/usr/local/www/firewall_nat_edit.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_nat_edit.php @ c938d1e8

1	9ae40f2b	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4			firewall_nat_edit.php
5			part of m0n0wall (http://m0n0.ch/wall)
6	9ae40f2b	Scott Ullrich
7	5b237745	Scott Ullrich	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8			All rights reserved.
9	9ae40f2b	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	9ae40f2b	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	9ae40f2b	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	9ae40f2b	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-firewall-nat-portforward-edit
34			##\|*NAME=Firewall: NAT: Port Forward: Edit page
35			##\|*DESCR=Allow access to the 'Firewall: NAT: Port Forward: Edit' page.
36			##\|MATCH=firewall_nat_edit.php
37			##\|-PRIV
38
39
40	5b237745	Scott Ullrich	require("guiconfig.inc");
41
42			if (!is_array($config['nat']['rule'])) {
43			$config['nat']['rule'] = array();
44			}
45			$a_nat = &$config['nat']['rule'];
46
47			$id = $_GET['id'];
48			if (isset($_POST['id']))
49			$id = $_POST['id'];
50
51	4a991889	Bill Marquette	if (isset($_GET['dup'])) {
52			$id = $_GET['dup'];
53			$after = $_GET['dup'];
54			}
55
56	5b237745	Scott Ullrich	if (isset($id) && $a_nat[$id]) {
57			$pconfig['extaddr'] = $a_nat[$id]['external-address'];
58			$pconfig['proto'] = $a_nat[$id]['protocol'];
59			list($pconfig['beginport'],$pconfig['endport']) = explode("-", $a_nat[$id]['external-port']);
60			$pconfig['localip'] = $a_nat[$id]['target'];
61			$pconfig['localbeginport'] = $a_nat[$id]['local-port'];
62			$pconfig['descr'] = $a_nat[$id]['descr'];
63			$pconfig['interface'] = $a_nat[$id]['interface'];
64	ea0805c1	Scott Ullrich	$pconfig['nosync'] = isset($a_nat[$id]['nosync']);
65	5b237745	Scott Ullrich	if (!$pconfig['interface'])
66			$pconfig['interface'] = "wan";
67			} else {
68			$pconfig['interface'] = "wan";
69			}
70
71	a6713b32	Bill Marquette	if (isset($_GET['dup']))
72			unset($id);
73
74	ef2a753c	Scott Ullrich	/* run through $_POST items encoding HTML entties so that the user
75			* cannot think he is slick and perform a XSS attack on the unwilling
76			*/
77	21eff66f	Scott Ullrich	foreach ($_POST as $key => $value) {
78			$temp = $value;
79			$newpost = htmlentities($temp);
80			if($newpost <> $temp)
81	f320386c	Scott Ullrich	$input_errors[] = "Invalid characters detected ($temp). Please remove invalid characters and save again.";
82	ef2a753c	Scott Ullrich	}
83
84	5b237745	Scott Ullrich	if ($_POST) {
85
86			if ($_POST['beginport_cust'] && !$_POST['beginport'])
87			$_POST['beginport'] = $_POST['beginport_cust'];
88			if ($_POST['endport_cust'] && !$_POST['endport'])
89			$_POST['endport'] = $_POST['endport_cust'];
90			if ($_POST['localbeginport_cust'] && !$_POST['localbeginport'])
91			$_POST['localbeginport'] = $_POST['localbeginport_cust'];
92	9ae40f2b	Scott Ullrich
93	5b237745	Scott Ullrich	if (!$_POST['endport'])
94			$_POST['endport'] = $_POST['beginport'];
95	aa3400b8	Scott Ullrich	/* Make beginning port end port if not defined and endport is */
96			if (!$_POST['beginport'] && $_POST['endport'])
97			$_POST['beginport'] = $_POST['endport'];
98	9ae40f2b	Scott Ullrich
99	5b237745	Scott Ullrich	unset($input_errors);
100			$pconfig = $_POST;
101
102			/* input validation */
103	aa3400b8	Scott Ullrich	if(strtoupper($_POST['proto']) == "TCP" or strtoupper($_POST['proto']) == "UDP" or strtoupper($_POST['proto']) == "TCP/UDP") {
