lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 11:04:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

firewall: actually use wan_stf, we need a hint from NtpRule #2546

Browse Source
This commit is contained in:
Franco Fichtner 2018-07-16 19:01:39 +02:00
parent 471149fac8
commit 6227bb9220
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/opnsense/mvc/app/library/OPNsense/Firewall/NptRule.php
View File

@ -77,7 +77,7 @@ class NptRule extends Rule
*/
private function parseNptRules()
{
foreach ($this->reader() as $rule) {
foreach ($this->reader('npt') as $rule) {
$rule['rule_type'] = "binat_1";
yield $rule;
$rule['rule_type'] = "binat_2";

7
src/opnsense/mvc/app/library/OPNsense/Firewall/Rule.php
View File

@ -152,9 +152,10 @@ abstract class Rule
/**
* rule reader, applies standard rule patterns
* @param string type of rule to be read
* @return iterator rules to generate
*/
protected function reader()
protected function reader($type = null)
{
$interfaces = empty($this->rule['interface']) ? array(null) : explode(',', $this->rule['interface']);
foreach ($interfaces as $interface) {
@ -162,13 +163,15 @@ abstract class Rule
$ipprotos = array('inet', 'inet6');
} elseif (isset($this->rule['ipprotocol'])) {
$ipprotos = array($this->rule['ipprotocol']);
} elseif (!empty($type) && $type = 'npt') {
$ipprotos = array('inet6');
} else {
$ipprotos = array(null);
}
foreach ($ipprotos as $ipproto) {
$rule = $this->rule;
if ($rule['ipprotocol'] == 'inet6' && !empty($this->interfaceMapping[$interface]['IPv6_override'])) {
if ($ipproto == 'inet6' && !empty($this->interfaceMapping[$interface]['IPv6_override'])) {
$rule['interface'] = $this->interfaceMapping[$interface]['IPv6_override'];
} else {
$rule['interface'] = $interface;