diff options
| author | Ermal LUÇI <eri@pfsense.org> | 2015-05-01 21:08:53 +0200 |
|---|---|---|
| committer | Ermal LUÇI <eri@pfsense.org> | 2015-05-01 21:08:53 +0200 |
| commit | 65ceb82d1e0727c0b0c2dcd3f8aa65277171ea33 (patch) | |
| tree | 58093779c167e5ac67bf26f1e66ec5edd5e28c07 /etc | |
| parent | 2842c8d407e34a9183908a1677ec162a7b0ea209 (diff) | |
| download | pfsense-65ceb82d1e0727c0b0c2dcd3f8aa65277171ea33.zip pfsense-65ceb82d1e0727c0b0c2dcd3f8aa65277171ea33.tar.gz | |
Fixes #4651 Assign a proper tracker for NEGATE rules
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/filter.inc | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index b7d2051..f5a911d 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -119,13 +119,21 @@ $icmp6types = array( ); global $tracker; +global $negate_tracker; $tracker = 1000000000; +$negate_tracker = 10000000; function filter_rule_tracker($tracker) { global $tracker; return (++$tracker); +} +function filter_negaterule_tracker() { + global $tracker; + + ++$negate_tracker; + return "tracker {$negate_tracker} "; } function fix_rule_label($descr) { @@ -3036,7 +3044,7 @@ function filter_generate_user_rule($rule) { $line .= $aline['type'] . $aline['direction'] . $aline['log'] . $aline['quick'] . $aline['interface'] . $aline['ipprotocol'] . $aline['prot'] . $aline['src'] . $aline['os'] . $negate_networks . $aline['icmp-type'] . $aline['icmp6-type'] . $aline['tag'] . $aline['tagged'] . - $aline['vlanprio'] . $aline['vlanprioset'] . $aline['dscp'] . $aline['tracker'] . $aline['allowopts'] . $aline['flags'] . + $aline['vlanprio'] . $aline['vlanprioset'] . $aline['dscp'] . filter_negaterule_tracker() . $aline['allowopts'] . $aline['flags'] . $aline['queue'] . $aline['dnpipe'] . $aline['schedlabel'] . " label \"NEGATE_ROUTE: Negate policy routing for destination\"\n"; |
