diff options
author | Ermal <eri@pfsense.org> | 2012-10-05 18:15:47 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-10-05 18:15:47 +0000 |
commit | 6e97e102b0a2cdb946f495dcb40adbd04d0614b4 (patch) | |
tree | abfceebb6d4e87fa8dd2158e16100eed22b5eec7 /etc/inc | |
parent | db535a1c39140b8c884a896b578814866fbb0b09 (diff) | |
download | pfsense-6e97e102b0a2cdb946f495dcb40adbd04d0614b4.zip pfsense-6e97e102b0a2cdb946f495dcb40adbd04d0614b4.tar.gz |
Correct check since it might be an ip as well
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/filter.inc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index ca3702c..b25d10b 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1446,11 +1446,15 @@ function filter_nat_rules_generate() { else $nataction = "binat"; $local_subnet = ipsec_idinfo_to_cidr($ph2ent['localid']); - if (empty($local_subnet) || !is_subnet($local_subnet) || $local_subnet == "0.0.0.0/0") + if (empty($local_subnet) || $local_subnet == "0.0.0.0/0") + continue; + if (!is_subnet($local_subnet) && !is_ipaddr($local_subnet)) continue; $natlocal_subnet = ipsec_idinfo_to_cidr($ph2ent['natlocalid']); if (empty($natlocal_subnet) || !is_subnet($natlocal_subnet) || $natlocal_subnet == "0.0.0.0/0") continue; + if (!is_subnet($natlocal_subnet) && !is_ipaddr($natlocal_subnet)) + continue; $natrules .= "{$nataction} on enc0 from {$local_subnet} to any -> {$natlocal_subnet}\n"; } } |