/usr/local/www/firewall_nat.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat.php @ 0027de0a

1	340e6dca	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_nat.php
5	c55b323d	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6			All rights reserved.
7	340e6dca	Scott Ullrich
8	c55b323d	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11	340e6dca	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	340e6dca	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	340e6dca	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	340e6dca	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-firewall-nat-portforward
36			##\|*NAME=Firewall: NAT: Port Forward page
37			##\|*DESCR=Allow access to the 'Firewall: NAT: Port Forward' page.
38			##\|MATCH=firewall_nat.php
39			##\|-PRIV
40
41
42	5b237745	Scott Ullrich	require("guiconfig.inc");
43
44	e8c2c890	Bill Marquette	if (!is_array($config['nat']['rule']))
45	5b237745	Scott Ullrich	$config['nat']['rule'] = array();
46	fbe94068	Scott Ullrich
47	5b237745	Scott Ullrich	$a_nat = &$config['nat']['rule'];
48
49	514dbaf8	Scott Ullrich	/* if a custom message has been passed along, lets process it */
50			if ($_GET['savemsg'])
51			$savemsg = $_GET['savemsg'];
52
53	5b237745	Scott Ullrich	if ($_POST) {
54
55			$pconfig = $_POST;
56
57			if ($_POST['apply']) {
58	e8c2c890	Bill Marquette
59			write_config();
60
61	5b237745	Scott Ullrich	$retval = 0;
62	7a6c350f	Scott Ullrich
63	b2774343	Scott Ullrich	if(stristr($retval, "error") <> true)
64	2a71debf	Scott Ullrich	$savemsg = get_std_save_message($retval);
65			else
66			$savemsg = $retval;
67	340e6dca	Scott Ullrich
68	7d04082e	Scott Ullrich	unlink_if_exists("/tmp/config.cache");
69	e2c9ef13	Scott Ullrich	$retval \|= filter_configure();
70	7d04082e	Scott Ullrich
71	5b237745	Scott Ullrich	if ($retval == 0) {
72			if (file_exists($d_natconfdirty_path))
73			unlink($d_natconfdirty_path);
74			if (file_exists($d_filterconfdirty_path))
75			unlink($d_filterconfdirty_path);
76			}
77	7d04082e	Scott Ullrich
78	5b237745	Scott Ullrich	}
79			}
80
81	00bcbdd0	Bill Marquette	if (isset($_POST['del_x'])) {
82	4b9a670c	Scott Ullrich	/* delete selected rules */
83			if (is_array($_POST['rule']) && count($_POST['rule'])) {
84			foreach ($_POST['rule'] as $rulei) {
85	049a688e	Ermal Lu?i	$target = $rule['target'];
86	4b9a670c	Scott Ullrich	unset($a_nat[$rulei]);
87			}
88			write_config();
89			touch($d_natconfdirty_path);
90			header("Location: firewall_nat.php");
91			exit;
92			}
93	00bcbdd0	Bill Marquette
94			} else {
95			/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
96			unset($movebtn);
97			foreach ($_POST as $pn => $pd) {
98			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
99			$movebtn = $matches[1];
100			break;
101			}
102			}
103			/* move selected rules before this rule */
104			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
105			$a_nat_new = array();
106
107			/* copy all rules < $movebtn and not selected */
108			for ($i = 0; $i < $movebtn; $i++) {
109			if (!in_array($i, $_POST['rule']))
110			$a_nat_new[] = $a_nat[$i];
111			}
112
113			/* copy all selected rules */
114			for ($i = 0; $i < count($a_nat); $i++) {
115			if ($i == $movebtn)
116			continue;
117			if (in_array($i, $_POST['rule']))
118			$a_nat_new[] = $a_nat[$i];
119			}
120
121			/* copy $movebtn rule */
122			if ($movebtn < count($a_nat))
123			$a_nat_new[] = $a_nat[$movebtn];
124
125			/* copy all rules > $movebtn and not selected */
126			for ($i = $movebtn+1; $i < count($a_nat); $i++) {
127			if (!in_array($i, $_POST['rule']))
128			$a_nat_new[] = $a_nat[$i];
129			}
130			$a_nat = $a_nat_new;
131			write_config();
132			touch($d_natconfdirty_path);
133			header("Location: firewall_nat.php");
134			exit;
135			}
136	5b237745	Scott Ullrich	}
137	00bcbdd0	Bill Marquette
138	d88c6a9f	Scott Ullrich	$pgtitle = array("Firewall","NAT","Port Forward");
