$acl_entry = array(); $acl_entry['aclid'] = $pconfig['aclid']; $acl_entry['aclname'] = $pconfig['aclname']; $acl_entry['aclaction'] = $pconfig['aclaction']; $acl_entry['description'] = $pconfig['description']; $acl_entry['aclid'] = $pconfig['aclid']; $acl_entry['row'] = array(); foreach ($networkacl as $acl) { $acl_entry['row'][] = $acl; } if (isset($id) && $a_acls[$id]) { $a_acls[$id] = $acl_entry; } else { $a_acls[] = $acl_entry; } mark_subsystem_dirty("unbound"); write_config(); pfSenseHeader("/services_unbound_acls.php"); exit; } } } } } $actionHelp = '<span class="text-success"><strong>Deny:</strong></span> Stops queries from hosts within the netblock defined below.' . '<br />' . '<span class="text-success"><strong>Refuse:</strong></span> Stops queries from hosts within the netblock defined below, but sends a DNS rcode REFUSED error message back to the client.' . '<br />' . '<span class="text-success"><strong>Allow:</strong></span> Allow queries from hosts within the netblock defined below.' . '<br />' . '<span class="text-success"><strong>Allow Snoop:</strong></span> Allow recursive and nonrecursive access from hosts within the netblock defined below. Used for cache snooping and ideally should only be configured for your administrative host.'; $pgtitle = array(gettext("Services"), gettext("DNS Resolver"), gettext("Access Lists")); $shortcut_section = "resolver"; include "head.inc"; if ($input_errors) { print_input_errors($input_errors); }
} } if ($mode == "reinstallpackages") { header("Location: pkg_mgr_install.php?mode=reinstallall"); exit; } else { if ($mode == "clearpackagelock") { clear_subsystem_dirty('packagelock'); $savemsg = "Package Lock Cleared"; } else { if ($mode == "restore_ver") { $input_errors[] = gettext("XXX - this feature may hose your config (do NOT backrev configs!) - billm"); if ($ver2restore != "") { $conf_file = "{$g['cf_conf_path']}/bak/config-" . strtotime($ver2restore) . ".xml"; if (config_install($conf_file) == 0) { mark_subsystem_dirty("restore"); } else { $input_errors[] = gettext("The configuration could not be restored."); } } else { $input_errors[] = gettext("No version selected."); } } } } } } $id = rand() . '.' . time(); $mth = ini_get('upload_progress_meter.store_method'); $dir = ini_get('upload_progress_meter.file.filename_template'); function build_area_list($showall)
} } if ($_GET['act'] == "del") { if ($_GET['type'] == 'host') { if ($a_hosts[$_GET['id']]) { unset($a_hosts[$_GET['id']]); write_config(); mark_subsystem_dirty('unbound'); header("Location: services_unbound.php"); exit; } } elseif ($_GET['type'] == 'doverride') { if ($a_domainOverrides[$_GET['id']]) { unset($a_domainOverrides[$_GET['id']]); write_config(); mark_subsystem_dirty('unbound'); header("Location: services_unbound.php"); exit; } } } function build_if_list($selectedifs) { $interface_addresses = get_possible_listen_ips(true); $iflist = array('options' => array(), 'selected' => array()); $iflist['options']['all'] = gettext("All"); if (empty($selectedifs) || empty($selectedifs[0]) || in_array("all", $selectedifs)) { array_push($iflist['selected'], "all"); } foreach ($interface_addresses as $laddr => $ldescr) { $iflist['options'][$laddr] = htmlspecialchars($ldescr);
} $tmp = rtrim($tmp, "||"); if (!empty($tmp)) { $a_rule[$id]['rule_sid_off'] = $tmp; } else { unset($a_rule[$id]['rule_sid_off']); } // We changed a rule state, remind user to apply the changes mark_subsystem_dirty('suricata_rules'); write_config("Suricata pkg: remove enablesid/disablesid changes for category {$currentruleset} on {$a_rule[$id]['interface']}."); } elseif ($_POST['resetall'] && !empty($rules_map)) { // Remove all modified SIDs from config.xml and save the changes. unset($a_rule[$id]['rule_sid_on']); unset($a_rule[$id]['rule_sid_off']); // We changed a rule state, remind user to apply the changes mark_subsystem_dirty('suricata_rules'); /* Update the config.xml file. */ write_config("Suricata pkg: remove all enablesid/disablesid changes for {$a_rule[$id]['interface']}."); } elseif ($_POST['clear']) { unset($a_rule[$id]['customrules']); write_config("Suricata pkg: clear all custom rules for {$a_rule[$id]['interface']}."); $rebuild_rules = true; conf_mount_rw(); suricata_generate_yaml($a_rule[$id]); conf_mount_ro(); $rebuild_rules = false; $pconfig['customrules'] = ''; // Sync to configured CARP slaves if any are enabled suricata_sync_on_changes(); } elseif ($_POST['cancel']) { $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']);
$retval = 0; $retval |= filter_configure(); $retval |= relayd_configure(); $savemsg = get_std_save_message($retval); /* Wipe out old relayd anchors no longer in use. */ cleanup_lb_marked(); clear_subsystem_dirty('loadbalancer'); } } if ($_GET['act'] == "del") { if (array_key_exists($_GET['id'], $a_vs)) { if (!$input_errors) { cleanup_lb_mark_anchor($a_vs[$_GET['id']]['name']); unset($a_vs[$_GET['id']]); write_config(); mark_subsystem_dirty('loadbalancer'); header("Location: load_balancer_virtual_server.php"); exit; } } } /* Index lbpool array for easy hyperlinking */ $poodex = array(); for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { $poodex[$config['load_balancer']['lbpool'][$i]['name']] = $i; } for ($i = 0; isset($config['load_balancer']['virtual_server'][$i]); $i++) { if ($a_vs[$i]) { $a_vs[$i]['mode'] = htmlspecialchars($a_vs[$i]['mode']); $a_vs[$i]['relay_protocol'] = htmlspecialchars($a_vs[$i]['relay_protocol']); $a_vs[$i]['poolname'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['poolname']]}\">" . htmlspecialchars($a_vs[$i]['poolname']) . "</a>";
$mapent['ipaddrv6'] = $_POST['ipaddrv6']; $mapent['hostname'] = $_POST['hostname']; $mapent['descr'] = $_POST['descr']; $mapent['filename'] = $_POST['filename']; $mapent['rootpath'] = $_POST['rootpath']; if (isset($id) && $a_maps[$id]) { $a_maps[$id] = $mapent; } else { $a_maps[] = $mapent; } staticmaps_sort($if); write_config(); if (isset($config['dhcpdv6'][$if]['enable'])) { mark_subsystem_dirty('staticmaps'); if (isset($config['dnsmasq']['regdhcpstatic'])) { mark_subsystem_dirty('hosts'); } } header("Location: services_dhcpv6.php?if={$if}"); exit; } } $pgtitle = array(gettext("Services"), gettext("DHCPv6"), gettext("Edit static mapping")); $statusurl = "status_dhcpv6_leases.php"; $logurl = "diag_logs_dhcp.php"; include "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include "fbegin.inc";
} $address .= $_POST["address{$x}"]; $address .= "/" . $_POST["address_subnet{$x}"]; $isfirst++; } } if (!$input_errors) { $igmpentry['address'] = $address; $igmpentry['descr'] = $_POST['descr']; if (isset($id) && $a_igmpproxy[$id]) { $a_igmpproxy[$id] = $igmpentry; } else { $a_igmpproxy[] = $igmpentry; } write_config(); mark_subsystem_dirty('igmpproxy'); header("Location: services_igmpproxy.php"); exit; } else { $pconfig['descr'] = $_POST['descr']; $pconfig['address'] = $address; $pconfig['type'] = $_POST['type']; } } include "head.inc"; ?> <body> <?php include "fbegin.inc"; ?>
clear_subsystem_dirty('shaper'); if ($queue) { $output_form .= $queue->build_form(); $dontshow = false; } else { $output_form .= $default_shaper_message; $dontshow = true; } } else { if ($queue) { $queue->validate_input($_POST, &$input_errors); if (!$input_errors) { $queue->update_altq_queue_data($_POST); $queue->wconfig(); write_config(); mark_subsystem_dirty('shaper'); $dontshow = false; } read_altq_config(); $output_form .= $queue->build_form(); } else { $output_form .= "<p class=\"pgtitle\">" . $default_shaper_msg . "</p>"; $dontshow = true; } } } } mwexec("killall qstats"); } else { $output_form .= "<p class=\"pgtitle\">" . $default_shaper_msg . "</p>"; $dontshow = true;
if (isset($id) && $a_secret[$id]) { $secretent = $a_secret[$id]; } $secretent['name'] = $_POST['username']; $secretent['ip'] = $_POST['ip']; if ($_POST['passwordfld1']) { $secretent['password'] = $_POST['passwordfld1']; } if (isset($id) && $a_secret[$id]) { $a_secret[$id] = $secretent; } else { $a_secret[] = $secretent; } pptpd_users_sort(); write_config(); mark_subsystem_dirty('pptpusers'); header("Location: vpn_pptp_users.php"); exit; } } $pgtitle = array(gettext("VPN"), gettext("VPN PPTP"), gettext("User"), gettext("Edit")); $shortcut_section = "pptps"; include "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include "fbegin.inc"; if ($input_errors) { print_input_errors($input_errors); } ?>
if (!empty($tmp)) { $a_rule[$id]['rule_sid_off'] = $tmp; } else { unset($a_rule[$id]['rule_sid_off']); } write_config("Snort pkg: remove enablesid/disablesid changes for category {$currentruleset} on {$a_rule[$id]['interface']}."); // We changed a rule state, remind user to apply the changes mark_subsystem_dirty('snort_rules'); } elseif ($_POST['resetall'] && !empty($rules_map)) { // Remove all modified SIDs from config.xml and save the changes. unset($a_rule[$id]['rule_sid_on']); unset($a_rule[$id]['rule_sid_off']); /* Update the config.xml file. */ write_config("Snort pkg: remove all enablesid/disablesid changes for {$a_rule[$id]['interface']}."); // We changed a rule state, remind user to apply the changes mark_subsystem_dirty('snort_rules'); } else { if ($_POST['cancel']) { $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); clear_subsystem_dirty('snort_rules'); } elseif ($_POST['clear']) { unset($a_rule[$id]['customrules']); write_config("Snort pkg: clear all custom rules for {$a_rule[$id]['interface']}."); $rebuild_rules = true; conf_mount_rw(); snort_generate_conf($a_rule[$id]); conf_mount_ro(); $rebuild_rules = false; $pconfig['customrules'] = ''; // Sync to configured CARP slaves if any are enabled snort_sync_on_changes();
if (!is_subsystem_dirty('rebootreq')) { $retval = vpn_l2tp_configure(); } $savemsg = get_std_save_message(); if ($retval == 0) { if (is_subsystem_dirty('l2tpusers')) { clear_subsystem_dirty('l2tpusers'); } } } } if ($_GET['act'] == "del") { if ($a_secret[$_GET['id']]) { unset($a_secret[$_GET['id']]); write_config(); mark_subsystem_dirty('l2tpusers'); header("Location: vpn_l2tp_users.php"); exit; } } include "head.inc"; $main_buttons = array(array('label' => gettext("add user"), 'href' => 'vpn_l2tp_users_edit.php')); ?> <body> <?php include "fbegin.inc"; ?> <section class="page-content-main"> <div class="container-fluid">
$pconfig['blist_files'] = $a_nat[$id]['blist_files']; $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['blist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['blist_files']['item'][$_POST['list_id']]); write_config("Snort pkg: deleted blacklist file for IP REPUTATION preprocessor."); mark_subsystem_dirty('snort_iprep'); $pconfig['blist_files'] = $a_nat[$id]['blist_files']; $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['wlist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['wlist_files']['item'][$_POST['list_id']]); write_config("Snort pkg: deleted whitelist file for IP REPUTATION preprocessor."); mark_subsystem_dirty('snort_iprep'); $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; $pconfig['blist_files'] = $a_nat[$id]['blist_files']; } if ($_POST['save'] || $_POST['apply']) { $natent = array(); $natent = $pconfig; if (!is_numericint($_POST['iprep_memcap']) || strval($_POST['iprep_memcap']) < 1 || strval($_POST['iprep_memcap']) > 4095) { $input_errors[] = gettext("The value for Memory Cap must be an integer between 1 and 4095."); } // if no errors write to conf if (!$input_errors) { $natent['reputation_preproc'] = $_POST['reputation_preproc'] ? 'on' : 'off'; $natent['iprep_scan_local'] = $_POST['iprep_scan_local'] ? 'on' : 'off'; $natent['iprep_memcap'] = $_POST['iprep_memcap']; $natent['iprep_priority'] = $_POST['iprep_priority'];
