Allow outbound load balanancing to work.

Thing to keep in mind:
1. If using advanced outbound load balancing, map a subnet for each wan interface

2 files changed, 31 insertions, 17 deletions

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index e54034b..a8bb226 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1000,6 +1000,22 @@ function filter_rules_generate() {
 		$ipfrules .= "pass out quick on " . $wanif . "  inet proto tcp from ($wanif) to any port www flags S/SA keep state label \"transparent proxy\"\n";
 	}
 
+	/* Setup outgoing NAT load balancing */
+	if (isset($config['nat']['outgoingloadbalancing']['rule'])) {
+		$tmprules .= "pass in quick on " . $lanif . " route-to { ";
+		$isfirst = 0;
+		foreach ($config['nat']['outgoingloadbalancing']['rule'] as $rule) {
+			if($rule['gatewayip'] <> "") {
+				if($isfirst == 1) $tmprules .= ", ";
+				$lbinf = guess_interface_from_ip($rule['gatewayip']);
+				$tmprules .= " (" . $lbinf . " " . $rule['gatewayip'] . ") ";
+				$isfirst = 1;
+			}
+		}
+		$tmprules .= "} round-robin from " . $lansa ."/" . $config['interfaces']['lan']['subnet'] . " to any flags S/SA modulate state label \"outgoing nat load balancing\"\n";
+		if($isfirst == 1) $ipfrules .= $tmprules;
+	}
+
 	$ipfrules .= <<<EOD
 
 # loopback
@@ -1010,6 +1026,7 @@ pass out quick on lo0 all label "pass loopback"
 # package manager early specific hook
 anchor "packageearly"
 
+
 # carp
 anchor "carp"
 
@@ -1064,21 +1081,6 @@ EOD;
 		}
 	}
 
-	/* Setup outgoing NAT load balancing */
-	if (isset($config['nat']['outgoingloadbalancing']['rule'])) {
-		$tmprules .= "pass in on " . $lanif . " route-to { ";
-		$isfirst = 0;
-		foreach ($config['nat']['outgoingloadbalancing']['rule'] as $rule) {
-			if($rule['gatewayip'] <> "") {
-				if(isfirst == 1) $tmprules .= ", ";
-				$tmprules .= " (" . $wanif . " " . $rule['gatewayip'] . ") ";
-				$isfirst = 1;
-			}
-		}
-		$tmprules .= "} round-robin proto tcp from " . $lansa ." to any flags S/SA modulate state label \"outgoing nat load balancing\"\n";
-		if($isfirst == 1) $ipfrules .= $tmprules;
-	}
-
 	/* pass traffic between statically routed subnets and the subnet on the
 	   interface in question to avoid problems with complicated routing
 	   topologies */
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index 7183297..5cc1423 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -183,7 +183,6 @@ function link_ip_to_carp_interface($ip) {
     return $carp_ints;
 }
 
-
 /*
  * exec_command($command): execute command return string of result
  */
@@ -228,6 +227,19 @@ function find_interface_ip($interface) {
     return $ip;
 }
 
+function guess_interface_from_ip($ipaddress) {
+    $ints = `/sbin/ifconfig -l`;
+    $ints_split = split(" ", $ints);
+    $ip_subnet_split = split("\.", $ipaddress);
+    $ip_subnet = $ip_subnet_split[0] . "." . $ip_subnet_split[1] . "." . $ip_subnet_split[2] . ".";
+    foreach($ints_split as $int) {
+        $ip = find_interface_ip($int);
+        $ip_split = split("\.", $ip);
+        $ip_tocheck = $ip_split[0] . "." . $ip_split[1] . "." . $ip_split[2] . ".";
+        if(stristr($ip_tocheck, $ip_subnet) != false) return $int;
+    }
+}
+
 function filter_opt_interface_to_real($opt) {
     global $config;
     return $config['interfaces'][$opt]['if'];
@@ -931,7 +943,7 @@ function rmdir_recursive($path,$follow_links=false) {
 		foreach($to_do as $workingdir) { // Handle wildcards by foreaching.
 			$dir = opendir($workingdir);
 			while ($entry = readdir($dir)) {
-                        if (is_file("$workingdir/$entry") || ((!$follow_links) && is_link("$workingdir/$entry")))  
+                        if (is_file("$workingdir/$entry") || ((!$follow_links) && is_link("$workingdir/$entry")))
                                 unlink("$workingdir/$entry");
                         elseif (is_dir("$workingdir/$entry") && $entry!='.' && $entry!='..')
                                 rmdir_recursive("$workingdir/$entry");