diff options
author | Bill Marquette <billm@pfsense.org> | 2005-03-05 19:47:01 +0000 |
---|---|---|
committer | Bill Marquette <billm@pfsense.org> | 2005-03-05 19:47:01 +0000 |
commit | 00bcbdd0855a880bc251e82e979d7ab8c30859ba (patch) | |
tree | 052692bca68c6b45f972e09ddfd9e8cb2388661f /usr/local/www | |
parent | 3364bed41eec05da161587ea5e75fd9c36c36e22 (diff) | |
download | pfsense-00bcbdd0855a880bc251e82e979d7ab8c30859ba.zip pfsense-00bcbdd0855a880bc251e82e979d7ab8c30859ba.tar.gz |
inbound nat can now be reordered
Diffstat (limited to 'usr/local/www')
-rwxr-xr-x | usr/local/www/firewall_nat.php | 135 |
1 files changed, 102 insertions, 33 deletions
diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php index 42a7211..b54da02 100755 --- a/usr/local/www/firewall_nat.php +++ b/usr/local/www/firewall_nat.php @@ -37,7 +37,7 @@ if (!is_array($config['nat']['rule'])) $config['nat']['rule'] = array(); $a_nat = &$config['nat']['rule']; -nat_rules_sort(); +//nat_rules_sort(); if ($_POST) { @@ -68,15 +68,62 @@ if ($_POST) { } } -if ($_GET['act'] == "del") { - if ($a_nat[$_GET['id']]) { - unset($a_nat[$_GET['id']]); - write_config(); - touch($d_natconfdirty_path); - header("Location: firewall_nat.php"); - exit; - } +if (isset($_POST['del_x'])) { + /* delete selected rules */ + if (is_array($_POST['rule']) && count($_POST['rule'])) { + foreach ($_POST['rule'] as $rulei) { + unset($a_nat[$rulei]); + } + write_config(); + touch($d_natconfdirty_path); + header("Location: firewall_nat.php"); + exit; + } + +} else { + /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ + unset($movebtn); + foreach ($_POST as $pn => $pd) { + if (preg_match("/move_(\d+)_x/", $pn, $matches)) { + $movebtn = $matches[1]; + break; + } + } + /* move selected rules before this rule */ + if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) { + $a_nat_new = array(); + + /* copy all rules < $movebtn and not selected */ + for ($i = 0; $i < $movebtn; $i++) { + if (!in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + + /* copy all selected rules */ + for ($i = 0; $i < count($a_nat); $i++) { + if ($i == $movebtn) + continue; + if (in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + + /* copy $movebtn rule */ + if ($movebtn < count($a_nat)) + $a_nat_new[] = $a_nat[$movebtn]; + + /* copy all rules > $movebtn and not selected */ + for ($i = $movebtn+1; $i < count($a_nat); $i++) { + if (!in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + $a_nat = $a_nat_new; + write_config(); + touch($d_natconfdirty_path); + header("Location: firewall_nat.php"); + exit; + } } + ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> @@ -89,7 +136,9 @@ if ($_GET['act'] == "del") { <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <p class="pgtitle">Firewall: NAT: Inbound</font></p> -<form action="firewall_nat.php" method="post"> +<form action="firewall_nat.php" method="post" name="iform"> +<script type="text/javascript" language="javascript" src="row_toggle.js"> +</script> <?php if ($savemsg) print_info_box($savemsg); ?> <?php if (file_exists($d_natconfdirty_path)): ?><p> <?php print_info_box_np("The NAT configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br> @@ -108,7 +157,9 @@ if ($_GET['act'] == "del") { <tr> <td class="tabcont"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> + <tr id="frheader"> + <td width="3%" class="list"> </td> + <td width="3%" class="list"> </td> <td width="5%" class="listhdrr">If</td> <td width="5%" class="listhdrr">Proto</td> <td width="20%" class="listhdrr">Ext. port range</td> @@ -116,21 +167,23 @@ if ($_GET['act'] == "del") { <td width="20%" class="listhdrr">Int. port range</td> <td width="20%" class="listhdr">Description</td> <td width="5%" class="list"></td> - </tr> - <?php $i = 0; foreach ($a_nat as $natent): ?