diff options
| author | jim-p <jimp@pfsense.org> | 2010-12-20 15:01:51 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2010-12-20 15:01:51 -0500 |
| commit | e2c1d6c5cf3fda8b9fb370cdb50d4a3578c8efa6 (patch) | |
| tree | 96b68c4b0719ff4a80c8f85362968a9e4ee01db3 /usr/local/www | |
| parent | 49659e1cc6f78af1287590fca7b64791fd6da6f1 (diff) | |
| download | pfsense-e2c1d6c5cf3fda8b9fb370cdb50d4a3578c8efa6.zip pfsense-e2c1d6c5cf3fda8b9fb370cdb50d4a3578c8efa6.tar.gz | |
Add a per-entry option for Proxy ARP VIPs of the Network type to disable their expansion on Port Forwards and Outbound NAT screens. Will allow users with large proxy arp subnets used only with 1:1 to still load those pages in a reasonable time. Resolves #1119
Diffstat (limited to 'usr/local/www')
| -rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/firewall_nat_out_edit.php | 2 | ||||
| -rwxr-xr-x | usr/local/www/firewall_virtual_ip_edit.php | 28 |
3 files changed, 32 insertions, 0 deletions
diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index d216a98..125a34f 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -646,6 +646,8 @@ include("fbegin.inc"); ?> <?php if (is_array($config['virtualip']['vip'])): foreach ($config['virtualip']['vip'] as $sn): + if (isset($sn['noexpand'])) + continue; if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index 2910c08..e00994b 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -471,6 +471,8 @@ any)");?></td> <option value=""<?php if (!$pconfig['target']) echo " selected"; ?>><?=gettext("Interface address");?></option> <?php if (is_array($config['virtualip']['vip'])): foreach ($config['virtualip']['vip'] as $sn): + if (isset($sn['noexpand'])) + continue; if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"): $start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits'])); $end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits'])); diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index 4658094..5825aaf 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -87,6 +87,7 @@ if (isset($id) && $a_vip[$id]) { $pconfig['range'] = $a_vip[$id]['range']; $pconfig['subnet'] = $a_vip[$id]['subnet']; $pconfig['subnet_bits'] = $a_vip[$id]['subnet_bits']; + $pconfig['noexpand'] = $a_vip[$id]['noexpand']; $pconfig['descr'] = $a_vip[$id]['descr']; $pconfig['type'] = $a_vip[$id]['type']; $pconfig['interface'] = $a_vip[$id]['interface']; @@ -199,7 +200,9 @@ if ($_POST) { if ($_POST['type'] == "range") { $vipent['range']['from'] = $_POST['range_from']; $vipent['range']['to'] = $_POST['range_to']; + } + $vipent['noexpand'] = isset($_POST['noexpand']); } /* CARP specific fields */ @@ -288,6 +291,8 @@ function enable_change(enable_over) { document.iform.type.disabled = 1; document.iform.subnet_bits.disabled = 0; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; if (note.firstChild == null) { note.appendChild(carpnote); } else { @@ -302,6 +307,8 @@ function enable_change(enable_over) { document.iform.type.disabled = 0; document.iform.subnet_bits.disabled = 1; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 0; + $('noexpandrow').style.display = ''; if (note.firstChild == null) { note.appendChild(proxyarpnote); } else { @@ -315,6 +322,8 @@ function enable_change(enable_over) { note.removeChild(note.firstChild); } document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } if (get_radio_value(document.iform.mode) == "ipalias") { document.iform.type.disabled = 1; @@ -322,6 +331,8 @@ function enable_change(enable_over) { note.appendChild(ipaliasnote); document.iform.subnet_bits.disabled = 0; document.iform.subnet.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } if (get_radio_value(document.iform.mode) == "carpdev-dhcp") { document.iform.type.disabled = 1; @@ -335,29 +346,40 @@ function enable_change(enable_over) { document.iform.password.disabled = 0; document.iform.advskew.disabled = 0; document.iform.advbase.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; } + typesel_change(); } function typesel_change() { switch (document.iform.type.selectedIndex) { case 0: // single document.iform.subnet.disabled = 0; if((get_radio_value(document.iform.mode) == "proxyarp")) document.iform.subnet_bits.disabled = 1; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; break; case 1: // network document.iform.subnet.disabled = 0; document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 0; + $('noexpandrow').style.display = ''; //document.iform.range_from.disabled = 1; //document.iform.range_to.disabled = 1; break; case 2: // range document.iform.subnet.disabled = 1; document.iform.subnet_bits.disabled = 1; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; //document.iform.range_from.disabled = 0; //document.iform.range_to.disabled = 0; break; case 3: // IP alias document.iform.subnet.disabled = 1; document.iform.subnet_bits.disabled = 0; + document.iform.noexpand.disabled = 1; + $('noexpandrow').style.display = 'none'; //document.iform.range_from.disabled = 0; //document.iform.range_to.disabled = 0; break; @@ -436,6 +458,12 @@ function typesel_change() { </select> <i id="typenote"></i> </td> </tr> + <tr id="noexpandrow"> + <td><?=gettext("Expansion:");?> </td> + <td><input name="noexpand" type="checkbox" class="formfld unknown" id="noexpand" <?php echo (isset($pconfig['noexpand'])) ? "checked" : "" ; ?>> + Disable expansion of this entry into IPs on NAT lists (e.g. 192.168.1.0/24 expands to 256 entries.) + </td> + </tr> <?php /* <tr> |
