/usr/local/www/firewall_rules.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/firewall_rules.php @ b94075a0

1	b2ffe419	Scott Ullrich	<?php
2	b46bfcf5	Bill Marquette	/* $Id$ */
3	5b237745	Scott Ullrich	/*
4	37e2071c	Scott Ullrich	firewall_rules.php
5	e4cabb75	Scott Ullrich	part of pfSense (http://www.pfsense.com)
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	b2ffe419	Scott Ullrich
8	e4cabb75	Scott Ullrich	originally part of m0n0wall (http://m0n0.ch/wall)
9			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10	37e2071c	Scott Ullrich	All rights reserved.
11	b2ffe419	Scott Ullrich
12	37e2071c	Scott Ullrich	Redistribution and use in source and binary forms, with or without
13			modification, are permitted provided that the following conditions are met:
14	b2ffe419	Scott Ullrich
15	37e2071c	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
16			this list of conditions and the following disclaimer.
17	b2ffe419	Scott Ullrich
18	37e2071c	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
19			notice, this list of conditions and the following disclaimer in the
20			documentation and/or other materials provided with the distribution.
21	b2ffe419	Scott Ullrich
22	37e2071c	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31			POSSIBILITY OF SUCH DAMAGE.
32	5b237745	Scott Ullrich	*/
33	7ac5a4cb	Scott Ullrich	/*
34			pfSense_MODULE: filter
35			*/
36	5b237745	Scott Ullrich
37	6b07c15a	Matthew Grooms	##\|+PRIV
38			##\|*IDENT=page-firewall-rules
39			##\|*NAME=Firewall: Rules page
40			##\|*DESCR=Allow access to the 'Firewall: Rules' page.
41			##\|MATCH=firewall_rules.php
42			##\|-PRIV
43
44	37e2071c	Scott Ullrich	$pgtitle = array("Firewall", "Rules");
45	3cceb5d5	jim-p	$statusurl = "status_filter_reload.php";
46			$logurl = "diag_logs_filter.php";
47
48	5b237745	Scott Ullrich	require("guiconfig.inc");
49	7a927e67	Scott Ullrich	require_once("functions.inc");
50			require_once("filter.inc");
51			require_once("shaper.inc");
52	5b237745	Scott Ullrich
53	f1c49ff4	Scott Ullrich	function check_for_advaned_options(&$item) {
54			$item_set = "";
55	a56b2fa0	pierrepomes	if($item['max'])
56			$item_set .= "max {$item['max']} ";
57	f1c49ff4	Scott Ullrich	if($item['max-src-nodes'])
58			$item_set .= "max-src-nodes {$item['max-src-nodes']} ";
59	26dd6a54	pierrepomes	if($item['max-src-conn'])
60			$item_set .= "max-src-conn {$item['max-src-conn']} ";
61	f1c49ff4	Scott Ullrich	if($item['max-src-states'])
62			$item_set .= "max-src-states {$item['max-src-states']} ";
63			if($item['statetype'] != "keep state" && $item['statetype'] != "")
64			$item_set .= "statetype {$item['statetype']} {$item['statetype']}";
65			if($item['statetimeout'])
66			$item_set .= "statetimeout {$item['statetimeout']}";
67			if($item['nosync'])
68			$item_set .= "nosync ";
69			if($item['max-src-conn-rate'])
70			$item_set .= "max-src-conn-rate {$item['max-src-conn-rate']} ";
71			if($item['max-src-conn-rates'])
72			$item_set .= "max-src-conn-rates {$item['max-src-conn-rates']} ";
73			return $item_set;
74			}
75
76	00c82782	Renato Botelho	function delete_nat_association($id) {
77			global $config;
78
79			if (!$id \|\| !is_array($config['nat']['rule']))
80	673d29c0	Renato Botelho	return;
81
82	00c82782	Renato Botelho	$a_nat = &$config['nat']['rule'];
83
84			foreach ($a_nat as &$natent)
85			if ($natent['associated-rule-id'] == $id)
86			$natent['associated-rule-id'] = '';
87	673d29c0	Renato Botelho	}
88
89	5b237745	Scott Ullrich	if (!is_array($config['filter']['rule'])) {
90			$config['filter']['rule'] = array();
91			}
92			filter_rules_sort();
93			$a_filter = &$config['filter']['rule'];
94
95	07bd3f83	Scott Ullrich	$if = $_GET['if'];
96			if ($_POST['if'])
97			$if = $_POST['if'];
98	b2ffe419	Scott Ullrich
99	cbe3ea96	Ermal Luçi	$ifdescs = get_configured_interface_with_descr();
100	07bd3f83	Scott Ullrich
101	32c58070	Scott Ullrich	// Drag and drop reordering
102			if($_REQUEST['dragdroporder']) {
103			// First create a new ruleset array and tmp arrays
104			$a_filter_unorder = array();
105			$a_filter_order = array();
106			$a_filter_order_tmp = array();
107			// Pointer to id of item being reordered
108			$found = 0;
109			$drag_order = $_REQUEST['dragtable'];
110			// Next traverse through rules building a new order for interface
111			for ($i = 0; isset($a_filter[$i]); $i++) {
112			if($a_filter[$i]['interface'] <> $_REQUEST['if'])
