diff options
| author | Chris Buechler <cmb@pfsense.org> | 2009-11-15 00:00:40 -0500 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2009-11-15 00:00:40 -0500 |
| commit | 4fca1592bd1c35d5147afdde4e037ecb948488bb (patch) | |
| tree | bf8c5ff001779f88124d095747a7d132284ce789 /etc | |
| parent | cc125e1393e851f294735781d023f9296731a9a9 (diff) | |
| download | pfsense-4fca1592bd1c35d5147afdde4e037ecb948488bb.zip pfsense-4fca1592bd1c35d5147afdde4e037ecb948488bb.tar.gz | |
Don't add hard coded rules to allow traffic to the portal.
1) the no state breaks CP
2) it's never been automatically allowed previously, and hard coded non-editable rules are bad.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 1ecb187..3d9936f 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1622,11 +1622,6 @@ function filter_rules_generate() $cpiplist[] = $cpipm; } } - if (count($cpiplist) > 0 && count($cpiflist) > 0) { - $cpinterface = implode(" ", $cpiflist); - $cpaddresses = implode(" ", $cpiplist); - $ipfrules .= "pass in quick on {$cpinterface} proto tcp from any to {$cpaddresses} port { 8000 8001 } no state\n"; - } } /* relayd */ $ipfrules .= "anchor \"relayd/*\"\n"; |
