Skip to content

O
OpnSense
Commit 229f20f6 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) refactor firewall_nat_1to1_edit.php

parent 2f44495f
Hide whitespace changes
Inline Side-by-side
Showing with 342 additions and 466 deletions
src/www/firewall_nat_1to1_edit.php
View file @ 229f20f6
......@@ -30,564 +30,440 @@ require_once("guiconfig.inc");
require_once("interfaces.inc");
require_once("pfsense-utils.inc");
$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_nat_1to1.php');
$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
$ifdisp = get_configured_interface_with_descr();
foreach ($ifdisp as $kif => $kdescr) {
$specialsrcdst[] = "{$kif}";
$specialsrcdst[] = "{$kif}ip";
/**
* fetch list of selectable networks to use in form
*/
function formNetworks() {
$networks = array();
$networks["any"] = gettext("any");
$networks["pptp"] = gettext("PPTP clients");
$networks["pppoe"] = gettext("PPPoE clients");
$networks["l2tp"] = gettext("L2TP clients");
foreach (get_configured_interface_with_descr() as $ifent => $ifdesc) {
$networks[$ifent] = htmlspecialchars($ifdesc) . " " . gettext("net");
$networks[$ifent."ip"] = htmlspecialchars($ifdesc). " ". gettext("address");
}
return $networks;
}
if (!is_array($config['nat']['onetoone']))
$config['nat']['onetoone'] = array();
/**
* build array with interface options for this form
*/
function formInterfaces() {
global $config;
$interfaces = array();
foreach ( get_configured_interface_with_descr(false, true) as $if => $ifdesc)
$interfaces[$if] = $ifdesc;
$a_1to1 = &$config['nat']['onetoone'];
if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == "server")
$interfaces['l2tp'] = "L2TP VPN";
if (is_numericint($_GET['id']))
$id = $_GET['id'];
if (isset($_POST['id']) && is_numericint($_POST['id']))
$id = $_POST['id'];
if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == "server")
$interfaces['pptp'] = "PPTP VPN";
$after = $_GET['after'];
if (isset($_POST['after']))
$after = $_POST['after'];
if (is_pppoe_server_enabled())
$interfaces['pppoe'] = "PPPoE VPN";
if (isset($_GET['dup'])) {
$id = $_GET['dup'];
$after = $_GET['dup'];
/* add ipsec interfaces */
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
$interfaces["enc0"] = "IPsec";
/* add openvpn/tun interfaces */
if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) {
$interfaces['openvpn'] = 'OpenVPN';
}
return $interfaces;
}
if (isset($id) && $a_1to1[$id]) {
$pconfig['disabled'] = isset($a_1to1[$id]['disabled']);
/**
* obscured by clouds, is_specialnet uses this.. so let's hide it in here.
* let's kill this another day.
*/
$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
$ifdisp = get_configured_interface_with_descr();
foreach ($ifdisp as $kif => $kdescr) {
$specialsrcdst[] = "{$kif}";
$specialsrcdst[] = "{$kif}ip";
}
address_to_pconfig($a_1to1[$id]['source'], $pconfig['src'],
$pconfig['srcmask'], $pconfig['srcnot'],
$pconfig['srcbeginport'], $pconfig['srcendport']);
if (!isset($config['nat']['onetoone'])) {
$config['nat']['onetoone'] = array();
}
$a_1to1 = &$config['nat']['onetoone'];
address_to_pconfig($a_1to1[$id]['destination'], $pconfig['dst'],
$pconfig['dstmask'], $pconfig['dstnot'],
$pconfig['dstbeginport'], $pconfig['dstendport']);
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// input record id, if valid
if (isset($_GET['dup']) && isset($a_1to1[$_GET['dup']])) {
$configId = $_GET['dup'];
} elseif (isset($_GET['id']) && isset($a_1to1[$_GET['id']])) {
$id = $_GET['id'];
$configId = $id;
}
$pconfig['interface'] = $a_1to1[$id]['interface'];
if (!$pconfig['interface'])
$pconfig = array();
// set defaults
$pconfig['interface'] = "wan";
$pconfig['external'] = $a_1to1[$id]['external'];
$pconfig['descr'] = $a_1to1[$id]['descr'];
