diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 05:02:56 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 05:02:56 +0000 |
commit | 40b56dc18bb2fcfa7b1f67a9885a25636ce915cb (patch) | |
tree | c267157ce064c148408ed610802e096daccd5d2f /usr/local/www/firewall_nat_edit.php | |
parent | 0397013a4044fd591079a007fb0cf126c5d85cd6 (diff) | |
download | pfsense-40b56dc18bb2fcfa7b1f67a9885a25636ce915cb.zip pfsense-40b56dc18bb2fcfa7b1f67a9885a25636ce915cb.tar.gz |
Add multi user firewall nat port forward capabilities.
Diffstat (limited to 'usr/local/www/firewall_nat_edit.php')
-rwxr-xr-x | usr/local/www/firewall_nat_edit.php | 42 |
1 files changed, 38 insertions, 4 deletions
diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php index 5268976..c840029 100755 --- a/usr/local/www/firewall_nat_edit.php +++ b/usr/local/www/firewall_nat_edit.php @@ -61,6 +61,19 @@ if (isset($id) && $a_nat[$id]) { $pconfig['interface'] = "wan"; } +if($id) { + $if = $a_nat[$id]['interface']; + $security_url = "firewall_nat_edit.php?if=". strtolower($if); + if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + if(!in_array($security_url, $allowed)) { + // User does not have access + // echo "displaying error {$security_url}"; print_r($allowed); + echo display_error_form("401", "Unauthorized. You do not have access to edit nat rules on the interface {$if}"); + exit; + } + } +} + if (isset($_GET['dup'])) unset($id); @@ -271,10 +284,31 @@ include("fbegin.inc"); ?> <td width="78%" class="vtable"> <select name="interface" class="formselect"> <?php - $interfaces = array('wan' => 'WAN', 'lan' => 'LAN', 'pptp' => 'PPTP', 'pppoe' => 'PPPOE'); - for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { - $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; - } + + $interfaces = array(); + + if(have_ruleint_access("lan")) + $interfaces['lan'] = "LAN"; + if(have_ruleint_access("wan")) + $interfaces['wan'] = "WAN"; + + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + if(have_ruleint_access("opt{$i}")) + $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; + + if ($config['pptpd']['mode'] == "server") + if(have_ruleint_access("pptp")) + $interfaces['pptp'] = "PPTP VPN"; + + if ($config['pppoe']['mode'] == "server") + if(have_ruleint_access("pppoe")) + $interfaces['pppoe'] = "PPPoE VPN"; + + /* add ipsec interfaces */ + if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) + if(have_ruleint_access("enc0")) + $interfaces["enc0"] = "IPSEC"; + foreach ($interfaces as $iface => $ifacename): ?> <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>> <?=htmlspecialchars($ifacename);?> |