Project

General

Profile

Download (39.7 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	firewall_rules.php
5
	part of pfSense (https://www.pfsense.org)
6
	Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7
        Copyright (C) 2013-2014 Electric Sheep Fencing, LP
8

    
9
	originally part of m0n0wall (http://m0n0.ch/wall)
10
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
11
	All rights reserved.
12

    
13
	Redistribution and use in source and binary forms, with or without
14
	modification, are permitted provided that the following conditions are met:
15

    
16
	1. Redistributions of source code must retain the above copyright notice,
17
	   this list of conditions and the following disclaimer.
18

    
19
	2. Redistributions in binary form must reproduce the above copyright
20
	   notice, this list of conditions and the following disclaimer in the
21
	   documentation and/or other materials provided with the distribution.
22

    
23
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32
	POSSIBILITY OF SUCH DAMAGE.
33
*/
34
/*
35
	pfSense_MODULE:	filter
36
*/
37

    
38
##|+PRIV
39
##|*IDENT=page-firewall-rules
40
##|*NAME=Firewall: Rules page
41
##|*DESCR=Allow access to the 'Firewall: Rules' page.
42
##|*MATCH=firewall_rules.php*
43
##|-PRIV
44

    
45
require("guiconfig.inc");
46
require_once("functions.inc");
47
require_once("filter.inc");
48
require_once("shaper.inc");
49

    
50
$pgtitle = array(gettext("Firewall"),gettext("Rules"));
51
$shortcut_section = "firewall";
52

    
53
function delete_nat_association($id) {
54
	global $config;
55

    
56
	if (!$id || !is_array($config['nat']['rule']))
57
		return;
58

    
59
	$a_nat = &$config['nat']['rule'];
60

    
61
	foreach ($a_nat as &$natent)
62
		if ($natent['associated-rule-id'] == $id)
63
			$natent['associated-rule-id'] = '';
64
}
65

    
66
if (!is_array($config['filter']['rule'])) {
67
	$config['filter']['rule'] = array();
68
}
69
filter_rules_sort();
70
$a_filter = &$config['filter']['rule'];
71

    
72
$if = $_GET['if'];
73
if ($_POST['if'])
74
	$if = $_POST['if'];
75

    
76
$ifdescs = get_configured_interface_with_descr();
77

    
78
// Drag and drop reordering
79
if($_REQUEST['dragdroporder']) {
80
	// First create a new ruleset array and tmp arrays
81
	$a_filter_before = array();
82
	$a_filter_order = array();
83
	$a_filter_order_tmp = array();
84
	$a_filter_after = array();
85
	$found = false;
86
	$drag_order = $_REQUEST['dragtable'];
87
	// Next traverse through rules building a new order for interface
88
	for ($i = 0; isset($a_filter[$i]); $i++) {
89
		if(( $_REQUEST['if'] == "FloatingRules" && isset($a_filter[$i]['floating']) ) || ( $a_filter[$i]['interface'] == $_REQUEST['if'] && !isset($a_filter[$i]['floating']) )) {
90
			$a_filter_order_tmp[] = $a_filter[$i];
91
			$found = true;
92
		} else if (!$found)
93
			$a_filter_before[] = $a_filter[$i];
94
		else
95
			$a_filter_after[] = $a_filter[$i];
96
	}
97
	// Reorder rules with the posted order
98
	for ($i = 0; $i<count($drag_order); $i++)
99
		$a_filter_order[] = $a_filter_order_tmp[$drag_order[$i]];
100
	// In case $drag_order didn't account for some rules, make sure we don't lose them
101
	if(count($a_filter_order) < count($a_filter_order_tmp)) {
102
		for ($i = 0; $i<count($a_filter_order_tmp); $i++)
103
			if(!in_array($i, $drag_order))
104
				$a_filter_order[] = $a_filter_order_tmp[$i];
105
	}
106
	// Overwrite filter rules with newly created items
107
	$config['filter']['rule'] = array_merge($a_filter_before, $a_filter_order, $a_filter_after);
108
	// Write configuration
109
	$config = write_config(gettext("Drag and drop firewall rules ordering update."));
110
	// Redirect back to page
111
	mark_subsystem_dirty('filter');
112
	$undo = array();
113
	foreach($_REQUEST['dragtable'] as $dt)
114
		$undo[] = "";
115
	$counter = 0;
116
	foreach($_REQUEST['dragtable'] as $dt) {
117
		$undo[$dt] = $counter;
118
		$counter++;
119
	}
120
	foreach($undo as $dt)
121
		$undotxt .= "&dragtable[]={$dt}";
122
	header("Location: firewall_rules.php?if=" . $_REQUEST['if'] . "&undodrag=true" . $undotxt);
123
	exit;
124
}
125

