Revision dd965531
Added by → luckman212 over 3 years ago
| src/etc/inc/gwlb.inc | ||
|---|---|---|
| 239 | 239 |
* Add static routes for each gateway with their monitor IP |
| 240 | 240 |
* not strictly necessary but is a added level of protection. |
| 241 | 241 |
*/ |
| 242 |
if (is_ipaddrv4($gateway['gateway']) && $gateway['monitor'] != $gateway['gateway']) {
|
|
| 243 |
log_error(sprintf(gettext('Removing static route for monitor %1$s and adding a new route through %2$s'), $gateway['monitor'], $gateway['gateway']));
|
|
| 244 |
if (interface_isppp_type($gateway['friendlyiface'])) {
|
|
| 245 |
route_add_or_change($gateway['monitor'], |
|
| 246 |
'', $gateway['interface']); |
|
| 247 |
system_staticroutes_configure($gateway['friendlyiface']); |
|
| 248 |
} else {
|
|
| 249 |
route_add_or_change($gateway['monitor'], |
|
| 250 |
$gateway['gateway']); |
|
| 251 |
} |
|
| 242 |
if (!isset($config['system']['dpinger_dont_add_static_routes']) && |
|
| 243 |
!isset($gateway['dpinger_dont_add_static_route'])) {
|
|
| 244 |
if (is_ipaddrv4($gateway['gateway']) && $gateway['monitor'] != $gateway['gateway']) {
|
|
| 245 |
log_error(sprintf(gettext('Removing static route for monitor %1$s and adding a new route through %2$s'), $gateway['monitor'], $gateway['gateway']));
|
|
| 246 |
if (interface_isppp_type($gateway['friendlyiface'])) {
|
|
| 247 |
route_add_or_change($gateway['monitor'], |
|
| 248 |
'', $gateway['interface']); |
|
| 249 |
system_staticroutes_configure($gateway['friendlyiface']); |
|
| 250 |
} else {
|
|
| 251 |
route_add_or_change($gateway['monitor'], |
|
| 252 |
$gateway['gateway']); |
|
| 253 |
} |
|
| 252 | 254 |
|
| 253 |
pfSense_kill_states("0.0.0.0/0", utf8_encode($gateway['monitor']), utf8_encode($gateway['interface']), "icmp");
|
|
| 255 |
pfSense_kill_states("0.0.0.0/0", utf8_encode($gateway['monitor']), utf8_encode($gateway['interface']), "icmp");
|
|
| 256 |
} |
|
| 254 | 257 |
} |
| 255 | 258 |
} else if ($gateway['ipprotocol'] == "inet6") { // This is an IPv6 gateway...
|
| 256 | 259 |
if (is_linklocal($gateway['gateway']) && |
| ... | ... | |
| 282 | 285 |
* Add static routes for each gateway with their monitor IP |
| 283 | 286 |
* not strictly necessary but is a added level of protection. |
| 284 | 287 |
*/ |
| 285 |
if ($gateway['gateway'] != $gateways_arr[$gwname]['monitor']) {
|
|
| 286 |
log_error(sprintf(gettext('Removing static route for monitor %1$s and adding a new route through %2$s'), $gateway['monitor'], $gateway['gateway']));
|
|
| 287 |
if (interface_isppp_type($gateway['friendlyiface'])) {
|
|
| 288 |
route_add_or_change($gateway['monitor'], |
|
| 289 |
'', $gateway['interface']); |
|
| 290 |
system_staticroutes_configure($gateway['friendlyiface']); |
|
| 291 |
} else {
|
|
| 292 |
route_add_or_change($gateway['monitor'], |
|
| 293 |
$gateway['gateway']); |
|
| 294 |
} |
|
| 295 | 288 |
|
| 296 |
pfSense_kill_states("::0.0.0.0/0", utf8_encode($gateway['monitor']), utf8_encode($gateway['interface']), "icmpv6");
|
|
| 289 |
if (!isset($config['system']['dpinger_dont_add_static_routes']) && |
|
| 290 |
!isset($gateway['dpinger_dont_add_static_route'])) {
|
|
| 291 |
if ($gateway['gateway'] != $gateways_arr[$gwname]['monitor']) {
|
|
| 292 |
log_error(sprintf(gettext('Removing static route for monitor %1$s and adding a new route through %2$s'), $gateway['monitor'], $gateway['gateway']));
|
|
| 293 |
if (interface_isppp_type($gateway['friendlyiface'])) {
|
|
| 294 |
route_add_or_change($gateway['monitor'], |
|
| 295 |
'', $gateway['interface']); |
|
| 296 |
system_staticroutes_configure($gateway['friendlyiface']); |
|
| 297 |
} else {
|
|
| 298 |
route_add_or_change($gateway['monitor'], |
|
| 299 |
$gateway['gateway']); |
|
| 300 |
} |
|
| 301 |
|
|
| 302 |
