From 1a3cd61deec8a34d5b2d5481eaf3b72132809de9 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Sun, 11 Jun 2017 19:35:36 +0200 Subject: [PATCH] move skip_rules_gw_down feature to rule processing --- .../mvc/app/library/OPNsense/Firewall/FilterRule.php | 5 +++++ src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php | 3 +++ 2 files changed, 8 insertions(+) diff --git a/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php b/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php index 0a94dbc31..71e03ef5e 100644 --- a/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php +++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php @@ -313,6 +313,11 @@ class FilterRule if (!empty($interface) && empty($this->interfaceMapping[$interface]['if'])) { $tmp['disabled'] = true; } + // disable rules when gateway is down and skip_rules_gw_down is set + if (!empty($tmp['skip_rules_gw_down']) && !empty($tmp['gateway']) && + empty($this->gatewayMapping[$tmp['gateway']])) { + $tmp['disabled'] = true; + } if (!isset($tmp['quick'])) { // all rules are quick by default except floating $tmp['quick'] = !isset($rule['floating']) ? true : false; diff --git a/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php b/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php index 7f2e32d00..447d6cb0e 100644 --- a/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php +++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php @@ -51,6 +51,9 @@ class Plugin if (!empty(Config::getInstance()->object()->system->disablereplyto)) { $this->systemDefaults['disablereplyto'] = true; } + if (!empty(Config::getInstance()->object()->system->skip_rules_gw_down)) { + $this->systemDefaults['skip_rules_gw_down'] = true; + } } /**