forked from extern/shorewall_code
Implement a better solution to down shared gateways
This commit is contained in:
Tom Eastep
parent
9a78a0242f
commit
7989f5094e
@ -121,7 +121,9 @@ sub setup_route_marking() {
|
||||
}
|
||||
|
||||
if ( $providerref->{shared} ) {
|
||||
add_commands( $chainref, qq(if [ -n "$providerref->{mac}" ]; then) ), incr_cmd_level( $chainref ) if $providerref->{optional};
|
||||
add_rule $chainref, match_source_dev( $interface ) . "-m mac --mac-source $providerref->{mac} -j MARK --set-mark $providerref->{mark}";
|
||||
decr_cmd_level( $chainref ), add_commands( $chainref, "fi\n" ) if $providerref->{optional};
|
||||
} else {
|
||||
add_rule $chainref, match_source_dev( $interface ) . "-j MARK --set-mark $providerref->{mark}";
|
||||
}
|
||||
@ -520,13 +522,7 @@ sub add_a_provider( ) {
|
||||
|
||||
if ( $optional ) {
|
||||
if ( $shared ) {
|
||||
my $var = $providers{$table}{mac};
|
||||
|
||||
$var =~ s/^\$//;
|
||||
|
||||
emit ( " error_message \"WARNING: Gateway $gateway is not reachable -- Provider $table ($number) not Added\"" ,
|
||||
" $var=02:00:00:00:00:00" );
|
||||
|
||||
emit ( " error_message \"WARNING: Gateway $gateway is not reachable -- Provider $table ($number) not Added\"" );
|
||||
} else {
|
||||
emit ( " error_message \"WARNING: Interface $physical is not usable -- Provider $table ($number) not Added\"" );
|
||||
}
|
||||
|
||||
@ -84,7 +84,7 @@ our @EXPORT = qw( NOTHING
|
||||
);
|
||||
|
||||
our @EXPORT_OK = qw( initialize );
|
||||
our $VERSION = '4.4_16';
|
||||
our $VERSION = '4.4_15';
|
||||
|
||||
#
|
||||
# IPSEC Option types
|
||||
@ -913,7 +913,7 @@ sub process_interface( $$ ) {
|
||||
$root = substr( $interface, 0, -1 );
|
||||
$roots{$root} = $interface;
|
||||
my $len = length $root;
|
||||
|
||||
|
||||
if ( $minroot ) {
|
||||
$minroot = $len if $minroot > $len;
|
||||
} else {
|
||||
@ -1209,23 +1209,23 @@ sub known_interface($)
|
||||
|
||||
my $iface = $interface;
|
||||
|
||||
while ( 1 ) {
|
||||
chop $iface;
|
||||
if ( $minroot ) {
|
||||
while ( length $iface > $minroot ) {
|
||||
chop $iface;
|
||||
|
||||
return 0 if $iface eq '';
|
||||
|
||||
if ( my $i = $roots{$iface} ) {
|
||||
$interfaceref = $interfaces{$i};
|
||||
if ( my $i = $roots{$iface} ) {
|
||||
$interfaceref = $interfaces{$i};
|
||||
|
||||
my $physical = map_physical( $interface, $interfaceref );
|
||||
my $physical = map_physical( $interface, $interfaceref );
|
||||
|
||||
return $interfaces{$interface} = { options => $interfaceref->{options} ,
|
||||
bridge => $interfaceref->{bridge} ,
|
||||
name => $i ,
|
||||
number => $interfaceref->{number} ,
|
||||
physical => $physical ,
|
||||
base => chain_base( $physical ) ,
|
||||
};
|
||||
return $interfaces{$interface} = { options => $interfaceref->{options} ,
|
||||
bridge => $interfaceref->{bridge} ,
|
||||
name => $i ,
|
||||
number => $interfaceref->{number} ,
|
||||
physical => $physical ,
|
||||
base => chain_base( $physical ) ,
|
||||
};
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -33,6 +33,11 @@ Beta 6
|
||||
|
||||
- Failure to treat the interface as optional or required.
|
||||
|
||||
4) Where two ISPs share the same interface, if one of the ISPs was not
|
||||
reachable, an iptables-restore error such as this occurred:
|
||||
|
||||
iptables-restore v1.4.10: Bad mac address "-j"
|
||||
|
||||
Beta 5
|
||||
|
||||
1) Previously, proxy ARP with logical interface names did not
|
||||
|
||||
Loading…
Reference in New Issue
Block a user