/usr/local/www/firewall_nat_out.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat_out.php @ a0d1a467

1	19ae0929	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_nat_out.php
5	c55b323d	Scott Ullrich	Copyright (C) 2004 Scott Ullrich
6			All rights reserved.
7	19ae0929	Scott Ullrich
8	c55b323d	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10			All rights reserved.
11	19ae0929	Scott Ullrich
12	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	19ae0929	Scott Ullrich
15	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	19ae0929	Scott Ullrich
18	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	19ae0929	Scott Ullrich
22	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32			*/
33	7ac5a4cb	Scott Ullrich	/*
34			pfSense_MODULE: nat
35			*/
36	5b237745	Scott Ullrich
37	6b07c15a	Matthew Grooms	##\|+PRIV
38			##\|*IDENT=page-firewall-nat-outbound
39			##\|*NAME=Firewall: NAT: Outbound page
40			##\|*DESCR=Allow access to the 'Firewall: NAT: Outbound' page.
41			##\|MATCH=firewall_nat_out.php
42			##\|-PRIV
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7a927e67	Scott Ullrich	require_once("functions.inc");
46			require_once("filter.inc");
47			require_once("shaper.inc");
48	5b237745	Scott Ullrich
49	c44d3cf7	Ermal Lu?i	if (!is_array($config['nat']['advancedoutbound']))
50			$config['nat']['advancedoutbound'] = array();
51
52	5b237745	Scott Ullrich	if (!is_array($config['nat']['advancedoutbound']['rule']))
53	82d0dfc4	Scott Ullrich	$config['nat']['advancedoutbound']['rule'] = array();
54	19ae0929	Scott Ullrich
55	5b237745	Scott Ullrich	$a_out = &$config['nat']['advancedoutbound']['rule'];
56
57	82d0dfc4	Scott Ullrich	if ($_POST['apply']) {
58			write_config();
59	5b237745	Scott Ullrich
60	82d0dfc4	Scott Ullrich	$retval = 0;
61	920b3bb0	Scott Ullrich	$retval \|= filter_configure();
62
63	e8c2c890	Bill Marquette	if(stristr($retval, "error") <> true)
64			$savemsg = get_std_save_message($retval);
65			else
66			$savemsg = $retval;
67	19ae0929	Scott Ullrich
68	82d0dfc4	Scott Ullrich	if ($retval == 0) {
69	a368a026	Ermal Lu?i	clear_subsystem_dirty('natconf');
70			clear_subsystem_dirty('filter');
71	9c96aff5	Bill Marquette	}
72	5b237745	Scott Ullrich	}
73
74	fe693b89	Bill Marquette
75
76	82d0dfc4	Scott Ullrich	if (isset($_POST['save']) && $_POST['save'] == "Save") {
77	53bf5f1d	Seth Mos	/* mutually exclusive settings - if user wants advanced NAT, we don't generate automatic rules */
78	82d0dfc4	Scott Ullrich	switch ($_POST['advancedoripsec']) {
79			case "ipsecpassthru":
80			$config['nat']['ipsecpassthru']['enable'] = true;
81			unset($config['nat']['advancedoutbound']['enable']);
82			break;
83			case "advancedoutboundnat":
84	1ddb870b	Ermal Lu?i	if (!isset($config['nat']['advancedoutbound']['enable'])) {
85			$config['nat']['advancedoutbound']['enable'] = true;
86	4a3cb40c	Chris Buechler	// if there are already AON rules configured, don't generate default ones
87			if(!empty($a_out))
88			continue;
89	82d0dfc4	Scott Ullrich	/*
90	4a3cb40c	Chris Buechler	* user has enabled advanced outbound NAT and doesn't have rules
91			* lets automatically create entries
92	82d0dfc4	Scott Ullrich	* for all of the interfaces to make life easier on the pip-o-chap
93			*/
94	cbe3ea96	Ermal Luçi	$ifdescrs = get_configured_interface_with_descr();
95
96			foreach($ifdescrs as $if => $ifdesc) {
97	a55e9c70	Ermal Lu?i	if (interface_has_gateway($if))
98	e1f675e4	Ermal Luçi	continue;
99	a55e9c70	Ermal Lu?i	$osipaddr = get_interface_ip($if);
100			$ossubnet = get_interface_subnet($if);
101			if (!is_ipaddr($osipaddr) \|\| empty($ossubnet))
102			continue;
