Project

General

Profile

Download (6.24 KB) Statistics
| Branch: | Tag: | Revision:
1
#!/usr/local/bin/php -f
2
<?php
3
/*
4
	rc.newwanip
5
	Copyright (C) 2006 Scott Ullrich (sullrich@gmail.com)
6
	part of pfSense (http://www.pfsense.com)
7

    
8
	Originally part of m0n0wall (http://m0n0.ch)
9
	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
10
	All rights reserved.
11

    
12
	Redistribution and use in source and binary forms, with or without
13
	modification, are permitted provided that the following conditions are met:
14

    
15
	1. Redistributions of source code must retain the above copyright notice,
16
	this list of conditions and the following disclaimer.
17

    
18
	2. Redistributions in binary form must reproduce the above copyright
19
	notice, this list of conditions and the following disclaimer in the
20
	documentation and/or other materials provided with the distribution.
21

    
22
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31
	POSSIBILITY OF SUCH DAMAGE.
32
*/
33

    
34
/* parse the configuration and include all functions used below */
35
require_once("globals.inc");
36
require_once("config.inc");
37
require_once("functions.inc");
38
require_once("filter.inc");
39
require_once("shaper.inc");
40
require_once("ipsec.inc");
41
require_once("vpn.inc");
42
require_once("openvpn.inc");
43
require_once("rrd.inc");
44

    
45
// Do not process while booting
46
if($g['booting'])
47
	exit;
48

    
49
function restart_packages() {
50
	global $oldip, $curwanip, $g;
51

    
52
	/* restart packages */
53
	system_ntp_configure(false);
54
	mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true);
55
	log_error("{$g['product_name']} package system has detected an ip change $oldip ->  $curwanip ... Restarting packages.");
56
	send_event("service reload packages");
57
}
58

    
59
/* Interface IP address has changed */
60
$argument = str_replace("\n", "", $argv[1]);
61

    
62
log_error("rc.newwanip: Informational is starting {$argument}.");
63

    
64
if(empty($argument)) {
65
	$interface = "wan";
66
	$interface_real = get_real_interface();
67
} else {
68
	$interface = convert_real_interface_to_friendly_interface_name($argument);
69
	$interface_real = $argument;
70
}
71

    
72
if(empty($argument))
73
	$curwanip = get_interface_ip();
74
else {
75
	$curwanip = find_interface_ip($interface_real, true);
76
	if($curwanip == "")
77
		$curwanip = get_interface_ip($interface);
78
}
79

    
80
log_error("rc.newwanip: on (IP address: {$curwanip}) (interface: {$interface}) (real interface: {$interface_real}).");
81

    
82
if($curwanip == "0.0.0.0" || !is_ipaddr($curwanip)) {
83
	log_error("rc.newwanip: Failed to update {$interface} IP, restarting...");
84
	send_event("interface reconfigure {$interface}");
85
	exit;
86
}
87

    
88
if (empty($interface)) {
89
	filter_configure();
90
	restart_packages();
91
	exit;
92
}
93

    
94
$oldip = "0.0.0.0";
95
if (file_exists("{$g['vardb_path']}/{$interface}_cacheip"))
96
	$oldip = file_get_contents("{$g['vardb_path']}/{$interface}_cacheip");
97

    
98
/* regenerate resolv.conf if DNS overrides are allowed */
99
system_resolvconf_generate(true);
100

    
101
/* write current WAN IP to file */
102
file_put_contents("{$g['vardb_path']}/{$interface}_ip", $curwanip);
103

    
104
link_interface_to_vips($interface, "update");
105

    
106
unset($gre);
107
$gre = link_interface_to_gre($interface);
108
if (!empty($gre))
109
	array_walk($gre, 'interface_gre_configure');
110
unset($gif);
111
$gif = link_interface_to_gif($interface);
112
if (!empty($gif))
113
	array_walk($gif, 'interface_gif_configure');
114

    
115
$grouptmp = link_interface_to_group($interface);
116
if (!empty($grouptmp))
117
	array_walk($grouptmp, 'interface_group_add_member');
118

    
119
unset($bridgetmp);
120
$bridgetmp = link_interface_to_bridge($interface);
121
if (!empty($bridgetmp))
122
	interface_bridge_add_member($bridgetmp, $interface_real);
123

    
124
/* make new hosts file */
125
system_hosts_generate();
126

    
127
/* check tunneled IPv6 interface tracking */
128
switch($config['interfaces'][$interface]['ipaddrv6']) {
129
	case "6to4":
130
		interface_6to4_configure($interface, $config['interfaces'][$interface]);
131
		break;
132
	case "6rd":
133
		interface_6rd_configure($interface, $config['interfaces'][$interface]);
134
		break;
135
	case "dhcp6":
136
		if (isset($config['interfaces'][$interface]['dhcp6usev4iface']))
137
			interface_dhcpv6_configure($interface, $config['interfaces'][$interface]);
138
		break;
139
}
140

    
141
/* Check Gif tunnels */
142
if(is_array($config['gifs']['gif'])){
143
	foreach($config['gifs']['gif'] as $gif) {
144
		if($gif['if'] == $interface) {
145
			foreach($config['interfaces'] as $ifname => $ifparent) {
146
				// echo "interface $ifparent, ifname $ifname, gif {$gif['gifif']}\n";
147
				if(($ifparent['if'] == $gif['gifif']) && (isset($ifparent['enable']))) {
148
					// echo "Running routing configure for $ifname\n";
149
					$gif['gifif'] = interface_gif_configure($gif);
150
					$confif = convert_real_interface_to_friendly_interface_name($gif['gifif']);
151
					if ($confif <> "")
152
						interface_configure($confif);
153
					system_routing_configure($ifname);
154
				}
155
			}
156
		}
157
	}
158
}
159

    
160
/*
161
 * We need to force sync VPNs on such even when the IP is the same for dynamic interfaces.
162
 * Even with the same IP the VPN software is unhappy with the IP disappearing, and we
163
 * could be failing back in which case we need to switch IPs back anyhow.
164
 */
165
if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interfaces'][$interface]['ipaddr'])) {
166
	/* reconfigure static routes (kernel may have deleted them) */
167
	system_routing_configure($interface);
168

    
169
	/* reconfigure our gateway monitor */
170
	setup_gateways_monitor();
171

    
172
	file_put_contents("{$g['vardb_path']}/{$interface}_cacheip", $curwanip);
173

    
174
	/* perform RFC 2136 DNS update */
175
	services_dnsupdate_process($interface);
176

    
177
	/* signal dyndns update */
178
	services_dyndns_configure($interface);
179

    
180
	/* reconfigure IPsec tunnels */
181
	vpn_ipsec_force_reload($interface);
182

    
183
	/* start OpenVPN server & clients */
184
	if (substr($interface_real, 0, 4) != "ovpn")
185
		openvpn_resync_all($interface);
186

    
187
	/* reload graphing functions */
188
	enable_rrd_graphing();
189

    
190
	/* reload igmpproxy */
191
	services_igmpproxy_configure();
192

    
193
	/* restart snmp */
194
	services_snmpd_configure();
195

    
196
	restart_packages();
197
}
198

    
199
/* signal filter reload */
200
filter_configure();
201

    
202
?>
(80-80/111)