Skip to content

Instantly share code, notes, and snippets.

@libcrack

libcrack/bypass_filter.php

Created May 12, 2024 14:17
Show Gist options
  • Save libcrack/4f1fdb489866b9aded520e4c4ed079fe to your computer and use it in GitHub Desktop.
Save libcrack/4f1fdb489866b9aded520e4c4ed079fe to your computer and use it in GitHub Desktop.
Download ZIP
PHP script to enable/disable custom pfSense firewall rules
Raw
bypass_filter.php
#!/usr/local/bin/php-cgi -f
# devnull@libcrack.so
# Thu Mar 2 19:48:14 CET 2023
<?php
require_once("globals.inc");
require_once("filter.inc");
require_once("util.inc");
require_once("config.inc");
global $config;
if (count($argv) !== 3) {
echo("Usage: $argv[0] <enable|disable> [rule string]\n");
echo("\nExample:");
echo("\n\t$argv[0] enable");
echo("\n\t$argv[0] enable \"myRuleDescription\"");
echo("\n\t$argv[0] disable \"myOtherRuleDescription\"");
echo("\n\t$argv[0] enable \"myOtherRuleDescription\"\n\n");
exit(1);
}
// enable | disable
$action = $argv[1];
// rule regexp
$rule_description = '';
if (isset($argv[2])) {
$rule_description = $argv[2];
} else {
echo("Usage: $argv[0] <enable|disable> [rule string]\n");
exit(1);
}
// parse_config(true);
$config = parse_config(true);
foreach ($config['filter']['rule'] as &$value) {
if (strpos($value['descr'], $rule_description) !== false) {
if (strpos(strtolower($action), 'disable') !== false) {
print ("Disabling rule: ".$value['descr']."\n");
$value['disabled'] = true;
}
if (strpos(strtolower($action), 'enable') !== false) {
print ("Enabling rule: ".$value['descr']."\n");
unset($value['disabled']);
}
}
}
write_config("$action \"$rule_description\"");
$retval |= filter_configure();
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment