diff options
| author | jim-p <jimp@pfsense.org> | 2015-07-29 14:39:07 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-07-29 14:39:07 -0400 |
| commit | 7fbe16f7989890122e429bbf5048324a263d13b8 (patch) | |
| tree | 6479a83af1a6dc5f71077ce6fce664626ccb7346 | |
| parent | 66f278b4c9c140b6bbaa4ee1a596a483b0e603a6 (diff) | |
| download | pfsense-7fbe16f7989890122e429bbf5048324a263d13b8.zip pfsense-7fbe16f7989890122e429bbf5048324a263d13b8.tar.gz | |
Use an alternate method to find VIP targets that should be allowed for Captive Portal. Fixes #4903
| -rw-r--r-- | etc/inc/captiveportal.inc | 16 | ||||
| -rw-r--r-- | etc/inc/filter.inc | 16 |
2 files changed, 14 insertions, 18 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 5ed4b3f..add8f91 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -500,17 +500,15 @@ function captiveportal_init_rules($reinit = false) { if (!empty($tmpif)) { $cpipm = get_interface_ip($cpifgrp); if (is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - mwexec("/sbin/ipfw zone {$cpzoneid} madd {$cpcarp}", true); - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) - $cpips[] = $carpip; + $cpips[] = $cpipm; + if (!is_array($config['virtualip']) || !is_array($config['virtualip']['vip'])) { + continue; + } + foreach ($config['virtualip']['vip'] as $vip) { + if (($vip['interface'] == $cpifgrp) && (($vip['mode'] == "carp") || ($vip['mode'] == "ipalias"))) { + $cpips[] = $vip['subnet']; } } - $cpips[] = $cpipm; } mwexec("/sbin/ipfw zone {$cpzoneid} madd {$tmpif}", true); } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 9d1ecb6..580cb86 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2955,17 +2955,15 @@ EOD; $cpiflist[] = "{$tmpif}"; $cpipm = get_interface_ip($cpifgrp); if(is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $cpiflist[] = $carpif; - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) - $cpiplist[] = $carpip; + $cpiplist[] = $cpipm; + if (!is_array($config['virtualip']) || !is_array($config['virtualip']['vip'])) { + continue; + } + foreach ($config['virtualip']['vip'] as $vip) { + if (($vip['interface'] == $cpifgrp) && (($vip['mode'] == "carp") || ($vip['mode'] == "ipalias"))) { + $cpiplist[] = $vip['subnet']; } } - $cpiplist[] = $cpipm; } } } |
