sync: auto-sync from HOWARD-HOME at 2026-06-21 13:31:49

Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-06-21 13:31:49
This commit is contained in:
2026-06-21 13:32:50 -07:00
parent eeaaa566d7
commit 1c8fc09590
4 changed files with 39 additions and 12 deletions

View File

@@ -91,8 +91,9 @@ The REST backend (`pfsense-backend.sh`, `clients/<slug>/pfsense-api`) is a dorma
- `fw-disable|fw-enable <tracker|descr>` — toggle a filter rule. **Validated live.**
- `block-ips|unblock <ip[,ip,...]> [--if wan]` — via `easyrule`. **Validated live.**
- `pf-disable|pf-enable|pf-delete <tracker|descr>`, `pf-set-ports <dst> [<local>]`,
`pf-set-src <cidr|any>` — port-forwards (+ associated filter rule). **Built; live-verify
pending** (needs a box that has port-forwards).
`pf-set-src <cidr|any>` — port-forwards (+ associated filter rule). **Validated live** (2026-06-21,
full cycle on Cascades against a temp source-locked forward; `pf-delete` removes the associated
filter rule too). NAT rules have no `tracker` → match by `descr` or index.
- Filter rules are matched by `tracker` (the `id` field is empty on pf25.07) or exact `descr`.
**Dispatch:** `gw-audit.sh` / `gw-control.sh` prefer this SSH backend (keyed on the