diff --git a/app/css/all.css b/app/css/all.css
index 12a47159..d9de52e3 100644
--- a/app/css/all.css
+++ b/app/css/all.css
@@ -228,3 +228,8 @@ button > i.fas {
   pointer-events: none;
 }
 
+.close {
+  font-weight: 400;
+  font-size: 1.3rem;
+}
+
diff --git a/includes/adblock.php b/includes/adblock.php
index bf16bcb7..021f4d2c 100755
--- a/includes/adblock.php
+++ b/includes/adblock.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'config.php';
 
 /**
@@ -9,7 +8,7 @@ require_once 'config.php';
  */
 function DisplayAdBlockConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     $enabled = false;
     $custom_enabled = false;
 
diff --git a/includes/admin.php b/includes/admin.php
index e3227db3..70c29b7c 100755
--- a/includes/admin.php
+++ b/includes/admin.php
@@ -1,10 +1,8 @@
 <?php
 
-require_once 'includes/status_messages.php';
-
 function DisplayAuthConfig($username)
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     $auth = new \RaspAP\Auth\HTTPAuth;
     $config = $auth->getAuthConfig();
     $password = $config['admin_pass'];
diff --git a/includes/configure_client.php b/includes/configure_client.php
index accc7f26..64164f94 100755
--- a/includes/configure_client.php
+++ b/includes/configure_client.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'includes/wifi_functions.php';
 
 /**
@@ -9,7 +8,7 @@ require_once 'includes/wifi_functions.php';
  */
 function DisplayWPAConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     $networks = [];
 
     getWifiInterface();
diff --git a/includes/dashboard.php b/includes/dashboard.php
index e768c37e..724a0175 100755
--- a/includes/dashboard.php
+++ b/includes/dashboard.php
@@ -10,7 +10,7 @@ require_once 'includes/functions.php';
 function DisplayDashboard(&$extraFooterScripts)
 {
     getWifiInterface();
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     // Need this check interface name for proper shell execution.
     if (!preg_match('/^([a-zA-Z0-9]+)$/', $_SESSION['wifi_client_interface'])) {
         $status->addMessage(_('Interface name invalid.'), 'danger');
diff --git a/includes/dhcp.php b/includes/dhcp.php
index 72601374..65c04ceb 100755
--- a/includes/dhcp.php
+++ b/includes/dhcp.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'config.php';
 
 /**
@@ -8,7 +7,7 @@ require_once 'config.php';
  */
 function DisplayDHCPConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     if (!RASPI_MONITOR_ENABLED) {
         if (isset($_POST['savedhcpdsettings'])) {
             saveDHCPConfig($status);
diff --git a/includes/firewall.php b/includes/firewall.php
deleted file mode 100755
index f44833c3..00000000
--- a/includes/firewall.php
+++ /dev/null
@@ -1,368 +0,0 @@
-<?php
-
-require_once 'includes/status_messages.php';
-require_once 'includes/functions.php';
-
-define('RASPAP_IPTABLES_SCRIPT', "/tmp/iptables_raspap.sh");
-define('RASPAP_IP6TABLES_SCRIPT', "/tmp/ip6tables_raspap.sh");
-
-/**
- *
- * @param  array $rule
- * @param  array $conf
- * @return array $don
- */
-function getDependson(&$rule, &$conf)
-{
-    if (isset($rule["dependson"][0]) ) {
-        $don = &$rule["dependson"];
-        if (!empty($don[0]) && isset($conf[$don[0]["var"]]) ) {
-            if (!isset($don[0]["type"]) ) { $don[0]["type"]="bool";
-            }
-            return $don;
-        }
-    }
-    return false;
-}
-
-/**
- *
- * @param  array $sect
- * @param  array $conf
- * @return boolean $active
- */
-function isRuleEnabled(&$sect, &$conf)
-{
-    $fw_on = isset($conf["firewall-enable"]) && $conf["firewall-enable"];
-    $active = isset($sect["fw-state"]) && $sect["fw-state"]==1;
-    $active = $fw_on ? $active : !$active;
-    $active = $active || !isset($sect["fw-state"]);
-    if (($don = getDependson($sect, $conf)) !== false 
-        && $don[0]["type"] == "bool" && !$conf[$don[0]["var"]] 
-    ) {  $active = false;
-    }
-    return $active;
-}
-
-/**
- *
- * @param  array $sect
- * @param  array $conf
- * @return string $str
- */
-function createRuleStr(&$sect, &$conf)
-{
-    if (!is_array($sect["rules"]) ) { return "";
-    }
-    $rules = $sect["rules"];
-    $depon = getDependson($sect, $conf);
-    $rs = array();
-    foreach ( $rules as $rule ) {
-        if (preg_match('/\$[a-z0-9]*\$/i', $rule) ) {
-            $r = array($rule);
-            foreach ( $depon as $dep ) {
-                $rr = array();
-                $repl=$val="";
-                switch ( $dep["type"] ) {
-                case "list":
-                    if (isset($dep["var"]) && !empty($conf[$dep["var"]]) ) { $val = explode(' ', $conf[$dep["var"]]);
-                    }
-                    if (!empty($val) && isset($dep["replace"]) ) { $repl=$dep["replace"];
-                    }
-                    break;
-                case "string":
-                    if (isset($dep["var"]) ) { $val=$conf[$dep["var"]];
-                    }
-                    if (!empty($val) && isset($dep["replace"]) ) { $repl=$dep["replace"];
-                    }
-                    break;
-                default:
-                    break;
-                }
-                if (!empty($repl) && !empty($val) ) {
-                    if (is_array($val) ) {
-                        foreach ( $val as $v ) { $rr = array_merge($rr, str_replace($repl, $v, $r));
-                        }
-                    }
-                    else { $rr = array_merge($rr, str_replace($repl, $val, $r));
-                    }
-                }
-                $r = !empty($rr) ? $rr : $r;
-            }
-            $rs = array_merge($rs, $rr);
-        } else {
-            $rs[] = $rule;
-        }
-    }
-    $str="";
-    foreach ( $rs as $r ) {
-        if (!preg_match('/\$[a-z0-9]*\$/i', $r) ) { $str .= '$IPT '.$r."\n";
-        }
-    }
-    return $str;
-}
-
-
-/**
- *
- * @param  array $rule
- * @return boolean
- */
-function isIPv4(&$rule)
-{
-    return !isset($rule["ip-version"]) || strstr($rule["ip-version"], "4") !== false; 
-}
-
-/**
- *
- * @param  array $rule
- * @return boolean
- */
-function isIPv6(&$rule)
-{
-    return !isset($rule["ip-version"]) || strstr($rule["ip-version"], "6") !== false; 
-}
-
-/**
- *
- * @return boolean 
- */
-function configureFirewall()
-{
-    $json = file_get_contents(RASPI_IPTABLES_CONF);
-    $ipt  = json_decode($json, true);
-    $conf = ReadFirewallConf();
-    $txt = "#!/bin/bash\n";
-    file_put_contents(RASPAP_IPTABLES_SCRIPT, $txt);
-    file_put_contents(RASPAP_IP6TABLES_SCRIPT, $txt);
-    file_put_contents(RASPAP_IPTABLES_SCRIPT, 'IPT="iptables"'."\n", FILE_APPEND);
-    file_put_contents(RASPAP_IP6TABLES_SCRIPT, 'IPT="ip6tables"'."\n", FILE_APPEND);
-    $txt = "\$IPT -F\n";
-    $txt .= "\$IPT -X\n";
-    $txt .= "\$IPT -t nat -F\n";
-    file_put_contents(RASPAP_IPTABLES_SCRIPT, $txt, FILE_APPEND);
-    file_put_contents(RASPAP_IP6TABLES_SCRIPT, $txt, FILE_APPEND);
-    if (empty($conf) || empty($ipt) ) { return false;
-    }
-    $count=0;
-    foreach ( $ipt["order"] as $idx ) {
-        if (isset($ipt[$idx]) ) {
-            foreach ( $ipt[$idx] as $i => $sect ) {
-                if (isRuleEnabled($sect, $conf) ) {
-                    $str_rules= createRuleStr($sect, $conf);
-                    if (!empty($str_rules) ) {
-                        if (isIPv4($sect) ) { file_put_contents(RASPAP_IPTABLES_SCRIPT, $str_rules, FILE_APPEND);
-                        }
-                        if (isIPv6($sect) ) { file_put_contents(RASPAP_IP6TABLES_SCRIPT, $str_rules, FILE_APPEND);
-                        }
-                        ++$count;
-                    }
-                }
-            }
-        }
-    }
-    if ($count > 0 ) {
-        exec("chmod +x ".RASPAP_IPTABLES_SCRIPT);
-        exec("sudo ".RASPAP_IPTABLES_SCRIPT);
-        exec("sudo iptables-save | sudo tee /etc/iptables/rules.v4");
-        unlink(RASPAP_IPTABLES_SCRIPT);
-        exec("chmod +x ".RASPAP_IP6TABLES_SCRIPT);
-        exec("sudo ".RASPAP_IP6TABLES_SCRIPT);
-        exec("sudo ip6tables-save | sudo tee /etc/iptables/rules.v6");
-        unlink(RASPAP_IP6TABLES_SCRIPT);
-    }
-    return ($count > 0);
-}
-
-/**
- *
- * @param array $conf
- * @return string $ret
- */
-function WriteFirewallConf($conf)
-{
-    $ret = false;
-    if (is_array($conf) ) { write_php_ini($conf, RASPI_FIREWALL_CONF);
-    }
-    return $ret;
-}
-
-/**
- *
- * @return array $conf
- */
-function ReadFirewallConf()
-{
-    $conf = array();
-    if (file_exists(RASPI_FIREWALL_CONF) ) {
-        $conf = parse_ini_file(RASPI_FIREWALL_CONF);
-    }
-    if ( !isset($conf["firewall-enable"]) ) {
-        $conf["firewall-enable"] = false;
-        $conf["ssh-enable"] = false;
-        $conf["http-enable"] = false;
-        $conf["excl-devices"] = "";
-        $conf["excluded-ips"] = "";
-        $conf["ap-device"] = "";
-        $conf["client-device"] = "";
-        $conf["restricted-ips"] = "";
-    }
-    exec('ifconfig | grep -E -i "^tun[0-9]"', $ret);
-    $conf["openvpn-enable"] = !empty($ret);
-    unset($ret);
-    exec('ifconfig | grep -E -i "^wg[0-9]"', $ret);
-    $conf["wireguard-enable"] = !empty($ret);
-    return $conf;
-}
-
-/**
- *
- * @return string $ips
- */
-function getVPN_IPs()
-{
-    $ips = "";
-    // get openvpn and wireguard server IPs
-    if (RASPI_OPENVPN_ENABLED && ($fconf = glob(RASPI_OPENVPN_CLIENT_PATH ."/*.conf")) !== false && !empty($fconf) ) {
-        foreach ( $fconf as $f ) {
-            unset($result);
-            exec('cat '.$f.' |  sed -rn "s/^remote\s*([a-z0-9\.\-\_:]*)\s*([0-9]*)\s*$/\1 \2/ip" ', $result);
-            if (!empty($result) ) {
-                $result = explode(" ", $result[0]);
-                $ip = (isset($result[0])) ? $result[0] : "";
-                $port = (isset($result[1])) ? $result[1] : "";
-                if (!empty($ip) ) {
-                    $ip = gethostbyname($ip);
-                    if (filter_var($ip, FILTER_VALIDATE_IP) && strpos($ips, $ip) === false ) { $ips .= " $ip";
-                    }
-                }
-            }
-        }
-    }
-    // get wireguard server IPs
-    if (RASPI_WIREGUARD_ENABLED && ($fconf = glob(RASPI_WIREGUARD_PATH ."/*.conf")) !== false && !empty($fconf) ) {
-        foreach ( $fconf as $f ) {
-            unset($result);
-            exec('sudo /bin/cat '.$f.' |  sed -rn "s/^endpoint\s*=\s*\[?([a-z0-9\.\-\_:]*)\]?:([0-9]*)\s*$/\1 \2/ip" ', $result);
-            if (!empty($result) ) {
-                $result = explode(" ", $result[0]);
-                $ip = (isset($result[0])) ? $result[0] : "";
-                $port = (isset($result[1])) ? $result[1] : "";
