/usr/local/www/firewall_rules.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_rules.php @ 933a34dc

1	b2ffe419	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	37e2071c	Scott Ullrich	firewall_rules.php
5	e4cabb75	Scott Ullrich	part of pfSense (http://www.pfsense.com)
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	b2ffe419	Scott Ullrich
8	e4cabb75	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10	37e2071c	Scott Ullrich	All rights reserved.
11	b2ffe419	Scott Ullrich
12	37e2071c	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	b2ffe419	Scott Ullrich
15	37e2071c	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	b2ffe419	Scott Ullrich
18	37e2071c	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	b2ffe419	Scott Ullrich
22	37e2071c	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33
34	6b07c15a	Matthew Grooms	##\|+PRIV
35			##\|*IDENT=page-firewall-rules
36			##\|*NAME=Firewall: Rules page
37			##\|*DESCR=Allow access to the 'Firewall: Rules' page.
38			##\|MATCH=firewall_rules.php
39			##\|-PRIV
40
41
42	37e2071c	Scott Ullrich	$pgtitle = array("Firewall", "Rules");
43	5b237745	Scott Ullrich	require("guiconfig.inc");
44
45			if (!is_array($config['filter']['rule'])) {
46			$config['filter']['rule'] = array();
47			}
48			filter_rules_sort();
49			$a_filter = &$config['filter']['rule'];
50
51	07bd3f83	Scott Ullrich	$if = $_GET['if'];
52			if ($_POST['if'])
53			$if = $_POST['if'];
54	b2ffe419	Scott Ullrich
55	cbe3ea96	Ermal Luçi	$ifdescs = get_configured_interface_with_descr();
56	07bd3f83	Scott Ullrich
57	90ba56ad	Scott Ullrich	/* add group interfaces */
58			if (is_array($config['ifgroups']['ifgroupentry']))
59			foreach($config['ifgroups']['ifgroupentry'] as $ifgen)
60			if (have_ruleint_access($ifgen['ifname']))
61			$iflist[$ifgen['ifname']] = $ifgen['ifname'];
62
63	aef4dc74	Ermal Luçi	foreach ($ifdescs as $ifent => $ifdesc)
64			if(have_ruleint_access($ifent))
65			$iflist[$ifent] = $ifdesc;
66	88bcd1d2	Scott Dale
67	617f8d25	Ermal Lu?i	if ($config['l2tp']['mode'] == "server")
68			if(have_ruleint_access("l2tp"))
69			$iflist['l2tp'] = "L2TP VPN";
70
71	07bd3f83	Scott Ullrich	if ($config['pptpd']['mode'] == "server")
72	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pptp"))
73			$iflist['pptp'] = "PPTP VPN";
74	50e0d2a1	Scott Ullrich
75	0e1e0183	Scott Ullrich	if ($config['pppoe']['mode'] == "server")
76	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pppoe"))
77			$iflist['pppoe'] = "PPPoE VPN";
78	0c554ff6	Scott Ullrich
79	88bcd1d2	Scott Dale	/* add ipsec interfaces */
80	d81c2ad1	Scott Ullrich	if (isset($config['ipsec']['enable']) \|\| isset($config['ipsec']['mobileclients']['enable']))
81			if(have_ruleint_access("enc0"))
82	0f266b2e	Chris Buechler	$iflist["enc0"] = "IPsec";
83	07bd3f83	Scott Ullrich
84	bfb60ac8	Ermal Luçi	/* add openvpn/tun interfaces */
85	d799787e	Matthew Grooms	if ($config['openvpn']["openvpn-server"] \|\| $config['openvpn']["openvpn-client"])
86			$iflist["openvpn"] = "OpenVPN";
87	bfb60ac8	Ermal Luçi
88	92125c97	Ermal Luçi	if (!$if \|\| !isset($iflist[$if])) {
89			if ("any" == $if)
90	15160475	Ermal Luçi	$if = "FloatingRules";
91	92125c97	Ermal Luçi	else if ("FloatingRules" != $if)
92			$if = "wan";
93			}
94	07bd3f83	Scott Ullrich
95	5b237745	Scott Ullrich	if ($_POST) {
96
97			$pconfig = $_POST;
98
99			if ($_POST['apply']) {
100	37e2071c	Scott Ullrich	$retval = 0;
101	9a7e416c	Scott Ullrich	config_lock();
102			$retval = filter_configure();
103			config_unlock();
104
105	a985eac2	Scott Ullrich	if (file_exists($d_filterconfdirty_path))
106			unlink($d_filterconfdirty_path);
107
108	4739bd06	Scott Ullrich	$savemsg = "The settings have been applied. The firewall rules are now reloading in the background. You can also <a href='status_filter_reload.php'>monitor</a> the reload progress.";
109	5b237745	Scott Ullrich	}
110			}
111