$pconfig['natreflection'] = $a_1to1[$id]['natreflection'];
} else
$pconfig['interface'] = "wan";
if (isset($_GET['dup']))
unset($id);
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
/* run through $_POST items encoding HTML entties so that the user
* cannot think he is slick and perform a XSS attack on the unwilling
*/
foreach ($_POST as $key => $value) {
$temp = str_replace(">", "", $value);
$newpost = htmlentities($temp);
if($newpost <> $temp)
$input_errors[] = sprintf(gettext("Invalid characters detected (%s). Please remove invalid characters and save again."),$temp);
}
/* input validation */
$reqdfields = explode(" ", "interface external");
$reqdfieldsn = array(gettext("Interface"), gettext("External subnet"));
if ($_POST['srctype'] == "single" || $_POST['srctype'] == "network") {
$reqdfields[] = "src";
$reqdfieldsn[] = gettext("Source address");
}
if ($_POST['dsttype'] == "single" || $_POST['dsttype'] == "network") {
$reqdfields[] = "dst";
$reqdfieldsn[] = gettext("Destination address");
}
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($_POST['external'])
$_POST['external'] = trim($_POST['external']);
if ($_POST['src'])
$_POST['src'] = trim($_POST['src']);
if ($_POST['dst'])
$_POST['dst'] = trim($_POST['dst']);
if (is_specialnet($_POST['srctype'])) {
$_POST['src'] = $_POST['srctype'];
$_POST['srcmask'] = 0;
} else if ($_POST['srctype'] == "single") {
$_POST['srcmask'] = 32;
}
if (is_specialnet($_POST['dsttype'])) {
$_POST['dst'] = $_POST['dsttype'];
$_POST['dstmask'] = 0;
} else if ($_POST['dsttype'] == "single") {
$_POST['dstmask'] = 32;
} else if (is_ipaddr($_POST['dsttype'])) {
$_POST['dst'] = $_POST['dsttype'];
$_POST['dstmask'] = 32;
$_POST['dsttype'] = "single";
}
/* For external, user can enter only ip's */
if (($_POST['external'] && !is_ipaddr($_POST['external'])))
$input_errors[] = gettext("A valid external subnet must be specified.");
/* For dst, if user enters an alias and selects "network" then disallow. */
if ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) )
$input_errors[] = gettext("You must specify single host or alias for alias entries.");
/* For src, user can enter only ip's or networks */
if (!is_specialnet($_POST['srctype'])) {
if (($_POST['src'] && !is_ipaddr($_POST['src']))) {
$input_errors[] = sprintf(gettext("%s is not a valid internal IP address."), $_POST['src']);
$pconfig['src'] = 'lan';
$pconfig['dst'] = 'any';
if (isset($configId)) {
// copy settings from config
foreach (array('disabled','interface','external','descr','natreflection') as $fieldname) {
if (isset($a_1to1[$id][$fieldname])) {
$pconfig[$fieldname] = $a_1to1[$id][$fieldname];
} else {
$pconfig[$fieldname] = null;
}
}
// read settings with some kind of logic
address_to_pconfig($a_1to1[$id]['source'], $pconfig['src'],
$pconfig['srcmask'], $pconfig['srcnot'],
$pconfig['srcbeginport'], $pconfig['srcendport']);
address_to_pconfig($a_1to1[$id]['destination'], $pconfig['dst'],
$pconfig['dstmask'], $pconfig['dstnot'],
$pconfig['dstbeginport'], $pconfig['dstendport']);
} else {
// init form data on new
foreach (array('disabled','interface','external','descr','natreflection'
,'src','srcmask','srcnot','srcbeginport','srcendport'
,'dst','dstmask','dstnot','dstbeginport','dstendport'
) as $fieldname) {
if (!isset($pconfig[$fieldname])) {
$pconfig[$fieldname] = null;
}
}
}
if (($_POST['srcmask'] && !is_numericint($_POST['srcmask']))) {
$input_errors[] = gettext("A valid internal bit count must be specified.");
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = array();
$pconfig = $_POST;
// input record id, if valid
if (isset($_POST['id']) && isset($a_1to1[$_POST['id']])) {
$id = $_POST['id'];
}
}
/* For dst, user can enter ip's, networks or aliases */
if (!is_specialnet($_POST['dsttype'])) {
if (($_POST['dst'] && !is_ipaddroralias($_POST['dst']))) {
$input_errors[] = sprintf(gettext("%s is not a valid destination IP address or alias."), $_POST['dst']);
// trim input
foreach (array('external','src','dst') as $fieldname) {
if (isset($pconfig[$fieldname])) {
$pconfig[$fieldname] = trim($pconfig[$fieldname]);
}
}
if (($_POST['dstmask'] && !is_numericint($_POST['dstmask']))) {
$input_errors[] = gettext("A valid destination bit count must be specified.");
// validate input
foreach ($pconfig as $key => $value) {
if($value <> htmlentities($value))
$input_errors[] = sprintf(gettext("Invalid characters detected (%s). Please remove invalid characters and save again."),$temp);
}
}
/* check for overlaps with other 1:1 */
foreach ($a_1to1 as $natent) {
if (isset($id) && ($a_1to1[$id]) && ($a_1to1[$id] === $natent))
continue;
/* input validation */
$reqdfields = explode(" ", "interface external src dst");
$reqdfieldsn = array(gettext("Interface"), gettext("External subnet"), gettext("Source address"), gettext("Destination address"));
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
if (check_subnets_overlap($_POST['internal'], $_POST['subnet'], $natent['internal'], $natent['subnet'])) {
//$input_errors[] = "Another 1:1 rule overlaps with the specified internal subnet.";
//break;
/* For external, user can enter only ip's */
if (!empty($pconfig['external']) && !is_ipaddr($_POST['external'])) {
$input_errors[] = gettext("A valid external subnet must be specified.");
}
/* For src, user can enter only ip's or networks */
if (!is_specialnet($pconfig['src']) && !is_ipaddroralias($pconfig['src'])) {
$input_errors[] = sprintf(gettext("%s is not a valid source IP address or alias."), $pconfig['src']);
}
}
if (!$input_errors) {
$natent = array();
$natent['disabled'] = isset($_POST['disabled']) ? true:false;
$natent['external'] = $_POST['external'];
$natent['descr'] = $_POST['descr'];
$natent['interface'] = $_POST['interface'];
pconfig_to_address($natent['source'], $_POST['src'],
$_POST['srcmask'], $_POST['srcnot']);
pconfig_to_address($natent['destination'], $_POST['dst'],
$_POST['dstmask'], $_POST['dstnot']);
if ($_POST['natreflection'] == "enable" || $_POST['natreflection'] == "disable")
$natent['natreflection'] = $_POST['natreflection'];
else
unset($natent['natreflection']);
if (isset($id) && $a_1to1[$id])
$a_1to1[$id] = $natent;
else {
if (is_numeric($after))
array_splice($a_1to1, $after+1, 0, array($natent));
else
$a_1to1[] = $natent;
if (!empty($pconfig['srcmask']) && !is_numericint($pconfig['srcmask'])) {
$input_errors[] = gettext("A valid source bit count must be specified.");
}
/* For dst, user can enter ip's, networks or aliases */
if (!is_specialnet($pconfig['dst']) && !is_ipaddroralias($pconfig['dst'])) {
$input_errors[] = sprintf(gettext("%s is not a valid destination IP address or alias."), $pconfig['dst']);
}
if (!empty($pconfig['dstmask']) && !is_numericint($pconfig['dstmask'])) {
$input_errors[] = gettext("A valid destination bit count must be specified.");
}
if (write_config())
mark_subsystem_dirty('natconf');
header("Location: firewall_nat_1to1.php");
exit;
}
if (count($input_errors) == 0) {
$natent = array();
// 1-on-1 copy
$natent['external'] = $pconfig['external'];
$natent['descr'] = $pconfig['descr'];
$natent['interface'] = $pconfig['interface'];
// copy form data with some kind of logic in it
$natent['disabled'] = isset($_POST['disabled']) ? true:false;
pconfig_to_address($natent['source'], $pconfig['src'],
$pconfig['srcmask'], !empty($pconfig['srcnot']));
pconfig_to_address($natent['destination'], $pconfig['dst'],
$pconfig['dstmask'], !empty($pconfig['dstnot']));
if (isset($pconfig['natreflection'] ) && ($pconfig['natreflection'] == "enable" || $pconfig['natreflection'] == "disable")) {
$natent['natreflection'] = $pconfig['natreflection'];
}
// save data
if (isset($id)) {
$a_1to1[$id] = $natent;
} else {
$a_1to1[] = $natent;
}
if (write_config()) {
mark_subsystem_dirty('natconf');
}
header("Location: firewall_nat_1to1.php");
exit;
}
}
legacy_html_escape_form_data($pconfig);
$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("1:1"),gettext("Edit"));
include("head.inc");
?>
<body>
<?php include("fbegin.inc"); ?>
<script type="text/javascript" src="/javascript/suggestions.js"></script>
<script type="text/javascript" src="/javascript/autosuggest.js"></script>
<script type="text/javascript">
//<![CDATA[
function typesel_change() {
switch (document.iform.srctype.selectedIndex) {
case 1: /* single */
document.iform.src.disabled = 0;
//document.iform.srcmask.value = "";
//document.iform.srcmask.disabled = 1;
jQuery('#srcmask').selectpicker('val','');
jQuery('#srcmask').prop('disabled',true);
jQuery('#srcmask').selectpicker('refresh');
break;
case 2: /* network */
document.iform.src.disabled = 0;
//document.iform.srcmask.disabled = 0;
jQuery('#srcmask').prop('disabled',false);
jQuery('#srcmask').selectpicker('refresh');
break;
default:
document.iform.src.value = "";
document.iform.src.disabled = 1;
//document.iform.srcmask.value = "";
//document.iform.srcmask.disabled = 1;
jQuery('#srcmask').selectpicker('val','');
jQuery('#srcmask').prop('disabled',true);
jQuery('#srcmask').selectpicker('refresh');
break;
}
switch (document.iform.dsttype.selectedIndex) {
case 1: /* single */
document.iform.dst.disabled = 0;
//document.iform.dstmask.value = "";
//document.iform.dstmask.disabled = 1;
jQuery('#dstmask').selectpicker('val','');
jQuery('#dstmask').prop('disabled',true);
jQuery('#dstmask').selectpicker('refresh');
break;
case 2: /* network */
document.iform.dst.disabled = 0;
//document.iform.dstmask.disabled = 0;
jQuery('#dstmask').prop('disabled',false);
jQuery('#dstmask').selectpicker('refresh');
break;
default:
document.iform.dst.value = "";
document.iform.dst.disabled = 1;
//document.iform.dstmask.value = "";
//document.iform.dstmask.disabled = 1;
jQuery('#dstmask').selectpicker('val','');
jQuery('#dstmask').prop('disabled',true);
jQuery('#dstmask').selectpicker('refresh');
break;
}
}
//]]>
$( document ).ready(function() {
// select / input combination, link behaviour
// when the data attribute "data-other" is selected, display related input item(s)
// push changes from input back to selected option value
$('[for!=""][for]').each(function(){
var refObj = $("#"+$(this).attr("for"));
if (refObj.is("select")) {
// connect on change event to select box (show/hide)
refObj.change(function(){
if ($(this).find(":selected").attr("data-other") == "true") {
// show related controls
$('*[for="'+$(this).attr("id")+'"]').each(function(){
if ($(this).hasClass("selectpicker")) {
$(this).selectpicker('show');
} else {
$(this).removeClass("hidden");
}
});
} else {
// hide related controls
$('*[for="'+$(this).attr("id")+'"]').each(function(){
if ($(this).hasClass("selectpicker")) {
$(this).selectpicker('hide');
} else {
$(this).addClass("hidden");
}
});
}
});
// update initial
refObj.change();
// connect on change to input to save data to selector
if ($(this).attr("name") == undefined) {
$(this).change(function(){
var otherOpt = $('#'+$(this).attr('for')+' > option[data-other="true"]') ;
otherOpt.attr("value",$(this).val());
});
}
}
});
});
</script>
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
<?php
if (isset($input_errors) && count($input_errors) > 0)
print_input_errors($input_errors);
?>
<section class="col-xs-12">
<div class="content-box">
<form action="firewall_nat_1to1_edit.php" method="post" name="iform" id="iform">
<div class="table-responsive">
<table class="table table-striped table-sort">
?>
<section class="col-xs-12">
<div class="content-box">
<form action="firewall_nat_1to1_edit.php" method="post" name="iform" id="iform">
<div class="table-responsive">
<table class="table table-striped">
<tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit NAT 1:1 entry"); ?></td>
<td valign="top"><?=gettext("Edit NAT 1:1 entry"); ?></td>
<td align="right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_opnvpn_server" type="button"></i></a>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
<td width="78%" class="vtable">
<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> />
<strong><?=gettext("Disable this rule"); ?></strong><br />
<span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list."); ?></span>
<td><a id="help_for_disabled" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Disabled"); ?></td>
<td>
<input name="disabled" type="checkbox" id="disabled" value="yes" <?= !empty($pconfig['disabled']) ? "checked=\"checked\"" : ""; ?> />
<div class="hidden" for="help_for_disabled">
<strong><?=gettext("Disable this rule"); ?></strong><br />
<?=gettext("Set this option to disable this rule without removing it from the list."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
<td width="78%" class="vtable">
<select name="interface" class="selectpicker" data-live-search="true">
<?php
foreach ($ifdisp as $if => $ifdesc)
if(have_ruleint_access($if))
$interfaces[$if] = $ifdesc;
if ($config['l2tp']['mode'] == "server")
if(have_ruleint_access("l2tp"))
$interfaces['l2tp'] = "L2TP VPN";
if ($config['pptpd']['mode'] == "server")
if(have_ruleint_access("pptp"))
$interfaces['pptp'] = "PPTP VPN";
if (is_pppoe_server_enabled() && have_ruleint_access("pppoe"))
$interfaces['pppoe'] = "PPPoE VPN";
/* add ipsec interfaces */
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
if(have_ruleint_access("enc0"))
$interfaces["enc0"] = "IPsec";
/* add openvpn/tun interfaces */
if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) {
$interfaces['openvpn'] = 'OpenVPN';
}
foreach ($interfaces as $iface => $ifacename):
?>
<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>>
<td><a id="help_for_interface" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Interface"); ?></td>
<td>
<div class="input-group">
<select name="interface" class="selectpicker" data-width="auto" data-live-search="true" onchange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();">
<?php
foreach (formInterfaces() as $iface => $ifacename): ?>
<option value="<?=$iface;?>" <?= $iface == $pconfig['interface'] ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars($ifacename);?>
</option>
<?php
endforeach;
?>
</select><br />
<span class="vexpl"><?=gettext("Choose which interface this rule applies to"); ?>.<br />
<?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>.</span></td>
<?php endforeach; ?>
</select>
</div>
<div class="hidden" for="help_for_interface">
<?=gettext("Choose which interface this rule applies to"); ?>.<br />
<?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet IP"); ?></td>
<td width="78%" class="vtable">
<input name="external" type="text" class="formfld" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>" />
<td><a id="help_for_external" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("External subnet IP"); ?></td>
<td>
<input name="external" type="text" value="<?=$pconfig['external'];?>" />
<br />
<span class="vexpl">
<?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping. " .
"The subnet mask from the internal address below will be applied to this IP address."); ?><br />
<div class="hidden" for="help_for_external">
<?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping. ");?><br />
<?=gettext("The subnet mask from the internal address below will be applied to this IP address."); ?><br />
<?=gettext("Hint: this is generally an address owned by the router itself on the selected interface."); ?>
</span>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Internal IP"); ?></td>
<td width="78%" class="vtable">
<input name="srcnot" type="checkbox" id="srcnot" value="yes" <?php if ($pconfig['srcnot']) echo "checked=\"checked\""; ?> />
<strong><?=gettext("not"); ?></strong>
<br />
<?=gettext("Use this option to invert the sense of the match."); ?>
<br />
<br />
<table border="0" cellspacing="0" cellpadding="0" summary="source">
<tr>
<td><?=gettext("Type:"); ?>&nbsp;&nbsp;</td>
<td>
<select name="srctype" class="selectpicker" onchange="typesel_change()">
<?php
$sel = is_specialnet($pconfig['src']);
?>
<option value="any" <?php if ($pconfig['src'] == "any") { echo "selected=\"selected\""; } ?>><?=gettext("any"); ?></option>
<option value="single" <?php if ((($pconfig['srcmask'] == 32) || !isset($pconfig['srcmask'])) && !$sel) { echo "selected=\"selected\""; $sel = 1; } ?>>
<?=gettext("Single host"); ?>
</option>
<option value="network" <?php if (!$sel) echo "selected=\"selected\""; ?>><?=gettext("Network"); ?></option>
<?php
if(have_ruleint_access("pptp")):
?>
<option value="pptp" <?php if ($pconfig['src'] == "pptp") { echo "selected=\"selected\""; } ?>><?=gettext("PPTP clients"); ?></option>
<?php
endif;
if(have_ruleint_access("pppoe")):
?>
<option value="pppoe" <?php if ($pconfig['src'] == "pppoe") { echo "selected=\"selected\""; } ?>><?=gettext("PPPoE clients"); ?></option>
<?php
endif;
if(have_ruleint_access("l2tp")):
?>
<option value="l2tp" <?php if ($pconfig['src'] == "l2tp") { echo "selected=\"selected\""; } ?>><?=gettext("L2TP clients"); ?></option>
<?php
endif;
foreach ($ifdisp as $ifent => $ifdesc):
if(have_ruleint_access($ifent)):
?>
<option value="<?=$ifent;?>" <?php if ($pconfig['src'] == $ifent) { echo "selected=\"selected\""; } ?>>
<?=htmlspecialchars($ifdesc);?> <?=gettext("net"); ?>
</option>
<option value="<?=$ifent;?>ip"<?php if ($pconfig['src'] == $ifent . "ip") { echo "selected=\"selected\""; } ?>>
<?=$ifdesc?> <?=gettext("address");?>
</option>
<?php
endif;
endforeach;
?>
<td><a id="help_for_src_invert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Internal IP") . " / ".gettext("Invert");?> </td>
<td>
<input name="srcnot" type="checkbox" id="srcnot" value="yes" <?= !empty($pconfig['srcnot']) ? "checked=\"checked\"" : "";?> />
<div class="hidden" for="help_for_src_invert">
<?=gettext("Use this option to invert the sense of the match."); ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_src" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Internal IP"); ?></td>
<td>
<table class="table table-condensed">
<tr>
<td>
<select name="src" id="src" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
<option data-other=true value="<?=$pconfig['src'];?>" <?=!is_specialnet($pconfig['src']) ? "selected=\"selected\"" : "";?>><?=gettext("Single host or Network"); ?></option>
<optgroup label="<?=gettext("aliasses");?>">
<?php foreach (legacy_list_aliasses("network") as $alias):
?>
<option value="<?=$alias['name'];?>" <?=$alias['name'] == $pconfig['src'] ? "selected=\"selected\"" : "";?>><?=htmlspecialchars($alias['name']);?></option>
<?php endforeach; ?>
</optgroup>
<optgroup label="<?=gettext("net");?>">
<?php foreach (formNetworks() as $ifent => $ifdesc):
?>
<option value="<?=$ifent;?>" <?= $pconfig['src'] == $ifent ? "selected=\"selected\"" : ""; ?>><?=$ifdesc;?></option>
<?php endforeach; ?>
</optgroup>
</select>
</td>
</tr>
<tr>
<td><?=gettext("Address:"); ?>&nbsp;&nbsp;</td>
<td>
<table>
<tr>
<td width="348px">
<input name="src" type="text" class="formfld" id="src" size="20" value="<?php if (!is_specialnet($pconfig['src'])) echo htmlspecialchars($pconfig['src']);?>" />
</td>
<td>
<select name="srcmask" class="selectpicker" id="srcmask" data-width="auto">
<?php
