Project

General

Profile

Download (19.7 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / firewall_nat_1to1_edit.php @ a1b66bec

1
<?php
2
/* $Id$ */
3
/*
4
	firewall_nat_1to1_edit.php
5
	part of m0n0wall (http://m0n0.ch/wall)
6

    
7
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
8
	All rights reserved.
9

    
10
	Redistribution and use in source and binary forms, with or without
11
	modification, are permitted provided that the following conditions are met:
12

    
13
	1. Redistributions of source code must retain the above copyright notice,
14
	   this list of conditions and the following disclaimer.
15

    
16
	2. Redistributions in binary form must reproduce the above copyright
17
	   notice, this list of conditions and the following disclaimer in the
18
	   documentation and/or other materials provided with the distribution.
19

    
20
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29
	POSSIBILITY OF SUCH DAMAGE.
30
*/
31
/*
32
	pfSense_MODULE:	nat
33
*/
34

    
35
##|+PRIV
36
##|*IDENT=page-firewall-nat-1-1-edit
37
##|*NAME=Firewall: NAT: 1:1: Edit page
38
##|*DESCR=Allow access to the 'Firewall: NAT: 1:1: Edit' page.
39
##|*MATCH=firewall_nat_1to1_edit.php*
40
##|-PRIV
41

    
42
require("guiconfig.inc");
43
require_once("interfaces.inc");
44
require_once("filter.inc");
45
require("shaper.inc");
46

    
47
$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/firewall_nat_1to1.php');
48

    
49
$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
50
$ifdisp = get_configured_interface_with_descr();
51
foreach ($ifdisp as $kif => $kdescr) {
52
	$specialsrcdst[] = "{$kif}";
53
	$specialsrcdst[] = "{$kif}ip";
54
}
55

    
56
if (!is_array($config['nat']['onetoone']))
57
	$config['nat']['onetoone'] = array();
58

    
59
$a_1to1 = &$config['nat']['onetoone'];
60

    
61
if (is_numericint($_GET['id']))
62
	$id = $_GET['id'];
63
if (isset($_POST['id']) && is_numericint($_POST['id']))
64
	$id = $_POST['id'];
65

    
66
$after = $_GET['after'];
67
if (isset($_POST['after']))
68
	$after = $_POST['after'];
69

    
70
if (isset($_GET['dup']))  {
71
	$id = $_GET['dup'];
72
	$after = $_GET['dup'];
73
}
74

    
75
if (isset($id) && $a_1to1[$id]) {
76
	$pconfig['disabled'] = isset($a_1to1[$id]['disabled']);
77

    
78
	address_to_pconfig($a_1to1[$id]['source'], $pconfig['src'],
79
		$pconfig['srcmask'], $pconfig['srcnot'],
80
		$pconfig['srcbeginport'], $pconfig['srcendport']);
81

    
82
	address_to_pconfig($a_1to1[$id]['destination'], $pconfig['dst'],
83
		$pconfig['dstmask'], $pconfig['dstnot'],
84
		$pconfig['dstbeginport'], $pconfig['dstendport']);
85

    
86
	$pconfig['interface'] = $a_1to1[$id]['interface'];
87
	if (!$pconfig['interface'])
88
		$pconfig['interface'] = "wan";
89

    
90
	$pconfig['external'] = $a_1to1[$id]['external'];
91
	$pconfig['descr'] = $a_1to1[$id]['descr'];
92
	$pconfig['natreflection'] = $a_1to1[$id]['natreflection'];
93
} else
94
	$pconfig['interface'] = "wan";
95

    
96
if (isset($_GET['dup']))
97
	unset($id);
98

    
99
if ($_POST) {
100

    
101
	unset($input_errors);
102
	$pconfig = $_POST;
103
	/*  run through $_POST items encoding HTML entties so that the user
104
	 *  cannot think he is slick and perform a XSS attack on the unwilling
105
	 */
106
	foreach ($_POST as $key => $value) {
107
		$temp = str_replace(">", "", $value);
108
		$newpost = htmlentities($temp);
109
		if($newpost <> $temp)
110
			$input_errors[] = sprintf(gettext("Invalid characters detected (%s).  Please remove invalid characters and save again."),$temp);
111
	}
112

