diff options
author | Camlin <camlin@users.noreply.github.com> | 2014-04-18 10:55:28 +0100 |
---|---|---|
committer | Camlin <camlin@users.noreply.github.com> | 2014-04-18 10:55:28 +0100 |
commit | dd8d9bdcaabe14ae4d4047f0dc48169f409dbe92 (patch) | |
tree | d1df24e97bdd3be9c427c02b70e11060df42c8b3 /etc | |
parent | 8c7e38ff68a41df43ecd2e724291834586e14754 (diff) | |
download | pfsense-dd8d9bdcaabe14ae4d4047f0dc48169f409dbe92.zip pfsense-dd8d9bdcaabe14ae4d4047f0dc48169f409dbe92.tar.gz |
pfSense - Bug #3607: Fix issue whereby the ICMP6 messages sometimes have the wrong source IP when a monitor gateway has been set.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/gwlb.inc | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index d9b0638..e5c5058 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -185,14 +185,30 @@ EOD; " " . escapeshellarg($gateway['gateway']), true); } } else if ($gateway['ipprotocol'] == "inet6") { // This is an IPv6 gateway... - /* link locals really need a different src ip */ - if(is_linklocal($gateway['gateway'])) { - $gwifip = find_interface_ipv6_ll($gateway['interface'], true); + if ($gateway['monitor'] == $gateway['gateway']) { + /* link locals really need a different src ip */ + if (is_linklocal($gateway['gateway'])) { + $gwifip = find_interface_ipv6_ll($gateway['interface'], true); + } else { + $gwifip = find_interface_ipv6($gateway['interface'], true); + } } else { + /* 'monitor' has been set, so makes sure it has precedence over + * 'gateway' in defining the source IP. Otherwise if 'gateway' + * is a local link and 'monitor' is global routable then the + * ICMP6 response would not find its way back home... + */ $gwifip = find_interface_ipv6($gateway['interface'], true); + if (is_linklocal($gateway['monitor'])) { + if (!strstr($gateway['monitor'], '%')) { + $gateway['monitor'] .= "%{$gateway['interface']}"; + } + } else { + // Monitor is a routable address, so use a routable address for the "src" part + $gwifip = find_interface_ipv6($gateway['interface'], true); + } } - if (is_linklocal($gateway['monitor']) && !strstr($gateway['monitor'], '%')) - $gateway['monitor'] .= "%{$gateway['interface']}"; + if (!is_ipaddrv6($gwifip)) continue; //Skip this target |