use Sort::Naturally;
use utf8;
use feature 'unicode_strings';
+use experimental 'smartmatch';
no warnings 'uninitialized';
#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
+require '/var/ipfire/network-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+require "${General::swroot}/location-functions.pl";
require "/usr/lib/firewall/firewall-lib.pl";
-unless (-d "${General::swroot}/firewall") { system("mkdir ${General::swroot}/firewall"); }
-unless (-e "${General::swroot}/firewall/settings") { system("touch ${General::swroot}/firewall/settings"); }
-unless (-e "${General::swroot}/firewall/config") { system("touch ${General::swroot}/firewall/config"); }
-unless (-e "${General::swroot}/firewall/input") { system("touch ${General::swroot}/firewall/input"); }
-unless (-e "${General::swroot}/firewall/outgoing") { system("touch ${General::swroot}/firewall/outgoing"); }
+unless (-d "${General::swroot}/firewall") { &General::system("mkdir", "${General::swroot}/firewall"); }
+unless (-e "${General::swroot}/firewall/settings") { &General::system("touch", "${General::swroot}/firewall/settings"); }
+unless (-e "${General::swroot}/firewall/config") { &General::system("touch", "${General::swroot}/firewall/config"); }
+unless (-e "${General::swroot}/firewall/input") { &General::system("touch", "${General::swroot}/firewall/input"); }
+unless (-e "${General::swroot}/firewall/outgoing") { &General::system("touch", "${General::swroot}/firewall/outgoing"); }
my %fwdfwsettings=();
my %selected=() ;
my %netsettings=();
my %customhost=();
my %customgrp=();
+my %customlocationgrp=();
my %customnetworks=();
my %customservice=();
my %customservicegrp=();
my $confignet = "${General::swroot}/fwhosts/customnetworks";
my $confighost = "${General::swroot}/fwhosts/customhosts";
my $configgrp = "${General::swroot}/fwhosts/customgroups";
+my $configlocationgrp = "${General::swroot}/fwhosts/customlocationgrp";
my $configsrv = "${General::swroot}/fwhosts/customservices";
my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
my @protocols;
&General::readhash("${General::swroot}/firewall/settings", \%fwdfwsettings);
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
-&General::readhash($fwoptions, \%optionsfw);
+&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
+&General::readhash($fwoptions, \%optionsfw);
&General::readhash($ifacesettings, \%ifaces);
&General::readhash("$configovpn", \%ovpnsettings);
&General::readhash("$configipsecrw", \%ipsecsettings);
\$("#actions").toggle();
});
+ // Hide SNAT items when DNAT is selected and vice versa.
+ if (\$('input[name=nat]:checked').val() == 'dnat') {
+ \$('.snat').hide();
+ } else {
+ \$('.dnat').hide();
+ }
+
+ // Show/Hide elements when SNAT/DNAT get changed.
+ \$('input[name=nat]').change(function() {
+ \$('.snat').toggle();
+ \$('.dnat').toggle();
+ });
+
// Time constraints
if(!\$("#USE_TIME_CONSTRAINTS").attr("checked")) {
\$("#TIME_CONSTRAINTS").hide();
&General::readhasharray("$configfwdfw", \%configfwdfw);
&General::readhasharray("$configinput", \%configinputfw);
&General::readhasharray("$configoutgoing", \%configoutgoingfw);
+ &General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
my $maxkey;
#Set Variables according to the JQuery code in protocol section
if ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')
{
$fwdfwsettings{'USESRV'} = 'ON';
}
+
+ # Check if a manual target IP is one of the IPFire's addresses.
+ if ($fwdfwsettings{'grp2'} eq 'tgt_addr') {
+ # Grab all available network zones.
+ my @network_zones = &Network::get_available_network_zones();
+
+ # Loop through the array of network zones.
+ foreach my $zone (@network_zones) {
+ # Skip red network zone.
+ next if $zone eq "red";
+
+ # Convert current zone name into upper case.
+ $zone = uc($zone);
+
+ # Generate key to access the required data from the netsettings hash.
+ my $key = $zone . "_ADDRESS";
+
+ # Obtain the configured address for the current zone from the netsettings hash.
+ my $zone_address = $netsettings{$key};
+
+ # Check if the given address and the current processed zone address are the same.
+ if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $zone_address) {
+ # Map the type and target.
+ $fwdfwsettings{'grp2'} = 'ipfire';
+ $fwdfwsettings{$fwdfwsettings{'grp2'}} = $zone;
+
+ # End loop.
+ last;
+ }
+ }
+ }
+
$errormessage=&checksource;
if(!$errormessage){&checktarget;}
if(!$errormessage){&checkrule;}
$checkorange='on';
}
}
- #check useless rules
- if( ($fwdfwsettings{$fwdfwsettings{'grp1'}} eq 'ORANGE' || $checkorange eq 'on') && $fwdfwsettings{'grp2'} eq 'ipfire'){
- $errormessage.=$Lang::tr{'fwdfw useless rule'}."<br>";
- }
#check if we try to break rules
if( $fwdfwsettings{'grp1'} eq 'ipfire_src' && $fwdfwsettings{'grp2'} eq 'ipfire'){
$errormessage=$Lang::tr{'fwdfw err same'};
}
# INPUT part
- if ($fwdfwsettings{'grp2'} eq 'ipfire' && $fwdfwsettings{$fwdfwsettings{'grp1'}} ne 'ORANGE'){
+ if ($fwdfwsettings{'grp2'} eq 'ipfire') {
$fwdfwsettings{'config'}=$configinput;
$fwdfwsettings{'chain'} = 'INPUTFW';
$maxkey=&General::findhasharraykey(\%configinputfw);
}
}
if ($fwdfwsettings{'isip'} eq 'on'){
+ #remove leading zero
+ $ip = &Network::ip_remove_zero($ip);
+
##check if ip is valid
if (! &General::validip($ip)){
$errormessage.=$Lang::tr{'fwdfw err src_addr'}."<br>";
if (&General::validport($_)){
push (@values,$_);
}else{
-
+
}
}
}
#check DNAT settings (has to be single Host and single Port or portrange)
if ($fwdfwsettings{'USE_NAT'} eq 'ON' && $fwdfwsettings{'nat'} eq 'dnat'){
if($fwdfwsettings{'grp2'} eq 'tgt_addr' || $fwdfwsettings{'grp2'} eq 'cust_host_tgt' || $fwdfwsettings{'grp2'} eq 'ovpn_host_tgt'){
- #check if manual ip is a single Host (if set)
- if ($fwdfwsettings{'grp2'} eq 'tgt_addr'){
- my @tmp= split (/\./,$fwdfwsettings{$fwdfwsettings{'grp2'}});
- my @tmp1= split ("/",$tmp[3]);
- if (($tmp1[0] eq "0") || ($tmp1[0] eq "255"))
- {
- $errormessage=$Lang::tr{'fwdfw dnat error'}."<br>";
- return $errormessage;
+ # Check if a manual entered IP is a single Host (if set)
+ if ($fwdfwsettings{'grp2'} eq 'tgt_addr') {
+ # Split input into address and prefix (if provided).
+ my ($address, $subnet) = split ('/', $fwdfwsettings{$fwdfwsettings{'grp2'}});
+
+ # Check if a subnet is given.
+ if ($subnet) {
+ # Check if the prefix or subnetmask is for a single host.
+ unless ($subnet eq "32" || $subnet eq "255.255.255.255") {
+ # Set error message.
+ $errormessage=$Lang::tr{'fwdfw dnat error'}."<br>";
+
+ # Return the error.
+ return $errormessage;
+ }
}
}
+
#check if Port is a single Port or portrange
if ($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'grp3'} eq 'TGT_PORT'){
if(($fwdfwsettings{'PROT'} ne 'TCP'|| $fwdfwsettings{'PROT'} ne 'UDP') && $fwdfwsettings{'TGT_PORT'} eq ''){
($ip,$subnet)=split (/\//,$fwdfwsettings{'tgt_addr'});
$subnet = &General::iporsubtocidr($subnet);
}
+
#check if only ip
if($fwdfwsettings{'tgt_addr'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
$ip=$fwdfwsettings{'tgt_addr'};
$subnet='32';
}
+ #remove leading zero
+ $ip = &Network::ip_remove_zero($ip);
+
#check if ip is valid
if (! &General::validip($ip)){
$errormessage.=$Lang::tr{'fwdfw err tgt_addr'}."<br>";
&General::readhasharray("$confighost", \%customhost);
foreach my $grpkey (sort keys %customgrp){
foreach my $hostkey (sort keys %customhost){
- if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customhost{$hostkey}[1] eq 'mac'){
+ if ($customgrp{$grpkey}[2] eq $customhost{$hostkey}[0] && $customgrp{$grpkey}[0] eq $fwdfwsettings{$fwdfwsettings{'grp2'}} && $customhost{$hostkey}[1] eq 'mac'){
$hint=$Lang::tr{'fwdfw hint mac'};
return $hint;
}
if (&General::validport($_)){
push (@values,$_);
