Project

General

Profile

« Previous | Next » 

Revision b932ef16

Added by Scott Ullrich over 19 years ago

Cleanup CARP init routines

View differences:

etc/inc/interfaces.inc
342 342 

  		




  343
  343
  
    
function interfaces_carp_configure() {


  		




  344
  344
  
    
	global $g, $config, $debugging;


  		




  
  345
  
    
	if(isset($config['system']['developerspew'])) {


  		




  
  346
  
    
		$mt = microtime();


  		




  
  347
  
    
		echo "interfaces_carp_configure() being called $mt\n";


  		




  
  348
  
    
	}


  		




  345
  349
  
    
	$carp_instances_counter = 0;


  		




  346
  350
  
    
	$total_carp_interfaces_defined = find_number_of_created_carp_interfaces();


  		




  347
  351
  
    
	/* destroy previous interfaces */


  		




  348
  352
  
    
	for($x=0; $x<$total_carp_interfaces_defined; $x++) 


  		




  349
  353
  
    
		mwexec("/sbin/ifconfig carp{$x} delete");	


  		




  350
  
  
    
	if(isset($config['system']['developerspew'])) {


  		




  351
  
  
    
		$mt = microtime();


  		




  352
  
  
    
		echo "interfaces_carp_configure() being called $mt\n";


  		




  353
  
  
    
	}


  		




  354
  
  
    
	/* if neither items are arrays then redirect pfsync to loopback */


  		




  355
  
  
    
	if (!is_array($config['virtualip']['vip'])) {


  		




  356
  
  
    
		mwexec("/sbin/ifconfig pfsync0 syncdev lo0 up");


  		




  357
  
  
    
		mwexec("/sbin/sysctl net.inet.carp.allow=0");


  		




  358
  
  
    
		if($g['booting']) {


  		




  359
  
  
    
			unmute_kernel_msgs();


  		




  360
  
  
    
		}


  		




  361
  
  
    
		return;


  		




  362
  
  
    
	}


  		




  363
  
  
    
	if ($g['booting'] and !$debugging) {


  		




  
  354
  
    
	if ($g['booting']) {


  		




  364
  355
  
    
		echo "Configuring CARP interfaces...";


  		




  365
  356
  
    
		mute_kernel_msgs();


  		




  366
  357
  
    
	}


  		




  367
  
  
    
	/* enable carp preemption */


  		




  368
  
  
    
	mwexec("/sbin/sysctl net.inet.carp.preempt=1");


  		




  369
  
  
    
	foreach($config['installedpackages']['carpsettings']['config'] as $carp) {


  		




  370
  
  
    
		if($carp['pfsyncenabled'] != "") {


  		




  371
  
  
    
			mwexec("/sbin/sysctl net.inet.carp.allow=1");


  		




  372
  
  
    
			if($carp['balancing'] != "") {


  		




  373
  
  
    
				mwexec("/sbin/sysctl net.inet.carp.arpbalance=1");


  		




  374
  
  
    
				mwexec("/sbin/sysctl net.inet.carp.preempt=0");


  		




  375
  
  
    
			}


  		




  376
  
  
    
			if($debugging) 


  		




  377
  
  
    
				echo "Get friendly interface name {$carp['pfsyncinterface']}.\n";


  		




  378
  
  
    
			$carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);


  		




  379
  
  
    
			if($debugging) 


  		




  380
  
  
    
				echo "Friendly name {$carp_sync_int}.\n";


  		




  381
  
  
    
			$carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);


  		




  382
  
  
    
			if($g['booting']) {


  		




  383
  
  
    
				/*    install rules to alllow pfsync to sync up during boot


  		




  384
  
  
    
				 *    carp interfaces will remain down until the bootup sequence finishes


  		




  385
  
  
    
				 */


  		




  386
  
  
    
				if($debugging) 


  		




  387
  
  
    
					echo "Adding firewall rules..\n";


  		




  388
  
  
    
				exec("echo pass quick proto carp all keep state > /tmp/rules.boot");


  		




  389
  
  
    
				exec("echo pass quick proto pfsync all >> /tmp/rules.boot");


  		




  390
  
  
    
				exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot");


  		




  391
  
  
    
				exec("/sbin/pfctl -f /tmp/rules.boot");


  		




  392
  
  
    
				if($debugging) {


  		




  393
  
  
    
					echo "Showing loaded rule set:\n";


  		




  394
  
  
    
					system("/sbin/pfctl -vvsr");


  		




  395
  
  
    
				}


  		




  396
  
  
    
			}			


  		




  397
  
  
    
			/* do not setup pfsync twice */


  		




  398
  
  
    
			if($total_carp_interfaces_defined == 0) {


  		




  399
  
  
    
				//if($debugging)


  		




  400
  
  
    
				//	echo "Bringing up pfsync0.\n";


  		




  401
  
  
    
				//mwexec("/sbin/ifconfig pfsync0 create");


  		




  402
  
  
    
				if($debugging)


  		




  403
  
  
    
					echo "Assigning syncdev to {$carp_sync_int}.\n";						


  		




  404
  
  
    
				mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up");


  		




  405
  
  
    
			}


  		




  
  358
  
    
	/* suck in configuration items */


  		




  
  359
  
    
	if($config['installedpackages']['carpsettings']['config']) {


  		




  
  360
  
    
		foreach($config['installedpackages']['carpsettings']['config'] as $carp) {


  		




