Firewall: make DNAT only accessible from selected source network

[ipfire-2.x.git] / html / cgi-bin / fwhosts.cgi

diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index eeb83ac127bc216b3e7c10e7568c1c82cab7bdb4..ce2f7f558adaa9a9f208722c60aa6479b3bee9d7 100644 (file)
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -1644,7 +1644,10 @@ sub getcolor
                        $tdcolor="<font style='color: $Header::colourblue;'>$c</font>";
                        return $tdcolor;
                }
-
+               if ("$sip/$scidr" eq "0.0.0.0/0"){
+                       $tdcolor="<font style='color: $Header::colourred;'>$c</font>";
+                       return $tdcolor;
+               }
                #Check if IP is part of OpenVPN N2N subnet
                foreach my $key (sort keys %ccdhost){
                        if ($ccdhost{$key}[3] eq 'net'){
@@ -2501,6 +2504,9 @@ sub getipforgroup
                        &General::readhash("${General::swroot}/vpn/settings",\%hash);
                        return $hash{'RW_NET'};
                }
+               if ($name eq 'RED'){
+                       return "0.0.0.0/0";
+               }
        }
 }
 sub decrease