diff options
author | Stephen Beaver <sbeaver@netgate.com> | 2015-09-15 08:46:41 -0400 |
---|---|---|
committer | Stephen Beaver <sbeaver@netgate.com> | 2015-09-15 08:48:57 -0400 |
commit | 6cb366de714bd8a81d7d54fcaf5cf1ef5bf455d2 (patch) | |
tree | 1b627ab5ab8767c64d23d7c49aa2c1e5b590dc9f /src/usr | |
parent | 2eea22baf2c48ea19bd4ccaa6ca0796c006e2e4a (diff) | |
download | pfsense-6cb366de714bd8a81d7d54fcaf5cf1ef5bf455d2.zip pfsense-6cb366de714bd8a81d7d54fcaf5cf1ef5bf455d2.tar.gz |
Double-click to edit, click to select, multi-delete and drag to re-order now supported on:
firewall-nat.php
firewall-nat-out.php
firewall_nat-1to1.php
firewall_rules.php
Diffstat (limited to 'src/usr')
-rw-r--r-- | src/usr/local/www/firewall_aliases.php | 3 | ||||
-rw-r--r-- | src/usr/local/www/firewall_nat.php | 85 | ||||
-rw-r--r-- | src/usr/local/www/firewall_nat_1to1.php | 201 | ||||
-rw-r--r-- | src/usr/local/www/firewall_nat_out.php | 161 | ||||
-rw-r--r-- | src/usr/local/www/firewall_rules.php | 165 |
5 files changed, 277 insertions, 338 deletions
diff --git a/src/usr/local/www/firewall_aliases.php b/src/usr/local/www/firewall_aliases.php index 83d1c3c..89fe0e7 100644 --- a/src/usr/local/www/firewall_aliases.php +++ b/src/usr/local/www/firewall_aliases.php @@ -189,7 +189,8 @@ $shortcut_section = "aliases"; include("head.inc"); if ($savemsg) - print_info_box($savemsg); + print_info_box($savemsg, 'success'); + if (is_subsystem_dirty('aliases')) print_info_box_np(gettext("The alias list has been changed.") . "<br />" . gettext("You must apply the changes in order for them to take effect.")); diff --git a/src/usr/local/www/firewall_nat.php b/src/usr/local/www/firewall_nat.php index df6bef5..2545072 100644 --- a/src/usr/local/www/firewall_nat.php +++ b/src/usr/local/www/firewall_nat.php @@ -80,20 +80,22 @@ if (!is_array($config['nat']['rule'])) { $a_nat = &$config['nat']['rule']; /* update rule order, POST[rule] is an array of ordered IDs */ -if (is_array($_POST['rule']) && !empty($_POST['rule'])) { - $a_nat_new = array(); +if($_POST['order-store']) { + if (is_array($_POST['rule']) && !empty($_POST['rule'])) { + $a_nat_new = array(); - // if a rule is not in POST[rule], it has been deleted by the user - foreach ($_POST['rule'] as $id) - $a_nat_new[] = $a_nat[$id]; + // if a rule is not in POST[rule], it has been deleted by the user + foreach ($_POST['rule'] as $id) + $a_nat_new[] = $a_nat[$id]; - $a_nat = $a_nat_new; + $a_nat = $a_nat_new; - if (write_config()) - mark_subsystem_dirty('filter'); + if (write_config()) + mark_subsystem_dirty('filter'); - header("Location: firewall_nat.php"); - exit; + header("Location: firewall_nat.php"); + exit; + } } /* if a custom message has been passed along, lets process it */ @@ -102,7 +104,6 @@ if ($_GET['savemsg']) { } if ($_POST) { - $pconfig = $_POST; if ($_POST['apply']) { @@ -154,63 +155,17 @@ if (isset($_POST['del_x'])) { mark_subsystem_dirty('filter'); } + unset($a_nat[$rulei]); } + if (write_config()) { mark_subsystem_dirty('natconf'); } + header("Location: firewall_nat.php"); exit; } - -} else { - /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ - unset($movebtn); - foreach ($_POST as $pn => $pd) { - if (preg_match("/move_(\d+)_x/", $pn, $matches)) { - $movebtn = $matches[1]; - break; - } - } - /* move selected rules before this rule */ - if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) { - $a_nat_new = array(); - - /* copy all rules < $movebtn and not selected */ - for ($i = 0; $i < $movebtn; $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_nat_new[] = $a_nat[$i]; - } - } - - /* copy all selected rules */ - for ($i = 0; $i < count($a_nat); $i++) { - if ($i == $movebtn) { - continue; - } - if (in_array($i, $_POST['rule'])) { - $a_nat_new[] = $a_nat[$i]; - } - } - - /* copy $movebtn rule */ - if ($movebtn < count($a_nat)) { - $a_nat_new[] = $a_nat[$movebtn]; - } - - /* copy all rules > $movebtn and not selected */ - for ($i = $movebtn+1; $i < count($a_nat); $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_nat_new[] = $a_nat[$i]; - } - } - $a_nat = $a_nat_new; - if (write_config()) { - mark_subsystem_dirty('natconf'); - } - header("Location: firewall_nat.php"); - exit; - } } $closehead = false; @@ -301,7 +256,6 @@ foreach ($a_nat as $natent): </td> <td> - <input type="hidden" name="rule[]" value="<?