/src/etc/rc.newwanip - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/rc.newwanip @ a81deb39

1	cb7d18d5	Renato Botelho	#!/usr/local/bin/php-cgi -f
2	5b237745	Scott Ullrich	<?php
3			/*
4	7488a9e0	Renato Botelho	rc.newwanip
5			Copyright (C) 2006 Scott Ullrich (sullrich@gmail.com)
6	5721595b	Chris Buechler	part of pfSense (https://www.pfsense.org)
7	7488a9e0	Renato Botelho
8			Originally part of m0n0wall (http://m0n0.ch)
9			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11
12			Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14
15			1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17
18			2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21
22			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33
34	0363c100	Scott Ullrich	/* parse the configuration and include all functions used below */
35			require_once("globals.inc");
36			require_once("config.inc");
37			require_once("functions.inc");
38	5f2d078e	Scott Ullrich	require_once("filter.inc");
39			require_once("shaper.inc");
40	f973148e	Ermal	require_once("ipsec.inc");
41			require_once("vpn.inc");
42	c7f60193	Ermal	require_once("openvpn.inc");
43	8d8f5e49	Ermal	require_once("IPv6.inc");
44	76f5d95c	Scott Ullrich	require_once("rrd.inc");
45	0363c100	Scott Ullrich
46	9ccecb65	Ermal	function restart_packages() {
47	b82e4696	Renato Botelho	global $oldip, $curwanip, $g;
48	9ccecb65	Ermal
49			/* restart packages */
50	038f6e96	Chris Buechler	log_error("{$g['product_name']} package system has detected an IP change or dynamic WAN reconnection - $oldip -> $curwanip - Restarting packages.");
51	0042f5d9	Ermal	send_event("service reload packages");
52	9ccecb65	Ermal	}
53	0363c100	Scott Ullrich
54	9ccecb65	Ermal	/* Interface IP address has changed */
55	e173dd74	Phil Davis	if (isset($_GET['interface'])) {
56	c71b14fd	Ermal	$argument = $_GET['interface'];
57	e173dd74	Phil Davis	} else {
58	c71b14fd	Ermal	$argument = str_replace("\n", "", $argv[1]);
59	e173dd74	Phil Davis	}
60	0363c100	Scott Ullrich
61	002d286c	Chris Buechler	log_error("rc.newwanip: Info: starting on {$argument}.");
62	2aa80139	Scott Ullrich
63	91571af5	Ermal	if (empty($argument)) {
64	7488a9e0	Renato Botelho	$interface = "wan";
65			$interface_real = get_real_interface();
66	67ee1ec5	Ermal Luçi	} else {
67	7488a9e0	Renato Botelho	$interface = convert_real_interface_to_friendly_interface_name($argument);
68			$interface_real = $argument;
69	de8f0075	Renato Botelho	}
70
71	91571af5	Ermal	$interface_descr = convert_friendly_interface_to_friendly_descr($interface);
72
73	63f72828	jim-p	/* If the interface is configured and not enabled, bail. We do not need to change settings for disabled interfaces. #3313 */
74			if (is_array($config['interfaces'][$interface]) && !isset($config['interfaces'][$interface]['enable'])) {
75			log_error("Interface is disabled, nothing to do.");
76			return;
77			}
78
79	e173dd74	Phil Davis	if (empty($argument)) {
80	de8f0075	Renato Botelho	$curwanip = get_interface_ip();
81	e173dd74	Phil Davis	} else {
82	7488a9e0	Renato Botelho	$curwanip = find_interface_ip($interface_real, true);
83	086cf944	Phil Davis	if ($curwanip == "") {
84	7488a9e0	Renato Botelho	$curwanip = get_interface_ip($interface);
85	e173dd74	Phil Davis	}
86	b1f7e75e	Scott Ullrich	}
87
88	80d3cf1c	Chris Buechler	log_error("rc.newwanip: on (IP address: {$curwanip}) (interface: {$interface_descr}[{$interface}]) (real interface: {$interface_real}).");
89	a8840317	Scott Ullrich
90	91571af5	Ermal	/*
91	31dbd433	Ermal	* NOTE: Take care of openvpn, no-ip or similar interfaces if you generate the event to reconfigure an interface.
92	91571af5	Ermal	* i.e. OpenVPN might be in tap mode and not have an ip.