}else{
-
+
}
}
}
# A Test if manual ip is part of dynamic openvpn subnet is made in getcolor
# because if one creates a custom host with the ip, we need to check the color there!
# It does not make sense to check this here
-
+
# Test if manual IP is part of an OpenVPN N2N subnet does also not make sense here
# Is also checked in getcolor
-
+
# Test if manual ip is part of an IPsec Network is also checked in getcolor
return 1;
}
sub checkvpncolor
{
-
+
}
sub deleterule
{
my $grp=shift;
my $helper='';
my $show='';
+
+ my %checked = ();
+ my %selected = ();
+
$checked{'grp1'}{$fwdfwsettings{'grp1'}} = 'CHECKED';
$checked{'grp2'}{$fwdfwsettings{'grp2'}} = 'CHECKED';
$checked{'grp3'}{$fwdfwsettings{'grp3'}} = 'CHECKED';
$checked{'TIME_SUN'}{$fwdfwsettings{'TIME_SUN'}} = 'CHECKED';
$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected';
$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected';
print<<END;
<table width='100%' border='0'>
<tr><td width='50%' valign='top'>
{
next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
print "<option value='$defaultNetworks{$network}{'NAME'}'";
- print " selected='selected'" if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $defaultNetworks{$network}{'NAME'});
+
+ # Check if the the key handles a standard network.
+ if ( grep(/std_net_/, $fwdfwsettings{$grp}) ) {
+ print " selected='selected'" if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $defaultNetworks{$network}{'NAME'});
+ }
+
my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
my $defsub1=&General::subtocidr($ifaces{$defsub});
}
print"</select></td>";
}
+ # Locations / groups.
+ my @locations = &fwlib::get_locations();
+
+ print "<tr>\n";
+ print "<td valign='top'><input type='radio' name='$grp' id='cust_location_$srctgt' value='cust_location_$srctgt' $checked{$grp}{'cust_location_'.$srctgt}></td>\n";
+ print "<td>$Lang::tr{'location'}</td>\n";
+ print "<td align='right'><select name='cust_location_$srctgt' style='width:200px;'>\n";
+
+ # Add Location groups to dropdown.
+ if (!-z $configlocationgrp) {
+ print "<optgroup label='$Lang::tr{'fwhost cust locationgroup'}'>\n";
+ foreach my $key (sort { ncmp($customlocationgrp{$a}[0],$customlocationgrp{$b}[0]) } keys %customlocationgrp) {
+ my $selected;
+
+ # Generate stored value for select detection.
+ my $stored = join(':', "group",$customlocationgrp{$key}[0]);
+
+ # Only show a group once and group with elements.
+ if($helper ne $customlocationgrp{$key}[0] && $customlocationgrp{$key}[2] ne 'none') {
+ # Mark current entry as selected.
+ if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $stored) {
+ $selected = "selected='selected'";
+ }
+ print"<option $selected value='group:$customlocationgrp{$key}[0]'>$customlocationgrp{$key}[0]</option>\n";
+ }
+ $helper=$customlocationgrp{$key}[0];
+ }
+ print "</optgroup>\n";
+ }
+
+ # Add locations.
+ print "<optgroup label='$Lang::tr{'fwhost cust location'}'>\n";
+ foreach my $location (@locations) {
+ # Get country name.
+ my $country_name = &Location::Functions::get_full_country_name($location);
+
+ # Mark current entry as selected.
+ my $selected;
+ if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $location) {
+ $selected = "selected='selected'";
+ }
+ print "<option $selected value='$location'>$location - $country_name</option>\n";
+ }
+ print "</optgroup>\n";
+
+ # Close Locations dropdown.
