Project

General

Profile

Download (14.3 KB) Statistics
| Branch: | Tag: | Revision:
1 340e6dca Scott Ullrich
<?php
2 b46bfcf5 Bill Marquette
/* $Id$ */
3 5b237745 Scott Ullrich
/*
4
	firewall_nat.php
5 c55b323d Scott Ullrich
	Copyright (C) 2004 Scott Ullrich
6
	All rights reserved.
7 340e6dca Scott Ullrich
8 c55b323d Scott Ullrich
	originally part of m0n0wall (http://m0n0.ch/wall)
9 5b237745 Scott Ullrich
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10
	All rights reserved.
11 340e6dca Scott Ullrich
12 5b237745 Scott Ullrich
	Redistribution and use in source and binary forms, with or without
13
	modification, are permitted provided that the following conditions are met:
14 340e6dca Scott Ullrich
15 5b237745 Scott Ullrich
	1. Redistributions of source code must retain the above copyright notice,
16
	   this list of conditions and the following disclaimer.
17 340e6dca Scott Ullrich
18 5b237745 Scott Ullrich
	2. Redistributions in binary form must reproduce the above copyright
19
	   notice, this list of conditions and the following disclaimer in the
20
	   documentation and/or other materials provided with the distribution.
21 340e6dca Scott Ullrich
22 5b237745 Scott Ullrich
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31
	POSSIBILITY OF SUCH DAMAGE.
32
*/
33 7ac5a4cb Scott Ullrich
/*
34
	pfSense_MODULE:	nat
35
*/
36 5b237745 Scott Ullrich
37 6b07c15a Matthew Grooms
##|+PRIV
38
##|*IDENT=page-firewall-nat-portforward
39
##|*NAME=Firewall: NAT: Port Forward page
40
##|*DESCR=Allow access to the 'Firewall: NAT: Port Forward' page.
41
##|*MATCH=firewall_nat.php*
42
##|-PRIV
43
44 5b237745 Scott Ullrich
require("guiconfig.inc");
45 7a927e67 Scott Ullrich
require_once("functions.inc");
46
require_once("filter.inc");
47
require_once("shaper.inc");
48 483e6de8 Scott Ullrich
require_once("itemid.inc");
49 5b237745 Scott Ullrich
50 e8c2c890 Bill Marquette
if (!is_array($config['nat']['rule']))
51 5b237745 Scott Ullrich
	$config['nat']['rule'] = array();
52 fbe94068 Scott Ullrich
53 5b237745 Scott Ullrich
$a_nat = &$config['nat']['rule'];
54
55 514dbaf8 Scott Ullrich
/* if a custom message has been passed along, lets process it */
56
if ($_GET['savemsg'])
57
	$savemsg = $_GET['savemsg'];
58
59 5b237745 Scott Ullrich
if ($_POST) {
60
61
	$pconfig = $_POST;
62
63
	if ($_POST['apply']) {
64 e8c2c890 Bill Marquette
65
		write_config();
66
67 5b237745 Scott Ullrich
		$retval = 0;
68 7a6c350f Scott Ullrich
69 b2774343 Scott Ullrich
		if(stristr($retval, "error") <> true)
70 2a71debf Scott Ullrich
		    $savemsg = get_std_save_message($retval);
71
		else
72
		    $savemsg = $retval;
73 340e6dca Scott Ullrich
74 7d04082e Scott Ullrich
		unlink_if_exists("/tmp/config.cache");
75 e2c9ef13 Scott Ullrich
		$retval |= filter_configure();
76 7d04082e Scott Ullrich
77 5b237745 Scott Ullrich
		if ($retval == 0) {
78 a368a026 Ermal Lu?i
			clear_subsystem_dirty('natconf');
79
			clear_subsystem_dirty('filter');
80 5b237745 Scott Ullrich
		}
81 7d04082e Scott Ullrich
82 5b237745 Scott Ullrich
	}
83
}
84
85 00bcbdd0 Bill Marquette
if (isset($_POST['del_x'])) {
86 4b9a670c Scott Ullrich
    /* delete selected rules */
87
    if (is_array($_POST['rule']) && count($_POST['rule'])) {
88
	    foreach ($_POST['rule'] as $rulei) {
89 049a688e Ermal Lu?i
		$target = $rule['target'];
90 b9e28d57 unknown
			// Check for filter rule associations
91 9b16b834 Ermal Lu?i
			if (isset($a_nat[$rulei]['associated-rule-id'])){
92
				delete_id($a_nat[$rulei]['associated-rule-id'], $config['filter']['rule']);
93 b9e28d57 unknown
				
