Revision edfe8c10
Added by Scott Ullrich over 19 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 39 | 39 |
require_once("notices.inc");
|
| 40 | 40 |
require_once("shaper.inc");
|
| 41 | 41 |
|
| 42 |
/* holds the items that will be executed *AFTER* the filter is fully loaded */ |
|
| 43 |
$after_filter_configure_run = array(); |
|
| 44 |
|
|
| 42 | 45 |
function filter_pflog_start() {
|
| 43 | 46 |
global $config, $g; |
| 44 | 47 |
if(isset($config['system']['developerspew'])) {
|
| ... | ... | |
| 66 | 69 |
|
| 67 | 70 |
/* reload filter sync */ |
| 68 | 71 |
function filter_configure_sync() {
|
| 69 |
global $config, $g; |
|
| 72 |
global $config, $g, $after_filter_configure_run;
|
|
| 70 | 73 |
if(isset($config['system']['developerspew'])) {
|
| 71 | 74 |
$mt = microtime(); |
| 72 | 75 |
echo "filter_configure_sync() being called $mt\n"; |
| ... | ... | |
| 219 | 222 |
if($config['system']['afterfilterchangeshellcmd'] <> "") {
|
| 220 | 223 |
mwexec($config['system']['afterfilterchangeshellcmd']); |
| 221 | 224 |
} |
| 225 |
|
|
| 226 |
/* run items scheduled for after filter configure run */ |
|
| 227 |
foreach($after_filter_configure_run as $afcr) {
|
|
| 228 |
mwexec($afcr); |
|
| 229 |
} |
|
| 222 | 230 |
|
| 223 | 231 |
return 0; |
| 224 | 232 |
} |
| ... | ... | |
| 466 | 474 |
} |
| 467 | 475 |
|
| 468 | 476 |
function filter_nat_rules_generate() {
|
| 469 |
global $config, $g; |
|
| 477 |
global $config, $g, $after_filter_configure_run;
|
|
| 470 | 478 |
|
| 471 | 479 |
$wancfg = $config['interfaces']['wan']; |
| 472 | 480 |
$lancfg = $config['interfaces']['lan']; |
| ... | ... | |
| 629 | 637 |
foreach ($iflist as $ifent => $ifname) {
|
| 630 | 638 |
$ifname_lower = convert_friendly_interface_to_friendly_descr(strtolower($ifname)); |
| 631 | 639 |
if(isset($config['interfaces'][strtolower($ifname)]['disableftpproxy'])) {
|
| 640 |
log_error("FTP proxy disabled for interface {$ifname} - ignoring.");
|
|
| 632 | 641 |
$interface_counter++; |
| 633 | 642 |
continue; |
| 634 | 643 |
} |
| ... | ... | |
| 726 | 735 |
$external_address = $rule['external-address']; |
| 727 | 736 |
if($external_address == "") |
| 728 | 737 |
$external_address = find_interface_ip(get_real_wan_interface()); |
| 729 |
/* install a pftpx helper, do not set a rule */ |
|
| 730 |
mwexec("/usr/local/sbin/pftpx -f {$target} -b {$external_address} -c 21 -g 21");
|
|
| 738 |
/* install a pftpx helper, do not set a rule. also use the delay filter configure run |
|
| 739 |
* routines because if this is the first bootup the filter is not completely configured |
|
| 740 |
* and thus pf is not fully running. otherwise we end up with: pftpx: pf is disabled |
|
| 741 |
*/ |
|
| 742 |
$after_filter_configure_run[] = "/usr/local/sbin/pftpx -f {$target} -b {$external_address} -c 21 -g 21 2>>/tmp/pftpx_errors";
|
|
| 731 | 743 |
} |
| 732 | 744 |
$dontinstallrdr = true; |
| 733 | 745 |
} |
| ... | ... | |
| 2187 | 2199 |
|
| 2188 | 2200 |
function carp_sync_xml($url, $password, $sections, $port = 80, $method = 'pfsense.restore_config_section') {
|
| 2189 | 2201 |
global $config, $g; |
| 2202 |
|
|
| 2203 |
if($g['booting']) |
|
| 2204 |
return; |
|
| 2205 |
|
|
| 2190 | 2206 |
$config_copy = $config; |
| 2191 | 2207 |
|
| 2192 | 2208 |
/* strip out nosync items */ |
| ... | ... | |
| 2341 | 2357 |
return " # error - {$adr['network']} ";
|
| 2342 | 2358 |
|
| 2343 | 2359 |
} |
| 2344 |
?> |
|
| 2360 |
?> |
|
Also available in: Unified diff
Globalize correct variables for delayed PFTPX launching.