{#
  parse all active captive portal zones and create redirect rules where transparent mode is enabled
#}
{% for cp_zone in cp_interface_list %}
{% if cp_zone.obj.transparentHTTPProxy|default('0') == '1' %}
# HTTP redirect {{ cp_zone.zone }}
add 60005 skipto 65533 tcp from me to any dst-port 80 via {{ cp_zone.if }}
add 65532 fwd 127.0.0.1,{{ OPNsense.proxy.forward.port }} tcp from any to any dst-port 80 via {{ cp_zone.if }}
{% endif %}
{% if cp_zone.obj.transparentHTTPSProxy|default('0') == '1' %}
# HTTPS redirect {{ cp_zone.zone }}
add 60005 skipto 65533 tcp from me to any dst-port 443 via {{ cp_zone.if }}
add 65532 fwd 127.0.0.1,{{ OPNsense.proxy.forward.sslbumpport }} tcp from any to any dst-port 443 via {{ cp_zone.if }}
{% endif %}
{% endfor %}