Project

General

Profile

Download (39.7 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / firewall_rules.php @ a1b66bec

1
<?php
2
/* $Id$ */
3
/*
4
	firewall_rules.php
5
	part of pfSense (https://www.pfsense.org)
6
	Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7

    
8
	originally part of m0n0wall (http://m0n0.ch/wall)
9
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
10
	All rights reserved.
11

    
12
	Redistribution and use in source and binary forms, with or without
13
	modification, are permitted provided that the following conditions are met:
14

    
15
	1. Redistributions of source code must retain the above copyright notice,
16
	   this list of conditions and the following disclaimer.
17

    
18
	2. Redistributions in binary form must reproduce the above copyright
19
	   notice, this list of conditions and the following disclaimer in the
20
	   documentation and/or other materials provided with the distribution.
21

    
22
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
23
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
24
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
26
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31
	POSSIBILITY OF SUCH DAMAGE.
32
*/
33
/*
34
	pfSense_MODULE:	filter
35
*/
36

    
37
##|+PRIV
38
##|*IDENT=page-firewall-rules
39
##|*NAME=Firewall: Rules page
40
##|*DESCR=Allow access to the 'Firewall: Rules' page.
41
##|*MATCH=firewall_rules.php*
42
##|-PRIV
43

    
44
require("guiconfig.inc");
45
require_once("functions.inc");
46
require_once("filter.inc");
47
require_once("shaper.inc");
48

    
49
$pgtitle = array(gettext("Firewall"),gettext("Rules"));
50
$shortcut_section = "firewall";
51

    
52
function delete_nat_association($id) {
53
	global $config;
54

    
55
	if (!$id || !is_array($config['nat']['rule']))
56
		return;
57

    
58
	$a_nat = &$config['nat']['rule'];
59

    
60
	foreach ($a_nat as &$natent)
61
		if ($natent['associated-rule-id'] == $id)
62
			$natent['associated-rule-id'] = '';
63
}
64

    
65
if (!is_array($config['filter']['rule'])) {
66
	$config['filter']['rule'] = array();
67
}
68
filter_rules_sort();
69
$a_filter = &$config['filter']['rule'];
70

    
71
$if = $_GET['if'];
72
if ($_POST['if'])
73
	$if = $_POST['if'];
74

    
75
$ifdescs = get_configured_interface_with_descr();
76

    
77
// Drag and drop reordering
78
if($_REQUEST['dragdroporder']) {
79
	// First create a new ruleset array and tmp arrays
80
	$a_filter_before = array();
81
	$a_filter_order = array();
82
	$a_filter_order_tmp = array();
83
	$a_filter_after = array();
84
	$found = false;
85
	$drag_order = $_REQUEST['dragtable'];
86
	// Next traverse through rules building a new order for interface
87
	for ($i = 0; isset($a_filter[$i]); $i++) {
88
		if(( $_REQUEST['if'] == "FloatingRules" && isset($a_filter[$i]['floating']) ) || ( $a_filter[$i]['interface'] == $_REQUEST['if'] && !isset($a_filter[$i]['floating']) )) {
89
			$a_filter_order_tmp[] = $a_filter[$i];
90
			$found = true;
91
		} else if (!$found)
92
			$a_filter_before[] = $a_filter[$i];
93
		else
94
			$a_filter_after[] = $a_filter[$i];
95
	}
96
	// Reorder rules with the posted order
97
	for ($i = 0; $i<count($drag_order); $i++)
98
		$a_filter_order[] = $a_filter_order_tmp[$drag_order[$i]];
99
	// In case $drag_order didn't account for some rules, make sure we don't lose them
100
	if(count($a_filter_order) < count($a_filter_order_tmp)) {
101
		for ($i = 0; $i<count($a_filter_order_tmp); $i++)
102
			if(!in_array($i, $drag_order))
103
				$a_filter_order[] = $a_filter_order_tmp[$i];
104
	}
105
	// Overwrite filter rules with newly created items
106
	$config['filter']['rule'] = array_merge($a_filter_before, $a_filter_order, $a_filter_after);
107
	// Write configuration
108
	$config = write_config(gettext("Drag and drop firewall rules ordering update."));
109
	// Redirect back to page
110
	mark_subsystem_dirty('filter');
111
	$undo = array();
112
	foreach($_REQUEST['dragtable'] as $dt)
113
		$undo[] = "";
114
	$counter = 0;
115
	foreach($_REQUEST['dragtable'] as $dt) {
116
		$undo[$dt] = $counter;
117
		$counter++;
118
	}
119
	foreach($undo as $dt)
120
		$undotxt .= "&dragtable[]={$dt}";
121
	header("Location: firewall_rules.php?if=" . $_REQUEST['if'] . "&undodrag=true" . $undotxt);
122
	exit;
123
}
124

    
125
$icmptypes = array(
126
	"" => gettext("any"),
127
	"echoreq" => gettext("Echo request"),
128
	"echorep" => gettext("Echo reply"),
129
	"unreach" => gettext("Destination unreachable"),
130
	"squench" => gettext("Source quench"),
131
	"redir" => gettext("Redirect"),
132
	"althost" => gettext("Alternate Host"),
133
	"routeradv" => gettext("Router advertisement"),
134
	"routersol" => gettext("Router solicitation"),
135
	"timex" => gettext("Time exceeded"),
136
	"paramprob" => gettext("Invalid IP header"),
137
	"timereq" => gettext("Timestamp"),
138
	"timerep" => gettext("Timestamp reply"),
139
	"inforeq" => gettext("Information request"),
140
	"inforep" => gettext("Information reply"),
141
	"maskreq" => gettext("Address mask request"),
142
	"maskrep" => gettext("Address mask reply")
143
);
144