112	d97c50cd	Bill Marquette	if ($_GET['act'] == "del") {
113			if ($a_filter[$_GET['id']]) {
114			unset($a_filter[$_GET['id']]);
115			write_config();
116			touch($d_filterconfdirty_path);
117			header("Location: firewall_rules.php?if={$if}");
118			exit;
119			}
120			}
121
122	07bd3f83	Scott Ullrich	if (isset($_POST['del_x'])) {
123			/* delete selected rules */
124			if (is_array($_POST['rule']) && count($_POST['rule'])) {
125			foreach ($_POST['rule'] as $rulei) {
126			unset($a_filter[$rulei]);
127			}
128	5b237745	Scott Ullrich	write_config();
129			touch($d_filterconfdirty_path);
130	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
131	5b237745	Scott Ullrich	exit;
132			}
133	07bd3f83	Scott Ullrich	} else if ($_GET['act'] == "toggle") {
134			if ($a_filter[$_GET['id']]) {
135	f53b85a3	Scott Ullrich	if(isset($a_filter[$_GET['id']]['disabled']))
136	734edbdf	Bill Marquette	unset($a_filter[$_GET['id']]['disabled']);
137			else
138			$a_filter[$_GET['id']]['disabled'] = true;
139	5b237745	Scott Ullrich	write_config();
140			touch($d_filterconfdirty_path);
141	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
142	5b237745	Scott Ullrich	exit;
143			}
144	07bd3f83	Scott Ullrich	} else {
145	b2ffe419	Scott Ullrich	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
146	37e2071c	Scott Ullrich	so we use .x/.y to fine move button clicks instead... */
147	07bd3f83	Scott Ullrich	unset($movebtn);
148			foreach ($_POST as $pn => $pd) {
149			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
150			$movebtn = $matches[1];
151			break;
152			}
153	5b237745	Scott Ullrich	}
154	07bd3f83	Scott Ullrich	/* move selected rules before this rule */
155			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
156			$a_filter_new = array();
157	b2ffe419	Scott Ullrich
158	07bd3f83	Scott Ullrich	/* copy all rules < $movebtn and not selected */
159			for ($i = 0; $i < $movebtn; $i++) {
160			if (!in_array($i, $_POST['rule']))
161			$a_filter_new[] = $a_filter[$i];
162			}
163	b2ffe419	Scott Ullrich
164	07bd3f83	Scott Ullrich	/* copy all selected rules */
165			for ($i = 0; $i < count($a_filter); $i++) {
166			if ($i == $movebtn)
167			continue;
168			if (in_array($i, $_POST['rule']))
169			$a_filter_new[] = $a_filter[$i];
170			}
171	b2ffe419	Scott Ullrich
172	07bd3f83	Scott Ullrich	/* copy $movebtn rule */
173			if ($movebtn < count($a_filter))
174			$a_filter_new[] = $a_filter[$movebtn];
175	b2ffe419	Scott Ullrich
176	07bd3f83	Scott Ullrich	/* copy all rules > $movebtn and not selected */
177			for ($i = $movebtn+1; $i < count($a_filter); $i++) {
178			if (!in_array($i, $_POST['rule']))
179			$a_filter_new[] = $a_filter[$i];
180			}
181	b2ffe419	Scott Ullrich
182	07bd3f83	Scott Ullrich	$a_filter = $a_filter_new;
183	5b237745	Scott Ullrich	write_config();
184			touch($d_filterconfdirty_path);
185	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
186	5b237745	Scott Ullrich	exit;
187			}
188			}
189	3a54b6ca	Scott Dale	$closehead = false;
190	5b237745	Scott Ullrich
191	9a25487b	Scott Ullrich	include("head.inc");
192
193	3a54b6ca	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
194			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
195			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
196			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
197	5b237745	Scott Ullrich	?>
198	3a54b6ca	Scott Dale	</head>
199
200	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
201			<?php include("fbegin.inc"); ?>
202			<form action="firewall_rules.php" method="post">
203	625dcc40	Bill Marquette	<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js">
204	fa65a62b	Scott Ullrich	</script>
205	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
206			<?php if (file_exists($d_filterconfdirty_path)): ?><p>
207			<?php print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");?><br>
208			<?php endif; ?>
209	07bd3f83	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
