X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Ffwhosts.cgi;h=3b46677b8c30625e6c57b9aaba47fd2e3cf1b628;hb=943a96faed4fb515259c18d04b330ba622490b7b;hp=4b0a1122d248d0e37cec12dae4c9d7c3bc6d142a;hpb=0b54aaede3702dcaf76e3d4b50fd5ca591e8fe13;p=people%2Fteissler%2Fipfire-2.x.git

diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index 4b0a1122d..3b46677b8 100755
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2011  IPFire Team  <info@ipfire.org>                          #
+# Copyright (C) 2013 Alexander Marx <amarx@ipfire.org>                        #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -18,14 +18,11 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
 #                                                                             #
 ###############################################################################
-# New function for forwarding firewall. To make it comfortable to create	  #
-# rules, we need "spelling names" for single Hosts. If you have any questions #
-# <amarx@ipfire.org>														  #
-###############################################################################
 use strict;
 
 # enable only the following on debugging purpose
 use warnings;
+use Sort::Naturally;
 use CGI::Carp 'fatalsToBrowser';
 no warnings 'uninitialized';
 require '/var/ipfire/general-functions.pl';
@@ -49,6 +46,9 @@ my %ownnet=();
 my %ipsecsettings=();
 my %fwfwd=();
 my %fwinp=();
+my %fwout=();
+my %ovpnsettings=();
+
 
 my $errormessage;
 my $hint;
@@ -61,8 +61,12 @@ my $configccdhost	= "${General::swroot}/ovpn/ovpnconfig";
 my $configipsec		= "${General::swroot}/vpn/config";
 my $configsrv		= "${General::swroot}/fwhosts/customservices";
 my $configsrvgrp	= "${General::swroot}/fwhosts/customservicegrp";
-my $fwconfigfwd		= "${General::swroot}/forward/config";
-my $fwconfiginp		= "${General::swroot}/forward/input";
+my $fwconfigfwd		= "${General::swroot}/firewall/config";
+my $fwconfiginp		= "${General::swroot}/firewall/input";
+my $fwconfigout		= "${General::swroot}/firewall/outgoing";
+my $configovpn		= "${General::swroot}/ovpn/settings";
+my $tdcolor='';
+my $configipsecrw	= "${General::swroot}/vpn/settings";
 
 unless (-e $confignet)    { system("touch $confignet"); }
 unless (-e $confighost)   { system("touch $confighost"); }
@@ -73,18 +77,51 @@ unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
 &General::readhash("${General::swroot}/main/settings", \%mainsettings);
 &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
 &General::readhash("${General::swroot}/ethernet/settings", \%ownnet);
+&General::readhash("$configovpn", \%ovpnsettings);
+&General::readhasharray("$configipsec", \%ipsecconf);
+&General::readhash("$configipsecrw", \%ipsecsettings);
+
 &Header::getcgihash(\%fwhostsettings);
 
 &Header::showhttpheaders();
 &Header::openpage($Lang::tr{'fwhost hosts'}, 1, '');
 &Header::openbigbox('100%', 'center');
 
+#### JAVA SCRIPT ####
+print<<END;
+<script>
+	var PROTOCOLS_WITH_PORTS = ["TCP", "UDP"];
+	var update_protocol = function() {
+		var protocol = \$("#protocol").val();
+
+		if (protocol === undefined)
+			return;
+
+		// Check if we are dealing with a protocol, that knows ports.
+		if (\$.inArray(protocol, PROTOCOLS_WITH_PORTS) >= 0) {
+			\$("#PORT").show();
+			\$("#PROTOKOLL").hide();
+		} else {
+			\$("#PORT").hide();
+			\$("#PROTOKOLL").show();
+		}
+	};
+
+	\$(document).ready(function() {
+		var protocol = \$("#protocol").val();
+		\$("#protocol").change(update_protocol);
+		update_protocol();
+		// Automatically select radio buttons when corresponding
+		// dropdown menu changes.
+		\$("select").change(function() {
+			var id = \$(this).attr("name");
+			\$('#' + id).prop("checked", true);
+		});
+	});
+</script>
+END
+
 ## ACTION ####
-if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwdfw reread'})
-{
-	&reread_rules;
-	&showmenu;
-}
 # Update
 if ($fwhostsettings{'ACTION'} eq 'updatenet' )
 {
@@ -96,7 +133,8 @@ if ($fwhostsettings{'ACTION'} eq 'updatenet' )
 			$fwhostsettings{'orgname'} 		= $customnetwork{$key}[0];
 			$fwhostsettings{'orgip'} 		= $customnetwork{$key}[1];
 			$fwhostsettings{'orgsub'} 		= $customnetwork{$key}[2];
-			$fwhostsettings{'count'} 		= $customnetwork{$key}[3];
+			$fwhostsettings{'netremark'}	= $customnetwork{$key}[3];
+			$fwhostsettings{'count'} 		= $customnetwork{$key}[4];
 			delete $customnetwork{$key};
 			
 		}
@@ -119,7 +157,7 @@ if ($fwhostsettings{'ACTION'} eq 'updatehost')
 				$ip = $customhost{$key}[2];
 			}
 			$fwhostsettings{'orgip'} = $ip;
-			$fwhostsettings{'count'} = $customhost{$key}[3];
+			$fwhostsettings{'count'} = $customhost{$key}[4];
 			delete $customhost{$key};
 			&General::writehasharray("$confighost", \%customhost);
 		}
@@ -136,13 +174,15 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice')
 	my $count=0;
 	my $needrules=0;
 	$errormessage=&checkports(\%customservice);
+	if ($fwhostsettings{'oldsrvname'} ne $fwhostsettings{'SRV_NAME'} && !&checkgroup($fwhostsettings{'SRV_NAME'})){
+		$errormessage=$Lang::tr{'fwhost err grpexist'};
+	}
 	if (!$errormessage){
 		&General::readhasharray("$configsrv", \%customservice);
 		foreach my $key (keys %customservice)
 		{
 			if ($customservice{$key}[0] eq $fwhostsettings{'oldsrvname'})
 			{
-				$count=$customservice{$key}[4];
 				delete $customservice{$key};
 				&General::writehasharray("$configsrv", \%customservice);
 				last;
@@ -152,12 +192,18 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice')
 			$fwhostsettings{'ICMP_TYPES'}='BLANK';
 		}
 		my $key1 = &General::findhasharraykey(\%customservice);
+		#find out short ICMP-TYPE
+		&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
+		foreach my $key (keys %icmptypes){
+			if ("$icmptypes{$key}[0] ($icmptypes{$key}[1])" eq $fwhostsettings{'ICMP_TYPES'}){
+					$fwhostsettings{'ICMP_TYPES'}=$icmptypes{$key}[0];
+			}
+		}
 		foreach my $i (0 .. 4) { $customservice{$key1}[$i] = "";}
 		$customservice{$key1}[0] = $fwhostsettings{'SRV_NAME'};
 		$customservice{$key1}[1] = $fwhostsettings{'SRV_PORT'};
 		$customservice{$key1}[2] = $fwhostsettings{'PROT'};
 		$customservice{$key1}[3] = $fwhostsettings{'ICMP_TYPES'};
-		$customservice{$key1}[4] = $count;
 		&General::writehasharray("$configsrv", \%customservice);
 		#check if we need to update firewallrules
 		if ($fwhostsettings{'SRV_NAME'} ne $fwhostsettings{'oldsrvname'}){
@@ -179,40 +225,44 @@ if ($fwhostsettings{'ACTION'} eq 'updateservice')
 				}
 				&General::writehasharray("$fwconfiginp", \%fwinp);
 			}
+			if ( ! -z $fwconfigout ){
+				&General::readhasharray("$fwconfigout", \%fwout);
+				foreach my $line (sort keys %fwout){
+					if ($fwout{$line}[15] eq $fwhostsettings{'oldsrvname'}){
+						$fwout{$line}[15] = $fwhostsettings{'SRV_NAME'};
+					}
+				}
+				&General::writehasharray("$fwconfigout", \%fwout);
+			}
 			#check if we need to update groups
 			&General::readhasharray("$configsrvgrp", \%customservicegrp);
 			foreach my $key (sort keys %customservicegrp){
 				if($customservicegrp{$key}[2] eq $fwhostsettings{'oldsrvname'}){
 					$customservicegrp{$key}[2] = $fwhostsettings{'SRV_NAME'};
+					&checkrulereload($customservicegrp{$key}[0]);
 				}
 			}
 			&General::writehasharray("$configsrvgrp", \%customservicegrp);
-			$needrules='on';
-		}
-		if($count gt 0 && $fwhostsettings{'oldsrvport'} ne $fwhostsettings{'SRV_PORT'} ){
-			$needrules='on';
-		}
-		if($count gt 0 && $fwhostsettings{'oldsrvprot'} ne $fwhostsettings{'PROT'} ){
-			$needrules='on';
 		}
+		&checkrulereload($fwhostsettings{'SRV_NAME'});
 		$fwhostsettings{'SRV_NAME'}	= '';
 		$fwhostsettings{'SRV_PORT'}	= '';
 		$fwhostsettings{'PROT'}		= '';
+		$fwhostsettings{'ICMP'}		= '';
+		$fwhostsettings{'oldsrvicmp'} = '';
+		$fwhostsettings{'updatesrv'} = '';
 	}else{
 		$fwhostsettings{'SRV_NAME'}	= $fwhostsettings{'oldsrvname'};
 		$fwhostsettings{'SRV_PORT'}	= $fwhostsettings{'oldsrvport'};
 		$fwhostsettings{'PROT'}		= $fwhostsettings{'oldsrvprot'};
+		$fwhostsettings{'ICMP'}		= $fwhostsettings{'oldsrvicmp'};
 		$fwhostsettings{'updatesrv'}= 'on';
 	}
-	if($needrules eq 'on'){
-		&rules;
-	}
 	&addservice;
 }
 # save
 if ($fwhostsettings{'ACTION'} eq 'savenet' )
 {
-	my $count=0;
 	my $needrules=0;
 	if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
 	#check if all fields are set
@@ -230,6 +280,11 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
 			$fwhostsettings{'NOCHECK'}	='false';
 			$fwhostsettings{'error'}	='on';
 		}
+		#check remark
+		if ($fwhostsettings{'NETREMARK'} ne '' && !&validremark($fwhostsettings{'NETREMARK'})){
+			$errormessage=$Lang::tr{'fwhost err remark'};
+			$fwhostsettings{'error'}	='on';
+		}
 		#check if subnet is sigle host
 		if(&General::iporsubtocidr($fwhostsettings{'SUBNET'}) eq '32')
 		{
@@ -280,17 +335,17 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
 			$customnetwork{$key}[0] = $fwhostsettings{'orgname'} ;
 			$customnetwork{$key}[1] = $fwhostsettings{'orgip'} ;
 			$customnetwork{$key}[2] = $fwhostsettings{'orgsub'};
-			$customnetwork{$key}[3] = $fwhostsettings{'count'};
+			$customnetwork{$key}[3] = $fwhostsettings{'orgnetremark'};
 			&General::writehasharray("$confignet", \%customnetwork);
 			undef %customnetwork;
 		} 			
 		if (!$errormessage){
+			
 			&General::readhasharray("$confignet", \%customnetwork);
 			if ($fwhostsettings{'ACTION'} eq 'updatenet'){
 				if ($fwhostsettings{'update'} == '0'){
 					foreach my $key (keys %customnetwork) {
 						if($customnetwork{$key}[0] eq $fwhostsettings{'orgname'}){
-							$count=$customnetwork{$key}[3];
 							delete $customnetwork{$key};
 							last;
 						}
@@ -300,9 +355,8 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
 			#get count if actualize is 'on'
 			if($fwhostsettings{'actualize'} eq 'on'){
 				$fwhostsettings{'actualize'} = '';
-				$count=$fwhostsettings{'count'};
 				#check if we need to reload rules
-				if($fwhostsettings{'orgip'}  ne $fwhostsettings{'IP'}  && $count gt '0'){
+				if($fwhostsettings{'orgip'}  ne $fwhostsettings{'IP'}){
 					$needrules='on';
 				}
 				if ($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
@@ -344,26 +398,25 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
 			$fwhostsettings{'SUBNET'}	= &General::iporsubtocidr($fwhostsettings{'SUBNET'});
 			$customnetwork{$key}[0] 	= $fwhostsettings{'HOSTNAME'};
 			#convert ip when leading '0' in byte
-			$fwhostsettings{'IP'}=&General::ip2dec($fwhostsettings{'IP'});
-			$fwhostsettings{'IP'}=&General::dec2ip($fwhostsettings{'IP'});
+			$fwhostsettings{'IP'}		=&General::ip2dec($fwhostsettings{'IP'});
+			$fwhostsettings{'IP'}		=&General::dec2ip($fwhostsettings{'IP'});
 			$customnetwork{$key}[1] 	= &General::getnetworkip($fwhostsettings{'IP'},$fwhostsettings{'SUBNET'}) ;
 			$customnetwork{$key}[2] 	= &General::iporsubtodec($fwhostsettings{'SUBNET'}) ;
-			if($fwhostsettings{'newnet'} eq 'on'){$count=0;}
-			$customnetwork{$key}[3] 	= $count;
+			$customnetwork{$key}[3] 	= $fwhostsettings{'NETREMARK'};
 			&General::writehasharray("$confignet", \%customnetwork);
 			$fwhostsettings{'IP'}=$fwhostsettings{'IP'}."/".&General::iporsubtodec($fwhostsettings{'SUBNET'});
 			undef %customnetwork;
 			$fwhostsettings{'HOSTNAME'}='';
 			$fwhostsettings{'IP'}='';
 			$fwhostsettings{'SUBNET'}='';
+			$fwhostsettings{'NETREMARK'}='';
 			#check if an edited net affected groups and need to reload rules
 			if ($needrules eq 'on'){
-				&rules;
+				&General::firewall_config_changed();
 			}
 			&addnet;
 			&viewtablenet;
-		}else
-		{
+		}else		{
 			&addnet;
 			&viewtablenet;
 		}
@@ -371,7 +424,6 @@ if ($fwhostsettings{'ACTION'} eq 'savenet' )
 }
 if ($fwhostsettings{'ACTION'} eq 'savehost')
 {
-	my $count=0;
 	my $needrules=0;
 	if ($fwhostsettings{'orgname'} eq ''){$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};}
 	$fwhostsettings{'SUBNET'}='32';
@@ -381,24 +433,17 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
 		$errormessage=$errormessage.$Lang::tr{'fwhost err empty'};
 		$fwhostsettings{'ACTION'} = 'edithost';
 	}else{
-		if($fwhostsettings{'type'} eq 'ip' && $fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
-			$fwhostsettings{'type'} = 'mac';
-		}elsif($fwhostsettings{'type'} eq 'mac' && $fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
-			$fwhostsettings{'type'} = 'ip';
-		}elsif($fwhostsettings{'type'} eq 'mac' && $fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
+		if($fwhostsettings{'IP'}=~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/){
 			$fwhostsettings{'type'} = 'mac';
-		}elsif($fwhostsettings{'type'} eq 'ip' && $fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
+		}elsif($fwhostsettings{'IP'}=~/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/){
 			$fwhostsettings{'type'} = 'ip';
 		}else{
 			$fwhostsettings{'type'} = '';
 			$errormessage=$Lang::tr{'fwhost err ipmac'};
 		}
-		if($fwhostsettings{'type'} eq 'mac' )
-		{
-			if ($fwhostsettings{'IP'}!~/^([0-9a-fA-F]{1,2}:){5}[0-9a-fA-F]{1,2}$/ )
-			{
-				$errormessage=$Lang::tr{'fwhost err mac'};
-			}
+		#check remark
+		if ($fwhostsettings{'HOSTREMARK'} ne '' && !&validremark($fwhostsettings{'HOSTREMARK'})){
+			$errormessage=$Lang::tr{'fwhost err remark'};
 		}
 		#CHECK IP-PART
 		if ($fwhostsettings{'type'} eq 'ip'){
@@ -434,15 +479,14 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
 			}else{
 				$customhost{$key}[2] = $fwhostsettings{'orgip'};
 			}
-			$customhost{$key}[3] = $fwhostsettings{'count'};
+			$customhost{$key}[3] = $fwhostsettings{'orgremark'};
 			&General::writehasharray("$confighost", \%customhost);
 			undef %customhost;
 		} 
 		if (!$errormessage){
 			#get count if host was edited
 			if($fwhostsettings{'actualize'} eq 'on'){
-				$count=$fwhostsettings{'count'};
-				if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'} && $count gt '0' ){
+				if($fwhostsettings{'orgip'} ne $fwhostsettings{'IP'}){
 					$needrules='on';
 				}
 				if($fwhostsettings{'orgname'} ne $fwhostsettings{'HOSTNAME'}){
@@ -451,7 +495,6 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
 					foreach my $key (sort keys %customgrp){
 						if($customgrp{$key}[2] eq $fwhostsettings{'orgname'}){
 							$customgrp{$key}[2]=$fwhostsettings{'HOSTNAME'};
-							last;
 						}
 					}
 					&General::writehasharray("$configgrp", \%customgrp);
@@ -491,16 +534,16 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
 			}else{
 				$customhost{$key}[2] = $fwhostsettings{'IP'};
 			}
-			if($fwhostsettings{'newhost'} eq 'on'){$count=0;}
-			$customhost{$key}[3] = $count;
+			$customhost{$key}[3] = $fwhostsettings{'HOSTREMARK'};
 			&General::writehasharray("$confighost", \%customhost);
 			undef %customhost;
 			$fwhostsettings{'HOSTNAME'}='';
 			$fwhostsettings{'IP'}='';
 			$fwhostsettings{'type'}='';
+			 $fwhostsettings{'HOSTREMARK'}='';
 			#check if we need to update rules while host was edited
 			if($needrules eq 'on'){
-				&rules;
+				&General::firewall_config_changed();
 			}
 			&addhost;
 			&viewtablehost;
@@ -512,7 +555,7 @@ if ($fwhostsettings{'ACTION'} eq 'savehost')
 }
 if ($fwhostsettings{'ACTION'} eq 'savegrp')
 {
-	my $grp=$fwhostsettings{'grp_name'};;
+	my $grp=$fwhostsettings{'grp_name'};
 	my $rem=$fwhostsettings{'remark'};
 	my $count;
 	my $type;
@@ -522,15 +565,16 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
 	&General::readhasharray("$configgrp", \%customgrp);
 	&General::readhasharray("$confignet", \%customnetwork);
 	&General::readhasharray("$confighost", \%customhost);
+	&General::readhasharray("$fwconfigfwd", \%fwfwd);
+	&General::readhasharray("$fwconfiginp", \%fwinp);
+	&General::readhasharray("$fwconfigout", \%fwout);
 	#check name
 	if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
+	#check existing name
+	if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){$errormessage.=$Lang::tr{'fwhost err grpexist'};}
 	#check remark
 	if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
 		$errormessage.=$Lang::tr{'fwhost err remark'};
-		$fwhostsettings{'update'} = 'on';
-		$fwhostsettings{'remark'}=$fwhostsettings{'oldremark'};
-		&addgrp;
-		&viewtablegrp;
 	}
 	if ($fwhostsettings{'update'} eq 'on'){
 		#check standard networks
@@ -628,17 +672,6 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
 		}
 		&General::writehasharray("$configgrp", \%customgrp);
 		&General::readhasharray("$configgrp", \%customgrp);
-		#get count used
-		foreach my $key (keys %customgrp)
-		{
-			if($customgrp{$key}[0] eq $grp)
-			{
-				$count=$customgrp{$key}[4];
-				last;
-			}
-		}
-		if ($count eq '' ){$count='0';}
-		
 		#create array with new lines
 		foreach my $line (@target){
 			push (@newgrp,"$grp,$rem,$line");
@@ -646,38 +679,23 @@ if ($fwhostsettings{'ACTION'} eq 'savegrp')
 		#append new entries
 		my $key = &General::findhasharraykey (\%customgrp);
 		foreach my $line (@newgrp){
-			foreach my $i (0 .. 4) { $customgrp{$key}[$i] = "";}
+			foreach my $i (0 .. 3) { $customgrp{$key}[$i] = "";}
 			my ($a,$b,$c,$d) = split (",",$line);
 			$customgrp{$key}[0] = $a;
 			$customgrp{$key}[1] = $b;
 			$customgrp{$key}[2] = $c;
 			$customgrp{$key}[3] = $type;
-			$customgrp{$key}[4] = $count;
 		}
 		&General::writehasharray("$configgrp", \%customgrp);
 		#update counter in Host/Net
-		if($updcounter eq 'net'){
-			foreach my $key (keys %customnetwork) {
-				if($customnetwork{$key}[0] eq $fwhostsettings{'CUST_SRC_NET'}){
-					$customnetwork{$key}[3] = $customnetwork{$key}[3]+1;
