/usr/local/www/firewall_nat.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat.php @ 45ee90ed

1	340e6dca	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_nat.php
5	c55b323d	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6			All rights reserved.
7	340e6dca	Scott Ullrich
8	c55b323d	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11	340e6dca	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	340e6dca	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	340e6dca	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	340e6dca	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34			require("guiconfig.inc");
35
36	e8c2c890	Bill Marquette	if (!is_array($config['nat']['rule']))
37	5b237745	Scott Ullrich	$config['nat']['rule'] = array();
38	fbe94068	Scott Ullrich
39	5b237745	Scott Ullrich	$a_nat = &$config['nat']['rule'];
40
41	514dbaf8	Scott Ullrich	/* if a custom message has been passed along, lets process it */
42			if ($_GET['savemsg'])
43			$savemsg = $_GET['savemsg'];
44
45	5b237745	Scott Ullrich	if ($_POST) {
46
47			$pconfig = $_POST;
48
49			if ($_POST['apply']) {
50	e8c2c890	Bill Marquette
51			write_config();
52
53	5b237745	Scott Ullrich	$retval = 0;
54	7a6c350f	Scott Ullrich
55	b2774343	Scott Ullrich	if(stristr($retval, "error") <> true)
56	2a71debf	Scott Ullrich	$savemsg = get_std_save_message($retval);
57			else
58			$savemsg = $retval;
59	340e6dca	Scott Ullrich
60	7d04082e	Scott Ullrich	unlink_if_exists("/tmp/config.cache");
61	e2c9ef13	Scott Ullrich	$retval \|= filter_configure();
62	7d04082e	Scott Ullrich
63	5b237745	Scott Ullrich	if ($retval == 0) {
64			if (file_exists($d_natconfdirty_path))
65			unlink($d_natconfdirty_path);
66			if (file_exists($d_filterconfdirty_path))
67			unlink($d_filterconfdirty_path);
68			}
69	7d04082e	Scott Ullrich
70	5b237745	Scott Ullrich	}
71			}
72
73	00bcbdd0	Bill Marquette	if (isset($_POST['del_x'])) {
74	4b9a670c	Scott Ullrich	/* delete selected rules */
75			if (is_array($_POST['rule']) && count($_POST['rule'])) {
76			foreach ($_POST['rule'] as $rulei) {
77	25b71fd4	Scott Ullrich	$target = $rule['target'];
78	4b9a670c	Scott Ullrich	$helpers = exec("/bin/ps awwux \| grep pftpx \| grep \"{$target}\" \| grep -v grep \| awk '{ print \$2 }'");
79	48cb8115	Scott Ullrich	if($helpers) {
80			/* kill ftp proxy helper */
81	25b71fd4	Scott Ullrich	mwexec("/bin/kill {$helpers}");
82			}
83	4b9a670c	Scott Ullrich	unset($a_nat[$rulei]);
84			}
85			write_config();
86			touch($d_natconfdirty_path);
87			header("Location: firewall_nat.php");
88			exit;
89			}
90	00bcbdd0	Bill Marquette
91			} else {
92			/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
93			unset($movebtn);
94			foreach ($_POST as $pn => $pd) {
95			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
96			$movebtn = $matches[1];
97			break;
98			}
99			}
100			/* move selected rules before this rule */
101			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
102			$a_nat_new = array();
103
104			/* copy all rules < $movebtn and not selected */
105			for ($i = 0; $i < $movebtn; $i++) {
106			if (!in_array($i, $_POST['rule']))
107			$a_nat_new[] = $a_nat[$i];
108			}
109
110			/* copy all selected rules */
111			for ($i = 0; $i < count($a_nat); $i++) {
112			if ($i == $movebtn)
113			continue;
114			if (in_array($i, $_POST['rule']))
115			$a_nat_new[] = $a_nat[$i];
116			}
117
118			/* copy $movebtn rule */
119			if ($movebtn < count($a_nat))
120			$a_nat_new[] = $a_nat[$movebtn];
121
122			/* copy all rules > $movebtn and not selected */
123			for ($i = $movebtn+1; $i < count($a_nat); $i++) {
124			if (!in_array($i, $_POST['rule']))
125			$a_nat_new[] = $a_nat[$i];
126			}
127			$a_nat = $a_nat_new;
128			write_config();
129			touch($d_natconfdirty_path);
130			header("Location: firewall_nat.php");
131			exit;
132			}
133	5b237745	Scott Ullrich	}
134	00bcbdd0	Bill Marquette
135	d88c6a9f	Scott Ullrich	$pgtitle = array("Firewall","NAT","Port Forward");