103			$osn = gen_subnet($osipaddr, $ossubnet);
104	1ddb870b	Ermal Lu?i	foreach ($ifdescrs as $if2 => $ifdesc2) {
105			if (!interface_has_gateway($if2))
106			continue;
107	aad51dbf	Ermal Lu?i
108	1ddb870b	Ermal Lu?i	$natent = array();
109			$natent['source']['network'] = "{$osn}/{$ossubnet}";
110	d2243cff	Chris Buechler	$natent['dstport'] = "500";
111	ddc55e12	Erik Fonnesbeck	$natent['descr'] = sprintf(gettext('Auto created rule for ISAKMP - %1$s to %2$s'),$ifdesc,$ifdesc2);
112	1ddb870b	Ermal Lu?i	$natent['target'] = "";
113			$natent['interface'] = $if2;
114			$natent['destination']['any'] = true;
115	d2243cff	Chris Buechler	$natent['staticnatport'] = true;
116	1ddb870b	Ermal Lu?i	$a_out[] = $natent;
117
118			$natent = array();
119			$natent['source']['network'] = "{$osn}/{$ossubnet}";
120			$natent['sourceport'] = "";
121	ddc55e12	Erik Fonnesbeck	$natent['descr'] = sprintf(gettext('Auto created rule for %1$s to %2$s'),$ifdesc,$ifdesc2);
122	1ddb870b	Ermal Lu?i	$natent['target'] = "";
123			$natent['interface'] = $if2;
124			$natent['destination']['any'] = true;
125			$natent['natport'] = "";
126			$a_out[] = $natent;
127	4b85f096	Chris Buechler
128	edb2a3da	Evgeny Yurchenko	$natent = array();
129			$natent['source']['network'] = "127.0.0.0/8";
130			$natent['dstport'] = "";
131			$natent['descr'] = sprintf(gettext('Auto created rule for localhost to %1$s'),$ifdesc2);
132			$natent['target'] = "";
133			$natent['interface'] = $if2;
134			$natent['destination']['any'] = true;
135			$natent['staticnatport'] = false;
136			$natent['natport'] = "1024:65535";
137			$a_out[] = $natent;
138
139	4b85f096	Chris Buechler	/* PPTP subnet */
140	4e12754d	jim-p	if (($config['pptpd']['mode'] == "server") && is_private_ip($config['pptpd']['remoteip'])) {
141	a0d1a467	jim-p	$pptp_size = empty($config['pptpd']['n_pptp_units']) ? 16 : $config['pptpd']['n_pptp_units'];
142			$pptptopip = $pptp_size - 1;
143	65319e4c	Chris Buechler	$pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+$pptptopip));
144	4e12754d	jim-p	foreach ($pptp_subnets as $pptpsn) {
145	4b85f096	Chris Buechler	$natent = array();
146	4e12754d	jim-p	$natent['source']['network'] = $pptpsn;
147	4b85f096	Chris Buechler	$natent['sourceport'] = "";
148	ff01cbff	Vinicius Coque	$natent['descr'] = gettext("Auto created rule for PPTP server");
149	4b85f096	Chris Buechler	$natent['target'] = "";
150			$natent['interface'] = $if2;
151			$natent['destination']['any'] = true;
152			$natent['natport'] = "";
153			$a_out[] = $natent;
154			}
155			}
156			/* PPPoE subnet */
157	8c5df705	jim-p	if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) {
158			foreach ($config['pppoes']['pppoe'] as $pppoes) {
159			if (($pppoes['mode'] == "server") && is_ipaddr($pppoes['localip'])) {
160			if($pppoes['pppoe_subnet'] <> "")
161			$ossubnet = $pppoes['pppoe_subnet'];
162			else
163			$ossubnet = "32";
164			$osn = gen_subnet($pppoes['localip'], $ossubnet);
165			$natent = array();
166			$natent['source']['network'] = "{$osn}/{$ossubnet}";
167			$natent['sourceport'] = "";
168			$natent['descr'] = gettext("Auto created rule for PPPoE server");
169			$natent['target'] = "";
170			$natent['interface'] = $if2;
171			$natent['destination']['any'] = true;
172			$natent['natport'] = "";
173			$a_out[] = $natent;
174			}
175	4b85f096	Chris Buechler	}
176			}
177			/* L2TP subnet */
178			if($config['l2tp']['mode'] == "server") {
179			if (is_ipaddr($config['l2tp']['localip'])) {
180			if($config['l2tp']['l2tp_subnet'] <> "")
181	fbd96b06	Erik Fonnesbeck	$ossubnet = $config['l2tp']['l2tp_subnet'];
182	4b85f096	Chris Buechler	else
183			$ossubnet = "32";
184	fbd96b06	Erik Fonnesbeck	$osn = gen_subnet($config['l2tp']['localip'], $ossubnet);
185	4b85f096	Chris Buechler	$natent = array();
186			$natent['source']['network'] = "{$osn}/{$ossubnet}";
187			$natent['sourceport'] = "";
188	ff01cbff	Vinicius Coque	$natent['descr'] = gettext("Auto created rule for L2TP server");
189	4b85f096	Chris Buechler	$natent['target'] = "";
190			$natent['interface'] = $if2;
191			$natent['destination']['any'] = true;
192			$natent['natport'] = "";
193			$a_out[] = $natent;
194			}
195			}
196			/* add openvpn interfaces */
197			if($config['openvpn']['openvpn-server']) {
198			foreach ($config['openvpn']['openvpn-server'] as $ovpnsrv) {
199			$natent = array();
200			$natent['source']['network'] = $ovpnsrv['tunnel_network'];
201			$natent['sourceport'] = "";
202	ff01cbff	Vinicius Coque	$natent['descr'] = gettext("Auto created rule for OpenVPN server");
203	4b85f096	Chris Buechler	$natent['target'] = "";
204			$natent['interface'] = $if2;
205			$natent['destination']['any'] = true;
206			$natent['natport'] = "";
207			$a_out[] = $natent;
208			}
209			}
210	1ddb870b	Ermal Lu?i	}
211	fa56ab75	Scott Ullrich	}
212	4b85f096	Chris Buechler
213	ff01cbff	Vinicius Coque	$savemsg = gettext("Default rules for each interface have been created.");
214	82d0dfc4	Scott Ullrich	}
215			break;
216			}
217	63868cb8	Scott Ullrich	write_config();
218	a368a026	Ermal Lu?i	mark_subsystem_dirty('natconf');
219	63868cb8	Scott Ullrich	header("Location: firewall_nat_out.php");
220			exit;
221	fe693b89	Bill Marquette	}
222
223	dd65598e	Darren Embry	if ($_GET['act'] == "del") {
224			if ($a_out[$_GET['id']]) {
225			unset($a_out[$_GET['id']]);
226			write_config();
227			mark_subsystem_dirty('natconf');
228			header("Location: firewall_nat_out.php");
229			exit;
230			}
231			}
232
233	9c96aff5	Bill Marquette	if (isset($_POST['del_x'])) {
234			/* delete selected rules */
235			if (is_array($_POST['rule']) && count($_POST['rule'])) {
236			foreach ($_POST['rule'] as $rulei) {
237			unset($a_out[$rulei]);
238			}
239			write_config();
240	a368a026	Ermal Lu?i	mark_subsystem_dirty('natconf');
241	9c96aff5	Bill Marquette	header("Location: firewall_nat_out.php");
242			exit;
243			}
244
245			} else {
246	87b10bed	Bill Marquette	/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
247	9c96aff5	Bill Marquette	unset($movebtn);
248			foreach ($_POST as $pn => $pd) {
249			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
250			$movebtn = $matches[1];
251			break;
252			}
253			}
254			/* move selected rules before this rule */
255			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
256			$a_out_new = array();
257
258			/* copy all rules < $movebtn and not selected */
259			for ($i = 0; $i < $movebtn; $i++) {
260			if (!in_array($i, $_POST['rule']))
261			$a_out_new[] = $a_out[$i];
262			}
263
264			/* copy all selected rules */
265			for ($i = 0; $i < count($a_out); $i++) {
266			if ($i == $movebtn)
267			continue;
268			if (in_array($i, $_POST['rule']))
269			$a_out_new[] = $a_out[$i];
270			}
271
272			/* copy $movebtn rule */
273			if ($movebtn < count($a_out))
274			$a_out_new[] = $a_out[$movebtn];
275
276			/* copy all rules > $movebtn and not selected */
277			for ($i = $movebtn+1; $i < count($a_out); $i++) {
278			if (!in_array($i, $_POST['rule']))
279			$a_out_new[] = $a_out[$i];
280			}
281	82d0dfc4	Scott Ullrich	if (count($a_out_new) > 0)
282			$a_out = $a_out_new;
283			else
284			unset($config['nat']['advancedoutbound']);
285
286	9c96aff5	Bill Marquette	write_config();
287	a368a026	Ermal Lu?i	mark_subsystem_dirty('natconf');
288	9c96aff5	Bill Marquette	header("Location: firewall_nat_out.php");