=$i?>" /> <?=$textss?><?=strtoupper($natent['protocol'])?><?=$textse?> </td> @@ -415,8 +369,8 @@ endforeach; <div class="pull-right"> <a href="firewall_nat_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add new rule')?>"><?=gettext('Add new rule')?></a> - <input name="del" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected rules"); ?>" /> - <input type="submit" id="order-store" class="btn btn-primary btn-sm" value="<?=gettext("Save changes")?>" disabled="disabled" /> + <input name="del_x" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected rules"); ?>" /> + <input type="submit" id="order-store" name="order-store" class="btn btn-primary btn-sm" value="<?=gettext("Save changes")?>" disabled="disabled" /> </div> </form> @@ -454,6 +408,11 @@ events.push(function() { $('#order-store').removeAttr('disabled'); } }); + + // Check all of the rule checkboxes so that their values are posted + $('#order-store').click(function () { + $('[id^=frc]').prop('checked', true); + }); }); </script> <?php diff --git a/src/usr/local/www/firewall_nat_1to1.php b/src/usr/local/www/firewall_nat_1to1.php index 753d030..e59af92 100644 --- a/src/usr/local/www/firewall_nat_1to1.php +++ b/src/usr/local/www/firewall_nat_1to1.php @@ -4,55 +4,55 @@ firewall_nat_1to1.php */ /* ==================================================================== - * Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved. - * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net> + * Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved. + * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net> * part of m0n0wall (http://m0n0.ch/wall) * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgment: - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution. (http://www.pfsense.org/). + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgment: + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution. (http://www.pfsense.org/). * - * 4. The names "pfSense" and "pfSense Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * coreteam@pfsense.org. + * 4. The names "pfSense" and "pfSense Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * coreteam@pfsense.org. * - * 5. Products derived from this software may not be called "pfSense" - * nor may "pfSense" appear in their names without prior written - * permission of the Electric Sheep Fencing, LLC. + * 5. Products derived from this software may not be called "pfSense" + * nor may "pfSense" appear in their names without prior written + * permission of the Electric Sheep Fencing, LLC. * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: * - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution (http://www.pfsense.org/). + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution (http://www.pfsense.org/). * - * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. * - * ==================================================================== + * ==================================================================== * */ /* @@ -78,20 +78,22 @@ if (!is_array($config['nat']['onetoone'])) { $a_1to1 = &$config['nat']['onetoone']; /* update rule order, POST[rule] is an array of ordered IDs */ -if (is_array($_POST['rule']) && !empty($_POST['rule'])) { - $a_1to1_new = array(); - - // if a rule is not in POST[rule], it has been deleted by the user - foreach ($_POST['rule'] as $id) - $a_1to1_new[] = $a_1to1[$id]; - - $a_1to1 = $a_1to1_new; - - if (write_config()) - mark_subsystem_dirty('filter'); - - header("Location: firewall_nat_1to1.php"); - exit; +if($_POST['order-store']) { + if (is_array($_POST['rule']) && !empty($_POST['rule'])) { + $a_1to1_new = array(); + + // if a rule is not in POST[rule], it has been deleted by the user + foreach ($_POST['rule'] as $id) + $a_1to1_new[] = $a_1to1[$id]; + + $a_1to1 = $a_1to1_new; + + if (write_config()) + mark_subsystem_dirty('natconf'); + + header("Location: firewall_nat_1to1.php"); + exit; + } } if ($_POST) { @@ -115,6 +117,7 @@ if ($_GET['act'] == "del") { if (write_config()) { mark_subsystem_dirty('natconf'); } + header("Location: firewall_nat_1to1.php"); exit; } @@ -126,9 +129,11 @@ if (isset($_POST['del_x'])) { foreach ($_POST['rule'] as $rulei) { unset($a_1to1[$rulei]); } + if (write_config()) { mark_subsystem_dirty('natconf'); } + header("Location: firewall_nat_1to1.php"); exit; } @@ -146,57 +151,6 @@ if (isset($_POST['del_x'])) { header("Location: firewall_nat_1to1.php"); exit; } -} else { - /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ - unset($movebtn); - foreach ($_POST as $pn => $pd) { - if (preg_match("/move_(\d+)_x/", $pn, $matches)) { - $movebtn = $matches[1]; - break; - } - } - /* move selected rules before this rule */ - if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) { - $a_1to1_new = array(); - - /* copy all rules < $movebtn and not selected */ - for ($i = 0; $i < $movebtn; $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_1to1_new[] = $a_1to1[$i]; - } - } - - /* copy all selected rules */ - for ($i = 0; $i < count($a_1to1); $i++) { - if ($i == $movebtn) { - continue; - } - if (in_array($i, $_POST['rule'])) { - $a_1to1_new[] = $a_1to1[$i]; - } - } - - /* copy $movebtn rule */ - if ($movebtn < count($a_1to1)) { - $a_1to1_new[] = $a_1to1[$movebtn]; - } - - /* copy all rules > $movebtn and not selected */ - for ($i = $movebtn+1; $i < count($a_1to1); $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_1to1_new[] = $a_1to1[$i]; - } - } - if (count($a_1to1_new) > 0) { - $a_1to1 = $a_1to1_new; - } - - if (write_config()) { - mark_subsystem_dirty('natconf'); - } - header("Location: firewall_nat_1to1.php"); - exit; - } } $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("1:1")); @@ -223,6 +177,7 @@ display_top_tabs($tab_array); <table class="table table-striped table-hover table-condensed"> <thead> <tr> + <th><!-- checkbox --></th> <th><!-- icon --></th> <th><?=gettext("Interface"); ?></th> <th><?=gettext("External IP"); ?></th> @@ -245,7 +200,11 @@ display_top_tabs($tab_array); $iconfn = "pass"; } ?> - <tr id="fr<?=$i?>"> + <tr id="fr<?=$i;?>" onClick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_1to1_edit.php?id=<?=$i;?>';"> + <td > + <input type="checkbox" id="frc<?=$i;?>" onClick="fr_toggle(<?=$i;?>)" name="rule[]" value="<?=$i;?>"/> + </td> + <td> <a href="?act=toggle&id=<?=$i?>"> <i class="<?= ($iconfn == "pass") ? "icon-ok":"icon-remove"?>" title="<?=gettext("click to toggle enabled/disabled status")?>"></i> @@ -263,7 +222,6 @@ display_top_tabs($tab_array); ?> </td> <td> - <input type="hidden" name="rule[]" value="<?=$i?>" /> <?php $source_net = pprint_address($natent['source']); $source_cidr = strstr($source_net, '/'); @@ -304,7 +262,8 @@ display_top_tabs($tab_array); <nav class="action-buttons"> <a href="firewall_nat_1to1_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add new mapping')?>"><?=gettext('Add new mapping')?></a> - <input type="submit" id="order-store" class="btn btn-primary btn-sm" value="store changes" disabled="disabled" /> + <input name="del_x" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected rule"); ?>" /> + <input type="submit" id="order-store" name="order-store" class="btn btn-primary btn-sm" value="store changes" disabled="disabled" /> </nav> </form> @@ -321,6 +280,31 @@ print_info_box(gettext('Depending on the way your WAN connection is setup, you m </div> <script> +function fr_toggle(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var checkbox = document.getElementById(prefix + 'c' + id); + checkbox.checked = !checkbox.checked; + fr_bgcolor(id, prefix); +} + +function fr_bgcolor(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var row = document.getElementById(prefix + id); + var checkbox = document.getElementById(prefix + 'c' + id); + var