lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

IPSec / routed (VTI), we shouldn't add route-to rules for ipsec interfaces, but the same likely counts for all that's plugged in automatically. for https://github.com/opnsense/core/issues/2332

Browse Source
This commit is contained in:
Ad Schellevis 2019-03-05 17:04:22 +01:00
parent 139ef623dc
commit ee8fd03c33
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/etc/inc/filter.lib.inc
View File

@ -510,7 +510,7 @@ function filter_core_rules_system($fw, $defaults)
// This behaviour can be disabled, so settings can be customized using manual firewall rules.
if (empty($config['system']['pf_disable_force_gw'])) {
foreach ($fw->getInterfaceMapping() as $ifdescr => $ifcfg) {
if (!isset($ifcfg['virtual']) && $ifcfg['if'] != 'lo0') {
if (!isset($ifcfg['internal_dynamic']) && $ifcfg['if'] != 'lo0') {
$intf_has_v4 = false;
$intf_has_v6 = false;
foreach (legacy_getall_interface_addresses($ifcfg['if']) as $addr) {