    
113
	/* input validation */
114
	$reqdfields = explode(" ", "interface external");
115
	$reqdfieldsn = array(gettext("Interface"), gettext("External subnet"));
116
	if ($_POST['srctype'] == "single" || $_POST['srctype'] == "network") {
117
		$reqdfields[] = "src";
118
		$reqdfieldsn[] = gettext("Source address");
119
	}
120
	if ($_POST['dsttype'] == "single" || $_POST['dsttype'] == "network") {
121
		$reqdfields[] = "dst";
122
		$reqdfieldsn[] = gettext("Destination address");
123
	}
124

    
125
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
126

    
127
	if ($_POST['external'])
128
		$_POST['external'] = trim($_POST['external']);
129
	if ($_POST['src'])
130
		$_POST['src'] = trim($_POST['src']);
131
	if ($_POST['dst'])
132
		$_POST['dst'] = trim($_POST['dst']);
133

    
134
	if (is_specialnet($_POST['srctype'])) {
135
		$_POST['src'] = $_POST['srctype'];
136
		$_POST['srcmask'] = 0;
137
	} else if ($_POST['srctype'] == "single") {
138
		$_POST['srcmask'] = 32;
139
	}
140
	if (is_specialnet($_POST['dsttype'])) {
141
		$_POST['dst'] = $_POST['dsttype'];
142
		$_POST['dstmask'] = 0;
143
	} else if ($_POST['dsttype'] == "single") {
144
		$_POST['dstmask'] = 32;
145
	} else if (is_ipaddr($_POST['dsttype'])) {
146
		$_POST['dst'] = $_POST['dsttype'];
147
		$_POST['dstmask'] = 32;
148
		$_POST['dsttype'] = "single";
149
	}
150

    
151
	/* For external, user can enter only ip's */
152
	if (($_POST['external'] && !is_ipaddr($_POST['external'])))
153
		$input_errors[] = gettext("A valid external subnet must be specified.");
154

    
155
	/* For dst, if user enters an alias and selects "network" then disallow. */
156
	if ($_POST['dsttype'] == "network" && is_alias($_POST['dst']) )
157
		$input_errors[] = gettext("You must specify single host or alias for alias entries.");
158

    
159
	/* For src, user can enter only ip's or networks */
160
	if (!is_specialnet($_POST['srctype'])) {
161
		if (($_POST['src'] && !is_ipaddr($_POST['src']))) {
162
			$input_errors[] = sprintf(gettext("%s is not a valid internal IP address."), $_POST['src']);
163
		}
164
		if (($_POST['srcmask'] && !is_numericint($_POST['srcmask']))) {
165
			$input_errors[] = gettext("A valid internal bit count must be specified.");
166
		}
167
	}
168

    
169
	/* For dst, user can enter ip's, networks or aliases */
170
	if (!is_specialnet($_POST['dsttype'])) {
171
		if (($_POST['dst'] && !is_ipaddroralias($_POST['dst']))) {
172
			$input_errors[] = sprintf(gettext("%s is not a valid destination IP address or alias."), $_POST['dst']);
173
		}
174
		if (($_POST['dstmask'] && !is_numericint($_POST['dstmask']))) {
175
			$input_errors[] = gettext("A valid destination bit count must be specified.");
176
		}
177
	}
178

    
179
	/* check for overlaps with other 1:1 */
180
	foreach ($a_1to1 as $natent) {
181
		if (isset($id) && ($a_1to1[$id]) && ($a_1to1[$id] === $natent))
182
			continue;
183

    
184
		if (check_subnets_overlap($_POST['internal'], $_POST['subnet'], $natent['internal'], $natent['subnet'])) {
185
			//$input_errors[] = "Another 1:1 rule overlaps with the specified internal subnet.";
186
			//break;
187
		}
188
	}
189

    
190
	if (!$input_errors) {
191
		$natent = array();
192

    
193
		$natent['disabled'] = isset($_POST['disabled']) ? true:false;
194
		$natent['external'] = $_POST['external'];
195
		$natent['descr'] = $_POST['descr'];
196
		$natent['interface'] = $_POST['interface'];
197

    
198
		pconfig_to_address($natent['source'], $_POST['src'],
199
			$_POST['srcmask'], $_POST['srcnot']);
200

    
201
		pconfig_to_address($natent['destination'], $_POST['dst'],
202
			$_POST['dstmask'], $_POST['dstnot']);
203

    
204
		if ($_POST['natreflection'] == "enable" || $_POST['natreflection'] == "disable")
205
			$natent['natreflection'] = $_POST['natreflection'];
206
		else
207
			unset($natent['natreflection']);
208

    
209
		if (isset($id) && $a_1to1[$id])
210
			$a_1to1[$id] = $natent;
211
		else {
212
			if (is_numeric($after))
213
				array_splice($a_1to1, $after+1, 0, array($natent));
214
			else
215
				$a_1to1[] = $natent;
216
		}
217

    
218
		if (write_config())
219
			mark_subsystem_dirty('natconf');
220
		header("Location: firewall_nat_1to1.php");
221
		exit;
222
	}
223
}
224

    
225
$pgtitle = array(gettext("Firewall"),gettext("NAT"),gettext("1:1"),gettext("Edit"));
226
include("head.inc");
227

    
228
?>
229

    
230
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
231
<script type="text/javascript" src="/javascript/suggestions.js"></script>
232
<script type="text/javascript" src="/javascript/autosuggest.js"></script>
233
<script type="text/javascript">
234
//<![CDATA[
235
function typesel_change() {
236
	switch (document.iform.srctype.selectedIndex) {
237
		case 1: /* single */
238
			document.iform.src.disabled = 0;
239
			document.iform.srcmask.value = "";
240
			document.iform.srcmask.disabled = 1;
241
			break;
242
		case 2: /* network */
243
			document.iform.src.disabled = 0;
244
			document.iform.srcmask.disabled = 0;
245
			break;
246
		default:
247
			document.iform.src.value = "";
248
			document.iform.src.disabled = 1;
249
			document.iform.srcmask.value = "";
250
			document.iform.srcmask.disabled = 1;
251
			break;
252
	}
253
	switch (document.iform.dsttype.selectedIndex) {
254
		case 1: /* single */
255
			document.iform.dst.disabled = 0;
256
			document.iform.dstmask.value = "";
257
			document.iform.dstmask.disabled = 1;
258
			break;
259
		case 2: /* network */
260
			document.iform.dst.disabled = 0;
261
			document.iform.dstmask.disabled = 0;
262
			break;
263
		default:
264
			document.iform.dst.value = "";
265
			document.iform.dst.disabled = 1;
266
			document.iform.dstmask.value = "";
267
			document.iform.dstmask.disabled = 1;
268
			break;
269
	}
270
}
271
//]]>
272
</script>
273

    
274
<?php
275
include("fbegin.inc");
276
if ($input_errors)
277
	print_input_errors($input_errors);
278
?>
279
<form action="firewall_nat_1to1_edit.php" method="post" name="iform" id="iform">
280
	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="firewall nat 1to1 edit">
281
		<tr>
282
			<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit NAT 1:1 entry"); ?></td>
283
		</tr>
284
		<tr>
285
			<td width="22%" valign="top" class="vncellreq"><?=gettext("Disabled"); ?></td>
286
			<td width="78%" class="vtable">
287
				<input name="disabled" type="checkbox" id="disabled" value="yes" <?php if ($pconfig['disabled']) echo "checked=\"checked\""; ?> />
288
				<strong><?=gettext("Disable this rule"); ?></strong><br />
289
				<span class="vexpl"><?=gettext("Set this option to disable this rule without removing it from the list."); ?></span>
290
			</td>
291
		</tr>
292
		<tr>
293
			<td width="22%" valign="top" class="vncellreq"><?=gettext("Interface"); ?></td>
294
			<td width="78%" class="vtable">
295
				<select name="interface" class="formselect">
296
<?php
297
					foreach ($ifdisp as $if => $ifdesc)
298
						if(have_ruleint_access($if))
299
							$interfaces[$if] = $ifdesc;
300