    
126
$icmptypes = array(
127
	"" => gettext("any"),
128
	"echoreq" => gettext("Echo request"),
129
	"echorep" => gettext("Echo reply"),
130
	"unreach" => gettext("Destination unreachable"),
131
	"squench" => gettext("Source quench"),
132
	"redir" => gettext("Redirect"),
133
	"althost" => gettext("Alternate Host"),
134
	"routeradv" => gettext("Router advertisement"),
135
	"routersol" => gettext("Router solicitation"),
136
	"timex" => gettext("Time exceeded"),
137
	"paramprob" => gettext("Invalid IP header"),
138
	"timereq" => gettext("Timestamp"),
139
	"timerep" => gettext("Timestamp reply"),
140
	"inforeq" => gettext("Information request"),
141
	"inforep" => gettext("Information reply"),
142
	"maskreq" => gettext("Address mask request"),
143
	"maskrep" => gettext("Address mask reply")
144
);
145

    
146
/* add group interfaces */
147
if (is_array($config['ifgroups']['ifgroupentry']))
148
	foreach($config['ifgroups']['ifgroupentry'] as $ifgen)
149
		if (have_ruleint_access($ifgen['ifname']))
150
			$iflist[$ifgen['ifname']] = $ifgen['ifname'];
151

    
152
foreach ($ifdescs as $ifent => $ifdesc)
153
	if(have_ruleint_access($ifent))
154
		$iflist[$ifent] = $ifdesc;
155

    
156
if ($config['l2tp']['mode'] == "server")
157
	if(have_ruleint_access("l2tp"))
158
		$iflist['l2tp'] = "L2TP VPN";
159

    
160
if ($config['pptpd']['mode'] == "server")
161
	if(have_ruleint_access("pptp"))
162
		$iflist['pptp'] = "PPTP VPN";
163

    
164
if (is_array($config['pppoes']['pppoe'])) {
165
	foreach ($config['pppoes']['pppoe'] as $pppoes)
166
		if (($pppoes['mode'] == 'server') && have_ruleint_access("pppoe"))
167
			$iflist['pppoe'] = "PPPoE Server";
168
}
169

    
170
/* add ipsec interfaces */
171
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
172
	if(have_ruleint_access("enc0"))
173
		$iflist["enc0"] = "IPsec";
174

    
175
/* add openvpn/tun interfaces */
176
if  ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"])
177
	$iflist["openvpn"] = "OpenVPN";
178

    
179
pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/interfaces_override");
180

    
181
if (!$if || !isset($iflist[$if])) {
182
	if ("any" == $if)
183
		$if = "FloatingRules";
184
	else if ("FloatingRules" != $if) {
185
		if (isset($iflist['wan']))
186
			$if = "wan";
187
		else
188
			$if = "FloatingRules";
189
	}
190
}
191

    
192
if ($_POST) {
193

    
194
	$pconfig = $_POST;
195

    
196
	if ($_POST['apply']) {
197
		$retval = 0;
198
		$retval = filter_configure();
199

    
200
		clear_subsystem_dirty('filter');
201

    
202
		pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/apply");
203

    
204
		$savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.<br />You can also %s monitor %s the reload progress"),"<a href='status_filter_reload.php'>","</a>");
205
	}
206
}
207

    
208
if ($_GET['act'] == "del") {
209
	if ($a_filter[$_GET['id']]) {
210
		if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) {
211
			delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']);
212
		}
213
		unset($a_filter[$_GET['id']]);
214
		if (write_config())
215
			mark_subsystem_dirty('filter');
216
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
217
		exit;
218
	}
219
}
220

    
221
// Handle save msg if defined
222
if($_REQUEST['savemsg'])
223
	$savemsg = htmlentities($_REQUEST['savemsg']);
224

    
225
if (isset($_POST['del_x'])) {
226
	/* delete selected rules */
227
	if (is_array($_POST['rule']) && count($_POST['rule'])) {
228
		foreach ($_POST['rule'] as $rulei) {
229
			delete_nat_association($a_filter[$rulei]['associated-rule-id']);
230
			unset($a_filter[$rulei]);
231
		}
232
		if (write_config())
233
			mark_subsystem_dirty('filter');
234
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
235
		exit;
236
	}
237
} else if ($_GET['act'] == "toggle") {
238
	if ($a_filter[$_GET['id']]) {
239
		if(isset($a_filter[$_GET['id']]['disabled']))
240
			unset($a_filter[$_GET['id']]['disabled']);
241
		else
242
			$a_filter[$_GET['id']]['disabled'] = true;
243
		if (write_config())
244
			mark_subsystem_dirty('filter');
245
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
246
		exit;
247
	}
248
} else {
249
	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
250
	   so we use .x/.y to fine move button clicks instead... */
251
	unset($movebtn);
252
	foreach ($_POST as $pn => $pd) {
253
		if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
254
			$movebtn = $matches[1];
255
			break;
256
		}
257
	}
258
	/* move selected rules before this rule */
259
	if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
260
		$a_filter_new = array();
261

    
262
		/* copy all rules < $movebtn and not selected */
263
		for ($i = 0; $i < $movebtn; $i++) {
264
			if (!in_array($i, $_POST['rule']))
265
				$a_filter_new[] = $a_filter[$i];
266
		}
267

    
268
		/* copy all selected rules */
269
		for ($i = 0; $i < count($a_filter); $i++) {
270
			if ($i == $movebtn)
271
				continue;
272
			if (in_array($i, $_POST['rule']))
273
				$a_filter_new[] = $a_filter[$i];
274
		}
275

    
276
		/* copy $movebtn rule */
277
		if ($movebtn < count($a_filter))
278
			$a_filter_new[] = $a_filter[$movebtn];
279

    
280
		/* copy all rules > $movebtn and not selected */
281
		for ($i = $movebtn+1; $i < count($a_filter); $i++) {
282
			if (!in_array($i, $_POST['rule']))
283
				$a_filter_new[] = $a_filter[$i];
284
		}
285

    
286
		$a_filter = $a_filter_new;
287
		if (write_config())
288
			mark_subsystem_dirty('filter');
289
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
290
		exit;
291
	}
292
}
293
$closehead = false;
294

    
295
include("head.inc");
296
?>
297
<link type="text/css" rel="stylesheet" href="/javascript/chosen/chosen.css" />
298
</head>
299

    
300
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
301
<script src="/javascript/chosen/chosen.jquery.js" type="text/javascript"></script>
302
<?php include("fbegin.inc"); ?>
303
<form action="firewall_rules.php" method="post">
304

    
305
<script type="text/javascript" src="/javascript/row_toggle.js"></script>
306
<?php if ($savemsg) print_info_box($savemsg); ?>
307
<?php if (is_subsystem_dirty('filter')): ?><p>
308
<?php
309
if($_REQUEST['undodrag']) {
310
	foreach($_REQUEST['dragtable'] as $dt)
311
		$dragtable .= "&dragtable[]={$dt}";
312
	print_info_box_np_undo(gettext("The firewall rule configuration has been changed.<br />You must apply the changes in order for them to take effect."), "apply" , gettext("Apply changes") , "firewall_rules.php?if={$_REQUEST['if']}&dragdroporder=true&{$dragtable}");
313
} else {
314
	print_info_box_np(gettext("The firewall rule configuration has been changed.<br />You must apply the changes in order for them to take effect."));
315
}
316
?>
317
<br />
318
<?php endif; ?>
319
<div id="loading" style="visibity:hidden">
320
    <img src="/themes/<?=$g['theme']?>/images/misc/loader.gif" alt="loader" /> <?php echo gettext("Loading, please wait..."); ?>
321
	<p>&nbsp;</p>
322
</div>
323
<?php
324
	pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/before_table");
325
?>
326
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="firewall rules">
327
	<tr><td class="tabnavtbl">
328
	<?php
329
	/* active tabs */
330
	$tab_array = array();
331
	if ("FloatingRules" == $if)
332
		$active = true;
333
	else
334
		$active = false;
335
	$tab_array[] = array(gettext("Floating"), $active, "firewall_rules.php?if=FloatingRules");
336
	$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
337
		if ($ifent == $if)
338
			$active = true;
339
		else
340
			$active = false;
341
		$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
342
	}
343
	display_top_tabs($tab_array);
344
	?>
345
	</td></tr>
346
	<tr><td>
347
		<div id="mainarea">
348
		<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area">
349
			<?php
350
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/before_first_tr");
351
			?>
352
			<tr id="frheader">
353
			<td width="3%" class="list">&nbsp;</td>
354
			<td width="5%" class="list">&nbsp;</td>
355
			<td width="3%" class="listhdrr"><?=gettext("ID");?></td>
356
			<?php
357
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tablehead");
358
			?>
359
			<td width="6%" class="listhdrr"><?=gettext("Proto");?></td>
360
			<td width="12%" class="listhdrr"><?=gettext("Source");?></td>
361
			<td width="6%" class="listhdrr"><?=gettext("Port");?></td>
362
			<td width="12%" class="listhdrr"><?=gettext("Destination");?></td>
363
			<td width="6%" class="listhdrr"><?=gettext("Port");?></td>
364
			<td width="5%" class="listhdrr"><?=gettext("Gateway");?></td>
365
			<td width="8%" class="listhdrr"><?=gettext("Queue");?></td>
366
			<td width="5%" class="listhdrr"><?=gettext("Schedule");?></td>
367
			<?php
368
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_desc_tablehead");
369
			?>
370
			<td width="19%" class="listhdr"><?=gettext("Description");?></td>
371
			<td width="10%" class="list">
372
				<table border="0" cellspacing="0" cellpadding="1" summary="delete selected rules">
373
					<tr>
374
					<?php
375
						$nrules = 0;
376
						for ($i = 0; isset($a_filter[$i]); $i++) {
377
							$filterent = $a_filter[$i];
378
							if ($filterent['interface'] != $if && !isset($filterent['floating']))
379
								continue;
380
							if (isset($filterent['floating']) && "FloatingRules" != $if)
381
								continue;
382
							$nrules++;
383
						}
384
					?>
385
					<td>
386
					<?php if ($nrules == 0): ?>
387
						<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?gettext("delete selected rules"); ?>" border="0" alt="delete" /><?php else: ?>
388
						<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')" />
389
					<?php endif; ?>
390
					</td>
391
					<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>&amp;after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0" alt="add" /></a></td>
392
					</tr>
393
				</table>
394
			</td>
395
			</tr>
396
			<?php   // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1.
397
				if (!isset($config['system']['webgui']['noantilockout']) &&
398
					(((count($config['interfaces']) > 1) && ($if == 'lan'))
399
					|| ((count($config['interfaces']) == 1) && ($if == 'wan')))):
400

