diff options
-rwxr-xr-x | usr/local/www/firewall_nat.php | 5 | ||||
-rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 12 |
2 files changed, 6 insertions, 11 deletions
diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php index 8631d99..fab7c82 100755 --- a/usr/local/www/firewall_nat.php +++ b/usr/local/www/firewall_nat.php @@ -233,11 +233,10 @@ echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript <tr valign="top" id="fr<?=$nnats;?>"> <td class="listt"><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td> <td class="listt" align="center"> - <?php if(!empty($natent['associated-rule-id'])): ?> - <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="Firewall rule ID <?=htmlspecialchars($nnatid); ?> is managed with this rule" border="0"> - <?php endif; ?> <?php if($natent['associated-rule-id'] == "pass"): ?> <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" title="All traffic matching this NAT entry is passed" border="0"> + <?php elseif (!empty($natent['associated-rule-id'])): ?> + <img src="./themes/<?= $g['theme']; ?>/images/icons/icon_chain.png" width="17" height="17" title="Firewall rule ID <?=htmlspecialchars($nnatid); ?> is managed with this rule" border="0"> <?php endif; ?> </td> <td class="listlr" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='firewall_nat_edit.php?id=<?=$nnats;?>';"> diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index a3e2c3d..680dbcb 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -209,13 +209,9 @@ if ($_POST) { } /* if user enters an alias and selects "network" then disallow. */ - if($_POST['srctype'] == "network") { - if(is_alias($_POST['src'])) - $input_errors[] = "You must specify single host or alias for alias entries."; - } - if($_POST['dsttype'] == "network") { - if(is_alias($_POST['dst'])) - $input_errors[] = "You must specify single host or alias for alias entries."; + if( ($_POST['srctype'] == "network" && is_alias($_POST['src']) ) + || ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) ) ) { + $input_errors[] = "You must specify single host or alias for alias entries."; } if (!is_specialnet($_POST['srctype'])) { @@ -307,7 +303,7 @@ if ($_POST) { unset($natent['nosync']); // If we used to have an associated filter rule, but no-longer should have one - if ($a_nat[$id]>0 && empty($natent['associated-rule-id'])) { + if ($a_nat[$id]>0 && ( empty($natent['associated-rule-id']) || $natent['associated-rule-id'] != $a_nat[$id]['associated-rule-id'] ) ) { // Delete the previous rule delete_id($a_nat[$id]['associated-rule-id'], $config['filter']['rule']); mark_subsystem_dirty('filter'); |