289			exit;
290			}
291	5b237745	Scott Ullrich	}
292	9c96aff5	Bill Marquette
293
294	ff01cbff	Vinicius Coque	$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("Outbound"));
295	6eb17647	Scott Ullrich	include("head.inc");
296
297	24f600b0	Scott Ullrich	?>
298	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
299			<?php include("fbegin.inc"); ?>
300	fe693b89	Bill Marquette	<form action="firewall_nat_out.php" method="post" name="iform">
301	625dcc40	Bill Marquette	<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js">
302	3f57ceee	Bill Marquette	</script>
303	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
304	a368a026	Ermal Lu?i	<?php if (is_subsystem_dirty('natconf')): ?><p>
305	fe710877	Vinicius Coque	<?php print_info_box_np(gettext("The NAT configuration has been changed.")."<br>".gettext("You must apply the changes in order for them to take effect."));?><br>
306	5b237745	Scott Ullrich	<?php endif; ?>
307			<table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td>
308	a8726a3d	Scott Ullrich	<?php
309			$tab_array = array();
310	ff01cbff	Vinicius Coque	$tab_array[] = array(gettext("Port Forward"), false, "firewall_nat.php");
311	2ca03544	Carlos Eduardo Ramos	$tab_array[] = array(gettext("1:1"), false, "firewall_nat_1to1.php");
312	ff01cbff	Vinicius Coque	$tab_array[] = array(gettext("Outbound"), true, "firewall_nat_out.php");
313	292ef22a	Seth Mos	$tab_array[] = array(gettext("NPt"), false, "firewall_nat_npt.php");
314	a8726a3d	Scott Ullrich	display_top_tabs($tab_array);
315			?>
316	5b237745	Scott Ullrich	</td></tr>
317	19ae0929	Scott Ullrich	<tr>
318	d732f186	Bill Marquette	<td>
319			<div id="mainarea">
320	5d2c6f3e	Scott Ullrich	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
321	2ca03544	Carlos Eduardo Ramos	<tr><td align="right"><b><?=gettext("Mode:"); ?></b></td>
322	d5475741	Scott Ullrich	<td>
323			<input name="advancedoripsec" type="radio" id="ipsecpassthru" value="ipsecpassthru" <?php if (isset($config['nat']['ipsecpassthru']['enable'])) echo "checked";?>>
324	bc381f9a	Carlos Eduardo Ramos	<strong><?=gettext("Automatic outbound NAT rule generation"); ?><br/>          <?=gettext("(IPsec passthrough included)");?></strong>
325	6b3a7398	Scott Ullrich	</td>
326	5d2c6f3e	Scott Ullrich
327	d5475741	Scott Ullrich	<td>
328			<input name="advancedoripsec" type="radio" id="advancedoutbound" value="advancedoutboundnat" <?php if (isset($config['nat']['advancedoutbound']['enable'])) echo "checked";?>>
329	74aff49c	Renato Botelho	<strong><?=gettext("Manual Outbound NAT rule generation") . "<br/>          " . gettext("(AON - Advanced Outbound NAT)");?></strong></td>
330	52b8dc16	Scott Ullrich	<td valign="middle" align="left">
331	74aff49c	Renato Botelho	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>">
332	d5475741	Scott Ullrich	<br/>
333	5b237745	Scott Ullrich	</td>
334			</tr>
335	5d2c6f3e	Scott Ullrich	<tr>
336			<td colspan="5">
337
338			</td>
339			</tr>
340			<tr>
341			<td class="vtable" colspan="5">
342
343			</td>
344			</tr>
345	5b237745	Scott Ullrich	</table>
346	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
347	2ca03544	Carlos Eduardo Ramos	<tr><td colspan="5"><b> <?=gettext("Mappings:"); ?></b></td></tr>
348	d5475741	Scott Ullrich	<tr><td> </td></tr>
349	3f57ceee	Bill Marquette	<tr id="frheader">
350			<td width="3%" class="list"> </td>
351			<td width="3%" class="list"> </td>
352	ff01cbff	Vinicius Coque	<td width="10%" class="listhdrr"><?=gettext("Interface");?></td>
353			<td width="15%" class="listhdrr"><?=gettext("Source");?></td>
354			<td width="10%" class="listhdrr"><?=gettext("Source Port");?></td>
