Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | standardize pfsense.com references to https://www.pfsense.org | Chris Buechler | 2014-03-14 | 1 | -1/+1 |
| | |||||
* | Improve checks for params 'id', 'dup' and other similar ones to make sure ↵ | Renato Botelho | 2014-03-12 | 1 | -10/+11 |
| | | | | they are numeric integer, also, pass them through htmlspecialchars() before print | ||||
* | Validate rule Advanced Options numeric entries | Phil Davis | 2014-03-11 | 1 | -7/+35 |
| | | | version of pull request #1021 for 2.1 branch | ||||
* | Make Firewall Rules Advanced Options open if used - 2.1 branch | Phil Davis | 2014-03-10 | 1 | -2/+19 |
| | | | This is the same code as pull request 997 but for 2.1 branch | ||||
* | Merge pull request #991 from phil-davis/RELENG_2_1 | Renato Botelho | 2014-03-10 | 1 | -18/+12 |
|\ | | | | | Return GWG IP protocol (version) when no gateway IP - 2.1 version | ||||
| * | Tidy up GWG dropdown selection tests | Phil Davis | 2014-02-28 | 1 | -11/+7 |
| | | | | | | Tested this making a new rule, and editing existing IPv4, IPv6 and IPv4+Ipv6 rules, and switching the IP version on an existing rule. Seems to work! | ||||
| * | Tidy "gateway name - IP" in dropdown list | Phil Davis | 2014-02-28 | 1 | -1/+2 |
| | | | | | | for 2.1 branch | ||||
| * | Use return_gateway_groups_array() to build correct GWG list | Phil Davis | 2014-02-28 | 1 | -10/+7 |
| | | | | | | Version for 2.1 branch | ||||
* | | Validate if src OR dst have IP address set when protocol is IPv4+v6. Fixes #3499 | Renato Botelho | 2014-03-03 | 1 | -3/+3 |
|/ | |||||
* | XHTML Compliance | N0YB | 2014-02-26 | 1 | -9/+18 |
| | | | | Firewall - Rules - Edit | ||||
* | Standardise LAN net display | Phil Davis | 2014-02-10 | 1 | -2/+2 |
| | | | for 2.1.1 | ||||
* | s/require/require_once/g for filter.inc to avoid redeclaration errors in ↵ | jim-p | 2013-08-28 | 1 | -1/+1 |
| | | | | some rare cases. | ||||
* | Relax advanced options firewall rules tests | Phil Davis | 2013-08-14 | 1 | -12/+3 |
| | | | | | Various advanced options are now possible for any protocol since https://github.com/pfsense/pfsense/commit/653bde345e8f960de5bc745fe74e64d8ef3fd2d3 So allow these through the front-end GUI validation also. Code change for 2.1 branch. | ||||
* | Allow advanced options state-related parameters to be used for TCP, UDP and ICMP | Phil Davis | 2013-07-24 | 1 | -13/+16 |
| | | | | Allows the state-related parameters to be specified for UDP and ICMP as well as TCP. Discussed in forum http://forum.pfsense.org/index.php/topic,64653.0.html | ||||
* | Validate firewall rule advanced options requirements | Phil Davis | 2013-07-22 | 1 | -0/+45 |
| | | | | | Checks that the user has selected a TCP Pass rule etc when using the state-related advanced options. Validates as per the checks that are applied in filter.inc when generating the actual pf rules. Forum discussion: http://forum.pfsense.org/index.php/topic,64653.15.html Bug report #3098 | ||||
* | Add support for protocol 41 in rules. Fixes #3007. | Daniel Becker | 2013-07-10 | 1 | -1/+1 |
| | |||||
* | Fix whitespace and indent | Renato Botelho | 2013-04-23 | 1 | -91/+90 |
| | |||||
* | Fixed 802.1p duplicating values for vlanprio and vlanprioset | timdufrane | 2013-04-11 | 1 | -1/+13 |
| | | | For real this time. Friggin' github. | ||||
* | Clean inconsistent "none" and empty conventions for advanced fields - ↵ | timdufrane | 2013-04-11 | 1 | -24/+24 |
| | | | | removes residual "none" entries on save | ||||
* | Fix none where should be empty string for 802.1p | timdufrane | 2013-04-10 | 1 | -1/+1 |
| | |||||
* | Tidy up "firewall_rules_edit.php" XHTML | Colin Fleming | 2013-04-09 | 1 | -139/+135 |
| | | | | | | | Close INPUT, BR and IMG tags and add ALT to IMG tags Update HTML boolean operators Add missing closing P tags Remove NAME paramenter from TR and DIV tags, invalid HTML | ||||
* | Track user/time a firewall rule was created and last updated, and show this ↵ | jim-p | 2013-03-20 | 1 | -0/+40 |
| | | | | information at the bottom of the page when viewing the firewall rule. Have various places in the system that create rules add a proper entry to indicate their origin. | ||||
* | Set (src|dst)mask to 128 for single IPv6 addresses. Fixes #2451 | Renato Botelho | 2013-02-16 | 1 | -2/+8 |
| | |||||
* | Deal correct with bitmask for ipv6 on destination, same we did for src. If ↵ | Renato Botelho | 2013-02-13 | 1 | -1/+7 |
| | | | | fixes #2451 | ||||