-					last;
-				}
-			}
-			&General::writehasharray("$confignet", \%customnetwork);
-		}elsif($updcounter eq 'host'){
-			foreach my $key (keys %customhost) {
-				if ($customhost{$key}[0] eq $fwhostsettings{'CUST_SRC_HOST'}){
-					$customhost{$key}[3]=$customhost{$key}[3]+1;
-				}
-			}
-			&General::writehasharray("$confighost", \%customhost);
-		}
 		$fwhostsettings{'update'}='on';
 	}
 		#check if ruleupdate is needed
-		if($count > 0 )
+		my $netgrpcount=0;
+		$netgrpcount=&getnetcount($grp);
+		if($netgrpcount > 0 )
 		{
-			&rules;
+			&General::firewall_config_changed();
 		}
 		&addgrp;
 		&viewtablegrp;
@@ -686,6 +704,7 @@ if ($fwhostsettings{'ACTION'} eq 'saveservice')
 {
 	my $ICMP;
 	&General::readhasharray("$configsrv", \%customservice );
+	&General::readhasharray("$configgrp", \%customgrp);
 	$errormessage=&checkports(\%customservice);
 	if ($fwhostsettings{'PROT'} eq 'ICMP'){
 		&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
@@ -695,7 +714,12 @@ if ($fwhostsettings{'ACTION'} eq 'saveservice')
 			}
 		}
 	}
-	if($ICMP eq ''){$ICMP='BLANK';}
+	if($ICMP eq ''){$ICMP=$fwhostsettings{'ICMP_TYPES'};}
+	if ($fwhostsettings{'PROT'} ne 'ICMP'){$ICMP='BLANK';}
+	#Check if a group with the same name already exists
+	if (!&checkgroup($fwhostsettings{'SRV_NAME'})){
+		$errormessage = $Lang::tr{'fwhost err grpexist'};
+	}
 	if (!$errormessage){
 		my $key = &General::findhasharraykey (\%customservice);
 		foreach my $i (0 .. 4) { $customservice{$key}[$i] = "";}
@@ -703,7 +727,6 @@ if ($fwhostsettings{'ACTION'} eq 'saveservice')
 		$customservice{$key}[1] = $fwhostsettings{'SRV_PORT'};
 		$customservice{$key}[2] = $fwhostsettings{'PROT'};
 		$customservice{$key}[3] = $ICMP;
-		$customservice{$key}[4] = 0;
 		&General::writehasharray("$configsrv", \%customservice );
 		#reset fields
 		$fwhostsettings{'SRV_NAME'}='';
@@ -717,10 +740,39 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
 {
 	my $prot;
 	my $port;
-	my $count=0;
+	my $tcpcounter=0;
+	my $udpcounter=0;
 	&General::readhasharray("$configsrvgrp", \%customservicegrp );
 	&General::readhasharray("$configsrv", \%customservice );
 	$errormessage=&checkservicegroup;
+	#Check if we have more than 15 services from one Protocol in the group
+	#iptables can only handle 15 ports/portranges via multiport
+	foreach my $key (keys %customservicegrp){
+		if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'}){
+			foreach my $key1 (keys %customservice){
+				$tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
+				$tcpcounter++ if $customservice{$key1}[2] eq 'TCP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
+				$udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0];
+				$udpcounter++ if $customservice{$key1}[2] eq 'UDP' && $customservicegrp{$key}[2] eq $customservice{$key1}[0] && $customservice{$key1}[1] =~m/:/i;
+			}
+		}
+	}
+	if ($tcpcounter > 15){
+		$errormessage=$Lang::tr{'fwhost err maxservicetcp'};
+	}
+	if ($udpcounter > 15){
+		$errormessage=$Lang::tr{'fwhost err maxserviceudp'};
+	}
+	$tcpcounter=0;
+	$udpcounter=0;
+	#check remark
+	if ($fwhostsettings{'SRVGRP_REMARK'} ne '' && !&validremark($fwhostsettings{'SRVGRP_REMARK'})){
+		$errormessage .= $Lang::tr{'fwhost err remark'};
+	}
+	#Check if there is already a service with the same name
+	if(!&checkservice($fwhostsettings{'SRVGRP_NAME'})){
+		$errormessage .= $Lang::tr{'fwhost err srv exists'};
+	}
 	if (!$errormessage){
 		#on first save, we have to enter a dummy value
 		if ($fwhostsettings{'CUST_SRV'} eq ''){
@@ -743,40 +795,18 @@ if ($fwhostsettings{'ACTION'} eq 'saveservicegrp')
 				{
 					$customservicegrp{$key}[1]='';
 					$customservicegrp{$key}[1]=$fwhostsettings{'SRVGRP_REMARK'};
-				}	
-			}
-		}
-		#get count used
-		foreach my $key (keys %customservicegrp)
-		{
-			if($customservicegrp{$key}[0] eq $fwhostsettings{'SRVGRP_NAME'})
-			{
-				$count=$customservicegrp{$key}[3];
-				last;
-			}
-		}
-		if ($count eq '' ){$count='0';}
-			
-		foreach my $key (sort keys %customservice){
-			if($customservice{$key}[0] eq $fwhostsettings{'CUST_SRV'}){
-				$port=$customservice{$key}[1];
-				$prot=$customservice{$key}[2];
-				$customservice{$key}[4]++;
+				}
 			}
 		}
-		&General::writehasharray("$configsrv", \%customservice );
 		my $key = &General::findhasharraykey (\%customservicegrp);
-		foreach my $i (0 .. 3) { $customservice{$key}[$i] = "";}
+		foreach my $i (0 .. 2) { $customservice{$key}[$i] = "";}
 		$customservicegrp{$key}[0] = $fwhostsettings{'SRVGRP_NAME'};
 		$customservicegrp{$key}[1] = $fwhostsettings{'SRVGRP_REMARK'};
 		$customservicegrp{$key}[2] = $fwhostsettings{'CUST_SRV'};
-		$customservicegrp{$key}[3] = $count;
 		&General::writehasharray("$configsrvgrp", \%customservicegrp );
 		$fwhostsettings{'updatesrvgrp'}='on';
 	}
-	if ($count gt 0){
-		&rules;
-	}
+	&checkrulereload($fwhostsettings{'SRVGRP_NAME'});
 	&addservicegrp;
 	&viewtableservicegrp;
 }
@@ -823,6 +853,12 @@ if ($fwhostsettings{'ACTION'} eq 'resethost')
 	$fwhostsettings{'type'} 	="";
 	&showmenu;
 }
+if ($fwhostsettings{'ACTION'} eq 'resetgrp')
+{
+	$fwhostsettings{'grp_name'} ="";
+	$fwhostsettings{'remark'} 	="";
+	&showmenu;
+}
 # delete
 if ($fwhostsettings{'ACTION'} eq 'delnet')
 {
@@ -862,7 +898,7 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
 				&General::readhasharray("$confignet", \%customnetwork);
 				foreach my $key1 (keys %customnetwork){
 						if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
-						$customnetwork{$key1}[3] = $customnetwork{$key1}[3]-1;
+						$customnetwork{$key1}[4] = $customnetwork{$key1}[4]-1;
 						last;
 					}
 				}
@@ -872,7 +908,7 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
 				&General::readhasharray("$confighost", \%customhost);
 				foreach my $key1 (keys %customhost){
 					if ($customhost{$key1}[0] eq $customgrp{$key}[2]){
-						$customhost{$key1}[3] = $customhost{$key1}[3]-1;
+						$customhost{$key1}[4] = $customhost{$key1}[4]-1;
 						last;
 					}
 				}
@@ -884,7 +920,9 @@ if ($fwhostsettings{'ACTION'} eq 'deletegrphost')
 		}
 	}
 	&General::writehasharray("$configgrp", \%customgrp);
-	&rules;
+	if ($fwhostsettings{'grpcnt'} > 0){
+		&General::firewall_config_changed();
+	}
 	if ($fwhostsettings{'update'} eq 'on'){
 		$fwhostsettings{'remark'}= $grpremark;
 		$fwhostsettings{'grp_name'}=$grpname;
@@ -913,7 +951,6 @@ if ($fwhostsettings{'ACTION'} eq 'delservice')
 	&General::readhasharray("$configsrv", \%customservice);
 	foreach my $key (keys %customservice) {
 		if($customservice{$key}[0] eq $fwhostsettings{'SRV_NAME'}){
-			#&deletefromgrp($customhost{$key}[0],$configgrp);
 			delete $customservice{$key};
 			&General::writehasharray("$configsrv", \%customservice);
 			last;
@@ -947,7 +984,7 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
 	&General::readhasharray("$configsrvgrp", \%customservicegrp);
 	&General::readhasharray("$configsrv", \%customservice);
 	foreach my $key (keys %customservicegrp){
-		if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2].",".$customservicegrp{$key}[3] eq $fwhostsettings{'delsrvfromgrp'})
+		if($customservicegrp{$key}[0].",".$customservicegrp{$key}[1].",".$customservicegrp{$key}[2] eq $fwhostsettings{'delsrvfromgrp'})
 		{
 			#decrease count from source service
 			foreach my $key1 (sort keys %customservice){
@@ -956,16 +993,15 @@ if ($fwhostsettings{'ACTION'} eq 'delgrpservice')
 					last;
 				}
 			}
-			&General::writehasharray("$configsrv", \%customservice);
 			$grpname=$customservicegrp{$key}[0];
 			$grpremark=$customservicegrp{$key}[1];
 			delete $customservicegrp{$key};
 		}
 	}
+	&General::writehasharray("$configsrv", \%customservice);
 	&General::writehasharray("$configsrvgrp", \%customservicegrp);
-	&rules;
+	&General::firewall_config_changed();
 	if ($fwhostsettings{'updatesrvgrp'} eq 'on'){
-	#$fwhostsettings{'updatesrvgrp'}='on';
 		$fwhostsettings{'SRVGRP_NAME'}=$grpname;
 		$fwhostsettings{'SRVGRP_REMARK'}=$grpremark;
 	}
@@ -1000,20 +1036,17 @@ if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservicegrp'})
 if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
 {
 	&General::readhasharray("$configgrp", \%customgrp);
-	if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && &validremark($fwhostsettings{'newrem'})){
+	if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
 		foreach my $key (sort keys %customgrp)
 			{
-				#$customgrp{$key}[1]=~ s/\|/,/g;
 				if($customgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgrp{$key}[1] eq $fwhostsettings{'oldrem'})
 				{
-					#$fwhostsettings{'newrem'}=~ s/,/\|/g;
 					$customgrp{$key}[1]='';
 					$customgrp{$key}[1]=$fwhostsettings{'newrem'};
 				}	
 			}
 			&General::writehasharray("$configgrp", \%customgrp);
 			$fwhostsettings{'update'}='on';
-			#$fwhostsettings{'newrem'}=~ s/\|/,/g;
 			$fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
 	}else{
 		$errormessage=$Lang::tr{'fwhost err remark'};
@@ -1028,21 +1061,21 @@ if ($fwhostsettings{'ACTION'} eq 'changegrpremark')
 if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
 {
 	&General::readhasharray("$configsrvgrp", \%customservicegrp );
-	if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && &validremark($fwhostsettings{'newsrvrem'})){
+	if ($fwhostsettings{'oldsrvrem'} ne $fwhostsettings{'newsrvrem'} && (&validremark($fwhostsettings{'newsrvrem'}) || $fwhostsettings{'newsrvrem'} eq '')){
 		foreach my $key (sort keys %customservicegrp)
 			{
-				#$customservicegrp{$key}[1]=~ s/\|/,/g;
 				if($customservicegrp{$key}[0] eq $fwhostsettings{'srvgrp'} && $customservicegrp{$key}[1] eq $fwhostsettings{'oldsrvrem'})
 				{
-					#$fwhostsettings{'newsrvrem'}=~ s/,/|/g;
 					$customservicegrp{$key}[1]='';
 					$customservicegrp{$key}[1]=$fwhostsettings{'newsrvrem'};
 				}	
 			}
 			&General::writehasharray("$configsrvgrp", \%customservicegrp);
 			$fwhostsettings{'updatesrvgrp'}='on';
-			#$fwhostsettings{'newsrvrem'}=~ s/\|/,/g;
 			$fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'newsrvrem'};
+	}elsif($fwhostsettings{'oldsrvrem'} eq $fwhostsettings{'newsrvrem'}){
+		&addservicegrp;
+		&viewtableservicegrp;
 	}else{
 		$errormessage=$Lang::tr{'fwhost err remark'};
 		$fwhostsettings{'SRVGRP_REMARK'}=$fwhostsettings{'oldsrvrem'};
@@ -1053,29 +1086,67 @@ if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
 	&addservicegrp;
 	&viewtableservicegrp;
 }
+if ($fwhostsettings{'ACTION'} eq 'changesrvgrpname')
+{
+	&General::readhasharray("$configsrvgrp", \%customservicegrp );
+	if ($fwhostsettings{'oldsrvgrpname'} ne $fwhostsettings{'srvgrp'}){
+		#Check new groupname
+		if (!&validhostname($fwhostsettings{'srvgrp'})){
+			$errormessage.=$Lang::tr{'fwhost err name'}."<br>";
+		}
+		if (!$errormessage){
+			#Rename group in customservicegroup
+			foreach my $key (keys %customservicegrp) {
+				if($customservicegrp{$key}[0] eq $fwhostsettings{'oldsrvgrpname'}){
+					$customservicegrp{$key}[0]=$fwhostsettings{'srvgrp'};
+				}
+			}
+			&General::writehasharray("$configsrvgrp", \%customservicegrp );
+			#change name in FW Rules
+			&changenameinfw($fwhostsettings{'oldsrvgrpname'},$fwhostsettings{'srvgrp'},15);
+		}
+	}
+	&addservicegrp;
+	&viewtableservicegrp;
+}
+if ($fwhostsettings{'ACTION'} eq 'changegrpname')
+{
+	&General::readhasharray("$configgrp", \%customgrp );
+	if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
+		#Check new groupname
+		if (!&validhostname($fwhostsettings{'grp'})){
+			$errormessage.=$Lang::tr{'fwhost err name'}."<br>";
+		}
+		if (!$errormessage){
+			#Rename group in customservicegroup
+			foreach my $key (keys %customgrp) {
+				if($customgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
+					$customgrp{$key}[0]=$fwhostsettings{'grp'};
+				}
+			}
+			&General::writehasharray("$configgrp", \%customgrp );
+			#change name in FW Rules
+			&changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
+		}
+	}
+	&addgrp;
+	&viewtablegrp;
+}
 ###  VIEW  ###
 if($fwhostsettings{'ACTION'} eq '')
 {
 	&showmenu;
 }
 ###  FUNCTIONS  ###
-sub showmenu
-{
-	
+sub showmenu {
 	&Header::openbox('100%', 'left',$Lang::tr{'fwhost menu'});
+	print "$Lang::tr{'fwhost welcome'}";
 	print<<END;
-	<table border='0' width='100%'><form method='post'>
-	<tr><td><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' /></td>
-	<td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}' /><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}' /></td></tr>
-	<tr><td colspan='6'><hr></hr></td>
+	<br><br><table border='0' width='100%'>
+	<tr><td><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' ></form></td>
+	<td align='right'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}' ></form></td></tr>
+	<tr><td colspan='6'><hr></td></tr></table>
 END
-	
-		
-	if (-f "${General::swroot}/fwhosts/reread"){
-		print "</tr><tr><td colspan='6'><input type='submit' name='ACTION' value='$Lang::tr{'fwdfw reread'}' style='font-face: Comic Sans MS; color: red; font-weight: bold;' >$Lang::tr{'fwhost reread'}</td>";
-	}
-		print"</tr></table></form>";	
-
 	&Header::closebox();
 	
