diff options
| author | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-01 06:30:34 +0000 |
|---|---|---|
| committer | Matthew Grooms <mgrooms@pfsense.org> | 2008-08-01 06:30:34 +0000 |
| commit | 6b07c15ad870f24e783a23c4a64fbb73958543ad (patch) | |
| tree | 4fdff8bc51d8a4bb299a487d41c6e5c4b2f3e0fd | |
| parent | c9030aec2206b2612f32eaa79ddbedcb282b639a (diff) | |
| download | pfsense-6b07c15ad870f24e783a23c4a64fbb73958543ad.zip pfsense-6b07c15ad870f24e783a23c4a64fbb73958543ad.tar.gz | |
Rewrite the pfsense privilege system with the following goals in mind ...
1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance
5) Cleaning up the related WebUI pages
176 files changed, 3844 insertions, 928 deletions
diff --git a/cf/conf/config.xml b/cf/conf/config.xml index c142298..aa4267e 100644 --- a/cf/conf/config.xml +++ b/cf/conf/config.xml @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>4.9</version> + <version>5.0</version> <lastchange></lastchange> <theme>nervecenter</theme> <sysctl> @@ -31,14 +31,14 @@ <value>1</value> </item> <item> - <desc>Disable sending IPv4 redirects</desc> + <desc>Enable sending IPv4 redirects</desc> <tunable>net.inet.ip.redirect</tunable> - <value>0</value> + <value>1</value> </item> <item> - <desc>Disable sending IPv6 redirects</desc> + <desc>Enable sending IPv6 redirects</desc> <tunable>net.inet6.ip6.redirect</tunable> - <value>0</value> + <value>1</value> </item> <item> <desc>Generate SYN cookies for outbound SYN-ACK packets</desc> @@ -104,11 +104,10 @@ <desc>Enable TCP Inflight mode</desc> <tunable>net.inet.tcp.inflight.enable</tunable> <value>1</value> - </item> + </item> </sysctl> <system> <optimization>normal</optimization> - <schedulertype>priq</schedulertype> <hostname>pfSense</hostname> <domain>local</domain> <dnsserver></dnsserver> @@ -117,16 +116,16 @@ <name>all</name> <description>All Users</description> <scope>system</scope> - <pages/> <gid>1998</gid> + <member>0</member> </group> <group> <name>admins</name> <description>System Administrators</description> <scope>system</scope> - <pages>ANY</pages> - <home>index.php</home> - <gid>110</gid> + <gid>1999</gid> + <member>0</member> + <priv>page-all</priv> </group> <user> <name>admin</name> @@ -135,29 +134,12 @@ <groupname>admins</groupname> <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password> <uid>0</uid> - <priv> - <id>lockwc</id> - <name>Lock webConfigurator</name> - <descr>Indicates whether this user will lock access to the webConfigurator for other users.</descr> - </priv> - <priv> - <id>lock-ipages</id> - <name>Lock individual pages</name> - <descr>Indicates whether this user will lock individual HTML pages after having accessed a particular page(the lock will be freed if the user leaves or saves the page form).</descr> - </priv> - <priv> - <id>hasshell</id> - <name>Has shell access</name> - <descr>Indicates whether this user is able to login for example via SSH.</descr> - </priv> - <priv> - <id>isroot</id> - <name>Is root user</name> - <descr>This user is associated with the UNIX root user (you should associate this privilege only with one single user).</descr> - </priv> + <priv>user-lock-webcfg</priv> + <priv>user-lock-ipages</priv> + <priv>user-shell-access</priv> </user> - <nextuid>115</nextuid> - <nextgid>115</nextgid> + <nextuid>2000</nextuid> + <nextgid>2000</nextgid> <timezone>Etc/UTC</timezone> <time-update-interval>300</time-update-interval> <timeservers>0.pfsense.pool.ntp.org</timeservers> @@ -172,7 +154,7 @@ <noantilockout></noantilockout> --> </webgui> - <disablenatreflection>yes</disablenatreflection> + <disablenatreflection>yes</disablenatreflection> <!-- <disableconsolemenu/> --> <!-- <disablefirmwarecheck/> --> <!-- <shellcmd></shellcmd> --> @@ -202,7 +184,7 @@ <subnet></subnet> <gateway></gateway> <blockpriv/> - <disableftpproxy/> + <disableftpproxy/> <dhcphostname></dhcphostname> <media></media> <mediaopt></mediaopt> @@ -534,6 +516,7 @@ </filter> <shaper> <!-- <enable/> --> + <!-- <schedulertype>hfsc</schedulertype> --> <!-- rule syntax: <rule> <disabled/> @@ -669,15 +652,6 @@ </proxyarpnet> --> </proxyarp> - <wol> - <!-- - <wolentry> - <interface>lan|opt[n]</interface> - <mac>xx:xx:xx:xx:xx:xx</mac> - <descr></descr> - </wolentry> - --> - </wol> <cron> <item> <minute>0</minute> @@ -770,4 +744,13 @@ <command>/usr/local/sbin/reset_slbd.sh</command> </item> </cron> + <wol> + <!-- + <wolentry> + <interface>lan|opt[n]</interface> + <mac>xx:xx:xx:xx:xx:xx</mac> + <descr></descr> + </wolentry> + --> + </wol> </pfsense> diff --git a/conf.default/config.xml b/conf.default/config.xml index de6a8df..aa4267e 100644 --- a/conf.default/config.xml +++ b/conf.default/config.xml @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- pfSense default system configuration --> <pfsense> - <version>4.9</version> + <version>5.0</version> <lastchange></lastchange> <theme>nervecenter</theme> <sysctl> @@ -116,15 +116,16 @@ <name>all</name> <description>All Users</description> <scope>system</scope> - <pages/> <gid>1998</gid> + <member>0</member> </group> <group> <name>admins</name> <description>System Administrators</description> <scope>system</scope> - <pages>ANY</pages> <gid>1999</gid> + <member>0</member> + <priv>page-all</priv> </group> <user> <name>admin</name> @@ -133,26 +134,9 @@ <groupname>admins</groupname> <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password> <uid>0</uid> - <priv> - <id>lockwc</id> - <name>Lock webConfigurator</name> - <descr>Indicates whether this user will lock access to the webConfigurator for other users.</descr> - </priv> - <priv> - <id>lock-ipages</id> - <name>Lock individual pages</name> - <descr>Indicates whether this user will lock individual HTML pages after having accessed a particular page(the lock will be freed if the user leaves or saves the page form).</descr> - </priv> - <priv> - <id>hasshell</id> - <name>Has shell access</name> - <descr>Indicates whether this user is able to login for example via SSH.</descr> - </priv> - <priv> - <id>isroot</id> - <name>Is root user</name> - <descr>This user is associated with the UNIX root user (you should associate this privilege only with one single user).</descr> - </priv> + <priv>user-lock-webcfg</priv> + <priv>user-lock-ipages</priv> + <priv>user-shell-access</priv> </user> <nextuid>2000</nextuid> <nextgid>2000</nextgid> diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 47a2431..c057d30 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -33,6 +33,8 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
+
+ DISABLE_PHP_LINT_CHECKING
*/
require_once("functions.inc");
@@ -40,164 +42,55 @@ require_once("functions.inc"); $groupindex = index_groups();
$userindex = index_users();
-function isAllowedPage($page) {
- global $config, $userindex, $_SESSION;
-
- /* admin/root access check */
- $username = $_SESSION['Username'];
- if (isset($username))
- $user = &$config['system']['user'][$userindex[$username]];
- if (isset($user))
- if (isset($user['uid']))
- if ($user['uid']==0)
- return true;
-
- /* user privelege access check */
- $allowed_pages = $_SESSION['privs'];
- if (in_array("ANY", $allowed_pages))
- return true;
- if (in_array(basename($page), $allowed_pages))
- return true;
-
- return false;
-}
+function index_groups() {
+ global $g, $config, $groupindex;
-function getAllowedPages($logged_in_user) {
- global $config, $_SESSION;
+ $groupindex = array();
- if (!function_exists("ldap_connect"))
- return;
-
- $allowed_pages = array();
- $allowed_groups = array();
-
- $ldapon = $_SESSION['ldapon'];
- //log_error("Getting groups for {$logged_in_user}.");
-
- /* search for a local user by name */
- $local_user = false;
- foreach ($config['system']['user'] as $user) {
- if ($user['name'] == $logged_in_user) {
- $local_user = $user;
- break;
+ if (isset($config['system']['group'])) {
+ $i = 0;
+ foreach($config['system']['group'] as $groupent) {
+ $groupindex[$groupent['name']] = $i;
+ $i++;
}
}
- /* obtain local groups if we have a local user */
- if ($local_user) {
- $allowed_groups = get_local_user_groups($local_user);
- foreach ($config['system']['group'] as $group)
- if (in_array($group['name'], $allowed_groups))
- if (is_array($group['pages']))
- foreach ($group['pages'] as $page)
- $allowed_pages[] = $page;
- }
-
- /* obtain ldap groups if we are in ldap mode */
- if ($config['system']['webgui']['backend'] == "ldap" && !$local_user) {
- //log_error("Calling LDAP_GET_GROUPS from the first section");
- $allowed_groups = ldap_get_groups($logged_in_user);
- if (is_array($config['system']['group']) && is_array($allowed_groups))
- foreach ($config['system']['group'] as $group)
- if (in_array($group['name'], $allowed_groups))
- foreach ($group['pages'] as $page)
- $allowed_pages[] = $page;
- }
- if ($config['system']['webgui']['backend'] == "ldapother" && !$local_user) {
- //log_error("Calling LDAP_GET_GROUPS from the first section");
- $allowed_groups = ldap_get_groups($logged_in_user);
- if (is_array($config['system']['group']) && is_array($allowed_groups))
- foreach ($config['system']['group'] as $group)
- if (in_array($group['name'], $allowed_groups))
- foreach ($group['pages'] as $page)
- $allowed_pages[] = $page;
- }
-
- $allowed_groups = print_r($allowed, true);
- $fdny = fopen("/tmp/groups", "w");
- fwrite($fdny, $allowed_groups);
- fclose($fdny);
-
- $_SESSION['privs'] = $allowed_pages;
-
- return $allowed_pages;
+ return ($groupindex);
}
-function &getSystemPrivs() {
- global $g;
+function index_users() {
+ global $g, $config;
- $privs = array();
-
- $privs[] = array("id" => "lockwc",
- "name" => "Lock webConfigurator",
- "desc" => "Indicates whether this user will lock access to " .
- "the webConfigurator for other users.");
-
- $privs[] = array("id" => "lock-ipages",
- "name" => "Lock individual pages",
- "desc" => "Indicates whether this user will lock individual " .
- "HTML pages after having accessed a particular page" .
- "(the lock will be freed if the user leaves or " .
- "saves the page form).");
-
- $privs[] = array("id" => "hasshell",
- "name" => "Has shell access",
- "desc" => "Indicates whether this user is able to login for " .
- "example via SSH.");
-
- $privs[] = array("id" => "copyfiles",
- "name" => "Is allowed to copy files",
- "desc" => "Indicates whether this user is allowed to copy files " .
- "onto the {$g['product_name']} appliance via SCP/SFTP. " .
- "If you are going to use this privilege, you must install " .
- "scponly on the appliance (Hint: pkg_add -r scponly).");
-
- $privs[] = array("id" => "isroot",
- "name" => "Is root user",
- "desc" => "This user is associated with the UNIX root user " .
- "(you should associate this privilege only with one " .
- "single user).");
-
- return $privs;
+ if (isset($config['system']['user'])) {
+ $i = 0;
+ foreach($config['system']['user'] as $userent) {
+ $userindex[$userent['name']] = $i;
+ $i++;
+ }
+ }
+
+ return ($userindex);
}
function & getUserEntry($name) {
global $config, $userindex;
- return $config['system']['user'][$userindex[$name]];
-}
-
-function & getGroupEntry($name) {
- global $config, $groupindex;
- return $config['system']['group'][$groupindex[$name]];
+ if (isset($userindex[$name]))
+ return $config['system']['user'][$userindex[$name]];
}
-function userHasPrivilege($userent, $privid = false) {
-
- if (!$privid || !is_array($userent))
- return false;
-
- if (!is_array($userent['priv']))
- return false;
-
- foreach ($userent['priv'] as $priv)
- if ($priv['id'] == $privid)
- return true;
-}
-
-function hasPrivilegeCopyFiles($userent) {
- return userHasPrivilege($userent, "copyfiles");
-}
-
-function hasPrivilegeLock($userent) {
- return userHasPrivilege($userent, "lockwc");
-}
+function & getUserEntryByUID($uid) {
+ global $config;
+ foreach ($config['system']['user'] as & $user)
+ if ($user['uid'] == $uid)
+ return $user;
-function hasPrivilegeLockPages($userent) {
- return userHasPrivilege($userent, "lock-ipages");
+ return false;
}
-function hasPrivilegeShell($userent) {
- return userHasPrivilege($userent, "hasshell");
+function & getGroupEntry($name) {
+ global $config, $groupindex;
+ if (isset($groupindex[$name]))
+ return $config['system']['group'][$groupindex[$name]];
}
function sync_local_accounts() {
@@ -249,7 +142,8 @@ function sync_local_accounts() { sync_webgui_passwords();
}
-function set_local_user($user) {
+function set_local_user(& $user, $password = false) {
+ global $g;
$home_base = $g['platform'] == "pfSense" ? "/home" : "/var/home";
if (!is_dir($home_base))
@@ -261,6 +155,30 @@ function set_local_user($user) { $user_shell = "/etc/rc.initial";
$user_group = "nobody";
+ /* set all password hashes if required */
+ if ($password && strlen($password)) {
+
+ $user['password'] = crypt($password);
+ $user['md5-hash'] = md5($password);
+
+ /*
+ * NOTE : This section of code id based on the BSD
+ * licensed CHAP.php courtesy of Michael Retterklieber.
+ */
+ /* Waiting for mhash to settle into the tree
+ // Converts ascii to unicode.
+ $astr = (string) $password;
+ $ustr = '';
+ for ($i = 0; $i < strlen($astr); $i++) {
+ $a = ord($astr{$i}) << 8;
+ $ustr.= sprintf("%X", $a);
+ }
+
+ // Generate the NT-HASH from the unicode string
+ $user['nt-hash'] = bin2hex(mhash(MHASH_MD4, $ustr));
+ */
+ }
+
/* configure shell type */
if (!hasPrivilegeShell($user)) {
if (!hasPrivilegeCopyFiles($user))
@@ -342,29 +260,6 @@ function get_local_user_groups($user, $all = false) { return $groups;
}
-function set_local_user_password(& $user, $password) {
-
- $user['password'] = crypt($password);
- $user['md5-hash'] = md5($password);
-
- /*
- * NOTE : This section of code id based on the BSD
- * licensed CHAP.php courtesy of Michael Retterklieber.
- */
- /* Waiting for mhash to settle into the tree
- // Converts ascii to unicode.
- $astr = (string) $password;
- $ustr = '';
- for ($i = 0; $i < strlen($astr); $i++) {
- $a = ord($astr{$i}) << 8;
- $ustr.= sprintf("%X", $a);
- }
-
- // Generate the NT-HASH from the unicode string
- $user['nt-hash'] = bin2hex(mhash(MHASH_MD4, $ustr));
- */
-}
-
function set_local_user_groups($user, $new_groups = NULL ) {
global $config, $groupindex;
@@ -1135,34 +1030,4 @@ function radius_backed($username, $passwd){ return $ret;
}
-function index_groups() {
- global $g, $config, $groupindex;
-
- $groupindex = array();
-
- if (isset($config['system']['group'])) {
- $i = 0;
- foreach($config['system']['group'] as $groupent) {
- $groupindex[$groupent['name']] = $i;
- $i++;
- }
- }
-
- return ($groupindex);
-}
-
-function index_users() {
- global $g, $config;
-
- if (isset($config['system']['user'])) {
- $i = 0;
- foreach($config['system']['user'] as $userent) {
- $userindex[$userent['name']] = $i;
- $i++;
- }
- }
-
- return ($userindex);
-}
-
?>
diff --git a/etc/inc/config.inc b/etc/inc/config.inc index 5e58689..f811b53 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -1542,7 +1542,7 @@ function convert_config() { $all = array(); $all['name'] = "all"; $all['description'] = "All Users"; - $all['scope'] = "System"; + $all['scope'] = "system"; $all['gid'] = 1998; $all['member'] = array(); @@ -1582,6 +1582,11 @@ function convert_config() { $all['member'][] = $user['uid']; } + /* reset group scope information */ + foreach ($config['system']['group'] as & $group) + if ($group['name'] != $g['admin_group']) + $group['scope'] = "user"; + /* insert new all group */ $groups = Array(); $groups[] = $all; @@ -1589,10 +1594,58 @@ function convert_config() { $config['system']['group'] = $groups; set_local_group($all); + $config['version'] = 4.9; + } + + /* Convert 4.9 -> 5.0 */ + if ($config['version'] <= 5.0) { + + /* update user privileges */ + foreach ($config['system']['user'] as & $user) { + $privs = array(); + if (!is_array($user['priv'])) { + unset($user['priv']); + continue; + } + foreach ($user['priv'] as $priv) { + switch($priv['id']) { + case "lockwc": + $privs[] = "user-lock-webcfg"; + break; + case "lock-ipages": + $privs[] = "user-lock-ipages"; + break; + case "hasshell": + $privs[] = "user-shell-access"; + break; + case "copyfiles": + $privs[] = "user-copy-files"; + break; + } + } + $user['priv'] = $privs; + } + + /* update group privileges */ + foreach ($config['system']['group'] as & $group) { + $privs = array(); + if (!is_array($group['pages'])) { + unset($group['pages']); + continue; + } + foreach ($group['pages'] as $page) { + $priv = map_page_privname($page); + if ($priv) + $privs[] = $priv; + } + unset($group['pages']); + $group['priv'] = $privs; + } + /* sync all local account information */ sync_local_accounts(); - $config['version'] = 4.9; + $config['version'] = 5.0; } $now = date("H:i:s"); diff --git a/etc/inc/functions.inc b/etc/inc/functions.inc index a9ecbea..0fd4811 100644 --- a/etc/inc/functions.inc +++ b/etc/inc/functions.inc @@ -71,6 +71,7 @@ if(!function_exists("pfSenseHeader")) { /* include all configuration functions */ require_once("auth.inc"); +require_once("priv.inc"); require_once("captiveportal.inc"); require_once("filter.inc"); require_once("interfaces.inc"); @@ -86,4 +87,4 @@ require_once("gwlb.inc"); require_once("notices.inc"); require_once("cmd_chain.inc"); -?>
\ No newline at end of file +?> diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 872ee09..3cbb15a 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -60,7 +60,7 @@ $g = array( "n_pppoe_units" => 16, /* this value can be overriden in pppoe->n_pppoe_units */ "pppoe_subnet" => 28, /* this value can be overriden in pppoe->pppoe_subnet */ "debug" => false, - "latest_config" => "4.9", + "latest_config" => "5.0", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "115", "minimum_ram_warning_text" => "128 megabytes", diff --git a/etc/inc/meta.inc b/etc/inc/meta.inc new file mode 100644 index 0000000..6b3d003 --- /dev/null +++ b/etc/inc/meta.inc @@ -0,0 +1,197 @@ +<?php +/* + Copyright (C) 2008 Shrew Soft Inc + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* + * The meta data format used in pfSense is denoted using markers + * followed by the appropriate value or value pair. All markers + * are prefixed with a ##| sequence. The + suffix is used to + * denote the beginning of a tag block followed by the tag name. + * A - suffix is used to denote the end of a tag blaock. Values + * are denoted using the * suffix and can optionally be expressed + * as a key value pair. An example of a metadata tag block ... + * + * ###|+INFO + * ###|*BLAH + * ###|*TEXT=SOME TEXT + * ###|-INFO + * + * After calling read_file_metadata, the result array would + * contain the following information ... + * + * metadata['<filename>']['INFO']['BLAH'][0] == true + * metadata['<filename>']['INFO']['TEXT'][0] == "SOME TEXT" + * + * NOTE: All statements must be at the begining of a line and + * contiguous for a tag. The example shown above would not be + * processed due to the extra ' * ' comment chars. + * + */ + +/* + * locate php files for a given path + */ + +function list_phpfiles($path, & $found) { + + if (!is_array($found)) + $found = array(); + + $dir = opendir($path); + if (!$dir) { + echo "list_phpfiles: unable to examine path {$path}\n"; + return; + } + + while($fname = readdir($dir)) { + if($fname == "." || $fname == ".." || $fname[0] == '.') + continue; + if (fnmatch('*.php', $fname)) + $found[] = $fname; + } +} + +/* + * read embedded metadata from a file + */ + +function read_file_metadata($fpath, & $metadata, $taglist = false) { + + if (!is_array($metadata)) + $metadata = array(); + + if ($taglist) + $taglist = explode(",", $taglist); + + $fname = $fpath; + $slash = strrpos($fname,"/"); + if ($slash) + $fname = substr($fname,$slash + 1); + + $fdata = @file_get_contents($fpath); + if (!$fdata) { + echo "unable to read {$fpath}\n"; + continue; + } + + $offset = 0; + + $tags = array(); + + while (true) { + + $tagbeg_off = stripos($fdata, "##|+", $offset); + if ($tagbeg_off === false) + break; + + $tagbeg_trm = stripos($fdata, "\n", $tagbeg_off); + if ($tagbeg_trm === false) + break; + + $tagend_off = stripos($fdata, "##|-", $tagbeg_trm); + if ($tagend_off === false) + break; + + $tagend_trm = stripos($fdata, "\n", $tagend_off); + if ($tagend_trm === false) + break; + + $tagbeg_len = $tagbeg_trm - $tagbeg_off; + $tagend_len = $tagend_trm - $tagend_off; + + $tagbeg = substr($fdata, $tagbeg_off + 4, $tagbeg_len - 4); + $tagend = substr($fdata, $tagend_off + 4, $tagend_len - 4); + + if ($tagbeg != $tagend) { + echo "error: tag mismatch ( {$tagbeg} != {$tagend} ) in '$fpath'\n"; + break; + } + + $mdata_off = $tagbeg_trm + 1; + $mdata_trm = $tagend_off - 1; + $mdata_len = $mdata_trm - $mdata_off; + + $mdata = substr($fdata, $mdata_off, $mdata_len); + + if (!strlen($mdata)) { + echo "warning: tag {$tagbeg} has no data in '$fpath'\n"; + break; + } + + $offset = $tagend_trm + 1; + + if (is_array($taglist)) + if (!in_array($tagbeg,$taglist)) + continue; + + $vals = array(); + + $lines = explode("\n",$mdata); + foreach ($lines as $line) { + + if (!strlen($line)) + continue; + + $valtag = stripos($line, "##|*"); + if ($valtag === false || $valtag) { + echo "warning: tag {$tagbeg} has malformed data in '$fpath'\n"; + continue; + } + + $value = substr($line, 4, strlen($line) - 1); + $vlist = explode("=", $value); + + unset($vname); + unset($vdata); + + switch (count($vlist)) { + case 1: + $vname = $vlist[0]; + $vdata = true; + break; + case 2: + $vname = $vlist[0]; + $vdata = $vlist[1]; + break; + } + + if (!isset($vname) || !isset($vdata)) { + echo "warning: tag {$tagbeg} has invalid data in '$fpath'\n"; + continue; + } + + $vals[$vname][] = $vdata; + } + + if (count($vals)) + $tags[$tagbeg] = $vals; + } + + if (count($tags)) + $metadata[$fname] = $tags; +} + +?> diff --git a/etc/inc/priv.defs.inc b/etc/inc/priv.defs.inc new file mode 100644 index 0000000..9bddac7 --- /dev/null +++ b/etc/inc/priv.defs.inc @@ -0,0 +1,1014 @@ +<?php +/* + * priv.defs.inc - Generated privilege definitions + * + */ + +$priv_list = array(); + +$priv_list['page-all'] = array(); +$priv_list['page-all']['name'] = "WebCfg - All pages"; +$priv_list['page-all']['descr'] = "Allow access to all pages"; +$priv_list['page-all']['match'] = array(); +$priv_list['page-all']['match'][] = "*"; + +$priv_list['page-diagnostics-routingtables'] = array(); +$priv_list['page-diagnostics-routingtables']['name'] = "WebCfg - Diagnostics: Routing tables page"; +$priv_list['page-diagnostics-routingtables']['descr'] = "Allow access to the 'Diagnostics: Routing tables' page."; +$priv_list['page-diagnostics-routingtables']['match'] = array(); +$priv_list['page-diagnostics-routingtables']['match'][] = "diag_routes.php*"; + +$priv_list['page-status-carp'] = array(); +$priv_list['page-status-carp']['name'] = "WebCfg - Status: CARP page"; +$priv_list['page-status-carp']['descr'] = "Allow access to the 'Status: CARP' page."; +$priv_list['page-status-carp']['match'] = array(); +$priv_list['page-status-carp']['match'][] = "carp_status.php*"; + +$priv_list['page-diagnostics-arptable'] = array(); +$priv_list['page-diagnostics-arptable']['name'] = "WebCfg - Diagnostics: ARP Table page"; +$priv_list['page-diagnostics-arptable']['descr'] = "Allow access to the 'Diagnostics: ARP Table' page."; +$priv_list['page-diagnostics-arptable']['match'] = array(); +$priv_list['page-diagnostics-arptable']['match'][] = "diag_arp.php*"; + +$priv_list['page-diagnostics-backup/restore'] = array(); +$priv_list['page-diagnostics-backup/restore']['name'] = "WebCfg - Diagnostics: Backup/restore page"; +$priv_list['page-diagnostics-backup/restore']['descr'] = "Allow access to the 'Diagnostics: Backup/restore' page."; +$priv_list['page-diagnostics-backup/restore']['match'] = array(); +$priv_list['page-diagnostics-backup/restore']['match'][] = "diag_backup.php*"; + +$priv_list['page-diagnostics-configurationhistory'] = array(); +$priv_list['page-diagnostics-configurationhistory']['name'] = "WebCfg - Diagnostics: Configuration History page"; +$priv_list['page-diagnostics-configurationhistory']['descr'] = "Allow access to the 'Diagnostics: Configuration History' page."; +$priv_list['page-diagnostics-configurationhistory']['match'] = array(); +$priv_list['page-diagnostics-configurationhistory']['match'][] = "diag_confbak.php*"; + +$priv_list['page-diagnostics-factorydefaults'] = array(); +$priv_list['page-diagnostics-factorydefaults']['name'] = "WebCfg - Diagnostics: Factory defaults page"; +$priv_list['page-diagnostics-factorydefaults']['descr'] = "Allow access to the 'Diagnostics: Factory defaults' page."; +$priv_list['page-diagnostics-factorydefaults']['match'] = array(); +$priv_list['page-diagnostics-factorydefaults']['match'][] = "diag_defaults.php*"; + +$priv_list['page-status-dhcpleases'] = array(); +$priv_list['page-status-dhcpleases']['name'] = "WebCfg - Status: DHCP leases page"; +$priv_list['page-status-dhcpleases']['descr'] = "Allow access to the 'Status: DHCP leases' page."; +$priv_list['page-status-dhcpleases']['match'] = array(); +$priv_list['page-status-dhcpleases']['match'][] = "diag_dhcp_leases.php*"; + +$priv_list['page-diagnostics-showstates'] = array(); +$priv_list['page-diagnostics-showstates']['name'] = "WebCfg - Diagnostics: Show States page"; +$priv_list['page-diagnostics-showstates']['descr'] = "Allow access to the 'Diagnostics: Show States' page."; +$priv_list['page-diagnostics-showstates']['match'] = array(); +$priv_list['page-diagnostics-showstates']['match'][] = "diag_dump_states.php*"; + +$priv_list['page-status-ipsec'] = array(); +$priv_list['page-status-ipsec']['name'] = "WebCfg - Status: IPsec page"; +$priv_list['page-status-ipsec']['descr'] = "Allow access to the 'Status: IPsec' page."; +$priv_list['page-status-ipsec']['match'] = array(); +$priv_list['page-status-ipsec']['match'][] = "diag_ipsec.php*"; + +$priv_list['page-status-ipsec-sad'] = array(); +$priv_list['page-status-ipsec-sad']['name'] = "WebCfg - Status: IPsec: SAD page"; +$priv_list['page-status-ipsec-sad']['descr'] = "Allow access to the 'Status: IPsec: SAD' page."; +$priv_list['page-status-ipsec-sad']['match'] = array(); +$priv_list['page-status-ipsec-sad']['match'][] = "diag_ipsec_sad.php*"; + +$priv_list['page-status-ipsec-spd'] = array(); +$priv_list['page-status-ipsec-spd']['name'] = "WebCfg - Status: IPsec: SPD page"; +$priv_list['page-status-ipsec-spd']['descr'] = "Allow access to the 'Status: IPsec: SPD' page."; +$priv_list['page-status-ipsec-spd']['match'] = array(); +$priv_list['page-status-ipsec-spd']['match'][] = "diag_ipsec_spd.php*"; + +$priv_list['page-diagnostics-logs-system'] = array(); +$priv_list['page-diagnostics-logs-system']['name'] = "WebCfg - Diagnostics: Logs: System page"; +$priv_list['page-diagnostics-logs-system']['descr'] = "Allow access to the 'Diagnostics: Logs: System' page."; +$priv_list['page-diagnostics-logs-system']['match'] = array(); +$priv_list['page-diagnostics-logs-system']['match'][] = "diag_logs.php*"; + +$priv_list['page-status-systemlogs-portalauth'] = array(); +$priv_list['page-status-systemlogs-portalauth']['name'] = "WebCfg - Status: System logs: Portal Auth page"; +$priv_list['page-status-systemlogs-portalauth']['descr'] = "Allow access to the 'Status: System logs: Portal Auth' page."; +$priv_list['page-status-systemlogs-portalauth']['match'] = array(); +$priv_list['page-status-systemlogs-portalauth']['match'][] = "diag_logs_auth.php*"; + +$priv_list['page-diagnostics-logs-dhcp'] = array(); +$priv_list['page-diagnostics-logs-dhcp']['name'] = "WebCfg - Diagnostics: Logs: DHCP page"; +$priv_list['page-diagnostics-logs-dhcp']['descr'] = "Allow access to the 'Diagnostics: Logs: DHCP' page."; +$priv_list['page-diagnostics-logs-dhcp']['match'] = array(); +$priv_list['page-diagnostics-logs-dhcp']['match'][] = "diag_logs_dhcp.php*"; + +$priv_list['page-package-settings'] = array(); +$priv_list['page-package-settings']['name'] = "WebCfg - Package: Settings page"; +$priv_list['page-package-settings']['descr'] = "Allow access to the 'Package: