diff options
author | Erik Fonnesbeck <efonnes@gmail.com> | 2010-08-04 14:36:11 -0600 |
---|---|---|
committer | Erik Fonnesbeck <efonnes@gmail.com> | 2010-08-04 14:38:24 -0600 |
commit | 7ef771f4568da21df67c69a320a4ee97deb21c11 (patch) | |
tree | 665dd5b9727ef41a1ba3379ad61be332620c1ea2 /etc/inc | |
parent | 3b3170d094510f8cdde36a9f24b9ca10b4ea24f4 (diff) | |
download | pfsense-7ef771f4568da21df67c69a320a4ee97deb21c11.zip pfsense-7ef771f4568da21df67c69a320a4ee97deb21c11.tar.gz |
Don't install reflection rules for port forwards with a destination address of 0.0.0.0.
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/filter.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 159e1b6..9ba50be 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -890,7 +890,7 @@ function filter_generate_reflection($rule, $nordr, $rdr_ifs, $srcaddr, $dstaddr_ else $rflctintrange = ""; $dstaddr = $dstaddr[0]; - if(empty($dstaddr) || strtolower(trim($dstaddr)) == "port") + if(empty($dstaddr) || trim($dstaddr) == "0.0.0.0" || strtolower(trim($dstaddr)) == "port") return ""; if(isset($rule['destination']['any'])) { |