summaryrefslogtreecommitdiffstats
path: root/usr/local/www/firewall_rules_edit.php
Commit message (Collapse)AuthorAgeFilesLines
* standardize pfsense.com references to https://www.pfsense.orgChris Buechler2014-03-141-1/+1
|
* Improve checks for params 'id', 'dup' and other similar ones to make sure ↵Renato Botelho2014-03-121-10/+11
| | | | they are numeric integer, also, pass them through htmlspecialchars() before print
* Validate rule Advanced Options numeric entriesPhil Davis2014-03-111-7/+35
| | | version of pull request #1021 for 2.1 branch
* Make Firewall Rules Advanced Options open if used - 2.1 branchPhil Davis2014-03-101-2/+19
| | | This is the same code as pull request 997 but for 2.1 branch
* Merge pull request #991 from phil-davis/RELENG_2_1Renato Botelho2014-03-101-18/+12
|\ | | | | Return GWG IP protocol (version) when no gateway IP - 2.1 version
| * Tidy up GWG dropdown selection testsPhil Davis2014-02-281-11/+7
| | | | | | Tested this making a new rule, and editing existing IPv4, IPv6 and IPv4+Ipv6 rules, and switching the IP version on an existing rule. Seems to work!
| * Tidy "gateway name - IP" in dropdown listPhil Davis2014-02-281-1/+2
| | | | | | for 2.1 branch
| * Use return_gateway_groups_array() to build correct GWG listPhil Davis2014-02-281-10/+7
| | | | | | Version for 2.1 branch
* | Validate if src OR dst have IP address set when protocol is IPv4+v6. Fixes #3499Renato Botelho2014-03-031-3/+3
|/
* XHTML ComplianceN0YB2014-02-261-9/+18
| | | | Firewall - Rules - Edit
* Standardise LAN net displayPhil Davis2014-02-101-2/+2
| | | for 2.1.1
* s/require/require_once/g for filter.inc to avoid redeclaration errors in ↵jim-p2013-08-281-1/+1
| | | | some rare cases.
* Relax advanced options firewall rules testsPhil Davis2013-08-141-12/+3
| | | | | Various advanced options are now possible for any protocol since https://github.com/pfsense/pfsense/commit/653bde345e8f960de5bc745fe74e64d8ef3fd2d3 So allow these through the front-end GUI validation also. Code change for 2.1 branch.
* Allow advanced options state-related parameters to be used for TCP, UDP and ICMPPhil Davis2013-07-241-13/+16
| | | | Allows the state-related parameters to be specified for UDP and ICMP as well as TCP. Discussed in forum http://forum.pfsense.org/index.php/topic,64653.0.html
* Validate firewall rule advanced options requirementsPhil Davis2013-07-221-0/+45
| | | | | Checks that the user has selected a TCP Pass rule etc when using the state-related advanced options. Validates as per the checks that are applied in filter.inc when generating the actual pf rules. Forum discussion: http://forum.pfsense.org/index.php/topic,64653.15.html Bug report #3098
* Add support for protocol 41 in rules. Fixes #3007.Daniel Becker2013-07-101-1/+1
|
* Fix whitespace and indentRenato Botelho2013-04-231-91/+90
|
* Fixed 802.1p duplicating values for vlanprio and vlanpriosettimdufrane2013-04-111-1/+13
| | | For real this time. Friggin' github.
* Clean inconsistent "none" and empty conventions for advanced fields - ↵timdufrane2013-04-111-24/+24
| | | | removes residual "none" entries on save
* Fix none where should be empty string for 802.1ptimdufrane2013-04-101-1/+1
|
* Tidy up "firewall_rules_edit.php" XHTMLColin Fleming2013-04-091-139/+135
| | | | | | | Close INPUT, BR and IMG tags and add ALT to IMG tags Update HTML boolean operators Add missing closing P tags Remove NAME paramenter from TR and DIV tags, invalid HTML
* Track user/time a firewall rule was created and last updated, and show this ↵jim-p2013-03-201-0/+40
| | | | information at the bottom of the page when viewing the firewall rule. Have various places in the system that create rules add a proper entry to indicate their origin.
