{Complete} Timebased Rules

BuddhaChu

Suggestion: If the rules are limited to only 5 minute ranges allowed (00, 15, 30, 45, & 59), wouldn't a drop box be better then a text input box? This would eliminate input errors. Same for the hour section.

I don't know if that fits into the pfSense "style" or not.

sullrich

@BuddhaChu:

Suggestion: If the rules are limited to only 5 minute ranges allowed (00, 15, 30, 45, & 59), wouldn't a drop box be better then a text input box? This would eliminate input errors. Same for the hour section.

I don't know if that fits into the pfSense "style" or not.

Yes, very good idea. We'll look into it.

BuddhaChu

After looking at the code in firewall_schedule_edit.php there looks to be a typo on line 581 ("td.innerHTML=" twice @ beginning of the line)

td.innerHTML=td.innerHTML="

BuddhaChu

I'm full of suggestions tonight…

If you get rid of both the hour and minute text boxes and replaced them with one drop down box you could eliminate both the checkKeyEntry() and checkTimeLimits() Javascript functions. Yes, the drop box would have 97 entries, but I think it would be worth it.

The way that's done in ClarkConnect is to build the < option value ="00:15" >00:15< /option > entries with two loops.

Pseudo code (I haven't coded in PHP since early 2003)

Hour loop - loop from 0 to 23
Minute loop - loop from 0 to 45
If hour= 0 then
Add a zero to the hour in the < option > entry (i.e. "00") $hour . "0:" . $minute
Elseif minute = 0
Add a zero to the minute in the < option > entry (i.e. "00") $hour . ":0" . $minute
Else
Output hour:minute to < option > entry
End if
Return minute loop
Return hour loop
Add < option > for 23:59

I hope I'm helping, not hindering when making these suggestions.

BuddhaChu

Reloaded with the 3-27 snapshot (built after issue #3 above was fixed). Something happened and now the Schedule column is missing for the two rules that are added with a checkbox (Block private & bogon networks).

pfsense.png_thumb

sullrich

@BuddhaChu:

Reloaded with the 3-27 snapshot (built after issue #3 above was fixed). Something happened and now the Schedule column is missing for the two rules that are added with a checkbox (Block private & bogon networks).

That should be fixed. Please try most recent snapshot.

BuddhaChu

Reloaded with the 3-27 snap with a timestamp of 2007-Mar-27 23:23:10 and the issue is still there.

The whole < td >< /td > section is missing for the Schedule column. See attached pic for the HTML code relating to that page.

pfsense2.png_thumb

sullrich

Not sure if the snapshot server is broken, but the latest sources show me:

schedule.png_thumb

yoda715

@BuddhaChu:

Reloaded with the 3-27 snapshot (built after issue #3 above was fixed). Something happened and now the Schedule column is missing for the two rules that are added with a checkbox (Block private & bogon networks).

I've duplicated this. Will fix shortly.

heiko

Good Morning,
i will test it in a few hours. Thanks
Greetings from Germany
heiko

yoda715

@BuddhaChu:

Reloaded with the 3-27 snap with a timestamp of 2007-Mar-27 23:23:10 and the issue is still there.

The whole < td >< /td > section is missing for the Schedule column. See attached pic for the HTML code relating to that page.

Fixed now.

Christian

Hi,

this looks like a really niceaddition, thanks to all involved (the programmers as well as the person paying the bill).

I'm not sure how to test this, but do you have any ideas what will happen if a rule is scheduled for a time that doesn't exist?
I'm refering to daylight saving time.
What happens if something should be disabled at 2:30am every Sunday night, but there is no 2:30 on one Sunday a year?
Also the other way, if a rule is only active between 2am and 2:30am on Sundays, will it be active twice when the extra hour is added?

As I'm not paying for it, so I'm not asking for a special way to handle this, all I would like to know is what is the intendet way daylight saving will be handled?

Thanks for a cool addition to a cool firewall product,

Christian

BuddhaChu

Confirmed the missing schedule column is fixed.

sdale: Nice fix for not hitting the "Add Time" button on the schedule page. Even though I'm familiar with the interface now, I forgot to hit the Add Time button and the msgbox dialog helped me out.

heiko

Hello,
very special thanks BuddhaChu for testing it and very very special thanks to "Scott´s" for coding…great

Issue #1 #2 from BuddhaChu is open
when i choose multiple days, for example 10 days of month, i think, a line break is missing (Screenshot)
for me it would be nice, when the date/time picker starts with Monday at the left.... :)
Problem: a couple days brings "grimbelfixe" to the description, when you edit and save a second time
Problem: when you stay in the schedule maks and have more than one configured range, and you want to edit one, click this and click a second also without saving the first one, uups, then the logic is a little bit confused the a first range disappeared.

I think, you should only one range to edit at the same time. A second edit is not allowed, before the first one are not saved.

A litte bit more in a 1 or 2 hours, also a posting to the rule features.
Greetings
heiko

line-break.jpg_thumb

schedule_multiple_days.jpg_thumb

schedule_grimbelfix_edit_second.jpg_thumb
![multiple_configured _ranges.jpg](/public/imported_attachments/1/multiple_configured _ranges.jpg)
![multiple_configured _ranges.jpg_thumb](/public/imported_attachments/1/multiple_configured _ranges.jpg_thumb)

Perry

In April and July i can't select the dates 1-7, bug?

![can't select.gif](/public/imported_attachments/1/can't select.gif)
![can't select.gif_thumb](/public/imported_attachments/1/can't select.gif_thumb)

heiko

I have the same behaviour

heiko

Hello,

1.) What is with time overlaps in the configured ranges?

2.) I have created a passing rule "icmp allowed to WAN" from the schedule 15:30- 15:45. The Rule is created on 15:20 Uhr. At this time no schedule is set on the rule. The Ping is OK. Now, i disabled the Rule (green arrow), nothing happens… Then I kill the states and all works fine.

At 15:25 i change the rule, enabled and a schedule with one configured range from 15:30 to 15:45. Save and all runs fine. At 15:30 +-/ one minute, the schedule runs active, but whe the time is over, nothings happens.

I edit and save the rule without changes, so now time is really over and the ping is dead.....

Greetings
heiko

heiko

Ups, i am barred from my testmachine. To many schedules on the ruleset with no activity…..
It is possible to expansion the "console setup" with anything as "delete all schedules from rules"....
Greetings
heiko

heiko

Hello Scott,
a second test, simply with an icmp-rule to the wan interface. It looks like good, but also the start time and the kill time has a time delay from 5 - minutes. Time Zone difference? or the code behind the gui ….

See the screenshot for example- Start time in the range is 18:30, the ping reply is starting 18:36 Uhr. Also the same with killing states at the expiration of the range.

Greetings
heiko

5_minutes_delay.jpg_thumb

sullrich

@heiko:

Hello,

1.) What is with time overlaps in the configured ranges?

2.) I have created a passing rule "icmp allowed to WAN" from the schedule 15:30- 15:45. The Rule is created on 15:20 Uhr. At this time no schedule is set on the rule. The Ping is OK. Now, i disabled the Rule (green arrow), nothing happens… Then I kill the states and all works fine.

At 15:25 i change the rule, enabled and a schedule with one configured range from 15:30 to 15:45. Save and all runs fine. At 15:30 +-/ one minute, the schedule runs active, but whe the time is over, nothings happens.

I edit and save the rule without changes, so now time is really over and the ping is dead.....

Greetings
heiko

We reload the rules every 15 minutes from bootup. So it will process the rules at different times depending on when the firewall booted up.