Add (self) keyword for specifying "any IP address on this firewall" as a rule choice.

3 files changed, 12 insertions, 2 deletions

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 7683b23..7ded056 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2136,6 +2136,9 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) {
 						$lansn = $FilterIflist['lan']['snv6'];
 						$src = "{$lansa}/{$lansn}";
 						break;
+					case '(self)':
+						$src = "(self)";
+						break;
 					case 'pptp':
 						$pptpsav6 = gen_subnetv6($FilterIflist['pptp']['sav6'], $FilterIflist['pptp']['snv6']);
 						$pptpsnv6 = $FilterIflist['pptp']['snv6'];
@@ -2172,6 +2175,9 @@ function filter_generate_address(& $rule, $target = "source", $isnat = false) {
 						$lansn = $FilterIflist['lan']['sn'];
 						$src = "{$lansa}/{$lansn}";
 						break;
+					case '(self)':
+						$src = "(self)";
+						break;
 					case 'pptp':
 						if (isset($config['pptpd']['n_pptp_units']) && is_numeric($config['pptpd']['n_pptp_units']))
 							$pptp_subnets = ip_range_to_subnet_array($config['pptpd']['remoteip'], long2ip32(ip2long($config['pptpd']['remoteip'])+($config['pptpd']['n_pptp_units']-1)));
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index aaec6a5..da0d0cc 100644
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -91,7 +91,7 @@ if (count($ostypes) > 2) {
 	);
 }
 
-$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
+$specialsrcdst = explode(" ", "any (self) pptp pppoe l2tp openvpn");
 $ifdisp = get_configured_interface_with_descr();
 foreach ($ifdisp as $kif => $kdescr) {
 	$specialsrcdst[] = "{$kif}";
@@ -1048,6 +1048,9 @@ include("head.inc");
 						?>
 								> <?=gettext("Single host or alias");?></option>
 								<option value="network" <?php if (!$sel) echo "selected=\"selected\""; ?>><?=gettext("Network");?></option>
+								<?PHP	if (isset($a_filter[$id]['floating']) || $if == "FloatingRules"): ?>
+								<option value="(self)" <?PHP if ($pconfig['src'] == "(self)") echo "selected=\"selected\""; ?>><?=gettext("This Firewall (self)");?></option>
+								<?PHP endif;?>
 								<?php if(have_ruleint_access("pptp")): ?>
 								<option value="pptp"    <?php if ($pconfig['src'] == "pptp") { echo "selected=\"selected\""; } ?>><?=gettext("PPTP clients");?></option>
 								<?php endif; ?>
@@ -1148,6 +1151,7 @@ include("head.inc");
 								?>
 								><?=gettext("Single host or alias");?></option>
 								<option value="network" <?php if (!$sel) echo "selected=\"selected\""; ?>><?=gettext("Network");?></option>
+								<option value="(self)" <?PHP if ($pconfig['dst'] == "(self)") echo "selected=\"selected\""; ?>><?=gettext("This Firewall (self)");?></option>
 								<?php if(have_ruleint_access("pptp")): ?>
 								<option value="pptp" <?php if ($pconfig['dst'] == "pptp") { echo "selected=\"selected\""; } ?>><?=gettext("PPTP clients");?></option>
 								<?php endif; ?>
diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc
index 82a4cfa..ab3bf0a 100644
--- a/usr/local/www/guiconfig.inc
+++ b/usr/local/www/guiconfig.inc
@@ -231,7 +231,7 @@ $wkports = array(
 /* TCP flags */
 $tcpflags = array("fin", "syn", "rst", "psh", "ack", "urg", "ece", "cwr");
 
-$specialnets = array("pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
+$specialnets = array("(self)" => "This Firewall", "pptp" => "PPTP clients", "pppoe" => "PPPoE clients", "l2tp" => "L2TP clients");
 
 $spiflist = get_configured_interface_with_descr(false, true);
 foreach ($spiflist as $ifgui => $ifdesc) {