113			$a_filter_unorder[] = $a_filter[$i];
114			else
115			$a_filter_order_tmp[] = $a_filter[$i];
116			}
117			// Reorder rules with the posted order
118			for ($i = 0; $i<count($drag_order); $i++)
119			$a_filter_order[] = $a_filter_order_tmp[$drag_order[$i]];
120			unset($config['filter']['rule']);
121			// Overwrite filter rules with newly created items
122			$config['filter']['rule'] = $a_filter_order;
123			foreach($a_filter_unorder as $aa)
124			$config['filter']['rule'][] = $aa;
125			// Write configuration
126			$config = write_config("Drag and drop firewall rules ordering update.");
127			// Redirect back to page
128	68cbabcb	Scott Ullrich	mark_subsystem_dirty('filter');
129	619f2dbd	Scott Ullrich	$undo = array();
130			foreach($_REQUEST['dragtable'] as $dt)
131			$undo[] = "";
132			$counter = 0;
133			foreach($_REQUEST['dragtable'] as $dt) {
134			$undo[$dt] = $counter;
135			$counter++;
136			}
137			foreach($undo as $dt)
138			$undotxt .= "&dragtable[]={$dt}";
139			Header("Location: firewall_rules.php?if=" . $_REQUEST['if'] . "&undodrag=true" . $undotxt);
140	32c58070	Scott Ullrich	exit;
141			}
142
143	90ba56ad	Scott Ullrich	/* add group interfaces */
144			if (is_array($config['ifgroups']['ifgroupentry']))
145			foreach($config['ifgroups']['ifgroupentry'] as $ifgen)
146			if (have_ruleint_access($ifgen['ifname']))
147			$iflist[$ifgen['ifname']] = $ifgen['ifname'];
148
149	aef4dc74	Ermal Luçi	foreach ($ifdescs as $ifent => $ifdesc)
150			if(have_ruleint_access($ifent))
151			$iflist[$ifent] = $ifdesc;
152	88bcd1d2	Scott Dale
153	617f8d25	Ermal Lu?i	if ($config['l2tp']['mode'] == "server")
154			if(have_ruleint_access("l2tp"))
155			$iflist['l2tp'] = "L2TP VPN";
156
157	07bd3f83	Scott Ullrich	if ($config['pptpd']['mode'] == "server")
158	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pptp"))
159			$iflist['pptp'] = "PPTP VPN";
160	50e0d2a1	Scott Ullrich
161	0e1e0183	Scott Ullrich	if ($config['pppoe']['mode'] == "server")
162	d81c2ad1	Scott Ullrich	if(have_ruleint_access("pppoe"))
163			$iflist['pppoe'] = "PPPoE VPN";
164	0c554ff6	Scott Ullrich
165	88bcd1d2	Scott Dale	/* add ipsec interfaces */
166	d81c2ad1	Scott Ullrich	if (isset($config['ipsec']['enable']) \|\| isset($config['ipsec']['mobileclients']['enable']))
167			if(have_ruleint_access("enc0"))
168	0f266b2e	Chris Buechler	$iflist["enc0"] = "IPsec";
169	07bd3f83	Scott Ullrich
170	bfb60ac8	Ermal Luçi	/* add openvpn/tun interfaces */
171	d799787e	Matthew Grooms	if ($config['openvpn']["openvpn-server"] \|\| $config['openvpn']["openvpn-client"])
172			$iflist["openvpn"] = "OpenVPN";
173	bfb60ac8	Ermal Luçi
174	92125c97	Ermal Luçi	if (!$if \|\| !isset($iflist[$if])) {
175			if ("any" == $if)
176	15160475	Ermal Luçi	$if = "FloatingRules";
177	92125c97	Ermal Luçi	else if ("FloatingRules" != $if)
178			$if = "wan";
179			}
180	07bd3f83	Scott Ullrich
181	5b237745	Scott Ullrich	if ($_POST) {
182
183			$pconfig = $_POST;
184
185			if ($_POST['apply']) {
186	37e2071c	Scott Ullrich	$retval = 0;
187	9a7e416c	Scott Ullrich	$retval = filter_configure();
188
189	a368a026	Ermal Lu?i	clear_subsystem_dirty('filter');
190	a985eac2	Scott Ullrich
191	4739bd06	Scott Ullrich	$savemsg = "The settings have been applied. The firewall rules are now reloading in the background. You can also <a href='status_filter_reload.php'>monitor</a> the reload progress.";
192	5b237745	Scott Ullrich	}
193			}
194
195	d97c50cd	Bill Marquette	if ($_GET['act'] == "del") {
196	673d29c0	Renato Botelho	if ($a_filter[$_GET['id']]) {
197			if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) {
198	00c82782	Renato Botelho	delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']);
199	673d29c0	Renato Botelho	}
200			unset($a_filter[$_GET['id']]);
201			write_config();
202	a368a026	Ermal Lu?i	mark_subsystem_dirty('filter');
203	673d29c0	Renato Botelho	header("Location: firewall_rules.php?if={$if}");
204			exit;
205			}
206	d97c50cd	Bill Marquette	}
207
208	32c58070	Scott Ullrich	// Handle save msg if defined
209			if($_REQUEST['savemsg'])
210			$savemsg = htmlentities($_REQUEST['savemsg']);
211
212	07bd3f83	Scott Ullrich	if (isset($_POST['del_x'])) {
213			/* delete selected rules */
214			if (is_array($_POST['rule']) && count($_POST['rule'])) {
215			foreach ($_POST['rule'] as $rulei) {
216	00c82782	Renato Botelho	delete_nat_association($a_filter[$rulei]['associated-rule-id']);
217	07bd3f83	Scott Ullrich	unset($a_filter[$rulei]);
218			}
219	5b237745	Scott Ullrich	write_config();
220	a368a026	Ermal Lu?i	mark_subsystem_dirty('filter');
221	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
222	5b237745	Scott Ullrich	exit;
223			}
224	07bd3f83	Scott Ullrich	} else if ($_GET['act'] == "toggle") {
225			if ($a_filter[$_GET['id']]) {
226	f53b85a3	Scott Ullrich	if(isset($a_filter[$_GET['id']]['disabled']))
227	734edbdf	Bill Marquette	unset($a_filter[$_GET['id']]['disabled']);
228			else
229			$a_filter[$_GET['id']]['disabled'] = true;
230	5b237745	Scott Ullrich	write_config();
231	a368a026	Ermal Lu?i	mark_subsystem_dirty('filter');
232	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
233	5b237745	Scott Ullrich	exit;
234			}
235	07bd3f83	Scott Ullrich	} else {
236	b2ffe419	Scott Ullrich	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
237	37e2071c	Scott Ullrich	so we use .x/.y to fine move button clicks instead... */
238	07bd3f83	Scott Ullrich	unset($movebtn);
239			foreach ($_POST as $pn => $pd) {
240			if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
241			$movebtn = $matches[1];
242			break;
243			}
244	5b237745	Scott Ullrich	}
245	07bd3f83	Scott Ullrich	/* move selected rules before this rule */
246			if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
247			$a_filter_new = array();
248	b2ffe419	Scott Ullrich
249	07bd3f83	Scott Ullrich	/* copy all rules < $movebtn and not selected */
250			for ($i = 0; $i < $movebtn; $i++) {
251			if (!in_array($i, $_POST['rule']))
252			$a_filter_new[] = $a_filter[$i];
253			}
254	b2ffe419	Scott Ullrich
255	07bd3f83	Scott Ullrich	/* copy all selected rules */
256			for ($i = 0; $i < count($a_filter); $i++) {
257			if ($i == $movebtn)
258			continue;
259			if (in_array($i, $_POST['rule']))
260			$a_filter_new[] = $a_filter[$i];
261			}
262	b2ffe419	Scott Ullrich
263	07bd3f83	Scott Ullrich	/* copy $movebtn rule */
264			if ($movebtn < count($a_filter))
265			$a_filter_new[] = $a_filter[$movebtn];
266	b2ffe419	Scott Ullrich
267	07bd3f83	Scott Ullrich	/* copy all rules > $movebtn and not selected */
268			for ($i = $movebtn+1; $i < count($a_filter); $i++) {
269			if (!in_array($i, $_POST['rule']))
270			$a_filter_new[] = $a_filter[$i];
271			}
272	b2ffe419	Scott Ullrich
273	07bd3f83	Scott Ullrich	$a_filter = $a_filter_new;
274	5b237745	Scott Ullrich	write_config();
275	a368a026	Ermal Lu?i	mark_subsystem_dirty('filter');
276	07bd3f83	Scott Ullrich	header("Location: firewall_rules.php?if={$if}");
277	5b237745	Scott Ullrich	exit;
278			}
279			}
280	3a54b6ca	Scott Dale	$closehead = false;
281	5b237745	Scott Ullrich
282	9a25487b	Scott Ullrich	include("head.inc");
283
284	3a54b6ca	Scott Dale	echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domLib.js\"></script>";
285			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/domTT.js\"></script>";
286			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/behaviour.js\"></script>";
287			echo "<script type=\"text/javascript\" language=\"javascript\" src=\"/javascript/domTT/fadomatic.js\"></script>";
288	5b237745	Scott Ullrich	?>
289	3a54b6ca	Scott Dale	</head>
290
291	5b237745	Scott Ullrich	<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
292			<?php include("fbegin.inc"); ?>
293			<form action="firewall_rules.php" method="post">
294	6dc83d52	Scott Ullrich
295	625dcc40	Bill Marquette	<script type="text/javascript" language="javascript" src="/javascript/row_toggle.js">
296	fa65a62b	Scott Ullrich	</script>
297	5b237745	Scott Ullrich	<?php if ($savemsg) print_info_box($savemsg); ?>
298	a368a026	Ermal Lu?i	<?php if (is_subsystem_dirty('filter')): ?><p>
299	619f2dbd	Scott Ullrich	<?php
300			if($_REQUEST['undodrag']) {
301			foreach($_REQUEST['dragtable'] as $dt)
302			$dragtable .= "&dragtable[]={$dt}";
303			print_info_box_np_undo("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.", "apply" , "Apply changes" , "firewall_rules.php?if={$_REQUEST['if']}&dragdroporder=true&{$dragtable}");
304			} else {
305			print_info_box_np("The firewall rule configuration has been changed.<br>You must apply the changes in order for them to take effect.");
306			}
307			?>
308			<br>
309	5b237745	Scott Ullrich	<?php endif; ?>
310	df222163	Scott Ullrich	<div id="loading" style="visibity:hidden">
311	6dc83d52	Scott Ullrich	<img src="/themes/<?=$g['theme']?>/images/misc/loader.gif"> Loading, please wait...
312			<p/>
313			</div>
314	07bd3f83	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
315	37e2071c	Scott Ullrich	<tr><td class="tabnavtbl">
316	0366b748	Scott Ullrich	<?php
317			/* active tabs */
318			$tab_array = array();
319	92125c97	Ermal Luçi	if ("FloatingRules" == $if)
320			$active = true;
321			else
322			$active = false;
323	661aed33	Ermal Luçi	$tab_array[] = array("Floating", $active, "firewall_rules.php?if=FloatingRules");
324	0366b748	Scott Ullrich	$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
325			if ($ifent == $if)
326			$active = true;
327			else
328			$active = false;
329			$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
330			}
331			display_top_tabs($tab_array);
332			?>
333	07bd3f83	Scott Ullrich	</td></tr>
334	b2ffe419	Scott Ullrich	<tr>
335	d732f186	Bill Marquette	<td>
336			<div id="mainarea">
337			<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
338	fa65a62b	Scott Ullrich	<tr id="frheader">
339	37e2071c	Scott Ullrich	<td width="3%" class="list"> </td>
340	5b237745	Scott Ullrich	<td width="5%" class="list"> </td>
341	b9e28d57	unknown	<td width="3%" class="listhdrr">ID</td>
342	197bfe96	Ermal Luçi	<td width="6%" class="listhdrr">Proto</td>
343	664742f7	Renato Botelho	<td width="12%" class="listhdrr">Source</td>
344			<td width="6%" class="listhdrr">Port</td>
345			<td width="12%" class="listhdrr">Destination</td>
346			<td width="6%" class="listhdrr">Port</td>
347	197bfe96	Ermal Luçi	<td width="5%" class="listhdrr">Gateway</td>
348	664742f7	Renato Botelho	<td width="8%" class="listhdrr">Queue</td>
349	197bfe96	Ermal Luçi	<td width="5%" class="listhdrr">Schedule</td>
350	664742f7	Renato Botelho	<td width="19%" class="listhdr">Description</td>
351	d415d821	Seth Mos	<td width="10%" class="list">
352			<table border="0" cellspacing="0" cellpadding="1">
353			<tr>
354			<?php
355			$nrules = 0;
356			for ($i = 0; isset($a_filter[$i]); $i++) {
357			$filterent = $a_filter[$i];
358	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
359	f1c49ff4	Scott Ullrich	continue;
360			if (isset($filterent['floating']) && "FloatingRules" != $if)
361	d415d821	Seth Mos	continue;
362			$nrules++;
363			}
364			?>
365			<td>
366			<?php if ($nrules == 0): ?>
367			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
368			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
369			</td>
370			<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=$if;?>&after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
371			</tr>
372			</table>
373			</td>
374			</tr>
375	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockpriv'])): ?>
376	d9eeccbd	Scott Ullrich	<tr valign="top" id="frrfc1918">
377	664742f7	Renato Botelho	<td class="list"> </td>
378	f77830b3	Scott Ullrich	<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
379	b9e28d57	unknown	<td class="listlr" style="background-color: #e0e0e0"></td>
380			<td class="listr" style="background-color: #e0e0e0">*</td>
381	d9eeccbd	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">RFC 1918 networks</td>
382			<td class="listr" style="background-color: #e0e0e0">*</td>
383			<td class="listr" style="background-color: #e0e0e0">*</td>
384			<td class="listr" style="background-color: #e0e0e0">*</td>
385	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
386	b45dcff4	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
387	8ff2395b	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0"></td>
388	c3fdc1fd	Scott Ullrich	<td class="listbg">Block private networks</td>
389	d9eeccbd	Scott Ullrich	<td valign="middle" nowrap class="list">
390			<table border="0" cellspacing="0" cellpadding="1">
391			<tr>
392			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
393	67d5b508	Chris Buechler	<td><a href="interfaces.php?if=<?=$if?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
394	d9eeccbd	Scott Ullrich	</tr>
395			<tr>
396			<td align="center" valign="middle"></td>
397	83b81db7	Scott Ullrich	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
398	d9eeccbd	Scott Ullrich	</tr>
399			</table>
400			</td>
401			</tr>
402	c20c0f5a	Scott Ullrich	<?php endif; ?>
403	f1f60c92	Ermal Luçi	<?php if (isset($config['interfaces'][$if]['blockbogons'])): ?>
404	c20c0f5a	Scott Ullrich	<tr valign="top" id="frrfc1918">
405	664742f7	Renato Botelho	<td class="list"> </td>
406	c20c0f5a	Scott Ullrich	<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0"></td>
407	b9e28d57	unknown	<td class="listlr" style="background-color: #e0e0e0"></td>
408			<td class="listr" style="background-color: #e0e0e0">*</td>
409	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">Reserved/not assigned by IANA</td>