94
				mark_subsystem_dirty('filter');
95
			}
96 4b9a670c Scott Ullrich
	        unset($a_nat[$rulei]);
97
	    }
98
	    write_config();
99 a368a026 Ermal Lu?i
	    mark_subsystem_dirty('natconf');
100 4b9a670c Scott Ullrich
	    header("Location: firewall_nat.php");
101
	    exit;
102
	}
103 00bcbdd0 Bill Marquette
104
} else {
105
        /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
106
        unset($movebtn);
107
        foreach ($_POST as $pn => $pd) {
108
                if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
109
                        $movebtn = $matches[1];
110
                        break;
111
                }
112
        }
113
        /* move selected rules before this rule */
114
        if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
115
                $a_nat_new = array();
116
117
                /* copy all rules < $movebtn and not selected */
118
                for ($i = 0; $i < $movebtn; $i++) {
119
                        if (!in_array($i, $_POST['rule']))
120
                                $a_nat_new[] = $a_nat[$i];
121
                }
122
123
                /* copy all selected rules */
124
                for ($i = 0; $i < count($a_nat); $i++) {
125
                        if ($i == $movebtn)
126
                                continue;
127
                        if (in_array($i, $_POST['rule']))
128
                                $a_nat_new[] = $a_nat[$i];
129
                }
130
131
                /* copy $movebtn rule */
132
                if ($movebtn < count($a_nat))
133
                        $a_nat_new[] = $a_nat[$movebtn];
134
135
                /* copy all rules > $movebtn and not selected */
136
                for ($i = $movebtn+1; $i < count($a_nat); $i++) {
137
                        if (!in_array($i, $_POST['rule']))
138
                                $a_nat_new[] = $a_nat[$i];
139
                }
140
                $a_nat = $a_nat_new;
141
                write_config();
142 a368a026 Ermal Lu?i
		mark_subsystem_dirty('natconf');
143 00bcbdd0 Bill Marquette
                header("Location: firewall_nat.php");
144
                exit;
145
        }
146 5b237745 Scott Ullrich
}
147 00bcbdd0 Bill Marquette
148 d88c6a9f Scott Ullrich
$pgtitle = array("Firewall","NAT","Port Forward");
149 6eb17647 Scott Ullrich
include("head.inc");
150
151 2a9db752 Scott Dale
echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
152
echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
153
echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
154
echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
155
156 24f600b0 Scott Ullrich
?>
157 a8726a3d Scott Ullrich
<body link="#000000" vlink="#000000" alink="#000000">
158 5b237745 Scott Ullrich
<?php include("fbegin.inc"); ?>
159 00bcbdd0 Bill Marquette
<form action="firewall_nat.php" method="post" name="iform">
160 625dcc40 Bill Marquette
<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js"></script>
161 a368a026 Ermal Lu?i
<?php if (is_subsystem_dirty('natconf')): ?><p>
162 514dbaf8 Scott Ullrich
<?php
163
	if($savemsg)
164
		print_info_box_np("{$savemsg}<br>The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
165
	else
166
		print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");
167
?>
168 5b237745 Scott Ullrich
<?php endif; ?>
169
<table width="100%" border="0" cellpadding="0" cellspacing="0">
170
  <tr><td>
171 a8726a3d Scott Ullrich
<?php
172
	$tab_array = array();
173 1425e067 Bill Marquette
	$tab_array[] = array("Port Forward", true, "firewall_nat.php");
174
	$tab_array[] = array("1:1", false, "firewall_nat_1to1.php");
175
	$tab_array[] = array("Outbound", false, "firewall_nat_out.php");
176 a8726a3d Scott Ullrich
	display_top_tabs($tab_array);
177
?>
178
 </td></tr>
179 340e6dca Scott Ullrich
  <tr>
180 d732f186 Bill Marquette
    <td>
181
	<div id="mainarea">
182
              <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
183 00bcbdd0 Bill Marquette
                <tr id="frheader">
184
		  <td width="3%" class="list">&nbsp;</td>
185
                  <td width="3%" class="list">&nbsp;</td>
186 5b237745 Scott Ullrich
                  <td width="5%" class="listhdrr">If</td>
187
                  <td width="5%" class="listhdrr">Proto</td>
188
                  <td width="20%" class="listhdrr">Ext. port range</td>
189
                  <td width="20%" class="listhdrr">NAT IP</td>
190
                  <td width="20%" class="listhdrr">Int. port range</td>
191
                  <td width="20%" class="listhdr">Description</td>
192 d415d821 Seth Mos
                  <td width="5%" class="list">
193
                    <table border="0" cellspacing="0" cellpadding="1">
194
                      <tr>
195
			<td width="17"></td>
196
                        <td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
197
                      </tr>
198
                    </table>
199
		  </td>
200 00bcbdd0 Bill Marquette
		</tr>
201
	<?php $nnats = $i = 0; foreach ($a_nat as $natent): ?>
202 40b56dc1 Scott Ullrich
	<?php 
203 2a9db752 Scott Dale
	
