block carp traffic to hosts self to avoid loops. fixes #598

pfsense · May 20, 2010 · 986a3ac · 986a3ac
1 parent 69490b5
commit 986a3ac
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
@@ -2500,6 +2500,7 @@ function filter_process_carp_rules() {
 	if(isset($config['installedpackages']['carp']['config']) &&
 			 $config['installedpackages']['carpsettings']['config'] <> "" or
 			 $config['virtualip']['vip'] <> "") {
+		$lines .= "block in log quick proto carp from (self) to any\n";
 		$lines .= "pass quick proto carp\n";
 		$lines .= "pass quick proto pfsync\n";
 	}