summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2007-12-03 02:15:19 +0000
committerScott Ullrich <sullrich@pfsense.org>2007-12-03 02:15:19 +0000
commitb67429270b6619e88242bc82bd424332f453c684 (patch)
treead50cc0ce373196f8e21be8cd56428a189ba5e50 /usr/local
parentd81c2ad144ad3665df8c7986f3919133f447456c (diff)
downloadpfsense-b67429270b6619e88242bc82bd424332f453c684.zip
pfsense-b67429270b6619e88242bc82bd424332f453c684.tar.gz
Only show interfaces that the user has access to edit on the firewall rules edit page.
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/firewall_rules.php11
-rwxr-xr-xusr/local/www/firewall_rules_edit.php29
2 files changed, 25 insertions, 15 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php
index 7cc96bc..9bc388e 100755
--- a/usr/local/www/firewall_rules.php
+++ b/usr/local/www/firewall_rules.php
@@ -31,17 +31,6 @@
POSSIBILITY OF SUCH DAMAGE.
*/
-function have_ruleint_access($if) {
- global $config, $g, $HTTP_SERVER_VARS;
- $allowed = $g['privs'];
- if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))
- return true;
- $security_url = "firewall_rules.php?if=". strtolower($if);
- if(in_array($security_url, $allowed))
- return true;
- return false;
-}
-
$pgtitle = array("Firewall", "Rules");
require("guiconfig.inc");
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index a423ee2..21d48fc 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -403,10 +403,31 @@ include("head.inc");
<td width="78%" class="vtable">
<select name="interface" class="formselect">
<?php
- $interfaces = array('wan' => 'WAN', 'lan' => 'LAN', 'pptp' => 'PPTP', 'pppoe' => 'PPPOE', 'enc0' => 'IPSEC');
- for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
- $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
- }
+
+ $interfaces = array();
+
+ if(have_ruleint_access("lan"))
+ $interfaces['lan'] = "LAN";
+ if(have_ruleint_access("wan"))
+ $interfaces['wan'] = "WAN";
+
+ for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
+ if(have_ruleint_access("opt{$i}"))
+ $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
+
+ if ($config['pptpd']['mode'] == "server")
+ if(have_ruleint_access("pptp"))
+ $interfaces['pptp'] = "PPTP VPN";
+
+ if ($config['pppoe']['mode'] == "server")
+ if(have_ruleint_access("pppoe"))
+ $interfaces['pppoe'] = "PPPoE VPN";
+
+ /* add ipsec interfaces */
+ if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable']))
+ if(have_ruleint_access("enc0"))
+ $interfaces["enc0"] = "IPSEC";
+
foreach ($interfaces as $iface => $ifacename): ?>
<option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>><?=htmlspecialchars($ifacename);?></option>
<?php endforeach; ?>
OpenPOWER on IntegriCloud