  
  361
  
    
			$pfsyncenabled = $carp['pfsyncenabled'];


  		




  
  362
  
    
			$balanacing = $carp['balancing'];


  		




  
  363
  
    
			$pfsyncinterface = $carp['pfsyncinterface'];


  		




  406
  364
  
    
		}


  		




  
  365
  
    
	} else {


  		




  
  366
  
    
		unset($pfsyncinterface);


  		




  
  367
  
    
		unset($balanacing);


  		




  
  368
  
    
		unset($pfsyncenabled);


  		




  407
  369
  
    
	}


  		




  408
  
  
    
	$viparr = &$config['virtualip']['vip'];


  		




  
  370
  
    
	if($balanacing) {


  		




  
  371
  
    
		mwexec("/sbin/sysctl net.inet.carp.arpbalance=1");


  		




  
  372
  
    
		mwexec("/sbin/sysctl net.inet.carp.preempt=0");


  		




  
  373
  
    
	} else {


  		




  
  374
  
    
		mwexec("/sbin/sysctl net.inet.carp.preempt=1");


  		




  
  375
  
    
	}


  		




  
  376
  
    
	$carp_sync_int = convert_friendly_interface_to_real_interface_name($pfsyncinterface);


  		




  
  377
  
    
	if($g['booting']) {


  		




  
  378
  
    
		/*    install rules to alllow pfsync to sync up during boot


  		




  
  379
  
    
		 *    carp interfaces will remain down until the bootup sequence finishes


  		




  
  380
  
    
		 */


  		




  
  381
  
    
		exec("echo pass quick proto carp all keep state > /tmp/rules.boot");


  		




  
  382
  
    
		exec("echo pass quick proto pfsync all >> /tmp/rules.boot");


  		




  
  383
  
    
		exec("echo pass out proto { tcp, udp } from any to any port 53 keep state >> /tmp/rules.boot");


  		




  
  384
  
    
		exec("/sbin/pfctl -f /tmp/rules.boot");


  		




  
  385
  
    
	}			


  		




  
  386
  
    
	/* setup pfsync interface */


  		




  
  387
  
    
	if($carp_sync_int) 	


  		




  
  388
  
    
		mwexec("/sbin/ifconfig pfsync0 syncdev {$carp_sync_int} up");


  		




  
  389
  
    
	else 


  		




  
  390
  
    
		mwexec("/sbin/ifconfig pfsync0 syncdev lo0 up");


  		




  409
  391
  
    
	$fd = fopen("/tmp/carp.sh", "w");


  		




  
  392
  
    
	if($config['virtualip']['vip']) { 


  		




  
  393
  
    
		$viparr = &$config['virtualip']['vip'];


  		




  
  394
  
    
		mwexec("/sbin/sysctl net.inet.carp.allow=1");


  		




  
  395
  
    
	} else {


  		




  
  396
  
    
		$viparr = array();


  		




  
  397
  
    
		mwexec("/sbin/sysctl net.inet.carp.allow=0");


  		




  
  398
  
    
	}


  		




  410
  399
  
    
	foreach ($viparr as $vip) {


  		




  411
  400
  
    
		if ($vip['mode'] == "carp") {


  		




  412
  
  
    
			/*


  		




  413
  
  
    
			 *   create the carp interface


  		




  414
  
  
    
			 */


  		




  415
  
  
    
			if($debugging)


  		




  416
  
  
    
				echo "Creating carp{$carp_instances_counter}.\n";


  		




  
  401
  
    
			/* create the carp interface and setup */


  		




  417
  402
  
    
			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " create");


  		




  418
  403
  
    
			$broadcast_address = gen_subnet_max($vip['subnet'], $vip['subnet_bits']);


  		




  419
  404
  
    
			if($vip['password'] != "") 


  		




  ......




  422
  407
  
    
				echo "Configuring carp{$carp_instances_counter}.\n";


  		




  423
  408
  
    
			fwrite($fd, "/sbin/ifconfig carp" . $carp_instances_counter . " " . $vip['subnet'] . "/" . $vip['subnet_bits'] . " broadcast " . $broadcast_address . " vhid " . $vip['vhid'] . "{$carpdev} advskew 200 " . $password . "\n");


  		




  424
  409
  
    
			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " " . $vip['subnet'] . "/" . $vip['subnet_bits'] . " broadcast " . $broadcast_address . " vhid " . $vip['vhid'] . "{$carpdev} advskew 200 " . $password);


  		




  425
  
  
    
			usleep(10);


  		




  426
  410
  
    
			mwexec("/sbin/ifconfig carp" . $carp_instances_counter . " up");


  		




  427
  411
  
    
			fwrite($fd, "/sbin/ifconfig carp" . $carp_instances_counter . " up\n");


  		




  
  412
  
    
			usleep(10);


  		




  428
  413
  
    
			$carp_instances_counter++;


  		




  429
  414
  
    
		}


  		




  430
  415
  
    
	}


  		




  431
  
  
    
	mwexec("/bin/sh /tmp/carp.sh");


  		




  432
  416
  
    
	fclose($fd);


  		




  
  417
  
    
	mwexec("/bin/sh /tmp/carp.sh");


  		




  433
  418
  
    
	if ($g['booting']) {


  		




  434
  419
  
    
		unmute_kernel_msgs();


  		




  435
  420
  
    
		echo "done.\n";


  		












Also available in:  Unified diff