From 9cd352e408a0f2bb874ad3bd0035fb932f305c7b Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Mon, 13 Apr 2026 15:30:28 +0200 Subject: [PATCH] backend: use bridges/bridged safe iteration --- src/etc/inc/filter.inc | 13 +++++++------ src/etc/inc/interfaces.inc | 12 +++--------- .../scripts/interfaces/reconfigure_bridges.php | 6 ++---- 3 files changed, 12 insertions(+), 19 deletions(-) diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index 70a9d733ff..a97db0314d 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -648,20 +648,21 @@ function filter_generate_aliases() function filter_rules_legacy(&$FilterIflist) { global $config; - $log = !isset($config['syslog']['nologdefaultblock']) ? "log" : ""; - $ipfrules = ""; + $log = !isset($config['syslog']['nologdefaultblock']) ? 'log' : ''; $bridge_interfaces = []; - if (!empty($config['bridges']['bridged'])) { - foreach ($config['bridges']['bridged'] as $bridge) { - $bridge_interfaces = array_merge(explode(',', $bridge['members'] ?? ''), $bridge_interfaces); - } + $ipfrules = ''; + + foreach (config_read_array('bridges', 'bridged', false) as $bridge) { + $bridge_interfaces = array_merge(explode(',', $bridge['members'] ?? ''), $bridge_interfaces); } + foreach ($FilterIflist as $on => $oc) { if (!in_array($on, $bridge_interfaces) && !isset($oc['internal_dynamic']) && $oc['if'] != 'lo0') { $ipfrules .= "antispoof {$log} for {$oc['if']} \n"; } } + return $ipfrules; } diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 6fcc773f8a..9da03f1147 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -188,13 +188,7 @@ function interfaces_wlan_clone($device) function interfaces_bridge_configure($device) { - global $config; - - if (!isset($config['bridges']['bridged'])) { - return null; - } - - foreach ($config['bridges']['bridged'] as $bridge) { + foreach (config_read_array('bridges', 'bridged', false) as $bridge) { if ($bridge['bridgeif'] == $device) { return _interfaces_bridge_configure($bridge); } @@ -3542,7 +3536,7 @@ function interface_parent_devices($device, $as_interface = false) } } } elseif (strstr($device, 'bridge')) { - foreach (config_read_array('bridges', 'bridged') as $bridge) { + foreach (config_read_array('bridges', 'bridged', false) as $bridge) { if ($device == $bridge['bridgeif']) { foreach (explode(',', $bridge['members'] ?? '') as $member) { /* bridge stores members as configured interfaces */ @@ -3650,7 +3644,7 @@ function interfaces_restart_by_device($verbose, $devices, $reconfigure = true) function link_interface_to_bridge($interface, $attach_device = null, $ifconfig_details = [/* must be set for attach to work */]) { - foreach (config_read_array('bridges', 'bridged') as $bridge) { + foreach (config_read_array('bridges', 'bridged', false) as $bridge) { if (!in_array($interface, explode(',', $bridge['members'] ?? ''))) { continue; } diff --git a/src/opnsense/scripts/interfaces/reconfigure_bridges.php b/src/opnsense/scripts/interfaces/reconfigure_bridges.php index 984b643706..804d3ff7d9 100755 --- a/src/opnsense/scripts/interfaces/reconfigure_bridges.php +++ b/src/opnsense/scripts/interfaces/reconfigure_bridges.php @@ -34,10 +34,8 @@ require_once 'system.inc'; $ifconfig_details = legacy_interfaces_details(); $current_bridgeifs = []; -if (isset($config['bridges']['bridged'])) { - foreach ($config['bridges']['bridged'] as $bridge) { - $current_bridgeifs[$bridge['bridgeif']] = $bridge; - } +foreach (config_read_array('bridges', 'bridged', false) as $bridge) { + $current_bridgeifs[$bridge['bridgeif']] = $bridge; } /* delete before update */