PHP script to enable/disable custom pfSense firewall rules

bypass_filter.php

#!/usr/local/bin/php-cgi -f
# [email protected]
# Thu Mar  2 19:48:14 CET 2023

<?php
require_once("globals.inc");
require_once("filter.inc");
require_once("util.inc");
require_once("config.inc");

global $config;

if (count($argv) !== 3) {
    echo("Usage: $argv[0] <enable|disable> [rule string]\n");
    echo("\nExample:");
    echo("\n\t$argv[0] enable");
    echo("\n\t$argv[0] enable  \"myRuleDescription\"");
    echo("\n\t$argv[0] disable \"myOtherRuleDescription\"");
    echo("\n\t$argv[0] enable  \"myOtherRuleDescription\"\n\n");
    exit(1);
}

// enable | disable
$action = $argv[1];
// rule regexp
$rule_description = '';

if (isset($argv[2])) {
    $rule_description = $argv[2];
} else {
    echo("Usage: $argv[0] <enable|disable> [rule string]\n");
    exit(1);
}

// parse_config(true);
$config = parse_config(true);

foreach ($config['filter']['rule'] as &$value) {
    if (strpos($value['descr'], $rule_description) !== false) {
        if (strpos(strtolower($action), 'disable') !== false) {
            print ("Disabling rule: ".$value['descr']."\n");
            $value['disabled'] = true;
        }
        if (strpos(strtolower($action), 'enable') !== false) {
            print ("Enabling rule: ".$value['descr']."\n");
            unset($value['disabled']);
        }
    }
}

write_config("$action \"$rule_description\"");
$retval |= filter_configure();
?>