/usr/local/www/firewall_nat.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat.php @ 7f5136cb

1	340e6dca	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_nat.php
5	c55b323d	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6			All rights reserved.
7	340e6dca	Scott Ullrich
8	c55b323d	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11	340e6dca	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	340e6dca	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	340e6dca	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	340e6dca	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33
34			require("guiconfig.inc");
35
36	e8c2c890	Bill Marquette	if (!is_array($config['nat']['rule']))
37	5b237745	Scott Ullrich	$config['nat']['rule'] = array();
38	fbe94068	Scott Ullrich
39	5b237745	Scott Ullrich	$a_nat = &$config['nat']['rule'];
40
41	514dbaf8	Scott Ullrich	/* if a custom message has been passed along, lets process it */
42			if ($_GET['savemsg'])
43			$savemsg = $_GET['savemsg'];
44
45	5b237745	Scott Ullrich	if ($_POST) {
46
47			$pconfig = $_POST;
48
49			if ($_POST['apply']) {
50	e8c2c890	Bill Marquette
51			write_config();
52
53	5b237745	Scott Ullrich	$retval = 0;
54	7a6c350f	Scott Ullrich
55	12f974a4	Scott Ullrich	config_lock();
56			$retval \|= filter_configure();
57			config_unlock();
58	e8c2c890	Bill Marquette
59	b2774343	Scott Ullrich	if(stristr($retval, "error") <> true)
60	2a71debf	Scott Ullrich	$savemsg = get_std_save_message($retval);
61			else
62			$savemsg = $retval;
63	340e6dca	Scott Ullrich
64	5b237745	Scott Ullrich	if ($retval == 0) {
65			if (file_exists($d_natconfdirty_path))
66			unlink($d_natconfdirty_path);
67			if (file_exists($d_filterconfdirty_path))
68			unlink($d_filterconfdirty_path);
69			}
70			}
71			}
72
73	00bcbdd0	Bill Marquette	if (isset($_POST['del_x'])) {
74			/* delete selected rules */
75			if (is_array($_POST['rule']) && count($_POST['rule'])) {
76			foreach ($_POST['rule'] as $rulei) {
77	25b71fd4	Scott Ullrich	$target = $rule['target'];
78			$helpers = exec("/bin/ps auwx \| grep pftpx \| grep {$target} \| grep -v grep \| cut -d\" \" -f5");
79	48cb8115	Scott Ullrich	if($helpers) {
80			/* kill ftp proxy helper */
81	25b71fd4	Scott Ullrich	mwexec("/bin/kill {$helpers}");
82			}
83	00bcbdd0	Bill Marquette	unset($a_nat[$rulei]);
84			}
85			write_config();
86			touch($d_natconfdirty_path);
87			header("Location: firewall_nat.php");
88			exit;
89			}
90
91			} else {
92			/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
93			unset($movebtn);
94			foreach ($_POST as $pn => $pd) {
95			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
96			$movebtn = $matches[1];
97			break;
98			}
99			}
100			/* move selected rules before this rule */
101			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
102			$a_nat_new = array();
103
104			/* copy all rules < $movebtn and not selected */
105			for ($i = 0; $i < $movebtn; $i++) {
106			if (!in_array($i, $_POST['rule']))
107			$a_nat_new[] = $a_nat[$i];
108			}
109
110			/* copy all selected rules */
111			for ($i = 0; $i < count($a_nat); $i++) {
112			if ($i == $movebtn)
113			continue;
114			if (in_array($i, $_POST['rule']))
115			$a_nat_new[] = $a_nat[$i];
116			}
117
118			/* copy $movebtn rule */
119			if ($movebtn < count($a_nat))
120			$a_nat_new[] = $a_nat[$movebtn];
121
122			/* copy all rules > $movebtn and not selected */
123			for ($i = $movebtn+1; $i < count($a_nat); $i++) {
124			if (!in_array($i, $_POST['rule']))
125			$a_nat_new[] = $a_nat[$i];
126			}
127			$a_nat = $a_nat_new;
128			write_config();
129			touch($d_natconfdirty_path);
130			header("Location: firewall_nat.php");
131			exit;
132			}
133	5b237745	Scott Ullrich	}
134	00bcbdd0	Bill Marquette
135	183a4aae	Bill Marquette	$pgtitle = "Firewall: NAT: Port Forward";
136	6eb17647	Scott Ullrich	include("head.inc");
137
138	24f600b0	Scott Ullrich	?>
139	a8726a3d	Scott Ullrich	<body link="#000000" vlink="#000000" alink="#000000">
140	5b237745	Scott Ullrich	<?php include("fbegin.inc"); ?>
141	da7ae7ef	Bill Marquette	<p class="pgtitle"><?=$pgtitle?></font></p>
142	00bcbdd0	Bill Marquette	<form action="firewall_nat.php" method="post" name="iform">
143			<script type="text/javascript" language="javascript" src="row_toggle.js">
144			</script>
145	5b237745	Scott Ullrich	<?php if (file_exists($d_natconfdirty_path)): ?><p>
146	514dbaf8	Scott Ullrich	<?php
147			if($savemsg)
148			print_info_box_np("{$savemsg}<br>The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
149			else
150			print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
151			?>
152	5b237745	Scott Ullrich	<?php endif; ?>
153			<table width="100%" border="0" cellpadding="0" cellspacing="0">
154			<tr><td>
155	a8726a3d	Scott Ullrich	<?php
156			$tab_array = array();
157	1425e067	Bill Marquette	$tab_array[] = array("Port Forward", true, "firewall_nat.php");
158			$tab_array[] = array("1:1", false, "firewall_nat_1to1.php");
159			$tab_array[] = array("Outbound", false, "firewall_nat_out.php");