    
401
					$alports = implode('<br />', filter_get_antilockout_ports(true));
402
			?>
403
			<tr valign="top" id="antilockout">
404
			<td class="list">&nbsp;</td>
405
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" border="0" alt="pass" /></td>
406
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
407
			<?php
408
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr_antilockout");
409
			?>
410
			<td class="listr" style="background-color: #E0E0E0">*</td>
411
			<td class="listr" style="background-color: #E0E0E0">*</td>
412
			<td class="listr" style="background-color: #E0E0E0">*</td>
413
			<td class="listr" style="background-color: #E0E0E0"><?=$iflist[$if];?> Address</td>
414
			<td class="listr" style="background-color: #E0E0E0"><?= $alports ?></td>
415
			<td class="listr" style="background-color: #E0E0E0">*</td>
416
			<td class="listr" style="background-color: #E0E0E0">*</td>
417
			<td class="listr" style="background-color: #E0E0E0">&nbsp;</td>
418
			<td class="listbg"><?=gettext("Anti-Lockout Rule");?></td>
419
			<td valign="middle" class="list nowrap">
420
			<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
421
				<tr>
422
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="move" /></td>
423
					<td><a href="system_advanced_admin.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt="edit" /></a></td>
424
				</tr>
425
				<tr>
426
					<td align="center" valign="middle"></td>
427
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
428
				</tr>
429
				</table>
430
			</td>
431
			</tr>
432
<?php endif; ?>
433