93			*/
94	31dbd433	Ermal	if ($curwanip == "0.0.0.0" \|\| !is_ipaddr($curwanip)) {
95			if (substr($interface_real, 0, 4) != "ovpn") {
96			if (!empty($config['interfaces'][$interface]['ipaddr'])) {
97			log_error("rc.newwanip: Failed to update {$interface} IP, restarting...");
98			send_event("interface reconfigure {$interface}");
99			return;
100			}
101			}
102	45f2708c	Scott Ullrich	}
103
104	91571af5	Ermal	/* XXX: This really possible? */
105	9ccecb65	Ermal	if (empty($interface)) {
106	e173dd74	Phil Davis	if (platform_booting()) {
107	30a61a89	Ermal LUÇI	return;
108	e173dd74	Phil Davis	}
109	9ccecb65	Ermal	filter_configure();
110			restart_packages();
111	3e5933f2	Ermal	return;
112	9ccecb65	Ermal	}
113
114	40655051	Ermal	$oldip = "0.0.0.0";
115	e173dd74	Phil Davis	if (file_exists("{$g['vardb_path']}/{$interface}_cacheip")) {
116	40655051	Ermal	$oldip = file_get_contents("{$g['vardb_path']}/{$interface}_cacheip");
117	e173dd74	Phil Davis	}
118	40655051	Ermal
119	80d3cf1c	Chris Buechler	/* regenerate resolv.conf */
120			system_resolvconf_generate(true);
121	0363c100	Scott Ullrich
122	aea7da2f	Phil Davis	/* write the current interface IP to file */
123	e173dd74	Phil Davis	if (is_ipaddr($curwanip)) {
124	91571af5	Ermal	@file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip);
125	e173dd74	Phil Davis	}
126	0363c100	Scott Ullrich
127	b5264f22	Ermal	link_interface_to_vips($interface, "update");
128
129	48484aac	Ermal	unset($gre);
130			$gre = link_interface_to_gre($interface);
131	e173dd74	Phil Davis	if (!empty($gre)) {
132	48484aac	Ermal	array_walk($gre, 'interface_gre_configure');
133	e173dd74	Phil Davis	}
134
135	48484aac	Ermal	unset($gif);
136			$gif = link_interface_to_gif($interface);
137	e173dd74	Phil Davis	if (!empty($gif)) {
138	48484aac	Ermal	array_walk($gif, 'interface_gif_configure');
139	e173dd74	Phil Davis	}
140	48484aac	Ermal
141	ed62880b	Ermal	$grouptmp = link_interface_to_group($interface);
142	e173dd74	Phil Davis	if (!empty($grouptmp)) {
143	ed62880b	Ermal	array_walk($grouptmp, 'interface_group_add_member');
144	e173dd74	Phil Davis	}
145	ed62880b	Ermal
146	9ce0dd12	Ermal	unset($bridgetmp);
147			$bridgetmp = link_interface_to_bridge($interface);
148	e173dd74	Phil Davis	if (!empty($bridgetmp)) {
149	9af087de	Chris Buechler	interface_bridge_add_member($bridgetmp, $interface_real);
150	e173dd74	Phil Davis	}
151	b5264f22	Ermal
152			/* make new hosts file */
153	c9065c1e	Ermal	system_hosts_generate();
154	8614f335	Ermal
155	e173dd74	Phil Davis	/* check tunnelled IPv6 interface tracking */
156			switch ($config['interfaces'][$interface]['ipaddrv6']) {
157	b5191708	smos	case "6to4":
158	7a04cd20	Ermal	interface_6to4_configure($interface, $config['interfaces'][$interface]);
159	b5191708	smos	break;
160			case "6rd":
161	7a04cd20	Ermal	interface_6rd_configure($interface, $config['interfaces'][$interface]);
162	b5191708	smos	break;
163	0b18ef05	Ermal	case "dhcp6":
164	0c9b98c0	Chris Buechler	// N.B. PPP connections using PPP as the IPv6 parent interface are excluded because the ppp-ipv6 script calls
165			// interface_dhcpv6_configure() for these connections after IPv6CP is up
166			if (isset($config['interfaces'][$interface]['dhcp6usev4iface']) && !interface_isppp_type($interface)) {
167	0b18ef05	Ermal	interface_dhcpv6_configure($interface, $config['interfaces'][$interface]);
168	e173dd74	Phil Davis	}
169	0b18ef05	Ermal	break;
170	b5191708	smos	}
171	b746dc61	Ermal
172	90c386ba	jim-p	/* Check Gif tunnels */
173	eb8ad408	Ermal LUÇI	if (!empty($gif)) {
174	e173dd74	Phil Davis	foreach ($gif as $giftun) {
175	b9767e86	Renato Botelho	$confif = convert_real_interface_to_friendly_interface_name($giftun['gifif']);