    
145
/* add group interfaces */
146
if (is_array($config['ifgroups']['ifgroupentry']))
147
	foreach($config['ifgroups']['ifgroupentry'] as $ifgen)
148
		if (have_ruleint_access($ifgen['ifname']))
149
			$iflist[$ifgen['ifname']] = $ifgen['ifname'];
150

    
151
foreach ($ifdescs as $ifent => $ifdesc)
152
	if(have_ruleint_access($ifent))
153
		$iflist[$ifent] = $ifdesc;
154

    
155
if ($config['l2tp']['mode'] == "server")
156
	if(have_ruleint_access("l2tp"))
157
		$iflist['l2tp'] = "L2TP VPN";
158

    
159
if ($config['pptpd']['mode'] == "server")
160
	if(have_ruleint_access("pptp"))
161
		$iflist['pptp'] = "PPTP VPN";
162

    
163
if (is_array($config['pppoes']['pppoe'])) {
164
	foreach ($config['pppoes']['pppoe'] as $pppoes)
165
		if (($pppoes['mode'] == 'server') && have_ruleint_access("pppoe"))
166
			$iflist['pppoe'] = "PPPoE Server";
167
}
168

    
169
/* add ipsec interfaces */
170
if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable']))
171
	if(have_ruleint_access("enc0"))
172
		$iflist["enc0"] = "IPsec";
173

    
174
/* add openvpn/tun interfaces */
175
if  ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"])
176
	$iflist["openvpn"] = "OpenVPN";
177

    
178
pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/interfaces_override");
179

    
180
if (!$if || !isset($iflist[$if])) {
181
	if ("any" == $if)
182
		$if = "FloatingRules";
183
	else if ("FloatingRules" != $if) {
184
		if (isset($iflist['wan']))
185
			$if = "wan";
186
		else
187
			$if = "FloatingRules";
188
	}
189
}
190

    
191
if ($_POST) {
192

    
193
	$pconfig = $_POST;
194

    
195
	if ($_POST['apply']) {
196
		$retval = 0;
197
		$retval = filter_configure();
198

    
199
		clear_subsystem_dirty('filter');
200

    
201
		pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/apply");
202

    
203
		$savemsg = sprintf(gettext("The settings have been applied. The firewall rules are now reloading in the background.<br />You can also %s monitor %s the reload progress"),"<a href='status_filter_reload.php'>","</a>");
204
	}
205
}
206

    
207
if ($_GET['act'] == "del") {
208
	if ($a_filter[$_GET['id']]) {
209
		if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) {
210
			delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']);
211
		}
212
		unset($a_filter[$_GET['id']]);
213
		if (write_config())
214
			mark_subsystem_dirty('filter');
215
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
216
		exit;
217
	}
218
}
219

    
220
// Handle save msg if defined
221
if($_REQUEST['savemsg'])
222
	$savemsg = htmlentities($_REQUEST['savemsg']);
223

    
224
if (isset($_POST['del_x'])) {
225
	/* delete selected rules */
226
	if (is_array($_POST['rule']) && count($_POST['rule'])) {
227
		foreach ($_POST['rule'] as $rulei) {
228
			delete_nat_association($a_filter[$rulei]['associated-rule-id']);
229
			unset($a_filter[$rulei]);
230
		}
231
		if (write_config())
232
			mark_subsystem_dirty('filter');
233
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
234
		exit;
235
	}
236
} else if ($_GET['act'] == "toggle") {
237
	if ($a_filter[$_GET['id']]) {
238
		if(isset($a_filter[$_GET['id']]['disabled']))
239
			unset($a_filter[$_GET['id']]['disabled']);
240
		else
241
			$a_filter[$_GET['id']]['disabled'] = true;
242
		if (write_config())
243
			mark_subsystem_dirty('filter');
244
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
245
		exit;
246
	}
247
} else {
248
	/* yuck - IE won't send value attributes for image buttons, while Mozilla does -
249
	   so we use .x/.y to fine move button clicks instead... */
250
	unset($movebtn);
251
	foreach ($_POST as $pn => $pd) {
252
		if (preg_match("/move_(\d+)_x/", $pn, $matches)) {
253
			$movebtn = $matches[1];
254
			break;
255
		}
256
	}
257
	/* move selected rules before this rule */
258
	if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) {
259
		$a_filter_new = array();
260

    
261
		/* copy all rules < $movebtn and not selected */
262
		for ($i = 0; $i < $movebtn; $i++) {
263
			if (!in_array($i, $_POST['rule']))
264
				$a_filter_new[] = $a_filter[$i];
265
		}
266

    
267
		/* copy all selected rules */
268
		for ($i = 0; $i < count($a_filter); $i++) {
269
			if ($i == $movebtn)
270
				continue;
271
			if (in_array($i, $_POST['rule']))
272
				$a_filter_new[] = $a_filter[$i];
273
		}
274

