From bd26a58820716c0f412ed8917f9259d87c5a587b Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Fri, 26 Mar 2021 22:16:53 +0100
Subject: [PATCH] Firewall / improve loopack visibility as suggested in
 https://github.com/opnsense/core/pull/4868

o cleanup remnants of previous loopback construction, which is redundant with https://github.com/opnsense/core/commit/57bd1f2b05b75e0d7b0da1a9cd082ce3a9ce290f in place
---
 src/etc/inc/filter.lib.inc                                | 4 ++--
 src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php | 4 +---
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/etc/inc/filter.lib.inc b/src/etc/inc/filter.lib.inc
index a7d0a6d68..9dada6872 100644
--- a/src/etc/inc/filter.lib.inc
+++ b/src/etc/inc/filter.lib.inc
@@ -211,7 +211,7 @@ function filter_core_rules_system($fw, $defaults)
     // block All IPv6 except loopback traffic
     $fw->registerFilterRule(
         1,
-        array('interface' => 'loopback', 'ipprotocol' => 'inet6', 'disabled' => isset($config['system']['ipv6allow']),
+        array('interface' => 'lo0', 'ipprotocol' => 'inet6', 'disabled' => isset($config['system']['ipv6allow']),
           'descr' => 'Pass all loopback IPv6', '#ref' => 'system_advanced_firewall.php#ipv6allow'),
         $defaults['pass']
     );
@@ -535,7 +535,7 @@ function filter_core_rules_system($fw, $defaults)
         }
     }
     // loopback
-    $fw->registerFilterRule(5, array('interface' => 'loopback', 'descr' => 'pass loopback'), $defaults['pass']);
+    $fw->registerFilterRule(5, array('interface' => 'lo0', 'descr' => 'pass loopback'), $defaults['pass']);
     // out from this Firewall
     $fw->registerFilterRule(
         5,
diff --git a/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php b/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php
index 665d8263a..4d4f90fdb 100644
--- a/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/Plugin.php
@@ -76,9 +76,7 @@ class Plugin
      */
     public function setInterfaceMapping(&$mapping)
     {
-        $this->interfaceMapping = array();
-        $this->interfaceMapping['loopback'] = array('if' => 'lo0', 'descr' => 'loopback');
-        $this->interfaceMapping = array_merge($this->interfaceMapping, $mapping);
+        $this->interfaceMapping = $mapping;
         // generate virtual IPv6 interfaces
         foreach ($this->interfaceMapping as $key => &$intf) {
             if (!empty($intf['ipaddrv6']) && ($intf['ipaddrv6'] == '6rd' || $intf['ipaddrv6'] == '6to4')) {