webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 01:12:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Allow to disable masquerading.

Browse Source
This commit is contained in:
Michael Tremer
2014-05-17 14:08:52 +02:00
parent 13eef3ba74
commit 83ef9c40ef
11 changed files with 164 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/language_issues.es
View File

@@ -860,6 +860,12 @@ WARNING: untranslated string: last
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute

6
doc/language_issues.fr
View File

@@ -871,6 +871,12 @@ WARNING: untranslated string: last
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute

6
doc/language_issues.nl
View File

@@ -683,6 +683,12 @@ WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: model
WARNING: untranslated string: modem hardware details
WARNING: untranslated string: modem information

6
doc/language_issues.pl
View File

@@ -860,6 +860,12 @@ WARNING: untranslated string: last
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute

6
doc/language_issues.ru
View File

@@ -856,6 +856,12 @@ WARNING: untranslated string: last
WARNING: untranslated string: least preferred
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: maximum
WARNING: untranslated string: minimum
WARNING: untranslated string: minute

6
doc/language_issues.tr
View File

@@ -683,6 +683,12 @@ WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: masquerade blue
WARNING: untranslated string: masquerade green
WARNING: untranslated string: masquerade orange
WARNING: untranslated string: masquerading
WARNING: untranslated string: masquerading disabled
WARNING: untranslated string: masquerading enabled
WARNING: untranslated string: model
WARNING: untranslated string: modem hardware details
WARNING: untranslated string: modem information

24
doc/language_missings
View File

@@ -334,6 +334,12 @@
< least preferred
< lifetime
< mac filter
< masquerade blue
< masquerade green
< masquerade orange
< masquerading
< masquerading disabled
< masquerading enabled
< maximum
< MB read
< MB written
@@ -865,6 +871,12 @@
< least preferred
< lifetime
< mac filter
< masquerade blue
< masquerade green
< masquerade orange
< masquerading
< masquerading disabled
< masquerading enabled
< maximum
< MB read
< MB written
@@ -1380,6 +1392,12 @@
< least preferred
< lifetime
< mac filter
< masquerade blue
< masquerade green
< masquerade orange
< masquerading
< masquerading disabled
< masquerading enabled
< maximum
< MB read
< MB written
@@ -1886,6 +1904,12 @@
< least preferred
< lifetime
< mac filter
< masquerade blue
< masquerade green
< masquerade orange
< masquerading
< masquerading disabled
< masquerading enabled
< maximum
< MB read
< MB written

70
html/cgi-bin/optionsfw.cgi
View File

@@ -70,6 +70,17 @@ if ($errormessage) {
&Header::closebox();
}
# Set new defaults
if (!$settings{'MASQUERADE_GREEN'}) {
$settings{'MASQUERADE_GREEN'} = 'on';
}
if (!$settings{'MASQUERADE_ORANGE'}) {
$settings{'MASQUERADE_ORANGE'} = 'on';
}
if (!$settings{'MASQUERADE_BLUE'}) {
$settings{'MASQUERADE_BLUE'} = 'on';
}
$checked{'DROPNEWNOTSYN'}{'off'} = '';
$checked{'DROPNEWNOTSYN'}{'on'} = '';
$checked{'DROPNEWNOTSYN'}{$settings{'DROPNEWNOTSYN'}} = "checked='checked'";
@@ -112,12 +123,69 @@ $checked{'SHOWDROPDOWN'}{$settings{'SHOWDROPDOWN'}} = "checked='checked'";
$selected{'FWPOLICY'}{$settings{'FWPOLICY'}}= 'selected';
$selected{'FWPOLICY1'}{$settings{'FWPOLICY1'}}= 'selected';
$selected{'FWPOLICY2'}{$settings{'FWPOLICY2'}}= 'selected';
$selected{'MASQUERADE_GREEN'}{'off'} = '';
$selected{'MASQUERADE_GREEN'}{'on'} = '';
$selected{'MASQUERADE_GREEN'}{$settings{'MASQUERADE_GREEN'}} = 'selected="selected"';
$selected{'MASQUERADE_ORANGE'}{'off'} = '';
$selected{'MASQUERADE_ORANGE'}{'on'} = '';
$selected{'MASQUERADE_ORANGE'}{$settings{'MASQUERADE_ORANGE'}} = 'selected="selected"';
$selected{'MASQUERADE_BLUE'}{'off'} = '';
$selected{'MASQUERADE_BLUE'}{'on'} = '';
$selected{'MASQUERADE_BLUE'}{$settings{'MASQUERADE_BLUE'}} = 'selected="selected"';
&Header::openbox('100%', 'center',);
print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>";
print <<END
print <<END;
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<table width='95%' cellspacing='0'>
<tr bgcolor='$color{'color20'}'>
<td colspan='2' align='left'><b>$Lang::tr{'masquerading'}</b></td>
</tr>
<tr>
<td align='left' width='60%'>$Lang::tr{'masquerade green'}</td>
<td>
<select name='MASQUERADE_GREEN'>
<option value='on' $selected{'MASQUERADE_GREEN'}{'on'}>$Lang::tr{'masquerading enabled'}</option>
<option value='off' $selected{'MASQUERADE_GREEN'}{'off'}>$Lang::tr{'masquerading disabled'}</option>
</select>
</td>
</tr>
END
if (&Header::orange_used()) {
print <<END;
<tr>
<td align='left' width='60%'>$Lang::tr{'masquerade orange'}</td>
<td>
<select name='MASQUERADE_ORANGE'>
<option value='on' $selected{'MASQUERADE_ORANGE'}{'on'}>$Lang::tr{'masquerading enabled'}</option>
<option value='off' $selected{'MASQUERADE_ORANGE'}{'off'}>$Lang::tr{'masquerading disabled'}</option>
</select>
</td>
</tr>
END
}
if (&Header::blue_used()) {
print <<END;
<tr>
<td align='left' width='60%'>$Lang::tr{'masquerade blue'}</td>
<td>
<select name='MASQUERADE_BLUE'>
<option value='on' $selected{'MASQUERADE_BLUE'}{'on'}>$Lang::tr{'masquerading enabled'}</option>
<option value='off' $selected{'MASQUERADE_BLUE'}{'off'}>$Lang::tr{'masquerading disabled'}</option>
</select>
</td>
</tr>
END
}
print <<END
</table>
<br>
<table width='95%' cellspacing='0'>
<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'fw logging'}</b></td></tr>
<tr><td align='left' width='60%'>$Lang::tr{'drop newnotsyn'}</td><td align='left'>on <input type='radio' name='DROPNEWNOTSYN' value='on' $checked{'DROPNEWNOTSYN'}{'on'} />/

