diff options
author | Ermal Luçi <eri@pfsense.org> | 2008-10-23 22:51:03 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2008-10-23 22:51:03 +0000 |
commit | 22f9a7b0e439b12fedfc4fae397f6c6be5babf85 (patch) | |
tree | 8308ea14e81f0254f8b83ef73107cce1d5f7daba /etc | |
parent | 76e74f41d4a77a436409b6435abdcdacc1fa9ad8 (diff) | |
download | pfsense-22f9a7b0e439b12fedfc4fae397f6c6be5babf85.zip pfsense-22f9a7b0e439b12fedfc4fae397f6c6be5babf85.tar.gz |
Another optimization which avoids passing the rules twice just to knwo that ipfw is needed.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 6a422c8..11b7123 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -94,24 +94,6 @@ function filter_configure_sync() { echo "filter_configure_sync() being called $mt\n"; } - /* check to see if any rules reference a schedule - * and if so load ipfw for later usage. - */ - foreach($config['filter']['rule'] as $rule) { - if($rule['sched']) { - $status = intval(`kldstat | grep ipfw | wc -l | awk '{ print $1 }'`); - if($status == "0") { - mute_kernel_msgs(); - mwexec("/sbin/kldload ipfw"); - unmute_kernel_msgs(); - } - exec("/sbin/ipfw delete set 9"); - exec("/sbin/ipfw delete 2"); - exec("/sbin/ipfw delete 3"); - break; - } - } - /* Get interface list to work with. */ generate_optcfg_array(); @@ -2429,12 +2411,12 @@ EOD; if (isset($config['filter']['rule'])) { + $load_ipfw_module = false; /* Pre-cache all our rules so we only have to generate them once */ $rule_arr1 = array(); $rule_arr2 = array(); /* - * XXX: This is a double pass but it needs to be this way. - * to allow users to override floating rules. + * NB: Floating rules need to be written before regular once. */ foreach ($config['filter']['rule'] as $rule) { update_filter_reload_status("Pre-caching {$rule['descr']}..."); @@ -2443,10 +2425,28 @@ EOD; $rule_arr1[] = generate_user_filter_rule_arr($rule); else $rule_arr2[] = generate_user_filter_rule_arr($rule); + if ($rule['sched']) + $load_ipfw_module = true; } } $rule_arr = array_merge($rule_arr1,$rule_arr2); + /* + * check to see if any rules reference a schedule + * and if so load ipfw for later usage. + */ + if ($load_ipfw_module == true) { + $status = intval(`kldstat | grep ipfw | wc -l | awk '{ print $1 }'`); + if($status == "0") { + mute_kernel_msgs(); + mwexec("/sbin/kldload ipfw"); + unmute_kernel_msgs(); + } + exec("/sbin/ipfw delete set 9"); + exec("/sbin/ipfw delete 2"); + exec("/sbin/ipfw delete 3"); + } + $ipfrules .= "\n# User-defined aliases follow\n"; /* tables for aliases */ foreach($table_cache as $table) |