diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2013-11-12 21:52:48 -0200 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2013-11-12 21:52:48 -0200 |
| commit | d5ab3af4e23c7abdc89bb6d867cb0ed9495c5bea (patch) | |
| tree | b7fcf8bd28d1c4d61fb538f01cb570ac19177275 /usr/local/www/firewall_nat_out_edit.php | |
| parent | 858f313d76e0003ecc940056e5c2f9a1fbb681eb (diff) | |
| download | pfsense-d5ab3af4e23c7abdc89bb6d867cb0ed9495c5bea.zip pfsense-d5ab3af4e23c7abdc89bb6d867cb0ed9495c5bea.tar.gz | |
Fix whitespaces and indent
Diffstat (limited to 'usr/local/www/firewall_nat_out_edit.php')
| -rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 751 |
1 files changed, 428 insertions, 323 deletions
diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 4e7c099..5b2fb87 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -1,34 +1,34 @@ <?php /* $Id$ */ /* - firewall_nat_out_edit.php - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - originally part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + firewall_nat_out_edit.php + Copyright (C) 2004 Scott Ullrich + All rights reserved. + + originally part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ /* pfSense_MODULE: nat @@ -111,7 +111,7 @@ if (isset($id) && $a_out[$id]) { } if (isset($_GET['dup'])) { - unset($id); + unset($id); } if ($_POST) { @@ -126,15 +126,15 @@ if ($_POST) { unset($input_errors); $pconfig = $_POST; - /* run through $_POST items encoding HTML entties so that the user - * cannot think he is slick and perform a XSS attack on the unwilling - */ - foreach ($_POST as $key => $value) { - $temp = str_replace(">", "", $value); - $newpost = htmlentities($temp); - if($newpost <> $temp) - $input_errors[] = sprintf(gettext("Invalid characters detected (%s). Please remove invalid characters and save again."),$temp); - } + /* run through $_POST items encoding HTML entties so that the user + * cannot think he is slick and perform a XSS attack on the unwilling + */ + foreach ($_POST as $key => $value) { + $temp = str_replace(">", "", $value); + $newpost = htmlentities($temp); + if($newpost <> $temp) + $input_errors[] = sprintf(gettext("Invalid characters detected (%s). Please remove invalid characters and save again."),$temp); + } /* input validation */ $reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet"); @@ -175,13 +175,13 @@ if ($_POST) { $input_errors[] = gettext("A valid source bit count must be specified."); } if ($_POST['destination_type'] != "any") { - if ($_POST['destination'] && !is_ipaddroralias($_POST['destination'])) { + if ($_POST['destination'] && !is_ipaddroralias($_POST['destination'])) { $input_errors[] = gettext("A valid destination must be specified."); } } - if ($_POST['destination_subnet'] && !is_numericint($_POST['destination_subnet'])) { - $input_errors[] = gettext("A valid destination bit count must be specified."); - } + if ($_POST['destination_subnet'] && !is_numericint($_POST['destination_subnet'])) { + $input_errors[] = gettext("A valid destination bit count must be specified."); + } if ($_POST['destination_type'] == "any") { if ($_POST['destination_not']) { $input_errors[] = gettext("Negating destination address of \"any\" is invalid."); @@ -353,32 +353,32 @@ function staticportchange() { } } function typesel_change() { - switch (document.iform.destination_type.selectedIndex) { - case 1: // network - document.iform.destination.disabled = 0; - document.iform.destination_subnet.disabled = 0; - break; - default: - document.iform.destination.value = ""; - document.iform.destination.disabled = 1; - document.iform.destination_subnet.value = "24"; - document.iform.destination_subnet.disabled = 1; - break; - } + switch (document.iform.destination_type.selectedIndex) { + case 1: // network + document.iform.destination.disabled = 0; + document.iform.destination_subnet.disabled = 0; + break; + default: + document.iform.destination.value = ""; + document.iform.destination.disabled = 1; + document.iform.destination_subnet.value = "24"; + document.iform.destination_subnet.disabled = 1; + break; + } } function sourcesel_change() { - switch (document.iform.source_type.selectedIndex) { - case 1: // network - document.iform.source.disabled = 0; - document.iform.source_subnet.disabled = 0; - break; - default: - document.iform.source.value = ""; - document.iform.source.disabled = 1; - document.iform.source_subnet.value = "24"; - document.iform.source_subnet.disabled = 1; - break; - } + switch (document.iform.source_type.selectedIndex) { + case 1: // network + document.iform.source.disabled = 0; + document.iform.source_subnet.disabled = 0; + break; + default: + document.iform.source.value = ""; + document.iform.source.disabled = 1; + document.iform.source_subnet.value = "24"; + document.iform.source_subnet.disabled = 1; + break; + } } function nonat_change() { if (document.iform.nonat.checked) { @@ -433,297 +433,402 @@ function poolopts_change() { <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> - <form action="firewall_nat_out_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="1" summary="firewall nat outbound edit"> - <tr> - <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Advanced Outbound NAT entry");?></td> - </tr> +<form action="firewall_nat_out_edit.php" method="post" name="iform" id="iform"> + <table width="100%" border="0" cellpadding="6" cellspacing="1" summary="firewall nat outbound edit"> + <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Advanced Outbound NAT entry");?></td> + </tr> <?php // Allow extending of the firewall edit page and include custom input validation pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/htmlphpearly"); ?> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled");?></td> - <td width="78%" class="vtable"> - <input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable this rule");?></strong><br /> - <span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list.");?></span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Do not NAT");?></td> - <td width="78%" class="vtable"> - <input type="checkbox" name="nonat" id="nonat" onclick="nonat_change();" <?php if(isset($pconfig['nonat'])) echo " checked=\"checked\""; ?> /> - <span class="vexpl"><?=gettext("Enabling this option will disable NAT for traffic matching this rule and stop processing Outbound NAT rules.");?> - <br/><?=gettext("Hint: in most cases, you won't use this option.");?></span></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> - <td width="78%" class="vtable"> - <select name="interface" class="formselect"> - <?php - $iflist = get_configured_interface_with_descr(false, true); - foreach ($iflist as $if => $ifdesc) - if(have_ruleint_access($if)) - $interfaces[$if] = $ifdesc; - - if ($config['l2tp']['mode'] == "server") - if(have_ruleint_access("l2tp")) - $interfaces['l2tp'] = "L2TP VPN"; - - if ($config['pptpd']['mode'] == "server") - if(have_ruleint_access("pptp")) - $interfaces['pptp'] = "PPTP VPN"; - - if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) - $interfaces['pppoe'] = "PPPoE VPN"; - - /* add ipsec interfaces */ - if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) - if(have_ruleint_access("enc0")) - $interfaces["enc0"] = "IPsec"; - - /* add openvpn/tun interfaces */ - if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) - $interfaces["openvpn"] = "OpenVPN"; - - foreach ($interfaces as $iface => $ifacename): ?> - <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>> - <?=htmlspecialchars($ifacename);?> - </option> - <?php endforeach; ?> - </select><br/> - <span class="vexpl"><?=gettext("Choose which interface this rule applies to.");?><br/> - <?=gettext("Hint: in most cases, you'll want to use WAN here.");?></span></td> - </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled");?></td> + <td width="78%" class="vtable"> + <input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Disable this rule");?></strong><br /> + <span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list.");?></span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Do not NAT");?></td> + <td width="78%" class="vtable"> + <input type="checkbox" name="nonat" id="nonat" onclick="nonat_change();" <?php if(isset($pconfig['nonat'])) echo " checked=\"checked\""; ?