/usr/local/www/firewall_rules.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_rules.php @ 45ee90ed

1	b2ffe419	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	37e2071c	Scott Ullrich	firewall_rules.php
5	e4cabb75	Scott Ullrich	part of pfSense (http://www.pfsense.com)
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	b2ffe419	Scott Ullrich
8	e4cabb75	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10	37e2071c	Scott Ullrich	All rights reserved.
11	b2ffe419	Scott Ullrich
12	37e2071c	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	b2ffe419	Scott Ullrich
15	37e2071c	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	b2ffe419	Scott Ullrich
18	37e2071c	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	b2ffe419	Scott Ullrich
22	37e2071c	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33
34	37e2071c	Scott Ullrich	$pgtitle = array("Firewall", "Rules");
35	5b237745	Scott Ullrich	require("guiconfig.inc");
36
37			if (!is_array($config['filter']['rule'])) {
38			$config['filter']['rule'] = array();
39			}
40			filter_rules_sort();
41			$a_filter = &$config['filter']['rule'];
42
43	07bd3f83	Scott Ullrich	$if = $_GET['if'];
44			if ($_POST['if'])
45			$if = $_POST['if'];
46	b2ffe419	Scott Ullrich
47	cbe3ea96	Ermal Luçi	$ifdescs = get_configured_interface_with_descr();
48	07bd3f83	Scott Ullrich
49	aef4dc74	Ermal Luçi	foreach ($ifdescs as $ifent => $ifdesc)
50			if(have_ruleint_access($ifent))
51			$iflist[$ifent] = $ifdesc;
52	88bcd1d2	Scott Dale
53	07bd3f83	Scott Ullrich	if ($config['pptpd']['mode'] == "server")
54	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pptp"))
55			$iflist['pptp'] = "PPTP VPN";
56	50e0d2a1	Scott Ullrich
57	0e1e0183	Scott Ullrich	if ($config['pppoe']['mode'] == "server")
58	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pppoe"))
59			$iflist['pppoe'] = "PPPoE VPN";
60	0c554ff6	Scott Ullrich
61	88bcd1d2	Scott Dale	/* add ipsec interfaces */
62	d81c2ad1	Scott Ullrich	if (isset($config['ipsec']['enable']) \|\| isset($config['ipsec']['mobileclients']['enable']))
63			if(have_ruleint_access("enc0"))
64	0f266b2e	Chris Buechler	$iflist["enc0"] = "IPsec";
65	07bd3f83	Scott Ullrich
66	bfb60ac8	Ermal Luçi	/* add openvpn/tun interfaces */
67			if ($config['installedpackages']["openvpnserver"] \|\| $config['installedpackages']["openvpnclient"]) {
68			if (is_array($config['installedpackages']["openvpnserver"]['config']) \|\|
69			is_array($config['installedpackages']["openvpnclient"]['config']))
70			$iflist["openvpn"] = "OpenVPN";
71			}
72
73	92125c97	Ermal Luçi	if (!$if \|\| !isset($iflist[$if])) {
74			if ("any" == $if)
75	15160475	Ermal Luçi	$if = "FloatingRules";
76	92125c97	Ermal Luçi	else if ("FloatingRules" != $if)
77			$if = "wan";
78			}
79	07bd3f83	Scott Ullrich
80	5b237745	Scott Ullrich	if ($_POST) {
81
82			$pconfig = $_POST;
83
84			if ($_POST['apply']) {
85	37e2071c	Scott Ullrich	$retval = 0;
86	9a7e416c	Scott Ullrich	config_lock();
87			$retval = filter_configure();
88			config_unlock();
89
90	a985eac2	Scott Ullrich	if (file_exists($d_filterconfdirty_path))
91			unlink($d_filterconfdirty_path);
92
93	4739bd06	Scott Ullrich	$savemsg = "The settings have been applied. The firewall rules are now reloading in the background. You can also <a href='status_filter_reload.php'>monitor</a> the reload progress.";
94	5b237745	Scott Ullrich	}
95			}
96
97	d97c50cd	Bill Marquette	if ($_GET['act'] == "del") {
98			if ($a_filter[$_GET['id']]) {
99			unset($a_filter[$_GET['id']]);
100			write_config();
101			touch($d_filterconfdirty_path);
102			header("Location: firewall_rules.php?if={$if}");
103			exit;
104			}
105			}
106
107	07bd3f83	Scott Ullrich	if (isset($_POST['del_x'])) {
108			/* delete selected rules */
109			if (is_array($_POST['rule']) && count($_POST['rule'])) {
110			foreach ($_POST['rule'] as $rulei) {
