ifstated20041117ifstated: Settingspkg_edit.php?xml=ifstated.xml&id=0installedpackages->package->$packagename->configuration->settings/etc/sysctl.confnet.inet.carp.preempt=1External Test IPexttestipEnter an IP to test external connectivity with. This should be a host with extremely high availability.inputInternal Test IPinttestipEnter an IP to test internal connectivity with. This should be a host with extremely high availability.inputPaired Firewall External IPpairextipEnter the real IP of the other firewall's (real) external interface.inputPaired Firewall Internal IPpairintipEnter the real IP of the other firewall's (real) internal interface.inputInitial StateinitstateEnter the desired initial state for this firewall.select
global $config;
mwexec("rm /usr/local/etc/rc.d/ifstated*");
$fout = fopen("/usr/local/etc/rc.d/ifstated.sh","w");
fwrite($fout,"#!/bin/sh\n\n/usr/local/sbin/ifstated\n");
fclose($fout);
mwexec("chmod a+x /usr/local/etc/rc.d/radiusd.sh");
global $config;
$fout = fopen("/usr/local/etc/ifstated.conf","w");
if($config['installedpackages']['ifstated']['config'] != "") {
fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n");
fwrite($fout, "init-state " . $_POST['initstate'] . "\n\n");
fwrite($fout, "carp_up = \"((carp0 link up) and (carp1 link up))\"\ncarp_down = \"((! carp0 link up) and (! carp1 link up))\"\ncarp_sync= \"((carp0 link up and carp1 link up) or ((!carp0 link up) and (!carp1 link up)))\"\n\n");
fwrite($fout, "net = '( \"ping -q -c 1 -t 1 " . $_POST['exttestip'] . " > /dev/null\" every 10 and \"ping -q -c 1 -t 1 " . $_POST['inttestip'] . " > /dev/null\" every 10)'\n\n");
fwrite($fout, "peer = '( \"ping -q -c 1 -t 1 " . $_POST['pairextip'] . " > /dev/null\" every 10 and \"ping -q -c 1 -t 1 " . $_POST['pairintip'] . " > /dev/null\" every 10)'\n\n");
fwrite($fout, "state auto {\nif \$carp_up {\nset-state primary\n}\nif \$carp_down {\nset-state backup\n}\n}\n\n");
fwrite($fout, "state primary {\ninit {\nrun \"ifconfig carp0 advskew 10\"\nrun \"ifconfig carp1 advskew 10\"\n}\nif ! \$net {\nset-state demoted\n}\n}\n\nstate demoted {\ninit {\nrun \"ifconfig carp0 advskew 254\"\nrun \"ifconfig carp1 advskew 254\"\n}\nif \$net {\nset-state primary\n}\n}\n\n");
fwrite($fout, "state promoted {\ninit {\nrun \"ifconfig carp0 advskew 0\"\nrun \"ifconfig carp1 advskew 0\"\n}\nif \$peer or ! \$net {\nset-state backup\n}\n}\n\n");
fwrite($fout, "state backup {\ninit {\nrun \"ifconfig carp0 advskew 100\"\nrun \"ifconfig carp1 advskew 100\"\n}\nif ! \$carp_sync and \$net and \"sleep 5\" every 10 {\nif (! \$carp_sync) and \$net {\nset-state promoted\n}\n}\n}\n");
}
fclose($fout);
mwexec("/usr/bin/killall -HUP ifstated");