From mboxrd@z Thu Jan  1 00:00:00 1970
From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated.
 8a7976468d6f6a14edeee5edbc54186d307815ec
Date: Wed, 15 Jan 2014 16:45:53 +0100
Message-ID: <20140115154554.0723620899@argus.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1646618806948188968=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============1646618806948188968==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  8a7976468d6f6a14edeee5edbc54186d307815ec (commit)
       via  5ac5194b89f57d13516fc8e812ea3d4b48e345f3 (commit)
       via  f5f71c79b7168cc90b5b7fb19a7bda47f3b7bfab (commit)
      from  d99f0ff8c620a7fa832354d403cf701120273d40 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 8a7976468d6f6a14edeee5edbc54186d307815ec
Merge: 5ac5194 d99f0ff
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Wed Jan 15 16:45:44 2014 +0100

    Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

commit 5ac5194b89f57d13516fc8e812ea3d4b48e345f3
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Wed Jan 15 16:45:12 2014 +0100

    Update translations.

commit f5f71c79b7168cc90b5b7fb19a7bda47f3b7bfab
Author: Alexander Marx <amarx(a)ipfire.org>
Date:   Wed Jan 15 14:23:02 2014 +0100

    firewall: some layout changes and new plausi checks for dnat

-----------------------------------------------------------------------

Summary of changes:
 doc/language_issues.es    |  2 ++
 doc/language_issues.fr    |  2 ++
 doc/language_issues.nl    |  2 ++
 doc/language_issues.pl    |  2 ++
 doc/language_issues.ru    |  2 ++
 doc/language_issues.tr    |  2 ++
 doc/language_missings     |  8 ++++++++
 html/cgi-bin/firewall.cgi | 30 +++++++++++++++++++-----------
 langs/de/cgi-bin/de.pl    |  4 +++-
 langs/en/cgi-bin/en.pl    |  2 ++
 10 files changed, 44 insertions(+), 12 deletions(-)

Difference in files:
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 83b1d9f..98f1137 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -662,6 +662,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index fd6e72c..a281203 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -674,6 +674,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 99ab6ce..0ec13dc 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -620,6 +620,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 83b1d9f..98f1137 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -662,6 +662,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 39d802d..b4043ad 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -657,6 +657,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 45b129b..978c74f 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -626,6 +626,8 @@ WARNING: untranslated string: fwdfw copy
 WARNING: untranslated string: fwdfw delete
 WARNING: untranslated string: fwdfw dnat
 WARNING: untranslated string: fwdfw dnat error
+WARNING: untranslated string: fwdfw dnat extport
+WARNING: untranslated string: fwdfw dnat nochoice
 WARNING: untranslated string: fwdfw dnat porterr
 WARNING: untranslated string: fwdfw dnat porterr2
 WARNING: untranslated string: fwdfw edit
diff --git a/doc/language_missings b/doc/language_missings
index e37efe0..1324a4e 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -110,6 +110,8 @@
 < fwdfw delete
 < fwdfw dnat
 < fwdfw dnat error
+< fwdfw dnat extport
+< fwdfw dnat nochoice
 < fwdfw dnat porterr
 < fwdfw dnat porterr2
 < fwdfw DROP
@@ -540,6 +542,8 @@
 < fwdfw delete
 < fwdfw dnat
 < fwdfw dnat error
+< fwdfw dnat extport
+< fwdfw dnat nochoice
 < fwdfw dnat porterr
 < fwdfw dnat porterr2
 < fwdfw DROP
@@ -954,6 +958,8 @@
 < fwdfw delete
 < fwdfw dnat
 < fwdfw dnat error
+< fwdfw dnat extport
+< fwdfw dnat nochoice
 < fwdfw dnat porterr
 < fwdfw dnat porterr2
 < fwdfw DROP
@@ -1357,6 +1363,8 @@
 < fwdfw delete
 < fwdfw dnat
 < fwdfw dnat error
+< fwdfw dnat extport
+< fwdfw dnat nochoice
 < fwdfw dnat porterr
 < fwdfw dnat porterr2
 < fwdfw DROP
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi
index 2a9415a..ee13033 100644
--- a/html/cgi-bin/firewall.cgi
+++ b/html/cgi-bin/firewall.cgi
@@ -729,20 +729,32 @@ sub checkrule
 {
 	#check valid port for NAT
 	if($fwdfwsettings{'USE_NAT'} eq 'ON'){
-		#RULE_ACTION must be on if we use NAT
+		#RULE_ACTION must be ACCEPT if we use NAT
 		$fwdfwsettings{'RULE_ACTION'} =3D 'ACCEPT';
=20
+		#if no dnat or snat selected errormessage
+		if ($fwdfwsettings{'nat'} eq ''){
+			$errormessage=3D$Lang::tr{'fwdfw dnat nochoice'};
+			return;
+		}
+
+		#if using snat, the external port has to be empty
+		if ($fwdfwsettings{'nat'} eq 'snat' && $fwdfwsettings{'dnatport'} ne ''){
+			$errormessage=3D$Lang::tr{'fwdfw dnat extport'};
+			return;
+		}
 		#if no dest port is given in nat area, take target host port
 		if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'grp3'} eq 'TGT_PORT'=
 && $fwdfwsettings{'dnatport'} eq ''){$fwdfwsettings{'dnatport'}=3D$fwdfwsett=
ings{'TGT_PORT'};}
 		if($fwdfwsettings{'TGT_PORT'} eq '' && $fwdfwsettings{'dnatport'} ne '' &&=
 ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')){
 			$errormessage=3D$Lang::tr{'fwdfw dnat porterr2'};
+			return;
 		}
 		#check if port given in nat area is a single valid port or portrange
 		if($fwdfwsettings{'nat'} eq 'dnat' && $fwdfwsettings{'TGT_PORT'} ne '' && =
!&check_natport($fwdfwsettings{'dnatport'})){
 			$errormessage=3D$Lang::tr{'fwdfw target'}.": ".$Lang::tr{'fwdfw dnat port=
err'}."<br>";
 		}elsif($fwdfwsettings{'USESRV'} eq 'ON' && $fwdfwsettings{'grp3'} eq 'cust=
_srv'){
 			my $custsrvport;
-			#get servcie Protocol and Port
+			#get service Protocol and Port
 			foreach my $key (sort keys %customservice){
 				if($fwdfwsettings{$fwdfwsettings{'grp3'}} eq $customservice{$key}[0]){
 					if ($customservice{$key}[2] ne 'TCP' && $customservice{$key}[2] ne 'UDP=
'){
@@ -976,7 +988,6 @@ sub error
 		print "<class name=3D'base'>$errormessage\n";
 		print "&nbsp;</class>\n";
 		&Header::closebox();
-		print"<hr>";
 	}
 }
 sub fillselect
@@ -1020,7 +1031,7 @@ sub gen_dd_block
 print<<END;
 		<table width=3D'100%' border=3D'0'>
 		<tr><td width=3D'50%' valign=3D'top'>
-		<table width=3D'100%' border=3D'0'>
+		<table width=3D'95%' border=3D'0'>
 		<tr><td width=3D'1%'><input type=3D'radio' name=3D'$grp' id=3D'std_net_$sr=
ctgt' value=3D'std_net_$srctgt' $checked{$grp}{'std_net_'.$srctgt}></td><td>$=
Lang::tr{'fwhost stdnet'}</td><td align=3D'right'><select name=3D'std_net_$sr=
ctgt' style=3D'width:200px;'>
 END
 	foreach my $network (sort keys %defaultNetworks)
@@ -1066,7 +1077,7 @@ END
 		print"</select></td>";
 	}
 	#End left table. start right table (vpn)
-	print"</tr></table></td><td valign=3D'top'><table width=3D'100%' border=3D'=
0'><tr>";
+	print"</tr></table></td><td valign=3D'top'><table width=3D'95%' border=3D'0=
' align=3D'right'><tr>";
 	# CCD networks
