diff options
author | Seth Mos <seth.mos@xs4all.nl> | 2007-08-08 19:20:42 +0000 |
---|---|---|
committer | Seth Mos <seth.mos@xs4all.nl> | 2007-08-08 19:20:42 +0000 |
commit | 9c2605519ce8db04e7570ee7361d0a44f05c5db1 (patch) | |
tree | bc60561dfffa707c23d3c5b4125f5c8a7ec971d9 | |
parent | 07e5afebd737a7ea396fa4571cb0347596a48150 (diff) | |
download | pfsense-9c2605519ce8db04e7570ee7361d0a44f05c5db1.zip pfsense-9c2605519ce8db04e7570ee7361d0a44f05c5db1.tar.gz |
If we have a AON rule use the target as the ftp proxy source address
-rw-r--r-- | etc/inc/config.inc | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/etc/inc/config.inc b/etc/inc/config.inc index 0cc0df1..9bc502c 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -1717,10 +1717,10 @@ function system_start_ftp_helpers() { $interface_counter = 0; if(isset($config['shaper']['enable'])) { if(isset($config['ezshaper']['step5']['p2pcatchall'])) { - $shaper_queue = "-q qP2PDown "; - } else { + $shaper_queue = "-q qP2PDown"; + } else { $downq = "q" . convert_friendly_interface_to_friendly_descr($config['ezshaper']['step2']['inside_int']); - $shaper_queue = "-q {$downq}def "; + $shaper_queue = "-q {$downq}def"; } } else { $shaper_queue = ""; @@ -1741,7 +1741,7 @@ function system_start_ftp_helpers() { * keep processing interfaces. kill pftpx if already * running for this instance. */ - $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue}-c {$port}\" | grep -v grep | sed \"s/ */ /g\" | cut -f2 -d\" \""); + $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue} -c {$port}\" | grep -v grep | sed \"s/ */ /g\" | cut -f2 -d\" \""); if($helpers) mwexec("/bin/kill {$helpers}"); $interface_counter++; @@ -1759,6 +1759,11 @@ function system_start_ftp_helpers() { foreach($config['nat']['advancedoutbound']['rule'] as $natnetwork) { if(ip_in_subnet($ip, $natnetwork['source']['network'])) { /* if the interface address is matched in the AON Rule we need the ftp proxy */ + if(is_ipaddr($natnetwork['target']) && ($natnetwork['interface'] == "wan")) { + $pftpxsourceaddr = "-p {$natnetwork['target']}"; + if($g['debug']) + log_error("Config: AON: using the external ip source {$pftpxsourceaddr} for the ftp proxy"); + } $sourcenat++; } } @@ -1775,11 +1780,11 @@ function system_start_ftp_helpers() { } } /* if pftpx is already running then do not launch it again */ - $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue}-c {$port}\" | grep -v grep | sed \"s/ */ /g\""); + $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue} -c {$port}\" | grep -v grep | sed \"s/ */ /g\""); if(!$helpers && $ip) - mwexec("/usr/local/sbin/pftpx {$shaper_queue}-c {$port} -g 8021 {$ip}"); + mwexec("/usr/local/sbin/pftpx {$shaper_queue} -c {$port} -g 8021 {$pftpxsourceaddr} {$ip}"); if(!$ip) - mwexec("/usr/local/sbin/ftpsesame {$shaper_queue}-i $int"); + mwexec("/usr/local/sbin/ftpsesame {$shaper_queue} -i $int"); $interface_counter++; } } |