Project

General

Profile

« Previous | Next » 

Revision 8d900185

Added by Scott Ullrich over 18 years ago

MFC
3rd pass nat rules generation. Also process lan subnets with OPT gateway properly.

View differences:

etc/inc/filter.inc
684 684 
		}
685 685 
	} else {
686 686 
		/* standard outbound rules (one for each interface) */
687 

  		




  688
  687
  
    
		update_filter_reload_status("Creating outbound NAT rules");


  		




  689
  688
  
    

  		




  690
  689
  
    
		$natrules .= filter_nat_rules_generate_if($wanif,


  		




  ......




  694
  693
  
    
		$natrules .= filter_nat_rules_generate_if($wanif,


  		




  695
  694
  
    
			"{$lansa}/{$lancfg['subnet']}");


  		




  696
  695
  
    

  		




  
  696
  
    
		$optints = array();


  		




  
  697
  
    
		generate_optcfg_array($optints);


  		




  
  698
  
    

  		




  
  699
  
    
		/* generate lan nat mappings for opts with a gateway opts */


  		




  
  700
  
    
		foreach($optints as $oc) {


  		




  
  701
  
    
			$opt_interface = $oc['if'];


  		




  
  702
  
    
			if (interface_has_gateway("$opt_interface")) {


  		




  
  703
  
    
				$natrules .= filter_nat_rules_generate_if($opt_interface,


  		




  
  704
  
    
					"{$lansa}/{$lancfg['subnet']}", 500, "", 500, null, 500, false);


  		




  
  705
  
    
				$natrules .= filter_nat_rules_generate_if($opt_interface,


  		




  
  706
  
    
					"{$lansa}/{$lancfg['subnet']}", 5060, "", 5060, null, 5060, false);


  		




  
  707
  
    
				$natrules .= filter_nat_rules_generate_if($opt_interface,


  		




  
  708
  
    
					"{$lansa}/{$lancfg['subnet']}");


  		




  
  709
  
    
			}


  		




  
  710
  
    
		}


  		




  
  711
  
    

  		




  697
  712
  
    
		/* optional interfaces */


  		




  698
  713
  
    
		for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {


  		




  699
  714
  
    
			update_filter_reload_status("Creating outbound rules (opt{$i})");


  		




  ......




  702
  717
  
    
			if (isset($optcfg['enable']) && !$optcfg['bridge']) {


  		




  703
  718
  
    
				$optsa = gen_subnet($optcfg['ipaddr'], $optcfg['subnet']);


  		




  704
  719
  
    

  		




  705
  
  
    
				/*    setup nat mappings for lan -> opt[$i]


  		




  706
  
  
    
				 *    interface if a gateway is defined


  		




  707
  
  
    
		                 */


  		




  708
  
  
    
				if((interface_has_gateway("opt{$i}"))) {


  		




  709
  
  
    
					$natrules .= filter_nat_rules_generate_if($optcfg['if'],


  		




  710
  
  
    
						"{$lansa}/{$lancfg['subnet']}", 500, "", 500, null, 500, false);


  		




  711
  
  
    
					$natrules .= filter_nat_rules_generate_if($optcfg['if'],


  		




  712
  
  
    
						"{$lansa}/{$lancfg['subnet']}", 5060, "", 5060, null, 5060, false);


  		




  713
  
  
    
					$natrules .= filter_nat_rules_generate_if($optcfg['if'],


  		




  714
  
  
    
						"{$lansa}/{$lancfg['subnet']}", null, "", null, null, null, isset($optcfg['nonat']));


  		




  715
  
  
    
				}


  		




  716
  
  
    

  		




  717
  720
  
    
				/* create outbound nat entries for primary wan */


  		




  718
  721
  
    
				$natrules .= filter_nat_rules_generate_if($wanif,


  		




  719
  722
  
    
					"{$optsa}/{$optcfg['subnet']}", 500, "", 500, null, 500, false);


  		




  ......




  723
  726
  
    
					"{$optsa}/{$optcfg['subnet']}", null, "", null, null, null, isset($optcfg['nonat']));


  		




  724
  727
  
    

  		




  725
  728
  
    
				/* create outbound nat entries for all opt wans */


  		




  726
  
  
    
				$optints = array();


  		




  727
  
  
    
				generate_optcfg_array($optints);


  		




  728
  729
  
    
				foreach($optints as $oc) {


  		




  729
  730
  
    
					$opt_interface = $oc['if'];


  		




  730
  
  
    
					if (interface_has_gateway("opt{$i}")) {


  		




  
  731
  
    
					if (interface_has_gateway("$opt_interface")) {


  		




  731
  732
  
    
						$natrules .= filter_nat_rules_generate_if($opt_interface,


  		




  732
  733
  
    
							"{$optsa}/{$optcfg['subnet']}", 500, "", 500, null, 500, false);


  		




  733
  734
  
    
						$natrules .= filter_nat_rules_generate_if($opt_interface,


  		












Also available in:  Unified diff