410	c20c0f5a	Scott Ullrich	<td class="listr" style="background-color: #e0e0e0">*</td>
411			<td class="listr" style="background-color: #e0e0e0">*</td>
412			<td class="listr" style="background-color: #e0e0e0">*</td>
413	40ad834c	Scott Dale	<td class="listr" style="background-color: #e0e0e0">*</td>
414			<td class="listr" style="background-color: #e0e0e0">*</td>
415	f1f60c92	Ermal Luçi	<td class="listr" style="background-color: #e0e0e0">*</td>
416	e34ecb20	Chris Buechler	<td class="listbg">Block bogon networks</td>
417	c20c0f5a	Scott Ullrich	<td valign="middle" nowrap class="list">
418			<table border="0" cellspacing="0" cellpadding="1">
419			<tr>
420			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules before this rule"></td>
421	67d5b508	Chris Buechler	<td><a href="interfaces.php?if=<?=$if?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
422	c20c0f5a	Scott Ullrich	</tr>
423			<tr>
424			<td align="center" valign="middle"></td>
425			<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="add a new rule based on this one" width="17" height="17" border="0"></td>
426			</tr>
427			</table>
428			</td>
429			</tr>
430			<?php endif; ?>
431	32c58070	Scott Ullrich	<tbody id="dragtable" width="100%">
432	07bd3f83	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
433			$filterent = $a_filter[$i];
434	92125c97	Ermal Luçi	if ($filterent['interface'] != $if && !isset($filterent['floating']))
435	f1c49ff4	Scott Ullrich	continue;
436			if (isset($filterent['floating']) && "FloatingRules" != $if)
437			continue;
438			$isadvset = check_for_advaned_options($filterent);
439			if($isadvset)
440	9c347273	Scott Ullrich	$advanced_set = "<img src=\"./themes/{$g['theme']}/images/icons/icon_advanced.gif\" title=\"advanced settings set: $isadvset\" border=\"0\">";
441	f1c49ff4	Scott Ullrich	else
442			$advanced_set = ""
443	07bd3f83	Scott Ullrich	?>
444	37e2071c	Scott Ullrich	<tr valign="top" id="fr<?=$nrules;?>">
445	f1c49ff4	Scott Ullrich	<td class="listt">
446			<input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;">
447			<?php echo $advanced_set; ?>
448			</td>
449	37e2071c	Scott Ullrich	<td class="listt" align="center">
450	5b237745	Scott Ullrich	<?php if ($filterent['type'] == "block")
451			$iconfn = "block";
452			else if ($filterent['type'] == "reject") {
453	e91baab8	Chris Buechler	$iconfn = "reject";
454	5b237745	Scott Ullrich	} else
455			$iconfn = "pass";
456			if (isset($filterent['disabled'])) {
457			$textss = "<span class=\"gray\">";
458			$textse = "</span>";
459			$iconfn .= "_d";
460			} else {
461			$textss = $textse = "";
462			}
463			?>
464	677c0869	Erik Kristensen	<a href="?if=<?=$if;?>&act=toggle&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="click to toggle enabled/disabled status"></a>
465	5b237745	Scott Ullrich	<?php if (isset($filterent['log'])):
466	6fecc73b	Scott Dale	$iconfnlog = "log_s";
467	5b237745	Scott Ullrich	if (isset($filterent['disabled']))
468	6fecc73b	Scott Dale	$iconfnlog .= "_d";
469	5b237745	Scott Ullrich	?>
470	6fecc73b	Scott Dale	<br><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0">
471	5b237745	Scott Ullrich	<?php endif; ?>
472			</td>
473	3a54b6ca	Scott Dale	<?php
474	2a9db752	Scott Dale
475	2a113ca9	Scott Dale	//build Alias popup box
476	3a54b6ca	Scott Dale	$span_end = "";
477			$alias_src_span_begin = "";
478			$alias_src_port_span_begin = "";
479			$alias_dst_span_begin = "";
480			$alias_dst_port_span_begin = "";
481
482	2a9db752	Scott Dale	$alias_popup = rule_popup($filterent['source']['address'],pprint_port($filterent['source']['port']),$filterent['destination']['address'],pprint_port($filterent['destination']['port']));
483			$span_end = "</U></span>";
484	3a54b6ca	Scott Dale
485	2a9db752	Scott Dale	$alias_src_span_begin = $alias_popup["src"];
486
487			$alias_src_port_span_begin = $alias_popup["srcport"];
488
489			$alias_dst_span_begin = $alias_popup["dst"];
490
491			$alias_dst_port_span_begin = $alias_popup["dstport"];
492	3a54b6ca	Scott Dale
493	2a113ca9	Scott Dale	//build Schedule popup box
494			$a_schedules = &$config['schedules']['schedule'];
495			$schedule_span_begin = "";
496			$schedule_span_end = "";
497	d2aa8cd6	sullrich	$sched_caption_escaped = "";
498	eace1363	Scott Dale	$sched_content = "";
499	3b907eb1	Scott Dale	$schedstatus = false;
500	2a113ca9	Scott Dale	$dayArray = array ('Mon','Tues','Wed','Thur','Fri','Sat','Sun');
501			$monthArray = array ('January','February','March','April','May','June','July','August','September','October','November','December');
502	8ce97a08	Scott Dale	if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])){
503			foreach ($a_schedules as $schedule)
