<?php # Copyright(C) 2004-2007 INL # Written by Eric Leblond <regit@inl.fr> # Vincent Deffontaines <gryzor@inl.fr> # Jean Gillaux <jean@inl.fr> # Damien Boucard <damien.boucard AT inl.fr> # # $Id: nat.class.php 17927 2009-02-16 13:16:09Z haypo $ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see <http://www.gnu.org/licenses/>. $NAT_TYPES = Array("SNAT", "DNAT", "PNAT"); class nat { var $name; var $srcnet; var $dstnet; var $proto; var $ID; var $sport; var $dport; var $rand_sport; var $icmptype; var $rewritetoaddr; var $rewritetoport; function nat($nat_type, $ress,$type='xml',$id=0){ $this->nat_type = $nat_type; if ($type != 'xml') { $this->ID=$id; $this->name = $ress['name']; $this->proto = array_get($ress, 'proto'); $this->comment = array_get($ress, 'comment', ''); $this->modified = array_get($ress, 'modified', modifiedTimestamp()); $this->icmptype = array_get($ress, 'icmptype'); $address = array_get($ress, 'srcnet'); if ($address) $this->srcnet = $address; $address = array_get($ress, 'dstnet'); if ($address) $this->dstnet = $address; $port = array_get($ress, 'sport'); if ($port) $this->sport = $port; $port = array_get($ress, 'rand_sport'); if ($port) $this->rand_sport=$port; $port = array_get($ress, 'dport'); if ($port) $this->dport = $port; $address = array_get($ress,'rewritetoaddr'); if ($address) $this->rewritetoaddr = $address; $port = array_get($ress, 'rewritetoport'); if ($port) $this->rewritetoport = $port; }else{ $this->name=$ress->get_attribute('name'); if (($ress->get_attribute('srcnet')) and ($ress->get_attribute('srcnet')!='')) $this->srcnet=$ress->get_attribute('srcnet'); if (($ress->get_attribute('dstnet')) and ($ress->get_attribute('dstnet')!='')) $this->dstnet=$ress->get_attribute('dstnet'); if (($ress->get_attribute('proto')) and ($ress->get_attribute('proto')!='')) $this->proto=$ress->get_attribute('proto'); if (($ress->get_attribute('sport')) and ($ress->get_attribute('sport')!='')) $this->sport=$ress->get_attribute('sport'); if (($ress->get_attribute('rand_sport')) and ($ress->get_attribute('rand_sport')!='')) $this->rand_sport=$ress->get_attribute('rand_sport'); if (($ress->get_attribute('dport')) and ($ress->get_attribute('dport')!='')) $this->dport=$ress->get_attribute('dport'); if (($ress->get_attribute('icmptype')) and ($ress->get_attribute('icmptype')!='')) $this->icmptype=$ress->get_attribute('icmptype'); $this->ID=$ress->get_attribute('ID'); if (($ress->get_attribute('rewritetoaddr')) and ($ress->get_attribute('rewritetoaddr')!='')) $this->rewritetoaddr=$ress->get_attribute('rewritetoaddr'); if (($ress->get_attribute('rewritetoport')) and ($ress->get_attribute('rewritetoport')!='')) $this->rewritetoport=$ress->get_attribute('rewritetoport'); $this->modified=$ress->get_attribute('modified'); if (!$this->modified) { $this->modified = modifiedTimestamp(); } $this->comment=$ress->get_attribute('comment'); } $errmsg = $this->check_consistency(); if ($errmsg) { $errmsg = sprintf(_('%s consistency error: %s!'), $this->str(), $errmsg); throw new Exception($errmsg); } } function str() { return sprintf('%s rule #%s', $this->nat_type, $this->ID); } function check_consistency() { global $NAT_TYPES; if (!$this->ID) { return _("Invalid identifier"); } if (!in_array($this->nat_type, $NAT_TYPES)) { return sprintf(_('Invalid NAT type: %s'), $this->nat_type); } if ($this->nat_type == 'SNAT') { if (!$this->srcnet) { return _('The source network is missing'); } } if (in_array($this->nat_type, Array('DNAT', 'PNAT'))) { if (!$this->dstnet) { return _('The destination network is missing'); } } if (in_array($this->nat_type, Array('SNAT', 'DNAT'))) { if (!$this->rewritetoaddr) { return _('The rewrite destination address is missing'); } } return ''; } function del_elt($index){ unset ($this); } function xmldump($xml,$node){ global $netfilter_snat_supports_sport_randomization; $node->set_attribute('name',$this->name); if ($this->srcnet!='') $node->set_attribute('srcnet',$this->srcnet); if ($this->dstnet!='') $node->set_attribute('dstnet',$this->dstnet); if ($this->proto!='') $node->set_attribute('proto',$this->proto); if ($this->sport!='') $node->set_attribute('sport',$this->sport); if ($netfilter_snat_supports_sport_randomization) { if ($this->rand_sport!='') $node->set_attribute('rand_sport',$this->rand_sport); } if ($this->dport!='') $node->set_attribute('dport',$this->dport); if ($this->icmptype!='') $node->set_attribute('icmptype',$this->icmptype); if ($this->rewritetoaddr!='') $node->set_attribute('rewritetoaddr',$this->rewritetoaddr); if ($this->rewritetoport!='') $node->set_attribute('rewritetoport',$this->rewritetoport); $node->set_attribute('ID',$this->ID); $node->set_attribute('comment',$this->comment); $node->set_attribute('modified',$this->modified); } function new_id(){ return($this->get_max_id()+1); } function get_id(){ return($this->ID); } function cloneobj(){ $t=array(); $t['name']=$this->name; $t['proto']=$this->proto; $t['srcnet']=$this->srcnet; $t['dstnet']=$this->dstnet; $t['sport']=$this->sport; $t['rand_sport']=$this->rand_sport; $t['dport']=$this->dport; $t['icmptype']=$this->icmptype; $t['ID']=$this->ID; $t['rewritetoaddr']=$this->rewritetoaddr; $t['rewritetoport']=$this->rewritetoport; $t['comment']=$this->comment; $t['modified']=$this->modified; return new nat($this->nat_type, $t, $type='toto', $id=$t['ID']); } } ?>