/usr/local/www/firewall_rules.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_rules.php @ 16f556c5

1	b2ffe419	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	37e2071c	Scott Ullrich	firewall_rules.php
5	e4cabb75	Scott Ullrich	part of pfSense (http://www.pfsense.com)
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	b2ffe419	Scott Ullrich
8	e4cabb75	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10	37e2071c	Scott Ullrich	All rights reserved.
11	b2ffe419	Scott Ullrich
12	37e2071c	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	b2ffe419	Scott Ullrich
15	37e2071c	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	b2ffe419	Scott Ullrich
18	37e2071c	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	b2ffe419	Scott Ullrich
22	37e2071c	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33
34	37e2071c	Scott Ullrich	$pgtitle = array("Firewall", "Rules");
35	5b237745	Scott Ullrich	require("guiconfig.inc");
36
37			if (!is_array($config['filter']['rule'])) {
38			$config['filter']['rule'] = array();
39			}
40			filter_rules_sort();
41			$a_filter = &$config['filter']['rule'];
42
43	07bd3f83	Scott Ullrich	$if = $_GET['if'];
44			if ($_POST['if'])
45			$if = $_POST['if'];
46	b2ffe419	Scott Ullrich
47	343d3464	Scott Dale	$iflist = array("lan" => "LAN", "wan" => "WAN");
48	07bd3f83	Scott Ullrich
49			if ($config['pptpd']['mode'] == "server")
50			$iflist['pptp'] = "PPTP VPN";
51	50e0d2a1	Scott Ullrich
52	0e1e0183	Scott Ullrich	if ($config['pppoe']['mode'] == "server")
53	0c554ff6	Scott Ullrich	$iflist['pppoe'] = "PPPoE VPN";
54
55	00eabb46	Scott Ullrich	/* add ipsec filter gif interfaces */
56	14cbafe8	Bill Marquette	if (is_array($config['ipsec']['tunnel']) && isset($config['ipsec']['enable'])) {
57			$a_ipsec = &$config['ipsec']['tunnel'];
58			if(is_array($a_ipsec)) {
59	343d3464	Scott Dale	$iflist["enc0"] = "IPsec";
60	14cbafe8	Bill Marquette	$i = 0; foreach ($a_ipsec as $ipsecent) {
61			if(isset($ipsecent['creategif'])) {
62			$iflist["gif{$i}"] = "{$ipsecent['descr']}";
63			$i++;
64			}
65	bdf7aa59	Scott Ullrich	}
66	00eabb46	Scott Ullrich	}
67			}
68
69	07bd3f83	Scott Ullrich	for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
70			$iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
71			}
72
73			if (!$if \|\| !isset($iflist[$if]))
74	37e2071c	Scott Ullrich	$if = "wan";
75	07bd3f83	Scott Ullrich
76	5b237745	Scott Ullrich	if ($_POST) {
77
78			$pconfig = $_POST;
79
80			if ($_POST['apply']) {
81	37e2071c	Scott Ullrich	$retval = 0;
82	9a7e416c	Scott Ullrich	config_lock();
83			$retval = filter_configure();
84			config_unlock();
85
86	a985eac2	Scott Ullrich	if (file_exists($d_filterconfdirty_path))
87			unlink($d_filterconfdirty_path);
88
89	4739bd06	Scott Ullrich	$savemsg = "The settings have been applied. The firewall rules are now reloading in the background. You can also <a href='status_filter_reload.php'>monitor</a> the reload progress.";
90	5b237745	Scott Ullrich	}
91			}
92
93	d97c50cd	Bill Marquette	if ($_GET['act'] == "del") {
94			if ($a_filter[$_GET['id']]) {
95			unset($a_filter[$_GET['id']]);
96			write_config();
97			touch($d_filterconfdirty_path);
98			header("Location: firewall_rules.php?if={$if}");
99			exit;
100			}
101			}
102
103	07bd3f83	Scott Ullrich	if (isset($_POST['del_x'])) {
104			/* delete selected rules */
105			if (is_array($_POST['rule']) && count($_POST['rule'])) {
106			foreach ($_POST['rule'] as $rulei) {
107			unset($a_filter[$rulei]);
108			}
109	5b237745	Scott Ullrich	write_config();
110			touch($d_filterconfdirty_path);
111	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
112	5b237745	Scott Ullrich	exit;
113			}
114	07bd3f83	Scott Ullrich	} else if ($_GET['act'] == "toggle") {
115			if ($a_filter[$_GET['id']]) {
116	f53b85a3	Scott Ullrich	if(isset($a_filter[$_GET['id']]['disabled']))
117	734edbdf	Bill Marquette	unset($a_filter[$_GET['id']]['disabled']);
118			else
119			$a_filter[$_GET['id']]['disabled'] = true;
120	5b237745	Scott Ullrich	write_config();
121			touch($d_filterconfdirty_path);
122	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
123	5b237745	Scott Ullrich	exit;
124			}
125	07bd3f83	Scott Ullrich	} else {
126	b2ffe419	Scott Ullrich	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
127	37e2071c	Scott Ullrich	so we use .x/.y to fine move button clicks instead... */
128	07bd3f83	Scott Ullrich	unset($movebtn);
129			foreach ($_POST as $pn => $pd) {
130			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
131			$movebtn = $matches[1];
132			break;
133			}
134	5b237745	Scott Ullrich	}
135	07bd3f83	Scott Ullrich	/* move selected rules before this rule */
136			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
137			$a_filter_new = array();
138	b2ffe419	Scott Ullrich
139	07bd3f83	Scott Ullrich	/* copy all rules < $movebtn and not selected */
140			for ($i = 0; $i < $movebtn; $i++) {
141			if (!in_array($i, $_POST['rule']))
142			$a_filter_new[] = $a_filter[$i];
143			}
144	b2ffe419	Scott Ullrich
145	07bd3f83	Scott Ullrich	/* copy all selected rules */
146			for ($i = 0; $i < count($a_filter); $i++) {
147			if ($i == $movebtn)
148			continue;
149			if (in_array($i, $_POST['rule']))
150			$a_filter_new[] = $a_filter[$i];
151			}
152	b2ffe419	Scott Ullrich
153	07bd3f83	Scott Ullrich	/* copy $movebtn rule */
154			if ($movebtn < count($a_filter))
155			$a_filter_new[] = $a_filter[$movebtn];
156	b2ffe419	Scott Ullrich
157	07bd3f83	Scott Ullrich	/* copy all rules > $movebtn and not selected */
158			for ($i = $movebtn+1; $i < count($a_filter); $i++) {
159			if (!in_array($i, $_POST['rule']))
160			$a_filter_new[] = $a_filter[$i];
161			}
162	b2ffe419	Scott Ullrich
163	07bd3f83	Scott Ullrich	$a_filter = $a_filter_new;
164	5b237745	Scott Ullrich	write_config();
165			touch($d_filterconfdirty_path);
166	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
167	5b237745	Scott Ullrich	exit;
168			}
169			}
170	3a54b6ca	Scott Dale	$closehead = false;
171	5b237745	Scott Ullrich
172	9a25487b	Scott Ullrich	$pgtitle = "Firewall: Rules";
173			include("head.inc");
174
175	3a54b6ca	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
176			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
177			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
178			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
179	5b237745	Scott Ullrich	?>
180	3a54b6ca	Scott Dale	</head>
181
182	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
183			<?php include("fbegin.inc"); ?>
184	da7ae7ef	Bill Marquette	<p class="pgtitle"><?=$pgtitle?></p>
185	5b237745	Scott Ullrich	<form action="firewall_rules.php" method="post">
186	6a8d35ca	Bill Marquette	<script type="text/javascript" language="javascript" src="row_toggle.js">
187	fa65a62b	Scott Ullrich	</script>
188	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
189			<?php if (file_exists($d_filterconfdirty_path)): ?><p>
190			<?php print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
191			<?php endif; ?>
192	3a54b6ca	Scott Dale	<?php
193			$aliases_array = array();
194			if($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias']))
195			{
196			foreach($config['aliases']['alias'] as $alias_name)
197			{
198			$alias_addresses = explode (" ", $alias_name['address']);
199			$alias_details = explode ("\|\|", $alias_name['detail']);
200			$alias_objects_with_details = "";
201			$counter = 0;
202			foreach($alias_addresses as $alias_ports_address)
203			{
204			$alias_objects_with_details .= $alias_addresses[$counter];
205			$alias_detail_default = strpos ($alias_details[$counter],"Entry added");
206			if ($alias_details[$counter] != "" && $alias_detail_default === False){
207			$alias_objects_with_details .=" - " . $alias_details[$counter];
208			}
