system: introduce system_switch_route() #6366

Shield the logic from seeping over into firewall code and moves system_default_route() into system code. Small overhead here calling up information again but we want to verify the interface address beforehand and perhaps finally move the default gateway switching to the right spot that is perhaps system_routing_configure()?
2026-03-13 16:14:40 +00:00 · 2023-03-03 09:12:52 +01:00 · 2023-03-03 09:12:52 +01:00 · b53995761a
commit b53995761a
parent 29c30165ac
2 changed files with 27 additions and 13 deletions
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@ -253,19 +253,12 @@ function filter_configure_sync($verbose = false, $load_aliases = true, $switch_g
    }

    if ($switch_gw && isset($config['system']['gw_switch_default'])) {
-        // When gateway switching is enabled, we might consider a different default gateway.
-        // although this isn't really the right spot for the feature (it's a monitoring/routing decision),
-        // we keep it here for now (historical reasons).
-        $down_gateways = return_down_gateways();
-        foreach (array("inet", "inet6") as $ipprotocol) {
-            if (!empty($down_gateways)) {
-                log_msg(sprintf("Ignore down %s gateways : %s", $ipprotocol, implode(",", $down_gateways)), LOG_DEBUG);
-            }
-            $default_gw = $fw->getGateways()->getDefaultGW($down_gateways, $ipprotocol);
-            if ($default_gw !== null && !empty($default_gw['gateway'])) {
-                system_default_route($default_gw['gateway'], $default_gw['if'], isset($default_gw['fargw']));
-            }
-        }
+        /*
+         * XXX When gateway switching is enabled we consider different default
+         * gateways.  Although this isn't the right spot for the feature (it's
+         * a monitoring/routing decision), we keep it here for historical reasons.
+         */
+        system_switch_route();
    }

    openlog("firewall", LOG_DAEMON, LOG_LOCAL4);
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@ -586,6 +586,27 @@ function system_default_route($gateway, $interface, $far = false)
    mwexecf('/sbin/route add -%s default %s', [$family, $gateway]);
 }

+function system_switch_route()
+{
+    $ifdetails = legacy_interfaces_details();
+    $gateways = new \OPNsense\Routing\Gateways($ifdetails);
+    $down_gateways = return_down_gateways();
+
+    if (!empty($down_gateways)) {
+        log_msg(sprintf('ROUTING: ignoring down gateways: %s', $ipprotocol, implode(', ', $down_gateways)), LOG_DEBUG);
+    }
+
+    foreach (['inet', 'inet6'] as $ipprotocol) {
+        /* determine default gateway by considering monitor status */
+        $gateway = $gateways->getDefaultGW($down_gateways, $ipprotocol);
+        if ($gateway == null) {
+            continue;
+        }
+
+        system_default_route($gateway['gateway'], $gateway['if'], isset($gateway['fargw']));
+    }
+}
+
 function system_routing_configure($verbose = false, $interface = null, $monitor = true, $family = null)
 {
    service_log('Setting up routes...', $verbose);