    
301
					if ($config['l2tp']['mode'] == "server")
302
						if(have_ruleint_access("l2tp"))
303
							$interfaces['l2tp'] = "L2TP VPN";
304

    
305
					if ($config['pptpd']['mode'] == "server")
306
						if(have_ruleint_access("pptp"))
307
							$interfaces['pptp'] = "PPTP VPN";
308

    
309
					if (is_pppoe_server_enabled() && have_ruleint_access("pppoe"))
310
						$interfaces['pppoe'] = "PPPoE Server";
311

    
312
					/* add ipsec interfaces */
313
					if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
314
						if(have_ruleint_access("enc0"))
315
							$interfaces["enc0"] = "IPsec";
316

    
317
					/* add openvpn/tun interfaces */
318
					if  ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"])
319
						$interfaces["openvpn"] = "OpenVPN";
320

    
321
					foreach ($interfaces as $iface => $ifacename):
322
?>
323
						<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""; ?>>
324
							<?=htmlspecialchars($ifacename);?>
325
						</option>
326
<?php
327
					endforeach;
328
?>
329
				</select><br />
330
			  <span class="vexpl"><?=gettext("Choose which interface this rule applies to"); ?>.<br />
331
			  <?=gettext("Hint: in most cases, you'll want to use WAN here"); ?>.</span></td>
332
		</tr>
333
		<tr>
334
			<td width="22%" valign="top" class="vncellreq"><?=gettext("External subnet IP"); ?></td>
335
			<td width="78%" class="vtable">
336
				<input name="external" type="text" class="formfld" id="external" size="20" value="<?=htmlspecialchars($pconfig['external']);?>" />
337
				<br />
338
				<span class="vexpl">
339
					<?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping.  " .
340
						"The subnet mask from the internal address below will be applied to this IP address."); ?><br />
341
					<?=gettext("Hint: this is generally an address owned by the router itself on the selected interface."); ?>
342
				</span>
343
			</td>
344
		</tr>
345
		<tr>
346
			<td width="22%" valign="top" class="vncellreq"><?=gettext("Internal IP"); ?></td>
347
			<td width="78%" class="vtable">
348
				<input name="srcnot" type="checkbox" id="srcnot" value="yes" <?php if ($pconfig['srcnot']) echo "checked=\"checked\""; ?> />
349
				<strong><?=gettext("not"); ?></strong>
350
				<br />
351
				<?=gettext("Use this option to invert the sense of the match."); ?>
352
				<br />
353
				<br />
354
				<table border="0" cellspacing="0" cellpadding="0" summary="source">
355
					<tr>
356
						<td><?=gettext("Type:"); ?>&nbsp;&nbsp;</td>
357
						<td>
358
							<select name="srctype" class="formselect" onchange="typesel_change()">
359
<?php
360
							$sel = is_specialnet($pconfig['src']);
361
?>
362
								<option value="any"     <?php if ($pconfig['src'] == "any") { echo "selected=\"selected\""; } ?>><?=gettext("any"); ?></option>
363
								<option value="single"  <?php if ((($pconfig['srcmask'] == 32) || !isset($pconfig['srcmask'])) && !$sel) { echo "selected=\"selected\""; $sel = 1; } ?>>
364
									<?=gettext("Single host"); ?>
365
								</option>
366
								<option value="network" <?php if (!$sel) echo "selected=\"selected\""; ?>><?=gettext("Network"); ?></option>
367
<?php
368
							if(have_ruleint_access("pptp")):
369
?>
370
								<option value="pptp"    <?php if ($pconfig['src'] == "pptp") { echo "selected=\"selected\""; } ?>><?=gettext("PPTP clients"); ?></option>
371
<?php
372
							endif;
373
							if(have_ruleint_access("pppoe")):
374
?>
375
								<option value="pppoe"   <?php if ($pconfig['src'] == "pppoe") { echo "selected=\"selected\""; } ?>><?=gettext("PPPoE clients"); ?></option>
376
<?php
377
							endif;
378
							if(have_ruleint_access("l2tp")):
379
?>
380