160	a8726a3d	Scott Ullrich	display_top_tabs($tab_array);
161			?>
162			</td></tr>
163	340e6dca	Scott Ullrich	<tr>
164	d732f186	Bill Marquette	<td>
165			<div id="mainarea">
166			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
167	00bcbdd0	Bill Marquette	<tr id="frheader">
168			<td width="3%" class="list"> </td>
169			<td width="3%" class="list"> </td>
170	5b237745	Scott Ullrich	<td width="5%" class="listhdrr">If</td>
171			<td width="5%" class="listhdrr">Proto</td>
172			<td width="20%" class="listhdrr">Ext. port range</td>
173			<td width="20%" class="listhdrr">NAT IP</td>
174			<td width="20%" class="listhdrr">Int. port range</td>
175			<td width="20%" class="listhdr">Description</td>
176			<td width="5%" class="list"></td>
177	00bcbdd0	Bill Marquette	</tr>
178			<?php $nnats = $i = 0; foreach ($a_nat as $natent): ?>
179			<tr valign="top" id="fr<?=$nnats;?>">
180			<td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
181			<td class="listt" align="center"></td>
182	b8a0de00	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
183	8b1fab53	Scott Ullrich	<?php
184	00bcbdd0	Bill Marquette	if (!$natent['interface'] \|\| ($natent['interface'] == "wan"))
185			echo "WAN";
186	7a6c350f	Scott Ullrich	else if(strtolower($natent['interface']) == "lan")
187	3e33bb10	Scott Ullrich	echo "LAN";
188	00bcbdd0	Bill Marquette	else
189	3e33bb10	Scott Ullrich	echo strtoupper($config['interfaces'][$natent['interface']]['descr']);
190	00bcbdd0	Bill Marquette	?>
191	5b237745	Scott Ullrich	</td>
192	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
193	5b237745	Scott Ullrich	<?=strtoupper($natent['protocol']);?>
194			</td>
195	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
196	340e6dca	Scott Ullrich	<?php
197	5b237745	Scott Ullrich	list($beginport, $endport) = split("-", $natent['external-port']);
198			if ((!$endport) \|\| ($beginport == $endport)) {
199			echo $beginport;
200			if ($wkports[$beginport])
201			echo " (" . $wkports[$beginport] . ")";
202	d04221dc	Scott Ullrich	else
203			echo " ";
204	5b237745	Scott Ullrich	} else
205			echo $beginport . " - " . $endport;
206			?>
207			</td>
208	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
209	5b237745	Scott Ullrich	<?=$natent['target'];?>
210			<?php if ($natent['external-address'])
211			echo "<br>(ext.: " . $natent['external-address'] . ")";
212	89cf7eba	Scott Ullrich	else
213			echo "<br>(ext.: " . find_interface_ip(convert_friendly_interface_to_real_interface_name($natent['interface'])) . ")";
214	5b237745	Scott Ullrich	?>
215			</td>
216	b8a0de00	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
217	5b237745	Scott Ullrich	<?php if ((!$endport) \|\| ($beginport == $endport)) {
218			echo $natent['local-port'];
219			if ($wkports[$natent['local-port']])
220			echo " (" . $wkports[$natent['local-port']] . ")";
221	d04221dc	Scott Ullrich	else
222			echo " ";
223	5b237745	Scott Ullrich	} else
224	340e6dca	Scott Ullrich	echo $natent['local-port'] . " - " .
225	5b237745	Scott Ullrich	($natent['local-port']+$endport-$beginport);
226			?>
227			</td>
228	8b1fab53	Scott Ullrich	<td class="listbg" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
229			<font color="#ffffff">
230	5b237745	Scott Ullrich	<?=htmlspecialchars($natent['descr']);?>
231			</td>
232	00bcbdd0	Bill Marquette	<td valign="middle" class="list" nowrap>
233			<table border="0" cellspacing="0" cellpadding="1">
234			<tr>
235	f057bae4	Bill Marquette	<td><a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit rule"></a></td>
236	00bcbdd0	Bill Marquette	</tr>
237			<tr>
238	677c0869	Erik Kristensen	<td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="move selected rules before this rule" height="17" type="image" width="17" border="0"></td>
239			<td><a href="firewall_nat_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new nat based on this one" width="17" height="17" border="0"></a></td>
240	00bcbdd0	Bill Marquette	</tr>
241			</table>
242			</tr>
243			<?php $i++; $nnats++; endforeach; ?>
244	340e6dca	Scott Ullrich	<tr>
245	00bcbdd0	Bill Marquette	<td class="list" colspan="8"></td>
246			<td class="list" valign="middle" nowrap>
247			<table border="0" cellspacing="0" cellpadding="1">
248			<tr>
249	677c0869	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php endif; ?></td>
250			<td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
251	00bcbdd0	Bill Marquette	</tr>
252			<tr>
253	a99e956f	Erik Kristensen	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected mappings" onclick="return confirm('Do you really want to delete the selected mappings?')"><?php endif; ?></td>
254	00bcbdd0	Bill Marquette	</tr>
255			</table></td>
256	d732f186	Bill Marquette	</tr>
257			</table>
258			</div>
259			</td>
260	5b237745	Scott Ullrich	</tr>
261			</table>
262	3d335c4d	Scott Ullrich
263			<?php
264			if ($pkg['tabs'] <> "") {
265			echo "</td></tr></table>";
266			}
267			?>
268
269			</form>
270	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
271			</body>
272			</html>

Project

General

Profile

pfSense