    
275
		/* copy $movebtn rule */
276
		if ($movebtn < count($a_filter))
277
			$a_filter_new[] = $a_filter[$movebtn];
278

    
279
		/* copy all rules > $movebtn and not selected */
280
		for ($i = $movebtn+1; $i < count($a_filter); $i++) {
281
			if (!in_array($i, $_POST['rule']))
282
				$a_filter_new[] = $a_filter[$i];
283
		}
284

    
285
		$a_filter = $a_filter_new;
286
		if (write_config())
287
			mark_subsystem_dirty('filter');
288
		header("Location: firewall_rules.php?if=" . htmlspecialchars($if));
289
		exit;
290
	}
291
}
292
$closehead = false;
293

    
294
include("head.inc");
295
?>
296
<link type="text/css" rel="stylesheet" href="/javascript/chosen/chosen.css" />
297
</head>
298

    
299
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
300
<script src="/javascript/chosen/chosen.jquery.js" type="text/javascript"></script>
301
<?php include("fbegin.inc"); ?>
302
<form action="firewall_rules.php" method="post">
303

    
304
<script type="text/javascript" src="/javascript/row_toggle.js"></script>
305
<?php if ($savemsg) print_info_box($savemsg); ?>
306
<?php if (is_subsystem_dirty('filter')): ?><p>
307
<?php
308
if($_REQUEST['undodrag']) {
309
	foreach($_REQUEST['dragtable'] as $dt)
310
		$dragtable .= "&dragtable[]={$dt}";
311
	print_info_box_np_undo(gettext("The firewall rule configuration has been changed.<br />You must apply the changes in order for them to take effect."), "apply" , gettext("Apply changes") , "firewall_rules.php?if={$_REQUEST['if']}&dragdroporder=true&{$dragtable}");
312
} else {
313
	print_info_box_np(gettext("The firewall rule configuration has been changed.<br />You must apply the changes in order for them to take effect."));
314
}
315
?>
316
<br />
317
<?php endif; ?>
318
<div id="loading" style="visibity:hidden">
319
    <img src="/themes/<?=$g['theme']?>/images/misc/loader.gif" alt="loader" /> <?php echo gettext("Loading, please wait..."); ?>
320
	<p>&nbsp;</p>
321
</div>
322
<?php
323
	pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/before_table");
324
?>
325
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="firewall rules">
326
	<tr><td class="tabnavtbl">
327
	<?php
328
	/* active tabs */
329
	$tab_array = array();
330
	if ("FloatingRules" == $if)
331
		$active = true;
332
	else
333
		$active = false;
334
	$tab_array[] = array(gettext("Floating"), $active, "firewall_rules.php?if=FloatingRules");
335
	$tabscounter = 0; $i = 0; foreach ($iflist as $ifent => $ifname) {
336
		if ($ifent == $if)
337
			$active = true;
338
		else
339
			$active = false;
340
		$tab_array[] = array($ifname, $active, "firewall_rules.php?if={$ifent}");
341
	}
342
	display_top_tabs($tab_array);
343
	?>
344
	</td></tr>
345
	<tr><td>
346
		<div id="mainarea">
347
		<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="main area">
348
			<?php
349
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/before_first_tr");
350
			?>
351
			<tr id="frheader">
352
			<td width="3%" class="list">&nbsp;</td>
353
			<td width="5%" class="list">&nbsp;</td>
354
			<td width="3%" class="listhdrr"><?=gettext("ID");?></td>
355
			<?php
356
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tablehead");
357
			?>
358
			<td width="6%" class="listhdrr"><?=gettext("Proto");?></td>
359
			<td width="12%" class="listhdrr"><?=gettext("Source");?></td>
360
			<td width="6%" class="listhdrr"><?=gettext("Port");?></td>
361
			<td width="12%" class="listhdrr"><?=gettext("Destination");?></td>
362
			<td width="6%" class="listhdrr"><?=gettext("Port");?></td>
363
			<td width="5%" class="listhdrr"><?=gettext("Gateway");?></td>
364
			<td width="8%" class="listhdrr"><?=gettext("Queue");?></td>
365
			<td width="5%" class="listhdrr"><?=gettext("Schedule");?></td>
366
			<?php
367
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_desc_tablehead");
368
			?>
369
			<td width="19%" class="listhdr"><?=gettext("Description");?></td>
370
			<td width="10%" class="list">
371
				<table border="0" cellspacing="0" cellpadding="1" summary="delete selected rules">
372
					<tr>
373
					<?php
374
						$nrules = 0;
375
						for ($i = 0; isset($a_filter[$i]); $i++) {
376
							$filterent = $a_filter[$i];
377
							if ($filterent['interface'] != $if && !isset($filterent['floating']))
378
								continue;
379
							if (isset($filterent['floating']) && "FloatingRules" != $if)
380
								continue;
381
							$nrules++;
382
						}
383
					?>
384
					<td>
385
					<?php if ($nrules == 0): ?>
386
						<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?gettext("delete selected rules"); ?>" border="0" alt="delete" /><?php else: ?>
387
						<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')" />
388
					<?php endif; ?>
389
					</td>
390
					<td align="center" valign="middle"><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>&amp;after=-1"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0" alt="add" /></a></td>
391
					</tr>
392
				</table>
393
			</td>
394
			</tr>
395
			<?php   // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1.
396
				if (!isset($config['system']['webgui']['noantilockout']) &&
397
					(((count($config['interfaces']) > 1) && ($if == 'lan'))
398
					|| ((count($config['interfaces']) == 1) && ($if == 'wan')))):
399

    
400
					$alports = implode('<br />', filter_get_antilockout_ports(true));
401
			?>
402
			<tr valign="top" id="antilockout">
403
			<td class="list">&nbsp;</td>
404
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" border="0" alt="pass" /></td>
405
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
406
			<?php
407
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr_antilockout");
408
			?>
409
			<td class="listr" style="background-color: #E0E0E0">*</td>
410
			<td class="listr" style="background-color: #E0E0E0">*</td>
411
			<td class="listr" style="background-color: #E0E0E0">*</td>
412
			<td class="listr" style="background-color: #E0E0E0"><?=$iflist[$if];?> Address</td>
413
			<td class="listr" style="background-color: #E0E0E0"><?= $alports ?></td>
414
			<td class="listr" style="background-color: #E0E0E0">*</td>
415
			<td class="listr" style="background-color: #E0E0E0">*</td>
416
			<td class="listr" style="background-color: #E0E0E0">&nbsp;</td>
417
			<td class="listbg"><?=gettext("Anti-Lockout Rule");?></td>
418
			<td valign="middle" class="list nowrap">
419
			<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
420
				<tr>
421
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="move" /></td>
422
					<td><a href="system_advanced_admin.php"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt="edit" /></a></td>
423
				</tr>
424
				<tr>
425
					<td align="center" valign="middle"></td>
426
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
427
				</tr>
428
				</table>
429
			</td>
430
			</tr>
431
<?php endif; ?>
432

    
433
<?php if (isset($config['interfaces'][$if]['blockpriv'])): ?>
434
			<tr valign="top" id="frrfc1918">
435
			<td class="list">&nbsp;</td>
436
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0" alt="block" /></td>
437
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
438
			<td class="listr" style="background-color: #E0E0E0">*</td>
439
			<td class="listr" style="background-color: #E0E0E0"><?=gettext("RFC 1918 networks");?></td>
440
			<td class="listr" style="background-color: #E0E0E0">*</td>
441
			<td class="listr" style="background-color: #E0E0E0">*</td>
442
			<td class="listr" style="background-color: #E0E0E0">*</td>
443
			<td class="listr" style="background-color: #E0E0E0">*</td>
444
			<td class="listr" style="background-color: #E0E0E0">*</td>
445
			<td class="listr" style="background-color: #E0E0E0">&nbsp;</td>
446
			<td class="listbg"><?=gettext("Block private networks");?></td>
447
			<td valign="middle" class="list nowrap">
448
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
449
					<tr>
450
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="edit" /></td>
451
					<td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt="edit" /></a></td>
452
					</tr>
453
					<tr>
454
					<td align="center" valign="middle"></td>
455
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
456
					</tr>
457
				</table>
458
			</td>
459
			</tr>
460
<?php endif; ?>
461
<?php if (isset($config['interfaces'][$if]['blockbogons'])): ?>
462
			<tr valign="top" id="frrfc1918">
463
			<td class="list">&nbsp;</td>
464
			<td class="listt" align="center"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" border="0" alt="block" /></td>
465
			<td class="listlr" style="background-color: #E0E0E0">&nbsp;</td>
466
			<td class="listr" style="background-color: #E0E0E0">*</td>
467
			<td class="listr" style="background-color: #E0E0E0"><?=gettext("Reserved/not assigned by IANA");?></td>
468
			<td class="listr" style="background-color: #E0E0E0">*</td>
469
			<td class="listr" style="background-color: #E0E0E0">*</td>
470
			<td class="listr" style="background-color: #E0E0E0">*</td>
471
			<td class="listr" style="background-color: #E0E0E0">*</td>
472
			<td class="listr" style="background-color: #E0E0E0">*</td>
473
			<td class="listr" style="background-color: #E0E0E0">*</td>
474
			<td class="listbg"><?=gettext("Block bogon networks");?></td>
475
			<td valign="middle" class="list nowrap">
476
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules before">
477
					<tr>
478
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules before this rule");?>" alt="move" /></td>
479
					<td><a href="interfaces.php?if=<?=htmlspecialchars($if)?>#rfc1918"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule");?>" width="17" height="17" border="0" alt=" edit" /></a></td>
480
					</tr>
481
					<tr>
482
					<td align="center" valign="middle"></td>
483
					<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus_d.gif" title="<?=gettext("add a new rule based on this one");?>" width="17" height="17" border="0" alt="add" /></td>
484
					</tr>
485
				</table>
486
			</td>
487
			</tr>
488
<?php endif; ?>
489
			<tbody id="dragtable">
490
<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++):
491
	pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/row_start");
492
	$filterent = $a_filter[$i];
493
	if ($filterent['interface'] != $if && !isset($filterent['floating']))
494
		continue;
495
	if (isset($filterent['floating']) && "FloatingRules" != $if)
496
		continue;
497
	$isadvset = firewall_check_for_advanced_options($filterent);
498
	if($isadvset)
499
		$advanced_set = "<img src=\"./themes/{$g['theme']}/images/icons/icon_advanced.gif\" title=\"" . gettext("advanced settings set") . ": {$isadvset}\" border=\"0\" alt=\"avanced\" />";
500
	else
501
		$advanced_set = "";
502
?>
503
			<tr valign="top" id="fr<?=$nrules;?>">
504
			<td class="listt">
505
				<input type="checkbox" id="frc<?=$nrules;?>" name="rule[]" value="<?=$i;?>" onclick="fr_bgcolor('<?=$nrules;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" />
506
				<?php echo $advanced_set; ?>
507
			</td>
508
			<td class="listt" align="center">
509
			<?php
510
				if ($filterent['type'] == "block")
511
					$iconfn = "block";
512
				else if ($filterent['type'] == "reject")
513
					$iconfn = "reject";
514
				else if ($filterent['type'] == "match")
515
					$iconfn = "match";
516
				else
517
					$iconfn = "pass";
518
				if (isset($filterent['disabled'])) {
519
					$textss = "<span class=\"gray\">";
520
					$textse = "</span>";
521
					$iconfn .= "_d";
522
				} else {
523
					$textss = $textse = "";
524
				}
525
			?>
526
				<a href="?if=<?=htmlspecialchars($if);?>&amp;act=toggle&amp;id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="11" height="11" border="0" title="<?=gettext("click to toggle enabled/disabled status");?>" alt="icon" /></a>
527
			<?php
528
				if (isset($filterent['log'])):
529
					$iconfnlog = "log_s";
530
				if (isset($filterent['disabled']))
531
					$iconfnlog .= "_d";
532
			?>
533
			<br /><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfnlog;?>.gif" width="11" height="15" border="0" alt="icon" />
534
<?php endif; ?>
535
			</td>
536
			<?php
537

