aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWarren Baker <warren@decoy.co.za>2011-11-14 15:43:09 +0200
committerWarren Baker <warren@decoy.co.za>2011-11-14 15:43:09 +0200
commite9a2c56d5643ddf94b457b59ab0073eb87846070 (patch)
tree6bb6fbf6e26262f6b95429bc4749c5e7bd72cf1a
parentb8abf619c5f53691d88a66b04356d3a4455312cb (diff)
downloadpfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.tar.gz
pfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.tar.bz2
pfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.zip
Dont add CARP Addresses to the allow list - they will be covered by the interface network
-rw-r--r--config/unbound/unbound.inc3
1 files changed, 3 insertions, 0 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc
index 9c2b75ee..292a2ae6 100644
--- a/config/unbound/unbound.inc
+++ b/config/unbound/unbound.inc
@@ -403,6 +403,9 @@ function unbound_resync_config() {
$unboundnetcfg = unbound_get_network_interface_addresses();
foreach($unboundnetcfg as $netent) {
foreach($netent as $entry) {
+ # If virtual interface then skip
+ if (!$entry['network'] && $entry['subnet'])
+ continue;
$unbound_bind_interfaces .="interface: {$entry['ipaddr']}\n";
if($entry['ipaddr'] != "127.0.0.1" && $entry['ipaddr'] != "::1" )
$unbound_allowed_networks .= "access-control: {$entry['network']}/{$entry['subnet']} allow\n";