 	if( ! -z $configccdnet || $optionsfw{'SHOWDROPDOWN'} eq 'on'){
 		print"<td width=3D'1%'><input type=3D'radio' name=3D'$grp' id=3D'ovpn_net_=
$srctgt' value=3D'ovpn_net_$srctgt'  $checked{$grp}{'ovpn_net_'.$srctgt}></td=
><td nowrap=3D'nowrap' width=3D'16%'>$Lang::tr{'fwhost ccdnet'}</td><td nowra=
p=3D'nowrap' width=3D'1%' align=3D'right'><select name=3D'ovpn_net_$srctgt' s=
tyle=3D'width:200px;'>";
@@ -1456,7 +1467,6 @@ sub newrule
 	$checked{'TIME_SAT'}{$fwdfwsettings{'TIME_SAT'}} 		=3D 'CHECKED';
 	$checked{'TIME_SUN'}{$fwdfwsettings{'TIME_SUN'}} 		=3D 'CHECKED';
 	$checked{'USE_NAT'}{$fwdfwsettings{'USE_NAT'}} 			=3D 'CHECKED';
-	$checked{'nat'}{$fwdfwsettings{'nat'}} 		=3D 'CHECKED';
 	$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}}		=3D 'selected';
 	$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}}			=3D 'selected';
 	$selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} =3D'selected';
@@ -1516,13 +1526,11 @@ sub newrule
 				$checked{'TIME_SAT'}{$fwdfwsettings{'TIME_SAT'}} 		=3D 'CHECKED';
 				$checked{'TIME_SUN'}{$fwdfwsettings{'TIME_SUN'}} 		=3D 'CHECKED';
 				$checked{'USE_NAT'}{$fwdfwsettings{'USE_NAT'}}	 		=3D 'CHECKED';
-				$checked{'nat'}{$fwdfwsettings{'nat'}}	 				=3D 'CHECKED';
+				$checked{'nat'}{$fwdfwsettings{'nat'}}					=3D 'CHECKED';
 				$selected{'TIME_FROM'}{$fwdfwsettings{'TIME_FROM'}}		=3D 'selected';
 				$selected{'TIME_TO'}{$fwdfwsettings{'TIME_TO'}}			=3D 'selected';
 				$selected{'ipfire'}{$fwdfwsettings{$fwdfwsettings{'grp2'}}} =3D'selected=
';
 				$selected{'ipfire_src'}{$fwdfwsettings{$fwdfwsettings{'grp1'}}} =3D'sele=
cted';
-				$selected{'dnat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} =3D'selected';
-				$selected{'snat'}{$fwdfwsettings{$fwdfwsettings{'nat'}}} =3D'selected';
 			}
 		}
 		$fwdfwsettings{'oldgrp1a'}=3D$fwdfwsettings{'grp1'};
@@ -1544,7 +1552,9 @@ sub newrule
 		}
 	}else{
 		$fwdfwsettings{'ACTIVE'}=3D'ON';
+		$fwdfwsettings{'nat'} =3D 'dnat';
 		$checked{'ACTIVE'}{$fwdfwsettings{'ACTIVE'}} =3D 'CHECKED';
+		$checked{'nat'}{$fwdfwsettings{'nat'}} =3D 'CHECKED';
 		$fwdfwsettings{'oldgrp1a'}=3D$fwdfwsettings{'grp1'};
 		$fwdfwsettings{'oldgrp1b'}=3D$fwdfwsettings{$fwdfwsettings{'grp1'}};
 		$fwdfwsettings{'oldgrp2a'}=3D$fwdfwsettings{'grp2'};
@@ -1851,7 +1861,6 @@ END
 		&Header::closebox;
 		$checked{"RULE_ACTION"}{$fwdfwsettings{'RULE_ACTION'}}	=3D 'CHECKED';
 		print <<END;
-			<br>
 			<center>
 				<table width=3D"80%" class=3D'tbl' id=3D'actions'>
 					<tr>
@@ -2028,7 +2037,6 @@ END
 			<input type=3D'hidden' name=3D'oldorange' value=3D'$fwdfwsettings{'oldora=
nge'}' />
 			<input type=3D'hidden' name=3D'oldnat' value=3D'$fwdfwsettings{'oldnat'}'=
 />
 			<input type=3D'hidden' name=3D'oldruletype' value=3D'$fwdfwsettings{'oldr=
uletype'}' />
-			<input type=3D'hidden' name=3D'nat' value=3D'$fwdfwsettings{'nat'}' />
 			<input type=3D'hidden' name=3D'ACTION' value=3D'saverule' ></form><form m=
ethod=3D'post' style=3D'display:inline'><input type=3D'submit' value=3D'$Lang=
::tr{'fwhost back'}' style=3D'min-width:100px;'><input type=3D'hidden' name=
=3D'ACTION' value'reset'></td></td>
 			</table></form>
 END
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 9a5feb0..c93234b 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -933,7 +933,9 @@
 'fwdfw delete' =3D> 'L=C3=B6schen',
 'fwdfw dnat' =3D> 'Destination-NAT (Port-Weiterleitung)',
 'fwdfw dnat error' =3D> 'F=C3=BCr Destination-NAT muss ein einzelner Host al=
s Ziel ausgew=C3=A4hlt werden. Gruppen oder Netzwerke sind nicht erlaubt',
-'fwdfw dnat porterr' =3D> 'F=C3=BCr NAT-Regeln muss ein einzelner Port oder =
Portbereich angegeben werden',
+'fwdfw dnat extport' =3D> 'Bei Source-NAT-Regeln darf der externe Port nicht=
 gesetzt sein.',
+'fwdfw dnat nochoice' =3D> 'Bitte w=C3=A4hlen Sie Source-NAT oder Destinatio=
n-NAT im NAT-Bereich aus.',
+'fwdfw dnat porterr' =3D> 'F=C3=BCr NAT-Regeln muss ein einzelner Port oder =
Portbereich angegeben werden.',
 'fwdfw dnat porterr2' =3D> 'Externer Port (NAT) darf nur angegeben werden, w=
enn ein Ziel-Port definiert ist.',
 'fwdfw edit' =3D> 'Bearbeiten',
 'fwdfw err nosrc' =3D> 'Keine Quelle ausgew=C3=A4hlt',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index f68ec4c..67b5dd5 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -959,6 +959,8 @@
 'fwdfw delete' =3D> 'Delete',
 'fwdfw dnat' =3D> 'Destination NAT (Port forwarding)',
 'fwdfw dnat error' =3D> 'You have to select a single host for DNAT. Groups o=
r networks are not allowed.',
+'fwdfw dnat extport' =3D> 'The external port has to be empty when using Sour=
ce NAT rules.',
+'fwdfw dnat nochoice' =3D> 'Please pick Source NAT or Destination NAT from t=
he NAT section.',
 'fwdfw dnat porterr' =3D> 'You have to select a single port or portrange (tc=
p/udp) for NAT',
 'fwdfw dnat porterr2' =3D> 'Cannot use external port (NAT) when no destinati=
on port is defined.',
 'fwdfw edit' =3D> 'Edit',


hooks/post-receive
--
IPFire 2.x development tree

--===============1646618806948188968==--