355			<td width="15%" class="listhdrr"><?=gettext("Destination");?></td>
356			<td width="10%" class="listhdrr"><?=gettext("Destination Port");?></td>
357			<td width="15%" class="listhdrr"><?=gettext("NAT Address");?></td>
358			<td width="10%" class="listhdrr"><?=gettext("NAT Port");?></td>
359			<td width="10%" class="listhdrr"><?=gettext("Static Port");?></td>
360			<td width="25%" class="listhdr"><?=gettext("Description");?></td>
361	d415d821	Seth Mos	<td width="5%" class="list">
362			<table border="0" cellspacing="0" cellpadding="1">
363			<tr>
364			<td width="17"></td>
365	ff01cbff	Vinicius Coque	<td><a href="firewall_nat_out_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>"></a></td>
366	d415d821	Seth Mos	</tr>
367			</table>
368			</td>
369	5b237745	Scott Ullrich	</tr>
370	9c96aff5	Bill Marquette	<?php $nnats = $i = 0; foreach ($a_out as $natent): ?>
371	3f57ceee	Bill Marquette	<tr valign="top" id="fr<?=$nnats;?>">
372			<td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
373	3364bed4	Bill Marquette	<td class="listt" align="center"></td>
374	f8b8c2fd	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
375	5b237745	Scott Ullrich	<?php
376	8b35aa77	Erik Fonnesbeck	if (!$natent['interface'])
377			echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan"));
378	5b237745	Scott Ullrich	else
379	8b35aa77	Erik Fonnesbeck	echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']));
380	5b237745	Scott Ullrich	?>
381	19f09ae1	Scott Ullrich
382	5b237745	Scott Ullrich	</td>
383	f8b8c2fd	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
384	5b237745	Scott Ullrich	<?=$natent['source']['network'];?>
385			</td>
386	a88aca62	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
387			<?php
388	1c4edc3c	jim-p	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
389	a88aca62	Scott Ullrich	if (!$natent['sourceport'])
390			echo "*";
391			else
392			echo $natent['sourceport'];
393			?>
394			</td>
395	f8b8c2fd	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
396	5b237745	Scott Ullrich	<?php
397			if (isset($natent['destination']['any']))
398			echo "*";
399			else {
400			if (isset($natent['destination']['not']))
401			echo "! ";
402	2e56710c	Scott Ullrich	echo $natent['destination']['address'];
403	5b237745	Scott Ullrich	}
404			?>
405			</td>
406	f8b8c2fd	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
407	a539f08b	Bill Marquette	<?php
408	1c4edc3c	jim-p	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
409	a88aca62	Scott Ullrich	if (!$natent['dstport'])
410	a539f08b	Bill Marquette	echo "*";
411			else
412	a88aca62	Scott Ullrich	echo $natent['dstport'];
413	a539f08b	Bill Marquette	?>
414			</td>
415	f8b8c2fd	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
416	5b237745	Scott Ullrich	<?php
417			if (!$natent['target'])
418			echo "*";
419	f2141df0	jim-p	elseif ($natent['target'] == "other-subnet")
420			echo $natent['targetip'] . '/' . $natent['targetip_subnet'];
421	5b237745	Scott Ullrich	else
422			echo $natent['target'];
423			?>
424			</td>
425	4d38bfc3	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
426			<?php
427	3af33993	Scott Ullrich	if (!$natent['natport'])
428	4d38bfc3	Scott Ullrich	echo "*";
429			else
430	3af33993	Scott Ullrich	echo $natent['natport'];
431			?>
432	5d8b0205	Scott Ullrich	</td>
433			<td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
434			<?php
435	b6905de8	Scott Ullrich	if(isset($natent['staticnatport']))
436	ff01cbff	Vinicius Coque	echo "<CENTER>" . gettext("YES") . "</CENTER>";
437	b6905de8	Scott Ullrich	else
438	ff01cbff	Vinicius Coque	echo "<CENTER>" . gettext("NO") . "</CENTER>";
