Commit 4a12e38c authored by Ad Schellevis's avatar Ad Schellevis

(legacy) refactor firewall_nat_out_edit.php

parent 577ecaf7
...@@ -30,822 +30,689 @@ ...@@ -30,822 +30,689 @@
require_once("guiconfig.inc"); require_once("guiconfig.inc");
require_once("pfsense-utils.inc"); require_once("pfsense-utils.inc");
$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_nat_out.php');
if (!is_array($config['nat']['outbound'])) /**
$config['nat']['outbound'] = array(); * build array with interface options for this form
*/
function formInterfaces() {
global $config;
$interfaces = array();
foreach ( get_configured_interface_with_descr(false, true) as $if => $ifdesc)
$interfaces[$if] = $ifdesc;
if (!is_array($config['nat']['outbound']['rule'])) { if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == "server")
$config['nat']['outbound']['rule'] = array(); $interfaces['l2tp'] = "L2TP VPN";
if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == "server")
$interfaces['pptp'] = "PPTP VPN";
if (is_pppoe_server_enabled())
$interfaces['pppoe'] = "PPPoE VPN";
/* add ipsec interfaces */
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
$interfaces["enc0"] = "IPsec";
/* add openvpn/tun interfaces */
if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) {
$interfaces['openvpn'] = 'OpenVPN';
}
return $interfaces;
} }
$a_out = &$config['nat']['outbound']['rule']; /**
* return option array for valid translation networks
*/
function formTranslateAddresses() {
global $config;
$retval = array();
// add this hosts ips
foreach ($config['interfaces'] as $intf => $intfdata) {
if (isset($intfdata['ipaddr']) && $intfdata['ipaddr'] != 'dhcp') {
$retval[$intfdata['ipaddr']] = (!empty($intfdata['descr']) ? $intfdata['descr'] : $intf ) . " " . gettext("address");
}
}
if (!is_array($config['aliases'])) { // add VIPs's
$config['aliases'] = array(); if (isset($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $sn) {
if (!isset($sn['noexpand'])) {
if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
$len = $end - $start;
$retval[$sn['subnet'].'/'.$sn['subnet_bits']] = htmlspecialchars("Subnet: {$sn['subnet']}/{$sn['subnet_bits']} ({$sn['descr']})");
for ($i = 0; $i <= $len; $i++) {
$snip = long2ip32($start+$i);
$retval[$snip] = htmlspecialchars("{$snip} ({$sn['descr']})");
}
} else {
$retval[$sn['subnet']] = htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");
}
}
}
}
// add Aliases
foreach (legacy_list_aliasses("network") as $alias) {
if ($alias['type'] == "host") {
$retval[$alias['name']] = $alias['name'];;
}
}
return $retval;
} }
if (!is_array($config['aliases']['alias'])) {
$config['aliases']['alias'] = array(); if (!isset($config['nat']['outbound']['rule'])) {
if (!isset($config['nat']['outbound'])) {
$config['nat']['outbound'] = array();
}
$config['nat']['outbound']['rule'] = array();
} }
$a_aliases = &$config['aliases']['alias']; $a_out = &$config['nat']['outbound']['rule'];
if (is_numericint($_GET['id'])) if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// input record id, if valid
if (isset($_GET['dup']) && isset($a_out[$_GET['dup']])) {
$configId = $_GET['dup'];
$after = $configId;
} elseif (isset($_GET['id']) && isset($a_out[$_GET['id']])) {
$id = $_GET['id']; $id = $_GET['id'];
if (isset($_POST['id']) && is_numericint($_POST['id'])) $configId = $id;
$id = $_POST['id']; }
if (is_numericint($_GET['after']) || $_GET['after'] == "-1")
$after = $_GET['after'];
if (isset($_POST['after']) && (is_numericint($_POST['after']) || $_POST['after'] == "-1"))
$after = $_POST['after'];
if (isset($_GET['dup']) && is_numericint($_GET['dup'])) { // init form data
$id = $_GET['dup']; $pconfig = array();
$after = $_GET['dup']; // set defaults
} $pconfig['source'] = 'any';
$pconfig['source_subnet'] = 24;
$pconfig['destination'] = "any";
$pconfig['destination_subnet'] = 24;
$pconfig['interface'] = "wan";
if (isset($id) && $a_out[$id]) { if (isset($configId)) {
if ( isset($a_out[$id]['created']) && is_array($a_out[$id]['created']) ) // load data from config
$pconfig['created'] = $a_out[$id]['created']; foreach (array('protocol','sourceport','dstport','natport','target','targetip'
,'targetip_subnet','poolopts','interface','descr','nonat'
,'disabled','staticnatport','nosync') as $fieldname) {
if (isset($a_out[$configId][$fieldname])) {
$pconfig[$fieldname] = $a_out[$configId][$fieldname];
}
}
if ( isset($a_out[$id]['updated']) && is_array($a_out[$id]['updated']) ) if (strpos($a_out[$configId]['source']['network'], "/") !== false) {
$pconfig['updated'] = $a_out[$id]['updated']; list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$configId]['source']['network']);
} else {
$pconfig['source_subnet'] = $a_out[$configId]['source']['network'];
}
$pconfig['protocol'] = $a_out[$id]['protocol'];
list($pconfig['source'],$pconfig['source_subnet']) = explode('/', $a_out[$id]['source']['network']);
if (!is_numeric($pconfig['source_subnet'])) if (!is_numeric($pconfig['source_subnet']))
$pconfig['source_subnet'] = 32; $pconfig['source_subnet'] = 32;
$pconfig['sourceport'] = $a_out[$id]['sourceport']; address_to_pconfig($a_out[$configId]['destination'], $pconfig['destination'],
address_to_pconfig($a_out[$id]['destination'], $pconfig['destination'],
$pconfig['destination_subnet'], $pconfig['destination_not'], $pconfig['destination_subnet'], $pconfig['destination_not'],
$none, $none); $none, $none);
$pconfig['dstport'] = $a_out[$id]['dstport'];
$pconfig['natport'] = $a_out[$id]['natport'];
$pconfig['target'] = $a_out[$id]['target'];
$pconfig['targetip'] = $a_out[$id]['targetip'];
$pconfig['targetip_subnet'] = $a_out[$id]['targetip_subnet'];
$pconfig['poolopts'] = $a_out[$id]['poolopts'];
$pconfig['interface'] = $a_out[$id]['interface'];
if (!$pconfig['interface']) {
$pconfig['interface'] = "wan";
} }
$pconfig['descr'] = $a_out[$id]['descr'];
$pconfig['nonat'] = $a_out[$id]['nonat'];
$pconfig['disabled'] = isset($a_out[$id]['disabled']);
$pconfig['staticnatport'] = isset($a_out[$id]['staticnatport']);
$pconfig['nosync'] = isset($a_out[$id]['nosync']);
} else {
$pconfig['source_subnet'] = 24;
$pconfig['destination'] = "any";
$pconfig['destination_subnet'] = 24;
$pconfig['interface'] = "wan";
}
if (isset($_GET['dup']) && is_numericint($_GET['dup'])) // initialize unused elements
unset($id); foreach (array('protocol','sourceport','dstport','natport','target','targetip'
,'targetip_subnet','poolopts','interface','descr','nonat'
if ($_POST) { ,'disabled','staticnatport','nosync','source','source_subnet') as $fieldname) {
if ($_POST['destination_type'] == "any") { if (!isset($pconfig[$fieldname])) {
$_POST['destination'] = "any"; $pconfig[$fieldname] = null;
$_POST['destination_subnet'] = 24;
} }
if ($_POST['source_type'] == "any") {
$_POST['source'] = "any";
$_POST['source_subnet'] = 24;
} elseif ($_POST['source_type'] == "(self)") {
$_POST['source'] = "(self)";
$_POST['source_subnet'] = 24;
} }
unset($input_errors);
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
$input_errors = array();
$pconfig = $_POST; $pconfig = $_POST;
/* run through $_POST items encoding HTML entties so that the user // input record id, if valid
* cannot think he is slick and perform a XSS attack on the unwilling if (isset($pconfig['id']) && isset($a_out[$pconfig['id']])) {
*/ $id = $pconfig['id'];
foreach ($_POST as $key => $value) { }
$temp = str_replace(">", "", $value); if (isset($pconfig['after']) && isset($a_out[$pconfig['after']])) {
$newpost = htmlentities($temp); $after = $pconfig['after'];
if($newpost <> $temp)
$input_errors[] = sprintf(gettext("Invalid characters detected (%s). Please remove invalid characters and save again."),$temp);
} }
/* input validation */ /* input validation */
foreach ($pconfig as $key => $value) {
if(htmlentities($value) <> $value) {
$input_errors[] = sprintf(gettext("Invalid characters detected %s. Please remove invalid characters and save again."), htmlentities($value));
}
}
$reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet"); $reqdfields = explode(" ", "interface protocol source source_subnet destination destination_subnet");
$reqdfieldsn = array(gettext("Interface"),gettext("Protocol"),gettext("Source"),gettext("Source bit count"),gettext("Destination"),gettext("Destination bit count")); $reqdfieldsn = array(gettext("Interface"),gettext("Protocol"),gettext("Source"),gettext("Source bit count"),gettext("Destination"),gettext("Destination bit count"));
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
$protocol_uses_ports = in_array($_POST['protocol'], explode(" ", "any tcp udp tcp/udp")); if (in_array($pconfig['protocol'], explode(" ", "any tcp udp tcp/udp"))) {
if(!empty($pconfig['sourceport']) && !is_portoralias($pconfig['sourceport']))
if ($_POST['source'])
$_POST['source'] = trim($_POST['source']);
if ($_POST['destination'])
$_POST['destination'] = trim($_POST['destination']);
if ($_POST['targetip'])
$_POST['targetip'] = trim($_POST['targetip']);
if ($_POST['sourceport'])
$_POST['sourceport'] = trim($_POST['sourceport']);
if ($_POST['dstport'])
$_POST['dstport'] = trim($_POST['dstport']);
if ($_POST['natport'])
$_POST['natport'] = trim($_POST['natport']);
if($protocol_uses_ports && $_POST['sourceport'] <> "" && !is_portoralias($_POST['sourceport']))
$input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry."); $input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry.");
if($protocol_uses_ports && $_POST['dstport'] <> "" && !is_portoralias($_POST['dstport'])) if(!empty($pconfig['dstport']) && !is_portoralias($pconfig['dstport']))
$input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry."); $input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry.");
if($protocol_uses_ports && $_POST['natport'] <> "" && !is_port($_POST['natport']) && !isset($_POST['nonat'])) if(!empty($pconfig['natport']) && !is_port($pconfig['natport']) && empty($pconfig['nonat']))
$input_errors[] = gettext("You must supply a valid port for the NAT port entry."); $input_errors[] = gettext("You must supply a valid port for the NAT port entry.");
}
if (($_POST['source_type'] != "any") && ($_POST['source_type'] != "(self)")) { if (!(in_array($pconfig['source'], array("any","self")) || is_ipaddroralias($pconfig['source']))) {
if ($_POST['source'] && !is_ipaddroralias($_POST['source']) && $_POST['source'] <> "any") {
$input_errors[] = gettext("A valid source must be specified."); $input_errors[] = gettext("A valid source must be specified.");
} }
} if (!empty($pconfig['source_subnet']) && !is_numericint($pconfig['source_subnet'])) {
if ($_POST['source_subnet'] && !is_numericint($_POST['source_subnet'])) {
$input_errors[] = gettext("A valid source bit count must be specified."); $input_errors[] = gettext("A valid source bit count must be specified.");
} }
if ($_POST['destination_type'] != "any") { if (!(in_array($pconfig['destination'], array("any","self")) || is_ipaddroralias($pconfig['destination']))) {
if ($_POST['destination'] && !is_ipaddroralias($_POST['destination'])) {
$input_errors[] = gettext("A valid destination must be specified."); $input_errors[] = gettext("A valid destination must be specified.");
} }
} if (!empty($pconfig['destination_subnet']) && !is_numericint($pconfig['destination_subnet'])) {
if ($_POST['destination_subnet'] && !is_numericint($_POST['destination_subnet'])) {
$input_errors[] = gettext("A valid destination bit count must be specified."); $input_errors[] = gettext("A valid destination bit count must be specified.");
} }
if ($_POST['destination_type'] == "any") { if ($pconfig['destination'] == "any" && !empty($pconfig['destination_not'])) {
if ($_POST['destination_not']) {
$input_errors[] = gettext("Negating destination address of \"any\" is invalid."); $input_errors[] = gettext("Negating destination address of \"any\" is invalid.");
} }
}
if ($_POST['target'] && !is_ipaddr($_POST['target']) && !is_subnet($_POST['target']) && !is_alias($_POST['target']) && !isset($_POST['nonat']) && !($_POST['target'] == "other-subnet")) { if (!is_ipaddr($pconfig['targetip']) && !is_subnet($pconfig['targetip']) && !is_alias($pconfig['targetip']) && empty($pconfig['nonat'])) {
$input_errors[] = gettext("A valid target IP address must be specified."); $input_errors[] = gettext("A valid target IP address must be specified.");
} }
if ($_POST['target'] == "other-subnet") {
if (!is_ipaddr($_POST['targetip'])) {
$input_errors[] = gettext("A valid target IP must be specified when using the 'Other Subnet' type.");
}
if (!is_numericint($_POST['targetip_subnet'])) {
$input_errors[] = gettext("A valid target bit count must be specified when using the 'Other Subnet' type.");
}
}
/* Verify Pool Options */ /* Verify Pool Options */
$poolopts = ""; if (!is_alias($pconfig['targetip']) && substr($pconfig['poolopts'], 0, 11) == "round-robin") {
if ($_POST['poolopts']) {
if (is_subnet($_POST['target']) || ($_POST['target'] == "other-subnet"))
$poolopts = $_POST['poolopts'];
elseif (is_alias($_POST['target'])) {
if (substr($_POST['poolopts'], 0, 11) == "round-robin")
$poolopts = $_POST['poolopts'];
else
$input_errors[] = gettext("Only Round Robin pool options may be chosen when selecting an alias."); $input_errors[] = gettext("Only Round Robin pool options may be chosen when selecting an alias.");
} }
}
/* if user has selected any as source, set it here */ if (count($input_errors) == 0) {
if($_POST['source_type'] == "any") { $natent = array();
$osn = "any"; $natent['source'] = array();
} else if($_POST['source_type'] == "(self)") { $natent['destination'] = array();
$osn = "(self)"; $natent['descr'] = $pconfig['descr'];
} else if(is_alias($_POST['source'])) { $natent['interface'] = $pconfig['interface'];
$osn = $_POST['source']; $natent['poolopts'] = $pconfig['poolopts'];
} else {
$osn = gen_subnet($_POST['source'], $_POST['source_subnet']) . "/" . $_POST['source_subnet']; if ( isset($a_out[$id]['created']) && is_array($a_out[$id]['created']) ){
$natent['created'] = $a_out[$id]['created'];
} }
/* check for existing entries */ // target ip/net
if ($_POST['destination_type'] == "any") { if (!array_key_exists($pconfig['targetip'], formTranslateAddresses())) {
$ext = "any"; // a bit vague behaviour in "target" and "targetip", if a custom net is given
} else if(is_alias($_POST['destination'])) { // the backend code wants target to be filled with "other-subnet".
