diff --git a/EduNetworkBuilder/NetworkCard.cs b/EduNetworkBuilder/NetworkCard.cs index 689052d..ce3b134 100644 --- a/EduNetworkBuilder/NetworkCard.cs +++ b/EduNetworkBuilder/NetworkCard.cs @@ -596,6 +596,27 @@ namespace EduNetworkBuilder case NicType.vpn: foreach (NetworkInterface nf in interfaces.ToList()) { + //make sure the firewall allows this. + if (tPacket.WhereAmI != null && tPacket.WhereAmI is NetworkDevice) + { + NetworkDevice ND = (NetworkDevice)tPacket.WhereAmI; + if (tPacket.InboundInterface != null && nf != null && !ND.FirewallAllows(tPacket.InboundInterface.nic_name, nf.nic_name)) + { + //The firewall might block it. Check to see if it is a response packet + ResponseToPacket rtp = ND.HowToRespondToPacket(tPacket); + if (rtp != ResponseToPacket.accept) + { + //If we are here, the packet is rejected. + string message = string.Format(NB.Translate("P_FirewallDropped"), ND.hostname); + tPacket.AddMessage(DebugLevel.filtering, message); + tPacket.Tracking.Status = message; + tPacket.Tracking.AddMessage(DebugLevel.info, ND, message); + tPacket.AddMessage(DebugLevel.info, message); + tPacket.MyStatus = PacketStatus.finished_ok; + break; + } + } + } if (nf.isLocal(tPacket.OutboundIP, false)) { //We need to tell the original packet that it is inside another packet