This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 8a7976468d6f6a14edeee5edbc54186d307815ec (commit) via 5ac5194b89f57d13516fc8e812ea3d4b48e345f3 (commit) via f5f71c79b7168cc90b5b7fb19a7bda47f3b7bfab (commit) from d99f0ff8c620a7fa832354d403cf701120273d40 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 8a7976468d6f6a14edeee5edbc54186d307815ec Merge: 5ac5194 d99f0ff Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 15 16:45:44 2014 +0100
Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next
commit 5ac5194b89f57d13516fc8e812ea3d4b48e345f3 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jan 15 16:45:12 2014 +0100
Update translations.
commit f5f71c79b7168cc90b5b7fb19a7bda47f3b7bfab Author: Alexander Marx amarx@ipfire.org Date: Wed Jan 15 14:23:02 2014 +0100
firewall: some layout changes and new plausi checks for dnat
-----------------------------------------------------------------------
Summary of changes: doc/language_issues.es | 2 ++ doc/language_issues.fr | 2 ++ doc/language_issues.nl | 2 ++ doc/language_issues.pl | 2 ++ doc/language_issues.ru | 2 ++ doc/language_issues.tr | 2 ++ doc/language_missings | 8 ++++++++ html/cgi-bin/firewall.cgi | 30 +++++++++++++++++++----------- langs/de/cgi-bin/de.pl | 4 +++- langs/en/cgi-bin/en.pl | 2 ++ 10 files changed, 44 insertions(+), 12 deletions(-)
Difference in files: diff --git a/doc/language_issues.es b/doc/language_issues.es index 83b1d9f..98f1137 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -662,6 +662,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_issues.fr b/doc/language_issues.fr index fd6e72c..a281203 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -674,6 +674,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 99ab6ce..0ec13dc 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -620,6 +620,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 83b1d9f..98f1137 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -662,6 +662,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 39d802d..b4043ad 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -657,6 +657,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 45b129b..978c74f 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -626,6 +626,8 @@ WARNING: untranslated string: fwdfw copy WARNING: untranslated string: fwdfw delete WARNING: untranslated string: fwdfw dnat WARNING: untranslated string: fwdfw dnat error +WARNING: untranslated string: fwdfw dnat extport +WARNING: untranslated string: fwdfw dnat nochoice WARNING: untranslated string: fwdfw dnat porterr WARNING: untranslated string: fwdfw dnat porterr2 WARNING: untranslated string: fwdfw edit diff --git a/doc/language_missings b/doc/language_missings index e37efe0..1324a4e 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -110,6 +110,8 @@ < fwdfw delete < fwdfw dnat < fwdfw dnat error +< fwdfw dnat extport +< fwdfw dnat nochoice < fwdfw dnat porterr < fwdfw dnat porterr2 < fwdfw DROP @@ -540,6 +542,8 @@ < fwdfw delete < fwdfw dnat < fwdfw dnat error +< fwdfw dnat extport +< fwdfw dnat nochoice < fwdfw dnat porterr < fwdfw dnat porterr2 < fwdfw DROP @@ -954,6 +958,8 @@ < fwdfw delete < fwdfw dnat < fwdfw dnat error +< fwdfw dnat extport +< fwdfw dnat nochoice < fwdfw dnat porterr < fwdfw dnat porterr2 < fwdfw DROP @@ -1357,6 +1363,8 @@ < fwdfw delete < fwdfw dnat < fwdfw dnat error +< fwdfw dnat extport +< fwdfw dnat nochoice < fwdfw dnat porterr < fwdfw dnat porterr2 < fwdfw DROP diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index 2a9415a..ee13033 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -729,20 +729,32 @@ sub checkrule { #check valid port for NAT if($fwdfwsettings{'USE_NAT'} eq 'ON'){ - #RULE_ACTION must be on if we use NAT + #RULE_ACTION must be ACCEPT if we use NAT $fwdfwsettings{'RULE_ACTION'} = 'ACCEPT';
