Fix editing interface group names
This was previously a pointer to the global config before the config
access rewrite and hence the assignment would modify the config.
Reference the correct VIP in input validation description. Fix #16272
The $vip variable may not reference the $found_carp's VIP since there's no
break in the loop. Fix it by keeping the ID once it's found.
Update list of IPv4-only DDNS endpoints for AAAA updates. Implement #16251
Non "v6" services can be omitted from _curlIpresolveV4 since the request
will already happen over IPv4.
Avoid loop between pppoe-handler and rc.newwanip. Fix #16235
Once the PPPoE client receives the interface address an ADDR_ADD DEVD
event triggers pppoe-handler which ends up calling rc.newwanip. The
rc.newwanip script calls link_interface_to_vips() which triggers an
ADDR_ADD event for each configured VIP. These VIP events result in a loop
between the scripts. Fix the existing loop by ignoring ADDR_ADD events for
IPv4 VIPs. The IPv6 scripts do not behave this and hence no loop.
Improvements to plugin_xmlrpc functions
- The "merged in config" log may not show all merged sections. Fix this by
not clobbering the "$sections" variable.
- Fix variable expansion in the xmlrpc_recv plugin error logs.
- Pass the return value of "plugin_xmlrpc_recv" to
"plugin_xmlrpc_recv_done" and introduce the magic string
"xmlrpc_recv_result" within the return value. This allows packages to
define the result and act on it after the sync is done. For example the
package may only want to restart in "plugin_xmlrpc_recv_done" when there
have been config changes with the call to "plugin_xmlrpc_recv".
Sync writes for critical data
PHP 8.1 introduced native support for fsync(); use this to bring back the
functionality removed with c5663bf5c9a830d5c265bd26e875ce271081eb3f.
Tune ZFS TXG and config dataset settings. Implement #16210
Increase vfs.zfs.txg.timeout so more writes are coalesced before they
are flushed to storage. Also change the ZFS dataset for the config to
always sync to mitigate the increased potential for critical data loss.
Improve gateway monitoring. Fix #16180
Revert the changes from 3b5f0ecbfc2d952891dbe227e9afbf9d2ed0ebd4 since
routing an address via an interface causes the system to treat it as
local and send IPv6 NS requests to addresses that may not be local. As
an alternate solution, add filter rules to prevent gateway monitoring
traffic from going out the wrong interface when route-to rules cannot be
created.
Validate the IPv6 gateway address, as is done with IPv4,
before using it to add a static route.
Change setup_gateways_monitor() to kill states for all interfaces instead
of just the gateway's interface in order to catch states that may have
been created on other interfaces. This is only applicable to gateways with
monitoring enabled.
Teach lookup_gateway_ip_by_name() and lookup_gateway_monitor_ip_by_name()
to check the router file for dynamic interfaces. This helps the function
filter_delete_states_for_down_gateways() be more effective.
Always bring if_pppoe interfaces down before destroying them
For kernel if_pppoe interfaces, when the interface is destroyed it is removed
immediately without sending a Term-Request. This leaves the other end of the PPP
tunnel established until it times out from lack of response. In the interim, if
the if_pppoe interface attempts to connect again it will fail if the service
side does not allow multiple concurrent logins. This is remedied by downing the
interface prior to destruction.
Add interface network aliases even if empty. Fix #16182
This changes the behavior for interface "subnet" aliases to be included in
/tmp/rules.debug even when the alias is empty. This matches how other
aliases are handled. When an alias is empty and a rule references it,
we rely on pf to do the right thing.
Fix updating renamed aliases with multiple entries
Previous behavior only checked single-entry aliases. This change allows
calling update_alias_names_upon_change() with a spearator to loop
through the alias and update all entries.