    
434
<?php if (isset($config['interfaces'][$if]['blockpriv'])): ?>
435
			<tr valign="top" id="frrfc1918">
436
			<td class="list">&nbsp;</td>
437
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0" alt="block" /></td>
438
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
439
			<td class="listr" style="background-color: #E0E0E0">*</td>
440
			<td class="listr" style="background-color: #E0E0E0"><?=gettext("RFC 1918 networks");?></td>
441
			<td class="listr" style="background-color: #E0E0E0">*</td>
442
			<td class="listr" style="background-color: #E0E0E0">*</td>
443
			<td class="listr" style="background-color: #E0E0E0">*</td>
444
			<td class="listr" style="background-color: #E0E0E0">*</td>
445
			<td class="listr" style="background-color: #E0E0E0">*</td>
446
			<td class="listr" style="background-color: #E0E0E0">&nbsp;</td>
447
			<td class="listbg"><?=gettext("Block private networks");?></td>
448
			<td valign="middle" class="list nowrap">
449
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
450
					<tr>
451
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="edit" /></td>
452
					<td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt="edit" /></a></td>
453
					</tr>
454
					<tr>
455
					<td align="center" valign="middle"></td>
456
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
457
					</tr>
458
				</table>
459
			</td>
460
			</tr>
461
<?php endif; ?>
462
<?php if (isset($config['interfaces'][$if]['blockbogons'])): ?>
463
			<tr valign="top" id="frrfc1918">
464
			<td class="list">&nbsp;</td>
465
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0" alt="block" /></td>
466
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
467
			<td class="listr" style="background-color: #E0E0E0">*</td>
468
			<td class="listr" style="background-color: #E0E0E0"><?=gettext("Reserved/not assigned by IANA");?></td>
469
			<td class="listr" style="background-color: #E0E0E0">*</td>
470
			<td class="listr" style="background-color: #E0E0E0">*</td>
471
			<td class="listr" style="background-color: #E0E0E0">*</td>
472
			<td class="listr" style="background-color: #E0E0E0">*</td>
473
			<td class="listr" style="background-color: #E0E0E0">*</td>
474
			<td class="listr" style="background-color: #E0E0E0">*</td>
475
			<td class="listbg"><?=gettext("Block bogon networks");?></td>
476
			<td valign="middle" class="list nowrap">
477
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
478
					<tr>
479
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="move" /></td>
480
					<td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt=" edit" /></a></td>
481
					</tr>
482
					<tr>
483
					<td align="center" valign="middle"></td>
484
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
485
					</tr>
486
				</table>
487
			</td>
488
			</tr>
489
<?php endif; ?>
490
			<tbody id="dragtable">
491
<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
492
	pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/row_start");
493
	$filterent = $a_filter[$i];
494
	if ($filterent['interface'] != $if && !isset($filterent['floating']))
495
		continue;
496
	if (isset($filterent['floating']) && "FloatingRules" != $if)
497
		continue;
498
	$isadvset = firewall_check_for_advanced_options($filterent);
499
	if($isadvset)
500
		$advanced_set = "<img src=\"./themes/{$g['theme']}/images/icons/icon_advanced.gif\" title=\"" . gettext("advanced settings set") . ": {$isadvset}\" border=\"0\" alt=\"avanced\" />";
501
	else
502
		$advanced_set = "";
503
?>
504
			<tr valign="top" id="fr<?=$nrules;?>">
505
			<td class="listt">
506
				<input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
507
				<?php echo $advanced_set; ?>
508
			</td>
509
			<td class="listt" align="center">
510
			<?php
511
				if ($filterent['type'] == "block")
512
					$iconfn = "block";
513
				else if ($filterent['type'] == "reject")
514
					$iconfn = "reject";
515
				else if ($filterent['type'] == "match")
516
					$iconfn = "match";
517
				else
518
					$iconfn = "pass";
519
				if (isset($filterent['disabled'])) {
520
					$textss = "<span class=\"gray\">";
521
					$textse = "</span>";
522
					$iconfn .= "_d";
523
				} else {
524
					$textss = $textse = "";
525
				}
526
			?>
527
				<a href="?if=<?=htmlspecialchars($if);?>&amp;act=toggle&amp;id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" /></a>
528
			<?php
529
				if (isset($filterent['log'])):
530
					$iconfnlog = "log_s";
531
				if (isset($filterent['disabled']))
532
					$iconfnlog .= "_d";
533
			?>
534
			<br /><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0" alt="icon" />
535
<?php endif; ?>
536
			</td>
537
			<?php
538

    
539
				//build Alias popup box
540
				$alias_src_span_begin = "";
541
				$alias_src_port_span_begin = "";
542
				$alias_dst_span_begin = "";
543
				$alias_dst_port_span_begin = "";
544

    
545
				$alias_popup = rule_popup($filterent['source']['address'],pprint_port($filterent['source']['port']),$filterent['destination']['address'],pprint_port($filterent['destination']['port']));
546

    
547
				$alias_src_span_begin = $alias_popup["src"];
548
				$alias_src_port_span_begin = $alias_popup["srcport"];
549
				$alias_dst_span_begin = $alias_popup["dst"];
550
				$alias_dst_port_span_begin = $alias_popup["dstport"];
551

    
552
				$alias_src_span_end = $alias_popup["src_end"];
553
				$alias_src_port_span_end = $alias_popup["srcport_end"];
554
				$alias_dst_span_end = $alias_popup["dst_end"];
555
				$alias_dst_port_span_end = $alias_popup["dstport_end"];
556

    
557
				//build Schedule popup box
558
				$a_schedules = &$config['schedules']['schedule'];
559
				$schedule_span_begin = "";
560
				$schedule_span_end = "";
561
				$sched_caption_escaped = "";
562
				$sched_content = "";
563
				$schedstatus = false;
564
				$dayArray = array (gettext('Mon'),gettext('Tues'),gettext('Wed'),gettext('Thur'),gettext('Fri'),gettext('Sat'),gettext('Sun'));
565
				$monthArray = array (gettext('January'),gettext('February'),gettext('March'),gettext('April'),gettext('May'),gettext('June'),gettext('July'),gettext('August'),gettext('September'),gettext('October'),gettext('November'),gettext('December'));
566
				if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])) {
567
					foreach ($a_schedules as $schedule)
568
					{
569
						if ($schedule['name'] == $filterent['sched'] ){
570
							$schedstatus = filter_get_time_based_rule_status($schedule);
571

