From 99c70a538a102e87f9ecb756b709226eb0ddfea5 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Wed, 23 Feb 2022 10:34:04 +0100
Subject: [PATCH] Firewall: Aliases - when using port type aliases the "enable"
 flag was ignored. closes https://github.com/opnsense/core/issues/5594

missed the rule part preventing empty port tables from being used in previous commit
---
 src/etc/inc/filter.inc | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 775e23ce1..c2c79a9a3 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -671,7 +671,11 @@ function filter_generate_aliases()
                 file_notice(sprintf(gettext('URL port aliases types not supported [%s]'), $aliased['name']));
                 break;
             case "port":
-                $tmp_ports = implode(" ", filter_core_get_port_alias($aliased['name'], array(), $aliasObject));
+                $tmp_ports = implode(" ", filter_core_get_port_alias($aliased['name'], [], $aliasObject));
+                if (empty($tmp_ports)) {
+                    // we can't create empty port tables, so when it's empty we should make sure it can't match
+                    $tmp_ports = "0 <> 65535";
+                }
                 $aliases .= "{$aliased['name']} = \"{ {$tmp_ports} }\"\n";
                 break;
             default: