From d52f6ca1f2c3b463f0b0ca64f2fa547524aac0a1 Mon Sep 17 00:00:00 2001 From: Stephan de Wit Date: Fri, 7 Mar 2025 13:35:16 +0100 Subject: [PATCH] shaper: make sure dnctl is started before pf We cannot guarantee this happens via RC, so skip it there and unconditionally reload it during the filter reload. --- src/etc/inc/filter.inc | 2 ++ src/opnsense/service/conf/actions.d/actions_shaper.conf | 2 +- src/opnsense/service/templates/OPNsense/Shaper/rc.conf.d | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index 882357eee..366e77e09 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -373,6 +373,8 @@ function filter_configure_sync($verbose = false, $load_aliases = true) $fobj->truncate(0)->write($rules); + configd_run('shaper reload'); + @file_put_contents('/tmp/rules.limits', $limitrules); mwexec('/sbin/pfctl -Of /tmp/rules.limits'); exec('/sbin/pfctl -f /tmp/rules.debug 2>&1', $rules_error, $rules_loading); diff --git a/src/opnsense/service/conf/actions.d/actions_shaper.conf b/src/opnsense/service/conf/actions.d/actions_shaper.conf index e66b4dba2..1a12dd9dd 100644 --- a/src/opnsense/service/conf/actions.d/actions_shaper.conf +++ b/src/opnsense/service/conf/actions.d/actions_shaper.conf @@ -1,5 +1,5 @@ [reload] -command:/etc/rc.d/dnctl start +command:/etc/rc.d/dnctl start || true parameters: type:script message:restarting dummynet diff --git a/src/opnsense/service/templates/OPNsense/Shaper/rc.conf.d b/src/opnsense/service/templates/OPNsense/Shaper/rc.conf.d index fdb9a1c70..2ec147794 100644 --- a/src/opnsense/service/templates/OPNsense/Shaper/rc.conf.d +++ b/src/opnsense/service/templates/OPNsense/Shaper/rc.conf.d @@ -10,3 +10,4 @@ dummynet_enable="YES" dnctl_enable="{%if isEnabled %}YES{% else %}NO{% endif %}" dnctl_rules="/usr/local/etc/dnctl.conf" dnctl_setup="/usr/local/opnsense/scripts/shaper/setup.sh" +dnctl_skip="YES"