diff options
| author | Ermal <eri@pfsense.org> | 2010-04-16 19:08:32 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2010-04-16 19:08:32 +0000 |
| commit | cfdce2add91f7fbf17094f4b636e6d5488cc4094 (patch) | |
| tree | ab56515d31886d5add716c5d39bcf949f7ed1dbf | |
| parent | f691243dac0bb4c4a322154ef839cac0d0c5db4e (diff) | |
| download | pfsense-cfdce2add91f7fbf17094f4b636e6d5488cc4094.zip pfsense-cfdce2add91f7fbf17094f4b636e6d5488cc4094.tar.gz | |
Ticket #508. Make TFTP proxy configurable by System Advanced->Firewall/NAT for several interfaces.
| -rw-r--r-- | etc/inc/filter.inc | 11 | ||||
| -rw-r--r-- | usr/local/www/system_advanced_firewall.php | 19 |
2 files changed, 28 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index a143a31..bee212a 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1062,6 +1062,14 @@ function filter_nat_rules_generate() { $natrules .= "# TFTP proxy\n"; $natrules .= "rdr-anchor \"tftp-proxy/*\"\n"; + if (!empty($config['system']['tftpinterface'])) { + $tftpifs = explode(",", $config['system']['tftpinterface']); + foreach($tftpifs as $tftpif) { + if ($FilterIflist[$tftpif]) + $natrules .= "rdr pass on {$FilterIflist[$tftpif]['if']} proto udp from any to any port tftp -> 127.0.0.1 port tftp\n"; + } + } + $interface_counter = 0; $vpns_list = filter_get_vpns_list(); $direct_networks_list = filter_get_direct_networks_list(); @@ -2016,8 +2024,7 @@ EOD; # package manager late specific hook anchor "packagelate" -EOD; - $ipfrules .= <<<EOD +anchor "tftp-proxy/*" anchor "limitingesr" diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index 06e2ff5..7a3cd93 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -121,6 +121,11 @@ if ($_POST) { else unset($config['system']['disablescrub']); + if ($_POST['tftpinterface']) + $config['system']['tftpinterface'] = implode(",", $_POST['tftpinterface']); + else + unset($config['system']['tftpinterface']); + write_config(); /* @@ -306,6 +311,20 @@ function update_description(itemnum) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">TFTP Proxy</td> + <td width="78%" class="vtable"> + <select name="tftpinterface[]" multiple="true" class="formselect" size="3"> +<?php + $ifdescs = get_configured_interface_with_descr(); + foreach ($ifdescs as $ifent => $ifdesc): +?> + <option value="<?=$ifent;?>" <?php if (stristr($pconfig['tftpinterface'], $ifent)) echo "selected"; ?>><?=gettext($ifdesc);?></option> +<?php endforeach; ?> + </select> + <strong>Choose the interfaces where you want TFTP proxy help to be enabled.</strong> + </td> + </tr> + <tr> <td colspan="2" class="list" height="12"> </td> </tr> <?php endif; ?> |