Settings' page."; +$priv_list['page-package-settings']['match'] = array(); +$priv_list['page-package-settings']['match'][] = "pkg.php*"; + +$priv_list['page-diagnostics-logs-firewall'] = array(); +$priv_list['page-diagnostics-logs-firewall']['name'] = "WebCfg - Diagnostics: Logs: Firewall page"; +$priv_list['page-diagnostics-logs-firewall']['descr'] = "Allow access to the 'Diagnostics: Logs: Firewall' page."; +$priv_list['page-diagnostics-logs-firewall']['match'] = array(); +$priv_list['page-diagnostics-logs-firewall']['match'][] = "diag_logs_filter.php*"; + +$priv_list['page-hidden-nolongerincluded'] = array(); +$priv_list['page-hidden-nolongerincluded']['name'] = "WebCfg - Hidden: No longer included page"; +$priv_list['page-hidden-nolongerincluded']['descr'] = "Allow access to the 'Hidden: No longer included' page."; +$priv_list['page-hidden-nolongerincluded']['match'] = array(); +$priv_list['page-hidden-nolongerincluded']['match'][] = "diag_logs_filter_dynamic.php*"; + +$priv_list['page-status-systemlogs-ipsecvpn'] = array(); +$priv_list['page-status-systemlogs-ipsecvpn']['name'] = "WebCfg - Status: System logs: IPsec VPN page"; +$priv_list['page-status-systemlogs-ipsecvpn']['descr'] = "Allow access to the 'Status: System logs: IPsec VPN' page."; +$priv_list['page-status-systemlogs-ipsecvpn']['match'] = array(); +$priv_list['page-status-systemlogs-ipsecvpn']['match'][] = "diag_logs_ipsec.php*"; + +$priv_list['page-status-systemlogs-openntpd'] = array(); +$priv_list['page-status-systemlogs-openntpd']['name'] = "WebCfg - Status: System logs: OpenNTPD page"; +$priv_list['page-status-systemlogs-openntpd']['descr'] = "Allow access to the 'Status: System logs: OpenNTPD' page."; +$priv_list['page-status-systemlogs-openntpd']['match'] = array(); +$priv_list['page-status-systemlogs-openntpd']['match'][] = "diag_logs_ntpd.php*"; + +$priv_list['page-status-systemlogs-openvpn'] = array(); +$priv_list['page-status-systemlogs-openvpn']['name'] = "WebCfg - Status: System logs: OpenVPN page"; +$priv_list['page-status-systemlogs-openvpn']['descr'] = "Allow access to the 'Status: System logs: OpenVPN' page."; +$priv_list['page-status-systemlogs-openvpn']['match'] = array(); +$priv_list['page-status-systemlogs-openvpn']['match'][] = "diag_logs_openvpn.php*"; + +$priv_list['page-status-systemlogs-loadbalancer'] = array(); +$priv_list['page-status-systemlogs-loadbalancer']['name'] = "WebCfg - Status: System logs: Load Balancer page"; +$priv_list['page-status-systemlogs-loadbalancer']['descr'] = "Allow access to the 'Status: System logs: Load Balancer' page."; +$priv_list['page-status-systemlogs-loadbalancer']['match'] = array(); +$priv_list['page-status-systemlogs-loadbalancer']['match'][] = "diag_logs_relayd.php*"; + +$priv_list['page-diagnostics-logs-settings'] = array(); +$priv_list['page-diagnostics-logs-settings']['name'] = "WebCfg - Diagnostics: Logs: Settings page"; +$priv_list['page-diagnostics-logs-settings']['descr'] = "Allow access to the 'Diagnostics: Logs: Settings' page."; +$priv_list['page-diagnostics-logs-settings']['match'] = array(); +$priv_list['page-diagnostics-logs-settings']['match'][] = "diag_logs_settings.php*"; + +$priv_list['page-status-systemlogs-loadbalancer'] = array(); +$priv_list['page-status-systemlogs-loadbalancer']['name'] = "WebCfg - Status: System logs: Load Balancer page"; +$priv_list['page-status-systemlogs-loadbalancer']['descr'] = "Allow access to the 'Status: System logs: Load Balancer' page."; +$priv_list['page-status-systemlogs-loadbalancer']['match'] = array(); +$priv_list['page-status-systemlogs-loadbalancer']['match'][] = "diag_logs_slbd.php*"; + +$priv_list['page-diagnostics-logs-pptpvpn'] = array(); +$priv_list['page-diagnostics-logs-pptpvpn']['name'] = "WebCfg - Diagnostics: Logs: PPTP VPN page"; +$priv_list['page-diagnostics-logs-pptpvpn']['descr'] = "Allow access to the 'Diagnostics: Logs: PPTP VPN' page."; +$priv_list['page-diagnostics-logs-pptpvpn']['match'] = array(); +$priv_list['page-diagnostics-logs-pptpvpn']['match'][] = "diag_logs_vpn.php*"; + +$priv_list['page-diagnostics-packetcapture'] = array(); +$priv_list['page-diagnostics-packetcapture']['name'] = "WebCfg - Diagnostics: Packet Capture page"; +$priv_list['page-diagnostics-packetcapture']['descr'] = "Allow access to the 'Diagnostics: Packet Capture' page."; +$priv_list['page-diagnostics-packetcapture']['match'] = array(); +$priv_list['page-diagnostics-packetcapture']['match'][] = "diag_packet_capture.php*"; + +$priv_list['page-diagnostics-ping'] = array(); +$priv_list['page-diagnostics-ping']['name'] = "WebCfg - Diagnostics: Ping page"; +$priv_list['page-diagnostics-ping']['descr'] = "Allow access to the 'Diagnostics: Ping' page."; +$priv_list['page-diagnostics-ping']['match'] = array(); +$priv_list['page-diagnostics-ping']['match'][] = "diag_ping.php*"; + +$priv_list['page-status-packagelogs'] = array(); +$priv_list['page-status-packagelogs']['name'] = "WebCfg - Status: Package logs page"; +$priv_list['page-status-packagelogs']['descr'] = "Allow access to the 'Status: Package logs' page."; +$priv_list['page-status-packagelogs']['match'] = array(); +$priv_list['page-status-packagelogs']['match'][] = "diag_pkglogs.php*"; + +$priv_list['page-diagnostics-resetstate'] = array(); +$priv_list['page-diagnostics-resetstate']['name'] = "WebCfg - Diagnostics: Reset state page"; +$priv_list['page-diagnostics-resetstate']['descr'] = "Allow access to the 'Diagnostics: Reset state' page."; +$priv_list['page-diagnostics-resetstate']['match'] = array(); +$priv_list['page-diagnostics-resetstate']['match'][] = "diag_resetstate.php*"; + +$priv_list['page-diagnostics-traceroute'] = array(); +$priv_list['page-diagnostics-traceroute']['name'] = "WebCfg - Diagnostics: Traceroute page"; +$priv_list['page-diagnostics-traceroute']['descr'] = "Allow access to the 'Diagnostics: Traceroute' page."; +$priv_list['page-diagnostics-traceroute']['match'] = array(); +$priv_list['page-diagnostics-traceroute']['match'][] = "diag_traceroute.php*"; + +$priv_list['page-diagnostics-editfile'] = array(); +$priv_list['page-diagnostics-editfile']['name'] = "WebCfg - Diagnostics: Edit File page"; +$priv_list['page-diagnostics-editfile']['descr'] = "Allow access to the 'Diagnostics: Edit File' page."; +$priv_list['page-diagnostics-editfile']['match'] = array(); +$priv_list['page-diagnostics-editfile']['match'][] = "edit.php*"; + +$priv_list['page-diagnostics-command'] = array(); +$priv_list['page-diagnostics-command']['name'] = "WebCfg - Diagnostics: Command page"; +$priv_list['page-diagnostics-command']['descr'] = "Allow access to the 'Diagnostics: Command' page."; +$priv_list['page-diagnostics-command']['match'] = array(); +$priv_list['page-diagnostics-command']['match'][] = "exec.php*"; + +$priv_list['page-hidden-execraw'] = array(); +$priv_list['page-hidden-execraw']['name'] = "WebCfg - Hidden: Exec Raw page"; +$priv_list['page-hidden-execraw']['descr'] = "Allow access to the 'Hidden: Exec Raw' page."; +$priv_list['page-hidden-execraw']['match'] = array(); +$priv_list['page-hidden-execraw']['match'][] = "exec_raw.php*"; + +$priv_list['page-firewall-aliases'] = array(); +$priv_list['page-firewall-aliases']['name'] = "WebCfg - Firewall: Aliases page"; +$priv_list['page-firewall-aliases']['descr'] = "Allow access to the 'Firewall: Aliases' page."; +$priv_list['page-firewall-aliases']['match'] = array(); +$priv_list['page-firewall-aliases']['match'][] = "firewall_aliases.php*"; + +$priv_list['page-firewall-alias-edit'] = array(); +$priv_list['page-firewall-alias-edit']['name'] = "WebCfg - Firewall: Alias: Edit page"; +$priv_list['page-firewall-alias-edit']['descr'] = "Allow access to the 'Firewall: Alias: Edit' page."; +$priv_list['page-firewall-alias-edit']['match'] = array(); +$priv_list['page-firewall-alias-edit']['match'][] = "firewall_aliases_edit.php*"; + +$priv_list['page-firewall-alias-import'] = array(); +$priv_list['page-firewall-alias-import']['name'] = "WebCfg - Firewall: Alias: Import page"; +$priv_list['page-firewall-alias-import']['descr'] = "Allow access to the 'Firewall: Alias: Import' page."; +$priv_list['page-firewall-alias-import']['match'] = array(); +$priv_list['page-firewall-alias-import']['match'][] = "firewall_aliases_import.php*"; + +$priv_list['page-firewall-nat-portforward'] = array(); +$priv_list['page-firewall-nat-portforward']['name'] = "WebCfg - Firewall: NAT: Port Forward page"; +$priv_list['page-firewall-nat-portforward']['descr'] = "Allow access to the 'Firewall: NAT: Port Forward' page."; +$priv_list['page-firewall-nat-portforward']['match'] = array(); +$priv_list['page-firewall-nat-portforward']['match'][] = "firewall_nat.php*"; + +$priv_list['page-firewall-nat-1-1'] = array(); +$priv_list['page-firewall-nat-1-1']['name'] = "WebCfg - Firewall: NAT: 1:1 page"; +$priv_list['page-firewall-nat-1-1']['descr'] = "Allow access to the 'Firewall: NAT: 1:1' page."; +$priv_list['page-firewall-nat-1-1']['match'] = array(); +$priv_list['page-firewall-nat-1-1']['match'][] = "firewall_nat_1to1.php*"; + +$priv_list['page-firewall-nat-1-1-edit'] = array(); +$priv_list['page-firewall-nat-1-1-edit']['name'] = "WebCfg - Firewall: NAT: 1:1: Edit page"; +$priv_list['page-firewall-nat-1-1-edit']['descr'] = "Allow access to the 'Firewall: NAT: 1:1: Edit' page."; +$priv_list['page-firewall-nat-1-1-edit']['match'] = array(); +$priv_list['page-firewall-nat-1-1-edit']['match'][] = "firewall_nat_1to1_edit.php*"; + +$priv_list['page-firewall-nat-portforward-edit'] = array(); +$priv_list['page-firewall-nat-portforward-edit']['name'] = "WebCfg - Firewall: NAT: Port Forward: Edit page"; +$priv_list['page-firewall-nat-portforward-edit']['descr'] = "Allow access to the 'Firewall: NAT: Port Forward: Edit' page."; +$priv_list['page-firewall-nat-portforward-edit']['match'] = array(); +$priv_list['page-firewall-nat-portforward-edit']['match'][] = "firewall_nat_edit.php*"; + +$priv_list['page-firewall-nat-outbound'] = array(); +$priv_list['page-firewall-nat-outbound']['name'] = "WebCfg - Firewall: NAT: Outbound page"; +$priv_list['page-firewall-nat-outbound']['descr'] = "Allow access to the 'Firewall: NAT: Outbound' page."; +$priv_list['page-firewall-nat-outbound']['match'] = array(); +$priv_list['page-firewall-nat-outbound']['match'][] = "firewall_nat_out.php*"; + +$priv_list['page-firewall-nat-outbound-edit'] = array(); +$priv_list['page-firewall-nat-outbound-edit']['name'] = "WebCfg - Firewall: NAT: Outbound: Edit page"; +$priv_list['page-firewall-nat-outbound-edit']['descr'] = "Allow access to the 'Firewall: NAT: Outbound: Edit' page."; +$priv_list['page-firewall-nat-outbound-edit']['match'] = array(); +$priv_list['page-firewall-nat-outbound-edit']['match'][] = "firewall_nat_out_edit.php*"; + +$priv_list['page-firewall-nat-nataddresses'] = array(); +$priv_list['page-firewall-nat-nataddresses']['name'] = "WebCfg - Firewall: NAT: NAT Addresses page"; +$priv_list['page-firewall-nat-nataddresses']['descr'] = "Allow access to the 'Firewall: NAT: NAT Addresses' page."; +$priv_list['page-firewall-nat-nataddresses']['match'] = array(); +$priv_list['page-firewall-nat-nataddresses']['match'][] = "firewall_nat_server.php*"; + +$priv_list['page-firewall-rules'] = array(); +$priv_list['page-firewall-rules']['name'] = "WebCfg - Firewall: Rules page"; +$priv_list['page-firewall-rules']['descr'] = "Allow access to the 'Firewall: Rules' page."; +$priv_list['page-firewall-rules']['match'] = array(); +$priv_list['page-firewall-rules']['match'][] = "firewall_rules.php*"; + +$priv_list['page-firewall-nat-nataddresses-edit'] = array(); +$priv_list['page-firewall-nat-nataddresses-edit']['name'] = "WebCfg - Firewall: NAT: NAT Addresses: Edit page"; +$priv_list['page-firewall-nat-nataddresses-edit']['descr'] = "Allow access to the 'Firewall: NAT: NAT Addresses: Edit' page."; +$priv_list['page-firewall-nat-nataddresses-edit']['match'] = array(); +$priv_list['page-firewall-nat-nataddresses-edit']['match'][] = "firewall_nat_server_edit.php*"; + +$priv_list['page-firewall-rules-edit'] = array(); +$priv_list['page-firewall-rules-edit']['name'] = "WebCfg - Firewall: Rules: Edit page"; +$priv_list['page-firewall-rules-edit']['descr'] = "Allow access to the 'Firewall: Rules: Edit' page."; +$priv_list['page-firewall-rules-edit']['match'] = array(); +$priv_list['page-firewall-rules-edit']['match'][] = "firewall_rules_edit.php*"; + +$priv_list['page-firewall-schedules'] = array(); +$priv_list['page-firewall-schedules']['name'] = "WebCfg - Firewall: Schedules page"; +$priv_list['page-firewall-schedules']['descr'] = "Allow access to the 'Firewall: Schedules' page."; +$priv_list['page-firewall-schedules']['match'] = array(); +$priv_list['page-firewall-schedules']['match'][] = "firewall_schedule.php*"; + +$priv_list['page-firewall-schedules-edit'] = array(); +$priv_list['page-firewall-schedules-edit']['name'] = "WebCfg - Firewall: Schedules: Edit page"; +$priv_list['page-firewall-schedules-edit']['descr'] = "Allow access to the 'Firewall: Schedules: Edit' page."; +$priv_list['page-firewall-schedules-edit']['match'] = array(); +$priv_list['page-firewall-schedules-edit']['match'][] = "firewall_schedule_edit.php*"; + +$priv_list['page-firewall-trafficshaper'] = array(); +$priv_list['page-firewall-trafficshaper']['name'] = "WebCfg - Firewall: Traffic Shaper page"; +$priv_list['page-firewall-trafficshaper']['descr'] = "Allow access to the 'Firewall: Traffic Shaper' page."; +$priv_list['page-firewall-trafficshaper']['match'] = array(); +$priv_list['page-firewall-trafficshaper']['match'][] = "firewall_shaper.php*"; + +$priv_list['page-firewall-trafficshaper-queues'] = array(); +$priv_list['page-firewall-trafficshaper-queues']['name'] = "WebCfg - Firewall: Traffic Shaper: Queues page"; +$priv_list['page-firewall-trafficshaper-queues']['descr'] = "Allow access to the 'Firewall: Traffic Shaper: Queues' page."; +$priv_list['page-firewall-trafficshaper-queues']['match'] = array(); +$priv_list['page-firewall-trafficshaper-queues']['match'][] = "firewall_shaper_queues.php*"; + +$priv_list['page-firewall-trafficshaper-limiter'] = array(); +$priv_list['page-firewall-trafficshaper-limiter']['name'] = "WebCfg - Firewall: Traffic Shaper: Limiter page"; +$priv_list['page-firewall-trafficshaper-limiter']['descr'] = "Allow access to the 'Firewall: Traffic Shaper: Limiter' page."; +$priv_list['page-firewall-trafficshaper-limiter']['match'] = array(); +$priv_list['page-firewall-trafficshaper-limiter']['match'][] = "firewall_shaper_vinterface.php*"; + +$priv_list['page-firewall-trafficshaper-wizard'] = array(); +$priv_list['page-firewall-trafficshaper-wizard']['name'] = "WebCfg - Firewall: Traffic Shaper: Wizard page"; +$priv_list['page-firewall-trafficshaper-wizard']['descr'] = "Allow access to the 'Firewall: Traffic Shaper: Wizard' page."; +$priv_list['page-firewall-trafficshaper-wizard']['match'] = array(); +$priv_list['page-firewall-trafficshaper-wizard']['match'][] = "firewall_shaper_wizards.php*"; + +$priv_list['page-firewall-system-tunables'] = array(); +$priv_list['page-firewall-system-tunables']['name'] = "WebCfg - Firewall: System: Tunables page"; +$priv_list['page-firewall-system-tunables']['descr'] = "Allow access to the 'Firewall: System: Tunables' page."; +$priv_list['page-firewall-system-tunables']['match'] = array(); +$priv_list['page-firewall-system-tunables']['match'][] = "firewall_system_tunables.php*"; + +$priv_list['page-firewall-system-tunables-edit'] = array(); +$priv_list['page-firewall-system-tunables-edit']['name'] = "WebCfg - Firewall: System: Tunables: Edit page"; +$priv_list['page-firewall-system-tunables-edit']['descr'] = "Allow access to the 'Firewall: System: Tunables: Edit' page."; +$priv_list['page-firewall-system-tunables-edit']['match'] = array(); +$priv_list['page-firewall-system-tunables-edit']['match'][] = "firewall_system_tunables_edit.php*"; + +$priv_list['page-firewall-virtualipaddresses'] = array(); +$priv_list['page-firewall-virtualipaddresses']['name'] = "WebCfg - Firewall: Virtual IP Addresses page"; +$priv_list['page-firewall-virtualipaddresses']['descr'] = "Allow access to the 'Firewall: Virtual IP Addresses' page."; +$priv_list['page-firewall-virtualipaddresses']['match'] = array(); +$priv_list['page-firewall-virtualipaddresses']['match'][] = "firewall_virtual_ip.php*"; + +$priv_list['page-diagnostics-interfacetraffic'] = array(); +$priv_list['page-diagnostics-interfacetraffic']['name'] = "WebCfg - Diagnostics: Interface Traffic page"; +$priv_list['page-diagnostics-interfacetraffic']['descr'] = "Allow access to the 'Diagnostics: Interface Traffic' page."; +$priv_list['page-diagnostics-interfacetraffic']['match'] = array(); +$priv_list['page-diagnostics-interfacetraffic']['match'][] = "graph.php*"; + +$priv_list['page-firewall-virtualipaddress-edit'] = array(); +$priv_list['page-firewall-virtualipaddress-edit']['name'] = "WebCfg - Firewall: Virtual IP Address: Edit page"; +$priv_list['page-firewall-virtualipaddress-edit']['descr'] = "Allow access to the 'Firewall: Virtual IP Address: Edit' page."; +$priv_list['page-firewall-virtualipaddress-edit']['match'] = array(); +$priv_list['page-firewall-virtualipaddress-edit']['match'][] = "firewall_virtual_ip_edit.php*"; + +$priv_list['page-diagnostics-cpuutilization'] = array(); +$priv_list['page-diagnostics-cpuutilization']['name'] = "WebCfg - Diagnostics: CPU Utilization page"; +$priv_list['page-diagnostics-cpuutilization']['descr'] = "Allow access to the 'Diagnostics: CPU Utilization' page."; +$priv_list['page-diagnostics-cpuutilization']['match'] = array(); +$priv_list['page-diagnostics-cpuutilization']['match'][] = "graph_cpu.php*"; + +$priv_list['page-diagnostics-haltsystem'] = array(); +$priv_list['page-diagnostics-haltsystem']['name'] = "WebCfg - Diagnostics: Halt system page"; +$priv_list['page-diagnostics-haltsystem']['descr'] = "Allow access to the 'Diagnostics: Halt system' page."; +$priv_list['page-diagnostics-haltsystem']['match'] = array(); +$priv_list['page-diagnostics-haltsystem']['match'][] = "halt.php*"; + +$priv_list['page-requiredforjavascript'] = array(); +$priv_list['page-requiredforjavascript']['name'] = "WebCfg - Required for javascript page"; +$priv_list['page-requiredforjavascript']['descr'] = "Allow access to the 'Required for javascript' page."; +$priv_list['page-requiredforjavascript']['match'] = array(); +$priv_list['page-requiredforjavascript']['match'][] = "headjs.php*"; + +$priv_list['page-xmlrpcinterfacestats'] = array(); +$priv_list['page-xmlrpcinterfacestats']['name'] = "WebCfg - XMLRPC Interface Stats page"; +$priv_list['page-xmlrpcinterfacestats']['descr'] = "Allow access to the 'XMLRPC Interface Stats' page."; +$priv_list['page-xmlrpcinterfacestats']['match'] = array(); +$priv_list['page-xmlrpcinterfacestats']['match'][] = "ifstats.php*"; + +$priv_list['page-system-login/logout'] = array(); +$priv_list['page-system-login/logout']['name'] = "WebCfg - System: Login / Logout page"; +$priv_list['page-system-login/logout']['descr'] = "Allow access to the 'System: Login / Logout' page."; +$priv_list['page-system-login/logout']['match'] = array(); +$priv_list['page-system-login/logout']['match'][] = "index.php*"; + +$priv_list['page-interfaces-assignnetworkports'] = array(); +$priv_list['page-interfaces-assignnetworkports']['name'] = "WebCfg - Interfaces: Assign network ports page"; +$priv_list['page-interfaces-assignnetworkports']['descr'] = "Allow access to the 'Interfaces: Assign network ports' page."; +$priv_list['page-interfaces-assignnetworkports']['match'] = array(); +$priv_list['page-interfaces-assignnetworkports']['match'][] = "interfaces_assign.php*"; + +$priv_list['page-interfaces-gif'] = array(); +$priv_list['page-interfaces-gif']['name'] = "WebCfg - Interfaces: GIF page"; +$priv_list['page-interfaces-gif']['descr'] = "Allow access to the 'Interfaces: GIF' page."; +$priv_list['page-interfaces-gif']['match'] = array(); +$priv_list['page-interfaces-gif']['match'][] = "interfaces_gif.php*"; + +$priv_list['page-interfaces-gif-edit'] = array(); +$priv_list['page-interfaces-gif-edit']['name'] = "WebCfg - Interfaces: GIF: Edit page"; +$priv_list['page-interfaces-gif-edit']['descr'] = "Allow access to the 'Interfaces: GIF: Edit' page."; +$priv_list['page-interfaces-gif-edit']['match'] = array(); +$priv_list['page-interfaces-gif-edit']['match'][] = "interfaces_gif_edit.php*"; + +$priv_list['page-interfaces-gre'] = array(); +$priv_list['page-interfaces-gre']['name'] = "WebCfg - Interfaces: GRE page"; +$priv_list['page-interfaces-gre']['descr'] = "Allow access to the 'Interfaces: GRE' page."; +$priv_list['page-interfaces-gre']['match'] = array(); +$priv_list['page-interfaces-gre']['match'][] = "interfaces_gre.php*"; + +$priv_list['page-interfaces-gre-edit'] = array(); +$priv_list['page-interfaces-gre-edit']['name'] = "WebCfg - Interfaces: GRE: Edit page"; +$priv_list['page-interfaces-gre-edit']['descr'] = "Allow access to the 'Interfaces: GRE: Edit' page."; +$priv_list['page-interfaces-gre-edit']['match'] = array(); +$priv_list['page-interfaces-gre-edit']['match'][] = "interfaces_gre_edit.php*"; + +$priv_list['page-interfaces-lan'] = array(); +$priv_list['page-interfaces-lan']['name'] = "WebCfg - Interfaces: LAN page"; +$priv_list['page-interfaces-lan']['descr'] = "Allow access to the 'Interfaces: LAN' page."; +$priv_list['page-interfaces-lan']['match'] = array(); +$priv_list['page-interfaces-lan']['match'][] = "interfaces_lan.php*"; + +$priv_list['page-interfaces-ppp'] = array(); +$priv_list['page-interfaces-ppp']['name'] = "WebCfg - Interfaces: PPP page"; +$priv_list['page-interfaces-ppp']['descr'] = "Allow access to the 'Interfaces: PPP' page."; +$priv_list['page-interfaces-ppp']['match'] = array(); +$priv_list['page-interfaces-ppp']['match'][] = "interfaces_ppp.php*"; + +$priv_list['page-interfaces-ppp-edit'] = array(); +$priv_list['page-interfaces-ppp-edit']['name'] = "WebCfg - Interfaces: PPP: Edit page"; +$priv_list['page-interfaces-ppp-edit']['descr'] = "Allow access to the 'Interfaces: PPP: Edit' page."; +$priv_list['page-interfaces-ppp-edit']['match'] = array(); +$priv_list['page-interfaces-ppp-edit']['match'][] = "interfaces_ppp_edit.php*"; + +$priv_list['page-interfaces-vlan'] = array(); +$priv_list['page-interfaces-vlan']['name'] = "WebCfg - Interfaces: VLAN page"; +$priv_list['page-interfaces-vlan']['descr'] = "Allow access to the 'Interfaces: VLAN' page."; +$priv_list['page-interfaces-vlan']['match'] = array(); +$priv_list['page-interfaces-vlan']['match'][] = "interfaces_vlan.php*"; + +$priv_list['page-interfaces-vlan-edit'] = array(); +$priv_list['page-interfaces-vlan-edit']['name'] = "WebCfg - Interfaces: VLAN: Edit page"; +$priv_list['page-interfaces-vlan-edit']['descr'] = "Allow access to the 'Interfaces: VLAN: Edit' page."; +$priv_list['page-interfaces-vlan-edit']['match'] = array(); +$priv_list['page-interfaces-vlan-edit']['match'][] = "interfaces_vlan_edit.php*"; + +$priv_list['page-interfaces-wan'] = array(); +$priv_list['page-interfaces-wan']['name'] = "WebCfg - Interfaces: WAN page"; +$priv_list['page-interfaces-wan']['descr'] = "Allow access to the 'Interfaces: WAN' page."; +$priv_list['page-interfaces-wan']['match'] = array(); +$priv_list['page-interfaces-wan']['match'][] = "interfaces_wan.php*"; + +$priv_list['page-interfaces-scanwireless'] = array(); +$priv_list['page-interfaces-scanwireless']['name'] = "WebCfg - Interfaces: Scan Wireless page"; +$priv_list['page-interfaces-scanwireless']['descr'] = "Allow access to the 'Interfaces: Scan Wireless' page."; +$priv_list['page-interfaces-scanwireless']['match'] = array(); +$priv_list['page-interfaces-scanwireless']['match'][] = "interfaces_wlan_scan.php*"; + +$priv_list['page-system-license'] = array(); +$priv_list['page-system-license']['name'] = "WebCfg - System: License page"; +$priv_list['page-system-license']['descr'] = "Allow access to the 'System: License' page."; +$priv_list['page-system-license']['match'] = array(); +$priv_list['page-system-license']['match'][] = "license.php*"; + +$priv_list['page-loadbalancer-pool'] = array(); +$priv_list['page-loadbalancer-pool']['name'] = "WebCfg - Load Balancer: Pool page"; +$priv_list['page-loadbalancer-pool']['descr'] = "Allow access to the 'Load Balancer: Pool' page."; +$priv_list['page-loadbalancer-pool']['match'] = array(); +$priv_list['page-loadbalancer-pool']['match'][] = "load_balancer_pool.php*"; + +$priv_list['page-system-packagemanager'] = array(); +$priv_list['page-system-packagemanager']['name'] = "WebCfg - System: Package Manager page"; +$priv_list['page-system-packagemanager']['descr'] = "Allow access to the 'System: Package Manager' page."; +$priv_list['page-system-packagemanager']['match'] = array(); +$priv_list['page-system-packagemanager']['match'][] = "pkg_mgr.php*"; + +$priv_list['page-loadbalancer-pool-edit'] = array(); +$priv_list['page-loadbalancer-pool-edit']['name'] = "WebCfg - Load Balancer: Pool: Edit page"; +$priv_list['page-loadbalancer-pool-edit']['descr'] = "Allow access to the 'Load Balancer: Pool: Edit' page."; +$priv_list['page-loadbalancer-pool-edit']['match'] = array(); +$priv_list['page-loadbalancer-pool-edit']['match'][] = "load_balancer_pool_edit.php*"; + +$priv_list['page-services-loadbalancer-virtualservers'] = array(); +$priv_list['page-services-loadbalancer-virtualservers']['name'] = "WebCfg - Services: Load Balancer: Virtual Servers page"; +$priv_list['page-services-loadbalancer-virtualservers']['descr'] = "Allow access to the 'Services: Load Balancer: Virtual Servers' page."; +$priv_list['page-services-loadbalancer-virtualservers']['match'] = array(); +$priv_list['page-services-loadbalancer-virtualservers']['match'][] = "load_balancer_virtual_server.php*"; + +$priv_list['page-loadbalancer-virtualserver-edit'] = array(); +$priv_list['page-loadbalancer-virtualserver-edit']['name'] = "WebCfg - Load Balancer: Virtual Server: Edit page"; +$priv_list['page-loadbalancer-virtualserver-edit']['descr'] = "Allow access to the 'Load Balancer: Virtual Server: Edit' page."; +$priv_list['page-loadbalancer-virtualserver-edit']['match'] = array(); +$priv_list['page-loadbalancer-virtualserver-edit']['match'][] = "load_balancer_virtual_server_edit.php*"; + +$priv_list['page-package-edit'] = array(); +$priv_list['page-package-edit']['name'] = "WebCfg - Package: Edit page"; +$priv_list['page-package-edit']['descr'] = "Allow access to the 'Package: Edit' page."; +$priv_list['page-package-edit']['match'] = array(); +$priv_list['page-package-edit']['match'][] = "pkg_edit.php*"; + +$priv_list['page-system-packagemanager-installpackage'] = array(); +$priv_list['page-system-packagemanager-installpackage']['name'] = "WebCfg - System: Package Manager: Install Package page"; +$priv_list['page-system-packagemanager-installpackage']['descr'] = "Allow access to the 'System: Package Manager: Install Package' page."; +$priv_list['page-system-packagemanager-installpackage']['match'] = array(); +$priv_list['page-system-packagemanager-installpackage']['match'][] = "pkg_mgr_install.php*"; + +$priv_list['page-system-packagemanager-installed'] = array(); +$priv_list['page-system-packagemanager-installed']['name'] = "WebCfg - System: Package Manager: Installed page"; +$priv_list['page-system-packagemanager-installed']['descr'] = "Allow access to the 'System: Package Manager: Installed' page."; +$priv_list['page-system-packagemanager-installed']['match'] = array(); +$priv_list['page-system-packagemanager-installed']['match'][] = "pkg_mgr_installed.php*"; + +$priv_list['page-diagnostics-rebootsystem'] = array(); +$priv_list['page-diagnostics-rebootsystem']['name'] = "WebCfg - Diagnostics: Reboot System page"; +$priv_list['page-diagnostics-rebootsystem']['descr'] = "Allow access to the 'Diagnostics: Reboot