> /> + <span class="vexpl"><?=gettext("Enabling this option will disable NAT for traffic matching this rule and stop processing Outbound NAT rules.");?> + <br/><?=gettext("Hint: in most cases, you won't use this option.");?></span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> + <td width="78%" class="vtable"> + <select name="interface" class="formselect"> +<?php + $iflist = get_configured_interface_with_descr(false, true); + foreach ($iflist as $if => $ifdesc) + if(have_ruleint_access($if)) + $interfaces[$if] = $ifdesc; + + if ($config['l2tp']['mode'] == "server") + if(have_ruleint_access("l2tp")) + $interfaces['l2tp'] = "L2TP VPN"; + + if ($config['pptpd']['mode'] == "server") + if(have_ruleint_access("pptp")) + $interfaces['pptp'] = "PPTP VPN"; + + if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) + $interfaces['pppoe'] = "PPPoE VPN"; + + /* add ipsec interfaces */ + if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) + if(have_ruleint_access("enc0")) + $interfaces["enc0"] = "IPsec"; + + /* add openvpn/tun interfaces */ + if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) + $interfaces["openvpn"] = "OpenVPN"; + + foreach ($interfaces as $iface => $ifacename): +?> + <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>> + <?=htmlspecialchars($ifacename);?> + </option> +<?php + endforeach; +?> + </select><br/> + <span class="vexpl"><?=gettext("Choose which interface this rule applies to.");?><br/> + <?=gettext("Hint: in most cases, you'll want to use WAN here.");?> + </span> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td> <td width="78%" class="vtable"> <select name="protocol" class="formselect" onchange="proto_change();"> - <?php $protocols = explode(" ", "any TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP carp pfsync"); - foreach ($protocols as $proto): ?> - <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['protocol']) echo "selected=\"selected\""; ?>><?=htmlspecialchars($proto);?></option> - <?php endforeach; ?> - </select> <br/> <span class="vexpl"><?=gettext("Choose which protocol this rule should match.");?><br /> - <?php printf(gettext("Hint: in most cases, you should specify %s any %s here."),"<em>","</em> ");?></span> +<?php + $protocols = explode(" ", "any TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP carp pfsync"); + foreach ($protocols as $proto): +?> + <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['protocol']) echo "selected=\"selected\""; ?>><?=htmlspecialchars($proto);?></option> +<?php + endforeach; +?> + </select><br/> + <span class="vexpl"><?=gettext("Choose which protocol this rule should match.");?><br /> +<?php + printf(gettext("Hint: in most cases, you should specify %s any %s here."),"<em>","</em> "); +?> + </span> </td> </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Source");?></td> - <td width="78%" class="vtable"> - <table border="0" cellspacing="1" cellpadding="1" summary="source"> - <tr> - <td><?=gettext("Type:");?> </td> - <td> - <select name="source_type" class="formselect" onchange="sourcesel_change()"> - <option value="any" <?php if ($pconfig['source'] == "any") echo "selected=\"selected\""; ?>><?=gettext("any");?></option> - <option value="network" <?php if ($pconfig['source'] != "any") echo "selected=\"selected\""; ?>><?=gettext("Network");?></option> - </select> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Source");?></td> + <td width="78%" class="vtable"> + <table border="0" cellspacing="1" cellpadding="1" summary="source"> + <tr> + <td><?=gettext("Type:");?> </td> + <td> + <select name="source_type" class="formselect" onchange="sourcesel_change()"> + <option value="any" <?php if ($pconfig['source'] == "any") echo "selected=\"selected\""; ?>><?=gettext("any");?></option> + <option value="network" <?php if ($pconfig['source'] != "any") echo "selected=\"selected\""; ?>><?=gettext("Network");?></option> + </select> + </td> + </tr> + <tr> + <td><?=gettext("Address:");?> </td> + <td> + <input name="source" type="text" autocomplete="off" class="formfldalias" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>" />/ + <select name="source_subnet" class="formfld" id="source_subnet"> +<?php + for ($i = 32; $i >= 0; $i--): +?