diff options
author | Ermal Luçi <eri@pfsense.org> | 2009-05-30 18:23:18 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2009-05-30 18:23:35 +0000 |
commit | d02a500dff36827d64654a5f9b6fd18ac8714766 (patch) | |
tree | 67c7d77bffe47de7d11d3330b451ad5f79383570 /etc | |
parent | 0e11e138946e537a70aec163bb097808f874593e (diff) | |
download | pfsense-d02a500dff36827d64654a5f9b6fd18ac8714766.zip pfsense-d02a500dff36827d64654a5f9b6fd18ac8714766.tar.gz |
Fix captive portal multinterface rule gfeneration.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 6e0c210..133680a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1533,11 +1533,25 @@ function filter_rules_generate() * is allowed on a locked down interface */ if (isset($config['captiveportal']['enable'])) { - $cp_interface = $config['captiveportal']['interface']; - $cp_interface_real = $FilterIflist[$cp_interface]['if']; - $cp_interface_ip = $FilterIflist[$cp_interface_real]['ip']; - if(is_ipaddr($cp_interface_ip) and $cp_interface_real) - $ipfrules .= "pass in quick on {$cp_interface_real} proto tcp from any to {$cp_interface_ip} port { 8000 8001 } keep state\n"; + $cpinterfaces = explode(",", $config['captiveportal']['interface']); + $cpiflist = array(); + $cpiplist = array(); + foreach ($cpinterfaces as $cpifgrp) { + if (!isset($FilterIflist[$cpifgrp])) + continue; + $tmpif = get_real_interface($cpifgrp); + if (!empty($tmpif)) { + $cpiflist[] = "{$tmpif}"; + $cpipm = get_interface_ip($cpifgrp); + if (is_ipaddr($cpipm)) + $cpiplist[] = $cpipm; + } + } + if (count($cpiplist) > 0 && count($cpiflist) > 0) { + $cpinterface = implode(" ", $cpiflist); + $cpaddresses = implode(" ", $cpiplist); + $ipfrules .= "pass in quick on {$cpinterface} proto tcp from any to {$cpaddresses} port { 8000 8001 } keep state\n"; + } } /* relayd */ $ipfrules .= "anchor \"relayd/*\"\n"; |