> - <tr valign="top"> - <td class="listlr"> - <?php - if (!$natent['interface'] || ($natent['interface'] == "wan")) - echo "WAN"; - else - echo "<font color=\"#FFFFFF\">" . htmlspecialchars($config['interfaces'][$natent['interface']]['descr']); - ?> + </tr> + <?php $nnats = $i = 0; foreach ($a_nat as $natent): ?> + <tr valign="top" id="fr<?=$nnats;?>"> + <td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td> + <td class="listt" align="center"></td> + <td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>"> + <?php + if (!$natent['interface'] || ($natent['interface'] == "wan")) + echo "WAN"; + else + echo "<font color=\"#FFFFFF\">" . htmlspecialchars($config['interfaces'][$natent['interface']]['descr']); + ?> </td> - <td class="listr"> + <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>"> <?=strtoupper($natent['protocol']);?> </td> - <td class="listr"> + <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>"> <?php list($beginport, $endport) = split("-", $natent['external-port']); if ((!$endport) || ($beginport == $endport)) { @@ -141,13 +194,13 @@ if ($_GET['act'] == "del") { echo $beginport . " - " . $endport; ?> </td> - <td class="listr"> + <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>"> <?=$natent['target'];?> <?php if ($natent['external-address']) echo "<br>(ext.: " . $natent['external-address'] . ")"; ?> </td> - <td class="listr"> + <td class="listr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>"> <?php if ((!$endport) || ($beginport == $endport)) { echo $natent['local-port']; if ($wkports[$natent['local-port']]) @@ -160,15 +213,31 @@ if ($_GET['act'] == "del") { <td class="listbg"><font color="#FFFFFFF"> <?=htmlspecialchars($natent['descr']);?> </td> - <td valign="middle" class="list" nowrap> <a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" width="17" height="17" border="0"></a> - <a href="firewall_nat.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this rule?')"><img src="x.gif" width="17" height="17" border="0"></a></td> - </tr> - <?php $i++; endforeach; ?> + <td valign="middle" class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td><a href="firewall_nat_edit.php?id=<?=$i;?>"><img src="e.gif" width="17" height="17" border="0"></a></td> + </tr> + <tr> + <td><input onmouseover="fr_insline(<?=$nnats;?>, true)" onmouseout="fr_insline(<?=$nnats;?>, false)" name="move_<?=$i;?>" src="left.gif" title="move selected rules before this rule" height="17" type="image" width="17" border="0"></td> + <!-- <billm><td><a href="firewall_nat_out_edit.php?dup=<?=$i;?>"><img src="plus.gif" title="add a new nat based on this one" width="17" height="17" border="0"></a></td><billm> --> + </tr> + </table> + </tr> + <?php $i++; $nnats++; endforeach; ?> <tr> - <td class="list" colspan="6"></td> - <td class="list"> <a href="firewall_nat_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> + <td class="list" colspan="8"></td> + <td class="list" valign="middle" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td><?php if ($nnats == 0): ?><img src="left_d.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="left.gif" width="17" height="17" title="move selected mappings to end" border="0"><?php endif; ?></td> + <td><a href="firewall_nat_edit.php"><img src="plus.gif" width="17" height="17" border="0"></a></td> + </tr> + <tr> + <td><?php if ($nnats == 0): ?><img src="x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?><input name="del" type="image" src="x.gif" width="17" height="17" title="delete selected mappings" onclick="return confirm('Do you really want to delete the selected mappings?')"><?php endif; ?></td> + </tr> + </table></td> + </tr> </table> <p><span class="vexpl"><span class="red"><strong>Note:<br> </strong></span>It is not possible to access NATed services using the WAN IP address from within LAN (or an optional |