From ee7fbedc53664092eeba8487cb31f1c3a3144af2 Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Fri, 21 Aug 2015 15:52:32 +0000 Subject: [PATCH] (legacy) refactor firewall_rules.php --- src/www/firewall_rules.php | 1541 ++++++++++++++---------------------- 1 file changed, 586 insertions(+), 955 deletions(-) diff --git a/src/www/firewall_rules.php b/src/www/firewall_rules.php index f9e44ff9d..f0738f161 100644 --- a/src/www/firewall_rules.php +++ b/src/www/firewall_rules.php @@ -1,985 +1,616 @@ . - All rights reserved. + Copyright (C) 2014-2015 Deciso B.V. + Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com) + Copyright (C) 2003-2004 Manuel Kasper . + All rights reserved. - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("pfsense-utils.inc"); -function rule_popup($src,$srcport,$dst,$dstport){ - global $config,$g; - $aliases_array = array(); - if (isset($config['aliases']['alias'])) { - $descriptions = array (); - foreach ($config['aliases']['alias'] as $alias_id=>$alias_name){ - if ($alias_name['name'] == $src) { - //var_dump($config['aliases']['alias'][$alias_id]); - $aliases_array['src']=$config['aliases']['alias'][$alias_id]; - $aliases_array['src']['aliasid']=$alias_id; - //$descriptions['src'] = $span_begin; - //$descriptions['src_end'] = $span_end; - } - if ($alias_name['name'] == $srcport) { - $aliases_array['srcport']=$config['aliases']['alias'][$alias_id]; - $aliases_array['srcport']['aliasid']=$alias_id; - //$descriptions['srcport'] = $span_begin; - //$descriptions['srcport_end'] = $span_end; - } - if ($alias_name['name'] == $dst ) { - $aliases_array['dst']=$config['aliases']['alias'][$alias_id]; - $aliases_array['dst']['aliasid']=$alias_id; - //$descriptions['dst'] = $span_begin; - //$descriptions['dst_end'] = $span_end; - } - if ($alias_name['name'] == $dstport) { - $aliases_array['dstport']=$config['aliases']['alias'][$alias_id]; - $aliases_array['dstport']['aliasid']=$alias_id; - //$descriptions['dstport'] = $span_begin; - //$descriptions['dstport_end'] = $span_end; - } - } - return $aliases_array;//$descriptions; - } + +if (!isset($config['filter']['rule'])) { + $config['filter']['rule'] = array(); } +$a_filter = &$config['filter']['rule']; +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + if (isset($_GET['if'])) { + $current_if = htmlspecialchars($_GET['if']); + } else { + $current_if = "FloatingRules"; + } + $pconfig = $_POST; + if (isset($pconfig['id']) && isset($a_filter[$pconfig['id']])) { + // id found and valid + $id = $pconfig['id']; + } + if (isset($pconfig['apply'])) { + filter_configure(); + clear_subsystem_dirty('filter'); + $savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.
You can also %s monitor %s the reload progress"),"",""); + } elseif (isset($pconfig['act']) && $pconfig['act'] == 'del' && isset($id)) { + // delete single item + if (!empty($a_filter[$id]['associated-rule-id'])) { + // unlink nat entry + if (isset($config['nat']['rule'])) { + $a_nat = &$config['nat']['rule']; + foreach ($a_nat as &$natent) { + if ($natent['associated-rule-id'] == $a_filter[$id]['associated-rule-id']) { + $natent['associated-rule-id'] = ''; + } + } + } + } + unset($a_filter[$id]); + if (write_config()) { + mark_subsystem_dirty('filter'); + } + header("Location: firewall_rules.php?if=" . htmlspecialchars($current_if)); + exit; + } elseif (isset($pconfig['act']) && $pconfig['act'] == 'del_x' && isset($pconfig['rule']) && count($pconfig['rule']) > 0) { + // delete selected rules + foreach ($pconfig['rule'] as $rulei) { + // unlink nat entry + if (isset($config['nat']['rule'])) { + $a_nat = &$config['nat']['rule']; + foreach ($a_nat as &$natent) { + if ($natent['associated-rule-id'] == $a_filter[$rulei]['associated-rule-id']) { + $natent['associated-rule-id'] = ''; + } + } + } + unset($a_filter[$rulei]); + } + if (write_config()) { + mark_subsystem_dirty('filter'); + } + header("Location: firewall_rules.php?if=" . htmlspecialchars($current_if)); + exit; + } elseif ( isset($pconfig['act']) && $pconfig['act'] == 'move' && isset($pconfig['rule']) && count($pconfig['rule']) > 0) { + // move selected rules + if (!isset($id)) { + // if rule not set/found, move to end + $id = count($a_nat); + } + $a_filter = legacy_move_config_list_items($a_filter, $id, $pconfig['rule']); + if (write_config()) { + mark_subsystem_dirty('filter'); + } + header("Location: firewall_rules.php?if=" . htmlspecialchars($current_if)); + exit; + } elseif (isset($pconfig['act']) && $pconfig['act'] == 'toggle' && isset($id)) { + // toggle item + if(isset($a_filter[$id]['disabled'])) { + unset($a_filter[$id]['disabled']); + } else { + $a_filter[$id]['disabled'] = true; + } + if (write_config()) { + mark_subsystem_dirty('filter'); + } + header("Location: firewall_rules.php?if=" . htmlspecialchars($current_if)); + exit; + } + + echo $id; + print_r($_POST); + die; +} + +if (isset($_GET['if'])) { + $selected_if = htmlspecialchars($_GET['if']); +} else { + $selected_if = "FloatingRules"; +} +$closehead = true; $pgtitle = array(gettext("Firewall"),gettext("Rules")); $shortcut_section = "firewall"; -function delete_nat_association($id) { - global $config; - - if (!$id || !isset($config['nat']['rule'])) - return; - - $a_nat = &$config['nat']['rule']; - - foreach ($a_nat as &$natent) - if ($natent['associated-rule-id'] == $id) - $natent['associated-rule-id'] = ''; -} - -if (!isset($config['filter']['rule'])) { - $config['filter']['rule'] = array(); -} -filter_rules_sort(); -$a_filter = &$config['filter']['rule']; - -$if = $_GET['if']; -if ($_POST['if']) - $if = $_POST['if']; - -$ifdescs = get_configured_interface_with_descr(); - - -// Drag and drop reordering -if($_REQUEST['dragdroporder']) { - - - - - // First create a new ruleset array and tmp arrays - $a_filter_before = array(); - $a_filter_order = array(); - $a_filter_order_tmp = array(); - $a_filter_after = array(); - $found = false; - $drag_order = $_REQUEST['dragtable']; - // Next traverse through rules building a new order for interface - for ($i = 0; isset($a_filter[$i]); $i++) { - if(( $_REQUEST['if'] == "FloatingRules" && isset($a_filter[$i]['floating']) ) || ( $a_filter[$i]['interface'] == $_REQUEST['if'] && !isset($a_filter[$i]['floating']) )) { - $a_filter_order_tmp[] = $a_filter[$i]; - $found = true; - } else if (!$found) - $a_filter_before[] = $a_filter[$i]; - else - $a_filter_after[] = $a_filter[$i]; - } - // Reorder rules with the posted order - for ($i = 0; $i gettext("any"), - "echoreq" => gettext("Echo request"), - "echorep" => gettext("Echo reply"), - "unreach" => gettext("Destination unreachable"), - "squench" => gettext("Source quench"), - "redir" => gettext("Redirect"), - "althost" => gettext("Alternate Host"), - "routeradv" => gettext("Router advertisement"), - "routersol" => gettext("Router solicitation"), - "timex" => gettext("Time exceeded"), - "paramprob" => gettext("Invalid IP header"), - "timereq" => gettext("Timestamp"), - "timerep" => gettext("Timestamp reply"), - "inforeq" => gettext("Information request"), - "inforep" => gettext("Information reply"), - "maskreq" => gettext("Address mask request"), - "maskrep" => gettext("Address mask reply") -); - -/* add group interfaces */ -if (isset($config['ifgroups']['ifgroupentry'])) - foreach($config['ifgroups']['ifgroupentry'] as $ifgen) - if (have_ruleint_access($ifgen['ifname'])) - $iflist[$ifgen['ifname']] = $ifgen['ifname']; - -foreach ($ifdescs as $ifent => $ifdesc) - if(have_ruleint_access($ifent)) - $iflist[$ifent] = $ifdesc; - -if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == "server") - if(have_ruleint_access("l2tp")) - $iflist['l2tp'] = "L2TP VPN"; - -if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == "server") - if(have_ruleint_access("pptp")) - $iflist['pptp'] = "PPTP VPN"; - -if (isset($config['pppoes']['pppoe'])) { - foreach ($config['pppoes']['pppoe'] as $pppoes) { - if (($pppoes['mode'] == 'server') && have_ruleint_access('pppoe')) { - $iflist['pppoe'] = "PPPoE Server"; - } - } -} - -/* add ipsec interfaces */ -if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) { - if (have_ruleint_access('enc0')) { - $iflist['enc0'] = 'IPsec'; - } -} - -/* add openvpn/tun interfaces */ -if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) { - $iflist['openvpn'] = 'OpenVPN'; -} - -if (!$if || !isset($iflist[$if])) { - if ("any" == $if) - $if = "FloatingRules"; - else if ("FloatingRules" != $if) { - if (isset($iflist['wan'])) - $if = "wan"; - else - $if = "FloatingRules"; - } -} - -if ($_POST) { - - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - $retval = filter_configure(); - - clear_subsystem_dirty('filter'); - - $savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.
You can also %s monitor %s the reload progress"),"",""); - } -} - -if ($_GET['act'] == "del") { - if ($a_filter[$_GET['id']]) { - if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) { - delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']); - } - unset($a_filter[$_GET['id']]); - if (write_config()) - mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); - exit; - } -} - -// Handle save msg if defined -if($_REQUEST['savemsg']) - $savemsg = htmlentities($_REQUEST['savemsg']); - -if (isset($_POST['del_x'])) { - /* delete selected rules */ - if (isset($_POST['rule']) && count($_POST['rule'])) { - foreach ($_POST['rule'] as $rulei) { - delete_nat_association($a_filter[$rulei]['associated-rule-id']); - unset($a_filter[$rulei]); - } - if (write_config()) - mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); - exit; - } -} else if ($_GET['act'] == "toggle") { - if ($a_filter[$_GET['id']]) { - if(isset($a_filter[$_GET['id']]['disabled'])) - unset($a_filter[$_GET['id']]['disabled']); - else - $a_filter[$_GET['id']]['disabled'] = true; - if (write_config()) - mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); - exit; - } -} else { - /* yuck - IE won't send value attributes for image buttons, while Mozilla does - - so we use .x/.y to fine move button clicks instead... */ - unset($movebtn); - foreach ($_POST as $pn => $pd) { - if (preg_match("/move_(\d+)_x/", $pn, $matches)) { - $movebtn = $matches[1]; - break; - } - } - - - - /* move selected rules before this rule */ - if (isset($movebtn) && isset($_POST['rule']) && count($_POST['rule'])) { - $a_filter_new = array(); - - /* copy all rules < $movebtn and not selected */ - for ($i = 0; $i < $movebtn; $i++) { - if (!in_array($i, $_POST['rule'])) - $a_filter_new[] = $a_filter[$i]; - } - - /* copy all selected rules */ - for ($i = 0; $i < count($a_filter); $i++) { - if ($i == $movebtn) - continue; - if (in_array($i, $_POST['rule'])) - $a_filter_new[] = $a_filter[$i]; - } - - /* copy $movebtn rule */ - if ($movebtn < count($a_filter)) - $a_filter_new[] = $a_filter[$movebtn]; - - /* copy all rules > $movebtn and not selected */ - for ($i = $movebtn+1; $i < count($a_filter); $i++) { - if (!in_array($i, $_POST['rule'])) - $a_filter_new[] = $a_filter[$i]; - } - - $a_filter = $a_filter_new; - if (write_config()) - mark_subsystem_dirty('filter'); - header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); - exit; - } -} -$closehead = true; - - - include("head.inc"); ?> - - + +
+
+
+ +