+ print "</select></td>\n";
+
#End left table. start right table (vpn)
print"</tr></table></td><td valign='top'><table width='95%' border='0' align='right'><tr>";
# CCD networks
#IPsec netze
foreach my $key (sort { ncmp($ipsecconf{$a}[1],$ipsecconf{$b}[1]) } keys %ipsecconf) {
if ($ipsecconf{$key}[3] eq 'net' || ($optionsfw{'SHOWDROPDOWN'} eq 'on' && $ipsecconf{$key}[3] ne 'host')){
- print"<tr><td valign='top'><input type='radio' name='$grp' value='ipsec_net_$srctgt' $checked{$grp}{'ipsec_net_'.$srctgt}></td><td >$Lang::tr{'fwhost ipsec net'}</td><td align='right'><select name='ipsec_net_$srctgt' style='width:200px;'>" if ($show eq '');
+ print"<tr><td valign='top'><input type='radio' name='$grp' id='ipsec_net_$srctgt' value='ipsec_net_$srctgt' $checked{$grp}{'ipsec_net_'.$srctgt}></td><td >$Lang::tr{'fwhost ipsec net'}</td><td align='right'><select name='ipsec_net_$srctgt' style='width:200px;'>" if ($show eq '');
$show='1';
+
+ #Check if we have more than one REMOTE subnet in config
+ my @arr1 = split /\|/, $ipsecconf{$key}[11];
+ my $cnt1 += @arr1;
+
print "<option ";
- print "selected='selected'" if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $ipsecconf{$key}[1]);
- print ">$ipsecconf{$key}[1]</option>";
+ print "value=$ipsecconf{$key}[1]";
+ print " selected " if ($fwdfwsettings{$fwdfwsettings{$grp}} eq "$ipsecconf{$key}[1]");
+ print ">$ipsecconf{$key}[1] ";
+ print "($Lang::tr{'fwdfw all subnets'})" if $cnt1 > 1; #If this Conenction has more than one subnet, print one option for all subnets
+ print "</option>";
+
+ if ($cnt1 > 1){
+ foreach my $val (@arr1){
+ #normalize subnet to cidr notation
+ my ($val1,$val2) = split /\//, $val;
+ my $val3 = &General::iporsubtocidr($val2);
+ print "<option ";
+ print "value='$ipsecconf{$key}[1]|$val1/$val3'";
+ print "selected " if ($fwdfwsettings{$fwdfwsettings{$grp}} eq "$ipsecconf{$key}[1]|$val1/$val3");
+ print ">$ipsecconf{$key}[1] ($val1/$val3)</option>";
+ }
+ }
}
}
if($optionsfw{'SHOWDROPDOWN'} eq 'on' && $show eq ''){
print"<tr><td valign='top'><input type='radio' name='$grp' id='ipsec_net_$srctgt' value='ipsec_net_$srctgt' $checked{$grp}{'ipsec_net_'.$srctgt}></td><td >$Lang::tr{'fwhost ipsec net'}</td><td align='right'><select name='ipsec_net_$srctgt' style='width:200px;'><select></td></tr>";
}
if ($show eq '1'){$show='';print"</select></td></tr>";}
-
+
print"</table>";
print"</td></tr></table><br>";
}
&General::readhasharray("$confighost", \%customhost);
&General::readhasharray("$configccdhost", \%ccdhost);
&General::readhasharray("$configgrp", \%customgrp);
+ &General::readhasharray("$configlocationgrp", \%customlocationgrp);
&General::readhasharray("$configipsec", \%ipsecconf);
&General::get_aliases(\%aliases);
- my %checked=();
+
+ my %checked = ();
+ my %selected = ();
+
my $helper;
my $sum=0;
if($fwdfwsettings{'config'} eq ''){$fwdfwsettings{'config'}=$configfwdfw;}
$checked{'USE_NAT'}{$fwdfwsettings{'USE_NAT'}} = 'CHECKED';
$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected';
$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected';
- $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
+ $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} = 'selected' if ($fwdfwsettings{'grp2'} eq "ipfire");
+ $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} = 'selected' if ($fwdfwsettings{'grp1'} eq "ipfire_src");
#check if update and get values
if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on' && !$errormessage){
&General::readhasharray("$config", \%hash);
$fwdfwsettings{'RULE_ACTION'} = $hash{$key}[0];
$fwdfwsettings{'chain'} = $hash{$key}[1];
$fwdfwsettings{'ACTIVE'} = $hash{$key}[2];
- $fwdfwsettings{'grp1'} = $hash{$key}[3];
- $fwdfwsettings{$fwdfwsettings{'grp1'}} = $hash{$key}[4];
- $fwdfwsettings{'grp2'} = $hash{$key}[5];
- $fwdfwsettings{$fwdfwsettings{'grp2'}} = $hash{$key}[6];
+ $fwdfwsettings{'grp1'} = $hash{$key}[3];
+ $fwdfwsettings{$fwdfwsettings{'grp1'}} = $hash{$key}[4];
+ $fwdfwsettings{'grp2'} = $hash{$key}[5];
+ $fwdfwsettings{$fwdfwsettings{'grp2'}} = $hash{$key}[6];
$fwdfwsettings{'USE_SRC_PORT'} = $hash{$key}[7];
$fwdfwsettings{'PROT'} = $hash{$key}[8];
$fwdfwsettings{'ICMP_TYPES'} = $hash{$key}[9];
$fwdfwsettings{'USE_NAT'} = $hash{$key}[28];
$fwdfwsettings{'nat'} = $hash{$key}[31]; #changed order
$fwdfwsettings{$fwdfwsettings{'nat'}} = $hash{$key}[29];
+ #Fix BUG 12479
+ #When copying a DNAT Rule, the sourceport has to be empty at this point.
+ if($hash{$key}[14] eq 'cust_srv' and $hash{$key}[31] eq 'dnat'){
+ $hash{$key}[30] = '';
+ }
$fwdfwsettings{'dnatport'} = $hash{$key}[30];
$fwdfwsettings{'LIMIT_CON_CON'} = $hash{$key}[32];
$fwdfwsettings{'concon'} = $hash{$key}[33];
$checked{'RATE_LIMIT'}{$fwdfwsettings{'RATE_LIMIT'}} = 'CHECKED';
$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected';
$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected';
- $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected';
- $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected';
+ $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} = 'selected' if ($fwdfwsettings{'grp2'} eq "ipfire");
+ $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} = 'selected' if ($fwdfwsettings{'grp1'} eq "ipfire_src");
$selected{'dnat'}{$fwdfwsettings{'dnat'}} ='selected';
$selected{'snat'}{$fwdfwsettings{'snat'}} ='selected';
$selected{'RATETIME'}{$fwdfwsettings{'RATETIME'}} ='selected';
if ( &General::IpInSubnet($sip,$netsettings{'ORANGE_ADDRESS'},$netsettings{'ORANGE_NETMASK'})){
$fwdfwsettings{'oldorange'} ='on';
}
- }
+ }
}
# Split manual source and target address and delete the subnet
my ($sip,$scidr) = split("/",$fwdfwsettings{$fwdfwsettings{'grp1'}});
$Lang::tr{'fwdfw use nat'}
</label>
<div class="NAT">
- <table width='100%' border='0'>
+ <table class='fw-nat' width='100%' border='0'>
<tr>
<td width='5%'></td>
<td width='40%'>
END
print <<END;
- <td width='25%' align='right'>$Lang::tr{'dnat address'}:</td>
+ <td width='25%' align='right'><span class='dnat'>$Lang::tr{'dnat address'}:</span></td>
<td width='30%'>
- <select name='dnat' style='width: 100%;'>
+ <select name='dnat' class='dnat' style='width: 100%;'>
<option value='AUTO' $selected{'dnat'}{'AUTO'}>- $Lang::tr{'automatic'} -</option>
<option value='Default IP' $selected{'dnat'}{'Default IP'}>$Lang::tr{'red1'} ($redip)</option>
END
$Lang::tr{'fwdfw snat'}
</label>
</td>
- <td width='25%' align='right'>$Lang::tr{'snat new source ip address'}:</td>
+ <td width='25%' align='right'><span class='snat'>$Lang::tr{'snat new source ip address'}:</span></td>
