summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-05-18 19:49:41 +0000
committerErmal <eri@pfsense.org>2012-05-18 19:49:41 +0000
commit1346306cf7bdc82d4f33b607e46452fe6efa691f (patch)
treeec0c166a3633206053490a64a0eec9ae3a20b667
parent9c408ade49967be256a02a4ee64aedee6614e6b3 (diff)
downloadpfsense-1346306cf7bdc82d4f33b607e46452fe6efa691f.zip
pfsense-1346306cf7bdc82d4f33b607e46452fe6efa691f.tar.gz
Allow 802.1p tags to be controlled from firewall rules edit screen
-rw-r--r--etc/inc/filter.inc8
-rwxr-xr-xusr/local/www/firewall_rules_edit.php41
-rw-r--r--usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js6
3 files changed, 53 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 3cbfe61..3dccbab 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2171,6 +2171,10 @@ function filter_generate_user_rule($rule) {
$aline['tagged'] = " tagged " .$rule['tagged'] . " ";
if(!empty($rule['dscp']))
$aline['dscp'] = " dscp " . $rule['dscp'] . " ";
+ if(!empty($rule['vlanprio']))
+ $aline['vlanprio'] = " ieee8021q-pcp " . $rule['vlanprio'] . " ";
+ if(!empty($rule['vlanprioset']))
+ $aline['vlanprioset'] = " ieee8021q-setpcp " . $rule['vlanprioset'] . " ";
if($type == "pass") {
if(isset($rule['allowopts']))
$aline['allowopts'] = " allow-opts ";
@@ -2323,7 +2327,7 @@ function filter_generate_user_rule($rule) {
$line .= $aline['type'] . $aline['direction'] . $aline['log'] . $aline['quick'] .
$aline['interface'] . $aline['ipprotocol'] . $aline['prot'] . $aline['src'] . $aline['os'] .
$negate_networks . $aline['icmp-type'] . $aline['icmp6-type'] . $aline['tag'] . $aline['tagged'] .
- $aline['dscp'] . $aline['allowopts'] . $aline['flags'] .
+ $aline['vlanprio'] . $aline['vlanprioset'] . $aline['dscp'] . $aline['allowopts'] . $aline['flags'] .
$aline['queue'] . $aline['dnpipe'] . $aline['schedlabel'] .
" label \"NEGATE_ROUTE: Negate policy routing for destination\"\n";
@@ -2332,7 +2336,7 @@ function filter_generate_user_rule($rule) {
$line .= $aline['type'] . $aline['direction'] . $aline['log'] . $aline['quick'] . $aline['interface'] .
$aline['reply'] . $aline['route'] . $aline['ipprotocol'] . $aline['prot'] . $aline['src'] . $aline['os'] . $aline['dst'] .
$aline['divert'] . $aline['icmp-type'] . $aline['icmp6-type'] . $aline['tag'] . $aline['tagged'] . $aline['dscp'] .
- $aline['allowopts'] . $aline['flags'] . $aline['queue'] . $aline['dnpipe'] . $aline['schedlabel'];
+ $aline['vlanprio'] . $aline['vlanprioset'] . $aline['allowopts'] . $aline['flags'] . $aline['queue'] . $aline['dnpipe'] . $aline['schedlabel'];
return $line;
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index b53d151..2629731 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -171,6 +171,8 @@ if (isset($id) && $a_filter[$id]) {
//schedule support
$pconfig['sched'] = $a_filter[$id]['sched'];
+ $pconfig['vlanprio'] = $a_filter[$id]['vlanprio'];
+ $pconfig['vlanprioset'] = $a_filter[$id]['vlanprioset'];
if (!isset($_GET['dup']))
$pconfig['associated-rule-id'] = $a_filter[$id]['associated-rule-id'];
@@ -576,6 +578,13 @@ if ($_POST) {
$filterent['sched'] = $_POST['sched'];
}
+ if ($_POST['vlanprio'] != "") {
+ $filterent['vlanprio'] = $_POST['vlanprio'];
+ }
+ if ($_POST['vlanprioset'] != "") {
+ $filterent['vlanprioset'] = $_POST['vlanprioset'];
+ }
+
// If we have an associated nat rule, make sure the source and destination doesn't change
if( isset($a_filter[$id]['associated-rule-id']) ) {
$filterent['interface'] = $a_filter[$id]['interface'];
@@ -1249,6 +1258,38 @@ $i--): ?>
</div>
</td>
</tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("802.1p");?></td>
+ <td width="78%" class="vtable">
+ <div id="showadvvlanpriobox" <?php if (!empty($pconfig['vlanprio'])) echo "style='display:none'"; ?>>
+ <input type="button" onClick="show_advanced_vlanprio()" value="<?=gettext("Advanced"); ?>"></input> - <?=gettext("Show advanced option");?></a>
+ </div>
+ <div id="showvlanprioadv" <?php if (empty($pconfig['vlanprio'])) echo "style='display:none'"; ?>>
+ <?php $vlanprio = array("none", "be", "bk", "ee", "ca", "vi", "vo", "ic", "nc"); ?>
+<?php
+ $opts = "";
+ foreach($vlanprio as $vprio) {
+ if ($vprio == $pconfig['vlanprio'])
+ $selected = " SELECTED";
+ else
+ $selected = "";
+ if ($vprio == "none")
+ $opts .= "<option value=\"\" {$vprio}>{$vprio}</option>\n";
+ else
+ $opts .= "<option value=\"{$vprio}\" {$selected}>" . strtoupper($vprio) . "</option>\n";
+ }
+?>
+ <select name='vlanprio'>
+ <?php echo $opts; ?>
+ </select>
+ <p><?=gettext("Choose 802.1p priority to match on");?></p>
+ <select name='vlanprioset'>
+ <?php echo $opts; ?>
+ </select>
+ <p><?=gettext("Choose 802.1p priority to apply");?></p>
+ </div>
+ </td>
+ </tr>
<?php
//build list of schedules
$schedules = array();
diff --git a/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js b/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js
index 138dbf4..4348b0e 100644
--- a/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js
+++ b/usr/local/www/javascript/firewall_rules_edit/firewall_rules_edit.js
@@ -149,6 +149,12 @@ function show_advanced_noxmlrpc() {
aodiv.style.display = "block";
}
+function show_advanced_vlanprio() {
+ document.getElementById("showadvvlanpriobox").innerHTML='';
+ aodiv = document.getElementById('showvlanprioadv');
+ aodiv.style.display = "block";
+}
+
function show_advanced_schedule() {
document.getElementById("showadvschedulebox").innerHTML='';
aodiv = document.getElementById('showscheduleadv');
OpenPOWER on IntegriCloud