Commit 23ea5bcf authored by djGrrr's avatar djGrrr

custom scrub rules need to be first

The custom scrub rules on the normalization settings page effectively
cannot be reached since the standard interface scrub rules are listed
first.

This patch swaps that order around so that custom scrub rules get
evaluated first.
parent c17a834f
...@@ -570,26 +570,7 @@ function filter_generate_scrubing(&$FilterIflist) ...@@ -570,26 +570,7 @@ function filter_generate_scrubing(&$FilterIflist)
$scrubrules = ''; $scrubrules = '';
/* scrub per interface options */ /* custom rules must be first */
if (empty($config['system']['scrub_interface_disable'])) {
foreach ($FilterIflist as $scrubif => $scrubcfg) {
if (isset($scrubcfg['virtual']) || empty($scrubcfg['descr'])) {
continue;
} else {
/* set up MSS clamping */
if (!empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) &&
!in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp'))) {
$mssclamp = "max-mss " . (intval($scrubcfg['mss'] - 40));
} else {
$mssclamp = '';
}
$scrubnodf = !empty($config['system']['scrubnodf']) ? "no-df" : "";
$scrubrnid = !empty($config['system']['scrubrnid']) ? "random-id" : "";
$scrubrules .= "scrub on \${$scrubcfg['descr']} all {$scrubnodf} {$scrubrnid} {$mssclamp}\n";
}
}
}
if (!empty($config['filter']['scrub']['rule'])) { if (!empty($config['filter']['scrub']['rule'])) {
foreach ($config['filter']['scrub']['rule'] as $scrub_rule) { foreach ($config['filter']['scrub']['rule'] as $scrub_rule) {
if (!isset($scrub_rule['disabled'])) { if (!isset($scrub_rule['disabled'])) {
...@@ -634,6 +615,26 @@ function filter_generate_scrubing(&$FilterIflist) ...@@ -634,6 +615,26 @@ function filter_generate_scrubing(&$FilterIflist)
} }
} }
/* scrub per interface options */
if (empty($config['system']['scrub_interface_disable'])) {
foreach ($FilterIflist as $scrubif => $scrubcfg) {
if (isset($scrubcfg['virtual']) || empty($scrubcfg['descr'])) {
continue;
} else {
/* set up MSS clamping */
if (!empty($scrubcfg['mss']) && is_numeric($scrubcfg['mss']) &&
!in_array($scrubcfg['if'], array('pppoe', 'pptp', 'l2tp'))) {
$mssclamp = "max-mss " . (intval($scrubcfg['mss'] - 40));
} else {
$mssclamp = '';
}
$scrubnodf = !empty($config['system']['scrubnodf']) ? "no-df" : "";
$scrubrnid = !empty($config['system']['scrubrnid']) ? "random-id" : "";
$scrubrules .= "scrub on \${$scrubcfg['descr']} all {$scrubnodf} {$scrubrnid} {$mssclamp}\n";
}
}
}
return $scrubrules; return $scrubrules;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment