/usr/local/www/firewall_nat_out.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat_out.php @ 0dc05b20

1	19ae0929	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	858f313d	Renato Botelho	firewall_nat_out.php
5			Copyright (C) 2004 Scott Ullrich
6			All rights reserved.
7
8			originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11
12			Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14
15			1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17
18			2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21
22			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33	7ac5a4cb	Scott Ullrich	/*
34			pfSense_MODULE: nat
35			*/
36	5b237745	Scott Ullrich
37	6b07c15a	Matthew Grooms	##\|+PRIV
38			##\|*IDENT=page-firewall-nat-outbound
39			##\|*NAME=Firewall: NAT: Outbound page
40			##\|*DESCR=Allow access to the 'Firewall: NAT: Outbound' page.
41			##\|MATCH=firewall_nat_out.php
42			##\|-PRIV
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7a927e67	Scott Ullrich	require_once("functions.inc");
46			require_once("filter.inc");
47			require_once("shaper.inc");
48	5b237745	Scott Ullrich
49	6f61fea6	Renato Botelho	global $FilterIflist;
50	2154560d	Ermal	global $GatewaysList;
51	6f61fea6	Renato Botelho
52	eef01b14	Renato Botelho	if (!is_array($config['nat']['outbound']))
53			$config['nat']['outbound'] = array();
54	c44d3cf7	Ermal Lu?i
55	eef01b14	Renato Botelho	if (!is_array($config['nat']['outbound']['rule']))
56			$config['nat']['outbound']['rule'] = array();
57	19ae0929	Scott Ullrich
58	eef01b14	Renato Botelho	$a_out = &$config['nat']['outbound']['rule'];
59	5b237745	Scott Ullrich
60	bef388a7	Renato Botelho	if (!isset($config['nat']['outbound']['mode']))
61			$config['nat']['outbound']['mode'] = "automatic";
62
63			$mode = $config['nat']['outbound']['mode'];
64
65	82d0dfc4	Scott Ullrich	if ($_POST['apply']) {
66			write_config();
67	5b237745	Scott Ullrich
68	82d0dfc4	Scott Ullrich	$retval = 0;
69	920b3bb0	Scott Ullrich	$retval \|= filter_configure();
70
71	e8c2c890	Bill Marquette	if(stristr($retval, "error") <> true)
72			$savemsg = get_std_save_message($retval);
73			else
74			$savemsg = $retval;
75	19ae0929	Scott Ullrich
76	82d0dfc4	Scott Ullrich	if ($retval == 0) {
77	a368a026	Ermal Lu?i	clear_subsystem_dirty('natconf');
78			clear_subsystem_dirty('filter');
79	858f313d	Renato Botelho	}
80	5b237745	Scott Ullrich	}
81
82	82d0dfc4	Scott Ullrich	if (isset($_POST['save']) && $_POST['save'] == "Save") {
83	53bf5f1d	Seth Mos	/* mutually exclusive settings - if user wants advanced NAT, we don't generate automatic rules */
84	aef6978d	Renato Botelho	if ($_POST['mode'] == "advanced" && ($mode == "automatic" \|\| $mode == "hybrid")) {
85	eef01b14	Renato Botelho	/*
86			* user has enabled advanced outbound NAT and doesn't have rules
87			* lets automatically create entries
88			* for all of the interfaces to make life easier on the pip-o-chap
89			*/
90	6f61fea6	Renato Botelho	if(empty($FilterIflist))
91			filter_generate_optcfg_array();
92	2154560d	Ermal	if(empty($GatewaysList))
93			filter_generate_gateways();
94	6f61fea6	Renato Botelho	$tonathosts = filter_nat_rules_automatic_tonathosts(true);
95			$automatic_rules = filter_nat_rules_outbound_automatic("");
96
97			foreach ($tonathosts as $tonathost) {
98			foreach ($automatic_rules as $natent) {
99			$natent['source']['network'] = $tonathost['subnet'];
100			$natent['descr'] .= sprintf(gettext(' - %1$s to %2$s'),
101			$tonathost['descr'],
102			convert_real_interface_to_friendly_descr($natent['interface']));
103	eef01b14	Renato Botelho	$natent['created'] = make_config_revision_entry(null, gettext("Manual Outbound NAT Switch"));
104	aef6978d	Renato Botelho
