Forward Firewall: cleanup of initscript. Fixes double log entries when INPUT is set...

[people/teissler/ipfire-2.x.git] / html / cgi-bin / forwardfw.cgi

diff --git a/html/cgi-bin/forwardfw.cgi b/html/cgi-bin/forwardfw.cgi
index a37fb29d1e7bbce05ea42608068f8e1f9c80160d..3f4ad306b30e48979c2020457cdb25a43e6dc52b 100755 (executable)
--- a/html/cgi-bin/forwardfw.cgi
+++ b/html/cgi-bin/forwardfw.cgi
@@ -77,7 +77,7 @@ my %aliases=();
 my %optionsfw=();
 my %ifaces=();
 
-my $VERSION='0.9.8.7';
+my $VERSION='0.9.8.9';
 my $color;
 my $confignet          = "${General::swroot}/fwhosts/customnetworks";
 my $confighost         = "${General::swroot}/fwhosts/customhosts";
@@ -923,7 +923,19 @@ sub checkrule
 {
        #check valid port for NAT
        if($fwdfwsettings{'USE_NAT'} eq 'ON'){
+               #if no port is given in nat area, take target host port
                if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'grp3'} eq 'TGT_PORT' && $fwdfwsettings{'dnatport'} eq ''){$fwdfwsettings{'dnatport'}=$fwdfwsettings{'TGT_PORT'};}
+               
+               #check if given nat port is already used by another dnatrule
+               if($fwdfwsettings{'nat'} eq 'dnat'){
+                       foreach my $id (sort keys %confignatfw){
+                               if ($fwdfwsettings{'dnatport'} eq $confignatfw{$id}[30]){
+                                       $errormessage=$Lang::tr{'fwdfw natport used'}."<br>";
+                               }
+                       }
+               }
+               
+               #check if port given in nat area is a single valid port
                if($fwdfwsettings{'nat'} eq 'dnat' && !&check_natport($fwdfwsettings{'dnatport'})){
                        $errormessage=$Lang::tr{'fwdfw target'}.": ".$Lang::tr{'fwdfw dnat porterr'}."<br>";
                }