diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 7b75abd6a..df297cf7c 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -1158,6 +1158,18 @@ function interface_reconfigure($interface = 'wan', $reloadall = false) interface_configure($interface, $reloadall); } +function interface_vips_bring_down($intf) +{ + global $config; + if (!empty($config['virtualip']['vip'])) { + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['interface'] == $intf) { + interface_vip_bring_down($vip); + } + } + } +} + function interface_vip_bring_down($vip) { $vipif = get_real_interface($vip['interface']); @@ -1825,7 +1837,17 @@ function interfaces_carp_setup() mwexec("/sbin/ifconfig pfsync0 -syncdev -syncpeer down", false); } - if (isset($config['virtualip']['vip']) && $config['virtualip']['vip']) { + $has_carp_vips = false; + if (isset($config['virtualip']['vip']) && count($config['virtualip']['vip']) > 0) { + foreach ($config['virtualip']['vip'] as $vip) { + if ($vip['mode'] == 'carp') { + $has_carp_vips = true; + break; + } + } + } + + if ($has_carp_vips) { set_single_sysctl("net.inet.carp.allow", "1"); } else { set_single_sysctl("net.inet.carp.allow", "0"); @@ -1924,6 +1946,10 @@ function interfaces_vips_configure($interface = '') if ($interface <> "" && $vip['interface'] <> $interface) { continue; } + if (!$carp_setuped) { + // interfaces_carp_setup will enable carp when pfsync completes. + set_single_sysctl("net.inet.carp.allow", "0"); + } if ($carp_setuped == false) { $carp_setuped = true; } diff --git a/src/etc/rc.linkup b/src/etc/rc.linkup index 9c7ca07de..354dda46e 100755 --- a/src/etc/rc.linkup +++ b/src/etc/rc.linkup @@ -68,6 +68,7 @@ function handle_argument_group($iface, $argument2) { case "stop": log_error("DEVD Ethernet detached event for {$iface}"); interface_bring_down($iface); + interface_vips_bring_down($iface); break; case "start": log_error("DEVD Ethernet attached event for {$iface}");