From 31afa0845012952d731a191e55a126a12054e25e Mon Sep 17 00:00:00 2001
From: Chris Buechler <cmb@pfsense.org>
Date: Tue, 25 Nov 2014 22:57:41 -0600
Subject: Skip interface subnets for IPv4 here, this is best handled via the
 NAT networks list. Ticket #4023

---
 etc/inc/unbound.inc | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'etc/inc/unbound.inc')

diff --git a/etc/inc/unbound.inc b/etc/inc/unbound.inc
index 332f71c..05667ad 100644
--- a/etc/inc/unbound.inc
+++ b/etc/inc/unbound.inc
@@ -592,9 +592,8 @@ function unbound_acls_config() {
 	foreach($active_interfaces as $ubif => $ifdesc) {
 		$ifip = get_interface_ip($ubif);
 		if (is_ipaddrv4($ifip)) {
-			$subnet_bits = get_interface_subnet($ubif);
-			$subnet_ip = gen_subnet($ifip, $subnet_bits);
-			$aclcfg .= "access-control: {$subnet_ip}/{$subnet_bits} allow\n";
+			// IPv4 is handled via NAT networks below
+			continue;
 		}
 		$ifip = get_interface_ipv6($ubif);
 		if (is_ipaddrv6($ifip)) {
-- 
cgit v1.1