Revision 3736da7f
Added by Marcos M almost 4 years ago
| src/usr/local/pfSense/include/www/firewall_nat.inc | ||
|---|---|---|
| 445 | 445 |
if ($natent['interface'] != $post['interface']) {
|
| 446 | 446 |
continue; |
| 447 | 447 |
} |
| 448 |
if ($natent['destination']['address'] != $post['dst']) {
|
|
| 448 |
if ((($post['srctype'] == "network") && ($natent['source']['address'] != ($post['src'] . $post['srcmask']))) || |
|
| 449 |
(($post['srctype'] != "network") && ($natent['source']['address'] != $post['src']))) {
|
|
| 449 | 450 |
continue; |
| 450 | 451 |
} |
| 451 |
if (($natent['proto'] != $post['proto']) && ($natent['proto'] != "tcp/udp") && ($post['proto'] != "tcp/udp")) {
|
|
| 452 |
if ((($post['dsttype'] == "network") && ($natent['destination']['address'] != ($post['dst'] . $post['dstmask']))) || |
|
| 453 |
(($post['dsttype'] != "network") && ($natent['destination']['address'] != $post['dst']))) {
|
|
| 454 |
continue; |
|
| 455 |
} |
|
| 456 |
if (($natent['protocol'] != $post['proto']) && |
|
| 457 |
(strtoupper($natent['protocol']) != "TCP/UDP") && (strtoupper($post['proto']) != "TCP/UDP")) {
|
|
| 452 | 458 |
continue; |
| 453 | 459 |
} |
| 454 | 460 |
|
Also available in: Unified diff
Correct NAT rule overlap detection. Fixes #11734