diff options
author | Ermal <eri@pfsense.org> | 2010-04-16 19:08:32 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2010-04-16 19:08:32 +0000 |
commit | cfdce2add91f7fbf17094f4b636e6d5488cc4094 (patch) | |
tree | ab56515d31886d5add716c5d39bcf949f7ed1dbf /etc/inc/filter.inc | |
parent | f691243dac0bb4c4a322154ef839cac0d0c5db4e (diff) | |
download | pfsense-cfdce2add91f7fbf17094f4b636e6d5488cc4094.zip pfsense-cfdce2add91f7fbf17094f4b636e6d5488cc4094.tar.gz |
Ticket #508. Make TFTP proxy configurable by System Advanced->Firewall/NAT for several interfaces.
Diffstat (limited to 'etc/inc/filter.inc')
-rw-r--r-- | etc/inc/filter.inc | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index a143a31..bee212a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1062,6 +1062,14 @@ function filter_nat_rules_generate() { $natrules .= "# TFTP proxy\n"; $natrules .= "rdr-anchor \"tftp-proxy/*\"\n"; + if (!empty($config['system']['tftpinterface'])) { + $tftpifs = explode(",", $config['system']['tftpinterface']); + foreach($tftpifs as $tftpif) { + if ($FilterIflist[$tftpif]) + $natrules .= "rdr pass on {$FilterIflist[$tftpif]['if']} proto udp from any to any port tftp -> 127.0.0.1 port tftp\n"; + } + } + $interface_counter = 0; $vpns_list = filter_get_vpns_list(); $direct_networks_list = filter_get_direct_networks_list(); @@ -2016,8 +2024,7 @@ EOD; # package manager late specific hook anchor "packagelate" -EOD; - $ipfrules .= <<<EOD +anchor "tftp-proxy/*" anchor "limitingesr" |