This disables the theme support and makes it impossible to use any other
themes than the ipfire default theme.
The only intention of this patch is to hardcode the theme to ipfire.
To change any cgi we have is an ugly way, but the only way to do this
fast. The colour handling needs certainly to be improved as well, but
this will and should be done in other patches.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Fixes: #12479
When copying a NAT rule in the firewall the existing sourceport is copied, too.
This Fix deletes the sourceport from a copied NAT rule. After Saving, the correct port is used.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Now its possible to create a rule with orange source and target orange interface of the firewall.
Fixes: #11805
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When creating firewallrules or using firewall groups,
it should be possible to select a single IpSec subnet if there is more than one.
This patch has the changes for firewall.cgi
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Tested-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When using dnat addresses, it is possible to use big subnets and host addresses like 172.16.0.0/12.
These addresses where rejected because it was recognised as network address.
The check is now removed.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
in firewallgroups (hosts) an error was created when using ip adresses
like 192.168.000.008. Now all leading zeros are deleted in
firewallgroups and in the firewall itself when using single ip addresses
as source or target.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The function to check for valid hostgroup entries not only
checked the target hostgroup but also the source hostgroup if any.
This lead to the error.
Now the check only affects target hostgroups because it does not matter if a sourcegroup contains mac addresses.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
We added RED to the standard networks and now portforwardings are only
useable from the selected source. If selected "all" the portforwarding
can be used from any internal network. Else the access is only grnated
from the selected source network.
Now:
When using a hostgroup as source there are all corresponding DNAT
interfaces shown in ruletable depending on the entries in the group.
When in DNAT area "-automatic" is selected, the DNAT interfaces are
shown as IP-Addresses, else they are shown as "ORANGE","GREEN","BLUE"...
BUGFIX: When there is a MAC address used in a sourcegroup, the rules could not be set. Now MAC addresses get allways the public interface as DNAT
