Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pfsense.rb #2985

Merged
merged 3 commits into from
Jan 29, 2024
Merged

Update pfsense.rb #2985

merged 3 commits into from
Jan 29, 2024

Conversation

anthonysomerset
Copy link
Contributor

@anthonysomerset anthonysomerset commented Nov 15, 2023
edited
Loading

excluding firewall rule created sections when generated automatically via pfblockerNG

Pre-Request Checklist

  • Passes rubocop code analysis (try rubocop --auto-correct)
  • Tests added or adapted (try rake test)
  • Changes are reflected in the documentation
  • User-visible changes appended to CHANGELOG.md

Description

PfSense Model Update
This changes adds extra exclusion criteria for config that will change excessively during normal operation, specifically it will exclude the block of firewall rules ONLY when the username is "Auto" - these are rules created by tools such as pfBlockerNG and can update frequently causing high config update churn for pfsense - for manually created rules they are not touched

This could likely be extended to OpnSense but i don't have devices to validate this on

Blocks like this will be removed:

<created>
	<time>1696068193</time>
	<username><![CDATA[Auto]]></username>
</created>

but not like this (manual rule edits by users)

<created>
	<time>1476696788</time>
	<username><![CDATA[admin@<REDACTEDIPADDRESS>:7495]]></username>
</created>

@aschaber1
Copy link
Collaborator

@anthonysomerset , please add an entry to the changelog :)

@anthonysomerset
Copy link
Contributor Author

@aschaber1 done - sorry it took so long :)

@anthonysomerset
Update pfsense.rb
9c8d924 
excluding firewall rule created sections when generated automatically via pfblockerNG
@anthonysomerset
Update CHANGELOG.md
be5ccbe
@anthonysomerset
Copy link
Contributor Author

also rebased to fix the merge conflicts ;)

@robertcheramy robertcheramy merged commit 94f308f into ytti:master Jan 29, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@anthonysomerset @aschaber1 @robertcheramy