} } } if (!verify_gzip_file("{$g['upload_path']}/firmware.tgz")) { $input_errors[] = gettext("The image file is corrupt."); unlink("{$g['upload_path']}/firmware.tgz"); } } } } run_plugins("/usr/local/pkg/firmware_upgrade"); /* Check for input errors, firmware locks, warnings, then check for firmware if sig_override is set */ if (!$input_errors && !is_subsystem_dirty('firmwarelock') && (!$sig_warning || $_POST['sig_override'])) { if (file_exists("{$g['upload_path']}/firmware.tgz")) { /* fire up the update script in the background */ mark_subsystem_dirty('firmwarelock'); $savemsg = gettext("The firmware is now being updated. The firewall will reboot automatically."); if (stristr($_FILES['ulfile']['name'], "nanobsd") or $_POST['isnano'] == "yes") { mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade {$g['upload_path']}/firmware.tgz"); } else { if ($g['platform'] == "nanobsd") { $whichone = "pfSenseNanoBSDupgrade"; } else { $whichone = "pfSenseupgrade"; } mwexec_bg("/etc/rc.firmware {$whichone} {$g['upload_path']}/firmware.tgz"); unset($whichone); } } else { $savemsg = sprintf(gettext("Firmware image missing or other error, please try again %s."), $errortext); }
$toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply")); } else { $toapplylist = array(); } $toapplylist[$id] = $a_vip[$id]; if (!empty($a_vip[$id])) { /* modify all virtual IP rules with this address */ for ($i = 0; isset($config['nat']['rule'][$i]); $i++) { if ($config['nat']['rule'][$i]['destination']['address'] == $a_vip[$id]['subnet']) { $config['nat']['rule'][$i]['destination']['address'] = $vipent['subnet']; } } } $a_vip[$id] = $vipent; if (write_config()) { mark_subsystem_dirty('vip'); file_put_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply", serialize($toapplylist)); } header("Location: firewall_virtual_ip.php"); exit; } } $ipaliashelp = gettext('The mask must be the network\'s subnet mask. It does not specify a CIDR range.'); $proxyarphelp = gettext('Enter a CIDR block of proxy ARP addresses.'); $pgtitle = array(gettext("Firewall"), gettext("Virtual IP Address"), gettext("Edit")); include "head.inc"; function build_if_list() { $list = array(); $interfaces = get_configured_interface_with_descr(false, true); $carplist = get_configured_carp_interface_list();
if (count($pconfig['item']) == 0) { $input_errors[] = gettext("No gateway(s) have been selected to be used in this group"); } if (!$input_errors) { $gateway_group = array(); $gateway_group['name'] = $_POST['name']; $gateway_group['item'] = $pconfig['item']; $gateway_group['trigger'] = $_POST['trigger']; $gateway_group['descr'] = $_POST['descr']; if (isset($id) && $a_gateway_groups[$id]) { $a_gateway_groups[$id] = $gateway_group; } else { $a_gateway_groups[] = $gateway_group; } mark_subsystem_dirty('staticroutes'); mark_subsystem_dirty('gwgroup.' . $gateway_group['name']); write_config(); header("Location: system_gateway_groups.php"); exit; } } $pgtitle = array(gettext("System"), gettext("Routing"), gettext("Gateway Groups"), gettext("Edit")); $shortcut_section = "gateway-groups"; function build_gateway_protocol_map(&$a_gateways) { $result = array(); foreach ($a_gateways as $gwname => $gateway) { $result[$gwname] = $gateway['ipprotocol']; } return $result; }
if (write_config()) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } else { if ($_GET['act'] == "toggle") { if ($a_1to1[$_GET['id']]) { if (isset($a_1to1[$_GET['id']]['disabled'])) { unset($a_1to1[$_GET['id']]['disabled']); } else { $a_1to1[$_GET['id']]['disabled'] = true; } if (write_config(gettext("Firewall: NAT: 1:1, enable/disable NAT rule"))) { mark_subsystem_dirty('natconf'); } header("Location: firewall_nat_1to1.php"); exit; } } } $pgtitle = array(gettext("Firewall"), gettext("NAT"), gettext("1:1")); include "head.inc"; if ($savemsg) { print_info_box($savemsg, 'success'); } if (is_subsystem_dirty('natconf')) { print_apply_box(gettext('The NAT configuration has been changed.') . '<br />' . gettext('You must apply the changes in order for them to take effect.')); } $tab_array = array();
