Allow carp traffic on each interface.

1 files changed, 12 insertions, 1 deletions

diff --git a/packages/carp_rules.php b/packages/carp_rules.php
index 00cde66d..29919ccd 100644
--- a/packages/carp_rules.php
+++ b/packages/carp_rules.php
@@ -34,10 +34,22 @@ mwexec("/sbin/pfctl -a carp -Fr");
 
 /* carp records exist, lets process */
 $wan_interface = get_real_wan_interface();
+
+$i = 0;
+$ifdescrs = array('wan', 'lan');
+for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) {
+    $ifdescrs['opt' . $j] = "opt" . $j;
+}
+foreach ($ifdescrs as $ifdescr => $ifname) {
+    $interface = convert_friendly_interface_to_real_interface_name($ifname);
+    add_rule_to_anchor("carp", "pass quick on {$interface} proto carp keep state", $interface . "carp41");
+}
+
 foreach($config['installedpackages']['carp']['config'] as $carp) {
     $ip = $carp['ipaddress'];
     $int = find_ip_interface($ip);
     $carp_int = find_carp_interface($ip);
+    add_rule_to_anchor("carp", "pass quick on {$carp_int} proto carp from {$carp_int}:network to 224.0.0.18 keep state \(no-sync\)", $carp_int . "24");
     add_rule_to_anchor("carp", "pass out quick on {$carp_int} keep state", $carp_int . "1");
     add_rule_to_anchor("carp", "pass quick on {$carp_int} proto carp keep state", $carp_int . "41");
     if($int <> false and $int <> $wan_interface) {
@@ -51,6 +63,5 @@ foreach($config['installedpackages']['carpsettings']['config'] as $carp)
 $carp_sync_int = convert_friendly_interface_to_real_interface_name($carp['pfsyncinterface']);    
 if($carp_sync_int <> "") {
     add_rule_to_anchor("carp", "pass quick on {$carp_sync_int} keep state", $carp_sync_int . "3");
-    add_rule_to_anchor("carp", "pass quick on {$carp_sync_int} proto carp from {$carp_sync_int}:network to 224.0.0.18 keep state \(no-sync\)", $carp_sync_int . "2");
 }