Revision 52856a80
Added by Phil Davis over 10 years ago
| usr/local/www/firewall_virtual_ip.php | ||
|---|---|---|
| 108 | 108 |
} |
| 109 | 109 |
} |
| 110 | 110 |
|
| 111 |
/* make sure no OpenVPN server or client references this entry */ |
|
| 112 |
$openvpn_types_a = array("openvpn-server" => gettext("server"), "openvpn-client" => gettext("client"));
|
|
| 113 |
foreach ($openvpn_types_a as $openvpn_type => $openvpn_type_text) {
|
|
| 114 |
if (is_array($config['openvpn'][$openvpn_type])) {
|
|
| 115 |
foreach ($config['openvpn'][$openvpn_type] as $openvpn) {
|
|
| 116 |
if ($openvpn['ipaddr'] <> "") {
|
|
| 117 |
if ($openvpn['ipaddr'] == $a_vip[$_GET['id']]['subnet']) {
|
|
| 118 |
if (strlen($openvpn['description'])) {
|
|
| 119 |
$openvpn_desc = $openvpn['description']; |
|
| 120 |
} else {
|
|
| 121 |
$openvpn_desc = $openvpn['ipaddr'] . ":" . $openvpn['local_port']; |
|
| 122 |
} |
|
| 123 |
$input_errors[] = sprintf(gettext("This entry cannot be deleted because it is still referenced by OpenVPN %s %s."), $openvpn_type_text, $openvpn_desc);
|
|
| 124 |
break; |
|
| 125 |
} |
|
| 126 |
} |
|
| 127 |
} |
|
| 128 |
} |
|
| 129 |
} |
|
| 130 |
|
|
| 111 | 131 |
if (is_ipaddrv6($a_vip[$_GET['id']]['subnet'])) {
|
| 112 | 132 |
$is_ipv6 = true; |
| 113 | 133 |
$subnet = gen_subnetv6($a_vip[$_GET['id']]['subnet'], $a_vip[$_GET['id']]['subnet_bits']); |
Also available in: Unified diff
When deleting a VIP check it is not used by OpenVPN
I noticed this when cleaning up VIPs and OpenVPN server when testing for this forum post https://forum.pfsense.org/index.php?topic=92174.0
The system let me delete my test VIP before I deleted the OpenVPN server using, probably not a good thing.
This is a better version of #1604 - the similar loops for server and client are combined, and the error message shows the description (or IP address:port) of the offending OpenVPN instance so the user has a clue about which OpenVPN instance uses the VIP.