OpenVPN and apinger bug
-
There seems to be an issue how the apinger.conf is generated when setting the alternate monitor ip for a gateway's interface where openvpn (ovpnc#) is assigned. When I keep the gateway's settings with its defaults I can see the target information at the end of apinger.conf. As soon as I set the ip i'd like to monitor, the apinger.conf is missing the entry. So far I can only tell that openvpn is affected by this.
-
I did some investigation and think I figured out what is causing the issue. When the gateway for the openvpn interface has custom settings the return_gateways_array() function in gwlb.inc returns the gateway array like the following
Array ( [VPN_VPNV4] => Array ( [interface] => ovpnc1 [gateway] => dynamic [name] => VPN_VPNV4 [weight] => 1 [ipprotocol] => inet [interval] => [descr] => Interface VPN_VPNV4 Gateway [monitor] => 10.8.0.1 [dynamic] => 1 [friendlyiface] => opt1 [attribute] => 0 ) [WAN_DHCP] => Array ( [dynamic] => 1 [ipprotocol] => inet [gateway] => 72.38.36.111 [interface] => em1 [friendlyiface] => wan [name] => WAN_DHCP [attribute] => system [defaultgw] => 1 [monitor] => 72.38.36.129 [descr] => Interface WAN_DHCP Gateway ) )notice the open vpn interface's gateway attribute is set to dynamic.
Here is what the array returns when using no custom gateway settings
Array ( [VPN_VPNV4] => Array ( [interface] => ovpnc1 [gateway] => 10.8.0.17 [name] => VPN_VPNV4 [weight] => 1 [ipprotocol] => inet [interval] => [descr] => Interface VPN_VPNV4 Gateway [monitor] => 10.8.0.1 [dynamic] => 1 [friendlyiface] => opt1 [attribute] => 0 ) [WAN_DHCP] => Array ( [dynamic] => 1 [ipprotocol] => inet [gateway] => 72.38.36.111 [interface] => em1 [friendlyiface] => wan [name] => WAN_DHCP [attribute] => system [defaultgw] => 1 [monitor] => 72.38.36.129 [descr] => Interface WAN_DHCP Gateway ) )As you can see it has an IP.
The function that creates the apinger.conf checks for a proper gateway. If the gateway is set to 'dynamic' no targert for that interface is created in apinger.confcausing the gateway status to always be unknown.
Here is block of code in the return_gateways_array function causing the issue.
/* if the gateway is dynamic and we can find the IPv4, Great! */ if (empty($gateway['gateway']) || $gateway['gateway'] == "dynamic") { if ($gateway['ipprotocol'] == "inet") { /* we know which interfaces is dynamic, this should be made a function */ switch($wancfg['ipaddr']) { case "dhcp": case "pppoe": case "pptp": case "ppp": $gateway['ipprotocol'] = "inet"; $gateway['gateway'] = get_interface_gateway($gateway['interface']); /* no IP address found, set to dynamic */ if (!is_ipaddrv4($gateway['gateway'])) $gateway['gateway'] = "dynamic"; $gateway['dynamic'] = true; break; } }Here is what I changed it to, which seems to make it work. There is probably more correct way to do this.
/* if the gateway is dynamic and we can find the IPv4, Great! */ if (empty($gateway['gateway']) || $gateway['gateway'] == "dynamic") { if ($gateway['ipprotocol'] == "inet") { /* we know which interfaces is dynamic, this should be made a function */ switch($wancfg['ipaddr']) { case "dhcp": case "pppoe": case "pptp": case "ppp": $gateway['ipprotocol'] = "inet"; $gateway['gateway'] = get_interface_gateway($gateway['interface']); /* no IP address found, set to dynamic */ if (!is_ipaddrv4($gateway['gateway'])) $gateway['gateway'] = "dynamic"; $gateway['dynamic'] = true; break; default: $gateway['ipprotocol'] = "inet"; $gateway['gateway'] = get_interface_gateway($gateway['interface']); /* no IP address found, set to dynamic */ if (!is_ipaddrv4($gateway['gateway'])) $gateway['gateway'] = "dynamic"; $gateway['dynamic'] = true; break; } }Thanks,
Adam