    
572
							foreach($schedule['timerange'] as $timerange) {
573
								$tempFriendlyTime = "";
574
								$tempID = "";
575
								$firstprint = false;
576
								if ($timerange){
577
									$dayFriendly = "";
578
									$tempFriendlyTime = "";
579

    
580
									//get hours
581
									$temptimerange = $timerange['hour'];
582
									$temptimeseparator = strrpos($temptimerange, "-");
583

    
584
									$starttime = substr ($temptimerange, 0, $temptimeseparator);
585
									$stoptime = substr ($temptimerange, $temptimeseparator+1);
586

    
587
									if ($timerange['month']){
588
										$tempmontharray = explode(",", $timerange['month']);
589
										$tempdayarray = explode(",",$timerange['day']);
590
										$arraycounter = 0;
591
										$firstDayFound = false;
592
										$firstPrint = false;
593
										foreach ($tempmontharray as $monthtmp){
594
											$month = $tempmontharray[$arraycounter];
595
											$day = $tempdayarray[$arraycounter];
596

    
597
											if (!$firstDayFound)
598
											{
599
												$firstDay = $day;
600
												$firstmonth = $month;
601
												$firstDayFound = true;
602
											}
603

    
604
											$currentDay = $day;
605
											$nextDay = $tempdayarray[$arraycounter+1];
606
											$currentDay++;
607
											if (($currentDay != $nextDay) || ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
608
												if ($firstPrint)
609
													$dayFriendly .= ", ";
610
												$currentDay--;
611
												if ($currentDay != $firstDay)
612
													$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
613
												else
614
													$dayFriendly .=  $monthArray[$month-1] . " " . $day;
615
												$firstDayFound = false;
616
												$firstPrint = true;
617
											}
618
											$arraycounter++;
619
										}
620
									}
621
									else
622
									{
623
										$tempdayFriendly = $timerange['position'];
624
										$firstDayFound = false;
625
										$tempFriendlyDayArray = explode(",", $tempdayFriendly);
626
										$currentDay = "";
627
										$firstDay = "";
628
										$nextDay = "";
629
										$counter = 0;
630
										foreach ($tempFriendlyDayArray as $day){
631
											if ($day != ""){
632
												if (!$firstDayFound)
633
												{
634
													$firstDay = $tempFriendlyDayArray[$counter];
635
													$firstDayFound = true;
636
												}
637
												$currentDay =$tempFriendlyDayArray[$counter];
638
												//get next day
639
												$nextDay = $tempFriendlyDayArray[$counter+1];
640
												$currentDay++;
641
												if ($currentDay != $nextDay){
642
													if ($firstprint)
643
														$dayFriendly .= ", ";
644
													$currentDay--;
645
													if ($currentDay != $firstDay)
646
														$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
647
													else
648
														$dayFriendly .= $dayArray[$firstDay-1];
649
													$firstDayFound = false;
650
													$firstprint = true;
651
												}
652
												$counter++;
653
											}
654
										}
655
									}
656
									$timeFriendly = $starttime . " - " . $stoptime;
657
									$description = $timerange['rangedescr'];
658
									$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br />";
659
								}
660
							}
661
							$sched_caption_escaped = str_replace("'", "\'", $schedule['descr']);
662
							$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>{$sched_caption_escaped}</h1><p>{$sched_content}</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><u>";
663
							$schedule_span_end = "</u></span>";
664
						}
665
					}
666
				}
667
				$printicon = false;
668
				$alttext = "";
669
				$image = "";
670
				if (!isset($filterent['disabled'])) {
671
					if ($schedstatus) {
672
						if ($iconfn == "block" || $iconfn == "reject") {
673
							$image = "icon_block";
674
							$alttext = gettext("Traffic matching this rule is currently being denied");
675
						} else {
676
							$image = "icon_pass";
677
							$alttext = gettext("Traffic matching this rule is currently being allowed");
678
						}
679
						$printicon = true;
680
					} else if ($filterent['sched']) {
681
						if ($iconfn == "block" || $iconfn == "reject")
682
							$image = "icon_block_d";
683
						else
684
							$image = "icon_block";
685
						$alttext = gettext("This rule is not currently active because its period has expired");
686
						$printicon = true;
687
					}
688
				}
689
			?>
690
			<td class="listlr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
691
				<?=$textss;?><?php if (isset($filterent['id'])) echo $filterent['id']."&nbsp;"; else echo "&nbsp;"; ?><?=$textse;?>
692
			</td>
693
			<?php
694
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr");
695
			?>
696
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
697
			<?=$textss;?>
698
			<?php
699
				if (isset($filterent['ipprotocol'])) {
700
					switch($filterent['ipprotocol']) {
701
						case "inet":
702
							echo "IPv4 ";
703
