Automatically map the rule target if a manual entered target address is assigned to a network zone.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- html/cgi-bin/firewall.cgi | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+)
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index e50a98179..e168788eb 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -213,6 +213,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule') &General::readhasharray("$configfwdfw", %configfwdfw); &General::readhasharray("$configinput", %configinputfw); &General::readhasharray("$configoutgoing", %configoutgoingfw); + &General::readhash("/var/ipfire/ethernet/settings", %netsettings); my $maxkey; #Set Variables according to the JQuery code in protocol section if ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP') @@ -231,6 +232,38 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule') { $fwdfwsettings{'USESRV'} = 'ON'; } + + # Check if a manual target IP is one of the IPFire's addresses. + if ($fwdfwsettings{'grp2'} eq 'tgt_addr') { + # Grab all available network zones. + my @network_zones = &Network::get_available_network_zones(); + + # Loop through the array of network zones. + foreach my $zone (@network_zones) { + # Skip red network zone. + next if $zone eq "red"; + + # Convert current zone name into upper case. + $zone = uc($zone); + + # Generate key to access the required data from the netsettings hash. + my $key = $zone . "_ADDRESS"; + + # Obtain the configured address for the current zone from the netsettings hash. + my $zone_address = $netsettings{$key}; + + # Check if the given address and the current processed zone address are the same. + if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $zone_address) { + # Map the type and target. + $fwdfwsettings{'grp2'} = 'ipfire'; + $fwdfwsettings{$fwdfwsettings{'grp2'}} = $zone; + + # End loop. + last; + } + } + } + $errormessage=&checksource; if(!$errormessage){&checktarget;} if(!$errormessage){&checkrule;}
Reviewed-by: Michael Tremer michael.tremer@ipfire.org
On 16 Jul 2021, at 18:15, Stefan Schantl stefan.schantl@ipfire.org wrote:
Automatically map the rule target if a manual entered target address is assigned to a network zone.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
html/cgi-bin/firewall.cgi | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+)
diff --git a/html/cgi-bin/firewall.cgi b/html/cgi-bin/firewall.cgi index e50a98179..e168788eb 100644 --- a/html/cgi-bin/firewall.cgi +++ b/html/cgi-bin/firewall.cgi @@ -213,6 +213,7 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule') &General::readhasharray("$configfwdfw", %configfwdfw); &General::readhasharray("$configinput", %configinputfw); &General::readhasharray("$configoutgoing", %configoutgoingfw);
- &General::readhash("/var/ipfire/ethernet/settings", %netsettings); my $maxkey; #Set Variables according to the JQuery code in protocol section if ($fwdfwsettings{'PROT'} eq 'TCP' || $fwdfwsettings{'PROT'} eq 'UDP')
@@ -231,6 +232,38 @@ if ($fwdfwsettings{'ACTION'} eq 'saverule') { $fwdfwsettings{'USESRV'} = 'ON'; }
- # Check if a manual target IP is one of the IPFire's addresses.
- if ($fwdfwsettings{'grp2'} eq 'tgt_addr') {
# Grab all available network zones.my @network_zones = &Network::get_available_network_zones();# Loop through the array of network zones.foreach my $zone (@network_zones) {# Skip red network zone.next if $zone eq "red";# Convert current zone name into upper case.$zone = uc($zone);# Generate key to access the required data from the netsettings hash.my $key = $zone . "_ADDRESS";# Obtain the configured address for the current zone from the netsettings hash.my $zone_address = $netsettings{$key};# Check if the given address and the current processed zone address are the same.if ($fwdfwsettings{$fwdfwsettings{'grp2'}} eq $zone_address) {# Map the type and target.$fwdfwsettings{'grp2'} = 'ipfire';$fwdfwsettings{$fwdfwsettings{'grp2'}} = $zone;# End loop.last;}}- }
- $errormessage=&checksource; if(!$errormessage){&checktarget;} if(!$errormessage){&checkrule;}
-- 2.30.2
-
Michael Tremer -
Stefan Schantl