Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Package & firewall options

    Scheduled Pinned Locked Moved Development
    3 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dvserg
      last edited by

      Hello

      Some packages require the use of control filter firewall (squid & etc..).
      Possible add new stndard tag <filter_custom_rules>to the package XML file, and inplace modification in filter.inc for packages?
      This avoids the modification filter.inc in filter-depends packages.
      ps Of couse critical(system) packages must have first priority before other.
      pps sorry my english.</filter_custom_rules>

      SquidGuardDoc EN  RU Tutorial
      Localization ru_PFSense

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        Actually NO they should not have any priority.
        I have made sure that if you redirect packets to localhost they will be sent to but the Firewall->Rules must override default rules of packages for  various reasons.

        I think for your original request there is a hook somewhere that searches /usr/local/pkg for inc files and for functions with $packagename_filter_rules or some such. Check the squid function name…

        1 Reply Last reply Reply Quote 0
        • D
          dvserg
          last edited by

          @ermal:

          Actually NO they should not have any priority.
          I think for your original request there is a hook somewhere that searches /usr/local/pkg for inc files and for functions with $packagename_filter_rules or some such. Check the squid function name…

          I want to explain what I mean
          This hooks exists for squid, clamav, (and some other) Pkg

          if (is_package_installed('squid') && file_exists('/usr/local/pkg/squid.inc')) {
          require_once('squid.inc');
          $natrules .= squid_generate_rules('nat');
          }

          if (is_package_installed('clamav') && file_exists('/usr/local/pkg/clamav.inc')) {
          require_once('clamav.inc');
          $natrules .= clamav_generate_rules('nat');
          }

          May be possible check all pacсckages ?

          for ($installed_packages as $pkg) {
          if (is_package_installed($pkg['package-name']) && file_exists($pkg['package-incfile'])) {
          .. exec pkg _generate_rules('nat'); for package
          }
          }

          Sorry. Perhaps I did not understand your answer completely

          SquidGuardDoc EN  RU Tutorial
          Localization ru_PFSense

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.