From 101ce09aee348471171d7d4c948ea1f01ddb98ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20Lu=E7i?= <eri@pfsense.org>
Date: Tue, 9 Mar 2010 19:07:52 +0000
Subject: Ticket #406. Add openvpn tunnel networks to the auto generated nat
 rules.

---
 etc/inc/filter.inc | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'etc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 817155f..f06d6ec 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -1003,6 +1003,23 @@ function filter_nat_rules_generate() {
 				$tonathosts .= "{$FilterIflist['l2tp']['sa']}/{$l2tp_subnet} ";
 			}
 		}
+		/* add openvpn interfaces */
+        	if(is_array($config['openvpn']['openvpn-server'])) {
+			foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) {
+				if (!empty($ovpnsrv['tunnel_network'])) {
+					$numberofnathosts++;
+					$tonathosts .= "{$ovpnsrv['tunnel_network']} ";
+				}
+			}
+		}
+        	if(is_array($config['openvpn']['openvpn-client'])) {
+			foreach ($config['openvpn']['openvpn-client'] as $ovpnsrv) {
+				if (!empty($ovpnsrv['tunnel_network'])) {
+					$numberofnathosts++;
+					$tonathosts .= "{$ovpnsrv['tunnel_network']} ";
+				}
+			}
+		}
 		$natrules .= "\n# Subnets to NAT \n";
 		if($numberofnathosts > 4) {
 			$natrules .= "table <tonatsubnets> { {$tonathosts} }\n";
-- 
cgit v1.1