-                if (!empty($ip) ) {
-                     $ip = gethostbyname($ip);
-                    if (filter_var($ip, FILTER_VALIDATE_IP) && strpos($ips, $ip) === false ) { $ips .= " $ip";
-                    }
-                }
-            }
-        }
-    }
-    return trim($ips);
-}
-
-/**
- *
- * @return array $fw_conf
- */
-function getFirewallConfiguration() 
-{
-    $fw_conf = ReadFirewallConf();
-    
-    $json = file_get_contents(RASPI_IPTABLES_CONF);
-    getWifiInterface();
-    $ap_device = $_SESSION['ap_interface'];
-    $clients = getClients();
-    $str_clients = "";
-    foreach( $clients["device"] as $dev ) {
-        if (!$dev["isAP"] ) {
-            if (!empty($str_clients) ) { $str_clients .= ", ";
-            }
-            $str_clients .= $dev["name"];
-        }
-    }
-    $fw_conf["ap-device"] = $ap_device;
-    $fw_conf["client-list"] = $str_clients;
-    $id=findCurrentClientIndex($clients);
-    if ($id >= 0 ) { $fw_conf["client-device"] = $clients["device"][$id]["name"];
-    }
-    return $fw_conf;
-}
-
-/**
- *
- */
-function updateFirewall() 
-{
-    $fw_conf = getFirewallConfiguration();
-    if ( isset($fw_conf["firewall-enable"]) ) {
-        WriteFirewallConf($fw_conf);
-        configureFirewall();
-    }
-    return;
-}
-
-/**
- *
- */
-function DisplayFirewallConfig()
-{
-    $status = new StatusMessages();
-
-    $fw_conf = getFirewallConfiguration();
-    $ap_device = $fw_conf["ap-device"];
-    $str_clients = $fw_conf["client-list"];
-
-    if (!empty($_POST)) {
-        $fw_conf["ssh-enable"] = isset($_POST['ssh-enable']);
-        $fw_conf["http-enable"] = isset($_POST['http-enable']);
-        $fw_conf["firewall-enable"] = isset($_POST['firewall-enable']) || isset($_POST['apply-firewall']);
-        if (isset($_POST['firewall-enable']) ) { $status->addMessage(_('Firewall is now enabled'), 'success');
-        }
-        if (isset($_POST['apply-firewall']) ) {  $status->addMessage(_('Firewall settings changed'), 'success');
-        }
-        if (isset($_POST['firewall-disable']) ) { $status->addMessage(_('Firewall is now disabled'), 'warning');
-        }
-        if (isset($_POST['save-firewall']) ) {  $status->addMessage(_('Firewall settings saved. Firewall is still disabled.'), 'success');
-        }
-        if (isset($_POST['excl-devices'])  ) {
-            $excl = filter_var($_POST['excl-devices'], FILTER_SANITIZE_STRING);
-            $excl = str_replace(',', ' ', $excl);
-            $excl = trim(preg_replace('/\s+/', ' ', $excl));
-            if ($fw_conf["excl-devices"] != $excl ) {
-                $status->addMessage(_('Exclude devices '. $excl), 'success');
-                $fw_conf["excl-devices"] = $excl;
-            }
-        }
-        if (isset($_POST['excluded-ips'])  ) {
-            $excl = filter_var($_POST['excluded-ips'], FILTER_SANITIZE_STRING);
-            $excl = str_replace(',', ' ', $excl);
-            $excl = trim(preg_replace('/\s+/', ' ', $excl));
-            if (!empty($excl) ) {
-                $excl = explode(' ', $excl);
-                $str_excl = "";
-                foreach ( $excl as $ip ) {
-                    if (filter_var($ip, FILTER_VALIDATE_IP) ) { $str_excl .= "$ip ";
-                    } else { $status->addMessage(_('Exclude IP address '. $ip . ' failed - not a valid IP address'), 'warning');
-                    }
-                }
-            }
-            $str_excl = trim($str_excl);
-            if ($fw_conf["excluded-ips"] != $str_excl ) {
-                 $status->addMessage(_('Exclude IP address(es) '. $str_excl), 'success');
-                 $fw_conf["excluded-ips"] = $str_excl;
-            }
-        }
-        WriteFirewallConf($fw_conf);
-        configureFirewall();
-    }
-    $vpn_ips = getVPN_IPs();
-    echo renderTemplate(
-        "firewall", compact(
-            "status",
-            "ap_device",
-            "str_clients",
-            "fw_conf",
-            "vpn_ips"
-        )
-    );
-}
-
diff --git a/includes/hostapd.php b/includes/hostapd.php
index c300c3e5..af488278 100755
--- a/includes/hostapd.php
+++ b/includes/hostapd.php
@@ -1,21 +1,17 @@
 <?php
 