136	6eb17647	Scott Ullrich	include("head.inc");
137
138	2a9db752	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
139			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
140			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
141			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
142
143	24f600b0	Scott Ullrich	?>
144	a8726a3d	Scott Ullrich	<body link="#000000" vlink="#000000" alink="#000000">
145	5b237745	Scott Ullrich	<?php include("fbegin.inc"); ?>
146	00bcbdd0	Bill Marquette	<form action="firewall_nat.php" method="post" name="iform">
147			<script type="text/javascript" language="javascript" src="row_toggle.js">
148			</script>
149	5b237745	Scott Ullrich	<?php if (file_exists($d_natconfdirty_path)): ?><p>
150	514dbaf8	Scott Ullrich	<?php
151			if($savemsg)
152			print_info_box_np("{$savemsg}<br>The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
153			else
154			print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
155			?>
156	5b237745	Scott Ullrich	<?php endif; ?>
157			<table width="100%" border="0" cellpadding="0" cellspacing="0">
158			<tr><td>
159	a8726a3d	Scott Ullrich	<?php
160			$tab_array = array();
161	1425e067	Bill Marquette	$tab_array[] = array("Port Forward", true, "firewall_nat.php");
162			$tab_array[] = array("1:1", false, "firewall_nat_1to1.php");
163			$tab_array[] = array("Outbound", false, "firewall_nat_out.php");
164	a8726a3d	Scott Ullrich	display_top_tabs($tab_array);
165			?>
166			</td></tr>
167	340e6dca	Scott Ullrich	<tr>
168	d732f186	Bill Marquette	<td>
169			<div id="mainarea">
170			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
171	00bcbdd0	Bill Marquette	<tr id="frheader">
172			<td width="3%" class="list"> </td>
173			<td width="3%" class="list"> </td>
174	5b237745	Scott Ullrich	<td width="5%" class="listhdrr">If</td>
175			<td width="5%" class="listhdrr">Proto</td>
176			<td width="20%" class="listhdrr">Ext. port range</td>
177			<td width="20%" class="listhdrr">NAT IP</td>
178			<td width="20%" class="listhdrr">Int. port range</td>
179			<td width="20%" class="listhdr">Description</td>
180	d415d821	Seth Mos	<td width="5%" class="list">
181			<table border="0" cellspacing="0" cellpadding="1">
182			<tr>
183			<td width="17"></td>
184			<td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
185			</tr>
186			</table>
187			</td>
188	00bcbdd0	Bill Marquette	</tr>
189			<?php $nnats = $i = 0; foreach ($a_nat as $natent): ?>
190	40b56dc1	Scott Ullrich	<?php
191	2a9db752	Scott Dale
192			//build Alias popup box
193			$span_begin = "";
194			$span_end = "";
195			$alias_src_port_span_begin = "";
196			$alias_dst_span_begin = "";
197			$alias_dst_port_span_begin = "";
198
199			list($beginport, $endport) = split("-", $natent['external-port']);
200
201			$alias_popup = rule_popup("",$beginport,$natent['target'],$natent['local-port']);
202			$span_end = "</U></span>";
203
204
205			$alias_src_port_span_begin = $alias_popup["srcport"];
206
207			$alias_dst_span_begin = $alias_popup["dst"];
208
209			$alias_dst_port_span_begin = $alias_popup["dstport"];
210
211
212
213
214	40b56dc1	Scott Ullrich	/* if user does not have access to edit an interface skip on to the next record */
215			if(!have_natpfruleint_access($natent['interface']))
216			continue;
217			?>
218	00bcbdd0	Bill Marquette	<tr valign="top" id="fr<?=$nnats;?>">
219			<td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
220			<td class="listt" align="center"></td>
221	b8a0de00	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
222	8b1fab53	Scott Ullrich	<?php
223	00bcbdd0	Bill Marquette	if (!$natent['interface'] \|\| ($natent['interface'] == "wan"))
224			echo "WAN";
225	7a6c350f	Scott Ullrich	else if(strtolower($natent['interface']) == "lan")
226	3e33bb10	Scott Ullrich	echo "LAN";
227	00bcbdd0	Bill Marquette	else
228	3e33bb10	Scott Ullrich	echo strtoupper($config['interfaces'][$natent['interface']]['descr']);
