1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<?php
/*
* easyrule.php
*
* part of pfSense (https://www.pfsense.org)
* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
* Originally Sponsored By Anathematic @ pfSense Forums
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
##|+PRIV
##|*IDENT=page-firewall-easyrule
##|*NAME=Firewall: Easy Rule add/status
##|*DESCR=Allow access to the 'Firewall: Easy Rule' add/status page.
##|*MATCH=easyrule.php*
##|-PRIV
require_once("guiconfig.inc");
require_once("easyrule.inc");
require_once("filter.inc");
require_once("shaper.inc");
$retval = 0;
$message = "";
$confirmed = isset($_POST['confirmed']) && $_POST['confirmed'] == 'true';
/* $specialsrcdst must be a defined global for functions being called. */
global $specialsrcdst;
$specialsrcdst = explode(" ", "any pppoe l2tp openvpn");
if ($_POST && $confirmed && isset($_POST['action'])) {
switch ($_POST['action']) {
case 'block':
/* Check that we have a valid host */
$message = easyrule_parse_block($_POST['int'], $_POST['src'], $_POST['ipproto']);
break;
case 'pass':
$message = easyrule_parse_pass($_POST['int'], $_POST['proto'], $_POST['src'], $_POST['dst'], $_POST['dstport'], $_POST['ipproto']);
break;
default:
$message = gettext("Invalid action specified.");
}
}
if (stristr($retval, "error") == true) {
$message = $retval;
}
$pgtitle = array(gettext("Firewall"), gettext("Easy Rule"));
include("head.inc");
if ($input_errors) {
print_input_errors($input_errors);
}
?>
<form action="easyrule.php" method="post">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title">
<?=gettext("Confirmation Required to Add Easy Rule");?>
</h2>
</div>
<div class="panel-body">
<div class="content">
<?php
if (!$confirmed && !empty($_REQUEST['action'])) { ?>
<?php if ($_REQUEST['action'] == 'block'): ?>
<b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_REQUEST['action'])))?>
<br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_REQUEST['int']))?>
<input type="hidden" name="int" value="<?=htmlspecialchars($_REQUEST['int'])?>" />
<br/><b><?= gettext("Source") ?>:</b> <?=htmlspecialchars($_REQUEST['src'])?>
<input type="hidden" name="src" value="<?=htmlspecialchars($_REQUEST['src'])?>" />
<br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_REQUEST['ipproto']))?>
<input type="hidden" name="ipproto" value="<?=htmlspecialchars($_REQUEST['ipproto'])?>" />
<?php elseif ($_REQUEST['action'] == 'pass'): ?>
<b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_REQUEST['action'])))?>
<br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_REQUEST['int']))?>
<input type="hidden" name="int" value="<?=htmlspecialchars($_REQUEST['int'])?>" />
<br/><b><?=gettext("Protocol")?>:</b> <?=htmlspecialchars(strtoupper($_REQUEST['proto']))?>
<input type="hidden" name="proto" value="<?=htmlspecialchars($_REQUEST['proto'])?>" />
<br/><b><?=gettext("Source")?>:</b> <?=htmlspecialchars($_REQUEST['src'])?>
<input type="hidden" name="src" value="<?=htmlspecialchars($_REQUEST['src'])?>" />
<br/><b><?=gettext("Destination")?>:</b> <?=htmlspecialchars($_REQUEST['dst'])?>
<input type="hidden" name="dst" value="<?=htmlspecialchars($_REQUEST['dst'])?>" />
<br/><b><?=gettext("Destination Port")?>:</b> <?=htmlspecialchars($_REQUEST['dstport'])?>
<input type="hidden" name="dstport" value="<?=htmlspecialchars($_REQUEST['dstport'])?>" />
<br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_REQUEST['ipproto']))?>
<input type="hidden" name="ipproto" value="<?=htmlspecialchars($_REQUEST['ipproto'])?>" />
<?php else:
$message = gettext("Invalid action specified.");
endif; ?>
<br/><br/>
<?php if (empty($message)): ?>
<input type="hidden" name="action" value="<?=htmlspecialchars($_REQUEST['action'])?>" />
<input type="hidden" name="confirmed" value="true" />
<button type="submit" class="btn btn-success" name="erconfirm" id="erconfirm" value="<?=gettext("Confirm")?>">
<i class="fa fa-check icon-embed-btn"></i>
<?=gettext("Confirm")?>
</button>
<?php endif;
}
if ($message) {
print_info_box($message);
} elseif (empty($_REQUEST['action'])) {
print_info_box(
gettext('This is the Easy Rule status page, mainly used to display errors when adding rules.') . ' ' .
gettext('There apparently was not an error, and this page was navigated to directly without any instructions for what it should do.') .
'<br /><br />' .
gettext('This page is meant to be called from the block/pass buttons on the Firewall Logs page') .
', <a href="status_logs_filter.php">' . gettext("Status") . ' > ' . gettext('System Logs') . ', ' . gettext('Firewall Tab') . '</a>.<br />');
}
?>
</div>
</div>
</div>
</form>
<?php include("foot.inc"); ?>
|
