diff options
author | Erik Fonnesbeck <efonnes@gmail.com> | 2010-05-05 19:34:47 -0600 |
---|---|---|
committer | Erik Fonnesbeck <efonnes@gmail.com> | 2010-05-05 19:34:47 -0600 |
commit | 129bc05216b55cd0c502f40f47cf7de001eef5ba (patch) | |
tree | eb96c88eed8ae73231640b9db1569c5f13c357c5 /usr/local/www/system_advanced_firewall.php | |
parent | 9ff30853aed55c54e780139cb59b50e1f45dea5d (diff) | |
parent | e57d08971659ee0ed6d884409838394e33a2a395 (diff) | |
download | pfsense-129bc05216b55cd0c502f40f47cf7de001eef5ba.zip pfsense-129bc05216b55cd0c502f40f47cf7de001eef5ba.tar.gz |
Merge remote branch 'mainline/master' into patches
Resolved conflicts:
usr/local/www/system_advanced_firewall.php
Diffstat (limited to 'usr/local/www/system_advanced_firewall.php')
-rw-r--r-- | usr/local/www/system_advanced_firewall.php | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php index 7ed4383..497205d 100644 --- a/usr/local/www/system_advanced_firewall.php +++ b/usr/local/www/system_advanced_firewall.php @@ -56,7 +56,10 @@ $pconfig['tcpidletimeout'] = $config['filter']['tcpidletimeout']; $pconfig['optimization'] = $config['filter']['optimization']; $pconfig['maximumstates'] = $config['system']['maximumstates']; $pconfig['disablenatreflection'] = $config['system']['disablenatreflection']; -$pconfig['reflectiontimeout'] = $config['system']['reflectiontimeout']; +if (!isset($config['system']['enablebinatreflection'])) + $pconfig['disablebinatreflection'] = "yes"; +else + $pconfig['disablebinatreflection'] = ""; $pconfig['bypassstaticroutes'] = isset($config['filter']['bypassstaticroutes']); $pconfig['disablescrub'] = isset($config['system']['disablescrub']); $pconfig['tftpinterface'] = $config['system']['tftpinterface']; @@ -73,9 +76,6 @@ if ($_POST) { if ($_POST['tcpidletimeout'] && !is_numericint($_POST['tcpidletimeout'])) { $input_errors[] = gettext("The TCP idle timeout must be an integer."); } - if ($_POST['reflectiontimeout'] && !is_numericint($_POST['reflectiontimeout'])) { - $input_errors[] = gettext("The Reflection timeout must be an integer."); - } ob_flush(); flush(); @@ -109,8 +109,11 @@ if ($_POST) { $config['system']['disablenatreflection'] = $_POST['disablenatreflection']; else unset($config['system']['disablenatreflection']); - - $config['system']['reflectiontimeout'] = $_POST['reflectiontimeout']; + + if($_POST['disablebinatreflection'] == "yes") + unset($config['system']['enablebinatreflection']); + else + $config['system']['enablebinatreflection'] = "yes"; if($_POST['bypassstaticroutes'] == "yes") $config['filter']['bypassstaticroutes'] = $_POST['bypassstaticroutes']; @@ -298,17 +301,17 @@ function update_description(itemnum) { <td colspan="2" valign="top" class="listtopic"><?=gettext("Network Address Translation");?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Disable NAT Reflection");?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable NAT Reflection for port forwards");?></td> <td width="78%" class="vtable"> <input name="disablenatreflection" type="checkbox" id="disablenatreflection" value="yes" <?php if (isset($config['system']['disablenatreflection'])) echo "checked"; ?> /> - <strong><?=gettext("Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection is only enabled for port forward entries and is skipped for ranges larger than 500 ports.");?></strong> + <strong><?=gettext("Disables the automatic creation of additional NAT redirect rules for access to port forwards on your external IP addresses from within your internal networks. Note: Reflection might not fully work in complex routing scenarios.");?></strong> </td> </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Reflection Timeout");?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Disable NAT Reflection for 1:1 NAT");?></td> <td width="78%" class="vtable"> - <input name="reflectiontimeout" id="reflectiontimeout" value="<?php echo $config['system']['reflectiontimeout']; ?>" /><br/> - <strong><?=gettext("Enter value for Reflection timeout in seconds.");?></strong> + <input name="disablebinatreflection" type="checkbox" id="disablebinatreflection" value="yes" <?php if (!isset($config['system']['enablebinatreflection'])) echo "checked"; ?> /> + <strong><?=gettext("Disables the automatic creation of additional NAT 1:1 mappings for access to 1:1 mappings of your external IP addresses from within your internal networks. Note: Reflection might not fully work in complex routing scenarios.");?></strong> </td> </tr> <tr> |