 }
@@ -1086,18 +1157,22 @@ sub addnet
 	&showmenu;
 	&Header::openbox('100%', 'left', $Lang::tr{'fwhost addnet'});
 	$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
+	$fwhostsettings{'orgnetremark'}=$fwhostsettings{'NETREMARK'};
 	print<<END;
-	<table border='0' width='100%'><form method='post' style='display:inline'  >
-	<tr><td>$Lang::tr{'name'}:</td><td><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'}><script>document.getElementById('textbox1').focus()</script></td><td>$Lang::tr{'fwhost netaddress'}</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='14'></td><td align='right'>$Lang::tr{'netmask'}:</td><td align='right'><input type='TEXT' name='SUBNET' value='$fwhostsettings{'SUBNET'}' $fwhostsettings{'BLK_IP'} size='14'></td></tr>
-	<tr><td colspan='6'><hr></hr></td></tr><tr>
+	<table border='0' width='100%' >
+	<tr><td width='15%'>$Lang::tr{'name'}:</td><td><form method='post'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
+	<tr><td>$Lang::tr{'fwhost netaddress'}:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
+	<tr><td>$Lang::tr{'netmask'}:</td><td><input type='TEXT' name='SUBNET' value='$fwhostsettings{'SUBNET'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='15'></td></tr>
+	<tr><td>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='NETREMARK' value='$fwhostsettings{'NETREMARK'}' style='width: 98.5%;'></td></tr>
+	<tr><td colspan='6'><br><hr></td></tr><tr>
 END
 	if ($fwhostsettings{'ACTION'} eq 'editnet' || $fwhostsettings{'error'} eq 'on')
 	{
-		print "<td colspan='6' align='right' ><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='updatenet'><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newnet' value='$fwhostsettings{'newnet'}'>";
+		print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='updatenet'><input type='hidden' name='orgnetremark' value='$fwhostsettings{'orgnetremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newnet' value='$fwhostsettings{'newnet'}'>";
 	}else{
-		print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='savenet'><input type='hidden' name='newnet' value='on'>";
-	}	
-	print "</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resetnet'></td></tr></table></form>";
+		print "<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='savenet'><input type='hidden' name='newnet' value='on'>";
+	}
+	print "</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resetnet'></form></td></tr></table>";
 	&Header::closebox();
 }
 sub addhost
@@ -1106,26 +1181,23 @@ sub addhost
 	&showmenu;
 	&Header::openbox('100%', 'left', $Lang::tr{'fwhost addhost'});
 	$fwhostsettings{'orgname'}=$fwhostsettings{'HOSTNAME'};
+	$fwhostsettings{'orgremark'}=$fwhostsettings{'HOSTREMARK'};
 	print<<END;
-	<table border='0' width='100%'><form method='post' style='display:inline'>
-	<tr><td>$Lang::tr{'name'}:</td><td width='35%'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} ><script>document.getElementById('textbox1').focus()</script></td><td><select name='type'>
-END
-	if ($fwhostsettings{'type'} eq 'ip'){print "<option value='ip' selected >IP</option>";}else{print "<option value='ip' >IP</option>";}
-	if ($fwhostsettings{'type'} eq 'mac'){print "<option value='mac' selected >MAC</option>";}else{print "<option value='mac' >MAC</option>";}
-	print<<END;
-	</option></select></td><td align='right' width='15%'>IP/MAC:</td><td align='right'><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} ></td></tr>
-	<tr><td colspan='7'><br><br><b>$Lang::tr{'fwhost attention'}</b><br>$Lang::tr{'fwhost macwarn'}</td></tr>
-	<tr><td colspan='7'><hr></hr></td></tr>
+	<table border='0' width='100%'>
+	<tr><td>$Lang::tr{'name'}:</td><td><form method='post' style='display:inline;'><input type='TEXT' name='HOSTNAME' id='textbox1' value='$fwhostsettings{'HOSTNAME'}' $fwhostsettings{'BLK_HOST'} size='20'><script>document.getElementById('textbox1').focus()</script></td></tr>
+	<tr><td>IP/MAC:</td><td><input type='TEXT' name='IP' value='$fwhostsettings{'IP'}' $fwhostsettings{'BLK_IP'} size='20' maxlength='17'></td></tr>
+	<tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='HOSTREMARK' value='$fwhostsettings{'HOSTREMARK'}' style='width:98%;'></td></tr>
+	<tr><td colspan='5'><hr></td></tr><tr>
 END
 