6
langs/de/cgi-bin/de.pl
View File

@@ -1432,6 +1432,12 @@
'map to guest' => 'Map to Guest',
'march' => 'März',
'marked' => 'Markiert',
'masquerade blue' => 'NAT auf BLAU',
'masquerade green' => 'NAT auf GREEN',
'masquerade orange' => 'NAT auf ORANGE',
'masquerading' => 'Masquerading/NAT',
'masquerading disabled' => 'NAT ausgeschaltet',
'masquerading enabled' => 'NAT eingeschaltet',
'max bandwith' => 'Maximale Bandbreite',
'max incoming size' => 'Max. eingehende Größe (kB):',
'max lease time' => 'Max. Haltezeit in min:',

6
langs/en/cgi-bin/en.pl
View File

@@ -1462,6 +1462,12 @@
'map to guest' => 'Map to Guest',
'march' => 'March',
'marked' => 'Marked',
'masquerade blue' => 'Masquerade BLUE',
'masquerade green' => 'Masquerade GREEN',
'masquerade orange' => 'Masquerade ORANGE',
'masquerading' => 'Masquerading',
'masquerading disabled' => 'Masquerading disabled',
'masquerading enabled' => 'Masquerading enabled',
'max bandwith' => 'Maximum bandwith',
'max incoming size' => 'Max incoming size (KB):',
'max lease time' => 'Max lease time (mins):',

25
src/initscripts/init.d/firewall
View File

@@ -336,10 +336,31 @@ iptables_red() {
# Outgoing masquerading (don't masqerade IPSEC (mark 50))
iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
if [ "$IFACE" != "$GREEN_DEV" ]; then
iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
if [ "$IFACE" = "$GREEN_DEV" ]; then
MASQUERADE_GREEN="off"
fi
local NO_MASQ_DEVICES
if [ "${MASQUERADE_GREEN}" = "off" ]; then
NO_MASQ_DEVICES="${NO_MASQ_DEVICES} ${GREEN_DEV}"
fi
if [ "${MASQUERADE_BLUE}" = "off" ]; then
NO_MASQ_DEVICES="${NO_MASQ_DEVICES} ${BLUE_DEV}"
fi
if [ "${MASQUERADE_ORANGE}" = "off" ]; then
NO_MASQ_DEVICES="${NO_MASQ_DEVICES} ${ORANGE_DEV}"
fi
local device
for device in ${NO_MASQ_DEVICES}; do
iptables -t nat -A REDNAT -i "${device}" -o "${IFACE}" -j RETURN
done
# Masquerade everything else
iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
fi
# Reload all rules.