104	92442757	Scott Ullrich	$reqdfields = explode(" ", "interface proto beginport endport localip localbeginport");
105	221c77a6	Scott Ullrich	$reqdfieldsn = explode(",", "Interface,Protocol,External port from,External port to,NAT IP,Local port");
106	b66f7667	Scott Ullrich	} else {
107			$reqdfields = explode(" ", "interface proto localip");
108	ea0805c1	Scott Ullrich	$reqdfieldsn = explode(",", "Interface,Protocol,NAT IP");
109	b66f7667	Scott Ullrich	}
110	9ae40f2b	Scott Ullrich
111	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
112	9ae40f2b	Scott Ullrich
113	5b237745	Scott Ullrich	if (($_POST['localip'] && !is_ipaddroralias($_POST['localip']))) {
114	5eb817bc	Bill Marquette	$input_errors[] = "\"{$_POST['localip']}\" is not valid NAT IP address or host alias.";
115	5b237745	Scott Ullrich	}
116	9ae40f2b	Scott Ullrich
117	b66f7667	Scott Ullrich	/* only validate the ports if the protocol is TCP, UDP or TCP/UDP */
118	aa3400b8	Scott Ullrich	if(strtoupper($_POST['proto']) == "TCP" or strtoupper($_POST['proto']) == "UDP" or strtoupper($_POST['proto']) == "TCP/UDP") {
119	9ae40f2b	Scott Ullrich
120	b66f7667	Scott Ullrich	if (($_POST['beginport'] && !is_ipaddroralias($_POST['beginport']) && !is_port($_POST['beginport']))) {
121			$input_errors[] = "The start port must be an integer between 1 and 65535.";
122			}
123
124			if (($_POST['endport'] && !is_ipaddroralias($_POST['endport']) && !is_port($_POST['endport']))) {
125			$input_errors[] = "The end port must be an integer between 1 and 65535.";
126			}
127
128			if (($_POST['localbeginport'] && !is_ipaddroralias($_POST['localbeginport']) && !is_port($_POST['localbeginport']))) {
129			$input_errors[] = "The local port must be an integer between 1 and 65535.";
130			}
131
132			if ($_POST['beginport'] > $_POST['endport']) {
133			/* swap */
134			$tmp = $_POST['endport'];
135			$_POST['endport'] = $_POST['beginport'];
136			$_POST['beginport'] = $tmp;
137			}
138
139			if (!$input_errors) {
140			if (($_POST['endport'] - $_POST['beginport'] + $_POST['localbeginport']) > 65535)
141			$input_errors[] = "The target port range must be an integer between 1 and 65535.";
142			}
143	ea0805c1	Scott Ullrich
144	5b237745	Scott Ullrich	}
145	9ae40f2b	Scott Ullrich
146	5b237745	Scott Ullrich	/* check for overlaps */
147			foreach ($a_nat as $natent) {
148			if (isset($id) && ($a_nat[$id]) && ($a_nat[$id] === $natent))
149			continue;
150			if ($natent['interface'] != $_POST['interface'])
151			continue;
152			if ($natent['external-address'] != $_POST['extaddr'])
153			continue;
154	0cea6311	Scott Ullrich	if (($natent['proto'] != $_POST['proto']) && ($natent['proto'] != "tcp/udp") && ($_POST['proto'] != "tcp/udp"))
155			continue;
156	ea0805c1	Scott Ullrich
157	5b237745	Scott Ullrich	list($begp,$endp) = explode("-", $natent['external-port']);
158			if (!$endp)
159			$endp = $begp;
160	ea0805c1	Scott Ullrich
161	5b237745	Scott Ullrich	if (!( (($_POST['beginport'] < $begp) && ($_POST['endport'] < $begp))
162			\|\| (($_POST['beginport'] > $endp) && ($_POST['endport'] > $endp)))) {
163	ea0805c1	Scott Ullrich
164	5b237745	Scott Ullrich	$input_errors[] = "The external port range overlaps with an existing entry.";
165			break;
166			}
167			}
168
169			if (!$input_errors) {
170			$natent = array();
171			if ($_POST['extaddr'])
172			$natent['external-address'] = $_POST['extaddr'];
173			$natent['protocol'] = $_POST['proto'];
174	9ae40f2b	Scott Ullrich
