diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2005-11-16 18:24:51 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2005-11-16 18:24:51 +0000 |
| commit | 3544cbb0f8bdc1fb446730b576521ccde3b31b21 (patch) | |
| tree | 8921a6e083c757b9c942b39476b40305da8f5271 /usr/local/www/firewall_nat_edit.php | |
| parent | d2e8380281d37fbe66ffb6d204f23d3ac5687bae (diff) | |
| download | pfsense-3544cbb0f8bdc1fb446730b576521ccde3b31b21.zip pfsense-3544cbb0f8bdc1fb446730b576521ccde3b31b21.tar.gz | |
MFC 7730
When adding a NAT redirect to a internal FTP server automatically create a rule to allow traffic to the external IP of the redirect, port 21 so that pftpx can function.
Diffstat (limited to 'usr/local/www/firewall_nat_edit.php')
| -rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index c81a84f..68d2ab3 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -191,6 +191,30 @@ if ($_POST) { $config['filter']['rule'][] = $filterent; + /* auto add rule to external port 21 as well since we are using + * pftpx to help open up ports automatically + */ + if($_POST['endport'] == "21") { + $filterent = array(); + $filterent['interface'] = $_POST['interface']; + $filterent['protocol'] = $_POST['proto']; + $filterent['source']['any'] = ""; + $filterent['destination']['address'] = $_POST['extaddr']; + + $dstpfrom = $_POST['localbeginport']; + $dstpto = $dstpfrom + $_POST['endport'] - $_POST['beginport']; + + if ($dstpfrom == $dstpto) + $filterent['destination']['port'] = $dstpfrom; + else + $filterent['destination']['port'] = $dstpfrom . "-" . $dstpto; + + $filterent['descr'] = "NAT " . $_POST['descr']; + + $config['filter']['rule'][] = $filterent; + + } + touch($d_filterconfdirty_path); } |
