flush ipfw when captiveportal is disabled

2026-03-17 10:04:41 +00:00 · 2015-01-02 13:34:26 +00:00 · 2015-01-02 13:34:26 +00:00 · 1ac3f123be
commit 1ac3f123be
parent f3d9e10b0a
2 changed files with 37 additions and 11 deletions
--- a/src/opnsense/mvc/app/models/OPNsense/CaptivePortal/CPClient.php
+++ b/src/opnsense/mvc/app/models/OPNsense/CaptivePortal/CPClient.php
@ -152,6 +152,27 @@ class CPClient {
        }
    }

+    /**
+     * check if captiveportal is enabled (traverse zones, if none active return false )
+     * @return bool
+     */
+    public function isEnabled()
+    {
+        $enabled_zones = 0 ;
+        foreach ($this->config->object()->captiveportal->children() as $cpzonename => $zone) {
+            if (isset($zone->enable)) {
+                $enabled_zones++;
+            }
+        }
+
+        if ($enabled_zones > 0) {
+            return true;
+        } else {
+            return false ;
+        }
+    }
+
+
    /**
     *
     * @param $zoneid
@ -255,18 +276,24 @@ class CPClient {
    /**
     * Reconfigure zones ( generate and load ruleset )
     */
-    public function reconfigure(){
-        $ruleset_filename = \Phalcon\DI\FactoryDefault::getDefault()->get('config')->globals->temp_path."/ipfw.rules";
-        $this->rules->generate($ruleset_filename);
+    public function reconfigure()
+    {
+        if ( $this->isEnabled() ) {
+            $ruleset_filename = \Phalcon\DI\FactoryDefault::getDefault()->get('config')->globals->temp_path."/ipfw.rules";
+            $this->rules->generate($ruleset_filename);

-        // load ruleset
-        $this->shell->exec("/sbin/ipfw -f ".$ruleset_filename);
+            // load ruleset
+            $this->shell->exec("/sbin/ipfw -f ".$ruleset_filename);

-        // update tables
-        $this->update();
+            // update tables
+            $this->update();

-        // after reinit all accounting rules are vanished, reapply them for active sessions
-        $this->loadAccounting();
+            // after reinit all accounting rules are vanished, reapply them for active sessions
+            $this->loadAccounting();
+        } else {
+            // captiveportal is disabled, flush all rules to be sure
+            $this->shell->exec("/sbin/ipfw -f flush" );
+        }
    }

    /**
--- a/src/opnsense/mvc/app/models/OPNsense/CaptivePortal/Rules.php
+++ b/src/opnsense/mvc/app/models/OPNsense/CaptivePortal/Rules.php
@ -293,8 +293,7 @@ class Rules {
        $this->rules[] = "add 65534 deny all from any to any";
    }

-
-
+    
    /**
     * load ruleset
     */