139	6eb17647	Scott Ullrich	include("head.inc");
140
141	2a9db752	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
142			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
143			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
144			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
145
146	24f600b0	Scott Ullrich	?>
147	a8726a3d	Scott Ullrich	<body link="#000000" vlink="#000000" alink="#000000">
148	5b237745	Scott Ullrich	<?php include("fbegin.inc"); ?>
149	00bcbdd0	Bill Marquette	<form action="firewall_nat.php" method="post" name="iform">
150	625dcc40	Bill Marquette	<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js"></script>
151	5b237745	Scott Ullrich	<?php if (file_exists($d_natconfdirty_path)): ?><p>
152	514dbaf8	Scott Ullrich	<?php
153			if($savemsg)
154			print_info_box_np("{$savemsg}<br>The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
155			else
156			print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
157			?>
158	5b237745	Scott Ullrich	<?php endif; ?>
159			<table width="100%" border="0" cellpadding="0" cellspacing="0">
160			<tr><td>
161	a8726a3d	Scott Ullrich	<?php
162			$tab_array = array();
163	1425e067	Bill Marquette	$tab_array[] = array("Port Forward", true, "firewall_nat.php");
164			$tab_array[] = array("1:1", false, "firewall_nat_1to1.php");
165			$tab_array[] = array("Outbound", false, "firewall_nat_out.php");
166	a8726a3d	Scott Ullrich	display_top_tabs($tab_array);
167			?>
168			</td></tr>
169	340e6dca	Scott Ullrich	<tr>
170	d732f186	Bill Marquette	<td>
171			<div id="mainarea">
172			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
173	00bcbdd0	Bill Marquette	<tr id="frheader">
174			<td width="3%" class="list"> </td>
175			<td width="3%" class="list"> </td>
176	5b237745	Scott Ullrich	<td width="5%" class="listhdrr">If</td>
177			<td width="5%" class="listhdrr">Proto</td>
178			<td width="20%" class="listhdrr">Ext. port range</td>
179			<td width="20%" class="listhdrr">NAT IP</td>
180			<td width="20%" class="listhdrr">Int. port range</td>
181			<td width="20%" class="listhdr">Description</td>
182	d415d821	Seth Mos	<td width="5%" class="list">
183			<table border="0" cellspacing="0" cellpadding="1">
184			<tr>
185			<td width="17"></td>
186			<td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
187			</tr>
188			</table>
189			</td>
190	00bcbdd0	Bill Marquette	</tr>
191			<?php $nnats = $i = 0; foreach ($a_nat as $natent): ?>
192	40b56dc1	Scott Ullrich	<?php
193	2a9db752	Scott Dale
194			//build Alias popup box
195			$span_begin = "";
196			$span_end = "";
197			$alias_src_port_span_begin = "";
198			$alias_dst_span_begin = "";
199			$alias_dst_port_span_begin = "";
200
201			list($beginport, $endport) = split("-", $natent['external-port']);
202
203			$alias_popup = rule_popup("",$beginport,$natent['target'],$natent['local-port']);
204			$span_end = "</U></span>";
205
206
207			$alias_src_port_span_begin = $alias_popup["srcport"];
208
209			$alias_dst_span_begin = $alias_popup["dst"];
210
211			$alias_dst_port_span_begin = $alias_popup["dstport"];
212
213
214
215
216	40b56dc1	Scott Ullrich	/* if user does not have access to edit an interface skip on to the next record */
217			if(!have_natpfruleint_access($natent['interface']))
218			continue;
219			?>
220	00bcbdd0	Bill Marquette	<tr valign="top" id="fr<?=$nnats;?>">
221			<td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
222			<td class="listt" align="center"></td>
223	b8a0de00	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
224	8b1fab53	Scott Ullrich	<?php
225	00bcbdd0	Bill Marquette	if (!$natent['interface'] \|\| ($natent['interface'] == "wan"))
226			echo "WAN";
227	7a6c350f	Scott Ullrich	else if(strtolower($natent['interface']) == "lan")
228	3e33bb10	Scott Ullrich	echo "LAN";
229	00bcbdd0	Bill Marquette	else
230	3e33bb10	Scott Ullrich	echo strtoupper($config['interfaces'][$natent['interface']]['descr']);
