aboutsummaryrefslogtreecommitdiffstats
path: root/packages/carp_rules.php
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2005-03-11 16:55:05 +0000
committerScott Ullrich <sullrich@pfsense.org>2005-03-11 16:55:05 +0000
commiteb9c969adc1974ce0219f51b58eae6aede388be3 (patch)
treef567d3ddb2764168634c31ea88a49a21fee50dea /packages/carp_rules.php
parente8bdfb9b83a052c1780c2bbe5cb46220e428d262 (diff)
downloadpfsense-packages-eb9c969adc1974ce0219f51b58eae6aede388be3.tar.gz
pfsense-packages-eb9c969adc1974ce0219f51b58eae6aede388be3.tar.bz2
pfsense-packages-eb9c969adc1974ce0219f51b58eae6aede388be3.zip
Allow pfsync0 to talk.
Diffstat (limited to 'packages/carp_rules.php')
-rw-r--r--packages/carp_rules.php8
1 files changed, 5 insertions, 3 deletions
diff --git a/packages/carp_rules.php b/packages/carp_rules.php
index 20fd5988..7ae0e893 100644
--- a/packages/carp_rules.php
+++ b/packages/carp_rules.php
@@ -28,14 +28,17 @@
*/
/* return if there are no carp configured items */
-if($config['installedpackages']['carp']['config']) return;
+//if($config['installedpackages']['carp']['config']) return;
+
mwexec("/sbin/pfctl -a carp -Fr");
+
/* carp records exist, lets process */
$wan_interface = get_real_wan_interface();
foreach($config['installedpackages']['carp']['config'] as $carp) {
$ip = $carp['ipaddress'];
$int = find_ip_interface($ip);
$carp_int = find_carp_interface($ip);
+ $carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);
add_rule_to_anchor("carp", "pass out quick on {$carp_int} keep state", $carp_int . "1");
if($int <> false and $int <> $wan_interface) {
$ipnet = convert_ip_to_network_format($ip, $carp['netmask']);
@@ -43,10 +46,9 @@ foreach($config['installedpackages']['carp']['config'] as $carp) {
add_rule_to_anchor("natrules", $rule, $ip);
}
}
-$carp_sync_int = convert_friendly_interface_to_real_interface_name($config['installedpackages']['carpsettings']['config']['pfsyncinterface']);
+add_rule_to_anchor("carp", "pass quick on pfsync0", "pfsync0" . "3");
if($carp_sync_int <> "") {
add_rule_to_anchor("carp", "pass quick on {$carp_sync_int}", $carp_sync_int . "3");
- add_rule_to_anchor("carp", "pass quick on pfsync0", "pfsync0" . "3");
add_rule_to_anchor("carp", "pass quick on {$carp_sync_int} proto carp from {$carp_sync_int}:network to 224.0.0.18 keep state \(no-sync\)", $carp_sync_int . "2");
}