> + <option value="<?=$i;?>"<?php if ($i == $pconfig['source_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> +<?php + endfor; +?> + </select> + </td> + </tr> + <tr> + <td> </td> + <td> + <span class="vexpl"><?=gettext("Enter the source network for the outbound NAT mapping.");?></span> + </td> + </tr> + <tr name="sport_tr" id="sport_tr"> + <td><?=gettext("Source port:");?> </td> + <td> + <input name="sourceport" type="text" autocomplete="off" class="formfldalias" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>" /> + <?=gettext("(leave blank for any)");?> + </td> + </tr> + </table> </td> - </tr> - <tr> - <td><?=gettext("Address:");?> </td> - <td><input name="source" type="text" autocomplete="off" class="formfldalias" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>" />/<select name="source_subnet" class="formfld" id="source_subnet"> -<?php for ($i = 32; $i >= 0; $i--): ?> - <option value="<?=$i;?>"<?php if ($i == $pconfig['source_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> -<?php endfor; ?> - </select></td> - </tr> - <tr> - <td> </td> - <td><span class="vexpl"><?=gettext("Enter the source network for the outbound NAT mapping.");?></span></td> - </tr> - <tr name="sport_tr" id="sport_tr"> - <td><?=gettext("Source port:");?> </td> - <td><input name="sourceport" type="text" autocomplete="off" class="formfldalias" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>" /> <?=gettext("(leave blank for any)");?></td> - </tr> - </table></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Destination");?></td> - <td width="78%" class="vtable"> -<input name="destination_not" type="checkbox" id="destination_not" value="yes" <?php if ($pconfig['destination_not']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("not");?></strong><br/> - <?=gettext("Use this option to invert the sense of the match.");?><br/> - <br/> - <table border="0" cellspacing="1" cellpadding="1" summary="destination"> - <tr> - <td><?=gettext("Type:");?> </td> - <td><select name="destination_type" class="formselect" onchange="typesel_change()"> - <option value="any"<?php if ($pconfig['destination'] == "any") echo " selected=\"selected\""; ?>> - <?=gettext("any");?></option> - <option value="network"<?php if ($pconfig['destination'] != "any") echo " selected=\"selected\""; ?>> - <?=gettext("Network");?></option> - </select></td> - </tr> - <tr> - <td><?=gettext("Address:");?> </td> - <td><input name="destination" type="text" autocomplete="off" class="formfldalias" id="destination" size="20" value="<?=htmlspecialchars($pconfig['destination']);?>" /> - / - <select name="destination_subnet" class="formselect" id="destination_subnet"> -<?php for ($i = 32; $i >= 0; $i--): ?> - <option value="<?=$i;?>"<?php if ($i == $pconfig['destination_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> -<?php endfor; ?> - </select> </td> - </tr> - <tr> - <td> </td> - <td><span class="vexpl"><?=gettext("Enter the destination network for ". - "the outbound NAT mapping.");?></span></td> - </tr> - <tr name="dport_tr" id="dport_tr"> - <td><?=gettext("Destination port:");?> </td> - <td><input name="dstport" type="text" autocomplete="off" class="formfldalias" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>" /> <?=gettext("(leave blank for any)");?></td> - </tr> - </table> - </td> - </tr> - <tr name="transtable" id="transtable"> - <td width="22%" valign="top" class="vncell"><?=gettext("Translation");?></td> - <td width="78%" class="vtable"> - <table border="0" cellspacing="1" cellpadding="1" summary="translation"> - <tr> - <td><?=gettext("Address:");?> </td> - <td><select name="target" class="formselect" id="target" onchange="poolopts_change();"> - <option value=""<?php if (!$pconfig['target']) echo " selected=\"selected\""; ?>><?=gettext("Interface address");?></option> -<?php if (is_array($config['virtualip']['vip'])): - foreach ($config['virtualip']['vip'] as $sn): - if (isset($sn['noexpand'])) - continue; - if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): - $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); - $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); - $len = $end - $start; ?