diff options
| author | Luiz Gustavo S. Costa <lgcosta@pfsense.org> | 2011-02-21 23:43:46 -0300 |
|---|---|---|
| committer | Luiz Gustavo S. Costa <lgcosta@pfsense.org> | 2011-02-21 23:43:46 -0300 |
| commit | c646776871dacebcaa4225b083aa0789dc0bfba6 (patch) | |
| tree | aac7e85d726fe6b19a3a832af1d1f7b995ec912b /etc | |
| parent | 95938fae08add39dabf08fe0b15eaddec5fca7ee (diff) | |
| download | pfsense-c646776871dacebcaa4225b083aa0789dc0bfba6.zip pfsense-c646776871dacebcaa4225b083aa0789dc0bfba6.tar.gz | |
Add Global reply-to disable checkbox, resolves the issue #1137
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 21 |
1 files changed, 4 insertions, 17 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 52bbe31..5b0ff4a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -521,10 +521,8 @@ function filter_generate_aliases() { $aliases .= "table <sshlockout> persist\n"; $aliases .= "table <webConfiguratorlockout> persist\n"; - $aliases .= "#pfSnortSam tables\n"; + $aliases .= "#Snort2C table\n"; $aliases .= "table <snort2c>\n"; - $aliases .= "table <pfSnortSamout>\n"; - $aliases .= "table <pfSnortSamin>\n"; $aliases .= "\ntable <virusprot>\n"; @@ -1740,7 +1738,7 @@ function filter_generate_user_rule($rule) { update_filter_reload_status("Setting up pass/block rules {$rule['descr']}"); /* do not process reply-to for gateway'd rules */ - if($rule['gateway'] == "" && $aline['direction'] <> "" && interface_has_gateway($rule['interface']) && !isset($rule['disablereplyto'])) { + if($rule['gateway'] == "" && $aline['direction'] <> "" && interface_has_gateway($rule['interface']) && !isset($config['system']['disablereplyto'])) { $rg = get_interface_gateway($rule['interface']); if(is_ipaddr($rg)) { $aline['reply'] = "reply-to ( {$ifcfg['if']} {$rg} ) "; @@ -1756,7 +1754,7 @@ function filter_generate_user_rule($rule) { /* Add the load balanced gateways */ $aline['route'] = " \$GW{$rule['gateway']} "; else - log_error("The gateway: {$rule['gateway']} is invalid or unknown, not using it."); + log_error("The gateway: {$rule['gateway']} is invalid/unkown not using it."); } if(isset($rule['protocol'])) { @@ -2018,11 +2016,9 @@ EOD; $ipfrules .= <<<EOD -# pfSnortSam +# snort2c block quick from <snort2c> to any label "Block snort2c hosts" block quick from any to <snort2c> label "Block snort2c hosts" -block quick from <pfSnortSamout> to any label "Block pfSnortSamOut hosts" -block quick from any to <pfSnortSamin> label "Block pfSnortSamIn hosts" EOD; @@ -2171,15 +2167,6 @@ pass in on \${$oc['descr']} proto udp from any port = 68 to {$oc['ip']} port = 6 pass out on \${$oc['descr']} proto udp from {$oc['ip']} port = 67 to any port = 68 label "allow access to DHCP server" EOD; - if($config['dhcpd'][$on]['failover_peerip'] <> "") { - $ipfrules .= <<<EOD -# allow access to DHCP failover on {$oc['descr']} from {$config['dhcpd'][$on]['failover_peerip']} -pass in on \${$oc['descr']} proto udp from {$config['dhcpd'][$on]['failover_peerip']} to {$oc['ip']} port = 519 label "allow access to DHCP failover" -pass in on \${$oc['descr']} proto udp from {$config['dhcpd'][$on]['failover_peerip']} to {$oc['ip']} port = 520 label "allow access to DHCP failover" - -EOD; - } - } break; } |
