diff options
| author | Erik Fonnesbeck <efonnes@gmail.com> | 2010-05-11 20:09:52 -0600 |
|---|---|---|
| committer | Erik Fonnesbeck <efonnes@gmail.com> | 2010-05-11 20:09:52 -0600 |
| commit | 1122a892f2af418daa5964d41d1d942fc89d470e (patch) | |
| tree | 8b32bec54759695cdf4036b6ea7ab0cf0138504a /usr/local/www/firewall_rules_edit.php | |
| parent | 3e3582a9a63e1564f90c6e5dc6e77b3e0a781ce8 (diff) | |
| download | pfsense-1122a892f2af418daa5964d41d1d942fc89d470e.zip pfsense-1122a892f2af418daa5964d41d1d942fc89d470e.tar.gz | |
Fix source input validation, saving, and the "View the NAT rule" link on linked filter rules. Ticket #586
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
| -rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 91c5b07..05ad793 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -256,12 +256,16 @@ if ($_POST) { } /* input validation */ - $reqdfields = explode(" ", "type proto src"); - if ( isset($a_filter[$id]['associated-rule-id'])===false ) + $reqdfields = explode(" ", "type proto"); + if ( isset($a_filter[$id]['associated-rule-id'])===false ) { + $redqfields[] = "src"; $redqfields[] = "dst"; - $reqdfieldsn = explode(",", "Type,Protocol,Source"); - if ( isset($a_filter[$id]['associated-rule-id'])===false ) + } + $reqdfieldsn = explode(",", "Type,Protocol"); + if ( isset($a_filter[$id]['associated-rule-id'])===false ) { + $reqdfieldsn[] = "Source"; $reqdfieldsn[] = "Destination"; + } if($_POST['statetype'] == "modulate state" or $_POST['statetype'] == "synproxy state") { if( $_POST['proto'] != "tcp" ) @@ -270,7 +274,8 @@ if ($_POST) { $input_errors[] = "{$_POST['statetype']} is only valid if the gateway is set to 'default'."; } - if (!(is_specialnet($_POST['srctype']) || ($_POST['srctype'] == "single"))) { + if ( isset($a_filter[$id]['associated-rule-id'])===false && + (!(is_specialnet($_POST['srctype']) || ($_POST['srctype'] == "single"))) ) { $reqdfields[] = "srcmask"; $reqdfieldsn[] = "Source bit count"; } @@ -508,8 +513,9 @@ if ($_POST) { $filterent['sched'] = $_POST['sched']; } - // If we have an associated nat rule, make sure the destination doesn't change + // If we have an associated nat rule, make sure the source and destination doesn't change if( isset($a_filter[$id]['associated-rule-id']) ) { + $filterent['source'] = $a_filter[$id]['source']; $filterent['destination'] = $a_filter[$id]['destination']; $filterent['associated-rule-id'] = $a_filter[$id]['associated-rule-id']; } @@ -721,8 +727,8 @@ include("head.inc"); $edit_disabled=true; if (is_array($config['nat']['rule'])) { foreach( $config['nat']['rule'] as $index => $nat_rule ) { - if( $nat_rule['associated-rule-id']==$pconfig['associated-rule-id']) { - echo "<a href=\"firewall_nat_edit.php?id={$nat_rule[$index]}\">View the NAT rule</a><br>"; + if( isset($nat_rule['associated-rule-id']) && $nat_rule['associated-rule-id']==$pconfig['associated-rule-id'] ) { + echo "<a href=\"firewall_nat_edit.php?id={$index}\">View the NAT rule</a><br>"; break; } } |
