Feature #10392: GRE: Tunnels cannot have IPv6 and IPv4 addresses … #4308
Conversation
There was a problem hiding this comment.
Rather than have any kind of fallback detection, the configuration should be upgraded directly to the new style. See the other functions in /etc/inc/upgrade_config.inc and so on.
Why make the user manually pick IPv4/IPv6? If they fill in just the v4 info, then it's v4. If they fill in just the v6 info, it's v6. If they fill in both, it's both. Input validation should allow one or the other to be empty (but not both).
…tion migration on upgrade.
|
Hi jim-p, I removed the selection box and added a possible upgrade code to upgrade_config.php. I tested the new code (except for the upgrade_config.php-part since I don't know how) on 2.4.5. There is one small issue, though: if using IPv4 and IPv6 at the same time, the newly added IPv6 gateway shows the buttons to delete and to edit it - something the IPv4 gateway does not. It doesn not seem to me as if this is related to my changes but I wanted to mention it. Thanks |
|
One more thing: You need to increase the value of To test that, you can start the PHP shell ( |
…) vs !== bug, fixed upgrade code. Increased config to 20.3.
| $input_errors[] = sprintf(gettext("A GRE tunnel with the same IPv4 tunnel network is already defined.")); | ||
| break; | ||
| } | ||
| if (($gre['if'] == $_POST['if']) && ($gre['tunnel-remote-addr6'] == $_POST['tunnel-remote-addr6'])) { | ||
| $input_errors[] = sprintf(gettext("A GRE tunnel with the same IPv6 tunnel network is already defined.")); |
There was a problem hiding this comment.
The original code outputs gre['remote-network'] which is not defined. Since the user put in the network themselves anyway (and should therefore know it without the error message telling them), I decided to just output which of the two possibly entered networks (v4/v6) already exists.
|
Thanks for the detailled feedback. I revised the complete wording on the GRE edit page and it should (hopefully) be more consistent now. I also used the opportunity to improve a few minor things such as limiting the IP-input fields to v4 and v6, respectively. The link1-variable still confuses me a bit but I changed it as proposed. |
|
works as expected, converting old-style GRE interfaces to new is OK It's better to set IPv6 subnet field inactive and add note, something like: ))->setHelp('The subnet is used for determining the IPv6 network needs to be 128 as enforced by kernel.')->setAttribute('disabled', true);tested on two 2.5.0.a.20200512.2320 |
|
The subnet is used for the route, though. |
…at the same time. This PR tries to change that.
This commit (only) patches the GRE part. GIF interfaces have to be patched separately; and while that patch should mostly consist of directly applying this commit to the gif-file/functions as well, I have no way of testing it.
Patch was tested on 2.4.4-RELEASE-p3. Since I did not come across any issues when merging this back onto master, I expect this to work on the latest master as well.
First commit to the pfSense project ever, so I'm neither sure if the "fallback mode for older configurations" is the right way to do it not if the code fulfils the quality standard in all points.