/usr/local/www/firewall_nat_out.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat_out.php @ c1ef7cfb

1	19ae0929	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	858f313d	Renato Botelho	firewall_nat_out.php
5			Copyright (C) 2004 Scott Ullrich
6	6317d31d	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
7	858f313d	Renato Botelho	All rights reserved.
8
9			originally part of m0n0wall (http://m0n0.ch/wall)
10			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
11			All rights reserved.
12
13			Redistribution and use in source and binary forms, with or without
14			modification, are permitted provided that the following conditions are met:
15
16			1. Redistributions of source code must retain the above copyright notice,
17			this list of conditions and the following disclaimer.
18
19			2. Redistributions in binary form must reproduce the above copyright
20			notice, this list of conditions and the following disclaimer in the
21			documentation and/or other materials provided with the distribution.
22
23			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32			POSSIBILITY OF SUCH DAMAGE.
33	5b237745	Scott Ullrich	*/
34	7ac5a4cb	Scott Ullrich	/*
35			pfSense_MODULE: nat
36			*/
37	5b237745	Scott Ullrich
38	6b07c15a	Matthew Grooms	##\|+PRIV
39			##\|*IDENT=page-firewall-nat-outbound
40			##\|*NAME=Firewall: NAT: Outbound page
41			##\|*DESCR=Allow access to the 'Firewall: NAT: Outbound' page.
42			##\|MATCH=firewall_nat_out.php
43			##\|-PRIV
44
45	5b237745	Scott Ullrich	require("guiconfig.inc");
46	7a927e67	Scott Ullrich	require_once("functions.inc");
47			require_once("filter.inc");
48			require_once("shaper.inc");
49	5b237745	Scott Ullrich
50	6f61fea6	Renato Botelho	global $FilterIflist;
51	2154560d	Ermal	global $GatewaysList;
52	6f61fea6	Renato Botelho
53	eef01b14	Renato Botelho	if (!is_array($config['nat']['outbound']))
54			$config['nat']['outbound'] = array();
55	c44d3cf7	Ermal Lu?i
56	eef01b14	Renato Botelho	if (!is_array($config['nat']['outbound']['rule']))
57			$config['nat']['outbound']['rule'] = array();
58	19ae0929	Scott Ullrich
59	eef01b14	Renato Botelho	$a_out = &$config['nat']['outbound']['rule'];
60	5b237745	Scott Ullrich
61	bef388a7	Renato Botelho	if (!isset($config['nat']['outbound']['mode']))
62			$config['nat']['outbound']['mode'] = "automatic";
63
64			$mode = $config['nat']['outbound']['mode'];
65
66	82d0dfc4	Scott Ullrich	if ($_POST['apply']) {
67			$retval = 0;
68	920b3bb0	Scott Ullrich	$retval \|= filter_configure();
69
70	e8c2c890	Bill Marquette	if(stristr($retval, "error") <> true)
71			$savemsg = get_std_save_message($retval);
72			else
73			$savemsg = $retval;
74	19ae0929	Scott Ullrich
75	82d0dfc4	Scott Ullrich	if ($retval == 0) {
76	a368a026	Ermal Lu?i	clear_subsystem_dirty('natconf');
77			clear_subsystem_dirty('filter');
78	858f313d	Renato Botelho	}
79	5b237745	Scott Ullrich	}
80
81	82d0dfc4	Scott Ullrich	if (isset($_POST['save']) && $_POST['save'] == "Save") {
82	53bf5f1d	Seth Mos	/* mutually exclusive settings - if user wants advanced NAT, we don't generate automatic rules */
83	aef6978d	Renato Botelho	if ($_POST['mode'] == "advanced" && ($mode == "automatic" \|\| $mode == "hybrid")) {
84	eef01b14	Renato Botelho	/*
85			* user has enabled advanced outbound NAT and doesn't have rules
86			* lets automatically create entries
87			* for all of the interfaces to make life easier on the pip-o-chap
88			*/
89	6f61fea6	Renato Botelho	if(empty($FilterIflist))
90			filter_generate_optcfg_array();
91	2154560d	Ermal	if(empty($GatewaysList))
92			filter_generate_gateways();
93	6f61fea6	Renato Botelho	$tonathosts = filter_nat_rules_automatic_tonathosts(true);
94			$automatic_rules = filter_nat_rules_outbound_automatic("");
95
96			foreach ($tonathosts as $tonathost) {
97			foreach ($automatic_rules as $natent) {
98			$natent['source']['network'] = $tonathost['subnet'];
