diff options
| author | jim-p <jimp@pfsense.org> | 2013-08-21 15:19:37 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2013-08-21 15:21:03 -0400 |
| commit | 35e125b463f63b70ca3dbb40978bfc5a92862efa (patch) | |
| tree | 1922f3cbcabe1ad4761fd1fb389157c1c7aa3bce | |
| parent | 8cd1d911dc2f1ecf9fb7cd00ee1a102c35479008 (diff) | |
| download | pfsense-35e125b463f63b70ca3dbb40978bfc5a92862efa.zip pfsense-35e125b463f63b70ca3dbb40978bfc5a92862efa.tar.gz | |
Fixup check for existing easyrule block rule to account for the ipproto and when the ipproto is blank.
| -rw-r--r-- | etc/inc/easyrule.inc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/etc/inc/easyrule.inc b/etc/inc/easyrule.inc index 86e2294..33ad170 100644 --- a/etc/inc/easyrule.inc +++ b/etc/inc/easyrule.inc @@ -71,7 +71,7 @@ function easyrule_find_rule_interface($int) { return false; } -function easyrule_block_rule_exists($int = 'wan') { +function easyrule_block_rule_exists($int = 'wan', $ipproto = "inet") { global $blockaliasname, $config; /* No rules, we we know it doesn't exist */ if (!is_array($config['filter']['rule'])) { @@ -82,7 +82,8 @@ function easyrule_block_rule_exists($int = 'wan') { foreach ($config['filter']['rule'] as $rule) { if (!is_array($rule) || !is_array($rule['source'])) continue; - if ($rule['source']['address'] == $blockaliasname . strtoupper($int) && ($rule['interface'] == $int) && ($rule['ipprotocol'] == $ipproto)) + $checkproto = isset($rule['ipprotocol']) ? $rule['ipprotocol'] : "inet"; + if ($rule['source']['address'] == $blockaliasname . strtoupper($int) && ($rule['interface'] == $int) && ($checkproto == $ipproto)) return true; } return false; |