$ext = $_POST['destination']; // if any other known net is given, target is used to provide the actual address....
// -- can't remove this behaviour now without breaking old confid, so let's reimplement
$natent['target'] = 'other-subnet';
$natent['targetip'] = trim($pconfig['targetip']) ;
$natent['targetip_subnet'] = $pconfig['targetip_subnet'] ;
} else { } else {
$ext = gen_subnet($_POST['destination'], $_POST['destination_subnet']) . "/" . $_POST['destination_subnet']; $natent['target'] = $pconfig['targetip'] ;
} }
foreach ($a_out as $natent) {
if (isset($id) && ($a_out[$id]) && ($a_out[$id] === $natent)) {
continue;
}
if (!$natent['interface']) { // handle fields containing portnumbers
$natent['interface'] == "wan"; if (in_array($pconfig['protocol'], explode(" ", "any tcp udp tcp/udp"))) {
if (isset($pconfig['staticnatport']) && !empty($pconfig['nonat'])) {
$natent['staticnatport'] = true;
} }
$natent['sourceport'] = trim($pconfig['sourceport']);
if (!empty($pconfig['natport']) && empty($pconfig['nonat'])) {
$natent['natport'] = trim($pconfig['natport']);
}
if (!empty($pconfig['dstport'])) {
$natent['dstport'] = trim($pconfig['dstport']);
} }
if (!$input_errors) {
$natent = array();
$natent['source']['network'] = $osn;
$natent['sourceport'] = ($protocol_uses_ports) ? $_POST['sourceport'] : "";
$natent['descr'] = $_POST['descr'];
$natent['target'] = (!isset($_POST['nonat'])) ? $_POST['target'] : "";
$natent['targetip'] = (!isset($_POST['nonat'])) ? $_POST['targetip'] : "";
$natent['targetip_subnet'] = (!isset($_POST['nonat'])) ? $_POST['targetip_subnet'] : "";
$natent['interface'] = $_POST['interface'];
$natent['poolopts'] = $poolopts;
/* static-port */
if(isset($_POST['staticnatport']) && $protocol_uses_ports && !isset($_POST['nonat'])) {
$natent['staticnatport'] = true;
} else { } else {
unset($natent['staticnatport']); $natent['sourceport'] = "";
} }
if(isset($_POST['disabled'])) { if (!empty($pconfig['protocol']) && $pconfig['protocol'] != "any") {
$natent['disabled'] = true; $natent['protocol'] = $pconfig['protocol'];
} else {
unset($natent['disabled']);
} }
/* if user has selected not nat, set it here */ /* parse source entry */
if(isset($_POST['nonat'])) { if($pconfig['source'] == "any") {
$natent['nonat'] = true; $natent['source']['network'] = "any";
} else if($pconfig['source'] == "(self)") {
$natent['source']['network'] = "(self)";
} else if(is_alias($pconfig['source'])) {
$natent['source']['network'] = trim($pconfig['source']);
} else { } else {
unset($natent['nonat']); $natent['source']['network'] = gen_subnet(trim($pconfig['source']), $pconfig['source_subnet']) . "/" . $pconfig['source_subnet'];
} }
if ($_POST['protocol'] && $_POST['protocol'] != "any") // destination address
$natent['protocol'] = $_POST['protocol']; if ($pconfig['destination'] == "any") {
else
unset($natent['protocol']);
if ($ext == "any") {
$natent['destination']['any'] = true; $natent['destination']['any'] = true;
} elseif (is_alias($pconfig['destination'])){
$natent['destination']['address'] = trim($pconfig['destination']) ;
} else { } else {
$natent['destination']['address'] = $ext; $natent['destination']['address'] = gen_subnet(trim($pconfig['destination']), $pconfig['destination_subnet']) . "/" . $pconfig['destination_subnet'];;
} }
if($_POST['natport'] != "" && $protocol_uses_ports && !isset($_POST['nonat'])) {
$natent['natport'] = $_POST['natport']; // boolean fields
} else { if(!empty($pconfig['disabled'])) {
unset($natent['natport']); $natent['disabled'] = true;
} }
if($_POST['dstport'] != "" && $protocol_uses_ports) { if(!empty($pconfig['nonat'])) {
$natent['dstport'] = $_POST['dstport']; $natent['nonat'] = true;
} else {
unset($natent['dstport']);
} }
if($_POST['nosync'] == "yes") { if(isset($pconfig['nosync'] ) && $pconfig['nosync'] == "yes") {
$natent['nosync'] = true; $natent['nosync'] = true;
} else {
unset($natent['nosync']);
} }
if (isset($pconfig['destination_not']) && $pconfig['destination'] != "any") {
if (isset($_POST['destination_not']) && $ext != "any") {
$natent['destination']['not'] = true; $natent['destination']['not'] = true;
} }
if ( isset($a_out[$id]['created']) && is_array($a_out[$id]['created']) )
$natent['created'] = $a_out[$id]['created'];
$natent['updated'] = make_config_revision_entry(); $natent['updated'] = make_config_revision_entry();
if (isset($id)) {
if (isset($id) && $a_out[$id]) {
$a_out[$id] = $natent; $a_out[$id] = $natent;
} else { } else {
$natent['created'] = make_config_revision_entry(); $natent['created'] = make_config_revision_entry();
if (is_numeric($after)) { if (isset($after)) {
array_splice($a_out, $after+1, 0, array($natent)); array_splice($a_out, $after+1, 0, array($natent));
} else { } else {
$a_out[] = $natent; $a_out[] = $natent;
} }
} }
if (write_config()) {
if (write_config())
mark_subsystem_dirty('natconf'); mark_subsystem_dirty('natconf');
}
header("Location: firewall_nat_out.php"); header("Location: firewall_nat_out.php");
exit; exit;
} }
} }
legacy_html_escape_form_data($pconfig);
$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("Outbound"),gettext("Edit")); $pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("Outbound"),gettext("Edit"));
$closehead = false; $closehead = false;
include("head.inc"); include("head.inc");
?> ?>
</head>
<script type="text/javascript" src="/javascript/suggestions.js"></script> <body>
<script type="text/javascript" src="/javascript/autosuggest.js"></script> <script type="text/javascript">
<script type="text/javascript"> $( document ).ready(function() {
//<![CDATA[
var portsenabled = 1; // select / input combination, link behaviour
function staticportchange() { // when the data attribute "data-other" is selected, display related input item(s)
if(document.iform.staticnatport.checked) { // push changes from input back to selected option value
document.iform.natport.value = ""; $('[for!=""][for]').each(function(){
document.iform.natport.disabled = 1; var refObj = $("#"+$(this).attr("for"));
if (refObj.is("select")) {
// connect on change event to select box (show/hide)
refObj.change(function(){
if ($(this).find(":selected").attr("data-other") == "true") {
// show related controls
$('*[for="'+$(this).attr("id")+'"]').each(function(){
if ($(this).hasClass("selectpicker")) {
$(this).selectpicker('show');
} else { } else {
document.iform.natport.disabled = 0; $(this).removeClass("hidden");
} }
} });
function typesel_change() {
switch (document.iform.destination_type.selectedIndex) {
case 1: // network
document.iform.destination.disabled = 0;
document.iform.destination_subnet.disabled = 0;
jQuery('.selectpicker').selectpicker('refresh');
break;
default:
document.iform.destination.value = "";
document.iform.destination.disabled = 1;
document.iform.destination_subnet.value = "24";
document.iform.destination_subnet.disabled = 1;
jQuery('.selectpicker').selectpicker('refresh');
break;
}
}
function sourcesel_change() {
switch (document.iform.source_type.selectedIndex) {
case 2: // network
document.iform.source.disabled = 0;
document.iform.source_subnet.disabled = 0;
jQuery('.selectpicker').selectpicker('refresh');
break;
default:
document.iform.source.value = "";
document.iform.source.disabled = 1;
document.iform.source_subnet.value = "24";
document.iform.source_subnet.disabled = 1;
jQuery('.selectpicker').selectpicker('refresh');
break;
}
}
function nonat_change() {
if (document.iform.nonat.checked) {
document.getElementById("transtable").style.display = 'none';
} else { } else {
document.getElementById("transtable").style.display = ''; // hide related controls
} $('*[for="'+$(this).attr("id")+'"]').each(function(){
} if ($(this).hasClass("selectpicker")) {
function proto_change() { $(this).selectpicker('hide');
if (document.iform.protocol.selectedIndex >= 0 && document.iform.protocol.selectedIndex <= 3) {
portsenabled = 1;
} else { } else {
portsenabled = 0; $(this).addClass("hidden");
} }
});
}
});
// update initial
refObj.change();
if (portsenabled) { // connect on change to input to save data to selector
document.getElementById("sport_tr").style.display = ''; if ($(this).attr("name") == undefined) {
document.getElementById("dport_tr").style.display = ''; $(this).change(function(){
document.getElementById("tport_tr").style.display = ''; var otherOpt = $('#'+$(this).attr('for')+' > option[data-other="true"]') ;
document.getElementById("tporttext_tr").style.display = ''; otherOpt.attr("value",$(this).val());
document.getElementById("tportstatic_tr").style.display = ''; });
} else {
document.getElementById("sport_tr").style.display = 'none';
document.getElementById("dport_tr").style.display = 'none';
document.getElementById("tport_tr").style.display = 'none';
document.getElementById("tporttext_tr").style.display = 'none';
document.getElementById("tportstatic_tr").style.display = 'none';
} }
}
function poolopts_change() {
if (jQuery('#target option:selected').text().trim().substring(0,4) == "Host") {
jQuery('#poolopts_tr').css('display','');
jQuery('#target_network').css('display','none');
} else if (jQuery('#target option:selected').text().trim().substring(0,6) == "Subnet") {
jQuery('#poolopts_tr').css('display','');
jQuery('#target_network').css('display','none');
} else if (jQuery('#target option:selected').text().trim().substring(0,5) == "Other") {
jQuery('#poolopts_tr').css('display','');
jQuery('#target_network').css('display','');
} else {
jQuery('#poolopts').prop('selectedIndex',0);
jQuery('#poolopts_tr').css('display','none');
jQuery('#target_network').css('display','none');
jQuery('#targetip').val('');
jQuery('#targetip_subnet').val('0');
} }
} });
//]]>
</script>
</head>
});
</script>
<body>
<?php include("fbegin.inc"); ?> <?php include("fbegin.inc"); ?>
<section class="page-content-main"> <section class="page-content-main">
<div class="container-fluid"> <div class="container-fluid">
<div class="row"> <div class="row">
<?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?> <?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?>
<section class="col-xs-12"> <section class="col-xs-12">
<div class="content-box"> <div class="content-box">
<form action="firewall_nat_out_edit.php" method="post" name="iform" id="iform"> <form action="firewall_nat_out_edit.php" method="post" name="iform" id="iform">
<table class="table table-striped">
<table class="table table-striped table-sort">
<tr> <tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Advanced Outbound NAT entry");?></td> <td colspan="2">
<table>
<tr>
<td><?=gettext("Edit Advanced Outbound NAT entry");?></td>
<td colspan="2" align="right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_opnvpn_server" type="button"></i></a>
</td>
</tr>
</table>
</td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled");?></td> <td><a id="help_for_disabled" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Disabled"); ?></td>
<td width="78%" class="vtable"> <td>
<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> /> <input name="disabled" type="checkbox" id="disabled" value="yes" <?= !empty($pconfig['disabled']) ? "checked=\"checked\"" : ""; ?> />
<strong><?=gettext("Disable this rule");?></strong><br /> <div class="hidden" for="help_for_disabled">
<span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list.");?></span> <strong><?=gettext("Disable this rule"); ?></strong><br />
<?=gettext("Set this option to disable this rule without removing it from the list."); ?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Do not NAT");?></td> <td><a id="help_for_do_not_nat" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Do not NAT");?></td>
<td width="78%" class="vtable"> <td width="78%" class="vtable">
<input type="checkbox" name="nonat" id="nonat" onclick="nonat_change();" <?php if(isset($pconfig['nonat'])) echo " checked=\"checked\""; ?> /> <input type="checkbox" name="nonat" <?=!empty($pconfig['nonat']) ? " checked=\"checked\"" : ""; ?> />
<span class="vexpl"><?=gettext("Enabling this option will disable NAT for traffic matching this rule and stop processing Outbound NAT rules.");?> <div class="hidden" for="help_for_do_not_nat">
<br /><?=gettext("Hint: in most cases, you won't use this option.");?></span> <?=gettext("Enabling this option will disable NAT for traffic matching this rule and stop processing Outbound NAT rules.");?><br />
<?=gettext("Hint: in most cases, you won't use this option.");?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface");?></td> <td><a id="help_for_interface" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Interface"); ?></td>
<td width="78%" class="vtable"> <td>
<select name="interface" class="selectpicker"> <div class="input-group">
<?php <select name="interface" class="selectpicker" data-width="auto" data-live-search="true" onchange="dst_change(this.value,iface_old,document.iform.dsttype.value);iface_old = document.iform.interface.value;typesel_change();">
$iflist = get_configured_interface_with_descr(false, true); <?php
foreach ($iflist as $if => $ifdesc) foreach (formInterfaces() as $iface => $ifacename): ?>
if(have_ruleint_access($if)) <option value="<?=$iface;?>" <?= $iface == $pconfig['interface'] ? "selected=\"selected\"" : ""; ?>>
$interfaces[$if] = $ifdesc;
if ($config['l2tp']['mode'] == "server")
if(have_ruleint_access("l2tp"))
$interfaces['l2tp'] = "L2TP VPN";
if ($config['pptpd']['mode'] == "server")
if(have_ruleint_access("pptp"))
$interfaces['pptp'] = "PPTP VPN";
if (is_pppoe_server_enabled() && have_ruleint_access("pppoe"))
$interfaces['pppoe'] = "PPPoE VPN";
/* add ipsec interfaces */
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
if(have_ruleint_access("enc0"))
$interfaces["enc0"] = "IPsec";
/* add openvpn/tun interfaces */
if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) {
$interfaces['openvpn'] = 'OpenVPN';
}
foreach ($interfaces as $iface => $ifacename):
?>
<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>>
<?=htmlspecialchars($ifacename);?> <?=htmlspecialchars($ifacename);?>
</option> </option>
<?php <?php endforeach; ?>
endforeach; </select>
?> </div>
</select><br /> <div class="hidden" for="help_for_interface">
<span class="vexpl"><?=gettext("Choose which interface this rule applies to.");?><br /> <?=gettext("Choose which interface this rule applies to"); ?>.<br />
<?=gettext("Hint: in most cases, you'll want to use WAN here.");?> <?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>
</span> </div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td> <td><a id="help_for_proto" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Protocol"); ?></td>
<td width="78%" class="vtable"> <td>
<select name="protocol" class="selectpicker" onchange="proto_change();"> <div class="input-group">
<?php <select id="proto" name="protocol" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
$protocols = explode(" ", "any TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP carp pfsync"); <?php foreach (explode(" ", "TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP PIM OSPF") as $proto):
foreach ($protocols as $proto): ?>
?> <option value="<?=strtolower($proto);?>" <?= strtolower($proto) == $pconfig['protocol'] ? "selected=\"selected\"" : ""; ?>>
<option value="<?=strtolower($proto);?>" <?php if (strtolower($proto) == $pconfig['protocol']) echo "selected=\"selected\""; ?>><?=htmlspecialchars($proto);?></option> <?=$proto;?>
<?php </option>
endforeach; <?php endforeach; ?>
?> </select>
</select><br /> </div>
<span class="vexpl"><?=gettext("Choose which protocol this rule should match.");?><br /> <div class="hidden" for="help_for_proto">
<?php <?=gettext("Choose which IP protocol " ."this rule should match."); ?><br/>
printf(gettext("Hint: in most cases, you should specify %s any %s here."),"<em>","</em>&nbsp;"); <?=gettext("Hint: in most cases, you should specify"); ?> <em><?=gettext("TCP"); ?></em> &nbsp;<?=gettext("here."); ?>
?> </div>
</span>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Source");?></td> <td><a id="help_for_source" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Source"); ?></td>
<td width="78%" class="vtable"> <td>
<table border="0" cellspacing="1" cellpadding="1" summary="source"> <table class="table table-condensed">
<tr> <tr>
<td><?=gettext("Type:");?>&nbsp;&nbsp;</td>
<td> <td>
<select name="source_type" class="selectpicker" onchange="sourcesel_change()"> <select name="source" id="source" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
<option value="any" <?php if ($pconfig['source'] == "any") echo "selected=\"selected\""; ?>><?=gettext("any");?></option> <option data-other=true value="<?=$pconfig['source'];?>" <?=!is_alias($pconfig['source']) && !in_array($pconfig['source'],array('(self)','any')) ? "selected=\"selected\"" : "";?>><?=gettext("Single host or Network"); ?></option>
<option value="(self)" <?PHP if ($pconfig['source'] == "(self)") echo "selected=\"selected\""; ?>><?=gettext("This Firewall (self)");?></option> <option value="any" <?=$pconfig['source'] == "any" ? "selected=\"selected\"" : ""; ?>><?=gettext("any");?></option>
<option value="network" <?php if (($pconfig['source'] != "any") && ($pconfig['source'] != "(self)")) echo "selected=\"selected\""; ?>><?=gettext("Network");?></option> <option value="(self)" <?=$pconfig['source'] == "(self)" ? "selected=\"selected\"" : ""; ?>><?=gettext("This Firewall (self)");?></option>
<optgroup label="<?=gettext("aliasses");?>">
<?php foreach (legacy_list_aliasses("network") as $alias):
?>
<option value="<?=$alias['name'];?>" <?=$alias['name'] == $pconfig['source'] ? "selected=\"selected\"" : "";?>><?=htmlspecialchars($alias['name']);?></option>
<?php endforeach; ?>
</optgroup>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<td><?=gettext("Address:");?>&nbsp;&nbsp;</td>
<td>
<table>
<tr>
<td width="348px">
<input name="source" type="text" autocomplete="off" class="formfldalias" id="source" size="20" value="<?=htmlspecialchars($pconfig['source']);?>" />
</td>
<td> <td>
<select name="source_subnet" class="selectpicker" id="source_subnet" data-width="auto"> <div class="input-group">
<?php <!-- updates to "other" option in source -->
for ($i = 32; $i >= 0; $i--): <input type="text" for="source" value="<?=$pconfig['source'];?>" aria-label="<?=gettext("Source address");?>"/>
?> <select name="source_subnet" class="selectpicker" data-size="5" id="srcmask" data-width="auto" for="source" >
<option value="<?=$i;?>"<?php if ($i == $pconfig['source_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> <?php for ($i = 32; $i > 0; $i--): ?>
<?php <option value="<?=$i;?>" <?= $i == $pconfig['source_subnet'] ? "selected=\"selected\"" : ""; ?>><?=$i;?></option>
endfor; <?php endfor; ?>
?>
</select> </select>
</div>
</td> </td>
</tr> </tr>
</table> </table>
<div class="hidden" for="help_for_source">
<?=gettext("Enter the source network for the outbound NAT mapping.");?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td>&nbsp;</td> <td><a id="help_for_src_port" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Source port:");?></td>
<td> <td>
<span class="vexpl"><?=gettext("Enter the source network for the outbound NAT mapping.");?></span> <input name="sourceport" type="text" value="<?=$pconfig['sourceport'];?>" />
</td> <div class="hidden" for="help_for_src_port">
</tr>
<tr name="sport_tr" id="sport_tr">
<td><?=gettext("Source port:");?>&nbsp;&nbsp;</td>
<td>
<input name="sourceport" type="text" autocomplete="off" class="formfldalias" id="sourceport" size="5" value="<?=htmlspecialchars($pconfig['sourceport']);?>" />
