/usr/local/www/firewall_rules.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_rules.php @ 3aed792b

1	b2ffe419	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	37e2071c	Scott Ullrich	firewall_rules.php
5	e4cabb75	Scott Ullrich	part of pfSense (http://www.pfsense.com)
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	b2ffe419	Scott Ullrich
8	e4cabb75	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10	37e2071c	Scott Ullrich	All rights reserved.
11	b2ffe419	Scott Ullrich
12	37e2071c	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	b2ffe419	Scott Ullrich
15	37e2071c	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	b2ffe419	Scott Ullrich
18	37e2071c	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	b2ffe419	Scott Ullrich
22	37e2071c	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33
34	37e2071c	Scott Ullrich	$pgtitle = array("Firewall", "Rules");
35	5b237745	Scott Ullrich	require("guiconfig.inc");
36
37			if (!is_array($config['filter']['rule'])) {
38			$config['filter']['rule'] = array();
39			}
40			filter_rules_sort();
41			$a_filter = &$config['filter']['rule'];
42
43	07bd3f83	Scott Ullrich	$if = $_GET['if'];
44			if ($_POST['if'])
45			$if = $_POST['if'];
46	b2ffe419	Scott Ullrich
47	07bd3f83	Scott Ullrich	$iflist = array("lan" => "LAN", "wan" => "WAN");
48
49			if ($config['pptpd']['mode'] == "server")
50			$iflist['pptp'] = "PPTP VPN";
51	b51ca9d0	Scott Ullrich
52	0e1e0183	Scott Ullrich	if ($config['pppoe']['mode'] == "server")
53	0c554ff6	Scott Ullrich	$iflist['pppoe'] = "PPPoE VPN";
54
55	00eabb46	Scott Ullrich	/* add ipsec filter gif interfaces */
56	14cbafe8	Bill Marquette	if (is_array($config['ipsec']['tunnel']) && isset($config['ipsec']['enable'])) {
57			$a_ipsec = &$config['ipsec']['tunnel'];
58			if(is_array($a_ipsec)) {
59			$i = 0; foreach ($a_ipsec as $ipsecent) {
60			if(isset($ipsecent['creategif'])) {
61			$iflist["gif{$i}"] = "{$ipsecent['descr']}";
62			$i++;
63			}
64	bdf7aa59	Scott Ullrich	}
65	00eabb46	Scott Ullrich	}
66			}
67
68	07bd3f83	Scott Ullrich	for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
69			$iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
70			}
71
72			if (!$if \|\| !isset($iflist[$if]))
73	37e2071c	Scott Ullrich	$if = "wan";
74	07bd3f83	Scott Ullrich
75	5b237745	Scott Ullrich	if ($_POST) {
76
77			$pconfig = $_POST;
78
79			if ($_POST['apply']) {
80	37e2071c	Scott Ullrich	$retval = 0;
81	9a7e416c	Scott Ullrich	config_lock();
82			$retval = filter_configure();
83			config_unlock();
84
85	a985eac2	Scott Ullrich	if (file_exists($d_filterconfdirty_path))
86			unlink($d_filterconfdirty_path);
87
88	4739bd06	Scott Ullrich	$savemsg = "The settings have been applied. The firewall rules are now reloading in the background. You can also <a href='status_filter_reload.php'>monitor</a> the reload progress.";
89	5b237745	Scott Ullrich	}
90			}
91
92	d97c50cd	Bill Marquette	if ($_GET['act'] == "del") {
93			if ($a_filter[$_GET['id']]) {
94			unset($a_filter[$_GET['id']]);
95			write_config();
96			touch($d_filterconfdirty_path);
97			header("Location: firewall_rules.php?if={$if}");
98			exit;
99			}
100			}
101
102	07bd3f83	Scott Ullrich	if (isset($_POST['del_x'])) {
103			/* delete selected rules */
104			if (is_array($_POST['rule']) && count($_POST['rule'])) {
105			foreach ($_POST['rule'] as $rulei) {
106			unset($a_filter[$rulei]);
107			}
108	5b237745	Scott Ullrich	write_config();
109			touch($d_filterconfdirty_path);
110	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
111	5b237745	Scott Ullrich	exit;
112			}
113	07bd3f83	Scott Ullrich	} else if ($_GET['act'] == "toggle") {
114			if ($a_filter[$_GET['id']]) {
115	f53b85a3	Scott Ullrich	if(isset($a_filter[$_GET['id']]['disabled']))
116	734edbdf	Bill Marquette	unset($a_filter[$_GET['id']]['disabled']);
117			else
118			$a_filter[$_GET['id']]['disabled'] = true;
119	5b237745	Scott Ullrich	write_config();
120			touch($d_filterconfdirty_path);
121	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
122	5b237745	Scott Ullrich	exit;
123			}
124	07bd3f83	Scott Ullrich	} else {
125	b2ffe419	Scott Ullrich	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
126	37e2071c	Scott Ullrich	so we use .x/.y to fine move button clicks instead... */
127	07bd3f83	Scott Ullrich	unset($movebtn);
128			foreach ($_POST as $pn => $pd) {
129			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