111			unset($a_filter[$rulei]);
112			}
113	5b237745	Scott Ullrich	write_config();
114			touch($d_filterconfdirty_path);
115	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
116	5b237745	Scott Ullrich	exit;
117			}
118	07bd3f83	Scott Ullrich	} else if ($_GET['act'] == "toggle") {
119			if ($a_filter[$_GET['id']]) {
120	f53b85a3	Scott Ullrich	if(isset($a_filter[$_GET['id']]['disabled']))
121	734edbdf	Bill Marquette	unset($a_filter[$_GET['id']]['disabled']);
122			else
123			$a_filter[$_GET['id']]['disabled'] = true;
124	5b237745	Scott Ullrich	write_config();
125			touch($d_filterconfdirty_path);
126	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
127	5b237745	Scott Ullrich	exit;
128			}
129	07bd3f83	Scott Ullrich	} else {
130	b2ffe419	Scott Ullrich	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
131	37e2071c	Scott Ullrich	so we use .x/.y to fine move button clicks instead... */
132	07bd3f83	Scott Ullrich	unset($movebtn);
133			foreach ($_POST as $pn => $pd) {
134			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
135			$movebtn = $matches[1];
136			break;
137			}
138	5b237745	Scott Ullrich	}
139	07bd3f83	Scott Ullrich	/* move selected rules before this rule */
140			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
141			$a_filter_new = array();
142	b2ffe419	Scott Ullrich
143	07bd3f83	Scott Ullrich	/* copy all rules < $movebtn and not selected */
144			for ($i = 0; $i < $movebtn; $i++) {
145			if (!in_array($i, $_POST['rule']))
146			$a_filter_new[] = $a_filter[$i];
147			}
148	b2ffe419	Scott Ullrich
149	07bd3f83	Scott Ullrich	/* copy all selected rules */
150			for ($i = 0; $i < count($a_filter); $i++) {
151			if ($i == $movebtn)
152			continue;
153			if (in_array($i, $_POST['rule']))
154			$a_filter_new[] = $a_filter[$i];
155			}
156	b2ffe419	Scott Ullrich
157	07bd3f83	Scott Ullrich	/* copy $movebtn rule */
158			if ($movebtn < count($a_filter))
159			$a_filter_new[] = $a_filter[$movebtn];
160	b2ffe419	Scott Ullrich
161	07bd3f83	Scott Ullrich	/* copy all rules > $movebtn and not selected */
162			for ($i = $movebtn+1; $i < count($a_filter); $i++) {
163			if (!in_array($i, $_POST['rule']))
164			$a_filter_new[] = $a_filter[$i];
165			}
166	b2ffe419	Scott Ullrich
167	07bd3f83	Scott Ullrich	$a_filter = $a_filter_new;
168	5b237745	Scott Ullrich	write_config();
169			touch($d_filterconfdirty_path);
170	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
171	5b237745	Scott Ullrich	exit;
172			}
173			}
174	3a54b6ca	Scott Dale	$closehead = false;
175	5b237745	Scott Ullrich
176	9a25487b	Scott Ullrich	include("head.inc");
177
178	3a54b6ca	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
179			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
180			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
181			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
182	5b237745	Scott Ullrich	?>
183	3a54b6ca	Scott Dale	</head>
184
185	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
186			<?php include("fbegin.inc"); ?>
187			<form action="firewall_rules.php" method="post">
188	6a8d35ca	Bill Marquette	<script type="text/javascript" language="javascript" src="row_toggle.js">
189	fa65a62b	Scott Ullrich	</script>
190	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
191			<?php if (file_exists($d_filterconfdirty_path)): ?><p>
192			<?php print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
193			<?php endif; ?>
194	07bd3f83	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
195	37e2071c	Scott Ullrich	<tr><td class="tabnavtbl">
196	0366b748	Scott Ullrich	<?php
197			/* active tabs */
198			$tab_array = array();
199	92125c97	Ermal Luçi	if ("FloatingRules" == $if)
200			$active = true;
201			else
202			$active = false;
203	661aed33	Ermal Luçi	$tab_array[] = array("Floating", $active, "firewall_rules.php?if=FloatingRules");
