aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/freeradius2/freeradiuseapconf.xml3
-rw-r--r--config/quagga_ospfd/quagga_ospfd.inc33
-rw-r--r--config/quagga_ospfd/quagga_ospfd.xml9
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
5 files changed, 44 insertions, 5 deletions
diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml
index 70a11b87..a2dd2b99 100644
--- a/config/freeradius2/freeradiuseapconf.xml
+++ b/config/freeradius2/freeradiuseapconf.xml
@@ -195,6 +195,7 @@
<fielddescr>SSL Revocation List</fielddescr>
<fieldname>ssl_ca_crl</fieldname>
<description><![CDATA[Choose the SSL CA Certficate revocation list here which you created with the firewall's Cert Manager.<br>
+ <b>HINT:</b> You need to restart freeradius service after adding a certificate to the CRL.<br>
Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description>
<type>select_source</type>
<source><![CDATA[freeradius_get_ca_crl()]]></source>
@@ -220,7 +221,6 @@
<type>checkbox</type>
<enablefields>ssl_client_cert</enablefields>
</field>
- -->
<field>
<fielddescr>SSL Client Certificate</fielddescr>
<fieldname>ssl_client_cert</fieldname>
@@ -231,6 +231,7 @@
<source_name>descr</source_name>
<source_value>refid</source_value>
</field>
+ -->
<field>
<name>EAP-TLS</name>
<type>listtopic</type>
diff --git a/config/quagga_ospfd/quagga_ospfd.inc b/config/quagga_ospfd/quagga_ospfd.inc
index 598d3c00..46037bd9 100644
--- a/config/quagga_ospfd/quagga_ospfd.inc
+++ b/config/quagga_ospfd/quagga_ospfd.inc
@@ -290,7 +290,24 @@ EOF;
exec("chmod u+rw,go-rw {$quagga_config_base}/zebra.conf");
// Kick off newly created rc.d script
- exec("/usr/local/etc/rc.d/quagga.sh restart");
+ if (is_ipaddr($ospfd_conf['carpstatusip'])) {
+ $status = quagga_get_carp_status_by_ip($ospfd_conf['carpstatusip']);
+ switch (strtoupper($status)) {
+ // Stop the service if the VIP is in BACKUP or INIT state.
+ case "BACKUP":
+ case "INIT":
+ exec("/usr/local/etc/rc.d/quagga.sh stop");
+ break;
+ // Start the service if the VIP is MASTER state.
+ case "MASTER":
+ // Assume it's up if the status can't be determined.
+ default:
+ exec("/usr/local/etc/rc.d/quagga.sh restart");
+ break;
+ }
+ } else {
+ exec("/usr/local/etc/rc.d/quagga.sh restart");
+ }
// Back to RO mount for NanoBSD and friends
conf_mount_ro();
@@ -345,4 +362,18 @@ function quagga_ospfd_put_raw_config($conffile) {
}
}
+function quagga_get_carp_status_by_ip($ipaddr) {
+ $iface = find_carp_interface($ipaddr);
+ if ($iface) {
+ $status = get_carp_interface_status($iface);
+ // If there is no status for that interface, return null.
+ if (!$status)
+ $status = null;
+ } else {
+ // If there is no VIP by that IP, return null.
+ $status = null;
+ }
+ return $status;
+}
+
?>
diff --git a/config/quagga_ospfd/quagga_ospfd.xml b/config/quagga_ospfd/quagga_ospfd.xml
index 3348dff3..c48d0f47 100644
--- a/config/quagga_ospfd/quagga_ospfd.xml
+++ b/config/quagga_ospfd/quagga_ospfd.xml
@@ -1,6 +1,6 @@
<packagegui>
<name>quagga_ospfd</name>
- <version>0.5.2</version>
+ <version>0.5.3</version>
<title>Services: Quagga OSPFd</title>
<include_file>/usr/local/pkg/quagga_ospfd.inc</include_file>
<aftersaveredirect>pkg_edit.php?xml=quagga_ospfd.xml&amp;id=0</aftersaveredirect>
@@ -176,6 +176,13 @@
</rowhelperfield>
</rowhelper>
</field>
+ <field>
+ <fielddescr>CARP Status IP</fielddescr>
+ <fieldname>carpstatusip</fieldname>
+ <description>IP address used to determine the CARP status. When the VIP is in BACKUP status, quagga will not be started. &lt;br/&gt;NOTE: Requires changes to /etc/rc.carpmaster to start quagga and /etc/rc.carpbackup to stop quagga or it will not be fully effective.</description>
+ <type>input</type>
+ <size>25</size>
+ </field>
</fields>
<custom_php_resync_config_command>
quagga_ospfd_install_conf();
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index d97d93f1..c0752199 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -1667,7 +1667,7 @@
<name>Quagga OSPF</name>
<descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD and OpenBGPD. Installing both will break things.</descr>
<maintainer>jimp@pfsense.org</maintainer>
- <version>0.99.20.1 v0.5.2</version>
+ <version>0.99.20.1 v0.5.3</version>
<category>Routing</category>
<status>BETA</status>
<depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index c831b5f0..4afc7a4f 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -1654,7 +1654,7 @@
<name>Quagga OSPF</name>
<descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD and OpenBGPD. Installing both will break things.</descr>
<maintainer>jimp@pfsense.org</maintainer>
- <version>0.99.20.1 v0.5.2</version>
+ <version>0.99.20.1 v0.5.3</version>
<category>Routing</category>
<status>BETA</status>
<depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url>