210	37e2071c	Scott Ullrich	<tr><td class="tabnavtbl">
211	0366b748	Scott Ullrich	<?php
212			/* active tabs */
213			$tab_array = array();
214	92125c97	Ermal Luçi	if ("FloatingRules" == $if)
215			$active = true;
216			else
217			$active = false;
218	661aed33	Ermal Luçi	$tab_array[] = array("Floating", $active, "firewall_rules.php?if=FloatingRules");
219	0366b748	Scott Ullrich	$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
220			if ($ifent == $if)
221			$active = true;
222			else
223			$active = false;
224			$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
225			}
226			display_top_tabs($tab_array);
227			?>
228	07bd3f83	Scott Ullrich	</td></tr>
229	b2ffe419	Scott Ullrich	<tr>
230	d732f186	Bill Marquette	<td>
231			<div id="mainarea">
232			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
233	fa65a62b	Scott Ullrich	<tr id="frheader">
234	37e2071c	Scott Ullrich	<td width="3%" class="list"> </td>
235	5b237745	Scott Ullrich	<td width="5%" class="list"> </td>
236	197bfe96	Ermal Luçi	<td width="6%" class="listhdrr">Proto</td>
237	5b237745	Scott Ullrich	<td width="15%" class="listhdrr">Source</td>
238	197bfe96	Ermal Luçi	<td width="7%" class="listhdrr">Port</td>
239	5b237745	Scott Ullrich	<td width="15%" class="listhdrr">Destination</td>
240	197bfe96	Ermal Luçi	<td width="7%" class="listhdrr">Port</td>
241			<td width="5%" class="listhdrr">Gateway</td>
242	1c7e3ec6	Bill Marquette	<td width="10%" class="listhdrr">Queue</td>
243	197bfe96	Ermal Luçi	<td width="5%" class="listhdrr">Schedule</td>
244	37e2071c	Scott Ullrich	<td width="22%" class="listhdr">Description</td>
245	d415d821	Seth Mos	<td width="10%" class="list">
246			<table border="0" cellspacing="0" cellpadding="1">
247			<tr>
248			<?php
249			$nrules = 0;
250			for ($i = 0; isset($a_filter[$i]); $i++) {
251			$filterent = $a_filter[$i];
252	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
253			continue;
254			if (isset($filterent['floating']) && "FloatingRules" != $if)
255	d415d821	Seth Mos	continue;
256			$nrules++;
257			}
258			?>
259			<td>
260			<?php if ($nrules == 0): ?>
261			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
262			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
263			</td>
264			<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=$if;?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
265			</tr>
266			</table>
267			</td>
268			</tr>
269	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockpriv'])): ?>
270	d9eeccbd	Scott Ullrich	<tr valign="top" id="frrfc1918">
271	f77830b3	Scott Ullrich	<td width="3%" class="list"> </td>
272			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
273	d9eeccbd	Scott Ullrich	<td class="listlr" style="background-color: #e0e0e0">*</td>
274			<td class="listr" style="background-color: #e0e0e0">RFC 1918 networks</td>
275			<td class="listr" style="background-color: #e0e0e0">*</td>
276			<td class="listr" style="background-color: #e0e0e0">*</td>
277			<td class="listr" style="background-color: #e0e0e0">*</td>
278	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
279	b45dcff4	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
280	8ff2395b	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0"></td>
281	c3fdc1fd	Scott Ullrich	<td class="listbg">Block private networks</td>
282	d9eeccbd	Scott Ullrich	<td valign="middle" nowrap class="list">
283			<table border="0" cellspacing="0" cellpadding="1">
284			<tr>
285			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
286	01eb687d	Ermal Luçi	<td><a href="interfaces.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
287	d9eeccbd	Scott Ullrich	</tr>
288			<tr>
289			<td align="center" valign="middle"></td>
290	83b81db7	Scott Ullrich	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
291	d9eeccbd	Scott Ullrich	</tr>
292			</table>
293			</td>
294			</tr>
295	c20c0f5a	Scott Ullrich	<?php endif; ?>
