diff options
author | Warren Baker <warren@decoy.co.za> | 2011-11-14 15:43:09 +0200 |
---|---|---|
committer | Warren Baker <warren@decoy.co.za> | 2011-11-14 15:43:09 +0200 |
commit | e9a2c56d5643ddf94b457b59ab0073eb87846070 (patch) | |
tree | 6bb6fbf6e26262f6b95429bc4749c5e7bd72cf1a /config/unbound/unbound.inc | |
parent | b8abf619c5f53691d88a66b04356d3a4455312cb (diff) | |
download | pfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.tar.gz pfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.tar.bz2 pfsense-packages-e9a2c56d5643ddf94b457b59ab0073eb87846070.zip |
Dont add CARP Addresses to the allow list - they will be covered by the interface network
Diffstat (limited to 'config/unbound/unbound.inc')
-rw-r--r-- | config/unbound/unbound.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc index 9c2b75ee..292a2ae6 100644 --- a/config/unbound/unbound.inc +++ b/config/unbound/unbound.inc @@ -403,6 +403,9 @@ function unbound_resync_config() { $unboundnetcfg = unbound_get_network_interface_addresses(); foreach($unboundnetcfg as $netent) { foreach($netent as $entry) { + # If virtual interface then skip + if (!$entry['network'] && $entry['subnet']) + continue; $unbound_bind_interfaces .="interface: {$entry['ipaddr']}\n"; if($entry['ipaddr'] != "127.0.0.1" && $entry['ipaddr'] != "::1" ) $unbound_allowed_networks .= "access-control: {$entry['network']}/{$entry['subnet']} allow\n"; |