130			$movebtn = $matches[1];
131			break;
132			}
133	5b237745	Scott Ullrich	}
134	07bd3f83	Scott Ullrich	/* move selected rules before this rule */
135			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
136			$a_filter_new = array();
137	b2ffe419	Scott Ullrich
138	07bd3f83	Scott Ullrich	/* copy all rules < $movebtn and not selected */
139			for ($i = 0; $i < $movebtn; $i++) {
140			if (!in_array($i, $_POST['rule']))
141			$a_filter_new[] = $a_filter[$i];
142			}
143	b2ffe419	Scott Ullrich
144	07bd3f83	Scott Ullrich	/* copy all selected rules */
145			for ($i = 0; $i < count($a_filter); $i++) {
146			if ($i == $movebtn)
147			continue;
148			if (in_array($i, $_POST['rule']))
149			$a_filter_new[] = $a_filter[$i];
150			}
151	b2ffe419	Scott Ullrich
152	07bd3f83	Scott Ullrich	/* copy $movebtn rule */
153			if ($movebtn < count($a_filter))
154			$a_filter_new[] = $a_filter[$movebtn];
155	b2ffe419	Scott Ullrich
156	07bd3f83	Scott Ullrich	/* copy all rules > $movebtn and not selected */
157			for ($i = $movebtn+1; $i < count($a_filter); $i++) {
158			if (!in_array($i, $_POST['rule']))
159			$a_filter_new[] = $a_filter[$i];
160			}
161	b2ffe419	Scott Ullrich
162	07bd3f83	Scott Ullrich	$a_filter = $a_filter_new;
163	5b237745	Scott Ullrich	write_config();
164			touch($d_filterconfdirty_path);
165	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
166	5b237745	Scott Ullrich	exit;
167			}
168			}
169
170	9a25487b	Scott Ullrich	$pgtitle = "Firewall: Rules";
171			include("head.inc");
172
173	5b237745	Scott Ullrich	?>
174			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
175			<?php include("fbegin.inc"); ?>
176	da7ae7ef	Bill Marquette	<p class="pgtitle"><?=$pgtitle?></p>
177	5b237745	Scott Ullrich	<form action="firewall_rules.php" method="post">
178	6a8d35ca	Bill Marquette	<script type="text/javascript" language="javascript" src="row_toggle.js">
179	fa65a62b	Scott Ullrich	</script>
180	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
181			<?php if (file_exists($d_filterconfdirty_path)): ?><p>
182			<?php print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
183			<?php endif; ?>
184	07bd3f83	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
185	37e2071c	Scott Ullrich	<tr><td class="tabnavtbl">
186	0366b748	Scott Ullrich	<?php
187			/* active tabs */
188			$tab_array = array();
189			$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
190			if ($ifent == $if)
191			$active = true;
192			else
193			$active = false;
194			$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
195			}
196			display_top_tabs($tab_array);
197			?>
198	07bd3f83	Scott Ullrich	</td></tr>
199	b2ffe419	Scott Ullrich	<tr>
200	d732f186	Bill Marquette	<td>
201			<div id="mainarea">
202			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
203	fa65a62b	Scott Ullrich	<tr id="frheader">
204	37e2071c	Scott Ullrich	<td width="3%" class="list"> </td>
205	5b237745	Scott Ullrich	<td width="5%" class="list"> </td>
206			<td width="10%" class="listhdrr">Proto</td>
207			<td width="15%" class="listhdrr">Source</td>
208			<td width="10%" class="listhdrr">Port</td>
209			<td width="15%" class="listhdrr">Destination</td>
210			<td width="10%" class="listhdrr">Port</td>
211	b504c2f8	Scott Ullrich	<td width="10%" class="listhdrr">Gateway</td>
212	37e2071c	Scott Ullrich	<td width="22%" class="listhdr">Description</td>
213	5b237745	Scott Ullrich	<td width="10%" class="list"></td>
214			</tr>
215	d9eeccbd	Scott Ullrich	<?php if (($if == "wan") && isset($config['interfaces']['wan']['blockpriv'])): ?>
216			<tr valign="top" id="frrfc1918">
217	f77830b3	Scott Ullrich	<td width="3%" class="list"> </td>
218			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
219	d9eeccbd	Scott Ullrich	<td class="listlr" style="background-color: #e0e0e0">*</td>
220			<td class="listr" style="background-color: #e0e0e0">RFC 1918 networks</td>
221			<td class="listr" style="background-color: #e0e0e0">*</td>
222			<td class="listr" style="background-color: #e0e0e0">*</td>
223			<td class="listr" style="background-color: #e0e0e0">*</td>
224			<td class="listr" style="background-color: #e0e0e0">*</td>
225	f77830b3	Scott Ullrich	<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
226	d9eeccbd	Scott Ullrich	<td valign="middle" nowrap class="list">
227			<table border="0" cellspacing="0" cellpadding="1">
228			<tr>
229			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