99			$natent['descr'] .= sprintf(gettext(' - %1$s to %2$s'),
100			$tonathost['descr'],
101			convert_real_interface_to_friendly_descr($natent['interface']));
102	eef01b14	Renato Botelho	$natent['created'] = make_config_revision_entry(null, gettext("Manual Outbound NAT Switch"));
103	aef6978d	Renato Botelho
104			/* Try to detect already auto created rules and avoid duplicate them */
105			$found = false;
106			foreach ($a_out as $rule) {
107			if ($rule['interface'] == $natent['interface'] &&
108			$rule['source']['network'] == $natent['source']['network'] &&
109			$rule['dstport'] == $natent['dstport'] &&
110			$rule['target'] == $natent['target'] &&
111			$rule['descr'] == $natent['descr']) {
112			$found = true;
113			break;
114			}
115			}
116
117			if ($found === false)
118			$a_out[] = $natent;
119	eef01b14	Renato Botelho	}
120	82d0dfc4	Scott Ullrich	}
121	eef01b14	Renato Botelho	$savemsg = gettext("Default rules for each interface have been created.");
122	2154560d	Ermal	unset($FilterIflist, $GatewaysList);
123	82d0dfc4	Scott Ullrich	}
124	eef01b14	Renato Botelho
125			$config['nat']['outbound']['mode'] = $_POST['mode'];
126
127	3a343d73	jim-p	if (write_config())
128			mark_subsystem_dirty('natconf');
129	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
130			exit;
131	fe693b89	Bill Marquette	}
132
133	dd65598e	Darren Embry	if ($_GET['act'] == "del") {
134			if ($a_out[$_GET['id']]) {
135			unset($a_out[$_GET['id']]);
136	3a343d73	jim-p	if (write_config())
137			mark_subsystem_dirty('natconf');
138	dd65598e	Darren Embry	header("Location: firewall_nat_out.php");
139			exit;
140			}
141			}
142
143	9c96aff5	Bill Marquette	if (isset($_POST['del_x'])) {
144	858f313d	Renato Botelho	/* delete selected rules */
145			if (is_array($_POST['rule']) && count($_POST['rule'])) {
146			foreach ($_POST['rule'] as $rulei) {
147			unset($a_out[$rulei]);
148			}
149	3a343d73	jim-p	if (write_config())
150			mark_subsystem_dirty('natconf');
151	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
152			exit;
153			}
154	9c96aff5	Bill Marquette
155	6ae8c4f2	PiBa-NL	} else if ($_GET['act'] == "toggle") {
156			if ($a_out[$_GET['id']]) {
157			if(isset($a_out[$_GET['id']]['disabled']))
158			unset($a_out[$_GET['id']]['disabled']);
159			else
160			$a_out[$_GET['id']]['disabled'] = true;
161			if (write_config("Firewall: NAT: Outbound, enable/disable NAT rule"))
162			mark_subsystem_dirty('natconf');
163			header("Location: firewall_nat_out.php");
164			exit;
165			}
166	9c96aff5	Bill Marquette	} else {
167	858f313d	Renato Botelho	/* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */
168			unset($movebtn);
169			foreach ($_POST as $pn => $pd) {
170			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
171			$movebtn = $matches[1];
172			break;
173			}
174			}
175			/* move selected rules before this rule */
176			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
177			$a_out_new = array();
178
179			/* copy all rules < $movebtn and not selected */
180			for ($i = 0; $i < $movebtn; $i++) {
181			if (!in_array($i, $_POST['rule']))
182			$a_out_new[] = $a_out[$i];
183			}
184	9c96aff5	Bill Marquette
185	858f313d	Renato Botelho	/* copy all selected rules */
186			for ($i = 0; $i < count($a_out); $i++) {
187			if ($i == $movebtn)
188			continue;
189			if (in_array($i, $_POST['rule']))
190			$a_out_new[] = $a_out[$i];
191			}
192	9c96aff5	Bill Marquette
193	858f313d	Renato Botelho	/* copy $movebtn rule */
194			if ($movebtn < count($a_out))
195			$a_out_new[] = $a_out[$movebtn];
196	9c96aff5	Bill Marquette
197	858f313d	Renato Botelho	/* copy all rules > $movebtn and not selected */
198			for ($i = $movebtn+1; $i < count($a_out); $i++) {
199			if (!in_array($i, $_POST['rule']))
200			$a_out_new[] = $a_out[$i];
201			}
202			if (count($a_out_new) > 0)
203	82d0dfc4	Scott Ullrich	$a_out = $a_out_new;
204
205	3a343d73	jim-p	if (write_config())
