gateways: several changes

* Plug gateway fixup "feature" into filter_configure_sync(), the only point where it should matter as everything else is GUI trigger-happy disruption. * Discourage the use of the "feature" by moving it into the firewall advanced settings, adding a deprecated note. * Use the new system_default_route() call to avoid code drift.
2026-03-17 01:54:49 +00:00 · 2017-05-31 09:33:21 +02:00 · 2017-05-31 09:33:21 +02:00 · 9b957e31d6
commit 9b957e31d6
parent 67c9c5d62b
4 changed files with 30 additions and 31 deletions
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@ -394,6 +394,13 @@ function filter_configure_sync($verbose = false)
        flush();
    }

+    /* XXX deprectated feature, only called on reconfigure */
+    if (isset($config['system']['gw_switch_default'])) {
+        $gateways_status = return_gateways_status(true);
+        $gateways_arr = return_gateways_array();
+        fixup_default_gateway($gateways_status, $gateways_arr);
+    }
+
    /* generate aliases */
    update_filter_reload_status(gettext("Creating aliases"));
    $aliases = filter_generate_aliases($FilterIflist);
@ -424,7 +431,7 @@ function filter_configure_sync($verbose = false)

    /* enable pf if we need to, otherwise disable */
    update_filter_reload_status(gettext("Loading filter rules"));
-    if (!isset ($config['system']['disablefilter'])) {
+    if (!isset($config['system']['disablefilter'])) {
        mwexec("/sbin/pfctl -e", true);
    } else {
        mwexec("/sbin/pfctl -d", true);
--- a/src/etc/inc/gwlb.inc
+++ b/src/etc/inc/gwlb.inc
@ -768,22 +768,18 @@ function fixup_default_gateway($gateways_status, $gateways_arr)
        }

        $defaultif = get_real_interface($gateways_arr[$dfltgwname]['friendlyiface']);
+        $gwipmatch = $gwip;
        if (is_linklocal($gwip)) {
            /* correct match in IPv6 case */
-            $gwip .= "%{$defaultif}";
+            $gwipmatch .= "%{$defaultif}";
        }

        $tmpcmd = "/sbin/route -n get -{$ipprotocol} default 2>/dev/null | /usr/bin/awk '/gateway:/ {print $2}'";
        $defaultgw = trim(exec($tmpcmd), " \n");
-        if ($defaultgw != $gwip) {
+        if ($defaultgw != $gwipmatch) {
            log_error("Switching default gateway to $dfltgwname ($gwip)");
-
-            mwexecf('/sbin/route delete -%s default', array($ipprotocol), true);
-            if ($gateways_arr[$dfltgwname]['fargw']) {
-                mwexecf('/sbin/route delete -%s %s -interface %s', array($ipprotocol, $gwip, $defaultif), true);
-                mwexecf('/sbin/route add -%s %s -interface %s', array($ipprotocol, $gwip, $defaultif));
-            }
-            mwexecf('/sbin/route add -%s default %s', array($ipprotocol, $gwip));
+            /* XXX fargw and IPv6 should be cleaned up to make it easier to read */
+            system_default_route($gwip, !isset($gateways_arr[$dfltgwname]['fargw']) && $ipprotocol == 'inet' ? null : $defaultif);
        }
    }
 }
@ -801,9 +797,6 @@ function return_gateway_groups_array()
    $gateways_arr = return_gateways_array();
    $gateway_groups_array = array();

-    if (isset($config['system']['gw_switch_default'])) {
-        fixup_default_gateway($gateways_status, $gateways_arr);
-    }
    if (isset($config['gateways']['gateway_group'])) {
        $carplist = get_configured_carp_interface_list();
        foreach ($config['gateways']['gateway_group'] as $group) {
--- a/src/www/system_advanced_firewall.php
+++ b/src/www/system_advanced_firewall.php
@ -57,6 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig['schedule_states'] = isset($config['system']['schedule_states']);
    $pconfig['kill_states'] = isset($config['system']['kill_states']);
    $pconfig['skip_rules_gw_down'] = isset($config['system']['skip_rules_gw_down']);
+    $pconfig['gw_switch_default'] = isset($config['system']['gw_switch_default']);
    $pconfig['lb_use_sticky'] = isset($config['system']['lb_use_sticky']);
    $pconfig['pf_share_forward'] = isset($config['system']['pf_share_forward']);
    $pconfig['srctrack'] = !empty($config['system']['srctrack']) ? $config['system']['srctrack'] : null;
@ -204,6 +205,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($config['system']['skip_rules_gw_down']);
        }

+        if (!empty($pconfig['gw_switch_default'])) {
+            $config['system']['gw_switch_default'] = true;
+        } elseif (isset($config['system']['gw_switch_default'])) {
+            unset($config['system']['gw_switch_default']);
+        }
+
        write_config();

        // Kill filterdns when value changes, filter_configure() will restart it
@ -355,6 +362,16 @@ include("head.inc");
                    </div>
                  </td>
                </tr>
+                <tr>
+                  <td><a id="help_for_gw_switch_default" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext('Gateway switching') ?></td>
+                  <td>
+                    <input name="gw_switch_default" type="checkbox" id="gw_switch_default" value="yes" <?= !empty($pconfig['gw_switch_default']) ? 'checked="checked"' : '' ?> />
+                    <strong><?=gettext("Allow default gateway switching"); ?></strong><br />
+                    <div class="hidden" for="help_for_gw_switch_default">
+                      <?= gettext('If the link where the default gateway resides fails switch the default gateway to another available one. This feature has been deprecated.') ?>
+                    </div>
+                  </td>
+                </tr>
                <tr>
                  <th colspan="2" valign="top" class="listtopic"><?= gettext('Multi-WAN') ?></th>
                </tr>
--- a/src/www/system_general.php
+++ b/src/www/system_general.php
@ -44,7 +44,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig['language'] = null;
    $pconfig['timezone'] = 'Etc/UTC';
    $pconfig['prefer_ipv4'] = isset($config['system']['prefer_ipv4']);
-    $pconfig['gw_switch_default'] = isset($config['system']['gw_switch_default']);
    $pconfig['hostname'] = $config['system']['hostname'];
    $pconfig['domain'] = $config['system']['domain'];

@ -136,12 +135,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
            unset($config['system']['prefer_ipv4']);
        }

-        if (!empty($pconfig['gw_switch_default'])) {
-            $config['system']['gw_switch_default'] = true;
-        } elseif (isset($config['system']['gw_switch_default'])) {
-            unset($config['system']['gw_switch_default']);
-        }
-
        $config['system']['dnsallowoverride'] = !empty($pconfig['dnsallowoverride']);

        if($pconfig['dnslocalhost'] == "yes") {
@ -346,17 +339,6 @@ include("head.inc");
                </div>
              </td>
            </tr>
-            <tr>
-              <td><a id="help_for_gw_switch_default" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Gateway switching");?> </td>
-              <td>
-                <input name="gw_switch_default" type="checkbox" id="gw_switch_default" value="yes" <?= !empty($pconfig['gw_switch_default']) ? "checked=\"checked\"" : "";?> />
-                <strong><?=gettext("Allow default gateway switching"); ?></strong><br />
-                <div class="hidden" for="help_for_gw_switch_default">
-                  <?=gettext("If the link where the default gateway resides fails " .
-                                      "switch the default gateway to another available one."); ?>
-                </div>
-              </td>
-            </tr>
            <tr>
              <td><a id="help_for_dnsservers" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS servers"); ?></td>
              <td>