summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@xs4all.nl>2007-08-08 19:20:42 +0000
committerSeth Mos <seth.mos@xs4all.nl>2007-08-08 19:20:42 +0000
commit9c2605519ce8db04e7570ee7361d0a44f05c5db1 (patch)
treebc60561dfffa707c23d3c5b4125f5c8a7ec971d9
parent07e5afebd737a7ea396fa4571cb0347596a48150 (diff)
downloadpfsense-9c2605519ce8db04e7570ee7361d0a44f05c5db1.zip
pfsense-9c2605519ce8db04e7570ee7361d0a44f05c5db1.tar.gz
If we have a AON rule use the target as the ftp proxy source address
-rw-r--r--etc/inc/config.inc19
1 files changed, 12 insertions, 7 deletions
diff --git a/etc/inc/config.inc b/etc/inc/config.inc
index 0cc0df1..9bc502c 100644
--- a/etc/inc/config.inc
+++ b/etc/inc/config.inc
@@ -1717,10 +1717,10 @@ function system_start_ftp_helpers() {
$interface_counter = 0;
if(isset($config['shaper']['enable'])) {
if(isset($config['ezshaper']['step5']['p2pcatchall'])) {
- $shaper_queue = "-q qP2PDown ";
- } else {
+ $shaper_queue = "-q qP2PDown";
+ } else {
$downq = "q" . convert_friendly_interface_to_friendly_descr($config['ezshaper']['step2']['inside_int']);
- $shaper_queue = "-q {$downq}def ";
+ $shaper_queue = "-q {$downq}def";
}
} else {
$shaper_queue = "";
@@ -1741,7 +1741,7 @@ function system_start_ftp_helpers() {
* keep processing interfaces. kill pftpx if already
* running for this instance.
*/
- $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue}-c {$port}\" | grep -v grep | sed \"s/ */ /g\" | cut -f2 -d\" \"");
+ $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue} -c {$port}\" | grep -v grep | sed \"s/ */ /g\" | cut -f2 -d\" \"");
if($helpers)
mwexec("/bin/kill {$helpers}");
$interface_counter++;
@@ -1759,6 +1759,11 @@ function system_start_ftp_helpers() {
foreach($config['nat']['advancedoutbound']['rule'] as $natnetwork) {
if(ip_in_subnet($ip, $natnetwork['source']['network'])) {
/* if the interface address is matched in the AON Rule we need the ftp proxy */
+ if(is_ipaddr($natnetwork['target']) && ($natnetwork['interface'] == "wan")) {
+ $pftpxsourceaddr = "-p {$natnetwork['target']}";
+ if($g['debug'])
+ log_error("Config: AON: using the external ip source {$pftpxsourceaddr} for the ftp proxy");
+ }
$sourcenat++;
}
}
@@ -1775,11 +1780,11 @@ function system_start_ftp_helpers() {
}
}
/* if pftpx is already running then do not launch it again */
- $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue}-c {$port}\" | grep -v grep | sed \"s/ */ /g\"");
+ $helpers = exec("/bin/ps awux | grep \"/usr/local/sbin/pftpx {$shaper_queue} -c {$port}\" | grep -v grep | sed \"s/ */ /g\"");
if(!$helpers && $ip)
- mwexec("/usr/local/sbin/pftpx {$shaper_queue}-c {$port} -g 8021 {$ip}");
+ mwexec("/usr/local/sbin/pftpx {$shaper_queue} -c {$port} -g 8021 {$pftpxsourceaddr} {$ip}");
if(!$ip)
- mwexec("/usr/local/sbin/ftpsesame {$shaper_queue}-i $int");
+ mwexec("/usr/local/sbin/ftpsesame {$shaper_queue} -i $int");
$interface_counter++;
}
}
OpenPOWER on IntegriCloud