From 2af92cf5acf6d3b0ef52528a0e83a29353ff3c83 Mon Sep 17 00:00:00 2001
From: Alexander Marx <amarx@ipfire.org>
Date: Thu, 27 Jun 2013 07:28:06 +0200
Subject: [PATCH] Forward Firewall: added new line at bottom of all ruletables
 with the "final rule"

---
 html/cgi-bin/forwardfw.cgi | 49 ++++++++++++++++++++++++++++++++++----
 langs/de/cgi-bin/de.pl     |  3 +++
 langs/en/cgi-bin/en.pl     |  3 +++
 3 files changed, 51 insertions(+), 4 deletions(-)
diff --git a/html/cgi-bin/forwardfw.cgi b/html/cgi-bin/forwardfw.cgi
index e3ea5bdb1..0725e2542 100755
--- a/html/cgi-bin/forwardfw.cgi
+++ b/html/cgi-bin/forwardfw.cgi
@@ -75,7 +75,7 @@ my %aliases=();
 my %optionsfw=();
 my %ifaces=();
 
-my $VERSION='0.9.9.8';
+my $VERSION='0.9.9.9';
 my $color;
 my $confignet		= "${General::swroot}/fwhosts/customnetworks";
 my $confighost		= "${General::swroot}/fwhosts/customhosts";
@@ -2319,20 +2319,61 @@ END
 					my $weekdays=join(",",@days);
 					if (@days){
 						print"<tr bgcolor='$color'>";
-						print"<td>&nbsp</td><td bgcolor='$rulecolor'></td><td align='left' colspan='10'>$weekdays &nbsp $$hash{$key}[26] - $$hash{$key}[27] </td></tr>";
+						print"<td>&nbsp</td><td bgcolor='$rulecolor'></td><td align='left' colspan='10'>&nbsp $weekdays &nbsp $$hash{$key}[26] - $$hash{$key}[27] </td></tr>";
 					}
 				}
 			}
 			print"<tr bgcolor='FFFFFF'><td colspan='13' height='1'></td></tr>";
 		}
+		my $col;
+		if ($config eq '/var/ipfire/forward/config'){
+			my $pol='fwdfw '.$fwdfwsettings{'POLICY'};
+			if ($fwdfwsettings{'POLICY'} eq 'MODE1'){
+				$col="bgcolor='darkred'";
+			}else{
+				$col="bgcolor='green'";
+			}
+			print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+		}elsif ($config eq '/var/ipfire/forward/outgoing'){
+			my $pol='fwdfw '.$fwdfwsettings{'POLICY1'};
+			if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){
+				$col="bgcolor='darkred'";
+			}else{
+				$col="bgcolor='green'";
+			}
+			print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+		}else{
+			print"<tr><td colspan='13' bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+		}
 		print"</table>";
-		&Header::closebox();
 		print "<hr>";
 		print "<br><br>";
+		&Header::closebox();
 	}else{
 		if ($optionsfw{'SHOWTABLES'} eq 'on'){
 			print "<b>$title1</b><br>";
-			print"<table width='100%' border='0' rules='none'><tr><td height='30' bgcolor=$color{'color22'} align='center'>$Lang::tr{'fwhost empty'}</td></tr></table><br><br>";
+			print"<table width='100%' border='0' rules='none'><tr><td height='30' bgcolor=$color{'color22'} align='center'>$Lang::tr{'fwhost empty'}</td></tr>";
+			my $col;
+			if ($config eq '/var/ipfire/forward/config'){
+				my $pol='fwdfw '.$fwdfwsettings{'POLICY'};
+				if ($fwdfwsettings{'POLICY'} eq 'MODE1'){
+					$col="bgcolor='darkred'";
+				}else{
+					$col="bgcolor='green'";
+				}
+				print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+			}elsif ($config eq '/var/ipfire/forward/outgoing'){
+				my $pol='fwdfw '.$fwdfwsettings{'POLICY1'};
+				if ($fwdfwsettings{'POLICY1'} eq 'MODE1'){
+					$col="bgcolor='darkred'";
+				}else{
+					$col="bgcolor='green'";
+				}
+				print"<tr><td colspan='13' $col align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{$pol}</font></td></tr>";
+			}else{
+				print"<tr><td colspan='13' bgcolor='darkred' align='center'><font color='#FFFFFF'>$Lang::tr{'fwdfw final_rule'} $Lang::tr{'fwdfw MODE1'}</font></td></tr>";
+			}
+			print"</table><br><br>";
 		}
 	}
 }
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 9587258f9..0445dda97 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -924,6 +924,7 @@
 'fwdfw err tgt_grp'		=> 'Ziel-Dienstgruppe ist leer',
 'fwdfw err time'		=> 'Es muss mindestens ein Tag gewÃ¤hlt werden',
 'fwdfw from'			=> 'Von:',
+'fwdfw final_rule'		=> 'Letzte Regel: ',
 'fwdfw hint ip1'		=> 'Die zuletzt erzeugte Regel wird vielleicht nicht aktiviert, weil Quelle und Ziel evtl im selben Netz sind',
 'fwdfw hint ip2'		=> 'Bitte Ã¼berprÃ¼fen Sie ob diese Regel Sinn macht: ',
 'fwdfw ipsec network'	=> 'IPsec Netzwerke:',
@@ -931,6 +932,8 @@
 'fwdfw man port'		=> 'Port(s) manuell:',
 'fwdfw moveup'			=> 'Hoch',
 'fwdfw movedown'		=> 'Runter',
+'fwdfw MODE1'			=> 'Alle Pakete verwerfen',
+'fwdfw MODE2'			=> 'Alle Pakete annehmen',
 'fwdfw p2p txt'			=> 'Hier kÃ¶nnen einzelne P2P Netzwerke erlaubt oder verboten werden. Das System setzt die Regeln automatisch unabhÃ¤ngig vom aktuellen Firewall Modus. Unter UmstÃ¤nden kÃ¶nnen einzelne aktivierte P2P Netzewerke einen erheblichen Teil der Bandbreite beanspruchen.',
 'fwdfw pol allow'		=> 'Zugelassen',
 'fwdfw pol block'		=> 'Blockiert',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index d66c202c5..37c3b1257 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -949,6 +949,7 @@
 'fwdfw err tgt_grp'		=> 'Target servicegroup is empty',
 'fwdfw err time'		=> 'You have to define at least one day.',
 'fwdfw from'			=> 'From:',
+'fwdfw final_rule'		=> 'Last rule: ',
 'fwdfw hint ip1'		=> 'The last generated rule may never be activated because source and target probably are in same subnet.',
 'fwdfw hint ip2'		=> 'Please doublecheck if this rule makes sense: ',
 'fwdfw ipsec network'	=> 'IpSec networks:',
@@ -956,6 +957,8 @@
 'fwdfw man port'		=> 'Port(s) manual:',
 'fwdfw moveup'			=> 'Move up',
 'fwdfw movedown'		=> 'Move down',
+'fwdfw MODE1'			=> 'Drop all packets',
+'fwdfw MODE2'			=> 'Accept all packets',
 'fwdfw p2p txt'			=> 'Here you can admit or deny or allow single p2p networks. Just define which networks are allowed or denied and the system takes care of the rules depending on the firewall mode. An allowed p2p network may use a lot of bandwith.',
 'fwdfw pol allow'		=> 'Allowed',
 'fwdfw pol block'		=> 'Blocked',
-- 
2.39.2

