From 68ff67b360068bf308eb0305aeb1fa841f85bc01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20Lu=E7i?= <eri@pfsense.org>
Date: Tue, 9 Mar 2010 19:43:40 +0000
Subject: Implement the protocol functionality on nat rules. This i based on a
 port that provides this functionality but with a lot more reduced patchset.

---
 usr/local/www/firewall_nat_out_edit.php | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

(limited to 'usr/local')

diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php
index 209ee78..31e8a0c 100755
--- a/usr/local/www/firewall_nat_out_edit.php
+++ b/usr/local/www/firewall_nat_out_edit.php
@@ -66,6 +66,7 @@ if (isset($_GET['dup']))  {
 	unset($after);
 
 if (isset($id) && $a_out[$id]) {
+	$pconfig['protocol'] = $a_out[$id]['protocol'];
 	list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$id]['source']['network']);
 	$pconfig['sourceport'] = $a_out[$id]['sourceport'];
 	address_to_pconfig($a_out[$id]['destination'], $pconfig['destination'],
@@ -107,8 +108,8 @@ if ($_POST) {
 	$pconfig = $_POST;
 
 	/* input validation */
-	$reqdfields = explode(" ", "interface source source_subnet destination destination_subnet");
-	$reqdfieldsn = explode(",", "Interface,Source,Source bit count,Destination,Destination bit count");
+	$reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet");
+	$reqdfieldsn = explode(",", "Interface,Protocol,Source,Source bit count,Destination,Destination bit count");
 
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
 
@@ -212,6 +213,11 @@ if ($_POST) {
 			unset($natent['nonat']);
 		}
 
+		if ($_POST['protocol'] && $_POST['protocol'] != "any")
+			$natent['protocol'] = $_POST['protocol'];
+		else
+			unset($natent['protocol']);
+
 	        if ($ext == "any") {
 			$natent['destination']['any'] = true;
 		} else {
@@ -334,6 +340,18 @@ function sourcesel_change() {
                      <span class="vexpl">Choose which interface this rule applies to.<br>
                      Hint: in most cases, you'll want to use WAN here.</span></td>
                 </tr>
+		<tr>
+			<td width="22%" valign="top" class="vncellreq">Protocol</td>
+			<td width="78%" class="vtable">
+				<select name="proto" class="formselect">
+				<?php $protocols = explode(" ", "any TCP UDP TCP/UDP ICMP ESP AH GRE IGMP carp pfsync");
+                                foreach ($protocols as $proto): ?>
+                                        <option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['protocol']) echo "selected"; ?>><?=htmlspecialchars($proto);?></option>
+				<?php endforeach; ?>
+				 </select> <br> <span class="vexpl">Choose which protocol this rule should match.<br />
+				 Hint: in most cases, you should specify <em>any</em> &nbsp;here.</span>
+			</td>
+		</tr>
                 <tr>
                   <td width="22%" valign="top" class="vncellreq">Source</td>
                   <td width="78%" class="vtable">
-- 
cgit v1.1