lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1086 from djGrrr/master

Browse Source 
Put custom scrub rules first
This commit is contained in:
Ad Schellevis 2016-07-30 09:20:52 +02:00 committed by GitHub
commit dc63e03dff
1 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/etc/inc/filter.inc
View File

@ -570,26 +570,7 @@ function filter_generate_scrubing(&$FilterIflist)
$scrubrules = '';
/* scrub per interface options */
if (empty($config['system']['scrub_interface_disable'])) {
foreach ($FilterIflist as $scrubif => $scrubcfg) {
if (isset($scrubcfg['virtual']) || empty($scrubcfg['descr'])) {
continue;
} else {
/* set up MSS clamping */
if (!empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) &&
!in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp'))) {
$mssclamp = "max-mss " . (intval($scrubcfg['mss'] - 40));
} else {
$mssclamp = '';
}
$scrubnodf = !empty($config['system']['scrubnodf']) ? "no-df" : "";
$scrubrnid = !empty($config['system']['scrubrnid']) ? "random-id" : "";
$scrubrules .= "scrub on \${$scrubcfg['descr']} all {$scrubnodf} {$scrubrnid} {$mssclamp}\n";
}
}
}
/* custom rules must be first */
if (!empty($config['filter']['scrub']['rule'])) {
foreach ($config['filter']['scrub']['rule'] as $scrub_rule) {
if (!isset($scrub_rule['disabled'])) {
@ -634,6 +615,26 @@ function filter_generate_scrubing(&$FilterIflist)
}
}
/* scrub per interface options */
if (empty($config['system']['scrub_interface_disable'])) {
foreach ($FilterIflist as $scrubif => $scrubcfg) {
if (isset($scrubcfg['virtual']) || empty($scrubcfg['descr'])) {
continue;
} else {
/* set up MSS clamping */
if (!empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) &&
!in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp'))) {
$mssclamp = "max-mss " . (intval($scrubcfg['mss'] - 40));
} else {
$mssclamp = '';
}
$scrubnodf = !empty($config['system']['scrubnodf']) ? "no-df" : "";
$scrubrnid = !empty($config['system']['scrubrnid']) ? "random-id" : "";
$scrubrules .= "scrub on \${$scrubcfg['descr']} all {$scrubnodf} {$scrubrnid} {$mssclamp}\n";
}
}
}
return $scrubrules;
}