    
538
				//build Alias popup box
539
				$alias_src_span_begin = "";
540
				$alias_src_port_span_begin = "";
541
				$alias_dst_span_begin = "";
542
				$alias_dst_port_span_begin = "";
543

    
544
				$alias_popup = rule_popup($filterent['source']['address'],pprint_port($filterent['source']['port']),$filterent['destination']['address'],pprint_port($filterent['destination']['port']));
545

    
546
				$alias_src_span_begin = $alias_popup["src"];
547
				$alias_src_port_span_begin = $alias_popup["srcport"];
548
				$alias_dst_span_begin = $alias_popup["dst"];
549
				$alias_dst_port_span_begin = $alias_popup["dstport"];
550

    
551
				$alias_src_span_end = $alias_popup["src_end"];
552
				$alias_src_port_span_end = $alias_popup["srcport_end"];
553
				$alias_dst_span_end = $alias_popup["dst_end"];
554
				$alias_dst_port_span_end = $alias_popup["dstport_end"];
555

    
556
				//build Schedule popup box
557
				$a_schedules = &$config['schedules']['schedule'];
558
				$schedule_span_begin = "";
559
				$schedule_span_end = "";
560
				$sched_caption_escaped = "";
561
				$sched_content = "";
562
				$schedstatus = false;
563
				$dayArray = array (gettext('Mon'),gettext('Tues'),gettext('Wed'),gettext('Thur'),gettext('Fri'),gettext('Sat'),gettext('Sun'));
564
				$monthArray = array (gettext('January'),gettext('February'),gettext('March'),gettext('April'),gettext('May'),gettext('June'),gettext('July'),gettext('August'),gettext('September'),gettext('October'),gettext('November'),gettext('December'));
565
				if($config['schedules']['schedule'] <> "" and is_array($config['schedules']['schedule'])) {
566
					foreach ($a_schedules as $schedule)
567
					{
568
						if ($schedule['name'] == $filterent['sched'] ){
569
							$schedstatus = filter_get_time_based_rule_status($schedule);
570

    
571
							foreach($schedule['timerange'] as $timerange) {
572
								$tempFriendlyTime = "";
573
								$tempID = "";
574
								$firstprint = false;
575
								if ($timerange){
576
									$dayFriendly = "";
577
									$tempFriendlyTime = "";
578

    
579
									//get hours
580
									$temptimerange = $timerange['hour'];
581
									$temptimeseparator = strrpos($temptimerange, "-");
582

    
583
									$starttime = substr ($temptimerange, 0, $temptimeseparator);
584
									$stoptime = substr ($temptimerange, $temptimeseparator+1);
585

    
586
									if ($timerange['month']){
587
										$tempmontharray = explode(",", $timerange['month']);
588
										$tempdayarray = explode(",",$timerange['day']);
589
										$arraycounter = 0;
590
										$firstDayFound = false;
591
										$firstPrint = false;
592
										foreach ($tempmontharray as $monthtmp){
593
											$month = $tempmontharray[$arraycounter];
594
											$day = $tempdayarray[$arraycounter];
595

    
596
											if (!$firstDayFound)
597
											{
598
												$firstDay = $day;
599
												$firstmonth = $month;
600
												$firstDayFound = true;
601
											}
602