209			$alias_objects_with_details .= "<br>";
210			$counter++;
211			}
212			$aliases_array[] = array($alias_name['name'], $alias_name['descr'], $alias_objects_with_details);
213			}
214			}
215			?>
216	07bd3f83	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
217	37e2071c	Scott Ullrich	<tr><td class="tabnavtbl">
218	0366b748	Scott Ullrich	<?php
219			/* active tabs */
220			$tab_array = array();
221			$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
222			if ($ifent == $if)
223			$active = true;
224			else
225			$active = false;
226			$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
227			}
228			display_top_tabs($tab_array);
229			?>
230	07bd3f83	Scott Ullrich	</td></tr>
231	b2ffe419	Scott Ullrich	<tr>
232	d732f186	Bill Marquette	<td>
233			<div id="mainarea">
234			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
235	fa65a62b	Scott Ullrich	<tr id="frheader">
236	37e2071c	Scott Ullrich	<td width="3%" class="list"> </td>
237	5b237745	Scott Ullrich	<td width="5%" class="list"> </td>
238			<td width="10%" class="listhdrr">Proto</td>
239			<td width="15%" class="listhdrr">Source</td>
240			<td width="10%" class="listhdrr">Port</td>
241			<td width="15%" class="listhdrr">Destination</td>
242			<td width="10%" class="listhdrr">Port</td>
243	7738faa8	Scott Ullrich	<td width="5%" class="listhdrr">Gateway</td>
244			<td width="5%" class="listhdrr">Schedule</td>
245	37e2071c	Scott Ullrich	<td width="22%" class="listhdr">Description</td>
246	d415d821	Seth Mos	<td width="10%" class="list">
247			<table border="0" cellspacing="0" cellpadding="1">
248			<tr>
249			<?php
250			$nrules = 0;
251			for ($i = 0; isset($a_filter[$i]); $i++) {
252			$filterent = $a_filter[$i];
253			if ($filterent['interface'] != $if)
254			continue;
255			$nrules++;
256			}
257			?>
258			<td>
259			<?php if ($nrules == 0): ?>
260			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
261			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
262			</td>
263			<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=$if;?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
264			</tr>
265			</table>
266			</td>
267			</tr>
268	d9eeccbd	Scott Ullrich	<?php if (($if == "wan") && isset($config['interfaces']['wan']['blockpriv'])): ?>
269			<tr valign="top" id="frrfc1918">
270	f77830b3	Scott Ullrich	<td width="3%" class="list"> </td>
271			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
272	d9eeccbd	Scott Ullrich	<td class="listlr" style="background-color: #e0e0e0">*</td>
273			<td class="listr" style="background-color: #e0e0e0">RFC 1918 networks</td>
274			<td class="listr" style="background-color: #e0e0e0">*</td>
275			<td class="listr" style="background-color: #e0e0e0">*</td>
276			<td class="listr" style="background-color: #e0e0e0">*</td>
277	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
278	d415d821	Seth Mos	<td class="listr" style="background-color: #e0e0e0">*</td>
279	f77830b3	Scott Ullrich	<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
280	d9eeccbd	Scott Ullrich	<td valign="middle" nowrap class="list">
281			<table border="0" cellspacing="0" cellpadding="1">
282			<tr>
283			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
284			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
285			</tr>
286			<tr>
287			<td align="center" valign="middle"></td>
288	83b81db7	Scott Ullrich	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
289	d9eeccbd	Scott Ullrich	</tr>
290			</table>
291			</td>
292			</tr>
293	c20c0f5a	Scott Ullrich	<?php endif; ?>
294			<?php if (($if == "wan") && isset($config['interfaces']['wan']['blockbogons'])): ?>
295			<tr valign="top" id="frrfc1918">
296			<td width="3%" class="list"> </td>
297			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
298			<td class="listlr" style="background-color: #e0e0e0">*</td>
299	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">Reserved/not assigned by IANA</td>
