Regression #11751 ยป 211.diff
| src/etc/inc/filter.inc | ||
|---|---|---|
| 3381 | 3381 |
function filter_rules_generate() {
|
| 3382 | 3382 |
global $config, $g, $FilterIflist, $time_based_rules, $GatewaysList, |
| 3383 | 3383 |
$tracker, $vlanprio_values, $antilockout_tracker, |
| 3384 |
$bogons_tracker, $rfc1918_tracker; |
|
| 3384 |
$bogons_tracker, $rfc1918_tracker, $vpn_and_ppp_ifs;
|
|
| 3385 | 3385 | |
| 3386 | 3386 |
$fix_rule_label = 'fix_rule_label'; |
| 3387 | 3387 |
$increment_tracker = 'filter_rule_tracker'; |
| ... | ... | |
| 3955 | 3955 |
$rule_arr1 = array(); |
| 3956 | 3956 |
$rule_arr2 = array(); |
| 3957 | 3957 |
$rule_arr3 = array(); |
| 3958 |
$vpn_and_ppp_ifs = array("l2tp", "pptp", "pppoe", "enc0", "openvpn");
|
|
| 3959 | 3958 |
/* |
| 3960 | 3959 |
* NB: The order must be: Floating rules, then interface group and then regular ones. |
| 3961 | 3960 |
*/ |
| src/etc/inc/globals.inc | ||
|---|---|---|
| 344 | 344 |
), |
| 345 | 345 |
); |
| 346 | 346 | |
| 347 |
global $vpn_and_ppp_ifs; |
|
| 348 |
$vpn_and_ppp_ifs = array("l2tp", "pppoe", "enc0", "openvpn");
|
|
| 347 | 349 |
?> |
| src/etc/inc/util.inc | ||
|---|---|---|
| 3744 | 3744 |
return false; |
| 3745 | 3745 |
} |
| 3746 | 3746 |
} |
| 3747 | ||
| 3748 |
function is_interface_ipaddr($interface) {
|
|
| 3749 |
global $config; |
|
| 3750 | ||
| 3751 |
if (is_array($config['interfaces'][$interface]) && |
|
| 3752 |
isset($config['interfaces'][$interface]['ipaddr']) && |
|
| 3753 |
!empty($config['interfaces'][$interface]['ipaddr'])) {
|
|
| 3754 |
return true; |
|
| 3755 |
} |
|
| 3756 |
return false; |
|
| 3757 |
} |
|
| 3758 | ||
| 3759 |
function is_interface_ipaddrv6($interface) {
|
|
| 3760 |
global $config; |
|
| 3761 | ||
| 3762 |
if (is_array($config['interfaces'][$interface]) && |
|
| 3763 |
isset($config['interfaces'][$interface]['ipaddrv6']) && |
|
| 3764 |
!empty($config['interfaces'][$interface]['ipaddrv6'])) {
|
|
| 3765 |
return true; |
|
| 3766 |
} |
|
| 3767 |
return false; |
|
| 3768 |
} |
|
| 3769 | ||
| 3747 | 3770 |
?> |
| src/usr/local/www/firewall_nat_1to1_edit.php | ||
|---|---|---|
| 175 | 175 |
$srcipaddrtype = false; |
| 176 | 176 |
$dstipaddrtype = false; |
| 177 | 177 | |
| 178 |
if ((($_POST['ipprotocol'] == 'inet') && !get_interface_ip($_POST['interface'])) || |
|
| 179 |
(($_POST['ipprotocol'] == 'inet6') && !get_interface_ipv6($_POST['interface']))) {
|
|
| 180 |
$input_errors[] = gettext("The interface do not have address from the specified address family.");
|
|
| 178 |
if (((($_POST['ipprotocol'] == 'inet') && !is_interface_ipaddr($_POST['interface'])) || |
|
| 179 |
(($_POST['ipprotocol'] == 'inet6') && !is_interface_ipaddrv6($_POST['interface']))) && |
|
| 180 |
!is_interface_group($_POST['interface']) && !in_array($_POST['interface'], $vpn_and_ppp_ifs)) {
|
|
| 181 |
$input_errors[] = gettext("The interface does not have an address from the specified address family.");
|
|
| 181 | 182 |
} |
| 182 | 183 | |
| 183 | 184 |
if ($_POST['external'] && !is_specialnet($_POST['exttype']) && |