Commit 5f14ec36 authored by Franco Fichtner's avatar Franco Fichtner

firewall: remove schedule expiry override

This is the default for pf(4), we don't need a kernel patch to
override this.
parent 726e4c05
...@@ -2702,9 +2702,7 @@ function filter_generate_user_rule(&$FilterIflist, $rule) ...@@ -2702,9 +2702,7 @@ function filter_generate_user_rule(&$FilterIflist, $rule)
foreach ($config['schedules']['schedule'] as $sched) { foreach ($config['schedules']['schedule'] as $sched) {
if ($sched['name'] == $rule['sched']) { if ($sched['name'] == $rule['sched']) {
if (!filter_get_time_based_rule_status($sched)) { if (!filter_get_time_based_rule_status($sched)) {
if (!isset($config['system']['schedule_states'])) { /* looks weird but is fine: printed in rules for traceability */
mwexec("/sbin/pfctl -y {$sched['schedlabel']}");
}
return "# schedule finished - {$rule['descr']}"; return "# schedule finished - {$rule['descr']}";
} }
$aline['schedlabel'] = " schedule \"{$sched['schedlabel']}\" "; $aline['schedlabel'] = " schedule \"{$sched['schedlabel']}\" ";
......
...@@ -85,7 +85,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -85,7 +85,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['crypto_hardware'] = !empty($config['system']['crypto_hardware']) ? $config['system']['crypto_hardware'] : null; $pconfig['crypto_hardware'] = !empty($config['system']['crypto_hardware']) ? $config['system']['crypto_hardware'] : null;
$pconfig['cryptodev_enable'] = isset($config['system']['cryptodev_enable']); $pconfig['cryptodev_enable'] = isset($config['system']['cryptodev_enable']);
$pconfig['thermal_hardware'] = !empty($config['system']['thermal_hardware']) ? $config['system']['thermal_hardware'] : null; $pconfig['thermal_hardware'] = !empty($config['system']['thermal_hardware']) ? $config['system']['thermal_hardware'] : null;
$pconfig['schedule_states'] = isset($config['system']['schedule_states']);
$pconfig['kill_states'] = isset($config['system']['kill_states']); $pconfig['kill_states'] = isset($config['system']['kill_states']);
$pconfig['skip_rules_gw_down'] = isset($config['system']['skip_rules_gw_down']); $pconfig['skip_rules_gw_down'] = isset($config['system']['skip_rules_gw_down']);
$pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']); $pconfig['use_mfs_tmpvar'] = isset($config['system']['use_mfs_tmpvar']);
...@@ -164,12 +163,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -164,12 +163,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
unset($config['system']['thermal_hardware']); unset($config['system']['thermal_hardware']);
} }
if (!empty($pconfig['schedule_states'])) {
$config['system']['schedule_states'] = true;
} elseif (isset($config['system']['schedule_states'])) {
unset($config['system']['schedule_states']);
}
if (!empty($pconfig['kill_states'])) { if (!empty($pconfig['kill_states'])) {
$config['system']['kill_states'] = true; $config['system']['kill_states'] = true;
} elseif (isset($config['system']['kill_states'])) { } elseif (isset($config['system']['kill_states'])) {
...@@ -418,19 +411,6 @@ include("head.inc"); ...@@ -418,19 +411,6 @@ include("head.inc");
</div> </div>
</td> </td>
</tr> </tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Schedules"); ?></th>
</tr>
<tr>
<td><a id="help_for_schedule_states" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Schedule States"); ?></td>
<td>
<input name="schedule_states" type="checkbox" value="yes" <?=!empty($pconfig['schedule_states']) ? "checked=\"checked\"" :"";?> />
<div class="hidden" for="help_for_schedule_states">
<?=gettext("By default schedules clear the states of existing connections when the expiration time has come. ".
"This option overrides that behavior by not clearing states for existing connections."); ?>
</div>
</td>
</tr>
<tr> <tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Gateway Monitoring"); ?></th> <th colspan="2" valign="top" class="listtopic"><?=gettext("Gateway Monitoring"); ?></th>
</tr> </tr>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment