diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-02-17 19:31:35 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-02-17 19:31:35 +0000 |
commit | 1a848f5ddfc96907657da9c6ce0bf003cb5d528f (patch) | |
tree | 0a3113cddd4bfccda18a399c9aba4faa1af5c1ec /etc | |
parent | 023c3cc0e4ff5f8fe19120dbc80de4ad1b03ed21 (diff) | |
download | pfsense-1a848f5ddfc96907657da9c6ce0bf003cb5d528f.zip pfsense-1a848f5ddfc96907657da9c6ce0bf003cb5d528f.tar.gz |
Add plugin system where packages can hook into the ruleset
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 71c5f63..1c5ba47 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -156,6 +156,12 @@ function filter_configure() { $rules_error = exec_command("/sbin/pfctl -f /tmp/rules.debug"); return "There was an error loading the rules.<p><pre>" . $rules_error . "</pre>"; } else { + /* process packager manager custom rules */ + $files = return_dir_as_array("/usr/local/pkg/pf/"); + foreach ($files as $file) { + $text = return_filename_as_string($file); + eval($text); + } return 0; } } @@ -662,6 +668,7 @@ function filter_nat_rules_generate_if($if, $src, $dst, $target) { $tgt = "0/32"; $natrule = <<<EOD + nat on $if from $src to any -> ($if) EOD; @@ -715,6 +722,8 @@ function filter_nat_rules_generate() { $natrules = ""; + $natrules .= "nat-anchor \"natrules/*\"\n"; + if(!isset($config['system']['disableftpproxy'])) $natrules .= "rdr on " . $lanif . " proto tcp from any to any port 21 -> 127.0.0.1 port 8021\n"; |