summaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/filter.inc22
-rw-r--r--etc/inc/pfsense-utils.inc27
2 files changed, 25 insertions, 24 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 7d67a5b..6ef7870 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1337,12 +1337,10 @@ function generate_user_filter_rule_arr($rule, $ngcounter) {
$line = generate_user_filter_rule($rule, $ngcounter);
$ret['rule'] = $line;
$ret['interface'] = $rule['interface'];
- if ($line[0] != '#') {
- if($rule['descr'] != "" and $line != "")
- $ret['descr'] = "label \"USER_RULE: " . str_replace('"', '', $rule['descr']) . "\"";
- else
- $ret['descr'] = "label \"USER_RULE\"";
- }
+ if($rule['descr'] != "" and $line != "")
+ $ret['descr'] = "label \"USER_RULE: " . str_replace('"', '', $rule['descr']) . "\"";
+ else
+ $ret['descr'] = "label \"USER_RULE\"";
$ret['ackq'] = get_ack_queue($rule['interface']);
return $ret;
@@ -1395,7 +1393,7 @@ function generate_user_filter_rule($rule, $ngcounter) {
/* don't include disabled rules */
if (isset($rule['disabled'])) {
- return "# rule " . $rule['descr'] . " disabled ";
+ return "# rule " . $rule['descr'] . " disabled \n";
}
$pptpdcfg = $config['pptpd'];
@@ -1433,8 +1431,6 @@ function generate_user_filter_rule($rule, $ngcounter) {
if($config['pppoe']['n_pppoe_units'] <> "")
$nif = $config['pppoe']['n_pppoe_units'];
$ispppoe = true;
- } else if(!isset($rule['interface'])) {
- return '# Interface empty for rule: '.$rule['descr'];
} else {
/* Check to see if the interface is opt and in our opt list */
@@ -2891,10 +2887,10 @@ anchor "imspector"
anchor "miniupnpd"
#---------------------------------------------------------------------------
-# default deny rules
+# default rules (just to be sure)
#---------------------------------------------------------------------------
-block in $log quick all label "Default deny rule"
-block out $log quick all label "Default deny rule"
+block in $log quick all label "Default block all just to be sure."
+block out $log quick all label "Default block all just to be sure."
EOD;
@@ -3298,4 +3294,4 @@ function return_vpn_subnet($adr) {
}
-?>
+?> \ No newline at end of file
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index bfc3808..38228bd 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -2452,15 +2452,21 @@ function cleanup_opt_interfaces_after_removal($opt_interface_num) {
unlink_if_exists("{$g['tmp_path']}/config.cache");
$config_file = file_get_contents("/cf/conf/config.xml");
/* loop through and reassign deleted items */
- $orig = array('opt'.$opt_interface_num,'OPT'.$opt_interface_num);
- $repl = array('optXXXX','OPTXXXX');
- for ($i = $opt_interface_num+1; isset ($config['interfaces']['opt' . $i]); $i++) {
- array_push($orig,'opt'.$i);
- array_push($repl,'opt'.($i -1));
- array_push($orig,'OPT'.$i);
- array_push($repl,'OPT'.($i -1));
- }
- $config_file = str_replace($orig, $repl, $config_file);
+ for ($i = 500; isset ($config['interfaces']['opt' . $i]); $i--) {
+ if ($i < $opt_interface_num)
+ break;
+ if ($i == $opt_interface_num) {
+ /* item should be deleted */
+ str_replace("opt" . $i, "optXXXX", $config_file);
+ }
+ }
+ /* loop through and reassign optional items */
+ for ($i = 500; isset ($config['interfaces']['opt' . $i]); $i--) {
+ if ($i < $opt_interface_num)
+ break;
+ /* replace opt$i with $i -1 */
+ str_replace("opt" . $i, "opt" . ($i -1), $config_file);
+ }
$fd = fopen("/cf/conf/config.xml", "w");
fwrite($fd, $config_file);
fclose($fd);
@@ -2484,7 +2490,6 @@ function cleanup_opt_interfaces_after_removal($opt_interface_num) {
if($config['nat']['rule'][$x]['interface'] == "optXXXX")
unset($config['nat']['rule'][$x]['interface']);
}
- write_config();
conf_mount_ro();
config_unlock();
return true;
@@ -3617,4 +3622,4 @@ function is_wan_interface_up($interface) {
return false;
}
-?>
+?> \ No newline at end of file
OpenPOWER on IntegriCloud