 	if ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'} eq 'on')
 	{
 		
-		print "	<td colspan='6' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='updatehost'><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newhost' value='$fwhostsettings{'newhost'}'></form>";
+		print "	<td colspan='4' align='right'><input type='submit' value='$Lang::tr{'update'}' style='min-width:100px;'/><input type='hidden' name='ACTION' value='updatehost'><input type='hidden' name='orgremark' value='$fwhostsettings{'orgremark'}' ><input type='hidden' name='orgname' value='$fwhostsettings{'orgname'}' ><input type='hidden' name='update' value='on'><input type='hidden' name='newhost' value='$fwhostsettings{'newhost'}'></form>";
 	}else{
-		print "	<td colspan='6' align='right'><input type='submit' name='savehost' value='$Lang::tr{'save'}'style='min-width:100px;' /><input type='hidden' name='ACTION' value='savehost' /><input type='hidden' name='newhost' value='on'>";
+		print "	<td colspan='4' align='right'><input type='submit' name='savehost' value='$Lang::tr{'save'}' style='min-width:100px;' /><input type='hidden' name='ACTION' value='savehost' /><input type='hidden' name='newhost' value='on'>";
 	}	
-	print "	</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resethost'></td></tr></table></form>";
+	print "	</form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;' ><input type='hidden' name='ACTION' value='resethost'></form></td></tr></table>";
 	&Header::closebox();
 }
 sub addgrp
@@ -1135,125 +1207,139 @@ sub addgrp
 	&showmenu;
 	&Header::openbox('100%', 'left', $Lang::tr{'fwhost addgrp'});
 	&General::setup_default_networks(\%defaultNetworks);
+	&General::readhasharray("$configccdnet", \%ccdnet);
+	&General::readhasharray("$confignet", \%customnetwork);
+	&General::readhasharray("$configccdhost", \%ccdhost);
+	&General::readhasharray("$confighost", \%customhost);
+	&General::readhasharray("$configipsec", \%ipsecconf);
+
 	my %checked=();
+	my $show='';
 	$checked{'check1'}{'off'} = '';
 	$checked{'check1'}{'on'} = '';
 	$checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
 	$fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
+	$fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
 	my $grp=$fwhostsettings{'grp_name'};
 	my $rem=$fwhostsettings{'remark'};
 		if ($fwhostsettings{'update'} eq ''){   
 			print<<END;
-			<table width='100%' border='0'><form method='post'>
-			<tr><td>$Lang::tr{'fwhost addgrpname'}</td><td><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}'></td><td>$Lang::tr{'remark'}:</td><td width='1%'><input type='TEXT' name='remark' size='35' value='$fwhostsettings{'remark'}'></tr>
-			<tr><td colspan='5'><hr></td></tr></table>
+			<table width='100%' border='0'>
+			<tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='20'></td></tr>
+			<tr><td width='10%'>$Lang::tr{'remark'}:</td><td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 98%;'></td></tr>
+			<tr><td colspan='2'><br><hr></td></tr></table>
 END
 		}else{
 			print<<END;
 			<table width='100%' border='0'><form method='post' style='display:inline'>
-			<tr><td nowrap='nowrap' width='12%'>$Lang::tr{'fwhost addgrpname'}</td><td><input type='TEXT' name='grp'  value='$fwhostsettings{'grp_name'}' readonly ></td><td>$Lang::tr{'remark'}:</td><td><input type='TEXT' name='newrem' size='35' value='$fwhostsettings{'remark'}'></td><td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td></tr></table></form>
+			<tr><td nowrap='nowrap' width='12%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='TEXT' name='grp'  value='$fwhostsettings{'grp_name'}' ></td><td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'><input type='hidden' name='ACTION' value='changegrpname'></td><td></td></form></tr>
+			<tr><form method='post' style='display:inline'><td>$Lang::tr{'remark'}:</td><td colspan='2'><input type='TEXT' name='newrem' size='45' value='$fwhostsettings{'remark'}' style='width:98%'></td><td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='ACTION' value='changegrpremark' ></td></tr></table></form>
 			<hr>
 END
 		}
 		if ($fwhostsettings{'update'} eq 'on'){
 			print<<END;
-			<form method='post'><input type='hidden' name='remark' value='$rem'><input type='hidden' name='grp_name' value='$grp'><table width='100%' border='0'><tr><td width='1%'><input type='radio' name='grp2' value='std_net'  checked></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost stdnet'}</td><td><select name='DEFAULT_SRC_ADR' style='min-width:185px;'>
+			<form method='post'><input type='hidden' name='remark' value='$rem'><input type='hidden' name='grp_name' value='$grp'>
+			<table width='100%' border='0'>
+			<tr><td width=50% valign='top'>
+			<table width='100%' border='0'>
+			<tr><td width='1%'><input type='radio' name='grp2' value='std_net' id='DEFAULT_SRC_ADR' checked></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost stdnet'}</td><td><select name='DEFAULT_SRC_ADR' style='min-width:185px;'>
 END
 			foreach my $network (sort keys %defaultNetworks)
 			{
 				next if($defaultNetworks{$network}{'LOCATION'} eq "IPCOP");
-				next if($defaultNetworks{$network}{'NAME'} eq "RED");
+				next if($defaultNetworks{$network}{'NAME'} eq "IPFire");
 				print "<option value='$defaultNetworks{$network}{'NAME'}'";
 				print " selected='selected'" if ($fwhostsettings{'DEFAULT_SRC_ADR'} eq $defaultNetworks{$network}{'NAME'});
-				print ">$network</option>";
+				my $defnet="$defaultNetworks{$network}{'NAME'}_NETADDRESS";
+				my $defsub="$defaultNetworks{$network}{'NAME'}_NETMASK";
+				my $defsub1=&General::subtocidr($ownnet{$defsub});
+				$ownnet{$defnet}='' if ($defaultNetworks{$network}{'NAME'} eq 'RED');
+				if ($ownnet{$defnet}){
+					print ">$network ($ownnet{$defnet}/$defsub1)</option>";
+				}else{
+					print ">$network</option>";
+				}
 			}
-			print<<END;
-			</select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_net'  $checked{'grp2'}{'ovpn_net'}></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost ccdnet'}</td><td nowrap='nowrap' width='1%'><select name='OVPN_CCD_NET' style='min-width:185px;'>
-END
-			&General::readhasharray("$configccdnet", \%ccdnet);
-			foreach my $key (sort { uc($ccdnet{$a}[0]) cmp uc($ccdnet{$b}[0]) }  keys %ccdnet)
-			{
-				print"<option value='$ccdnet{$key}[0]'>$ccdnet{$key}[0]</option>";
+			print"</select></td></tr>";
+			if (! -z $confignet){
+				print"<tr><td><input type='radio' name='grp2' id='CUST_SRC_NET' value='cust_net' $checked{'grp2'}{'cust_net'}></td><td>$Lang::tr{'fwhost cust net'}</td><td><select name='CUST_SRC_NET' style='min-width:185px;'>";
+				foreach my $key (sort { ncmp($customnetwork{$a}[0],$customnetwork{$b}[0]) } keys  %customnetwork) {
+					print"<option>$customnetwork{$key}[0]</option>";
+				}
+				print"</select></td></tr>";
 			}
-			print<<END;
-			</select></td></tr>
-			<tr><td><input type='radio' name='grp2' value='cust_net' $checked{'grp2'}{'cust_net'}></td><td>$Lang::tr{'fwhost cust net'}</td><td><select name='CUST_SRC_NET' style='min-width:185px;'>
-END
-			&General::readhasharray("$confignet", \%customnetwork);
-			foreach my $key (sort { uc($customnetwork{$a}[0]) cmp uc($customnetwork{$b}[0]) } keys  %customnetwork) {
-				print"<option>$customnetwork{$key}[0]</option>";
+			if (! -z $confighost){
+				print"<tr><td valign='top'><input type='radio' name='grp2' id='CUST_SRC_HOST' value='cust_host' $checked{'grp2'}{'cust_host'}></td><td valign='top'>$Lang::tr{'fwhost cust addr'}</td><td><select name='CUST_SRC_HOST' style='min-width:185px;'>";
+				foreach my $key (sort { ncmp($customhost{$a}[0],$customhost{$b}[0]) } keys %customhost) {
+					print"<option>$customhost{$key}[0]</option>";
+				}
+				print"</select></td></tr>";
+			}
+			print"</table>";
+			#Inner table right
+			print"</td><td valign='top'><table width='100%' border='0'>";
+			#OVPN networks
+			if (! -z $configccdnet){
+				print"<td width='1%'><input type='radio' name='grp2' id='OVPN_CCD_NET' value='ovpn_net'  $checked{'grp2'}{'ovpn_net'}></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost ccdnet'}</td><td nowrap='nowrap' width='1%'><select name='OVPN_CCD_NET' style='min-width:185px;'>";
+				foreach my $key (sort { ncmp($ccdnet{$a}[0],$ccdnet{$b}[0]) }  keys %ccdnet)
+				{
+					print"<option value='$ccdnet{$key}[0]'>$ccdnet{$key}[0]</option>";
+				}
+				print"</select></td></tr>";
 			}
-			print<<END;
-			</select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost ccdhost'}</td><td nowrap='nowrap' width='1%'><select name='OVPN_CCD_HOST' style='min-width:185px;'>
-END
-			&General::readhasharray("$configccdhost", \%ccdhost);
-			foreach my $key (sort { uc($ccdhost{$a}[0]) cmp uc($ccdhost{$b}[0]) } keys %ccdhost)
+			#OVPN clients
+			foreach my $key (sort { ncmp($ccdhost{$a}[0],$ccdhost{$b}[0]) } keys %ccdhost)
 			{
 				if ($ccdhost{$key}[33] ne ''){
+					print"<td width='1%'><input type='radio' name='grp2' value='ovpn_host' $checked{'grp2'}{'ovpn_host'}></td><td nowrap='nowrap' width='16%'>$Lang::tr{'fwhost ccdhost'}</td><td nowrap='nowrap' width='1%'><select name='OVPN_CCD_HOST' style='min-width:185px;'>" if ($show eq '');
+					$show='1';
 					print"<option value='$ccdhost{$key}[1]'>$ccdhost{$key}[1]</option>";
 				}
 			}
-			print<<END;
-			</select></td></tr>
-			<tr><td valign='top'><input type='radio' name='grp2' value='cust_host' $checked{'grp2'}{'cust_host'}></td><td valign='top'>$Lang::tr{'fwhost cust addr'}</td><td><select name='CUST_SRC_HOST' style='min-width:185px;'>
-END
-			&General::readhasharray("$confighost", \%customhost);
-			foreach my $key (sort { uc($customhost{$a}[0]) cmp uc($customhost{$b}[0]) } keys %customhost) {
-				print"<option>$customhost{$key}[0]</option>";
-			}
-			print<<END;
-			</select></td><td width='1%'><input type='radio' name='grp2' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}></td><td valign='top'>$Lang::tr{'fwhost ovpn_n2n'}</td><td colspan='3'><select name='OVPN_N2N' style='min-width:185px;'>
-END
-			&General::readhasharray("$configccdhost", \%ccdhost);
-			foreach my $key (sort { uc($ccdhost{$a}[0]) cmp uc($ccdhost{$b}[0]) } keys %ccdhost) {
+			if ($show eq '1'){$show='';print"</select></td></tr>";}
+			#OVPN n2n networks
+			foreach my $key (sort { ncmp($ccdhost{$a}[1],$ccdhost{$b}[1]) } keys %ccdhost) {
 				if($ccdhost{$key}[3] eq 'net'){
+					print"<td width='1%'><input type='radio' name='grp2' id='OVPN_N2N' value='ovpn_n2n' $checked{'grp2'}{'ovpn_n2n'}></td><td valign='top'>$Lang::tr{'fwhost ovpn_n2n'}</td><td colspan='3'><select name='OVPN_N2N' style='min-width:185px;'>" if ($show eq '');
+					$show='1';
 					print"<option>$ccdhost{$key}[1]</option>";
 				}
 			}
-			print<<END;
-			</select></td></tr>
-			<tr><td colspan='3'></td><td valign='top'><input type='radio' name='grp2' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}></td><td valign='top'>$Lang::tr{'fwhost ipsec net'}</td><td><select name='IPSEC_NET' style='min-width:185px;'>
-END
-			&General::readhasharray("$configipsec", \%ipsecconf);
-			foreach my $key (sort { uc($ipsecconf{$a}[0]) cmp uc($ipsecconf{$b}[0]) } keys %ipsecconf) {
+			if ($show eq '1'){$show='';print"</select></td></tr>";}
+			#IPsec networks
+			foreach my $key (sort { ncmp($ipsecconf{$a}[0],$ipsecconf{$b}[0]) } keys %ipsecconf) {
 				if ($ipsecconf{$key}[3] eq 'net'){
+					print"<td valign='top'><input type='radio' name='grp2' id='IPSEC_NET' value='ipsec_net' $checked{'grp2'}{'ipsec_net'}></td><td valign='top'>$Lang::tr{'fwhost ipsec net'}</td><td><select name='IPSEC_NET' style='min-width:185px;'>" if ($show eq '');
+					$show='1';
 					print"<option value='$ipsecconf{$key}[1]'>$ipsecconf{$key}[1]</option>";
 				}
 			}
-			print<<END;
-			</select></td></tr></table>
-END
-#			<td colspan='3'></td><td valign='top'><input type='radio' name='grp2' value='ipsec_host' $checked{'grp2'}{'ipsec_host'}></td><td valign='top'>$Lang::tr{'fwhost ipsec host'}</td><td><select name='IPSEC_HOST' style='min-width:185px;'>
-#END
-#			&General::readhasharray("$configipsec", \%ipsecconf);
-#			foreach my $key (sort { uc($ipsecconf{$a}[0]) cmp uc($ipsecconf{$b}[0]) } keys %ipsecconf) {
-#				if ($ipsecconf{$key}[3] eq 'host'){
-#					print"<option>$ipsecconf{$key}[1]</option>";
-#				}
-#			}
-#			print<<END;
-#			</select></td></tr>
-#			<tr>
-			print"<br><br><b>$Lang::tr{'fwhost attention'}:</b><br>	$Lang::tr{'fwhost macwarn'}<br><hr>";
-		}
-			print"<table border='0' width='100%'>";
-			print"<tr><td align='right'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=$fwhostsettings{'update'} ><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value'reset'></td></td></table></form>";
+			if ($show eq '1'){$show='';print"</select></td></tr>";}
+			print"</table>";
+			print"</td></tr></table>";
+			print"<br><br><hr>";
+		}
+		print"<table border='0' width='100%'>";
+		print"<tr><td align='right'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=\"$fwhostsettings{'update'}\"><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='resetgrp'></form></td></table>";
 	&Header::closebox();
 }
 sub addservice
 {
 	&error;
 	&showmenu;
-	&Header::openbox('100%', 'left', $Lang::tr{'fwhost newservice'});
+	&Header::openbox('100%', 'left', $Lang::tr{'fwhost addservice'});
 	if ($fwhostsettings{'updatesrv'} eq 'on')
 	{
 		$fwhostsettings{'oldsrvname'} = $fwhostsettings{'SRV_NAME'};
 		$fwhostsettings{'oldsrvport'} = $fwhostsettings{'SRV_PORT'};
 		$fwhostsettings{'oldsrvprot'} = $fwhostsettings{'PROT'};
+		$fwhostsettings{'oldsrvicmp'} = $fwhostsettings{'ICMP'};
 	}
 	print<<END;
 	<table width='100%' border='0'><form method='post'>
-	<tr><td width='1%' nowrap='nowrap'>$Lang::tr{'fwhost srv_name'}:</td><td width='1%' nowrap='nowrap'><input type='text' name='SRV_NAME' id='textbox1' value='$fwhostsettings{'SRV_NAME'}'><script>document.getElementById('textbox1').focus()</script></td><td width='1%' nowrap='nowrap'>$Lang::tr{'fwhost prot'}:</td><td><select name='PROT'>
+	<tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost srv_name'}:</td><td><input type='text' name='SRV_NAME' id='textbox1' value='$fwhostsettings{'SRV_NAME'}' size='24'><script>document.getElementById('textbox1').focus()</script></td></tr>
+	<tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost prot'}:</td><td><select name='PROT' id='protocol' >
 END
 	foreach ("TCP","UDP","ICMP")
 	{
@@ -1265,18 +1351,22 @@ END
 		}
 	}
 	print<<END;
-	</select></td><td>$Lang::tr{'fwhost port'}:</td><td><input type='text' name='SRV_PORT' value='$fwhostsettings{'SRV_PORT'}' maxlength='11' size='9'></td></tr>
-	<tr><td></td><td></td><td nowrap='nowrap'>$Lang::tr{'fwhost icmptype'}</td><td colspan='4'><select name='ICMP_TYPES'>
+	</select></td></tr></table>
+	<div id='PROTOKOLL' class='noscript'><table width=100%' border='0'><tr><td width='10%' nowrap='nowrap'>$Lang::tr{'fwhost icmptype'}</td><td><select name='ICMP_TYPES'>
 END
 	&General::readhasharray("${General::swroot}/fwhosts/icmp-types", \%icmptypes);
-	print"<option>All ICMP-Types</option>";
-	foreach my $key (sort { uc($icmptypes{$a}[0]) cmp uc($icmptypes{$b}[0]) }keys %icmptypes){
-		print"<option>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
+	print"<option value='All ICMP-Types'>$Lang::tr{'fwdfw all icmp'}</option>";
+	foreach my $key (sort { ncmp($icmptypes{$a}[0],$icmptypes{$b}[0]) }keys %icmptypes){
+		if ($icmptypes{$key}[0] eq $fwhostsettings{'oldsrvicmp'}){
+			print"<option selected>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
+		}else{
+			print"<option>$icmptypes{$key}[0] ($icmptypes{$key}[1])</option>";
+		}
 	}
-	
 	print<<END;
-	</select></td>
-	<tr><td colspan='6'><hr></td></tr>
+	</select></td></tr></table></div>
+	<div id='PORT' class='noscript'><table width='100%' border='0'><tr><td width='10%'>$Lang::tr{'fwhost port'}:</td><td><input type='text' name='SRV_PORT' value='$fwhostsettings{'SRV_PORT'}' maxlength='11' size='24'></td></tr></table></div>
+	<table width='100%' border='0'><tr><td colspan='6'><br><hr></td></tr>
 	<tr><td colspan='6' align='right'>
 END
 	if ($fwhostsettings{'updatesrv'} eq 'on')
@@ -1286,17 +1376,16 @@ END
 		<input type='hidden' name='ACTION' value='updateservice'>
 		<input type='hidden' name='oldsrvname' value='$fwhostsettings{'oldsrvname'}'>
 		<input type='hidden' name='oldsrvport' value='$fwhostsettings{'oldsrvport'}'>
-		<input type='hidden' name='oldsrvprot' value='$fwhostsettings{'oldsrvprot'}'></form>
+		<input type='hidden' name='oldsrvprot' value='$fwhostsettings{'oldsrvprot'}'>
+		<input type='hidden' name='oldsrvicmp' value='$fwhostsettings{'oldsrvicmp'}'>
+		</form>
 END
-		
-	}else{	
+	}else{
 		print"<input type='submit' value='$Lang::tr{'save'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='saveservice'></form>";
 	}
 	print<<END;
 	<form style='display:inline;' method='post'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'></form></td></tr>
 	</table></form>
-	
-	
 END
 	&Header::closebox();
 	&viewtableservice;
@@ -1306,36 +1395,50 @@ sub addservicegrp
 	&hint;
 	&error;
 	&showmenu;
-	&Header::openbox('100%', 'left', $Lang::tr{'fwhost newservicegrp'});
+	&Header::openbox('100%', 'left', $Lang::tr{'fwhost addservicegrp'});
 	$fwhostsettings{'oldsrvgrpremark'}=$fwhostsettings{'SRVGRP_REMARK'};
+	$fwhostsettings{'oldsrvgrpname'}=$fwhostsettings{'SRVGRP_NAME'};
 	if ($fwhostsettings{'updatesrvgrp'} eq ''){
 		print<<END;
 		<table width='100%' border='0'><form method='post'>
-		<tr><td>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'></td><td>$Lang::tr{'remark'}:</td><td width='1%'><input type='text' name='SRVGRP_REMARK' size='35' value='$fwhostsettings{'SRVGRP_REMARK'}'></td></tr>
-		<tr><td colspan='4'><hr></td></td></tr>
+		<tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}' size='24'></td></tr>
+		<tr><td width='10%'>$Lang::tr{'remark'}:</td><td><input type='text' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}' style='width: 98%;'></td></tr>
+		<tr><td colspan='2'><br><hr></tr>
 		</table>
 END
 	}else{
 		print<<END;
 		<table width='100%' border='0'><form method='post' style='display:inline'>
-		<tr><td>$Lang::tr{'fwhost addgrpname'}</td><td><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' readonly ></td><td>$Lang::tr{'remark'}:</td><td width='1%'><input type='text' name='newsrvrem' size='35' value='$fwhostsettings{'SRVGRP_REMARK'}'></td><td><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='changesrvgrpremark' ></td></tr>
-		<tr><td colspan='5'><hr></td></td></tr>
+		<tr><td width='10%'>$Lang::tr{'fwhost addgrpname'}</td><td width='20%'><input type='text' name='srvgrp' value='$fwhostsettings{'SRVGRP_NAME'}' size='14'></td><td align='left'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvgrpname' value='$fwhostsettings{'oldsrvgrpname'}'><input type='hidden' name='ACTION' value='changesrvgrpname'></td><td width='3%'></td></form></tr>
+		<tr><form method='post'><td width='10%'>$Lang::tr{'remark'}:</td><td colspan='2'><input type='text' name='newsrvrem'  value='$fwhostsettings{'SRVGRP_REMARK'}' style='width:98%;'></td><td align='right'><input type='submit' value='$Lang::tr{'fwhost change'}'><input type='hidden' name='oldsrvrem' value='$fwhostsettings{'oldsrvgrpremark'}'><input type='hidden' name='ACTION' value='changesrvgrpremark' ></td></tr>
+		<tr><td colspan='4'><br><hr></td></td></tr>
 		</table></form>
 END
 	}
 	if($fwhostsettings{'updatesrvgrp'} eq 'on'){
 	print<<END;
 	<form method='post'><input type='hidden' name='SRVGRP_REMARK' value='$fwhostsettings{'SRVGRP_REMARK'}'><input type='hidden' name='SRVGRP_NAME' value='$fwhostsettings{'SRVGRP_NAME'}'><table border='0' width='100%'>
-	<tr><td width='1%' nowrap='nowrap'>$Lang::tr{'fwhost cust service'}</td><td><select name='CUST_SRV' style='min-width:185px;'>
+	<tr><td width='1%' nowrap='nowrap'>$Lang::tr{'add'}</td><td><select name='CUST_SRV' style='min-width:185px;'>
 END
 	&General::readhasharray("$configsrv", \%customservice);
-	foreach my $key (sort { uc($customservice{$a}[0]) cmp uc($customservice{$b}[0])||  $a <=> $b } keys %customservice)
+	#Protocols for use in servicegroups
+	print "<optgroup label='$Lang::tr{'fwhost cust service'}'>";
+	foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0]) } keys %customservice)
 	{
 		print "<option>$customservice{$key}[0]</option>";
 	}
+	print "</optgroup>";
+	print "<optgroup label='$Lang::tr{'protocol'}'>";
+	print "<option>GRE</option>";
+	print "<option>AH</option>";
+	print "<option>ESP</option>";
+	print "<option>IGMP</option>";
+	print "<option>IPIP</option>";
+	print "<option value='IPV6'>IPv6 encap</option>";
+	print "</optgroup>";
 	print<<END;
 	</select></td></tr>
-	<tr><td colspan='4'><br><br><br></td></tr>
+	<tr><td colspan='4'><br><br></td></tr>
 	<tr><td colspan='4'><hr></td></tr>
 	</table>
 END
@@ -1353,40 +1456,51 @@ sub viewtablenet
 	if(! -z $confignet){
 		&Header::openbox('100%', 'left', $Lang::tr{'fwhost cust net'});
 		&General::readhasharray("$confignet", \%customnetwork);
+		&General::readhasharray("$configgrp", \%customgrp);
+		&General::readhasharray("$fwconfigfwd", \%fwfwd);
+		&General::readhasharray("$fwconfiginp", \%fwinp);
+		&General::readhasharray("$fwconfigout", \%fwout);
 		if (!keys %customnetwork) 
 		{ 
 			print "<center><b>$Lang::tr{'fwhost empty'}</b>"; 
 		}else{
 			print<<END;
-			<table border='0' width='100%'>
-			<tr><td align='center'><b>$Lang::tr{'name'}</td><td align='center'><b>$Lang::tr{'fwhost netaddress'}</td><td align='center'><b>$Lang::tr{'netmask'}</td><td align='center'><b>$Lang::tr{'used'}</td><td></td><td width='3%'></td></tr>
+			<table width='100%' cellspacing='0' class='tbl'>
+			<tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost netaddress'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
 END
 		}
 		my $count=0;
-		foreach my $key (sort {$a <=> $b} keys %customnetwork) {
+		my $col='';
+		foreach my $key (sort {ncmp($a,$b)} keys %customnetwork) {
 			if ($fwhostsettings{'ACTION'} eq 'editnet' && $fwhostsettings{'HOSTNAME'} eq $customnetwork{$key}[0]) {
-				print" <tr bgcolor='${Header::colouryellow}'>";
+				print" <tr>";
+				$col="bgcolor='${Header::colouryellow}'";
 			}elsif ($count % 2)
 			{ 
-				print" <tr bgcolor='$color{'color22'}'>";
+				$col="bgcolor='$color{'color20'}'";
+				print" <tr>";# bgcolor='$color{'color20'}'>";
 			}else
 			{
-				print" <tr bgcolor='$color{'color20'}'>";
+				$col="bgcolor='$color{'color22'}'";
+				print" <tr>";# bgcolor='$color{'color22'}'>";
 			}
+			my $colnet="$customnetwork{$key}[1]/".&General::subtocidr($customnetwork{$key}[2]);
+			my $netcount=&getnetcount($customnetwork{$key}[0]);
+			print"<td width='20%' $col><form method='post'>$customnetwork{$key}[0]</td><td width='15%' align='center' $col>".&Header::colorize($colnet)."</td><td width='40%' $col>$customnetwork{$key}[3]</td><td align='center' $col>$netcount x</td>";
 			print<<END;
-			<td width='40%'><form method='post'>$customnetwork{$key}[0]</td><td width=25%'>$customnetwork{$key}[1]</td><td width='25%'>$customnetwork{$key}[2]</td><td align='center'>$customnetwork{$key}[3]x</td>
-			<td width='1%'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
+			<td width='1%' $col><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
 			<input type='hidden' name='ACTION' value='editnet'>
 			<input type='hidden' name='HOSTNAME' value='$customnetwork{$key}[0]' />
 			<input type='hidden' name='IP' value='$customnetwork{$key}[1]' />
 			<input type='hidden' name='SUBNET' value='$customnetwork{$key}[2]' />
+			<input type='hidden' name='NETREMARK' value='$customnetwork{$key}[3]' />
 			</td></form>
 END
-			if($customnetwork{$key}[3] == '0')
+			if($netcount == '0')
 			{
-				print"<td width='1%'><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delnet' /><input type='hidden' name='key' value='$customnetwork{$key}[0]' /></td></form></tr>";
+				print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delnet' /><input type='hidden' name='key' value='$customnetwork{$key}[0]' /></td></form></tr>";
 			}else{
-				print"<td></td></form></tr>";
+				print"<td $col></td></tr>";
 			}
 			$count++;
 		}
@@ -1395,42 +1509,106 @@ END
 	}	
 
