my $configovpn = "${General::swroot}/ovpn/settings";
my $val;
my $field;
+my $netsettings = "${General::swroot}/ethernet/settings";
&General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
&General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings);
&General::readhash("${General::swroot}/vpn/settings", \%ipsecsettings);
-
+&General::readhash("$netsettings", \%defaultNetworks);
&General::readhasharray("$confignet", \%customnetwork);
&General::readhasharray("$confighost", \%customhost);
}
}
}
-# Functions used by rules.pl
-sub get_addresses {
+sub get_addresses
+{
my $hash = shift;
my $key = shift;
my $type = shift;
return @addresses;
}
-sub get_address {
+sub get_address
+{
my $key = shift;
my $value = shift;
my $type = shift;
return @ret;
}
-sub get_external_interface() {
+sub get_external_interface()
+{
open(IFACE, "/var/ipfire/red/iface") or return "";
my $iface = <IFACE>;
close(IFACE);
return $iface;
}
-sub get_external_address() {
+sub get_external_address()
+{
open(ADDR, "/var/ipfire/red/local-ipaddress") or return "";
my $address = <ADDR>;
close(ADDR);
return $address;
}
-sub get_alias {
+sub get_alias
+{
my $id = shift;
foreach my $alias (sort keys %aliases) {
}
}
}
-sub get_nat_address {
+sub get_nat_address
+{
my $zone = shift;
my $source = shift;
# Any static address of any zone.
if ($zone eq "AUTO") {
- if ($source) {
+ if ($source && ($source !~ m/mac/i )) {
my $firewall_ip = &get_internal_firewall_ip_address($source, 1);
if ($firewall_ip) {
return $firewall_ip;
print_error("Could not find NAT address");
}
-sub get_internal_firewall_ip_addresses {
+sub get_internal_firewall_ip_addresses
+{
my $use_orange = shift;
my @zones = ("GREEN", "BLUE");
return @addresses;
}
-sub get_matching_firewall_address {
+sub get_matching_firewall_address
+{
my $addr = shift;
my $use_orange = shift;
return 0;
}
-sub get_internal_firewall_ip_address {
+sub get_internal_firewall_ip_address
+{
my $subnet = shift;
my $use_orange = shift;
return 0;
}
-
return 1;
&base;
}
}
+sub del_double
+{
+ my %all=();
+ @all{@_}=1;
+ return (keys %all);
+}
sub disable_rule
{
my $key1=shift;
<td align='center' $tdcolor>
END
#Is this a DNAT rule?
+ my $natstring;
if ($$hash{$key}[31] eq 'dnat' && $$hash{$key}[28] eq 'ON'){
if ($$hash{$key}[29] eq 'Default IP'){$$hash{$key}[29]=$Lang::tr{'red1'};}
- print "Firewall ($$hash{$key}[29])";
+ if ($$hash{$key}[29] eq 'AUTO'){
+ my @src_addresses=&fwlib::get_addresses(\%$hash,$key,'src');
+ my @nat_ifaces;
+ foreach my $val (@src_addresses){
+ my ($ip,$sub)=split("/",$val);
+ push (@nat_ifaces,&fwlib::get_nat_address($$hash{$key}[29],$ip));
+ }
+ @nat_ifaces=&del_double(@nat_ifaces);
+ $natstring = join(', ', @nat_ifaces);
+ }else{
+ $natstring = $$hash{$key}[29];
+ }
+ print "$Lang::tr{'firewall'} ($natstring)";
if($$hash{$key}[30] ne ''){
$$hash{$key}[30]=~ tr/|/,/;
print": $$hash{$key}[30]";