From dbad45a3b383f101aa8925664433bb528f859f0c Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 8 Mar 2016 15:39:35 +0100
Subject: [PATCH] (trafficshaper) change meaning of direction + dual
 interfaces, doesn't match the correct traffic at the moment

---
 src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf b/src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf
index f6bc3e93e..317bb7b03 100644
--- a/src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf
+++ b/src/opnsense/service/templates/OPNsense/IPFW/ipfw.conf
@@ -153,20 +153,24 @@ add 60000 return via any
 %}
 {%                       if rule.interface2 and helpers.getNodeByTag('interfaces.'+rule.interface2) %}
 {#  2 interface defined, use both to match packets (2 rules)  #}
+{%                         if rule.direction == 'in' or rule.direction == 'both' %}
 add {{loop.index  + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{
     helpers.getUUID(rule.target).number }} {{ rule.proto.split('_')[0] }} from {{ rule.source }} to {{rule.destination
-    }} src-port  {{ rule.src_port }} dst-port {{ rule.dst_port }} {{rule.direction}} recv {{
+    }} src-port  {{ rule.src_port }} dst-port {{ rule.dst_port }} recv {{
     helpers.getNodeByTag('interfaces.'+rule.interface).if }} {%
     if rule.proto.split('_')[1]|default('') == 'ack' %} {{ rule.proto.split('_')[2]|default('') }} tcpflags ack {% endif
     %} xmit {{helpers.getNodeByTag('interfaces.'+rule.interface2).if
     }}
+{%                         endif %}
+{%                         if rule.direction == 'out' or rule.direction == 'both' %}
 add {{loop.index  + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{
     helpers.getUUID(rule.target).number }} {{ rule.proto.split('_')[0] }} from {{ rule.source }} to {{rule.destination
-    }} src-port  {{ rule.src_port }} dst-port {{ rule.dst_port }} {{rule.direction}} xmit {{
+    }} src-port  {{ rule.src_port }} dst-port {{ rule.dst_port }} xmit {{
     helpers.getNodeByTag('interfaces.'+rule.interface).if }} {%
     if rule.proto.split('_')[1]|default('') == 'ack' %} {{ rule.proto.split('_')[2]|default('') }} tcpflags ack {% endif
     %} recv {{helpers.getNodeByTag('interfaces.'+rule.interface2).if
     }}
+{%                         endif %}
 {%                       else %}
 {#  normal, single interface situation  #}
 add {{loop.index  + 60000}} {{ helpers.getUUIDtag(rule.target) }} {{