Revision 66977fc7
Added by Ermal LUÇI almost 14 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 170 | 170 |
if (!is_ipaddr($gwip)) |
| 171 | 171 |
$gwip = get_interface_gateway($gateway['friendlyiface']); |
| 172 | 172 |
if (is_ipaddr($gwstatus['srcip'])) {
|
| 173 |
$cmd = "/sbin/pfctl -b {$gwstatus['srcip']} ";
|
|
| 173 |
$cmd = "/sbin/pfctl -b {$gwstatus['srcip']}/32 ";
|
|
| 174 | 174 |
if (is_ipaddr($gwip)) |
| 175 |
$cmd .= "-b {$gwip}";
|
|
| 175 |
$cmd .= "-b {$gwip}/32";
|
|
| 176 | 176 |
mwexec($cmd); |
| 177 | 177 |
} |
| 178 | 178 |
} |
Also available in: Unified diff
Ticket #1646. Put netmasks of /32 to the parameters of pfctl -b to avoid that ocassions it matches more than it should.