diff options
author | Bill Marquette <billm@pfsense.org> | 2005-02-20 20:18:05 +0000 |
---|---|---|
committer | Bill Marquette <billm@pfsense.org> | 2005-02-20 20:18:05 +0000 |
commit | a539f08be256d662fb0b7661eca43d03ca24e97a (patch) | |
tree | 363beae409e6ebc3cc78aaef4f0dfa4d7eae9873 /usr/local/www/firewall_nat_out_edit.php | |
parent | deaec3a48f0b24e2788c0fdb5749a92febb86614 (diff) | |
download | pfsense-a539f08be256d662fb0b7661eca43d03ca24e97a.zip pfsense-a539f08be256d662fb0b7661eca43d03ca24e97a.tar.gz |
advanced nat can now do source port mapping (useful for IPSec traversal)
Diffstat (limited to 'usr/local/www/firewall_nat_out_edit.php')
-rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 55 |
1 files changed, 41 insertions, 14 deletions
diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index bdf0242..2fca182 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -61,8 +61,10 @@ function network_to_pconfig($adr, &$padr, &$pmask, &$pnot) { if (isset($id) && $a_out[$id]) { list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$id]['source']['network']); + $pconfig['sourceport'] = $a_out[$id]['sourceport']; network_to_pconfig($a_out[$id]['destination'], $pconfig['destination'], $pconfig['destination_subnet'], $pconfig['destination_not']); + $pconfig['natport'] = $a_out[$id]['natport']; $pconfig['target'] = $a_out[$id]['target']; $pconfig['interface'] = $a_out[$id]['interface']; if (!$pconfig['interface']) @@ -97,6 +99,9 @@ if ($_POST) { if ($_POST['source_subnet'] && !is_numericint($_POST['source_subnet'])) { $input_errors[] = "A valid source bit count must be specified."; } + if ($_POST['sourceport'] && !is_numericint($_POST['sourceport'])) { + $input_errors[] = "A valid source port must be specified."; + } if ($_POST['destination_type'] != "any") { if ($_POST['destination'] && !is_ipaddr($_POST['destination'])) { $input_errors[] = "A valid destination must be specified."; @@ -107,7 +112,10 @@ if ($_POST) { } if ($_POST['destination_type'] != "any") { if ($_POST['destination_not']) - $input_errors[] = "Negating destination address of \"any\" is invalid."; + $input_errors[] = "Negating destination address of \"any\" is invalid."; + } + if ($_POST['natport'] && !is_numericint($_POST['natport'])) { + $input_errors[] = "A valid NAT port must be specified."; } if ($_POST['target'] && !is_ipaddr($_POST['target'])) { @@ -155,6 +163,7 @@ if ($_POST) { if (!$input_errors) { $natent = array(); $natent['source']['network'] = $osn; + $natent['sourceport'] = $_POST['sourceport']; $natent['descr'] = $_POST['descr']; $natent['target'] = $_POST['target']; $natent['interface'] = $_POST['interface']; @@ -164,6 +173,8 @@ if ($_POST) { else $natent['destination']['network'] = $ext; + $natent['natport'] = $_POST['natport']; + if (isset($_POST['destination_not']) && $ext != "any") $natent['destination']['not'] = true; @@ -234,18 +245,30 @@ function typesel_change() { <tr> <td width="22%" valign="top" class="vncellreq">Source</td> <td width="78%" class="vtable"> -<input name="source" type="text" class="formfld" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>"> - - / - <select name="source_subnet" class="formfld" id="source_subnet"> - <?php for ($i = 32; $i >= 0; $i--): ?> - <option value="<?=$i;?>" <?php if ($i == $pconfig['source_subnet']) echo "selected"; ?>> - <?=$i;?> - </option> - <?php endfor; ?> - </select> - <br> - <span class="vexpl">Enter the source network for the outbound NAT mapping.</span></td> + <table border="0" cellspacing="0" cellpadding="0"> + <tr> + <td>Address: </td + <td><input name="source" type="text" class="formfld" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>">/<select name="source_subnet" class="formfld" id="source_subnet"> + <?php for ($i = 32; $i >= 0; $i--): ?> + <option value="<?=$i;?>" <?php if ($i == $pconfig['source_subnet']) echo "selected"; ?>> + <?=$i;?> + </option> + <?php endfor; ?> + </select></td> + </tr> + <tr> + <td> </td> + <td><span class="vexpl">Enter the source network for the outbound NAT mapping.</span></td> + </tr> + <tr> + <td>Port: </td> + <td><input name="sourceport" type="text" class="formfld" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>"></td> + </tr> + <tr> + <td> </td> + <td><span class="vexpl">Enter the source port for the outbound NAT mapping.</span></td> + </tr> + </table></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq">Destination</td> @@ -281,7 +304,11 @@ function typesel_change() { <td><span class="vexpl">Enter the destination network for the outbound NAT mapping.</span></td> </tr> - </table></td> + <tr> + <td>NAT port: </td> + <td><input name="natport" type="text" class="formfld" id="natport" size="5" value="<?=htmlspecialchars($pconfig['natport']);?>"> (leave blank for any)</td> + </tr> + </table> </tr> <tr> <td valign="top" class="vncell">Target</td> |