296	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockbogons'])): ?>
297	c20c0f5a	Scott Ullrich	<tr valign="top" id="frrfc1918">
298			<td width="3%" class="list"> </td>
299			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
300			<td class="listlr" style="background-color: #e0e0e0">*</td>
301	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">Reserved/not assigned by IANA</td>
302	c20c0f5a	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
303			<td class="listr" style="background-color: #e0e0e0">*</td>
304			<td class="listr" style="background-color: #e0e0e0">*</td>
305	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
306			<td class="listr" style="background-color: #e0e0e0">*</td>
307	f1f60c92	Ermal Luçi	<td class="listr" style="background-color: #e0e0e0">*</td>
308	e34ecb20	Chris Buechler	<td class="listbg">Block bogon networks</td>
309	c20c0f5a	Scott Ullrich	<td valign="middle" nowrap class="list">
310			<table border="0" cellspacing="0" cellpadding="1">
311			<tr>
312			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
313	01eb687d	Ermal Luçi	<td><a href="interfaces.php#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
314	c20c0f5a	Scott Ullrich	</tr>
315			<tr>
316			<td align="center" valign="middle"></td>
317			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
318			</tr>
319			</table>
320			</td>
321			</tr>
322			<?php endif; ?>
323	07bd3f83	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
324			$filterent = $a_filter[$i];
325	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
326			continue;
327			if (isset($filterent['floating']) && "FloatingRules" != $if)
328			continue;
329	07bd3f83	Scott Ullrich	?>
330	37e2071c	Scott Ullrich	<tr valign="top" id="fr<?=$nrules;?>">
331			<td class="listt"><input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;"></td>
332			<td class="listt" align="center">
333	5b237745	Scott Ullrich	<?php if ($filterent['type'] == "block")
334			$iconfn = "block";
335			else if ($filterent['type'] == "reject") {
336	950d21d0	Scott Ullrich	if ($filterent['protocol'] == "tcp" \|\| $filterent['protocol'] == "udp" \|\| $filterent['protocol'] == "tcp/udp")
337	5b237745	Scott Ullrich	$iconfn = "reject";
338			else
339			$iconfn = "block";
340			} else
341			$iconfn = "pass";
342			if (isset($filterent['disabled'])) {
343			$textss = "<span class=\"gray\">";
344			$textse = "</span>";
345			$iconfn .= "_d";
346			} else {
347			$textss = $textse = "";
348			}
349			?>
350	677c0869	Erik Kristensen	<a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
351	5b237745	Scott Ullrich	<?php if (isset($filterent['log'])):
352	6fecc73b	Scott Dale	$iconfnlog = "log_s";
353	5b237745	Scott Ullrich	if (isset($filterent['disabled']))
354	6fecc73b	Scott Dale	$iconfnlog .= "_d";
355	5b237745	Scott Ullrich	?>
356	6fecc73b	Scott Dale	<br><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0">
357	5b237745	Scott Ullrich	<?php endif; ?>
358			</td>
359	3a54b6ca	Scott Dale	<?php
360	2a9db752	Scott Dale
361	2a113ca9	Scott Dale	//build Alias popup box
362	3a54b6ca	Scott Dale	$span_end = "";
363			$alias_src_span_begin = "";
364			$alias_src_port_span_begin = "";
365			$alias_dst_span_begin = "";
366			$alias_dst_port_span_begin = "";
367
368	2a9db752	Scott Dale	$alias_popup = rule_popup($filterent['source']['address'],pprint_port($filterent['source']['port']),$filterent['destination']['address'],pprint_port($filterent['destination']['port']));
369			$span_end = "</U></span>";
370	3a54b6ca	Scott Dale
371	2a9db752	Scott Dale	$alias_src_span_begin = $alias_popup["src"];
372
373			$alias_src_port_span_begin = $alias_popup["srcport"];
374
375			$alias_dst_span_begin = $alias_popup["dst"];
376
377			$alias_dst_port_span_begin = $alias_popup["dstport"];
378	3a54b6ca	Scott Dale
379	2a113ca9	Scott Dale	//build Schedule popup box
380			$a_schedules = &$config['schedules']['schedule'];