206			mark_subsystem_dirty('natconf');
207	858f313d	Renato Botelho	header("Location: firewall_nat_out.php");
208			exit;
209			}
210	5b237745	Scott Ullrich	}
211	9c96aff5	Bill Marquette
212	ff01cbff	Vinicius Coque	$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("Outbound"));
213	6eb17647	Scott Ullrich	include("head.inc");
214
215	24f600b0	Scott Ullrich	?>
216	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
217			<?php include("fbegin.inc"); ?>
218	fe693b89	Bill Marquette	<form action="firewall_nat_out.php" method="post" name="iform">
219	07130afe	ayvis	<script type="text/javascript" src="/javascript/row_toggle.js"></script>
220	a8726a3d	Scott Ullrich	<?php
221	858f313d	Renato Botelho	if ($savemsg)
222			print_info_box($savemsg);
223			if (is_subsystem_dirty('natconf'))
224	8cd558b6	ayvis	print_info_box_np(gettext("The NAT configuration has been changed.")."<br />".gettext("You must apply the changes in order for them to take effect."));
225	a8726a3d	Scott Ullrich	?>
226	8cd558b6	ayvis	<br />
227	a9be92f0	Renato Botelho	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="firewall nat outbound">
228	858f313d	Renato Botelho	<tr><td>
229			<?php
230			$tab_array = array();
231			$tab_array[] = array(gettext("Port Forward"), false, "firewall_nat.php");
232			$tab_array[] = array(gettext("1:1"), false, "firewall_nat_1to1.php");
233			$tab_array[] = array(gettext("Outbound"), true, "firewall_nat_out.php");
234			$tab_array[] = array(gettext("NPt"), false, "firewall_nat_npt.php");
235			display_top_tabs($tab_array);
236			?>
237			</td></tr>
238			<tr>
239			<td>
240			<div id="mainarea">
241			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area">
242			<tr>
243	eef01b14	Renato Botelho	<td rowspan="3" align="right" valign="middle"><b><?=gettext("Mode:"); ?></b></td>
244			<td>
245	bef388a7	Renato Botelho	<input name="mode" type="radio" id="automatic" value="automatic" <?php if ($mode == "automatic") echo "checked=\"checked\"";?> />
246	eef01b14	Renato Botelho	</td>
247	858f313d	Renato Botelho	<td>
248			<strong>
249	8cd558b6	ayvis	<?=gettext("Automatic outbound NAT rule generation"); ?><br />
250	eef01b14	Renato Botelho	<?=gettext("(IPsec passthrough included)");?>
251	858f313d	Renato Botelho	</strong>
252			</td>
253			<td>
254	bef388a7	Renato Botelho	<input name="mode" type="radio" id="hybrid" value="hybrid" <?php if ($mode == "hybrid") echo "checked=\"checked\"";?> />
255	eef01b14	Renato Botelho	</td>
256			<td>
257	858f313d	Renato Botelho	<strong>
258	8cd558b6	ayvis	<?=gettext("Hybrid Outbound NAT rule generation"); ?><br />
259	eef01b14	Renato Botelho	<?=gettext("(Automatic Outbound NAT + rules below)");?>
260	858f313d	Renato Botelho	</strong>
261			</td>
262	eef01b14	Renato Botelho	<td rowspan="3" valign="middle" align="left">
263	858f313d	Renato Botelho	<input name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
264			</td>
265			</tr>
266	5d2c6f3e	Scott Ullrich	<tr>
267	eef01b14	Renato Botelho	<td colspan="4">
268	5d2c6f3e	Scott Ullrich
269			</td>
270			</tr>
271			<tr>
272	eef01b14	Renato Botelho	<td>
273	bef388a7	Renato Botelho	<input name="mode" type="radio" id="advanced" value="advanced" <?php if ($mode == "advanced") echo "checked=\"checked\"";?> />
274	eef01b14	Renato Botelho	</td>
275			<td>
276			<strong>
277	8cd558b6	ayvis	<?=gettext("Manual Outbound NAT rule generation"); ?><br />
278	eef01b14	Renato Botelho	<?=gettext("(AON - Advanced Outbound NAT)");?>
279			</strong>
280			</td>
281			<td>
282	bef388a7	Renato Botelho	<input name="mode" type="radio" id="disabled" value="disabled" <?php if ($mode == "disabled") echo "checked=\"checked\"";?> />
283	eef01b14	Renato Botelho	</td>
284			<td>
285			<strong>
286	8cd558b6	ayvis	<?=gettext("Disable Outbound NAT rule generation"); ?><br />
287	eef01b14	Renato Botelho	<?=gettext("(No Outbound NAT rules)");?>
288			</strong>
289			</td>