break; } } /* Only relocate the entry if we */ /* found it, and it's not already */ /* at the end. */ if ($i > -1 && $i < count($a_nat) - 1) { $tmp = $a_nat[$i]; unset($a_nat[$i]); $a_nat[] = $tmp; } } /* Now write the new engine array to conf */ write_config("Snort pkg: modified ftp_telnet_server engine settings."); // We have saved a preproc config change, so set "dirty" flag mark_subsystem_dirty('snort_preprocessors'); header("Location: /snort/snort_preprocessors.php?id={$id}#ftp_telnet_row_ftp_proto_opts"); exit; } } $if_friendly = convert_friendly_interface_to_friendly_descr($config['installedpackages']['snortglobal']['rule'][$id]['interface']); $pgtitle = gettext("Snort: Interface {$if_friendly} - FTP Preprocessor Server Engine"); include_once "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC" > <?php include "fbegin.inc"; if ($input_errors) { print_input_errors($input_errors);
if (!empty($pconfig[$fieldname])) { $client[$fieldname] = $pconfig[$fieldname]; } } if (!empty($pconfig['enable'])) { $client['enable'] = true; } if (!empty($pconfig['net_list'])) { $client['net_list'] = true; } if (!empty($pconfig['save_passwd'])) { $client['save_passwd'] = true; } $config['ipsec']['client'] = $client; write_config(); mark_subsystem_dirty('ipsec'); header("Location: vpn_ipsec_mobile.php"); exit; } } // initialize missing post attributes foreach (explode(",", $form_fields) as $fieldname) { $fieldname = trim($fieldname); if (!isset($pconfig[$fieldname])) { $pconfig[$fieldname] = null; } } } legacy_html_escape_form_data($pconfig); $pgtitle = array(gettext("VPN"), gettext("IPsec"), gettext("Mobile")); $shortcut_section = "ipsec";
} /* copy $movebtn route */ if ($movebtn < count($a_routes)) { $a_routes_new[] = $a_routes[$movebtn]; } /* copy all routes > $movebtn and not selected */ for ($i = $movebtn + 1; $i < count($a_routes); $i++) { if (!in_array($i, $_POST['route'])) { $a_routes_new[] = $a_routes[$i]; } } if (count($a_routes_new) > 0) { $a_routes = $a_routes_new; } if (write_config()) { mark_subsystem_dirty('staticroutes'); } header("Location: system_routes.php"); exit; } } } $pgtitle = array(gettext("System"), gettext("Static Routes")); $shortcut_section = "routing"; include "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include "fbegin.inc"; ?>
} if (count($users) > 0) { $pppoecfg['username'] = implode(" ", $users); } if (!isset($id)) { $id = count($a_pppoes); } if (file_exists('/tmp/.vpn_pppoe.apply')) { $toapplylist = unserialize(file_get_contents('/tmp/.vpn_pppoe.apply')); } else { $toapplylist = array(); } $toapplylist[] = $pppoecfg['pppoeid']; $a_pppoes[$id] = $pppoecfg; write_config(); mark_subsystem_dirty('vpnpppoe'); file_put_contents('/tmp/.vpn_pppoe.apply', serialize($toapplylist)); header("Location: vpn_pppoe.php"); exit; } } $shortcut_section = "pppoes"; include "head.inc"; ?> <body> <?php include "fbegin.inc"; ?> <script type="text/javascript" src="/javascript/row_helper.js"></script>
if (!empty($pconfig['apply'])) { system_setup_sysctl(); clear_subsystem_dirty('sysctl'); header("Location: system_advanced_sysctl.php"); exit; } elseif (!empty($pconfig['Submit'])) { $tunableent = array(); $tunableent['tunable'] = $pconfig['tunable']; $tunableent['value'] = $pconfig['value']; $tunableent['descr'] = $pconfig['descr']; if (isset($id)) { $a_tunable[$id] = $tunableent; } else { $a_tunable[] = $tunableent; } mark_subsystem_dirty('sysctl'); write_config(); header("Location: system_advanced_sysctl.php"); exit; } } } legacy_html_escape_form_data($a_tunable); if ($act != 'edit') { $main_buttons = array(array('href' => 'system_advanced_sysctl.php?act=edit', 'label' => gettext('Add a new tunable'))); } include "head.inc"; ?> <body> <script type="text/javascript">
} } if (isset($wancfg['wireless'])) { handle_wireless_post(); } conf_mount_ro(); write_config(); if (file_exists("{$g['tmp_path']}/.interfaces.apply")) { $toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply")); } else { $toapplylist = array(); } $toapplylist[$if]['ifcfg'] = $old_wancfg; $toapplylist[$if]['ppps'] = $old_ppps; file_put_contents("{$g['tmp_path']}/.interfaces.apply", serialize($toapplylist)); mark_subsystem_dirty('interfaces'); /* regenerate cron settings/crontab file */ configure_cron(); header("Location: interfaces.php?if={$if}"); exit; } } } } // end if ($_POST) function handle_wireless_post() { global $_POST, $config, $g, $wancfg, $if, $wl_countries_attr, $wlanbaseif; if (!is_array($wancfg['wireless'])) { $wancfg['wireless'] = array(); }
} } if ($tmpdirty == true) { $a_aliases[$aliasid]['address'] = implode(" ", $tmpaddr); } } } } $a_aliases[$id] = $alias; } else { $a_aliases[] = $alias; } // Sort list $a_aliases = msort($a_aliases, "name"); if (write_config()) { mark_subsystem_dirty('aliases'); } if (!empty($tab)) { header("Location: firewall_aliases.php?tab=" . htmlspecialchars($tab)); } else { header("Location: firewall_aliases.php"); } exit; } else { //we received input errors, copy data to prevent retype $pconfig['name'] = $_POST['name']; $pconfig['descr'] = $_POST['descr']; if ($_POST['type'] == 'url' || $_POST['type'] == 'url_ports') { $pconfig['address'] = implode(" ", $alias['aliasurl']); } else { $pconfig['address'] = implode(" ", $address);
$filterent['updated'] = make_config_revision_entry(); // Allow extending of the firewall edit page and include custom input validation pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/pre_write_config"); if (isset($id) && $a_filter[$id]) { $a_filter[$id] = $filterent; } else { $filterent['created'] = make_config_revision_entry(); if (is_numeric($after)) { array_splice($a_filter, $after + 1, 0, array($filterent)); } else { $a_filter[] = $filterent; } } filter_rules_sort(); if (write_config()) { mark_subsystem_dirty('filter'); } if (isset($_POST['floating'])) { header("Location: firewall_rules.php?if=FloatingRules"); } else { header("Location: firewall_rules.php?if=" . htmlspecialchars($_POST['interface'])); } exit; } } $pgtitle = array(gettext("Firewall"), gettext("Rules"), gettext("Edit")); $shortcut_section = "firewall"; $closehead = false; $page_filename = "firewall_rules_edit.php"; include "head.inc"; ?>
$pconfig['iprep_catlist'] = $a_nat[$id]['iprep_catlist']; $pconfig['iplist_files'] = $a_nat[$id]['iplist_files']; } if ($_POST['iprep_catlist_del']) { $pconfig = $_POST; unset($a_nat[$id]['iprep_catlist']); write_config("Suricata pkg: deleted blacklist file for IP REPUTATION preprocessor."); mark_subsystem_dirty('suricata_iprep'); $pconfig['iprep_catlist'] = $a_nat[$id]['iprep_catlist']; $pconfig['iplist_files'] = $a_nat[$id]['iplist_files']; } if ($_POST['iplist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['iplist_files']['item'][$_POST['list_id']]); write_config("Suricata pkg: deleted whitelist file for IP REPUTATION preprocessor."); mark_subsystem_dirty('suricata_iprep'); $pconfig['iplist_files'] = $a_nat[$id]['iplist_files']; $pconfig['iprep_catlist'] = $a_nat[$id]['iprep_catlist']; } if ($_POST['save'] || $_POST['apply']) { $pconfig['iprep_catlist'] = $a_nat[$id]['iprep_catlist']; $pconfig['iplist_files'] = $a_nat[$id]['iplist_files']; // Validate HOST TABLE values if ($_POST['host_memcap'] < 1000000 || !is_numericint($_POST['host_memcap'])) { $input_errors[] = gettext("The value for 'Host Memcap' must be a numeric integer greater than 1MB (1,048,576!"); } if ($_POST['host_hash_size'] < 1024 || !is_numericint($_POST['host_hash_size'])) { $input_errors[] = gettext("The value for 'Host Hash Size' must be a numeric integer greater than 1024!"); } if ($_POST['host_prealloc'] < 10 || !is_numericint($_POST['host_prealloc'])) { $input_errors[] = gettext("The value for 'Host Preallocations' must be a numeric integer greater than 10!");