381			$schedule_span_begin = "";
382			$schedule_span_end = "";
383			$sched_caption = "";
384	eace1363	Scott Dale	$sched_content = "";
385	3b907eb1	Scott Dale	$schedstatus = false;
386	2a113ca9	Scott Dale	$dayArray = array ('Mon','Tues','Wed','Thur','Fri','Sat','Sun');
387			$monthArray = array ('January','February','March','April','May','June','July','August','September','October','November','December');
388	8ce97a08	Scott Dale	if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])){
389			foreach ($a_schedules as $schedule)
390			{
391			if ($schedule['name'] == $filterent['sched'] ){
392	60120e37	Ermal Lu?i	$schedstatus = filter_get_time_based_rule_status($schedule);
393	8ce97a08	Scott Dale
394			foreach($schedule['timerange'] as $timerange) {
395			$tempFriendlyTime = "";
396			$tempID = "";
397			$firstprint = false;
398			if ($timerange){
399			$dayFriendly = "";
400			$tempFriendlyTime = "";
401
402			//get hours
403			$temptimerange = $timerange['hour'];
404			$temptimeseparator = strrpos($temptimerange, "-");
405	2a113ca9	Scott Dale
406	8ce97a08	Scott Dale	$starttime = substr ($temptimerange, 0, $temptimeseparator);
407			$stoptime = substr ($temptimerange, $temptimeseparator+1);
408	2a113ca9	Scott Dale
409	8ce97a08	Scott Dale	if ($timerange['month']){
410			$tempmontharray = explode(",", $timerange['month']);
411			$tempdayarray = explode(",",$timerange['day']);
412			$arraycounter = 0;
413			$firstDayFound = false;
414			$firstPrint = false;
415			foreach ($tempmontharray as $monthtmp){
416			$month = $tempmontharray[$arraycounter];
417			$day = $tempdayarray[$arraycounter];
418	2a113ca9	Scott Dale
419			if (!$firstDayFound)
420			{
421	8ce97a08	Scott Dale	$firstDay = $day;
422			$firstmonth = $month;
423	2a113ca9	Scott Dale	$firstDayFound = true;
424			}
425	8ce97a08	Scott Dale
426			$currentDay = $day;
427			$nextDay = $tempdayarray[$arraycounter+1];
428			$currentDay++;
429			if (($currentDay != $nextDay) \|\| ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
430			if ($firstPrint)
431	2a113ca9	Scott Dale	$dayFriendly .= ", ";
432			$currentDay--;
433			if ($currentDay != $firstDay)
434	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
435	2a113ca9	Scott Dale	else
436	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$month-1] . " " . $day;
437	2a113ca9	Scott Dale	$firstDayFound = false;
438	8ce97a08	Scott Dale	$firstPrint = true;
439			}
440			$arraycounter++;
441	2a113ca9	Scott Dale	}
442			}
443	8ce97a08	Scott Dale	else
444			{
445			$tempdayFriendly = $timerange['position'];
446			$firstDayFound = false;
447			$tempFriendlyDayArray = explode(",", $tempdayFriendly);
448			$currentDay = "";
449			$firstDay = "";
450			$nextDay = "";
451			$counter = 0;
452			foreach ($tempFriendlyDayArray as $day){
453			if ($day != ""){
454			if (!$firstDayFound)
455			{
456			$firstDay = $tempFriendlyDayArray[$counter];
457			$firstDayFound = true;
458			}
459			$currentDay =$tempFriendlyDayArray[$counter];
460			//get next day
461			$nextDay = $tempFriendlyDayArray[$counter+1];
462			$currentDay++;
463			if ($currentDay != $nextDay){
464			if ($firstprint)
465			$dayFriendly .= ", ";
466			$currentDay--;
467			if ($currentDay != $firstDay)
468			$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
469			else
470			$dayFriendly .= $dayArray[$firstDay-1];
471			$firstDayFound = false;
472			$firstprint = true;
473			}
474			$counter++;
475			}
476			}
477			}
478			$timeFriendly = $starttime . " - " . $stoptime;
479			$description = $timerange['rangedescr'];
480			$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br>";
481			}
482	2a113ca9	Scott Dale	}
483	8ce97a08	Scott Dale	$sched_caption = $schedule['descr'];
484			$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>$sched_caption</h1><p>$sched_content</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
485			$schedule_span_end = "</U></span>";
486	2a113ca9	Scott Dale	}
