summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@xs4all.nl>2007-02-23 20:38:59 +0000
committerSeth Mos <seth.mos@xs4all.nl>2007-02-23 20:38:59 +0000
commit5c62fe4174c179b35fd7c113652fed8956400aa7 (patch)
treefe6daf755da53937f5cb0fcb5ba5498b2a30338d
parent428a858d1e8717baa8b50449b38f85ab5e8087d5 (diff)
downloadpfsense-5c62fe4174c179b35fd7c113652fed8956400aa7.zip
pfsense-5c62fe4174c179b35fd7c113652fed8956400aa7.tar.gz
Use actual interface information to check if we need ftpsesame or ftp proxy
Otherwise the logic fails and does not install rdr rules.
-rw-r--r--etc/inc/filter.inc4
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index da1e304..55d43aa 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -743,6 +743,8 @@ function filter_nat_rules_generate() {
/* loop through all interfaces and handle pftpx redirections */
foreach ($iflist as $ifent => $ifname) {
$ifname_lower = convert_friendly_interface_to_friendly_descr(strtolower($ifname));
+ $realif = convert_friendly_interface_to_real_interface_name(strtolower($ifname));
+ $int_ip = find_interface_ip($realif);
if(isset($config['interfaces'][strtolower($ifname)]['disableftpproxy'])) {
log_error("FTP proxy disabled for interface {$ifname} - ignoring.");
$interface_counter++;
@@ -760,7 +762,7 @@ function filter_nat_rules_generate() {
/* if the interface address lies within a outbound NAT source network we should skip */
if(! empty($config['nat']['advancedoutbound']['rule'])) {
foreach($config['nat']['advancedoutbound']['rule'] as $natnetwork) {
- if(ip_in_subnet($config['interfaces'][$ifname]['ipaddr'], $natnetwork['source']['network'])) {
+ if(ip_in_subnet($int_ip, $natnetwork['source']['network'])) {
$sourcenat++;
}
}
OpenPOWER on IntegriCloud