-require_once 'status_messages.php';
 require_once 'includes/wifi_functions.php';
 require_once 'includes/config.php';
 
 getWifiInterface();
 
-$system = new \RaspAP\System\Sysinfo;
-$os = $system->operatingSystem();
-
 /**
  * Initialize hostapd values, display interface
  *
  */
 function DisplayHostAPDConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     $system = new \RaspAP\System\Sysinfo;
     $operatingSystem = $system->operatingSystem();
     $arrConfig = array();
diff --git a/includes/networking.php b/includes/networking.php
index 345ca14e..9669fca4 100755
--- a/includes/networking.php
+++ b/includes/networking.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'includes/internetRoute.php';
 
 /**
@@ -9,8 +8,7 @@ require_once 'includes/internetRoute.php';
  */
 function DisplayNetworkingConfig()
 {
-
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
 
     exec("ls /sys/class/net | grep -v lo", $interfaces);
     $routeInfo = getRouteInfo(true);
diff --git a/includes/openvpn.php b/includes/openvpn.php
index a33a6f44..c26b9f42 100755
--- a/includes/openvpn.php
+++ b/includes/openvpn.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'includes/config.php';
 require_once 'includes/wifi_functions.php';
 
@@ -11,7 +10,7 @@ getWifiInterface();
  */
 function DisplayOpenVPNConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     if (!RASPI_MONITOR_ENABLED) {
         if (isset($_POST['SaveOpenVPNSettings'])) {
             if (isset($_POST['authUser'])) {
diff --git a/includes/status_messages.php b/includes/status_messages.php
deleted file mode 100755
index 8f639699..00000000
--- a/includes/status_messages.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-class StatusMessages
-{
-    public $messages = array();
-
-    public function addMessage($message, $level = 'success', $dismissable = true)
-    {
-        $status = '<div class="alert alert-'.$level;
-        if ($dismissable) {
-            $status .= ' alert-dismissable';
-        }
-        $status .= '">'. _($message);
-        if ($dismissable) {
-            $status .= '<button type="button" class="close" data-dismiss="alert" aria-hidden="true">x</button>';
-        }
-        $status .= '</div>';
-
-        array_push($this->messages, $status);
-    }
-
-    public function showMessages($clear = true)
-    {
-        foreach ($this->messages as $message) {
-            echo $message;
-        }
-        if ($clear) {
-            $this->messages = array();
-        }
-    }
-}
diff --git a/includes/system.php b/includes/system.php
index 26822ae8..c65d374d 100755
--- a/includes/system.php
+++ b/includes/system.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'includes/functions.php';
 require_once 'config.php';
 
