pfctl -b is gone just use std tools of pfctl

2 files changed, 7 insertions, 12 deletions

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index cf6fbc9..883b737 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -139,17 +139,12 @@ function filter_delete_states_for_down_gateways() {
 				continue;
 			$gwstatus =& $a_gateways[$gateway['monitor']];
 			if (strstr($gwstatus['status'], "down")) {
-                        	$gwip = $gateway['gateway'];
-                        	if (!is_ipaddr($gwip))
-                                	$gwip = get_interface_gateway($gateway['friendlyiface']);
-                        	if (is_ipaddr($gwstatus['srcip'])) {
-					$cmd = "/sbin/pfctl -b {$gwstatus['srcip']}/32 ";
-					if (is_ipaddr($gwip))
-						$cmd .= "-b {$gwip}/32";
-					else
-						$cmd .= "-b 0.0.0.0/32";
-					mwexec($cmd);
-				}
+				if (!empty($gateway['interface']))
+					$gwiface = $gateway['interface'];
+				else
+					$gwiface = get_real_interface($gateway['friendlyiface']);
+				$cmd = "/sbin/pfctl -i {$gwiface} -k 0.0.0.0/0";
+				mwexec($cmd);
 			}
 		}
 	}
diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc
index 890710e..f6a3122 100644
--- a/etc/inc/interfaces.inc
+++ b/etc/inc/interfaces.inc
@@ -1188,7 +1188,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg =
 //	log_error("Checking for old router states: {$g['tmp_path']}/{$realif}_router = {$old_router}");
 	if (!empty($old_router)) {
 		log_error("Clearing states to old gateway {$old_router}.");
-		mwexec("/sbin/pfctl -b 0.0.0.0/32 -b {$old_router}/32");
+		mwexec("/sbin/pfctl -i {$realif} -k 0.0.0.0/0");
 	}
 
 	/* remove interface up file if it exists */