Skip to content

Instantly share code, notes, and snippets.

@kronenpj
Last active October 20, 2024 18:20
Show Gist options
  • Save kronenpj/e90258f12f7a40c4f38a23b609b3288b to your computer and use it in GitHub Desktop.
Save kronenpj/e90258f12f7a40c4f38a23b609b3288b to your computer and use it in GitHub Desktop.
OpnSense 24.7 - Disable WAN + OPT2 Interfaces during CARP Failover
#!/usr/local/bin/php
<?php
require_once("config.inc");
require_once("system.inc");
require_once("interfaces.inc");
require_once("interfaces.lib.inc");
require_once("util.inc");
$subsystem = !empty($argv[1]) ? $argv[1] : '';
$type = !empty($argv[2]) ? $argv[2] : '';
// Add more interfaces that need to be disabled/enabled after a CARP event.
//$iface_aliases = array('wan', 'opt2');
//$iface_names = array('wan' => 'igc0', 'opt2' => 'gif0');
$iface_aliases = array('wan', 'wan');
$iface_names = array('wan' => 'igc0');
$dhcp_ifaces = array('lan', 'opt3', 'opt1');
// Optional if you want the default route removed on the backup system
$lan_vip = 'YOUR_LAN_GATEWAY_Virtual_IP';
$remove_backup_route = False;
if ($type != 'MASTER' && $type != 'BACKUP' && $type != 'INIT') {
log_error("Carp '$type' event unknown from source '{$subsystem}'");
exit(1);
}
if (!strstr($subsystem, '@')) {
log_error("Carp '$type' event triggered from wrong source '{$subsystem}'");
exit(1);
}
if ($type === "MASTER") {
if ($config['interfaces']['wan']['enable'] == 0) {
foreach ($iface_aliases as $ifkey) {
// $iface_name = $iface_names[$ifkey];
log_error("enable interface '$ifkey' due CARP event '$type'");
$config['interfaces'][$ifkey]['enable'] = '1';
legacy_interface_flags($ifkey, 'up');
interface_configure(false, $ifkey, true, true);
write_config("enable interface '$ifkey' due CARP event '$type'", false);
//usleep(200 * 1000);
//foreach ($dhcp_ifaces as $dhkey) {
// $config['dhcpd'][$dhkey]['enable'] = true;
//}
}
} else {
log_msg("Carp '$type' duplicate event triggered.");
}
} else if ($type === "BACKUP") {
if ($config['interfaces']['wan']['enable'] == 1) {
foreach ($iface_aliases as $ifkey) {
// $iface_name = $iface_names[$ifkey];
log_error("disable interface '$ifkey' due CARP event '$type'");
//foreach ($dhcp_ifaces as $dhkey) {
// $config['dhcpd'][$dhkey]['enable'] = false;
//}
interface_reset($ifkey);
unset($config['interfaces'][$ifkey]['enable']);
interface_configure(false, $ifkey, true, false);
exec('/sbin/ifconfig ' . escapeshellarg($ifkey) . 'down 2>&1', $ifc, $ret);
write_config("disable interface '$ifkey' due CARP event '$type'", false);
if ($remove_backup_route === True) {
exec('/sbin/route del default >&1', $ifc, $ret);
exec('/sbin/route add default ' . $lan_vip . ' >&1', $ifc, $ret);
}
}
} else {
log_msg("Carp '$type' duplicate event triggered.");
}
}
?>
@kronenpj
Copy link
Author

I haven't found that to be a problem - I'm on spectrum as well. I usually receive the same IP with the same default router.

I will mention that on System: Gateways: Configuration: WAN gateway: Edit, I've checked the Upstream Gateway option (help states This will select the above gateway as a default gateway candidate.) and it's worked well for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment