diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-11-19 08:35:18 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-11-19 08:35:18 -0200 |
commit | aef6978de736e629f79ffc06c1784de665e5c2aa (patch) | |
tree | 83bae5ec621d76754970616583c52a91aa1067ab /usr/local/www/firewall_nat_out.php | |
parent | 6f61fea64122fb306a89347ea9ca7a4f203c8cd8 (diff) | |
download | pfsense-aef6978de736e629f79ffc06c1784de665e5c2aa.zip pfsense-aef6978de736e629f79ffc06c1784de665e5c2aa.tar.gz |
Try to detect already automatically created outbound NAT rules and avoid duplicating them. Also automatically create rules when switching from hybrid to manual. Ticket #2416
Diffstat (limited to 'usr/local/www/firewall_nat_out.php')
-rwxr-xr-x | usr/local/www/firewall_nat_out.php | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 439bd81..4fa4c16 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -80,7 +80,7 @@ if ($_POST['apply']) { if (isset($_POST['save']) && $_POST['save'] == "Save") { /* mutually exclusive settings - if user wants advanced NAT, we don't generate automatic rules */ - if ($_POST['mode'] == "advanced" && $mode != "advanced" && empty($a_out)) { + if ($_POST['mode'] == "advanced" && ($mode == "automatic" || $mode == "hybrid")) { /* * user has enabled advanced outbound NAT and doesn't have rules * lets automatically create entries @@ -98,7 +98,23 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { $tonathost['descr'], convert_real_interface_to_friendly_descr($natent['interface'])); $natent['created'] = make_config_revision_entry(null, gettext("Manual Outbound NAT Switch")); - $a_out[] = $natent; + + } + /* Try to detect already auto created rules and avoid duplicate them */ + $found = false; + foreach ($a_out as $rule) { + if ($rule['interface'] == $natent['interface'] && + $rule['source']['network'] == $natent['source']['network'] && + $rule['dstport'] == $natent['dstport'] && + $rule['target'] == $natent['target'] && + $rule['descr'] == $natent['descr']) { + $found = true; + break; + } + } + + if ($found === false) + $a_out[] = $natent; } } $savemsg = gettext("Default rules for each interface have been created."); |