Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Disabling/Enabling an FW rule from the Shell

    Scheduled Pinned Locked Moved Development
    5 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      LA_FORGE
      last edited by

      Hi,

      It's a great feature to disable/enable a firewall rule via the firewall_rules.php page. How can I do that from the shell?

      Greetings from germany

      Steve

      1 Reply Last reply Reply Quote 0
      • L Offline
        LA_FORGE
        last edited by

        Can anyone help me please?

        1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          It is not currently possible. Not in a way most people could accomplish.

          One could hand edit the config and reload the ruleset from the CLI, but that isn't easy (for most)

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • L Offline
            LA_FORGE
            last edited by

            Thank you very much.

            How can I reload the ruleset from the CLI?

            /usr/local/sbin/pfSctl -c "interface newip $1"

            Every time this command is executed, my openvpn (client) gets disconnected :-(
            When I'm commenting out this line in the ovpn-linkup file, the disconnect won't happen, but my port forwardings aren't working anymore :-( So I have to disable the rule and enable it again a few seconds later.

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              This is a bit late and in fact it looks likd you've got some other problems there but….
              You can reload the config file from the command line using:

              /etc/rc.reload_all
              

              Your vpn client shouldn't be failing.

              Steve

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.