> - <option value="<?=$sn['subnet'].'/'.$sn['subnet_bits'];?>" <?php if ($sn['subnet'].'/'.$sn['subnet_bits'] == $pconfig['target']) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Subnet: {$sn['subnet']}/{$sn['subnet_bits']} ({$sn['descr']})");?></option> - <?php for ($i = 0; $i <= $len; $i++): - $snip = long2ip32($start+$i); + </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Destination");?></td> + <td width="78%" class="vtable"> + <input name="destination_not" type="checkbox" id="destination_not" value="yes" <?php if ($pconfig['destination_not']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("not");?></strong><br/> + <?=gettext("Use this option to invert the sense of the match.");?><br/> + <br/> + <table border="0" cellspacing="1" cellpadding="1" summary="destination"> + <tr> + <td><?=gettext("Type:");?> </td> + <td> + <select name="destination_type" class="formselect" onchange="typesel_change()"> + <option value="any"<?php if ($pconfig['destination'] == "any") echo " selected=\"selected\""; ?>> + <?=gettext("any");?> + </option> + <option value="network"<?php if ($pconfig['destination'] != "any") echo " selected=\"selected\""; ?>> + <?=gettext("Network");?> + </option> + </select> + </td> + </tr> + <tr> + <td><?=gettext("Address:");?> </td> + <td> + <input name="destination" type="text" autocomplete="off" class="formfldalias" id="destination" size="20" value="<?=htmlspecialchars($pconfig['destination']);?>" />/ + <select name="destination_subnet" class="formselect" id="destination_subnet"> +<?php + for ($i = 32; $i >= 0; $i--): +?> + <option value="<?=$i;?>"<?php if ($i == $pconfig['destination_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> +<?php + endfor; +?> + </select> + </td> + </tr> + <tr> + <td> </td> + <td> + <span class="vexpl"><?=gettext("Enter the destination network for the outbound NAT mapping.");?></span> + </td> + </tr> + <tr name="dport_tr" id="dport_tr"> + <td><?=gettext("Destination port:");?> </td> + <td> + <input name="dstport" type="text" autocomplete="off" class="formfldalias" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>" /> + <?=gettext("(leave blank for any)");?> + </td> + </tr> + </table> + </td> + </tr> + <tr name="transtable" id="transtable"> + <td width="22%" valign="top" class="vncell"><?=gettext("Translation");?></td> + <td width="78%" class="vtable"> + <table border="0" cellspacing="1" cellpadding="1" summary="translation"> + <tr> + <td><?=gettext("Address:");?> </td> + <td> + <select name="target" class="formselect" id="target" onchange="poolopts_change();"> + <option value=""<?php if (!$pconfig['target']) echo " selected=\"selected\""; ?>> + <?=gettext("Interface address");?> + </option> +<?php + if (is_array($config['virtualip']['vip'])): + foreach ($config['virtualip']['vip'] as $sn): + if (isset($sn['noexpand'])) + continue; + if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): + $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); + $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); + $len = $end - $start; +?> + <option value="<?=$sn['subnet'].'/'.$sn['subnet_bits'];?>" <?php if ($sn['subnet'].'/'.$sn['subnet_bits'] == $pconfig['target']) echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Subnet: {$sn['subnet']}/{$sn['subnet_bits']} ({$sn['descr']})");?> + </option> +<?php + for ($i = 0; $i <= $len; $i++): + $snip = long2ip32($start+$i); +?> + <option value="<?=$snip;?>" <?php if ($snip == $pconfig['target']) echo "selected"; ?>> + <?=htmlspecialchars("{$snip} ({$sn['descr']})");?> + </option> +<?php + endfor; ?> - <option value="<?=$snip;?>" <?php if ($snip == $pconfig['target']) echo "selected"; ?>><?=htmlspecialchars("{$snip} ({$sn['descr']})");?></option> - <?php endfor; ?> - <?php else: ?> - <option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['target']) echo "selected=\"selected\""; ?>><?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?></option> -<?php endif; endforeach; - endif; - foreach ($a_aliases as $alias): - if ($alias['type'] != "host") - continue; ?> - <option value="<?=$alias['name'];?>" <?php if ($alias['name'] == $pconfig['target']) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Host Alias: {$alias['name']} ({$alias['descr']})");?></option> -<?php endforeach; ?> - <option value="other-subnet"<?php if($pconfig['target'] == "other-subnet") echo " selected=\"selected\""; ?>><?=gettext("Other Subnet (Enter Below)");?></option> - </select> - </td> - </tr> - - <tr id="target_network"> - <td><?=gettext("Other Subnet:");?> </td> - <td> - <input name="targetip" type="text" class="formfld unknown" id="targetip" size="20" value="<?=htmlspecialchars($pconfig['targetip']);?>" />/<select name="targetip_subnet" class="formfld" id="targetip_subnet"> -<?php for ($i = 32; $i >= 0; $i--): ?> - <option value="<?=$i;?>"<?php if ($i == $pconfig['targetip_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> -<?php endfor; ?> - </select> - </td> - </tr> - - <tr><td> </td><td> - <span class="vexpl"><?=gettext("Packets matching this rule will be mapped to the IP address given here.");?><br/> - <?=gettext("If you want this rule to apply to another IP address rather than the IP address of the interface chosen above, ". - "select it here (you will need to define ");?> <a href="firewall_virtual_ip.php"><?=gettext("Virtual IP");?></a> <?=gettext("addresses on the interface first).");?> - </span><br/> - </td></tr> - <tr id="poolopts_tr"> - <td valign="top">Pool Options</td> - <td> - <select name="poolopts" id="poolopts"> - <option value="" <?php if ($pconfig['poolopts'] == "" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Default" );?></option> - <option value="round-robin" <?php if ($pconfig['poolopts'] == "round-robin" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Round Robin" );?></option> - <option value="round-robin sticky-address" <?php if ($pconfig['poolopts'] == "round-robin sticky-address") echo "selected=\"selected\""; ?>><?=htmlspecialchars("Round Robin with Sticky Address");?></option> - <option value="random" <?php if ($pconfig['poolopts'] == "random" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Random" );?></option> - <option value="random sticky-address" <?php if ($pconfig['poolopts'] == "random sticky-address" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Random with Sticky Address" );?></option> - <option value="source-hash" <?php if ($pconfig['poolopts'] == "source-hash" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Source Hash" );?></option> - <option value="bitmask" <?php if ($pconfig['poolopts'] == "bitmask" ) echo "selected=\"selected\""; ?>><?=htmlspecialchars("Bitmask" );?></option> - </select><br/> - <span class="vexpl"> - <?=gettext("Only Round Robin types work with Host Aliases. Any type can be used with a Subnet.");?><br/> - * <?=gettext("Round Robin: Loops through the translation addresses.");?><br/> - * <?=gettext("Random: Selects an address from the translation address pool at random.");?><br/> - * <?=gettext("Source Hash: Uses a hash of the source address to determine the translation address, ensuring that the redirection address is always the same for a given source.");?><br/> - * <?=gettext("Bitmask: Applies the subnet mask and keeps the last portion identical; 10.0.1.50 -> x.x.x.50.");?><br/> - * <?=gettext("Sticky Address: The Sticky Address option can be used with the Random and Round Robin pool types to ensure that a particular source address is always mapped to the same translation address.");?><br/> - </span><br/> - </td> - </tr> - <tr name="tport_tr" id="tport_tr"> - <td><?=gettext("Port:");?> </td> - <td><input name="natport" type="text" class="formfld unknown" id="natport" size="5" value="<?=htmlspecialchars($pconfig['natport']);?>" /></td> - </tr> - <tr name="tporttext_tr" id="tporttext_tr"><td> </td><td> - <span class="vexpl"><?=gettext("Enter the source port for the outbound NAT mapping.");?></span> - </td></tr> - <tr name="tportstatic_tr" id="tportstatic_tr"> - <td><?=gettext("Static-port:");?