Project

General

Profile

Actions
Copy link

Todo #16551

closed

Update output and parsing behavior for PHP shell ``pfanchordrill``

Added by Marcos M about 1 month ago. Updated 17 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Marcos M
Category:
Rules / NAT
Target version:
2.9.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
25.11
Release Notes:
Default

Description

The pf anchor parsing done in pfanchordrill currently may not work with Captive Portal. When a Captive Portal zone has an allowed hostname, the output of the script shows:

cpzoneid_2_allowedhosts rules/nat contents:

hostname_0 rules/nat contents:
pfctl: DIOCGETRULES: Invalid argument
pfctl: DIOCGETRULES: Invalid argument

Even after deleting all allowed hostnames the issue persists until a reboot. This kind of issue has also occurred previously: #13142

To avoid the need to handling each anchor name as well as behavior specific to Captive Portal, change the way that anchors are parsed to instead use the recursive pfctl parameter -a '*'.

Actions
Copy link
 #1

Updated by Marcos M about 1 month ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #2

Updated by Georgiy Tyutyunnik 17 days ago

  • Status changed from Feedback to Resolved

fixed, patch/change works
tested on
25.11-RELEASE (amd64)
built on Mon Dec 1 17:59:00 UTC 2025
FreeBSD 16.0-CURRENT

Actions
Copy link

Also available in: Atom PDF