From 7af64730812680b63d95bb4c8d512e9ed6313615 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Fri, 10 May 2019 16:59:32 +0200 Subject: [PATCH] filter, port forward. support multiple interfaces per rule, when used and an automatic filter rule association is created it will be set as "Floating" + quick. closes https://github.com/opnsense/core/issues/1242 --- src/www/firewall_nat.php | 6 +++++- src/www/firewall_nat_edit.php | 18 +++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/www/firewall_nat.php b/src/www/firewall_nat.php index 1504cf4f9..68a58756b 100644 --- a/src/www/firewall_nat.php +++ b/src/www/firewall_nat.php @@ -363,7 +363,11 @@ $( document ).ready(function() { - + + + diff --git a/src/www/firewall_nat_edit.php b/src/www/firewall_nat_edit.php index 2cd01ee8c..062768301 100644 --- a/src/www/firewall_nat_edit.php +++ b/src/www/firewall_nat_edit.php @@ -51,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $pconfig['protocol'] = "tcp"; $pconfig['srcbeginport'] = "any"; $pconfig['srcendport'] = "any"; - $pconfig['interface'] = "wan"; + $pconfig['interface'] = ["wan"]; $pconfig['dstbeginport'] = 80 ; $pconfig['dstendport'] = 80 ; $pconfig['local-port'] = 80; @@ -68,6 +68,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { // fields with some kind of logic. $pconfig['disabled'] = isset($a_nat[$configId]['disabled']); $pconfig['nordr'] = isset($a_nat[$configId]['nordr']); + $pconfig['interface'] = explode(",", $pconfig['interface']); address_to_pconfig($a_nat[$configId]['source'], $pconfig['src'], $pconfig['srcmask'], $pconfig['srcnot'], $pconfig['srcbeginport'], $pconfig['srcendport']); @@ -84,7 +85,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { } } elseif (isset($_GET['template']) && $_GET['template'] == 'transparent_proxy') { // new rule for transparent proxy reflection, to use as sample - $pconfig['interface'] = "lan"; + $pconfig['interface'] = ["lan"]; $pconfig['src'] = "lan"; $pconfig['dst'] = "any"; $pconfig['ipprotocol'] = "inet"; @@ -210,7 +211,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { if ($pconfig['protocol'] != 'any') { $natent['protocol'] = $pconfig['protocol']; } - $natent['interface'] = $pconfig['interface']; + $natent['interface'] = implode(",", $pconfig['interface']); $natent['ipprotocol'] = $pconfig['ipprotocol']; $natent['descr'] = $pconfig['descr']; $natent['tag'] = $pconfig['tag']; @@ -297,6 +298,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $filterent['destination'] = array(); } $filterent['destination']['address'] = $pconfig['target']; + if (count($pconfig['interface']) > 1) { + $filterent['floating'] = true; + $filterent['quick'] = "yes"; + } else { + unset($filterent['floating']); + unset($filterent['quick']); + } if (!empty($pconfig['log'])) { $filterent['log'] = true; @@ -532,10 +540,10 @@ $( document ).ready(function() {
- true)) as $iface => $ifdetail): ?> -