System' page."; +$priv_list['page-diagnostics-rebootsystem']['match'] = array(); +$priv_list['page-diagnostics-rebootsystem']['match'][] = "reboot.php*"; + +$priv_list['page-services-captiveportal'] = array(); +$priv_list['page-services-captiveportal']['name'] = "WebCfg - Services: Captive portal page"; +$priv_list['page-services-captiveportal']['descr'] = "Allow access to the 'Services: Captive portal' page."; +$priv_list['page-services-captiveportal']['match'] = array(); +$priv_list['page-services-captiveportal']['match'][] = "services_captiveportal.php*"; + +$priv_list['page-services-captiveportal-filemanager'] = array(); +$priv_list['page-services-captiveportal-filemanager']['name'] = "WebCfg - Services: Captive portal: File Manager page"; +$priv_list['page-services-captiveportal-filemanager']['descr'] = "Allow access to the 'Services: Captive portal: File Manager' page."; +$priv_list['page-services-captiveportal-filemanager']['match'] = array(); +$priv_list['page-services-captiveportal-filemanager']['match'][] = "services_captiveportal_filemanager.php*"; + +$priv_list['page-services-captiveportal-allowedips'] = array(); +$priv_list['page-services-captiveportal-allowedips']['name'] = "WebCfg - Services: Captive portal: Allowed IPs page"; +$priv_list['page-services-captiveportal-allowedips']['descr'] = "Allow access to the 'Services: Captive portal: Allowed IPs' page."; +$priv_list['page-services-captiveportal-allowedips']['match'] = array(); +$priv_list['page-services-captiveportal-allowedips']['match'][] = "services_captiveportal_ip.php*"; + +$priv_list['page-services-captiveportal-editallowedips'] = array(); +$priv_list['page-services-captiveportal-editallowedips']['name'] = "WebCfg - Services: Captive portal: Edit Allowed IPs page"; +$priv_list['page-services-captiveportal-editallowedips']['descr'] = "Allow access to the 'Services: Captive portal: Edit Allowed IPs' page."; +$priv_list['page-services-captiveportal-editallowedips']['match'] = array(); +$priv_list['page-services-captiveportal-editallowedips']['match'][] = "services_captiveportal_ip_edit.php*"; + +$priv_list['page-services-captiveportal-macaddresses'] = array(); +$priv_list['page-services-captiveportal-macaddresses']['name'] = "WebCfg - Services: Captive portal: Mac Addresses page"; +$priv_list['page-services-captiveportal-macaddresses']['descr'] = "Allow access to the 'Services: Captive portal: Mac Addresses' page."; +$priv_list['page-services-captiveportal-macaddresses']['match'] = array(); +$priv_list['page-services-captiveportal-macaddresses']['match'][] = "services_captiveportal_mac.php*"; + +$priv_list['page-services-captiveportal-editmacaddresses'] = array(); +$priv_list['page-services-captiveportal-editmacaddresses']['name'] = "WebCfg - Services: Captive portal: Edit MAC Addresses page"; +$priv_list['page-services-captiveportal-editmacaddresses']['descr'] = "Allow access to the 'Services: Captive portal: Edit MAC Addresses' page."; +$priv_list['page-services-captiveportal-editmacaddresses']['match'] = array(); +$priv_list['page-services-captiveportal-editmacaddresses']['match'][] = "services_captiveportal_mac_edit.php*"; + +$priv_list['page-services-captiveportal-users'] = array(); +$priv_list['page-services-captiveportal-users']['name'] = "WebCfg - Services: Captive portal: Users page"; +$priv_list['page-services-captiveportal-users']['descr'] = "Allow access to the 'Services: Captive portal: Users' page."; +$priv_list['page-services-captiveportal-users']['match'] = array(); +$priv_list['page-services-captiveportal-users']['match'][] = "services_captiveportal_users.php*"; + +$priv_list['page-services-captiveportal-edituser'] = array(); +$priv_list['page-services-captiveportal-edituser']['name'] = "WebCfg - Services: Captive portal: Edit User page"; +$priv_list['page-services-captiveportal-edituser']['descr'] = "Allow access to the 'Services: Captive portal: Edit User' page."; +$priv_list['page-services-captiveportal-edituser']['match'] = array(); +$priv_list['page-services-captiveportal-edituser']['match'][] = "services_captiveportal_users_edit.php*"; + +$priv_list['page-services-dhcpserver'] = array(); +$priv_list['page-services-dhcpserver']['name'] = "WebCfg - Services: DHCP server page"; +$priv_list['page-services-dhcpserver']['descr'] = "Allow access to the 'Services: DHCP server' page."; +$priv_list['page-services-dhcpserver']['match'] = array(); +$priv_list['page-services-dhcpserver']['match'][] = "services_dhcp.php*"; + +$priv_list['page-services-dhcpserver-editstaticmapping'] = array(); +$priv_list['page-services-dhcpserver-editstaticmapping']['name'] = "WebCfg - Services: DHCP Server : Edit static mapping page"; +$priv_list['page-services-dhcpserver-editstaticmapping']['descr'] = "Allow access to the 'Services: DHCP Server : Edit static mapping' page."; +$priv_list['page-services-dhcpserver-editstaticmapping']['match'] = array(); +$priv_list['page-services-dhcpserver-editstaticmapping']['match'][] = "services_dhcp_edit.php*"; + +$priv_list['page-services-dhcprelay'] = array(); +$priv_list['page-services-dhcprelay']['name'] = "WebCfg - Services: DHCP Relay page"; +$priv_list['page-services-dhcprelay']['descr'] = "Allow access to the 'Services: DHCP Relay' page."; +$priv_list['page-services-dhcprelay']['match'] = array(); +$priv_list['page-services-dhcprelay']['match'][] = "services_dhcp_relay.php*"; + +$priv_list['page-services-dnsforwarder'] = array(); +$priv_list['page-services-dnsforwarder']['name'] = "WebCfg - Services: DNS Forwarder page"; +$priv_list['page-services-dnsforwarder']['descr'] = "Allow access to the 'Services: DNS Forwarder' page."; +$priv_list['page-services-dnsforwarder']['match'] = array(); +$priv_list['page-services-dnsforwarder']['match'][] = "services_dnsmasq.php*"; + +$priv_list['page-services-dnsforwarder-editdomainoverride'] = array(); +$priv_list['page-services-dnsforwarder-editdomainoverride']['name'] = "WebCfg - Services: DNS Forwarder: Edit Domain Override page"; +$priv_list['page-services-dnsforwarder-editdomainoverride']['descr'] = "Allow access to the 'Services: DNS Forwarder: Edit Domain Override' page."; +$priv_list['page-services-dnsforwarder-editdomainoverride']['match'] = array(); +$priv_list['page-services-dnsforwarder-editdomainoverride']['match'][] = "services_dnsmasq_domainoverride_edit.php*"; + +$priv_list['page-services-dnsforwarder-edithost'] = array(); +$priv_list['page-services-dnsforwarder-edithost']['name'] = "WebCfg - Services: DNS Forwarder: Edit host page"; +$priv_list['page-services-dnsforwarder-edithost']['descr'] = "Allow access to the 'Services: DNS Forwarder: Edit host' page."; +$priv_list['page-services-dnsforwarder-edithost']['match'] = array(); +$priv_list['page-services-dnsforwarder-edithost']['match'][] = "services_dnsmasq_edit.php*"; + +$priv_list['page-services-dynamicdnsclients'] = array(); +$priv_list['page-services-dynamicdnsclients']['name'] = "WebCfg - Services: Dynamic DNS clients page"; +$priv_list['page-services-dynamicdnsclients']['descr'] = "Allow access to the 'Services: Dynamic DNS clients' page."; +$priv_list['page-services-dynamicdnsclients']['match'] = array(); +$priv_list['page-services-dynamicdnsclients']['match'][] = "services_dyndns.php*"; + +$priv_list['page-services-dynamicdnsclient'] = array(); +$priv_list['page-services-dynamicdnsclient']['name'] = "WebCfg - Services: Dynamic DNS client page"; +$priv_list['page-services-dynamicdnsclient']['descr'] = "Allow access to the 'Services: Dynamic DNS client' page."; +$priv_list['page-services-dynamicdnsclient']['match'] = array(); +$priv_list['page-services-dynamicdnsclient']['match'][] = "services_dyndns_edit.php*"; + +$priv_list['page-services-proxyarp'] = array(); +$priv_list['page-services-proxyarp']['name'] = "WebCfg - Services: Proxy ARP page"; +$priv_list['page-services-proxyarp']['descr'] = "Allow access to the 'Services: Proxy ARP' page."; +$priv_list['page-services-proxyarp']['match'] = array(); +$priv_list['page-services-proxyarp']['match'][] = "services_proxyarp.php*"; + +$priv_list['page-services-proxyarp-edit'] = array(); +$priv_list['page-services-proxyarp-edit']['name'] = "WebCfg - Services: Proxy ARP: Edit page"; +$priv_list['page-services-proxyarp-edit']['descr'] = "Allow access to the 'Services: Proxy ARP: Edit' page."; +$priv_list['page-services-proxyarp-edit']['match'] = array(); +$priv_list['page-services-proxyarp-edit']['match'][] = "services_proxyarp_edit.php*"; + +$priv_list['page-services-rfc2136clients'] = array(); +$priv_list['page-services-rfc2136clients']['name'] = "WebCfg - Services: RFC 2136 clients page"; +$priv_list['page-services-rfc2136clients']['descr'] = "Allow access to the 'Services: RFC 2136 clients' page."; +$priv_list['page-services-rfc2136clients']['match'] = array(); +$priv_list['page-services-rfc2136clients']['match'][] = "services_rfc2136.php*"; + +$priv_list['page-services-snmp'] = array(); +$priv_list['page-services-snmp']['name'] = "WebCfg - Services: SNMP page"; +$priv_list['page-services-snmp']['descr'] = "Allow access to the 'Services: SNMP' page."; +$priv_list['page-services-snmp']['match'] = array(); +$priv_list['page-services-snmp']['match'][] = "services_snmp.php*"; + +$priv_list['page-services-usermanager'] = array(); +$priv_list['page-services-usermanager']['name'] = "WebCfg - Services: User Manager page"; +$priv_list['page-services-usermanager']['descr'] = "Allow access to the 'Services: User Manager' page."; +$priv_list['page-services-usermanager']['match'] = array(); +$priv_list['page-services-usermanager']['match'][] = "services_usermanager.php*"; + +$priv_list['page-services-wakeonlan'] = array(); +$priv_list['page-services-wakeonlan']['name'] = "WebCfg - Services: Wake on LAN page"; +$priv_list['page-services-wakeonlan']['descr'] = "Allow access to the 'Services: Wake on LAN' page."; +$priv_list['page-services-wakeonlan']['match'] = array(); +$priv_list['page-services-wakeonlan']['match'][] = "services_wol.php*"; + +$priv_list['page-services-wakeonlan-edit'] = array(); +$priv_list['page-services-wakeonlan-edit']['name'] = "WebCfg - Services: Wake on LAN: Edit page"; +$priv_list['page-services-wakeonlan-edit']['descr'] = "Allow access to the 'Services: Wake on LAN: Edit' page."; +$priv_list['page-services-wakeonlan-edit']['match'] = array(); +$priv_list['page-services-wakeonlan-edit']['match'][] = "services_wol_edit.php*"; + +$priv_list['page-hidden-detailedstatus'] = array(); +$priv_list['page-hidden-detailedstatus']['name'] = "WebCfg - Hidden: Detailed Status page"; +$priv_list['page-hidden-detailedstatus']['descr'] = "Allow access to the 'Hidden: Detailed Status' page."; +$priv_list['page-hidden-detailedstatus']['match'] = array(); +$priv_list['page-hidden-detailedstatus']['match'][] = "status.php*"; + +$priv_list['page-status-captiveportal'] = array(); +$priv_list['page-status-captiveportal']['name'] = "WebCfg - Status: Captive portal page"; +$priv_list['page-status-captiveportal']['descr'] = "Allow access to the 'Status: Captive portal' page."; +$priv_list['page-status-captiveportal']['match'] = array(); +$priv_list['page-status-captiveportal']['match'][] = "status_captiveportal.php*"; + +$priv_list['page-status-filterreloadstatus'] = array(); +$priv_list['page-status-filterreloadstatus']['name'] = "WebCfg - Status: Filter Reload Status page"; +$priv_list['page-status-filterreloadstatus']['descr'] = "Allow access to the 'Status: Filter Reload Status' page."; +$priv_list['page-status-filterreloadstatus']['match'] = array(); +$priv_list['page-status-filterreloadstatus']['match'][] = "status_filter_reload.php*"; + +$priv_list['page-status-gatewaygroups'] = array(); +$priv_list['page-status-gatewaygroups']['name'] = "WebCfg - Status: Gateway Groups page"; +$priv_list['page-status-gatewaygroups']['descr'] = "Allow access to the 'Status: Gateway Groups' page."; +$priv_list['page-status-gatewaygroups']['match'] = array(); +$priv_list['page-status-gatewaygroups']['match'][] = "status_gateway_groups.php*"; + +$priv_list['page-status-gateways'] = array(); +$priv_list['page-status-gateways']['name'] = "WebCfg - Status: Gateways page"; +$priv_list['page-status-gateways']['descr'] = "Allow access to the 'Status: Gateways' page."; +$priv_list['page-status-gateways']['match'] = array(); +$priv_list['page-status-gateways']['match'][] = "status_gateways.php*"; + +$priv_list['page-status-trafficgraph'] = array(); +$priv_list['page-status-trafficgraph']['name'] = "WebCfg - Status: Traffic Graph page"; +$priv_list['page-status-trafficgraph']['descr'] = "Allow access to the 'Status: Traffic Graph' page."; +$priv_list['page-status-trafficgraph']['match'] = array(); +$priv_list['page-status-trafficgraph']['match'][] = "status_graph.php*"; + +$priv_list['page-status-cpuload'] = array(); +$priv_list['page-status-cpuload']['name'] = "WebCfg - Status: CPU load page"; +$priv_list['page-status-cpuload']['descr'] = "Allow access to the 'Status: CPU load' page."; +$priv_list['page-status-cpuload']['match'] = array(); +$priv_list['page-status-cpuload']['match'][] = "status_graph_cpu.php*"; + +$priv_list['page-status-interfaces'] = array(); +$priv_list['page-status-interfaces']['name'] = "WebCfg - Status: Interfaces page"; +$priv_list['page-status-interfaces']['descr'] = "Allow access to the 'Status: Interfaces' page."; +$priv_list['page-status-interfaces']['match'] = array(); +$priv_list['page-status-interfaces']['match'][] = "status_interfaces.php*"; + +$priv_list['page-status-openvpn'] = array(); +$priv_list['page-status-openvpn']['name'] = "WebCfg - Status: OpenVPN page"; +$priv_list['page-status-openvpn']['descr'] = "Allow access to the 'Status: OpenVPN' page."; +$priv_list['page-status-openvpn']['match'] = array(); +$priv_list['page-status-openvpn']['match'][] = "status_ovpn.php*"; + +$priv_list['page-status-trafficshaper-queues'] = array(); +$priv_list['page-status-trafficshaper-queues']['name'] = "WebCfg - Status: Traffic shaper: Queues page"; +$priv_list['page-status-trafficshaper-queues']['descr'] = "Allow access to the 'Status: Traffic shaper: Queues' page."; +$priv_list['page-status-trafficshaper-queues']['match'] = array(); +$priv_list['page-status-trafficshaper-queues']['match'][] = "status_queues.php*"; + +$priv_list['page-status-rrdgraphs'] = array(); +$priv_list['page-status-rrdgraphs']['name'] = "WebCfg - Status: RRD Graphs page"; +$priv_list['page-status-rrdgraphs']['descr'] = "Allow access to the 'Status: RRD Graphs' page."; +$priv_list['page-status-rrdgraphs']['match'] = array(); +$priv_list['page-status-rrdgraphs']['match'][] = "status_rrd_graph.php*"; + +$priv_list['page-status-rrdgraphs'] = array(); +$priv_list['page-status-rrdgraphs']['name'] = "WebCfg - Status: RRD Graphs page"; +$priv_list['page-status-rrdgraphs']['descr'] = "Allow access to the 'Status: RRD Graphs' page."; +$priv_list['page-status-rrdgraphs']['match'] = array(); +$priv_list['page-status-rrdgraphs']['match'][] = "status_rrd_graph_settings.php*"; + +$priv_list['page-status-services'] = array(); +$priv_list['page-status-services']['name'] = "WebCfg - Status: Services page"; +$priv_list['page-status-services']['descr'] = "Allow access to the 'Status: Services' page."; +$priv_list['page-status-services']['match'] = array(); +$priv_list['page-status-services']['match'][] = "status_services.php*"; + +$priv_list['page-status-loadbalancer-pool'] = array(); +$priv_list['page-status-loadbalancer-pool']['name'] = "WebCfg - Status: Load Balancer: Pool page"; +$priv_list['page-status-loadbalancer-pool']['descr'] = "Allow access to the 'Status: Load Balancer: Pool' page."; +$priv_list['page-status-loadbalancer-pool']['match'] = array(); +$priv_list['page-status-loadbalancer-pool']['match'][] = "status_slbd_pool.php*"; + +$priv_list['page-status-loadbalancer-virtualserver'] = array(); +$priv_list['page-status-loadbalancer-virtualserver']['name'] = "WebCfg - Status: Load Balancer: Virtual Server page"; +$priv_list['page-status-loadbalancer-virtualserver']['descr'] = "Allow access to the 'Status: Load Balancer: Virtual Server' page."; +$priv_list['page-status-loadbalancer-virtualserver']['match'] = array(); +$priv_list['page-status-loadbalancer-virtualserver']['match'][] = "status_slbd_vs.php*"; + +$priv_list['page-status-upnpstatus'] = array(); +$priv_list['page-status-upnpstatus']['name'] = "WebCfg - Status: UPnP Status page"; +$priv_list['page-status-upnpstatus']['descr'] = "Allow access to the 'Status: UPnP Status' page."; +$priv_list['page-status-upnpstatus']['match'] = array(); +$priv_list['page-status-upnpstatus']['match'][] = "status_upnp.php*"; + +$priv_list['page-diagnostics-wirelessstatus'] = array(); +$priv_list['page-diagnostics-wirelessstatus']['name'] = "WebCfg - Diagnostics: Wireless Status page"; +$priv_list['page-diagnostics-wirelessstatus']['descr'] = "Allow access to the 'Diagnostics: Wireless Status' page."; +$priv_list['page-diagnostics-wirelessstatus']['match'] = array(); +$priv_list['page-diagnostics-wirelessstatus']['match'][] = "status_wireless.php*"; + +$priv_list['page-system-generalsetup'] = array(); +$priv_list['page-system-generalsetup']['name'] = "WebCfg - System: General Setup page"; +$priv_list['page-system-generalsetup']['descr'] = "Allow access to the 'System: General Setup' page."; +$priv_list['page-system-generalsetup']['match'] = array(); +$priv_list['page-system-generalsetup']['match'][] = "system.php*"; + +$priv_list['page-system-advancedfunctions'] = array(); +$priv_list['page-system-advancedfunctions']['name'] = "WebCfg - System: Advanced functions page"; +$priv_list['page-system-advancedfunctions']['descr'] = "Allow access to the 'System: Advanced functions' page."; +$priv_list['page-system-advancedfunctions']['match'] = array(); +$priv_list['page-system-advancedfunctions']['match'][] = "system_advanced.php*"; + +$priv_list['page-system-advancedfunctions-createcertificates'] = array(); +$priv_list['page-system-advancedfunctions-createcertificates']['name'] = "WebCfg - System: Advanced functions: Create Certificates page"; +$priv_list['page-system-advancedfunctions-createcertificates']['descr'] = "Allow access to the 'System: Advanced functions: Create Certificates' page."; +$priv_list['page-system-advancedfunctions-createcertificates']['match'] = array(); +$priv_list['page-system-advancedfunctions-createcertificates']['match'][] = "system_advanced_create_certs.php*"; + +$priv_list['page-system-firmware-manualupdate'] = array(); +$priv_list['page-system-firmware-manualupdate']['name'] = "WebCfg - System: Firmware: Manual Update page"; +$priv_list['page-system-firmware-manualupdate']['descr'] = "Allow access to the 'System: Firmware: Manual Update' page."; +$priv_list['page-system-firmware-manualupdate']['match'] = array(); +$priv_list['page-system-firmware-manualupdate']['match'][] = "system_firmware.php*"; + +$priv_list['page-system-firmware-checkforupdate'] = array(); +$priv_list['page-system-firmware-checkforupdate']['name'] = "WebCfg - System: Firmware: Check For Update page"; +$priv_list['page-system-firmware-checkforupdate']['descr'] = "Allow access to the 'System: Firmware: Check For Update' page."; +$priv_list['page-system-firmware-checkforupdate']['match'] = array(); +$priv_list['page-system-firmware-checkforupdate']['match'][] = "system_firmware_auto.php*"; + +$priv_list['page-system-firmware-autoupdate'] = array(); +$priv_list['page-system-firmware-autoupdate']['name'] = "WebCfg - System: Firmware: Auto Update page"; +$priv_list['page-system-firmware-autoupdate']['descr'] = "Allow access to the 'System: Firmware: Auto Update' page."; +$priv_list['page-system-firmware-autoupdate']['match'] = array(); +$priv_list['page-system-firmware-autoupdate']['match'][] = "system_firmware_check.php*"; + +$priv_list['page-system-firmware-settings'] = array(); +$priv_list['page-system-firmware-settings']['name'] = "WebCfg - System: Firmware: Settings page"; +$priv_list['page-system-firmware-settings']['descr'] = "Allow access to the 'System: Firmware: Settings' page."; +$priv_list['page-system-firmware-settings']['match'] = array(); +$priv_list['page-system-firmware-settings']['match'][] = "system_firmware_settings.php*"; + +$priv_list['page-system-gateways'] = array(); +$priv_list['page-system-gateways']['name'] = "WebCfg - System: Gateways page"; +$priv_list['page-system-gateways']['descr'] = "Allow access to the 'System: Gateways' page."; +$priv_list['page-system-gateways']['match'] = array(); +$priv_list['page-system-gateways']['match'][] = "system_gateways.php*"; + +$priv_list['page-system-gatewaygroups'] = array(); +$priv_list['page-system-gatewaygroups']['name'] = "WebCfg - System: Gateway Groups page"; +$priv_list['page-system-gatewaygroups']['descr'] = "Allow access to the 'System: Gateway Groups' page."; +$priv_list['page-system-gatewaygroups']['match'] = array(); +$priv_list['page-system-gatewaygroups']['match'][] = "system_gateway_groups.php*"; + +$priv_list['page-system-gateways-editgatewaygroups'] = array(); +$priv_list['page-system-gateways-editgatewaygroups']['name'] = "WebCfg - System: Gateways: Edit Gateway Groups page"; +$priv_list['page-system-gateways-editgatewaygroups']['descr'] = "Allow access to the 'System: Gateways: Edit Gateway Groups' page."; +$priv_list['page-system-gateways-editgatewaygroups']['match'] = array(); +$priv_list['page-system-gateways-editgatewaygroups']['match'][] = "system_gateway_groups_edit.php*"; + +$priv_list['page-system-gateways-editgateway'] = array(); +$priv_list['page-system-gateways-editgateway']['name'] = "WebCfg - System: Gateways: Edit Gateway page"; +$priv_list['page-system-gateways-editgateway']['descr'] = "Allow access to the 'System: Gateways: Edit Gateway' page."; +$priv_list['page-system-gateways-editgateway']['match'] = array(); +$priv_list['page-system-gateways-editgateway']['match'][] = "system_gateways_edit.php*"; + +$priv_list['page-system-groupmanager'] = array(); +$priv_list['page-system-groupmanager']['name'] = "WebCfg - System: Group manager page"; +$priv_list['page-system-groupmanager']['descr'] = "Allow access to the 'System: Group manager' page."; +$priv_list['page-system-groupmanager']['match'] = array(); +$priv_list['page-system-groupmanager']['match'][] = "system_groupmanager.php*"; + +$priv_list['page-system-groupmanager-editprivileges'] = array(); +$priv_list['page-system-groupmanager-editprivileges']['name'] = "WebCfg - System: Group manager: Edit Privileges page"; +$priv_list['page-system-groupmanager-editprivileges']['descr'] = "Allow access to the 'System: Group manager: Edit Privileges' page."; +$priv_list['page-system-groupmanager-editprivileges']['match'] = array(); +$priv_list['page-system-groupmanager-editprivileges']['match'][] = "system_groupmanager_edit.php*"; + +$priv_list['page-system-staticroutes'] = array(); +$priv_list['page-system-staticroutes']['name'] = "WebCfg - System: Static Routes page"; +$priv_list['page-system-staticroutes']['descr'] = "Allow access to the 'System: Static Routes' page."; +$priv_list['page-system-staticroutes']['match'] = array(); +$priv_list['page-system-staticroutes']['match'][] = "system_routes.php*"; + +$priv_list['page-system-staticroutes-editroute'] = array(); +$priv_list['page-system-staticroutes-editroute']['name'] = "WebCfg - System: Static Routes: Edit route page"; +$priv_list['page-system-staticroutes-editroute']['descr'] = "Allow access to the 'System: Static Routes: Edit route' page."; +$priv_list['page-system-staticroutes-editroute']['match'] = array(); +$priv_list['page-system-staticroutes-editroute']['match'][] = "system_routes_edit.php*"; + +$priv_list['page-system-usermanager'] = array(); +$priv_list['page-system-usermanager']['name'] = "WebCfg - System: User Manager page"; +$priv_list['page-system-usermanager']['descr'] = "Allow access to the 'System: User Manager' page."; +$priv_list['page-system-usermanager']['match'] = array(); +$priv_list['page-system-usermanager']['match'][] = "system_usermanager.php*"; + +$priv_list['page-system-usermanager-addprivileges'] = array(); +$priv_list['page-system-usermanager-addprivileges']['name'] = "WebCfg - System: User Manager: Add Privileges page"; +$priv_list['page-system-usermanager-addprivileges']['descr'] = "Allow access to the 'System: User Manager: Add Privileges' page."; +$priv_list['page-system-usermanager-addprivileges']['match'] = array(); +$priv_list['page-system-usermanager-addprivileges']['match'][] = "system_usermanager_addprivs.php*"; + +$priv_list['page-system-usermanager-settings'] = array(); +$priv_list['page-system-usermanager-settings']['name'] = "WebCfg - System: User manager: settings page"; +$priv_list['page-system-usermanager-settings']['descr'] = "Allow access to the 'System: User manager: settings' page."; +$priv_list['page-system-usermanager-settings']['match'] = array(); +$priv_list['page-system-usermanager-settings']['match'][] = "system_usermanager_settings.php*"; + +$priv_list['page-system-usermanager-settings-testldap'] = array(); +$priv_list['page-system-usermanager-settings-testldap']['name'] = "WebCfg - System: User Manager: Settings: Test LDAP page"; +$priv_list['page-system-usermanager-settings-testldap']['descr'] = "Allow access to the 'System: User Manager: Settings: Test LDAP' page."; +$priv_list['page-system-usermanager-settings-testldap']['match'] = array(); +$priv_list['page-system-usermanager-settings-testldap']['match'][] = "system_usermanager_settings_test.php*"; + +$priv_list['page-hidden-uploadconfiguration'] = array(); +$priv_list['page-hidden-uploadconfiguration']['name'] = "WebCfg - Hidden: Upload Configuration page"; +$priv_list['page-hidden-uploadconfiguration']['descr'] = "Allow access to the 'Hidden: Upload Configuration' page."; +$priv_list['page-hidden-uploadconfiguration']['match'] = array(); +$priv_list['page-hidden-uploadconfiguration']['match'][] = "uploadconfig.php*"; + +$priv_list['page-vpn-ipsec'] = array(); +$priv_list['page-vpn-ipsec']['name'] = "WebCfg - VPN: IPsec page"; +$priv_list['page-vpn-ipsec']['descr'] = "Allow access to the 'VPN: IPsec' page."; +$priv_list['page-vpn-ipsec']['match'] = array(); +$priv_list['page-vpn-ipsec']['match'][] = "vpn_ipsec.php*"; + +$priv_list['page-vpn-ipsec-certificateauthority'] = array(); +$priv_list['page-vpn-ipsec-certificateauthority']['name'] = "WebCfg - VPN: IPsec: Certificate Authority page"; +$priv_list['page-vpn-ipsec-certificateauthority']['descr'] = "Allow access to the 'VPN: IPsec: Certificate Authority' page."; +$priv_list['page-vpn-ipsec-certificateauthority']['match'] = array(); +$priv_list['page-vpn-ipsec-certificateauthority']['match'][] = "vpn_ipsec_ca.php*"; + +$priv_list['page-vpn-ipsec-certificateauthority-edit'] = array(); +$priv_list['page-vpn-ipsec-certificateauthority-edit']['name'] = "WebCfg - VPN: IPsec: Certificate Authority: Edit page"; +$priv_list['page-vpn-ipsec-certificateauthority-edit']['descr'] = "Allow access to the 'VPN: IPsec: Certificate Authority: Edit' page."; +$priv_list['page-vpn-ipsec-certificateauthority-edit']['match'] = array(); +$priv_list['page-vpn-ipsec-certificateauthority-edit']['match'][] = "vpn_ipsec_ca_edit.php*"; + +$priv_list['page-vpn-ipsec-mobile'] = array(); +$priv_list['page-vpn-ipsec-mobile']['name'] = "WebCfg - VPN: IPsec: Mobile page"; +$priv_list['page-vpn-ipsec-mobile']['descr'] = "Allow access to the 'VPN: IPsec: Mobile' page."; +$priv_list['page-vpn-ipsec-mobile']['match'] = array(); +$priv_list['page-vpn-ipsec-mobile']['match'][] = "vpn_ipsec_mobile.php*"; + +$priv_list['page-vpn-ipsec-editphase1'] = array(); +$priv_list['page-vpn-ipsec-editphase1']['name'] = "WebCfg - VPN: IPsec: Edit Phase 1 page"; +$priv_list['page-vpn-ipsec-editphase1']['descr'] = "Allow access to the 'VPN: IPsec: Edit Phase 1' page."; +$priv_list['page-vpn-ipsec-editphase1']['match'] = array(); +$priv_list['page-vpn-ipsec-editphase1']['match'][] = "vpn_ipsec_phase1.php*"; + +$priv_list['page-vpn-ipsec-editphase2'] = array(); +$priv_list['page-vpn-ipsec-editphase2']['name'] = "WebCfg - VPN: IPsec: Edit Phase 