summaryrefslogtreecommitdiffstats
path: root/usr/local/www
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2015-06-18 09:30:10 -0400
committerjim-p <jimp@pfsense.org>2015-06-18 09:30:10 -0400
commit9e8ce1e25b1a70fd0d9abbe8bdfdcd1a63250f46 (patch)
treeb33d4df48a703edd3f5a5cbcc9d8f8714a938c85 /usr/local/www
parentf6a4fe06f9a45c332f4e1ca4871504b72a5d4593 (diff)
downloadpfsense-9e8ce1e25b1a70fd0d9abbe8bdfdcd1a63250f46.zip
pfsense-9e8ce1e25b1a70fd0d9abbe8bdfdcd1a63250f46.tar.gz
Add a GUI field to increase the pf frag entries limit. Fixes ticket #4775
Diffstat (limited to 'usr/local/www')
-rw-r--r--usr/local/www/system_advanced_firewall.php17
1 files changed, 17 insertions, 0 deletions
diff --git a/usr/local/www/system_advanced_firewall.php b/usr/local/www/system_advanced_firewall.php
index 025e441..455e68a 100644
--- a/usr/local/www/system_advanced_firewall.php
+++ b/usr/local/www/system_advanced_firewall.php
@@ -61,6 +61,7 @@ $pconfig['aliasesresolveinterval'] = $config['system']['aliasesresolveinterval']
$old_aliasesresolveinterval = $config['system']['aliasesresolveinterval'];
$pconfig['checkaliasesurlcert'] = isset($config['system']['checkaliasesurlcert']);
$pconfig['maximumtableentries'] = $config['system']['maximumtableentries'];
+$pconfig['maximumfrags'] = $config['system']['maximumfrags'];
$pconfig['disablereplyto'] = isset($config['system']['disablereplyto']);
$pconfig['disablenegate'] = isset($config['system']['disablenegate']);
$pconfig['bogonsinterval'] = $config['system']['bogons']['interval'];
@@ -109,6 +110,9 @@ if ($_POST) {
if ($_POST['maximumtableentries'] && !is_numericint($_POST['maximumtableentries'])) {
$input_errors[] = gettext("The Firewall Maximum Table Entries value must be an integer.");
}
+ if ($_POST['maximumfrags'] && !is_numericint($_POST['maximumfrags'])) {
+ $input_errors[] = gettext("The Firewall Maximum Fragment Entries value must be an integer.");
+ }
if ($_POST['tcpidletimeout'] && !is_numericint($_POST['tcpidletimeout'])) {
$input_errors[] = gettext("The TCP idle timeout must be an integer.");
}
@@ -205,6 +209,7 @@ if ($_POST) {
$config['system']['maximumstates'] = $_POST['maximumstates'];
$config['system']['aliasesresolveinterval'] = $_POST['aliasesresolveinterval'];
$config['system']['maximumtableentries'] = $_POST['maximumtableentries'];
+ $config['system']['maximumfrags'] = $_POST['maximumfrags'];
if (!empty($_POST['tcpfirsttimeout'])) {
$config['system']['tcpfirsttimeout'] = $_POST['tcpfirsttimeout'];
@@ -522,6 +527,18 @@ function update_description(itemnum) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Firewall Maximum Fragment Entries");?></td>
+ <td width="78%" class="vtable">
+ <input name="maximumfrags" type="text" id="maximumfrags" value="<?php echo htmlspecialchars($pconfig['maximumfrags']); ?>" />
+ <br />
+ <strong><?=gettext("Maximum number of packet fragments to hold for reassembly by scrub rules.");?></strong>
+ <br />
+ <span class="vexpl">
+ <?=gettext("Note: Leave this blank for the default (5000).");?>
+ </span>
+ </td>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell"><?=gettext("Static route filtering");?></td>
<td width="78%" class="vtable">
<input name="bypassstaticroutes" type="checkbox" id="bypassstaticroutes" value="yes" <?php if ($pconfig['bypassstaticroutes']) echo "checked=\"checked\""; ?> />
OpenPOWER on IntegriCloud