I take it there're no rules on this list against sending
patches (and attempt to register at rcs.pfsense.org failed),
so here it goes. Just apply the patch to filter.inc
and edit /cf/conf/config.xml ) by adding something like
<source-address>172.16.20.5</source-address>
in a nat rule and reboot
(or edit saved backup and restore edited version).
--
Tapani Tarvainen
*** filter.inc.ORIG Mon Dec 7 05:12:36 2009
--- filter.inc Fri Dec 18 12:43:28 2009
***************
*** 987,992 ****
--- 987,998 ----
else
$extaddr = get_current_wan_address($rule['interface']);
+ /* Source-NAT support */
+ if ($rule['source-address'])
+ $srcaddr = $rule['source-address'];
+ else
+ $srcaddr = "any";
+
if (!$rule['interface'] || ($rule['interface'] == "wan"))
$natif = $wanif;
else if($rule['interface'] == "pptp")
***************
*** 1053,1061 ****
case "tcp/udp":
if($natif) {
if($rule['external-port'] <> $rule['local-port'])
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}";
else
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from any to {$extaddr} port { {$extport[0]} } -> {$target}";
}
break;
case "udp":
--- 1059,1067 ----
case "tcp/udp":
if($natif) {
if($rule['external-port'] <> $rule['local-port'])
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from {$srcaddr} to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}";
else
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from {$srcaddr} to {$extaddr} port { {$extport[0]} } -> {$target}";
}
break;
case "udp":
***************
*** 1063,1094 ****
if($extport[0])
if($natif) {
if($rule['external-port'] <> $rule['local-port'])
! $natrules .= "rdr on $natif proto {$rule['protocol']} from any to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}";
else
! $natrules .= "rdr on $natif proto {$rule['protocol']} from any to {$extaddr} port { {$extport[0]} } -> {$target}";
}
else
if($natif)
! $natrules .= "rdr on $natif proto {$rule['protocol']} from any to {$extaddr} -> {$target}{$localport}";
break;
default:
! $natrules .= "rdr on $natif proto {$rule['protocol']} from any to {$extaddr} -> {$target}";
break;
}
} else {
switch ($rule['protocol']) {
case "tcp/udp":
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from any to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target}{$localport}:*";
break;
case "udp":
case "tcp":
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from any to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target}{$localport}:*";
break;
default:
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from any to {$extaddr} -> {$target}";
}
}
}
--- 1069,1100 ----
if($extport[0])
if($natif) {
if($rule['external-port'] <> $rule['local-port'])
! $natrules .= "rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} port { {$extport[0]} } -> {$target}{$localport}";
else
! $natrules .= "rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} port { {$extport[0]} } -> {$target}";
}
else
if($natif)
! $natrules .= "rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} -> {$target}{$localport}";
break;
default:
! $natrules .= "rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} -> {$target}";
break;
}
} else {
switch ($rule['protocol']) {
case "tcp/udp":
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto { tcp udp } from {$srcaddr} to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target}{$localport}:*";
break;
case "udp":
case "tcp":
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} port {$extport[0]}:{$extport[1]} -> {$target}{$localport}:*";
break;
default:
if($natif)
! $natrules .= "{$nordr}rdr on $natif proto {$rule['protocol']} from {$srcaddr} to {$extaddr} -> {$target}";
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