176	eb8ad408	Ermal LUÇI	if (!empty($confif)) {
177			interface_configure($confif);
178			system_routing_configure($confif);
179			}
180			}
181			}
182			if (!empty($gre)) {
183	086cf944	Phil Davis	foreach ($gre as $gretun) {
184	b9767e86	Renato Botelho	$confif = convert_real_interface_to_friendly_interface_name($gretun['greif']);
185	eb8ad408	Ermal LUÇI	if (!empty($confif)) {
186			interface_configure($confif);
187			system_routing_configure($confif);
188	90c386ba	jim-p	}
189			}
190			}
191
192	ef59836c	Ermal	/*
193			* We need to force sync VPNs on such even when the IP is the same for dynamic interfaces.
194			* Even with the same IP the VPN software is unhappy with the IP disappearing, and we
195			* could be failing back in which case we need to switch IPs back anyhow.
196			*/
197			if (!is_ipaddr($oldip) \|\| $curwanip != $oldip \|\| !is_ipaddrv4($config['interfaces'][$interface]['ipaddr'])) {
198	1ae41bfe	Chris Buechler	/* IP changed, kill states accordingly */
199	461eac09	Chris Buechler	if ($curwanip != $oldip) {
200	1ae41bfe	Chris Buechler	log_error("IP has changed, killing states on former IP $oldip.");
201	0174c480	Ermal LUÇI	pfSense_kill_states($oldip);
202	461eac09	Chris Buechler	if (isset($config['system']['ip_change_kill_states'])) {
203	1ae41bfe	Chris Buechler	/* hidden config option to wipe all states if needed */
204	461eac09	Chris Buechler	log_error("Killing all states post-IP change.");
205			filter_flush_state_table();
206			}
207	569e2fdf	Chris Buechler	}
208	e173dd74	Phil Davis
209	6d744cc8	Renato Botelho	/*
210	e173dd74	Phil Davis	* Some services (e.g. dyndns, see ticket #4066) depend on
211	6d744cc8	Renato Botelho	* filter_configure() to be called before, otherwise pass out
212	4e322e2c	Phil Davis	* route-to rules have the old ip set in 'from' and connections
213			* do not go through the correct link
214	6d744cc8	Renato Botelho	*/
215	56c6993c	Renato Botelho	filter_configure_sync();
216	6d744cc8	Renato Botelho
217	ef59836c	Ermal	/* reconfigure static routes (kernel may have deleted them) */
218			system_routing_configure($interface);
219	69b54cbe	smos
220	ef59836c	Ermal	/* reconfigure our gateway monitor */
221			setup_gateways_monitor();
222	e173dd74	Phil Davis
223	36dbc3ae	Chris Buechler	/* reload unbound */
224			services_unbound_configure();
225	da70dc36	jim-p
226	e173dd74	Phil Davis	if (is_ipaddr($curwanip)) {
227	91571af5	Ermal	@file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip);
228	e173dd74	Phil Davis	}
229	ef59836c	Ermal
230			/* perform RFC 2136 DNS update */
231			services_dnsupdate_process($interface);
232	2c6b0d67	Ermal
233	ef59836c	Ermal	/* signal dyndns update */
234			services_dyndns_configure($interface);
235	9c4c5e80	jim-p
236	611b65a8	jim-p	/* reconfigure IPsec tunnels */
237	aa752473	Renato Botelho	vpn_ipsec_force_reload($interface);
238	611b65a8	jim-p
239			/* start OpenVPN server & clients */
240	e173dd74	Phil Davis	if (substr($interface_real, 0, 4) != "ovpn") {
241	158f0e7d	jim-p	openvpn_resync_all($interface);
242	e173dd74	Phil Davis	}
243	611b65a8	jim-p
244	ef59836c	Ermal	/* reload graphing functions */
245			enable_rrd_graphing();
246	17649c87	Ermal
247	ef59836c	Ermal	/* reload igmpproxy */
248			services_igmpproxy_configure();
249	0363c100	Scott Ullrich
250	ef59836c	Ermal	/* restart snmp */
251			services_snmpd_configure();
252	ebbae443	jim-p
253	ef59836c	Ermal	restart_packages();
254	6d744cc8	Renato Botelho	} else {
255			/* signal filter reload */
256			filter_configure();
257	ef59836c	Ermal	}
258	77901966	Renato Botelho
259	2c6b0d67	Ermal	?>

Project

General

Profile

pfSense