229	00bcbdd0	Bill Marquette	?>
230	5b237745	Scott Ullrich	</td>
231	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
232	5b237745	Scott Ullrich	<?=strtoupper($natent['protocol']);?>
233			</td>
234	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
235	340e6dca	Scott Ullrich	<?php
236	5b237745	Scott Ullrich	list($beginport, $endport) = split("-", $natent['external-port']);
237			if ((!$endport) \|\| ($beginport == $endport)) {
238	2a9db752	Scott Dale	echo $alias_src_port_span_begin;
239	5b237745	Scott Ullrich	echo $beginport;
240			if ($wkports[$beginport])
241			echo " (" . $wkports[$beginport] . ")";
242	d04221dc	Scott Ullrich	else
243			echo " ";
244	2a9db752	Scott Dale	echo $span_end;
245	5b237745	Scott Ullrich	} else
246			echo $beginport . " - " . $endport;
247			?>
248			</td>
249	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
250	2a9db752	Scott Dale	<?php echo $alias_dst_span_begin;?><?=$natent['target'];?><?php echo $span_end;?>
251	5b237745	Scott Ullrich	<?php if ($natent['external-address'])
252			echo "<br>(ext.: " . $natent['external-address'] . ")";
253	89cf7eba	Scott Ullrich	else
254			echo "<br>(ext.: " . find_interface_ip(convert_friendly_interface_to_real_interface_name($natent['interface'])) . ")";
255	5b237745	Scott Ullrich	?>
256			</td>
257	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
258	5b237745	Scott Ullrich	<?php if ((!$endport) \|\| ($beginport == $endport)) {
259	2a9db752	Scott Dale	echo $alias_dst_port_span_begin;
260			echo $natent['local-port'];
261	5b237745	Scott Ullrich	if ($wkports[$natent['local-port']])
262			echo " (" . $wkports[$natent['local-port']] . ")";
263	d04221dc	Scott Ullrich	else
264			echo " ";
265	2a9db752	Scott Dale	echo $span_end;
266	5b237745	Scott Ullrich	} else
267	340e6dca	Scott Ullrich	echo $natent['local-port'] . " - " .
268	5b237745	Scott Ullrich	($natent['local-port']+$endport-$beginport);
269			?>
270			</td>
271	8b1fab53	Scott Ullrich	<td class="listbg" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
272			<font color="#ffffff">
273	5b237745	Scott Ullrich	<?=htmlspecialchars($natent['descr']);?>
274			</td>
275	00bcbdd0	Bill Marquette	<td valign="middle" class="list" nowrap>
276			<table border="0" cellspacing="0" cellpadding="1">
277			<tr>
278	f057bae4	Bill Marquette	<td><a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit rule"></a></td>
279	00bcbdd0	Bill Marquette	</tr>
280			<tr>
281	677c0869	Erik Kristensen	<td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="move selected rules before this rule" height="17" type="image" width="17" border="0"></td>
282			<td><a href="firewall_nat_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new nat based on this one" width="17" height="17" border="0"></a></td>
283	00bcbdd0	Bill Marquette	</tr>
284			</table>
285			</tr>
286			<?php $i++; $nnats++; endforeach; ?>
287	340e6dca	Scott Ullrich	<tr>
288	00bcbdd0	Bill Marquette	<td class="list" colspan="8"></td>
289			<td class="list" valign="middle" nowrap>
290			<table border="0" cellspacing="0" cellpadding="1">
291			<tr>
292	677c0869	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php endif; ?></td>
293			<td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
294	00bcbdd0	Bill Marquette	</tr>
295			<tr>
296	a99e956f	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected mappings" onclick="return confirm('Do you really want to delete the selected mappings?')"><?php endif; ?></td>
297	00bcbdd0	Bill Marquette	</tr>
298	d415d821	Seth Mos	</table>
299			</td>
300	d732f186	Bill Marquette	</tr>
301			</table>
302			</div>
303			</td>
304	5b237745	Scott Ullrich	</tr>
305			</table>
306	3d335c4d	Scott Ullrich
307			<?php
308			if ($pkg['tabs'] <> "") {
309			echo "</td></tr></table>";
310			}
311			?>
312
313			</form>
314	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
315			</body>
316			</html>

Project

General

Profile

pfSense