Revision bef7fb53
Added by Scott Ullrich over 20 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 668 | 668 |
return $natrule; |
| 669 | 669 |
} |
| 670 | 670 |
|
| 671 |
function is_one_to_one_or_server_nat_rule($target) {
|
|
| 671 |
function is_one_to_one_or_server_nat_rule($iptocheck) {
|
|
| 672 | 672 |
global $config; |
| 673 | 673 |
|
| 674 | 674 |
if($config['nat']['onetoone'] <> "") |
| 675 | 675 |
foreach($config['nat']['onetoone'] as $onetoone) {
|
| 676 |
if(ip_in_subnet($iptocheck,$onetoone['internal']."/".$onetoone['subnet']) == true) |
|
| 677 |
return true; |
|
| 676 | 678 |
if($onetoone['internal'] == $target) |
| 677 |
return TRUE;
|
|
| 679 |
return true;
|
|
| 678 | 680 |
} |
| 679 | 681 |
|
| 680 | 682 |
if($config['nat']['servernat'] <> "") |
| 681 | 683 |
foreach($config['nat']['servernat'] as $onetoone) {
|
| 684 |
$int = explode("/", $onetoone['ipaddr']);
|
|
| 685 |
if(ip_in_subnet($iptocheck,$onetoone['ipaddr']."/".$onetoone['subnet']) == true) |
|
| 686 |
return true; |
|
| 682 | 687 |
if($onetoone['ipaddr'] == $target) |
| 683 |
return TRUE;
|
|
| 688 |
return true;
|
|
| 684 | 689 |
} |
| 685 | 690 |
|
| 686 | 691 |
return FALSE; |
Also available in: Unified diff
Correctly deterimine when a rule is pointing to a servernet or 1:1 host and accomidate its wierd pf behavior.