487			}
488			}
489	6fecc73b	Scott Dale	$printicon = false;
490	616dd997	Scott Dale	$alttext = "";
491			$image = "";
492			if (!isset($filterent['disabled'])){
493			if ($schedstatus)
494			{
495			if ($iconfn == "block" \|\| $iconfn == "reject")
496			{
497	5b552ac7	Scott Dale	$image = "icon_block";
498	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
499			}
500			else
501			{
502	5b552ac7	Scott Dale	$image = "icon_pass";
503	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
504			}
505			$printicon = true;
506			}
507			else if ($filterent['sched'])
508			{
509			if ($iconfn == "block" \|\| $iconfn == "reject")
510			{
511	5b552ac7	Scott Dale	$image = "icon_block_d";
512	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
513			}
514			else
515			{
516	5b552ac7	Scott Dale	$image = "icon_block";
517	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
518			}
519			$printicon = true;
520			}
521			}
522	3a54b6ca	Scott Dale	?>
523	98e29097	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
524	5b237745	Scott Ullrich	<?=$textss;?><?php if (isset($filterent['protocol'])) echo strtoupper($filterent['protocol']); else echo "*"; ?><?=$textse;?>
525			</td>
526	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
527	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
528	5b237745	Scott Ullrich	</td>
529	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
530	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
531	5b237745	Scott Ullrich	</td>
532	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
533	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
534	5b237745	Scott Ullrich	</td>
535	3a54b6ca	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
536			<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
537	5b237745	Scott Ullrich	</td>
538	b504c2f8	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
539	e9832b41	Bill Marquette	<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
540	b504c2f8	Scott Ullrich	</td>
541	197bfe96	Ermal Luçi	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><?=$textss;?>
542			<?php
543			if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) {
544			$desc = $filterent['ackqueue'] ;
545			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&action=show\">{$desc}</a>";
546			$desc = $filterent['defaultqueue'];
547			echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>";
548			} else if (isset($filterent['defaultqueue'])) {
549			$desc = $filterent['defaultqueue'];
550			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>"; }
551			else echo "none";
552			?><?=$textse;?>
553			</td>
554	3595b631	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
555	d3bcf522	Scott Dale	<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0"><?php } ?> <?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?><?php echo $schedule_span_end; ?><?=$textse;?>
556	7738faa8	Scott Ullrich	</td>
557	c2a6f323	Scott Ullrich	<td class="listbg" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" class="descr">
558	07bd3f83	Scott Ullrich	<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
559	5b237745	Scott Ullrich	</td>
560			<td valign="middle" nowrap class="list">
561	07bd3f83	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="1">
562			<tr>
563	677c0869	Erik Kristensen	<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules before this rule" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"></td>
564			<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
565	07bd3f83	Scott Ullrich	</tr>
566			<tr>
567	1cfed9db	Scott Ullrich	<td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete rule" onclick="return confirm('Do you really want to delete this rule?')"></a></td>
568	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
569	07bd3f83	Scott Ullrich	</tr>
570			</table>
571	5b237745	Scott Ullrich	</td>
572			</tr>
573	07bd3f83	Scott Ullrich	<?php $nrules++; endfor; ?>