2 page"; +$priv_list['page-vpn-ipsec-editphase2']['descr'] = "Allow access to the 'VPN: IPsec: Edit Phase 2' page."; +$priv_list['page-vpn-ipsec-editphase2']['match'] = array(); +$priv_list['page-vpn-ipsec-editphase2']['match'][] = "vpn_ipsec_phase2.php*"; + +$priv_list['page-vpn-openvpn-createcerts'] = array(); +$priv_list['page-vpn-openvpn-createcerts']['name'] = "WebCfg - VPN: OpenVPN: Create Certs page"; +$priv_list['page-vpn-openvpn-createcerts']['descr'] = "Allow access to the 'VPN: OpenVPN: Create Certs' page."; +$priv_list['page-vpn-openvpn-createcerts']['match'] = array(); +$priv_list['page-vpn-openvpn-createcerts']['match'][] = "vpn_openvpn_certs_create.php*"; + +$priv_list['page-vpn-openvpn-createexistingcerts'] = array(); +$priv_list['page-vpn-openvpn-createexistingcerts']['name'] = "WebCfg - VPN: OpenVPN: Create Existing Certs page"; +$priv_list['page-vpn-openvpn-createexistingcerts']['descr'] = "Allow access to the 'VPN: OpenVPN: Create Existing Certs' page."; +$priv_list['page-vpn-openvpn-createexistingcerts']['match'] = array(); +$priv_list['page-vpn-openvpn-createexistingcerts']['match'][] = "vpn_openvpn_certs_existing.php*"; + +$priv_list['page-vpn-openvpn-editclient'] = array(); +$priv_list['page-vpn-openvpn-editclient']['name'] = "WebCfg - VPN: OpenVPN: Edit client page"; +$priv_list['page-vpn-openvpn-editclient']['descr'] = "Allow access to the 'VPN: OpenVPN: Edit client' page."; +$priv_list['page-vpn-openvpn-editclient']['match'] = array(); +$priv_list['page-vpn-openvpn-editclient']['match'][] = "vpn_openvpn_cli_edit.php*"; + +$priv_list['page-vpn-openvpn-createcerts'] = array(); +$priv_list['page-vpn-openvpn-createcerts']['name'] = "WebCfg - VPN: OpenVPN: Create Certs page"; +$priv_list['page-vpn-openvpn-createcerts']['descr'] = "Allow access to the 'VPN: OpenVPN: Create Certs' page."; +$priv_list['page-vpn-openvpn-createcerts']['match'] = array(); +$priv_list['page-vpn-openvpn-createcerts']['match'][] = "vpn_openvpn_create_certs.php*"; + +$priv_list['page-vpn-openvpn-editcrl'] = array(); +$priv_list['page-vpn-openvpn-editcrl']['name'] = "WebCfg - VPN: OpenVPN: Edit CRL page"; +$priv_list['page-vpn-openvpn-editcrl']['descr'] = "Allow access to the 'VPN: OpenVPN: Edit CRL' page."; +$priv_list['page-vpn-openvpn-editcrl']['match'] = array(); +$priv_list['page-vpn-openvpn-editcrl']['match'][] = "vpn_openvpn_crl_edit.php*"; + +$priv_list['page-vpn-openvpn-editserver'] = array(); +$priv_list['page-vpn-openvpn-editserver']['name'] = "WebCfg - VPN: OpenVPN: Edit server page"; +$priv_list['page-vpn-openvpn-editserver']['descr'] = "Allow access to the 'VPN: OpenVPN: Edit server' page."; +$priv_list['page-vpn-openvpn-editserver']['match'] = array(); +$priv_list['page-vpn-openvpn-editserver']['match'][] = "vpn_openvpn_srv_edit.php*"; + +$priv_list['page-vpn-vpnopenvpn-user-edit'] = array(); +$priv_list['page-vpn-vpnopenvpn-user-edit']['name'] = "WebCfg - VPN: VPN OpenVPN: User: Edit page"; +$priv_list['page-vpn-vpnopenvpn-user-edit']['descr'] = "Allow access to the 'VPN: VPN OpenVPN: User: Edit' page."; +$priv_list['page-vpn-vpnopenvpn-user-edit']['match'] = array(); +$priv_list['page-vpn-vpnopenvpn-user-edit']['match'][] = "vpn_openvpn_user_edit.php*"; + +$priv_list['page-vpn-vpnopenvpn-users'] = array(); +$priv_list['page-vpn-vpnopenvpn-users']['name'] = "WebCfg - VPN: VPN OpenVPN: Users page"; +$priv_list['page-vpn-vpnopenvpn-users']['descr'] = "Allow access to the 'VPN: VPN OpenVPN: Users' page."; +$priv_list['page-vpn-vpnopenvpn-users']['match'] = array(); +$priv_list['page-vpn-vpnopenvpn-users']['match'][] = "vpn_openvpn_users.php*"; + +$priv_list['page-vpn-vpnopenvpn-user-edit'] = array(); +$priv_list['page-vpn-vpnopenvpn-user-edit']['name'] = "WebCfg - VPN: VPN OpenVPN: User: Edit page"; +$priv_list['page-vpn-vpnopenvpn-user-edit']['descr'] = "Allow access to the 'VPN: VPN OpenVPN: User: Edit' page."; +$priv_list['page-vpn-vpnopenvpn-user-edit']['match'] = array(); +$priv_list['page-vpn-vpnopenvpn-user-edit']['match'][] = "vpn_openvpn_users_edit.php*"; + +$priv_list['page-services-pppoeserver'] = array(); +$priv_list['page-services-pppoeserver']['name'] = "WebCfg - Services: PPPoE Server page"; +$priv_list['page-services-pppoeserver']['descr'] = "Allow access to the 'Services: PPPoE Server' page."; +$priv_list['page-services-pppoeserver']['match'] = array(); +$priv_list['page-services-pppoeserver']['match'][] = "vpn_pppoe.php*"; + +$priv_list['page-services-pppoeserver-users'] = array(); +$priv_list['page-services-pppoeserver-users']['name'] = "WebCfg - Services: PPPoE Server: Users page"; +$priv_list['page-services-pppoeserver-users']['descr'] = "Allow access to the 'Services: PPPoE Server: Users' page."; +$priv_list['page-services-pppoeserver-users']['match'] = array(); +$priv_list['page-services-pppoeserver-users']['match'][] = "vpn_pppoe_users.php*"; + +$priv_list['page-services-pppoeserver-user-edit'] = array(); +$priv_list['page-services-pppoeserver-user-edit']['name'] = "WebCfg - Services: PPPoE Server: User: Edit page"; +$priv_list['page-services-pppoeserver-user-edit']['descr'] = "Allow access to the 'Services: PPPoE Server: User: Edit' page."; +$priv_list['page-services-pppoeserver-user-edit']['match'] = array(); +$priv_list['page-services-pppoeserver-user-edit']['match'][] = "vpn_pppoe_users_edit.php*"; + +$priv_list['page-vpn-vpnpptp'] = array(); +$priv_list['page-vpn-vpnpptp']['name'] = "WebCfg - VPN: VPN PPTP page"; +$priv_list['page-vpn-vpnpptp']['descr'] = "Allow access to the 'VPN: VPN PPTP' page."; +$priv_list['page-vpn-vpnpptp']['match'] = array(); +$priv_list['page-vpn-vpnpptp']['match'][] = "vpn_pptp.php*"; + +$priv_list['page-vpn-vpnpptp-users'] = array(); +$priv_list['page-vpn-vpnpptp-users']['name'] = "WebCfg - VPN: VPN PPTP: Users page"; +$priv_list['page-vpn-vpnpptp-users']['descr'] = "Allow access to the 'VPN: VPN PPTP: Users' page."; +$priv_list['page-vpn-vpnpptp-users']['match'] = array(); +$priv_list['page-vpn-vpnpptp-users']['match'][] = "vpn_pptp_users.php*"; + +$priv_list['page-vpn-vpnpptp-user-edit'] = array(); +$priv_list['page-vpn-vpnpptp-user-edit']['name'] = "WebCfg - VPN: VPN PPTP: User: Edit page"; +$priv_list['page-vpn-vpnpptp-user-edit']['descr'] = "Allow access to the 'VPN: VPN PPTP: User: Edit' page."; +$priv_list['page-vpn-vpnpptp-user-edit']['match'] = array(); +$priv_list['page-vpn-vpnpptp-user-edit']['match'][] = "vpn_pptp_users_edit.php*"; + +$priv_list['page-pfsensewizardsubsystem'] = array(); +$priv_list['page-pfsensewizardsubsystem']['name'] = "WebCfg - pfSense wizard subsystem page"; +$priv_list['page-pfsensewizardsubsystem']['descr'] = "Allow access to the 'pfSense wizard subsystem' page."; +$priv_list['page-pfsensewizardsubsystem']['match'] = array(); +$priv_list['page-pfsensewizardsubsystem']['match'][] = "wizard.php*"; + +$priv_list['page-xmlrpclibrary'] = array(); +$priv_list['page-xmlrpclibrary']['name'] = "WebCfg - XMLRPC Library page"; +$priv_list['page-xmlrpclibrary']['descr'] = "Allow access to the 'XMLRPC Library' page."; +$priv_list['page-xmlrpclibrary']['match'] = array(); +$priv_list['page-xmlrpclibrary']['match'][] = "xmlrpc.php*"; + + +$priv_rmvd = array(); + +?> diff --git a/etc/inc/priv.inc b/etc/inc/priv.inc new file mode 100644 index 0000000..917cc00 --- /dev/null +++ b/etc/inc/priv.inc @@ -0,0 +1,307 @@ +<?php
+/* $Id$ */
+/*
+ Copyright (C) 2008 Shrew Soft Inc
+ All rights reserved.
+
+ Copyright (C) 2007, 2008 Scott Ullrich <sullrich@gmail.com>
+ All rights reserved.
+
+ Copyright (C) 2005-2006 Bill Marquette <bill.marquette@gmail.com>
+ All rights reserved.
+
+ Copyright (C) 2006 Paul Taylor <paultaylor@winn-dixie.com>.
+ All rights reserved.
+
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ DISABLE_PHP_LINT_CHECKING
+*/
+
+require_once("functions.inc");
+require_once("priv.defs.inc");
+
+/*
+ * USER PRIVILEGE DEFINITIONS
+ */
+
+$priv_list['user-lock-webcfg'] = array();
+$priv_list['user-lock-webcfg']['name'] = "User - Locks webConfigurator";
+$priv_list['user-lock-webcfg']['descr'] = "Indicates whether the user will lock access to ".
+ "the webConfigurator for other users";
+
+$priv_list['user-lock-ipages'] = array();
+$priv_list['user-lock-ipages']['name'] = "User - Locks individual pages";
+$priv_list['user-lock-ipages']['descr'] = "Indicates whether the user will lock individual ".
+ "HTML pages after having accessed a particular page".
+ "(the lock will be freed if the user leaves or ".
+ "saves the page form).";
+
+$priv_list['user-shell-access'] = array();
+$priv_list['user-shell-access']['name'] = "User - Shell account access";
+$priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ".
+ "example via SSH.";
+
+$priv_list['user-copy-files'] = array();
+$priv_list['user-copy-files']['name'] = "User - Copy files";
+$priv_list['user-copy-files']['descr'] = "Indicates whether the user is allowed to copy files ".
+ "onto the {$g['product_name']} appliance via SCP/SFTP. ".
+ "If you are going to use this privilege, you must install ".
+ "scponly on the appliance (Hint: pkg_add -r scponly).";
+
+sort_privs($priv_list);
+
+function cmp_privkeys($a, $b) {
+ /* user privs at the top */
+ $auser = strncmp("user-", $a, 5);
+ $buser = strncmp("user-", $b, 5);
+ if($auser != $buser)
+ return $auser - buser;
+
+ /* name compare others */
+ return strcasecmp($a, $b);
+}
+
+function sort_privs(& $privs) {
+
+ uksort($privs, "cmp_privkeys");
+}
+
+function cmp_page_matches($page, & $matches, $fullwc = true) {
+
+ if (!is_array($matches))
+ return false;
+
+ /* skip any leading fwdslash */
+ $test = strpos($page, "/");
+ if ($test !== false && $test == 0)
+ $page = substr($page, 1);
+
+ /* look for a match */
+ foreach ($matches as $match) {
+
+ /* possibly ignore full wildcard match */
+ if (!$fullwc && !strcmp($match ,"*"))
+ continue;
+
+ /* compare exact or wildcard match */
+ $wcpos = strpos($match, "*");
+ if ($wcpos === false)
+ $result = strcmp($page, $match);
+ else
+ $result = strncmp($page, $match, $wcpos);
+
+ if (!$result)
+ return true;
+ }
+
+ return false;
+}
+
+function map_page_privname($page) {
+ global $priv_list;
+
+ foreach ($priv_list as $pname => $pdata) {
+ if (strncmp($pname, "page-", 5))
+ continue;
+ $fullwc = false;
+ if (!strcasecmp($page,"any")||!strcmp($page,"*"))
+ $fullwc = true;
+ if (cmp_page_matches($page, $pdata['match'], $fullwc))
+ return $pname;
+ }
+
+ return false;
+}
+
+function get_user_privileges(& $user) {
+
+ $privs = $user['priv'];
+ if (!is_array($privs))
+ $privs = array();
+
+ $names = get_local_user_groups($user, true);
+
+ foreach ($names as $name) {
+ $group = getGroupEntry($name);
+ if (is_array($group['priv']))
+ $privs = array_merge( $privs, $group['priv']);
+ }
+
+ return $privs;
+}
+
+function get_user_privdesc(& $user) {
+ global $priv_list;
+
+ $privs = array();
+
+ $user_privs = $user['priv'];
+ if (!is_array($user_privs))
+ $user_privs = array();
+
+ $names = get_local_user_groups($user, true);
+
+ foreach ($names as $name) {
+ $group = getGroupEntry($name);
+ $group_privs = $group['priv'];
+ if (!is_array($group_privs))
+ continue;
+ foreach ($group_privs as $pname) {
+ if (in_array($pname,$user_privs))
+ continue;
+ if (!$priv_list[$pname])
+ continue;
+ $priv = $priv_list[$pname];
+ $priv['group'] = $group['name'];
+ $privs[] = $priv;
+ }
+ }
+
+ foreach ($user_privs as $pname)
+ if($priv_list[$pname])
+ $privs[] = $priv_list[$pname];
+
+ return $privs;
+}
+
+function isAllowedPage($page) {
+ global $_SESSION;
+
+ $username = $_SESSION['Username'];
+ if (!isset($username))
+ return false;
+
+ /* admin/root access check */
+ $user = getUserEntry($username);
+ if (isset($user))
+ if (isset($user['uid']))
+ if ($user['uid']==0)
+ return true;
+
+ /* user privelege access check */
+ if (cmp_page_matches($page, $allowed_pages))
+ return true;
+
+ return false;
+}
+
+function getPrivPages(& $entry, & $allowed_pages) {
+ global $priv_list;
+
+ if (!is_array($entry['priv']))
+ return;
+
+ foreach ($entry['priv'] as $pname) {
+ if (strncmp($pname, "page-", 5))
+ continue;
+ $priv = &$priv_list[$pname];
+ if (!is_array($priv))
+ continue;
+ $matches = &$priv['match'];
+ if (!is_array($matches))
+ continue;
+ foreach ($matches as $match)
+ $allowed_pages[] = $match;
+ }
+}
+
+function getAllowedPages($username) {
+ global $config, $_SESSION;
+
+ if (!function_exists("ldap_connect"))
+ return;
+
+ $allowed_pages = array();
+ $allowed_groups = array();
+
+ $ldapon = $_SESSION['ldapon'];
+
+ // search for a local user by name
+ $local_user = getUserEntry($username);
+
+ // obtain local groups if we have a local user
+ if ($local_user) {
+ $allowed_groups = get_local_user_groups($local_user);
+ getPrivPages($local_user, $allowed_pages);
+ }
+
+ // obtain ldap groups if we are in ldap mode
+ if ($config['system']['webgui']['backend'] == "ldap" && !$local_user)
+ $allowed_groups = ldap_get_groups($username);
+
+ // obtain ldapother groups if we are in ldap mode
+ if ($config['system']['webgui']['backend'] == "ldapother" && !$local_user)
+ $allowed_groups = ldap_get_groups($username);
+
+ // build a list of allowed pages
+ if (is_array($config['system']['group']) && is_array($allowed_groups))
+ foreach ($config['system']['group'] as $group)
+ if (in_array($group['name'], $allowed_groups))
+ getPrivPages($group, $allowed_pages);
+
+ $allowed_groups = print_r($allowed_groups, true);
+ $fdny = fopen("/tmp/groups", "w");
+ fwrite($fdny, $allowed_groups);
+ fclose($fdny);
+
+ $_SESSION['privs'] = $allowed_pages;
+
+ return $allowed_pages;
+}
+
+function userHasPrivilege($userent, $privid = false) {
+
+ if (!$privid || !is_array($userent))
+ return false;
+
+ $privs = get_user_privileges($userent);
+
+ if (!is_array($privs))
+ return false;
+
+ if (!in_array($privid, $privs))
+ return false;
+
+ return true;
+}
+
+function hasPrivilegeLock($userent) {
+ return userHasPrivilege($userent, "user-lock-webcfg");
+}
+
+function hasPrivilegeLockPages($userent) {
+ return userHasPrivilege($userent, "user-lock-ipages");
+}
+
+function hasPrivilegeShell($userent) {
+ return userHasPrivilege($userent, "user-shell-access");
+}
+
+function hasPrivilegeCopyFiles($userent) {
+ return userHasPrivilege($userent, "user-copy-files");
+}
+
+?>
diff --git a/etc/rc.initial.password b/etc/rc.initial.password index 64dd34e..f92055f 100755 --- a/etc/rc.initial.password +++ b/etc/rc.initial.password @@ -45,8 +45,7 @@ The webConfigurator password will be reset to the default (which is "' . strtolo foreach ($config['system']['user'] as & $user) { if (isset($user['uid']) && !$user['uid']) { $user['name'] = "admin"; - set_local_user_password($user,strtolower($g['product_name'])); - set_local_user($user); + set_local_user($user, strtolower($g['product_name'])); write_config(gettext("password changed from console menu")); system_password_configure(); break; diff --git a/usr/local/www/carp_status.php b/usr/local/www/carp_status.php index 93c5b39..f9bd9ad 100755 --- a/usr/local/www/carp_status.php +++ b/usr/local/www/carp_status.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-carp +##|*NAME=Status: CARP page +##|*DESCR=Allow access to the 'Status: CARP' page. +##|*MATCH=carp_status.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("xmlparse.inc"); diff --git a/usr/local/www/diag_arp.php b/usr/local/www/diag_arp.php index 5d699dd..00f9b60 100755 --- a/usr/local/www/diag_arp.php +++ b/usr/local/www/diag_arp.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-arptable +##|*NAME=Diagnostics: ARP Table page +##|*DESCR=Allow access to the 'Diagnostics: ARP Table' page. +##|*MATCH=diag_arp.php* +##|-PRIV + + require("guiconfig.inc"); function leasecmp($a, $b) { diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php index cf89350..2ddf48f 100755 --- a/usr/local/www/diag_backup.php +++ b/usr/local/www/diag_backup.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-backup/restore +##|*NAME=Diagnostics: Backup/restore page +##|*DESCR=Allow access to the 'Diagnostics: Backup/restore' page. +##|*MATCH=diag_backup.php* +##|-PRIV + + /* Allow additional execution time 0 = no limit. */ ini_set('max_execution_time', '3600'); ini_set('max_input_time', '3600'); diff --git a/usr/local/www/diag_confbak.php b/usr/local/www/diag_confbak.php index f2cfc9b..8990008 100755 --- a/usr/local/www/diag_confbak.php +++ b/usr/local/www/diag_confbak.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-configurationhistory +##|*NAME=Diagnostics: Configuration History page +##|*DESCR=Allow access to the 'Diagnostics: Configuration History' page. +##|*MATCH=diag_confbak.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['newver'] != "") { diff --git a/usr/local/www/diag_defaults.php b/usr/local/www/diag_defaults.php index ee0244e..988cca3 100755 --- a/usr/local/www/diag_defaults.php +++ b/usr/local/www/diag_defaults.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-factorydefaults +##|*NAME=Diagnostics: Factory defaults page +##|*DESCR=Allow access to the 'Diagnostics: Factory defaults' page. +##|*MATCH=diag_defaults.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/diag_dhcp_leases.php b/usr/local/www/diag_dhcp_leases.php index 54a2170..a6bbd45 100755 --- a/usr/local/www/diag_dhcp_leases.php +++ b/usr/local/www/diag_dhcp_leases.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-dhcpleases +##|*NAME=Status: DHCP leases page +##|*DESCR=Allow access to the 'Status: DHCP leases' page. +##|*MATCH=diag_dhcp_leases.php* +##|-PRIV + + require("guiconfig.inc"); $pgtitle = array("Status","DHCP leases"); diff --git a/usr/local/www/diag_dump_states.php b/usr/local/www/diag_dump_states.php index 5202e05..8a66467 100755 --- a/usr/local/www/diag_dump_states.php +++ b/usr/local/www/diag_dump_states.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-showstates +##|*NAME=Diagnostics: Show States page +##|*DESCR=Allow access to the 'Diagnostics: Show States' page. +##|*MATCH=diag_dump_states.php* +##|-PRIV + + require_once("guiconfig.inc"); diff --git a/usr/local/www/diag_ipsec.php b/usr/local/www/diag_ipsec.php index a61a5a1..6fc2fee 100644 --- a/usr/local/www/diag_ipsec.php +++ b/usr/local/www/diag_ipsec.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-ipsec +##|*NAME=Status: IPsec page +##|*DESCR=Allow access to the 'Status: IPsec' page. +##|*MATCH=diag_ipsec.php* +##|-PRIV + + global $g; $pgtitle = array("Status","IPsec"); diff --git a/usr/local/www/diag_ipsec_sad.php b/usr/local/www/diag_ipsec_sad.php index f2a08af..1162289 100755 --- a/usr/local/www/diag_ipsec_sad.php +++ b/usr/local/www/diag_ipsec_sad.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-ipsec-sad +##|*NAME=Status: IPsec: SAD page +##|*DESCR=Allow access to the 'Status: IPsec: SAD' page. +##|*MATCH=diag_ipsec_sad.php* +##|-PRIV + + require("guiconfig.inc"); $pgtitle = array("Status","IPsec","SAD"); diff --git a/usr/local/www/diag_ipsec_spd.php b/usr/local/www/diag_ipsec_spd.php index d9dfe54..cb4008f 100755 --- a/usr/local/www/diag_ipsec_spd.php +++ b/usr/local/www/diag_ipsec_spd.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-ipsec-spd +##|*NAME=Status: IPsec: SPD page +##|*DESCR=Allow access to the 'Status: IPsec: SPD' page. +##|*MATCH=diag_ipsec_spd.php* +##|-PRIV + + require("guiconfig.inc"); $pgtitle = array("Status","IPsec","SPD"); diff --git a/usr/local/www/diag_logs.php b/usr/local/www/diag_logs.php index 8cf5b08..42f4956 100755 --- a/usr/local/www/diag_logs.php +++ b/usr/local/www/diag_logs.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-logs-system +##|*NAME=Diagnostics: Logs: System page +##|*DESCR=Allow access to the 'Diagnostics: Logs: System' page. +##|*MATCH=diag_logs.php* +##|-PRIV + + require("guiconfig.inc"); $system_logfile = "{$g['varlog_path']}/system.log"; diff --git a/usr/local/www/diag_logs_auth.php b/usr/local/www/diag_logs_auth.php index b6450d6..4ac9f8f 100755 --- a/usr/local/www/diag_logs_auth.php +++ b/usr/local/www/diag_logs_auth.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-portalauth +##|*NAME=Status: System logs: Portal Auth page +##|*DESCR=Allow access to the 'Status: System logs: Portal Auth' page. +##|*MATCH=diag_logs_auth.php* +##|-PRIV + + require("guiconfig.inc"); $portal_logfile = "{$g['varlog_path']}/portalauth.log"; diff --git a/usr/local/www/diag_logs_dhcp.php b/usr/local/www/diag_logs_dhcp.php index 0b42e5f..e537857 100755 --- a/usr/local/www/diag_logs_dhcp.php +++ b/usr/local/www/diag_logs_dhcp.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-logs-dhcp +##|*NAME=Diagnostics: Logs: DHCP page +##|*DESCR=Allow access to the 'Diagnostics: Logs: DHCP' page. +##|*MATCH=diag_logs_dhcp.php* +##|-PRIV + + require("guiconfig.inc"); $dhcpd_logfile = "{$g['varlog_path']}/dhcpd.log"; diff --git a/usr/local/www/diag_logs_filter.php b/usr/local/www/diag_logs_filter.php index 46bda83..cd74e2d 100755 --- a/usr/local/www/diag_logs_filter.php +++ b/usr/local/www/diag_logs_filter.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-logs-firewall +##|*NAME=Diagnostics: Logs: Firewall page +##|*DESCR=Allow access to the 'Diagnostics: Logs: Firewall' page. +##|*MATCH=diag_logs_filter.php* +##|-PRIV + + if($_GET['getrulenum'] or $_POST['getrulenum']) { if($_GET['getrulenum']) $rulenum = $_GET['getrulenum']; diff --git a/usr/local/www/diag_logs_filter_dynamic.php b/usr/local/www/diag_logs_filter_dynamic.php index 8ea82d8..62de8fa 100755 --- a/usr/local/www/diag_logs_filter_dynamic.php +++ b/usr/local/www/diag_logs_filter_dynamic.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-hidden-nolongerincluded +##|*NAME=Hidden: No longer included page +##|*DESCR=Allow access to the 'Hidden: No longer included' page. +##|*MATCH=diag_logs_filter_dynamic.php* +##|-PRIV + + require("guiconfig.inc"); $filter_logfile = "{$g['varlog_path']}/filter.log"; diff --git a/usr/local/www/diag_logs_ipsec.php b/usr/local/www/diag_logs_ipsec.php index 74cf757..2ef5474 100755 --- a/usr/local/www/diag_logs_ipsec.php +++ b/usr/local/www/diag_logs_ipsec.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-ipsecvpn +##|*NAME=Status: System logs: IPsec VPN page +##|*DESCR=Allow access to the 'Status: System logs: IPsec VPN' page. +##|*MATCH=diag_logs_ipsec.php* +##|-PRIV + + require("guiconfig.inc"); $ipsec_logfile = "{$g['varlog_path']}/ipsec.log"; diff --git a/usr/local/www/diag_logs_ntpd.php b/usr/local/www/diag_logs_ntpd.php index 8217e4f..0e8251c 100644 --- a/usr/local/www/diag_logs_ntpd.php +++ b/usr/local/www/diag_logs_ntpd.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-openntpd +##|*NAME=Status: System logs: OpenNTPD page +##|*DESCR=Allow access to the 'Status: System logs: OpenNTPD' page. +##|*MATCH=diag_logs_ntpd.php* +##|-PRIV + + require("guiconfig.inc"); $ntpd_logfile = "{$g['varlog_path']}/ntpd.log"; diff --git a/usr/local/www/diag_logs_openvpn.php b/usr/local/www/diag_logs_openvpn.php index 24cb6d5..73b1dd9 100644 --- a/usr/local/www/diag_logs_openvpn.php +++ b/usr/local/www/diag_logs_openvpn.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-openvpn +##|*NAME=Status: System logs: OpenVPN page +##|*DESCR=Allow access to the 'Status: System logs: OpenVPN' page. +##|*MATCH=diag_logs_openvpn.php* +##|-PRIV + + $pgtitle = array("Status","System logs","OpenVPN"); require("guiconfig.inc"); diff --git a/usr/local/www/diag_logs_relayd.php b/usr/local/www/diag_logs_relayd.php index 05d0301..4f5be4b 100755 --- a/usr/local/www/diag_logs_relayd.php +++ b/usr/local/www/diag_logs_relayd.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-loadbalancer +##|*NAME=Status: System logs: Load Balancer page +##|*DESCR=Allow access to the 'Status: System logs: Load Balancer' page. +##|*MATCH=diag_logs_relayd.php* +##|-PRIV + + require("guiconfig.inc"); $relayd_logfile = "{$g['varlog_path']}/relayd.log"; diff --git a/usr/local/www/diag_logs_settings.php b/usr/local/www/diag_logs_settings.php index e1993af..5ee44d3 100755 --- a/usr/local/www/diag_logs_settings.php +++ b/usr/local/www/diag_logs_settings.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-logs-settings +##|*NAME=Diagnostics: Logs: Settings page +##|*DESCR=Allow access to the 'Diagnostics: Logs: Settings' page. +##|*MATCH=diag_logs_settings.php* +##|-PRIV + + require("guiconfig.inc"); $pconfig['reverse'] = isset($config['syslog']['reverse']); diff --git a/usr/local/www/diag_logs_slbd.php b/usr/local/www/diag_logs_slbd.php index 62765d3..066c6f8 100755 --- a/usr/local/www/diag_logs_slbd.php +++ b/usr/local/www/diag_logs_slbd.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-systemlogs-loadbalancer +##|*NAME=Status: System logs: Load Balancer page +##|*DESCR=Allow access to the 'Status: System logs: Load Balancer' page. +##|*MATCH=diag_logs_slbd.php* +##|-PRIV + + require("guiconfig.inc"); $slbd_logfile = "{$g['varlog_path']}/slbd.log"; diff --git a/usr/local/www/diag_logs_vpn.php b/usr/local/www/diag_logs_vpn.php index 8eefbbe..14c9c12 100755 --- a/usr/local/www/diag_logs_vpn.php +++ b/usr/local/www/diag_logs_vpn.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-logs-pptpvpn +##|*NAME=Diagnostics: Logs: PPTP VPN page +##|*DESCR=Allow access to the 'Diagnostics: Logs: PPTP VPN' page. +##|*MATCH=diag_logs_vpn.php* +##|-PRIV + + $pgtitle = array("Status","System logs","PPTP VPN"); require("guiconfig.inc"); diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php index d07d3e2..853fe93 100644 --- a/usr/local/www/diag_packet_capture.php +++ b/usr/local/www/diag_packet_capture.php @@ -23,6 +23,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-packetcapture +##|*NAME=Diagnostics: Packet Capture page +##|*DESCR=Allow access to the 'Diagnostics: Packet Capture' page. +##|*MATCH=diag_packet_capture.php* +##|-PRIV + + $pgtitle = array("Diagnostics", "Packet Capture"); require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); diff --git a/usr/local/www/diag_ping.php b/usr/local/www/diag_ping.php index 3741eca..ff9e5c7 100755 --- a/usr/local/www/diag_ping.php +++ b/usr/local/www/diag_ping.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-ping +##|*NAME=Diagnostics: Ping page +##|*DESCR=Allow access to the 'Diagnostics: Ping' page. +##|*MATCH=diag_ping.php* +##|-PRIV + + $pgtitle = array("Diagnostics", "Ping"); require("guiconfig.inc"); diff --git a/usr/local/www/diag_pkglogs.php b/usr/local/www/diag_pkglogs.php index 585f969..5720a75 100755 --- a/usr/local/www/diag_pkglogs.php +++ b/usr/local/www/diag_pkglogs.php @@ -37,6 +37,14 @@ */ +##|+PRIV +##|*IDENT=page-status-packagelogs +##|*NAME=Status: Package logs page +##|*DESCR=Allow access to the 'Status: Package logs' page. +##|*MATCH=diag_pkglogs.php* +##|-PRIV + + require("guiconfig.inc"); //require_once("pkg-utils.inc"); diff --git a/usr/local/www/diag_resetstate.php b/usr/local/www/diag_resetstate.php index 49c5524..4e203d5 100755 --- a/usr/local/www/diag_resetstate.php +++ b/usr/local/www/diag_resetstate.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-resetstate +##|*NAME=Diagnostics: Reset state page +##|*DESCR=Allow access to the 'Diagnostics: Reset state' page. +##|*MATCH=diag_resetstate.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/diag_routes.php b/usr/local/www/diag_routes.php index 22fbb0e..3c35328 100644 --- a/usr/local/www/diag_routes.php +++ b/usr/local/www/diag_routes.php @@ -29,6 +29,14 @@ */ +##|+PRIV +##|*IDENT=page-diagnostics-routingtables +##|*NAME=Diagnostics: Routing tables page +##|*DESCR=Allow access to the 'Diagnostics: Routing tables' page. +##|*MATCH=diag_routes.php* +##|-PRIV + + include('guiconfig.inc'); $pgtitle = array("Diagnostics","Routing tables"); diff --git a/usr/local/www/diag_traceroute.php b/usr/local/www/diag_traceroute.php index 6daedc7..fe5bde9 100755 --- a/usr/local/www/diag_traceroute.php +++ b/usr/local/www/diag_traceroute.