firewall: clean up after #1800

plist

@@ -1048,7 +1048,6 @@
 /usr/local/www/services_unbound_overrides.php
 /usr/local/www/status_dhcp_leases.php
 /usr/local/www/status_dhcpv6_leases.php
-/usr/local/www/status_filter_reload.php
 /usr/local/www/status_gateway_groups.php
 /usr/local/www/status_gateways.php
 /usr/local/www/status_graph.php

src/etc/inc/filter.inc

@@ -397,8 +397,8 @@ function filter_configure_sync($verbose = false)
     filter_core_bootstrap($fw);
 
     plugins_firewall($fw);
+
     // register user rules
-    update_filter_reload_status(gettext("Generating filter rules"));
     foreach ($config['filter']['rule'] as $rule) {
         $sched = '';
         $descr = '';
@@ -438,7 +438,6 @@ function filter_configure_sync($verbose = false)
     }
 
     filter_pflog_start();
-    update_filter_reload_status(gettext("Initializing"), true);
 
     if ($verbose) {
         echo 'Configuring firewall.';
@@ -452,8 +451,6 @@ function filter_configure_sync($verbose = false)
         fixup_default_gateway($gateways_status, $gateways_arr);
     }
 
-    /* generate aliases */
-    update_filter_reload_status(gettext("Creating aliases"));
     $aliases = filter_generate_aliases($FilterIflist);
 
     if ($verbose) {
@@ -461,8 +458,6 @@ function filter_configure_sync($verbose = false)
         flush();
     }
 
-    /* generate nat rules */
-    update_filter_reload_status(gettext("Generating NAT rules"));
     $natrules = filter_nat_rules_generate($FilterIflist);
 
     if ($verbose) {
@@ -476,12 +471,10 @@ function filter_configure_sync($verbose = false)
     }
 
     /* enable pf if we need to, otherwise disable */
-    update_filter_reload_status(gettext("Loading filter rules"));
     if (!isset($config['system']['disablefilter'])) {
         mwexec("/sbin/pfctl -e", true);
     } else {
         mwexec("/sbin/pfctl -d", true);
-        update_filter_reload_status(gettext("Filter is disabled. Not loading rules."));
         if ($verbose) {
             echo "done.\n";
         }
@@ -540,29 +533,23 @@ function filter_configure_sync($verbose = false)
 
     $rules = "{$limitrules}\n";
     $rules .= "{$aliases} \n";
-    update_filter_reload_status(gettext("Setting up logging information"));
     $rules .= filter_setup_logging_interfaces($FilterIflist);
     $rules .= "\n";
     $rules .= "set skip on pfsync0\n";
     $rules .= "\n";
-    update_filter_reload_status(gettext("Setting up SCRUB information"));
     $rules .= filter_generate_scrubing($FilterIflist);
     $rules .= "\n";
-    update_filter_reload_status(gettext("Generating rules"));
     $rules .= $fw->anchorToText('nat,binat,rdr', 'head');
     $rules .= "{$natrules}\n";
     $rules .= $fw->anchorToText('nat,binat,rdr', 'tail');
     $rules .= $fw->anchorToText('fw', 'head');
     $rules .= filter_rules_legacy($FilterIflist);
     $rules .= $fw->outputFilterRules();
-    update_filter_reload_status(gettext("Creating IPsec rules..."));
     $rules .= filter_generate_ipsec_rules($FilterIflist);
     $rules .= $fw->anchorToText('fw', 'tail');
 
     unset($aliases, $natrules);
 
-    update_filter_reload_status(gettext("Executing packet filter reload"));
-
     // Copy rules.debug to rules.debug.old
     if (file_exists('/tmp/rules.debug')) {
         @copy('/tmp/rules.debug', '/tmp/rules.debug.old');
@@ -581,7 +568,6 @@ function filter_configure_sync($verbose = false)
     unset($rules_loading, $rules_error);
     $_grbg = exec('/sbin/pfctl -o basic -f /tmp/rules.debug 2>&1', $rules_error, $rules_loading);
 
-    update_filter_reload_status(gettext("Cleanup schedule states"));
     foreach ($sched_kill_states as $label) {
         mwexecf('/sbin/pfctl -k label -k %s', $label);
     }
@@ -627,7 +613,6 @@ function filter_configure_sync($verbose = false)
         unset($rules_loading, $rules_error);
 
         file_notice('filter_load', sprintf(gettext('There were error(s) loading the rules: %s%s'), $saved_line_error, $config_line_error), 'Filter Reload', '');
-        update_filter_reload_status(sprintf(gettext('There were error(s) loading the rules: %s%s'), $saved_line_error, $config_line_error));
         unlock($filterlck);
         return;
     }
@@ -644,8 +629,6 @@ function filter_configure_sync($verbose = false)
         $_grbg = exec('/sbin/pfctl -t bogonsv6 -T kill 2>/dev/null');
     }
 