<?=gettext("(leave blank for any)");?> <?=gettext("(leave blank for any)");?>
</div>
</td> </td>
</tr> </tr>
</table> <tr>
<td> <a id="help_for_dst_invert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Destination") . " / ".gettext("Invert");?> </td>
<td>
<input name="destination_not" type="checkbox" value="yes" <?= !empty($pconfig['destination_not']) ? "checked=\"checked\"" : "";?> />
<div class="hidden" for="help_for_dst_invert">
<?=gettext("Use this option to invert the sense of the match."); ?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Destination");?></td> <td><a id="help_for_destination" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Destination"); ?></td>
<td width="78%" class="vtable"> <td>
<input name="destination_not" type="checkbox" id="destination_not" value="yes" <?php if ($pconfig['destination_not']) echo "checked=\"checked\""; ?> /> <table class="table table-condensed">
<strong><?=gettext("not");?></strong><br />
<?=gettext("Use this option to invert the sense of the match.");?><br />
<br />
<table border="0" cellspacing="1" cellpadding="1" summary="destination">
<tr> <tr>
<td><?=gettext("Type:");?>&nbsp;&nbsp;</td>
<td> <td>
<select name="destination_type" class="selectpicker" onchange="typesel_change()"> <select name="destination" id="destination" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
<option value="any"<?php if ($pconfig['destination'] == "any") echo " selected=\"selected\""; ?>> <option data-other=true value="<?=$pconfig['destination'];?>" <?=!is_alias($pconfig['destination']) && $pconfig['destination'] != 'any' ? "selected=\"selected\"" : "";?>><?=gettext("Single host or Network"); ?></option>
<?=gettext("any");?> <option value="any" <?=$pconfig['destination'] == "any" ? "selected=\"selected\"" : ""; ?>><?=gettext("any");?></option>
</option> <optgroup label="<?=gettext("aliasses");?>">
<option value="network"<?php if ($pconfig['destination'] != "any") echo " selected=\"selected\""; ?>> <?php foreach (legacy_list_aliasses("network") as $alias):
<?=gettext("Network");?> ?>
</option> <option value="<?=$alias['name'];?>" <?=$alias['name'] == $pconfig['destination'] ? "selected=\"selected\"" : "";?>><?=htmlspecialchars($alias['name']);?></option>
<?php endforeach; ?>
</optgroup>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<td><?=gettext("Address:");?>&nbsp;&nbsp;</td>
<td> <td>
<table> <div class="input-group">
<tr> <!-- updates to "other" option in source -->
<td width="348px"> <input type="text" for="destination" value="<?=$pconfig['destination'];?>" aria-label="<?=gettext("Destination address");?>"/>
<input name="destination" type="text" autocomplete="off" class="formfldalias" id="destination" size="20" value="<?=htmlspecialchars($pconfig['destination']);?>" /> <select name="destination_subnet" class="selectpicker" data-size="5" data-width="auto" for="destination" >
</td> <?php for ($i = 32; $i > 0; $i--): ?>
<td> <option value="<?=$i;?>" <?= $i == $pconfig['destination_subnet'] ? "selected=\"selected\"" : ""; ?>><?=$i;?></option>
<select name="destination_subnet" class="selectpicker" id="destination_subnet" data-width="auto"> <?php endfor; ?>
<?php
for ($i = 32; $i >= 0; $i--):
?>
<option value="<?=$i;?>"<?php if ($i == $pconfig['destination_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option>
<?php
endfor;
?>
</select> </select>
</div>
</td> </td>
</tr> </tr>
</table> </table>
<div class="hidden" for="help_for_destination">
<?=gettext("Enter the source network for the outbound NAT mapping.");?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td>&nbsp;</td> <td><a id="help_for_dstport" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Destination port:");?></td>
<td>
<span class="vexpl"><?=gettext("Enter the destination network for the outbound NAT mapping.");?></span>
</td>
</tr>
<tr name="dport_tr" id="dport_tr">
<td><?=gettext("Destination port:");?>&nbsp;&nbsp;</td>
<td> <td>
<input name="dstport" type="text" autocomplete="off" class="formfldalias" id="dstport" size="5" value="<?=htmlspecialchars($pconfig['dstport']);?>" /> <input name="dstport" type="text" value="<?=$pconfig['dstport'];?>" />
<div class="hidden" for="help_for_dstport">
<?=gettext("(leave blank for any)");?> <?=gettext("(leave blank for any)");?>
</div>
</td> </td>
</tr> </tr>
</table>
</td>
</tr>
<tr name="transtable" id="transtable">
<td width="22%" valign="top" class="vncell"><?=gettext("Translation");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="1" cellpadding="1" summary="translation">
<tr> <tr>
<td><?=gettext("Address:");?>&nbsp;&nbsp;</td> <td><a id="help_for_target" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Translation"); ?></td>
<td> <td>
<select name="target" class="selectpicker" id="target" onchange="poolopts_change();"> <table class="table table-condensed">
<option value=""<?php if (!$pconfig['target']) echo " selected=\"selected\""; ?>> <tr>
<?=gettext("Interface address");?> <td>
</option> <select name="targetip" id="targetip" class="selectpicker" data-live-search="true" data-size="5" data-width="auto">
<?php <option data-other=true value="<?=$pconfig['targetip'];?>" <?= !empty($pconfig['target']) && !array_key_exists($pconfig['targetip'], formTranslateAddresses() ) ? "selected=\"selected\"" : "";?>><?=gettext("Single host or Network"); ?></option>
if (is_array($config['virtualip']['vip'])): <? foreach (formTranslateAddresses() as $optKey => $optValue):
foreach ($config['virtualip']['vip'] as $sn): ?>
if (isset($sn['noexpand'])) <option value="<?=$optKey;?>" <?= $pconfig['target'] == $optKey ? "selected=\"selected\"" : ""; ?>>
continue; <?=$optValue;?>
if ($sn['mode'] == "proxyarp" && $sn['type'] == "network"):
$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
$len = $end - $start;
?>
<option value="<?=$sn['subnet'].'/'.$sn['subnet_bits'];?>" <?php if ($sn['subnet'].'/'.$sn['subnet_bits'] == $pconfig['target']) echo "selected=\"selected\""; ?>>
<?=htmlspecialchars("Subnet: {$sn['subnet']}/{$sn['subnet_bits']} ({$sn['descr']})");?>
</option>
<?php
for ($i = 0; $i <= $len; $i++):
$snip = long2ip32($start+$i);
?>
<option value="<?=$snip;?>" <?php if ($snip == $pconfig['target']) echo "selected"; ?>>
<?=htmlspecialchars("{$snip} ({$sn['descr']})");?>
</option>
<?php
endfor;
?>
<?php
else:
?>
<option value="<?=$sn['subnet'];?>" <?php if ($sn['subnet'] == $pconfig['target']) echo "selected=\"selected\""; ?>>
<?=htmlspecialchars("{$sn['subnet']} ({$sn['descr']})");?>