290			</tr>
291			<tr>
292			<td colspan="6">
293	5d2c6f3e	Scott Ullrich
294			</td>
295			</tr>
296	858f313d	Renato Botelho	</table>
297			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="mappings">
298	2ca03544	Carlos Eduardo Ramos	<tr><td colspan="5"><b> <?=gettext("Mappings:"); ?></b></td></tr>
299	d5475741	Scott Ullrich	<tr><td> </td></tr>
300	858f313d	Renato Botelho	<tr id="frheader">
301			<td width="3%" class="list"> </td>
302			<td width="3%" class="list"> </td>
303			<td width="10%" class="listhdrr"><?=gettext("Interface");?></td>
304			<td width="15%" class="listhdrr"><?=gettext("Source");?></td>
305			<td width="10%" class="listhdrr"><?=gettext("Source Port");?></td>
306			<td width="15%" class="listhdrr"><?=gettext("Destination");?></td>
307			<td width="10%" class="listhdrr"><?=gettext("Destination Port");?></td>
308			<td width="15%" class="listhdrr"><?=gettext("NAT Address");?></td>
309			<td width="10%" class="listhdrr"><?=gettext("NAT Port");?></td>
310			<td width="10%" class="listhdrr"><?=gettext("Static Port");?></td>
311			<td width="25%" class="listhdr"><?=gettext("Description");?></td>
312			<td width="5%" class="list">
313			<table border="0" cellspacing="0" cellpadding="1" summary="add">
314			<tr>
315			<td width="17"></td>
316			<td>
317			<a href="firewall_nat_out_edit.php?after=-1">
318			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>" alt="add" />
319			</a>
320			</td>
321			</tr>
322			</table>
323			</td>
324			</tr>
325			<?php
326	a0e1f0f1	Renato Botelho	$i = 0;
327	858f313d	Renato Botelho	foreach ($a_out as $natent):
328	c83d04dc	Renato Botelho	$iconfn = "pass";
329			$textss = $textse = "";
330			if ($mode == "disabled" \|\| $mode == "automatic" \|\| isset($natent['disabled'])) {
331			$textss = "<span class=\"gray\">";
332			$textse = "</span>";
333			$iconfn .= "_d";
334			}
335	0e42cad8	Renato Botelho
336			//build Alias popup box
337			$alias_src_span_begin = "";
338			$alias_src_port_span_begin = "";
339			$alias_dst_span_begin = "";
340			$alias_dst_port_span_begin = "";
341
342			$alias_popup = rule_popup($natent['source']['network'],pprint_port($natent['sourceport']),$natent['destination']['address'],pprint_port($natent['dstport']));
343
344			$alias_src_span_begin = $alias_popup["src"];
345			$alias_src_port_span_begin = $alias_popup["srcport"];
346			$alias_dst_span_begin = $alias_popup["dst"];
347			$alias_dst_port_span_begin = $alias_popup["dstport"];
348
349			$alias_src_span_end = $alias_popup["src_end"];
350			$alias_src_port_span_end = $alias_popup["srcport_end"];
351			$alias_dst_span_end = $alias_popup["dst_end"];
352			$alias_dst_port_span_end = $alias_popup["dstport_end"];
353	858f313d	Renato Botelho	?>
354	a0e1f0f1	Renato Botelho	<tr valign="top" id="fr<?=$i;?>">
355	858f313d	Renato Botelho	<td class="listt">
356	a0e1f0f1	Renato Botelho	<input type="checkbox" id="frc<?=$i;?>" name="rule[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$i;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
357	858f313d	Renato Botelho	</td>
358			<td class="listt" align="center">
359			<?php
360	c83d04dc	Renato Botelho	if ($mode == "disabled" \|\| $mode == "automatic"):
361	bef388a7	Renato Botelho	?>
362	c83d04dc	Renato Botelho	<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0"
363			title="<?=gettext("This rule is being ignored");?>" alt="icon" />
364	bef388a7	Renato Botelho	<?php
365	c83d04dc	Renato Botelho	else:
366	bef388a7	Renato Botelho	?>
367	c83d04dc	Renato Botelho	<a href="?act=toggle&id=<?=$i;?>">
368			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0"
369			title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" />
370			</a>
371	bef388a7	Renato Botelho	<?php
372			endif;
373	858f313d	Renato Botelho	?>
374			</td>
375	a0e1f0f1	Renato Botelho	<td class="listlr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
