diff options
| author | Phil Davis <phil.davis@world.inf.org> | 2013-08-14 10:18:03 -0700 |
|---|---|---|
| committer | Phil Davis <phil.davis@world.inf.org> | 2013-08-14 10:18:03 -0700 |
| commit | ff6e6929e231e335554989e7afd66ed26b096a2c (patch) | |
| tree | c4e022aa6eca14811b6d957958f7e7c632064c24 /usr/local/www/firewall_rules_edit.php | |
| parent | 727452338edd0c191834060253ab2e3e6b429df9 (diff) | |
| download | pfsense-ff6e6929e231e335554989e7afd66ed26b096a2c.zip pfsense-ff6e6929e231e335554989e7afd66ed26b096a2c.tar.gz | |
Relax advanced options firewall rules tests
Various advanced options are now possible for any protocol since https://github.com/pfsense/pfsense/commit/653bde345e8f960de5bc745fe74e64d8ef3fd2d3
So allow these through the front-end GUI validation also.
Code change for 2.1 branch.
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
| -rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 15 |
1 files changed, 3 insertions, 12 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 5926474..b3ddf4e 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -481,15 +481,6 @@ if ($_POST) { $input_errors[] = gettext("You can only specify the state timeout (advanced option) for TCP protocol."); } - if (!in_array($_POST['proto'], array("icmp","udp","tcp","tcp/udp"))) { - if (!empty($_POST['max'])) - $input_errors[] = gettext("You can only specify the maximum state entries (advanced option) for ICMP/TCP/UDP protocols."); - if (!empty($_POST['max-src-nodes'])) - $input_errors[] = gettext("You can only specify the maximum number of unique source hosts (advanced option) for ICMP/TCP/UDP protocols."); - if (!empty($_POST['max-src-states'])) - $input_errors[] = gettext("You can only specify the maximum state entries per host (advanced option) for ICMP/TCP/UDP protocols."); - } - if ($_POST['type'] <> "pass") { if (!empty($_POST['max'])) $input_errors[] = gettext("You can only specify the maximum state entries (advanced option) for Pass type rules."); @@ -1255,10 +1246,10 @@ $i--): ?> <input name="tagged" id="tagged" value="<?=htmlspecialchars($pconfig['tagged']);?>" /> <br /><span class="vexpl"><?=gettext("You can match packet on a mark placed before on another rule.")?> </span></p><p> - <input name="max" id="max" value="<?php echo htmlspecialchars($pconfig['max']) ?>" /><br/><?=gettext(" Maximum state entries this rule can create (TCP/UDP/ICMP)");?></p><p> - <input name="max-src-nodes" id="max-src-nodes" value="<?php echo htmlspecialchars($pconfig['max-src-nodes']) ?>" /><br/><?=gettext(" Maximum number of unique source hosts (TCP/UDP/ICMP)");?></p><p> + <input name="max" id="max" value="<?php echo htmlspecialchars($pconfig['max']) ?>" /><br/><?=gettext(" Maximum state entries this rule can create");?></p><p> + <input name="max-src-nodes" id="max-src-nodes" value="<?php echo htmlspecialchars($pconfig['max-src-nodes']) ?>" /><br/><?=gettext(" Maximum number of unique source hosts");?></p><p> <input name="max-src-conn" id="max-src-conn" value="<?php echo htmlspecialchars($pconfig['max-src-conn']) ?>" /><br/><?=gettext(" Maximum number of established connections per host (TCP only)");?></p><p> - <input name="max-src-states" id="max-src-states" value="<?php echo htmlspecialchars($pconfig['max-src-states']) ?>" /><br/><?=gettext(" Maximum state entries per host (TCP/UDP/ICMP)");?></p><p> + <input name="max-src-states" id="max-src-states" value="<?php echo htmlspecialchars($pconfig['max-src-states']) ?>" /><br/><?=gettext(" Maximum state entries per host");?></p><p> <input name="max-src-conn-rate" id="max-src-conn-rate" value="<?php echo htmlspecialchars($pconfig['max-src-conn-rate']) ?>" /> / <select name="max-src-conn-rates" id="max-src-conn-rates"> <option value=""<?php if(intval($pconfig['max-src-conn-rates']) < 1) echo " selected=\"selected\""; ?>></option> |