504			{
505			if ($schedule['name'] == $filterent['sched'] ){
506	60120e37	Ermal Lu?i	$schedstatus = filter_get_time_based_rule_status($schedule);
507	8ce97a08	Scott Dale
508			foreach($schedule['timerange'] as $timerange) {
509			$tempFriendlyTime = "";
510			$tempID = "";
511			$firstprint = false;
512			if ($timerange){
513			$dayFriendly = "";
514			$tempFriendlyTime = "";
515
516			//get hours
517			$temptimerange = $timerange['hour'];
518			$temptimeseparator = strrpos($temptimerange, "-");
519	2a113ca9	Scott Dale
520	8ce97a08	Scott Dale	$starttime = substr ($temptimerange, 0, $temptimeseparator);
521			$stoptime = substr ($temptimerange, $temptimeseparator+1);
522	2a113ca9	Scott Dale
523	8ce97a08	Scott Dale	if ($timerange['month']){
524			$tempmontharray = explode(",", $timerange['month']);
525			$tempdayarray = explode(",",$timerange['day']);
526			$arraycounter = 0;
527			$firstDayFound = false;
528			$firstPrint = false;
529			foreach ($tempmontharray as $monthtmp){
530			$month = $tempmontharray[$arraycounter];
531			$day = $tempdayarray[$arraycounter];
532	2a113ca9	Scott Dale
533			if (!$firstDayFound)
534			{
535	8ce97a08	Scott Dale	$firstDay = $day;
536			$firstmonth = $month;
537	2a113ca9	Scott Dale	$firstDayFound = true;
538			}
539	8ce97a08	Scott Dale
540			$currentDay = $day;
541			$nextDay = $tempdayarray[$arraycounter+1];
542			$currentDay++;
543			if (($currentDay != $nextDay) \|\| ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
544			if ($firstPrint)
545	2a113ca9	Scott Dale	$dayFriendly .= ", ";
546			$currentDay--;
547			if ($currentDay != $firstDay)
548	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
549	2a113ca9	Scott Dale	else
550	8ce97a08	Scott Dale	$dayFriendly .= $monthArray[$month-1] . " " . $day;
551	2a113ca9	Scott Dale	$firstDayFound = false;
552	8ce97a08	Scott Dale	$firstPrint = true;
553			}
554			$arraycounter++;
555	2a113ca9	Scott Dale	}
556			}
557	8ce97a08	Scott Dale	else
558			{
559			$tempdayFriendly = $timerange['position'];
560			$firstDayFound = false;
561			$tempFriendlyDayArray = explode(",", $tempdayFriendly);
562			$currentDay = "";
563			$firstDay = "";
564			$nextDay = "";
565			$counter = 0;
566			foreach ($tempFriendlyDayArray as $day){
567			if ($day != ""){
568			if (!$firstDayFound)
569			{
570			$firstDay = $tempFriendlyDayArray[$counter];
571			$firstDayFound = true;
572			}
573			$currentDay =$tempFriendlyDayArray[$counter];
574			//get next day
575			$nextDay = $tempFriendlyDayArray[$counter+1];
576			$currentDay++;
577			if ($currentDay != $nextDay){
578			if ($firstprint)
579			$dayFriendly .= ", ";
580			$currentDay--;
581			if ($currentDay != $firstDay)
582			$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
583			else
584			$dayFriendly .= $dayArray[$firstDay-1];
585			$firstDayFound = false;
586			$firstprint = true;
587			}
588			$counter++;
589			}
590			}
591			}
592			$timeFriendly = $starttime . " - " . $stoptime;
593			$description = $timerange['rangedescr'];
594			$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br>";
595			}
596	2a113ca9	Scott Dale	}
597	d2aa8cd6	sullrich	$sched_caption_escaped = str_replace("'", "\'", $schedule['descr']);
598			$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>{$sched_caption_escaped}</h1><p>{$sched_content}</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><U>";
599	8ce97a08	Scott Dale	$schedule_span_end = "</U></span>";
600	2a113ca9	Scott Dale	}
601			}
602			}
603	6fecc73b	Scott Dale	$printicon = false;
604	616dd997	Scott Dale	$alttext = "";
605			$image = "";
606			if (!isset($filterent['disabled'])){
607			if ($schedstatus)
608			{
609			if ($iconfn == "block" \|\| $iconfn == "reject")
610			{
611	5b552ac7	Scott Dale	$image = "icon_block";
612	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being denied";
613			}
614			else
615			{
616	5b552ac7	Scott Dale	$image = "icon_pass";
617	616dd997	Scott Dale	$alttext = "Traffic matching this rule is currently being allowed";
618			}
619			$printicon = true;
620			}
621			else if ($filterent['sched'])
622			{
623			if ($iconfn == "block" \|\| $iconfn == "reject")
624	5b552ac7	Scott Dale	$image = "icon_block_d";
625	616dd997	Scott Dale	else
626	5b552ac7	Scott Dale	$image = "icon_block";
627	eb01fcec	Ermal	$alttext = "This rule is not currently active because its period has expired";
628	616dd997	Scott Dale	$printicon = true;
629			}
630			}
631	3a54b6ca	Scott Dale	?>
632	98e29097	Bill Marquette	<td class="listlr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
633	b9e28d57	unknown	<?=$textss;?><?php if (isset($filterent['id'])) echo $filterent['id']; else echo ""; ?><?=$textse;?>