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-traceroute +##|*NAME=Diagnostics: Traceroute page +##|*DESCR=Allow access to the 'Diagnostics: Traceroute' page. +##|*MATCH=diag_traceroute.php* +##|-PRIV + + require("guiconfig.inc"); $pgtitle = array("Diagnostics","Traceroute"); diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php index 9aa913b..78ddb96 100755 --- a/usr/local/www/edit.php +++ b/usr/local/www/edit.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-editfile +##|*NAME=Diagnostics: Edit File page +##|*DESCR=Allow access to the 'Diagnostics: Edit File' page. +##|*MATCH=edit.php* +##|-PRIV + + require("guiconfig.inc"); if (($_GET['submit'] == "Load") && file_exists($_GET['savetopath'])) { diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php index 7294894..9ddc84f 100755 --- a/usr/local/www/exec.php +++ b/usr/local/www/exec.php @@ -5,8 +5,37 @@ Created by technologEase (http://www.technologEase.com). (modified for m0n0wall by Manuel Kasper <mk@neon1.net>) + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-command +##|*NAME=Diagnostics: Command page +##|*DESCR=Allow access to the 'Diagnostics: Command' page. +##|*MATCH=exec.php* +##|-PRIV + + require("guiconfig.inc"); if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) { diff --git a/usr/local/www/exec_raw.php b/usr/local/www/exec_raw.php index c513d27..93213be 100755 --- a/usr/local/www/exec_raw.php +++ b/usr/local/www/exec_raw.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-hidden-execraw +##|*NAME=Hidden: Exec Raw page +##|*DESCR=Allow access to the 'Hidden: Exec Raw' page. +##|*MATCH=exec_raw.php* +##|-PRIV + + header("Content-Type: text/plain"); include("guiconfig.inc"); diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php index 0a08d3f..328a2b8 100755 --- a/usr/local/www/firewall_aliases.php +++ b/usr/local/www/firewall_aliases.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-aliases +##|*NAME=Firewall: Aliases page +##|*DESCR=Allow access to the 'Firewall: Aliases' page. +##|*MATCH=firewall_aliases.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['aliases']['alias'])) diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index a6f5d2e..ec0dafb 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-alias-edit +##|*NAME=Firewall: Alias: Edit page +##|*DESCR=Allow access to the 'Firewall: Alias: Edit' page. +##|*MATCH=firewall_aliases_edit.php* +##|-PRIV + + $pgtitle = array("Firewall","Aliases","Edit"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php index 9479b7c..705e267 100755 --- a/usr/local/www/firewall_aliases_import.php +++ b/usr/local/www/firewall_aliases_import.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-alias-import +##|*NAME=Firewall: Alias: Import page +##|*DESCR=Allow access to the 'Firewall: Alias: Import' page. +##|*MATCH=firewall_aliases_import.php* +##|-PRIV + + $pgtitle = array("Firewall","Aliases","Import"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php index 6f5f671..67da1ed 100755 --- a/usr/local/www/firewall_nat.php +++ b/usr/local/www/firewall_nat.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-portforward +##|*NAME=Firewall: NAT: Port Forward page +##|*DESCR=Allow access to the 'Firewall: NAT: Port Forward' page. +##|*MATCH=firewall_nat.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['rule'])) diff --git a/usr/local/www/firewall_nat_1to1.php b/usr/local/www/firewall_nat_1to1.php index 936918f..80ba9f1 100755 --- a/usr/local/www/firewall_nat_1to1.php +++ b/usr/local/www/firewall_nat_1to1.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-1-1 +##|*NAME=Firewall: NAT: 1:1 page +##|*DESCR=Allow access to the 'Firewall: NAT: 1:1' page. +##|*MATCH=firewall_nat_1to1.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['onetoone'])) { diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php index 66f140b..dad3f9e 100755 --- a/usr/local/www/firewall_nat_1to1_edit.php +++ b/usr/local/www/firewall_nat_1to1_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-1-1-edit +##|*NAME=Firewall: NAT: 1:1: Edit page +##|*DESCR=Allow access to the 'Firewall: NAT: 1:1: Edit' page. +##|*MATCH=firewall_nat_1to1_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['onetoone'])) { diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index e5be4d9..84b928c 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-portforward-edit +##|*NAME=Firewall: NAT: Port Forward: Edit page +##|*DESCR=Allow access to the 'Firewall: NAT: Port Forward: Edit' page. +##|*MATCH=firewall_nat_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['rule'])) { diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php index 2ff9f6e..6e4a908 100755 --- a/usr/local/www/firewall_nat_out.php +++ b/usr/local/www/firewall_nat_out.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-outbound +##|*NAME=Firewall: NAT: Outbound page +##|*DESCR=Allow access to the 'Firewall: NAT: Outbound' page. +##|*MATCH=firewall_nat_out.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['advancedoutbound']['rule'])) diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php index f032cfc..611f76b 100755 --- a/usr/local/www/firewall_nat_out_edit.php +++ b/usr/local/www/firewall_nat_out_edit.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-outbound-edit +##|*NAME=Firewall: NAT: Outbound: Edit page +##|*DESCR=Allow access to the 'Firewall: NAT: Outbound: Edit' page. +##|*MATCH=firewall_nat_out_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['advancedoutbound']['rule'])) diff --git a/usr/local/www/firewall_nat_server.php b/usr/local/www/firewall_nat_server.php index 986ec55..118a937 100755 --- a/usr/local/www/firewall_nat_server.php +++ b/usr/local/www/firewall_nat_server.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-nataddresses +##|*NAME=Firewall: NAT: NAT Addresses page +##|*DESCR=Allow access to the 'Firewall: NAT: NAT Addresses' page. +##|*MATCH=firewall_nat_server.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['servernat'])) { diff --git a/usr/local/www/firewall_nat_server_edit.php b/usr/local/www/firewall_nat_server_edit.php index 11634b2..4558526 100755 --- a/usr/local/www/firewall_nat_server_edit.php +++ b/usr/local/www/firewall_nat_server_edit.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-nat-nataddresses-edit +##|*NAME=Firewall: NAT: NAT Addresses: Edit page +##|*DESCR=Allow access to the 'Firewall: NAT: NAT Addresses: Edit' page. +##|*MATCH=firewall_nat_server_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['nat']['servernat'])) { diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 77b8273..b1d0fad 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-rules +##|*NAME=Firewall: Rules page +##|*DESCR=Allow access to the 'Firewall: Rules' page. +##|*MATCH=firewall_rules.php* +##|-PRIV + + $pgtitle = array("Firewall", "Rules"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 351455e..b65537b 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-rules-edit +##|*NAME=Firewall: Rules: Edit page +##|*DESCR=Allow access to the 'Firewall: Rules: Edit' page. +##|*MATCH=firewall_rules_edit.php* +##|-PRIV + + require("guiconfig.inc"); $specialsrcdst = explode(" ", "any wanip lanip lan pptp pppoe"); diff --git a/usr/local/www/firewall_schedule.php b/usr/local/www/firewall_schedule.php index aa87672..784e6fc 100644 --- a/usr/local/www/firewall_schedule.php +++ b/usr/local/www/firewall_schedule.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-schedules +##|*NAME=Firewall: Schedules page +##|*DESCR=Allow access to the 'Firewall: Schedules' page. +##|*MATCH=firewall_schedule.php* +##|-PRIV + + $pgtitle = array("Firewall","Schedules"); diff --git a/usr/local/www/firewall_schedule_edit.php b/usr/local/www/firewall_schedule_edit.php index ee21f51..30bf518 100644 --- a/usr/local/www/firewall_schedule_edit.php +++ b/usr/local/www/firewall_schedule_edit.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-schedules-edit +##|*NAME=Firewall: Schedules: Edit page +##|*DESCR=Allow access to the 'Firewall: Schedules: Edit' page. +##|*MATCH=firewall_schedule_edit.php* +##|-PRIV + + $pgtitle = array("Firewall","Schedules","Edit"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_shaper.php b/usr/local/www/firewall_shaper.php index 10b9bf0..6d068ae 100755 --- a/usr/local/www/firewall_shaper.php +++ b/usr/local/www/firewall_shaper.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-trafficshaper +##|*NAME=Firewall: Traffic Shaper page +##|*DESCR=Allow access to the 'Firewall: Traffic Shaper' page. +##|*MATCH=firewall_shaper.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['reset'] <> "") { diff --git a/usr/local/www/firewall_shaper_queues.php b/usr/local/www/firewall_shaper_queues.php index b5e064d..3a6de5b 100755 --- a/usr/local/www/firewall_shaper_queues.php +++ b/usr/local/www/firewall_shaper_queues.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-trafficshaper-queues +##|*NAME=Firewall: Traffic Shaper: Queues page +##|*DESCR=Allow access to the 'Firewall: Traffic Shaper: Queues' page. +##|*MATCH=firewall_shaper_queues.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['reset'] <> "") { diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php index 73eab72..b1bf9a5 100644 --- a/usr/local/www/firewall_shaper_vinterface.php +++ b/usr/local/www/firewall_shaper_vinterface.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-trafficshaper-limiter +##|*NAME=Firewall: Traffic Shaper: Limiter page +##|*DESCR=Allow access to the 'Firewall: Traffic Shaper: Limiter' page. +##|*MATCH=firewall_shaper_vinterface.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['reset'] <> "") { diff --git a/usr/local/www/firewall_shaper_wizards.php b/usr/local/www/firewall_shaper_wizards.php index fc42cfa..a086cc1 100755 --- a/usr/local/www/firewall_shaper_wizards.php +++ b/usr/local/www/firewall_shaper_wizards.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-trafficshaper-wizard +##|*NAME=Firewall: Traffic Shaper: Wizard page +##|*DESCR=Allow access to the 'Firewall: Traffic Shaper: Wizard' page. +##|*MATCH=firewall_shaper_wizards.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['reset'] <> "") { diff --git a/usr/local/www/firewall_system_tunables.php b/usr/local/www/firewall_system_tunables.php index fd62c8e..7e3c522 100644 --- a/usr/local/www/firewall_system_tunables.php +++ b/usr/local/www/firewall_system_tunables.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-system-tunables +##|*NAME=Firewall: System: Tunables page +##|*DESCR=Allow access to the 'Firewall: System: Tunables' page. +##|*MATCH=firewall_system_tunables.php* +##|-PRIV + + $pgtitle = array("Firewall","System","Tunables"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_system_tunables_edit.php b/usr/local/www/firewall_system_tunables_edit.php index 82b1480..07b3610 100644 --- a/usr/local/www/firewall_system_tunables_edit.php +++ b/usr/local/www/firewall_system_tunables_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-system-tunables-edit +##|*NAME=Firewall: System: Tunables: Edit page +##|*DESCR=Allow access to the 'Firewall: System: Tunables: Edit' page. +##|*MATCH=firewall_system_tunables_edit.php* +##|-PRIV + + $pgtitle = array("Firewall","System Tunables","Edit"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php index d600e6a..a9ed3bf 100755 --- a/usr/local/www/firewall_virtual_ip.php +++ b/usr/local/www/firewall_virtual_ip.php @@ -37,6 +37,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-virtualipaddresses +##|*NAME=Firewall: Virtual IP Addresses page +##|*DESCR=Allow access to the 'Firewall: Virtual IP Addresses' page. +##|*MATCH=firewall_virtual_ip.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['virtualip']['vip'])) { diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php index a48afc2..eb7451f 100755 --- a/usr/local/www/firewall_virtual_ip_edit.php +++ b/usr/local/www/firewall_virtual_ip_edit.php @@ -38,6 +38,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-firewall-virtualipaddress-edit +##|*NAME=Firewall: Virtual IP Address: Edit page +##|*DESCR=Allow access to the 'Firewall: Virtual IP Address: Edit' page. +##|*MATCH=firewall_virtual_ip_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['virtualip']['vip'])) { $config['virtualip']['vip'] = array(); diff --git a/usr/local/www/graph.php b/usr/local/www/graph.php index f0230e6..1202100 100755 --- a/usr/local/www/graph.php +++ b/usr/local/www/graph.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-interfacetraffic +##|*NAME=Diagnostics: Interface Traffic page +##|*DESCR=Allow access to the 'Diagnostics: Interface Traffic' page. +##|*MATCH=graph.php* +##|-PRIV + + header("Content-type: image/svg+xml"); /********** HTTP GET Based Conf ***********/ diff --git a/usr/local/www/graph_cpu.php b/usr/local/www/graph_cpu.php index 3f37355..0e45a1a 100644 --- a/usr/local/www/graph_cpu.php +++ b/usr/local/www/graph_cpu.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-cpuutilization +##|*NAME=Diagnostics: CPU Utilization page +##|*DESCR=Allow access to the 'Diagnostics: CPU Utilization' page. +##|*MATCH=graph_cpu.php* +##|-PRIV + + header("Content-type: image/svg+xml"); /********* Other conf *******/ diff --git a/usr/local/www/guiconfig.inc b/usr/local/www/guiconfig.inc index cda5e0e..bba46ce 100755 --- a/usr/local/www/guiconfig.inc +++ b/usr/local/www/guiconfig.inc @@ -839,4 +839,5 @@ function outputCSSFileInline($css) { } } -?>
\ No newline at end of file +?> + diff --git a/usr/local/www/halt.php b/usr/local/www/halt.php index 0de7b66..2c0a99a 100755 --- a/usr/local/www/halt.php +++ b/usr/local/www/halt.php @@ -32,6 +32,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-haltsystem +##|*NAME=Diagnostics: Halt system page +##|*DESCR=Allow access to the 'Diagnostics: Halt system' page. +##|*MATCH=halt.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/headjs.php b/usr/local/www/headjs.php index 7cfef42..59af195 100644 --- a/usr/local/www/headjs.php +++ b/usr/local/www/headjs.php @@ -1,4 +1,36 @@ <?php +/* + headjs.php + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-requiredforjavascript +##|*NAME=Required for javascript page +##|*DESCR=Allow access to the 'Required for javascript' page. +##|*MATCH=headjs.php* +##|-PRIV + function getHeadJS() { global $_SERVER, $HTTP_SERVER_VARS, $g, $use_loader_tab_gif; @@ -157,4 +189,4 @@ function getHeadJS() { return $headjs; } -?>
\ No newline at end of file +?> diff --git a/usr/local/www/ifstats.php b/usr/local/www/ifstats.php index ce03832..c8457d1 100644 --- a/usr/local/www/ifstats.php +++ b/usr/local/www/ifstats.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-xmlrpcinterfacestats +##|*NAME=XMLRPC Interface Stats page +##|*DESCR=Allow access to the 'XMLRPC Interface Stats' page. +##|*MATCH=ifstats.php* +##|-PRIV + + require("functions.inc"); require("config.inc"); diff --git a/usr/local/www/index.php b/usr/local/www/index.php index a84b4c5..9049913 100755 --- a/usr/local/www/index.php +++ b/usr/local/www/index.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-login/logout +##|*NAME=System: Login / Logout page +##|*DESCR=Allow access to the 'System: Login / Logout' page. +##|*MATCH=index.php* +##|-PRIV + + ## Load Essential Includes require_once('guiconfig.inc'); require_once('notices.inc'); diff --git a/usr/local/www/interfaces.php b/usr/local/www/interfaces.php index 409014a..78dc9d2 100755 --- a/usr/local/www/interfaces.php +++ b/usr/local/www/interfaces.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-wan +##|*NAME=Interfaces: WAN page +##|*DESCR=Allow access to the 'Interfaces: WAN' page. +##|*MATCH=interfaces_wan.php* +##|-PRIV + + define("CRON_MONTHLY_PATTERN", "0 0 1 * *"); define("CRON_WEEKLY_PATTERN", "0 0 * * 0"); define("CRON_DAILY_PATTERN", "0 0 * * *"); diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index 474de20..68229af 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-assignnetworkports +##|*NAME=Interfaces: Assign network ports page +##|*DESCR=Allow access to the 'Interfaces: Assign network ports' page. +##|*MATCH=interfaces_assign.php* +##|-PRIV + + $pgtitle = array("Interfaces", "Assign network ports"); require("guiconfig.inc"); diff --git a/usr/local/www/interfaces_gif.php b/usr/local/www/interfaces_gif.php index a107234..2258152 100644 --- a/usr/local/www/interfaces_gif.php +++ b/usr/local/www/interfaces_gif.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-gif +##|*NAME=Interfaces: GIF page +##|*DESCR=Allow access to the 'Interfaces: GIF' page. +##|*MATCH=interfaces_gif.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gifs']['gif'])) diff --git a/usr/local/www/interfaces_gif_edit.php b/usr/local/www/interfaces_gif_edit.php index c154e89..8cd16ce 100644 --- a/usr/local/www/interfaces_gif_edit.php +++ b/usr/local/www/interfaces_gif_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-gif-edit +##|*NAME=Interfaces: GIF: Edit page +##|*DESCR=Allow access to the 'Interfaces: GIF: Edit' page. +##|*MATCH=interfaces_gif_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gifs']['gif'])) diff --git a/usr/local/www/interfaces_gre.php b/usr/local/www/interfaces_gre.php index c01f81f..494e95e 100644 --- a/usr/local/www/interfaces_gre.php +++ b/usr/local/www/interfaces_gre.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-gre +##|*NAME=Interfaces: GRE page +##|*DESCR=Allow access to the 'Interfaces: GRE' page. +##|*MATCH=interfaces_gre.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gres']['gre'])) diff --git a/usr/local/www/interfaces_gre_edit.php b/usr/local/www/interfaces_gre_edit.php index 69a71f4..6bee140 100644 --- a/usr/local/www/interfaces_gre_edit.php +++ b/usr/local/www/interfaces_gre_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-gre-edit +##|*NAME=Interfaces: GRE: Edit page +##|*DESCR=Allow access to the 'Interfaces: GRE: Edit' page. +##|*MATCH=interfaces_gre_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gres']['gre'])) diff --git a/usr/local/www/interfaces_lan.php b/usr/local/www/interfaces_lan.php index 9cbb04e..45919ee 100755 --- a/usr/local/www/interfaces_lan.php +++ b/usr/local/www/interfaces_lan.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-lan +##|*NAME=Interfaces: LAN page +##|*DESCR=Allow access to the 'Interfaces: LAN' page. +##|*MATCH=interfaces_lan.php* +##|-PRIV + + require("guiconfig.inc"); $lancfg = &$config['interfaces']['lan']; diff --git a/usr/local/www/interfaces_ppp.php b/usr/local/www/interfaces_ppp.php index 4153601..cb4df01 100644 --- a/usr/local/www/interfaces_ppp.php +++ b/usr/local/www/interfaces_ppp.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-ppp +##|*NAME=Interfaces: PPP page +##|*DESCR=Allow access to the 'Interfaces: PPP' page. +##|*MATCH=interfaces_ppp.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ppps']['ppp'])) diff --git a/usr/local/www/interfaces_ppp_edit.php b/usr/local/www/interfaces_ppp_edit.php index f32205a..b4d2239 100644 --- a/usr/local/www/interfaces_ppp_edit.php +++ b/usr/local/www/interfaces_ppp_edit.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-ppp-edit +##|*NAME=Interfaces: PPP: Edit page +##|*DESCR=Allow access to the 'Interfaces: PPP: Edit' page. +##|*MATCH=interfaces_ppp_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ppps']['ppp'])) diff --git a/usr/local/www/interfaces_vlan.php b/usr/local/www/interfaces_vlan.php index adcb48d..84b4a70 100755 --- a/usr/local/www/interfaces_vlan.php +++ b/usr/local/www/interfaces_vlan.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-vlan +##|*NAME=Interfaces: VLAN page +##|*DESCR=Allow access to the 'Interfaces: VLAN' page. +##|*MATCH=interfaces_vlan.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['vlans']['vlan'])) diff --git a/usr/local/www/interfaces_vlan_edit.php b/usr/local/www/interfaces_vlan_edit.php index cc764d3..aaff8a3 100755 --- a/usr/local/www/interfaces_vlan_edit.php +++ b/usr/local/www/interfaces_vlan_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-vlan-edit +##|*NAME=Interfaces: VLAN: Edit page +##|*DESCR=Allow access to the 'Interfaces: VLAN: Edit' page. +##|*MATCH=interfaces_vlan_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['vlans']['vlan'])) diff --git a/usr/local/www/interfaces_wan.php b/usr/local/www/interfaces_wan.php index 409014a..78dc9d2 100755 --- a/usr/local/www/interfaces_wan.php +++ b/usr/local/www/interfaces_wan.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-wan +##|*NAME=Interfaces: WAN page +##|*DESCR=Allow access to the 'Interfaces: WAN' page. +##|*MATCH=interfaces_wan.php* +##|-PRIV + + define("CRON_MONTHLY_PATTERN", "0 0 1 * *"); define("CRON_WEEKLY_PATTERN", "0 0 * * 0"); define("CRON_DAILY_PATTERN", "0 0 * * *"); diff --git a/usr/local/www/interfaces_wlan_scan.php b/usr/local/www/interfaces_wlan_scan.php index 7f7b56c..80af052 100755 --- a/usr/local/www/interfaces_wlan_scan.php +++ b/usr/local/www/interfaces_wlan_scan.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-interfaces-scanwireless +##|*NAME=Interfaces: Scan Wireless page +##|*DESCR=Allow access to the 'Interfaces: Scan Wireless' page. +##|*MATCH=interfaces_wlan_scan.php* +##|-PRIV + + require("guiconfig.inc"); diff --git a/usr/local/www/license.php b/usr/local/www/license.php index 76f24d0..b98921f 100755 --- a/usr/local/www/license.php +++ b/usr/local/www/license.php @@ -1,10 +1,41 @@ <?php /* $Id$ */ -require("guiconfig.inc"); +/* + license.php + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +##|+PRIV +##|*IDENT=page-system-license +##|*NAME=System: License page +##|*DESCR=Allow access to the 'System: License' page. +##|*MATCH=license.php* +##|-PRIV + +require("guiconfig.inc"); include("head.inc"); -?> +?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> diff --git a/usr/local/www/load_balancer_pool.php b/usr/local/www/load_balancer_pool.php index b44fa2a..5b73862 100755 --- a/usr/local/www/load_balancer_pool.php +++ b/usr/local/www/load_balancer_pool.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-loadbalancer-pool +##|*NAME=Load Balancer: Pool page +##|*DESCR=Allow access to the 'Load Balancer: Pool' page. +##|*MATCH=load_balancer_pool.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['load_balancer']['lbpool'])) { diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index c412295..a6f5a82 100755 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-loadbalancer-pool-edit +##|*NAME=Load Balancer: Pool: Edit page +##|*DESCR=Allow access to the 'Load Balancer: Pool: Edit' page. +##|*MATCH=load_balancer_pool_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['load_balancer']['lbpool'])) { $config['load_balancer']['lbpool'] = array(); diff --git a/usr/local/www/load_balancer_virtual_server.php b/usr/local/www/load_balancer_virtual_server.php index 77b8884..45ca5e9 100755 --- a/usr/local/www/load_balancer_virtual_server.php +++ b/usr/local/www/load_balancer_virtual_server.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-loadbalancer-virtualservers +##|*NAME=Services: Load Balancer: Virtual Servers page +##|*DESCR=Allow access to the 'Services: Load Balancer: Virtual Servers' page. +##|*MATCH=load_balancer_virtual_server.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("vslb.inc"); diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index 16737a9..e24cb63 100755 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-loadbalancer-virtualserver-edit +##|*NAME=Load Balancer: Virtual Server: Edit page +##|*DESCR=Allow access to the 'Load Balancer: Virtual Server: Edit' page. +##|*MATCH=load_balancer_virtual_server_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['load_balancer']['virtual_server'])) { $config['load_balancer']['virtual_server'] = array(); diff --git a/usr/local/www/pkg.php b/usr/local/www/pkg.php index 1329e5b..b8a2df0 100755 --- a/usr/local/www/pkg.php +++ b/usr/local/www/pkg.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-package-settings +##|*NAME=Package: Settings page +##|*DESCR=Allow access to the 'Package: Settings' page. +##|*MATCH=pkg.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("pkg-utils.inc"); diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 64826d0..3d565a3 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-package-edit +##|*NAME=Package: Edit page +##|*DESCR=Allow access to the 'Package: Edit' page. +##|*MATCH=pkg_edit.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("pkg-utils.inc"); diff --git a/usr/local/www/pkg_mgr.php b/usr/local/www/pkg_mgr.php index e59d73c..7ad1d85 100755 --- a/usr/local/www/pkg_mgr.php +++ b/usr/local/www/pkg_mgr.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-packagemanager +##|*NAME=System: Package Manager page +##|*DESCR=Allow access to the 'System: Package Manager' page. +##|*MATCH=pkg_mgr.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("pkg-utils.inc"); diff --git a/usr/local/www/pkg_mgr_install.php b/usr/local/www/pkg_mgr_install.php index ec5e8bc..359d575 100755 --- a/usr/local/www/pkg_mgr_install.php +++ b/usr/local/www/pkg_mgr_install.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-packagemanager-installpackage +##|*NAME=System: Package Manager: Install Package page +##|*DESCR=Allow access to the 'System: Package Manager: Install Package' page. +##|*MATCH=pkg_mgr_install.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("pkg-utils.inc"); diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php index 20e3215..9459653 100755 --- a/usr/local/www/pkg_mgr_installed.php +++ b/usr/local/www/pkg_mgr_installed.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-packagemanager-installed +##|*NAME=System: Package Manager: Installed page +##|*DESCR=Allow access to the 'System: Package Manager: Installed' page. +##|*MATCH=pkg_mgr_installed.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("pkg-utils.inc"); diff --git a/usr/local/www/reboot.php b/usr/local/www/reboot.php index 1034d2f..68e37b9 100755 --- a/usr/local/www/reboot.php +++ b/usr/local/www/reboot.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-rebootsystem +##|*NAME=Diagnostics: Reboot System page +##|*DESCR=Allow access to the 'Diagnostics: Reboot System' page. +##|*MATCH=reboot.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 3e941bd..c9167ec 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal +##|*NAME=Services: Captive portal page +##|*DESCR=Allow access to the 'Services: Captive portal' page. +##|*MATCH=services_captiveportal.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_filemanager.php b/usr/local/www/services_captiveportal_filemanager.php index 536a4dd..e833685 100755 --- a/usr/local/www/services_captiveportal_filemanager.php +++ b/usr/local/www/services_captiveportal_filemanager.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal-filemanager +##|*NAME=Services: Captive portal: File Manager page +##|*DESCR=Allow access to the 'Services: Captive portal: File Manager' page. +##|*MATCH=services_captiveportal_filemanager.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal"); require_once("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_ip.php b/usr/local/www/services_captiveportal_ip.php index ac1f2d7..2a91321 100755 --- a/usr/local/www/services_captiveportal_ip.php +++ b/usr/local/www/services_captiveportal_ip.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal-allowedips +##|*NAME=Services: Captive portal: Allowed IPs page +##|*DESCR=Allow access to the 'Services: Captive portal: Allowed IPs' page. +##|*MATCH=services_captiveportal_ip.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php index cf2900a..bc0f29e 100755 --- a/usr/local/www/services_captiveportal_ip_edit.php +++ b/usr/local/www/services_captiveportal_ip_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal-editallowedips +##|*NAME=Services: Captive portal: Edit Allowed IPs page +##|*DESCR=Allow access to the 'Services: Captive portal: Edit Allowed IPs' page. +##|*MATCH=services_captiveportal_ip_edit.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal","Edit allowed IP address"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php index 3d57926..a28ee94 100755 --- a/usr/local/www/services_captiveportal_mac.php +++ b/usr/local/www/services_captiveportal_mac.