175	5b237745	Scott Ullrich	if ($_POST['beginport'] == $_POST['endport'])
176			$natent['external-port'] = $_POST['beginport'];
177			else
178			$natent['external-port'] = $_POST['beginport'] . "-" . $_POST['endport'];
179	9ae40f2b	Scott Ullrich
180	5b237745	Scott Ullrich	$natent['target'] = $_POST['localip'];
181			$natent['local-port'] = $_POST['localbeginport'];
182			$natent['interface'] = $_POST['interface'];
183			$natent['descr'] = $_POST['descr'];
184	9ae40f2b	Scott Ullrich
185	d00055f8	Scott Ullrich	if($_POST['nosync'] == "yes")
186			$natent['nosync'] = true;
187			else
188			unset($natent['nosync']);
189
190	5b237745	Scott Ullrich	if (isset($id) && $a_nat[$id])
191			$a_nat[$id] = $natent;
192	4a991889	Bill Marquette	else {
193			if (is_numeric($after))
194			array_splice($a_nat, $after+1, 0, array($natent));
195			else
196			$a_nat[] = $natent;
197			}
198	9ae40f2b	Scott Ullrich
199	a368a026	Ermal Lu?i	mark_subsystem_dirty('natconf');
200	9ae40f2b	Scott Ullrich
201	5b237745	Scott Ullrich	if ($_POST['autoadd']) {
202			/* auto-generate a matching firewall rule */
203	9ae40f2b	Scott Ullrich	$filterent = array();
204	5b237745	Scott Ullrich	$filterent['interface'] = $_POST['interface'];
205			$filterent['protocol'] = $_POST['proto'];
206			$filterent['source']['any'] = "";
207			$filterent['destination']['address'] = $_POST['localip'];
208	9ae40f2b	Scott Ullrich
209	5b237745	Scott Ullrich	$dstpfrom = $_POST['localbeginport'];
210			$dstpto = $dstpfrom + $_POST['endport'] - $_POST['beginport'];
211	9ae40f2b	Scott Ullrich
212	5b237745	Scott Ullrich	if ($dstpfrom == $dstpto)
213			$filterent['destination']['port'] = $dstpfrom;
214			else
215			$filterent['destination']['port'] = $dstpfrom . "-" . $dstpto;
216	9ae40f2b	Scott Ullrich
217	5b237745	Scott Ullrich	$filterent['descr'] = "NAT " . $_POST['descr'];
218	06246e5b	Seth Mos	/*
219			* Our firewall filter description may be no longer than
220			* 63 characters, so don't let it be.
221			*/
222	33b755d1	Chris Buechler	$filterent['descr'] = substr("NAT " . $_POST['descr'], 0, 59);
223	9ae40f2b	Scott Ullrich
224	5b237745	Scott Ullrich	$config['filter']['rule'][] = $filterent;
225	9ae40f2b	Scott Ullrich
226	a368a026	Ermal Lu?i	mark_subsystem_dirty('filter');
227	5b237745	Scott Ullrich	}
228	9ae40f2b	Scott Ullrich
229	5b237745	Scott Ullrich	write_config();
230	9ae40f2b	Scott Ullrich
231	5b237745	Scott Ullrich	header("Location: firewall_nat.php");
232			exit;
233			}
234			}
235	da7ae7ef	Bill Marquette
236	d88c6a9f	Scott Ullrich	$pgtitle = array("Firewall","NAT","Port Forward: Edit");
237	da7ae7ef	Bill Marquette	include("head.inc");
238
239	5b237745	Scott Ullrich	?>
240	da7ae7ef	Bill Marquette
241	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
242	4ce8ac00	Erik Kristensen	<?php
243			include("fbegin.inc"); ?>
244	5b237745	Scott Ullrich	<?php if ($input_errors) print_input_errors($input_errors); ?>
245			<form action="firewall_nat_edit.php" method="post" name="iform" id="iform">
246			<table width="100%" border="0" cellpadding="6" cellspacing="0">
247	2a6cb2d6	Scott Ullrich	<tr>
248			<td colspan="2" valign="top" class="listtopic">Edit NAT entry</td>
249			</tr>
250			<tr>
251	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">Interface</td>
252			<td width="78%" class="vtable">
253	b5c78501	Seth Mos	<select name="interface" class="formselect">
254	5b237745	Scott Ullrich	<?php
255	40b56dc1	Scott Ullrich
256	cbe3ea96	Ermal Luçi	$iflist = get_configured_interface_with_descr(false, true);
