$filterent['created'] = $a_filter[$id]['created']; } $filterent['updated'] = make_config_revision_entry(); // Allow extending of the firewall edit page and include custom input validation pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_write_config"); if (isset($id) && $a_filter[$id]) { $a_filter[$id] = $filterent; } else { $filterent['created'] = make_config_revision_entry(); if (is_numeric($after)) { array_splice($a_filter, $after + 1, 0, array($filterent)); } else { $a_filter[] = $filterent; } } filter_rules_sort(); if (write_config()) { mark_subsystem_dirty('filter'); } if (isset($_POST['floating'])) { header("Location: firewall_rules.php?if=FloatingRules"); } else { header("Location: firewall_rules.php?if=" . htmlspecialchars($_POST['interface'])); } exit; } } $pgtitle = array(gettext("Firewall"), gettext("Rules"), gettext("Edit")); $shortcut_section = "firewall"; $closehead = false; $page_filename = "firewall_rules_edit.php";
function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipproto) { global $config; /* No rules, start a new array */ if (!is_array($config['filter']['rule'])) { $config['filter']['rule'] = array(); } filter_rules_sort(); $a_filter =& $config['filter']['rule']; /* Make up a new rule */ $filterent = array(); $filterent['type'] = 'pass'; $filterent['interface'] = $int; $filterent['ipprotocol'] = $ipproto; $filterent['descr'] = gettext("Easy Rule: Passed from Firewall Log View"); if ($proto != "any") { $filterent['protocol'] = $proto; } else { unset($filterent['protocol']); } /* Default to only allow echo requests, since that's what most people want and * it should be a safe choice. */ if ($proto == "icmp") { $filterent['icmptype'] = 'echoreq'; } if (strtolower($proto) == "icmp6" || strtolower($proto) == "icmpv6") { $filterent['protocol'] = "icmp"; } if (is_subnet($srchost)) { list($srchost, $srcmask) = explode("/", $srchost); } elseif (is_specialnet($srchost)) { $srcmask = 0; } elseif (is_ipaddrv6($srchost)) { $srcmask = 128; } else { $srcmask = 32; } if (is_subnet($dsthost)) { list($dsthost, $dstmask) = explode("/", $dsthost); } elseif (is_specialnet($dsthost)) { $dstmask = 0; } elseif (is_ipaddrv6($dsthost)) { $dstmask = 128; } else { $dstmask = 32; } pconfig_to_address($filterent['source'], $srchost, $srcmask); pconfig_to_address($filterent['destination'], $dsthost, $dstmask, '', $dstport, $dstport); $filterent['created'] = make_config_revision_entry(null, gettext("Easy Rule")); $a_filter[] = $filterent; write_config($filterent['descr']); $retval = filter_configure(); return true; }