    
603
											$currentDay = $day;
604
											$nextDay = $tempdayarray[$arraycounter+1];
605
											$currentDay++;
606
											if (($currentDay != $nextDay) || ($tempmontharray[$arraycounter] != $tempmontharray[$arraycounter+1])){
607
												if ($firstPrint)
608
													$dayFriendly .= ", ";
609
												$currentDay--;
610
												if ($currentDay != $firstDay)
611
													$dayFriendly .= $monthArray[$firstmonth-1] . " " . $firstDay . " - " . $currentDay ;
612
												else
613
													$dayFriendly .=  $monthArray[$month-1] . " " . $day;
614
												$firstDayFound = false;
615
												$firstPrint = true;
616
											}
617
											$arraycounter++;
618
										}
619
									}
620
									else
621
									{
622
										$tempdayFriendly = $timerange['position'];
623
										$firstDayFound = false;
624
										$tempFriendlyDayArray = explode(",", $tempdayFriendly);
625
										$currentDay = "";
626
										$firstDay = "";
627
										$nextDay = "";
628
										$counter = 0;
629
										foreach ($tempFriendlyDayArray as $day){
630
											if ($day != ""){
631
												if (!$firstDayFound)
632
												{
633
													$firstDay = $tempFriendlyDayArray[$counter];
634
													$firstDayFound = true;
635
												}
636
												$currentDay =$tempFriendlyDayArray[$counter];
637
												//get next day
638
												$nextDay = $tempFriendlyDayArray[$counter+1];
639
												$currentDay++;
640
												if ($currentDay != $nextDay){
641
													if ($firstprint)
642
														$dayFriendly .= ", ";
643
													$currentDay--;
644
													if ($currentDay != $firstDay)
645
														$dayFriendly .= $dayArray[$firstDay-1] . " - " . $dayArray[$currentDay-1];
646
													else
647
														$dayFriendly .= $dayArray[$firstDay-1];
648
													$firstDayFound = false;
649
													$firstprint = true;
650
												}
651
												$counter++;
652
											}
653
										}
654
									}
655
									$timeFriendly = $starttime . " - " . $stoptime;
656
									$description = $timerange['rangedescr'];
657
									$sched_content .= $dayFriendly . "; " . $timeFriendly . "<br />";
658
								}
659
							}
660
							$sched_caption_escaped = str_replace("'", "\'", $schedule['descr']);
661
							$schedule_span_begin = "<span style=\"cursor: help;\" onmouseover=\"domTT_activate(this, event, 'content', '<h1>{$sched_caption_escaped}</h1><p>{$sched_content}</p>', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><u>";
662
							$schedule_span_end = "</u></span>";
663
						}
664
					}
665
				}
666
				$printicon = false;
667
				$alttext = "";
668
				$image = "";
669
				if (!isset($filterent['disabled'])) {
670
					if ($schedstatus) {
671
						if ($iconfn == "block" || $iconfn == "reject") {
672
							$image = "icon_block";
673
							$alttext = gettext("Traffic matching this rule is currently being denied");
674
						} else {
675
							$image = "icon_pass";
676
							$alttext = gettext("Traffic matching this rule is currently being allowed");
677
						}
678
						$printicon = true;
679
					} else if ($filterent['sched']) {
680
						if ($iconfn == "block" || $iconfn == "reject")
681
							$image = "icon_block_d";
682
						else
683
							$image = "icon_block";
684
						$alttext = gettext("This rule is not currently active because its period has expired");
685
						$printicon = true;
686
					}
687
				}
688
			?>
689
			<td class="listlr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
690
				<?=$textss;?><?php if (isset($filterent['id'])) echo $filterent['id']."&nbsp;"; else echo "&nbsp;"; ?><?=$textse;?>
691
			</td>
692
			<?php
693
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr");
694
			?>
695
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
696
			<?=$textss;?>
697
			<?php
698
				if (isset($filterent['ipprotocol'])) {
699
					switch($filterent['ipprotocol']) {
700
						case "inet":
701
							echo "IPv4 ";
702
							break;
703
						case "inet6":
704
							echo "IPv6 ";
705
							break;
706
						case "inet46":
707
							echo "IPv4+6 ";
708
							break;
709
					}
710
				} else {
711
					echo "IPv4 ";
712
				}
713
				if (isset($filterent['protocol'])) {
714
					echo strtoupper($filterent['protocol']);
715
					if (strtoupper($filterent['protocol']) == "ICMP" && !empty($filterent['icmptype'])) {
716
						echo ' <span style="cursor: help;" title="ICMP type: ' . $icmptypes[$filterent['icmptype']] . '"><u>';
717
						echo $filterent['icmptype'];
718
						echo '</u></span>';
719
					}
720
				} else echo "*";
721
			?>
722
			<?=$textse;?>
723
			</td>
724
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
725
				<?=$textss;?><?php echo $alias_src_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['source']));?><?php echo $alias_src_span_end;?><?=$textse;?>
726
			</td>
727
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
728
				<?=$textss;?><?php echo $alias_src_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['source']['port'])); ?><?php echo $alias_src_port_span_end;?><?=$textse;?>
729
			</td>
730
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
731
				<?=$textss;?><?php echo $alias_dst_span_begin;?><?php echo htmlspecialchars(pprint_address($filterent['destination'])); ?><?php echo $alias_dst_span_end;?><?=$textse;?>