257			foreach ($iflist as $if => $ifdesc)
258			if(have_ruleint_access($if))
259			$interfaces[$if] = $ifdesc;
260	40b56dc1	Scott Ullrich
261			if ($config['pptpd']['mode'] == "server")
262			if(have_ruleint_access("pptp"))
263			$interfaces['pptp'] = "PPTP VPN";
264
265			if ($config['pppoe']['mode'] == "server")
266			if(have_ruleint_access("pppoe"))
267			$interfaces['pppoe'] = "PPPoE VPN";
268
269			/* add ipsec interfaces */
270			if (isset($config['ipsec']['enable']) \|\| isset($config['ipsec']['mobileclients']['enable']))
271			if(have_ruleint_access("enc0"))
272	0f266b2e	Chris Buechler	$interfaces["enc0"] = "IPsec";
273	40b56dc1	Scott Ullrich
274	5b237745	Scott Ullrich	foreach ($interfaces as $iface => $ifacename): ?>
275			<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>>
276			<?=htmlspecialchars($ifacename);?>
277			</option>
278			<?php endforeach; ?>
279			</select><br>
280			<span class="vexpl">Choose which interface this rule applies to.<br>
281			Hint: in most cases, you'll want to use WAN here.</span></td>
282			</tr>
283	9ae40f2b	Scott Ullrich	<tr>
284	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">External address</td>
285	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
286	b5c78501	Seth Mos	<select name="extaddr" class="formselect">
287	4ce8ac00	Erik Kristensen	<option value="" <?php if (!$pconfig['extaddr']) echo "selected"; ?>>Interface address</option>
288			<?php if (is_array($config['virtualip']['vip'])):
289			foreach ($config['virtualip']['vip'] as $sn): ?>
290			<option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['extaddr']) echo "selected"; ?>><?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?></option>
291			<?php endforeach;
292			endif; ?>
293			<option value="any" <?php if($pconfig['extaddr'] == "any") echo "selected"; ?>>any</option>
294			</select>
295			<br />
296	5b237745	Scott Ullrich	<span class="vexpl">
297			If you want this rule to apply to another IP address than the IP address of the interface chosen above,
298	1425e067	Bill Marquette	select it here (you need to define <a href="firewall_virtual_ip.php">Virtual IP</a> addresses on the first). Also note that if you are trying to redirect connections on the LAN select the "any" option.</span></td>
299	5b237745	Scott Ullrich	</tr>
300	9ae40f2b	Scott Ullrich	<tr>
301	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">Protocol</td>
302	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
303	b5c78501	Seth Mos	<select name="proto" class="formselect" onChange="proto_change(); check_for_aliases();">
304	e598eab5	Scott Ullrich	<?php $protocols = explode(" ", "TCP UDP TCP/UDP GRE ESP"); foreach ($protocols as $proto): ?>
305	5b237745	Scott Ullrich	<option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['proto']) echo "selected"; ?>><?=htmlspecialchars($proto);?></option>
306			<?php endforeach; ?>
307	9ae40f2b	Scott Ullrich	</select> <br> <span class="vexpl">Choose which IP protocol
308	5b237745	Scott Ullrich	this rule should match.<br>
309			Hint: in most cases, you should specify <em>TCP</em>  here.</span></td>
310			</tr>
311	9ae40f2b	Scott Ullrich	<tr>
312			<td width="22%" valign="top" class="vncellreq">External port
313	5b237745	Scott Ullrich	range </td>
314	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
315	5b237745	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="0">
316	9ae40f2b	Scott Ullrich	<tr>
317	5b237745	Scott Ullrich	<td>from:  </td>