 }
+sub getcolor
+{
+		my $c=shift;
+		#Check if IP is part of OpenVPN N2N subnet
+		foreach my $key (sort keys %ccdhost){
+			if ($ccdhost{$key}[3] eq 'net'){
+				my ($a,$b) = split("/",$ccdhost{$key}[11]);
+				if (&General::IpInSubnet($c,$a,$b)){
+					$tdcolor="style='color:$Header::colourovpn ;'";
+					return $tdcolor;
+				}
+			}
+		}
+		#Check if IP is part of OpenVPN dynamic subnet
+		my ($a,$b) = split("/",$ovpnsettings{'DOVPN_SUBNET'});
+		if (&General::IpInSubnet($c,$a,$b)){
+			$tdcolor="style='color: $Header::colourovpn;'";
+			return $tdcolor;
+		}
+		#Check if IP is part of OpenVPN static subnet
+		foreach my $key (sort keys %ccdnet){
+			my ($a,$b) = split("/",$ccdnet{$key}[1]);
+			$b =&General::iporsubtodec($b);
+			if (&General::IpInSubnet($c,$a,$b)){
+				$tdcolor="style='color: $Header::colourovpn;'";
+				return $tdcolor;
+			}
+		}
+		#Check if IP is part of IPsec RW network
+		if ($ipsecsettings{'RW_NET'} ne ''){
+			my ($a,$b) = split("/",$ipsecsettings{'RW_NET'});
+			$b=&General::iporsubtodec($b);
+			if (&General::IpInSubnet($c,$a,$b)){
+				$tdcolor="style='color: $Header::colourvpn;'";
+				return $tdcolor;
+			}
+		}
+		#Check if IP is part of a IPsec N2N network
+		foreach my $key (sort keys %ipsecconf){
+			my ($a,$b) = split("/",$ipsecconf{$key}[11]);
+			if (&General::IpInSubnet($c,$a,$b)){
+				$tdcolor="style='color: $Header::colourvpn;'";
+				return $tdcolor;
+			}
+		}
+		$tdcolor='';
+		return $tdcolor;
+}
 sub viewtablehost
 {
 	if (! -z $confighost){
 		&Header::openbox('100%', 'left', $Lang::tr{'fwhost cust addr'});
 		&General::readhasharray("$confighost", \%customhost);
+		&General::readhasharray("$configccdnet", \%ccdnet);
+		&General::readhasharray("$configccdhost", \%ccdhost);
+		&General::readhasharray("$fwconfigfwd", \%fwfwd);
+		&General::readhasharray("$fwconfiginp", \%fwinp);
+		&General::readhasharray("$fwconfigout", \%fwout);
+		&General::readhasharray("$configgrp", \%customgrp);
 		if (!keys %customhost) 
 		{ 
 			print "<center><b>$Lang::tr{'fwhost empty'}</b>"; 
 		}else{
 		print<<END;
-		<table border='0' width='100%'>
-		<tr><td align='center'><b>$Lang::tr{'name'}</td><td align='center'><b>$Lang::tr{'fwhost ip_mac'}</td><td align='center'><b>$Lang::tr{'used'}</td><td></td><td width='3%'></td></tr>
+		<table width='100%' cellspacing='0' class='tbl'>
+		<tr><th align='center'><b>$Lang::tr{'name'}</b></th><th align='center'><b>$Lang::tr{'fwhost ip_mac'}</b></th><th align='center'><b>$Lang::tr{'remark'}</b></th><th align='center'><b>$Lang::tr{'used'}</b></th><th></th><th width='3%'></th></tr>
 END
 	}
 		my $count=0;
-		foreach my $key (sort { uc($customhost{$a}[0]) cmp uc($customhost{$b}[0])||  $a <=> $b } keys %customhost) {
+		my $col='';
+		foreach my $key (sort { ncmp ($customhost{$a}[0],$customhost{$b}[0])} keys %customhost) {
 			if ( ($fwhostsettings{'ACTION'} eq 'edithost' || $fwhostsettings{'error'}) && $fwhostsettings{'HOSTNAME'} eq $customhost{$key}[0]) {
-				print" <tr bgcolor='${Header::colouryellow}'>";
-			}elsif ($count % 2){ print" <tr bgcolor='$color{'color22'}'>";}
-			else{            print" <tr bgcolor='$color{'color20'}'>";}
+				print" <tr>";
+				$col="bgcolor='${Header::colouryellow}'";
+			}elsif ($count % 2){
+				print" <tr>";
+				$col="bgcolor='$color{'color20'}'";
+			}else{
+				$col="bgcolor='$color{'color22'}'";
+				print" <tr>";
+			}
 			my ($ip,$sub)=split(/\//,$customhost{$key}[2]);
-			$customhost{$key}[3]=~s/\s+//g;
+			$customhost{$key}[4]=~s/\s+//g;
+			my $hostcount=0;
+			$hostcount=&gethostcount($customhost{$key}[0]);
+			print"<td width='20%' $col>$customhost{$key}[0]</td><td width='20%' align='center' $col ".&getcolor($ip).">".&Header::colorize($ip)."</td><td width='50%' align='left' $col>$customhost{$key}[3]</td><td align='center' $col>$hostcount x</td>";
 			print<<END;
-			<td width='40%'><form method='post'>$customhost{$key}[0]</td><td width='50%'>$ip</td><td align='center'>$customhost{$key}[3]x</td>
-			<td width='1%'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
+			<td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} />
 			<input type='hidden' name='ACTION' value='edithost' />
 			<input type='hidden' name='HOSTNAME' value='$customhost{$key}[0]' />
 			<input type='hidden' name='IP' value='$ip' />
 			<input type='hidden' name='type' value='$customhost{$key}[1]' />
-			</td></form>
+			<input type='hidden' name='HOSTREMARK' value='$customhost{$key}[3]' />
+			</form></td>
 END
-			if($customhost{$key}[3] == '0')
+			if($hostcount == '0')
 			{
-				print"<td width='1%'><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delhost' /><input type='hidden' name='key' value='$customhost{$key}[0]' /></td></form></tr>";
+				print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delhost' /><input type='hidden' name='key' value='$customhost{$key}[0]' /></td></form></tr>";
 			}else{
-				print"<td width='1%'></td></tr>";
+				print"<td width='1%' $col></td></tr>";
 			}
 			$count++;
 		}
@@ -1448,6 +1626,9 @@ sub viewtablegrp
 	&General::readhasharray("$configccdnet", \%ccdnet);
 	&General::readhasharray("$confighost", \%customhost);
 	&General::readhasharray("$confignet", \%customnetwork);
+	&General::readhasharray("$fwconfigfwd", \%fwfwd);
+	&General::readhasharray("$fwconfiginp", \%fwinp);
+	&General::readhasharray("$fwconfigout", \%fwout);
 	my @grp=();
 	my $helper='';
 	my $count=1;
@@ -1456,68 +1637,76 @@ sub viewtablegrp
 	my $number;
 	my $delflag;
 	if (!keys %customgrp) 
-	{ 
-		print "<center><b>$Lang::tr{'fwhost empty'}</b>"; 
+	{
+		print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
 	}else{
-		foreach my $key (sort { uc($customgrp{$a}[0]) cmp uc($customgrp{$b}[0]) } sort { uc($customgrp{$a}[2]) cmp uc($customgrp{$b}[2]) } keys %customgrp){
+		foreach my $key (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
 			$count++;
 			if ($helper ne $customgrp{$key}[0]){
 				$delflag='0';
-				foreach my $key1 (sort { uc($customgrp{$a}[0]) cmp uc($customgrp{$b}[0]) } sort { uc($customgrp{$a}[2]) cmp uc($customgrp{$b}[2]) } keys %customgrp){
+				foreach my $key1 (sort { ncmp($customgrp{$a}[0],$customgrp{$b}[0]) } sort { ncmp($customgrp{$a}[2],$customgrp{$b}[2]) } keys %customgrp){
 					if ($customgrp{$key}[0] eq $customgrp{$key1}[0])
 					{
 						$delflag++;
 					}
-					if($delflag > 0){
+					if($delflag > 1){
 						last;
 					}
 				}
 				$number=1;
-				if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost empty'};}
+				if ($customgrp{$key}[2] eq "none"){$customgrp{$key}[2]=$Lang::tr{'fwhost err emptytable'};}
 				$grpname=$customgrp{$key}[0];
 				$remark="$customgrp{$key}[1]";
-				if($count >=2){print"</table>";}
-				print "<br><b><u>$grpname</u></b> &nbsp &nbsp";
+				if($count gt 1){ print"</table>";}
+				print "<br><b><u>$grpname</u></b>&nbsp; &nbsp;";
 				print " <b>$Lang::tr{'remark'}:</b>&nbsp $remark &nbsp " if ($remark ne '');
-				print "<b>$Lang::tr{'used'}:</b> $customgrp{$key}[4]x";
-				if($customgrp{$key}[4] == '0')
+				my $netgrpcount=&getnetcount($grpname);
+				print "<b>$Lang::tr{'used'}:</b> $netgrpcount x";
+				if($netgrpcount == '0')
 				{
 					print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='ACTION' value='delgrp'></form>";
 				}
 				print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} align='right' /><input type='hidden' name='grp_name' value='$grpname' ><input type='hidden' name='remark' value='$remark' ><input type='hidden' name='ACTION' value='editgrp'></form>";
-				print"<table width='100%' style='border: 1px solid  #000000;' rules='none' ><tr><td align='center'><b>Name</b></td><td align='center'><b>$Lang::tr{'ip address'}</b></td><td align='center' width='25%'><b>$Lang::tr{'fwhost type'}</td></tr>";
+				print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'ip address'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost type'}</th><th></th></tr>";
 			}
-			
+			my $col='';
 			if ( ($fwhostsettings{'ACTION'} eq 'editgrp' || $fwhostsettings{'update'} ne '') && $fwhostsettings{'grp_name'} eq $customgrp{$key}[0]) {
-				print" <tr bgcolor='${Header::colouryellow}'>";
+				print" <tr>";
+				$col="bgcolor='${Header::colouryellow}'";
 			}elsif ($count %2 == 0){
-				print"<tr bgcolor='$color{'color22'}'>";
+				print"<tr>";
+				$col="bgcolor='$color{'color22'}'";
 			}else{
-				print"<tr bgcolor='$color{'color20'}'>";
+				print"<tr>";
+				$col="bgcolor='$color{'color20'}'";
 			}
 			my $ip=&getipforgroup($customgrp{$key}[2],$customgrp{$key}[3]);	
-			if ($ip eq ''){print"<tr bgcolor='${Header::colouryellow}'>";}
-			print "<td width='39%'>";
+			if ($ip eq ''){
+				print"<tr>";
+				$col="bgcolor='${Header::colouryellow}'";
+			}
+			print "<td width='39%' align='left' $col>";
 			if($customgrp{$key}[3] eq 'Standard Network'){
 				print &get_name($customgrp{$key}[2])."</td>";
 			}else{
 				print "$customgrp{$key}[2]</td>";
 			}
-			if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost empty'}){
-				print "<td align='center'>$Lang::tr{'fwhost deleted'}</td><td>$customgrp{$key}[3]</td><td width='1%'><form method='post'>";   
+			if ($ip eq '' && $customgrp{$key}[2] ne $Lang::tr{'fwhost err emptytable'}){
+				print "<td align='center' $col>$Lang::tr{'fwhost deleted'}</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
 			}else{
-				print"<td>$ip</td><td>$customgrp{$key}[3]</td><td width='1%'><form method='post'>";
+				my ($colip,$colsub) = split("/",$ip);
+				$ip="$colip/".&General::subtocidr($colsub) if ($colsub);
+				print"<td align='center' $col ".&getcolor($colip).">".&Header::colorize($ip)."</td><td align='center' $col>$customgrp{$key}[3]</td><td width='1%' $col><form method='post'>";
 			}
-			if ($delflag > '1' && $ip ne ''){
+			if ($delflag > 1 && $ip ne ''){
 				print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
 			}
-			print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
+			print"<input type='hidden' name='ACTION' value='deletegrphost'><input type='hidden' name='grpcnt' value='$customgrp{$key}[4]'><input type='hidden' name='update' value='$fwhostsettings{'update'}'><input type='hidden' name='delhost' value='$grpname,$remark,$customgrp{$key}[2],$customgrp{$key}[3]'></form></td></tr>";
 			
