Project

General

Profile

« Previous | Next » 

Revision 0e6c4d62

Added by Christopher Cope over 2 years ago

Rewrite functions for toggle & delete NAT. Fixes #13545

View differences:

src/etc/inc/itemid.inc
31 31
 * RESULT
32 32
 *   boolean   - true if item was found and deleted
33 33
 ******/
34
function delete_id($id, &$array) {
34
function delete_id($id) {
35 35
	global $config;
36 36

  
37
	if (!is_array($array)) {
38
		return false;
39
	}
37
	$array = config_get_path('filter/rule', []);
40 38

  
41 39
	// Search for the item in the array
42 40
	$delete_index = get_id($id, $array);
......
57 55
	$mvnrows = -1;
58 56
	move_separators($a_separators, $ridx, $mvnrows);
59 57

  
58
	config_set_path('filter/rule', $array);
60 59
	return true;
61 60
}
62 61

  
......
70 69
 * RESULT
71 70
 *   boolean   - true if item was found and set
72 71
 ******/
73
function toggle_id($id, &$array, $status) {
74
	global $config;
75

  
76
	if (!is_array($array)) {
77
		return false;
78
	}
72
function toggle_id($id, $status) {
73
	$array = config_get_path('filter/rule', []);
79 74

  
80 75
	// Search for the item in the array
81 76
	$toggle_index = get_id($id, $array);
......
91 86
		$array[$toggle_index]['disabled'] = true;
92 87
	}
93 88

  
89
	config_set_path('filter/rule', $array);
90

  
94 91
	return true;
95 92
}
96 93

  
src/usr/local/pfSense/include/www/firewall_nat.inc
543 543
		// If we used to have an associated filter rule, but no-longer should have one
544 544
		if (!empty($a_nat[$id]) && (empty($natent['associated-rule-id']) || $natent['associated-rule-id'] != $a_nat[$id]['associated-rule-id'])) {
545 545
			// Delete the previous rule
546
			delete_id($a_nat[$id]['associated-rule-id'], $config['filter']['rule']);
546
			delete_id($a_nat[$id]['associated-rule-id']);
547 547
			if (!$json) {
548 548
				mark_subsystem_dirty('filter');
549 549
			}
......
655 655
			if (isset($natent['associated-rule-id']) &&
656 656
			    (isset($a_nat[$id]['disabled']) !== isset($natent['disabled']))) {
657 657
				// Check for filter rule associations
658
				toggle_id($natent['associated-rule-id'],
659
				    $config['filter']['rule'],
660
				    !isset($natent['disabled']));
658
				toggle_id($natent['associated-rule-id'], !isset($natent['disabled']));
661 659
				
662 660
				if (!$json) {
663 661
					mark_subsystem_dirty('filter');
......
695 693
}
696 694

  
697 695
function toggleNATrule($post, $json = false) {
698
	global $config;
699

  
700
	init_config_arr(array('nat', 'rule'));
701
	$a_nat = &$config['nat']['rule'];
702
	init_config_arr(array('nat', 'separator'));
703
	$a_separators = &$config['nat']['separator'];
704

  
705
	if (isset($a_nat[$post['id']]['disabled'])) {
706
		unset($a_nat[$post['id']]['disabled']);
707
		$rule_status = true;
708
	} else {
709
		$a_nat[$post['id']]['disabled'] = true;
710
		$rule_status = false;
696
	// Check for single rule
697
	if (!(is_array($post['rule']) && count($post['rule']))) {
698
		$post['rule'] = array( $post['id'] => $post['id'] );
711 699
	}
712 700

  
713
	// Check for filter rule associations
714
	if (isset($a_nat[$post['id']]['associated-rule-id'])) {
715
		toggle_id($a_nat[$post['id']]['associated-rule-id'],
716
		    $config['filter']['rule'], $rule_status);
717
		unset($rule_status);
718

