diff options
author | Ermal <eri@pfsense.org> | 2011-04-06 18:22:27 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-04-06 18:22:27 +0000 |
commit | 9a36dc9d241e004e7bcdec25def3b7b0c9d94cff (patch) | |
tree | 73fcdb080c0148030b453de49cd0bf322a17a7df | |
parent | ab75b4ee5475fe1be718cb0e93d0a34f293c5ed0 (diff) | |
download | pfsense-9a36dc9d241e004e7bcdec25def3b7b0c9d94cff.zip pfsense-9a36dc9d241e004e7bcdec25def3b7b0c9d94cff.tar.gz |
Resolves #1391. Bring back VPN auto rule disable advanced setting.
-rw-r--r-- | etc/inc/filter.inc | 5 | ||||
-rw-r--r-- | usr/local/www/system_advanced_firewall.php | 15 |
2 files changed, 19 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index cde7a5f..8fdf752 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2267,7 +2267,7 @@ EOD; } } /* PPTPd enabled? */ - if($pptpdcfg['mode'] && ($pptpdcfg['mode'] != "off")) { + if($pptpdcfg['mode'] && ($pptpdcfg['mode'] != "off") && !isset($config['system']['disablevpnrules'])) { if($pptpdcfg['mode'] == "server") $pptpdtarget = get_interface_ip(); else @@ -2700,6 +2700,9 @@ function filter_generate_ipsec_rules() { echo "filter_generate_ipsec_rules() being called $mt\n"; } + if (isset($config['system']['disablevpnrules'])) + return "\n# VPN Rules not added disabled in System->Advanced.\n"; + $ipfrules = "\n# VPN Rules\n"; /* Is IP Compression enabled? */ if(isset($config['ipsec']['ipcomp'])) diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index 8165922..12a7ba2 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -66,6 +66,7 @@ $pconfig['reflectiontimeout'] = $config['system']['reflectiontimeout']; $pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablescrub'] = isset($config['system']['disablescrub']); $pconfig['tftpinterface'] = explode(",", $config['system']['tftpinterface']); +$pconfig['disablevpnrules'] = isset($config['system']['disablevpnrules']); if ($_POST) { @@ -96,6 +97,10 @@ if ($_POST) { else unset($config['system']['disablefilter']); + if($_POST['disablevpnrules'] == "yes") + $config['system']['disablevpnrules'] = true; + else + unset($config['system']['disablevpnrules']); if($_POST['rfc959workaround'] == "yes") $config['system']['rfc959workaround'] = "enabled"; else @@ -331,6 +336,16 @@ function update_description(itemnum) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Disable Auto-added VPN rules</td> + <td width="78%" class="vtable"> + <input name="disablevpnrules" type="checkbox" id="disablevpnrules" value="yes" <?php if (isset($config['system']['disablevpnrules'])) echo "checked"; ?> /> + <strong><?=gettext("Disable all auto-added VPN rules.");?></strong> + <br /> + <span class="vexpl"><?=gettext("Note: This disables automatically added rules for IPsec.");?> + </span> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell">Disable reply-to</td> <td width="78%" class="vtable"> <input name="disablereplyto" type="checkbox" id="disablereplyto" value="yes" <?php if ($pconfig['disablereplyto']) echo "checked"; ?> /> |