-    update_filter_reload_status(gettext("Reloading filterdns daemon"));
-
     // collect all filterdns entries
     $filterdns = null;
     foreach (filter_expand_aliases() as $name => $aliascontent) {
@@ -670,20 +653,15 @@ function filter_configure_sync($verbose = false)
         mwexec("/usr/local/sbin/filterdns -p /var/run/filterdns.pid -i {$resolve_interval} -c /var/etc/filterdns.conf -d 1");
     }
 
-    update_filter_reload_status(gettext("Flushing schedule state"));
-
     if ($verbose) {
         echo '.';
         flush();
     }
 
-    update_filter_reload_status(gettext("Processing down interface states"));
     if (!isset($config['system']['kill_states'])) {
         filter_delete_states_for_down_gateways();
     }
 
-    update_filter_reload_status(gettext("Done"));
-
     if ($verbose) {
         echo "done.\n";
     }
@@ -1154,8 +1132,6 @@ function filter_generate_reflection_nat(&$FilterIflist, $rule, &$route_table, $n
     // Initialize natrules holder string
     $natrules = '';
 
-    update_filter_reload_status(sprintf(gettext("Creating reflection NAT rule for %s..."), $rule['descr']));
-
     /* TODO: Add this option to port forwards page. */
     if (isset($rule['staticnatport'])) {
         $static_port = " static-port";
@@ -1491,7 +1467,6 @@ function filter_nat_rules_generate(&$FilterIflist)
 
     $natrules = "no nat proto carp\n";
     $natrules .= "no rdr proto carp\n";
-    update_filter_reload_status(gettext("Creating 1:1 rules..."));
 
     $reflection_txt = "";
     $route_table = "";
@@ -1597,7 +1572,6 @@ function filter_nat_rules_generate(&$FilterIflist)
                 if (isset($obent['disabled'])) {
                     continue;
                 }
-                update_filter_reload_status(sprintf(gettext("Creating advanced outbound rule %s"), $obent['descr']));
                 $src = alias_expand($obent['source']['network']);
                 if (!$src) {
                     $src = $obent['source']['network'];
@@ -1647,15 +1621,12 @@ function filter_nat_rules_generate(&$FilterIflist)
         $config['nat']['outbound']['mode'] == "hybrid") {
         $natrules .= "\n# Outbound NAT rules (automatic)\n";
         /* standard outbound rules (one for each interface) */
-        update_filter_reload_status(gettext("Creating outbound NAT rules"));
         $tonathosts_array = filter_nat_rules_automatic_tonathosts($FilterIflist);
         $tonathosts = implode(" ", $tonathosts_array);
         $numberofnathosts = count($tonathosts_array);
 
         $natrules .= "\n# Subnets to NAT \n";
         if ($numberofnathosts > 0) {
-            update_filter_reload_status(gettext('Creating automatic outbound rules'));
-
             if ($numberofnathosts > 4) {
                 $natrules .= "table <tonatsubnets> { {$tonathosts} }\n";
                 $macroortable = "<tonatsubnets>";
@@ -1704,8 +1675,6 @@ function filter_nat_rules_generate(&$FilterIflist)
     if (isset($config['nat']['rule'])) {
         $natrules .= "\n# NAT Inbound Redirects\n";
           foreach ($config['nat']['rule'] as $rule) {
-            update_filter_reload_status(sprintf(gettext("Creating NAT rule %s"), $rule['descr']));
-
             if (isset($rule['disabled'])) {
                 continue;
             }

src/etc/inc/util.inc

@@ -1175,21 +1175,6 @@ function format_bytes($bytes)
     }
 }
 
-function update_filter_reload_status($text, $first = false)
-{
-    $filter_reload_status = '/var/run/filter_reload_status';
-
-    if ($first) {
-        @unlink($filter_reload_status);
-    }
-
-    @file_put_contents(
-      $filter_reload_status,
-      sprintf("%s: %s\n", microtime(true), $text),
-      FILE_APPEND
-    );
-}
-
 /****** util/return_dir_as_array
  * NAME
  *   return_dir_as_array - Return a directory's contents as an array.

src/etc/rc.filter_synchronize

@@ -169,8 +169,6 @@ function carp_sync_xml($url, $username, $password, $sections, $method = 'opnsens
 {
     global $config;
 
-    update_filter_reload_status("Syncing CARP data to {$url}");
-
     $transport_data = array();
     foreach ($sections as $section) {
         switch ($section) {
@@ -236,7 +234,6 @@ if (file_exists('/var/run/booting')) {
 }
 
 if (isset($config['hasync']) && is_array($config['hasync'])) {
-    update_filter_reload_status("Building high availability information");
     $hasync = $config['hasync'];
 
     if (empty($hasync['synchronizetoip'])) {
@@ -301,7 +298,6 @@ if (isset($config['hasync']) && is_array($config['hasync'])) {
         exit;
     }
 
-    update_filter_reload_status("Signaling CARP reload signal...");
     carp_sync_xml($synchronizeto, $username, $hasync['password'], $sections);
 
     if (count($argv) <= 1 || $argv[1] != 'restart' ) {