cells = row.getElementsByTagName('td'); + var cellcnt = cells.length; + + for (i = 0; i < cellcnt-1; i++) { + cells[i].style.backgroundColor = checkbox.checked ? "#DDF4FF" : "#FFFFFF"; + } +} +</script> + +<script> events.push(function() { // Make rules draggable/sortable $('table tbody.user-entries').sortable({ @@ -329,6 +313,11 @@ events.push(function() { $('#order-store').removeAttr('disabled'); } }); + + // Check all of the rule checkboxes so that their values are posted + $('#order-store').click(function () { + $('[id^=frc]').prop('checked', true); + }); }); </script> <?php include("foot.inc"); ?>
\ No newline at end of file diff --git a/src/usr/local/www/firewall_nat_out.php b/src/usr/local/www/firewall_nat_out.php index df8f156..2c8f22c 100644 --- a/src/usr/local/www/firewall_nat_out.php +++ b/src/usr/local/www/firewall_nat_out.php @@ -85,21 +85,27 @@ if (!is_array($config['nat']['outbound']['rule'])) { $a_out = &$config['nat']['outbound']['rule']; -/* update rule order, POST[rule] is an array of ordered IDs */ -if (is_array($_POST['rule']) && !empty($_POST['rule'])) { - $a_out_new = array(); +// update rule order, POST[rule] is an array of ordered IDs +// All rule are 'checked' before posting +if (isset($_POST['order-store'])) { + if(is_array($_POST['rule']) && !empty($_POST['rule'])) { - // if a rule is not in POST[rule], it has been deleted by the user - foreach ($_POST['rule'] as $id) - $a_out_new[] = $a_out[$id]; + $a_out_new = array(); - $a_out = $a_out_new; + // if a rule is not in POST[rule], it has been deleted by the user + foreach ($_POST['rule'] as $id) { + $a_out_new[] = $a_out[$id]; + } - if (write_config()) - mark_subsystem_dirty('filter'); + $a_out = $a_out_new; - header("Location: firewall_nat_out.php"); - exit; + if (write_config()) + mark_subsystem_dirty('natconf'); + + header("Location: firewall_nat_out.php"); + exit; + + } } if (!isset($config['nat']['outbound']['mode'])) @@ -175,30 +181,41 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") { if (write_config()) { mark_subsystem_dirty('natconf'); } + header("Location: firewall_nat_out.php"); exit; } +// Delete a single rule/map if ($_GET['act'] == "del") { + if ($a_out[$_GET['id']]) { unset($a_out[$_GET['id']]); if (write_config()) { mark_subsystem_dirty('natconf'); } - header("Location: firewall_nat_out.php"); - exit; + + header("Location: firewall_nat_out.php"); + exit; } } +// Delete multiple maps Only checked rules will be in the +// POST if (isset($_POST['del_x'])) { /* delete selected rules */ + print('Deleting rows<br />'); + if (is_array($_POST['rule']) && count($_POST['rule'])) { foreach ($_POST['rule'] as $rulei) { + print('Deleting ' . $rulei . '<br />'); unset($a_out[$rulei]); } + if (write_config()) { mark_subsystem_dirty('natconf'); } + header("Location: firewall_nat_out.php"); exit; } @@ -213,111 +230,12 @@ if (isset($_POST['del_x'])) { if (write_config("Firewall: NAT: Outbound, enable/disable NAT rule")) { mark_subsystem_dirty('natconf'); } - header("Location: firewall_nat_out.php"); - exit; - } -} else { - /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ - unset($movebtn); - foreach ($_POST as $pn => $pd) { - if (preg_match("/move_(\d+)_x/", $pn, $matches)) { - $movebtn = $matches[1]; - break; - } - } - /* move selected rules before this rule */ - if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) { - $a_out_new = array(); - - /* copy all rules < $movebtn and not selected */ - for ($i = 0; $i < $movebtn; $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_out_new[] = $a_out[$i]; - } - } - - /* copy all selected rules */ - for ($i = 0; $i < count($a_out); $i++) { - if ($i == $movebtn) { - continue; - } - if (in_array($i, $_POST['rule'])) { - $a_out_new[] = $a_out[$i]; - } - } - - /* copy $movebtn rule */ - if ($movebtn < count($a_out)) { - $a_out_new[] = $a_out[$movebtn]; - } - /* copy all rules > $movebtn and not selected */ - for ($i = $movebtn+1; $i < count($a_out); $i++) { - if (!in_array($i, $_POST['rule'])) { - $a_out_new[] = $a_out[$i]; - } - } - if (count($a_out_new) > 0) { - $a_out = $a_out_new; - } - - if (write_config()) { - mark_subsystem_dirty('natconf'); - } header("Location: firewall_nat_out.php"); exit; } } -function rule_popup($src, $srcport, $dst, $dstport) { - global $config, $g; - $aliases_array = array(); - if ($config['aliases']['alias'] <> "" and is_array($config['aliases']['alias'])) { - $descriptions = array (); - - foreach ($config['aliases']['alias'] as $alias_id => $alias_name) { - $loading_image="<a><img src=\'/themes/{$g['theme']}/images/misc/loader.gif\' alt=\'loader\' /> " .gettext("loading...")