pfSense_kill_states("::0.0.0.0/0", utf8_encode($gateway['monitor']), utf8_encode($gateway['interface']), "icmpv6");
|
|
| 303 |
} |
|
| 297 | 304 |
} |
| 298 | 305 |
} else {
|
| 299 | 306 |
continue; |
| ... | ... | |
| 2078 | 2085 |
if ($gateway_settings['nonlocalgateway'] == "yes") {
|
| 2079 | 2086 |
$gateway['nonlocalgateway'] = true; |
| 2080 | 2087 |
} |
| 2088 |
if ($gateway_settings['dpinger_dont_add_static_route'] == "yes") {
|
|
| 2089 |
$gateway['dpinger_dont_add_static_route'] = true; |
|
| 2090 |
} |
|
| 2081 | 2091 |
if ($gateway_settings['force_down'] == "yes") {
|
| 2082 | 2092 |
$gateway['force_down'] = true; |
| 2083 | 2093 |
} |
| src/usr/local/pfSense/include/www/system_advanced_misc.inc | ||
|---|---|---|
| 56 | 56 |
$pconfig['schedule_states'] = isset($config['system']['schedule_states']); |
| 57 | 57 |
$pconfig['gw_down_kill_states'] = isset($config['system']['gw_down_kill_states']); |
| 58 | 58 |
$pconfig['skip_rules_gw_down'] = isset($config['system']['skip_rules_gw_down']); |
| 59 |
$pconfig['dpinger_dont_add_static_routes'] = isset($config['system']['dpinger_dont_add_static_routes']); |
|
| 59 | 60 |
$pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']); |
| 60 | 61 |
$pconfig['use_mfs_tmp_size'] = $config['system']['use_mfs_tmp_size']; |
| 61 | 62 |
$pconfig['use_mfs_var_size'] = $config['system']['use_mfs_var_size']; |
| src/usr/local/www/system_advanced_misc.php | ||
|---|---|---|
| 304 | 304 |
'down, the rule is created omitting the gateway. This option overrides that '. |
| 305 | 305 |
'behavior by omitting the entire rule instead.'); |
| 306 | 306 |
|
| 307 |
$section->addInput(new Form_Checkbox( |
|
| 308 |
'dpinger_dont_add_static_routes', |
|
| 309 |
'Static routes', |
|
| 310 |
'Do not add static routes for gateway monitor IP addresses', |
|
| 311 |
$pconfig['dpinger_dont_add_static_routes'] |
|
| 312 |
))->setHelp('By default the firewall adds static routes for gateway monitor IP addresses '.
|
|
| 313 |
'to ensure traffic to the monitor IP address leaves via the correct interface. '. |
|
| 314 |
'Enabling this checkbox overrides that behavior.'); |
|
| 315 |
|
|
| 307 | 316 |
$form->add($section); |
| 308 | 317 |
$section = new Form_Section('RAM Disk Settings (Reboot to Apply Changes)');
|
| 309 | 318 |
|
| src/usr/local/www/system_gateways_edit.php | ||
|---|---|---|
| 72 | 72 |
$pconfig['losslow'] = $a_gateways[$id]['losslow']; |
| 73 | 73 |
$pconfig['losshigh'] = $a_gateways[$id]['losshigh']; |
| 74 | 74 |
$pconfig['monitor'] = $a_gateways[$id]['monitor']; |
| 75 |
$pconfig['dpinger_dont_add_static_route'] = isset($a_gateways[$id]['dpinger_dont_add_static_route']); |
|
| 75 | 76 |
$pconfig['monitor_disable'] = isset($a_gateways[$id]['monitor_disable']); |
| 76 | 77 |
$pconfig['action_disable'] = isset($a_gateways[$id]['action_disable']); |
| 77 | 78 |
$pconfig['data_payload'] = $a_gateways[$id]['data_payload']; |
| ... | ... | |
| 223 | 224 |
'requests (pings).'); |
| 224 | 225 |
$section->add($group); |
| 225 | 226 |
|
| 227 |
$section->addInput(new Form_Checkbox( |
|
| 228 |
'dpinger_dont_add_static_route', |
|
| 229 |
'Static route', |
|
| 230 |
'Do not add static route for gateway monitor IP address via the chosen interface', |
|
| 231 |
$pconfig['dpinger_dont_add_static_route'] |
|
| 232 |
))->setHelp('By default the firewall adds static routes for gateway monitor IP addresses '.
|
|
| 233 |
'to ensure traffic to the monitor IP address leaves via the correct interface. '. |
|
| 234 |
'Enabling this checkbox overrides that behavior.'); |
|
| 235 |
|
|
| 236 |
$form->add($section); |
|
| 237 |
|
|
| 226 | 238 |
$section->addInput(new Form_Checkbox( |
| 227 | 239 |
'force_down', |
| 228 | 240 |
'Force state', |
Also available in: Unified diff
adds option to not auto-create static routes for dpinger (squashed)