From a23a6db321a96c896217009a1f59ac18d30ecceb Mon Sep 17 00:00:00 2001
From: Chris Buechler <cmb@pfsense.org>
Date: Wed, 19 May 2010 20:27:51 -0400
Subject: get rid of flowtable

---
 etc/inc/filter.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'etc/inc/filter.inc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 77a06d2..694d982 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -69,7 +69,8 @@ function flowtable_configure() {
 	// nmbflows cpu count * ($maxstates * 2)
 	$cpus = trim(`/sbin/sysctl kern.smp.cpus | /usr/bin/cut -d' ' -f2`);
 	$nmbflows = ($cpus*($maxstates*2));
-	// Is flowtable enabled?
+	// flowtable is not enabled
+	/*
 	if($config['system']['flowtable'])
 		$flowtable_enable = 1;
 	else
@@ -82,6 +83,7 @@ function flowtable_configure() {
 		}
 		mwexec("/sbin/sysctl net.inet.flowtable.enable={$flowtable_enable}");
 	}
+	*/
 }
 
 function filter_load_ipfw() {
-- 
cgit v1.1


From 986a3accd40a7d45c0a3d48d2b42d2c58a231d99 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Wed, 19 May 2010 21:32:11 -0400
Subject: block carp traffic to hosts self to avoid loops.  fixes #598

---
 etc/inc/filter.inc | 1 +
 1 file changed, 1 insertion(+)

(limited to 'etc/inc/filter.inc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 694d982..659fae1 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2500,6 +2500,7 @@ function filter_process_carp_rules() {
 	if(isset($config['installedpackages']['carp']['config']) &&
 			 $config['installedpackages']['carpsettings']['config'] <> "" or
 			 $config['virtualip']['vip'] <> "") {
+		$lines .= "block in log quick proto carp from (self) to any\n";
 		$lines .= "pass quick proto carp\n";
 		$lines .= "pass quick proto pfsync\n";
 	}
-- 
cgit v1.1


From 79f9b9bcdd6f684ff3fc629047609579ed0f1da4 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 20 May 2010 21:36:34 +0000
Subject: Fixes #610. Do not use the value of mtu blindly test it is set or use
 1500 as default.

---
 etc/inc/filter.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc/inc/filter.inc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 659fae1..f01faee 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -692,7 +692,7 @@ function filter_generate_optcfg_array() {
 		if(!is_ipaddr($oc['ipaddr']) && !empty($oc['ipaddr']))
 			$oic['type'] = $oc['ipaddr'];
 		$oic['sn'] = get_interface_subnet($if);
-		$oic['mtu'] = $oc['mtu'];
+		$oic['mtu'] = empty($oc['mtu']) ? 1500 : $oc['mtu'];
 		$oic['descr'] = $ifdetail;
 		$oic['sa'] = gen_subnet($oic['ip'], $oic['sn']);
 		$oic['nonat'] = $oc['nonat'];
-- 
cgit v1.1