net/haproxy: add "enabled" field to rules

Author: fraenki

net/haproxy/pkg-descr

@@ -19,6 +19,7 @@ Added:
 * add support for more sample fetches: quic_enabled, stopping, wait_end (#3702)
 * add support for HTTP compression (#4867)
 * add all action keywords for http-request/-response and tcp-request/-response rules
+* add "enabled" field to rules
 
 Changed:
 * upgrade to HAProxy 3.2 release series (#5147)

net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- *    Copyright (C) 2016-2022 Frank Wall
+ *    Copyright (C) 2016-2026 Frank Wall
  *    Copyright (C) 2015 Deciso B.V.
  *
  *    All rights reserved.
@@ -206,9 +206,14 @@ public function delActionAction($uuid)
         return $this->delBase('actions.action', $uuid);
     }
 
+    public function toggleActionAction($uuid, $enabled = null)
+    {
+        return $this->toggleBase('actions.action', $uuid);
+    }
+
     public function searchActionsAction()
     {
-        return $this->searchBase('actions.action', array('name', 'description'), 'name');
+        return $this->searchBase('actions.action', array('enabled', 'name', 'description'), 'name');
     }
 
     public function getLuaAction($uuid = null)

net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml

@@ -1,4 +1,10 @@
 <form>
+    <field>
+        <id>action.enabled</id>
+        <label>Enabled</label>
+        <type>checkbox</type>
+        <help>Enable this rule.</help>
+    </field>
     <field>
         <id>action.name</id>
         <label>Name</label>

net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml

@@ -2228,6 +2228,10 @@
         </acls>
         <actions>
             <action type="ArrayField">
+                <enabled type="BooleanField">
+                    <default>1</default>
+                    <Required>Y</Required>
+                </enabled>
                 <name type="TextField">
                     <Mask>/^[^\t^,^;^\.^\[^\]^\{^\}]{1,255}$/u</Mask>
                     <ValidationMessage>Should be a string between 1 and 255 characters.</ValidationMessage>

net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/Migrations/M4_2_0.php

@@ -37,6 +37,9 @@ class M4_2_0 extends BaseModelMigration
     public function run($model)
     {
         foreach ($model->getNodeByReference('actions.action')->iterateItems() as $action) {
+            // Rules have an 'enabled' field now
+            $action->enabled = '1';
+            // Migrate TCP/HTTP rules to new format
             switch ((string)$action->type) {
                 case 'http-request_add-header':
                     $action->type = 'http-request';

net/haproxy/src/opnsense/mvc/app/views/OPNsense/HAProxy/index.volt

@@ -101,6 +101,7 @@ POSSIBILITY OF SUCH DAMAGE.
                 set:'/api/haproxy/settings/set_action/',
                 add:'/api/haproxy/settings/add_action/',
                 del:'/api/haproxy/settings/del_action/',
+                toggle:'/api/haproxy/settings/toggle_action/',
                 options: {
                 }
             }
@@ -910,6 +911,7 @@ POSSIBILITY OF SUCH DAMAGE.
         <table id="grid-actions" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogAction" data-editAlert="haproxyChangeMessage">
             <thead>
             <tr>
+                <th data-column-id="enabled" data-width="6em" data-type="string" data-formatter="rowtoggle">{{ lang._('Enabled') }}</th>
                 <th data-column-id="actionid" data-type="number"  data-visible="false">{{ lang._('Rule ID') }}</th>
                 <th data-column-id="name" data-type="string">{{ lang._('Rule Name') }}</th>
                 <th data-column-id="description" data-type="string">{{ lang._('Description') }}</th>

net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf

@@ -635,34 +635,39 @@
 {%           set action_enabled = '0' %}
     # ERROR: unsupported rule type
 {%         endif %}
-{#         # check if action is valid #}
-{%         if action_enabled == '1' %}
-{%           if action_data.operator == 'or' %}
-{%             set join_operator = ' || ' %}
-{%           else %}
-{%             set join_operator = ' ' %}
-{%           endif %}
-{#           # check if action depends on ACLs #}
-{%           set comment_lines = ['# RULE: ' + action_data.name] %}
-{%           if action_acls|length > 0 %}
-{%             set acl_line = [action_data.testType, action_acls|join(join_operator)]|join(' ') %}
-{%           else %}
-{%             set acl_line = '' %}
-{%           endif %}
-{%           if action_options|length > 0 %}
-{#             # handle multiline options #}
-{%             if action_multiline == '1' %}
-{%               set join_char = '\n    ' %}
-{#               # ACLs are unsupported in multiline options, remove them #}
-{%               set acl_line = '' %}
+{#         # Is this rule enabled in the GUI? #}
+{%         if action_data.enabled|default('') == '1' %}
+{#           # check if action is valid #}
+{%           if action_enabled == '1' %}
+{%             if action_data.operator == 'or' %}
+{%               set join_operator = ' || ' %}
+{%             else %}
+{%               set join_operator = ' ' %}
+{%             endif %}
+{#             # check if action depends on ACLs #}
+{%             set comment_lines = ['# RULE: ' + action_data.name] %}
+{%             if action_acls|length > 0 %}
+{%               set acl_line = [action_data.testType, action_acls|join(join_operator)]|join(' ') %}
 {%             else %}
-{%               set join_char = ' ' %}
+{%               set acl_line = '' %}
+{%             endif %}
+{%             if action_options|length > 0 %}
+{#               # handle multiline options #}
+{%               if action_multiline == '1' %}
+{%                 set join_char = '\n    ' %}
+{#                 # ACLs are unsupported in multiline options, remove them #}
+{%                 set acl_line = '' %}
+{%               else %}
+{%                 set join_char = ' ' %}
+{%               endif %}
+{%               do global_action_options.append(comment_lines|join('\n')) -%}
+{%               do global_action_options.append(([action_options|join(join_char), acl_line]|join(' '))) %}
 {%             endif %}
-{%             do global_action_options.append(comment_lines|join('\n')) -%}
-{%             do global_action_options.append(([action_options|join(join_char), acl_line]|join(' '))) %}
+{%           else %}
+    # RULE INVALID: {{action_data.name}}
 {%           endif %}
 {%         else %}
-    # RULE INVALID: {{action_data.name}}
+    # RULE DISABLED: {{action_data.name}}
 {%         endif %}
 {%       else %}
     # RULE INVALID: {{action_data.name}}