require "guiconfig.inc"; $if = $_GET['if']; if ($_POST['if']) { $if = $_POST['if']; } if (!$if) { header("Location: services_dhcpv6.php"); exit; } if (!is_array($config['dhcpdv6'][$if]['staticmap'])) { $config['dhcpdv6'][$if]['staticmap'] = array(); } $netboot_enabled = isset($config['dhcpdv6'][$if]['netboot']); $a_maps =& $config['dhcpdv6'][$if]['staticmap']; $ifcfgipv6 = get_interface_ipv6($if); $ifcfgsnv6 = get_interface_subnetv6($if); $ifcfgdescr = convert_friendly_interface_to_friendly_descr($if); $id = $_GET['id']; if (isset($_POST['id'])) { $id = $_POST['id']; } if (isset($id) && $a_maps[$id]) { $pconfig['duid'] = $a_maps[$id]['duid']; $pconfig['hostname'] = $a_maps[$id]['hostname']; $pconfig['ipaddrv6'] = $a_maps[$id]['ipaddrv6']; $pconfig['filename'] = $a_maps[$id]['filename']; $pconfig['rootpath'] = $a_maps[$id]['rootpath']; $pconfig['descr'] = $a_maps[$id]['descr']; } else { $pconfig['duid'] = $_GET['duid']; $pconfig['hostname'] = $_GET['hostname'];
} else { if (strpos($_POST['interface'], '_vip')) { $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); } } break; case 'ipalias': if (strstr($_POST['interface'], "_vip")) { if (is_ipaddrv4($_POST['subnet'])) { $parent_ip = get_interface_ip($_POST['interface']); $parent_sn = get_interface_subnet($_POST['interface']); $subnet = gen_subnet($parent_ip, $parent_sn); } else { if (is_ipaddrv6($_POST['subnet'])) { $parent_ip = get_interface_ipv6($_POST['interface']); $parent_sn = get_interface_subnetv6($_POST['interface']); $subnet = gen_subnetv6($parent_ip, $parent_sn); } } if (isset($parent_ip) && !ip_in_subnet($_POST['subnet'], "{$subnet}/{$parent_sn}") && !ip_in_interface_alias_subnet(link_carp_interface_to_parent($_POST['interface']), $_POST['subnet'])) { $cannot_find = $_POST['subnet'] . "/" . $_POST['subnet_bits']; $input_errors[] = sprintf(gettext("Sorry, we could not locate an interface with a matching subnet for %s. Please add an IP alias in this subnet on this interface."), $cannot_find); } unset($parent_ip, $parent_sn, $subnet); } break; default: if ($_POST['interface'] == 'lo0') { $input_errors[] = gettext("For this type of vip localhost is not allowed."); } else { if (strpos($_POST['interface'], '_vip')) {
$found = false; foreach ($subnets as $subnet) { if (ip_in_subnet($pconfig['gateway'], $subnet)) { $found = true; break; } } if (!$found) { $input_errors[] = sprintf(gettext("The gateway address %1\$s does not lie within one of the chosen interface's subnets."), $pconfig['gateway']); } } } elseif (is_ipaddrv6($pconfig['gateway'])) { /* do not do a subnet match on a link local address, it's valid */ if (!is_linklocal($pconfig['gateway'])) { $parent_ip = get_interface_ipv6($pconfig['interface']); $parent_sn = get_interface_subnetv6($pconfig['interface']); if (empty($parent_ip) || empty($parent_sn)) { $input_errors[] = gettext("Cannot add IPv6 Gateway Address because no IPv6 address could be found on the interface."); } else { $subnets = array(gen_subnetv6($parent_ip, $parent_sn) . "/" . $parent_sn); $vips = link_interface_to_vips($pconfig['interface']); if (is_array($vips)) { foreach ($vips as $vip) { if (!is_ipaddrv6($vip['subnet'])) { continue; } $subnets[] = gen_subnetv6($vip['subnet'], $vip['subnet_bits']) . "/" . $vip['subnet_bits']; } } $found = false; foreach ($subnets as $subnet) {
