Routes only get added in system_resolvconf_generate() now where
the DNS override is properly checked. The nameservers are added
through the new script for convenience and removed from there as
well. As a bonus we still scrub the routes from the nameserver
file removal to avoid creating "state" about what was done elsewhere.
This is still subject to a lot of funky races for overlapping host
routes either by ISP, manual DNS, gateway monitors or static routes.
We removed other console mute situations and we might as well also
remove the one that is during early boot for the simple fact that
it's probably going to be unmuted anyway.
ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
description: OpenVPN
options=80000<LINKSTATE>
inet 10.0.8.1 --> 10.0.8.2 netmask 0xffffff00
Calculation using 10.0.8.1/24 will result in 10.0.8.1, but should have been 10.0.8.2
This patch seems to add the least amount of magic, if the correct gateway would be captured in the environment variables that would be preferable, unfortunately that doesn't seem to be the case.
Example environment output:
xormask_1=
daemon_start_time=1645634011
daemon_pid=569
tun_mtu=1500
proto_1=udp4
daemon=1
dev_type=tun
script_context=init
PWD=/usr/local/www
xormasklen_1=0
daemon_log_redirect=0
ifconfig_local=10.0.8.1
local_port_1=1194
dev=ovpns1
link_mtu=1621
remote_port_1=1194
script_type=up
ifconfig_netmask=255.255.255.0
xormethod_1=0
config=/var/etc/openvpn/server1.conf
verb=3
o HostWildcardAllowed - allow the use of "*" (any host)
o FqdnWildcardAllowed - allow the use of wilcard fqdn's (*.my.top.level)
o ZoneRootAllowed - allow the use of "@" (zone root)
o wrap vlan set pcp in new function legacy_vlan_pcp()
o add legacy_vlan_remove_tag() to detach our vlan
o use legacy_vlan_remove_tag() + legacy_vlan_tag() to update vlan interfaces, in which case configuration remains as it was which would make future modifications which don't rely on "logical" names easier.
So 5f6b380a33 made get_interface_list() work as expected at the
price of losing assignment options on the referenced page due to
historic oversight. Add a prefix so we can construct the device
name from a partial key value.
The side effect from this may be that VIPs disappear from disabled
interfaces which is how it should have been.
Furthermore, remove the configuration of vips from rc.newwanip which
was added for unknown reasons in pfSense a long time ago and got also
copied to rc.newwanipv6 for us during cleanups but never in pfSense.
Especially since we removed find_interface_*() function family we never
risk reading an alias as a primary address and for all intents and
purposes an alias should never appear from an interface except it was
stripped in error by faulty code. Win-win really. ;)
