diff options
| author | Ermal Luçi <eri@pfsense.org> | 2009-12-25 22:02:18 +0000 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2009-12-25 22:02:18 +0000 |
| commit | 78490e8636b1e80a9e34134728015705d18fa634 (patch) | |
| tree | 6a49deb1cc7c7e989a764b2728db901e980f7eb7 | |
| parent | 6745e860ee13b9456b17cdad4999b6808146ad78 (diff) | |
| download | pfsense-78490e8636b1e80a9e34134728015705d18fa634.zip pfsense-78490e8636b1e80a9e34134728015705d18fa634.tar.gz | |
Fix the inetd definitions. Remove forgotten dead code.
| -rw-r--r-- | etc/inc/filter.inc | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8f5cdfd..89292f5 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -794,9 +794,11 @@ function filter_generate_reflection($rule, $target, $extport, &$starting_localho switch($rule['protocol']) { case "tcp/udp": $protocol = "{ tcp udp }"; + $inetdport = $extport[0]; foreach($toadd_array as $tda) { - $reflection_txt[] = "{$starting_localhost_port}\tstream\ttcp\tnowait/0\tnobody\t/usr/bin/nc -w {$reflectiontimeout} {$target} {$tda}\n"; - $reflection_txt[] = "{$starting_localhost_port}\tdgram\tudp\tnowait/0\tnobody\t/usr/bin/nc -u -w {$reflectiontimeout} {$target} {$tda}\n"; + $reflection_txt[] = "{$inetdport}\tstream\ttcp\tnowait/0\tnobody\t/usr/bin/nc -w {$reflectiontimeout} {$target} {$tda}\n"; + $reflection_txt[] = "{$inetdport}\tdgram\tudp\tnowait/0\tnobody\t/usr/bin/nc -u -w {$reflectiontimeout} {$target} {$tda}\n"; + $inetdport++; } $natrules .= "rdr on { {$ifname['if']} } proto {$protocol} from any to {$extaddr} port {$rflctintrange} tag PFREFLECT -> 127.0.0.1 port {$rflctrange}\n"; break; @@ -810,16 +812,14 @@ function filter_generate_reflection($rule, $target, $extport, &$starting_localho $socktype = "stream"; $dash_u = ""; } + $inetdport = $extport[0]; foreach($toadd_array as $tda){ - $reflection_txt[] = "{$starting_localhost_port}\t{$socktype}\t{$protocol}\tnowait/0\tnobody\t/usr/bin/nc nc {$dash_u}-w {$reflectiontimeout} {$target} {$tda}\n"; + $reflection_txt[] = "{$inetdport}\t{$socktype}\t{$protocol}\tnowait/0\tnobody\t/usr/bin/nc nc {$dash_u}-w {$reflectiontimeout} {$target} {$tda}\n"; + $inetdport++; } $natrules .= "rdr on { {$ifname['if']} } proto {$protocol} from any to {$extaddr} port {$rflctintrange} tag PFREFLECT -> 127.0.0.1 port {$rflctrange}\n"; break; } - if($starting_localhost_port > 19990) { - log_error("Not installing nat reflection rules. Maximum 1,000 reached."); - $x = $range_end+1; - } } } @@ -2433,4 +2433,4 @@ function discover_pkg_rules($ruletype) { } } -?>
\ No newline at end of file +?> |
