diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-02-07 07:55:47 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-02-07 07:55:47 +0000 |
| commit | f72692cd4f434920f3751f2df7f76ad78cd0e54a (patch) | |
| tree | 4b3f06f45a66c6a1659d6c151d7e856f01870a10 | |
| parent | 8e3bffefacd1b16c82aa4fd46cacb85b2c1ea82a (diff) | |
| download | pfsense-f72692cd4f434920f3751f2df7f76ad78cd0e54a.zip pfsense-f72692cd4f434920f3751f2df7f76ad78cd0e54a.tar.gz | |
Add labels to lan ipsec rules.
Add "IPSEC: " to each ipsec related rtule
| -rw-r--r-- | etc/inc/filter.inc | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 83750a7..078b3be 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1444,17 +1444,17 @@ EOD; if(is_array($config['ipsec']['tunnel'])) { foreach ($config['ipsec']['tunnel'] as $tunnel) { $remote_gateway = $tunnel['remote-gateway']; - $ipfrules .= "pass quick on " . $wanif . " proto udp from " . $wan_ip . " to " . $remote_gateway . " port = 500 keep state label \"". $tunnel['descr'] ." udp\"\n"; + $ipfrules .= "pass quick on " . $wanif . " proto udp from " . $wan_ip . " to " . $remote_gateway . " port = 500 keep state label \"IPSEC: ". $tunnel['descr'] ." udp\"\n"; $ipfrules .= "pass quick on " . $wanif . " proto udp from " . $remote_gateway . " to " . $wan_ip . " port = 500 keep state label \"". $tunnel['descr'] ." udp\"\n"; - $ipfrules .= "pass quick on " . $wanif . " proto esp from " . $wan_ip . " to " . $remote_gateway . " keep state label \"". $tunnel['descr'] ." esp proto\"\n"; - $ipfrules .= "pass quick on " . $wanif . " proto esp from " . $remote_gateway . " to " . $wan_ip . " keep state label \"". $tunnel['descr'] ." esp proto\"\n"; + $ipfrules .= "pass quick on " . $wanif . " proto esp from " . $wan_ip . " to " . $remote_gateway . " keep state label \"IPSEC: ". $tunnel['descr'] ." esp proto\"\n"; + $ipfrules .= "pass quick on " . $wanif . " proto esp from " . $remote_gateway . " to " . $wan_ip . " keep state label \"IPSEC: ". $tunnel['descr'] ." esp proto\"\n"; - $ipfrules .= "pass quick on " . $wanif . " proto ah from " . $wan_ip . " to " . $remote_gateway . " keep state label \"". $tunnel['descr'] ." ah proto\"\n"; - $ipfrules .= "pass quick on " . $wanif . " proto ah from " . $remote_gateway . " to " . $wan_ip . " keep state label \"". $tunnel['descr'] ." ah proto\"\n"; + $ipfrules .= "pass quick on " . $wanif . " proto ah from " . $wan_ip . " to " . $remote_gateway . " keep state label \"IPSEC: ". $tunnel['descr'] ." ah proto\"\n"; + $ipfrules .= "pass quick on " . $wanif . " proto ah from " . $remote_gateway . " to " . $wan_ip . " keep state label \"IPSEC: ". $tunnel['descr'] ." ah proto\"\n"; - $ipfrules .= "pass quick on " . $lanif . " from " . $tunnel['remote-subnet'] . " to " . $internal_subnet . " keep state\n"; - $ipfrules .= "pass quick on " . $lanif . " from " . $internal_subnet . " to " . $tunnel['remote-subnet'] . " keep state\n"; + $ipfrules .= "pass quick on " . $lanif . " from " . $tunnel['remote-subnet'] . " to " . $internal_subnet . " keep state label \"IPSEC: " . $tunnel['descr'] ."\"\n"; + $ipfrules .= "pass quick on " . $lanif . " from " . $internal_subnet . " to " . $tunnel['remote-subnet'] . " keep state label \"IPSEC: " . $tunnel['descr'] ."\"\n"; } } |