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal-macaddresses +##|*NAME=Services: Captive portal: Mac Addresses page +##|*DESCR=Allow access to the 'Services: Captive portal: Mac Addresses' page. +##|*MATCH=services_captiveportal_mac.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php index 737e9d5..7161a20 100755 --- a/usr/local/www/services_captiveportal_mac_edit.php +++ b/usr/local/www/services_captiveportal_mac_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-captiveportal-editmacaddresses +##|*NAME=Services: Captive portal: Edit MAC Addresses page +##|*DESCR=Allow access to the 'Services: Captive portal: Edit MAC Addresses' page. +##|*MATCH=services_captiveportal_mac_edit.php* +##|-PRIV + + $pgtitle = array("Services","Captive portal","Edit pass-through MAC address"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_users.php b/usr/local/www/services_captiveportal_users.php index 5e501a3..41ffb24 100755 --- a/usr/local/www/services_captiveportal_users.php +++ b/usr/local/www/services_captiveportal_users.php @@ -30,6 +30,14 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +##|+PRIV +##|*IDENT=page-services-captiveportal-users +##|*NAME=Services: Captive portal: Users page +##|*DESCR=Allow access to the 'Services: Captive portal: Users' page. +##|*MATCH=services_captiveportal_users.php* +##|-PRIV + $pgtitle = array("Services","Captive portal"); require("guiconfig.inc"); diff --git a/usr/local/www/services_captiveportal_users_edit.php b/usr/local/www/services_captiveportal_users_edit.php index f60e1ed..efafb6f 100755 --- a/usr/local/www/services_captiveportal_users_edit.php +++ b/usr/local/www/services_captiveportal_users_edit.php @@ -30,6 +30,14 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +##|+PRIV +##|*IDENT=page-services-captiveportal-edituser +##|*NAME=Services: Captive portal: Edit User page +##|*DESCR=Allow access to the 'Services: Captive portal: Edit User' page. +##|*MATCH=services_captiveportal_users_edit.php* +##|-PRIV + $pgtitle = array("Services","Captive portal","Edit user"); require("guiconfig.inc"); diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index 89c0a84..9bc3758 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dhcpserver +##|*NAME=Services: DHCP server page +##|*DESCR=Allow access to the 'Services: DHCP server' page. +##|*MATCH=services_dhcp.php* +##|-PRIV + + require("guiconfig.inc"); $if = $_GET['if']; diff --git a/usr/local/www/services_dhcp_edit.php b/usr/local/www/services_dhcp_edit.php index 44f7a62..224c84f 100755 --- a/usr/local/www/services_dhcp_edit.php +++ b/usr/local/www/services_dhcp_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dhcpserver-editstaticmapping +##|*NAME=Services: DHCP Server : Edit static mapping page +##|*DESCR=Allow access to the 'Services: DHCP Server : Edit static mapping' page. +##|*MATCH=services_dhcp_edit.php* +##|-PRIV + + require("guiconfig.inc"); $if = $_GET['if']; diff --git a/usr/local/www/services_dhcp_relay.php b/usr/local/www/services_dhcp_relay.php index e9bcff2..e4126c7 100755 --- a/usr/local/www/services_dhcp_relay.php +++ b/usr/local/www/services_dhcp_relay.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dhcprelay +##|*NAME=Services: DHCP Relay page +##|*DESCR=Allow access to the 'Services: DHCP Relay' page. +##|*MATCH=services_dhcp_relay.php* +##|-PRIV + + function get_wan_dhcp_server() { global $config, $g; $dhclientfn = $g['vardb_path'] . "/dhclient.leases." . $config['interfaces']['wan']['if']; diff --git a/usr/local/www/services_dnsmasq.php b/usr/local/www/services_dnsmasq.php index 44b1feb..34bfafa 100755 --- a/usr/local/www/services_dnsmasq.php +++ b/usr/local/www/services_dnsmasq.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dnsforwarder +##|*NAME=Services: DNS Forwarder page +##|*DESCR=Allow access to the 'Services: DNS Forwarder' page. +##|*MATCH=services_dnsmasq.php* +##|-PRIV + + require("guiconfig.inc"); $pconfig['enable'] = isset($config['dnsmasq']['enable']); diff --git a/usr/local/www/services_dnsmasq_domainoverride_edit.php b/usr/local/www/services_dnsmasq_domainoverride_edit.php index e3cd325..c5e7c09 100755 --- a/usr/local/www/services_dnsmasq_domainoverride_edit.php +++ b/usr/local/www/services_dnsmasq_domainoverride_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dnsforwarder-editdomainoverride +##|*NAME=Services: DNS Forwarder: Edit Domain Override page +##|*DESCR=Allow access to the 'Services: DNS Forwarder: Edit Domain Override' page. +##|*MATCH=services_dnsmasq_domainoverride_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['dnsmasq']['domainoverrides'])) { diff --git a/usr/local/www/services_dnsmasq_edit.php b/usr/local/www/services_dnsmasq_edit.php index ec3195d..4c07845 100755 --- a/usr/local/www/services_dnsmasq_edit.php +++ b/usr/local/www/services_dnsmasq_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dnsforwarder-edithost +##|*NAME=Services: DNS Forwarder: Edit host page +##|*DESCR=Allow access to the 'Services: DNS Forwarder: Edit host' page. +##|*MATCH=services_dnsmasq_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['dnsmasq']['hosts'])) diff --git a/usr/local/www/services_dyndns.php b/usr/local/www/services_dyndns.php index 9dccc31..b2c5641 100755 --- a/usr/local/www/services_dyndns.php +++ b/usr/local/www/services_dyndns.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dynamicdnsclients +##|*NAME=Services: Dynamic DNS clients page +##|*DESCR=Allow access to the 'Services: Dynamic DNS clients' page. +##|*MATCH=services_dyndns.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['dyndnses']['dyndns'])) diff --git a/usr/local/www/services_dyndns_edit.php b/usr/local/www/services_dyndns_edit.php index 53cc0dd..cae02d8 100644 --- a/usr/local/www/services_dyndns_edit.php +++ b/usr/local/www/services_dyndns_edit.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-dynamicdnsclient +##|*NAME=Services: Dynamic DNS client page +##|*DESCR=Allow access to the 'Services: Dynamic DNS client' page. +##|*MATCH=services_dyndns_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['dyndnses']['dyndns'])) { diff --git a/usr/local/www/services_proxyarp.php b/usr/local/www/services_proxyarp.php index 601f086..11b02bc 100755 --- a/usr/local/www/services_proxyarp.php +++ b/usr/local/www/services_proxyarp.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-proxyarp +##|*NAME=Services: Proxy ARP page +##|*DESCR=Allow access to the 'Services: Proxy ARP' page. +##|*MATCH=services_proxyarp.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['proxyarp']['proxyarpnet'])) { diff --git a/usr/local/www/services_proxyarp_edit.php b/usr/local/www/services_proxyarp_edit.php index 5a6e7f3..896424a 100755 --- a/usr/local/www/services_proxyarp_edit.php +++ b/usr/local/www/services_proxyarp_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-proxyarp-edit +##|*NAME=Services: Proxy ARP: Edit page +##|*DESCR=Allow access to the 'Services: Proxy ARP: Edit' page. +##|*MATCH=services_proxyarp_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['proxyarp']['proxyarpnet'])) { diff --git a/usr/local/www/services_rfc2136.php b/usr/local/www/services_rfc2136.php index d5d37a7..124bcef 100644 --- a/usr/local/www/services_rfc2136.php +++ b/usr/local/www/services_rfc2136.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-rfc2136clients +##|*NAME=Services: RFC 2136 clients page +##|*DESCR=Allow access to the 'Services: RFC 2136 clients' page. +##|*MATCH=services_rfc2136.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['dnsupdates']['dnsupdate'])) diff --git a/usr/local/www/services_snmp.php b/usr/local/www/services_snmp.php index 91a63cf..fc948e4 100755 --- a/usr/local/www/services_snmp.php +++ b/usr/local/www/services_snmp.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-snmp +##|*NAME=Services: SNMP page +##|*DESCR=Allow access to the 'Services: SNMP' page. +##|*MATCH=services_snmp.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['snmpd'])) { diff --git a/usr/local/www/services_usermanager.php b/usr/local/www/services_usermanager.php index c0ec5ac..33a1538 100755 --- a/usr/local/www/services_usermanager.php +++ b/usr/local/www/services_usermanager.php @@ -31,6 +31,14 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +##|+PRIV +##|*IDENT=page-services-usermanager +##|*NAME=Services: User Manager page +##|*DESCR=Allow access to the 'Services: User Manager' page. +##|*MATCH=services_usermanager.php* +##|-PRIV + require("guiconfig.inc"); if(isset($_POST['save'])){ $_POST['username']=trim($_POST['username']); diff --git a/usr/local/www/services_wol.php b/usr/local/www/services_wol.php index 21b5d20..0cc6dc1 100755 --- a/usr/local/www/services_wol.php +++ b/usr/local/www/services_wol.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-wakeonlan +##|*NAME=Services: Wake on LAN page +##|*DESCR=Allow access to the 'Services: Wake on LAN' page. +##|*MATCH=services_wol.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['wol']['wolentry'])) { diff --git a/usr/local/www/services_wol_edit.php b/usr/local/www/services_wol_edit.php index 459845a..1d8e2af 100755 --- a/usr/local/www/services_wol_edit.php +++ b/usr/local/www/services_wol_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-wakeonlan-edit +##|*NAME=Services: Wake on LAN: Edit page +##|*DESCR=Allow access to the 'Services: Wake on LAN: Edit' page. +##|*MATCH=services_wol_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['wol']['wolentry'])) { diff --git a/usr/local/www/status.php b/usr/local/www/status.php index 7b2a3bb..db82dad 100755 --- a/usr/local/www/status.php +++ b/usr/local/www/status.php @@ -6,6 +6,35 @@ * (modified for m0n0wall by Manuel Kasper <mk@neon1.net>) * (modified for pfSense by Scott Ullrich geekgod@pfsense.com) */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-hidden-detailedstatus +##|*NAME=Hidden: Detailed Status page +##|*DESCR=Allow access to the 'Hidden: Detailed Status' page. +##|*MATCH=status.php* +##|-PRIV /* Execute a command, with a title, and generate an HTML table * showing the results. diff --git a/usr/local/www/status_captiveportal.php b/usr/local/www/status_captiveportal.php index 1ee4265..adfcc0f 100755 --- a/usr/local/www/status_captiveportal.php +++ b/usr/local/www/status_captiveportal.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-captiveportal +##|*NAME=Status: Captive portal page +##|*DESCR=Allow access to the 'Status: Captive portal' page. +##|*MATCH=status_captiveportal.php* +##|-PRIV + + require("guiconfig.inc"); $concurrent = `cat /var/db/captiveportal.db | wc -l`; diff --git a/usr/local/www/status_filter_reload.php b/usr/local/www/status_filter_reload.php index 4b21811..d4c7345 100644 --- a/usr/local/www/status_filter_reload.php +++ b/usr/local/www/status_filter_reload.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-filterreloadstatus +##|*NAME=Status: Filter Reload Status page +##|*DESCR=Allow access to the 'Status: Filter Reload Status' page. +##|*MATCH=status_filter_reload.php* +##|-PRIV + + require_once("guiconfig.inc"); require_once("functions.inc"); diff --git a/usr/local/www/status_gateway_groups.php b/usr/local/www/status_gateway_groups.php index b3b0a77..76a426a 100755 --- a/usr/local/www/status_gateway_groups.php +++ b/usr/local/www/status_gateway_groups.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-gatewaygroups +##|*NAME=Status: Gateway Groups page +##|*DESCR=Allow access to the 'Status: Gateway Groups' page. +##|*MATCH=status_gateway_groups.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_group'])) diff --git a/usr/local/www/status_gateways.php b/usr/local/www/status_gateways.php index a84afcf..441dff6 100755 --- a/usr/local/www/status_gateways.php +++ b/usr/local/www/status_gateways.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-gateways +##|*NAME=Status: Gateways page +##|*DESCR=Allow access to the 'Status: Gateways' page. +##|*MATCH=status_gateways.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_item'])) { diff --git a/usr/local/www/status_graph.php b/usr/local/www/status_graph.php index 9d3cf32..df1a83f 100755 --- a/usr/local/www/status_graph.php +++ b/usr/local/www/status_graph.php @@ -32,6 +32,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-trafficgraph +##|*NAME=Status: Traffic Graph page +##|*DESCR=Allow access to the 'Status: Traffic Graph' page. +##|*MATCH=status_graph.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST['width']) diff --git a/usr/local/www/status_graph_cpu.php b/usr/local/www/status_graph_cpu.php index 08fd85a..cc18aed 100644 --- a/usr/local/www/status_graph_cpu.php +++ b/usr/local/www/status_graph_cpu.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-cpuload +##|*NAME=Status: CPU load page +##|*DESCR=Allow access to the 'Status: CPU load' page. +##|*MATCH=status_graph_cpu.php* +##|-PRIV + + $pgtitle = array("Status", "CPU load"); require("guiconfig.inc"); include("head.inc"); diff --git a/usr/local/www/status_interfaces.php b/usr/local/www/status_interfaces.php index fde298e..d62d696 100755 --- a/usr/local/www/status_interfaces.php +++ b/usr/local/www/status_interfaces.php @@ -32,6 +32,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-interfaces +##|*NAME=Status: Interfaces page +##|*DESCR=Allow access to the 'Status: Interfaces' page. +##|*MATCH=status_interfaces.php* +##|-PRIV + + require_once("guiconfig.inc"); $wancfg = &$config['interfaces']['wan']; diff --git a/usr/local/www/status_ovpn.php b/usr/local/www/status_ovpn.php index f7935a9..fed06ed 100644 --- a/usr/local/www/status_ovpn.php +++ b/usr/local/www/status_ovpn.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-openvpn +##|*NAME=Status: OpenVPN page +##|*DESCR=Allow access to the 'Status: OpenVPN' page. +##|*MATCH=status_ovpn.php* +##|-PRIV + + $pgtitle = array("Status", "OpenVPN"); require("guiconfig.inc"); diff --git a/usr/local/www/status_queues.php b/usr/local/www/status_queues.php index 6d11d01..276e1f6 100755 --- a/usr/local/www/status_queues.php +++ b/usr/local/www/status_queues.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-trafficshaper-queues +##|*NAME=Status: Traffic shaper: Queues page +##|*DESCR=Allow access to the 'Status: Traffic shaper: Queues' page. +##|*MATCH=status_queues.php* +##|-PRIV + + require("guiconfig.inc"); if($_GET['reset'] <> "") { diff --git a/usr/local/www/status_rrd_graph.php b/usr/local/www/status_rrd_graph.php index af6cc42..b5e740d 100755 --- a/usr/local/www/status_rrd_graph.php +++ b/usr/local/www/status_rrd_graph.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-rrdgraphs +##|*NAME=Status: RRD Graphs page +##|*DESCR=Allow access to the 'Status: RRD Graphs' page. +##|*MATCH=status_rrd_graph.php* +##|-PRIV + + require("guiconfig.inc"); if ($_GET['cat']) { diff --git a/usr/local/www/status_rrd_graph_settings.php b/usr/local/www/status_rrd_graph_settings.php index 4eaeb20..5163d7d 100755 --- a/usr/local/www/status_rrd_graph_settings.php +++ b/usr/local/www/status_rrd_graph_settings.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-rrdgraphs +##|*NAME=Status: RRD Graphs page +##|*DESCR=Allow access to the 'Status: RRD Graphs' page. +##|*MATCH=status_rrd_graph_settings.php* +##|-PRIV + + require("guiconfig.inc"); $pconfig['enable'] = isset($config['rrd']['enable']); diff --git a/usr/local/www/status_services.php b/usr/local/www/status_services.php index 8a184f3..471e9cd 100755 --- a/usr/local/www/status_services.php +++ b/usr/local/www/status_services.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-services +##|*NAME=Status: Services page +##|*DESCR=Allow access to the 'Status: Services' page. +##|*MATCH=status_services.php* +##|-PRIV + + require("guiconfig.inc"); function gentitle_pkg($pgname) { diff --git a/usr/local/www/status_slbd_pool.php b/usr/local/www/status_slbd_pool.php index ca8ebe8..19fa5ec 100755 --- a/usr/local/www/status_slbd_pool.php +++ b/usr/local/www/status_slbd_pool.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-loadbalancer-pool +##|*NAME=Status: Load Balancer: Pool page +##|*DESCR=Allow access to the 'Status: Load Balancer: Pool' page. +##|*MATCH=status_slbd_pool.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['load_balancer']['lbpool'])) { diff --git a/usr/local/www/status_slbd_vs.php b/usr/local/www/status_slbd_vs.php index d722fe0..3cee12a 100755 --- a/usr/local/www/status_slbd_vs.php +++ b/usr/local/www/status_slbd_vs.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-loadbalancer-virtualserver +##|*NAME=Status: Load Balancer: Virtual Server page +##|*DESCR=Allow access to the 'Status: Load Balancer: Virtual Server' page. +##|*MATCH=status_slbd_vs.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['load_balancer']['lbpool'])) { diff --git a/usr/local/www/status_upnp.php b/usr/local/www/status_upnp.php index ca0c38d..cbf848f 100644 --- a/usr/local/www/status_upnp.php +++ b/usr/local/www/status_upnp.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-status-upnpstatus +##|*NAME=Status: UPnP Status page +##|*DESCR=Allow access to the 'Status: UPnP Status' page. +##|*MATCH=status_upnp.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/status_wireless.php b/usr/local/www/status_wireless.php index ae8faf7..8dd6b83 100755 --- a/usr/local/www/status_wireless.php +++ b/usr/local/www/status_wireless.php @@ -26,6 +26,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-diagnostics-wirelessstatus +##|*NAME=Diagnostics: Wireless Status page +##|*DESCR=Allow access to the 'Diagnostics: Wireless Status' page. +##|*MATCH=status_wireless.php* +##|-PRIV + + require_once("guiconfig.inc"); function gentitle_pkg($pgname) { diff --git a/usr/local/www/system.php b/usr/local/www/system.php index 4011e57..b04e9ce 100755 --- a/usr/local/www/system.php +++ b/usr/local/www/system.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-generalsetup +##|*NAME=System: General Setup page +##|*DESCR=Allow access to the 'System: General Setup' page. +##|*MATCH=system.php* +##|-PRIV + + require("guiconfig.inc"); $pconfig['hostname'] = $config['system']['hostname']; diff --git a/usr/local/www/system_advanced.php b/usr/local/www/system_advanced.php index 871eedb..90e9b0b 100755 --- a/usr/local/www/system_advanced.php +++ b/usr/local/www/system_advanced.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-advancedfunctions +##|*NAME=System: Advanced functions page +##|*DESCR=Allow access to the 'System: Advanced functions' page. +##|*MATCH=system_advanced.php* +##|-PRIV + + require("guiconfig.inc"); $pconfig['disablefilter'] = $config['system']['disablefilter']; diff --git a/usr/local/www/system_advanced_create_certs.php b/usr/local/www/system_advanced_create_certs.php index 1727fc3..2f633b4 100755 --- a/usr/local/www/system_advanced_create_certs.php +++ b/usr/local/www/system_advanced_create_certs.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-advancedfunctions-createcertificates +##|*NAME=System: Advanced functions: Create Certificates page +##|*DESCR=Allow access to the 'System: Advanced functions: Create Certificates' page. +##|*MATCH=system_advanced_create_certs.php* +##|-PRIV + + require("guiconfig.inc"); if(file_exists("/var/etc/ssl/openssl.cnf")) { diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index 2a42ef3..c55c860 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-firmware-manualupdate +##|*NAME=System: Firmware: Manual Update page +##|*DESCR=Allow access to the 'System: Firmware: Manual Update' page. +##|*MATCH=system_firmware.php* +##|-PRIV + + $d_isfwfile = 1; require_once("guiconfig.inc"); diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 426232f..c6ef8aa 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-firmware-checkforupdate +##|*NAME=System: Firmware: Check For Update page +##|*DESCR=Allow access to the 'System: Firmware: Check For Update' page. +##|*MATCH=system_firmware_auto.php* +##|-PRIV + + require("guiconfig.inc"); $curcfg = $config['system']['firmware']; diff --git a/usr/local/www/system_firmware_check.php b/usr/local/www/system_firmware_check.php index 69e1b09..54c72fb 100755 --- a/usr/local/www/system_firmware_check.php +++ b/usr/local/www/system_firmware_check.php @@ -31,6 +31,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-firmware-autoupdate +##|*NAME=System: Firmware: Auto Update page +##|*DESCR=Allow access to the 'System: Firmware: Auto Update' page. +##|*MATCH=system_firmware_check.php* +##|-PRIV + + $d_isfwfile = 1; require("guiconfig.inc"); diff --git a/usr/local/www/system_firmware_settings.php b/usr/local/www/system_firmware_settings.php index 3940ed8..a60919b 100755 --- a/usr/local/www/system_firmware_settings.php +++ b/usr/local/www/system_firmware_settings.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-firmware-settings +##|*NAME=System: Firmware: Settings page +##|*DESCR=Allow access to the 'System: Firmware: Settings' page. +##|*MATCH=system_firmware_settings.php* +##|-PRIV + + require("guiconfig.inc"); if ($_POST) { diff --git a/usr/local/www/system_gateway_groups.php b/usr/local/www/system_gateway_groups.php index 647bb42..d142730 100755 --- a/usr/local/www/system_gateway_groups.php +++ b/usr/local/www/system_gateway_groups.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-gatewaygroups +##|*NAME=System: Gateway Groups page +##|*DESCR=Allow access to the 'System: Gateway Groups' page. +##|*MATCH=system_gateway_groups.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_group'])) diff --git a/usr/local/www/system_gateway_groups_edit.php b/usr/local/www/system_gateway_groups_edit.php index 3ec8643..683db2a 100755 --- a/usr/local/www/system_gateway_groups_edit.php +++ b/usr/local/www/system_gateway_groups_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-gateways-editgatewaygroups +##|*NAME=System: Gateways: Edit Gateway Groups page +##|*DESCR=Allow access to the 'System: Gateways: Edit Gateway Groups' page. +##|*MATCH=system_gateway_groups_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_item'])) diff --git a/usr/local/www/system_gateways.php b/usr/local/www/system_gateways.php index 7bc9142..9a678c3 100755 --- a/usr/local/www/system_gateways.php +++ b/usr/local/www/system_gateways.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-gateways +##|*NAME=System: Gateways page +##|*DESCR=Allow access to the 'System: Gateways' page. +##|*MATCH=system_gateways.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_item'])) diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index 4156066..76c0b9e 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-gateways-editgateway +##|*NAME=System: Gateways: Edit Gateway page +##|*DESCR=Allow access to the 'System: Gateways: Edit Gateway' page. +##|*MATCH=system_gateways_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['gateways']['gateway_item'])) diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index 48f3a7b..e79a77f 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -3,6 +3,9 @@ $Id: system_groupmanager.php part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2008 Shrew Soft Inc. + All rights reserved. + Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>. All rights reserved. @@ -31,202 +34,76 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); +##|+PRIV +##|*IDENT=page-system-groupmanager +##|*NAME=System: Group manager page +##|*DESCR=Allow access to the 'System: Group manager' page. +##|*MATCH=system_groupmanager.php* +##|-PRIV -$pgtitle = array("System", "Group manager"); -// Returns an array of pages with their descriptions -function getAdminPageList() { - global $g; - global $config; - - $tmp = Array(); - - if ($dir = opendir($g['www_path'])) { - while($file = readdir($dir)) { - // Make sure the file exists - if($file != "." && $file != ".." && $file[0] != '.') { - // Is this a .php file? - if (fnmatch('*.php',$file)) { - // Read the description out of the file - $contents = file_get_contents($file); - // Looking for a line like: - // $pgtitle = array("System", "Group manager"); - $offset = strpos($contents,'$pgtitle'); - $titlepos = strpos($contents,'(',$offset); - $titleendpos = strpos($contents,')',$titlepos); - if (($offset > 0) && ($titlepos > 0) && ($titleendpos > 0)) { - // Title found, extract it - $title = str_replace(',',': ',str_replace(array('"'),'',substr($contents,++$titlepos,($titleendpos - $titlepos)))); - $tmp[$file] = trim($title); - } - else { - $tmp[$file] = ''; - } - - } - } - } +require("guiconfig.inc"); - closedir($dir); - - // Sets Interfaces:Optional page that didn't read in properly with the above method, - // and pages that don't have descriptions. - $tmp['interfaces_opt.php'] = "Interfaces: Optional"; - $tmp['graph.php'] = "Diagnostics: Interface Traffic"; - $tmp['graph_cpu.php'] = "Diagnostics: CPU Utilization"; - $tmp['exec.php'] = "Command"; - $tmp['exec_raw.php'] = "Hidden: Exec Raw"; - $tmp['status.php'] = "Hidden: Detailed Status"; - $tmp['uploadconfig.php'] = "Hidden: Upload Configuration"; - $tmp['index.php'] = "*After Login/Dashboard"; - $tmp['system_usermanager.php'] = "*User Password change portal"; - $tmp['diag_logs_settings.php'] = "Diagnostics: Logs: Settings"; - $tmp['diag_logs_vpn.php'] = "Diagnostics: Logs: PPTP VPN"; - $tmp['diag_logs_filter.php'] = "Diagnostics: Logs: Firewall"; - $tmp['diag_logs_portal.php'] = "Diagnostics: Logs: Captive Portal"; - $tmp['diag_logs_dhcp.php'] = "Diagnostics: Logs: DHCP"; - $tmp['diag_logs.php'] = "Diagnostics: Logs: System"; - - $tmp['cg2.php'] = "CoreGUI GUI Manager"; - - unset($tmp['system_groupmanager_edit.php']); - unset($tmp['firewall_rules_schedule_logic.php']); - unset($tmp['status_rrd_graph_img.php']); - unset($tmp['diag_new_states.php']); - unset($tmp['system_usermanager_edit.php']); - - $tmp['pkg.php'] = "{$g['product_name']} Package manager"; - $tmp['pkg_edit.php'] = "{$g['product_name']} Package manager edit"; - $tmp['wizard.php'] = "{$g['product_name']} wizard subsystem"; - $tmp['graphs.php'] = "Graphing subsystem"; - $tmp['headjs.php'] = "*Required for javascript"; - - $tmp['ifstats.php'] = ("*Hidden: XMLRPC Interface Stats"); - $tmp['license.php'] = ("*System: License"); - $tmp['progress.php'] = ("*Hidden: No longer included"); - $tmp['diag_logs_filter_dynamic.php'] = ("*Hidden: No longer included"); - $tmp['preload.php'] = ("*Hidden: XMLRPC Preloader"); - $tmp['xmlrpc.php'] = ("*Hidden: XMLRPC Library"); - - $tmp['functions.inc.php'] = ("Hidden: Ajax Helper 1"); - $tmp['javascript.inc.php'] = ("Hidden: Ajax Helper 2 "); - $tmp['sajax.class.php'] = ("Hidden: Ajax Helper 3"); - - /* custom pkg.php items */ - $tmp['pkg.php?xml=openvpn.xml'] = ("VPN: OpenVPN"); - $tmp['pkg_edit.php?xml=carp_settings.xml&id=0'] = ("Services: CARP Settings: Edit"); - $tmp['pkg_edit.php?xml=olsrd.xml&id=0'] = ("Services: OLSR"); - $tmp['pkg_edit.php?xml=openntpd.xml&id=0'] = ("Services: NTP Server"); - - $tmp['system_usermanager_settings_test.php'] = ("System: User Manager: Settings: Test LDAP"); - - /* unset older openvpn scripts, we have a custom version - * included in CoreGUI */ - unset($tmp['vpn_openvpn.php']); - unset($tmp['vpn_openvpn_crl.php']); - unset($tmp['vpn_openvpn_ccd.php']); - unset($tmp['vpn_openvpn_srv.php']); - unset($tmp['vpn_openvpn_cli.php']); - unset($tmp['vpn_openvpn_ccd_edit.php']); - unset($tmp['phpconfig.php']); - unset($tmp['system_usermanager_settings_ldapacpicker.php']); - - unset($tmp['progress.php']); - unset($tmp['stats.php']); - unset($tmp['phpinfo.php']); - unset($tmp['preload.php']); - - // Add appropriate descriptions for extensions, if they exist - if(file_exists("extensions.inc")){ - include("extensions.inc"); - } - - /* firewall rule view and edit entries for lan, wan, optX */ - $iflist = get_configured_interface_list(false, true); - - // Firewall Rules - foreach ($iflist as $ifent => $ifname) { - $entryname = "firewall_rules.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall: Rules: " . strtoupper($ifname)); - $entryname = "firewall_rules_edit.