574			<?php if ($nrules == 0): ?>
575	37e2071c	Scott Ullrich	<td class="listt"></td>
576	07bd3f83	Scott Ullrich	<td class="listt"></td>
577	9892fb82	Ermal Luçi	<td class="listlr" colspan="9" align="center" valign="middle">
578	07bd3f83	Scott Ullrich	<span class="gray">
579			No rules are currently defined for this interface.<br>
580			All incoming connections on this interface will be blocked until you add pass rules.<br><br>
581	677c0869	Erik Kristensen	Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
582	07bd3f83	Scott Ullrich	</td>
583			<?php endif; ?>
584	37e2071c	Scott Ullrich	<tr id="fr<?=$nrules;?>">
585			<td class="list"></td>
586			<td class="list"></td>
587			<td class="list"> </td>
588			<td class="list"> </td>
589			<td class="list"> </td>
590	1c7e3ec6	Bill Marquette	<td class="list"> </td>
591			<td class="list"> </td>
592			<td class="list"> </td>
593	37e2071c	Scott Ullrich	<td class="list"> </td>
594			<td class="list"> </td>
595			<td class="list"> </td>
596	07bd3f83	Scott Ullrich	<td class="list">
597			<table border="0" cellspacing="0" cellpadding="1">
598			<tr>
599			<td>
600	677c0869	Erik Kristensen	<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules to end" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"><?php endif; ?></td>
601	37e2071c	Scott Ullrich	<td></td>
602	07bd3f83	Scott Ullrich	</tr>
603			<tr>
604	3086d0f8	Scott Ullrich	<td>
605			<?php if ($nrules == 0): ?>
606			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
607			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
608			</td>
609	d415d821	Seth Mos	<td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
610	07bd3f83	Scott Ullrich	</tr>
611			</table>
612			</td>
613	5b237745	Scott Ullrich	</tr>
614			</table>
615	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
616	b2ffe419	Scott Ullrich	<tr>
617	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
618	5b237745	Scott Ullrich	<td>pass</td>
619			<td width="14"></td>
620	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11"></td>
621	5b237745	Scott Ullrich	<td>block</td>
622			<td width="14"></td>
623	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11"></td>
624	5b237745	Scott Ullrich	<td>reject</td>
625			<td width="14"></td>
626	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11"></td>
627	5b237745	Scott Ullrich	<td>log</td>
628			</tr>
629	b2ffe419	Scott Ullrich	<tr>
630	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11"></td>
631	d732f186	Bill Marquette	<td nowrap>pass (disabled)</td>
632			<td> </td>
633	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11"></td>
634	d732f186	Bill Marquette	<td nowrap>block (disabled)</td>
635			<td> </td>
636	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11"></td>
637	d732f186	Bill Marquette	<td nowrap>reject (disabled)</td>
638			<td> </td>
639	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11"></td>
640	d732f186	Bill Marquette	<td nowrap>log (disabled)</td>
641	5b237745	Scott Ullrich	</tr>
642	d732f186	Bill Marquette	<tr>
643	05860c07	Scott Ullrich	<td colspan="10">
644	07bd3f83	Scott Ullrich	<p>
645			<strong><span class="red">Hint:<br>
646	37e2071c	Scott Ullrich	</span></strong>Rules are evaluated on a first-match basis (i.e.
647	b2ffe419	Scott Ullrich	the action of the first rule to match a packet will be executed).
648			This means that if you use block rules, you'll have to pay attention
649			to the rule order. Everything that isn't explicitly passed is blocked
650	07bd3f83	Scott Ullrich	by default.</p>
651	d732f186	Bill Marquette	</td>
652			</tr>
653			</table>
654			</div>
655			</td>
656			</tr>
657			</table>
658	37e2071c	Scott Ullrich	<input type="hidden" name="if" value="<?=$if;?>">
659	07bd3f83	Scott Ullrich	</form>
660	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
661	af4aa061	Scott Ullrich	</body>
662			</html>

Project

General

Profile

pfSense