Improve gateway monitoring. Fix #16180
Revert the changes from 3b5f0ecbfc2d952891dbe227e9afbf9d2ed0ebd4 since
routing an address via an interface causes the system to treat it as
local and send IPv6 NS requests to addresses that may not be local. As
an alternate solution, add filter rules to prevent gateway monitoring
traffic from going out the wrong interface when route-to rules cannot be
created.
Validate the IPv6 gateway address, as is done with IPv4,
before using it to add a static route.
Change setup_gateways_monitor() to kill states for all interfaces instead
of just the gateway's interface in order to catch states that may have
been created on other interfaces. This is only applicable to gateways with
monitoring enabled.
Teach lookup_gateway_ip_by_name() and lookup_gateway_monitor_ip_by_name()
to check the router file for dynamic interfaces. This helps the function
filter_delete_states_for_down_gateways() be more effective.
Always bring if_pppoe interfaces down before destroying them
For kernel if_pppoe interfaces, when the interface is destroyed it is removed
immediately without sending a Term-Request. This leaves the other end of the PPP
tunnel established until it times out from lack of response. In the interim, if
the if_pppoe interface attempts to connect again it will fail if the service
side does not allow multiple concurrent logins. This is remedied by downing the
interface prior to destruction.
Add interface network aliases even if empty. Fix #16182
This changes the behavior for interface "subnet" aliases to be included in
/tmp/rules.debug even when the alias is empty. This matches how other
aliases are handled. When an alias is empty and a rule references it,
we rely on pf to do the right thing.
Fix updating renamed aliases with multiple entries
Previous behavior only checked single-entry aliases. This change allows
calling update_alias_names_upon_change() with a spearator to loop
through the alias and update all entries.
Fix double rc.newwanipv6 execution on if_pppoe
When using if_pppoe and DHCPv6 over the PPP link, both the devd handler script
and dhcp6c execute /etc/rc.newwanipv6 as a result of an address assignment,
which is not fatal but does cause some extra delay as the filter is reloaded and
packages are restarted more than necessary. This is fixed by limiting the
pppoe-handler script to responding to a new IPv6 address only when the logical
interface is not configured for DHCPv6, allowing dhcp6c to manage lease changes
itself. All other IPv6 configurations will generate a ADDR_ADD devd event on
address assignment that is handled by the pppoe-handler script.
pppoe-handler: Mute spurious invalid address warnings
Move the address checking out of the main body of the script into switch cases
that actually use the address
(cherry picked from commit 51ce224e061a26728bb42d11d238a11bbd989850)
Fix serialization/deserialization of ppp hostuniq and provider attributes
When these two properties were added, the form handling set their config values
to boolean true if empty, leading to empty tags in the config.xml which would be
serialized to the config.cache as empty strings. As a result, later fetches of a
ppp config from the config after the cache is reloaded (i.e. additional
requests) deserialize this true value as an empty string.
However, with the pfnet-controller service running and acting as the config
provider, the raw array written to the config is directly serialized which
would result in hostuniq and provider being stored as and returned as boolean
true rather than the expected empty string, causing a bogus hostuniq and
provider value to be written to the mpd configuration (or passed on to the
if_pppoe ifconfig, as applicable).
To remedy the situation and retain compatibility with config caches that have
the boolean values, interface_pppoe_get_hostuniq(), interface_pppoe_configure(),
and interface_ppps_configure() are changed to check that these attributes are
nonempty as well as string type before attempting to use them. interfaces.php is
[3 lines not shown]
if_pppoe: Resolve endless loop on dhcp6c
When using if_pppoe, the use of ppp-ipv6 to up the pppoe interface on ADDR_ADD
causes a loop of calling interface_dhcp6_configure(), which
restarts dhcp6c, which acquires a lease and assigns an address, which emits an
ADDR_ADD devd event.
Add LINK_UP handling for ifpppoe devices by only executing ppp-ipv6 up, and
remove the execution from pppoe_add_addr.
(cherry picked from commit ebdfb836e5d87d7a663552403b9e3e70cc9594cf)
Correct the DNS info change detection. Fix #16170
The variable $dns_changed was introduced along with the RENEW reason and
is intended to only take affect with RENEW. This is done to keep the
original behavior for reasons other than RENEW.
Check for Kea custom configuration before retrying without it
Errors without custom configuration can also trigger the notice. In such
case, retrying is redundant and the notice text is misleading.
Supress info logs for rc.newwanipv6 RENEW
Only log when there's something to do during RENEW. This avoids spamming
the system log now that rc.newwanipv6 is called on RENEW. While here, also
check that a reason was given before logging it (ppp scripts omit it).
