From aa0d4fdf20259c224a57f4e72dbeba7c63eae3c1 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Tue, 2 Mar 2021 15:55:46 +0100 Subject: [PATCH] interfaces: newwanip, clear states when address changes. for https://github.com/opnsense/core/pull/4726 --- src/etc/rc.newwanip | 4 +++ .../scripts/interfaces/dhclient-script | 35 ------------------- 2 files changed, 4 insertions(+), 35 deletions(-) diff --git a/src/etc/rc.newwanip b/src/etc/rc.newwanip index 16757a15b..424006193 100755 --- a/src/etc/rc.newwanip +++ b/src/etc/rc.newwanip @@ -152,6 +152,10 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) { system_routing_configure(false, $interface); plugins_configure('monitor'); filter_configure_sync(false, isset($config['system']['ip_change_kill_states'])); + if (is_ipaddr($cacheip) && $ip != $cacheip && !isset($config['system']['ip_change_kill_states'])) { + log_error("IP address change detected, killing states of old ip $cacheip"); + mwexec('/sbin/pfctl -k ' . $cacheip); + } if (is_ipaddr($ip)) { @file_put_contents($cacheip_file, $ip); diff --git a/src/opnsense/scripts/interfaces/dhclient-script b/src/opnsense/scripts/interfaces/dhclient-script index c9c772db9..e5eb0c67c 100755 --- a/src/opnsense/scripts/interfaces/dhclient-script +++ b/src/opnsense/scripts/interfaces/dhclient-script @@ -53,35 +53,6 @@ arp_flush() { sh >/dev/null 2>&1 } -delete_old_states() { - $LOGGER "Starting delete_old_states()" - _FLUSHED=0 - # If the IP changed, remove states from the old one - if [ -f /var/db/${interface}_ip ]; then - OLD_IP=`cat /var/db/${interface}_ip` - $LOGGER "Comparing IPs: Old: ${OLD_IP} New: ${new_ip_address}" - if [ -n "${OLD_IP}" ] && [ "${OLD_IP}" != "${new_ip_address}" ]; then - $LOGGER "Removing states from old IP '${OLD_IP}' (new IP '${new_ip_address}')" - pfctl -i $interface -Fs - pfctl -K ${OLD_IP}/32 - _FLUSHED=1 - fi - fi - # Delete states through old gateway if it's not the same - OLD_ROUTER="" - if [ -n "${old_routers}" ]; then - OLD_ROUTER=$old_routers - elif [ -f /tmp/${interface}_router ]; then - OLD_ROUTER=`cat /tmp/${interface}_router` - fi - if [ ${_FLUSHED} -eq 0 -a -n "${OLD_ROUTER}" ]; then - $LOGGER "Comparing Routers: Old: ${OLD_ROUTER} New: ${new_routers}" - if [ "${OLD_ROUTER}" != "${new_routers}" ]; then - $LOGGER "Removing states through old gateway '${OLD_ROUTER}' (new gateway '${new_routers}')" - pfctl -i $interface -Fs - fi - fi -} delete_old_address() { rm -f /var/db/${interface}_ip @@ -335,7 +306,6 @@ MEDIUM) PREINIT) delete_old_alias $IFCONFIG $interface inet alias 0.0.0.0 netmask 255.0.0.0 broadcast 255.255.255.255 up - delete_old_states rm -f /tmp/${interface}_router ;; @@ -345,9 +315,6 @@ ARPCHECK|ARPSEND) BOUND|RENEW|REBIND|REBOOT) check_hostname changes="no" - if [ "$old_ip_address" != "$new_ip_address" ]; then - delete_old_states - fi if [ -n "$old_ip_address" ]; then if [ -n "$alias_ip_address" -a "$old_ip_address" != "$alias_ip_address" ]; then delete_old_alias @@ -381,7 +348,6 @@ BOUND|RENEW|REBIND|REBOOT) EXPIRE|FAIL) delete_old_alias - delete_old_states if [ -n "$old_ip_address" ]; then delete_old_address delete_old_routes @@ -429,7 +395,6 @@ TIMEOUT) fi fi eval "$IFCONFIG $interface inet -alias $new_ip_address $medium" - delete_old_states delete_old_routes exit_with_hooks 1 ;;