summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/filter.inc22
-rw-r--r--etc/inc/pfsense-utils.inc3
2 files changed, 22 insertions, 3 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 0280bae..7fb5b83 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -86,6 +86,19 @@ function filter_configure_sync() {
echo "filter_configure_sync() being called $mt\n";
}
+ /* check to see if any rules reference a schedule
+ * and if so load ipfw for later usage.
+ */
+ foreach($config['filter']['rule'] as $rule) {
+ if($rule['schedule'])
+ $time_based_rules = true;
+ }
+ if($time_based_rules == true) {
+ $status =`kldstat | grep ipfw | wc -l | awk '{ print $1 }'`;
+ if($status < 1)
+ mwexec("/sbin/kldload ipfw");
+ }
+
$lan_if = $config['interfaces']['lan']['if'];
$wan_if = get_real_wan_interface();
@@ -1898,8 +1911,13 @@ function generate_user_filter_rule($rule, $ngcounter) {
/* is a time based rule schedule attached? */
if($rule['schedule']) {
$status = get_time_based_rule_status($rule['schedule']);
- if($status)
+ if($status) {
return $line;
+ } else {
+ /* rule is turned off, lets block the item */
+ $ipfw_rule = tdr_create_ipfw_rule($rule, "deny");
+ tdr_install_rule($ipfw_rule);
+ }
} else {
return $line;
}
@@ -3080,4 +3098,4 @@ function return_vpn_subnet($adr) {
}
-?>
+?> \ No newline at end of file
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index d4ea3a2..f3a4d3f 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -402,12 +402,13 @@ function tdr_create_ipfw_rule($rule, $type) {
}
function tdr_install_rule($rule) {
- mwexec("/sbin/ipfw -f add set 9 $rule");
+ mwexec("/sbin/ipfw -f add 1 set 9 $rule");
}
function tdr_install_set() {
/* set 8 contains time based rules */
mwexec("/sbin/ipfw -f delete set 8");
+ mwexec("/sbin/ipfw -f delete 1");
mwexec("/sbin/ipfw -f set swap 9 8");
}
OpenPOWER on IntegriCloud