upstream/opnsense-core
1
0
Fork 0
mirror of https://github.com/opnsense/core.git synced 2026-02-18 18:18:13 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Firewall: Rules [new]: Fix group rename in source_net, destination_net and SNAT/DNAT target fields (#9734)

Browse source 
* Firewall: Rules [new]: Fix group rename in source_net, destination_net and SNAT/DNAT target fields

* review comments @fichtner
This commit is contained in:
Monviech 2026-02-05 11:36:20 +01:00 committed by GitHub
parent cbc09e7c5a
commit aa6a813617
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 20 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
src/opnsense/mvc/app/models/OPNsense/Firewall/Group.php
View file

@ -45,7 +45,7 @@ class Group extends BaseModel
['nat', 'onetoone'],
['nat', 'outbound', 'rule'],
];
// os-firewall plugin paths
// mvc rules
$sources[] = ['OPNsense', 'Firewall', 'Filter', 'rules', 'rule'];
$sources[] = ['OPNsense', 'Firewall', 'Filter', 'snatrules', 'rule'];
$sources[] = ['OPNsense', 'Firewall', 'Filter', 'npt', 'rule'];
@ -80,17 +80,34 @@ class Group extends BaseModel
$has_changed = false;
foreach ($this->ruleIterator() as $node) {
$interfaces = explode(",", (string)$node->interface);
// interface works the same for legacy and mvc rules
if (in_array($oldname, $interfaces)) {
unset($interfaces[array_search((string)$oldname, $interfaces)]);
$interfaces[] = $newname;
$interfaces[array_search((string)$oldname, $interfaces)] = $newname;
$node->interface = implode(",", $interfaces);
$has_changed = true;
}
foreach (['source', 'destination'] as $net) {
// legacy rules
if (!empty($node->$net) && !empty($node->$net->network) && (string)$node->$net->network == $oldname) {
$node->$net->network = $newname;
$has_changed = true;
}
// mvc rules (source_net...)
$field = $net . '_net';
$value = (string)$node->$field;
if (!empty($value)) {
$nets = explode(',', $value);
if (in_array($oldname, $nets)) {
$nets[array_search($oldname, $nets)] = $newname;
$node->$field = implode(',', $nets);
$has_changed = true;
}
}
}
// SNAT/DNAT target
if (!empty($node->target) && (string)$node->target === $oldname) {
$node->target = $newname;
$has_changed = true;
}
}
return $has_changed;