Revision 8eba2dc2
Added by Pi Ba over 9 years ago
| src/etc/inc/filter.inc | ||
|---|---|---|
| 430 | 430 |
* then output the contents of the error to the caller |
| 431 | 431 |
*/ |
| 432 | 432 |
if ($rules_loading <> 0) {
|
| 433 |
$saved_line_error = $rules_error[0]; |
|
| 434 |
$line_error = explode(":", $rules_error[0]);
|
|
| 435 |
$line_number = $line_error[1]; |
|
| 436 |
$line_split = file("{$g['tmp_path']}/rules.debug");
|
|
| 437 |
if (is_array($line_split)) {
|
|
| 438 |
$line_error = sprintf(gettext('The line in question reads [%1$d]: %2$s'), $line_number, $line_split[$line_number-1]);
|
|
| 439 |
} |
|
| 440 |
unset($line_split); |
|
| 441 |
|
|
| 442 |
/* Brutal ugly hack but required -- PF is stuck, unwedge */ |
|
| 443 |
if (strstr("$rules_error[0]", "busy")) {
|
|
| 444 |
exec("/sbin/pfctl -d; /sbin/pfctl -e; /sbin/pfctl -f {$g['tmp_path']}/rules.debug");
|
|
| 445 |
$error_msg = gettext("PF was wedged/busy and has been reset.");
|
|
| 446 |
file_notice("pf_busy", $error_msg, "pf_busy", "");
|
|
| 447 |
} else {
|
|
| 448 |
$_grbg = exec("/sbin/pfctl -o basic -f {$g['tmp_path']}/rules.debug.old 2>&1");
|
|
| 433 |
foreach($rules_error as $errorline) {
|
|
| 434 |
$saved_line_error = $errorline; |
|
| 435 |
$line_error = explode(":", $errorline);
|
|
| 436 |
$line_number = $line_error[1]; |
|
| 437 |
$line_split = file("{$g['tmp_path']}/rules.debug");
|
|
| 438 |
if (is_array($line_split)) {
|
|
| 439 |
$line_error = sprintf(gettext('The line in question reads [%1$d]: %2$s'), $line_number, $line_split[$line_number-1]);
|
|
| 440 |
} |
|
| 441 |
unset($line_split); |
|
| 442 |
|
|
| 443 |
/* Brutal ugly hack but required -- PF is stuck, unwedge */ |
|
| 444 |
if (strstr("$rules_error[0]", "busy")) {
|
|
| 445 |
exec("/sbin/pfctl -d; /sbin/pfctl -e; /sbin/pfctl -f {$g['tmp_path']}/rules.debug");
|
|
| 446 |
$error_msg = gettext("PF was wedged/busy and has been reset.");
|
|
| 447 |
file_notice("pf_busy", $error_msg, "pf_busy", "");
|
|
| 448 |
} else {
|
|
| 449 |
$_grbg = exec("/sbin/pfctl -o basic -f {$g['tmp_path']}/rules.debug.old 2>&1");
|
|
| 450 |
} |
|
| 451 |
if ($line_error and $line_number) {
|
|
| 452 |
file_notice("filter_load", sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $saved_line_error, $line_error), "Filter Reload", "");
|
|
| 453 |
update_filter_reload_status(sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $saved_line_error, $line_error));
|
|
| 454 |
unlock($filterlck); |
|
| 455 |
return; |
|
| 456 |
} |
|
| 449 | 457 |
} |
| 450 | 458 |
unset($rules_loading, $rules_error); |
| 451 |
|
|
| 452 |
if ($line_error and $line_number) {
|
|
| 453 |
file_notice("filter_load", sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $saved_line_error, $line_error), "Filter Reload", "");
|
|
| 454 |
update_filter_reload_status(sprintf(gettext('There were error(s) loading the rules: %1$s - %2$s'), $saved_line_error, $line_error));
|
|
| 455 |
unlock($filterlck); |
|
| 456 |
return; |
|
| 457 |
} |
|
| 458 | 459 |
} |
| 459 | 460 |
|
| 460 | 461 |
# If we are not using bogonsv6 then we can remove any bogonsv6 table from the running pf (if the table is not there, the kill is still fine). |
Also available in: Unified diff
fix showing when a error happens parsing pf rules