* Set (src|dst)mask to 128 for single IPv6 addresses. Fixes #2451Renato Botelho2013-02-161-2/+8
|
* Deal correct with bitmask for ipv6 on destination, same we did for src. If ↵Renato Botelho2013-02-131-1/+7
| | | | fixes #2451
* Refine the test for Ticket #2451 to check for aliases as wellErmal2013-02-131-5/+7
|
* Warn users that nosync option won't prevent it to be overwritten on carp ↵Renato Botelho2013-02-131-1/+1
| | | | slave members
* Deal correct with /32 subnet mask for ipv6 addresses. If fixes #2451Renato Botelho2013-02-131-1/+5
|
* Display gateways with matching IP protocol in Gateways listPhil Davis2013-01-081-2/+2
| | | | Some gateways do not have traditional addresses hard-coded into them - e.g. for OpenVPN dynamic gateways are created in software on-the-fly (they are not actually entries in the config). So traditional tests like is_ipaddrv4 are not useful to determine if the gateway is IPv4 or IPv6. return_gateways_array() fills in an "ipprotocol" entry for each returned gateway ("inet" or "inet6"), as well as the "gateway" address field. This can be used to determine if the gateway is for IPv4 or IPv6.
* Fixes #1575. Allow Match option to be used with limiters as well. The ↵Ermal2012-11-271-4/+1
| | | | support is there in kernel so allow rules to be configured on this.
* To allow limiters to work correctly on mutliwan for now enforce selecting a ↵Ermal2012-11-161-0/+2
| | | | gateway on outgoing
* Encode the interface parameter before using it in a redirectjim-p2012-10-311-1/+1
|
* Fix warning when no gateway groupsPhil Davis2012-10-241-15/+17
| | | If there are no gateway groups defined, and you save a rule that has an ordinary gateway selected in "Advanced Features - Gateway", then a warning is emitted when trying to traverse an empty gateway groups array at line 214.
* Refine saving/applying on more pages - don't show apply or take an action ↵jim-p2012-10-091-2/+1
| | | | unless the user is allowed to do that.
* Don't offer to apply changes if no changes actually happened.jim-p2012-10-091-2/+3
|
* remove bunk input validationChris Buechler2012-09-091-3/+0
|
* Activate new shortcuts/status in the rest of the areas that are currently setup.jim-p2012-08-101-2/+1
|
* Fixes #2428. Reference limiters in rules by name to avoid issues. Also put ↵Ermal2012-06-011-13/+13
| | | | upgrade code for existing configs. The same fix is necessary for 2.0.x though not sure how this should be committed there.
* Add a inet46 filter type on the firewall rules page. I have locked down a ↵smos2012-05-311-1/+23
| | | | | | | few of the most common limitations. Still arguing if we should lock this down even further to aliases only. Redmine ticket #2466
* Properly test for the address family now that the array says what it's ↵smos2012-05-211-4/+7
| | | | supposed to be.
* Fix of bug #2374 "When entering values in firewall rules leading andCristian Feldman2012-05-181-13/+15
| | | | trailing spaces are not deleted"
* Allow 802.1p tags to be controlled from firewall rules edit screenErmal2012-05-181-0/+41
|
* cleanup: code for building arrays for autocompleted fieldsDarren Embry2012-05-101-31/+4
|
* Fix preservation of the selection of interfaces on input errors for floating ↵Erik Fonnesbeck2012-04-271-0/+2
| | | | rules.
* feature #2320: JS helper to toggle subnet mask for ipv4/v6 during inputDarren Embry2012-03-281-0/+1
| | | | http://redmine.pfsense.org/issues/2320
* prep work for feature #2320: tag for ipv4v6 fieldsDarren Embry2012-03-281-4/+4
|
* now we use the Chosen javascript plugin for jQueryVinicius Coque2011-11-151-1/+1
|
* Add a check to prevent this gateway code from triggering the address family ↵Seth Mos2011-10-181-1/+1
| | | | check. This might not be all that is needed for Ticket #1949
* Unbreak the firewall rule Edit page, input error array was unset halfway the ↵Seth Mos2011-08-241-1/+25
| | | | | | validation. Set that back up ontop. Add gateway validation
* Catch another possiblity for invalid rule generationSeth Mos2011-08-241-0/+4
|
* Properly fix the address family check for gateway groups Ticket #1659Seth Mos2011-08-241-2/+3
|
OpenPOWER on IntegriCloud