Add hybrid and disabled outbound NAT, fixes #2416:

- Add 2 new outbound NAT modes, hybrid and disabled, manual and advanced
  keep working the same way
- Hybrid mode applies manual rules first, automatic after
- Disabled do no create any outbound NAT rules
- Remove ipsecpassthru config field and rename advancedoutbound to
  outbound
- Save mode on $config['nat']['outbound']['mode'] to simplify the logic
- Modify config.default to reflect changes
- Add code to upgrade config, and change latest_version to 10.3
- Use html to align modes and remove some hacks to align using  

1 files changed, 19 insertions, 22 deletions

diff --git a/conf.default/config.xml b/conf.default/config.xml
index 6585795..b6c30db 100644
--- a/conf.default/config.xml
+++ b/conf.default/config.xml
@@ -401,9 +401,25 @@
 	</captiveportal>
 	-->
 	<nat>
-		<ipsecpassthru>
-			<enable/>
-		</ipsecpassthru>
+		<outbound>
+			<mode>automatic</mode>
+			<!--
+			<rule>
+				<interface></interface>
+				<source>
+					<network>xxx.xxx.xxx.xxx/xx</network>
+				</source>
+				<destination>
+					<not/>
+					<any/>
+					*or*
+					<network>xxx.xxx.xxx.xxx/xx</network>
+				</destination>
+				<target>xxx.xxx.xxx.xxx</target>
+				<descr></descr>
+			</rule>
+			-->
+		</outbound>
 		<!--
 		<rule>
 			<interface></interface>
@@ -425,25 +441,6 @@
 		</onetoone>
 		-->
 		<!--
-		<advancedoutbound>
-			<enable/>
-			<rule>
-				<interface></interface>
-				<source>
-					<network>xxx.xxx.xxx.xxx/xx</network>
-				</source>
-				<destination>
-					<not/>
-					<any/>
-					*or*
-					<network>xxx.xxx.xxx.xxx/xx</network>
-				</destination>
-				<target>xxx.xxx.xxx.xxx</target>
-				<descr></descr>
-			</rule>
-		</advancedoutbound>
-		-->
-		<!--
 		<servernat>
 			<ipaddr></ipaddr>
 			<descr></descr>