diff options
| author | jim-p <jimp@pfsense.org> | 2012-10-30 12:36:28 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2012-10-30 12:36:28 -0400 |
| commit | d8bddd2a44ce5776d2dfd3c4db79576e073f5aa0 (patch) | |
| tree | ca4dd5dbd3a90d430cd2ceffe26f6624e7ec110f | |
| parent | fa29a6f012f7bc02baf5cdc5b66438fe9f591749 (diff) | |
| download | pfsense-d8bddd2a44ce5776d2dfd3c4db79576e073f5aa0.zip pfsense-d8bddd2a44ce5776d2dfd3c4db79576e073f5aa0.tar.gz | |
use the proper array here for VIPs and use some suggestions from the ticket to fix #2645
| -rw-r--r-- | etc/inc/filter.inc | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8d319a2..68c28ad 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -3169,22 +3169,31 @@ function filter_process_carp_nat_rules() { echo "filter_process_carp_nat_rules() being called $mt\n"; } $lines = ""; - if (is_array($config['hasync'])) { - foreach($config['hasync'] as $carp) { - $ip = $carp['ipaddress']; - if($ip == "any") { + + if (is_array($config['virtualip']) && is_array($config['virtualip']['vip'])) { + foreach($config['virtualip']['vip'] as $carp) { + // Bail if this isn't a CARP VIP, or if somehow the IP is empty to avoid further errors. + if (($carp['mode'] != 'carp') || empty($carp['subnet'])) + continue; + + $ip = $carp['subnet']; + if ($ip == "any") { $ipnet = "any"; } else { - $int = find_ip_interface($ip); + $int = find_ip_interface($ip, $carp['subnet_bits']); $carp_int = find_carp_interface($ip); } + if ($int != false and $int != $wan_interface) { - $ipnet = convert_ip_to_network_format($ip, $carp['netmask']); + $ipnet = convert_ip_to_network_format($ip, $carp['subnet_bits']); if ($int && $carp_int) + { $lines .= "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n"; + } } } } + return $lines; } |
