lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 16:44:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,923 Commits 1 Branch 0 Tags
Commit Graph

10097 Commits

Author SHA1 Message Date
Franco Fichtner
1bc478fbaa openvpn: remove gw switching logic; closes #3449 
This removes the last part of gw switching capabilities from OpenVPN
in a backwards-incompatible way.  For clients they can already reconnect
if you use "any" or an internal LAN. For servers you don't bind to WAN
in Multi-WAN or gateway groups.  Use localhost + NAT rules for both
WANs instead.

Discussed with: @adschellevis
 2019-04-29 13:43:18 +02:00
Franco Fichtner
18422180ad src: style sweep 2019-04-29 09:45:44 +02:00
Franco Fichtner
ecdf0404b7 openvpn: deflect a carp event ealier for servers 
If the server is running don't stop it.  If it is not running
go through the trouble of trying to start it.
 2019-04-29 09:25:01 +02:00
Franco Fichtner
a2c38b7c87 interfaces: use ifconfig group add invoke only once 2019-04-29 09:07:58 +02:00
Franco Fichtner
055913845e interfaces: unicode whitespace of death 2019-04-29 08:53:06 +02:00
Franco Fichtner
c0d3142a5b interfaces: another rule for group name... 
...as dictated by ifconfig.  Found out the hard way.  ;)
 2019-04-29 08:51:54 +02:00
Franco Fichtner
808c43d705 interfaces: typo in mwexecf() conversion 2019-04-29 08:44:00 +02:00
Franco Fichtner
6018681623 dhcpd: more conversion, only services_dhcpd_configure() left 2019-04-29 08:05:15 +02:00
Franco Fichtner
ba0c82dd54 dhcpd: naming convention, plugins_configure() use 2019-04-29 07:49:26 +02:00
Franco Fichtner
15ef1b10bc interfaces: fix comment 2019-04-28 19:33:12 +02:00
Franco Fichtner
9445a69cb5 interfaces: another mwexecf() conversion 2019-04-28 19:30:28 +02:00
Franco Fichtner
918796bec9 interfaces: broken VLAN again (Hi, Jim, how is it going!) ;) 2019-04-28 19:23:56 +02:00
Franco Fichtner
e6d3d95ba6 openvpn: only stop/start clients on carp 
Discussed with: @adschellevis
 2019-04-28 19:19:53 +02:00
Michael
41d5cdb83d Proxy: ssl_crtd was removed with Squid 4.X 2019-04-28 19:05:09 +02:00
Franco Fichtner
8b8f02be16 interfaces: group add/delete mwexecf() conversion 
Since get_real_interface() can be empty it should always be escaped.
 2019-04-28 18:56:32 +02:00
Franco Fichtner
14b9f355f2 interfaces: adapt to the new reality of get_real_interface() 2019-04-28 18:32:24 +02:00
Franco Fichtner
79c7c41123 openvpn: typo in previous 2019-04-28 16:52:49 +02:00
Franco Fichtner
4e0bd7c3e3 openvpn: allow "_vip" devices to reload as well 2019-04-28 16:50:40 +02:00
Franco Fichtner
666e0d31a2 interfaces: add comment for previous 2019-04-28 16:20:57 +02:00
Franco Fichtner
2cfcc5f03e interfaces: now that get_real_interface() always returns... 
Prioritize '_vip' fake handling in getting an IP address.
It might be better to look it up, but that is for later.
 2019-04-28 16:18:59 +02:00
Franco Fichtner
f908748323 dhcpd: consolidate functions, start on naming conventions 2019-04-28 16:14:46 +02:00
Franco Fichtner
04d4f50cca interfaces: separate dhcpd from services.inc 2019-04-28 15:07:10 +02:00
Franco Fichtner
b140e91b7e interfaces: services.inc stopgap measure 
PR: https://forum.opnsense.org/index.php?topic=11540.0
 2019-04-28 14:37:43 +02:00
Franco Fichtner
127c364789 interfaces: get_real_interface() as opportunistic try 
Speeds up lookup.  The caller is ultimately in charge of operating
on the data given by the function.  Most callers do not check the
return value for empty() so let's just fix callers that do require
this.
 2019-04-28 14:27:40 +02:00
Franco Fichtner
01ed7a77a2 openvpn: rid the world of openvpn_carp_start() and openvpn_carp_stop() 
OpenVPN has had so many functions to reload and all of them hardcoded one
way or another.  Since we already check CARP state in openvpn_restart()
and stop before potentially starting that should be enough indeed.

