diff options
Diffstat (limited to 'etc/inc/filter.inc')
-rw-r--r-- | etc/inc/filter.inc | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index c9d8b92..211f33a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -57,6 +57,9 @@ $GatewaysList = array(); /* Used for the hostname dns resolver */ $filterdns = ""; +/* Used for aliases and interface macros */ +$aliases = ""; + function flowtable_configure() { global $config, $g; return; @@ -172,7 +175,7 @@ function filter_delete_states_for_down_gateways() { /* reload filter sync */ function filter_configure_sync() { global $config, $g, $after_filter_configure_run, $FilterIflist; - global $time_based_rules, $filterdns; + global $time_based_rules, $filterdns, $aliases; /* Use config lock to not allow recursion and config changes during this run. */ $filterlck = lock('config'); @@ -1095,7 +1098,7 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " } function filter_nat_rules_generate() { - global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList; + global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList, $aliases; $natrules = "nat-anchor \"natearly/*\"\n"; @@ -2689,17 +2692,15 @@ EOD; } function discover_pkg_rules($ruletype) { - global $config, $g; + global $config, $g, $aliases; /* Bail if there is no pkg directory, or if the package files might be out of sync. */ if(!is_dir("/usr/local/pkg") || file_exists('/conf/needs_package_sync')) return ""; $rules = ""; - $files = split("\n", trim(`ls /usr/local/pkg/*.inc`)); + $files = glob("/usr/local/pkg/*.inc"); foreach($files as $pkg_inc) { - if($pkg_inc == "ls: No match.") - continue; update_filter_reload_status(sprintf(gettext("Checking for %1$s PF hooks in package %2$s"), $ruletype, $pkg_inc)); require_once($pkg_inc); $pkg = basename($pkg_inc, ".inc"); @@ -2707,7 +2708,7 @@ function discover_pkg_rules($ruletype) { if(function_exists($pkg_generate_rules)) { update_filter_reload_status(sprintf(gettext("Processing early %1$s rules for package %2$s"), $ruletype, $pkg_inc)); $tmprules = $pkg_generate_rules("$ruletype"); - file_put_contents("{$g['tmp_path']}/rules.test.packages", $tmprules); + file_put_contents("{$g['tmp_path']}/rules.test.packages", $aliases . $tmprules); $status = mwexec("/sbin/pfctl -nf {$g['tmp_path']}/rules.test.packages"); if ($status <> 0) { $errorrules = sprintf(gettext("There was an error while parsing the package filter rules for %s."), $pkg_inc) . "\n"; |