diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2006-04-09 19:12:12 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2006-04-09 19:12:12 +0000 |
| commit | 26e6594b49ebd271329459c3acef47f7c2b98e97 (patch) | |
| tree | e7df45a3467261e16a6dc8f8aeee9fa9530dcd11 /etc/inc | |
| parent | d29990fad6f2f2e8c341b0b2a482430191d8d3b0 (diff) | |
| download | pfsense-26e6594b49ebd271329459c3acef47f7c2b98e97.zip pfsense-26e6594b49ebd271329459c3acef47f7c2b98e97.tar.gz | |
MFC 11274
Fix inbound NAT for non tcp/udp protocols
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/filter.inc | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 3a5dd26..7379613 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -789,23 +789,34 @@ function filter_nat_rules_generate() { if($dontinstallrdr == false) { if ((!$extport[1]) || ($extport[0] == $extport[1])) { - if($rule['protocol'] == "tcp/udp") - $natrules .= - "rdr on \${$rdr_on} proto { tcp udp } from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}"; - else - if($extport[0]) - $natrules .= - "rdr on \${$rdr_on} proto {$rule['protocol']} from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}"; - else - $natrules .= - "rdr on \${$rdr_on} proto {$rule['protocol']} from any to { {$extaddr} } -> {$target}{$localport}"; + + switch ($rule['protocol']) { + case "tcp/udp": + $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}"; + break; + case "udp": + case "tcp": + if($extport[0]) + $natrules .= "rdr on $natif proto {$rule['protocol']} from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}"; + else + $natrules .= "rdr on $natif proto {$rule['protocol']} from any to { {$extaddr} } -> {$target}{$localport}"; + break; + default: + $natrules .= "rdr on $natif proto {$rule['protocol']} from any to { {$extaddr} } -> {$target}"; + break; + } } else { - if($rule['protocol'] == "tcp/udp") - $natrules .= - "rdr on \${$rdr_on} proto { tcp udp } from any to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target} port {$extport[0]}:*"; - else - $natrules .= - "rdr on \${$rdr_on} proto {$rule['protocol']} from any to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target} port {$extport[0]}:*"; + switch ($rule['protocol']) { + case "tcp/udp": + $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from any to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target} port {$extport[0]}:*"; + break; + case "udp": + case "tcp": + $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from any to { {$extaddr} } port {$extport[0]}:{$extport[1]} -> {$target} port {$extport[0]}:*"; + break; + default: + $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from any to { {$extaddr} } -> {$target}"; + } } } |
