Revision 9eb49a51
Added by Ermal LUÇI over 12 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 139 | 139 |
continue; |
| 140 | 140 |
$gwstatus =& $a_gateways[$gateway['monitor']]; |
| 141 | 141 |
if (strstr($gwstatus['status'], "down")) {
|
| 142 |
$gwip = $gateway['gateway']; |
|
| 143 |
if (!is_ipaddr($gwip)) |
|
| 144 |
$gwip = get_interface_gateway($gateway['friendlyiface']); |
|
| 145 |
if (is_ipaddr($gwstatus['srcip'])) {
|
|
| 146 |
$cmd = "/sbin/pfctl -b {$gwstatus['srcip']}/32 ";
|
|
| 147 |
if (is_ipaddr($gwip)) |
|
| 148 |
$cmd .= "-b {$gwip}/32";
|
|
| 149 |
else |
|
| 150 |
$cmd .= "-b 0.0.0.0/32"; |
|
| 151 |
mwexec($cmd); |
|
| 152 |
} |
|
| 142 |
if (!empty($gateway['interface'])) |
|
| 143 |
$gwiface = $gateway['interface']; |
|
| 144 |
else |
|
| 145 |
$gwiface = get_real_interface($gateway['friendlyiface']); |
|
| 146 |
$cmd = "/sbin/pfctl -i {$gwiface} -k 0.0.0.0/0";
|
|
| 147 |
mwexec($cmd); |
|
| 153 | 148 |
} |
| 154 | 149 |
} |
| 155 | 150 |
} |
| etc/inc/interfaces.inc | ||
|---|---|---|
| 1188 | 1188 |
// log_error("Checking for old router states: {$g['tmp_path']}/{$realif}_router = {$old_router}");
|
| 1189 | 1189 |
if (!empty($old_router)) {
|
| 1190 | 1190 |
log_error("Clearing states to old gateway {$old_router}.");
|
| 1191 |
mwexec("/sbin/pfctl -b 0.0.0.0/32 -b {$old_router}/32");
|
|
| 1191 |
mwexec("/sbin/pfctl -i {$realif} -k 0.0.0.0/0");
|
|
| 1192 | 1192 |
} |
| 1193 | 1193 |
|
| 1194 | 1194 |
/* remove interface up file if it exists */ |
| sbin/dhclient-script | ||
|---|---|---|
| 82 | 82 |
$LOGGER "Comparing Routers: Old: ${OLD_ROUTER} New: ${new_routers}"
|
| 83 | 83 |
if [ "${OLD_ROUTER}" != "${new_routers}" ]; then
|
| 84 | 84 |
$LOGGER "Removing states through old gateway '${OLD_ROUTER}' (new gateway '${new_routers}')"
|
| 85 |
/sbin/pfctl -b 0.0.0.0/32 -b ${OLD_ROUTER}/32
|
|
| 85 |
/sbin/pfctl -i $interface -k 0.0.0.0/0 -k ${OLD_ROUTER}/32
|
|
| 86 | 86 |
fi |
| 87 | 87 |
fi |
| 88 | 88 |
} |
| usr/local/sbin/ovpn-linkdown | ||
|---|---|---|
| 1 | 1 |
#!/bin/sh |
| 2 |
# /sbin/pfctl -b $4 -b $5
|
|
| 2 |
/sbin/pfctl -i $1 -k 0.0.0.0/0
|
|
| 3 | 3 |
# delete the node just in case mpd cannot do that |
| 4 | 4 |
/bin/rm -f /var/etc/nameserver_$1 |
| 5 | 5 |
/bin/rm -f /tmp/$1_router |
| usr/local/sbin/ppp-linkdown | ||
|---|---|---|
| 16 | 16 |
pfctl -K ${LOCAL_IP}
|
| 17 | 17 |
fi |
| 18 | 18 |
|
| 19 |
OLD_ROUTER=`/bin/cat /tmp/${1}_router`
|
|
| 20 |
if [ "${OLD_ROUTER}" != "" ]; then
|
|
| 21 |
echo "Removing states to ${OLD_ROUTER}" | logger -t ppp-linkdown
|
|
| 22 |
/sbin/pfctl -b 0.0.0.0/32 -b ${OLD_ROUTER}/32
|
|
| 23 |
|
|
| 24 |
if [ -f "/tmp/${interface}_defaultgw" ]; then
|
|
| 25 |
route delete default ${OLD_ROUTER}
|
|
| 26 |
fi |
|
| 19 |
/sbin/pfctl -i $1 -k 0.0.0.0/0 |
|
| 20 |
if [ -f "/tmp/${1}_defaultgw" ]; then
|
|
| 21 |
route delete default ${OLD_ROUTER}
|
|
| 27 | 22 |
fi |
| 28 | 23 |
# delete the node just in case mpd cannot do that |
| 29 | 24 |
/usr/sbin/ngctl shutdown $1: |
| usr/local/sbin/ppp-linkup | ||
|---|---|---|
| 5 | 5 |
OLD_ROUTER=`/bin/cat /tmp/${1}_router`
|
| 6 | 6 |
if [ "${OLD_ROUTER}" != "" ]; then
|
| 7 | 7 |
echo "Removing states to old router ${OLD_ROUTER}" | logger -t ppp-linkup
|
| 8 |
/sbin/pfctl -b 0.0.0.0/32 -b ${OLD_ROUTER}/32
|
|
| 8 |
/sbin/pfctl -i $1 -k 0.0.0.0/0 -k ${OLD_ROUTER}/32
|
|
| 9 | 9 |
fi |
| 10 | 10 |
|
| 11 | 11 |
# let the configuration system know that the ipv4 has changed. |
Also available in: Unified diff
pfctl -b is gone just use std tools of pfctl