300	c20c0f5a	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
301			<td class="listr" style="background-color: #e0e0e0">*</td>
302			<td class="listr" style="background-color: #e0e0e0">*</td>
303	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
304			<td class="listr" style="background-color: #e0e0e0">*</td>
305	c20c0f5a	Scott Ullrich	<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
306			<td valign="middle" nowrap class="list">
307			<table border="0" cellspacing="0" cellpadding="1">
308			<tr>
309			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
310			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
311			</tr>
312			<tr>
313			<td align="center" valign="middle"></td>
314			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
315			</tr>
316			</table>
317			</td>
318			</tr>
319			<?php endif; ?>
320	07bd3f83	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
321			$filterent = $a_filter[$i];
322			if ($filterent['interface'] != $if)
323			continue;
324			?>
325	37e2071c	Scott Ullrich	<tr valign="top" id="fr<?=$nrules;?>">
326			<td class="listt"><input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
327			<td class="listt" align="center">
328	5b237745	Scott Ullrich	<?php if ($filterent['type'] == "block")
329			$iconfn = "block";
330			else if ($filterent['type'] == "reject") {
331	950d21d0	Scott Ullrich	if ($filterent['protocol'] == "tcp" \|\| $filterent['protocol'] == "udp" \|\| $filterent['protocol'] == "tcp/udp")
332	5b237745	Scott Ullrich	$iconfn = "reject";
333			else
334			$iconfn = "block";
335			} else
336			$iconfn = "pass";
337			if (isset($filterent['disabled'])) {
338			$textss = "<span class=\"gray\">";
339			$textse = "</span>";
340			$iconfn .= "_d";
341			} else {
342			$textss = $textse = "";
343			}
344			?>
345	677c0869	Erik Kristensen	<a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
346	5b237745	Scott Ullrich	<?php if (isset($filterent['log'])):
347	6fecc73b	Scott Dale	$iconfnlog = "log_s";
348	5b237745	Scott Ullrich	if (isset($filterent['disabled']))
349	6fecc73b	Scott Dale	$iconfnlog .= "_d";
350	5b237745	Scott Ullrich	?>
351	6fecc73b	Scott Dale	<br><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0">
352	5b237745	Scott Ullrich	<?php endif; ?>
353			</td>
354	3a54b6ca	Scott Dale	<?php
355	2a113ca9	Scott Dale	//build Alias popup box
356	3a54b6ca	Scott Dale	$span_begin = "";
357			$span_end = "";
358			$alias_src_span_begin = "";
359			$alias_src_span_end = "";
360			$alias_src_port_span_begin = "";
361			$alias_src_port_span_end = "";
362			$alias_dst_span_begin = "";
363			$alias_dst_span_end = "";
364			$alias_dst_port_span_begin = "";
365			$alias_dst_port_span_end = "";
366			$alias_content_text = "";
367			//max character length for caption field
368			$maxlength = 60;
369
370			foreach ($aliases_array as $alias)
371			{
372			$alias_id_substr = $alias[0];
373			$alias_descr_substr = $alias[1];
374			$alias_content_text = htmlspecialchars($alias[2]);
375			$alias_caption = htmlspecialchars($alias_descr_substr . ":");
376			$strlength = strlen ($alias_caption);
377			if ($strlength >= $maxlength)
378			$alias_caption = substr($alias_caption, 0, $maxlength) . "...";
379
380			$alias_check_src = $filterent['source']['address'];
381			$alias_check_srcport = pprint_port($filterent['source']['port']);
382			$alias_check_dst = $filterent['destination']['address'];
383			$alias_check_dstport = pprint_port($filterent['destination']['port']);
384
385			$span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$alias_caption</h1><p>$alias_content_text</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
386			$span_end = "</U></span>";
387
388			if ($alias_id_substr == $alias_check_src)
389			{
390			$alias_src_span_begin = $span_begin;
391			$alias_src_span_end = $span_end;
392			}