for ($i = 31; $i > 0; $i--):
?>
<option value="<?=$i;?>" <?php if ($i == $pconfig['srcmask']) echo "selected=\"selected\""; ?>><?=$i;?></option>
<?php
endfor;
?>
</select>
</td>
</tr>
</table>
<div class="input-group">
<!-- updates to "other" option in src -->
<input type="text" for="src" value="<?=$pconfig['src'];?>" aria-label="<?=gettext("Source address");?>"/>
<select name="srcmask" class="selectpicker" data-size="5" id="srcmask" data-width="auto" for="src" >
<?php for ($i = 32; $i > 0; $i--): ?>
<option value="<?=$i;?>" <?= $i == $pconfig['srcmask'] ? "selected=\"selected\"" : ""; ?>><?=$i;?></option>
<?php endfor; ?>
</select>
</div>
</td>
</tr>
</table>
<br />
<span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet will be applied to the external subnet."); ?></span>
<div class="hidden" for="help_for_src">
<?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet will be applied to the external subnet."); ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Destination"); ?></td>
<td width="78%" class="vtable">
<input name="dstnot" type="checkbox" id="dstnot" value="yes" <?php if ($pconfig['dstnot']) echo "checked=\"checked\""; ?> />
<strong><?=gettext("not"); ?></strong>
<br />
<?=gettext("Use this option to invert the sense of the match."); ?>
<br />
<br />
<table border="0" cellspacing="0" cellpadding="0" summary="destination">
<td> <a id="help_for_dst_invert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Destination") . " / ".gettext("Invert");?> </td>
<td>
<input name="dstnot" type="checkbox" id="srcnot" value="yes" <?= !empty($pconfig['dstnot']) ? "checked=\"checked\"" : "";?> />
<div class="hidden" for="help_for_dst_invert">
<?=gettext("Use this option to invert the sense of the match."); ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_dst" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Destination"); ?></td>
<td>
<table class="table table-condensed">
<tr>
<td><?=gettext("Type:"); ?>&nbsp;&nbsp;</td>
<td>
<select name="dsttype" class="selectpicker" onchange="typesel_change()">
<?php
$sel = is_specialnet($pconfig['dst']); ?>
<option value="any" <?php if (empty($pconfig['dst']) || $pconfig['dst'] == "any") { echo "selected=\"selected\""; } ?>><?=gettext("any"); ?></option>
<option value="single" <?php if (($pconfig['dstmask'] == 32) && !$sel) { echo "selected=\"selected\""; $sel = 1; } ?>>
<?=gettext("Single host or alias"); ?>
</option>
<option value="network" <?php if (!$sel && !empty($pconfig['dst'])) echo "selected=\"selected\""; ?>>
<?=gettext("Network"); ?>
</option>
<?php
if(have_ruleint_access("pptp")):
?>
<option value="pptp" <?php if ($pconfig['dst'] == "pptp") { echo "selected=\"selected\""; } ?>>
<?=gettext("PPTP clients"); ?>
</option>
<?php
endif;
if(have_ruleint_access("pppoe")):
?>
<option value="pppoe" <?php if ($pconfig['dst'] == "pppoe") { echo "selected=\"selected\""; } ?>>
<?=gettext("PPPoE clients"); ?>
</option>
<?php
endif;
if(have_ruleint_access("l2tp")):
?>
<option value="l2tp" <?php if ($pconfig['dst'] == "l2tp") { echo "selected=\"selected\""; } ?>>
<?=gettext("L2TP clients"); ?>
</option>
<?php
endif;
foreach ($ifdisp as $if => $ifdesc):
if(have_ruleint_access($if)):
?>
<option value="<?=$if;?>" <?php if ($pconfig['dst'] == $if) { echo "selected=\"selected\""; } ?>><?=htmlspecialchars($ifdesc);?>
<?=gettext("net"); ?>
</option>
<option value="<?=$if;?>ip"<?php if ($pconfig['dst'] == $if . "ip") { echo "selected=\"selected\""; } ?>>
<?=$ifdesc;?> <?=gettext("address");?>
</option>
<?php
endif;
endforeach;
?>
<select name="dst" id="dst" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
<option data-other=true value="<?=$pconfig['dst'];?>" <?=!is_specialnet($pconfig['dst']) ? "selected=\"selected\"" : "";?>><?=gettext("Single host or Network"); ?></option>
<optgroup label="<?=gettext("aliasses");?>">
<?php foreach (legacy_list_aliasses("network") as $alias):
?>
<option value="<?=$alias['name'];?>" <?=$alias['name'] == $pconfig['dst'] ? "selected=\"selected\"" : "";?>><?=htmlspecialchars($alias['name']);?></option>
<?php endforeach; ?>
</optgroup>
<optgroup label="<?=gettext("net");?>">
<?php foreach (formNetworks() as $ifent => $ifdesc):
?>