<td width='30%'>
- <select name='snat' style='width: 100%;'>
+ <select name='snat' class='snat' style='width: 100%;'>
+ <option value='RED' $selected{'snat'}{'RED'}>$Lang::tr{'red1'} ($redip)</option>
END
foreach my $alias (sort keys %aliases) {
#---TARGET------------------------------------------------------
&Header::openbox('100%', 'left', $Lang::tr{'fwdfw target'});
print<<END;
- <table width='100%' border='0'>
+ <table width='100%' border='0'>
<tr><td width='1%'><input type='radio' name='grp2' value='tgt_addr' checked></td><td width='60%' nowrap='nowrap'>$Lang::tr{'fwdfw targetip'}<input type='TEXT' name='tgt_addr' value='$fwdfwsettings{'tgt_addr'}' size='16' maxlength='18'><td width='1%'><input type='radio' name='grp2' id='ipfire' value='ipfire' $checked{'grp2'}{'ipfire'}></td><td><b>Firewall</b></td>
END
print"<td align='right'><select name='ipfire' style='width:200px;'>";
print"<tr><td width='12%'>$Lang::tr{'remark'}:</td><td width='88%' align='left'><input type='text' name='ruleremark' maxlength='255' value='$fwdfwsettings{'ruleremark'}' style='width:99%;'></td></tr>";
if($fwdfwsettings{'updatefwrule'} eq 'on' || $fwdfwsettings{'copyfwrule'} eq 'on'){
print "<tr><td width='12%'>$Lang::tr{'fwdfw rulepos'}:</td><td><select name='rulepos' >";
- for (my $count =1; $count <= $sum; $count++){
+ for (my $count =1; $count <= $sum; $count++){
print"<option value='$count' ";
print"selected='selected'" if($fwdfwsettings{'oldrulenumber'} eq $count);
print">$count</option>";
print "<option $selected{'TIME_FROM'}{$time}>$i:$j</option>\n";
}
}
- print<<END;
+ print<<END;
</select> ‐
<select name='TIME_TO'>
END
$color="$color{'color14'}";
$coloryellow='';
}elsif($coloryellow eq ''){
- if ($count % 2){
+ if ($count % 2){
$color="$color{'color22'}";
}
else{
#SOURCE
my $ipfireiface;
&getcolor($$hash{$key}[3],$$hash{$key}[4],\%customhost);
+ # Check SRC Host and replace "|" with space
+ if ($$hash{$key}[4] =~ /\|/){
+ $$hash{$key}[4] =~ s/\|/ (/g;
+ $$hash{$key}[4] = $$hash{$key}[4].")";
+ }
print"<td align='center' width='30%' $tdcolor>";
if ($$hash{$key}[3] eq 'ipfire_src'){
$ipfireiface=$Lang::tr{'fwdfw iface'};
}else{
print $$hash{$key}[4];
}
+ }elsif ($$hash{$key}[3] eq 'cust_location_src') {
+ my ($split1,$split2) = split(":", $$hash{$key}[4]);
+ if ($split2) {
+ print "$split2\n";
+ }else{
+ print "$Lang::tr{'location'}: $$hash{$key}[4]\n";
+ }
}elsif ($$hash{$key}[4] eq 'RED1'){
print "$ipfireiface $Lang::tr{'fwdfw red'}";
}elsif ($$hash{$key}[4] eq 'ALL'){
print<<END;
<td align='center' $tdcolor>
END
+ # Check TGT Host and replace "|" with space
+ if ($$hash{$key}[6] =~ /\|/){
+ $$hash{$key}[6] =~ s/\|/ (/g;
+ $$hash{$key}[6] = $$hash{$key}[6].")";
+ }
#Is this a DNAT rule?
my $natstring;
if ($$hash{$key}[31] eq 'dnat' && $$hash{$key}[28] eq 'ON'){
}else{
print $$hash{$key}[6];
}
+ }elsif ($$hash{$key}[5] eq 'cust_location_tgt') {
+ my ($split1,$split2) = split(":", $$hash{$key}[6]);
+ if ($split2) {
+ print "$split2\n";
+ }else{
+ print "$Lang::tr{'location'}: $$hash{$key}[6]\n";
+ }
}elsif ($$hash{$key}[5] eq 'tgt_addr'){
my ($split1,$split2) = split("/",$$hash{$key}[6]);
if ($split2 eq '32'){
#RULE ACTIVE
if($$hash{$key}[2] eq 'ON'){
$gif="/images/on.gif"
-
}else{
$gif="/images/off.gif"
}