diff options
Diffstat (limited to 'usr/local/www/firewall_rules.php')
| -rwxr-xr-x | usr/local/www/firewall_rules.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 94aae51..7fea1d3 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -64,6 +64,16 @@ if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients'] if (!$if || !isset($iflist[$if])) $if = "wan"; +$security_url = "firewall_rules.php?if=". strtolower($if); +if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + if(!in_array($security_url, $allowed)) { + // User does not have access +// echo "displaying error {$security_url}"; print_r($allowed); + echo display_error_form("401", "Unauthorized. You do not have access to the page {$pagereq}"); + exit; + } +} + if ($_POST) { $pconfig = $_POST; |
