diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-06-21 16:26:10 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-06-21 16:26:10 +0000 |
| commit | 63868cb8fbf2c888d1a191632bae7a1860081a43 (patch) | |
| tree | dd3e9f9f0eb5faced8d48d2cdab109f8534273a0 | |
| parent | ff62fa2fec1a7ed699b4a976f0a6fbbf6ba5df71 (diff) | |
| download | pfsense-63868cb8fbf2c888d1a191632bae7a1860081a43.zip pfsense-63868cb8fbf2c888d1a191632bae7a1860081a43.tar.gz | |
When user turns on advanced outbound nat, automatically create rules for them.
Ticket 155
| -rwxr-xr-x | usr/local/www/firewall_nat_out.php | 60 |
1 files changed, 41 insertions, 19 deletions
diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 058b87d..24ed4da 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -72,25 +72,47 @@ if ($_POST) { if (isset($_POST['save'])) { - - /* mutually exclusive settings - if user wants advanced NAT, we don't help with IPSec */ - if ($_POST['ipsecpassthru'] == true) { - $config['nat']['ipsecpassthru']['enable'] = true; - $config['nat']['advancedoutbound']['enable'] = false; - } - if ($_POST['advancedoutbound'] == true) { - $config['nat']['advancedoutbound']['enable'] = true; - $config['nat']['ipsecpassthru']['enable'] = false; - } - if ($_POST['ipsecpassthru'] == false) - $config['nat']['ipsecpassthru']['enable'] = false; - if ($_POST['advancedoutbound'] == false) - $config['nat']['advancedoutbound']['enable'] = false; - - write_config(); - touch($d_natconfdirty_path); - header("Location: firewall_nat_out.php"); - exit; + + /* mutually exclusive settings - if user wants advanced NAT, we don't help with IPSec */ + if ($_POST['ipsecpassthru'] == true) { + $config['nat']['ipsecpassthru']['enable'] = true; + $config['nat']['advancedoutbound']['enable'] = false; + } + if ($_POST['advancedoutbound'] == true) { + $config['nat']['advancedoutbound']['enable'] = true; + $config['nat']['ipsecpassthru']['enable'] = false; + } + if ($_POST['ipsecpassthru'] == false) + $config['nat']['ipsecpassthru']['enable'] = false; + if ($_POST['advancedoutbound'] == false) + $config['nat']['advancedoutbound']['enable'] = false; + if($config['nat']['advancedoutbound']['enable'] and $_POST['advancedoutbound'] <> "") { + /* + * user has enabled advanced outbound nat -- lets automatically create entries + * for all of the interfaces to make life easier on the pip-o-chap + */ + $a_out = &$config['nat']['advancedoutbound']['rule']; + $ifdescrs = array('lan'); + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) + $ifdescrs[] = "opt" . $j; + foreach($ifdescrs as $if) { + $natent = array(); + $osn = convert_ip_to_network_format($config['interface'][$if]['ip'], $carp['netmask']); + $natent['source']['network'] = $osn; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for {$if}"; + $natent['target'] = ""; + $natent['interface'] = "wan"; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } + write_config(); + } + write_config(); + touch($d_natconfdirty_path); + header("Location: firewall_nat_out.php"); + exit; } if (isset($_POST['del_x'])) { |