732
			</td>
733
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
734
				<?=$textss;?><?php echo $alias_dst_port_span_begin;?><?php echo htmlspecialchars(pprint_port($filterent['destination']['port'])); ?><?php echo $alias_dst_port_span_end;?><?=$textse;?>
735
			</td>
736
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
737
				<?=$textss;?><?php if (isset($config['interfaces'][$filterent['gateway']]['descr'])) echo htmlspecialchars($config['interfaces'][$filterent['gateway']]['descr']); else  echo htmlspecialchars(pprint_port($filterent['gateway'])); ?><?=$textse;?>
738
			</td>
739
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
740
			<?=$textss;?>
741
			<?php
742
				if (isset($filterent['ackqueue']) && isset($filterent['defaultqueue'])) {
743
					$desc = $filterent['ackqueue'] ;
744
					echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['ackqueue']}&amp;action=show\">{$desc}</a>";
745
					$desc = $filterent['defaultqueue'];
746
					echo "/<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&amp;action=show\">{$desc}</a>";
747
				} else if (isset($filterent['defaultqueue'])) {
748
					$desc = $filterent['defaultqueue'];
749
					echo "<a href=\"firewall_shaper_queues.php?queue={$filterent['defaultqueue']}&amp;action=show\">{$desc}</a>";
750
				} else
751
					echo gettext("none");
752
			?>
753
			<?=$textse;?>
754
			</td>
755
			<td class="listr" onclick="fr_toggle(<?=$nrules;?>)" id="frd<?=$nrules;?>" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';"><font color="black">
756
				<?php if ($printicon) { ?><img src="./themes/<?= $g['theme']; ?>/images/icons/<?php echo $image; ?>.gif" title="<?php echo $alttext;?>" border="0" alt="icon" /><?php } ?><?=$textss;?><?php echo $schedule_span_begin;?><?=htmlspecialchars($filterent['sched']);?>&nbsp;<?php echo $schedule_span_end; ?><?=$textse;?>
757
			</font></td>
758
			<?php
759
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_descr_tr");
760
			?>
761
			<td class="listbg descr" onclick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';">
762
				<?=$textss;?><?=htmlspecialchars($filterent['descr']);?>&nbsp;<?=$textse;?>
763
			</td>
764
			<td valign="middle" class="list nowrap">
765
				<table border="0" cellspacing="0" cellpadding="1" summary="move before">
766
					<tr>
767
					<td><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17" title="<?=gettext("move selected rules before this rule"); ?>" onmouseover="fr_insline(<?=$nrules;?>, true)" onmouseout="fr_insline(<?=$nrules;?>, false)" /></td>
768
					<td><a href="firewall_rules_edit.php?id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" title="<?=gettext("edit rule"); ?>" width="17" height="17" border="0" alt="edit" /></a></td>
769
					</tr>
770
					<tr>
771
					<td align="center" valign="middle"><a href="firewall_rules.php?act=del&amp;if=<?=htmlspecialchars($if);?>&amp;id=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete rule"); ?>" onclick="return confirm('Do you really want to delete this rule?')" alt="delete" /></a></td>
772
					<td><a href="firewall_rules_edit.php?dup=<?=$i;?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add a new rule based on this one"); ?>" width="17" height="17" border="0" alt="add" /></a></td>
773
					</tr>
774
				</table>
775
			</td>
776
			</tr>
777
			<?php $nrules++; endfor; ?>
778
			  <tr><td></td></tr></tbody>
779
<?php if ($nrules == 0): ?>
780
			<tr>
781
			<td class="listt"></td>
782
			<td class="listt"></td>
783
			<td class="listlr" colspan="10" align="center" valign="middle">
784
			<span class="gray">
785
	<?php if ($_REQUEST['if'] == "FloatingRules"): ?>
786
				<?=gettext("No floating rules are currently defined."); ?><br /><br />
787
	<?php else: ?>
788
				<?=gettext("No rules are currently defined for this interface"); ?><br />
789
				<?=gettext("All incoming connections on this interface will be blocked until you add pass rules."); ?><br /><br />
790
	<?php endif; ?>
791
				<?=gettext("Click the"); ?> <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" border="0" width="17" height="17" align="middle" alt="add" /></a><?=gettext(" button to add a new rule.");?></span>
792
			</td>
793
			</tr>
794
<?php endif; ?>
795
			<tr id="fr<?=$nrules;?>">
796
			<td class="list"></td>
797
			<td class="list"></td>
798
			<?php
799
				pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_id_tr_belowtable");
800
			?>
801
			<td class="list">&nbsp;</td>
802
			<td class="list">&nbsp;</td>
803
			<td class="list">&nbsp;</td>
804
			<td class="list">&nbsp;</td>
805
			<td class="list">&nbsp;</td>
806
			<td class="list">&nbsp;</td>
807
			<td class="list">&nbsp;</td>
808
			<td class="list">&nbsp;</td>
809
			<td class="list">&nbsp;</td>
810
			<td class="list">&nbsp;</td>
811
			<td class="list">
812
				<table border="0" cellspacing="0" cellpadding="1" summary="move rules">
813
					<tr>
814
					<td>
815
						<?php if ($nrules == 0): ?><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_left_d.gif" width="17" height="17" title="<?=gettext("move selected rules to end");?>" border="0" alt="move" /><?php else: ?><input name="move_<?=$i;?>" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_left.gif" style="width:17;height:17" title="<?=gettext("move selected rules to end");?>" onmouseover="fr_insline(<?=$nrules;?>, true)" onmouseout="fr_insline(<?=$nrules;?>, false)" /><?php endif; ?></td>