105			/* Try to detect already auto created rules and avoid duplicate them */
106			$found = false;
107			foreach ($a_out as $rule) {
108			if ($rule['interface'] == $natent['interface'] &&
109			$rule['source']['network'] == $natent['source']['network'] &&
110			$rule['dstport'] == $natent['dstport'] &&
111			$rule['target'] == $natent['target'] &&
112			$rule['descr'] == $natent['descr']) {
113			$found = true;
114			break;
115			}
116			}
117
118			if ($found === false)
119			$a_out[] = $natent;
120	eef01b14	Renato Botelho	}
121	82d0dfc4	Scott Ullrich	}
122	eef01b14	Renato Botelho	$savemsg = gettext("Default rules for each interface have been created.");
123	2154560d	Ermal	unset($FilterIflist, $GatewaysList);
124	82d0dfc4	Scott Ullrich	}
125	eef01b14	Renato Botelho
126			$config['nat']['outbound']['mode'] = $_POST['mode'];
127
128	3a343d73	jim-p	if (write_config())
129			mark_subsystem_dirty('natconf');
130	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
131			exit;
132	fe693b89	Bill Marquette	}
133
134	dd65598e	Darren Embry	if ($_GET['act'] == "del") {
135			if ($a_out[$_GET['id']]) {
136			unset($a_out[$_GET['id']]);
137	3a343d73	jim-p	if (write_config())
138			mark_subsystem_dirty('natconf');
139	dd65598e	Darren Embry	header("Location: firewall_nat_out.php");
140			exit;
141			}
142			}
143
144	9c96aff5	Bill Marquette	if (isset($_POST['del_x'])) {
145	858f313d	Renato Botelho	/* delete selected rules */
146			if (is_array($_POST['rule']) && count($_POST['rule'])) {
147			foreach ($_POST['rule'] as $rulei) {
148			unset($a_out[$rulei]);
149			}
150	3a343d73	jim-p	if (write_config())
151			mark_subsystem_dirty('natconf');
152	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
153			exit;
154			}
155	9c96aff5	Bill Marquette
156	6ae8c4f2	PiBa-NL	} else if ($_GET['act'] == "toggle") {
157			if ($a_out[$_GET['id']]) {
158			if(isset($a_out[$_GET['id']]['disabled']))
159			unset($a_out[$_GET['id']]['disabled']);
160			else
161			$a_out[$_GET['id']]['disabled'] = true;
162			if (write_config("Firewall: NAT: Outbound, enable/disable NAT rule"))
163			mark_subsystem_dirty('natconf');
164			header("Location: firewall_nat_out.php");
165			exit;
166			}
167	9c96aff5	Bill Marquette	} else {
168	858f313d	Renato Botelho	/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
169			unset($movebtn);
170			foreach ($_POST as $pn => $pd) {
171			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
172			$movebtn = $matches[1];
173			break;
174			}
175			}
176			/* move selected rules before this rule */
177			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
178			$a_out_new = array();
179
180			/* copy all rules < $movebtn and not selected */
181			for ($i = 0; $i < $movebtn; $i++) {
182			if (!in_array($i, $_POST['rule']))
183			$a_out_new[] = $a_out[$i];
184			}
185	9c96aff5	Bill Marquette
186	858f313d	Renato Botelho	/* copy all selected rules */
187			for ($i = 0; $i < count($a_out); $i++) {
188			if ($i == $movebtn)
189			continue;
190			if (in_array($i, $_POST['rule']))
191			$a_out_new[] = $a_out[$i];
192			}
193	9c96aff5	Bill Marquette
194	858f313d	Renato Botelho	/* copy $movebtn rule */
195			if ($movebtn < count($a_out))
196			$a_out_new[] = $a_out[$movebtn];
197	9c96aff5	Bill Marquette
198	858f313d	Renato Botelho	/* copy all rules > $movebtn and not selected */
199			for ($i = $movebtn+1; $i < count($a_out); $i++) {
200			if (!in_array($i, $_POST['rule']))
201			$a_out_new[] = $a_out[$i];
202			}
203			if (count($a_out_new) > 0)
204	82d0dfc4	Scott Ullrich	$a_out = $a_out_new;
205
206	3a343d73	jim-p	if (write_config())
207			mark_subsystem_dirty('natconf');
208	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
209			exit;
210			}