204	0366b748	Scott Ullrich	$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
205			if ($ifent == $if)
206			$active = true;
207			else
208			$active = false;
209			$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
210			}
211			display_top_tabs($tab_array);
212			?>
213	07bd3f83	Scott Ullrich	</td></tr>
214	b2ffe419	Scott Ullrich	<tr>
215	d732f186	Bill Marquette	<td>
216			<div id="mainarea">
217			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
218	fa65a62b	Scott Ullrich	<tr id="frheader">
219	37e2071c	Scott Ullrich	<td width="3%" class="list"> </td>
220	5b237745	Scott Ullrich	<td width="5%" class="list"> </td>
221	197bfe96	Ermal Luçi	<td width="6%" class="listhdrr">Proto</td>
222	5b237745	Scott Ullrich	<td width="15%" class="listhdrr">Source</td>
223	197bfe96	Ermal Luçi	<td width="7%" class="listhdrr">Port</td>
224	5b237745	Scott Ullrich	<td width="15%" class="listhdrr">Destination</td>
225	197bfe96	Ermal Luçi	<td width="7%" class="listhdrr">Port</td>
226			<td width="5%" class="listhdrr">Gateway</td>
227	1c7e3ec6	Bill Marquette	<td width="10%" class="listhdrr">Queue</td>
228	197bfe96	Ermal Luçi	<td width="5%" class="listhdrr">Schedule</td>
229	37e2071c	Scott Ullrich	<td width="22%" class="listhdr">Description</td>
230	d415d821	Seth Mos	<td width="10%" class="list">
231			<table border="0" cellspacing="0" cellpadding="1">
232			<tr>
233			<?php
234			$nrules = 0;
235			for ($i = 0; isset($a_filter[$i]); $i++) {
236			$filterent = $a_filter[$i];
237	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
238			continue;
239			if (isset($filterent['floating']) && "FloatingRules" != $if)
240	d415d821	Seth Mos	continue;
241			$nrules++;
242			}
243			?>
244			<td>
245			<?php if ($nrules == 0): ?>
246			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
247			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
248			</td>
249			<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=$if;?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
250			</tr>
251			</table>
252			</td>
253			</tr>
254	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockpriv'])): ?>
255	d9eeccbd	Scott Ullrich	<tr valign="top" id="frrfc1918">
256	f77830b3	Scott Ullrich	<td width="3%" class="list"> </td>
257			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
258	d9eeccbd	Scott Ullrich	<td class="listlr" style="background-color: #e0e0e0">*</td>
259			<td class="listr" style="background-color: #e0e0e0">RFC 1918 networks</td>
260			<td class="listr" style="background-color: #e0e0e0">*</td>
261			<td class="listr" style="background-color: #e0e0e0">*</td>
262			<td class="listr" style="background-color: #e0e0e0">*</td>
263	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
264	197bfe96	Ermal Luçi	<td class="listr" style="background-color: #e0e0e0">Default</td>
265	d415d821	Seth Mos	<td class="listr" style="background-color: #e0e0e0">*</td>
266	f77830b3	Scott Ullrich	<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
267	d9eeccbd	Scott Ullrich	<td valign="middle" nowrap class="list">
268			<table border="0" cellspacing="0" cellpadding="1">
269			<tr>
270			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
271			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
272			</tr>
273			<tr>
274			<td align="center" valign="middle"></td>
275	83b81db7	Scott Ullrich	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
276	d9eeccbd	Scott Ullrich	</tr>
277			</table>
278			</td>
279			</tr>
280	c20c0f5a	Scott Ullrich	<?php endif; ?>
281	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockbogons'])): ?>
282	c20c0f5a	Scott Ullrich	<tr valign="top" id="frrfc1918">
283			<td width="3%" class="list"> </td>
284			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
285			<td class="listlr" style="background-color: #e0e0e0">*</td>
