Project

General

Profile

« Previous | Next » 

Revision da637044

Added by Viktor Gurov over 4 years ago

IPv6 Port Forward 6RD/6to4 interface support. Feature #10984

View differences:

src/etc/inc/filter.inc
2457 2457 
				continue;
2458 2458 
			}
2459 2459 

  		




  
  2460
  
    
			if (($ipproto == 'inet6') && is_stf_interface($natif)) {


  		




  
  2461
  
    
				$rdrif = $natif . "_stf";


  		




  
  2462
  
    
			} else {


  		




  
  2463
  
    
				$rdrif = $FilterIflist[$natif]['if'];


  		




  
  2464
  
    
			}


  		




  
  2465
  
    

  		




  2460
  2466
  
    
			$srcaddr = filter_generate_address($rule, 'source', true);


  		




  2461
  2467
  
    
			$dstaddr = filter_generate_address($rule, 'destination', true);


  		




  2462
  2468
  
    
			$srcaddr = trim($srcaddr);


  		




  ......




  2521
  2527
  
    
			}


  		




  2522
  2528
  
    

  		




  2523
  2529
  
    
			if ($srcaddr <> "" && $dstaddr <> "" && $natif) {


  		




  2524
  
  
    
				$natrules .= "{$nordr}rdr {$rdrpass}on {$natif} {$ipproto} proto {$protocol} from {$srcaddr} to {$dstaddr}" . ($nordr == "" ? " -> {$target}{$localport}" : "");


  		




  
  2530
  
    
				$natrules .= "{$nordr}rdr {$rdrpass}on {$rdrif} {$ipproto} proto {$protocol} from {$srcaddr} to {$dstaddr}" . ($nordr == "" ? " -> {$target}{$localport}" : "");


  		




  2525
  2531
  
    

  		




  2526
  2532
  
    
				/* Does this rule redirect back to a internal host? */


  		




  2527
  2533
  
    
				if (isset($rule['destination']['any']) && !isset($rule['nordr']) && !isset($config['system']['enablenatreflectionhelper']) && !interface_has_gateway($rule['interface'])) {


  		




  ......




  2539
  2545
  
    
						 * See https://redmine.pfsense.org/issues/8604 */


  		




  2540
  2546
  
    
						if ((($ipproto == 'inet') && !empty(get_interface_ip($natif))) || 


  		




  2541
  2547
  
    
						    (($ipproto == 'inet6') && !empty(get_interface_ipv6($natif)))) {


  		




  2542
  
  
    
							$natrules .= "no nat on {$natif} {$ipproto} proto tcp from ({$natif}) to {$rule_subnet}/{$rule_interface_subnet}\n";


  		




  
  2548
  
    
							$natrules .= "no nat on {$rdrif} {$ipproto} proto tcp from ({$natif}) to {$rule_subnet}/{$rule_interface_subnet}\n";


  		




  2543
  2549
  
    
						}


  		




  2544
  
  
    
						$natrules .= "nat on {$natif} {$ipproto} proto tcp from {$rule_subnet}/{$rule_interface_subnet} to {$target} port {$dstport[0]} -> ({$natif})\n";


  		




  
  2550
  
    
						$natrules .= "nat on {$rdrif} {$ipproto} proto tcp from {$rule_subnet}/{$rule_interface_subnet} to {$target} port {$dstport[0]} -> ({$natif})\n";


  		




  2545
  2551
  
    
					}


  		




  2546
  2552
  
    
				}


  		




  2547
  2553
  
    

  		












Also available in:  Unified diff