376	c83d04dc	Renato Botelho	<?php echo $textss . htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . $textse; ?>
377	858f313d	Renato Botelho
378			</td>
379	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
380	67eec085	jim-p	<?PHP $natent['source']['network'] = ($natent['source']['network'] == "(self)") ? "This Firewall" : $natent['source']['network']; ?>
381	0e42cad8	Renato Botelho	<?php echo $textss . $alias_src_span_begin . $natent['source']['network'] . $alias_src_span_end . $textse;?>
382	858f313d	Renato Botelho	</td>
383	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
384	858f313d	Renato Botelho	<?php
385	c83d04dc	Renato Botelho	echo $textss;
386	858f313d	Renato Botelho	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
387			if (!$natent['sourceport'])
388			echo "*";
389			else
390	0e42cad8	Renato Botelho	echo $alias_src_port_span_begin . $natent['sourceport'] . $alias_src_port_span_end;
391	c83d04dc	Renato Botelho	echo $textse;
392	858f313d	Renato Botelho	?>
393			</td>
394	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
395	858f313d	Renato Botelho	<?php
396	c83d04dc	Renato Botelho	echo $textss;
397	858f313d	Renato Botelho	if (isset($natent['destination']['any']))
398			echo "*";
399			else {
400			if (isset($natent['destination']['not']))
401			echo "! ";
402	0e42cad8	Renato Botelho	echo $alias_dst_span_begin . $natent['destination']['address'] . $alias_dst_span_end;
403	858f313d	Renato Botelho	}
404	c83d04dc	Renato Botelho	echo $textse;
405	858f313d	Renato Botelho	?>
406			</td>
407	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
408	858f313d	Renato Botelho	<?php
409	c83d04dc	Renato Botelho	echo $textss;
410	858f313d	Renato Botelho	echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
411			if (!$natent['dstport'])
412			echo "*";
413			else
414	0e42cad8	Renato Botelho	echo $alias_dst_port_span_begin . $natent['dstport'] . $alias_dst_port_span_end;
415	c83d04dc	Renato Botelho	echo $textse;
416	858f313d	Renato Botelho	?>
417			</td>
418	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
419	858f313d	Renato Botelho	<?php
420	c83d04dc	Renato Botelho	echo $textss;
421	858f313d	Renato Botelho	if (isset($natent['nonat']))
422			echo '<I>NO NAT</I>';
423			elseif (!$natent['target'])
424			echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . " address";
425			elseif ($natent['target'] == "other-subnet")
426			echo $natent['targetip'] . '/' . $natent['targetip_subnet'];
427			else
428			echo $natent['target'];
429	c83d04dc	Renato Botelho	echo $textse;
430	858f313d	Renato Botelho	?>
431			</td>
432	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
433	858f313d	Renato Botelho	<?php
434	c83d04dc	Renato Botelho	echo $textss;
435	858f313d	Renato Botelho	if (!$natent['natport'])
436			echo "*";
437			else
438			echo $natent['natport'];
439	c83d04dc	Renato Botelho	echo $textse;
440	858f313d	Renato Botelho	?>
441			</td>
442	a0e1f0f1	Renato Botelho	<td class="listr" onclick="fr_toggle(<?=$i;?>)" id="frd<?=$i;?>" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';" align="center">
443	858f313d	Renato Botelho	<?php
444	c83d04dc	Renato Botelho	echo $textss;
445	858f313d	Renato Botelho	if(isset($natent['staticnatport']))
446			echo gettext("YES");
447			else
448			echo gettext("NO");
449	c83d04dc	Renato Botelho	echo $textse;
450	858f313d	Renato Botelho	?>
451			</td>
452	a0e1f0f1	Renato Botelho	<td class="listbg" onclick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';">
453	858f313d	Renato Botelho	<?=htmlspecialchars($natent['descr']);?>
454			</td>
455			<td class="list nowrap" valign="middle">
456			<table border="0" cellspacing="0" cellpadding="1" summary="move">
457			<tr>
458	a0e1f0f1	Renato Botelho	<td><input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" title="<?=gettext("move selected rules before this rule");?>" type="image" style="height:17;width:17;border:0" /></td>