211	5b237745	Scott Ullrich	}
212	9c96aff5	Bill Marquette
213	ff01cbff	Vinicius Coque	$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("Outbound"));
214	6eb17647	Scott Ullrich	include("head.inc");
215
216	24f600b0	Scott Ullrich	?>
217	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
218			<?php include("fbegin.inc"); ?>
219	fe693b89	Bill Marquette	<form action="firewall_nat_out.php" method="post" name="iform">
220	07130afe	ayvis	<script type="text/javascript" src="/javascript/row_toggle.js"></script>
221	a8726a3d	Scott Ullrich	<?php
222	858f313d	Renato Botelho	if ($savemsg)
223			print_info_box($savemsg);
224			if (is_subsystem_dirty('natconf'))
225	8cd558b6	ayvis	print_info_box_np(gettext("The NAT configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect."));
226	a8726a3d	Scott Ullrich	?>
227	8cd558b6	ayvis	<br />
228	a9be92f0	Renato Botelho	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="firewall nat outbound">
229	858f313d	Renato Botelho	<tr><td>
230			<?php
231			$tab_array = array();
232			$tab_array[] = array(gettext("Port Forward"), false, "firewall_nat.php");
233			$tab_array[] = array(gettext("1:1"), false, "firewall_nat_1to1.php");
234			$tab_array[] = array(gettext("Outbound"), true, "firewall_nat_out.php");
235			$tab_array[] = array(gettext("NPt"), false, "firewall_nat_npt.php");
236			display_top_tabs($tab_array);
237			?>
238			</td></tr>
239			<tr>
240			<td>
241			<div id="mainarea">
242			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area">
243			<tr>
244	eef01b14	Renato Botelho	<td rowspan="3" align="right" valign="middle"><b><?=gettext("Mode:"); ?></b></td>
245			<td>
246	bef388a7	Renato Botelho	<input name="mode" type="radio" id="automatic" value="automatic" <?php if ($mode == "automatic") echo "checked=\"checked\"";?> />
247	eef01b14	Renato Botelho	</td>
248	858f313d	Renato Botelho	<td>
249			<strong>
250	8cd558b6	ayvis	<?=gettext("Automatic outbound NAT rule generation"); ?><br />
251	eef01b14	Renato Botelho	<?=gettext("(IPsec passthrough included)");?>
252	858f313d	Renato Botelho	</strong>
253			</td>
254			<td>
255	bef388a7	Renato Botelho	<input name="mode" type="radio" id="hybrid" value="hybrid" <?php if ($mode == "hybrid") echo "checked=\"checked\"";?> />
256	eef01b14	Renato Botelho	</td>
257			<td>
258	858f313d	Renato Botelho	<strong>
259	8cd558b6	ayvis	<?=gettext("Hybrid Outbound NAT rule generation"); ?><br />
260	eef01b14	Renato Botelho	<?=gettext("(Automatic Outbound NAT + rules below)");?>
261	858f313d	Renato Botelho	</strong>
262			</td>
263	eef01b14	Renato Botelho	<td rowspan="3" valign="middle" align="left">
264	858f313d	Renato Botelho	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
265			</td>
266			</tr>
267	5d2c6f3e	Scott Ullrich	<tr>
268	eef01b14	Renato Botelho	<td colspan="4">
269	5d2c6f3e	Scott Ullrich
270			</td>
271			</tr>
272			<tr>
273	eef01b14	Renato Botelho	<td>
274	bef388a7	Renato Botelho	<input name="mode" type="radio" id="advanced" value="advanced" <?php if ($mode == "advanced") echo "checked=\"checked\"";?> />
275	eef01b14	Renato Botelho	</td>
276			<td>
277			<strong>
278	8cd558b6	ayvis	<?=gettext("Manual Outbound NAT rule generation"); ?><br />
279	eef01b14	Renato Botelho	<?=gettext("(AON - Advanced Outbound NAT)");?>
280			</strong>
281			</td>
282			<td>
283	bef388a7	Renato Botelho	<input name="mode" type="radio" id="disabled" value="disabled" <?php if ($mode == "disabled") echo "checked=\"checked\"";?> />
284	eef01b14	Renato Botelho	</td>
285			<td>
286			<strong>
287	8cd558b6	ayvis	<?=gettext("Disable Outbound NAT rule generation"); ?><br />
288	eef01b14	Renato Botelho	<?=gettext("(No Outbound NAT rules)");?>
289			</strong>
290			</td>
291			</tr>
292			<tr>