."</a>"; - - switch ($alias_name['type']) { - case "port": - $width="250"; - break; - case "urltable": - $width="500"; - break; - default: - $width="350"; - - break; - } - $span_begin = "<span style=\"cursor: help;\" onmouseover=\"var response_html=domTT_activate(this, event, 'id','ttalias_{$alias_id}','content','{$loading_image}', 'trail', true, 'delay', 300, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle','type','velcro','width',{$width});alias_popup('{$alias_id}','{$g['theme']}','".gettext('loading...')."');\" onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\"><u>"; - $span_end = "</u></span>"; - - if ($alias_name['name'] == $src) { - $descriptions['src'] = $span_begin; - $descriptions['src_end'] = $span_end; - } - - if ($alias_name['name'] == $srcport) { - $descriptions['srcport'] = $span_begin; - $descriptions['srcport_end'] = $span_end; - } - - if ($alias_name['name'] == $dst) { - $descriptions['dst'] = $span_begin; - $descriptions['dst_end'] = $span_end; - } - - if ($alias_name['name'] == $dstport) { - $descriptions['dstport'] = $span_begin; - $descriptions['dstport_end'] = $span_end; - } - } - - return $descriptions; - } -} - $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("Outbound")); include("head.inc"); @@ -404,6 +322,7 @@ print($form); <tbody class="user-entries"> <?php $i = 0; + foreach ($a_out as $natent): $iconfn = "pass"; $textss = $textse = ""; @@ -419,7 +338,7 @@ print($form); ); ?> - <tr id="fr<?=$nnats;?>" onClick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';"> + <tr id="fr<?=$i;?>" onClick="fr_toggle(<?=$i;?>)" ondblclick="document.location='firewall_nat_out_edit.php?id=<?=$i;?>';"> <td > <input type="checkbox" id="frc<?=$i;?>" onClick="fr_toggle(<?=$i;?>)" name="rule[]" value="<?=$i;?>"/> </td> @@ -428,7 +347,7 @@ print($form); <?php if ($mode == "disabled" || $mode == "automatic"): ?> - <i class="<?= ($iconfn == "pass") ? "icon-ok":"icon-remove"?>"title="<?=gettext("Click to toggle enabled/disabled status")?>"></i> + <i class="<?= ($iconfn == "pass") ? "icon-ok":"icon-remove"?>" title="<?=gettext("Click to toggle enabled/disabled status")?>"></i> <?php else: ?> @@ -442,7 +361,6 @@ print($form); </td> <td> - <input type="hidden" name="rule[]" value="<?=$i?>" /> <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface']))?> </td> @@ -594,9 +512,9 @@ print($form); </div> <nav class="action-buttons"> - <a href="firewall_nat_out_edit.php?after=-1" class="btn btn-sm btn-success" title="<?=gettext('Add new mapping')?>"><?=gettext('Add new mapping')?></a> - <input name="del_x" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected rules"); ?>" /> - <input type="submit" id="order-store" class="btn btn-primary btn-sm" value="store changes" disabled="disabled" /> + <a href="firewall_nat_out_edit.php" class="btn btn-sm btn-success" title="<?=gettext('Add new mapping')?>"><?=gettext('Add new mapping')?></a> + <input name="del_x" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected map"); ?>" /> + <input type="submit" id="order-store" class="btn btn-primary btn-sm" value="Save changes" disabled="disabled" name="order-store" /> </nav> <?php @@ -628,6 +546,8 @@ if ($mode == "automatic" || $mode == "hybrid"): <th><?=gettext("Description")?></th> </tr> + </thead> + <tbody> <?php foreach ($automatic_rules as $natent): ?