($ovip); } if ($a_vip[$vid]) { switch ($a_vip[$vid]['mode']) { case "ipalias": interface_ipalias_configure($a_vip[$vid]); break; case "proxyarp": interface_proxyarp_configure($a_vip[$vid]['interface']); break; case "carp": interface_carp_configure($a_vip[$vid]); break; case "carpdev-dhcp": interface_carpdev_configure($a_vip[$vid]); break; default: break; } } } @unlink("{$g['tmp_path']}/.firewall_virtual_ip.apply"); } $retval = 0; $retval |= filter_configure(); $savemsg = get_std_save_message($retval); clear_subsystem_dirty('vip'); } } if ($_GET['act'] == "del") {
} } } $savemsg = sprintf(gettext("%s IPs have been disabled. Please note that disabling does not survive a reboot."), $carp_counter); } else { $savemsg = gettext("CARP has been enabled."); if (is_array($config['virtualip']['vip'])) { $viparr =& $config['virtualip']['vip']; foreach ($viparr as $vip) { switch ($vip['mode']) { case "carp": interface_carp_configure($vip); sleep(1); break; case "carpdev-dhcp": interface_carpdev_configure($vip); sleep(1); break; case "ipalias": if (strstr($vip['interface'], "_vip")) { interface_ipalias_configure($vip); } break; } } } interfaces_carp_setup(); mwexec("/sbin/sysctl net.inet.carp.allow=1"); } } $status = get_carp_status();
function restore_config_section_xmlrpc($raw_params) { global $config, $xmlrpc_g; $params = xmlrpc_params_to_php($raw_params); if (!xmlrpc_auth($params)) { xmlrpc_authfail(); return $xmlrpc_g['return']['authfail']; } // Some sections should just be copied and not merged or we end // up unable to sync the deletion of the last item in a section $sync_full = array('ipsec', 'aliases', 'wol', 'load_balancer', 'openvpn', 'cert', 'ca', 'crl', 'schedules'); $sync_full_done = array(); foreach ($sync_full as $syncfull) { if (isset($params[0][$syncfull])) { $config[$syncfull] = $params[0][$syncfull]; unset($params[0][$syncfull]); $sync_full_done[] = $syncfull; } } $vipbackup = array(); $oldvips = array(); if (isset($params[0]['virtualip'])) { if (is_array($config['virtualip']['vip'])) { foreach ($config['virtualip']['vip'] as $vipindex => $vip) { if ($vip['mode'] == "carp") { $oldvips["{$vip['interface']}_vip{$vip['vhid']}"] = "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}"; } else { if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip")) { $oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}"; } else { if (($vip['mode'] == "ipalias" || $vip['mode'] == 'proxyarp') && !strstr($vip['interface'], "_vip")) { $vipbackup[] = $vip; } } } } } } // For vip section, first keep items sent from the master $config = array_merge_recursive_unique($config, $params[0]); /* Then add ipalias and proxyarp types already defined on the backup */ if (is_array($vipbackup) && !empty($vipbackup)) { if (!is_array($config['virtualip'])) { $config['virtualip'] = array(); } if (!is_array($config['virtualip']['vip'])) { $config['virtualip']['vip'] = array(); } foreach ($vipbackup as $vip) { array_unshift($config['virtualip']['vip'], $vip); } } /* Log what happened */ $mergedkeys = implode(",", array_merge(array_keys($params[0]), $sync_full_done)); write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."), $mergedkeys)); /* * The real work on handling the vips specially * This is a copy of intefaces_vips_configure with addition of not reloading existing/not changed carps */ if (isset($params[0]['virtualip']) && is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) { $carp_setuped = false; $anyproxyarp = false; foreach ($config['virtualip']['vip'] as $vip) { if ($vip['mode'] == "carp" && isset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"])) { if ($oldvips["{$vip['interface']}_vip{$vip['vhid']}"] == "{$vip['password']}{$vip['advskew']}{$vip['subnet']}{$vip['subnet_bits']}{$vip['advbase']}") { if (does_vip_exist($vip)) { unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); continue; // Skip reconfiguring this vips since nothing has changed. } } unset($oldvips["{$vip['interface']}_vip{$vip['vhid']}"]); } else { if ($vip['mode'] == "ipalias" && strstr($vip['interface'], "_vip") && isset($oldvips[$vip['subnet']])) { if ($oldvips[$vip['subnet']] = "{$vip['interface']}{$vip['subnet']}{$vip['subnet_bits']}") { if (does_vip_exist($vip)) { unset($oldvips[$vip['subnet']]); continue; // Skip reconfiguring this vips since nothing has changed. } } unset($oldvips[$vip['subnet']]); } } switch ($vip['mode']) { case "proxyarp": $anyproxyarp = true; break; case "ipalias": interface_ipalias_configure(&$vip); break; case "carp": if ($carp_setuped == false) { $carp_setuped = true; } interface_carp_configure($vip); break; case "carpdev-dhcp": interface_carpdev_configure($vip); break; } } /* Cleanup remaining old carps */ foreach ($oldvips as $oldvipif => $oldvippar) { if (!is_ipaddr($oldvipif) && does_interface_exist($oldvipif)) { pfSense_interface_destroy($oldvipif); } } if ($carp_setuped == true) { interfaces_carp_setup(); } if ($anyproxyarp == true) { interface_proxyarp_configure(); } } return $xmlrpc_g['return']['true']; }