 			$helper=$customgrp{$key}[0];
 			$number++;
 		}
 		print"</table>";
-		
 	}
 	&Header::closebox();
 }
@@ -1526,37 +1715,53 @@ sub viewtablegrp
 sub viewtableservice
 {
 	my $count=0;
+	my $srvcount;
 	if(! -z "$configsrv")
 	{
 		&Header::openbox('100%', 'left', $Lang::tr{'fwhost services'});
 		&General::readhasharray("$configsrv", \%customservice);
+		&General::readhasharray("$configsrvgrp", \%customservicegrp);
+		&General::readhasharray("$fwconfigfwd", \%fwfwd);
+		&General::readhasharray("$fwconfiginp", \%fwinp);
+		&General::readhasharray("$fwconfigout", \%fwout);
 		print<<END;
-			<table width='100%' border='0'>
-			<tr><td align='center'><b>$Lang::tr{'fwhost srv_name'}</td><td align='center'><b>$Lang::tr{'fwhost prot'}</td><td align='center'><b>$Lang::tr{'fwhost port'}</td><td align='center'><b>ICMP</td><td align='center'><b>$Lang::tr{'fwhost used'}</td><td></td><td width='3%'></td></tr>
+			<table width='100%' cellspacing='0' class='tbl'>
+			<tr><th align='center'><b>$Lang::tr{'fwhost srv_name'}</b></th><th align='center'><b>$Lang::tr{'fwhost prot'}</b></th><th align='center'><b>$Lang::tr{'fwhost port'}</b></th><th align='center'><b>ICMP</b></th><th align='center'><b>$Lang::tr{'fwhost used'}</b></th><th></th><th width='3%'></th></tr>
 END
-		foreach my $key (sort { uc($customservice{$a}[0]) cmp uc($customservice{$b}[0])||  $a <=> $b } keys %customservice)
+		my $col='';
+		foreach my $key (sort { ncmp($customservice{$a}[0],$customservice{$b}[0])} keys %customservice)
 		{
 			$count++;
 			if ( ($fwhostsettings{'updatesrv'} eq 'on' || $fwhostsettings{'error'}) && $fwhostsettings{'SRV_NAME'} eq $customservice{$key}[0]) {
-				print" <tr bgcolor='${Header::colouryellow}'>";
-			}elsif ($count % 2){ print" <tr bgcolor='$color{'color22'}'>";}else{ 	print" <tr bgcolor='$color{'color20'}'>";}
+				print" <tr>";
+				$col="bgcolor='${Header::colouryellow}'";
+			}elsif ($count % 2){
+				print" <tr>";
+				$col="bgcolor='$color{'color22'}'";
+			}else{
+				print" <tr>";
+				$col="bgcolor='$color{'color20'}'";
+			}
 			print<<END;
-			<td>$customservice{$key}[0]</td><td align='center'>$customservice{$key}[2]</td><td align='center'>$customservice{$key}[1]</td><td align='center'>
+			<td $col>$customservice{$key}[0]</td><td align='center' $col>$customservice{$key}[2]</td><td align='center' $col>$customservice{$key}[1]</td><td align='center' $col>
 END
-			if($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];}
-		
+			#Neuer count
+			$srvcount=&getsrvcount($customservice{$key}[0]);
+			if($customservice{$key}[3] eq 'All ICMP-Types'){print $Lang::tr{'fwdfw all icmp'};}
+			elsif($customservice{$key}[3] ne 'BLANK'){print $customservice{$key}[3];}
 			print<<END;
-			</td><td align='center'>$customservice{$key}[4]x</td>
-			<td width='1%'><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} /><input type='hidden' name='ACTION' value='editservice' />
+			</td><td align='center' $col>$srvcount x</td>
+			<td width='1%' $col><form method='post'><input type='image' src='/images/edit.gif' align='middle' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} /><input type='hidden' name='ACTION' value='editservice' />
 			<input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]' />
 			<input type='hidden' name='SRV_PORT' value='$customservice{$key}[1]' />
-			<input type='hidden' name='PROT' value='$customservice{$key}[2]' /></form></td>
+			<input type='hidden' name='PROT' value='$customservice{$key}[2]' />
+			<input type='hidden' name='ICMP' value='$customservice{$key}[3]' /></form></td>
 END
-			if ($customservice{$key}[4] eq '0')
+			if ($srvcount eq '0')
 			{
-				print"<td width='1%'><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delservice' /><input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]'></td></tr></form>";
+				print"<td width='1%' $col><form method='post'><input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} /><input type='hidden' name='ACTION' value='delservice' /><input type='hidden' name='SRV_NAME' value='$customservice{$key}[0]'></td></tr></form>";
 			}else{
-				print"<td></td></tr>";
+				print"<td $col></td></tr>";
 			}
 		}
 		print"</table>";
@@ -1572,16 +1777,23 @@ sub viewtableservicegrp
 	my $port;
 	my $protocol;
 	my $delflag;
+	my $grpcount=0;
+	my $col='';
 	if (! -z $configsrvgrp){
 		&Header::openbox('100%', 'left', $Lang::tr{'fwhost cust srvgrp'});
 		&General::readhasharray("$configsrvgrp", \%customservicegrp);
 		&General::readhasharray("$configsrv", \%customservice);
+		&General::readhasharray("$fwconfigfwd", \%fwfwd);
+		&General::readhasharray("$fwconfiginp", \%fwinp);
+		&General::readhasharray("$fwconfigout", \%fwout);
 		my $number= keys %customservicegrp;
-		foreach my $key (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0])||  $a <=> $b } keys %customservicegrp){
+		foreach my $key (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) }keys %customservicegrp){
 			$count++;
 			if ($helper ne $customservicegrp{$key}[0]){
+				#Get used groupcounter
+				$grpcount=&getsrvcount($customservicegrp{$key}[0]);
 				$delflag=0;
-				foreach my $key1 (sort { uc($customservicegrp{$a}[0]) cmp uc($customservicegrp{$b}[0]) } sort { uc($customservicegrp{$a}[2]) cmp uc($customservicegrp{$b}[2]) } keys %customservicegrp){
+				foreach my $key1 (sort { ncmp($customservicegrp{$a}[0],$customservicegrp{$b}[0]) } sort { ncmp($customservicegrp{$a}[2],$customservicegrp{$b}[2]) } keys %customservicegrp){
 					if ($customservicegrp{$key}[0] eq $customservicegrp{$key1}[0])
 					{
 						$delflag++;
@@ -1598,24 +1810,37 @@ sub viewtableservicegrp
 				}
 				$remark="$customservicegrp{$key}[1]";
 				if($count >=2){print"</table>";}
-				print "<br><b><u>$grpname</u></b> &nbsp &nbsp ";
-				print "<b>$Lang::tr{'remark'}:</b>&nbsp $remark " if ($remark ne '');
-				print "&nbsp <b>$Lang::tr{'used'}:</b> $customservicegrp{$key}[3]x";
-				if($customservicegrp{$key}[3] == '0')
+				print "<br><b><u>$grpname</u></b>&nbsp; &nbsp; ";
+				print "<b>$Lang::tr{'remark'}:</b>&nbsp; $remark " if ($remark ne '');
+				print "&nbsp; <b>$Lang::tr{'used'}:</b> $grpcount x";
+				if($grpcount == '0')
 				{
 					print"<form method='post' style='display:inline'><input type='image' src='/images/delete.gif' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='ACTION' value='delservicegrp'></form>";
 				}
 				print"<form method='post' style='display:inline'><input type='image' src='/images/edit.gif' alt=$Lang::tr{'edit'} title=$Lang::tr{'edit'} align='right' /><input type='hidden' name='SRVGRP_NAME' value='$grpname' ><input type='hidden' name='SRVGRP_REMARK' value='$remark' ><input type='hidden' name='ACTION' value='editservicegrp'></form>";
-				print"<table width='100%' style='border: 1px solid  #000000;' rules='none' ><tr><td align='center'><b>Name</b></td><td align='center'><b>$Lang::tr{'port'}</b></td><td align='center' width='25%'><b>$Lang::tr{'fwhost prot'}</td></tr>";
+				print"<table width='100%' cellspacing='0' class='tbl'><tr><th align='center'><b>Name</b></th><th align='center'><b>$Lang::tr{'port'}</b></th><th align='center' width='25%'><b>$Lang::tr{'fwhost prot'}</th><th></th></tr>";
 			}
 			if( $fwhostsettings{'SRVGRP_NAME'} eq $customservicegrp{$key}[0]) {
-				print" <tr bgcolor='${Header::colouryellow}'>";
+				print"<tr>";
+				$col="bgcolor='${Header::colouryellow}'";
 			}elsif ($count %2 == 0){
-				print"<tr bgcolor='$color{'color22'}'>";
+				print"<tr>";
+				$col="bgcolor='$color{'color20'}'";
 			}else{
-				print"<tr bgcolor='$color{'color20'}'>";
-			}
-			print "<td width='39%'>$customservicegrp{$key}[2]</td>";
+				print"<tr>";
+				$col="bgcolor='$color{'color22'}'";
+			}
+			#Set fields if we use protocols in servicegroups
+			if ($customservicegrp{$key}[2] ne 'TCP' || $customservicegrp{$key}[2] ne 'UDP' || $customservicegrp{$key}[2] ne 'ICMP'){
+				$port='-';
+			}
+			if ($customservicegrp{$key}[2] eq 'GRE'){$protocol='GRE';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} GRE";}
+			if ($customservicegrp{$key}[2] eq 'ESP'){$protocol='ESP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} ESP";}
+			if ($customservicegrp{$key}[2] eq 'AH'){$protocol='AH';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} AH";}
+			if ($customservicegrp{$key}[2] eq 'IGMP'){$protocol='IGMP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IGMP";}
+			if ($customservicegrp{$key}[2] eq 'IPIP'){$protocol='IPIP';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPIP";}
+			if ($customservicegrp{$key}[2] eq 'IPV6'){$protocol='IPV6';$customservicegrp{$key}[2]="$Lang::tr{'protocol'} IPv6 encapsulation";}
+			print "<td width='39%' $col>$customservicegrp{$key}[2]</td>";
 			foreach my $srv (sort keys %customservice){
 				if ($customservicegrp{$key}[2] eq $customservice{$srv}[0]){
 					$protocol=$customservice{$srv}[2];
@@ -1623,11 +1848,16 @@ sub viewtableservicegrp
 					last;
 				}
 			}
-			print"<td align='center'>$port</td><td align='center'>$protocol</td><td width='1%'><form method='post'>";
-			if ($number gt '1'){
+			print"<td align='center' $col>$port</td><td align='center' $col>$protocol</td><td width='1%' $col><form method='post'>";
+			if ($delflag gt '1'){
 				print"<input type='image' src='/images/delete.gif' align='middle' alt=$Lang::tr{'delete'} title=$Lang::tr{'delete'} />";
 			}
-			print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'><input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2],$customservicegrp{$key}[3]'></form></td></tr>";
+			print"<input type='hidden' name='ACTION' value='delgrpservice'><input type='hidden' name='updatesrvgrp' value='$fwhostsettings{'updatesrvgrp'}'>";
+			if($protocol eq 'TCP' || $protocol eq 'UDP' || $protocol eq 'ICMP'){
+				print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$customservicegrp{$key}[2]'></form></td></tr>";
+			}else{
+				print "<input type='hidden' name='delsrvfromgrp' value='$grpname,$remark,$protocol'></form></td></tr>";
+			}
 			$helper=$customservicegrp{$key}[0];
 		}
 		print"</table>";
@@ -1646,6 +1876,28 @@ sub checkname
 	return 1;
 	