Another question is why servers are being restarted if CARP is solely
used for preventing to start clients on BACKUP nodes.
 2019-04-28 14:25:43 +02:00
Franco Fichtner
b8b739260d interfaces: typo in previous 2019-04-28 13:30:44 +02:00
Franco Fichtner
bda5695f64 interfaces: get_carp_interface_status() return values audit 2019-04-28 13:27:31 +02:00
Franco Fichtner
d8e17d7737 dpinger: only monitor for existing entries of enabled interfaces 
I have a little beef with the new code: the System: Gateways: Single
page listing should always list existing config.xml gateways, but it
does not.  So it looks like a gateway was deleted when in fact it is
being hidden.  This is definitely a visibility departure from the
previous code.
 2019-04-26 18:03:53 +02:00
Franco Fichtner
139ef1334f system: log all "skips" for monitor targets 
PR: https://forum.opnsense.org/index.php?topic=11540.0
 2019-04-26 15:08:26 +02:00
Franco Fichtner
a9e05d5722 system: fix dpinger invoke 2019-04-26 14:41:07 +02:00
Franco Fichtner
60966cdaa2 system: gateway_items are not dynamic 2019-04-26 14:27:47 +02:00
Franco Fichtner
c901a00eb6 interfaces: entirely unsure about this 2019-04-26 08:54:49 +02:00
Franco Fichtner
ff3d7fc46e interfaces: interface_has_gateway() gone, yikes 2019-04-26 08:52:54 +02:00
Franco Fichtner
998aa1097d system: /etc/hosts generation without interface_has_gateway() 
It only marginally matters and lan or opt1 is mostly there with
a safe assumption of no gateway unless that is for a different
purpose than simply going to the internet.
 2019-04-26 08:51:39 +02:00
Franco Fichtner
316e988459 system: avoid use of interface_has_gateway() 
A number of sanity cleanups while here...
 2019-04-26 08:39:36 +02:00
Franco Fichtner
908c1d617c interfaces: avoid use of interface_has_gateway() 2019-04-26 08:39:21 +02:00
Franco Fichtner
d2ba53e1ea dnsmasq: another services.inc taint 2019-04-26 08:11:14 +02:00
Franco Fichtner
cfa86ac5b6 interfaces: unused interface_has_gatewayv6() 2019-04-26 07:49:03 +02:00
Franco Fichtner
e40b8f51ac interfaces: lock IP configuration type for tunnels 
@Adschellvis and me wondered about this so I did a bit of
reseach and multiple workaround oddities exist to fix parts
of the issue.  To be frank, fix the issue at the source and
do not let users otherwise configure these settings in tunnel
interfaces.

See:      https://redmine.pfsense.org/issues/3280
Also see: https://redmine.pfsense.org/issues/8687
 2019-04-26 07:42:54 +02:00
Franco Fichtner
d40c917fcb interfaces: long group names vs. pf(4) 
PR: https://forum.opnsense.org/index.php?topic=12527.0
 2019-04-26 05:42:22 +02:00
Franco Fichtner
6b8fc100e4 interfaces: further changes in slaac pursuit 2019-04-26 05:29:31 +02:00
Franco Fichtner
bc6340f167 interfaces: VTI is a bit tricky #3414 2019-04-25 18:32:19 +02:00
Franco Fichtner
6858aec382 interfaces: fix VTI vs. system route issue; closes #3414 2019-04-25 16:45:29 +02:00
Franco Fichtner
e07347f701 system: services.inc removal splatter 2019-04-25 15:04:23 +02:00
Franco Fichtner
dabcea59d7 interfaces: always provide a "description" 2019-04-25 14:37:11 +02:00
Ad Schellevis
839ec3567a dhcp, leases overview. merge static mac addresses with leases for https://github.com/opnsense/core/issues/2946 2019-04-25 11:08:05 +02:00
Franco Fichtner
3992b4e556 interfaces: annotate VIP configuration change for the future 2019-04-25 10:47:35 +02:00
Franco Fichtner
b16e03cb68 interfaces: some changes to VIP handling 
* always configure VIPs in interface_configure()
* also configure VIPs in rc.newwanipv6
* link_interface_to_vips() removed
* land IPv6 VIPs on the IPv6 device

Discussed with: @adschellevis
 2019-04-25 10:20:23 +02:00
Franco Fichtner
3498416734 interfaces: in a perfect world these do not need services.inc 
Let's make it so.  :)
 2019-04-25 09:37:34 +02:00
Franco Fichtner
db2b0ff27c interfaces: allow link-local address on bridges; closes #926 2019-04-25 09:25:40 +02:00