393			if ($alias_id_substr == $alias_check_srcport)
394			{
395			$alias_src_port_span_begin = $span_begin;
396			$alias_src_port_span_end = $span_end;
397			}
398			if ($alias_id_substr == $alias_check_dst)
399			{
400			$alias_dst_span_begin = $span_begin;
401			$alias_dst_span_end = $span_end;
402			}
403			if ($alias_id_substr == $alias_check_dstport)
404			{
405			$alias_dst_port_span_begin = $span_begin;
406			$alias_dst_port_span_end = $span_end;
407			}
408			}
409	2a113ca9	Scott Dale
410			//build Schedule popup box
411			$a_schedules = &$config['schedules']['schedule'];
412			$schedule_span_begin = "";
413			$schedule_span_end = "";
414			$sched_caption = "";
415	eace1363	Scott Dale	$sched_content = "";
416	3b907eb1	Scott Dale	$schedstatus = false;
417	2a113ca9	Scott Dale	$dayArray = array ('Mon','Tues','Wed','Thur','Fri','Sat','Sun');
418			$monthArray = array ('January','February','March','April','May','June','July','August','September','October','November','December');
419	8ce97a08	Scott Dale	if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])){
420			foreach ($a_schedules as $schedule)
421			{
422			if ($schedule['name'] == $filterent['sched'] ){
423			$schedstatus = get_time_based_rule_status($schedule);
424
425			foreach($schedule['timerange'] as $timerange) {
426			$tempFriendlyTime = "";
427			$tempID = "";
428			$firstprint = false;
429			if ($timerange){
430			$dayFriendly = "";
431			$tempFriendlyTime = "";
432
433			//get hours
434			$temptimerange = $timerange['hour'];
435			$temptimeseparator = strrpos($temptimerange, "-");
436	2a113ca9	Scott Dale
437	8ce97a08	Scott Dale	$starttime = substr ($temptimerange, 0, $temptimeseparator);
438			$stoptime = substr ($temptimerange, $temptimeseparator+1);
439	2a113ca9	Scott Dale
440	8ce97a08	Scott Dale	if ($timerange['month']){
441			$tempmontharray = explode(",", $timerange['month']);
442			$tempdayarray = explode(",",$timerange['day']);
443			$arraycounter = 0;
444			$firstDayFound = false;
445			$firstPrint = false;
446			foreach ($tempmontharray as $monthtmp){
447			$month = $tempmontharray[$arraycounter];
448			$day = $tempdayarray[$arraycounter];
449	2a113ca9	Scott Dale
450			if (!$firstDayFound)
451			{
452	8ce97a08	Scott Dale	$firstDay = $day;
453			$firstmonth = $month;
454	2a113ca9	Scott Dale	$firstDayFound = true;
455			}
456	8ce97a08	Scott Dale
457			$currentDay = $day;
458			$nextDay = $tempdayarray[$arraycounter+1];
459			$currentDay++;
460			if (($currentDay != $nextDay) \|\| ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
461			if ($firstPrint)
462	2a113ca9	Scott Dale	$dayFriendly .= ", ";
463			$currentDay--;
464			if ($currentDay != $firstDay)
465	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
466	2a113ca9	Scott Dale	else
467	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$month-1] . " " . $day;
468	2a113ca9	Scott Dale	$firstDayFound = false;
469	8ce97a08	Scott Dale	$firstPrint = true;
470			}
471			$arraycounter++;
472	2a113ca9	Scott Dale	}
473			}
474	8ce97a08	Scott Dale	else
475			{
476			$tempdayFriendly = $timerange['position'];
477			$firstDayFound = false;
478			$tempFriendlyDayArray = explode(",", $tempdayFriendly);
479			$currentDay = "";
480			$firstDay = "";
481			$nextDay = "";
482			$counter = 0;
483			foreach ($tempFriendlyDayArray as $day){
484			if ($day != ""){
485			if (!$firstDayFound)
486			{
487			$firstDay = $tempFriendlyDayArray[$counter];
488			$firstDayFound = true;
489			}
490			$currentDay =$tempFriendlyDayArray[$counter];
491			//get next day
492			$nextDay = $tempFriendlyDayArray[$counter+1];
493			$currentDay++;
494			if ($currentDay != $nextDay){
495			if ($firstprint)
496			$dayFriendly .= ", ";
497			$currentDay--;
498			if ($currentDay != $firstDay)
499			$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
500			else
501			$dayFriendly .= $dayArray[$firstDay-1];
