release/src/router/www/advanced-firewall.asp

   1 <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.0//EN'>
   2 <!--
   3         Tomato GUI
   4         Copyright (C) 2006-2010 Jonathan Zarate
   5         http://www.polarcloud.com/tomato/
   6
   7         Tomato VLAN GUI
   8         Copyright (C) 2011 Augusto Bott
   9         http://code.google.com/p/tomato-sdhc-vlan/
  10
  11         For use with Tomato Firmware only.
  12         No part of this file may be used without permission.
  13 -->
  14 <html>
  15 <head>
  16 <meta http-equiv='content-type' content='text/html;charset=utf-8'>
  17 <meta name='robots' content='noindex,nofollow'>
  18 <title>[<% ident(); %>] Advanced: Firewall</title>
  19 <link rel='stylesheet' type='text/css' href='tomato.css'>
  20 <% css(); %>
  21 <script type='text/javascript' src='tomato.js'></script>
  22
  23 <!-- / / / -->
  24
  25 <script type='text/javascript' src='debug.js'></script>
  26
  27 <script type='text/javascript'>
  28
  29 //      <% nvram("block_wan,block_wan_limit,block_wan_limit_icmp,block_wan_limit_tr,nf_loopback,ne_syncookies,multicast_pass,multicast_lan,multicast_lan1,multicast_lan2,multicast_lan3,lan_ifname,lan1_ifname,lan2_ifname,lan3_ifname,udpxy_enable,udpxy_stats,udpxy_clients,udpxy_port,ne_snat"); %>
  30
  31 function verifyFields(focused, quiet)
  32 {
  33 /* ICMP */
  34         E('_f_icmp_limit').disabled = !E('_f_icmp').checked;
  35         E('_f_icmp_limit_icmp').disabled = (!E('_f_icmp').checked || !E('_f_icmp_limit').checked);
  36         E('_f_icmp_limit_traceroute').disabled = (!E('_f_icmp').checked || !E('_f_icmp_limit').checked);
  37
  38         var enable_mcast = E('_f_multicast').checked;
  39         E('_f_multicast_lan').disabled = ((!enable_mcast) || (nvram.lan_ifname.length < 1));
  40         E('_f_multicast_lan1').disabled = ((!enable_mcast) || (nvram.lan1_ifname.length < 1));
  41         E('_f_multicast_lan2').disabled = ((!enable_mcast) || (nvram.lan2_ifname.length < 1));
  42         E('_f_multicast_lan3').disabled = ((!enable_mcast) || (nvram.lan3_ifname.length < 1));
  43         if(nvram.lan_ifname.length < 1)
  44                 E('_f_multicast_lan').checked = false;
  45         if(nvram.lan1_ifname.length < 1)
  46                 E('_f_multicast_lan1').checked = false;
  47         if(nvram.lan2_ifname.length < 1)
  48                 E('_f_multicast_lan2').checked = false;
  49         if(nvram.lan3_ifname.length < 1)
  50                 E('_f_multicast_lan3').checked = false;
  51
  52         if ((enable_mcast) && (!E('_f_multicast_lan').checked) && (!E('_f_multicast_lan1').checked) && (!E('_f_multicast_lan2').checked) && (!E('_f_multicast_lan3').checked)) {
  53                 ferror.set('_f_multicast', 'IGMPproxy must be enabled in least one LAN bridge', quiet);
  54                 return 0;
  55         } else {
  56                 ferror.clear('_f_multicast');
  57         }
  58
  59         E('_f_udpxy_stats').disabled = !E('_f_udpxy_enable').checked;
  60         E('_f_udpxy_clients').disabled = !E('_f_udpxy_enable').checked;
  61         E('_f_udpxy_port').disabled = !E('_f_udpxy_enable').checked;
  62
  63         return 1;
  64 }
  65
  66 function save()
  67 {
  68         var fom;
  69
  70         if (!verifyFields(null, 0)) return;
  71
  72         fom = E('_fom');
  73         fom.block_wan.value = E('_f_icmp').checked ? 0 : 1;
  74         fom.block_wan_limit.value = E('_f_icmp_limit').checked? 1 : 0;
  75         fom.block_wan_limit_icmp.value = E('_f_icmp_limit_icmp').value;
  76         fom.block_wan_limit_tr.value = E('_f_icmp_limit_traceroute').value;
  77
  78         fom.ne_syncookies.value = E('_f_syncookies').checked ? 1 : 0;
  79         fom.multicast_pass.value = E('_f_multicast').checked ? 1 : 0;
  80         fom.multicast_lan.value = E('_f_multicast_lan').checked ? 1 : 0;
  81         fom.multicast_lan1.value = E('_f_multicast_lan1').checked ? 1 : 0;
  82         fom.multicast_lan2.value = E('_f_multicast_lan2').checked ? 1 : 0;
  83         fom.multicast_lan3.value = E('_f_multicast_lan3').checked ? 1 : 0;
  84         fom.udpxy_enable.value = E('_f_udpxy_enable').checked ? 1 : 0;
  85         fom.udpxy_stats.value = E('_f_udpxy_stats').checked ? 1 : 0;
  86         fom.udpxy_clients.value = E('_f_udpxy_clients').value;
  87         fom.udpxy_port.value = E('_f_udpxy_port').value;
  88         form.submit(fom, 1);
  89 }
  90 </script>
  91
  92 </head>
  93 <body>
  94 <form id='_fom' method='post' action='tomato.cgi'>