459	858f313d	Renato Botelho	<td>
460			<a href="firewall_nat_out_edit.php?id=<?=$i;?>">
461			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit mapping");?>" alt="edit" />
462			</a>
463			</td>
464			</tr>
465			<tr>
466			<td align="center" valign="middle">
467			<a href="firewall_nat_out.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this rule?");?>')">
468			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule");?>" alt="delete" />
469			</a>
470			</td>
471			<td>
472			<a href="firewall_nat_out_edit.php?dup=<?=$i;?>">
473			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new NAT based on this one");?>" width="17" height="17" border="0" alt="duplicate" />
474			</a>
475			</td>
476			</tr>
477			</table>
478			</td>
479			</tr>
480			<?php
481			$i++;
482			endforeach;
483	a2f0b7c1	Renato Botelho	?>
484	232d404d	Renato Botelho	<tr valign="top" id="fr<?=$i;?>">
485	a2f0b7c1	Renato Botelho	<td class="list" colspan="11"></td>
486			<td class="list nowrap" valign="middle">
487			<table border="0" cellspacing="0" cellpadding="1" summary="edit">
488			<tr>
489			<td>
490			<?php
491	a0e1f0f1	Renato Botelho	if ($i == 0):
492	a2f0b7c1	Renato Botelho	?>
493			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected mappings to end");?>" border="0" alt="move" />
494			<?php
495			else:
496			?>
497	232d404d	Renato Botelho	<input onmouseover="fr_insline(<?=$i;?>, true)" onmouseout="fr_insline(<?=$i;?>, false)" name="move_<?=$i;?>" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17;border:0" title="<?=gettext("move selected mappings to end");?>" />
498	a2f0b7c1	Renato Botelho	<?php
499			endif;
500			?>
501			</td>
502			<td>
503			<a href="firewall_nat_out_edit.php">
504			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add new mapping");?>" alt="add" />
505			</a>
506			</td>
507			</tr>
508			<tr>
509			<td>
510			<?php
511	a0e1f0f1	Renato Botelho	if ($i == 0):
512	a2f0b7c1	Renato Botelho	?>
513			<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0" alt="delete" />
514			<?php
515			else:
516			?>
517			<input name="del" type="image" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected mappings");?>" onclick="return confirm('<?=gettext("Do you really want to delete the selected mappings?");?>')" />
518			<?php
519			endif;
520			?>
521			</td>
522			</tr>
523			</table>
524			</td>
525			</tr>
526			<?php
527	bef388a7	Renato Botelho	if ($mode == "automatic" \|\| $mode == "hybrid"):
528			if(empty($FilterIflist))
529			filter_generate_optcfg_array();
530	32751b9f	Phil Davis	if(empty($GatewaysList))
531			filter_generate_gateways();
532	bef388a7	Renato Botelho	$automatic_rules = filter_nat_rules_outbound_automatic(implode(" ", filter_nat_rules_automatic_tonathosts()));
533	2154560d	Ermal	unset($FilterIflist, $GatewaysList);
534	a2f0b7c1	Renato Botelho	?>
535			<tr><td colspan="5"><b> <?=gettext("Automatic rules:"); ?></b></td></tr>
536			<tr><td> </td></tr>
537			<tr id="frheader">
538			<td width="3%" class="list"> </td>
539			<td width="3%" class="list"> </td>
540			<td width="10%" class="listhdrr"><?=gettext("Interface");?></td>
541			<td width="15%" class="listhdrr"><?=gettext("Source");?></td>
542			<td width="10%" class="listhdrr"><?=gettext("Source Port");?></td>
543			<td width="15%" class="listhdrr"><?=gettext("Destination");?></td>
544			<td width="10%" class="listhdrr"><?=gettext("Destination Port");?></td>
545			<td width="15%" class="listhdrr"><?=gettext("NAT Address");?></td>
546			<td width="10%" class="listhdrr"><?=gettext("NAT Port");?></td>
547			<td width="10%" class="listhdrr"><?=gettext("Static Port");?></td>
548			<td width="25%" class="listhdr"><?=gettext("Description");?></td>
549			<td width="5%" class="list"> </td>
550			</tr>
551			<?php
552	bef388a7	Renato Botelho	foreach ($automatic_rules as $natent):
553			?>
554	a0e1f0f1	Renato Botelho	<tr valign="top">
