Expand alias for redirect target port and truncate to first port or range if destination port is not that same alias, since the translation port in PF does not accept lists.

author: Erik Fonnesbeck <efonnes@gmail.com> 2010-09-07 23:44:31 -0600
committer: Erik Fonnesbeck <efonnes@gmail.com> 2010-09-07 23:44:31 -0600
commit: 9b485e512ad493f9f64bf9937eb12cf2f6011738 (patch)
tree: b2df721148eb7c6043847982e95148c44fb936fa /etc/inc
parent: 22d323b338ef35be05dbd97eb33d8f07517c38fb (diff)
download: pfsense-9b485e512ad493f9f64bf9937eb12cf2f6011738.zip
pfsense-9b485e512ad493f9f64bf9937eb12cf2f6011738.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 89a3d49..94c96ff 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1352,7 +1352,14 @@ function filter_nat_rules_generate() {
 			$localport = alias_expand($rule['local-port']);
 			if(!$localport || $dstport[0] == $localport) {
 				$localport = "";
-			} else if(is_alias($rule['destination']['port']) || is_alias($rule['local-port'])) {
+			} else if(is_alias($rule['local-port'])) {
+				$localport = filter_expand_alias($rule['local-port']);
+				if($localport) {
+					$localport = explode(" ", trim($localport));
+					$localport = $localport[0];
+					$localport = " port {$localport}";
+				}
+			} else if(is_alias($rule['destination']['port'])) {
 				$localport = " port {$localport}";
 			} else {
 				if(($dstport[1]) && ($dstport[0] != $dstport[1])) {
author	Erik Fonnesbeck <efonnes@gmail.com>	2010-09-07 23:44:31 -0600
committer	Erik Fonnesbeck <efonnes@gmail.com>	2010-09-07 23:44:31 -0600
commit	9b485e512ad493f9f64bf9937eb12cf2f6011738 (patch)
tree	b2df721148eb7c6043847982e95148c44fb936fa /etc/inc
parent	22d323b338ef35be05dbd97eb33d8f07517c38fb (diff)
download	pfsense-9b485e512ad493f9f64bf9937eb12cf2f6011738.zip pfsense-9b485e512ad493f9f64bf9937eb12cf2f6011738.tar.gz