293			<td colspan="6">
294	5d2c6f3e	Scott Ullrich
295			</td>
296			</tr>
297	858f313d	Renato Botelho	</table>
298			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="mappings">
299	2ca03544	Carlos Eduardo Ramos	<tr><td colspan="5"><b> <?=gettext("Mappings:"); ?></b></td></tr>
300	d5475741	Scott Ullrich	<tr><td> </td></tr>
301	858f313d	Renato Botelho	<tr id="frheader">
302			<td width="3%" class="list"> </td>
303			<td width="3%" class="list"> </td>
304			<td width="10%" class="listhdrr"><?=gettext("Interface");?></td>
305			<td width="15%" class="listhdrr"><?=gettext("Source");?></td>
306			<td width="10%" class="listhdrr"><?=gettext("Source Port");?></td>
307			<td width="15%" class="listhdrr"><?=gettext("Destination");?></td>
308			<td width="10%" class="listhdrr"><?=gettext("Destination Port");?></td>
309			<td width="15%" class="listhdrr"><?=gettext("NAT Address");?></td>
310			<td width="10%" class="listhdrr"><?=gettext("NAT Port");?></td>
311			<td width="10%" class="listhdrr"><?=gettext("Static Port");?></td>
312			<td width="25%" class="listhdr"><?=gettext("Description");?></td>
313			<td width="5%" class="list">
314			<table border="0" cellspacing="0" cellpadding="1" summary="add">
315			<tr>
316			<td width="17"></td>
317			<td>
318			<a href="firewall_nat_out_edit.php?after=-1">
319			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>" alt="add" />
320			</a>
321			</td>
322			</tr>
323			</table>
324			</td>
325			</tr>
326			<?php
327	a0e1f0f1	Renato Botelho	$i = 0;
328	858f313d	Renato Botelho	foreach ($a_out as $natent):
329	c83d04dc	Renato Botelho	$iconfn = "pass";
330			$textss = $textse = "";
331			if ($mode == "disabled" \|\| $mode == "automatic" \|\| isset($natent['disabled'])) {
332			$textss = "<span class=\"gray\">";
333			$textse = "</span>";
334			$iconfn .= "_d";
335			}
336	0e42cad8	Renato Botelho
337			//build Alias popup box
338			$alias_src_span_begin = "";
339			$alias_src_port_span_begin = "";
340			$alias_dst_span_begin = "";
341			$alias_dst_port_span_begin = "";
342
343			$alias_popup = rule_popup($natent['source']['network'],pprint_port($natent['sourceport']),$natent['destination']['address'],pprint_port($natent['dstport']));
344
345			$alias_src_span_begin = $alias_popup["src"];
346			$alias_src_port_span_begin = $alias_popup["srcport"];
347			$alias_dst_span_begin = $alias_popup["dst"];
348			$alias_dst_port_span_begin = $alias_popup["dstport"];
349
350			$alias_src_span_end = $alias_popup["src_end"];
351			$alias_src_port_span_end = $alias_popup["srcport_end"];
352			$alias_dst_span_end = $alias_popup["dst_end"];
353			$alias_dst_port_span_end = $alias_popup["dstport_end"];
354	858f313d	Renato Botelho	?>
355	a0e1f0f1	Renato Botelho	<tr valign="top" id="fr<?=$i;?>">
356	858f313d	Renato Botelho	<td class="listt">
357	a0e1f0f1	Renato Botelho	<input type="checkbox" id="frc<?=$i;?>" name="rule[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
358	858f313d	Renato Botelho	</td>
359			<td class="listt" align="center">
360			<?php
361	c83d04dc	Renato Botelho	if ($mode == "disabled" \|\| $mode == "automatic"):
362	bef388a7	Renato Botelho	?>
363	c83d04dc	Renato Botelho	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0"
364			title="<?=gettext("This rule is being ignored");?>" alt="icon" />
365	bef388a7	Renato Botelho	<?php
366	c83d04dc	Renato Botelho	else:
367	bef388a7	Renato Botelho	?>
368	c83d04dc	Renato Botelho	<a href="?act=toggle&id=<?=$i;?>">
369			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0"
370			title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" />
371			</a>
372	bef388a7	Renato Botelho	<?php
373			endif;
374	858f313d	Renato Botelho	?>
375			</td>
