Adding pf early hooks similar to nat and filter pkg hooks. Name is 'pfearly'

1 files changed, 14 insertions, 0 deletions

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 8bf6a1d..358f692 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -238,6 +238,20 @@ function filter_configure_sync() {
 	  $rules .= "set limit states {$max_states}\n";
 	}
 
+	if(is_dir("/usr/local/pkg")) {
+		$files = split(" ", trim(`/usr/local/pkg/*.inc`));
+		foreach($files as $pkg_inc) {
+			update_filter_reload_status("Checking for early PF hooks in package {$pkg}");
+			require_once($pkg_inc);
+			$pkg = basename($pkg_inc);
+			$pkg_generate_rules = "{$pkg}_generate_pf_early";
+			if (function_exists($pkg_generate_rules)) {
+				update_filter_reload_status("Processing early PF rules for package {$pkg}");
+				$rules .= $pkg_generate_rules ('pfearly');
+			}
+		}
+	}
+
 	// Configure flowtable support if enabled.
 	flowtable_configure();