> @@ -762,6 +682,11 @@ events.push(function() { $('#order-store').removeAttr('disabled'); } }); + + // Check all of the rule checkboxes so that their values are posted + $('#order-store').click(function () { + $('[id^=frc]').prop('checked', true); + }); }); </script> diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index f3b4b00..87703f1 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -4,56 +4,56 @@ firewall_rules.php */ /* ==================================================================== - * Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved. - * Copyright (c) 2004 Scott Ullrich - * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net> + * Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved. + * Copyright (c) 2004 Scott Ullrich + * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net> * Originally part of pfSense (https://www.pfsense.org) * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgment: - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution. (http://www.pfsense.org/). + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgment: + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution. (http://www.pfsense.org/). * - * 4. The names "pfSense" and "pfSense Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * coreteam@pfsense.org. + * 4. The names "pfSense" and "pfSense Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * coreteam@pfsense.org. * - * 5. Products derived from this software may not be called "pfSense" - * nor may "pfSense" appear in their names without prior written - * permission of the Electric Sheep Fencing, LLC. + * 5. Products derived from this software may not be called "pfSense" + * nor may "pfSense" appear in their names without prior written + * permission of the Electric Sheep Fencing, LLC. * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: * - * "This product includes software developed by the pfSense Project - * for use in the pfSense software distribution (http://www.pfsense.org/). + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution (http://www.pfsense.org/). * - * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. * - * ==================================================================== + * ==================================================================== * */ /* @@ -177,6 +177,7 @@ if ($_POST) { } } + if ($_GET['act'] == "del") { if ($a_filter[$_GET['id']]) { if (!empty($a_filter[$_GET['id']]['associated-rule-id'])) { @@ -186,6 +187,7 @@ if ($_GET['act'] == "del") { if (write_config()) { mark_subsystem_dirty('filter'); } + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } @@ -196,7 +198,27 @@ if ($_REQUEST['savemsg']) { $savemsg = htmlentities($_REQUEST['savemsg']); } -if ($_GET['act'] == "toggle") { +if (isset($_POST['del_x'])) { + /* delete selected rules */ + $deleted = false; + + if (is_array($_POST['rule']) && count($_POST['rule'])) { + foreach ($_POST['rule'] as $rulei) { + delete_nat_association($a_filter[$rulei]['associated-rule-id']); + unset($a_filter[$rulei]); + $deleted = true; + } + + if($deleted) { + if (write_config()) { + mark_subsystem_dirty('filter'); + } + } + + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); + exit; + } +} else if ($_GET['act'] == "toggle") { if ($a_filter[$_GET['id']]) { if (isset($a_filter[$_GET['id']]['disabled'])) { unset($a_filter[$_GET['id']]['disabled']); @@ -206,10 +228,11 @@ if ($_GET['act'] == "toggle") { if (write_config()) { mark_subsystem_dirty('filter'); } + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } -} else { +} else if($_POST['order-store']) { /* update rule order, POST[rule] is an array of ordered IDs */ if (is_array($_POST['rule']) && !empty($_POST['rule'])) { $a_filter_new = array(); @@ -222,6 +245,7 @@ if ($_GET['act'] == "toggle") { if (write_config()) { mark_subsystem_dirty('filter'); } + header("Location: firewall_rules.php?if=" . htmlspecialchars($if)); exit; } @@ -251,6 +275,7 @@ display_top_tabs($tab_array); <table class="table table-striped table-hover table-condensed"> <thead> <tr> + <th><!-- checkbox --></th> <th><!-- status icons --></th> <th><?=gettext("Proto");?