diff options
author | Ermal <eri@pfsense.org> | 2013-01-31 22:04:07 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-31 22:04:07 +0000 |
commit | 8f563bb423ab8a1c06a191b5fc772a260b042360 (patch) | |
tree | 86ca795cdc4d52a599eb3e588bf67168a6fa12b4 /etc | |
parent | b686e5d0ceff87525319a900b078fd41faede9b4 (diff) | |
download | pfsense-8f563bb423ab8a1c06a191b5fc772a260b042360.zip pfsense-8f563bb423ab8a1c06a191b5fc772a260b042360.tar.gz |
Use the better -Fs modifies to pf to kill the states by interface. Also kill both sides on an interface when -k needs to be used
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 2 | ||||
-rw-r--r-- | etc/inc/interfaces.inc | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index dc9fb7b..39f3ea7 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -143,7 +143,7 @@ function filter_delete_states_for_down_gateways() { $gwiface = $gateway['interface']; else $gwiface = get_real_interface($gateway['friendlyiface']); - $cmd = "/sbin/pfctl -i {$gwiface} -k 0.0.0.0/0"; + $cmd = "/sbin/pfctl -i {$gwiface} -Fs"; mwexec($cmd); } } diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index da8f99c..ce773ce 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -1235,7 +1235,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = // log_error("Checking for old router states: {$g['tmp_path']}/{$realif}_router = {$old_router}"); if (!empty($old_router)) { log_error("Clearing states to old gateway {$old_router}."); - mwexec("/sbin/pfctl -i {$realif} -k 0.0.0.0/0"); + mwexec("/sbin/pfctl -i {$realif} -Fs"); } /* remove interface up file if it exists */ |