* | Refine the test for Ticket #2451 to check for aliases as well | Ermal | 2013-02-13 | 1 | -5/+7 |
| | |||||
* | Warn users that nosync option won't prevent it to be overwritten on carp ↵ | Renato Botelho | 2013-02-13 | 1 | -1/+1 |
| | | | | slave members | ||||
* | Deal correct with /32 subnet mask for ipv6 addresses. If fixes #2451 | Renato Botelho | 2013-02-13 | 1 | -1/+5 |
| | |||||
* | Display gateways with matching IP protocol in Gateways list | Phil Davis | 2013-01-08 | 1 | -2/+2 |
| | | | | Some gateways do not have traditional addresses hard-coded into them - e.g. for OpenVPN dynamic gateways are created in software on-the-fly (they are not actually entries in the config). So traditional tests like is_ipaddrv4 are not useful to determine if the gateway is IPv4 or IPv6. return_gateways_array() fills in an "ipprotocol" entry for each returned gateway ("inet" or "inet6"), as well as the "gateway" address field. This can be used to determine if the gateway is for IPv4 or IPv6. | ||||
* | Fixes #1575. Allow Match option to be used with limiters as well. The ↵ | Ermal | 2012-11-27 | 1 | -4/+1 |
| | | | | support is there in kernel so allow rules to be configured on this. | ||||
* | To allow limiters to work correctly on mutliwan for now enforce selecting a ↵ | Ermal | 2012-11-16 | 1 | -0/+2 |
| | | | | gateway on outgoing | ||||
* | Encode the interface parameter before using it in a redirect | jim-p | 2012-10-31 | 1 | -1/+1 |
| | |||||
* | Fix warning when no gateway groups | Phil Davis | 2012-10-24 | 1 | -15/+17 |
| | | | If there are no gateway groups defined, and you save a rule that has an ordinary gateway selected in "Advanced Features - Gateway", then a warning is emitted when trying to traverse an empty gateway groups array at line 214. | ||||
* | Refine saving/applying on more pages - don't show apply or take an action ↵ | jim-p | 2012-10-09 | 1 | -2/+1 |
| | | | | unless the user is allowed to do that. | ||||
* | Don't offer to apply changes if no changes actually happened. | jim-p | 2012-10-09 | 1 | -2/+3 |
| | |||||
* | remove bunk input validation | Chris Buechler | 2012-09-09 | 1 | -3/+0 |
| | |||||
* | Activate new shortcuts/status in the rest of the areas that are currently setup. | jim-p | 2012-08-10 | 1 | -2/+1 |
| | |||||
* | Fixes #2428. Reference limiters in rules by name to avoid issues. Also put ↵ | Ermal | 2012-06-01 | 1 | -13/+13 |
| | | | | upgrade code for existing configs. The same fix is necessary for 2.0.x though not sure how this should be committed there. | ||||
* | Add a inet46 filter type on the firewall rules page. I have locked down a ↵ | smos | 2012-05-31 | 1 | -1/+23 |
| | | | | | | | few of the most common limitations. Still arguing if we should lock this down even further to aliases only. Redmine ticket #2466 | ||||
* | Properly test for the address family now that the array says what it's ↵ | smos | 2012-05-21 | 1 | -4/+7 |
| | | | | supposed to be. | ||||
* | Fix of bug #2374 "When entering values in firewall rules leading and | Cristian Feldman | 2012-05-18 | 1 | -13/+15 |
| | | | | trailing spaces are not deleted" | ||||
* | Allow 802.1p tags to be controlled from firewall rules edit screen | Ermal | 2012-05-18 | 1 | -0/+41 |
| | |||||
* | cleanup: code for building arrays for autocompleted fields | Darren Embry | 2012-05-10 | 1 | -31/+4 |
| | |||||
* | Fix preservation of the selection of interfaces on input errors for floating ↵ | Erik Fonnesbeck | 2012-04-27 | 1 | -0/+2 |
| | | | | rules. | ||||
* | feature #2320: JS helper to toggle subnet mask for ipv4/v6 during input | Darren Embry | 2012-03-28 | 1 | -0/+1 |
| | | | | http://redmine.pfsense.org/issues/2320 | ||||
* | prep work for feature #2320: tag for ipv4v6 fields | Darren Embry | 2012-03-28 | 1 | -4/+4 |
| | |||||
* | now we use the Chosen javascript plugin for jQuery | Vinicius Coque | 2011-11-15 | 1 | -1/+1 |
| | |||||
* | Add a check to prevent this gateway code from triggering the address family ↵ | Seth Mos | 2011-10-18 | 1 | -1/+1 |
| | | | | check. This might not be all that is needed for Ticket #1949 | ||||
* | Unbreak the firewall rule Edit page, input error array was unset halfway the ↵ | Seth Mos | 2011-08-24 | 1 | -1/+25 |
| | | | | | | validation. Set that back up ontop. Add gateway validation | ||||
* | Catch another possiblity for invalid rule generation | Seth Mos | 2011-08-24 | 1 | -0/+4 |
| | |||||
* | Properly fix the address family check for gateway groups Ticket #1659 | Seth Mos | 2011-08-24 | 1 | -2/+3 |
| |