								<option value="l2tp"   <?php if ($pconfig['src'] == "l2tp") { echo "selected=\"selected\""; } ?>><?=gettext("L2TP clients"); ?></option>
381
<?php
382
							endif;
383
							foreach ($ifdisp as $ifent => $ifdesc):
384
								if(have_ruleint_access($ifent)):
385
?>
386
									<option value="<?=$ifent;?>" <?php if ($pconfig['src'] == $ifent) { echo "selected=\"selected\""; } ?>>
387
										<?=htmlspecialchars($ifdesc);?> <?=gettext("net"); ?>
388
									</option>
389
									<option value="<?=$ifent;?>ip"<?php if ($pconfig['src'] ==  $ifent . "ip") { echo "selected=\"selected\""; } ?>>
390
										<?=$ifdesc?> <?=gettext("address");?>
391
									</option>
392
<?php
393
								endif;
394
							endforeach;
395
?>
396
							</select>
397
						</td>
398
					</tr>
399
					<tr>
400
						<td><?=gettext("Address:"); ?>&nbsp;&nbsp;</td>
401
						<td>
402
							<input name="src" type="text" class="formfld" id="src" size="20" value="<?php if (!is_specialnet($pconfig['src'])) echo htmlspecialchars($pconfig['src']);?>" /> /
403
							<select name="srcmask" class="formselect" id="srcmask">
404
<?php
405
							for ($i = 31; $i > 0; $i--):
406
?>
407
                                                	        <option value="<?=$i;?>" <?php if ($i == $pconfig['srcmask']) echo "selected=\"selected\""; ?>><?=$i;?></option>
408
<?php
409
							endfor;
410
?>
411
							</select>
412
						</td>
413
					</tr>
414
				</table>
415
				<br />
416
				<span class="vexpl"><?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet will be applied to the external subnet."); ?></span>
417
			</td>
418
		</tr>
419
		<tr>
420
			<td width="22%" valign="top" class="vncellreq"><?=gettext("Destination"); ?></td>
421
			<td width="78%" class="vtable">
422
				<input name="dstnot" type="checkbox" id="dstnot" value="yes" <?php if ($pconfig['dstnot']) echo "checked=\"checked\""; ?> />
423
				<strong><?=gettext("not"); ?></strong>
424
				<br />
425
				<?=gettext("Use this option to invert the sense of the match."); ?>
426
				<br />
427
				<br />
428
				<table border="0" cellspacing="0" cellpadding="0" summary="destination">
429
					<tr>
430
						<td><?=gettext("Type:"); ?>&nbsp;&nbsp;</td>
431
						<td>
432
							<select name="dsttype" class="formselect" onchange="typesel_change()">
433
<?php
434
							$sel = is_specialnet($pconfig['dst']); ?>
435
								<option value="any" <?php if (empty($pconfig['dst']) || $pconfig['dst'] == "any") { echo "selected=\"selected\""; } ?>><?=gettext("any"); ?></option>
436
								<option value="single" <?php if (($pconfig['dstmask'] == 32) && !$sel) { echo "selected=\"selected\""; $sel = 1; } ?>>
437
									<?=gettext("Single host or alias"); ?>
438
								</option>
439
								<option value="network" <?php if (!$sel && !empty($pconfig['dst'])) echo "selected=\"selected\""; ?>>
440
									<?=gettext("Network"); ?>
441
								</option>
442
<?php
443
							if(have_ruleint_access("pptp")):
444
?>
445
								<option value="pptp" <?php if ($pconfig['dst'] == "pptp") { echo "selected=\"selected\""; } ?>>
446
									<?=gettext("PPTP clients"); ?>
447
								</option>
448
<?php
449
							endif;
450
							if(have_ruleint_access("pppoe")):
451
?>
452
								<option value="pppoe" <?php if ($pconfig['dst'] == "pppoe") { echo "selected=\"selected\""; } ?>>
453
									<?=gettext("PPPoE clients"); ?>
454
								</option>
455
<?php
456
							endif;
457
							if(have_ruleint_access("l2tp")):
458
?>
459
								<option value="l2tp" <?php if ($pconfig['dst'] == "l2tp") { echo "selected=\"selected\""; } ?>>
460
									<?=gettext("L2TP clients"); ?>
461
								</option>
462
<?php
463
							endif;
464