							break;
704
						case "inet6":
705
							echo "IPv6 ";
706
							break;
707
						case "inet46":
708
							echo "IPv4+6 ";
709
							break;
710
					}
711
				} else {
712
					echo "IPv4 ";
713
				}
714
				if (isset($filterent['protocol'])) {
715
					echo strtoupper($filterent['protocol']);
716
					if (strtoupper($filterent['protocol']) == "ICMP" && !empty($filterent['icmptype'])) {
717
						echo ' <span style="cursor: help;" title="ICMP type: ' . $icmptypes[$filterent['icmptype']] . '"><u>';
718
						echo $filterent['icmptype'];
719
						echo '</u></span>';
720
					}
721
				} else echo "*";
722
			?>
723
			<?=$textse;?>
724
			</td>
725
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
726
				<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
727
			</td>
728
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
729
				<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
730
			</td>
731
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
732
				<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
733
			</td>
734
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
735
				<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
736
			</td>
737
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
738
				<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else  echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
739
			</td>
740
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
741
			<?=$textss;?>
742
			<?php
743
				if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) {
744
					$desc = $filterent['ackqueue'] ;
745
					echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&amp;action=show\">{$desc}</a>";
746
					$desc = $filterent['defaultqueue'];
747
					echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&amp;action=show\">{$desc}</a>";
748
				} else if (isset($filterent['defaultqueue'])) {
749
					$desc = $filterent['defaultqueue'];
750
					echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&amp;action=show\">{$desc}</a>";
751
				} else
752
					echo gettext("none");
753
			?>
754
			<?=$textse;?>
755
			</td>
756
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
757
				<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0" alt="icon" /><?php } ?><?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?>&nbsp;<?php echo $schedule_span_end; ?><?=$textse;?>
758
			</font></td>
759
			<?php
760
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_descr_tr");
761
			?>
762
			<td class="listbg descr" onclick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
763
				<?=$textss;?><?=htmlspecialchars($filterent['descr']);?>&nbsp;<?=$textse;?>
764
			</td>
765
			<td valign="middle" class="list nowrap">
766
				<table border="0" cellspacing="0" cellpadding="1" summary="move before">
767
					<tr>
768
					<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17" title="<?=gettext("move selected rules before this rule"); ?>" onmouseover="fr_insline(<?=$nrules;?>, true)" onmouseout="fr_insline(<?=$nrules;?>, false)" /></td>
769
					<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule"); ?>" width="17" height="17" border="0" alt="edit" /></a></td>
770
					</tr>
771
					<tr>
772
					<td align="center" valign="middle"><a href="firewall_rules.php?act=del&amp;if=<?=htmlspecialchars($if);?>&amp;id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule"); ?>" onclick="return confirm('Do you really want to delete this rule?')" alt="delete" /></a></td>
773
					<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new rule based on this one"); ?>" width="17" height="17" border="0" alt="add" /></a></td>
774
					</tr>
775
				</table>
776
			</td>
777
			</tr>
778
			<?php $nrules++; endfor; ?>
779
			  <tr><td></td></tr></tbody>
780
<?php if ($nrules == 0): ?>
781
			<tr>
782
			<td class="listt"></td>
783
			<td class="listt"></td>
784
			<td class="listlr" colspan="10" align="center" valign="middle">
785
			<span class="gray">
786
	<?php if ($_REQUEST['if'] == "FloatingRules"): ?>
787
				<?=gettext("No floating rules are currently defined."); ?><br /><br />
788
	<?php else: ?>
789
				<?=gettext("No rules are currently defined for this interface"); ?><br />
790
				<?=gettext("All incoming connections on this interface will be blocked until you add pass rules."); ?><br /><br />
791
	<?php endif; ?>
792
				<?=gettext("Click the"); ?> <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" border="0" width="17" height="17" align="middle" alt="add" /></a><?=gettext(" button to add a new rule.");?></span>
793
			</td>
794
			</tr>
795
<?php endif; ?>
796
			<tr id="fr<?=$nrules;?>">
797
			<td class="list"></td>
798
			<td class="list"></td>
799
			<?php
800
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr_belowtable");
801
			?>
802
			<td class="list">&nbsp;</td>
803
			<td class="list">&nbsp;</td>
804
			<td class="list">&nbsp;</td>
805
			<td class="list">&nbsp;</td>
806
			<td class="list">&nbsp;</td>
807
			<td class="list">&nbsp;</td>
808
			<td class="list">&nbsp;</td>
809
			<td class="list">&nbsp;</td>
810
			<td class="list">&nbsp;</td>
811