@@ -9,8 +8,7 @@ require_once 'config.php';
  */
 function DisplaySystem(&$extraFooterScripts)
 {
-
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
 
     if (isset($_POST['SaveLanguage'])) {
         if (isset($_POST['locale'])) {
diff --git a/includes/torproxy.php b/includes/torproxy.php
index f82ca3f8..d6166765 100755
--- a/includes/torproxy.php
+++ b/includes/torproxy.php
@@ -1,7 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
-
 /**
  * Manage Tor Proxy configuration
  */
diff --git a/includes/wireguard.php b/includes/wireguard.php
index 547dd048..ae1bcfc5 100755
--- a/includes/wireguard.php
+++ b/includes/wireguard.php
@@ -1,6 +1,5 @@
 <?php
 
-require_once 'includes/status_messages.php';
 require_once 'config.php';
 
 /**
@@ -8,7 +7,7 @@ require_once 'config.php';
  */
 function DisplayWireGuardConfig()
 {
-    $status = new StatusMessages();
+    $status = new \RaspAP\Messages\StatusMessage;
     if (!RASPI_MONITOR_ENABLED) {
         $optRules     = $_POST['wgRules'];
         $optConf      = $_POST['wgCnfOpt'];
diff --git a/templates/firewall.php b/templates/firewall.php
deleted file mode 100755
index 70210346..00000000
--- a/templates/firewall.php
+++ /dev/null
@@ -1,110 +0,0 @@
-<div class="row">
-  <div class="col-lg-12">
-    <div class="card">
-      <div class="card-header">
-        <div class="row">
-          <div class="col">
-            <i class="fas fa-shield-alt mr-2"></i><?php echo _("Firewall"); ?>
-          </div>
-        </div><!-- /.row -->
-      </div><!-- /.card-header -->
-      <div class="card-body">
-        <?php $status->showMessages(); ?>
-        <h4><?php echo _("Client Firewall"); ?></h4>
-        <?php if ( $fw_conf["firewall-enable"]) : ?>
-           <i class="fas fa-circle mr-2 service-status-up"></i><?php echo _("Firewall is ENABLED"); ?>
-        <?php else : ?>
-           <i class="fas fa-circle mr-2 service-status-down"></i><?php echo _("Firewall is OFF"); ?>
-        <?php endif ?>
-        <div class="row">
-          <div class="col-md-6">
-            <p class="mr-2">
-              <small>
-                <?php echo _("The default firewall will only allow outgoing and already established traffic."); ?><br />
-                <?php echo _("No incoming UDP traffic is allowed."); ?><br />
-                <?php printf(_("There are no restrictions for the access point <code>%s</code>."), $ap_device); ?>
-              </small>
-            </p>
-          </div>
-        </div>
-        <form id="frm-firewall" action="firewall_conf" method="POST" >
-          <?php echo CSRFTokenFieldTag(); ?>
-          <h5><?php echo _("Exception: Service"); ?></h4>
-          <div class="row">
-            <div class="form-group col-md-6">
-                <div class="custom-control custom-switch">
-                    <input class="custom-control-input" id="ssh-enable" type="checkbox" name="ssh-enable" value="1" aria-describedby="exception-description" <?php if ($fw_conf["ssh-enable"]) echo "checked"; ?> >
-                    <label class="custom-control-label" for="ssh-enable"><?php echo _("allow SSH access on port 22") ?></label>
-                </div>
-                <div class="custom-control custom-switch">
-                    <input class="custom-control-input" id="http-enable" type="checkbox" name="http-enable" value="1" aria-describedby="exceptions-description" <?php if ($fw_conf["http-enable"]) echo "checked"; ?> >
-                    <label class="custom-control-label" for="http-enable"><?php echo _("allow access to the RaspAP GUI on port 80 or 443") ?></label>
-                </div>
-                <p class="mb-0" id="exceptions-description">
-                    <small><?php echo _("Allow incoming connections for some services from the internet side.") ?></small>