439	5d8b0205	Scott Ullrich	?>
440	4d38bfc3	Scott Ullrich	</td>
441	f8b8c2fd	Bill Marquette	<td class="listbg" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$nnats;?>';">
442	64286300	Scott Ullrich	<?=htmlspecialchars($natent['descr']);?>
443	5b237745	Scott Ullrich	</td>
444	9c96aff5	Bill Marquette	<td class="list" valign="middle" nowrap>
445			<table border="0" cellspacing="0" cellpadding="1">
446			<tr>
447	dd65598e	Darren Embry	<td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="<?=gettext("move selected rules before this rule");?>" height="17" type="image" width="17" border="0"></td>
448	ff01cbff	Vinicius Coque	<td><a href="firewall_nat_out_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit mapping");?>"></a></td>
449	9c96aff5	Bill Marquette	</tr>
450			<tr>
451	dd65598e	Darren Embry	<td align="center" valign="middle"><a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this rule?");?>')"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule");?>"></a></td>
452	ff01cbff	Vinicius Coque	<td><a href="firewall_nat_out_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new nat based on this one");?>" width="17" height="17" border="0"></a></td>
453	9c96aff5	Bill Marquette	</tr>
454			</table>
455			<?php $i++; $nnats++; endforeach; ?>
456	19ae0929	Scott Ullrich	<tr>
457	3af33993	Scott Ullrich	<td class="list" colspan="11"></td>
458	9c96aff5	Bill Marquette	<td class="list" valign="middle" nowrap>
459			<table border="0" cellspacing="0" cellpadding="1">
460			<tr>
461	ff01cbff	Vinicius Coque	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected mappings to end");?>" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="<?=gettext("move selected mappings to end");?>" border="0"><?php endif; ?></td>
462			<td><a href="firewall_nat_out_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>"></a></td>
463	9c96aff5	Bill Marquette	</tr>
464			<tr>
465	ff01cbff	Vinicius Coque	<td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0"><?php else: ?><input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="<?=gettext("delete selected mappings");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected mappings?");?>')"><?php endif; ?></td>
466	9c96aff5	Bill Marquette	</tr>
467			</table></td>
468	5b237745	Scott Ullrich	</tr>
469	d5475741	Scott Ullrich	<tr>
470			<td colspan="12">
471	64d42525	jim-p	<p><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br>
472			</strong></span>
473			<?=gettext("With automatic outbound NAT enabled, a mapping is automatically created " .
474			"for each interface's subnet (except WAN-type connections) and the rules " .
475			"on this page are ignored.<br/><br/> " .
476			"If manual outbound NAT is enabled, outbound NAT rules will not be " .
477			"automatically generated and only the mappings you specify on this page " .
478			"will be used. <br/><br/> " .
479			"If a target address other than a WAN-type interface's IP address is used, " .
480	d0404e46	jim-p	"then depending on the way the WAN connection is setup, a "); ?>
481			<a href="firewall_virtual_ip.php"><?=gettext("Virtual IP"); ?></a>
482	5a8a7545	jim-p	<?= gettext(" may also be required.") ?>
483			<br/><br/>
484			<?= gettext("To completely disable outbound NAT, switch to Manual Outbound NAT then delete any " .
485			"NAT rules that appear in the list.") ?>
486	d5475741	Scott Ullrich	</td>
487			</tr>
488
489	5b237745	Scott Ullrich	</table>
490	d732f186	Bill Marquette	</div>
491	5b237745	Scott Ullrich	</td>
492			</tr>
493			</table>
494			</form>
495			<?php include("fend.inc"); ?>
496			</body>
497			</html>

Project

General

Profile

pfSense