diff options
| author | Seth Mos <seth.mos@xs4all.nl> | 2008-09-02 20:52:45 +0000 |
|---|---|---|
| committer | Seth Mos <seth.mos@xs4all.nl> | 2008-09-02 20:52:45 +0000 |
| commit | a9d8f977d8384d426e927e44c7574998dcf3ff72 (patch) | |
| tree | 36f962f1f7ab11040a8b091e8407f884de6279f4 /etc | |
| parent | a30782f35c8c7f7bb75766717045c1a5b2d485ad (diff) | |
| download | pfsense-a9d8f977d8384d426e927e44c7574998dcf3ff72.zip pfsense-a9d8f977d8384d426e927e44c7574998dcf3ff72.tar.gz | |
Enclose interface in curly brackets to prevent filter errors.
This handles the multiple openvpn interfaces retuned from the interface list.
This should probably review after the openvpn work
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 320e5f4..af61b43 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1143,7 +1143,7 @@ function filter_nat_rules_generate() $natrules .= "rdr on {$ifname['if']} proto tcp from any to {$extaddr} port { {$xxx} } -> 127.0.0.1 port {$starting_localhost_port}\n"; $starting_localhost_port++; fwrite($inetd_fd, "{$starting_localhost_port}\tstream\ttcp/udp\tnowait/0\tnobody\t/usr/bin/nc nc -w {$reflectiontimeout} {$target} {$tda}\n"); - $natrules .= "rdr on {$ifname['if']} proto udp from any to {$extaddr} port { {$xxx} } -> 127.0.0.1 port {$starting_localhost_port}\n"; + $natrules .= "rdr on { {$ifname['if']} } proto udp from any to {$extaddr} port { {$xxx} } -> 127.0.0.1 port {$starting_localhost_port}\n"; $xxx++; $starting_localhost_port++; } @@ -1177,7 +1177,7 @@ function filter_nat_rules_generate() else $reflectiontimeout = "20"; fwrite($inetd_fd, "{$starting_localhost_port}\tstream\t{$protocol}\tnowait/0\tnobody\t/usr/bin/nc nc {$dash_u}-w {$reflectiontimeout} {$target} {$tda}\n"); - $natrules .= "rdr on {$ifname['if']} proto {$protocol} from any to {$extaddr} port { {$xxx} } -> 127.0.0.1 port {$starting_localhost_port}\n"; + $natrules .= "rdr on { {$ifname['if']} } proto {$protocol} from any to {$extaddr} port { {$xxx} } -> 127.0.0.1 port {$starting_localhost_port}\n"; $xxx++; $starting_localhost_port++; } @@ -2367,14 +2367,14 @@ EOD; switch($rule['protocol']) { case "tcp/udp": $protocol = "{ tcp udp }"; - $ipfrules .= "pass in on {$ifname['if']} inet proto tcp from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; + $ipfrules .= "pass in on { {$ifname['if']} } inet proto tcp from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; $starting_localhost_port++; - $ipfrules .= "pass in on {$ifname['if']} inet proto udp from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; + $ipfrules .= "pass in on { {$ifname['if']} } inet proto udp from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; break; case "tcp": case "udp": $protocol = $rule['protocol']; - $ipfrules .= "pass in on {$ifname['if']} inet proto {$rule['protocol']} from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; + $ipfrules .= "pass in on { {$ifname['if']} } inet proto {$rule['protocol']} from any to \$loopback port {$starting_localhost_port} keep state label \"NAT REFLECT: Allow traffic to localhost\"\n"; break; default: break; |