634			</td>
635			<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
636	5b237745	Scott Ullrich	<?=$textss;?><?php if (isset($filterent['protocol'])) echo strtoupper($filterent['protocol']); else echo "*"; ?><?=$textse;?>
637			</td>
638	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
639	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
640	5b237745	Scott Ullrich	</td>
641	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
642	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
643	5b237745	Scott Ullrich	</td>
644	98e29097	Bill Marquette	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
645	3a54b6ca	Scott Dale	<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
646	5b237745	Scott Ullrich	</td>
647	3a54b6ca	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
648			<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
649	5b237745	Scott Ullrich	</td>
650	b504c2f8	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
651	e9832b41	Bill Marquette	<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
652	b504c2f8	Scott Ullrich	</td>
653	32c58070	Scott Ullrich	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><?=$textss;?>
654	197bfe96	Ermal Luçi	<?php
655			if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) {
656			$desc = $filterent['ackqueue'] ;
657			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&action=show\">{$desc}</a>";
658			$desc = $filterent['defaultqueue'];
659			echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>";
660			} else if (isset($filterent['defaultqueue'])) {
661			$desc = $filterent['defaultqueue'];
662			echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&action=show\">{$desc}</a>"; }
663			else echo "none";
664			?><?=$textse;?>
665			</td>
666	3595b631	Scott Dale	<td class="listr" onClick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
667	d3bcf522	Scott Dale	<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0"><?php } ?> <?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?><?php echo $schedule_span_end; ?><?=$textse;?>
668	7738faa8	Scott Ullrich	</td>
669	c2a6f323	Scott Ullrich	<td class="listbg" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" class="descr">
670	07bd3f83	Scott Ullrich	<?=$textss;?><?=htmlspecialchars($filterent['descr']);?> <?=$textse;?>
671	5b237745	Scott Ullrich	</td>
672			<td valign="middle" nowrap class="list">
673	07bd3f83	Scott Ullrich	<table border="0" cellspacing="0" cellpadding="1">
674			<tr>
675	677c0869	Erik Kristensen	<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules before this rule" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"></td>
676			<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="edit rule" width="17" height="17" border="0"></a></td>
677	07bd3f83	Scott Ullrich	</tr>
678			<tr>
679	1cfed9db	Scott Ullrich	<td align="center" valign="middle"><a href="firewall_rules.php?act=del&if=<?=$if;?>&id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete rule" onclick="return confirm('Do you really want to delete this rule?')"></a></td>
680	677c0869	Erik Kristensen	<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add a new rule based on this one" width="17" height="17" border="0"></a></td>
681	07bd3f83	Scott Ullrich	</tr>
682			</table>
683	5b237745	Scott Ullrich	</td>
684			</tr>
685	07bd3f83	Scott Ullrich	<?php $nrules++; endfor; ?>
686	32c58070	Scott Ullrich	</tbody>
687	07bd3f83	Scott Ullrich	<?php if ($nrules == 0): ?>
688	37e2071c	Scott Ullrich	<td class="listt"></td>
689	07bd3f83	Scott Ullrich	<td class="listt"></td>
690	d5a1008d	Scott Ullrich	<td class="listlr" colspan="10" align="center" valign="middle">
691	07bd3f83	Scott Ullrich	<span class="gray">
692			No rules are currently defined for this interface.<br>
693			All incoming connections on this interface will be blocked until you add pass rules.<br><br>
694	677c0869	Erik Kristensen	Click the <a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" border="0" width="17" height="17" align="absmiddle"></a> button to add a new rule.</span>
695	07bd3f83	Scott Ullrich	</td>
696			<?php endif; ?>
697	37e2071c	Scott Ullrich	<tr id="fr<?=$nrules;?>">
698			<td class="list"></td>
699			<td class="list"></td>
700			<td class="list"> </td>
701			<td class="list"> </td>
702			<td class="list"> </td>
703	b9e28d57	unknown	<td class="list"> </td>
704	1c7e3ec6	Bill Marquette	<td class="list"> </td>
705			<td class="list"> </td>
706			<td class="list"> </td>
707	37e2071c	Scott Ullrich	<td class="list"> </td>
708			<td class="list"> </td>
709			<td class="list"> </td>
710	07bd3f83	Scott Ullrich	<td class="list">
711			<table border="0" cellspacing="0" cellpadding="1">
