From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject:
 [PATCH] firewall.cgi: Map rule if manual target address belongs to IPFire
Date: Fri, 16 Jul 2021 19:15:28 +0200
Message-ID: <20210716171528.2652-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0664015843767398021=="
List-Id: <development.lists.ipfire.org>

--===============0664015843767398021==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Automatically map the rule target if a manual entered target address is
assigned to a network zone.

Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
 html/cgi-bin/firewall.cgi | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
index e50a98179..e168788eb 100644
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -213,6 +213,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
 	&General::readhasharray("$configfwdfw", \%configfwdfw);
 	&General::readhasharray("$configinput", \%configinputfw);
 	&General::readhasharray("$configoutgoing", \%configoutgoingfw);
+	&General::readhash("/var/ipfire/ethernet/settings", \%netsettings);
 	my $maxkey;
 	#Set Variables according to the JQuery code in protocol section
 	if ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')
@@ -231,6 +232,38 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule')
 	{
 		$fwdfwsettings{'USESRV'} =3D 'ON';
 	}
+
+	# Check if a manual target IP is one of the IPFire's addresses.
+	if ($fwdfwsettings{'grp2'} eq 'tgt_addr') {
+		# Grab all available network zones.
+		my @network_zones =3D &Network::get_available_network_zones();
+
+		# Loop through the array of network zones.
+		foreach my $zone (@network_zones) {
+			# Skip red network zone.
+			next if $zone eq "red";
+
+			# Convert current zone name into upper case.
+			$zone =3D uc($zone);
+
+			# Generate key to access the required data from the netsettings hash.
+			my $key =3D $zone . "_ADDRESS";
+
+			# Obtain the configured address for the current zone from the netsettings=
 hash.
+			my $zone_address =3D $netsettings{$key};
+
+			# Check if the given address and the current processed zone address are t=
he same.
+			if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $zone_address) {
+				# Map the type and target.
+				$fwdfwsettings{'grp2'} =3D 'ipfire';
+				$fwdfwsettings{$fwdfwsettings{'grp2'}} =3D $zone;
+
+				# End loop.
+				last;
+			}
+		}
+	}
+
 	$errormessage=3D&checksource;
 	if(!$errormessage){&checktarget;}
 	if(!$errormessage){&checkrule;}
--=20
2.30.2


--===============0664015843767398021==--