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall: Rules: Edit: " . strtoupper($ifname)); - } +$pgtitle = array("System", "Group manager"); - /* additional firewal rules tab entries */ - $entryname = "firewall_rules_edit.php?if=enc0"; - $tmp[$entryname] = "Firewall: Rules: Edit: IPsec"; +if (!is_array($config['system']['group'])) + $config['system']['group'] = array(); - $entryname = "firewall_rules_edit.php?if=pptp"; - $tmp[$entryname] = "Firewall: Rules: Edit: PPTP"; +admin_groups_sort(); +$a_group = &$config['system']['group']; - $entryname = "firewall_rules_edit.php?if=pppoe"; - $tmp[$entryname] = "Firewall: Rules: Edit: PPPoE"; +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; - // User manager - $entryname = "system_usermanager.php"; - $tmp[$entryname] = "System: Change Password"; +if ($_GET['act'] == "delgroup") { - // User manager - $entryname = "system_usermanager"; - $tmp[$entryname] = "System: User Manager"; + if (!$a_group[$_GET['id']]) { + pfSenseHeader("system_groupmanager.php"); + exit; + } - // NAT Items - foreach ($iflist as $ifent => $ifname) { - $entryname = "firewall_nat.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall: NAT: Port Forward " . strtoupper($ifname)); - $entryname = "firewall_nat_edit.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall: NAT: Port Forward: Edit: " . strtoupper($ifname)); - } - /* additional nat tab entries */ - $entryname = "firewall_nat_edit.php?if=enc0"; - $tmp[$entryname] = "Firewall: NAT: Port Forward: Edit: IPsec"; - - $entryname = "firewall_nat_edit.php?if=pptp"; - $tmp[$entryname] = "Firewall: NAT: Port Forward: Edit: PPTP"; - - $entryname = "firewall_nat_edit.php?if=pppoe"; - $tmp[$entryname] = "Firewall: NAT: Port Forward: Edit: PPPoE"; - - asort($tmp); - return $tmp; - } + del_local_group($a_group[$_GET['id']]); + $groupdeleted = $a_group[$_GET['id']]['name']; + unset($a_group[$_GET['id']]); + write_config(); + $savemsg = gettext("Group")." {$groupdeleted} ". + gettext("successfully deleted")."<br/>"; } -// Get a list of all admin pages & Descriptions -$pages = getAdminPageList(); +if ($_GET['act'] == "delpriv") { -if (!is_array($config['system']['group'])) { - $config['system']['group'] = array(); -} -admin_groups_sort(); -$a_group = &$config['system']['group']; + if (!$a_group[$_GET['id']]) { + pfSenseHeader("system_groupmanager.php"); + exit; + } -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - -if ($_GET['act'] == "del") { - if ($a_group[$_GET['id']]) { - del_local_group($a_group[$_GET['id']]); - unset($a_group[$_GET['id']]); - write_config(); - header("Location: system_groupmanager.php"); - exit; + $privdeleted = $priv_list[$a_group[$id]['priv'][$_GET['privid']]]['name']; + unset($a_group[$id]['priv'][$_GET['privid']]); + + foreach ($a_group[$id]['member'] as $uid) { + $user = getUserEntryByUID($uid); + if ($user) + set_local_user($user); } -} + + write_config(); + $_GET['act'] = "edit"; + $savemsg = gettext("Privilege")." {$privdeleted} ". + gettext("successfully deleted")."<br/>"; +} if($_GET['act']=="edit"){ if (isset($id) && $a_group[$id]) { $pconfig['name'] = $a_group[$id]['name']; + $pconfig['gid'] = $a_group[$id]['gid']; + $pconfig['gtype'] = $a_group[$id]['scope']; $pconfig['description'] = $a_group[$id]['description']; - if (is_array($a_group[$id]['pages'])) - $pconfig['pages'] = $a_group[$id]['pages']; - else - $pconfig['pages'] = array(); + $pconfig['members'] = $a_group[$id]['member']; + $pconfig['priv'] = $a_group[$id]['priv']; } } - + if ($_POST) { unset($input_errors); @@ -259,14 +136,8 @@ if ($_POST) { $group['name'] = $_POST['groupname']; $group['description'] = $_POST['description']; - unset($group['pages']); - foreach ($pages as $fname => $title) { - $identifier = str_replace('.php','XXXUMXXX',$fname); - $identifier = str_replace('.','XXXDOTXXX',$identifier); - if ($_POST[$identifier] == 'yes') { - $group['pages'][] = $fname; - } - } + if ($group['gid'] != 1998) // all group + $group['member'] = $_POST['members']; if (isset($id) && $a_group[$id]) $a_group[$id] = $group; @@ -288,8 +159,59 @@ include("head.inc"); ?> <body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>"> +<?php include("fbegin.inc"); ?> +<script language="JavaScript"> +<!-- + +function setall_selected(id) { + selbox = document.getElementById(id); + count = selbox.options.length; + for (index = 0; index<count; index++) + selbox.options[index].selected = true; +} + +function clear_selected(id) { + selbox = document.getElementById(id); + count = selbox.options.length; + for (index = 0; index<count; index++) + selbox.options[index].selected = false; +} + +function remove_selected(id) { + selbox = document.getElementById(id); + index = selbox.options.length - 1; + for (; index >= 0; index--) + if (selbox.options[index].selected) + selbox.remove(index); +} + +function copy_selected(srcid, dstid) { + src_selbox = document.getElementById(srcid); + dst_selbox = document.getElementById(dstid); + count = src_selbox.options.length; + for (index = 0; index < count; index++) { + if (src_selbox.options[index].selected) { + option = document.createElement('option'); + option.text = src_selbox.options[index].text; + option.value = src_selbox.options[index].value; + dst_selbox.add(option, null); + } + } +} + +function move_selected(srcid, dstid) { + copy_selected(srcid, dstid); + remove_selected(srcid); +} + +function presubmit() { + clear_selected('notmembers'); + setall_selected('members'); +} + +//--> +</script> <?php - include("fbegin.inc"); if ($input_errors) print_input_errors($input_errors); if ($savemsg) @@ -302,7 +224,7 @@ include("head.inc"); <?php $tab_array = array(); $tab_array[] = array(gettext("Users"), false, "system_usermanager.php"); - $tab_array[] = array(gettext("Group"), true, "system_groupmanager.php"); + $tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php"); $tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php"); display_top_tabs($tab_array); ?> @@ -327,70 +249,134 @@ include("head.inc"); el.elements[i].checked = false; } </script> - <form action="system_groupmanager.php" method="post" name="iform" id="iform"> + <form action="system_groupmanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <?php + $ro = ""; + if ($pconfig['gtype'] == "system") + $ro = "readonly = \"readonly\""; + ?> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> + <td width="78%" class="vtable"> + <strong><?=strtoupper($pconfig['gtype']);?></strong> + <input name="gtype" type="hidden" value="<?=$pconfig['gtype']?>"/> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq">Group name</td> <td width="78%" class="vtable"> - <input name="groupname" type="text" class="formfld" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"> + <input name="groupname" type="text" class="formfld group" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" <?=$ro;?>> </td> </tr> <tr> <td width="22%" valign="top" class="vncell">Description</td> <td width="78%" class="vtable"> - <input name="description" type="text" class="formfld" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>"> + <input name="description" type="text" class="formfld unknown" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>"> <br> Group description, for your own information only </td> </tr> + + <?php if ($pconfig['gid'] != 1998): // all users group ?> + <tr> - <td colspan="4"> - <br> - Select that pages that this group may access. - Members of this group will be able to perform - all actions that are possible from each - individual web page. Ensure you set access - levels appropriately.<br> - <br> - <span class="vexpl"> - <span class="red"> - <strong> Note:</strong> - </span> - Pages marked with an * are strongly recommended - for every group. - </span> - </td> - </tr> - <tr> - <td colspan="4"> - <input type="button" name="types[]" value="Check All" onClick="checkall(); return false;"> - <input type="button" name="types[]" value="Check None" onClick="checknone(); return false;"> + <td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td> + <td width="78%" class="vtable" align="center"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td align="center" width="50%"> + <strong>Not Members</strong><br/> + <br/> + <select size="10" style="width: 75%" name="notmembers[]" class="formselect" id="notmembers" onChange="clear_selected('members')" multiple> + <?php + foreach ($config['system']['user'] as $user): + if (in_array($user['uid'],$pconfig['members'])) + continue; + ?> + <option value="<?=$user['uid'];?>" <?=$selected;?>> + <?=htmlspecialchars($user['name']);?> + </option> + <?php endforeach; ?> + </select> + <br/> + </td> + <td> + <br/> + <a href="javascript:move_selected('notmembers','members')"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="Add Members" alt="Add Members" width="17" height="17" border="0" /> + </a> + <br/><br/> + <a href="javascript:move_selected('members','notmembers')"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="Remove Members" alt="Remove Members" width="17" height="17" border="0" /> + </a> + </td> + <td align="center" width="50%"> + <strong>Members</strong><br/> + <br/> + <select size="10" style="width: 75%" name="members[]" class="formselect" id="members" onChange="clear_selected('notmembers')" multiple> + <?php + foreach ($config['system']['user'] as $user): + if (!in_array($user['uid'],$pconfig['members'])) + continue; + ?> + <option value="<?=$user['uid'];?>"> + <?=htmlspecialchars($user['name']);?> + </option> + <?php endforeach; ?> + </select> + <br/> + </td> + </tr> + </table> + <?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> </td> </tr> + + <?php endif; ?> + <tr> - <td colspan="2"> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> + <td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td> + <td width="78%" class="vtable"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td class="listhdrr"> </td> - <td class="listhdrr">Page Description</td> - <td class="listhdr">Filename</td> + <td width="40%" class="listhdrr"><?=gettext("Name");?></td> + <td width="60%" class="listhdrr"><?=gettext("Description");?></td> + <td class="list"></td> + </tr> + <?php + if(is_array($pconfig['priv'])): + $i = 0; + foreach ($pconfig['priv'] as $priv): + ?> + <tr> + <td class="listr"> + <?=htmlspecialchars($priv_list[$priv]['name']);?> + </td> + <td class="listbg"> + <font color="#FFFFFF"> + <?=htmlspecialchars($priv_list[$priv]['descr']);?> + </font> + </td> + <td valign="middle" nowrap class="list"> + <a href="system_groupmanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')"> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" /> + </a> + </td> </tr> - <?php - foreach ($pages as $fname => $title): - $identifier = str_replace('.php','XXXUMXXX',$fname); - $identifier = str_replace('.','XXXDOTXXX',$identifier); - $checked = ""; - if (in_array($fname,$pconfig['pages'])) - $checked = "checked"; + <?php + $i++; + endforeach; + endif; ?> <tr> - <td class="listlr"> - <input class="check" name="<?=$identifier?>" type="checkbox" id="<?=$identifier?>" value="yes" <?=$checked;?>> + <td class="list" colspan="2"></td> + <td class="list"> + <a href="system_groupmanager_addprivs.php?groupid=<?=$id?>"> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" /> + </a> </td> - <td class="listr"><?=$title?></td> - <td class="listr"><?=$fname?></td> </tr> - <?php endforeach; ?> </table> </td> </tr> @@ -400,7 +386,8 @@ include("head.inc"); <input name="save" type="submit" class="formbtn" value="Save"> <?php if (isset($id) && $a_group[$id]): ?> <input name="id" type="hidden" value="<?=$id;?>"> - <?php endif; ?> + <input name="gid" type="hidden" value="<?=$pconfig['gid'];?>"> + <?php endif; ?> </td> </tr> </table> @@ -412,27 +399,38 @@ include("head.inc"); <tr> <td width="25%" class="listhdrr">Group name</td> <td width="25%" class="listhdrr">Description</td> - <td width="15%" class="listhdrr">Member Count</td> - <td width="15%" class="listhdrr">Pages Accessible</td> + <td width="30%" class="listhdrr">Member Count</td> <td width="10%" class="list"></td> </tr> <?php $i = 0; foreach($a_group as $group): + + if($group['scope'] == "system") + $grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group-grey.png"; + else + $grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group.png"; ?> <tr> <td class="listlr"> - <?=htmlspecialchars($group['name']); ?> + <table border="0" cellpadding="0" cellspacing="0"> + <tr> + <td align="left" valign="center"> + <img src="<?=$grpimg;?>" alt="User" title="User" border="0" height="16" width="16" /> + </td> + </td> + <td align="left" valign="middle"> + <?=htmlspecialchars($group['name']); ?> + </td> + </tr> + </table> </td> <td class="listr"> <?=htmlspecialchars($group['description']);?> </td> - <td class="listr"> - <?=count($group['member'])?> - </td> <td class="listbg"> <font color="white"> - <?=count($group['pages']);?> + <?=count($group['member'])?> </font> </td> <td valign="middle" nowrap class="list"> @@ -440,9 +438,11 @@ include("head.inc"); <img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="edit group" width="17" height="17" border="0"> </a> - <a href="system_groupmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this group?')"> + <?php if($group['scope'] != "system"): ?> + <a href="system_groupmanager.php?act=delgroup&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this group?')"> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="delete group" width="17" height="17" border="0"> </a> + <?php endif; ?> </td> </tr> <?php @@ -450,7 +450,7 @@ include("head.inc"); endforeach; ?> <tr> - <td class="list" colspan="4"></td> + <td class="list" colspan="3"></td> <td class="list"> <a href="system_groupmanager.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="add group" width="17" height="17" border="0"> </a> diff --git a/usr/local/www/system_groupmanager_addprivs.php b/usr/local/www/system_groupmanager_addprivs.php new file mode 100644 index 0000000..6c808be --- /dev/null +++ b/usr/local/www/system_groupmanager_addprivs.php @@ -0,0 +1,182 @@ +<?php +/* $Id$ */ +/* + system_groupmanager_addprivs.php + + Copyright (C) 2006 Daniel S. Haischt. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-system-groupmanager-addprivs +##|*NAME=System: Group Manager: Add Privileges page +##|*DESCR=Allow access to the 'System: Group Manager: Add Privileges' page. +##|*MATCH=system_groupmanager_addprivs.php* +##|-PRIV + + +require("guiconfig.inc"); + +$pgtitle = array("System","Group manager","Add privileges"); + +$groupid = $_GET['groupid']; +if (isset($_POST['groupid'])) + $groupid = $_POST['groupid']; + +admin_groups_sort(); +$a_group = & $config['system']['group'][$groupid]; + +if (!is_array($a_group)) { + pfSenseHeader("system_groupmanager.php?id={$groupid}"); + exit; +} + +if (!is_array($a_group['priv'])) + $a_group['priv'] = array(); + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "sysprivs"); + $reqdfieldsn = explode(",", "Selected priveleges"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + /* if this is an AJAX caller then handle via JSON */ + if(isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + + if (!is_array($pconfig['sysprivs'])) + $pconfig['sysprivs'] = array(); + + if (!count($a_group['priv'])) + $a_group['priv'] = $pconfig['sysprivs']; + else + $a_group['priv'] = array_merge($a_group['priv'], $pconfig['sysprivs']); + + foreach ($a_group['member'] as $uid) { + $user = getUserEntryByUID($uid); + if ($user) + set_local_user($user); + } + + $retval = write_config(); + $savemsg = get_std_save_message($retval); + + pfSenseHeader("system_groupmanager.php?act=edit&id={$groupid}"); + exit; + } +} + +/* if ajax is calling, give them an update message */ +if(isAjax()) + print_info_box_np($savemsg); + +include("head.inc"); +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> +<?php include("fbegin.inc"); ?> +<script type="text/javascript"> +<!-- + +<?php + +if (is_array($priv_list)) { + $id = 0; + + $jdescs = "var descs = new Array();\n"; + foreach($priv_list as $pname => $pdata) { + if (in_array($pname, $a_group['priv'])) + continue; + $desc = addslashes($pdata['descr']); + $jdescs .= "descs[{$id}] = '{$desc}';\n"; + $id++; + } + + echo $jdescs; +} + +?> + +function update_description() { + var index = document.iform.sysprivs.selectedIndex; + document.getElementById("pdesc").innerHTML = descs[index]; +} + +//--> +</script> +<?php + if ($input_errors) + print_input_errors($input_errors); + if ($savemsg) + print_info_box($savemsg); +?> + <form action="system_groupmanager_addprivs.php" method="post" name="iform" id="iform"> + <div id="inputerrors"></div> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td> + <td width="78%" class="vtable"> + <select name="sysprivs[]" id="sysprivs" class="formselect" onchange="update_description();" multiple> + <?php + foreach($priv_list as $pname => $pdata): + if (in_array($pname, $a_group['priv'])) + continue; + ?> + <option value="<?=$pname;?>"><?=$pdata['name'];?></option> + <?php endforeach; ?> + </select> + <br/> + <?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> + </td> + </tr> + <tr height="60"> + <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> + <td width="78%" valign="top" class="vtable" id="pdesc"> + <em>Select a privilege from the list above for a description</em> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input id="submitt" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> + <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> + <?php if (isset($groupid)): ?> + <input name="groupid" type="hidden" value="<?=$groupid;?>" /> + <?php endif; ?> + </td> + </tr> + </table> + </form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/system_routes.php b/usr/local/www/system_routes.php index a51e416..0c2175a 100755 --- a/usr/local/www/system_routes.php +++ b/usr/local/www/system_routes.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-staticroutes +##|*NAME=System: Static Routes page +##|*DESCR=Allow access to the 'System: Static Routes' page. +##|*MATCH=system_routes.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['staticroutes']['route'])) diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 16ef541..d0cd5ef 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-staticroutes-editroute +##|*NAME=System: Static Routes: Edit route page +##|*DESCR=Allow access to the 'System: Static Routes: Edit route' page. +##|*MATCH=system_routes_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['staticroutes']['route'])) diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 0c440b0..791fae6 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -4,6 +4,9 @@ system_usermanager.php part of m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2008 Shrew Soft Inc. + All rights reserved. + Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>. All rights reserved. @@ -32,6 +35,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-usermanager +##|*NAME=System: User Manager page +##|*DESCR=Allow access to the 'System: User Manager' page. +##|*MATCH=system_usermanager.php* +##|-PRIV + + require("guiconfig.inc"); if (isAllowedPage("system_usermanager")) { @@ -47,32 +58,38 @@ if (isAllowedPage("system_usermanager")) { $config['system']['user'] = array(); admin_users_sort(); - if (is_array($config['system']['user'])) - $a_user = &$config['system']['user']; - $t_privs = $a_user[$id]['priv']; + $a_user = &$config['system']['user']; - if ($_GET['act'] == "del") { + if ($_GET['act'] == "deluser") { - if (($_GET['what'] == "user") && $a_user[$_GET['id']]) { - del_local_user($a_user[$_GET['id']]); - $userdeleted = $a_user[$_GET['id']]['name']; - unset($a_user[$_GET['id']]); - write_config(); - $retval = system_password_configure(); - $savemsg = gettext("User")." {$userdeleted} ". - gettext("successfully deleted")."<br/>"; + if (!$a_user[$_GET['id']]) { + pfSenseHeader("system_usermanager.php"); + exit; } - if (($_GET['what'] == "priv") && $t_privs[$_GET['privid']]) { - $privdeleted = $t_privs[$_GET['privid']]['id']; - unset($a_user[$id]['priv'][$_GET['privid']]); - write_config(); - unset($t_privs[$_GET['privid']]); - $_GET['act'] = "edit"; - $savemsg = gettext("Privilege")." {$privdeleted} ". - gettext("of user")." {$a_user[$_GET['id']]['name']} ". - gettext("successfully deleted")."<br/>"; + del_local_user($a_user[$_GET['id']]); + $userdeleted = $a_user[$_GET['id']]['name']; + unset($a_user[$_GET['id']]); + write_config(); + $retval = system_password_configure(); + $savemsg = gettext("User")." {$userdeleted} ". + gettext("successfully deleted")."<br/>"; + } + + if ($_GET['act'] == "delpriv") { + + if (!$a_user[$_GET['id']]) { + pfSenseHeader("system_usermanager.php"); + exit; } + + $privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name']; + unset($a_user[$id]['priv'][$_GET['privid']]); + write_config(); + unset($t_privs[$_GET['privid']]); + $_GET['act'] = "edit"; + $savemsg = gettext("Privilege")." {$privdeleted} ". + gettext("successfully deleted")."<br/>"; } if ($_GET['act'] == "edit") { @@ -83,6 +100,7 @@ if (isAllowedPage("system_usermanager")) { $pconfig['utype'] = $a_user[$id]['scope']; $pconfig['uid'] = $a_user[$id]['uid']; $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); + $pconfig['priv'] = $a_user[$id]['priv']; } } @@ -154,9 +172,6 @@ if (isAllowedPage("system_usermanager")) { isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; - if ($_POST['passwordfld1']) - set_local_user_password($userent, $_POST['passwordfld1']); - if(isset($config['system']['ssh']['sshdkeyonly'])) $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); @@ -167,7 +182,7 @@ if (isAllowedPage("system_usermanager")) { $a_user[] = $userent; } - set_local_user($userent); + set_local_user($userent, $_POST['passwordfld1']); set_local_user_groups($userent,$_POST['groups']); write_config(); $retval = system_password_configure(); @@ -180,8 +195,59 @@ if (isAllowedPage("system_usermanager")) { ?> <body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>"> +<?php include("fbegin.inc"); ?> +<script language="JavaScript"> +<!-- + +function setall_selected(id) { + selbox = document.getElementById(id); + count = selbox.options.length; + for (index = 0; index<count; index++) + selbox.options[index].selected = true; +} + +function clear_selected(id) { + selbox = document.getElementById(id); + count = selbox.options.length; + for (index = 0; index<count; index++) + selbox.options[index].selected = false; +} + +function remove_selected(id) { + selbox = document.getElementById(id); + index = selbox.options.length - 1; + for (; index >= 0; index--) + if (selbox.options[index].selected) + selbox.remove(index); +} + +function copy_selected(srcid, dstid) { + src_selbox = document.getElementById(srcid); + dst_selbox = document.getElementById(dstid); + count = src_selbox.options.length; + for (index = 0; index < count; index++) { + if (src_selbox.options[index].selected) { + option = document.createElement('option'); + option.text = src_selbox.options[index].text; + option.value = src_selbox.options[index].value; + dst_selbox.add(option, null); + } + } +} + +function move_selected(srcid, dstid) { + copy_selected(srcid, dstid); + remove_selected(srcid); +} + +function presubmit() { + clear_selected('notgroups'); + setall_selected('groups'); +} + +//--> +</script> <?php - include("fbegin.inc"); if ($input_errors) print_input_errors($input_errors); if ($savemsg) @@ -193,7 +259,7 @@ if (isAllowedPage("system_usermanager")) { <?php $tab_array = array(); $tab_array[] = array(gettext("Users"), true, "system_usermanager.php"); - $tab_array[] = array(gettext("Group"), false, "system_groupmanager.php"); + $tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php"); $tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php"); display_top_tabs($tab_array); ?> @@ -204,13 +270,20 @@ if (isAllowedPage("system_usermanager")) { <?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?> - <form action="system_usermanager.php" method="post" name="iform" id="iform"> + <form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <?php $ro = ""; if ($pconfig['utype'] == "system") $ro = "readonly = \"readonly\""; ?> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td> + <td width="78%" class="vtable"> + <strong><?=strtoupper($pconfig['utype']);?></strong> + <input name="utype" type="hidden" value="<?=$pconfig['utype']?>"/> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td> <td width="78%" class="vtable"> @@ -237,128 +310,139 @@ if (isAllowedPage("system_usermanager")) { <?=gettext("User's full name, for your own information only");?> </td> </tr> + + <?php if (isset($config['system']['ssh']['sshdkeyonly'])): ?> + <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("User type");?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td> <td width="78%" class="vtable"> - <input name="utype" type="text" class="formfld unknown" id="utype" size="20" value="<?=htmlspecialchars($pconfig['utype']);?>" readonly="readonly" /> + <textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea> <br/> - <?=gettext("Indicates whether this is a system (aka non-deletable) user or a user created by a particular user.");?> + <?=gettext("Paste an authorized keys file here.");?> + </td> + </tr> + + <?php endif; ?> + + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td> + <td width="78%" class="vtable" align="center"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td align="center" width="50%"> + <strong>Not Member Of</strong><br/> + <br/> + <select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onChange="clear_selected('groups')" multiple> + <?php + foreach ($config['system']['group'] as $group): + if ($group['gid'] == 1998) /* all users group */ + continue; + if (in_array($group['name'],$pconfig['groups'])) + continue; + ?> + <option value="<?=$group['name'];?>" <?=$selected;?>> + <?=htmlspecialchars($group['name']);?> + </option> + <?php endforeach; ?> + </select> + <br/> + </td> + <td> + <br/> + <a href="javascript:move_selected('notgroups','groups')"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="Add Groups" alt="Add Groups" width="17" height="17" border="0" /> + </a> + <br/><br/> + <a href="javascript:move_selected('groups','notgroups')"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="Remove Groups" alt="Remove Groups" width="17" height="17" border="0" /> + </a> + </td> + <td align="center" width="50%"> + <strong>Member Of</strong><br/> + <br/> + <select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onChange="clear_selected('nogroups')" multiple> + <?php + foreach ($config['system']['group'] as $group): + if ($group['gid'] == 1998) /* all users group */ + continue; + if (!in_array($group['name'],$pconfig['groups'])) + continue; + ?> + <option value="<?=$group['name'];?>"> + <?=htmlspecialchars($group['name']);?> + </option> + <?php endforeach; ?> + </select> + <br/> + </td> + </tr> + </table> + <?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> </td> </tr> <?php if ($pconfig['uid']): ?> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("User Privileges");?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td> <td width="78%" class="vtable"> <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td width="5%" class="listhdrr"><?=gettext("ID");?></td> + <td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td> <td width="30%" class="listhdrr"><?=gettext("Name");?></td> <td width="40%" class="listhdrr"><?=gettext("Description");?></td> - <td width="5%" class="list"></td> + <td class="list"></td> </tr> <?php - if(is_array($t_privs)): + + $privdesc = get_user_privdesc($a_user[$_GET['id']]); + if(is_array($privdesc)): $i = 0; - foreach ($t_privs as $priv): - if($priv['id'] <> ""): + foreach ($privdesc as $priv): + $group = false; + if ($priv['group']) + $group = $priv['group']; ?> <tr> - <td class="listlr" <?php if($a_user[$id]['scope'] == "user") echo "ondblclick=\"document.location='system_usermanager_edit.php?id={$i}&userid={$id}&useract={$_GET['act']}';\""; ?