<td width="78%" class="vtable"> <div id="aoadv" <?php if (is_aoadv_used($pconfig)) { echo "style='display:none'"; } ?> > <input type="button" onclick="show_aodiv();" value="<?php echo gettext("Advanced"); ?> " /> - <?php echo gettext("Show advanced option"); ?> </div> <div id="aodivmain" <?php if (!is_aoadv_used($pconfig)) { echo "style='display:none'"; } ?> > <input type="checkbox" id="allowopts" value="yes" name="allowopts"<?php if ($pconfig['allowopts'] == true) { echo " checked=\"checked\""; } ?> /> <br /><span class="vexpl"><?php echo gettext("This allows packets with IP options to pass. Otherwise they are blocked by default. This is usually only seen with multicast traffic."); ?> </span><p> <input type="checkbox" id="disablereplyto" value="yes" name="disablereplyto"<?php
$group->add(new Form_Input($type . 'beginport_cust', null, 'text', isset($portValues[$pconfig[$type . 'beginport']]) ? null : $pconfig[$type . 'beginport']))->setHelp('Custom'); $group->add(new Form_Select($type . 'endport', $name . ' port end', $pconfig[$type . 'endport'], $portValues))->setHelp('To'); $group->add(new Form_Input($type . 'endport_cust', null, 'text', isset($portValues[$pconfig[$type . 'endport']]) ? null : $pconfig[$type . 'endport']))->setHelp('Custom'); if ($type == 'src') { $group->setHelp('Specify the source port or port range for this rule. This is ' . 'usually random and almost never equal to the destination port range (and ' . 'should usually be <b>any</b>). You can leave the "To" field ' . 'empty if you only want to filter a single port.'); } else { $group->setHelp('Specify the destination port or port range for this rule. ' . 'You can leave the "To" field empty if you only want to filter a ' . 'single port.'); } $group->addClass($type == 'src' ? 'srcprtr' : 'dstprtr'); $section->add($group); $form->add($section); } $section = new Form_Section('Extra options'); $section->addInput(new Form_Checkbox('log', 'Log', 'Log packets that are handled by this rule', $pconfig['log']))->setHelp('Hint: the firewall has limited local log space. Don\'t turn on logging ' . 'for everything. If you want to do a lot of logging, consider using a remote ' . 'syslog server (see the <a href="status_logs_settings.php">Status: System logs: ' . 'Settings</a> page).'); $section->addInput(new Form_Input('descr', 'Description', 'text', $pconfig['descr']))->setHelp('You may enter a description here for your reference.'); $adv_open = is_aoadv_used($pconfig); $btnadvanced = new Form_Button('toggle-advanced', 'Advanced options'); $btnadvanced->removeClass('btn-primary')->addClass('btn-default'); if (!$adv_open) { $section->addInput(new Form_StaticText(null, $btnadvanced)); } $form->add($section); $section = new Form_Section('Advanced options'); $section->addClass('advanced-options'); $section->addInput(new Form_Select('os', 'Source OS', empty($pconfig['os']) ? '' : $pconfig['os'], ['' => gettext('Any')] + array_combine($ostypes, $ostypes)))->setHelp('Note: this only works for TCP rules. General OS choice matches all subtypes.'); $section->addInput(new Form_Select('dscp', 'Diffserv Code Point', $pconfig['dscp'], ["" => ''] + array_combine($firewall_rules_dscp_types, $firewall_rules_dscp_types))); $section->addInput(new Form_Checkbox('allowopts', 'Allow IP options', 'Allow packets with IP options to pass. Otherwise they are blocked by ' . 'default. This is usually only seen with multicast traffic.', $pconfig['allowopts'])); $section->addInput(new Form_Checkbox('disablereplyto', 'Disable reply-to', 'Disable auto generated reply-to for this rule.', $pconfig['disablereplyto'])); $section->addInput(new Form_Input('tag', 'Tag', 'text', $pconfig['tag']))->setHelp('You can mark a packet matching this rule and use this mark to match ' . 'on other NAT/filter rules. It is called <b>Policy filtering</b>.'); $section->addInput(new Form_Input('tagged', 'Tagged', 'text', $pconfig['tagged']))->setHelp('You can match packet on a mark placed before on another rule.'); $section->addInput(new Form_Input('max', 'Max. states', 'number', $pconfig['max']))->setHelp('Maximum state entries this rule can create.');