diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-05-17 01:17:59 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-05-17 01:17:59 +0000 |
| commit | 62460a467a6d4e9f82b3b097d13865789d25a80b (patch) | |
| tree | ae69a2a282537c56119496b8b97ff22db16e04cd /etc | |
| parent | 08c3872d7f6a156c542d86b90d897a2d0ab709ab (diff) | |
| download | pfsense-62460a467a6d4e9f82b3b097d13865789d25a80b.zip pfsense-62460a467a6d4e9f82b3b097d13865789d25a80b.tar.gz | |
* skipto 65535 on rules when talking to firewall directly
* use me instead of $lanip when detecting if we're conversing with the firewall directly
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index a502efc..21dd4f5 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -479,8 +479,8 @@ function filter_generate_altq_rules() { /* add a rule to pass all traffic from/to the firewall, so the user cannot lock himself out of the webGUI */ - $shaperrules = "add $rulei set 4 pass all from $lanip to any\n"; $rulei++; - $shaperrules .= "add $rulei set 4 pass all from any to $lanip\n"; $rulei++; + $shaperrules = "add $rulei set 4 skipto 65535 ip from me to any\n"; $rulei++; + $shaperrules .= "add $rulei set 4 skipto 65535 ip from any to me\n"; $rulei++; $shaperrules .= "add $rulei set 4 pass carp from any to any\n"; $rulei++; $shaperrules .= "add $rulei set 4 pass pfsync from any to any\n"; $rulei++; |
