block carp traffic to hosts self to avoid loops. fixes #598

author: Scott Ullrich <sullrich@pfsense.org> 2010-05-19 21:32:11 -0400
committer: Scott Ullrich <sullrich@pfsense.org> 2010-05-19 21:32:17 -0400
commit: 986a3accd40a7d45c0a3d48d2b42d2c58a231d99 (patch)
tree: fc7f160eea2751d62d054239425bd885a3c4e3e2 /etc/inc/filter.inc
parent: 69490b5525dd8a79f684b780f025cf3ea63964f0 (diff)
download: pfsense-986a3accd40a7d45c0a3d48d2b42d2c58a231d99.zip
pfsense-986a3accd40a7d45c0a3d48d2b42d2c58a231d99.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 694d982..659fae1 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2500,6 +2500,7 @@ function filter_process_carp_rules() {
 	if(isset($config['installedpackages']['carp']['config']) &&
 			 $config['installedpackages']['carpsettings']['config'] <> "" or
 			 $config['virtualip']['vip'] <> "") {
+		$lines .= "block in log quick proto carp from (self) to any\n";
 		$lines .= "pass quick proto carp\n";
 		$lines .= "pass quick proto pfsync\n";
 	}
author	Scott Ullrich <sullrich@pfsense.org>	2010-05-19 21:32:11 -0400
committer	Scott Ullrich <sullrich@pfsense.org>	2010-05-19 21:32:17 -0400
commit	986a3accd40a7d45c0a3d48d2b42d2c58a231d99 (patch)
tree	fc7f160eea2751d62d054239425bd885a3c4e3e2 /etc/inc/filter.inc
parent	69490b5525dd8a79f684b780f025cf3ea63964f0 (diff)
download	pfsense-986a3accd40a7d45c0a3d48d2b42d2c58a231d99.zip pfsense-986a3accd40a7d45c0a3d48d2b42d2c58a231d99.tar.gz