816
					<td></td>
817
					</tr>
818
					<tr>
819
					<td>
820
<?php if ($nrules == 0): ?>
821
						<img src="./themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" title="<?=gettext("delete selected rules");?>" border="0" alt="delete" /><?php else: ?>
822
						<input name="del" type="image" src="./themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" style="width:17;height:17" title="<?=gettext("delete selected rules");?>" onclick="return confirm('<?=gettext('Do you really want to delete the selected rules?');?>')" />
823
<?php endif; ?>
824
					</td>
825
			                <td><a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" title="<?=gettext("add new rule");?>" width="17" height="17" border="0" alt="add" /></a></td>
826
					</tr>
827
				</table>
828
			</td>
829
			</tr>
830
		</table>
831
		<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0" summary="icons">
832
			<tr>
833
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif" width="11" height="11" alt="pass" /></td>
834
				<td width="100"><?=gettext("pass");?></td>
835
				<td width="14"></td>
836
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_match.gif" width="11" height="11" alt="match" /></td>
837
				<td width="100"><?=gettext("match");?></td>
838
				<td width="14"></td>
839
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block.gif" width="11" height="11" alt="block" /></td>
840
				<td width="100"><?=gettext("block");?></td>
841
				<td width="14"></td>
842
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject.gif" width="11" height="11" alt="reject" /></td>
843
				<td width="100"><?=gettext("reject");?></td>
844
				<td width="14"></td>
845
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log.gif" width="11" height="11" alt="log" /></td>
846
				<td width="100"><?=gettext("log");?></td>
847
			</tr>
848
			<tr>
849
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_pass_d.gif" width="11" height="11" alt="pass disabled" /></td>
850
				<td class="nowrap"><?=gettext("pass (disabled)");?></td>
851
				<td>&nbsp;</td>
852
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_match_d.gif" width="11" height="11" alt="match disabled" /></td>
853
				<td class="nowrap"><?=gettext("match (disabled)");?></td>
854
				<td>&nbsp;</td>
855
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_block_d.gif" width="11" height="11" alt="block disabled" /></td>
856
				<td class="nowrap"><?=gettext("block (disabled)");?></td>
857
				<td>&nbsp;</td>
858
				<td><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_reject_d.gif" width="11" height="11" alt="reject disabled" /></td>
859
				<td class="nowrap"><?=gettext("reject (disabled)");?></td>
860
				<td>&nbsp;</td>
861
				<td width="16"><img src="./themes/<?= $g['theme']; ?>/images/icons/icon_log_d.gif" width="11" height="11" alt="log disabled" /></td>
862
				<td class="nowrap"><?=gettext("log (disabled)");?></td>
863
			</tr>
864
			<tr>
865
				<td colspan="10">
866
					<p>&nbsp;</p>
867
					<strong>
868
						<span class="red"><?=gettext("Hint:");?></span>
869
					</strong><br />
870
					<ul>
871
					<?php if ("FloatingRules" != $if): ?>
872
						<li><?=gettext("Rules are evaluated on a first-match basis (i.e. " .
873
						"the action of the first rule to match a packet will be executed). " .
874
						"This means that if you use block rules, you'll have to pay attention " .
875
						"to the rule order. Everything that isn't explicitly passed is blocked " .
876
						"by default. ");?>
877
						</li>
878
					<?php else: ?>
879
						<li><?=gettext("Floating rules are evaluated on a first-match basis (i.e. " .
880
						"the action of the first rule to match a packet will be executed) only " .
881
						"if the 'quick' option is checked on a rule. Otherwise they will only apply if no " .
882
						"other rules match. Pay close attention to the rule order and options " .
883
						"chosen. If no rule here matches, the per-interface or default rules are used. ");?>
884
						</li>
885
					<?php endif; ?>
886
					</ul>
887
				 </td>
888
			</tr>
889
		</table>
890
		</div>
891
	</td>
892
	</tr>
893
</table>
894
<input type="hidden" name="if" value="<?=htmlspecialchars($if);?>" />
895
<script type="text/javascript">
896
//<![CDATA[
897
	var number_of_rules = <?=$nrules?>;
898
	<?php $nrules = 0; for ($i = 0; isset($a_filter[$i]); $i++): ?>
899
	/*
900
		Sortable.create("dragtable", {
901
			tag:"tr",
902
			format:"fr([0-9999999])",
903
			containment:["dragtable"],
904
			onChange:function(affected) {
905
				document.body.style.cursor = 'move';
906
			},
907
			onUpdate:function(container) {
908
				document.body.style.cursor = 'move';
909
				updateOrder(Sortable.serialize('dragtable', 'tr'));
910
			}
911
		});
912
	*/
913
	<?php endfor; ?>
914
	function updateOrder(order) {
915
		if(document.getElementById("redboxtable"))
916
			jQuery('#redboxtable').hide();
917
		jQuery('#loading').show();
918
		document.body.style.cursor = 'wait';
919
		document.location = 'firewall_rules.php?if=<?=htmlspecialchars($if);?>&dragdroporder=true&' + Sortable.serialize('dragtable', 'tr');
920
		return;
921
	}
922
	jQuery('#loading').hide();
923
//]]>
924
</script>
925
</form>
926
<?php include("fend.inc"); ?>
927
</body>
928
</html>
(71-71/256)