diff options
author | Ermal <eri@pfsense.org> | 2011-10-13 14:58:16 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-10-13 14:58:16 +0000 |
commit | 378b298774bfa785006b41c61aae4793bdbef4c2 (patch) | |
tree | 338d7be9b84855721cb412893ffdc5f054c493e0 /etc/inc | |
parent | 7ad4b1f4d9ae93ceb41c9102900a4ba4bcb54f88 (diff) | |
download | pfsense-378b298774bfa785006b41c61aae4793bdbef4c2.zip pfsense-378b298774bfa785006b41c61aae4793bdbef4c2.tar.gz |
Add no nat/rdr rules for carp protocol so people do not screw their setups.
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 87c84d2..aaac24b 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1211,7 +1211,9 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " function filter_nat_rules_generate() { global $config, $g, $after_filter_configure_run, $FilterIflist, $GatewaysList, $aliases; - $natrules = "nat-anchor \"natearly/*\"\n"; + $natrules = "no nat proto carp\n"; + $natrules .= "no rdr proto carp\n"; + $natrules .= "nat-anchor \"natearly/*\"\n"; $natrules .= "nat-anchor \"natrules/*\"\n\n"; update_filter_reload_status("Creating 1:1 rules..."); |