$interfaces["enc0"] = "IPsec";
}
/* add openvpn/tun interfaces */
if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) {
$interfaces["openvpn"] = "OpenVPN";
}
$section->addInput(new Form_Select('interface', 'Interface', $pconfig['interface'], $interfaces))->setHelp('Choose which interface this rule applies to. In most cases "WAN" is specified.');
$protocols = "TCP UDP TCP/UDP ICMP ESP AH GRE IPV6 IGMP PIM OSPF";
$section->addInput(new Form_Select('proto', 'Protocol', $pconfig['proto'], array_combine(explode(" ", strtolower($protocols)), explode(" ", $protocols))))->setHelp('Choose which protocol this rule should match. In most cases "TCP" is specified.');
$btnsrcadv = new Form_Button('srcadv', 'Advanced');
$btnsrcadv->removeClass('btn-primary')->addClass('btn-default');
$section->addInput(new Form_StaticText('Source', $btnsrcadv));
$group = new Form_Group('Source');
$group->addClass('srcadv');
$group->add(new Form_Checkbox('srcnot', 'Source not', 'Invert match.', $pconfig['srcnot']))->setWidth(2);
$group->add(new Form_Select('srctype', null, srctype_selected(), build_srctype_list()))->setHelp('Type');
$group->add(new Form_IpAddress('src', null, is_specialnet($pconfig['src']) ? '' : $pconfig['src']))->setPattern('[.a-zA-Z0-9_]+')->addMask('srcmask', $pconfig['srcmask'])->setHelp('Address/mask');
$section->add($group);
$portlist = array("" => 'Other', 'any' => 'Any');
foreach ($wkports as $wkport => $wkportdesc) {
$portlist[$wkport] = $wkportdesc;
}
$group = new Form_Group('Source port range');
$group->addClass('srcportrange');
$group->add(new Form_Select('srcbeginport', null, $pconfig['srcbeginport'], $portlist))->setHelp('From port');
$group->add(new Form_Input('srcbeginport_cust', null, 'text', $pconfig['srcbeginport'], ['min' => '1', 'max' => '65536']))->setHelp('Custom');
$group->add(new Form_Select('srcendport', null, $pconfig['srcendport'], $portlist))->setHelp('To port');
$group->add(new Form_Input('srcendport_cust', null, 'text', $pconfig['srcendport'], ['min' => '1', 'max' => '65536']))->setHelp('Custom');
$group->setHelp('Specify the source port or port range for this rule. This is usually random and almost never ' . 'equal to the destination port range (and should usually be \'any\'). You can leave the \'to\' field ' . 'empty if you only want to filter a single port.');
$section->add($group);
$group = new Form_Group('Destination');
function srctype_selected()
{
global $pconfig, $config;
$selected = "";
if (array_key_exists($pconfig['src'], build_srctype_list())) {
$selected = $pconfig['src'];
} else {
if ($pconfig['srcmask'] == 32) {
$selected = 'single';
} else {
$selected = 'network';
}
}
return $selected;
}