+ #if no dnat or snat selected errormessage + if ($fwdfwsettings{'nat'} eq ''){ + $errormessage=$Lang::tr{'fwdfw dnat nochoice'}; + return; + } + + #if using snat, the external port has to be empty + if ($fwdfwsettings{'nat'} eq 'snat' && $fwdfwsettings{'dnatport'} ne ''){ + $errormessage=$Lang::tr{'fwdfw dnat extport'}; + return; + } #if no dest port is given in nat area, take target host port if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'grp3'} eq 'TGT_PORT' && $fwdfwsettings{'dnatport'} eq ''){$fwdfwsettings{'dnatport'}=$fwdfwsettings{'TGT_PORT'};} if($fwdfwsettings{'TGT_PORT'} eq '' && $fwdfwsettings{'dnatport'} ne '' && ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')){ $errormessage=$Lang::tr{'fwdfw dnat porterr2'}; + return; } #check if port given in nat area is a single valid port or portrange if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'TGT_PORT'} ne '' && !&check_natport($fwdfwsettings{'dnatport'})){ $errormessage=$Lang::tr{'fwdfw target'}.": ".$Lang::tr{'fwdfw dnat porterr'}."<br>"; }elsif($fwdfwsettings{'USESRV'} eq 'ON' && $fwdfwsettings{'grp3'} eq 'cust_srv'){ my $custsrvport; - #get servcie Protocol and Port + #get service Protocol and Port foreach my $key (sort keys %customservice){ if($fwdfwsettings{$fwdfwsettings{'grp3'}} eq $customservice{$key}[0]){ if ($customservice{$key}[2] ne 'TCP' && $customservice{$key}[2] ne 'UDP'){ @@ -976,7 +988,6 @@ sub error print "<class name='base'>$errormessage\n"; print " </class>\n"; &Header::closebox(); - print"<hr>"; } } sub fillselect @@ -1020,7 +1031,7 @@ sub gen_dd_block print<<END; <table width='100%' border='0'> <tr><td width='50%' valign='top'> - <table width='100%' border='0'> + <table width='95%' border='0'> <tr><td width='1%'><input type='radio' name='$grp' id='std_net_$srctgt' value='std_net_$srctgt' $checked{$grp}{'std_net_'.$srctgt}></td><td>$Lang::tr{'fwhost stdnet'}</td><td align='right'><select name='std_net_$srctgt' style='width:200px;'> END foreach my $network (sort keys %defaultNetworks) @@ -1066,7 +1077,7 @@ END print"</select></td>"; } #End left table. start right table (vpn) - print"</tr></table></td><td valign='top'><table width='100%' border='0'><tr>"; + print"</tr></table></td><td valign='top'><table width='95%' border='0' align='right'><tr>"; # CCD networks if( ! -z $configccdnet || $optionsfw{'SHOWDROPDOWN'} eq 'on'){ print"<td width='1%'><input type='radio' name='$grp' id='ovpn_net_$srctgt' value='ovpn_net_$srctgt' $checked{$grp}{'ovpn_net_'.$srctgt}></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost ccdnet'}</td><td nowrap='nowrap' width='1%' align='right'><select name='ovpn_net_$srctgt' style='width:200px;'>"; @@ -1456,7 +1467,6 @@ sub newrule $checked{'TIME_SAT'}{$fwdfwsettings{'TIME_SAT'}} = 'CHECKED'; $checked{'TIME_SUN'}{$fwdfwsettings{'TIME_SUN'}} = 'CHECKED'; $checked{'USE_NAT'}{$fwdfwsettings{'USE_NAT'}} = 'CHECKED'; - $checked{'nat'}{$fwdfwsettings{'nat'}} = 'CHECKED'; $selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected'; $selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected'; $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected'; @@ -1516,13 +1526,11 @@ sub newrule $checked{'TIME_SAT'}{$fwdfwsettings{'TIME_SAT'}} = 'CHECKED'; $checked{'TIME_SUN'}{$fwdfwsettings{'TIME_SUN'}} = 'CHECKED'; $checked{'USE_NAT'}{$fwdfwsettings{'USE_NAT'}} = 'CHECKED'; - $checked{'nat'}{$fwdfwsettings{'nat'}} = 'CHECKED'; + $checked{'nat'}{$fwdfwsettings{'nat'}} = 'CHECKED'; $selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}} = 'selected'; $selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}} = 'selected'; $selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} ='selected'; $selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} ='selected'; - $selected{'dnat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} ='selected'; - $selected{'snat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} ='selected'; } } $fwdfwsettings{'oldgrp1a'}=$fwdfwsettings{'grp1'}; @@ -1544,7 +1552,9 @@ sub newrule } }else{ $fwdfwsettings{'ACTIVE'}='ON'; + $fwdfwsettings{'nat'} = 'dnat'; $checked{'ACTIVE'}{$fwdfwsettings{'ACTIVE'}} = 'CHECKED'; + $checked{'nat'}{$fwdfwsettings{'nat'}} = 'CHECKED'; $fwdfwsettings{'oldgrp1a'}=$fwdfwsettings{'grp1'}; $fwdfwsettings{'oldgrp1b'}=$fwdfwsettings{$fwdfwsettings{'grp1'}}; $fwdfwsettings{'oldgrp2a'}=$fwdfwsettings{'grp2'}; @@ -1851,7 +1861,6 @@ END &Header::closebox; $checked{"RULE_ACTION"}{$fwdfwsettings{'RULE_ACTION'}} = 'CHECKED'; print <<END; - <br> <center> <table width="80%" class='tbl' id='actions'> <tr> @@ -2028,7 +2037,6 @@ END <input type='hidden' name='oldorange' value='$fwdfwsettings{'oldorange'}' /> <input type='hidden' name='oldnat' value='$fwdfwsettings{'oldnat'}' /> <input type='hidden' name='oldruletype' value='$fwdfwsettings{'oldruletype'}' /> - <input type='hidden' name='nat' value='$fwdfwsettings{'nat'}' /> <input type='hidden' name='ACTION' value='saverule' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value'reset'></td></td> </table></form> END diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 9a5feb0..c93234b 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -933,7 +933,9 @@ 'fwdfw delete' => 'Löschen', 'fwdfw dnat' => 'Destination-NAT (Port-Weiterleitung)', 'fwdfw dnat error' => 'Für Destination-NAT muss ein einzelner Host als Ziel ausgewählt werden. Gruppen oder Netzwerke sind nicht erlaubt', -'fwdfw dnat porterr' => 'Für NAT-Regeln muss ein einzelner Port oder Portbereich angegeben werden', +'fwdfw dnat extport' => 'Bei Source-NAT-Regeln darf der externe Port nicht gesetzt sein.', +'fwdfw dnat nochoice' => 'Bitte wählen Sie Source-NAT oder Destination-NAT im NAT-Bereich aus.', +'fwdfw dnat porterr' => 'Für NAT-Regeln muss ein einzelner Port oder Portbereich angegeben werden.', 'fwdfw dnat porterr2' => 'Externer Port (NAT) darf nur angegeben werden, wenn ein Ziel-Port definiert ist.', 'fwdfw edit' => 'Bearbeiten', 'fwdfw err nosrc' => 'Keine Quelle ausgewählt', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index f68ec4c..67b5dd5 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -959,6 +959,8 @@ 'fwdfw delete' => 'Delete', 'fwdfw dnat' => 'Destination NAT (Port forwarding)', 'fwdfw dnat error' => 'You have to select a single host for DNAT. Groups or networks are not allowed.', +'fwdfw dnat extport' => 'The external port has to be empty when using Source NAT rules.', +'fwdfw dnat nochoice' => 'Please pick Source NAT or Destination NAT from the NAT section.', 'fwdfw dnat porterr' => 'You have to select a single port or portrange (tcp/udp) for NAT', 'fwdfw dnat porterr2' => 'Cannot use external port (NAT) when no destination port is defined.', 'fwdfw edit' => 'Edit',
hooks/post-receive -- IPFire 2.x development tree