Permalink
Browse files

use logging on the block all v6 rules if default is log

  • Loading branch information...
1 parent e92e83d commit ac135e422b704e6e778b3cd9614da93c2349a851 Chris Buechler committed Mar 12, 2013
Showing with 7 additions and 6 deletions.
  1. +7 −6 etc/inc/filter.inc
View
@@ -2409,12 +2409,6 @@ function filter_rules_generate() {
$mt = microtime();
echo "filter_rules_generate() being called $mt\n";
}
-
- if(!isset($config['system']['ipv6allow'])) {
- $ipfrules .= "# Block all IPv6\n";
- $ipfrules .= "block in inet6 all label \"Block all IPv6\"\n";
- $ipfrules .= "block out inet6 all label \"Block all IPv6\"\n";
- }
$pptpdcfg = $config['pptpd'];
@@ -2433,6 +2427,13 @@ function filter_rules_generate() {
$log = "log";
else
$log = "";
+
+ if(!isset($config['system']['ipv6allow'])) {
+ $ipfrules .= "# Block all IPv6\n";
+ $ipfrules .= "block in {$log} quick inet6 all label \"Block all IPv6\"\n";
+ $ipfrules .= "block out {$log} quick inet6 all label \"Block all IPv6\"\n";
+ }
+
$ipfrules .= <<<EOD
#---------------------------------------------------------------------------
# default deny rules

0 comments on commit ac135e4

Please sign in to comment.