aboutsummaryrefslogtreecommitdiffstats
path: root/config/haproxy
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2009-11-23 17:07:25 -0500
committerScott Ullrich <sullrich@pfsense.org>2009-11-23 17:07:25 -0500
commit12805cecc63ebaa9651b1a29d7fde1f973e35b0a (patch)
tree6d9bd6feb59a681cbe68dcfe43765df025b90944 /config/haproxy
parentfb592922f37662ae8c224222ca1a938474303bbb (diff)
downloadpfsense-packages-12805cecc63ebaa9651b1a29d7fde1f973e35b0a.tar.gz
pfsense-packages-12805cecc63ebaa9651b1a29d7fde1f973e35b0a.tar.bz2
pfsense-packages-12805cecc63ebaa9651b1a29d7fde1f973e35b0a.zip
Do not allow sync loops take #2
Diffstat (limited to 'config/haproxy')
-rw-r--r--config/haproxy/haproxy.inc16
1 files changed, 15 insertions, 1 deletions
diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc
index e55eca59..11fd3782 100644
--- a/config/haproxy/haproxy.inc
+++ b/config/haproxy/haproxy.inc
@@ -255,8 +255,22 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
return;
// Do not allow syncing to self.
- if(`/sbin/ifconfig -a | grep "$sync_to_ip"`)
+ $donotsync = false;
+ $lanip = find_interface_ip($config['interfaces']['lan']['if']);
+ if($lanip == $sync_to_ip)
+ $donotsync = true;
+ $wanip = find_interface_ip($config['interfaces']['wan']['if']);
+ if($wanip == $sync_to_ip)
+ $donotsync = true;
+ for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) {
+ $optip = find_interface_ip($config['interfaces']['opt' . $j]['if']);
+ if($optip == $sync_to_ip)
+ $donotsync = true;
+ }
+ if($donotsync) {
+ log_error("Disallowing sync loop for HAProxy sync.");
return;
+ }
$xmlrpc_sync_neighbor = $sync_to_ip;
if($config['system']['webgui']['protocol'] != "") {