diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-04-07 20:58:49 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-04-07 20:58:49 +0000 |
commit | ecd43b7fbeadd703d0aabe4fa8303dfe13e6a94b (patch) | |
tree | ee51d18f3bc5b1097386bc85c720cc104504150a /etc | |
parent | 6ec72f51f2d0db3cad75718b976e378fd1fb0125 (diff) | |
download | pfsense-ecd43b7fbeadd703d0aabe4fa8303dfe13e6a94b.zip pfsense-ecd43b7fbeadd703d0aabe4fa8303dfe13e6a94b.tar.gz |
Skip rule creation when interface_ip or remote_gateway is unknown
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8d657cf..0909cd5 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2651,6 +2651,10 @@ EOD; $interface_ip = find_interface_ip(get_real_wan_interface()); else $interface_ip = find_interface_ip(convert_friendly_interface_to_real_interface_name($iface)); + if(!$interface_ip) + continue; + if(!$remote_gateway) + continue; $ipfrules .= "pass out quick on \${$iface} proto udp from {$interface_ip} to {$remote_gateway} port = 500 keep state label \"IPSEC: {$tunnel['descr']} - outbound isakmp\"\n"; $ipfrules .= "pass in quick on \${$iface} proto udp from {$remote_gateway} to $interface_ip port = 500 keep state label \"IPSEC: {$tunnel['descr']} - inbound isakmp\"\n"; if ($tunnel['p2']['protocol'] == 'esp') { |