204
		//build Alias popup box
205
		$span_begin = "";
206
		$span_end = "";
207
		$alias_src_port_span_begin = "";
208
		$alias_dst_span_begin = "";
209
		$alias_dst_port_span_begin = "";
210
		
211
		list($beginport, $endport) = split("-", $natent['external-port']);		
212
		
213
		$alias_popup = rule_popup("",$beginport,$natent['target'],$natent['local-port']);
214
		$span_end = "</U></span>";
215
			
216
		 									
217
		$alias_src_port_span_begin = $alias_popup["srcport"];
218
											
219
		$alias_dst_span_begin = $alias_popup["dst"];
220
												
221
		$alias_dst_port_span_begin = $alias_popup["dstport"];
222
													
223
		
224
225
	
226 40b56dc1 Scott Ullrich
		/* if user does not have access to edit an interface skip on to the next record */
227
		if(!have_natpfruleint_access($natent['interface'])) 
228
			continue;
229
	?>
230 00bcbdd0 Bill Marquette
                <tr valign="top" id="fr<?=$nnats;?>">
231
                  <td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
232 b9e28d57 unknown
                  <td class="listt" align="center">
233 9b16b834 Ermal Lu?i
					<?php if(!empty($natent['associated-rule-id'])): ?>
234
					<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="Firewall rule ID <?=htmlspecialchars($nnatid); ?> is managed with this rule" border="0">
235 b9e28d57 unknown
					<?php endif; ?>
236 9b16b834 Ermal Lu?i
					<?php if($natent['associated-rule-id'] == "pass"): ?>
237 537dff78 Chris Buechler
					<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" title="All traffic matching this NAT entry is passed" border="0">
238
					<?php endif; ?>
239 b9e28d57 unknown
				  </td>
240 b8a0de00 Bill Marquette
                  <td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
241 8b1fab53 Scott Ullrich
		    <?php
242 00bcbdd0 Bill Marquette
			if (!$natent['interface'] || ($natent['interface'] == "wan"))
243
				echo "WAN";
244 7a6c350f Scott Ullrich
			else if(strtolower($natent['interface']) == "lan")
245 3e33bb10 Scott Ullrich
				echo "LAN";
246 00bcbdd0 Bill Marquette
			else
247 3e33bb10 Scott Ullrich
				echo strtoupper($config['interfaces'][$natent['interface']]['descr']);
248 00bcbdd0 Bill Marquette
		    ?>
249 5b237745 Scott Ullrich
                  </td>
250 b8a0de00 Bill Marquette
                  <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
251 5b237745 Scott Ullrich
                    <?=strtoupper($natent['protocol']);?>
252
                  </td>
253 b8a0de00 Bill Marquette
                  <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
254 340e6dca Scott Ullrich
                    <?php
255 5b237745 Scott Ullrich
						list($beginport, $endport) = split("-", $natent['external-port']);
256
						if ((!$endport) || ($beginport == $endport)) {
257 2a9db752 Scott Dale
							echo $alias_src_port_span_begin;
258 5b237745 Scott Ullrich
				  			echo $beginport;
259
							if ($wkports[$beginport])
260
								echo " (" . $wkports[$beginport] . ")";
261 d04221dc Scott Ullrich
							else
262
								echo "&nbsp;";
263 2a9db752 Scott Dale
							echo $span_end;
264 5b237745 Scott Ullrich
						} else
265
							echo $beginport . " - " . $endport;
266
				  ?>
267
                  </td>
268 b8a0de00 Bill Marquette
                  <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
269 2a9db752 Scott Dale
                    <?php echo $alias_dst_span_begin;?><?=$natent['target'];?><?php echo $span_end;?>
270 5b237745 Scott Ullrich
					<?php if ($natent['external-address'])
271
						echo "<br>(ext.: " . $natent['external-address'] . ")";
272 89cf7eba Scott Ullrich
					      else
273
						echo "<br>(ext.: " . find_interface_ip(convert_friendly_interface_to_real_interface_name($natent['interface'])) . ")";
274 5b237745 Scott Ullrich
					?>
275
                  </td>