<option value="<?=$ifent;?>" <?= $pconfig['dst'] == $ifent ? "selected=\"selected\"" : ""; ?>><?=$ifdesc;?></option>
<?php endforeach; ?>
</optgroup>
</select>
</td>
</tr>
<tr>
<td><?=gettext("Address:"); ?>&nbsp;&nbsp;</td>
<td>
<table>
<tr>
<td width="348px">
<input name="dst" type="text" autocomplete="off" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>" />
</td>
<td>
<select name="dstmask" class="selectpicker" id="dstmask" data-width="auto">
<?php
for ($i = 31; $i > 0; $i--):
?>
<option value="<?=$i;?>" <?php if ($i == $pconfig['dstmask']) echo "selected=\"selected\""; ?>><?=$i;?></option>
<?php
endfor;
?>
</td>
</tr>
</table>
<div class="input-group">
<!-- updates to "other" option in src -->
<input type="text" for="dst" value="<?= !is_specialnet($pconfig['dst']) ? $pconfig['dst'] : "";?>" aria-label="<?=gettext("Destination address");?>"/>
<select name="dstmask" class="selectpicker" data-size="5" id="dstmask" data-width="auto" for="dst" >
<?php for ($i = 32; $i > 0; $i--): ?>
<option value="<?=$i;?>" <?= $i == $pconfig['dstmask'] ? "selected=\"selected\"" : ""; ?>><?=$i;?></option>
<?php endfor; ?>
</select>
</div>
</td>
</tr>
</table>
<br />
<span class="vexpl">
<div class="hidden" for="help_for_dst">
<?=gettext("The 1:1 mapping will only be used for connections to or from the specified destination."); ?><br />
<?=gettext("Hint: this is usually 'any'."); ?>
</span>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
<td width="78%" class="vtable">
<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
<br />
<span class="vexpl">
<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
</span>
</td>
<td><a id="help_for_descr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Description"); ?></td>
<td>
<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
<div class="hidden" for="help_for_descr">
<?=gettext("You may enter a description here " ."for your reference (not parsed)."); ?>
</div>
</tr>
<tr>
<td width="22%" valign="top" class="vncell"><?=gettext("NAT reflection"); ?></td>
<td width="78%" class="vtable">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("NAT reflection"); ?></td>
<td>
<select name="natreflection" class="selectpicker">
<option value="default" <?php if ($pconfig['natreflection'] != "enable" && $pconfig['natreflection'] != "disable") echo "selected=\"selected\""; ?>>
<?=gettext("use system default"); ?>
</option>
<option value="enable" <?php if ($pconfig['natreflection'] == "enable") echo "selected=\"selected\""; ?>>
<?=gettext("enable"); ?>
</option>
<option value="disable" <?php if ($pconfig['natreflection'] == "disable") echo "selected=\"selected\""; ?>>
<?=gettext("disable"); ?>
</option>
<option value="default" <?=$pconfig['natreflection'] != "enable" && $pconfig['natreflection'] != "disable" ? "selected=\"selected\"" : ""; ?>><?=gettext("Use system default"); ?></option>
<option value="enable" <?=$pconfig['natreflection'] == "enable" ? "selected=\"selected\"" : ""; ?>><?=gettext("Enable"); ?></option>
<option value="disable" <?=$pconfig['natreflection'] == "disable" ? "selected=\"selected\"" : ""; ?>><?=gettext("Disable"); ?></option>
</select>
</td>
</tr>
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%">
<td>&nbsp;</td>
<td>
<input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
<input type="button" class="btn btn-default" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" />
<?php if (isset($id) && $a_1to1[$id]): ?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<input type="button" class="btn btn-default" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_nat_1to1.php');?>'" />
<?php if (isset($id)): ?>
<input name="id" type="hidden" value="<?=$id;?>" />
<?php endif; ?>
</td>
</tr>
</table>
</div>
</form>
</div>
</section>
</div>
</form>
</div>
</section>
</div>
</div>
</section>
<script type="text/javascript">
//<![CDATA[
typesel_change();
//]]>
</script>
<script type="text/javascript">
//<![CDATA[
var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>;
var oTextbox1 = new AutoSuggestControl(document.getElementById("dst"), new StateSuggestions(addressarray));
//]]>
</script>
<?php include("foot.inc"); ?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023