PHP Shell Scripts: bringing up and down Interfaces and checking whether enabled
I am trying to both find out if an interface is enabled right now, as well as to change the state. It seems to be half working.
print_r($config['interfaces']['wan']['enable']); $config['interfaces']['wan']['enable'] = false; $config['interfaces']['wan']['disabled'] = true; write_config(); interfaces_sync_setup(); exec; // interfaces_bring_up('wan'); interface_bring_down('wan'); interface_bring_down('pppoe0'); interface_reconfigure('wan'); print_r(Interface_isppp_type('wan')); interface_configure('wan'); interface_configure('pppoe0'); //interfaces_setup(); print_r(get_interface_list()); exec;
I have 2 main issues:
getting enabled state seems to be unreliable, especially, sometimes this value is not set
changes are not applied. I have to use
which works but which I really would like to avoid, since it takes a long time and does not match the "apply changes" web UI option, which seems a little more leightweight.
guardian last edited by
Best solution I had for this so far was to parse ifconfig…. but might I suggest that you ask this question in the development forum.... much more likely to be seen by someone who knows their way around pfSense internals/code.
If you get a good answer please mark your thread solved....
Thanks for 1) I thought the same (from what I have seen so far, and not having found a way to access CARP state otherwise).
For 2) I am still searching.
Also, I asked mod to move.. only saw "how do I compile x" messages in dev forum, that is why I went to general.
So.. i copy/pasted the code from the UI interfaces.php (the "apply" POST). Also, I had to persist the .interfaces.apply for each configuration (enabled and disabled).
Gateway assignment and defaults still were a huge issue.. so I am happy it is running for now.
I guess this will break with some update in the future (would be nicer to have a clear cut between UI and some fixed logic with a documented API), so I will be a little more reluctant to update that box.
So.. what I have now is a PPPoE-CARP (well, the CARP is only on the LAN, but the WAN uses PPPoE depending on who is CARP master, so they also share the same WAN IP), I also just added a VLAN interface to have HA of the relevant parts (for me VPN, IPSEC and OpenVPN) sync from Master to Backup via HA.
When the MASTER beocmes unavailable, it takes a little over 1 minute till the BACKUP is dialed in, but still, I hope this will prevent me from remotely locking myself out in the future, plus it should make system updates a lot better (internet connection only interrupted for 1 minute, available afterwards again with same features).