diff options
-rw-r--r-- | config/freeradius2/freeradiuseapconf.xml | 3 | ||||
-rw-r--r-- | config/quagga_ospfd/quagga_ospfd.inc | 33 | ||||
-rw-r--r-- | config/quagga_ospfd/quagga_ospfd.xml | 9 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
5 files changed, 44 insertions, 5 deletions
diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml index 70a11b87..a2dd2b99 100644 --- a/config/freeradius2/freeradiuseapconf.xml +++ b/config/freeradius2/freeradiuseapconf.xml @@ -195,6 +195,7 @@ <fielddescr>SSL Revocation List</fielddescr> <fieldname>ssl_ca_crl</fieldname> <description><![CDATA[Choose the SSL CA Certficate revocation list here which you created with the firewall's Cert Manager.<br> + <b>HINT:</b> You need to restart freeradius service after adding a certificate to the CRL.<br> Choose "none" if you do not use any kind of certificates or the freeradius Cert Manager. (Default: none)]]></description> <type>select_source</type> <source><![CDATA[freeradius_get_ca_crl()]]></source> @@ -220,7 +221,6 @@ <type>checkbox</type> <enablefields>ssl_client_cert</enablefields> </field> - --> <field> <fielddescr>SSL Client Certificate</fielddescr> <fieldname>ssl_client_cert</fieldname> @@ -231,6 +231,7 @@ <source_name>descr</source_name> <source_value>refid</source_value> </field> + --> <field> <name>EAP-TLS</name> <type>listtopic</type> diff --git a/config/quagga_ospfd/quagga_ospfd.inc b/config/quagga_ospfd/quagga_ospfd.inc index 598d3c00..46037bd9 100644 --- a/config/quagga_ospfd/quagga_ospfd.inc +++ b/config/quagga_ospfd/quagga_ospfd.inc @@ -290,7 +290,24 @@ EOF; exec("chmod u+rw,go-rw {$quagga_config_base}/zebra.conf"); // Kick off newly created rc.d script - exec("/usr/local/etc/rc.d/quagga.sh restart"); + if (is_ipaddr($ospfd_conf['carpstatusip'])) { + $status = quagga_get_carp_status_by_ip($ospfd_conf['carpstatusip']); + switch (strtoupper($status)) { + // Stop the service if the VIP is in BACKUP or INIT state. + case "BACKUP": + case "INIT": + exec("/usr/local/etc/rc.d/quagga.sh stop"); + break; + // Start the service if the VIP is MASTER state. + case "MASTER": + // Assume it's up if the status can't be determined. + default: + exec("/usr/local/etc/rc.d/quagga.sh restart"); + break; + } + } else { + exec("/usr/local/etc/rc.d/quagga.sh restart"); + } // Back to RO mount for NanoBSD and friends conf_mount_ro(); @@ -345,4 +362,18 @@ function quagga_ospfd_put_raw_config($conffile) { } } +function quagga_get_carp_status_by_ip($ipaddr) { + $iface = find_carp_interface($ipaddr); + if ($iface) { + $status = get_carp_interface_status($iface); + // If there is no status for that interface, return null. + if (!$status) + $status = null; + } else { + // If there is no VIP by that IP, return null. + $status = null; + } + return $status; +} + ?> diff --git a/config/quagga_ospfd/quagga_ospfd.xml b/config/quagga_ospfd/quagga_ospfd.xml index 3348dff3..c48d0f47 100644 --- a/config/quagga_ospfd/quagga_ospfd.xml +++ b/config/quagga_ospfd/quagga_ospfd.xml @@ -1,6 +1,6 @@ <packagegui> <name>quagga_ospfd</name> - <version>0.5.2</version> + <version>0.5.3</version> <title>Services: Quagga OSPFd</title> <include_file>/usr/local/pkg/quagga_ospfd.inc</include_file> <aftersaveredirect>pkg_edit.php?xml=quagga_ospfd.xml&id=0</aftersaveredirect> @@ -176,6 +176,13 @@ </rowhelperfield> </rowhelper> </field> + <field> + <fielddescr>CARP Status IP</fielddescr> + <fieldname>carpstatusip</fieldname> + <description>IP address used to determine the CARP status. When the VIP is in BACKUP status, quagga will not be started. <br/>NOTE: Requires changes to /etc/rc.carpmaster to start quagga and /etc/rc.carpbackup to stop quagga or it will not be fully effective.</description> + <type>input</type> + <size>25</size> + </field> </fields> <custom_php_resync_config_command> quagga_ospfd_install_conf(); diff --git a/pkg_config.8.xml b/pkg_config.8.xml index d97d93f1..c0752199 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1667,7 +1667,7 @@ <name>Quagga OSPF</name> <descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD and OpenBGPD. Installing both will break things.</descr> <maintainer>jimp@pfsense.org</maintainer> - <version>0.99.20.1 v0.5.2</version> + <version>0.99.20.1 v0.5.3</version> <category>Routing</category> <status>BETA</status> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index c831b5f0..4afc7a4f 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1654,7 +1654,7 @@ <name>Quagga OSPF</name> <descr>OSPF routing protocol using Quagga -- WARNING! Installs files to the same place as OpenOSPFD and OpenBGPD. Installing both will break things.</descr> <maintainer>jimp@pfsense.org</maintainer> - <version>0.99.20.1 v0.5.2</version> + <version>0.99.20.1 v0.5.3</version> <category>Routing</category> <status>BETA</status> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> |