diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 02:15:19 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-12-03 02:15:19 +0000 |
commit | b67429270b6619e88242bc82bd424332f453c684 (patch) | |
tree | ad50cc0ce373196f8e21be8cd56428a189ba5e50 /usr/local | |
parent | d81c2ad144ad3665df8c7986f3919133f447456c (diff) | |
download | pfsense-b67429270b6619e88242bc82bd424332f453c684.zip pfsense-b67429270b6619e88242bc82bd424332f453c684.tar.gz |
Only show interfaces that the user has access to edit on the firewall rules edit page.
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/firewall_rules.php | 11 | ||||
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 29 |
2 files changed, 25 insertions, 15 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 7cc96bc..9bc388e 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -31,17 +31,6 @@ POSSIBILITY OF SUCH DAMAGE. */ -function have_ruleint_access($if) { - global $config, $g, $HTTP_SERVER_VARS; - $allowed = $g['privs']; - if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) - return true; - $security_url = "firewall_rules.php?if=". strtolower($if); - if(in_array($security_url, $allowed)) - return true; - return false; -} - $pgtitle = array("Firewall", "Rules"); require("guiconfig.inc"); diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index a423ee2..21d48fc 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -403,10 +403,31 @@ include("head.inc"); <td width="78%" class="vtable"> <select name="interface" class="formselect"> <?php - $interfaces = array('wan' => 'WAN', 'lan' => 'LAN', 'pptp' => 'PPTP', 'pppoe' => 'PPPOE', 'enc0' => 'IPSEC'); - for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { - $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; - } + + $interfaces = array(); + + if(have_ruleint_access("lan")) + $interfaces['lan'] = "LAN"; + if(have_ruleint_access("wan")) + $interfaces['wan'] = "WAN"; + + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + if(have_ruleint_access("opt{$i}")) + $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; + + if ($config['pptpd']['mode'] == "server") + if(have_ruleint_access("pptp")) + $interfaces['pptp'] = "PPTP VPN"; + + if ($config['pppoe']['mode'] == "server") + if(have_ruleint_access("pppoe")) + $interfaces['pppoe'] = "PPPoE VPN"; + + /* add ipsec interfaces */ + if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) + if(have_ruleint_access("enc0")) + $interfaces["enc0"] = "IPSEC"; + foreach ($interfaces as $iface => $ifacename): ?> <option value="<?=$iface;?>" <?php if ($iface == $pconfig['interface']) echo "selected"; ?>><?=htmlspecialchars($ifacename);?></option> <?php endforeach; ?> |