  95 <table id='container' cellspacing=0>
  96 <tr><td colspan=2 id='header'>
  97         <div class='title'>Tomato</div>
  98         <div class='version'>Version <% version(); %></div>
  99 </td></tr>
 100 <tr id='body'><td id='navi'><script type='text/javascript'>navi()</script></td>
 101 <td id='content'>
 102 <div id='ident'><% ident(); %></div>
 103
 104 <!-- / / / -->
 105
 106 <input type='hidden' name='_nextpage' value='advanced-firewall.asp'>
 107 <input type='hidden' name='_service' value='firewall-restart'>
 108
 109 <input type='hidden' name='block_wan'>
 110 <input type='hidden' name='block_wan_limit'>
 111 <input type='hidden' name='block_wan_limit_icmp'>
 112 <input type='hidden' name='block_wan_limit_tr'>
 113 <input type='hidden' name='ne_syncookies'>
 114 <input type='hidden' name='multicast_pass'>
 115 <input type='hidden' name='multicast_lan'>
 116 <input type='hidden' name='multicast_lan1'>
 117 <input type='hidden' name='multicast_lan2'>
 118 <input type='hidden' name='multicast_lan3'>
 119 <input type='hidden' name='udpxy_enable'>
 120 <input type='hidden' name='udpxy_stats'>
 121 <input type='hidden' name='udpxy_clients'>
 122 <input type='hidden' name='udpxy_port'>
 123
 124 <div class='section-title'>Firewall</div>
 125 <div class='section'>
 126 <script type='text/javascript'>
 127 createFieldTable('', [
 128         { title: 'Respond to ICMP ping', name: 'f_icmp', type: 'checkbox', value: nvram.block_wan == '0' },
 129         { title: 'Limits per second', name: 'f_icmp_limit', type: 'checkbox', value: nvram.block_wan_limit != '0' },
 130         { title: 'ICMP', indent: 2, name: 'f_icmp_limit_icmp', type: 'text', maxlen: 3, size: 3, suffix: ' <small> request per second</small>', value: fixInt(nvram.block_wan_limit_icmp || 1, 1, 300, 5) },
 131         { title: 'Traceroute', indent: 2, name: 'f_icmp_limit_traceroute', type: 'text', maxlen: 3, size: 3, suffix: ' <small> request per second</small>', value: fixInt(nvram.block_wan_limit_tr || 5, 1, 300, 5) },
 132         null,
 133         { title: 'Enable SYN cookies', name: 'f_syncookies', type: 'checkbox', value: nvram.ne_syncookies != '0' }
 134 ]);
 135 </script>
 136 </div>
 137
 138 <div class='section-title'>NAT</div>
 139 <div class='section'>
 140 <script type='text/javascript'>
 141 createFieldTable('', [
 142         { title: 'NAT loopback', name: 'nf_loopback', type: 'select', options: [[0,'All'],[1,'Forwarded Only'],[2,'Disabled']], value: fixInt(nvram.nf_loopback, 0, 2, 1) },
 143         { title: 'NAT target', name: 'ne_snat', type: 'select', options: [[0,'MASQUERADE'],[1,'SNAT']], value: nvram.ne_snat }
 144 ]);
 145 </script>
 146 </div>
 147
 148 <div class='section-title'>Multicast</div>
 149 <div class='section'>
 150 <script type='text/javascript'>
 151 createFieldTable('', [
 152         { title: 'Enable IGMPproxy', name: 'f_multicast', type: 'checkbox', value: nvram.multicast_pass == '1' },
 153         { title: 'LAN', indent: 2, name: 'f_multicast_lan', type: 'checkbox', value: (nvram.multicast_lan == '1') },
 154         { title: 'LAN1', indent: 2, name: 'f_multicast_lan1', type: 'checkbox', value: (nvram.multicast_lan1 == '1') },
 155         { title: 'LAN2', indent: 2, name: 'f_multicast_lan2', type: 'checkbox', value: (nvram.multicast_lan2 == '1') },
 156         { title: 'LAN3', indent: 2, name: 'f_multicast_lan3', type: 'checkbox', value: (nvram.multicast_lan3 == '1') },
 157         null,
 158         { title: 'Enable Udpxy', name: 'f_udpxy_enable', type: 'checkbox', value: (nvram.udpxy_enable == '1') },
 159         { title: 'Enable client statistics', indent: 2, name: 'f_udpxy_stats', type: 'checkbox', value: (nvram.udpxy_stats == '1') },
 160         { title: 'Max clients', indent: 2, name: 'f_udpxy_clients', type: 'text', maxlen: 4, size: 6, value: fixInt(nvram.udpxy_clients || 3, 1, 5000, 3) },
 161         { title: 'Udpxy port', indent: 2, name: 'f_udpxy_port', type: 'text', maxlen: 5, size: 7, value: fixPort(nvram.udpxy_port, 4022) }
 162
 163 ]);
 164 </script>
 165 </div>
 166
 167 <!-- / / / -->
 168
 169 </td></tr>
 170 <tr><td id='footer' colspan=2>
 171         <span id='footer-msg'></span>
 172         <input type='button' value='Save' id='save-button' onclick='save()'>
 173         <input type='button' value='Cancel' id='cancel-button' onclick='reloadPage();'>
 174 </td></tr>
 175 </table>
 176 </form>
 177 <script type='text/javascript'>verifyFields(null, 1);</script>
 178 </body>
 179 </html>