diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2006-06-20 17:36:55 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2006-06-20 17:36:55 +0000 |
| commit | bdac13de30d9086126561c9000e980bd46dd0479 (patch) | |
| tree | ab95e3ab46202520b4a72aed7a62bc30c2cbbd44 /usr/local/www/system_advanced.php | |
| parent | 3fdc661d86ba36f24089457f175d80471a15bbe5 (diff) | |
| download | pfsense-bdac13de30d9086126561c9000e980bd46dd0479.zip pfsense-bdac13de30d9086126561c9000e980bd46dd0479.tar.gz | |
MFC
Import Static route filtering option from m0n0wall 1.2b5 It appears this knob was missing since after BETA3 and thus may have caused issues with static routes on any interface.
Diffstat (limited to 'usr/local/www/system_advanced.php')
| -rwxr-xr-x | usr/local/www/system_advanced.php | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/usr/local/www/system_advanced.php b/usr/local/www/system_advanced.php index a714621..dd28980 100755 --- a/usr/local/www/system_advanced.php +++ b/usr/local/www/system_advanced.php @@ -54,7 +54,7 @@ $pconfig['enablesshd'] = $config['system']['enablesshd']; $pconfig['sshport'] = $config['system']['ssh']['port']; $pconfig['sharednet'] = $config['system']['sharednet']; $pconfig['polling_enable'] = isset($config['system']['polling']); - +$pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablenatreflection'] = $config['system']['disablenatreflection']; if ($_POST) { @@ -200,6 +200,7 @@ if ($_POST) { $config['ipsec']['preferoldsa'] = $_POST['preferoldsa_enable'] ? true : false; $config['bridge']['filteringbridge'] = $_POST['filteringbridge_enable'] ? true : false; + $config['filter']['bypassstaticroutes'] = $_POST['bypassstaticroutes'] ? true : false; write_config(); @@ -447,6 +448,18 @@ include("head.inc"); </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Static route filtering</td> + <td width="78%" class="vtable"> + <input name="bypassstaticroutes" type="checkbox" id="bypassstaticroutes" value="yes" <?php if ($pconfig['bypassstaticroutes']) echo "checked"; ?> /> + <strong>Bypass firewall rules for traffic on the same interface</strong> + <br /> + This option only applies if you have defined one or more static routes. If it is enabled, traffic that enters and + leaves through the same interface will not be checked by the firewall. This may be desirable in some situations where + multiple subnets are connected to the same interface. + <br /> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell">IPsec SA preferral</td> <td width="78%" class="vtable"> <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> /> @@ -693,4 +706,4 @@ if (($config['system']['webgui']['certificate'] != $oldcert) touch("/tmp/restart_webgui"); } -?>
\ No newline at end of file +?> |