231	00bcbdd0	Bill Marquette	?>
232	5b237745	Scott Ullrich	</td>
233	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
234	5b237745	Scott Ullrich	<?=strtoupper($natent['protocol']);?>
235			</td>
236	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
237	340e6dca	Scott Ullrich	<?php
238	5b237745	Scott Ullrich	list($beginport, $endport) = split("-", $natent['external-port']);
239			if ((!$endport) \|\| ($beginport == $endport)) {
240	2a9db752	Scott Dale	echo $alias_src_port_span_begin;
241	5b237745	Scott Ullrich	echo $beginport;
242			if ($wkports[$beginport])
243			echo " (" . $wkports[$beginport] . ")";
244	d04221dc	Scott Ullrich	else
245			echo " ";
246	2a9db752	Scott Dale	echo $span_end;
247	5b237745	Scott Ullrich	} else
248			echo $beginport . " - " . $endport;
249			?>
250			</td>
251	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
252	2a9db752	Scott Dale	<?php echo $alias_dst_span_begin;?><?=$natent['target'];?><?php echo $span_end;?>
253	5b237745	Scott Ullrich	<?php if ($natent['external-address'])
254			echo "<br>(ext.: " . $natent['external-address'] . ")";
255	89cf7eba	Scott Ullrich	else
256			echo "<br>(ext.: " . find_interface_ip(convert_friendly_interface_to_real_interface_name($natent['interface'])) . ")";
257	5b237745	Scott Ullrich	?>
258			</td>
259	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
260	5b237745	Scott Ullrich	<?php if ((!$endport) \|\| ($beginport == $endport)) {
261	2a9db752	Scott Dale	echo $alias_dst_port_span_begin;
262			echo $natent['local-port'];
263	5b237745	Scott Ullrich	if ($wkports[$natent['local-port']])
264			echo " (" . $wkports[$natent['local-port']] . ")";
265	d04221dc	Scott Ullrich	else
266			echo " ";
267	2a9db752	Scott Dale	echo $span_end;
268	5b237745	Scott Ullrich	} else
269	340e6dca	Scott Ullrich	echo $natent['local-port'] . " - " .
270	5b237745	Scott Ullrich	($natent['local-port']+$endport-$beginport);
271			?>
272			</td>
273	8b1fab53	Scott Ullrich	<td class="listbg" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
274	5b237745	Scott Ullrich	<?=htmlspecialchars($natent['descr']);?>
275			</td>
276	00bcbdd0	Bill Marquette	<td valign="middle" class="list" nowrap>
277			<table border="0" cellspacing="0" cellpadding="1">
278			<tr>
279	f057bae4	Bill Marquette	<td><a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit rule"></a></td>
280	00bcbdd0	Bill Marquette	</tr>
281			<tr>
282	677c0869	Erik Kristensen	<td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="move selected rules before this rule" height="17" type="image" width="17" border="0"></td>
283			<td><a href="firewall_nat_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new nat based on this one" width="17" height="17" border="0"></a></td>
284	00bcbdd0	Bill Marquette	</tr>
285			</table>
286			</tr>
287			<?php $i++; $nnats++; endforeach; ?>
288	340e6dca	Scott Ullrich	<tr>
289	00bcbdd0	Bill Marquette	<td class="list" colspan="8"></td>
290			<td class="list" valign="middle" nowrap>
291			<table border="0" cellspacing="0" cellpadding="1">
292			<tr>
293	677c0869	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php endif; ?></td>
294			<td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
295	00bcbdd0	Bill Marquette	</tr>
296			<tr>
297	a99e956f	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected mappings" onclick="return confirm('Do you really want to delete the selected mappings?')"><?php endif; ?></td>
298	00bcbdd0	Bill Marquette	</tr>
299	d415d821	Seth Mos	</table>
300			</td>
301	d732f186	Bill Marquette	</tr>
302			</table>
303			</div>
304			</td>
305	5b237745	Scott Ullrich	</tr>
306			</table>
307	3d335c4d	Scott Ullrich
308			<?php
309			if ($pkg['tabs'] <> "") {
310			echo "</td></tr></table>";
311			}
312			?>
313
314			</form>
315	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
316			</body>
317			</html>

Project

General

Profile

pfSense