From 2cff71c43a646075dea76bf269c3e4a1eabcbbf5 Mon Sep 17 00:00:00 2001
From: Renato Botelho <garga@FreeBSD.org>
Date: Fri, 22 Aug 2014 12:12:44 -0300
Subject: Take virtual IPs into consideration for automatic outbound NAT rules,
 it should now fix #983

---
 etc/inc/filter.inc | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'etc/inc/filter.inc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 711dae4..083e77c 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1366,6 +1366,24 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) {
 		if($oc['sa']) {
 			$tonathosts[] = "{$oc['sa']}/{$oc['sn']}";
 			$descriptions[] = $oc['descr'];
+			if (isset($oc['vips']) && is_array($oc['vips'])) {
+				$if_subnets = array("{$oc['sa']}/{$oc['sn']}");
+				foreach ($oc['vips'] as $vip) {
+					if (!is_ipaddrv4($vip['ip']))
+						continue;
+
+					foreach ($if_subnets as $subnet)
+						if (ip_in_subnet($vip['ip'], $subnet))
+							continue 2;
+
+					$network = gen_subnet($vip['ip'], $vip['sn']);
+					$tonathosts[] = $network . '/' . $vip['sn'];
+					$descriptions[] = "Virtual IP ({$oc['descr']})";
+					$if_subnets[] = $network . '/' . $vip['sn'];
+					unset($network);
+				}
+				unset($if_subnets);
+			}
 		}
 	}
 
-- 
cgit v1.1