diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-05-01 22:51:04 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-05-01 22:51:04 +0000 |
| commit | 571863f0c1b1b2f03fbd24aba89c90086c84e6e0 (patch) | |
| tree | 5eca6781ccb2710cec719a8955d7333d9dd82d0a /etc | |
| parent | 470088202ea88aa03188b6c14efbf6a5412fabef (diff) | |
| download | pfsense-571863f0c1b1b2f03fbd24aba89c90086c84e6e0.zip pfsense-571863f0c1b1b2f03fbd24aba89c90086c84e6e0.tar.gz | |
Adjust for Open/Net bridging
* Allow traffic out all bridge* interfaces
* Tie bridge0 to the optional interface thats being bridged
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 78523f5..b11f13d 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -387,7 +387,16 @@ function filter_generate_aliases() { foreach ($ifdescrs as $ifdescr => $ifname) { /* do not process tun interfaces */ if(stristr(filter_opt_interface_to_real($ifname), "tun") == true) continue; - $aliases .= filter_get_opt_interface_descr($ifname) . " = \"{ " . filter_opt_interface_to_real($ifname) . " }\"\n"; + $aliases .= filter_get_opt_interface_descr($ifname) . " = \"{ " . filter_opt_interface_to_real($ifname); + if($config['interfaces'][$ifname]['bridge'] <> "") { + $aliases .= " bridge0 "; /************************************ + * warning! aktung! ugly hack! * + * needs to be updated if we want * + * to support more than one bridge * + * concurrently * + ************************************/ + } + $aliases .= " }\"\n"; } $aliases .= "# User Aliases \n"; /* Setup pf groups */ @@ -1723,6 +1732,14 @@ function create_firewall_outgoing_rules_to_itself() { } } + + /* is bridging turned on? */ + for($x=0; $x<10; $x++) { + if(does_interface_exist("bridge{$x}") == true) { + $rule .="pass out quick on bridge{$x} all keep state label \"let out anything from firewall host itself\"\n"; + } + } + return $rule; } |
