summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2017-02-07 13:35:24 -0500
committerjim-p <jimp@pfsense.org>2017-02-07 13:37:03 -0500
commit4cef56bf20314009ad83bf747901ed1adeda8c70 (patch)
tree0767a60e0a80549fb558c79e7fd3a9e67e4b4ca8 /src
parentdcef6e2dd621cd1f78bb54272d27d7152cad02c8 (diff)
downloadpfsense-4cef56bf20314009ad83bf747901ed1adeda8c70.zip
pfsense-4cef56bf20314009ad83bf747901ed1adeda8c70.tar.gz
Convert easyrule.php to use a confirmation landing page so that the parameters can be submitted via POST. Also, remove the JavaScript confirmation box since it is now redundant. Fixes #7228
The confirmation page displays the submitted parameters for an extra user sanity check. Also fixed a bunch of page formatting issues that were not apparent because users rarely if ever saw output from the page.
Diffstat (limited to 'src')
-rw-r--r--src/usr/local/www/easyrule.php85
-rw-r--r--src/usr/local/www/status_logs_filter.php4
2 files changed, 67 insertions, 22 deletions
diff --git a/src/usr/local/www/easyrule.php b/src/usr/local/www/easyrule.php
index 44f22a2..551130c 100644
--- a/src/usr/local/www/easyrule.php
+++ b/src/usr/local/www/easyrule.php
@@ -59,7 +59,6 @@
##|*MATCH=easyrule.php*
##|-PRIV
-$pgtitle = gettext("Firewall: EasyRule");
require_once("guiconfig.inc");
require_once("easyrule.inc");
require_once("filter.inc");
@@ -67,17 +66,23 @@ require_once("shaper.inc");
$retval = 0;
$message = "";
-$specialsrcdst = explode(" ", "any pptp pppoe l2tp openvpn");
+$confirmed = isset($_POST['confirmed']) && $_POST['confirmed'] == 'true';
-if ($_GET && isset($_GET['action'])) {
- switch ($_GET['action']) {
+/* $specialsrcdst must be a defined global for functions being called. */
+global $specialsrcdst;
+$specialsrcdst = explode(" ", "any pppoe l2tp openvpn");
+
+if ($_POST && $confirmed && isset($_POST['action'])) {
+ switch ($_POST['action']) {
case 'block':
/* Check that we have a valid host */
- easyrule_parse_block($_GET['int'], $_GET['src'], $_GET['ipproto']);
+ $message = easyrule_parse_block($_POST['int'], $_POST['src'], $_POST['ipproto']);
break;
case 'pass':
- easyrule_parse_pass($_GET['int'], $_GET['proto'], $_GET['src'], $_GET['dst'], $_GET['dstport'], $_GET['ipproto']);
+ $message = easyrule_parse_pass($_POST['int'], $_POST['proto'], $_POST['src'], $_POST['dst'], $_POST['dstport'], $_POST['ipproto']);
break;
+ default:
+ $message = gettext("Invalid action specified.");
}
}
@@ -85,23 +90,62 @@ if (stristr($retval, "error") == true) {
$message = $retval;
}
+$pgtitle = array(gettext("Firewall"), gettext("Easy Rule"));
include("head.inc");
-?>
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
-<?php
if ($input_errors) {
print_input_errors($input_errors);
}
-
-if ($message) {
?>
-<br />
-<?=gettext("Message"); ?>: <?=$message;?>
-<br />
+<form action="easyrule.php" method="post">
+ <div class="panel panel-default">
+ <div class="panel-heading">
+ <h2 class="panel-title">
+ <?=gettext("Confirmation Required to Add Easy Rule");?>
+ </h2>
+ </div>
+ <div class="panel-body">
+ <div class="content">
<?php
-} else {
+if (!$confirmed && !empty($_REQUEST['action'])) { ?>
+ <?php if ($_GET['action'] == 'block'): ?>
+ <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?>
+ <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?>
+ <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" />
+ <br/><b><?= gettext("Source") ?>:</b> <?=htmlspecialchars($_GET['src'])?>
+ <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" />
+ <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?>
+ <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" />
+ <?php elseif ($_GET['action'] == 'pass'): ?>
+ <b><?=gettext("Rule Type")?>:</b> <?=htmlspecialchars(ucfirst(gettext($_GET['action'])))?>
+ <br/><b><?=gettext("Interface")?>:</b> <?=htmlspecialchars(strtoupper($_GET['int']))?>
+ <input type="hidden" name="int" value="<?=htmlspecialchars($_GET['int'])?>" />