376	a0e1f0f1	Renato Botelho	<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
377	c83d04dc	Renato Botelho	<?php echo $textss . htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . $textse; ?>
378	858f313d	Renato Botelho
379			</td>
380	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
381	0e42cad8	Renato Botelho	<?php echo $textss . $alias_src_span_begin . $natent['source']['network'] . $alias_src_span_end . $textse;?>
382	858f313d	Renato Botelho	</td>
383	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
384	858f313d	Renato Botelho	<?php
385	c83d04dc	Renato Botelho	echo $textss;
386	858f313d	Renato Botelho	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
387			if (!$natent['sourceport'])
388			echo "*";
389			else
390	0e42cad8	Renato Botelho	echo $alias_src_port_span_begin . $natent['sourceport'] . $alias_src_port_span_end;
391	c83d04dc	Renato Botelho	echo $textse;
392	858f313d	Renato Botelho	?>
393			</td>
394	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
395	858f313d	Renato Botelho	<?php
396	c83d04dc	Renato Botelho	echo $textss;
397	858f313d	Renato Botelho	if (isset($natent['destination']['any']))
398			echo "*";
399			else {
400			if (isset($natent['destination']['not']))
401			echo "! ";
402	0e42cad8	Renato Botelho	echo $alias_dst_span_begin . $natent['destination']['address'] . $alias_dst_span_end;
403	858f313d	Renato Botelho	}
404	c83d04dc	Renato Botelho	echo $textse;
405	858f313d	Renato Botelho	?>
406			</td>
407	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
408	858f313d	Renato Botelho	<?php
409	c83d04dc	Renato Botelho	echo $textss;
410	858f313d	Renato Botelho	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
411			if (!$natent['dstport'])
412			echo "*";
413			else
414	0e42cad8	Renato Botelho	echo $alias_dst_port_span_begin . $natent['dstport'] . $alias_dst_port_span_end;
415	c83d04dc	Renato Botelho	echo $textse;
416	858f313d	Renato Botelho	?>
417			</td>
418	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
419	858f313d	Renato Botelho	<?php
420	c83d04dc	Renato Botelho	echo $textss;
421	858f313d	Renato Botelho	if (isset($natent['nonat']))
422			echo '<I>NO NAT</I>';
423			elseif (!$natent['target'])
424			echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . " address";
425			elseif ($natent['target'] == "other-subnet")
426			echo $natent['targetip'] . '/' . $natent['targetip_subnet'];
427			else
428			echo $natent['target'];
429	c83d04dc	Renato Botelho	echo $textse;
430	858f313d	Renato Botelho	?>
431			</td>
432	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
433	858f313d	Renato Botelho	<?php
434	c83d04dc	Renato Botelho	echo $textss;
435	858f313d	Renato Botelho	if (!$natent['natport'])
436			echo "*";
437			else
438			echo $natent['natport'];
439	c83d04dc	Renato Botelho	echo $textse;
440	858f313d	Renato Botelho	?>
441			</td>
442	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';" align="center">
443	858f313d	Renato Botelho	<?php
444	c83d04dc	Renato Botelho	echo $textss;
445	858f313d	Renato Botelho	if(isset($natent['staticnatport']))
446			echo gettext("YES");
447			else
448			echo gettext("NO");
449	c83d04dc	Renato Botelho	echo $textse;
450	858f313d	Renato Botelho	?>
451			</td>
452	a0e1f0f1	Renato Botelho	<td class="listbg" onclick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
453	858f313d	Renato Botelho	<?=htmlspecialchars($natent['descr']);?>
454			</td>
455			<td class="list nowrap" valign="middle">
456			<table border="0" cellspacing="0" cellpadding="1" summary="move">
457			<tr>
458	a0e1f0f1	Renato Botelho	<td><input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="<?=gettext("move selected rules before this rule");?>" type="image" style="height:17;width:17;border:0" /></td>
