From 3544cbb0f8bdc1fb446730b576521ccde3b31b21 Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Wed, 16 Nov 2005 18:24:51 +0000 Subject: MFC 7730 When adding a NAT redirect to a internal FTP server automatically create a rule to allow traffic to the external IP of the redirect, port 21 so that pftpx can function. --- usr/local/www/firewall_nat_edit.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'usr/local/www/firewall_nat_edit.php') diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index c81a84f..68d2ab3 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -191,6 +191,30 @@ if ($_POST) { $config['filter']['rule'][] = $filterent; + /* auto add rule to external port 21 as well since we are using + * pftpx to help open up ports automatically + */ + if($_POST['endport'] == "21") { + $filterent = array(); + $filterent['interface'] = $_POST['interface']; + $filterent['protocol'] = $_POST['proto']; + $filterent['source']['any'] = ""; + $filterent['destination']['address'] = $_POST['extaddr']; + + $dstpfrom = $_POST['localbeginport']; + $dstpto = $dstpfrom + $_POST['endport'] - $_POST['beginport']; + + if ($dstpfrom == $dstpto) + $filterent['destination']['port'] = $dstpfrom; + else + $filterent['destination']['port'] = $dstpfrom . "-" . $dstpto; + + $filterent['descr'] = "NAT " . $_POST['descr']; + + $config['filter']['rule'][] = $filterent; + + } + touch($d_filterconfdirty_path); } -- cgit v1.1