></th> <th><?=gettext("Source");?></th> @@ -268,11 +293,12 @@ display_top_tabs($tab_array); <?php // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1. if (!isset($config['system']['webgui']['noantilockout']) && - (((count($config['interfaces']) > 1) && ($if == 'lan')) || - ((count($config['interfaces']) == 1) && ($if == 'wan')))): + (((count($config['interfaces']) > 1) && ($if == 'lan')) || + ((count($config['interfaces']) == 1) && ($if == 'wan')))): $alports = implode('<br />', filter_get_antilockout_ports(true)); ?> <tr id="antilockout"> + <td></td> <td title="<?=gettext("traffic is passed")?>"><i class="icon icon-ok"></i></td> <td>*</td> <td>*</td> @@ -290,6 +316,7 @@ display_top_tabs($tab_array); <?php endif;?> <?php if (isset($config['interfaces'][$if]['blockpriv'])): ?> <tr id="frrfc1918"> + <td></td> <td title="<?=gettext("traffic is blocked")?>"><i class="icon icon-remove"></i></td> <td>*</td> <td><?=gettext("RFC 1918 networks");?></td> @@ -307,6 +334,7 @@ display_top_tabs($tab_array); <?php endif;?> <?php if (isset($config['interfaces'][$if]['blockbogons'])): ?> <tr id="frrfc1918"> + <td></td> <td title="<?=gettext("traffic is blocked")?>"><i class="icon icon-remove"></i></td> <td>*</td> <td><?=gettext("Reserved/not assigned by IANA");?></td> @@ -325,19 +353,23 @@ display_top_tabs($tab_array); </tbody> <tbody class="user-entries"> -<?php for ($i = 0; isset($a_filter[$i]); $i++): +<?php +$nrules = 0; +for ($i = 0; isset($a_filter[$i]); $i++): $filterent = $a_filter[$i]; - + if ($filterent['interface'] != $if && !isset($filterent['floating'])) continue; + if (isset($filterent['floating']) && "FloatingRules" != $if) continue; - - $nrules++; ?> - <tr<?=(isset($filterent['disabled']) ? ' class="disabled"' : '')?>> + <tr id="fr<?=$nrules;?>" onClick="fr_toggle(<?=$nrules;?>)" ondblclick="document.location='firewall_rules_edit.php?id=<?=$i;?>';" <?=(isset($filterent['disabled']) ? ' class="disabled"' : '')?>> + <td > + <input type="checkbox" id="frc<?=$nrules;?>" onClick="fr_toggle(<?=$nrules;?>)" name="rule[]" value="<?=$i;?>"/> + </td> + <td title="<?=gettext("traffic is ").$filterent['type']."ed"?>"> - <input type="hidden" name="rule[]" value="<?=$i?>" /> <?php if ($filterent['type'] == "block") @@ -604,6 +636,7 @@ display_top_tabs($tab_array); </td> </tr> <?php + $nrules++; endfor; ?> </tbody> @@ -626,7 +659,8 @@ display_top_tabs($tab_array); <?php endif;?> <nav class="action-buttons"> - <input type="submit" id="order-store" class="btn btn-sm btn-primary" value="store changes" disabled="disabled" /> + <input type="submit" id="order-store" name="order-store" class="btn btn-sm btn-primary" value="store changes" disabled="disabled" /> + <input name="del_x" type="submit" class="btn btn-danger btn-sm" value="<?=gettext("Delete selected rules"); ?>" /> <a href="firewall_rules_edit.php?if=<?=htmlspecialchars($if);?>" role="button" class="btn btn-sm btn-success"> <?=gettext("add new");?> </a> @@ -662,6 +696,31 @@ else ?> <script> +function fr_toggle(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var checkbox = document.getElementById(prefix + 'c' + id); + checkbox.checked = !checkbox.checked; + fr_bgcolor(id, prefix); +} + +function fr_bgcolor(id, prefix) { + if (!prefix) + prefix = 'fr'; + + var row = document.getElementById(prefix + id); + var checkbox = document.getElementById(prefix + 'c' + id); + var cells = row.getElementsByTagName('td'); + var cellcnt = cells.length; + + for (i = 0; i < cellcnt-1; i++) { + cells[i].style.backgroundColor = checkbox.checked ? "#DDF4FF" : "#FFFFFF"; + } +} +</script> + +<script> events.push(function() { // Make rules sortable $('table tbody.user-entries').sortable({ @@ -671,6 +730,12 @@ events.push(function() { } }); + // Check all of the rule checkboxes so that their values are posted + $('#order-store').click(function () { + $('[id^=frc]').prop('checked', true); + alert(); + }); + // Replace direct delete with quicker front-end action /*FIXME: event ordering $('.btn-danger').on('click', function(e){ |