  
719
		if(!$json) {
720
			mark_subsystem_dirty('filter');
701
	foreach ($post['rule'] as $rulei) {
702
		if (config_path_enabled("nat/rule/{$rulei}", 'disabled')) {
703
			config_del_path("nat/rule/{$rulei}/disabled");
704
			$rule_status = true;
705
		} else {
706
			config_set_path("nat/rule/{$rulei}/disabled", true);
707
			$rule_status = false;
721 708
		}
722
	}
723 709

  
724
	if (write_config(gettext("Firewall: NAT: Port forward, enable/disable NAT rule"))) {
725
		if (!$json) {
726
			mark_subsystem_dirty('natconf');
727
		}
728
	}
710
		// Check for filter rule associations
711
		$associated_rule_id = config_get_path("nat/rule/{$rulei}/associated-rule-id");
729 712

  
730
	if(!$json) {
731
		header("Location: firewall_nat.php");
732
		exit;
733
	} else {
734
		$a_nat = &$config['nat']['rule'];
735
		return isset($a_nat[$post['id']]['disabled']) ? "disabled":"enabled";
713
		if ($associated_rule_id != null) {
714
			toggle_id($associated_rule_id, $rule_status);
715
			unset($rule_status);
716
			$want_dirty_filter = true;
717
		}
736 718
	}
737
}
738

  
739
function toggleMultipleNATrules($post, $json = false) {
740
	global $config;
741

  
742
	init_config_arr(array('nat', 'rule'));
743
	$a_nat = &$config['nat']['rule'];
744 719

  
745
	foreach ($post['rule'] as $rulei) {
746
		if (isset($a_nat[$rulei]['disabled'])) {
747
			unset($a_nat[$rulei]['disabled']);
748
		} else {
749
			$a_nat[$rulei]['disabled'] = true;
750
		}
720
	if (count($post['rule']) == 1) {
721
		$action = config_path_enabled("nat/rule/{$post['rule'][0]}", "disabled") ? "disabled":"enabled";
722
		$write_ret = write_config(gettext("Firewall: NAT: Port forward - {$action} a NAT rule"));
723
	} else if (count($post['rule']) > 1) {
724
		$write_ret = write_config(gettext("Firewall: NAT: Port forward - enable/disable for selected NAT rules"));
751 725
	}
752 726

  
753
	if (write_config(gettext("Firewall: NAT: Port forward, enable/disable multiple NAT rule"))) {
754
		if ($json) {
755
			filter_configure();
756
		} else {
727
	if ($write_ret) {
728
		if (!$json) {
757 729
			mark_subsystem_dirty('natconf');
730
			if ($want_dirty_filter) {
731
				mark_subsystem_dirty('filter');
732
			}
758 733
			header("Location: firewall_nat.php");
759 734
			exit;
735
		} else {
736
			if (isset($post['id'])) {
737
				return $action;
738
			} else {
739
				filter_configure();
740
			}
760 741
		}
761 742
	}
762 743
}
763 744

  
764
function deleteMultipleNATrules($post, $json = false) {
745
function deleteNATrule($post, $json = false) {
765 746
	global $config;
766 747

  
767
	init_config_arr(array('nat', 'rule'));
768
	$a_nat = &$config['nat']['rule'];
769 748
	init_config_arr(array('nat', 'separator'));
770 749
	$a_separators = &$config['nat']['separator'];
771 750

  
751
	// Check for single rule
752
	if (!(is_array($post['rule']) && count($post['rule']))) {
753
		$post['rule'] = array( $post['id'] => $post['id'] );
754
	}
755

  
772 756
	$num_deleted = 0;
773 757

  
774 758
	foreach ($post['rule'] as $rulei) {
775
		// Check for filter rule associations
776
		if (isset($a_nat[$rulei]['associated-rule-id'])) {
777
			delete_id($a_nat[$rulei]['associated-rule-id'], $config['filter']['rule']);
778
			if (!$json) {
779
				mark_subsystem_dirty('filter');
780
			}
759
		$associated_rule_id = config_get_path("nat/rule/{$rulei}/associated-rule-id");
760

  
761
		if ($associated_rule_id != null) {
762
			delete_id($associated_rule_id);
763
			$want_dirty_filter = true;
781 764
		}
782 765

