(trafficshaper) move enabled option to pipe/queue tag

src/opnsense/mvc/app/controllers/OPNsense/TrafficShaper/forms/dialogPipe.xml

 <form>
+    <field>
+        <id>pipe.enabled</id>
+        <label>enabled</label>
+        <type>checkbox</type>
+        <help>enable this pipe and it's related queues and rules</help>
+    </field>
     <field>
         <id>pipe.bandwidth</id>
         <label>bandwidth</label>

src/opnsense/mvc/app/controllers/OPNsense/TrafficShaper/forms/dialogQueue.xml

 <form>
+    <field>
+        <id>pipe.enabled</id>
+        <label>enabled</label>
+        <type>checkbox</type>
+        <help>enable this queue and it's related rules</help>
+    </field>
     <field>
         <id>queue.pipe</id>
         <label>pipe</label>

src/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.xml

@@ -4,10 +4,6 @@
         OPNsense traffic shaper
     </description>
     <items>
-        <enabled type="BooleanField">
-            <default>0</default>
-            <Required>Y</Required>
-        </enabled>
         <pipes>
             <pipe type="ArrayField">
                 <number type="IntegerField">
@@ -16,6 +12,10 @@
                     <ValidationMessage>Pipe number must be between 1...65535</ValidationMessage>
                     <Required>Y</Required>
                 </number>
+                <enabled type="BooleanField">
+                    <default>1</default>
+                    <Required>Y</Required>
+                </enabled>
                 <bandwidth type="IntegerField">
                     <Required>Y</Required>
                     <MinimumValue>1</MinimumValue>
@@ -67,6 +67,10 @@
                     <ValidationMessage>Queue number must be between 1...65535</ValidationMessage>
                     <Required>Y</Required>
                 </number>
+                <enabled type="BooleanField">
+                    <default>1</default>
+                    <Required>Y</Required>
+                </enabled>
                 <pipe type="ModelRelationField">
                     <Model>
                         <pipes>

src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf

@@ -70,11 +70,11 @@ add 150 deny layer2 not mac-type ip,ipv6
 #======================================================================================
 {% for intf_key,interface in interfaces.iteritems() %}
 {% if intf_key != "wan" and interface.ipaddr != "dhcp" and interface.ipaddr != "" %}
-add {{loop.index  + 1000}} allow udp from any to {{ interface.ipaddr }} dst-port 53 keep-state
-add {{loop.index  + 1000}} allow ip from any to { 255.255.255.255 or {{interface.ipaddr}} } in
-add {{loop.index  + 1000}} allow ip from { 255.255.255.255 or {{interface.ipaddr}} } to any out
-add {{loop.index  + 1000}} allow icmp from { 255.255.255.255 or {{interface.ipaddr}} } to any out icmptypes 0
-add {{loop.index  + 1000}} allow icmp from any to { 255.255.255.255 or {{interface.ipaddr}} } in icmptypes 8
+add {{loop.index  + 1000}} skipto 60000 udp from any to {{ interface.ipaddr }} dst-port 53 keep-state
+add {{loop.index  + 1000}} skipto 60000 ip from any to { 255.255.255.255 or {{interface.ipaddr}} } in
+add {{loop.index  + 1000}} skipto 60000 ip from { 255.255.255.255 or {{interface.ipaddr}} } to any out
+add {{loop.index  + 1000}} skipto 60000 icmp from { 255.255.255.255 or {{interface.ipaddr}} } to any out icmptypes 0
+add {{loop.index  + 1000}} skipto 60000 icmp from any to { 255.255.255.255 or {{interface.ipaddr}} } in icmptypes 8
 {% endif %}
 {% endfor %}
 
@@ -141,17 +141,22 @@ add 60000 return via any
 {% for rule in helpers.toList('OPNsense.TrafficShaper.rules.rule', 'sequence') %}
 {%    if helpers.getUUIDtag(rule.target) in ['pipe','queue'] %}
 {%        if helpers.getNodeByTag('interfaces.'+rule.interface) %}
+{%            if helpers.getUUID(rule.target).enabled|default('0') == '1' %}
+{%                if helpers.getUUIDtag(rule.target) == 'pipe' or
+                     helpers.getUUID(helpers.getUUID(rule.target).pipe).enabled|default('0') == '1'
+%}
 add {{loop.index  + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{
 helpers.getUUID(rule.target).number }} {{ rule.proto }} from {{ rule.source }} to {{rule.destination
 }} src-port  {{ rule.src_port }} dst-port {{ rule.dst_port }}  {{rule.direction}} via {{
 helpers.getNodeByTag('interfaces.'+rule.interface).if
 }}
+{%                   endif %}
+{%            endif %}
 {%        endif %}
 {%    endif %}
 {% endfor %}
 {% endif %}
 
-
 # pass authorized
 add 65533 pass ip from any to any
 

src/opnsense/service/templates/OPNsense/IPFW/rc.conf.d

@@ -6,6 +6,17 @@
 {%          endif %}
 {%      endfor %}
 {% endif %}
-firewall_enable="{% if OPNsense.TrafficShaper.enabled|default("0") == "1" or cp_zones %}YES{% else %}NO{% endif %}"
+{# collect enabled #}
+{% set shapers = [] %}
+{% if helpers.exists('OPNsense.TrafficShaper') %}
+{%     if helpers.exists('OPNsense.TrafficShaper.pipes.pipe') %}
+{%         for pipe in helpers.toList('OPNsense.TrafficShaper.pipes.pipe') %}
+{%             if pipe.enabled|default('0') == '1' %}
+{%                 do shapers.append(cp_key) %}
+{%             endif%}
+{%         endfor%}
+{%     endif %}
+{% endif %}
+firewall_enable="{% if shapers or cp_zones %}YES{% else %}NO{% endif %}"
 firewall_script="/usr/local/etc/rc.ipfw"
 dummynet_enable="YES"