> </td> - <td><input onchange="staticportchange();" name="staticnatport" type="checkbox" class="formfld" id="staticnatport" size="5"<?php if($pconfig['staticnatport']) echo " checked=\"checked\"";?> /></td> - </tr> - </table> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("No XMLRPC Sync");?></td> - <td width="78%" class="vtable"> - <input value="yes" name="nosync" type="checkbox" class="formfld" id="nosync"<?php if($pconfig['nosync']) echo " checked=\"checked\""; ?> /><br/> - <?=gettext("Hint: This prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.");?> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br/> <span class="vexpl"><?=gettext("You may enter a description here " . - "for your reference (not parsed).");?></span></td> - </tr> <?php -$has_created_time = (isset($a_out[$id]['created']) && is_array($a_out[$id]['created'])); -$has_updated_time = (isset($a_out[$id]['updated']) && is_array($a_out[$id]['updated'])); + else: +?> + <option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['target']) echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?> + </option> +<?php + endif; + endforeach; + endif; + foreach ($a_aliases as $alias): + if ($alias['type'] != "host") + continue; +?> + <option value="<?=$alias['name'];?>" <?php if ($alias['name'] == $pconfig['target']) echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Host Alias: {$alias['name']} ({$alias['descr']})");?> + </option> +<?php + endforeach; +?> + <option value="other-subnet"<?php if($pconfig['target'] == "other-subnet") echo " selected=\"selected\""; ?>> + <?=gettext("Other Subnet (Enter Below)");?> + </option> + </select> + </td> + </tr> + + <tr id="target_network"> + <td><?=gettext("Other Subnet:");?> </td> + <td> + <input name="targetip" type="text" class="formfld unknown" id="targetip" size="20" value="<?=htmlspecialchars($pconfig['targetip']);?>" />/ + <select name="targetip_subnet" class="formfld" id="targetip_subnet"> +<?php + for ($i = 32; $i >= 0; $i--): +?> + <option value="<?=$i;?>"<?php if ($i == $pconfig['targetip_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> +<?php + endfor; +?> + </select> + </td> + </tr> + + <tr> + <td> </td> + <td> + <span class="vexpl"><?=gettext("Packets matching this rule will be mapped to the IP address given here.");?><br/> + <?=gettext("If you want this rule to apply to another IP address rather than the IP address of the interface chosen above, ". + "select it here (you will need to define ");?> + <a href="firewall_virtual_ip.php"><?=gettext("Virtual IP");?></a> + <?=gettext("addresses on the interface first).");?> + </span><br/> + </td> + </tr> + <tr id="poolopts_tr"> + <td valign="top">Pool Options</td> + <td> + <select name="poolopts" id="poolopts"> + <option value="" <?php if ($pconfig['poolopts'] == "") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Default");?> + </option> + <option value="round-robin" <?php if ($pconfig['poolopts'] == "round-robin") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Round Robin");?> + </option> + <option value="round-robin sticky-address" <?php if ($pconfig['poolopts'] == "round-robin sticky-address") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Round Robin with Sticky Address");?> + </option> + <option value="random" <?php if ($pconfig['poolopts'] == "random") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Random");?> + </option> + <option value="random sticky-address" <?php if ($pconfig['poolopts'] == "random sticky-address") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Random with Sticky Address");?> + </option> + <option value="source-hash" <?php if ($pconfig['poolopts'] == "source-hash") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Source Hash");?> + </option> + <option value="bitmask" <?php if ($pconfig['poolopts'] == "bitmask") echo "selected=\"selected\""; ?>> + <?=htmlspecialchars("Bitmask");?> + </option> + </select> + <br/> + <span class="vexpl"> + <?=gettext("Only Round Robin types work with Host Aliases. Any type can be used with a Subnet.");?><br/> + * <?=gettext("Round Robin: Loops through the translation addresses.");?><br/> + * <?