318	b5c78501	Seth Mos	<td><select name="beginport" class="formselect" onChange="ext_rep_change(); ext_change(); check_for_aliases();">
319	5b237745	Scott Ullrich	<option value="">(other)</option>
320			<?php $bfound = 0; foreach ($wkports as $wkport => $wkportdesc): ?>
321			<option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['beginport']) {
322	0e6998d1	Scott Ullrich	echo "selected";
323			$bfound = 1;
324			}?>>
325	5b237745	Scott Ullrich	<?=htmlspecialchars($wkportdesc);?>
326			</option>
327			<?php endforeach; ?>
328	e2705d67	Scott Ullrich	</select> <input onChange="check_for_aliases();" autocomplete='off' class="formfldalias" name="beginport_cust" id="beginport_cust" type="text" size="5" value="<?php if (!$bfound) echo $pconfig['beginport']; ?>"></td>
329	5b237745	Scott Ullrich	</tr>
330	9ae40f2b	Scott Ullrich	<tr>
331	5b237745	Scott Ullrich	<td>to:</td>
332	b5c78501	Seth Mos	<td><select name="endport" class="formselect" onChange="ext_change(); check_for_aliases();">
333	5b237745	Scott Ullrich	<option value="">(other)</option>
334			<?php $bfound = 0; foreach ($wkports as $wkport => $wkportdesc): ?>
335			<option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['endport']) {
336	0e6998d1	Scott Ullrich	echo "selected";
337			$bfound = 1;
338			}?>>
339	5b237745	Scott Ullrich	<?=htmlspecialchars($wkportdesc);?>
340			</option>
341			<?php endforeach; ?>
342	e2705d67	Scott Ullrich	</select> <input onChange="check_for_aliases();" class="formfldalias" autocomplete='off' name="endport_cust" id="endport_cust" type="text" size="5" value="<?php if (!$bfound) echo $pconfig['endport']; ?>"></td>
343	5b237745	Scott Ullrich	</tr>
344			</table>
345	9ae40f2b	Scott Ullrich	<br> <span class="vexpl">Specify the port or port range on
346	5b237745	Scott Ullrich	the firewall's external address for this mapping.<br>
347	9ae40f2b	Scott Ullrich	Hint: you can leave the <em>'to'</em> field empty if you only
348	5b237745	Scott Ullrich	want to map a single port</span></td>
349			</tr>
350	9ae40f2b	Scott Ullrich	<tr>
351	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">NAT IP</td>
352	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
353	4ce8ac00	Erik Kristensen	<input autocomplete='off' name="localip" type="text" class="formfldalias" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>">
354	9ae40f2b	Scott Ullrich	<br> <span class="vexpl">Enter the internal IP address of
355	5b237745	Scott Ullrich	the server on which you want to map the ports.<br>
356			e.g. <em>192.168.1.12</em></span></td>
357			</tr>
358	9ae40f2b	Scott Ullrich	<tr>
359	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncellreq">Local port</td>
360	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
361	b5c78501	Seth Mos	<select name="localbeginport" class="formselect" onChange="ext_change();check_for_aliases();">
362	5b237745	Scott Ullrich	<option value="">(other)</option>
363			<?php $bfound = 0; foreach ($wkports as $wkport => $wkportdesc): ?>
364			<option value="<?=$wkport;?>" <?php if ($wkport == $pconfig['localbeginport']) {
365	0e6998d1	Scott Ullrich	echo "selected";
366			$bfound = 1;
367			}?>>
368	5b237745	Scott Ullrich	<?=htmlspecialchars($wkportdesc);?>
369			</option>
370			<?php endforeach; ?>
371	e2705d67	Scott Ullrich	</select> <input onChange="check_for_aliases();" autocomplete='off' class="formfldalias" name="localbeginport_cust" id="localbeginport_cust" type="text" size="5" value="<?php if (!$bfound) echo $pconfig['localbeginport']; ?>">