502			$firstDayFound = false;
503			$firstprint = true;
504			}
505			$counter++;
506			}
507			}
508			}
509			$timeFriendly = $starttime . " - " . $stoptime;
510			$description = $timerange['rangedescr'];
511			$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br>";
512			}
513	2a113ca9	Scott Dale	}
514	8ce97a08	Scott Dale	$sched_caption = $schedule['descr'];
515			$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$sched_caption</h1><p>$sched_content</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
516			$schedule_span_end = "</U></span>";
517	2a113ca9	Scott Dale	}
518			}
519			}
520	6fecc73b	Scott Dale	$printicon = false;
521	616dd997	Scott Dale	$alttext = "";
522			$image = "";
523			if (!isset($filterent['disabled'])){
524			if ($schedstatus)
525			{
526			if ($iconfn == "block" \|\| $iconfn == "reject")
527			{
528	5b552ac7	Scott Dale	$image = "icon_block";
529	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
530			}
531			else
532			{
533	5b552ac7	Scott Dale	$image = "icon_pass";
534	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
535			}
536			$printicon = true;
537			}
538			else if ($filterent['sched'])
539			{
540			if ($iconfn == "block" \|\| $iconfn == "reject")
541			{
542	5b552ac7	Scott Dale	$image = "icon_block_d";
543	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
544			}
545			else
546			{
547	5b552ac7	Scott Dale	$image = "icon_block";
548	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
549			}
550			$printicon = true;
551			}
552			}
553	3a54b6ca	Scott Dale	?>
554	98e29097	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
555	5b237745	Scott Ullrich	<?=$textss;?><?php if (isset($filterent['protocol'])) echo strtoupper($filterent['protocol']); else echo "*"; ?><?=$textse;?>
556			</td>
557	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
558	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
559	5b237745	Scott Ullrich	</td>
560	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
561	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
562	5b237745	Scott Ullrich	</td>
563	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
564	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
565	5b237745	Scott Ullrich	</td>
566	3a54b6ca	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
567			<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
568	5b237745	Scott Ullrich	</td>
569	b504c2f8	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
570	e9832b41	Bill Marquette	<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
571	b504c2f8	Scott Ullrich	</td>
572	3595b631	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
573	d3bcf522	Scott Dale	<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0"><?php } ?> <?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?><?php echo $schedule_span_end; ?><?=$textse;?>
574	7738faa8	Scott Ullrich	</td>
575	98e29097	Bill Marquette	<td class="listbg" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" bcolor="#990000"><font color="white">
576	07bd3f83	Scott Ullrich	<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
577	5b237745	Scott Ullrich	</td>
578			<td valign="middle" nowrap class="list">
579	07bd3f83	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="1">
580			<tr>
581	677c0869	Erik Kristensen	<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules before this rule" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"></td>
582			<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
583	07bd3f83	Scott Ullrich	</tr>
584			<tr>
585	1cfed9db	Scott Ullrich	<td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete rule" onclick="return confirm('Do you really want to delete this rule?')"></a></td>
586	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
587	07bd3f83	Scott Ullrich	</tr>
588			</table>
589	5b237745	Scott Ullrich	</td>
590			</tr>
591	07bd3f83	Scott Ullrich	<?php $nrules++; endfor; ?>
592			<?php if ($nrules == 0): ?>
593	37e2071c	Scott Ullrich	<td class="listt"></td>
594	07bd3f83	Scott Ullrich	<td class="listt"></td>
595	40ad834c	Scott Dale	<td class="listlr" colspan="8" align="center" valign="middle">
596	07bd3f83	Scott Ullrich	<span class="gray">
597			No rules are currently defined for this interface.<br>
598			All incoming connections on this interface will be blocked until you add pass rules.<br><br>
599	677c0869	Erik Kristensen	Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
600	07bd3f83	Scott Ullrich	</td>
601			<?php endif; ?>
602	37e2071c	Scott Ullrich	<tr id="fr<?=$nrules;?>">
603			<td class="list"></td>
604			<td class="list"></td>
605			<td class="list"> </td>
606			<td class="list"> </td>
607			<td class="list"> </td>
608	f9cf51f2	Scott Ullrich	<td class="list"> </td>
609			<td class="list"> </td>
610	37e2071c	Scott Ullrich	<td class="list"> </td>
611			<td class="list"> </td>
612			<td class="list"> </td>
613	07bd3f83	Scott Ullrich	<td class="list">
614			<table border="0" cellspacing="0" cellpadding="1">
615			<tr>
616			<td>
617	677c0869	Erik Kristensen	<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules to end" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"><?php endif; ?></td>
618	37e2071c	Scott Ullrich	<td></td>
619	07bd3f83	Scott Ullrich	</tr>
620			<tr>
621	3086d0f8	Scott Ullrich	<td>
622			<?php if ($nrules == 0): ?>
623			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
624			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
625			</td>
626	d415d821	Seth Mos	<td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
627	07bd3f83	Scott Ullrich	</tr>
628			</table>
629			</td>
630	5b237745	Scott Ullrich	</tr>
631			</table>
632	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
633	b2ffe419	Scott Ullrich	<tr>
634	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
635	5b237745	Scott Ullrich	<td>pass</td>
636			<td width="14"></td>
637	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11"></td>
638	5b237745	Scott Ullrich	<td>block</td>
639			<td width="14"></td>
640	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11"></td>
641	5b237745	Scott Ullrich	<td>reject</td>
642			<td width="14"></td>
643	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11"></td>
644	5b237745	Scott Ullrich	<td>log</td>
645			</tr>
646	b2ffe419	Scott Ullrich	<tr>
647	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11"></td>
648	d732f186	Bill Marquette	<td nowrap>pass (disabled)</td>
649			<td> </td>
650	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11"></td>
651	d732f186	Bill Marquette	<td nowrap>block (disabled)</td>
652			<td> </td>
653	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11"></td>
654	d732f186	Bill Marquette	<td nowrap>reject (disabled)</td>
655			<td> </td>
656	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11"></td>
657	d732f186	Bill Marquette	<td nowrap>log (disabled)</td>
658	5b237745	Scott Ullrich	</tr>
659	d732f186	Bill Marquette	<tr>
660	05860c07	Scott Ullrich	<td colspan="10">
661	07bd3f83	Scott Ullrich	<p>
662			<strong><span class="red">Hint:<br>
663	37e2071c	Scott Ullrich	</span></strong>Rules are evaluated on a first-match basis (i.e.
664	b2ffe419	Scott Ullrich	the action of the first rule to match a packet will be executed).
665			This means that if you use block rules, you'll have to pay attention
666			to the rule order. Everything that isn't explicitly passed is blocked
667	07bd3f83	Scott Ullrich	by default.</p>
668	d732f186	Bill Marquette	</td>
669			</tr>
670			</table>
671			</div>
672			</td>
673			</tr>
674			</table>
675	37e2071c	Scott Ullrich	<input type="hidden" name="if" value="<?=$if;?>">
676	07bd3f83	Scott Ullrich	</form>
677	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
678	af4aa061	Scott Ullrich	</body>
679			</html>

Project

General

Profile

pfSense