1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML
4.0//EN'
>
4 Copyright (C) 2006-2010 Jonathan Zarate
5 http://www.polarcloud.com/tomato/
8 Copyright (C) 2011 Augusto Bott
9 http://code.google.com/p/tomato-sdhc-vlan/
11 For use with Tomato Firmware only.
12 No part of this file may be used without permission.
16 <meta http-equiv='content-type' content='text/html;charset=utf-
8'
>
17 <meta name='robots' content='noindex,nofollow'
>
18 <title>[<%
ident(); %>] Advanced: Firewall
</title>
19 <link rel='stylesheet' type='text/css' href='tomato.css'
>
21 <script type='text/javascript' src='tomato.js'
></script>
25 <script type='text/javascript' src='debug.js'
></script>
27 <script type='text/javascript'
>
29 // <% nvram("block_wan,block_wan_limit,block_wan_limit_icmp,block_wan_limit_tr,nf_loopback,ne_syncookies,DSCP_fix_enable,multicast_pass,multicast_lan,multicast_lan1,multicast_lan2,multicast_lan3,lan_ifname,lan1_ifname,lan2_ifname,lan3_ifname,udpxy_enable,udpxy_stats,udpxy_clients,udpxy_port,ne_snat"); %>
31 function verifyFields(focused
, quiet
)
34 E('_f_icmp_limit').disabled
= !E('_f_icmp').checked
;
35 E('_f_icmp_limit_icmp').disabled
= (!E('_f_icmp').checked
|| !E('_f_icmp_limit').checked
);
36 E('_f_icmp_limit_traceroute').disabled
= (!E('_f_icmp').checked
|| !E('_f_icmp_limit').checked
);
39 var enable_mcast
= E('_f_multicast').checked
;
40 E('_f_multicast_lan').disabled
= ((!enable_mcast
) || (nvram
.lan_ifname
.length
< 1));
41 E('_f_multicast_lan1').disabled
= ((!enable_mcast
) || (nvram
.lan1_ifname
.length
< 1));
42 E('_f_multicast_lan2').disabled
= ((!enable_mcast
) || (nvram
.lan2_ifname
.length
< 1));
43 E('_f_multicast_lan3').disabled
= ((!enable_mcast
) || (nvram
.lan3_ifname
.length
< 1));
44 if(nvram
.lan_ifname
.length
< 1)
45 E('_f_multicast_lan').checked
= false;
46 if(nvram
.lan1_ifname
.length
< 1)
47 E('_f_multicast_lan1').checked
= false;
48 if(nvram
.lan2_ifname
.length
< 1)
49 E('_f_multicast_lan2').checked
= false;
50 if(nvram
.lan3_ifname
.length
< 1)
51 E('_f_multicast_lan3').checked
= false;
52 if ((enable_mcast
) && (!E('_f_multicast_lan').checked
) && (!E('_f_multicast_lan1').checked
) && (!E('_f_multicast_lan2').checked
) && (!E('_f_multicast_lan3').checked
)) {
53 ferror
.set('_f_multicast', 'IGMPproxy must be enabled in least one LAN bridge', quiet
);
56 ferror
.clear('_f_multicast');
59 E('_f_udpxy_stats').disabled
= !E('_f_udpxy_enable').checked
;
60 E('_f_udpxy_clients').disabled
= !E('_f_udpxy_enable').checked
;
61 E('_f_udpxy_port').disabled
= !E('_f_udpxy_enable').checked
;
69 if (!verifyFields(null, 0)) return;
72 fom
.block_wan
.value
= E('_f_icmp').checked
? 0 : 1;
73 fom
.block_wan_limit
.value
= E('_f_icmp_limit').checked
? 1 : 0;
74 fom
.block_wan_limit_icmp
.value
= E('_f_icmp_limit_icmp').value
;
75 fom
.block_wan_limit_tr
.value
= E('_f_icmp_limit_traceroute').value
;
77 fom
.ne_syncookies
.value
= E('_f_syncookies').checked
? 1 : 0;
78 fom
.DSCP_fix_enable
.value
= E('_f_DSCP_fix_enable').checked
? 1 : 0;
79 fom
.multicast_pass
.value
= E('_f_multicast').checked
? 1 : 0;
81 fom
.multicast_lan
.value
= E('_f_multicast_lan').checked
? 1 : 0;
82 fom
.multicast_lan1
.value
= E('_f_multicast_lan1').checked
? 1 : 0;
83 fom
.multicast_lan2
.value
= E('_f_multicast_lan2').checked
? 1 : 0;
84 fom
.multicast_lan3
.value
= E('_f_multicast_lan3').checked
? 1 : 0;
86 fom
.udpxy_enable
.value
= E('_f_udpxy_enable').checked
? 1 : 0;
87 fom
.udpxy_stats
.value
= E('_f_udpxy_stats').checked
? 1 : 0;
88 fom
.udpxy_clients
.value
= E('_f_udpxy_clients').value
;
89 fom
.udpxy_port
.value
= E('_f_udpxy_port').value
;
96 <form id='_fom' method='post' action='tomato.cgi'
>
97 <table id='container' cellspacing=
0>
98 <tr><td colspan=
2 id='header'
>
99 <div class='title'
>Tomato
</div>
100 <div class='version'
>Version <%
version(); %></div>
102 <tr id='body'
><td id='navi'
><script type='text/javascript'
>navi()</script></td>
104 <div id='ident'
><%
ident(); %></div>
108 <input type='hidden' name='_nextpage' value='advanced-firewall.asp'
>
109 <input type='hidden' name='_service' value='firewall-restart'
>
111 <input type='hidden' name='block_wan'
>
112 <input type='hidden' name='block_wan_limit'
>
113 <input type='hidden' name='block_wan_limit_icmp'
>
114 <input type='hidden' name='block_wan_limit_tr'
>
115 <input type='hidden' name='ne_syncookies'
>
116 <input type='hidden' name='DSCP_fix_enable'
>
117 <input type='hidden' name='multicast_pass'
>
119 <input type='hidden' name='multicast_lan'
>
120 <input type='hidden' name='multicast_lan1'
>
121 <input type='hidden' name='multicast_lan2'
>
122 <input type='hidden' name='multicast_lan3'
>
124 <input type='hidden' name='udpxy_enable'
>
125 <input type='hidden' name='udpxy_stats'
>
126 <input type='hidden' name='udpxy_clients'
>
127 <input type='hidden' name='udpxy_port'
>
129 <div class='section-title'
>Firewall
</div>
130 <div class='section'
>
131 <script type='text/javascript'
>
132 createFieldTable('', [
133 { title
: 'Respond to ICMP ping', name
: 'f_icmp', type
: 'checkbox', value
: nvram
.block_wan
== '0' },
134 { title
: 'Limit packets per second', indent
: 2, name
: 'f_icmp_limit', type
: 'checkbox', value
: nvram
.block_wan_limit
!= '0' },
135 { title
: 'ICMP', indent
: 3, name
: 'f_icmp_limit_icmp', type
: 'text', maxlen
: 3, size
: 3, suffix
: ' <small> request per second</small>', value
: fixInt(nvram
.block_wan_limit_icmp
|| 1, 1, 300, 5) },
136 { title
: 'Traceroute', indent
: 3, name
: 'f_icmp_limit_traceroute', type
: 'text', maxlen
: 3, size
: 3, suffix
: ' <small> request per second</small>', value
: fixInt(nvram
.block_wan_limit_tr
|| 5, 1, 300, 5) },
137 { title
: 'Enable SYN cookies', name
: 'f_syncookies', type
: 'checkbox', value
: nvram
.ne_syncookies
!= '0' },
138 { title
: 'Enable DSCP Fix', name
: 'f_DSCP_fix_enable', type
: 'checkbox', value
: nvram
.DSCP_fix_enable
!= '0', suffix
: ' <small>Fixes Comcast incorrect DSCP</small>' }
145 <div class='section-title'
>NAT
</div>
146 <div class='section'
>
147 <script type='text/javascript'
>
148 createFieldTable('', [
149 { title
: 'NAT loopback', name
: 'nf_loopback', type
: 'select', options
: [[0,'All'],[1,'Forwarded Only'],[2,'Disabled']], value
: fixInt(nvram
.nf_loopback
, 0, 2, 1) },
150 { title
: 'NAT target', name
: 'ne_snat', type
: 'select', options
: [[0,'MASQUERADE'],[1,'SNAT']], value
: nvram
.ne_snat
}
157 <div class='section-title'
>Multicast
</div>
158 <div class='section'
>
159 <script type='text/javascript'
>
160 createFieldTable('', [
161 { title
: 'Enable IGMPproxy', name
: 'f_multicast', type
: 'checkbox', value
: nvram
.multicast_pass
== '1' },
163 { title
: 'LAN', indent
: 2, name
: 'f_multicast_lan', type
: 'checkbox', value
: (nvram
.multicast_lan
== '1') },
164 { title
: 'LAN1', indent
: 2, name
: 'f_multicast_lan1', type
: 'checkbox', value
: (nvram
.multicast_lan1
== '1') },
165 { title
: 'LAN2', indent
: 2, name
: 'f_multicast_lan2', type
: 'checkbox', value
: (nvram
.multicast_lan2
== '1') },
166 { title
: 'LAN3', indent
: 2, name
: 'f_multicast_lan3', type
: 'checkbox', value
: (nvram
.multicast_lan3
== '1') },
168 { title
: 'Enable Udpxy', name
: 'f_udpxy_enable', type
: 'checkbox', value
: (nvram
.udpxy_enable
== '1') },
169 { title
: 'Enable client statistics', indent
: 2, name
: 'f_udpxy_stats', type
: 'checkbox', value
: (nvram
.udpxy_stats
== '1') },
170 { title
: 'Max clients', indent
: 2, name
: 'f_udpxy_clients', type
: 'text', maxlen
: 4, size
: 6, value
: fixInt(nvram
.udpxy_clients
|| 3, 1, 5000, 3) },
171 { title
: 'Udpxy port', indent
: 2, name
: 'f_udpxy_port', type
: 'text', maxlen
: 5, size
: 7, value
: fixPort(nvram
.udpxy_port
, 4022) }
179 <tr><td id='footer' colspan=
2>
180 <span id='footer-msg'
></span>
181 <input type='button' value='Save' id='save-button' onclick='save()'
>
182 <input type='button' value='Cancel' id='cancel-button' onclick='reloadPage();'
>
186 <script type='text/javascript'
>verifyFields(null, 1);</script>