276 b8a0de00 Bill Marquette
                  <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
277 5b237745 Scott Ullrich
                    <?php if ((!$endport) || ($beginport == $endport)) {
278 2a9db752 Scott Dale
				  			echo $alias_dst_port_span_begin;
279
                    		echo $natent['local-port'];
280 5b237745 Scott Ullrich
							if ($wkports[$natent['local-port']])
281
								echo " (" . $wkports[$natent['local-port']] . ")";
282 d04221dc Scott Ullrich
							else
283
								echo "&nbsp;";
284 2a9db752 Scott Dale
							echo $span_end;
285 5b237745 Scott Ullrich
						} else
286 340e6dca Scott Ullrich
							echo $natent['local-port'] . " - " .
287 5b237745 Scott Ullrich
								($natent['local-port']+$endport-$beginport);
288
				  ?>
289
                  </td>
290 8b1fab53 Scott Ullrich
                  <td class="listbg" onClick="fr_toggle(<?=$nnats;?>)" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';">
291 5b237745 Scott Ullrich
                    <?=htmlspecialchars($natent['descr']);?>&nbsp;
292
                  </td>
293 00bcbdd0 Bill Marquette
                  <td valign="middle" class="list" nowrap>
294
                    <table border="0" cellspacing="0" cellpadding="1">
295
                      <tr>
296 f057bae4 Bill Marquette
                        <td><a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit rule"></a></td>
297 00bcbdd0 Bill Marquette
                      </tr>
298
                      <tr>
299 677c0869 Erik Kristensen
                        <td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="move selected rules before this rule" height="17" type="image" width="17" border="0"></td>
300
                        <td><a href="firewall_nat_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new nat based on this one" width="17" height="17" border="0"></a></td>
301 00bcbdd0 Bill Marquette
                      </tr>
302
                    </table>
303
		</tr>
304
  	     <?php $i++; $nnats++; endforeach; ?>
305 340e6dca Scott Ullrich
                <tr>
306 00bcbdd0 Bill Marquette
                  <td class="list" colspan="8"></td>
307
                  <td class="list" valign="middle" nowrap>
308
                    <table border="0" cellspacing="0" cellpadding="1">
309
                      <tr>
310 677c0869 Erik Kristensen
                        <td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php endif; ?></td>
311
                        <td><a href="firewall_nat_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td>
312 00bcbdd0 Bill Marquette
                      </tr>
313
                      <tr>
314 a99e956f Erik Kristensen
                        <td><?php if ($nnats == 0): ?><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected mappings" onclick="return confirm('Do you really want to delete the selected mappings?')"><?php endif; ?></td>
315 00bcbdd0 Bill Marquette
                      </tr>
316 d415d821 Seth Mos
                    </table>
317
		  </td>
318 1b43f08f Scott Ullrich
		</tr>
319 5fbcc12a Scott Ullrich
		<tr><td>&nbsp;</td></tr>
320 68b0c7eb Chris Buechler
          <tr>
321
            <td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
322 1b43f08f Scott Ullrich
            <td colspan="3">pass</td>
323
			</tr>
324
		   <tr>
325
            <td width="14"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="11" height="11"></td>
326
            <td colspan="3">linked rule</td>
327 68b0c7eb Chris Buechler
          </tr>
328
    </table>
329 d732f186 Bill Marquette
	</div>
330
	</td>
331 5b237745 Scott Ullrich
  </tr>
332
</table>
333 3d335c4d Scott Ullrich
334
<?php
335
if ($pkg['tabs'] <> "") {
336
    echo "</td></tr></table>";
337
}
338
?>
339
340
</form>
341 5b237745 Scott Ullrich
<?php include("fend.inc"); ?>
342
</body>
343
</html>