From 9cf2b221d8be339b609258b970e89542a2b37f7c Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Wed, 2 Feb 2022 10:12:24 +0100
Subject: [PATCH] system: detect far gateway situation for #5493

The far gateway flag has some benefits for configuration runs
and validation purposes on the GUI but in the end after lots
of reworks we are able to reliably get a network from the interface
to put the default route on so that we can detect if we are in
need of a far gateway or not.  This is required for automatic
gateways on DHCP that hand out these situations while the
gateway code should not be in charge of flipping on the fargw
bit as it does pertain to runtime interface configuration.

Leave the fargw configuration flag in place for now to let people
test this, maybe backport it earlier and look at fargw more
closely in the remaining use case(s).
---
 src/etc/inc/filter.inc | 7 +------
 src/etc/inc/system.inc | 9 ++++++---
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index acb589551..2bdad225c 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -325,12 +325,7 @@ function filter_configure_sync($verbose = false, $load_aliases = true)
             }
             $default_gw = $fw->getGateways()->getDefaultGW($down_gateways, $ipprotocol);
             if ($default_gw !== null) {
-                system_default_route(
-                    $default_gw['gateway'],
-                    $ipprotocol,
-                    $default_gw['if'],
-                    isset($default_gw['fargw'])
-                );
+                system_default_route($default_gw['gateway'], $ipprotocol, $default_gw['if']);
             }
         }
     }
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index 215e4dfb9..43e15cbb7 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -449,7 +449,7 @@ function system_host_route($host, $gateway, $delete = true, $add = true)
     }
 }
 
-function system_default_route($gateway, $family, $interface, $far = false)
+function system_default_route($gateway, $family, $interface)
 {
     $realif = get_real_interface($interface, $family == 'inet' ? 'all' : 'inet6');
 
@@ -482,8 +482,11 @@ function system_default_route($gateway, $family, $interface, $far = false)
         log_error("ROUTING: creating /tmp/{$realif}_defaultgw using '{$gateway}'");
         @file_put_contents("/tmp/{$realif}_defaultgw", $gateway);
 
-        if (!$far) {
+        list ($unused, $network) = interfaces_primary_address($interface);
+        if (ip_in_subnet($gateway, $network)) {
             $realif = null;
+        } else {
+            log_error("ROUTING: treating gateway '{$gateway}' as far gateway");
         }
     } else {
         foreach (glob('/tmp/*_defaultgwv6') as $to_delete) {
@@ -529,7 +532,7 @@ function system_routing_configure($verbose = false, $interface = '')
             log_error("ROUTING: {$logproto} default gateway set to {$gateway['interface']}");
             if ((empty($interface) || $interface == $gateway['interface']) && !empty($gateway['gateway'])) {
                 log_error("ROUTING: setting {$logproto} default route to {$gateway['gateway']}");
-                system_default_route($gateway['gateway'], $ipproto, $gateway['interface'], isset($gateway['fargw']));
+                system_default_route($gateway['gateway'], $ipproto, $gateway['interface']);
             } else {
                 log_error("ROUTING: skipping {$logproto} default route");
             }