=gettext("Random: Selects an address from the translation address pool at random.");?><br/> + * <?=gettext("Source Hash: Uses a hash of the source address to determine the translation address, ensuring that the redirection address is always the same for a given source.");?><br/> + * <?=gettext("Bitmask: Applies the subnet mask and keeps the last portion identical; 10.0.1.50 -> x.x.x.50.");?><br/> + * <?=gettext("Sticky Address: The Sticky Address option can be used with the Random and Round Robin pool types to ensure that a particular source address is always mapped to the same translation address.");?><br/> + </span><br/> + </td> + </tr> + <tr name="tport_tr" id="tport_tr"> + <td><?=gettext("Port:");?> </td> + <td> + <input name="natport" type="text" class="formfld unknown" id="natport" size="5" value="<?=htmlspecialchars($pconfig['natport']);?>" /> + </td> + </tr> + <tr name="tporttext_tr" id="tporttext_tr"> + <td> </td> + <td> + <span class="vexpl"><?=gettext("Enter the source port for the outbound NAT mapping.");?></span> + </td> + </tr> + <tr name="tportstatic_tr" id="tportstatic_tr"> + <td><?=gettext("Static-port:");?> </td> + <td><input onchange="staticportchange();" name="staticnatport" type="checkbox" class="formfld" id="staticnatport" size="5"<?php if($pconfig['staticnatport']) echo " checked=\"checked\"";?> /></td> + </tr> + </table> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("No XMLRPC Sync");?></td> + <td width="78%" class="vtable"> + <input value="yes" name="nosync" type="checkbox" class="formfld" id="nosync"<?php if($pconfig['nosync']) echo " checked=\"checked\""; ?> /><br/> + <?=gettext("Hint: This prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.");?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> + <td width="78%" class="vtable"> + <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> + <br/> + <span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed).");?></span> + </td> + </tr> +<?php + $has_created_time = (isset($a_out[$id]['created']) && is_array($a_out[$id]['created'])); + $has_updated_time = (isset($a_out[$id]['updated']) && is_array($a_out[$id]['updated'])); + if ($has_created_time || $has_updated_time): ?> - <?php if ($has_created_time || $has_updated_time): ?> <tr> <td> </td> </tr> <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Rule Information");?></td> </tr> - <?php if ($has_created_time): ?> +<?php + if ($has_created_time): +?> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Created");?></td> <td width="78%" class="vtable"> <?= date(gettext("n/j/y H:i:s"), $a_out[$id]['created']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['created']['username'] ?></strong> </td> </tr> - <?php endif; ?> - <?php if ($has_updated_time): ?> +<?php + endif; + + if ($has_updated_time): +?> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Updated");?></td> <td width="78%" class="vtable"> <?= date(gettext("n/j/y H:i:s"), $a_out[$id]['updated']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['updated']['username'] ?></strong> </td> </tr> - <?php endif; ?> - <?php endif; ?> <?php - // Allow extending of the firewall edit page and include custom input validation - pfSense_handle_custom_code("/usr/local/pkg/firewall_aon/htmlphplate"); + endif; + endif; + // Allow extending of the firewall edit page and include custom input validation + pfSense_handle_custom_code("/usr/local/pkg/firewall_aon/htmlphplate"); ?> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="history.back()" /> - <?php if (isset($id) && $a_out[$id]): ?> - <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> - <?php endif; ?> - <input name="after" type="hidden" value="<?=htmlspecialchars($after);?>" /> - </td> - </tr> - </table> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" /> <input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="history.back()" /> +<?php + if (isset($id) && $a_out[$id]): +?> + <input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> +<?php + endif; +?> + <input name="after" type="hidden" value="<?=htmlspecialchars($after);?>" /> + </td> + </tr> + </table> </form> <script type="text/javascript"> //<