(filter) extend new style FilterRule, adds icmptype, tag, tagged

51d2acf4 · Ad Schellevis · fc6ad652 · 51d2acf4
Commit 51d2acf4 authored Mar 05, 2017 by Ad Schellevis
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

FilterRule.php ...opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php +11 -0

No files found.
--- a/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
@@ -51,11 +51,14 @@ class FilterRule
        'from_port' => 'parsePlain, port {,}',
        'to' => 'parsePlain,to {,}',
        'to_port' => 'parsePlain, port {,}',
+        'icmp-type' => 'parsePlain,icmp-type {,}',
        'icmp6-type' => 'parsePlain,icmp6-type {,}',
        'flags' => 'parsePlain, flags ',
        'state' => 'parseState',
        'set-prio' => 'parsePlain, set prio ',
        'prio' => 'parsePlain, prio ',
+        'tag' => 'parsePlain, tag ',
+        'tagged' => 'parsePlain, tagged ',
        'allowopts' => 'parseBool,allow-opts',
        'label' => 'parsePlain,label ",",63'
    );
@@ -236,6 +239,14 @@ class FilterRule
                                              "/" . $tmp['max-src-conn-rates'] . ", overload <virusprot> flush global ";
                    }
                }
+                // icmp-type switch (ipv4/ipv6)
+                if ($tmp['protocol'] == "icmp" && !empty($tmp['icmptype'])) {
+                    if ($ipproto == 'inet') {
+                        $tmp['icmp-type'] = $tmp['icmptype'];
+                    } elseif ($ipproto == 'inet6') {
+                        $tmp['icmp6-type'] = $tmp['icmptype'];
+                    }
+                }
                // icmpv6
                if ($ipproto == 'inet6' && !empty($tmp['protocol']) && $tmp['protocol'] == "icmp") {
                    $tmp['protocol'] = 'ipv6-icmp';