allow firewall rules to affect outbound VPN connections.

This commit is contained in:
Tim Young 2017-08-31 09:43:44 -05:00
parent f52d1241b8
commit f437c07ce5

View File

@ -596,6 +596,27 @@ namespace EduNetworkBuilder
case NicType.vpn: case NicType.vpn:
foreach (NetworkInterface nf in interfaces.ToList()) foreach (NetworkInterface nf in interfaces.ToList())
{ {
//make sure the firewall allows this.
if (tPacket.WhereAmI != null && tPacket.WhereAmI is NetworkDevice)
{
NetworkDevice ND = (NetworkDevice)tPacket.WhereAmI;
if (tPacket.InboundInterface != null && nf != null && !ND.FirewallAllows(tPacket.InboundInterface.nic_name, nf.nic_name))
{
//The firewall might block it. Check to see if it is a response packet
ResponseToPacket rtp = ND.HowToRespondToPacket(tPacket);
if (rtp != ResponseToPacket.accept)
{
//If we are here, the packet is rejected.
string message = string.Format(NB.Translate("P_FirewallDropped"), ND.hostname);
tPacket.AddMessage(DebugLevel.filtering, message);
tPacket.Tracking.Status = message;
tPacket.Tracking.AddMessage(DebugLevel.info, ND, message);
tPacket.AddMessage(DebugLevel.info, message);
tPacket.MyStatus = PacketStatus.finished_ok;
break;
}
}
}
if (nf.isLocal(tPacket.OutboundIP, false)) if (nf.isLocal(tPacket.OutboundIP, false))
{ {
//We need to tell the original packet that it is inside another packet //We need to tell the original packet that it is inside another packet