Servicecyclev4 patch270

From kitz wiki
Jump to: navigation, search

Default behaviour on pfSense is to cycle all services if any configured gateways go offline, this can include VPN's and tunnels not just broadband connectivity.

This can cause problems e.g. if your pfSense is hosting LAN services such as a NTP server or UPS daemon. Consider a scenario e.g. if you have a power cut, your WAN goes offline, pfSense then puts services into a cycle loop, which in turn drops connectivity to the UPS daemon so client machines are unaware of power status and battery level which might prevent automated safe shutdown/hibernation.

This patch changes the behaviour so services will only get cycled if a interface comes back online with a different IP address, if its a cycle keeping the existing IP, then it will not cycle all services, services such as OpenVPN should still behave the same as before.

This is the IPv4 version of the patch, there is also a IPv6 version.

Paste the below code into the Patch Contents box.

Add a description such as 'Better diagnostics limiters layout' in the Description box.

Set Path Strip Count to '0'.

Base Directory to '/'.

--- /etc/rc.newwanip    2023-06-28 04:51:31.000000000 +0100
+++ /etc/rc.newwanip   2023-07-22 00:12:33.150672000 +0100
@@ -103,7 +103,7 @@
        log_error("rc.newwanip called with empty interface.");
-       restart_packages();
+       // restart_packages();
@@ -233,10 +233,12 @@
                if (isset($config['system']['ip_change_kill_states'])) {
                        log_error("IP Address has changed, killing all states (ip_change_kill_states is set).");
+                       restart_packages();
                } else {
                        log_error("IP Address has changed, killing states on former IP Address $oldip.");
+                       restart_packages();
@@ -273,7 +275,7 @@
        /* restart L2TP VPN */
-       restart_packages();
+       // restart_packages();
        if (empty($config['interfaces'][$interface]['ipaddrv6'])) {