			<td class="list">&nbsp;</td>
812
			<td class="list">
813
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules">
814
					<tr>
815
					<td>
816
						<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules to end");?>" border="0" alt="move" /><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17" title="<?=gettext("move selected rules to end");?>" onmouseover="fr_insline(<?=$nrules;?>, true)" onmouseout="fr_insline(<?=$nrules;?>, false)" /><?php endif; ?></td>
817
					<td></td>
818
					</tr>
819
					<tr>
820
					<td>
821
<?php if ($nrules == 0): ?>
822
						<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0" alt="delete" /><?php else: ?>
823
						<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')" />
824
<?php endif; ?>
825
					</td>
826
			                <td><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0" alt="add" /></a></td>
827
					</tr>
828
				</table>
829
			</td>
830
			</tr>
831
		</table>
832
		<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="icons">
833
			<tr>
834
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" alt="pass" /></td>
835
				<td width="100"><?=gettext("pass");?></td>
836
				<td width="14"></td>
837
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_match.gif" width="11" height="11" alt="match" /></td>
838
				<td width="100"><?=gettext("match");?></td>
839
				<td width="14"></td>
840
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" alt="block" /></td>
841
				<td width="100"><?=gettext("block");?></td>
842
				<td width="14"></td>
843
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11" alt="reject" /></td>
844
				<td width="100"><?=gettext("reject");?></td>
845
				<td width="14"></td>
846
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11" alt="log" /></td>
847
				<td width="100"><?=gettext("log");?></td>
848
			</tr>
849
			<tr>
850
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11" alt="pass disabled" /></td>
851
				<td class="nowrap"><?=gettext("pass (disabled)");?></td>
852
				<td>&nbsp;</td>
853
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_match_d.gif" width="11" height="11" alt="match disabled" /></td>
854
				<td class="nowrap"><?=gettext("match (disabled)");?></td>
855
				<td>&nbsp;</td>
856
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11" alt="block disabled" /></td>
857
				<td class="nowrap"><?=gettext("block (disabled)");?></td>
858
				<td>&nbsp;</td>
859
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11" alt="reject disabled" /></td>
860
				<td class="nowrap"><?=gettext("reject (disabled)");?></td>
861
				<td>&nbsp;</td>
862
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11" alt="log disabled" /></td>
863
				<td class="nowrap"><?=gettext("log (disabled)");?></td>
864
			</tr>
865
			<tr>
866
				<td colspan="10">
867
					<p>&nbsp;</p>
868
					<strong>
869
						<span class="red"><?=gettext("Hint:");?></span>
870
					</strong><br />
871
					<ul>
872
					<?php if ("FloatingRules" != $if): ?>
873
						<li><?=gettext("Rules are evaluated on a first-match basis (i.e. " .
874
						"the action of the first rule to match a packet will be executed). " .
875
						"This means that if you use block rules, you'll have to pay attention " .
876
						"to the rule order. Everything that isn't explicitly passed is blocked " .
877
						"by default. ");?>
878
						</li>
879
					<?php else: ?>
880
						<li><?=gettext("Floating rules are evaluated on a first-match basis (i.e. " .
881
						"the action of the first rule to match a packet will be executed) only " .
882
						"if the 'quick' option is checked on a rule. Otherwise they will only apply if no " .
883
						"other rules match. Pay close attention to the rule order and options " .
884
						"chosen. If no rule here matches, the per-interface or default rules are used. ");?>
885
						</li>
886
					<?php endif; ?>
887
					</ul>
888
				 </td>
889
			</tr>
890
		</table>
891
		</div>
892
	</td>
893
	</tr>
894
</table>
895
<input type="hidden" name="if" value="<?=htmlspecialchars($if);?>" />
896
<script type="text/javascript">
897
//<![CDATA[
898
	var number_of_rules = <?=$nrules?>;
899
	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++): ?>
900
	/*
901
		Sortable.create("dragtable", {
902
			tag:"tr",
903
			format:"fr([0-9999999])",
904
			containment:["dragtable"],
905
			onChange:function(affected) {
906
				document.body.style.cursor = 'move';
907
			},
908
			onUpdate:function(container) {
909
				document.body.style.cursor = 'move';
910
				updateOrder(Sortable.serialize('dragtable', 'tr'));
911
			}
912
		});
913
	*/
914
	<?php endfor; ?>
915
	function updateOrder(order) {
916
		if(document.getElementById("redboxtable"))
917
			jQuery('#redboxtable').hide();
918
		jQuery('#loading').show();
919
		document.body.style.cursor = 'wait';
920
		document.location = 'firewall_rules.php?if=<?=htmlspecialchars($if);?>&dragdroporder=true&' + Sortable.serialize('dragtable', 'tr');
921
		return;
922
	}
923
	jQuery('#loading').hide();
924
//]]>
925
</script>
926
</form>
927
<?php include("fend.inc"); ?>
928
</body>
929
</html>
(71-71/256)