diff options
| author | John Fleming <strgout@pfsense.org> | 2005-08-06 04:50:43 +0000 |
|---|---|---|
| committer | John Fleming <strgout@pfsense.org> | 2005-08-06 04:50:43 +0000 |
| commit | 6ca0e63204a3123e203345a9c551c0dd41eee082 (patch) | |
| tree | 8ac5195723d2894279f8eb42e3c6e3dc4a1d6cd6 | |
| parent | f60e625952c7379575420c3033fdf8c4e3ca7bb4 (diff) | |
| download | pfsense-6ca0e63204a3123e203345a9c551c0dd41eee082.zip pfsense-6ca0e63204a3123e203345a9c551c0dd41eee082.tar.gz | |
Without the quick statement dynamic rdr to captive portal auth page seems broken.
Seems to be matching default deny rule without it.
| -rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 95b23e5..928ad98 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1905,8 +1905,8 @@ EOD; $ipfrules .= "\n# Setup Captive portal policy rules\n"; $ipfrules .= "table <captiveportal>\n"; $ipfrules .= "block in on {$cp_interface} from any to any label \"block items initially for cp\"\n"; - $ipfrules .= "pass in on {$cp_interface} proto { tcp udp } from any to {$cp_ip} port { 8000 53 } keep state label \"pass items to cp web serv\"\n"; - $ipfrules .= "pass in on {$cp_interface} proto { tcp udp } from any to {$lanip} port { 8000 53 } keep state label \"pass items to cp web serv\"\n"; + $ipfrules .= "pass in quick on {$cp_interface} proto { tcp udp } from any to {$cp_ip} port { 8000 53 } keep state label \"pass items to cp web serv\"\n"; + $ipfrules .= "pass in quick on {$cp_interface} proto { tcp udp } from any to {$lanip} port { 8000 53 } keep state label \"pass items to cp web serv\"\n"; $ipfrules .= "pass in on {$cp_interface} from <captiveportal> to any keep state label \"allow captive portal authd users\"\n"; } |