</option>
<?php
endif;
endforeach;
endif;
foreach ($a_aliases as $alias):
if ($alias['type'] != "host")
continue;
?>
<option value="<?=$alias['name'];?>" <?php if ($alias['name'] == $pconfig['target']) echo "selected=\"selected\""; ?>>
<?=htmlspecialchars("Host Alias: {$alias['name']} ({$alias['descr']})");?>
</option>
<?php
endforeach;
?>
<option value="other-subnet"<?php if($pconfig['target'] == "other-subnet") echo " selected=\"selected\""; ?>>
<?=gettext("Other Subnet (Enter Below)");?>
</option> </option>
<? endforeach;
?>
</select> </select>
</td> </td>
</tr> </tr>
<tr>
<tr id="target_network">
<td><?=gettext("Other Subnet:");?>&nbsp;&nbsp;</td>
<td> <td>
<input name="targetip" type="text" class="formfld unknown" id="targetip" size="20" value="<?=htmlspecialchars($pconfig['targetip']);?>" />/ <div class="input-group">
<select name="targetip_subnet" class="selectpicker" id="targetip_subnet"> <!-- updates to "other" option in source -->
<?php <input type="text" for="targetip" value="<?=$pconfig['targetip'];?>" aria-label="<?=gettext("Translation address");?>"/>
for ($i = 32; $i >= 0; $i--): <select name="targetip_subnet" class="selectpicker" data-size="5" data-width="auto" for="destination" >
?> <?php for ($i = 32; $i > 0; $i--): ?>
<option value="<?=$i;?>"<?php if ($i == $pconfig['targetip_subnet']) echo " selected=\"selected\""; ?>><?=$i;?></option> <option value="<?=$i;?>" <?= $i == $pconfig['targetip_subnet'] ? "selected=\"selected\"" : ""; ?>><?=$i;?></option>
<?php <?php endfor; ?>
endfor;
?>
</select> </select>
</div>
</td> </td>
</tr> </tr>
</table>
<tr> <div class="hidden" for="help_for_target">
<td>&nbsp;</td> <?=gettext("Packets matching this rule will be mapped to the IP address given here.");?><br />
<td>
<span class="vexpl"><?=gettext("Packets matching this rule will be mapped to the IP address given here.");?><br />
<?=gettext("If you want this rule to apply to another IP address rather than the IP address of the interface chosen above, ". <?=gettext("If you want this rule to apply to another IP address rather than the IP address of the interface chosen above, ".
"select it here (you will need to define ");?> "select it here (you will need to define ");?>
<a href="firewall_virtual_ip.php"><?=gettext("Virtual IP");?></a> <a href="firewall_virtual_ip.php"><?=gettext("Virtual IP");?></a>
<?=gettext("addresses on the interface first).");?> <?=gettext("addresses on the interface first).");?>
</span><br /> </div>
</td> </td>
</tr> </tr>
<tr id="poolopts_tr"> <tr>
<td valign="top">Pool Options</td> <td><a id="help_for_poolopts" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Pool Options:");?></td>
<td> <td>
<select name="poolopts" id="poolopts" class="selectpicker"> <select name="poolopts" class="selectpicker">
<option value="" <?php if ($pconfig['poolopts'] == "") echo "selected=\"selected\""; ?>> <option value="" <?=empty($pconfig['poolopts']) ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Default");?> <?=gettext("Default");?>
</option> </option>
<option value="round-robin" <?php if ($pconfig['poolopts'] == "round-robin") echo "selected=\"selected\""; ?>> <option value="round-robin" <?=$pconfig['poolopts'] == "round-robin" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Round Robin");?> <?=gettext("Round Robin");?>
</option> </option>
<option value="round-robin sticky-address" <?php if ($pconfig['poolopts'] == "round-robin sticky-address") echo "selected=\"selected\""; ?>> <option value="round-robin sticky-address" <?=$pconfig['poolopts'] == "round-robin sticky-address" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Round Robin with Sticky Address");?> <?=gettext("Round Robin with Sticky Address");?>
</option> </option>
<option value="random" <?php if ($pconfig['poolopts'] == "random") echo "selected=\"selected\""; ?>> <option value="random" <?=$pconfig['poolopts'] == "random" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Random");?> <?=gettext("Random");?>
</option> </option>
<option value="random sticky-address" <?php if ($pconfig['poolopts'] == "random sticky-address") echo "selected=\"selected\""; ?>> <option value="random sticky-address" <?=$pconfig['poolopts'] == "random sticky-address" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Random with Sticky Address");?> <?=gettext("Random with Sticky Address");?>
</option> </option>
<option value="source-hash" <?php if ($pconfig['poolopts'] == "source-hash") echo "selected=\"selected\""; ?>> <option value="source-hash" <?=$pconfig['poolopts'] == "source-hash" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Source Hash");?> <?=gettext("Source Hash");?>
</option> </option>
<option value="bitmask" <?php if ($pconfig['poolopts'] == "bitmask") echo "selected=\"selected\""; ?>> <option value="bitmask" <?=$pconfig['poolopts'] == "bitmask" ? "selected=\"selected\"" : ""; ?>>
<?=htmlspecialchars("Bitmask");?> <?=gettext("Bitmask");?>
</option> </option>
</select> </select>
<br /> <div class="hidden" for="help_for_poolopts">
<span class="vexpl">
<?=gettext("Only Round Robin types work with Host Aliases. Any type can be used with a Subnet.");?><br /> <?=gettext("Only Round Robin types work with Host Aliases. Any type can be used with a Subnet.");?><br />
* <?=gettext("Round Robin: Loops through the translation addresses.");?><br /> * <?=gettext("Round Robin: Loops through the translation addresses.");?><br />
* <?=gettext("Random: Selects an address from the translation address pool at random.");?><br /> * <?=gettext("Random: Selects an address from the translation address pool at random.");?><br />
* <?=gettext("Source Hash: Uses a hash of the source address to determine the translation address, ensuring that the redirection address is always the same for a given source.");?><br /> * <?=gettext("Source Hash: Uses a hash of the source address to determine the translation address, ensuring that the redirection address is always the same for a given source.");?><br />
* <?=gettext("Bitmask: Applies the subnet mask and keeps the last portion identical; 10.0.1.50 -&gt; x.x.x.50.");?><br /> * <?=gettext("Bitmask: Applies the subnet mask and keeps the last portion identical; 10.0.1.50 -&gt; x.x.x.50.");?><br />
* <?=gettext("Sticky Address: The Sticky Address option can be used with the Random and Round Robin pool types to ensure that a particular source address is always mapped to the same translation address.");?><br /> * <?=gettext("Sticky Address: The Sticky Address option can be used with the Random and Round Robin pool types to ensure that a particular source address is always mapped to the same translation address.");?><br />
