Commit d64260cb authored by Ad Schellevis's avatar Ad Schellevis

(trafficshaper) move enabled option to pipe/queue tag

parent 44f70602
<form> <form>
<field>
<id>pipe.enabled</id>
<label>enabled</label>
<type>checkbox</type>
<help>enable this pipe and it's related queues and rules</help>
</field>
<field> <field>
<id>pipe.bandwidth</id> <id>pipe.bandwidth</id>
<label>bandwidth</label> <label>bandwidth</label>
......
<form> <form>
<field>
<id>pipe.enabled</id>
<label>enabled</label>
<type>checkbox</type>
<help>enable this queue and it's related rules</help>
</field>
<field> <field>
<id>queue.pipe</id> <id>queue.pipe</id>
<label>pipe</label> <label>pipe</label>
......
...@@ -4,10 +4,6 @@ ...@@ -4,10 +4,6 @@
OPNsense traffic shaper OPNsense traffic shaper
</description> </description>
<items> <items>
<enabled type="BooleanField">
<default>0</default>
<Required>Y</Required>
</enabled>
<pipes> <pipes>
<pipe type="ArrayField"> <pipe type="ArrayField">
<number type="IntegerField"> <number type="IntegerField">
...@@ -16,6 +12,10 @@ ...@@ -16,6 +12,10 @@
<ValidationMessage>Pipe number must be between 1...65535</ValidationMessage> <ValidationMessage>Pipe number must be between 1...65535</ValidationMessage>
<Required>Y</Required> <Required>Y</Required>
</number> </number>
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<bandwidth type="IntegerField"> <bandwidth type="IntegerField">
<Required>Y</Required> <Required>Y</Required>
<MinimumValue>1</MinimumValue> <MinimumValue>1</MinimumValue>
...@@ -67,6 +67,10 @@ ...@@ -67,6 +67,10 @@
<ValidationMessage>Queue number must be between 1...65535</ValidationMessage> <ValidationMessage>Queue number must be between 1...65535</ValidationMessage>
<Required>Y</Required> <Required>Y</Required>
</number> </number>
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<pipe type="ModelRelationField"> <pipe type="ModelRelationField">
<Model> <Model>
<pipes> <pipes>
......
...@@ -70,11 +70,11 @@ add 150 deny layer2 not mac-type ip,ipv6 ...@@ -70,11 +70,11 @@ add 150 deny layer2 not mac-type ip,ipv6
#====================================================================================== #======================================================================================
{% for intf_key,interface in interfaces.iteritems() %} {% for intf_key,interface in interfaces.iteritems() %}
{% if intf_key != "wan" and interface.ipaddr != "dhcp" and interface.ipaddr != "" %} {% if intf_key != "wan" and interface.ipaddr != "dhcp" and interface.ipaddr != "" %}
add {{loop.index + 1000}} allow udp from any to {{ interface.ipaddr }} dst-port 53 keep-state add {{loop.index + 1000}} skipto 60000 udp from any to {{ interface.ipaddr }} dst-port 53 keep-state
add {{loop.index + 1000}} allow ip from any to { 255.255.255.255 or {{interface.ipaddr}} } in add {{loop.index + 1000}} skipto 60000 ip from any to { 255.255.255.255 or {{interface.ipaddr}} } in
add {{loop.index + 1000}} allow ip from { 255.255.255.255 or {{interface.ipaddr}} } to any out add {{loop.index + 1000}} skipto 60000 ip from { 255.255.255.255 or {{interface.ipaddr}} } to any out
add {{loop.index + 1000}} allow icmp from { 255.255.255.255 or {{interface.ipaddr}} } to any out icmptypes 0 add {{loop.index + 1000}} skipto 60000 icmp from { 255.255.255.255 or {{interface.ipaddr}} } to any out icmptypes 0
add {{loop.index + 1000}} allow icmp from any to { 255.255.255.255 or {{interface.ipaddr}} } in icmptypes 8 add {{loop.index + 1000}} skipto 60000 icmp from any to { 255.255.255.255 or {{interface.ipaddr}} } in icmptypes 8
{% endif %} {% endif %}
{% endfor %} {% endfor %}
...@@ -141,6 +141,10 @@ add 60000 return via any ...@@ -141,6 +141,10 @@ add 60000 return via any
{% for rule in helpers.toList('OPNsense.TrafficShaper.rules.rule', 'sequence') %} {% for rule in helpers.toList('OPNsense.TrafficShaper.rules.rule', 'sequence') %}
{% if helpers.getUUIDtag(rule.target) in ['pipe','queue'] %} {% if helpers.getUUIDtag(rule.target) in ['pipe','queue'] %}
{% if helpers.getNodeByTag('interfaces.'+rule.interface) %} {% if helpers.getNodeByTag('interfaces.'+rule.interface) %}
{% if helpers.getUUID(rule.target).enabled|default('0') == '1' %}
{% if helpers.getUUIDtag(rule.target) == 'pipe' or
helpers.getUUID(helpers.getUUID(rule.target).pipe).enabled|default('0') == '1'
%}
add {{loop.index + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{ add {{loop.index + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{
helpers.getUUID(rule.target).number }} {{ rule.proto }} from {{ rule.source }} to {{rule.destination helpers.getUUID(rule.target).number }} {{ rule.proto }} from {{ rule.source }} to {{rule.destination
}} src-port {{ rule.src_port }} dst-port {{ rule.dst_port }} {{rule.direction}} via {{ }} src-port {{ rule.src_port }} dst-port {{ rule.dst_port }} {{rule.direction}} via {{
...@@ -148,10 +152,11 @@ helpers.getNodeByTag('interfaces.'+rule.interface).if ...@@ -148,10 +152,11 @@ helpers.getNodeByTag('interfaces.'+rule.interface).if
}} }}
{% endif %} {% endif %}
{% endif %} {% endif %}
{% endif %}
{% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
# pass authorized # pass authorized
add 65533 pass ip from any to any add 65533 pass ip from any to any
......
...@@ -6,6 +6,17 @@ ...@@ -6,6 +6,17 @@
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
firewall_enable="{% if OPNsense.TrafficShaper.enabled|default("0") == "1" or cp_zones %}YES{% else %}NO{% endif %}" {# collect enabled #}
{% set shapers = [] %}
{% if helpers.exists('OPNsense.TrafficShaper') %}
{% if helpers.exists('OPNsense.TrafficShaper.pipes.pipe') %}
{% for pipe in helpers.toList('OPNsense.TrafficShaper.pipes.pipe') %}
{% if pipe.enabled|default('0') == '1' %}
{% do shapers.append(cp_key) %}
{% endif%}
{% endfor%}
{% endif %}
{% endif %}
firewall_enable="{% if shapers or cp_zones %}YES{% else %}NO{% endif %}"
firewall_script="/usr/local/etc/rc.ipfw" firewall_script="/usr/local/etc/rc.ipfw"
dummynet_enable="YES" dummynet_enable="YES"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment