From 290797ea64be6e28c97e563dd688e373263f0154 Mon Sep 17 00:00:00 2001
From: Seth Mos <seth.mos@dds.nl>
Date: Mon, 25 Oct 2010 13:48:12 +0200
Subject: Fix the filter.inc rule generation for icmp to prevent a double inet6
 in the rule Add inet6 for user defined rules to ipv6 addresses.

---
 etc/inc/filter.inc               |  8 ++++----
 usr/local/www/firewall_rules.php | 12 ++++++++++++
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 45c4746..6905e61 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1680,12 +1680,12 @@ function filter_generate_user_rule($rule) {
 				return "# source network or destination network == pptp on " . $rule['descr'];
 	}
 
-	if(isset($rule['iprotocol']) && $rule['ipprotocol'] <> "") {
+	if(isset($rule['ipprotocol'])) {
 		switch($rule['ipprotocol']) {
 			case "inet":
 				$aline['ipprotocol'] = "inet";
 				break;
-			case "inet":
+			case "inet6":
 				$aline['ipprotocol'] = "inet6";
 				break;
 		}
@@ -1760,7 +1760,7 @@ function filter_generate_user_rule($rule) {
 		if($rule['protocol'] == "tcp/udp")
 			$aline['prot'] = " proto { tcp udp } ";
 		elseif(($rule['protocol'] == "icmp") && ($rule['ipprotocol'] == "inet6"))
-			$aline['prot'] = " inet6 proto ipv6-icmp ";
+			$aline['prot'] = " proto ipv6-icmp ";
 		elseif($rule['protocol'] == "icmp")
 			$aline['prot'] = " inet proto icmp ";
 		else
@@ -1967,7 +1967,7 @@ function filter_generate_user_rule($rule) {
 	/* piece together the actual user rule */
 	$line .= $aline['type'] . $aline['direction'] . $aline['log'] . $aline['quick'] . $aline['interface'] .
 		$aline['reply'] . $aline['route'] . $aline['ipprotocol'] . $aline['prot'] . $aline['src'] . $aline['os'] . $aline['dst'] .
-		$aline['divert'] . $aline['icmp-type'] . $aline['tag'] . $aline['tagged'] . $aline['dscp'] .
+		$aline['divert'] . $aline['icmp-type'] . $aline['icmp6-type'] . $aline['tag'] . $aline['tagged'] . $aline['dscp'] .
 		$aline['allowopts'] . $aline['flags'] . $aline['queue'] . $aline['dnpipe'] . $aline['schedlabel'];
 
 
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php
index cdd417a..b3533e2 100755
--- a/usr/local/www/firewall_rules.php
+++ b/usr/local/www/firewall_rules.php
@@ -632,6 +632,18 @@ if($_REQUEST['undodrag']) {
                   </td>
                   <td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
                     <?=$textss;?><?php
+			if (isset($filterent['ipprotocol'])) {
+				switch($filterent['ipprotocol']) {
+					case "inet":
+						echo "IPv4 ";
+						break;
+					case "inet6":
+						echo "IPv6 ";
+						break;
+				}
+			} else {
+				echo "IPv4 ";
+			}
 			if (isset($filterent['protocol'])) {
 				echo strtoupper($filterent['protocol']);
 				if (strtoupper($filterent['protocol']) == "ICMP" && !empty($filterent['icmptype'])) {
-- 
cgit v1.1