286	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">Reserved/not assigned by IANA</td>
287	c20c0f5a	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
288			<td class="listr" style="background-color: #e0e0e0">*</td>
289			<td class="listr" style="background-color: #e0e0e0">*</td>
290	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
291			<td class="listr" style="background-color: #e0e0e0">*</td>
292	f1f60c92	Ermal Luçi	<td class="listr" style="background-color: #e0e0e0">*</td>
293	c20c0f5a	Scott Ullrich	<td class="listbg" style="background-color: #990000"><font color="white">Block private networks</td>
294			<td valign="middle" nowrap class="list">
295			<table border="0" cellspacing="0" cellpadding="1">
296			<tr>
297			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
298			<td><a href="interfaces_wan.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
299			</tr>
300			<tr>
301			<td align="center" valign="middle"></td>
302			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
303			</tr>
304			</table>
305			</td>
306			</tr>
307			<?php endif; ?>
308	07bd3f83	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
309			$filterent = $a_filter[$i];
310	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
311			continue;
312			if (isset($filterent['floating']) && "FloatingRules" != $if)
313			continue;
314	07bd3f83	Scott Ullrich	?>
315	37e2071c	Scott Ullrich	<tr valign="top" id="fr<?=$nrules;?>">
316			<td class="listt"><input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
317			<td class="listt" align="center">
318	5b237745	Scott Ullrich	<?php if ($filterent['type'] == "block")
319			$iconfn = "block";
320			else if ($filterent['type'] == "reject") {
321	950d21d0	Scott Ullrich	if ($filterent['protocol'] == "tcp" \|\| $filterent['protocol'] == "udp" \|\| $filterent['protocol'] == "tcp/udp")
322	5b237745	Scott Ullrich	$iconfn = "reject";
323			else
324			$iconfn = "block";
325			} else
326			$iconfn = "pass";
327			if (isset($filterent['disabled'])) {
328			$textss = "<span class=\"gray\">";
329			$textse = "</span>";
330			$iconfn .= "_d";
331			} else {
332			$textss = $textse = "";
333			}
334			?>
335	677c0869	Erik Kristensen	<a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
336	5b237745	Scott Ullrich	<?php if (isset($filterent['log'])):
337	6fecc73b	Scott Dale	$iconfnlog = "log_s";
338	5b237745	Scott Ullrich	if (isset($filterent['disabled']))
339	6fecc73b	Scott Dale	$iconfnlog .= "_d";
340	5b237745	Scott Ullrich	?>
341	6fecc73b	Scott Dale	<br><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0">
342	5b237745	Scott Ullrich	<?php endif; ?>
343			</td>
344	3a54b6ca	Scott Dale	<?php
345	2a9db752	Scott Dale
346	2a113ca9	Scott Dale	//build Alias popup box
347	3a54b6ca	Scott Dale	$span_end = "";
348			$alias_src_span_begin = "";
349			$alias_src_port_span_begin = "";
350			$alias_dst_span_begin = "";
351			$alias_dst_port_span_begin = "";
352
353	2a9db752	Scott Dale	$alias_popup = rule_popup($filterent['source']['address'],pprint_port($filterent['source']['port']),$filterent['destination']['address'],pprint_port($filterent['destination']['port']));
354			$span_end = "</U></span>";
355	3a54b6ca	Scott Dale
356	2a9db752	Scott Dale	$alias_src_span_begin = $alias_popup["src"];
357
358			$alias_src_port_span_begin = $alias_popup["srcport"];
359
360			$alias_dst_span_begin = $alias_popup["dst"];
361
362			$alias_dst_port_span_begin = $alias_popup["dstport"];
363	3a54b6ca	Scott Dale
364	2a113ca9	Scott Dale	//build Schedule popup box
365			$a_schedules = &$config['schedules']['schedule'];
366			$schedule_span_begin = "";
367			$schedule_span_end = "";
368			$sched_caption = "";
369	eace1363	Scott Dale	$sched_content = "";
370	3b907eb1	Scott Dale	$schedstatus = false;
371	2a113ca9	Scott Dale	$dayArray = array ('Mon','Tues','Wed','Thur','Fri','Sat','Sun');
