interfaces: newwanip, clear states when address changes. for https://github.com/opnsense/core/pull/4726

2026-03-14 16:44:39 +00:00 · 2021-03-02 15:55:46 +01:00 · 2021-03-02 15:55:46 +01:00 · aa0d4fdf20
commit aa0d4fdf20
parent 8193c60424
2 changed files with 4 additions and 35 deletions
--- a/src/etc/rc.newwanip
+++ b/src/etc/rc.newwanip
@ -152,6 +152,10 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) {
    system_routing_configure(false, $interface);
    plugins_configure('monitor');
    filter_configure_sync(false, isset($config['system']['ip_change_kill_states']));
+    if (is_ipaddr($cacheip) && $ip != $cacheip && !isset($config['system']['ip_change_kill_states'])) {
+        log_error("IP address change detected, killing states of old ip $cacheip");
+        mwexec('/sbin/pfctl -k ' . $cacheip);
+    }

    if (is_ipaddr($ip)) {
        @file_put_contents($cacheip_file, $ip);
--- a/src/opnsense/scripts/interfaces/dhclient-script
+++ b/src/opnsense/scripts/interfaces/dhclient-script
@ -53,35 +53,6 @@ arp_flush() {
 		sh >/dev/null 2>&1
 }

-delete_old_states() {
-	$LOGGER "Starting delete_old_states()"
-	_FLUSHED=0
-	# If the IP changed, remove states from the old one
-	if [ -f /var/db/${interface}_ip ]; then
-		OLD_IP=`cat /var/db/${interface}_ip`
-		$LOGGER "Comparing IPs: Old: ${OLD_IP} New: ${new_ip_address}"
-		if [ -n "${OLD_IP}" ] && [ "${OLD_IP}" != "${new_ip_address}" ]; then
-			$LOGGER "Removing states from old IP '${OLD_IP}' (new IP '${new_ip_address}')"
-			pfctl -i $interface -Fs
-			pfctl -K ${OLD_IP}/32
-			_FLUSHED=1
-		fi
-	fi
-	# Delete states through old gateway if it's not the same
-	OLD_ROUTER=""
-	if [ -n "${old_routers}" ]; then
-		OLD_ROUTER=$old_routers
-	elif [ -f /tmp/${interface}_router ]; then
-		OLD_ROUTER=`cat /tmp/${interface}_router`
-	fi
-	if [ ${_FLUSHED} -eq 0 -a -n "${OLD_ROUTER}" ]; then
-		$LOGGER "Comparing Routers: Old: ${OLD_ROUTER} New: ${new_routers}"
-		if [ "${OLD_ROUTER}" != "${new_routers}" ]; then
-			$LOGGER "Removing states through old gateway '${OLD_ROUTER}' (new gateway '${new_routers}')"
-			pfctl -i $interface -Fs
-		fi
-	fi
-}

 delete_old_address() {
 	rm -f /var/db/${interface}_ip
@ -335,7 +306,6 @@ MEDIUM)
 PREINIT)
 	delete_old_alias
 	$IFCONFIG $interface inet alias 0.0.0.0 netmask 255.0.0.0 broadcast 255.255.255.255 up
-	delete_old_states
 	rm -f /tmp/${interface}_router
 	;;

@ -345,9 +315,6 @@ ARPCHECK|ARPSEND)
 BOUND|RENEW|REBIND|REBOOT)
 	check_hostname
 	changes="no"
-	if [ "$old_ip_address" != "$new_ip_address" ]; then
-		delete_old_states
-	fi
 	if [ -n "$old_ip_address" ]; then
 		if [ -n "$alias_ip_address" -a "$old_ip_address" != "$alias_ip_address" ]; then
 			delete_old_alias
@ -381,7 +348,6 @@ BOUND|RENEW|REBIND|REBOOT)

 EXPIRE|FAIL)
 	delete_old_alias
-	delete_old_states
 	if [ -n "$old_ip_address" ]; then
 		delete_old_address
 		delete_old_routes
@ -429,7 +395,6 @@ TIMEOUT)
 		fi
 	fi
 	eval "$IFCONFIG $interface inet -alias $new_ip_address $medium"
-	delete_old_states
 	delete_old_routes
 	exit_with_hooks 1
 	;;