diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-02-12 19:58:11 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-02-12 19:58:11 +0000 |
commit | d7f2a8dc886bea38d490fc0b2fa612874411a10b (patch) | |
tree | 4f06d84f5b142ccc8809a628ccc730c0a8ef72d3 | |
parent | f5d23982f371fa7be56168cbf08cbf1b588ffb90 (diff) | |
download | pfsense-d7f2a8dc886bea38d490fc0b2fa612874411a10b.zip pfsense-d7f2a8dc886bea38d490fc0b2fa612874411a10b.tar.gz |
Correctly define not rules with aliases.
-rw-r--r-- | etc/inc/filter.inc | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 0655d8d..1082556 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1285,7 +1285,9 @@ EOD; } } } else if ($rule['source']['address']) { - $src = "{ " . alias_expand($rule['source']['address']). " }"; + $not = ""; + if (isset($rule['source']['not'])) $not = "!"; + $src = "{ " . $not . alias_expand($rule['source']['address']). " }"; } if (!$src || ($src == "/")) { @@ -1293,11 +1295,7 @@ EOD; break; } - if (isset($rule['source']['not'])) { - $line .= "from !$src "; - } else { - $line .= "from $src "; - } + $line .= "from $src "; if (in_array($rule['protocol'], array("tcp","udp","tcp/udp"))) { @@ -1345,7 +1343,9 @@ EOD; } } } else if ($rule['destination']['address']) { - $dst = "{ " . alias_expand($rule['destination']['address']) . " }"; + $not = ""; + if (isset($rule['destination']['not'])) $not = "! "; + $dst = "{ " . $not . alias_expand($rule['destination']['address']) . " }"; } if (!$dst || ($dst == "/")) { @@ -1353,11 +1353,7 @@ EOD; break; } - if (isset($rule['destination']['not'])) { - $line .= "to !$dst "; - } else { - $line .= "to $dst "; - } + $line .= "to $dst "; if (in_array($rule['protocol'], array("tcp","udp","tcp/udp"))) { |