-                </p>
-            </div>
-          </div>
-          <h5><?php echo _("Exception: network device"); ?></h4>
-          <div class="row">
-            <div class="form-group col-md-6">
-                <label for="excl-device"><?php echo _("Exclude device(s)") ?></label>
-                <input class="form-control" id="excl-devices" type="text" name="excl-devices" value="<?php echo $fw_conf["excl-devices"] ?>" aria-describedby="exclusion-description"  >
-                <p class="mb-0" id="exclusion-description">
-                  <small>
-                    <?php echo _("Exclude the given network device(s) (separated by a blank or comma) from firewall rules."); ?><br />
-                    <?php printf(_("Current client devices: <code>%s</code>"), $str_clients); ?><br />
-                    <?php printf(_("The access point <code>%s</code> is per default excluded."), $ap_device); ?>
-                  </small>
-                </p>
-            </div>
-          </div>
-          <h5><?php echo _("Exception: IP-Address"); ?></h4>
-          <div class="row">
-            <div class="form-group col-md-6">
-                <label for="excluded-ips"><?php echo _("Allow incoming connections from") ?></label>
-                <input class="form-control" id="excluded-ips" type="text" name="excluded-ips" value="<?php echo $fw_conf["excluded-ips"] ?>" aria-describedby="excl-ips-description"  >
-                <p class="mb-0" id="excl-ips-description">
-                  <small>
-                    <?php echo _("For the given IP-addresses (separated by a blank or comma) the incoming connection (via TCP and UDP) is accepted."); ?><br />
-                    <?php echo _("This is required for an OpenVPN via UDP or Wireguard connection."); ?><br />
-                    <?php if ( !empty($vpn_ips) ) printf (_("The list of configured VPN server IP addresses: <code><b>%s</b></code>"), $vpn_ips); ?>
-                  </small>
-                </p>
-            </div>
-          </div>
-          <?php if ($fw_conf["firewall-enable"]) : ?>
-              <input type="submit" class="btn btn-outline btn-primary" value="<?php echo _("Apply changes"); ?>" name="apply-firewall" />
-              <input type="submit" class="btn btn-warning firewall-apply" value="<?php echo _("Disable Firewall") ?>"  name="firewall-disable" data-toggle="modal" data-target="#firewallModal"/>
-          <?php else : ?>
-              <input type="submit" class="btn btn-outline btn-primary" value="<?php echo _("Save settings"); ?>" name="save-firewall" />
-              <input type="submit" class="btn btn-success firewall-apply" value="<?php echo _("Enable Firewall") ?>" name="firewall-enable" data-toggle="modal" data-target="#firewallModal"/>
-          <?php endif ?>
-        </form>
-      </div><!-- /.card-body -->
-      <div class="card-footer"></div>
-    </div><!-- /.card -->
-  </div><!-- /.col-lg-12 -->
-</div><!-- /.row -->
-
-<!-- Modal -->
-<div class="modal fade" id="firewallModal" tabindex="-1" role="dialog" aria-labelledby="ModalLabel" aria-hidden="true">
-  <div class="modal-dialog" role="document">
-    <div class="modal-content">
-      <div class="modal-header">
-        <div class="modal-title" id="ModalLabel">
-          <i class="fas fa-sync-alt mr-2"></i><?php echo _("Executing firewall option") ?>
-        </div>
-      </div>
-      <div class="modal-body">
-        <div class="col-md-12 mb-3 mt-1">
-          <?php if($fw_conf["firewall-enable"]) echo _("Disabling firewall").'...'; else echo _("Enabling firewall").'...'; ?>
-        </div>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-outline btn-primary" data-dismiss="modal"><?php echo _("Close"); ?></button>
-      </div>
-    </div>
-  </div>
-</div>
-