diff options
author | Ermal Luçi <eri@pfsense.org> | 2010-03-09 19:43:40 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2010-03-09 19:45:13 +0000 |
commit | 68ff67b360068bf308eb0305aeb1fa841f85bc01 (patch) | |
tree | 90859f18cd2eaff33edad581abb2bab3b4efcb78 /usr/local/www | |
parent | 800ae4122c0efd20a6db87bac8d463a7fe145db8 (diff) | |
download | pfsense-68ff67b360068bf308eb0305aeb1fa841f85bc01.zip pfsense-68ff67b360068bf308eb0305aeb1fa841f85bc01.tar.gz |
Implement the protocol functionality on nat rules. This i based on a port that provides this functionality but with a lot more reduced patchset.
Diffstat (limited to 'usr/local/www')
-rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 209ee78..31e8a0c 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -66,6 +66,7 @@ if (isset($_GET['dup'])) { unset($after); if (isset($id) && $a_out[$id]) { + $pconfig['protocol'] = $a_out[$id]['protocol']; list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$id]['source']['network']); $pconfig['sourceport'] = $a_out[$id]['sourceport']; address_to_pconfig($a_out[$id]['destination'], $pconfig['destination'], @@ -107,8 +108,8 @@ if ($_POST) { $pconfig = $_POST; /* input validation */ - $reqdfields = explode(" ", "interface source source_subnet destination destination_subnet"); - $reqdfieldsn = explode(",", "Interface,Source,Source bit count,Destination,Destination bit count"); + $reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet"); + $reqdfieldsn = explode(",", "Interface,Protocol,Source,Source bit count,Destination,Destination bit count"); do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -212,6 +213,11 @@ if ($_POST) { unset($natent['nonat']); } + if ($_POST['protocol'] && $_POST['protocol'] != "any") + $natent['protocol'] = $_POST['protocol']; + else + unset($natent['protocol']); + if ($ext == "any") { $natent['destination']['any'] = true; } else { @@ -334,6 +340,18 @@ function sourcesel_change() { <span class="vexpl">Choose which interface this rule applies to.<br> Hint: in most cases, you'll want to use WAN here.</span></td> </tr> + <tr> + <td width="22%" valign="top" class="vncellreq">Protocol</td> + <td width="78%" class="vtable"> + <select name="proto" class="formselect"> + <?php $protocols = explode(" ", "any TCP UDP TCP/UDP ICMP ESP AH GRE IGMP carp pfsync"); + foreach ($protocols as $proto): ?> + <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['protocol']) echo "selected"; ?>><?=htmlspecialchars($proto);?></option> + <?php endforeach; ?> + </select> <br> <span class="vexpl">Choose which protocol this rule should match.<br /> + Hint: in most cases, you should specify <em>any</em> here.</span> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq">Source</td> <td width="78%" class="vtable"> |