#!/usr/bin/perl
# Update one NAT rule
require './ipfilter-lib.pl';
&ReadParse();
$rules = &get_ipnat_config();
if (!$in{'new'}) {
# Get the rule
$rule = $rules->[$in{'idx'}];
}
else {
$rule = { 'file' => $config{'ipnat_conf'},
'type' => 'ipnat' };
}
if ($in{'delete'}) {
# Just deleting
&lock_file($rule->{'file'});
&delete_rule($rule);
&flush_file_lines();
&unlock_file($rule->{'file'});
&webmin_log("delete", "nat", undef, $rule);
&redirect("");
exit;
}
# Validate and store inputs, starting with action
&error_setup($text{'nat_err'});
$rule->{'cmt'} = $in{'cmt'};
$rule->{'active'} = $in{'active'};
$rule->{'action'} = $in{'action'};
if ($rule->{'action'} ne 'rdr') {
# Parse source options
$rule->{'iface'} = &parse_interface_choice("iface", $text{'nat_eiface'});
if ($in{'frommode'} == 0) {
delete($rule->{'from'});
&parse_ipmask_input("from");
}
else {
$in{'action'} eq 'map-block' && &error($text{'nat_emapblock1'});
$rule->{'from'} = 1;
&parse_object_input($rule, "from");
&parse_object_input($rule, "fromto");
}
# Parse destination
delete($rule->{'tostart'});
if ($in{'tomode'} == 0) {
&parse_ipmask_input("to");
}
elsif ($in{'tomode'} == 2) {
$rule->{'toip'} = '0.0.0.0';
$rule->{'tomask'} = 32;
}
else {
$in{'action'} eq 'map-block' && &error($text{'nat_emapblock2'});
&check_ipaddress($in{'tostart'}) ||
&error($text{'nat_etostart'});
&check_ipaddress($in{'toend'}) ||
&error($text{'nat_etoend'});
$rule->{'tostart'} = $in{'tostart'};
$rule->{'toend'} = $in{'toend'};
}
# Parse port mapping
if ($in{'portmapmode'} == 0) {
delete($rule->{'portmap'});
}
else {
$rule->{'portmap'} = $in{'portmap'};
if ($in{'portmapnoauto'}) {
$rule->{'portauto'} = 0;
&valid_port($in{'portmapfrom'}) ||
&error($text{'nat_eportmapfrom'});
&valid_port($in{'portmapto'}) ||
&error($text{'nat_eportmapto'});
$rule->{'portmapfrom'} = $in{'portmapfrom'};
$rule->{'portmapto'} = $in{'portmapto'};
}
else {
$rule->{'portauto'} = 1;
}
}
# Parse application proxy
if ($in{'proxymode'} == 0) {
delete($rule->{'proxyport'});
}
else {
&parse_proxy_input("proxy");
}
# Parse other options
if ($in{'proto'}) {
$rule->{'proto'} = $in{'protoproto'};
}
else {
delete($rule->{'proto'});
}
$rule->{'frag'} = $in{'frag'};
if ($in{'mssclamp'}) {
$in{'mss'} =~ /^\d+$/ || &error($text{'nat_emss'});
$rule->{'mssclamp'} = $in{'mss'};
}
else {
delete($rule->{'mssclamp'});
}
if ($in{'oproxy'}) {
&parse_proxy_input("oproxy");
}
else {
delete($rule->{'oproxyport'});
}
}
else {
# Validate and store redirect inputs
$rule->{'iface'} = &parse_interface_choice("iface", $text{'nat_eiface'});
# Save redirect address
&parse_ipmask_input("from");
# Save destination ports
if ($in{'dportsmode'} == 0) {
&valid_port($in{'dport'}) || &error($text{'nat_edport'});
$rule->{'dport1'} = $in{'dport'};
delete($rule->{'dport2'});
}
else {
&valid_port($in{'dport1'}) || &error($text{'nat_edport1'});
&valid_port($in{'dport2'}) || &error($text{'nat_edport2'});
$rule->{'dport1'} = $in{'dport1'};
$rule->{'dport2'} = $in{'dport2'};
}
# Save protocol
$rule->{'rdrproto'} = $in{'rdrproto'};
# Save redirect IPs
@ips = split(/\s+/, $in{'rdrip'});
foreach $ip (@ips) {
&check_ipaddress($ip) || &error(&text('net_erdrip', $ip));
}
@ips || &error($text{'nat_erdrips'});
$rule->{'rdrip'} = \@ips;
# Save redirect port
&valid_port($in{'rdrport'}) || &error($text{'nat_erdrport'});
$rule->{'rdrport'} = $in{'rdrport'};
# Save options
$rule->{'round-robin'} = $in{'round-robin'};
$rule->{'frag'} = $in{'frag'};
if ($in{'mssclamp'}) {
$in{'mss'} =~ /^\d+$/ || &error($text{'nat_emss'});
$rule->{'mssclamp'} = $in{'mss'};
}
else {
delete($rule->{'mssclamp'});
}
}
&lock_file($rule->{'file'});
if ($in{'new'}) {
if ($in{'before'} ne '') {
# Insert before some rule
$before = $rules->[$in{'before'}];
&insert_rule($rule, $before);
}
elsif ($in{'after'} ne '') {
if ($in{'after'} == @$rules - 1) {
&create_rule($rule); # at end anyway
}
else {
# Insert after some rule
$before = $rules->[$in{'after'}+1];
&insert_rule($rule, $before);
}
}
else {
# Append to end
&create_rule($rule);
}
}
else {
&modify_rule($rule);
}
&flush_file_lines();
&unlock_file($rule->{'file'});
©_to_cluster();
&webmin_log($in{'new'} ? "create" : "modify", "nat", undef, $rule);
&redirect("");
# parse_ipmask_input(prefix)
sub parse_ipmask_input
{
local ($pfx) = @_;
&check_ipaddress($in{$pfx."ip"}) || &error($text{'nat_e'.$pfx.'ip'});
&check_ipaddress($in{$pfx."mask"}) ||
$in{$pfx."mask"} =~ /^\d+$/ &&
$in{$pfx."mask"} >= 0 && $in{$pfx."mask"} <= 32 ||
&error($text{'nat_e'.$pfx.'ip'});
$rule->{$pfx."ip"} = $in{$pfx."ip"};
$rule->{$pfx."mask"} = $in{$pfx."mask"};
}
sub parse_proxy_input
{
local ($pfx) = @_;
&valid_port($in{$pfx."port"}) || &error($text{'nat_e'.$pfx.'port'});
&valid_port($in{$pfx."name"}) || &error($text{'nat_e'.$pfx.'name'});
$rule->{$pfx."port"} = $in{$pfx."port"};
$rule->{$pfx."name"} = $in{$pfx."name"};
$rule->{$pfx."proto"} = $in{$pfx."proto"};
}
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| images | Folder | 0755 |
|
|
| lang | Folder | 0755 |
|
|
| CHANGELOG | File | 896 B | 0644 |
|
| apply.cgi | File | 271 B | 0755 |
|
| backup_config.pl | File | 604 B | 0755 |
|
| bootup.cgi | File | 252 B | 0755 |
|
| cluster.cgi | File | 2.01 KB | 0755 |
|
| cluster_add.cgi | File | 1.78 KB | 0755 |
|
| cluster_delete.cgi | File | 522 B | 0755 |
|
| config | File | 155 B | 0644 |
|
| config-freebsd | File | 149 B | 0644 |
|
| config-solaris-10-ALL | File | 177 B | 0644 |
|
| config.info | File | 669 B | 0644 |
|
| config.info.ca | File | 717 B | 0644 |
|
| config.info.de | File | 743 B | 0644 |
|
| config.info.nl | File | 741 B | 0644 |
|
| convert.cgi | File | 341 B | 0755 |
|
| edit_nat.cgi | File | 7.83 KB | 0755 |
|
| edit_rule.cgi | File | 9.81 KB | 0755 |
|
| index.cgi | File | 8.42 KB | 0755 |
|
| install_check.pl | File | 337 B | 0755 |
|
| ipfilter-lib.pl | File | 39.32 KB | 0755 |
|
| log_parser.pl | File | 928 B | 0755 |
|
| module.info | File | 198 B | 0644 |
|
| module.info.af | File | 0 B | 0644 |
|
| module.info.af.auto | File | 129 B | 0644 |
|
| module.info.ar | File | 0 B | 0644 |
|
| module.info.ar.auto | File | 183 B | 0644 |
|
| module.info.be | File | 0 B | 0644 |
|
| module.info.be.auto | File | 180 B | 0644 |
|
| module.info.bg | File | 0 B | 0644 |
|
| module.info.bg.auto | File | 232 B | 0644 |
|
| module.info.ca | File | 121 B | 0644 |
|
| module.info.cs | File | 0 B | 0644 |
|
| module.info.cs.auto | File | 121 B | 0644 |
|
| module.info.da | File | 0 B | 0644 |
|
| module.info.da.auto | File | 117 B | 0644 |
|
| module.info.de | File | 97 B | 0644 |
|
| module.info.el | File | 0 B | 0644 |
|
| module.info.el.auto | File | 239 B | 0644 |
|
| module.info.es | File | 0 B | 0644 |
|
| module.info.es.auto | File | 118 B | 0644 |
|
| module.info.eu | File | 0 B | 0644 |
|
| module.info.eu.auto | File | 117 B | 0644 |
|
| module.info.fa | File | 0 B | 0644 |
|
| module.info.fa.auto | File | 182 B | 0644 |
|
| module.info.fi | File | 0 B | 0644 |
|
| module.info.fi.auto | File | 123 B | 0644 |
|
| module.info.fr | File | 0 B | 0644 |
|
| module.info.fr.auto | File | 132 B | 0644 |
|
| module.info.he | File | 0 B | 0644 |
|
| module.info.he.auto | File | 166 B | 0644 |
|
| module.info.hr | File | 0 B | 0644 |
|
| module.info.hr.auto | File | 121 B | 0644 |
|
| module.info.hu | File | 0 B | 0644 |
|
| module.info.hu.auto | File | 150 B | 0644 |
|
| module.info.it | File | 0 B | 0644 |
|
| module.info.it.auto | File | 130 B | 0644 |
|
| module.info.ja | File | 0 B | 0644 |
|
| module.info.ja.auto | File | 179 B | 0644 |
|
| module.info.ko | File | 0 B | 0644 |
|
| module.info.ko.auto | File | 140 B | 0644 |
|
| module.info.lt | File | 0 B | 0644 |
|
| module.info.lt.auto | File | 144 B | 0644 |
|
| module.info.lv | File | 0 B | 0644 |
|
| module.info.lv.auto | File | 134 B | 0644 |
|
| module.info.ms | File | 0 B | 0644 |
|
| module.info.ms.auto | File | 125 B | 0644 |
|
| module.info.mt | File | 0 B | 0644 |
|
| module.info.mt.auto | File | 123 B | 0644 |
|
| module.info.nl | File | 26 B | 0644 |
|
| module.info.nl.auto | File | 109 B | 0644 |
|
| module.info.no | File | 0 B | 0644 |
|
| module.info.no.auto | File | 126 B | 0644 |
|
| module.info.pl | File | 0 B | 0644 |
|
| module.info.pl.auto | File | 117 B | 0644 |
|
| module.info.pt | File | 0 B | 0644 |
|
| module.info.pt.auto | File | 116 B | 0644 |
|
| module.info.pt_BR | File | 0 B | 0644 |
|
| module.info.pt_BR.auto | File | 122 B | 0644 |
|
| module.info.ro | File | 0 B | 0644 |
|
| module.info.ro.auto | File | 128 B | 0644 |
|
| module.info.ru | File | 0 B | 0644 |
|
| module.info.ru.auto | File | 166 B | 0644 |
|
| module.info.sk | File | 0 B | 0644 |
|
| module.info.sk.auto | File | 126 B | 0644 |
|
| module.info.sl | File | 0 B | 0644 |
|
| module.info.sl.auto | File | 125 B | 0644 |
|
| module.info.sv | File | 0 B | 0644 |
|
| module.info.sv.auto | File | 122 B | 0644 |
|
| module.info.th | File | 0 B | 0644 |
|
| module.info.th.auto | File | 202 B | 0644 |
|
| module.info.tr | File | 0 B | 0644 |
|
| module.info.tr.auto | File | 154 B | 0644 |
|
| module.info.uk | File | 0 B | 0644 |
|
| module.info.uk.auto | File | 186 B | 0644 |
|
| module.info.ur | File | 0 B | 0644 |
|
| module.info.ur.auto | File | 198 B | 0644 |
|
| module.info.vi | File | 0 B | 0644 |
|
| module.info.vi.auto | File | 149 B | 0644 |
|
| module.info.zh | File | 0 B | 0644 |
|
| module.info.zh.auto | File | 110 B | 0644 |
|
| module.info.zh_TW | File | 0 B | 0644 |
|
| module.info.zh_TW.auto | File | 116 B | 0644 |
|
| move.cgi | File | 427 B | 0755 |
|
| natmove.cgi | File | 432 B | 0755 |
|
| save_nat.cgi | File | 5.06 KB | 0755 |
|
| save_rule.cgi | File | 4.88 KB | 0755 |
|
| setup.cgi | File | 6.12 KB | 0755 |
|
| unapply.cgi | File | 235 B | 0755 |
|