diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-04-03 20:46:15 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-04-03 20:46:15 +0000 |
commit | 81f0619c4c87dde2ed80bbc44f71c7e46c5552a3 (patch) | |
tree | 3258a58b6da980f03338e8e69140b8e4ac2b9a81 | |
parent | e73e73f67eb02f192565d90ef1e1d8f8ce2c993d (diff) | |
download | pfsense-81f0619c4c87dde2ed80bbc44f71c7e46c5552a3.zip pfsense-81f0619c4c87dde2ed80bbc44f71c7e46c5552a3.tar.gz |
Deal with block type rules correctly during time based rule operations
-rw-r--r-- | etc/inc/filter.inc | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 1f919f1..2f6ab59 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1947,13 +1947,20 @@ function generate_user_filter_rule($rule, $ngcounter) { if($schedule_xml_block) $status = get_time_based_rule_status($schedule_xml_block); if($status) { + log_error("[TDR DEBUG] status true -- rule type '$type'"); + if($type == "block") { + $ipfw_rule = tdr_create_ipfw_rule($rule, "deny"); + tdr_install_rule($ipfw_rule); + } return "$line"; } else { /* rule is turned off, if type == pass, deny traffic until * active else allow traffic until active */ - $ipfw_rule = tdr_create_ipfw_rule($rule, "deny"); - tdr_install_rule($ipfw_rule); + if($type == "pass") { + $ipfw_rule = tdr_create_ipfw_rule($rule, "deny"); + tdr_install_rule($ipfw_rule); + } return "# $line;"; } } else { |