230			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
231			</tr>
232			<tr>
233			<td align="center" valign="middle"></td>
234	83b81db7	Scott Ullrich	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
235	d9eeccbd	Scott Ullrich	</tr>
236			</table>
237			</td>
238			</tr>
239	c20c0f5a	Scott Ullrich	<?php endif; ?>
240			<?php if (($if == "wan") && isset($config['interfaces']['wan']['blockbogons'])): ?>
241			<tr valign="top" id="frrfc1918">
242			<td width="3%" class="list"> </td>
243			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
244			<td class="listlr" style="background-color: #e0e0e0">*</td>
245			<td class="listr" style="background-color: #e0e0e0">reserved/not assigned by IANA</td>
246			<td class="listr" style="background-color: #e0e0e0">*</td>
247			<td class="listr" style="background-color: #e0e0e0">*</td>
248			<td class="listr" style="background-color: #e0e0e0">*</td>
249			<td class="listr" style="background-color: #e0e0e0">*</td>
250			<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
251			<td valign="middle" nowrap class="list">
252			<table border="0" cellspacing="0" cellpadding="1">
253			<tr>
254			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
255			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
256			</tr>
257			<tr>
258			<td align="center" valign="middle"></td>
259			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
260			</tr>
261			</table>
262			</td>
263			</tr>
264			<?php endif; ?>
265	07bd3f83	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
266			$filterent = $a_filter[$i];
267			if ($filterent['interface'] != $if)
268			continue;
269			?>
270	37e2071c	Scott Ullrich	<tr valign="top" id="fr<?=$nrules;?>">
271			<td class="listt"><input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
272			<td class="listt" align="center">
273	5b237745	Scott Ullrich	<?php if ($filterent['type'] == "block")
274			$iconfn = "block";
275			else if ($filterent['type'] == "reject") {
276	950d21d0	Scott Ullrich	if ($filterent['protocol'] == "tcp" \|\| $filterent['protocol'] == "udp" \|\| $filterent['protocol'] == "tcp/udp")
277	5b237745	Scott Ullrich	$iconfn = "reject";
278			else
279			$iconfn = "block";
280			} else
281			$iconfn = "pass";
282			if (isset($filterent['disabled'])) {
283			$textss = "<span class=\"gray\">";
284			$textse = "</span>";
285			$iconfn .= "_d";
286			} else {
287			$textss = $textse = "";
288			}
289			?>
290	677c0869	Erik Kristensen	<a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
291	5b237745	Scott Ullrich	<?php if (isset($filterent['log'])):
292			$iconfn = "log_s";
293			if (isset($filterent['disabled']))
294			$iconfn .= "_d";
295			?>
296	677c0869	Erik Kristensen	<br><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="15" border="0">
297	5b237745	Scott Ullrich	<?php endif; ?>
298			</td>
299	98e29097	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
300	5b237745	Scott Ullrich	<?=$textss;?><?php if (isset($filterent['protocol'])) echo strtoupper($filterent['protocol']); else echo "*"; ?><?=$textse;?>
301			</td>
302	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
303	5b237745	Scott Ullrich	<?=$textss;?><?php echo htmlspecialchars(pprint_address($filterent['source'])); ?><?=$textse;?>
304			</td>
305	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
306	5b237745	Scott Ullrich	<?=$textss;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?=$textse;?>
307			</td>
308	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
309	5b237745	Scott Ullrich	<?=$textss;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?=$textse;?>
310			</td>
311	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
312	5b237745	Scott Ullrich	<?=$textss;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?=$textse;?>
313			</td>
314	b504c2f8	Scott Ullrich
315			<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
316	e9832b41	Bill Marquette	<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
317	b504c2f8	Scott Ullrich	</td>
318
319	98e29097	Bill Marquette	<td class="listbg" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" bcolor="#990000"><font color="white">
320	07bd3f83	Scott Ullrich	<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
321	5b237745	Scott Ullrich	</td>
322			<td valign="middle" nowrap class="list">
323	07bd3f83	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="1">
324			<tr>
