lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 08:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Firewall: prevent gateway protocol mismatch from breaking the ruleset.

Browse Source
This commit is contained in:
Ad Schellevis 2020-03-13 17:55:13 +01:00
parent cda4e3561f
commit 893f2a4af9
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
View File

@ -174,6 +174,13 @@ class FilterRule extends Rule
$rule['disabled'] = true;
$this->log("Gateway down");
}
if (!empty($rule['gateway']) &&
!empty($this->gatewayMapping[$rule['gateway']]) &&
!empty($rule['ipprotocol']) &&
$this->gatewayMapping[$rule['gateway']]['proto'] != $rule['ipprotocol']) {
$rule['disabled'] = true;
$this->log("Gateway protocol mismatch");
}
if (!isset($rule['quick'])) {
// all rules are quick by default except floating
$rule['quick'] = !isset($rule['floating']) ? true : false;