diff options
| -rw-r--r-- | etc/inc/easyrule.inc | 14 | ||||
| -rwxr-xr-x | usr/local/www/diag_logs_filter.php | 6 | ||||
| -rw-r--r-- | usr/local/www/easyrule.php | 4 |
3 files changed, 14 insertions, 10 deletions
diff --git a/etc/inc/easyrule.inc b/etc/inc/easyrule.inc index b5b1620..45d3f74 100644 --- a/etc/inc/easyrule.inc +++ b/etc/inc/easyrule.inc @@ -46,7 +46,7 @@ function easyrule_find_rule_interface($int) { if ($config['pptpd']['mode'] == "server") $iflist['pptp'] = "PPTP VPN"; - if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) + if ($config['pppoe']['mode'] == "server") $iflist['pppoe'] = "PPPoE VPN"; if ($config['l2tp']['mode'] == "server") @@ -229,7 +229,7 @@ function easyrule_block_host_add($host, $int = 'wan') { } } -function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport) { +function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipproto) { global $config; /* No rules, start a new array */ @@ -244,6 +244,7 @@ function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport) { $filterent = array(); $filterent['type'] = 'pass'; $filterent['interface'] = $int; + $filterent['ipprotocol'] = $ipproto; $filterent['descr'] = "Easy Rule: Passed from Firewall Log View"; if ($proto != "any") @@ -271,7 +272,8 @@ function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport) { } } -function easyrule_parse_block($int, $src) { +function easyrule_parse_block($int, $src, $ipproto) { + $filterent['ipprotocol'] = $ipproto; if (!empty($src) && !empty($int)) { if (!is_ipaddr($src)) { return "Tried to block invalid IP: " . htmlspecialchars($src); @@ -290,7 +292,7 @@ function easyrule_parse_block($int, $src) { } return "Unknown block error."; } -function easyrule_parse_pass($int, $proto, $src, $dst, $dstport = 0) { +function easyrule_parse_pass($int, $proto, $src, $dst, $dstport = 0, $ipproto = inet) { /* Check for valid int, srchost, dsthost, dstport, and proto */ global $protocols_with_ports; @@ -319,7 +321,7 @@ function easyrule_parse_pass($int, $proto, $src, $dst, $dstport = 0) { $dstport = 0; } /* Should have valid input... */ - if (easyrule_pass_rule_add($int, $proto, $src, $dst, $dstport)) { + if (easyrule_pass_rule_add($int, $proto, $src, $dst, $dstport, $ipproto)) { return "Successfully added pass rule!"; } else { return "Failed to add pass rule."; @@ -330,4 +332,4 @@ function easyrule_parse_pass($int, $proto, $src, $dst, $dstport = 0) { return "Unknown pass error."; } -?>
\ No newline at end of file +?> diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 5fb94cf..ec56ce0 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -150,18 +150,20 @@ include("head.inc"); <?php $int = strtolower($filterent['interface']); $proto = strtolower($filterent['proto']); + if(is_ipaddrv6($filterent['srcip'])) + $ipproto = "inet6"; $srcstr = $filterent['srcip'] . get_port_with_service($filterent['srcport'], $proto); $dststr = $filterent['dstip'] . get_port_with_service($filterent['dstport'], $proto); ?> <td class="listr" nowrap> <a href="diag_dns.php?host=<?php echo $filterent['srcip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif"></a> - <a href="easyrule.php?<?php echo "action=block&int={$int}&src={$filterent['srcip']}"; ?>" title="<?=gettext("Easy Rule: Add to Block List");?>" onclick="return confirm('<?=gettext("Do you really want to add this BLOCK rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.")?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_block_add.gif"></a> + <a href="easyrule.php?<?php echo "action=block&int={$int}&src={$filterent['srcip']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Add to Block List");?>" onclick="return confirm('<?=gettext("Do you really want to add this BLOCK rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.")?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_block_add.gif"></a> <?php echo $srcstr;?> </td> <td class="listr" nowrap> <a href="diag_dns.php?host=<?php echo $filterent['dstip']; ?>" title="<?=gettext("Reverse Resolve with DNS");?>"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_log.gif"></a> - <a href="easyrule.php?<?php echo "action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic");?>" onclick="return confirm('<?=gettext("Do you really want to add this PASS rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.");?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_pass_add.gif"></a> + <a href="easyrule.php?<?php echo "action=pass&int={$int}&proto={$proto}&src={$filterent['srcip']}&dst={$filterent['dstip']}&dstport={$filterent['dstport']}&ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic");?>" onclick="return confirm('<?=gettext("Do you really want to add this PASS rule?")."\n\n".gettext("Easy Rule is still experimental.")."\n".gettext("Continue at risk of your own peril.")."\n".gettext("Backups are also nice.");?>')"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_pass_add.gif"></a> <?php echo $dststr;?> </td> <?php diff --git a/usr/local/www/easyrule.php b/usr/local/www/easyrule.php index 5f7a4ec..87c6a64 100644 --- a/usr/local/www/easyrule.php +++ b/usr/local/www/easyrule.php @@ -45,10 +45,10 @@ if ($_GET && isset($_GET['action'])) { switch ($_GET['action']) { case 'block': /* Check that we have a valid host */ - easyrule_parse_block($_GET['int'], $_GET['src']); + easyrule_parse_block($_GET['int'], $_GET['src'], $_GET['ipproto']); break; case 'pass': - easyrule_parse_pass($_GET['int'], $_GET['proto'], $_GET['src'], $_GET['dst'], $_GET['dstport']); + easyrule_parse_pass($_GET['int'], $_GET['proto'], $_GET['src'], $_GET['dst'], $_GET['dstport'], $_GET['ipproto']); break; } } |