325	677c0869	Erik Kristensen	<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules before this rule" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"></td>
326			<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
327	07bd3f83	Scott Ullrich	</tr>
328			<tr>
329	1cfed9db	Scott Ullrich	<td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete rule" onclick="return confirm('Do you really want to delete this rule?')"></a></td>
330	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
331	07bd3f83	Scott Ullrich	</tr>
332			</table>
333	5b237745	Scott Ullrich	</td>
334			</tr>
335	07bd3f83	Scott Ullrich	<?php $nrules++; endfor; ?>
336			<?php if ($nrules == 0): ?>
337	37e2071c	Scott Ullrich	<td class="listt"></td>
338	07bd3f83	Scott Ullrich	<td class="listt"></td>
339	05860c07	Scott Ullrich	<td class="listlr" colspan="7" align="center" valign="middle">
340	07bd3f83	Scott Ullrich	<span class="gray">
341			No rules are currently defined for this interface.<br>
342			All incoming connections on this interface will be blocked until you add pass rules.<br><br>
343	677c0869	Erik Kristensen	Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
344	07bd3f83	Scott Ullrich	</td>
345			<?php endif; ?>
346	37e2071c	Scott Ullrich	<tr id="fr<?=$nrules;?>">
347			<td class="list"></td>
348			<td class="list"></td>
349			<td class="list"> </td>
350			<td class="list"> </td>
351			<td class="list"> </td>
352	d08dca1b	Scott Ullrich	<td class="list"> </td>
353	37e2071c	Scott Ullrich	<td class="list"> </td>
354			<td class="list"> </td>
355			<td class="list"> </td>
356	07bd3f83	Scott Ullrich	<td class="list">
357			<table border="0" cellspacing="0" cellpadding="1">
358			<tr>
359			<td>
360	677c0869	Erik Kristensen	<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules to end" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"><?php endif; ?></td>
361	37e2071c	Scott Ullrich	<td></td>
362	07bd3f83	Scott Ullrich	</tr>
363			<tr>
364	3086d0f8	Scott Ullrich	<td>
365			<?php if ($nrules == 0): ?>
366			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
367			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
368			</td>
369	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
370	07bd3f83	Scott Ullrich	</tr>
371			</table>
372			</td>
373	5b237745	Scott Ullrich	</tr>
374			</table>
375	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
376	b2ffe419	Scott Ullrich	<tr>
377	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
378	5b237745	Scott Ullrich	<td>pass</td>
379			<td width="14"></td>
380	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11"></td>
381	5b237745	Scott Ullrich	<td>block</td>
382			<td width="14"></td>
383	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11"></td>
384	5b237745	Scott Ullrich	<td>reject</td>
385			<td width="14"></td>
386	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11"></td>
387	5b237745	Scott Ullrich	<td>log</td>
388			</tr>
389	b2ffe419	Scott Ullrich	<tr>
390	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11"></td>
391	d732f186	Bill Marquette	<td nowrap>pass (disabled)</td>
392			<td> </td>
393	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11"></td>
394	d732f186	Bill Marquette	<td nowrap>block (disabled)</td>
395			<td> </td>
396	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11"></td>
397	d732f186	Bill Marquette	<td nowrap>reject (disabled)</td>
398			<td> </td>
399	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11"></td>
400	d732f186	Bill Marquette	<td nowrap>log (disabled)</td>
401	5b237745	Scott Ullrich	</tr>
402	d732f186	Bill Marquette	<tr>
403	05860c07	Scott Ullrich	<td colspan="10">
404	07bd3f83	Scott Ullrich	<p>
405			<strong><span class="red">Hint:<br>
406	37e2071c	Scott Ullrich	</span></strong>Rules are evaluated on a first-match basis (i.e.
407	b2ffe419	Scott Ullrich	the action of the first rule to match a packet will be executed).
408			This means that if you use block rules, you'll have to pay attention
409			to the rule order. Everything that isn't explicitly passed is blocked
410	07bd3f83	Scott Ullrich	by default.</p>
411	d732f186	Bill Marquette	</td>
412			</tr>
413			</table>
414			</div>
415			</td>
416			</tr>
417			</table>
418	37e2071c	Scott Ullrich	<input type="hidden" name="if" value="<?=$if;?>">
419	07bd3f83	Scott Ullrich	</form>
420	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
421	af4aa061	Scott Ullrich	</body>
422			</html>

Project

General

Profile

pfSense