555	bef388a7	Renato Botelho	<td class="list"> </td>
556			<td class="listt" align="center">
557			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" border="0" title="<?=gettext("automatic outbound nat");?>" alt="icon" />
558			</td>
559			<td class="listlr" style="background-color: #E0E0E0">
560			<?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])); ?>
561
562			</td>
563			<td class="listr" style="background-color: #E0E0E0">
564			<?=$natent['source']['network'];?>
565			</td>
566			<td class="listr" style="background-color: #E0E0E0">
567			<?php
568			echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
569			if (!$natent['sourceport'])
570			echo "*";
571			else
572			echo $natent['sourceport'];
573			?>
574			</td>
575			<td class="listr" style="background-color: #E0E0E0">
576			<?php
577			if (isset($natent['destination']['any']))
578			echo "*";
579			else {
580			if (isset($natent['destination']['not']))
581			echo "! ";
582			echo $natent['destination']['address'];
583			}
584			?>
585			</td>
586			<td class="listr" style="background-color: #E0E0E0">
587			<?php
588			echo ($natent['protocol']) ? $natent['protocol'] . '/' : "" ;
589			if (!$natent['dstport'])
590			echo "*";
591			else
592			echo $natent['dstport'];
593			?>
594			</td>
595			<td class="listr" style="background-color: #E0E0E0">
596			<?php
597			if (isset($natent['nonat']))
598			echo '<I>NO NAT</I>';
599			elseif (!$natent['target'])
600			echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . " address";
601			elseif ($natent['target'] == "other-subnet")
602			echo $natent['targetip'] . '/' . $natent['targetip_subnet'];
603			else
604			echo $natent['target'];
605			?>
606			</td>
607			<td class="listr" style="background-color: #E0E0E0">
608			<?php
609			if (!$natent['natport'])
610			echo "*";
611			else
612			echo $natent['natport'];
613			?>
614			</td>
615			<td class="listr" style="background-color: #E0E0E0">
616			<?php
617			if(isset($natent['staticnatport']))
618			echo gettext("YES");
619			else
620			echo gettext("NO");
621			?>
622			</td>
623			<td class="listbg">
624			<?=htmlspecialchars($natent['descr']);?>
625			</td>
626			<td class="list"> </td>
627			</tr>
628			<?php
629			endforeach;
630			endif;
631	858f313d	Renato Botelho	?>
632			<tr>
633			<td colspan="12">
634			<p><span class="vexpl">
635	8cd558b6	ayvis	<span class="red"><strong><?=gettext("Note:"); ?><br /></strong></span>
636	858211dd	Renato Botelho	<?=gettext("If automatic outbound NAT selected, a mapping is automatically created " .
637	858f313d	Renato Botelho	"for each interface's subnet (except WAN-type connections) and the rules " .
638	8cd558b6	ayvis	"on \"Mappings\" section of this page are ignored.<br /><br /> " .
639	858211dd	Renato Botelho	"If manual outbound NAT is selected, outbound NAT rules will not be " .
640	858f313d	Renato Botelho	"automatically generated and only the mappings you specify on this page " .
641	8cd558b6	ayvis	"will be used. <br /><br /> " .
642	858211dd	Renato Botelho	"If hybrid outbound NAT is selected, mappings you specify on this page will " .
643	8cd558b6	ayvis	"be used, followed by the automatically generated ones. <br /><br />" .
644			"If disable outbound NAT is selected, no rules will be used. <br /><br />" .
645	b95399a7	Chris Buechler	"If a target address other than an interface's IP address is used, " .
646	858f313d	Renato Botelho	"then depending on the way the WAN connection is setup, a "); ?>
647			<a href="firewall_virtual_ip.php"><?=gettext("Virtual IP"); ?></a>
648			<?= gettext(" may also be required.") ?>
649			</span></p>
650			</td>
651			</tr>
652			</table>
653			</div>
654			</td>
655			</tr>
656	5b237745	Scott Ullrich	</table>
657	858f313d	Renato Botelho	</form>
658	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
659			</body>
660			</html>

Project

General

Profile

pfSense