 }
+sub checkgroup
+{
+	&General::readhasharray("$configsrvgrp", \%customservicegrp );
+	my $name=shift;
+	foreach my $key (keys %customservicegrp) {
+		if($customservicegrp{$key}[0] eq $name){
+			return 0;
+		}
+	}
+	return 1;
+}
+sub checkservice
+{
+	&General::readhasharray("$configsrv", \%customservice );
+	my $name=shift;
+	foreach my $key (keys %customservice) {
+		if($customservice{$key}[0] eq $name){
+			return 0;
+		}
+	}
+	return 1;
+}
 sub checkip
 {
 	
@@ -1660,7 +1912,6 @@ sub checkip
 }
 sub checksubnet
 {
-	
 	my %hash=%{(shift)};
 	&General::readhasharray("$confignet", \%hash);
 	foreach my $key (keys %hash) {
@@ -1674,8 +1925,6 @@ sub checksubnet
 sub checkservicegroup
 {
 	&General::readhasharray("$configsrvgrp", \%customservicegrp);
-	
-	
 	#check name
 	if ( ! &validhostname($fwhostsettings{'SRVGRP_NAME'}))
 	{
@@ -1704,6 +1953,33 @@ sub checkservicegroup
 	}
 	return $errormessage;
 }
+sub checkrulereload
+{
+	my $search=shift;
+	&General::readhasharray("$fwconfigfwd", \%fwfwd);
+	&General::readhasharray("$fwconfiginp", \%fwinp);
+	&General::readhasharray("$fwconfigout", \%fwout);
+
+	#check if service or servicegroup is used in rules
+	foreach my $key (keys %fwfwd){
+		if($search eq $fwfwd{$key}[15]){
+			&General::firewall_config_changed();
+			return;
+		}
+	}
+	foreach my $key (keys %fwinp){
+		if($search eq $fwinp{$key}[15]){
+			&General::firewall_config_changed();
+			return;
+		}
+	}
+	foreach my $key (keys %fwout){
+		if($search eq $fwout{$key}[15]){
+			&General::firewall_config_changed();
+			return;
+		}
+	}
+}
 sub error
 {
 	if ($errormessage) {
@@ -1731,6 +2007,114 @@ sub get_name
 		return "$network" if ($val eq $defaultNetworks{$network}{'NAME'});
 	}	
 }
+sub gethostcount
+{
+	my $searchstring=shift;
+	my $srvcounter=0;
+	#Count services used in servicegroups
+	foreach my $key (keys %customgrp) {
+		if($customgrp{$key}[2] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - config
+	foreach my $key1 (keys %fwfwd) {
+		if($fwfwd{$key1}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwfwd{$key1}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - input
+	foreach my $key2 (keys %fwinp) {
+		if($fwinp{$key2}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwinp{$key2}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - outgoing
+	foreach my $key3 (keys %fwout) {
+		if($fwout{$key3}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwout{$key3}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	return $srvcounter;
+}
+sub getnetcount
+{
+	my $searchstring=shift;
+	my $srvcounter=0;
+	#Count services used in servicegroups
+	foreach my $key (keys %customgrp) {
+		if($customgrp{$key}[2] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - config
+	foreach my $key1 (keys %fwfwd) {
+		if($fwfwd{$key1}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwfwd{$key1}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - input
+	foreach my $key2 (keys %fwinp) {
+		if($fwinp{$key2}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwinp{$key2}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - outgoing
+	foreach my $key3 (keys %fwout) {
+		if($fwout{$key3}[4] eq $searchstring){
+			$srvcounter++;
+		}
+		if($fwout{$key3}[6] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	return $srvcounter;
+}
+sub getsrvcount
+{
+	my $searchstring=shift;
+	my $srvcounter=0;
+	#Count services used in servicegroups
+	foreach my $key (keys %customservicegrp) {
+		if($customservicegrp{$key}[2] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - config
+	foreach my $key1 (keys %fwfwd) {
+		if($fwfwd{$key1}[15] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - input
+	foreach my $key2 (keys %fwinp) {
+		if($fwinp{$key2}[15] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	#Count services used in firewall - outgoing
+	foreach my $key3 (keys %fwout) {
+		if($fwout{$key3}[15] eq $searchstring){
+			$srvcounter++;
+		}
+	}
+	return $srvcounter;
+}
 sub deletefromgrp
 {
 	my $target=shift;
@@ -1738,11 +2122,8 @@ sub deletefromgrp
 	my %hash=();
 	&General::readhasharray("$config",\%hash);
 	foreach my $key (keys %hash) {
-		$errormessage.="lese $hash{$key}[2] und $target<br>";
 		if($hash{$key}[2] eq $target){
-			
 			delete $hash{$key};
-			$errormessage.="Habe $target aus Gruppe gelöscht!<br>";
 		}
 	}
 	&General::writehasharray("$config",\%hash);
@@ -1750,10 +2131,9 @@ sub deletefromgrp
 }
 sub plausicheck
 {
-	
 	my $edit=shift;
 	#check hostname
-	if (!&General::validhostname($fwhostsettings{'HOSTNAME'}))
+	if (!&validhostname($fwhostsettings{'HOSTNAME'}))
 	{
 		$errormessage=$errormessage.$Lang::tr{'fwhost err name'};
 		$fwhostsettings{'BLK_IP'}='readonly';
@@ -1761,7 +2141,6 @@ sub plausicheck
 		if ($fwhostsettings{'update'} eq 'on'){$fwhostsettings{'ACTION'}=$edit;}
 	}
 	#check if name collides with CCD Netname
-
 	&General::readhasharray("$configccdnet", \%ccdnet);
 	foreach my $key (keys %ccdnet) {
 		if($ccdnet{$key}[0] eq $fwhostsettings{'HOSTNAME'}){
@@ -1771,7 +2150,6 @@ sub plausicheck
 			last;
 		}
 	}
-
 	#check if IP collides with CCD NetIP
 	if ($fwhostsettings{'type'} ne 'mac'){
 		&General::readhasharray("$configccdnet", \%ccdnet);
@@ -1786,9 +2164,6 @@ sub plausicheck
 			}
 		}
 	}
-	
-	
-	
 	#check if name collides with CCD Hostname
 	&General::readhasharray("$configccdhost", \%ccdhost);
 	foreach my $key (keys %ccdhost) {
@@ -1838,8 +2213,6 @@ sub plausicheck
 	{
 		$errormessage=$errormessage."<br>".$Lang::tr{'fwhost err ipcheck'};
 	}
-		
-	
 	return;
 }
 sub getipforgroup
@@ -1907,7 +2280,8 @@ sub getipforgroup
 	if ($type eq 'Custom Host'){
 		foreach my $key (keys %customhost) {
 			if ($customhost{$key}[0] eq $name){
-				return $customhost{$key}[2];
+				my ($ip,$sub) = split("/",$customhost{$key}[2]);
+				return $ip;
 			}
 		}
 	}
@@ -1953,20 +2327,6 @@ sub getipforgroup
 		}
 	}
 }
-sub rules
-{
-	if (!-f "${General::swroot}/fwhosts/reread"){
-		system("touch ${General::swroot}/fwhosts/reread");
-	}
-}
-sub reread_rules
-{
-	system ("/usr/local/bin/forwardfwctrl");
-	if ( -f "${General::swroot}/fwhosts/reread"){
-		system("rm ${General::swroot}/fwhosts/reread");
-	}
-	
-}
 sub decrease
 {
 	my $grp=$_[0];
@@ -1976,7 +2336,7 @@ sub decrease
 		if ( ($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Network')){
 			foreach my $key1 (sort keys %customnetwork){
 				if ($customnetwork{$key1}[0] eq $customgrp{$key}[2]){
-					$customnetwork{$key1}[3]=$customnetwork{$key1}[3]-1;
+					$customnetwork{$key1}[4]=$customnetwork{$key1}[4]-1;
 					last;
 				}
 			}
@@ -1985,7 +2345,7 @@ sub decrease
 		if (($customgrp{$key}[0] eq $grp) && ($customgrp{$key}[3] eq 'Custom Host')){
 			foreach my $key2 (sort keys %customhost){
 				if ($customhost{$key2}[0] eq $customgrp{$key}[2]){
-					$customhost{$key2}[3]=$customhost{$key2}[3]-1;
+					$customhost{$key2}[4]=$customhost{$key2}[4]-1;
 					last;
 				}
 			}
@@ -2013,6 +2373,36 @@ sub decreaseservice
 	&General::writehasharray("$configsrv", \%customservice);
 	
 }
+sub changenameinfw
+{
+	my $old=shift;
+	my $new=shift;
+	my $fld=shift;
+	&General::readhasharray("$fwconfigfwd", \%fwfwd);
+	&General::readhasharray("$fwconfiginp", \%fwinp);
+	&General::readhasharray("$fwconfigout", \%fwout);
+	#Rename group in Firewall-CONFIG
+	foreach my $key1 (keys %fwfwd) {
+		if($fwfwd{$key1}[$fld] eq $old){
+			$fwfwd{$key1}[$fld]=$new;
+		}
+	}
+	&General::writehasharray("$fwconfigfwd", \%fwfwd );
+	#Rename group in Firewall-INPUT
+	foreach my $key2 (keys %fwinp) {
+		if($fwinp{$key2}[$fld] eq $old){
+			$fwinp{$key2}[$fld]=$new;
+		}
+	}
+	&General::writehasharray("$fwconfiginp", \%fwinp );
+	#Rename group in Firewall-OUTGOING
+	foreach my $key3 (keys %fwout) {
+		if($fwout{$key3}[$fld] eq $old){
+			$fwout{$key3}[$fld]=$new;
+		}
+	}
+	&General::writehasharray("$fwconfigout", \%fwout );
+}
 sub checkports
 {
 	
@@ -2062,7 +2452,7 @@ sub validhostname
 	if (length ($hostname) < 1 || length ($hostname) > 63) {
 		return 0;}
 	# Only valid characters are a-z, A-Z, 0-9 and -
-	if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_()\/\s]*$/) {
+	if ($hostname !~ /^[a-zA-ZäöüÖÄÜ0-9-_.;()\/\s]*$/) {
 		return 0;}
 	# First character can only be a letter or a digit
 	if (substr ($hostname, 0, 1) !~ /^[a-zA-ZöäüÖÄÜ0-9]*$/) {
@@ -2081,13 +2471,13 @@ sub validremark
 	if (length ($remark) < 1 || length ($remark) > 255) {
 		return 0;}
 	# Only valid characters are a-z, A-Z, 0-9 and -
-	if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;_\/\s]*$/) {
+	if ($remark !~ /^[a-zäöüA-ZÖÄÜ0-9-.:;\|_()\/\s]*$/) {
 		return 0;}
 	# First character can only be a letter or a digit
 	if (substr ($remark, 0, 1) !~ /^[a-zäöüA-ZÖÄÜ0-9]*$/) {
 		return 0;}
 	# Last character can only be a letter or a digit
-	if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.]*$/) {
+	if (substr ($remark, -1, 1) !~ /^[a-zöäüA-ZÖÄÜ0-9.:;_)]*$/) {
 		return 0;}
 	return 1;
 }