    
465
							foreach ($ifdisp as $if => $ifdesc):
466
								if(have_ruleint_access($if)):
467
?>
468
									<option value="<?=$if;?>" <?php if ($pconfig['dst'] == $if) { echo "selected=\"selected\""; } ?>><?=htmlspecialchars($ifdesc);?>
469
										<?=gettext("net"); ?>
470
									</option>
471
									<option value="<?=$if;?>ip"<?php if ($pconfig['dst'] == $if . "ip") { echo "selected=\"selected\""; } ?>>
472
										<?=$ifdesc;?> <?=gettext("address");?>
473
									</option>
474
<?php
475
								endif;
476
							endforeach;
477
?>
478
							</select>
479
						</td>
480
					</tr>
481
					<tr>
482
						<td><?=gettext("Address:"); ?>&nbsp;&nbsp;</td>
483
						<td>
484
							<input name="dst" type="text" autocomplete="off" class="formfldalias" id="dst" size="20" value="<?php if (!is_specialnet($pconfig['dst'])) echo htmlspecialchars($pconfig['dst']);?>" />
485
							/
486
							<select name="dstmask" class="formselect" id="dstmask">
487
<?php
488
							for ($i = 31; $i > 0; $i--):
489
?>
490
								<option value="<?=$i;?>" <?php if ($i == $pconfig['dstmask']) echo "selected=\"selected\""; ?>><?=$i;?></option>
491
<?php
492
							endfor;
493
?>
494
							</select>
495
						</td>
496
					</tr>
497
				</table>
498
				<br />
499
				<span class="vexpl">
500
					<?=gettext("The 1:1 mapping will only be used for connections to or from the specified destination."); ?><br />
501
					<?=gettext("Hint: this is usually 'any'."); ?>
502
				</span>
503
			</td>
504
		</tr>
505
		<tr>
506
			<td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td>
507
			<td width="78%" class="vtable">
508
				<input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=htmlspecialchars($pconfig['descr']);?>" />
509
				<br />
510
				<span class="vexpl">
511
					<?=gettext("You may enter a description here for your reference (not parsed)."); ?>
512
				</span>
513
			</td>
514
		</tr>
515
		<tr>
516
			<td width="22%" valign="top" class="vncell"><?=gettext("NAT reflection"); ?></td>
517
			<td width="78%" class="vtable">
518
				<select name="natreflection" class="formselect">
519
					<option value="default" <?php if ($pconfig['natreflection'] != "enable" && $pconfig['natreflection'] != "disable") echo "selected=\"selected\""; ?>>
520
						<?=gettext("use system default"); ?>
521
					</option>
522
					<option value="enable" <?php if ($pconfig['natreflection'] == "enable") echo "selected=\"selected\""; ?>>
523
						<?=gettext("enable"); ?>
524
					</option>
525
					<option value="disable" <?php if ($pconfig['natreflection'] == "disable") echo "selected=\"selected\""; ?>>
526
						<?=gettext("disable"); ?>
527
					</option>
528
				</select>
529
			</td>
530
		</tr>
531
		<tr>
532
			<td width="22%" valign="top">&nbsp;</td>
533
			<td width="78%">
534
				<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
535
				<input type="button" class="formbtn" value="<?=gettext("Cancel");?>" onclick="window.location.href='<?=$referer;?>'" />
536
				<?php if (isset($id) && $a_1to1[$id]): ?>
537
				<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
538
				<?php endif; ?>
539
			</td>
540
		</tr>
541
	</table>
542
</form>
543
<script type="text/javascript">
544
//<![CDATA[
545
	typesel_change();
546
//]]>
547
</script>
548
<script type="text/javascript">
549
//<![CDATA[
550
	var addressarray = <?= json_encode(get_alias_list(array("host", "network", "openvpn", "urltable"))) ?>;
551
	var oTextbox1 = new AutoSuggestControl(document.getElementById("dst"), new StateSuggestions(addressarray));
552
//]]>
553
</script>
554
<?php include("fend.inc"); ?>
555
</body>
556
</html>
(65-65/256)