>> - <?=htmlspecialchars($priv['id']);?> - </td> - <td class="listr" <?php if($a_user[$id]['scope'] == "user") echo "ondblclick=\"document.location='system_usermanager_edit.php?id={$i}&userid={$id}&useract={$_GET['act']}';\""; ?>> + <td class="listlr"><?=$group;?></td> + <td class="listr"> <?=htmlspecialchars($priv['name']);?> </td> - <td class="listbg" <?php if($a_user[$id]['scope'] == "user") echo "ondblclick=\"document.location='system_usermanager_edit?id={$i}&userid={$id}&useract={$_GET['act']}';\""; ?>> - <font color="#FFFFFF"><?=htmlspecialchars($priv['descr']);?> </font> + <td class="listbg"> + <font color="#FFFFFF"> + <?=htmlspecialchars($priv['descr']);?> + </font> </td> <td valign="middle" nowrap class="list"> - <?php if($a_user[$id]['scope'] == "user"): ?> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"> - <a href="system_usermanager_edit.php?id=<?=$i;?>&userid=<?= $id ?>&useract=<?= $_GET['act'] ?>"> - <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" alt="" /> - </a> - </td> - <td valign="middle"> - <a href="system_usermanager.php?act=del&privid=<?=$i;?>&what=priv&id=<?= $id ?>" onclick="return confirm('<?=gettext("Do you really want to delete this mapping?");?>')"> - <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" /> - </a> - </td> - </tr> - </table> + <?php if (!$group): ?> + <a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')"> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" /> + </a> <?php endif; ?> </td> </tr> <?php - endif; - $i++; + /* can only delete user priv indexes */ + if (!$group) + $i++; endforeach; endif; - if ($a_user[$id]['scope'] == "user"): ?> <tr> <td class="list" colspan="3"></td> <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"> - <a href="system_usermanager_edit.php?userid=<?= $id ?>&useract=<?= $_GET['act'] ?>"> - <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" /> - </a> - </td> - </tr> - </table> + <a href="system_usermanager_addprivs.php?userid=<?=$id?>"> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" /> + </a> </td> </tr> - <?php - endif; - ?> </table> </td> </tr> <?php endif; ?> - <?php if (isset($config['system']['ssh']['sshdkeyonly'])): ?> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td> - <td width="78%" class="vtable"> - <textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert" wrap="off"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea> - <br/> - <?=gettext("Paste an authorized keys file here.");?> - </td> - </tr> - - <?php endif; ?> - - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td> - <td width="78%" class="vtable"> - <select size="10" name="groups[]" class="formselect" id="groups" multiple> - <?php - foreach ($config['system']['group'] as $group): - if ($group['gid'] != 1998): /* all users group */ - $selected = ""; - if (in_array($group['name'],$pconfig['groups'])) - $selected = "selected"; - ?> - <option value="<?=$group['name'];?>" <?=$selected;?>> - <?=htmlspecialchars($group['name']);?> - </option> - <?php - endif; - endforeach; - ?> - </select> - <br/> - <?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> - </td> - </tr> - <tr> <td width="22%" valign="top"> </td> <td width="78%"> <input id="submit" name="save" type="submit" class="formbtn" value="Save" /> @@ -371,7 +455,6 @@ if (isAllowedPage("system_usermanager")) { </form> <?php else: ?> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="25%" class="listhdrr">Username</td> @@ -389,10 +472,10 @@ if (isAllowedPage("system_usermanager")) { <tr> <td align="left" valign="center"> <?php - if($userent['scope'] == "user") - $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png"; - else + if($userent['scope'] != "user") $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png"; + else + $usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png"; ?> <img src="<?=$usrimg;?>" alt="User" title="User" border="0" height="16" width="16" /> </td> @@ -413,9 +496,9 @@ if (isAllowedPage("system_usermanager")) { <a href="system_usermanager.php?act=edit&id=<?=$i;?>"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="edit user" alt="edit user" width="17" height="17" border="0" /> </a> - <?php if($userent['scope'] == "user"): ?> + <?php if($userent['scope'] != "system"): ?> - <a href="system_usermanager.php?act=del&what=user&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')"> + <a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="delete user" alt="delete user" width="17" height="17" border="0" /> </a> <?php endif; ?> @@ -460,6 +543,7 @@ if (isAllowedPage("system_usermanager")) { } else { // start normal user code + $pgtitle = array("System","User Password"); if (isset($_POST['save'])) { @@ -542,30 +626,7 @@ if (isAllowedPage("system_usermanager")) { </body> <?php -} // end of normal user code -/* - * NOTE : sections of the code below are based on the BSD - * licensed CHAP.php courtesy of Michael Retterklieber. - */ -function set_password_hashes(& $userent, $password) { - - $userent['password'] = crypt($password); - $userent['md5-hash'] = md5($password); -/* - * Waiting for mhash - * - * // Converts ascii to unicode. - * $astr = (string) $password; - * $ustr = ''; - * for ($i = 0; $i < strlen($astr); $i++) { - * $a = ord($astr{$i}) << 8; - * $ustr.= sprintf("%X", $a); - * } - * - * // Generate the NT-HASH from the unicode string - * $userent['nt-hash'] = bin2hex(mhash(MHASH_MD4, $ustr)); - */ -} +} // end of normal user code ?> diff --git a/usr/local/www/system_usermanager_addprivs.php b/usr/local/www/system_usermanager_addprivs.php new file mode 100644 index 0000000..61758b7 --- /dev/null +++ b/usr/local/www/system_usermanager_addprivs.php @@ -0,0 +1,181 @@ +<?php +/* $Id$ */ +/* + system_usermanager_addprivs.php + + Copyright (C) 2006 Daniel S. Haischt. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +##|+PRIV +##|*IDENT=page-system-usermanager-addprivs +##|*NAME=System: User Manager: Add Privileges page +##|*DESCR=Allow access to the 'System: User Manager: Add Privileges' page. +##|*MATCH=system_usermanager_addprivs.php* +##|-PRIV + + +require("guiconfig.inc"); + +$pgtitle = array("System","User manager","Add privileges"); + +$userid = $_GET['userid']; +if (isset($_POST['userid'])) + $userid = $_POST['userid']; + +admin_users_sort(); +$a_user = & $config['system']['user'][$userid]; +if (!is_array($a_user)) { + pfSenseHeader("system_usermanager.php?id={$userid}"); + exit; +} + +if (!is_array($a_user)) { + pfSenseHeader("system_usermanager.php"); + exit; +} + +if (!is_array($a_user['priv'])) + $a_user['priv'] = array(); + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "sysprivs"); + $reqdfieldsn = explode(",", "Selected priveleges"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + /* if this is an AJAX caller then handle via JSON */ + if(isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + + if (!is_array($pconfig['sysprivs'])) + $pconfig['sysprivs'] = array(); + + if (!count($a_user['priv'])) + $a_user['priv'] = $pconfig['sysprivs']; + else + $a_user['priv'] = array_merge($a_user['priv'], $pconfig['sysprivs']); + + set_local_user($a_user); + $retval = write_config(); + $savemsg = get_std_save_message($retval); + + pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); + exit; + } +} + +/* if ajax is calling, give them an update message */ +if(isAjax()) + print_info_box_np($savemsg); + +include("head.inc"); +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> +<?php include("fbegin.inc"); ?> +<script type="text/javascript"> +<!-- + +<?php + +if (is_array($priv_list)) { + $id = 0; + + $jdescs = "var descs = new Array();\n"; + foreach($priv_list as $pname => $pdata) { + if (in_array($pname, $a_user['priv'])) + continue; + $desc = addslashes($pdata['descr']); + $jdescs .= "descs[{$id}] = '{$desc}';\n"; + $id++; + } + + echo $jdescs; +} + +?> + +function update_description() { + var index = document.iform.sysprivs.selectedIndex; + document.getElementById("pdesc").innerHTML = descs[index]; +} + +//--> +</script> +<?php + if ($input_errors) + print_input_errors($input_errors); + if ($savemsg) + print_info_box($savemsg); +?> + <form action="system_usermanager_addprivs.php" method="post" name="iform" id="iform"> + <div id="inputerrors"></div> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td> + <td width="78%" class="vtable"> + <select name="sysprivs[]" id="sysprivs" class="formselect" onchange="update_description();" multiple> + <?php + foreach($priv_list as $pname => $pdata): + if (in_array($pname, $a_user['priv'])) + continue; + ?> + <option value="<?=$pname;?>"><?=$pdata['name'];?></option> + <?php endforeach; ?> + </select> + <br/> + <?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?> + </td> + </tr> + <tr height="60"> + <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> + <td width="78%" valign="top" class="vtable" id="pdesc"> + <em>Select a privilege from the list above for a description</em> + </td> + </tr> + <tr> + <td width="22%" valign="top"> </td> + <td width="78%"> + <input id="submitt" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> + <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> + <?php if (isset($userid)): ?> + <input name="userid" type="hidden" value="<?=$userid;?>" /> + <?php endif; ?> + </td> + </tr> + </table> + </form> +<?php include("fend.inc"); ?> +</body> +</html> diff --git a/usr/local/www/system_usermanager_edit.php b/usr/local/www/system_usermanager_edit.php deleted file mode 100644 index af4a9b3..0000000 --- a/usr/local/www/system_usermanager_edit.php +++ /dev/null @@ -1,281 +0,0 @@ -<?php -/* $Id$ */ -/* - system_usermanager_edit.php - - Copyright (C) 2006 Daniel S. Haischt. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - -$pgtitle = array("System","User manager","Edit privilege"); - -/* - NOTE: The following code presumes, that the following XML structure - exists or if it does not exist, it will be created. - - <priv> - <id>fooid</id> - <name>foo</name> - <descr>foo desc</descr> - </priv> - <priv> - <id>barid</id> - <name>bar</name> - <descr>bar desc</descr> - </priv> -*/ - -$useract = $_GET['useract']; -if (isset($_POST['useract'])) - $useract = $_POST['useract']; - -/* USERID must be set no matter whether this is a new entry or an existing entry */ -$userid = $_GET['userid']; -if (isset($_POST['userid'])) - $userid = $_POST['userid']; - -/* ID is only set if the user wants to edit an existing entry */ -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - -if (empty($config['system']['user'][$userid])) { - pfSenseHeader("system_usermanager.php?id={$userid}&act={$_GET['useract']}"); - exit; -} - -if (!is_array($config['system']['user'][$userid]['priv'])) - $config['system']['user'][$userid]['priv'] = array(); - -$t_privs = &$config['system']['user'][$userid]['priv']; - -if (isset($id) && $t_privs[$id]) { - $pconfig['pid'] = $t_privs[$id]['id']; - $pconfig['pname'] = $t_privs[$id]['name']; - $pconfig['descr'] = $t_privs[$id]['descr']; -} else { - $pconfig['pid'] = $_GET['pid']; - $pconfig['pname'] = $_GET['pname']; - $pconfig['descr'] = $_GET['descr']; -} - -if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - $reqdfields = explode(" ", "pid pname"); - $reqdfieldsn = explode(",", "ID, Privilege Name"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - /* check for overlaps */ - foreach ($t_privs as $priv) { - if (isset($id) && ($t_privs[$id]) && ($t_privs[$id] === $priv)) - continue; - if ($priv['id'] == $pconfig['pid']) { - $input_errors[] = gettext("This privilege ID already exists."); - break; - } - } - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $userindex[$userid]['name'])) - $input_errors[] = gettext("The username contains invalid characters " . - "((this means this user can't be used to create" . - " a shell account)."); - - /* if this is an AJAX caller then handle via JSON */ - if(isAjax() && is_array($input_errors)) { - input_errors2Ajax($input_errors); - exit; - } - - if (!$input_errors) { - $priv = array(); - $priv['id'] = $pconfig['pid']; - $priv['name'] = $pconfig['pname']; - $priv['descr'] = $pconfig['descr']; - - if (isset($id) && $t_privs[$id]) - $t_privs[$id] = $priv; - else - $t_privs[] = $priv; - - set_local_user($config['system']['user'][$userid]); - write_config(); - - $retval = 0; - config_lock(); - config_unlock(); - - $savemsg = get_std_save_message($retval); - - pfSenseHeader("system_usermanager.php?id={$userid}&act={$useract}"); - exit; - } -} - -/* if ajax is calling, give them an update message */ -if(isAjax()) - print_info_box_np($savemsg); - -include("head.inc"); - -$jscriptstr = <<<EOD -<script type="text/javascript"> -<!-- - - var privs = new Array(); - - -EOD; - -$privs =& getSystemPrivs(); - -if (is_array($privs)) { - $id = 0; - - $jscriptstr .= "privs[{$id}] = new Object();\n"; - $jscriptstr .= "privs[{$id}]['id'] = 'custom';\n"; - $jscriptstr .= "privs[{$id}]['name'] = '*** Custom privilege ***';\n"; - $jscriptstr .= "privs[{$id}]['desc'] = 'This is your own, user defined privilege that you may change according to your requirements.';\n"; - $id++; - - foreach($privs as $priv){ - $jscriptstr .= "privs[{$id}] = new Object();\n"; - $jscriptstr .= "privs[{$id}]['id'] = '{$priv['id']}';\n"; - $jscriptstr .= "privs[{$id}]['name'] = '{$priv['name']}';\n"; - $jscriptstr .= "privs[{$id}]['desc'] = '{$priv['desc']}';\n"; - $id++; - } -} - -$jscriptstr .= <<<EOD - function setTextFields() { - var idx = document.iform.sysprivs.selectedIndex; - var value = document.iform.sysprivs.options[idx].value; - - for (var i = 0; i < privs.length; i++) { - if (privs[i]['id'] == value && privs[i]['id'] != 'custom') { - document.iform.pid.value = privs[i]['id']; - document.iform.pid.readOnly = true; - document.iform.pname.value = privs[i]['name']; - document.iform.pname.readOnly = true; - document.iform.descr.value = privs[i]['desc']; - document.iform.descr.readOnly = true; - break; - } else if (privs[i]['id'] == value) { - document.iform.pid.value = privs[i]['id']; - document.iform.pid.readOnly = false; - document.iform.pname.value = privs[i]['name']; - document.iform.pname.readOnly = false; - document.iform.descr.value = privs[i]['desc']; - document.iform.descr.readOnly = false; - break; - } - } - } - -//--> -</script> - -EOD; - -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> -<?php include("fbegin.inc"); ?> -<?php echo $jscriptstr; ?> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> - <form action="system_usermanager_edit.php" method="post" name="iform" id="iform"> - <div id="inputerrors"></div> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td> - <td width="78%" class="vtable"> - <select name="sysprivs" id="sysprivs" class="formselect" onchange="setTextFields();"> - <option value="custom">*** Custom privilege ***</option> - <?php - $privs =& getSystemPrivs(); - - if (is_array($privs)) { - foreach($privs as $priv){ - if (isset($config['system']['ssh']['sshdkeyonly']) && $priv['name'] <> "copyfiles") - echo "<option value=\"{$priv['id']}\">${priv['name']}</option>"; - else if (empty($config['system']['ssh']['sshdkeyonly'])) - echo "<option value=\"{$priv['id']}\">${priv['name']}</option>"; - } - } - ?> - </select><br /> - (If you do not want to define your own privilege, you may - select one from this list) - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Identifier");?></td> - <td width="78%" class="vtable"> - <input name="pid" type="text" class="formfld unknown" id="pid" size="30" value="<?=htmlspecialchars($pconfig['pid']);?>" /> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Name");?></td> - <td width="78%" class="vtable"> - <input name="pname" type="text" class="formfld unknown" id="pname" size="30" value="<?=htmlspecialchars($pconfig['pname']);?>" /> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here - for your reference (not parsed).");?></span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input id="submitt" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> - <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> - <?php if (isset($id) && $t_privs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> - <?php endif; ?> - <?php if (isset($userid)): ?> - <input name="userid" type="hidden" value="<?=$userid;?>" /> - <?php endif; ?> - <?php if (isset($useract)): ?> - <input name="useract" type="hidden" value="<?=$useract;?>" /> - <?php endif; ?> - </td> - </tr> - </table> - </form> -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/usr/local/www/system_usermanager_settings.php b/usr/local/www/system_usermanager_settings.php index c283bad..c1d3a71 100755 --- a/usr/local/www/system_usermanager_settings.php +++ b/usr/local/www/system_usermanager_settings.php @@ -30,6 +30,14 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
+##|+PRIV
+##|*IDENT=page-system-usermanager-settings
+##|*NAME=System: User manager: settings page
+##|*DESCR=Allow access to the 'System: User manager: settings' page.
+##|*MATCH=system_usermanager_settings.php*
+##|-PRIV
+
+
if($_POST['savetest'])
$save_and_test = true;
@@ -215,7 +223,7 @@ include("head.inc"); <?php
$tab_array = array();
$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
- $tab_array[] = array(gettext("Group"), false, "system_groupmanager.php");
+ $tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
$tab_array[] = array(gettext("Settings"), true, "system_usermanager_settings.php");
display_top_tabs($tab_array);
diff --git a/usr/local/www/system_usermanager_settings_test.php b/usr/local/www/system_usermanager_settings_test.php index 796f642..d613a4d 100755 --- a/usr/local/www/system_usermanager_settings_test.php +++ b/usr/local/www/system_usermanager_settings_test.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-system-usermanager-settings-testldap +##|*NAME=System: User Manager: Settings: Test LDAP page +##|*DESCR=Allow access to the 'System: User Manager: Settings: Test LDAP' page. +##|*MATCH=system_usermanager_settings_test.php* +##|-PRIV + + require("guiconfig.inc"); $ldapserver = $config['system']['webgui']['ldapserver']; diff --git a/usr/local/www/uploadconfig.php b/usr/local/www/uploadconfig.php index 364cbfe..af58111 100644 --- a/usr/local/www/uploadconfig.php +++ b/usr/local/www/uploadconfig.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-hidden-uploadconfiguration +##|*NAME=Hidden: Upload Configuration page +##|*DESCR=Allow access to the 'Hidden: Upload Configuration' page. +##|*MATCH=uploadconfig.php* +##|-PRIV + + require("guiconfig.inc"); header("Content-Type: text/plain"); diff --git a/usr/local/www/vpn_ipsec.php b/usr/local/www/vpn_ipsec.php index d6761be..049415f 100755 --- a/usr/local/www/vpn_ipsec.php +++ b/usr/local/www/vpn_ipsec.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec +##|*NAME=VPN: IPsec page +##|*DESCR=Allow access to the 'VPN: IPsec' page. +##|*MATCH=vpn_ipsec.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['phase1'])) diff --git a/usr/local/www/vpn_ipsec_ca.php b/usr/local/www/vpn_ipsec_ca.php index 25d0f4e..76f5399 100755 --- a/usr/local/www/vpn_ipsec_ca.php +++ b/usr/local/www/vpn_ipsec_ca.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec-certificateauthority +##|*NAME=VPN: IPsec: Certificate Authority page +##|*DESCR=Allow access to the 'VPN: IPsec: Certificate Authority' page. +##|*MATCH=vpn_ipsec_ca.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['cacert'])) { diff --git a/usr/local/www/vpn_ipsec_ca_edit.php b/usr/local/www/vpn_ipsec_ca_edit.php index 73b55a6..814e153 100755 --- a/usr/local/www/vpn_ipsec_ca_edit.php +++ b/usr/local/www/vpn_ipsec_ca_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec-certificateauthority-edit +##|*NAME=VPN: IPsec: Certificate Authority: Edit page +##|*DESCR=Allow access to the 'VPN: IPsec: Certificate Authority: Edit' page. +##|*MATCH=vpn_ipsec_ca_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['cacert'])) { diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index 7158610..56ce76f 100755 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec-mobile +##|*NAME=VPN: IPsec: Mobile page +##|*DESCR=Allow access to the 'VPN: IPsec: Mobile' page. +##|*MATCH=vpn_ipsec_mobile.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['phase1'])) diff --git a/usr/local/www/vpn_ipsec_phase1.php b/usr/local/www/vpn_ipsec_phase1.php index 0378105..a085494 100644 --- a/usr/local/www/vpn_ipsec_phase1.php +++ b/usr/local/www/vpn_ipsec_phase1.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec-editphase1 +##|*NAME=VPN: IPsec: Edit Phase 1 page +##|*DESCR=Allow access to the 'VPN: IPsec: Edit Phase 1' page. +##|*MATCH=vpn_ipsec_phase1.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['phase1'])) diff --git a/usr/local/www/vpn_ipsec_phase2.php b/usr/local/www/vpn_ipsec_phase2.php index 00c89f5..4108595 100644 --- a/usr/local/www/vpn_ipsec_phase2.php +++ b/usr/local/www/vpn_ipsec_phase2.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-ipsec-editphase2 +##|*NAME=VPN: IPsec: Edit Phase 2 page +##|*DESCR=Allow access to the 'VPN: IPsec: Edit Phase 2' page. +##|*MATCH=vpn_ipsec_phase2.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['ipsec']['client'])) diff --git a/usr/local/www/vpn_openvpn_certs_create.php b/usr/local/www/vpn_openvpn_certs_create.php index 57dbc05..294e441 100644 --- a/usr/local/www/vpn_openvpn_certs_create.php +++ b/usr/local/www/vpn_openvpn_certs_create.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-createcerts +##|*NAME=VPN: OpenVPN: Create Certs page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Create Certs' page. +##|*MATCH=vpn_openvpn_certs_create.php* +##|-PRIV + + require("globals.inc"); require("guiconfig.inc"); diff --git a/usr/local/www/vpn_openvpn_certs_existing.php b/usr/local/www/vpn_openvpn_certs_existing.php index 8654a08..90534de 100644 --- a/usr/local/www/vpn_openvpn_certs_existing.php +++ b/usr/local/www/vpn_openvpn_certs_existing.php @@ -30,6 +30,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-createexistingcerts +##|*NAME=VPN: OpenVPN: Create Existing Certs page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Create Existing Certs' page. +##|*MATCH=vpn_openvpn_certs_existing.php* +##|-PRIV + + require("guiconfig.inc"); $pgtitle = array("VPN", "OpenVPN", "Create Existing Certs"); diff --git a/usr/local/www/vpn_openvpn_cli_edit.php b/usr/local/www/vpn_openvpn_cli_edit.php index f1d3dc0..6fdbb75 100755 --- a/usr/local/www/vpn_openvpn_cli_edit.php +++ b/usr/local/www/vpn_openvpn_cli_edit.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-editclient +##|*NAME=VPN: OpenVPN: Edit client page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Edit client' page. +##|*MATCH=vpn_openvpn_cli_edit.php* +##|-PRIV + + require("guiconfig.inc"); require_once("openvpn.inc"); diff --git a/usr/local/www/vpn_openvpn_create_certs.php b/usr/local/www/vpn_openvpn_create_certs.php index 5a7992a..3cd847f 100755 --- a/usr/local/www/vpn_openvpn_create_certs.php +++ b/usr/local/www/vpn_openvpn_create_certs.php @@ -29,6 +29,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-createcerts +##|*NAME=VPN: OpenVPN: Create Certs page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Create Certs' page. +##|*MATCH=vpn_openvpn_create_certs.php* +##|-PRIV + + require("guiconfig.inc"); function get_file_contents($filename) { diff --git a/usr/local/www/vpn_openvpn_crl_edit.php b/usr/local/www/vpn_openvpn_crl_edit.php index e982e11..bfd0b79 100755 --- a/usr/local/www/vpn_openvpn_crl_edit.php +++ b/usr/local/www/vpn_openvpn_crl_edit.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-editcrl +##|*NAME=VPN: OpenVPN: Edit CRL page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Edit CRL' page. +##|*MATCH=vpn_openvpn_crl_edit.php* +##|-PRIV + + require("guiconfig.inc"); require_once("openvpn.inc"); diff --git a/usr/local/www/vpn_openvpn_srv_edit.php b/usr/local/www/vpn_openvpn_srv_edit.php index 1b1f249..35d4249 100755 --- a/usr/local/www/vpn_openvpn_srv_edit.php +++ b/usr/local/www/vpn_openvpn_srv_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-openvpn-editserver +##|*NAME=VPN: OpenVPN: Edit server page +##|*DESCR=Allow access to the 'VPN: OpenVPN: Edit server' page. +##|*MATCH=vpn_openvpn_srv_edit.php* +##|-PRIV + + require("guiconfig.inc"); require_once("openvpn.inc"); diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php index 7855ac1..2faa4f1 100755 --- a/usr/local/www/vpn_pppoe.php +++ b/usr/local/www/vpn_pppoe.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-pppoeserver +##|*NAME=Services: PPPoE Server page +##|*DESCR=Allow access to the 'Services: PPPoE Server' page. +##|*MATCH=vpn_pppoe.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pppoe']['radius'])) { diff --git a/usr/local/www/vpn_pppoe_users.php b/usr/local/www/vpn_pppoe_users.php index 64dfaad..7cbf0f2 100755 --- a/usr/local/www/vpn_pppoe_users.php +++ b/usr/local/www/vpn_pppoe_users.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-pppoeserver-users +##|*NAME=Services: PPPoE Server: Users page +##|*DESCR=Allow access to the 'Services: PPPoE Server: Users' page. +##|*MATCH=vpn_pppoe_users.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pppoe']['user'])) { diff --git a/usr/local/www/vpn_pppoe_users_edit.php b/usr/local/www/vpn_pppoe_users_edit.php index 8481aab..b5f6108 100755 --- a/usr/local/www/vpn_pppoe_users_edit.php +++ b/usr/local/www/vpn_pppoe_users_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-services-pppoeserver-user-edit +##|*NAME=Services: PPPoE Server: User: Edit page +##|*DESCR=Allow access to the 'Services: PPPoE Server: User: Edit' page. +##|*MATCH=vpn_pppoe_users_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pppoe']['user'])) { diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php index 41c5a87..0bd1070 100755 --- a/usr/local/www/vpn_pptp.php +++ b/usr/local/www/vpn_pptp.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-vpnpptp +##|*NAME=VPN: VPN PPTP page +##|*DESCR=Allow access to the 'VPN: VPN PPTP' page. +##|*MATCH=vpn_pptp.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pptpd']['radius'])) { diff --git a/usr/local/www/vpn_pptp_users.php b/usr/local/www/vpn_pptp_users.php index d6127ca..62533dc 100755 --- a/usr/local/www/vpn_pptp_users.php +++ b/usr/local/www/vpn_pptp_users.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-vpnpptp-users +##|*NAME=VPN: VPN PPTP: Users page +##|*DESCR=Allow access to the 'VPN: VPN PPTP: Users' page. +##|*MATCH=vpn_pptp_users.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pptpd']['user'])) { diff --git a/usr/local/www/vpn_pptp_users_edit.php b/usr/local/www/vpn_pptp_users_edit.php index bafb704..dfad162 100755 --- a/usr/local/www/vpn_pptp_users_edit.php +++ b/usr/local/www/vpn_pptp_users_edit.php @@ -28,6 +28,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-vpn-vpnpptp-user-edit +##|*NAME=VPN: VPN PPTP: User: Edit page +##|*DESCR=Allow access to the 'VPN: VPN PPTP: User: Edit' page. +##|*MATCH=vpn_pptp_users_edit.php* +##|-PRIV + + require("guiconfig.inc"); if (!is_array($config['pptpd']['user'])) { diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 5253caa..c9dae67 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -27,6 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ +##|+PRIV +##|*IDENT=page-pfsensewizardsubsystem +##|*NAME=pfSense wizard subsystem page +##|*DESCR=Allow access to the 'pfSense wizard subsystem' page. +##|*MATCH=wizard.php* +##|-PRIV + + require("guiconfig.inc"); function gentitle_pkg($pgname) { diff --git a/usr/local/www/xmlrpc.php b/usr/local/www/xmlrpc.php index f42e61a..85d8aa0 100755 --- a/usr/local/www/xmlrpc.php +++ b/usr/local/www/xmlrpc.php @@ -31,6 +31,14 @@ * Expose more functions. */ +##|+PRIV +##|*IDENT=page-xmlrpclibrary +##|*NAME=XMLRPC Library page +##|*DESCR=Allow access to the 'XMLRPC Library' page. +##|*MATCH=xmlrpc.php* +##|-PRIV + + require_once("xmlrpc_server.inc"); require_once("xmlrpc.inc"); require_once("config.inc"); |
