.
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
##|+PRIV
##|*IDENT=page-firewall-nat-portforward
##|*NAME=Firewall: NAT: Port Forward
##|*DESCR=Allow access to the 'Firewall: NAT: Port Forward' page.
##|*MATCH=firewall_nat.php*
##|-PRIV
require_once("guiconfig.inc");
require_once("functions.inc");
require_once("filter.inc");
require_once("shaper.inc");
require_once("itemid.inc");
init_config_arr(array('filter', 'rule'));
init_config_arr(array('nat', 'separator'));
init_config_arr(array('nat', 'rule'));
$a_nat = &$config['nat']['rule'];
$a_separators = &$config['nat']['separator'];
/* update rule order, POST[rule] is an array of ordered IDs */
if (array_key_exists('order-store', $_REQUEST) && have_natpfruleint_access($natent['interface'])) {
if (is_array($_REQUEST['rule']) && !empty($_REQUEST['rule'])) {
$a_nat_new = array();
// if a rule is not in POST[rule], it has been deleted by the user
foreach ($_POST['rule'] as $id) {
$a_nat_new[] = $a_nat[$id];
}
$a_nat = $a_nat_new;
$config['nat']['separator'] = "";
if ($_POST['separator']) {
$idx = 0;
if (!is_array($config['nat']['separator'])) {
$config['nat']['separator'] = array();
}
foreach ($_POST['separator'] as $separator) {
$config['nat']['separator']['sep' . $idx++] = $separator;
}
}
if (write_config()) {
mark_subsystem_dirty('filter');
}
header("Location: firewall_nat.php");
exit;
}
}
/* if a custom message has been passed along, lets process it */
if ($_REQUEST['savemsg']) {
$savemsg = $_REQUEST['savemsg'];
}
if ($_POST['apply'] && have_natpfruleint_access($natent['interface'])) {
$retval = 0;
$retval |= filter_configure();
pfSense_handle_custom_code("/usr/local/pkg/firewall_nat/apply");
if ($retval == 0) {
clear_subsystem_dirty('natconf');
clear_subsystem_dirty('filter');
}
}
if (($_POST['act'] == "del") && have_natpfruleint_access($natent['interface'])) {
if ($a_nat[$_POST['id']]) {
if (isset($a_nat[$_POST['id']]['associated-rule-id'])) {
delete_id($a_nat[$_POST['id']]['associated-rule-id'], $config['filter']['rule']);
$want_dirty_filter = true;
}
unset($a_nat[$_POST['id']]);
// Update the separators
$ridx = $_POST['id'];
$mvnrows = -1;
move_separators($a_separators, $ridx, $mvnrows);
if (write_config()) {
mark_subsystem_dirty('natconf');
if ($want_dirty_filter) {
mark_subsystem_dirty('filter');
}
}
header("Location: firewall_nat.php");
exit;
}
}
if (isset($_POST['del_x']) && have_natpfruleint_access($natent['interface'])) {
/* delete selected rules */
if (is_array($_POST['rule']) && count($_POST['rule'])) {
$num_deleted = 0;
foreach ($_POST['rule'] as $rulei) {
$target = $rule['target'];
// Check for filter rule associations
if (isset($a_nat[$rulei]['associated-rule-id'])) {
delete_id($a_nat[$rulei]['associated-rule-id'], $config['filter']['rule']);
mark_subsystem_dirty('filter');
}
unset($a_nat[$rulei]);
// Update the separators
// As rules are deleted, $ridx has to be decremented or separator position will break
$ridx = $rulei - $num_deleted;
$mvnrows = -1;
move_separators($a_separators, $ridx, $mvnrows);
$num_deleted++;
}
if (write_config()) {
mark_subsystem_dirty('natconf');
}
header("Location: firewall_nat.php");
exit;
}
} elseif (($_POST['act'] == "toggle") && have_natpfruleint_access($natent['interface'])) {
if ($a_nat[$_POST['id']]) {
if (isset($a_nat[$_POST['id']]['disabled'])) {
unset($a_nat[$_POST['id']]['disabled']);
$rule_status = true;
} else {
$a_nat[$_POST['id']]['disabled'] = true;
$rule_status = false;
}
// Check for filter rule associations
if (isset($a_nat[$_POST['id']]['associated-rule-id'])) {
toggle_id($a_nat[$_POST['id']]['associated-rule-id'],
$config['filter']['rule'], $rule_status);
unset($rule_status);
mark_subsystem_dirty('filter');
}
if (write_config(gettext("Firewall: NAT: Port forward, enable/disable NAT rule"))) {
mark_subsystem_dirty('natconf');
}
header("Location: firewall_nat.php");
exit;
}
}
$pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("Port Forward"));
$pglinks = array("", "@self", "@self");
include("head.inc");
if ($_POST['apply']) {
print_apply_result_box($retval);
}
if (is_subsystem_dirty('natconf') && have_natpfruleint_access($natent['interface'])) {
print_apply_box(gettext('The NAT configuration has been changed.') . '
' .
gettext('The changes must be applied for them to take effect.'));
}
$tab_array = array();
$tab_array[] = array(gettext("Port Forward"), true, "firewall_nat.php");
$tab_array[] = array(gettext("1:1"), false, "firewall_nat_1to1.php");
$tab_array[] = array(gettext("Outbound"), false, "firewall_nat_out.php");
$tab_array[] = array(gettext("NPt"), false, "firewall_nat_npt.php");
display_top_tabs($tab_array);
$columns_in_table = 13;
?>