712			<tr>
713			<td>
714	eea1e0c5	Scott Ullrich	<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="move selected rules to end" border="0"><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" width="17" height="17" title="move selected rules to end" onMouseOver="fr_insline(<?=$nrules;?>, true)" onMouseOut="fr_insline(<?=$nrules;?>, false)"><?php endif; ?></td>
715	37e2071c	Scott Ullrich	<td></td>
716	07bd3f83	Scott Ullrich	</tr>
717			<tr>
718	3086d0f8	Scott Ullrich	<td>
719			<?php if ($nrules == 0): ?>
720			<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="delete selected rules" border="0"><?php else: ?>
721			<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" title="delete selected rules" onclick="return confirm('Do you really want to delete the selected rules?')"><?php endif; ?>
722			</td>
723	d415d821	Seth Mos	<td><a href="firewall_rules_edit.php?if=<?=$if;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="add new rule" width="17" height="17" border="0"></a></td>
724	07bd3f83	Scott Ullrich	</tr>
725			</table>
726			</td>
727	5b237745	Scott Ullrich	</tr>
728			</table>
729	d732f186	Bill Marquette	<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
730	b2ffe419	Scott Ullrich	<tr>
731	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11"></td>
732	5b237745	Scott Ullrich	<td>pass</td>
733			<td width="14"></td>
734	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11"></td>
735	5b237745	Scott Ullrich	<td>block</td>
736			<td width="14"></td>
737	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11"></td>
738	5b237745	Scott Ullrich	<td>reject</td>
739			<td width="14"></td>
740	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11"></td>
741	5b237745	Scott Ullrich	<td>log</td>
742			</tr>
743	b2ffe419	Scott Ullrich	<tr>
744	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11"></td>
745	d732f186	Bill Marquette	<td nowrap>pass (disabled)</td>
746			<td> </td>
747	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11"></td>
748	d732f186	Bill Marquette	<td nowrap>block (disabled)</td>
749			<td> </td>
750	677c0869	Erik Kristensen	<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11"></td>
751	d732f186	Bill Marquette	<td nowrap>reject (disabled)</td>
752			<td> </td>
753	677c0869	Erik Kristensen	<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11"></td>
754	d732f186	Bill Marquette	<td nowrap>log (disabled)</td>
755	5b237745	Scott Ullrich	</tr>
756	d732f186	Bill Marquette	<tr>
757	05860c07	Scott Ullrich	<td colspan="10">
758	c662cc9d	Scott Ullrich	<p/>
759			<strong>
760			<span class="red">Hint:</span>
761			</strong><br>
762			<ul>
763			<li>Rules are evaluated on a first-match basis (i.e.
764	b2ffe419	Scott Ullrich	the action of the first rule to match a packet will be executed).
765			This means that if you use block rules, you'll have to pay attention
766			to the rule order. Everything that isn't explicitly passed is blocked
767	c662cc9d	Scott Ullrich	by default.
768			</li>
769			<li>
770			You may drag and drop rules using your mouse to reorder the rule ordering.
771			</li>
772			</ul>
773	d732f186	Bill Marquette	</td>
774			</tr>
775			</table>
776			</div>
777			</td>
778			</tr>
779			</table>
780	37e2071c	Scott Ullrich	<input type="hidden" name="if" value="<?=$if;?>">
781	32c58070	Scott Ullrich	<script type="text/javascript">
782	7abaeb1f	Scott Ullrich	var number_of_rules = <?=$nrules?>;
783	32c58070	Scott Ullrich	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++): ?>
784			Sortable.create("dragtable", {
785			tag:"tr",
786			format:"fr([0-9999999])",
787			containment:["dragtable"],
788	7abaeb1f	Scott Ullrich	onChange:function(affected) {
789			document.body.style.cursor = 'move';
790	32c58070	Scott Ullrich	},
791	7abaeb1f	Scott Ullrich	onUpdate:function(container) {
792			document.body.style.cursor = 'move';
793	32c58070	Scott Ullrich	updateOrder(Sortable.serialize('dragtable', 'tr'));
794			}
795			});
796			<?php endfor; ?>
797			function updateOrder(order) {
798	12c54789	Scott Ullrich	if(document.getElementById("redboxtable"))
799			$('redboxtable').hide();
800	6dc83d52	Scott Ullrich	$('loading').show();
801	32c58070	Scott Ullrich	document.body.style.cursor = 'wait';
802			document.location = 'firewall_rules.php?if=<?=$if?>&dragdroporder=true&' + Sortable.serialize('dragtable', 'tr');
803			return;
804			}
805	6dc83d52	Scott Ullrich	$('loading').hide();
806	32c58070	Scott Ullrich	</script>
807	07bd3f83	Scott Ullrich	</form>
808	5b237745	Scott Ullrich	<?php include("fend.inc"); ?>
809	af4aa061	Scott Ullrich	</body>
810			</html>

Project

General

Profile

pfSense