cp-ipv6-ugly.diff - pfSense - pfSense bugtracker

Feature #1831 » cp-ipv6-ugly.diff

Jim Pingle, 05/25/2022 07:37 AM

src/etc/inc/captiveportal.inc
2570	2570	if (isset($FilterIflist[$cpifgrp])) {
2571	2571	$realif = get_real_interface($cpifgrp);
2572	2572	if (!empty($realif)) {
	2573	$cpiplist = array();
2573	2574	$cpip = get_interface_ip($cpifgrp);
2574	2575	if (is_ipaddrv4($cpip)) {
2575		$cpiplist = $cpip . ' ';
2576		$cpiplist .= get_interface_vip_ips($cpifgrp);
	2576	$cpiplist[] = $cpip;
2577	2577	}
	2578	$cpip6 = get_interface_ipv6($cpifgrp);
	2579	if (is_ipaddrv6($cpip6)) {
	2580	$cpiplist[] = $cpip6;
	2581	}
	2582	$cpiplist[] = get_interface_vip_ips($cpifgrp);
	2583	$cpiplist = implode(' ', $cpiplist);
2578	2584	}
2579	2585	}
2580	2586	}
...	...
2647	2653	$rules .= "rdr on {$realif} inet proto tcp from any to ! <{$cpips}> port {$cprdrport} tagged {$rdrtag} -> {$cpip} port {$portalias}\n";
2648	2654	}
2649	2655	}
	2656	$cpip6 = get_interface_ipv6($cpifgrp);
	2657	if (is_ipaddrv6($cpip6)) {
	2658	foreach ($rdr_ports as list($portalias, $cprdrport)) {
	2659	$rules .= "rdr on {$realif} inet6 proto tcp from any to ! <{$cpips}> port {$cprdrport} tagged {$rdrtag} -> {$cpip6} port {$portalias}\n";
	2660	}
	2661	}
2650	2662	}
2651	2663	}
2652	2664	}
...	...
2694	2706	/* block non-authenticated clients access to internet */
2695	2707	$rules .= "block in quick on {$realif} from any to ! <{$cpips}> ! tagged {$authtag} ridentifier {$captiveportal_increment()}\n";
2696	2708	}
	2709	$cpip6 = get_interface_ipv6($cpifgrp);
	2710	if (is_ipaddrv6($cpip6)) {
	2711	foreach ($rdr_ports as list($portalias, $cprdrport)) { /* pass non-authenticated clients to captive portal */
	2712	$rules .= "pass in quick on {$realif} proto tcp from any to <{$cpips}> port {$portalias} ridentifier {$captiveportal_increment()} keep state(sloppy)\n";
	2713	/* without this rule captive portal doesn't show login page after manual disconnect */
	2714	$rules .= "pass out quick on {$realif} proto tcp from {$cpip6} port {$portalias} to any flags any ridentifier {$captiveportal_increment()} keep state(sloppy)\n";
	2715	/* Allowed IP/MAC passthrough */
	2716	$rules .= "pass in quick from any to any tagged {$passthrutag} ridentifier {$captiveportal_increment()} keep state\n";
	2717	}
	2718	/* block non-authenticated clients access to internet */
	2719	$rules .= "block in quick on {$realif} from any to ! <{$cpips}> ! tagged {$authtag} ridentifier {$captiveportal_increment()}\n";
	2720	}
2697	2721	}
2698	2722	}
2699	2723	}

« Previous
1
2
3
Next »

(3-3/3)

Project

General

Profile

pfSense

Feature #1831 » cp-ipv6-ugly.diff