From 8844e7260ac34cd44687c8fc500b00d9ab7fd553 Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Fri, 18 May 2018 17:21:33 +0000
Subject: [PATCH] rc: a bit for #2414

---
 src/etc/inc/filter.inc | 16 +++++++++++-----
 src/etc/rc.newwanip    |  6 +++---
 src/etc/rc.newwanipv6  |  6 +++---
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 99bd78646..f47051ff4 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -168,7 +168,7 @@ function filter_delete_states_for_down_gateways()
     }
 }
 
-function filter_configure_sync($verbose = false)
+function filter_configure_sync($verbose = false, $flush_states = false)
 {
     global $config;
 
@@ -308,7 +308,6 @@ function filter_configure_sync($verbose = false)
         }
     }
 
-
     filter_pflog_start();
 
     if ($verbose) {
@@ -441,7 +440,6 @@ function filter_configure_sync($verbose = false)
         mwexecf('/sbin/pfctl -k label -k %s', $label);
     }
 
-
     /*
      * check for a error while loading the rules file.  if an error has occurred
      * then output the contents of the error to the caller
@@ -494,7 +492,7 @@ function filter_configure_sync($verbose = false)
      * not there, the kill is still fine).
      */
     if (!is_bogonsv6_used()) {
-        exec('/sbin/pfctl -t bogonsv6 -T kill 2>/dev/null');
+        mwexec('/sbin/pfctl -t bogonsv6 -T kill');
     }
 
     if ($verbose) {
@@ -511,6 +509,15 @@ function filter_configure_sync($verbose = false)
         flush();
     }
 
+    if ($flush_states) {
+        mwexec('/sbin/pfctl -Fs');
+    }
+
+    if ($verbose) {
+        echo '.';
+        flush();
+    }
+
     configd_run('template reload OPNsense/Filter');
     configd_run('filter refresh_aliases', true);
 
@@ -519,7 +526,6 @@ function filter_configure_sync($verbose = false)
     }
 
     unlock($filterlck);
-    return 0;
 }
 
 function filter_generate_scrubing(&$FilterIflist)
diff --git a/src/etc/rc.newwanip b/src/etc/rc.newwanip
index 07b5708be..2b73b01f7 100755
--- a/src/etc/rc.newwanip
+++ b/src/etc/rc.newwanip
@@ -162,8 +162,8 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) {
     @unlink($cacheip_file);
 
     system_routing_configure(false, $interface);
-    setup_gateways_monitor();
-    filter_configure_sync();
+    setup_gateways_monitor(false);
+    filter_configure_sync(false, false /* XXX */);
 
     if (is_ipaddr($ip)) {
         @file_put_contents($cacheip_file, $ip);
@@ -171,5 +171,5 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) {
 
     plugins_configure('vpn', false, array($interface));
     plugins_configure('newwanip', false, array($interface));
-    rrd_configure();
+    rrd_configure(false);
 }
diff --git a/src/etc/rc.newwanipv6 b/src/etc/rc.newwanipv6
index dff78c83b..bcc2146af 100755
--- a/src/etc/rc.newwanipv6
+++ b/src/etc/rc.newwanipv6
@@ -143,8 +143,8 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) {
     @unlink($cacheip_file);
 
     system_routing_configure(false, $interface);
-    setup_gateways_monitor();
-    filter_configure_sync();
+    setup_gateways_monitor(false);
+    filter_configure_sync(false);
 
     if (is_ipaddr($ip)) {
         @file_put_contents($cacheip_file, $ip);
@@ -152,5 +152,5 @@ if (!is_ipaddr($cacheip) || $ip != $cacheip || !is_ipaddr($configip)) {
 
     plugins_configure('vpn', false, array($interface));
     plugins_configure('newwanip', false, array($interface));
-    rrd_configure();
+    rrd_configure(false);
 }