Associated firewall rule ignores disabled state when created from Port Forward #844
Description
Hi,
I found the root cause of an issue related to Port Forward rule handling and would like to propose a fix.
Problem:
When a Port Forward rule is created with an associated firewall rule, the disabled state is not passed to the firewall rule model. As a result, the firewall rule is always created as enabled, regardless of whether the Port Forward rule itself is disabled.
Expected behavior:
The associated firewall rule should inherit and stay synchronized with the disabled state of the Port Forward rule.
Root cause:
During firewall rule creation in Models/PortForward.inc, the disabled field is not provided when instantiating FirewallRule.
Proposed fix:
- When creating a new firewall rule, explicitly pass the disabled value.
- When updating an existing associated firewall rule, synchronize its disabled value with the current Port Forward rule state.
Suggested changes:
Models/PortForward.inc
Creation:
php
$firewall_rule = new FirewallRule(
type: 'pass',
interface: [$this->interface->value],
ipprotocol: $this->ipprotocol->value,
protocol: $this->protocol->value,
source: $this->source->value,
source_port: $this->source_port->value,
destination: $this->target->value,
destination_port: $this->local_port->value,
descr: "Associated rule for port forward rule {$this->associated_rule_id->value}",
client: $this->client,
disabled: $this->disabled->value // added
);
Update:
if ($rule_q->exists()) {
$firewall_rule = $rule_q->first();
$firewall_rule->from_representation(
type: 'pass',
interface: [$this->interface->value],
ipprotocol: $this->ipprotocol->value,
protocol: $this->protocol->value,
source: $this->source->value,
source_port: $this->source_port->value,
destination: $this->target->value,
destination_port: $this->local_port->value,
);
// synchronize disabled state
$firewall_rule->disabled->value = $this->disabled->value;
}