Skip to content

Commit

Permalink
firewall: do not switch gateway on bootup
Browse files Browse the repository at this point in the history 
(cherry picked from commit 0e286b3)
(cherry picked from commit 85fe552)
  • Loading branch information
@fichtner
fichtner committed Feb 9, 2023
1 parent d190e27 commit 6d22e7b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 6 deletions.
4 changes: 2 additions & 2 deletions src/etc/inc/filter.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ function ifgroup_setup()
}
}

function filter_configure_sync($verbose = false, $load_aliases = true)
function filter_configure_sync($verbose = false, $load_aliases = true, $switch_gw = true)
{
global $config;

Expand Down Expand Up @@ -252,7 +252,7 @@ function filter_configure_sync($verbose = false, $load_aliases = true)
}
}

if (isset($config['system']['gw_switch_default'])) {
if ($switch_gw && isset($config['system']['gw_switch_default'])) {
// When gateway switching is enabled, we might consider a different default gateway.
// although this isn't really the right spot for the feature (it's a monitoring/routing decision),
// we keep it here for now (historical reasons).
Expand Down
8 changes: 4 additions & 4 deletions src/etc/rc.bootup
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<?php

/*
* Copyright (C) 2014-2019 Franco Fichtner <franco@opnsense.org>
* Copyright (C) 2014-2023 Franco Fichtner <franco@opnsense.org>
* Copyright (C) 2004-2009 Scott Ullrich <sullrich@gmail.com>
* Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>
* Copyright (C) 2009 Erik Kristensen <erik@erikkristensen.com>
Expand Down Expand Up @@ -87,12 +87,12 @@ system_resolvconf_generate(true);
system_hosts_generate(true);
system_syslog_start(true);

filter_configure_sync(true, false); /* apply default policy before interface setup */
filter_configure_sync(true, false, false); /* apply default policy before interface setup */
interfaces_hardware(true);
interfaces_configure(true);
system_resolvconf_generate(true); /* requires runtime interface configuration */
system_hosts_generate(true); /* requires runtime interface configuration */
filter_configure_sync(true);
filter_configure_sync(true, true, false);
plugins_configure('early', true);
system_routing_configure(true, null, false);

Expand All @@ -101,7 +101,7 @@ plugins_configure('dhcrelay', true);
plugins_configure('dns', true);

plugins_configure('monitor', true, [null, true]);
filter_configure_sync(true);
filter_configure_sync(true, true, false);
plugins_configure('vpn', true);
plugins_configure('bootup', true);
rrd_configure(true, true);
Expand Down

0 comments on commit 6d22e7b

Please sign in to comment.