inc/filter: do not hardcode the target IP in auto NAT rules

Suggested by: Jim Thompson <jim@netgate.com>

inc/filter: do not hardcode the target IP in auto NAT rules
Suggested by: Jim Thompson <jim@netgate.com>
804a22fa · Franco Fichtner · 2811402f · 804a22fa
Commit 804a22fa authored Mar 07, 2015 by Franco Fichtner
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 9 deletions

filter.inc src/etc/inc/filter.inc +15 -9

No files found.
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -1406,21 +1406,26 @@ function filter_nat_rules_automatic_tonathosts($with_descr = false) {
 		return $tonathosts;
 }

-function filter_nat_rules_outbound_automatic($src) {
+function filter_nat_rules_outbound_automatic($src)
+{
 	global $config, $FilterIflist;

 	$rules = array();
+
 	foreach ($FilterIflist as $if => $ifcfg) {
-		if (substr($ifcfg['if'], 0, 4) == "ovpn")
+		if (substr($ifcfg['if'], 0, 4) == 'ovpn') {
 			continue;
-		if (!interface_has_gateway($if))
+		}
+
+		if (!interface_has_gateway($if)) {
 			continue;
+		}

 		$natent = array();
 		$natent['interface'] = $if;
 		$natent['source']['network'] = $src;
-		$natent['dstport'] = "500";
-		$natent['target'] = $ifcfg['ip'];
+		$natent['dstport'] = '500';
+		$natent['target'] = '';
 		$natent['destination']['any'] = true;
 		$natent['staticnatport'] = true;
 		$natent['descr'] = gettext('Auto created rule for ISAKMP');
@@ -1429,13 +1434,14 @@ function filter_nat_rules_outbound_automatic($src) {
 		$natent = array();
 		$natent['interface'] = $if;
 		$natent['source']['network'] = $src;
-		$natent['sourceport'] = "";
-		$natent['target'] = $ifcfg['ip'];
+		$natent['sourceport'] = '';
+		$natent['target'] = '';
 		$natent['destination']['any'] = true;
-		$natent['natport'] = "";
+		$natent['natport'] = '';
 		$natent['descr'] = gettext('Auto created rule');
-		if (isset($ifcfg['nonat']))
+		if (isset($ifcfg['nonat'])) {
 			$natent['nonat'] = true;
+		}
 		$rules[] = $natent;
 	}