Hidden rules and programming alias expansion
-
I remember there used to be (I think) a way to show the hidden rules - yes we can always cat the rules.debug file, but I thought I remembered a way to edit the hidden rules when you had to?
Was that phased out or moved?
Then there is alias expansion… I want to modify an auto-created rule to use an alias instead of capturing ALL traffic.
What I think I see happening is that if I create an alias (hosts) it is placed in the rules.debug, but not expanded to a table unless I add a rule that references it IN THE GUI.
This means that I can't simply change a the package to correct the firewall issue.
Can anyone give me some guidance?
In my specific case I add an alias, which is recorded:
BB_SIPROXD = "{ 192.168.0.32 }"
however the table entry:
table <bb_siproxd>{....
DOES NOT get created unless I add a dummy rule in the firewall.What I wanted to do was simply patch the line in siproxd.inc
-$rules .= "rdr on {$iface} proto udp from any to !($iface) port {$port} -> 127.0.0.1 port {$port}\n"; +$rules .= "rdr on {$iface} proto udp from <bb_siproxd> to !($iface) port {$port} -> 127.0.0.1 port {$port}\n";</bb_siproxd>However I would imagine I need to somehow cause the alias to be expanded to the table?
Thanks!</bb_siproxd>