diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2006-10-06 19:55:27 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2006-10-06 19:55:27 +0000 |
| commit | bb42c780b06369db5422ea83f105e056bd915f1a (patch) | |
| tree | 5612313605df2cdba37d6ff29ab6870092a886e5 /etc/inc | |
| parent | 37502a4a686373cb5be3f1af7a382e31d846e102 (diff) | |
| download | pfsense-bb42c780b06369db5422ea83f105e056bd915f1a.zip pfsense-bb42c780b06369db5422ea83f105e056bd915f1a.tar.gz | |
Check for TAP interfaces as well as TUN. Some people fancy bridging openvpn to TAP which allows for stuff like Bonjour to work across the tunnel.
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/filter.inc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 7ed1a25..be8f1e4 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2599,6 +2599,12 @@ function create_firewall_outgoing_rules_to_itself() { $rule .="pass in quick on tun{$x} all keep state label \"let out anything from firewall host itself openvpn\"\n"; } } + for($x=0; $x<100; $x++) { + if(does_interface_exist("tap{$x}") == true) { + $rule .="pass out quick on tap{$x} all keep state label \"let out anything from firewall host itself openvpn\"\n"; + $rule .="pass in quick on tap{$x} all keep state label \"let out anything from firewall host itself openvpn\"\n"; + } + } return $rule; } |
