diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2005-02-23 02:49:31 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2005-02-23 02:49:31 +0000 |
commit | fec830db890e201caabc99507c2d1ba91d7603c9 (patch) | |
tree | 5a96d38b2e6e3b33e1a049542d3d4ba7809cffb5 | |
parent | f124332e9344165d9f1618ffb8e732e835710d65 (diff) | |
download | pfsense-packages-fec830db890e201caabc99507c2d1ba91d7603c9.tar.gz pfsense-packages-fec830db890e201caabc99507c2d1ba91d7603c9.tar.bz2 pfsense-packages-fec830db890e201caabc99507c2d1ba91d7603c9.zip |
Add a pass out rule for each carp interface. Use updated add_rule_to_anchor by passing a label too.
-rw-r--r-- | packages/carp_rules.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/packages/carp_rules.php b/packages/carp_rules.php index d3ace240..33256bed 100644 --- a/packages/carp_rules.php +++ b/packages/carp_rules.php @@ -36,10 +36,11 @@ foreach($config['installedpackages']['carp']['config'] as $carp) { $ip = $carp['ipaddress']; $int = find_ip_interface($ip); $carp_int = find_carp_interface($ip); + add_rule_to_anchor("firewallout", "pass out quick on {$carp_int} keep state", $carp_int) if($int <> false && $int <> $wan_interface) { $ipnet = convert_ip_to_network_format($ip, $carp['netmask']); $rule = "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n"; - add_rule_to_anchor("natrules", $rule); + add_rule_to_anchor("natrules", $rule, $ip); } } |