459	858f313d	Renato Botelho	<td>
460			<a href="firewall_nat_out_edit.php?id=<?=$i;?>">
461			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit mapping");?>" alt="edit" />
462			</a>
463			</td>
464			</tr>
465			<tr>
466			<td align="center" valign="middle">
467			<a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this rule?");?>')">
468			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule");?>" alt="delete" />
469			</a>
470			</td>
471			<td>
472			<a href="firewall_nat_out_edit.php?dup=<?=$i;?>">
473			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new NAT based on this one");?>" width="17" height="17" border="0" alt="duplicate" />
474			</a>
475			</td>
476			</tr>
477			</table>
478			</td>
479			</tr>
480			<?php
481			$i++;
482			endforeach;
483	a2f0b7c1	Renato Botelho	?>
484			<tr>
485			<td class="list" colspan="11"></td>
486			<td class="list nowrap" valign="middle">
487			<table border="0" cellspacing="0" cellpadding="1" summary="edit">
488			<tr>
489			<td>
490			<?php
491	a0e1f0f1	Renato Botelho	if ($i == 0):
492	a2f0b7c1	Renato Botelho	?>
493			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected mappings to end");?>" border="0" alt="move" />
494			<?php
495			else:
496			?>
497			<input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected mappings to end");?>" />
498			<?php
499			endif;
500			?>
501			</td>
502			<td>
503			<a href="firewall_nat_out_edit.php">
504			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>" alt="add" />
505			</a>
506			</td>
507			</tr>
508			<tr>
509			<td>
510			<?php
511	a0e1f0f1	Renato Botelho	if ($i == 0):
512	a2f0b7c1	Renato Botelho	?>
513			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0" alt="delete" />
514			<?php
515			else:
516			?>
517			<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected mappings");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected mappings?");?>')" />
518			<?php
519			endif;
520			?>
521			</td>
522			</tr>
523			</table>
524			</td>
525			</tr>
526			<?php
527	bef388a7	Renato Botelho	if ($mode == "automatic" \|\| $mode == "hybrid"):
528			if(empty($FilterIflist))
529			filter_generate_optcfg_array();
530	32751b9f	Phil Davis	if(empty($GatewaysList))
531			filter_generate_gateways();
532	bef388a7	Renato Botelho	$automatic_rules = filter_nat_rules_outbound_automatic(implode(" ", filter_nat_rules_automatic_tonathosts()));
533	2154560d	Ermal	unset($FilterIflist, $GatewaysList);
534	a2f0b7c1	Renato Botelho	?>
535			<tr><td colspan="5"><b> <?=gettext("Automatic rules:"); ?></b></td></tr>
536			<tr><td> </td></tr>
537			<tr id="frheader">
538			<td width="3%" class="list"> </td>
539			<td width="3%" class="list"> </td>
540			<td width="10%" class="listhdrr"><?=gettext("Interface");?></td>
541			<td width="15%" class="listhdrr"><?=gettext("Source");?></td>
542			<td width="10%" class="listhdrr"><?=gettext("Source Port");?></td>
543			<td width="15%" class="listhdrr"><?=gettext("Destination");?></td>
544			<td width="10%" class="listhdrr"><?=gettext("Destination Port");?></td>
545			<td width="15%" class="listhdrr"><?=gettext("NAT Address");?></td>
546			<td width="10%" class="listhdrr"><?=gettext("NAT Port");?></td>
547			<td width="10%" class="listhdrr"><?=gettext("Static Port");?></td>
548			<td width="25%" class="listhdr"><?=gettext("Description");?></td>
549			<td width="5%" class="list"> </td>
550			</tr>
551			<?php
552	bef388a7	Renato Botelho	foreach ($automatic_rules as $natent):
553			?>
554	a0e1f0f1	Renato Botelho	<tr valign="top">
555	bef388a7	Renato Botelho	<td class="list"> </td>
556			<td class="listt" align="center">
557			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" border="0" title="<?=gettext("automatic outbound nat");?>" alt="icon" />
