. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgment: * "This product includes software developed by the pfSense Project * for use in the pfSense® software distribution. (http://www.pfsense.org/). * * 4. The names "pfSense" and "pfSense Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * coreteam@pfsense.org. * * 5. Products derived from this software may not be called "pfSense" * nor may "pfSense" appear in their names without prior written * permission of the Electric Sheep Fencing, LLC. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * * "This product includes software developed by the pfSense Project * for use in the pfSense software distribution (http://www.pfsense.org/). * * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. */ ##|+PRIV ##|*IDENT=page-firewall-nat-1-1 ##|*NAME=Firewall: NAT: 1:1 ##|*DESCR=Allow access to the 'Firewall: NAT: 1:1' page. ##|*MATCH=firewall_nat_1to1.php* ##|-PRIV require_once("guiconfig.inc"); require_once("functions.inc"); require_once("filter.inc"); require_once("shaper.inc"); if (!is_array($config['nat']['onetoone'])) { $config['nat']['onetoone'] = array(); } $a_1to1 = &$config['nat']['onetoone']; /* update rule order, POST[rule] is an array of ordered IDs */ if (array_key_exists('order-store', $_POST)) { if (is_array($_POST['rule']) && !empty($_POST['rule'])) { $a_1to1_new = array(); // if a rule is not in POST[rule], it has been deleted by the user foreach ($_POST['rule'] as $id) { $a_1to1_new[] = $a_1to1[$id]; } $a_1to1 = $a_1to1_new; if (write_config()) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } if ($_POST) { $pconfig = $_POST; if ($_POST['apply']) { $retval = 0; $retval |= filter_configure(); $savemsg = get_std_save_message($retval); if ($retval == 0) { clear_subsystem_dirty('natconf'); clear_subsystem_dirty('filter'); } } } if ($_GET['act'] == "del") { if ($a_1to1[$_GET['id']]) { unset($a_1to1[$_GET['id']]); if (write_config()) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } if (isset($_POST['del_x'])) { /* delete selected rules */ if (is_array($_POST['rule']) && count($_POST['rule'])) { foreach ($_POST['rule'] as $rulei) { unset($a_1to1[$rulei]); } if (write_config()) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } else if ($_GET['act'] == "toggle") { if ($a_1to1[$_GET['id']]) { if (isset($a_1to1[$_GET['id']]['disabled'])) { unset($a_1to1[$_GET['id']]['disabled']); } else { $a_1to1[$_GET['id']]['disabled'] = true; } if (write_config(gettext("Firewall: NAT: 1:1, enable/disable NAT rule"))) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("1:1")); include("head.inc"); if ($savemsg) { print_info_box($savemsg, 'success'); } if (is_subsystem_dirty('natconf')) { print_apply_box(gettext('The NAT configuration has been changed.') . '
' . gettext('The changes must be applied for them to take effect.')); } $tab_array = array(); $tab_array[] = array(gettext("Port Forward"), false, "firewall_nat.php"); $tab_array[] = array(gettext("1:1"), true, "firewall_nat_1to1.php"); $tab_array[] = array(gettext("Outbound"), false, "firewall_nat_out.php"); $tab_array[] = array(gettext("NPt"), false, "firewall_nat_npt.php"); display_top_tabs($tab_array); ?>

"; $i = 0; foreach ($a_1to1 as $natent): if (isset($natent['disabled'])) { $textss = ""; $iconfn = "pass_d"; } else { $textss = ""; $iconfn = "pass"; } ?>
" title="">  "> " href="firewall_nat_1to1_edit.php?id="> " href="firewall_nat_1to1_edit.php?dup="> " href="firewall_nat_1to1.php?act=del&id=">
' . gettext("Virtual IP") . '.' . '
' . gettext('If a 1:1 NAT entry is added for any of the interface IPs on this system, ' . 'it will make this system inaccessible on that IP address. i.e. if ' . 'the WAN IP address is used, any services on this system (IPsec, OpenVPN server, etc.) ' . 'using the WAN IP address will no longer function.'), 'info', false); ?>