372	5b237745	Scott Ullrich	<br>
373	9ae40f2b	Scott Ullrich	<span class="vexpl">Specify the port on the machine with the
374			IP address entered above. In case of a port range, specify
375			the beginning port of the range (the end port will be calculated
376	5b237745	Scott Ullrich	automatically).<br>
377			Hint: this is usually identical to the 'from' port above</span></td>
378			</tr>
379	9ae40f2b	Scott Ullrich	<tr>
380	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vncell">Description</td>
381	9ae40f2b	Scott Ullrich	<td width="78%" class="vtable">
382	b5c78501	Seth Mos	<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>">
383	9ae40f2b	Scott Ullrich	<br> <span class="vexpl">You may enter a description here
384	5b237745	Scott Ullrich	for your reference (not parsed).</span></td>
385	53ea15e0	Scott Ullrich	</tr>
386	d00055f8	Scott Ullrich	<tr>
387			<td width="22%" valign="top" class="vncell">No XMLRPC Sync</td>
388			<td width="78%" class="vtable">
389	3fafce5a	Scott Ullrich	<input type="checkbox" value="yes" name="nosync"<?php if($pconfig['nosync']) echo " CHECKED"; ?>><br>
390	df593437	Scott Ullrich	HINT: This prevents the rule from automatically syncing to other CARP members.
391	d00055f8	Scott Ullrich	</td>
392	ea0805c1	Scott Ullrich	</tr>
393	53ea15e0	Scott Ullrich	<?php if ((!(isset($id) && $a_nat[$id])) \|\| (isset($_GET['dup']))): ?>
394	9ae40f2b	Scott Ullrich	<tr>
395	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
396	9ae40f2b	Scott Ullrich	<td width="78%">
397	6d6e3d7a	Scott Ullrich	<input name="autoadd" type="checkbox" id="autoadd" value="yes" CHECKED>
398	9ae40f2b	Scott Ullrich	<strong>Auto-add a firewall rule to permit traffic through
399	5b237745	Scott Ullrich	this NAT rule</strong></td>
400			</tr><?php endif; ?>
401	9ae40f2b	Scott Ullrich	<tr>
402	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
403	9ae40f2b	Scott Ullrich	<td width="78%">
404	fc01e414	Scott Ullrich	<input name="Submit" type="submit" class="formbtn" value="Save"> <input type="button" class="formbtn" value="Cancel" onclick="history.back()">
405	5b237745	Scott Ullrich	<?php if (isset($id) && $a_nat[$id]): ?>
406	9ae40f2b	Scott Ullrich	<input name="id" type="hidden" value="<?=$id;?>">
407	5b237745	Scott Ullrich	<?php endif; ?>
408			</td>
409			</tr>
410			</table>
411			</form>
412			<script language="JavaScript">
413			<!--
414	4ce8ac00	Erik Kristensen	ext_change();
415	5b237745	Scott Ullrich	//-->
416			</script>
417	9ae40f2b	Scott Ullrich	<?php
418			$isfirst = 0;
419			$aliases = "";
420			$addrisfirst = 0;
421			$aliasesaddr = "";
422	b964717d	Scott Ullrich	if($config['aliases']['alias'] <> "")
423			foreach($config['aliases']['alias'] as $alias_name) {
424			if(!stristr($alias_name['address'], ".")) {
425			if($isfirst == 1) $aliases .= ",";
426			$aliases .= "'" . $alias_name['name'] . "'";
427			$isfirst = 1;
428			} else {
429			if($addrisfirst == 1) $aliasesaddr .= ",";
430			$aliasesaddr .= "'" . $alias_name['name'] . "'";
431			$addrisfirst = 1;
432			}
433	9ae40f2b	Scott Ullrich	}
434			?>
435			<script language="JavaScript">
436			<!--
437	4ce8ac00	Erik Kristensen	var addressarray=new Array(<?php echo $aliasesaddr; ?>);
438			var customarray=new Array(<?php echo $aliases; ?>);
439	9ae40f2b	Scott Ullrich	//-->
440			</script>
441	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
442			</body>
443			</html>

Project

General

Profile

pfSense