+ <br/><b><?=gettext("Protocol")?>:</b> <?=htmlspecialchars(strtoupper($_GET['proto']))?>
+ <input type="hidden" name="proto" value="<?=htmlspecialchars($_GET['proto'])?>" />
+ <br/><b><?=gettext("Source")?>:</b> <?=htmlspecialchars($_GET['src'])?>
+ <input type="hidden" name="src" value="<?=htmlspecialchars($_GET['src'])?>" />
+ <br/><b><?=gettext("Destination")?>:</b> <?=htmlspecialchars($_GET['dst'])?>
+ <input type="hidden" name="dst" value="<?=htmlspecialchars($_GET['dst'])?>" />
+ <br/><b><?=gettext("Destination Port")?>:</b> <?=htmlspecialchars($_GET['dstport'])?>
+ <input type="hidden" name="dstport" value="<?=htmlspecialchars($_GET['dstport'])?>" />
+ <br/><b><?=gettext("IP Protocol")?>:</b> <?=htmlspecialchars(ucfirst($_GET['ipproto']))?>
+ <input type="hidden" name="ipproto" value="<?=htmlspecialchars($_GET['ipproto'])?>" />
+ <?php else:
+ $message = gettext("Invalid action specified.");
+ endif; ?>
+ <br/><br/>
+ <?php if (empty($message)): ?>
+ <input type="hidden" name="action" value="<?=htmlspecialchars($_GET['action'])?>" />
+ <input type="hidden" name="confirmed" value="true" />
+ <button type="submit" class="btn btn-success" name="erconfirm" id="erconfirm" value="<?=gettext("Confirm")?>">
+ <i class="fa fa-check icon-embed-btn"></i>
+ <?=gettext("Confirm")?>
+ </button>
+ <?php endif;
+}
+
+if ($message) {
+ print_info_box($message);
+} elseif (empty($_REQUEST['action'])) {
print_info_box(
gettext('This is the Easy Rule status page, mainly used to display errors when adding rules.') . ' ' .
gettext('There apparently was not an error, and this page was navigated to directly without any instructions for what it should do.') .
@@ -110,7 +154,8 @@ if ($message) {
', <a href="status_logs_filter.php">' . gettext("Status") . ' &gt; ' . gettext('System Logs') . ', ' . gettext('Firewall Tab') . '</a>.<br />');
}
?>
- </td>
- </tr>
-</table>
+ </div>
+ </div>
+ </div>
+</form>
<?php include("foot.inc"); ?>
diff --git a/src/usr/local/www/status_logs_filter.php b/src/usr/local/www/status_logs_filter.php
index 9d1e035..0509f39 100644
--- a/src/usr/local/www/status_logs_filter.php
+++ b/src/usr/local/www/status_logs_filter.php
@@ -267,7 +267,7 @@ if (!$rawfilter) {
<i class="fa fa-info icon-pointer icon-primary" onclick="javascript:resolve_with_ajax('<?="{$rawsrcip}"; ?>');" title="<?=gettext("Click to resolve")?>">
</i>
- <a class="fa fa-minus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=block&amp;int={$int}&amp;src={$filterent['srcip']}&amp;ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Add to Block List")?>" onclick="return confirm('<?=gettext("Confirmation required to add this BLOCK rule.")?>')">
+ <a class="fa fa-minus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=block&amp;int={$int}&amp;src={$filterent['srcip']}&amp;ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Add to Block List")?>">
</a>
<?=$srcstr . '<span class="RESOLVE-' . $src_htmlclass . '"></span>'?>
@@ -276,7 +276,7 @@ if (!$rawfilter) {
<i class="fa fa-info icon-pointer icon-primary; ICON-<?= $dst_htmlclass; ?>" onclick="javascript:resolve_with_ajax('<?="{$rawdstip}"; ?>');" title="<?=gettext("Click to resolve")?>">
</i>
- <a class="fa fa-plus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=pass&amp;int={$int}&amp;proto={$proto}&amp;src={$filterent['srcip']}&amp;dst={$filterent['dstip']}&amp;dstport={$filterent['dstport']}&amp;ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic")?>" onclick="return confirm('<?=gettext("Confirmation required to add this PASS rule.")?>')">
+ <a class="fa fa-plus-square-o icon-pointer icon-primary" href="easyrule.php?<?="action=pass&amp;int={$int}&amp;proto={$proto}&amp;src={$filterent['srcip']}&amp;dst={$filterent['dstip']}&amp;dstport={$filterent['dstport']}&amp;ipproto={$ipproto}"; ?>" title="<?=gettext("Easy Rule: Pass this traffic")?>">
</a>
<?=$dststr . '<span class="RESOLVE-' . $dst_htmlclass . '"></span>'?>
</td>
OpenPOWER on IntegriCloud