diff options
author | jim-p <jimp@pfsense.org> | 2015-07-29 14:40:52 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-07-29 14:40:52 -0400 |
commit | 6538d22fcb8068b276585b6cc2b4f7b9b0c58829 (patch) | |
tree | 399e1934cae8b7b9179e3c09a9a151b4cb97df74 /etc | |
parent | 83a05b663a9956b464208a1f0c9d1a3425cef37c (diff) | |
download | pfsense-6538d22fcb8068b276585b6cc2b4f7b9b0c58829.zip pfsense-6538d22fcb8068b276585b6cc2b4f7b9b0c58829.tar.gz |
Use an alternate method to find VIP targets that should be allowed for Captive Portal. Fixes #4903
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 17 | ||||
-rw-r--r-- | etc/inc/filter.inc | 17 |
2 files changed, 14 insertions, 20 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 074b0dc..3d29791 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -499,18 +499,15 @@ function captiveportal_init_rules($reinit = false) { if (!empty($tmpif)) { $cpipm = get_interface_ip($cpifgrp); if (is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - mwexec("/sbin/ipfw zone {$cpzoneid} madd {$cpcarp}", true); - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) { - $cpips[] = $carpip; - } + $cpips[] = $cpipm; + if (!is_array($config['virtualip']) || !is_array($config['virtualip']['vip'])) { + continue; + } + foreach ($config['virtualip']['vip'] as $vip) { + if (($vip['interface'] == $cpifgrp) && (($vip['mode'] == "carp") || ($vip['mode'] == "ipalias"))) { + $cpips[] = $vip['subnet']; } } - $cpips[] = $cpipm; } mwexec("/sbin/ipfw zone {$cpzoneid} madd {$tmpif}", true); } diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 469903a..73614f8 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -3240,18 +3240,15 @@ EOD; $cpiflist[] = "{$tmpif}"; $cpipm = get_interface_ip($cpifgrp); if (is_ipaddr($cpipm)) { - $carpif = link_ip_to_carp_interface($cpipm); - if (!empty($carpif)) { - $cpiflist[] = $carpif; - $carpsif = explode(" ", $carpif); - foreach ($carpsif as $cpcarp) { - $carpip = find_interface_ip($cpcarp); - if (is_ipaddr($carpip)) { - $cpiplist[] = $carpip; - } + $cpiplist[] = $cpipm; + if (!is_array($config['virtualip']) || !is_array($config['virtualip']['vip'])) { + continue; + } + foreach ($config['virtualip']['vip'] as $vip) { + if (($vip['interface'] == $cpifgrp) && (($vip['mode'] == "carp") || ($vip['mode'] == "ipalias"))) { + $cpiplist[] = $vip['subnet']; } } - $cpiplist[] = $cpipm; } } } |