372			$monthArray = array ('January','February','March','April','May','June','July','August','September','October','November','December');
373	8ce97a08	Scott Dale	if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])){
374			foreach ($a_schedules as $schedule)
375			{
376			if ($schedule['name'] == $filterent['sched'] ){
377			$schedstatus = get_time_based_rule_status($schedule);
378
379			foreach($schedule['timerange'] as $timerange) {
380			$tempFriendlyTime = "";
381			$tempID = "";
382			$firstprint = false;
383			if ($timerange){
384			$dayFriendly = "";
385			$tempFriendlyTime = "";
386
387			//get hours
388			$temptimerange = $timerange['hour'];
389			$temptimeseparator = strrpos($temptimerange, "-");
390	2a113ca9	Scott Dale
391	8ce97a08	Scott Dale	$starttime = substr ($temptimerange, 0, $temptimeseparator);
392			$stoptime = substr ($temptimerange, $temptimeseparator+1);
393	2a113ca9	Scott Dale
394	8ce97a08	Scott Dale	if ($timerange['month']){
395			$tempmontharray = explode(",", $timerange['month']);
396			$tempdayarray = explode(",",$timerange['day']);
397			$arraycounter = 0;
398			$firstDayFound = false;
399			$firstPrint = false;
400			foreach ($tempmontharray as $monthtmp){
401			$month = $tempmontharray[$arraycounter];
402			$day = $tempdayarray[$arraycounter];
403	2a113ca9	Scott Dale
404			if (!$firstDayFound)
405			{
406	8ce97a08	Scott Dale	$firstDay = $day;
407			$firstmonth = $month;
408	2a113ca9	Scott Dale	$firstDayFound = true;
409			}
410	8ce97a08	Scott Dale
411			$currentDay = $day;
412			$nextDay = $tempdayarray[$arraycounter+1];
413			$currentDay++;
414			if (($currentDay != $nextDay) \|\| ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
415			if ($firstPrint)
416	2a113ca9	Scott Dale	$dayFriendly .= ", ";
417			$currentDay--;
418			if ($currentDay != $firstDay)
419	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
420	2a113ca9	Scott Dale	else
421	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$month-1] . " " . $day;
422	2a113ca9	Scott Dale	$firstDayFound = false;
423	8ce97a08	Scott Dale	$firstPrint = true;
424			}
425			$arraycounter++;
426	2a113ca9	Scott Dale	}
427			}
428	8ce97a08	Scott Dale	else
429			{
430			$tempdayFriendly = $timerange['position'];
431			$firstDayFound = false;
432			$tempFriendlyDayArray = explode(",", $tempdayFriendly);
433			$currentDay = "";
434			$firstDay = "";
435			$nextDay = "";
436			$counter = 0;
437			foreach ($tempFriendlyDayArray as $day){
438			if ($day != ""){
439			if (!$firstDayFound)
440			{
441			$firstDay = $tempFriendlyDayArray[$counter];
442			$firstDayFound = true;
443			}
444			$currentDay =$tempFriendlyDayArray[$counter];
445			//get next day
446			$nextDay = $tempFriendlyDayArray[$counter+1];
447			$currentDay++;
448			if ($currentDay != $nextDay){
449			if ($firstprint)
450			$dayFriendly .= ", ";
451			$currentDay--;
452			if ($currentDay != $firstDay)
453			$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
454			else
455			$dayFriendly .= $dayArray[$firstDay-1];
456			$firstDayFound = false;
457			$firstprint = true;
458			}
459			$counter++;
460			}
461			}
462			}
463			$timeFriendly = $starttime . " - " . $stoptime;
464			$description = $timerange['rangedescr'];
465			$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br>";
466			}
467	2a113ca9	Scott Dale	}
468	8ce97a08	Scott Dale	$sched_caption = $schedule['descr'];
469			$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$sched_caption</h1><p>$sched_content</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
470			$schedule_span_end = "</U></span>";
471	2a113ca9	Scott Dale	}
472			}
473			}
474	6fecc73b	Scott Dale	$printicon = false;
475	616dd997	Scott Dale	$alttext = "";
476			$image = "";
477			if (!isset($filterent['disabled'])){
478			if ($schedstatus)
