Disabling/Enabling an FW rule from the Shell



  • Hi,

    It's a great feature to disable/enable a firewall rule via the firewall_rules.php page. How can I do that from the shell?

    Greetings from germany

    Steve



  • Can anyone help me please?


  • Rebel Alliance Developer Netgate

    It is not currently possible. Not in a way most people could accomplish.

    One could hand edit the config and reload the ruleset from the CLI, but that isn't easy (for most)



  • Thank you very much.

    How can I reload the ruleset from the CLI?

    /usr/local/sbin/pfSctl -c "interface newip $1"

    Every time this command is executed, my openvpn (client) gets disconnected :-(
    When I'm commenting out this line in the ovpn-linkup file, the disconnect won't happen, but my port forwardings aren't working anymore :-( So I have to disable the rule and enable it again a few seconds later.


  • Netgate Administrator

    This is a bit late and in fact it looks likd you've got some other problems there but….
    You can reload the config file from the command line using:

    /etc/rc.reload_all
    

    Your vpn client shouldn't be failing.

    Steve


Log in to reply