mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-13 08:09:41 +00:00
Firewall / improve loopack visibility as suggested in https://github.com/opnsense/core/pull/4868
o cleanup remnants of previous loopback construction, which is redundant with 57bd1f2b05 in place
This commit is contained in:
Ad Schellevis
parent
fab56fa196
commit
bd26a58820
@ -211,7 +211,7 @@ function filter_core_rules_system($fw, $defaults)
|
||||
// block All IPv6 except loopback traffic
|
||||
$fw->registerFilterRule(
|
||||
1,
|
||||
array('interface' => 'loopback', 'ipprotocol' => 'inet6', 'disabled' => isset($config['system']['ipv6allow']),
|
||||
array('interface' => 'lo0', 'ipprotocol' => 'inet6', 'disabled' => isset($config['system']['ipv6allow']),
|
||||
'descr' => 'Pass all loopback IPv6', '#ref' => 'system_advanced_firewall.php#ipv6allow'),
|
||||
$defaults['pass']
|
||||
);
|
||||
@ -535,7 +535,7 @@ function filter_core_rules_system($fw, $defaults)
|
||||
}
|
||||
}
|
||||
// loopback
|
||||
$fw->registerFilterRule(5, array('interface' => 'loopback', 'descr' => 'pass loopback'), $defaults['pass']);
|
||||
$fw->registerFilterRule(5, array('interface' => 'lo0', 'descr' => 'pass loopback'), $defaults['pass']);
|
||||
// out from this Firewall
|
||||
$fw->registerFilterRule(
|
||||
5,
|
||||
|
||||
@ -76,9 +76,7 @@ class Plugin
|
||||
*/
|
||||
public function setInterfaceMapping(&$mapping)
|
||||
{
|
||||
$this->interfaceMapping = array();
|
||||
$this->interfaceMapping['loopback'] = array('if' => 'lo0', 'descr' => 'loopback');
|
||||
$this->interfaceMapping = array_merge($this->interfaceMapping, $mapping);
|
||||
$this->interfaceMapping = $mapping;
|
||||
// generate virtual IPv6 interfaces
|
||||
foreach ($this->interfaceMapping as $key => &$intf) {
|
||||
if (!empty($intf['ipaddrv6']) && ($intf['ipaddrv6'] == '6rd' || $intf['ipaddrv6'] == '6to4')) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user