479			{
480			if ($iconfn == "block" \|\| $iconfn == "reject")
481			{
482	5b552ac7	Scott Dale	$image = "icon_block";
483	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
484			}
485			else
486			{
487	5b552ac7	Scott Dale	$image = "icon_pass";
488	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
489			}
490			$printicon = true;
491			}
492			else if ($filterent['sched'])
493			{
494			if ($iconfn == "block" \|\| $iconfn == "reject")
495			{
496	5b552ac7	Scott Dale	$image = "icon_block_d";
497	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
498			}
499			else
500			{
501	5b552ac7	Scott Dale	$image = "icon_block";
502	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
503			}
504			$printicon = true;
505			}
506			}
507	3a54b6ca	Scott Dale	?>
508	98e29097	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
509	5b237745	Scott Ullrich	<?=$textss;?><?php if (isset($filterent['protocol'])) echo strtoupper($filterent['protocol']); else echo "*"; ?><?=$textse;?>
510			</td>
511	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
512	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
513	5b237745	Scott Ullrich	</td>
514	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
515	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
516	5b237745	Scott Ullrich	</td>
517	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
518	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
519	5b237745	Scott Ullrich	</td>
520	3a54b6ca	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
521			<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
522	5b237745	Scott Ullrich	</td>
523	b504c2f8	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
524	e9832b41	Bill Marquette	<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
525	b504c2f8	Scott Ullrich	</td>
526	197bfe96	Ermal Luçi	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><?=$textss;?>
527			<?php
528			if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) {
529			$desc = $filterent['ackqueue'] ;
530			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&action=show\">{$desc}</a>";
531			$desc = $filterent['defaultqueue'];
532			echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>";
533			} else if (isset($filterent['defaultqueue'])) {
534			$desc = $filterent['defaultqueue'];
535			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>"; }
536			else echo "none";
537			?><?=$textse;?>
538			</td>
539	3595b631	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
540	d3bcf522	Scott Dale	<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0"><?php } ?> <?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?><?php echo $schedule_span_end; ?><?=$textse;?>
541	7738faa8	Scott Ullrich	</td>
542	98e29097	Bill Marquette	<td class="listbg" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" bcolor="#990000"><font color="white">
543	07bd3f83	Scott Ullrich	<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
544	5b237745	Scott Ullrich	</td>
545			<td valign="middle" nowrap class="list">
546	07bd3f83	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="1">
547			<tr>
548	677c0869	Erik Kristensen	<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules before this rule" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"></td>
549			<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
550	07bd3f83	Scott Ullrich	</tr>
551			<tr>
552	1cfed9db	Scott Ullrich	<td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete rule" onclick="return confirm('Do you really want to delete this rule?')"></a></td>
553	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
554	07bd3f83	Scott Ullrich	</tr>
555			</table>
556	5b237745	Scott Ullrich	</td>
557			</tr>
558	07bd3f83	Scott Ullrich	<?php $nrules++; endfor; ?>
559			<?php if ($nrules == 0): ?>
560	37e2071c	Scott Ullrich	<td class="listt"></td>
