(legacy) it feels kind of duplicate, but to avoid too much changes on how it...

(legacy) it feels kind of duplicate, but to avoid too much changes on how it works now let's keep the behavior approx. the same. (part 2)

src/etc/inc/auth.inc

@@ -148,20 +148,7 @@ if(function_exists("display_error_form") && !isset($config['system']['webgui']['
 					}
 
 			if(!$found_host) {
-				$interface_list_ips = get_configured_ip_addresses();
-				foreach($interface_list_ips as $ilips) {
-					if(strcasecmp($referrer_host, $ilips) == 0) {
-						$found_host = true;
-						break;
-					}
-				}
-				$interface_list_ipv6s = get_configured_ipv6_addresses();
-				foreach($interface_list_ipv6s as $ilipv6s) {
-					if(strcasecmp($referrer_host, $ilipv6s) == 0) {
-						$found_host = true;
-						break;
-					}
-				}
+				$found_host = isAuthLocalIP($referrer_host);
 				if($referrer_host == "127.0.0.1" || $referrer_host == "localhost") {
 					// allow SSH port forwarded connections and links from localhost
 					$found_host = true;
@@ -188,6 +175,42 @@ unset($security_passed);
 $groupindex = index_groups();
 $userindex = index_users();
 
+
+/**
+ * check if $http_host is a local configured ip address
+ */
+function isAuthLocalIP($http_host)
+{
+    global $config;
+    $local_ip = false;
+    $interface_list_ips = get_configured_ip_addresses();
+    foreach ($interface_list_ips as $ilips) {
+        if (strcasecmp($http_host, $ilips) == 0) {
+            $local_ip = true;
+            break;
+        }
+    }
+    if (!$local_ip) {
+        $interface_list_ipv6s = get_configured_ipv6_addresses();
+        foreach ($interface_list_ipv6s as $ilipv6s) {
+            if (strcasecmp($http_host, $ilipv6s) == 0) {
+                $local_ip = true;
+                break;
+            }
+        }
+        if (!$local_ip) {
+            if (isset($config['virtualip']['vip'])) {
+                foreach ($config['virtualip']['vip'] as $vip) {
+                    if ($vip['subnet'] == $http_host) {
+                        $local_ip = true;
+                    }
+                }
+            }
+        }
+    }
+		return $local_ip;
+}
+
 function index_groups()
 {
 	global $config, $groupindex;

src/etc/inc/authgui.inc

@@ -31,7 +31,6 @@
 */
 
 require_once("auth.inc");
-require_once("filter.inc");
 
 // provided via legacy_bindings.inc
 global $priv_list;
@@ -385,31 +384,10 @@ function display_login_form()
     }
 
     /* Check against locally configured IP addresses, which will catch when someone
-	   port forwards WebGUI access from WAN to an internal IP on the router. */
-    $FilterIflist = filter_generate_optcfg_array() ;
-    $local_ip = false;
-    if (strstr($_SERVER['HTTP_HOST'], ":")) {
-        $http_host_port = explode(":", $_SERVER['HTTP_HOST']);
-        $http_host = $http_host_port[0];
-    } else {
-        $http_host = $_SERVER['HTTP_HOST'];
-    }
-    foreach ($FilterIflist as $iflist) {
-        if ($iflist['ip'] == $http_host) {
-            $local_ip = true;
-        }
-        if ($iflist['ipv6'] == $http_host) {
-            $local_ip = true;
-        }
-    }
-
-    if (isset($config['virtualip']['vip'])) {
-        foreach ($config['virtualip']['vip'] as $vip) {
-            if ($vip['subnet'] == $http_host) {
-                $local_ip = true;
-            }
-        }
-    }
+       port forwards WebGUI access from WAN to an internal IP on the router. */
+    // fix, local ip check was previously done using "filter_generate_optcfg_array" which basically includes alomst everything here.
+    // this should do the trick as well.
+    $local_ip = isAuthLocalIP($http_host);
 
     if (isset($config['openvpn']['openvpn-server'])) {
         foreach ($config['openvpn']['openvpn-server'] as $ovpns) {