From eae4f953f60904bd73d3f5d614035bd20feb429f Mon Sep 17 00:00:00 2001
From: Chris Buechler <cmb@pfsense.org>
Date: Thu, 9 Apr 2015 00:34:59 -0500
Subject: Skip reflection rdrs where the interface doesn't have an IP. Ticket
 #4564

---
 etc/inc/filter.inc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index fdc7e61..9c64795 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2032,7 +2032,13 @@ function filter_nat_rules_generate() {
 			if(isset($rule['destination']['any'])) {
 				/* With reflection enabled, destination of 'any' has side effects
 				 * that most people would not expect, so change it on reflection rules. */
-				$dstaddr_reflect = $FilterIflist[$natif]['ip'];
+				if (!empty($FilterIflist[$natif]['ip'])) {
+					$dstaddr_reflect = $FilterIflist[$natif]['ip'];
+				} else {
+					// no IP, bail 
+					continue;
+				}
+
 				if(!empty($FilterIflist[$natif]['sn']))
 					$dstaddr_reflect = gen_subnet($dstaddr_reflect, $FilterIflist[$natif]['sn']) . '/' . $FilterIflist[$natif]['sn'];
 
-- 
cgit v1.1