</span><br /> </div>
</td> </td>
</tr> </tr>
<tr name="tport_tr" id="tport_tr"> <tr>
<td><?=gettext("Port:");?>&nbsp;&nbsp;</td> <td><a id="help_for_natport" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Translation") . " / " .gettext("port:");?></td>
<td> <td>
<input name="natport" type="text" class="formfld unknown" id="natport" size="5" value="<?=htmlspecialchars($pconfig['natport']);?>" /> <input name="natport" type="text" value="<?=$pconfig['natport'];?>" />
<div class="hidden" for="help_for_natport">
<?=gettext("Enter the source port for the outbound NAT mapping.");?>
</div>
</td> </td>
</tr> </tr>
<tr name="tporttext_tr" id="tporttext_tr"> <tr>
<td>&nbsp;</td> <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Static-port:");?></td>
<td> <td>
<span class="vexpl"><?=gettext("Enter the source port for the outbound NAT mapping.");?></span> <input name="staticnatport" type="checkbox" <?=!empty($pconfig['staticnatport']) ? " checked=\"checked\"" : "";?> >
</td>
</tr>
<tr name="tportstatic_tr" id="tportstatic_tr">
<td><?=gettext("Static-port:");?>&nbsp;&nbsp;</td>
<td><input onchange="staticportchange();" name="staticnatport" type="checkbox" class="formfld" id="staticnatport" size="5"<?php if($pconfig['staticnatport']) echo " checked=\"checked\"";?> /></td>
</tr>
</table>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("No XMLRPC Sync");?></td> <td><a id="help_for_nosync" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("No XMLRPC Sync"); ?></td>
<td width="78%" class="vtable"> <td>
<input value="yes" name="nosync" type="checkbox" class="formfld" id="nosync"<?php if($pconfig['nosync']) echo " checked=\"checked\""; ?> /><br /> <input type="checkbox" value="yes" name="nosync" <?=!empty($pconfig['nosync']) ? "checked=\"checked\"" :"";?> />
<div class="hidden" for="help_for_nosync">
<?=gettext("Hint: This prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.");?> <?=gettext("Hint: This prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.");?>
</div>
</td> </td>
</tr> </tr>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> <td><a id="help_for_descr" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Description"); ?></td>
<td width="78%" class="vtable"> <td>
<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" /> <input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
<br /> <div class="hidden" for="help_for_descr">
<span class="vexpl"><?=gettext("You may enter a description here for your reference (not parsed).");?></span> <?=gettext("You may enter a description here " ."for your reference (not parsed)."); ?>
</td> </div>
</tr> </tr>
<?php <?php
$has_created_time = (isset($a_out[$id]['created']) && is_array($a_out[$id]['created'])); $has_created_time = (isset($a_out[$id]['created']) && is_array($a_out[$id]['created']));
$has_updated_time = (isset($a_out[$id]['updated']) && is_array($a_out[$id]['updated'])); $has_updated_time = (isset($a_out[$id]['updated']) && is_array($a_out[$id]['updated']));
if ($has_created_time || $has_updated_time): if ($has_created_time || $has_updated_time):
?> ?>
<tr> <tr>
<td>&nbsp;</td> <td colspan="2">&nbsp;</td>
</tr> </tr>
<tr> <tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("Rule Information");?></td> <td colspan="2"><?=gettext("Rule Information");?></td>
</tr> </tr>
<?php <?php
if ($has_created_time): if ($has_created_time):
?> ?>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Created");?></td> <td><?=gettext("Created");?></td>
<td width="78%" class="vtable"> <td>
<?= date(gettext("n/j/y H:i:s"), $a_out[$id]['created']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['created']['username'] ?></strong> <?= date(gettext("n/j/y H:i:s"), $a_out[$id]['created']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['created']['username'] ?></strong>
</td> </td>
</tr> </tr>
<?php <?php
endif; endif;
if ($has_updated_time): if ($has_updated_time):
?> ?>
<tr> <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Updated");?></td> <td><?=gettext("Updated");?></td>
<td width="78%" class="vtable"> <td>
<?= date(gettext("n/j/y H:i:s"), $a_out[$id]['updated']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['updated']['username'] ?></strong> <?= date(gettext("n/j/y H:i:s"), $a_out[$id]['updated']['time']) ?> <?= gettext("by") ?> <strong><?= $a_out[$id]['updated']['username'] ?></strong>
</td> </td>
</tr> </tr>
<?php <?php
endif; endif;
endif; endif;
?> ?>
<tr> <tr>
<td width="22%" valign="top">&nbsp;</td> <td>&nbsp;</td>
<td width="78%"> <td>
<input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" /> <input name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
<input type="button" class="btn btn-default" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" /> <input type="button" class="btn btn-default" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_nat_out.php');?>'" />
<?php <?php
if (isset($id) && $a_out[$id]): if (isset($id) && $a_out[$id]):
?> ?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" /> <input name="id" type="hidden" value="<?=$id;?>" />
<?php <?php
endif; endif;
?> ?>
<input name="after" type="hidden" value="<?=htmlspecialchars($after);?>" /> <input name="after" type="hidden" value="<?=isset($after) ? $after : "";?>" />
</td> </td>
</tr> </tr>
</table> </table>
...@@ -855,25 +722,4 @@ function poolopts_change() { ...@@ -855,25 +722,4 @@ function poolopts_change() {
</div> </div>
</div> </div>
</section> </section>
<script type="text/javascript">
//<![CDATA[
sourcesel_change();
typesel_change();
staticportchange();
nonat_change();
proto_change();
poolopts_change();
var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>;
var customarray = <?= json_encode(get_alias_list(array("port", "url_ports", "urltable_ports"))) ?>;
var oTextbox1 = new AutoSuggestControl(document.getElementById("source"), new StateSuggestions(addressarray));
var oTextbox2 = new AutoSuggestControl(document.getElementById("sourceport"), new StateSuggestions(customarray));
var oTextbox3 = new AutoSuggestControl(document.getElementById("destination"), new StateSuggestions(addressarray));
var oTextbox4 = new AutoSuggestControl(document.getElementById("dstport"), new StateSuggestions(customarray));
//]]>
</script>
<?php include("foot.inc"); ?> <?php include("foot.inc"); ?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment