-
-
Save kronenpj/e90258f12f7a40c4f38a23b609b3288b to your computer and use it in GitHub Desktop.
| #!/usr/local/bin/php | |
| <?php | |
| require_once("config.inc"); | |
| require_once("system.inc"); | |
| require_once("interfaces.inc"); | |
| require_once("util.inc"); | |
| $subsystem = !empty($argv[1]) ? $argv[1] : ''; | |
| $type = !empty($argv[2]) ? $argv[2] : ''; | |
| if ($type != 'MASTER' && $type != 'BACKUP') { | |
| log_error("Carp '$type' event unknown from source '{$subsystem}'"); | |
| exit(1); | |
| } | |
| if (!strstr($subsystem, '@')) { | |
| log_error("Carp '$type' event triggered from wrong source '{$subsystem}'"); | |
| exit(1); | |
| } | |
| // Add more interfaces that need to be disabled/enabled after a CARP event. | |
| $interfaces = array('wan', 'opt2'); | |
| if ($type === "MASTER") { | |
| foreach ($interfaces as $ifkey) { | |
| log_error("enable interface '$ifkey' due CARP event '$type'"); | |
| $config['interfaces'][$ifkey]['enable'] = '1'; | |
| interfaces_bring_up($ifkey); | |
| interface_configure(false, $ifkey, true, true); | |
| write_config("enable interface '$ifkey' due CARP event '$type'", false); | |
| usleep(200 * 1000); | |
| } | |
| } else { | |
| foreach ($interfaces as $ifkey) { | |
| log_error("disable interface '$ifkey' due CARP event '$type'"); | |
| interface_bring_down($ifkey); | |
| unset($config['interfaces'][$ifkey]['enable']); | |
| interface_configure(false, $ifkey, true, false); | |
| exec('/sbin/ifconfig ' . escapeshellarg($ifkey) . 'down 2>&1', $ifc, $ret); | |
| write_config("disable interface '$ifkey' due CARP event '$type'", false); | |
| } | |
| } | |
| ?> |
@kronenpj
i ran this but is there any way to modify the files? i cant nano or vi into the script afterwards as i need to change interfaces
curl -sL -H "Cache-Control: no-cache" \ https://gist.githubusercontent.com/kronenpj/e90258f12f7a40c4f38a23b609b3288b/raw/10-wancarp \ --output /usr/local/etc/rc.syshook.d/carp/10-wancarp && \ chmod +x /usr/local/etc/rc.syshook.d/carp/10-wancarp
@FA9US
Try using sudo before the nano or vi command:
sudo vi /usr/local/etc/rc.syshook.d/carp/10-wancarp
sudo nano /usr/local/etc/rc.syshook.d/carp/10-wancarp
The file should be owned by root so your normal user account won't be able to change it.
@kronenpj
After a CARP event on 23.7, the script is successfully running and disabling the WAN interface.
However, the PPPoE link remains connected with the public IP address in a unmanageable state.
Please could I request assistance to modify the script to disconnect PPPoE connections on the backup and reconnect on master.
Thank you in advance, much appreciated.
You should be able to add 'pppoe0' to the list on line 23, possibly replacing 'opt2'.
@kronenpj Thank you for the feedback.
After replacing 'opt2' with 'pppoe0' the PPPoE connection remained connected and administratively down.
Are you able to advise what commands would be required to 'connect' and 'disconnect' a PPPoE connection rather than disable the WAN interface? Thanks in advance.
Unfortunately no. I'm not entirely sure I have it working on my firewalls either. The available methods and existing actions aren't documented so I'm really just trying different things and seeing if something works. So far I haven't found any combination that satisfactorily solves this situation.
@kronenpj After removing 'true' from line 36 the script now disconnects the PPPoE connection prior to disabling the WAN interface on 23.7.1_3
interface_bring_down($ifkey);
Thanks again for all your feedback.
Very interesting. I'm glad you got it to work! I need to get back to looking at mine.
Another variant can be found here: https://gist.github.com/tlyakhov/15172db645d01dc67a0b585096f28ab3
I've updated the script with @Blip9575's suggested change. It's working as I need it to on recent versions of Opnsense.
Heya, thanks for this script! It helped me get started on managing my multiple WANs via CARP.
I did run into an issue though, and that is that I have multiple CARP subsystems (one per LAN) and sometimes CARP on one LAN would transition from MASTER to BACKUP or vice versa which would initiate toggling the WAN interfaces. I've spent about the last four hours sorting that out in my own version such that toggling the WAN interfaces only happens once all CARP subsystems are MASTER or BACKUP (or if CARP is disabled/enabled). I also throw some more logging in it so that it makes a little more sense what's happening when it does.
Hope this helps someone!
https://gist.github.com/willjasen/6ae0f47bca36ced2bd52b2fefc2bc21e
Hi Guys, i've posted a question at https://gist.github.com/spali/2da4f23e488219504b2ada12ac59a7dc?permalink_comment_id=5008023#gistcomment-5008023 - i've tried your Script @kronenpj and also the other variant from @willjasen and the one you mentioned here
Original script: https://gist.github.com/spali/2da4f23e488219504b2ada12ac59a7dc
Needed these changes / updates to more fully bring WAN (and OPT2) up/down on CARP switch.