Take virtual IPs into consideration for automatic outbound NAT rules, it should now fix #983

1 files changed, 18 insertions, 0 deletions

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 711dae4..083e77c 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1366,6 +1366,24 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) {
 		if($oc['sa']) {
 			$tonathosts[] = "{$oc['sa']}/{$oc['sn']}";
 			$descriptions[] = $oc['descr'];
+			if (isset($oc['vips']) && is_array($oc['vips'])) {
+				$if_subnets = array("{$oc['sa']}/{$oc['sn']}");
+				foreach ($oc['vips'] as $vip) {
+					if (!is_ipaddrv4($vip['ip']))
+						continue;
+
+					foreach ($if_subnets as $subnet)
+						if (ip_in_subnet($vip['ip'], $subnet))
+							continue 2;
+
+					$network = gen_subnet($vip['ip'], $vip['sn']);
+					$tonathosts[] = $network . '/' . $vip['sn'];
+					$descriptions[] = "Virtual IP ({$oc['descr']})";
+					$if_subnets[] = $network . '/' . $vip['sn'];
+					unset($network);
+				}
+				unset($if_subnets);
+			}
 		}
 	}