558			</td>
559			<td class="listlr" style="background-color: #E0E0E0">
560			<?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])); ?>
561
562			</td>
563			<td class="listr" style="background-color: #E0E0E0">
564			<?=$natent['source']['network'];?>
565			</td>
566			<td class="listr" style="background-color: #E0E0E0">
567			<?php
568			echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
569			if (!$natent['sourceport'])
570			echo "*";
571			else
572			echo $natent['sourceport'];
573			?>
574			</td>
575			<td class="listr" style="background-color: #E0E0E0">
576			<?php
577			if (isset($natent['destination']['any']))
578			echo "*";
579			else {
580			if (isset($natent['destination']['not']))
581			echo "! ";
582			echo $natent['destination']['address'];
583			}
584			?>
585			</td>
586			<td class="listr" style="background-color: #E0E0E0">
587			<?php
588			echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
589			if (!$natent['dstport'])
590			echo "*";
591			else
592			echo $natent['dstport'];
593			?>
594			</td>
595			<td class="listr" style="background-color: #E0E0E0">
596			<?php
597			if (isset($natent['nonat']))
598			echo '<I>NO NAT</I>';
599			elseif (!$natent['target'])
600			echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . " address";
601			elseif ($natent['target'] == "other-subnet")
602			echo $natent['targetip'] . '/' . $natent['targetip_subnet'];
603			else
604			echo $natent['target'];
605			?>
606			</td>
607			<td class="listr" style="background-color: #E0E0E0">
608			<?php
609			if (!$natent['natport'])
610			echo "*";
611			else
612			echo $natent['natport'];
613			?>
614			</td>
615			<td class="listr" style="background-color: #E0E0E0">
616			<?php
617			if(isset($natent['staticnatport']))
618			echo gettext("YES");
619			else
620			echo gettext("NO");
621			?>
622			</td>
623			<td class="listbg">
624			<?=htmlspecialchars($natent['descr']);?>
625			</td>
626			<td class="list"> </td>
627			</tr>
628			<?php
629			endforeach;
630			endif;
631	858f313d	Renato Botelho	?>
632			<tr>
633			<td colspan="12">
634			<p><span class="vexpl">
635	8cd558b6	ayvis	<span class="red"><strong><?=gettext("Note:"); ?><br /></strong></span>
636	858211dd	Renato Botelho	<?=gettext("If automatic outbound NAT selected, a mapping is automatically created " .
637	858f313d	Renato Botelho	"for each interface's subnet (except WAN-type connections) and the rules " .
638	8cd558b6	ayvis	"on \"Mappings\" section of this page are ignored.<br /><br /> " .
639	858211dd	Renato Botelho	"If manual outbound NAT is selected, outbound NAT rules will not be " .
640	858f313d	Renato Botelho	"automatically generated and only the mappings you specify on this page " .
641	8cd558b6	ayvis	"will be used. <br /><br /> " .
642	858211dd	Renato Botelho	"If hybrid outbound NAT is selected, mappings you specify on this page will " .
643	8cd558b6	ayvis	"be used, followed by the automatically generated ones. <br /><br />" .
644			"If disable outbound NAT is selected, no rules will be used. <br /><br />" .
645	858f313d	Renato Botelho	"If a target address other than a WAN-type interface's IP address is used, " .
646			"then depending on the way the WAN connection is setup, a "); ?>
647			<a href="firewall_virtual_ip.php"><?=gettext("Virtual IP"); ?></a>
648			<?= gettext(" may also be required.") ?>
649			</span></p>
650			</td>
651			</tr>
652			</table>
653			</div>
654			</td>
655			</tr>
656	5b237745	Scott Ullrich	</table>
657	858f313d	Renato Botelho	</form>
658	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
659			</body>
660			</html>

Project

General

Profile

pfSense