diff options
author | Ermal <eri@pfsense.org> | 2012-08-16 17:41:59 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-08-16 17:53:59 +0000 |
commit | 59b97df1a89dd41a61263bd07be3c51b3c4ecbd2 (patch) | |
tree | 246024141bdcf731ef42a9876cda99536cd3b07d /etc/inc/filter.inc | |
parent | 391abfcfe42a1156d252e30d049fbafc47dcf790 (diff) | |
download | pfsense-59b97df1a89dd41a61263bd07be3c51b3c4ecbd2.zip pfsense-59b97df1a89dd41a61263bd07be3c51b3c4ecbd2.tar.gz |
Correct carp rules and a weird nat rule on carp so they actually generate what they are meant for
Diffstat (limited to 'etc/inc/filter.inc')
-rw-r--r-- | etc/inc/filter.inc | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 5f69446..7623148 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -3155,17 +3155,16 @@ function filter_process_carp_nat_rules() { echo "filter_process_carp_nat_rules() being called $mt\n"; } $lines = ""; - if(isset($config['installedpackages']['carp']['config']) && - is_array($config['installedpackages']['carp']['config'])) { - foreach($config['installedpackages']['carp']['config'] as $carp) { + if (is_array($config['hasync'])) { + foreach($config['hasync'] as $carp) { $ip = $carp['ipaddress']; - if($ip <> "any") { + if($ip == "any") { $ipnet = "any"; } else { $int = find_ip_interface($ip); $carp_int = find_carp_interface($ip); } - if($int != false and $int != $wan_interface) { + if ($int != false and $int != $wan_interface) { $ipnet = convert_ip_to_network_format($ip, $carp['netmask']); if($int) $lines .= "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n"; @@ -3183,7 +3182,7 @@ function filter_process_carp_rules() { } $lines = ""; /* return if there are no carp configured items */ - if((isset($config['hasync']) && $config['hasync'] <> "") or $config['virtualip']['vip'] <> "") { + if (!empty($config['hasync']) or !empty($config['virtualip']['vip'])) { $lines .= "block in log quick proto carp from (self) to any\n"; $lines .= "pass quick proto carp\n"; $lines .= "pass quick proto pfsync\n"; |