+ You must apply the changes in order for them to take effect."));?> + +

+ $ifdesc) + $iflist_tabs[$ifent] = $ifdesc; + + if (isset($config['l2tp']['mode']) && $config['l2tp']['mode'] == "server") + $iflist_tabs['l2tp'] = "L2TP VPN"; + + if (isset($config['pptpd']['mode']) && $config['pptpd']['mode'] == "server") + $iflist_tabs['pptp'] = "PPTP VPN"; + + if (isset($config['pppoes']['pppoe'])) { + foreach ($config['pppoes']['pppoe'] as $pppoes) { + if (($pppoes['mode'] == 'server') && have_ruleint_access('pppoe')) { + $iflist_tabs['pppoe'] = "PPPoE Server"; + } + } + } + + /* add ipsec interfaces */ + if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) { + $iflist_tabs['enc0'] = 'IPsec'; + } + + /* add openvpn/tun interfaces */ + if (isset($config['openvpn']['openvpn-server']) || isset($config['openvpn']['openvpn-client'])) { + $iflist_tabs['openvpn'] = 'OpenVPN'; + } + + $tab_array = array(); + foreach ($iflist_tabs as $ifent => $ifname) { + $active = false; + // mark active if selected or mark floating active when none is selected + if ($ifent == $selected_if) { + $active = true; + } + $tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}"); + } + display_top_tabs($tab_array); +?> +
+
+ + +
+ + + + + + + + + + + + + + + + + + 1, or WAN with an if count of 1. + if (!isset($config['system']['webgui']['noantilockout']) && + (((count($config['interfaces']) > 1) && ($selected_if == 'lan')) + || ((count($config['interfaces']) == 1) && ($selected_if == 'wan')))): + $alports = implode('
', filter_get_antilockout_ports(true)); +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + $filterent): + if ( (isset($filterent['interface']) && $filterent['interface'] == $selected_if) || + (isset($filterent['floating']) && $selected_if == "FloatingRules" )): + $interface_has_rules = true; + // select icon + if (!isset($filterent['type']) && empty($filterent['disabled'])) { + // not very nice.... associated NAT rules don't have a type... + $iconfn = "glyphicon-play text-success"; + } else if (!isset($filterent['type']) && !empty($filterent['disabled'])) { + $iconfn = "glyphicon-play text-muted"; + } elseif ($filterent['type'] == "block" && empty($filterent['disabled'])) { + $iconfn = "glyphicon-remove text-danger"; + } elseif ($filterent['type'] == "block" && !empty($filterent['disabled'])) { + $iconfn = "glyphicon-remove text-muted"; + } elseif ($filterent['type'] == "reject" && empty($filterent['disabled'])) { + $iconfn = "glyphicon-remove text-warning"; + } elseif ($filterent['type'] == "reject" && !empty($filterent['disabled'])) { + $iconfn = "glyphicon-remove text-muted"; + } else if ($filterent['type'] == "match" && empty($filterent['disabled'])) { + $iconfn = "glyphicon-ok"; + } else if ($filterent['type'] == "match" && !empty($filterent['disabled'])) { + $iconfn = "glyphicon-ok text-muted"; + } elseif (empty($filterent['disabled'])) { + $iconfn = "glyphicon-play text-success"; + } else { + $iconfn = "glyphicon-play text-muted"; + } + + // construct line ipprotocol + if (isset($filterent['ipprotocol'])) { + switch($filterent['ipprotocol']) { + case "inet": + $record_ipprotocol = "IPv4 "; + break; + case "inet6": + $record_ipprotocol = "IPv6 "; + break; + case "inet46": + $record_ipprotocol = "IPv4+6 "; + break; + } + } else { + $record_ipprotocol = "IPv4 "; + } - -
-
-
- - -

- You must apply the changes in order for them to take effect."), "firewall_rules.php?if={$_REQUEST['if']}&dragdroporder=true&{$dragtable}"); - } else { - print_info_box_apply(gettext("The firewall rule configuration has been changed.
You must apply the changes in order for them to take effect.")); - } - ?> - - - -

- - - $ifname) { - if ($ifent == $if) - $active = true; - else - $active = false; - $tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}"); - } - display_top_tabs($tab_array); - ?> - - -
- - - - -
-
  
 ** + " class="btn btn-default btn-xs"> +
 ** + " class="btn btn-default btn-xs"> +
 * + " class="btn btn-default btn-xs"> +
- - - - - - - - - - - - - - - - - - 1, or WAN with an if count of 1. - if (!isset($config['system']['webgui']['noantilockout']) && - (((count($config['interfaces']) > 1) && ($if == 'lan')) - || ((count($config['interfaces']) == 1) && ($if == 'wan')))): - - $alports = implode('
', filter_get_antilockout_ports(true)); - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - "; - else - $advanced_set = ""; - ?> - - - - 0 ) { - $aliases_popup['src']['addrlist']=explode(" ",$alias_popup['src']['address']); - $aliases_popup['src']['detlist']=explode("||",$alias_popup['src']['detail']); - - $alias_src_span_begin=" $address) { - $alias_src_span_begin=$alias_src_span_begin."".$address." (".$aliases_popup['src']['detlist'][$addrkey].") 
"; - } - $alias_src_span_begin=$alias_src_span_begin."' data-original-title=' - ".htmlspecialchars(pprint_address($filterent['source']))."(".count($aliases_popup['src']['addrlist']).")"."'>"; - // Vergelijk Producten 2 - $alias_src_span_end=""; - } - //build Schedule popup box - $a_schedules = &$config['schedules']['schedule']; - $schedule_span_begin = ""; - $schedule_span_end = ""; - $sched_caption_escaped = ""; - $sched_content = ""; - $schedstatus = false; - $dayArray = array (gettext('Mon'),gettext('Tues'),gettext('Wed'),gettext('Thur'),gettext('Fri'),gettext('Sat'),gettext('Sun')); - $monthArray = array (gettext('January'),gettext('February'),gettext('March'),gettext('April'),gettext('May'),gettext('June'),gettext('July'),gettext('August'),gettext('September'),gettext('October'),gettext('November'),gettext('December')); - if(isset($config['schedules']['schedule'])) { - foreach ($a_schedules as $schedule) - { - if ($schedule['name'] == $filterent['sched'] ){ - $schedstatus = filter_get_time_based_rule_status($schedule); - - foreach($schedule['timerange'] as $timerange) { - $tempFriendlyTime = ""; - $tempID = ""; - $firstprint = false; - if ($timerange){ - $dayFriendly = ""; - $tempFriendlyTime = ""; - - //get hours - $temptimerange = $timerange['hour']; - $temptimeseparator = strrpos($temptimerange, "-"); - - $starttime = substr ($temptimerange, 0, $temptimeseparator); - $stoptime = substr ($temptimerange, $temptimeseparator+1); - - if ($timerange['month']){ - $tempmontharray = explode(",", $timerange['month']); - $tempdayarray = explode(",",$timerange['day']); - $arraycounter = 0; - $firstDayFound = false; - $firstPrint = false; - foreach ($tempmontharray as $monthtmp){ - $month = $tempmontharray[$arraycounter]; - $day = $tempdayarray[$arraycounter]; - - if (!$firstDayFound) - { - $firstDay = $day; - $firstmonth = $month; - $firstDayFound = true; - } - - $currentDay = $day; - $nextDay = $tempdayarray[$arraycounter+1]; - $currentDay++; - if (($currentDay != $nextDay) || ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){ - if ($firstPrint) - $dayFriendly .= ", "; - $currentDay--; - if ($currentDay != $firstDay) - $dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ; - else - $dayFriendly .= $monthArray[$month-1] . " " . $day; - $firstDayFound = false; - $firstPrint = true; - } - $arraycounter++; - } - } - else - { - $tempdayFriendly = $timerange['position']; - $firstDayFound = false; - $tempFriendlyDayArray = explode(",", $tempdayFriendly); - $currentDay = ""; - $firstDay = ""; - $nextDay = ""; - $counter = 0; - foreach ($tempFriendlyDayArray as $day){ - if ($day != ""){ - if (!$firstDayFound) - { - $firstDay = $tempFriendlyDayArray[$counter]; - $firstDayFound = true; - } - $currentDay =$tempFriendlyDayArray[$counter]; - //get next day - $nextDay = $tempFriendlyDayArray[$counter+1]; - $currentDay++; - if ($currentDay != $nextDay){ - if ($firstprint) - $dayFriendly .= ", "; - $currentDay--; - if ($currentDay != $firstDay) - $dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1]; - else - $dayFriendly .= $dayArray[$firstDay-1]; - $firstDayFound = false; - $firstprint = true; - } - $counter++; - } - } - } - $timeFriendly = $starttime . " - " . $stoptime; - $description = $timerange['rangedescr']; - $sched_content .= $dayFriendly . "; " . $timeFriendly . "
"; - } - } - $sched_caption_escaped = str_replace("'", "\'", $schedule['descr']); - $schedule_span_begin = "{$sched_caption_escaped}

{$sched_content}

', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\">"; - $schedule_span_end = ""; - } - } - } - $printicon = false; - $alttext = ""; - $image = ""; - if (!isset($filterent['disabled'])) { - if ($schedstatus) { - if ($iconfn == "block" || $iconfn == "reject") { - $image = "glyphicon-remove text-danger"; - $alttext = gettext("Traffic matching this rule is currently being denied"); - } else { - $image = "glyphicon-play text-success"; - $alttext = gettext("Traffic matching this rule is currently being allowed"); - } - $printicon = true; - } else if ($filterent['sched']) { - if ($iconfn == "block" || $iconfn == "reject") - $image = "glyphicon-remove text-muted"; - else - $image = "glyphicon-remove text-danger"; - $alttext = gettext("This rule is not currently active because its period has expired"); - $printicon = true; - } - } - ?> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
   - - - - - - - " class="btn btn-default btn-xs"> -
 *** Address**  - " alt="move" class="btn btn-default btn-xs"> - " class="btn btn-default btn-xs"> - - " width="17" height="17" border="0" alt="add" class="btn btn-default btn-xs"> -
 ******  - " alt="move" class="btn btn-default btn-xs"> - - " class="btn btn-default btn-xs"> - - " width="17" height="17" border="0" alt="add" class="btn btn-default btn-xs"> -
 ******* - " alt="move" class="btn btn-default btn-xs"> - - " class="btn btn-default btn-xs"> - - " width="17" height="17" border="0" alt="add" class="btn btn-default btn-xs"> - -
- - - - - " > - - - - - - '; - echo $filterent['icmptype']; - echo ''; - } - } else echo "*"; - ?> - - - - - - - - - - - - - - -   - -   - - - " class="btn btn-default btn-xs"> - - " onclick="return confirm('Do you really want to delete this rule?')" class="btn btn-default btn-xs"> - " class="btn btn-default btn-xs"> -
- - -

- -
-

- - -
          - - - - - " class="btn btn-default btn-xs"> - - -
- - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    
-

 

- - -
-
    - -
  • -
    • - -
  • -
    • - -
-
-
-
-
-
-
-
-
-
- - - - - +?> + + + + + + "> + + + + "> + + + + + gettext("any"), + "echoreq" => gettext("Echo request"), + "echorep" => gettext("Echo reply"), + "unreach" => gettext("Destination unreachable"), + "squench" => gettext("Source quench"), + "redir" => gettext("Redirect"), + "althost" => gettext("Alternate Host"), + "routeradv" => gettext("Router advertisement"), + "routersol" => gettext("Router solicitation"), + "timex" => gettext("Time exceeded"), + "paramprob" => gettext("Invalid IP header"), + "timereq" => gettext("Timestamp"), + "timerep" => gettext("Timestamp reply"), + "inforeq" => gettext("Information request"), + "inforep" => gettext("Information reply"), + "maskreq" => gettext("Address mask request"), + "maskrep" => gettext("Address mask reply") + ); + if (isset($filterent['protocol']) && $filterent['protocol'] == "icmp" && !empty($filterent['icmptype'])): +?> + + + + + + + + + + +   + + + + + +   + + + + + +   + + + + + +   + + + + + + + * + + + + + + + + + + + + + " class="act_move btn btn-default btn-xs"> + + + " class="btn btn-default btn-xs"> + + + " data-toggle="tooltip" class="act_delete btn btn-default btn-xs"> + + + "> + + + + + + + + + +

+ +
+

+ + + + + + + + + + + + + + " class="act_move btn btn-default btn-xs"> + + + " data-toggle="tooltip" class="act_delete btn btn-default btn-xs"> + + + "> + + + + + + + + +   + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +