diff options
| author | Erik Kristensen <ekristen@pfsense.org> | 2005-09-11 18:40:07 +0000 |
|---|---|---|
| committer | Erik Kristensen <ekristen@pfsense.org> | 2005-09-11 18:40:07 +0000 |
| commit | 9ecd6ab79205e5fcfebbf660604851878fa8bf19 (patch) | |
| tree | bb02a862fe3d0c4476ee276d160fe48c159be9ea /usr | |
| parent | 1df0159c0897cc1616efff4580a651bbc478060b (diff) | |
| download | pfsense-9ecd6ab79205e5fcfebbf660604851878fa8bf19.zip pfsense-9ecd6ab79205e5fcfebbf660604851878fa8bf19.tar.gz | |
XHTML/CSS Clean Up
Diffstat (limited to 'usr')
| -rwxr-xr-x | usr/local/www/system_advanced.php | 636 |
1 files changed, 305 insertions, 331 deletions
diff --git a/usr/local/www/system_advanced.php b/usr/local/www/system_advanced.php index cc555f7..5676172 100755 --- a/usr/local/www/system_advanced.php +++ b/usr/local/www/system_advanced.php @@ -238,354 +238,328 @@ include("head.inc"); ?> -<script language="JavaScript"> -<!-- -function enable_change(enable_over) { - if (document.iform.ipv6nat_enable.checked || enable_over) { - document.iform.ipv6nat_ipaddr.disabled = 0; - document.iform.schedulertype.disabled = 0; - } else { - document.iform.ipv6nat_ipaddr.disabled = 1; - } -} - -var descs=new Array(5); -descs[0]="as the name says, it's the normal optimization algorithm"; -descs[1]="used for high latency links, such as satellite links. Expires idle connections later than default"; -descs[2]="expires idle connections quicker. More efficient use of CPU and memory but can drop legitimate connections"; -descs[3]="tries to avoid dropping any legitimate connections at the expense of increased memory usage and CPU utilization."; - -function update_description(itemnum) { - document.forms[0].info.value=descs[itemnum]; - -} - -function openwindow(url) { - var oWin = window.open(url,"pfSensePop","width=620,height=400,top=150,left=150"); - if (oWin==null || typeof(oWin)=="undefined") { - return false; - } else { - return true; - } -} - -// --> -</script> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + <?php include("fbegin.inc"); ?> + <p class="pgtitle"><?=$pgtitle?></p> -<form action="system_advanced.php" method="post" name="iform" id="iform"> - <?php if ($input_errors) print_input_errors($input_errors); ?> - <?php if ($savemsg) print_info_box($savemsg); ?> - <p><span class="vexpl"><span class="red"><strong>Note: </strong></span> - the options on this page are intended for use by advanced users only.</span></p><br> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> +<form action="system_advanced.php" method="post" name="iform" id="iform"> +<?php if ($input_errors) print_input_errors($input_errors); ?> +<?php if ($savemsg) print_info_box($savemsg); ?> +<p><span class="vexpl"><span class="red"><strong>Note: </strong></span>the options on this page are intended for use by advanced users only.</span></p> +<br /> +<table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tbody> <?php if($g['platform'] == "pfSense" || $g['platform'] == "cdrom"): ?> - <tr> - <td colspan="2" valign="top" class="listtopic">Enable Serial Console</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"> </td> - <td width="78%" class="vtable"> - <input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong>This will enable the first serial port with 9600/8/N/1</strong> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Enable Serial Console</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="enableserial" type="checkbox" id="enableserial" value="yes" <?php if (isset($pconfig['enableserial'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong>This will enable the first serial port with 9600/8/N/1</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /></td> + </tr> + </tr> + <tr> + <td colspan="2" class="list" height="12"></td> + </tr> <?php endif ?> - - <tr> - <td colspan="2" valign="top" class="listtopic">Secure Shell</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"> </td> - <td width="78%" class="vtable"> - <input name="enablesshd" type="checkbox" id="enablesshd" value="yes" <?php if (isset($pconfig['enablesshd'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong>Enable Secure Shell</strong> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - - <tr> - <td colspan="2" valign="top" class="listtopic">Shared Physical Network</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"> </td> - <td width="78%" class="vtable"> - <input name="sharednet" type="checkbox" id="sharednet" value="yes" <?php if (isset($pconfig['sharednet'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong>This will supress ARP messages when interfaces share the same physical network</strong> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - - <tr> - <td colspan="2" valign="top" class="listtopic">Theme</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"> </td> - <td width="78%" class="vtable"> - <select name="theme"> + <tr> + <td colspan="2" valign="top" class="listtopic">Secure Shell</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="enablesshd" type="checkbox" id="enablesshd" value="yes" <?php if (isset($pconfig['enablesshd'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong>Enable Secure Shell</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Shared Physical Network</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="sharednet" type="checkbox" id="sharednet" value="yes" <?php if (isset($pconfig['sharednet'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong>This will supress ARP messages when interfaces share the same physical network</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Theme</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <select name="theme"> <?php - $files = return_dir_as_array("/usr/local/www/themes/"); - foreach($files as $f) { - if ( (substr($f, 0, 1) == "_") && !isset($config['system']['developer']) ) continue; - if($f == "CVS") continue; - $selected = ""; - if($f == $config['theme']) - $selected = " SELECTED"; - if($config['theme'] == "" and $f == "pfsense") - $selceted = " SELECTED"; - echo "<option{$selected}>{$f}</option>\n"; - } + $files = return_dir_as_array("/usr/local/www/themes/"); + foreach($files as $f) { + if ( (substr($f, 0, 1) == "_") && !isset($config['system']['developer']) ) continue; + if($f == "CVS") continue; + $selected = ""; + if($f == $config['theme']) + $selected = " SELECTED"; + if($config['theme'] == "" and $f == "pfsense") + $selceted = " SELECTED"; + echo "\t\t\t\t\t"."<option{$selected}>{$f}</option>\n"; + } ?> - </select> - <strong>This will change the look and feel of pfSense</strong> - </td> - </tr> - - - - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - - <tr> - <td colspan="2" valign="top" class="listtopic">IPv6 tunneling</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"> </td> - <td width="78%" class="vtable"> - <input name="ipv6nat_enable" type="checkbox" id="ipv6nat_enable" value="yes" <?php if ($pconfig['ipv6nat_enable']) echo "checked"; ?> onclick="enable_change(false)"> - <strong>NAT encapsulated IPv6 packets (IP protocol 41/RFC2893) - to:</strong><br> <br> <input name="ipv6nat_ipaddr" type="text" class="formfld" id="ipv6nat_ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipv6nat_ipaddr']);?>"> - (IP address)<span class="vexpl"><br> - Don't forget to add a firewall rule to permit IPv6 packets!</span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">webGUI SSL certificate/key</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Certificate</td> - <td width="78%" class="vtable"> - <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea> - <br> - Paste a signed certificate in X.509 PEM format here. <a href="javascript:if(openwindow('system_advanced_create_certs.php') == false) alert('Popup blocker detected. Action aborted.');" >Create</a> certificates automatically.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Key</td> - <td width="78%" class="vtable"> - <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea> - <br> - Paste an RSA private key in PEM format here.</td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Miscellaneous</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Console menu </td> - <td width="78%" class="vtable"> - <input name="disableconsolemenu" type="checkbox" id="disableconsolemenu" value="yes" <?php if ($pconfig['disableconsolemenu']) echo "checked"; ?>> - <strong>Disable console menu</strong><span class="vexpl"><br> - Changes to this option will take effect after a reboot.</span></td> - </tr> - <tr> - <td valign="top" class="vncell">Firmware version check </td> - <td class="vtable"> - <input name="disablefirmwarecheck" type="checkbox" id="disablefirmwarecheck" value="yes" <?php if ($pconfig['disablefirmwarecheck']) echo "checked"; ?>> - <strong>Disable firmware version check</strong><span class="vexpl"><br>This will cause pfSense not to check for newer firmware versions when the <a href="system_firmware.php">System: Firmware</a> page is viewed.</span></td> + </select> + <strong>This will change the look and feel of pfSense</strong> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">IPv6 tunneling</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"> </td> + <td width="78%" class="vtable"> + <input name="ipv6nat_enable" type="checkbox" id="ipv6nat_enable" value="yes" <?php if ($pconfig['ipv6nat_enable']) echo "checked"; ?> onclick="enable_change(false)" /> + <strong>NAT encapsulated IPv6 packets (IP protocol 41/RFC2893) to:</strong> + <br /> <br /> + <input name="ipv6nat_ipaddr" type="text" class="formfld" id="ipv6nat_ipaddr" size="20" value="<?=htmlspecialchars($pconfig['ipv6nat_ipaddr']);?>" /> + (IP address)<span class="vexpl"><br /> Don't forget to add a firewall rule to permit IPv6 packets!</span> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">webGUI SSL certificate/key</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Certificate</td> + <td width="78%" class="vtable"> + <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea> + <br /> + Paste a signed certificate in X.509 PEM format here. <a href="javascript:if(openwindow('system_advanced_create_certs.php') == false) alert('Popup blocker detected. Action aborted.');" >Create</a> certificates automatically. + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Key</td> + <td width="78%" class="vtable"> + <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea> + <br /> + Paste an RSA private key in PEM format here. + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Miscellaneous</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Console menu </td> + <td width="78%" class="vtable"> + <input name="disableconsolemenu" type="checkbox" id="disableconsolemenu" value="yes" <?php if ($pconfig['disableconsolemenu']) echo "checked"; ?> /> + <strong>Disable console menu</strong> + <br /> + <span class="vexpl">Changes to this option will take effect after a reboot.</span> + </td> + </tr> + <tr> + <td valign="top" class="vncell">Firmware version check</td> + <td class="vtable"> + <input name="disablefirmwarecheck" type="checkbox" id="disablefirmwarecheck" value="yes" <?php if ($pconfig['disablefirmwarecheck']) echo "checked"; ?> /> + <strong>Disable firmware version check</strong> + <br /> + <span class="vexpl">This will cause pfSense not to check for newer firmware versions when the <a href="system_firmware.php">System: Firmware</a> page is viewed.</span> + </td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Hard disk standby time </td> - <td width="78%" class="vtable"> - <select name="harddiskstandby" class="formfld"> - <?php - /* Values from ATA-2 - http://www.t13.org/project/d0948r3-ATA-2.pdf - Page 66 */ - $sbvals = explode(" ", "0.5,6 1,12 2,24 3,36 4,48 5,60 7.5,90 10,120 15,180 20,240 30,241 60,242"); - ?> - <option value="" <?php if(!$pconfig['harddiskstandby']) echo('selected');?>>Always on</option> - <?php + <td width="22%" valign="top" class="vncell">Hard disk standby time </td> + <td width="78%" class="vtable"> + <select name="harddiskstandby" class="formfld"> +<?php + ## Values from ATA-2 http://www.t13.org/project/d0948r3-ATA-2.pdf (Page 66) + $sbvals = explode(" ", "0.5,6 1,12 2,24 3,36 4,48 5,60 7.5,90 10,120 15,180 20,240 30,241 60,242"); +?> + <option value="" <?php if(!$pconfig['harddiskstandby']) echo('selected');?>>Always on</option> +<?php foreach ($sbvals as $sbval): list($min,$val) = explode(",", $sbval); ?> - <option value="<?=$val;?>" <?php if($pconfig['harddiskstandby'] == $val) echo('selected');?>><?=$min;?> minutes</option> - <?php endforeach; ?> - </select> - <br> - Puts the hard disk into standby mode when the selected amount of time after the last - access has elapsed. <em>Do not set this for CF cards.</em></td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">webGUI anti-lockout</td> - <td width="78%" class="vtable"> - <input name="noantilockout" type="checkbox" id="noantilockout" value="yes" <?php if ($pconfig['noantilockout']) echo "checked"; ?>> - <strong>Disable webGUI anti-lockout rule</strong><br> - By default, access to the webGUI on the LAN interface is always permitted, regardless of the user-defined filter rule set. Enable this feature to control webGUI access (make sure to have a filter rule in place that allows you in, or you will lock yourself out!).<br> - Hint: - the "set LAN IP address" option in the console menu resets this setting as well.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">IPsec SA preferral</td> - <td width="78%" class="vtable"> - <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?>> - <strong>Prefer old IPsec SAs</strong><br>By default, if several SAs match, the newest one is preferred if it's at least 30 seconds old.Select this option to always prefer old SAs over new ones. - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Traffic Shaper and Firewall Advanced</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">FTP Helper</td> - <td width="78%" class="vtable"> - <input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong class="vexpl">Disable the userland FTP-Proxy application</strong><br> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">FTP RFC 959 data port violation workaround</td> - <td width="78%" class="vtable"> - <input name="rfc959workaround" type="checkbox" id="rfc959workaround" value="yes" <?php if (isset($config['system']['rfc959workaround'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong class="vexpl">Workaround for sites that violate RFC 959 which specifies that the data connection be sourced from the command port - 1 (typically port 20). This workaround doesn't expose you to any extra risk as the firewall will still only allow connections on a port that the ftp-proxy is listening on.</strong><br> - </tr> - - <tr> - <td width="22%" valign="top" class="vncell">Traffic Shaper Scheduler</td> - <td width="78%" class="vtable"> - <select id="schedulertype" name="schedulertype" <?= $style ?>> - <option value="priq"<?php if($pconfig['schedulertype'] == 'priq') echo " SELECTED"; ?>>Priority based queueing</option> - <option value="cbq"<?php if($pconfig['schedulertype'] == 'cbq') echo " SELECTED"; ?>>Class based queueing</option> - <option value="hfsc"<?php if($pconfig['schedulertype'] == 'hfsc') echo " SELECTED"; ?>>Hierarchical Fair Service Curve queueing</option> - </select> - <br> <span class="vexpl"><b>Select which type of queueing you would like to use</b> - <?php if (is_array($config['shaper']['queue']) > 0): ?> - <script language="javascript"> - document.iform.schedulertype.disabled = 1; - </script> - <br> - NOTE: This option is disabled since there are queues defined. - <?php endif; ?> - </span></td> - </tr> - - <tr> - <td width="22%" valign="top" class="vncell">Firewall Optimization Options</td> - <td width="78%" class="vtable"> - <select onChange="update_description(this.selectedIndex);" name="optimization" id="optimization"> - <br> - <option value="normal"<?php if($config['system']['optimization']=="normal") echo " SELECTED"; ?>>normal</option> - <option value="high-latency"<?php if($config['system']['optimization']=="high-latency") echo " SELECTED"; ?>>high-latency</option> - <option value="aggressive"<?php if($config['system']['optimization']=="aggressive") echo " SELECTED"; ?>>aggressive</option> - <option value="conservative"<?php if($config['system']['optimization']=="conservative") echo " SELECTED"; ?>>conservative</option> - </select><br> - <textarea cols="60" rows="2" id="info" name="info"style="border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;"> - </textarea> - <script language="javascript"> - update_description(document.forms[0].optimization.selectedIndex); - </script> - <br><span class="vexpl"><b>Select which type of state table optimization your would like to use</b></td> - </tr> - - <tr> - <td width="22%" valign="top" class="vncell">Disable Firewall</td> - <td width="78%" class="vtable"> - <input name="disablefilter" type="checkbox" id="disablefilter" value="yes" <?php if (isset($config['system']['disablefilter'])) echo "checked"; ?> onclick="enable_change(false)"> - <strong>Disable the firewalls filter altogether.</strong><br> - <span class="vexpl">Note: This basically converts pfSense into a routing only platform!</span></td> - </tr> - - <tr> - <td width="22%" valign="top" class="vncell">Firewall Maximum States</td> - <td width="78%" class="vtable"> - <input name="maximumstates" type="input" id="maximumstates" value="<?php echo $pconfig['maximumstates']; ?>" onclick="enable_change(false)"><br> - <strong>Maximum number of connections to hold in the firewall state table.</strong><br> - <span class="vexpl">Note: Leave this blank for the default of 10000</span></td> - </tr> - - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)"> - </td> - </tr> - <tr> - <td colspan="2" class="list" height="12"></td> - </tr> - - - - - - - </table> + <option value="<?=$val;?>" <?php if($pconfig['harddiskstandby'] == $val) echo('selected');?>><?=$min;?> minutes</option> +<?php endforeach; ?> + </select> + <br /> + Puts the hard disk into standby mode when the selected amount of time after the last + access has elapsed. <em>Do not set this for CF cards.</em> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">webGUI anti-lockout</td> + <td width="78%" class="vtable"> + <input name="noantilockout" type="checkbox" id="noantilockout" value="yes" <?php if ($pconfig['noantilockout']) echo "checked"; ?> /> + <strong>Disable webGUI anti-lockout rule</strong> + <br /> + By default, access to the webGUI on the LAN interface is always permitted, regardless of the user-defined filter + rule set. Enable this feature to control webGUI access (make sure to have a filter rule in place that allows you + in, or you will lock yourself out!). + <br /> + Hint: the "set LAN IP address" option in the console menu resets this setting as well. + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">IPsec SA preferral</td> + <td width="78%" class="vtable"> + <input name="preferoldsa_enable" type="checkbox" id="preferoldsa_enable" value="yes" <?php if ($pconfig['preferoldsa_enable']) echo "checked"; ?> /> + <strong>Prefer old IPsec SAs</strong> + <br /> + By default, if several SAs match, the newest one is preferred if it's at least 30 seconds old.Select this option to always prefer old SAs over new ones. + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> + <td colspan="2" valign="top" class="listtopic">Traffic Shaper and Firewall Advanced</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">FTP Helper</td> + <td width="78%" class="vtable"> + <input name="disableftpproxy" type="checkbox" id="disableftpproxy" value="yes" <?php if (isset($config['system']['disableftpproxy'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong class="vexpl">Disable the userland FTP-Proxy application</strong> + <br /> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">FTP RFC 959 data port violation workaround</td> + <td width="78%" class="vtable"> + <input name="rfc959workaround" type="checkbox" id="rfc959workaround" value="yes" <?php if (isset($config['system']['rfc959workaround'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong class="vexpl">Workaround for sites that violate RFC 959 which specifies that the data connection be sourced from the command port - 1 (typically port 20). This workaround doesn't expose you to any extra risk as the firewall will still only allow connections on a port that the ftp-proxy is listening on.</strong> + <br /> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Traffic Shaper Scheduler</td> + <td width="78%" class="vtable"> + <select id="schedulertype" name="schedulertype" <?= $style ?>> + <option value="priq"<?php if($pconfig['schedulertype'] == 'priq') echo " selected"; ?>>Priority based queueing</option> + <option value="cbq"<?php if($pconfig['schedulertype'] == 'cbq') echo " selected"; ?>>Class based queueing</option> + <option value="hfsc"<?php if($pconfig['schedulertype'] == 'hfsc') echo " selected"; ?>>Hierarchical Fair Service Curve queueing</option> + </select> + <br /> + <span class="vexpl"><b>Select which type of queueing you would like to use</b></span> + <?php if (is_array($config['shaper']['queue']) > 0): ?> + <script language="javascript" type="text/javascript"> + document.iform.schedulertype.disabled = 1; + </script> + <br /> + NOTE: This option is disabled since there are queues defined. + <?php endif; ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Firewall Optimization Options</td> + <td width="78%" class="vtable"> + <select onChange="update_description(this.selectedIndex);" name="optimization" id="optimization"> + <option value="normal"<?php if($config['system']['optimization']=="normal") echo " selected"; ?>>normal</option> + <option value="high-latency"<?php if($config['system']['optimization']=="high-latency") echo " selected"; ?>>high-latency</option> + <option value="aggressive"<?php if($config['system']['optimization']=="aggressive") echo " selected"; ?>>aggressive</option> + <option value="conservative"<?php if($config['system']['optimization']=="conservative") echo " selected"; ?>>conservative</option> + </select> + <br /> + <textarea cols="60" rows="2" id="info" name="info"style="border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;"></textarea> + <script language="javascript" type="text/javascript"> + update_description(document.forms[0].optimization.selectedIndex); + </script> + <br /> + <span class="vexpl"><b>Select which type of state table optimization your would like to use</b></span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Disable Firewall</td> + <td width="78%" class="vtable"> + <input name="disablefilter" type="checkbox" id="disablefilter" value="yes" <?php if (isset($config['system']['disablefilter'])) echo "checked"; ?> onclick="enable_change(false)" /> + <strong>Disable the firewalls filter altogether.</strong> + <br /> + <span class="vexpl">Note: This basically converts pfSense into a routing only platform!</span> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Firewall Maximum States</td> + <td width="78%" class="vtable"> + <input name="maximumstates" type="text" id="maximumstates" value="<?php echo $pconfig['maximumstates']; ?>" onclick="enable_change(false)" /> + <br /> + <strong>Maximum number of connections to hold in the firewall state table.</strong> + <br /> + <span class="vexpl">Note: Leave this blank for the default of 10000</span> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" onclick="enable_change(true)" /></td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + </tbody> +</table> </form> - <script language="JavaScript"> + +<script language="JavaScript" type="text/javascript"> <!-- -enable_change(false); -//enable_altfirmwareurl(false); -//enable_altpkgconfigurl(false); + enable_change(false); + //enable_altfirmwareurl(false); + //enable_altpkgconfigurl(false); //--> </script> + <?php include("fend.inc"); ?> + </body> </html> |