561	07bd3f83	Scott Ullrich	<td class="listt"></td>
562	9892fb82	Ermal Luçi	<td class="listlr" colspan="9" align="center" valign="middle">
563	07bd3f83	Scott Ullrich	<span class="gray">
564			No rules are currently defined for this interface.<br>
565			All incoming connections on this interface will be blocked until you add pass rules.<br><br>
566	677c0869	Erik Kristensen	Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
567	07bd3f83	Scott Ullrich	</td>
568			<?php endif; ?>
569	37e2071c	Scott Ullrich	<tr id="fr<?=$nrules;?>">
570			<td class="list"></td>
571			<td class="list"></td>
572			<td class="list"> </td>
573			<td class="list"> </td>
574			<td class="list"> </td>
575	1c7e3ec6	Bill Marquette	<td class="list"> </td>
576			<td class="list"> </td>
577			<td class="list"> </td>
578	37e2071c	Scott Ullrich	<td class="list"> </td>
579			<td class="list"> </td>
580			<td class="list"> </td>
581	07bd3f83	Scott Ullrich	<td class="list">
582			<table border="0" cellspacing="0" cellpadding="1">
583			<tr>
584			<td>
585	677c0869	Erik Kristensen	<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules to end" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"><?php endif; ?></td>
586	37e2071c	Scott Ullrich	<td></td>
587	07bd3f83	Scott Ullrich	</tr>
588			<tr>
589	3086d0f8	Scott Ullrich	<td>
590			<?php if ($nrules == 0): ?>
591			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
592			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
593			</td>
594	d415d821	Seth Mos	<td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
595	07bd3f83	Scott Ullrich	</tr>
596			</table>
597			</td>
598	5b237745	Scott Ullrich	</tr>
599			</table>
600	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
601	b2ffe419	Scott Ullrich	<tr>
602	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
603	5b237745	Scott Ullrich	<td>pass</td>
604			<td width="14"></td>
605	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11"></td>
606	5b237745	Scott Ullrich	<td>block</td>
607			<td width="14"></td>
608	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11"></td>
609	5b237745	Scott Ullrich	<td>reject</td>
610			<td width="14"></td>
611	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11"></td>
612	5b237745	Scott Ullrich	<td>log</td>
613			</tr>
614	b2ffe419	Scott Ullrich	<tr>
615	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11"></td>
616	d732f186	Bill Marquette	<td nowrap>pass (disabled)</td>
617			<td> </td>
618	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11"></td>
619	d732f186	Bill Marquette	<td nowrap>block (disabled)</td>
620			<td> </td>
621	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11"></td>
622	d732f186	Bill Marquette	<td nowrap>reject (disabled)</td>
623			<td> </td>
624	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11"></td>
625	d732f186	Bill Marquette	<td nowrap>log (disabled)</td>
626	5b237745	Scott Ullrich	</tr>
627	d732f186	Bill Marquette	<tr>
628	05860c07	Scott Ullrich	<td colspan="10">
629	07bd3f83	Scott Ullrich	<p>
630			<strong><span class="red">Hint:<br>
631	37e2071c	Scott Ullrich	</span></strong>Rules are evaluated on a first-match basis (i.e.
632	b2ffe419	Scott Ullrich	the action of the first rule to match a packet will be executed).
633			This means that if you use block rules, you'll have to pay attention
634			to the rule order. Everything that isn't explicitly passed is blocked
635	07bd3f83	Scott Ullrich	by default.</p>
636	d732f186	Bill Marquette	</td>
637			</tr>
638			</table>
639			</div>
640			</td>
641			</tr>
642			</table>
643	37e2071c	Scott Ullrich	<input type="hidden" name="if" value="<?=$if;?>">
644	07bd3f83	Scott Ullrich	</form>
645	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
646	af4aa061	Scott Ullrich	</body>
647			</html>

Project

General

Profile

pfSense