diff options
author | Erik Fonnesbeck <efonnes@gmail.com> | 2011-02-13 09:20:15 -0700 |
---|---|---|
committer | Erik Fonnesbeck <efonnes@gmail.com> | 2011-02-13 09:27:51 -0700 |
commit | ca640261f33d5489d44a8bbc37d875d9986cf34f (patch) | |
tree | 2159307325a83e0b56ebca2e06b44b3c8846018e | |
parent | d164643a3560174bf1caabef4649b5b2a382b8ff (diff) | |
download | pfsense-ca640261f33d5489d44a8bbc37d875d9986cf34f.zip pfsense-ca640261f33d5489d44a8bbc37d875d9986cf34f.tar.gz |
Add alias support for source and destination ports on outbound NAT.
-rw-r--r-- | etc/inc/filter.inc | 16 | ||||
-rwxr-xr-x | usr/local/www/firewall_aliases.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_aliases_edit.php | 2 | ||||
-rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 18 |
4 files changed, 26 insertions, 12 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 092060f..da72c77 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1121,14 +1121,22 @@ function filter_nat_rules_generate_if($if, $src = "any", $srcport = "", $dst = " if($src == "") $src = "any"; /* Match on this source port */ - if($srcport != "") - $src .= " port {$srcport}"; + if($srcport != "") { + $srcportexpand = alias_expand($srcport); + if(!$srcportexpand) + $srcportexpand = $srcport; + $src .= " port {$srcportexpand}"; + } /* sometimes this gets called with "" instead of a value */ if($dst == "") $dst = "any"; /* Match on this dest port */ - if($dstport != "") - $dst .= " port {$dstport}"; + if($dstport != "") { + $dstportexpand = alias_expand($dstport); + if(!$dstportexpand) + $dstportexpand = $dstport; + $dst .= " port {$dstportexpand}"; + } /* outgoing static-port option, hamachi, Grandstream, VOIP, etc */ $staticnatport_txt = ""; if($staticnatport) diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php index e5304dd..4a16bac 100755 --- a/usr/local/www/firewall_aliases.php +++ b/usr/local/www/firewall_aliases.php @@ -93,7 +93,9 @@ if ($_GET['act'] == "del") { find_alias_reference(array('nat', 'onetoone'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); // NAT Outbound Rules find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $alias_name, $is_alias_referenced, $referenced_by); find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $alias_name, $is_alias_referenced, $referenced_by); + find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $alias_name, $is_alias_referenced, $referenced_by); find_alias_reference(array('nat', 'advancedoutbound', 'rule'), array('target'), $alias_name, $is_alias_referenced, $referenced_by); // Alias in an alias find_alias_reference(array('aliases', 'alias'), array('address'), $alias_name, $is_alias_referenced, $referenced_by); diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 23e1721..33d124e 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -310,7 +310,9 @@ if ($_POST) { update_alias_names_upon_change(array('nat', 'onetoone'), array('destination', 'address'), $_POST['name'], $origname); // NAT Outbound Rules update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('source', 'network'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('sourceport'), $_POST['name'], $origname); update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('destination', 'address'), $_POST['name'], $origname); + update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('dstport'), $_POST['name'], $origname); update_alias_names_upon_change(array('nat', 'advancedoutbound', 'rule'), array('target'), $_POST['name'], $origname); // Alias in an alias update_alias_names_upon_change(array('aliases', 'alias'), array('address'), $_POST['name'], $origname); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index fc71a08..db6d03d 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -124,14 +124,14 @@ if ($_POST) { $protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); - if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_port($_POST['sourceport'])) - $input_errors[] = gettext("You must supply either a valid port for the source port entry."); + if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_portoralias($_POST['sourceport'])) + $input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry."); - if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_port($_POST['dstport'])) - $input_errors[] = gettext("You must supply either a valid port for the destination port entry."); + if($protocol_uses_ports and $_POST['dstport'] <> "" and !is_portoralias($_POST['dstport'])) + $input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry."); if($protocol_uses_ports and $_POST['natport'] <> "" and !is_port($_POST['natport']) and !isset($_POST['nonat'])) - $input_errors[] = gettext("You must supply either a valid port for the nat port entry."); + $input_errors[] = gettext("You must supply a valid port for the nat port entry."); if ($_POST['source_type'] != "any") { if ($_POST['source'] && !is_ipaddroralias($_POST['source']) && $_POST['source'] <> "any") { @@ -470,7 +470,7 @@ function poolopts_change() { </tr> <tr name="sport_tr" id="sport_tr"> <td><?=gettext("Source port:");?> </td> - <td><input name="sourceport" type="text" class="formfld unknown" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>"> <?=gettext("(leave + <td><input name="sourceport" type="text" autocomplete="off" class="formfldalias" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>"> <?=gettext("(leave blank for any)");?></td> </tr> </table></td> @@ -509,7 +509,7 @@ blank for any)");?></td> </tr> <tr name="dport_tr" id="dport_tr"> <td><?=gettext("Destination port:");?> </td> - <td><input name="dstport" type="text" class="formfld unknown" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>"> <?=gettext("(leave blank for + <td><input name="dstport" type="text" autocomplete="off" class="formfldalias" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>"> <?=gettext("(leave blank for any)");?></td> </tr> </table> @@ -671,7 +671,9 @@ poolopts_change(); var customarray=new Array(<?php echo $portaliases; ?>); var oTextbox1 = new AutoSuggestControl(document.getElementById("source"), new StateSuggestions(addressarray)); - var oTextbox2 = new AutoSuggestControl(document.getElementById("destination"), new StateSuggestions(addressarray)); + var oTextbox2 = new AutoSuggestControl(document.getElementById("sourceport"), new StateSuggestions(customarray)); + var oTextbox3 = new AutoSuggestControl(document.getElementById("destination"), new StateSuggestions(addressarray)); + var oTextbox4 = new AutoSuggestControl(document.getElementById("dstport"), new StateSuggestions(customarray)); //--> </script> <?php include("fend.inc"); ?> |