  
783
		unset($a_nat[$rulei]);
766
		config_del_path("/nat/rule/{$rulei}");
784 767

  
785 768
		// Update the separators
786 769
		// As rules are deleted, $ridx has to be decremented or separator position will break
......
797 780
	}
798 781

  
799 782
	if ($num_deleted) {
800
		if (write_config("NAT: Rule deleted")) {
783
		if ($num_deleted == 1) {
784
			$write_ret = write_config("Firewall: NAT: Port forward - rule deleted");
785
		} else {
786
			$write_ret = write_config("Firewall: NAT: Port forward - Multiple rules deleted");
787
		}
788

  
789
		if ($write_ret) {
801 790
			if ($json) {
802 791
				filter_configure();
803 792
			} else {
804 793
				mark_subsystem_dirty('natconf');
805
			}
806
		}
807
	}
808

  
809
	if(!$json) {
810
		header("Location: firewall_nat.php");
811
		exit;
812
	}
813
}
814

  
815
function deleteNATrule($post, $json = false) {
816
	global $config;
817

  
818
	init_config_arr(array('nat', 'rule'));
819
	$a_nat = &$config['nat']['rule'];
820
	init_config_arr(array('nat', 'separator'));
821
	$a_separators = &$config['nat']['separator'];
822

  
823
	if (isset($a_nat[$post['id']]['associated-rule-id'])) {
824
		delete_id($a_nat[$post['id']]['associated-rule-id'], $config['filter']['rule']);
825
		$want_dirty_filter = true;
826
	}
827

  
828
	unset($a_nat[$post['id']]);
829

  
830
	// Update the separators
831
	$ridx = $post['id'];
832
	$mvnrows = -1;
833
	move_separators($a_separators, $ridx, $mvnrows);
834

  
835
	if (write_config("NAT: Rule deleted")) {
836
		if ($json) {
837
			filter_configure();
838
		} else {
839
			mark_subsystem_dirty('natconf');
840
			if ($want_dirty_filter) {
841
				mark_subsystem_dirty('filter');
794
				if ($want_dirty_filter) {
795
					mark_subsystem_dirty('filter');
796
				}
842 797
			}
843 798
		}
844 799
	}
src/usr/local/www/firewall_nat.php
51 51
	reorderNATrules($_POST);
52 52
} else if ($_POST['apply'] && have_natpfruleint_access($natent['interface'])) {
53 53
	$retval = applyNATrules();
54
} else if (($_POST['act'] == "del") && have_natpfruleint_access($natent['interface'])) {
55
	if ($a_nat[$_POST['id']]) {
54
} else if (($_POST['act'] == "del" || isset($_POST['del_x'])) && have_natpfruleint_access($natent['interface'])) {
55
	if ($a_nat[$_POST['id']] || (is_array($_POST['rule']) && count($_POST['rule']))) {
56 56
		deleteNATrule($_POST);
57 57
	}
58
} else if (isset($_POST['del_x']) && have_natpfruleint_access($natent['interface'])) {
59
	/* delete selected rules */
60
	if (is_array($_POST['rule']) && count($_POST['rule'])) {
61
		deleteMultipleNATrules($_POST);
62
	}
63
} else if (isset($_POST['toggle_x']) && have_natpfruleint_access($natent['interface'])) {
64
	if (is_array($_POST['rule']) && count($_POST['rule'])) {
65
		toggleMultipleNATrules($_POST);
66
	}
67
} elseif (($_POST['act'] == "toggle") && have_natpfruleint_access($natent['interface'])) {
68
	if ($a_nat[$_POST['id']]) {
58
} elseif (($_POST['act'] == "toggle" || isset($_POST['toggle_x'])) && have_natpfruleint_access($natent['interface'])) {
59
	if ($a_nat[$_POST['id']] || (is_array($_POST['rule']) && count($_POST['rule']))) {
69 60
		toggleNATrule($_POST);
70 61
	}
71 62
}

Also available in: Unified diff