diff options
| author | Ermal Luçi <eri@pfsense.org> | 2009-12-08 15:40:08 +0000 |
|---|---|---|
| committer | Ermal Luçi <eri@pfsense.org> | 2009-12-08 15:40:28 +0000 |
| commit | 1ddb870bc83df15bf2322c9b28d196106e518101 (patch) | |
| tree | 843ca88886c9b4ebc8ff29267d437a5609106f65 /usr/local/www/firewall_nat_out.php | |
| parent | 070a82a9df5054f2b6c8a30a3143645bf903b500 (diff) | |
| download | pfsense-1ddb870bc83df15bf2322c9b28d196106e518101.zip pfsense-1ddb870bc83df15bf2322c9b28d196106e518101.tar.gz | |
Ticket #140 Fix Outbound edit page to really show errors. Propperly generate rules when switching from/to AON.
Diffstat (limited to 'usr/local/www/firewall_nat_out.php')
| -rwxr-xr-x | usr/local/www/firewall_nat_out.php | 63 |
1 files changed, 47 insertions, 16 deletions
diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 62aee10..55a8469 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -83,11 +83,8 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { unset($config['nat']['advancedoutbound']['rule']); break; case "advancedoutboundnat": - $was_enabled = isset($config['nat']['advancedoutbound']['enable']); - $config['nat']['advancedoutbound']['enable'] = true; - if (isset($config['nat']['ipsecpassthru']['enable'])) - unset($config['nat']['ipsecpassthru']['enable']); - if($was_enabled == false) { + if (!isset($config['nat']['advancedoutbound']['enable'])) { + $config['nat']['advancedoutbound']['enable'] = true; /* * user has enabled advanced outbound nat -- lets automatically create entries * for all of the interfaces to make life easier on the pip-o-chap @@ -97,22 +94,56 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { foreach($ifdescrs as $if => $ifdesc) { if (interface_has_gateway($if)) continue; - if($ifdesc == "wan") - continue; - $natent = array(); $osipaddr = get_interface_ip($if); $ossubnet = get_interface_subnet($if); if (!is_ipaddr($osipaddr) || empty($ossubnet)) continue; $osn = gen_subnet($osipaddr, $ossubnet); - $natent['source']['network'] = "{$osn}/{$ossubnet}"; - $natent['sourceport'] = ""; - $natent['descr'] = "Auto created rule for {$ifdesc}"; - $natent['target'] = ""; - $natent['interface'] = "wan"; - $natent['destination']['any'] = true; - $natent['natport'] = ""; - $a_out[] = $natent; + foreach ($ifdescrs as $if2 => $ifdesc2) { + if (!interface_has_gateway($if2)) + continue; + /* XXX: Not yet. + $natent = array(); + $natent['nonat'] = true; + $natent['source']['network'] = "any"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto nonat TFTP proxy created rule for {$ifdesc2}"; + $natent['target'] = "tftp"; + $natent['interface'] = $if2; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + */ + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = "500"; + $natent['descr'] = "Auto NAT-T created rule for {$ifdesc2}"; + $natent['target'] = ""; + $natent['interface'] = $if2; + $natent['destination']['any'] = true; + $natent['natport'] = "500"; + $a_out[] = $natent; + + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = "5060"; + $natent['descr'] = "Auto NAT-T created rule for {$ifdesc2}"; + $natent['target'] = ""; + $natent['interface'] = $if2; + $natent['destination']['any'] = true; + $natent['natport'] = "5060"; + $a_out[] = $natent; + + $natent = array(); + $natent['source']['network'] = "{$osn}/{$ossubnet}"; + $natent['sourceport'] = ""; + $natent['descr'] = "Auto created rule for {$ifdesc2}"; + $natent['target'] = ""; + $natent['interface'] = $if2; + $natent['destination']['any'] = true; + $natent['natport'] = ""; + $a_out[] = $natent; + } } $savemsg = "Default rules for each interface have been created."; } |