if ($a_vip[$_GET['id']]) { /* make sure no inbound NAT mappings reference this entry */ if (is_array($config['nat']['rule'])) { foreach ($config['nat']['rule'] as $rule) { if ($rule['destination']['address'] != "") { if ($rule['destination']['address'] == $a_vip[$_GET['id']]['subnet']) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one NAT mapping."); break; } } } } if (is_ipaddrv6($a_vip[$_GET['id']]['subnet'])) { $is_ipv6 = true; $subnet = gen_subnetv6($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']); $if_subnet_bits = get_interface_subnetv6($a_vip[$_GET['id']]['interface']); $if_subnet = gen_subnetv6(get_interface_ipv6($a_vip[$_GET['id']]['interface']), $if_subnet_bits); } else { $is_ipv6 = false; $subnet = gen_subnet($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']); $if_subnet_bits = get_interface_subnet($a_vip[$_GET['id']]['interface']); $if_subnet = gen_subnet(get_interface_ip($a_vip[$_GET['id']]['interface']), $if_subnet_bits); } $subnet .= "/" . $a_vip[$_GET['id']]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; if (is_array($config['gateways']['gateway_item'])) { foreach ($config['gateways']['gateway_item'] as $gateway) { if ($a_vip[$_GET['id']]['interface'] != $gateway['interface']) { continue; } if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') {
/** * delete virtual ip */ function deleteVIPEntry($id) { global $config; $input_errors = array(); $a_vip =& $config['virtualip']['vip']; /* make sure no inbound NAT mappings reference this entry */ if (isset($config['nat']['rule'])) { foreach ($config['nat']['rule'] as $rule) { if (!empty($rule['destination']['address'])) { if ($rule['destination']['address'] == $a_vip[$id]['subnet']) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one NAT mapping."); break; } } } } if (is_ipaddrv6($a_vip[$id]['subnet'])) { $is_ipv6 = true; $subnet = gen_subnetv6($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']); $if_subnet_bits = get_interface_subnetv6($a_vip[$id]['interface']); $if_subnet = gen_subnetv6(get_interface_ipv6($a_vip[$id]['interface']), $if_subnet_bits); } else { $is_ipv6 = false; $subnet = gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']); $if_subnet_bits = get_interface_subnet($a_vip[$id]['interface']); $if_subnet = gen_subnet(get_interface_ip($a_vip[$id]['interface']), $if_subnet_bits); } $subnet .= "/" . $a_vip[$id]['subnet_bits']; $if_subnet .= "/" . $if_subnet_bits; if (isset($config['gateways']['gateway_item'])) { foreach ($config['gateways']['gateway_item'] as $gateway) { if ($a_vip[$id]['interface'] != $gateway['interface']) { continue; } if ($is_ipv6 && $gateway['ipprotocol'] == 'inet') { continue; } if (!$is_ipv6 && $gateway['ipprotocol'] == 'inet6') { continue; } if (ip_in_subnet($gateway['gateway'], $if_subnet)) { continue; } if (ip_in_subnet($gateway['gateway'], $subnet)) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one Gateway."); break; } } } if ($a_vip[$id]['mode'] == "ipalias") { $subnet = gen_subnet($a_vip[$id]['subnet'], $a_vip[$id]['subnet_bits']) . "/" . $a_vip[$id]['subnet_bits']; $found_if = false; $found_carp = false; $found_other_alias = false; if ($subnet == $if_subnet) { $found_if = true; } $vipiface = $a_vip[$id]['interface']; foreach ($a_vip as $vip_id => $vip) { if ($vip_id != $id) { if ($vip['interface'] == $vipiface && ip_in_subnet($vip['subnet'], $subnet)) { if ($vip['mode'] == "carp") { $found_carp = true; } else { if ($vip['mode'] == "ipalias") { $found_other_alias = true; } } } } } if ($found_carp === true && $found_other_alias === false && $found_if === false) { $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by a CARP IP with the description") . " {$vip['descr']}."; } } if (count($input_errors) == 0) { // Special case since every proxyarp vip is handled by the same daemon. if ($a_vip[$id]['mode'] == "proxyarp") { $viface = $a_vip[$id]['interface']; unset($a_vip[$id]); interface_proxyarp_configure($viface); } else { interface_vip_bring_down($a_vip[$id]); unset($a_vip[$id]); } if (count($config['virtualip']['vip']) == 0) { unset($config['virtualip']['vip']); } } return $input_errors; }