summaryrefslogtreecommitdiffstats
path: root/usr/local/www
diff options
context:
space:
mode:
Diffstat (limited to 'usr/local/www')
-rwxr-xr-xusr/local/www/firewall_aliases.php7
-rwxr-xr-xusr/local/www/firewall_aliases_edit.php5
-rwxr-xr-xusr/local/www/firewall_aliases_import.php5
-rwxr-xr-xusr/local/www/firewall_nat.php23
-rwxr-xr-xusr/local/www/firewall_nat_1to1.php4
-rwxr-xr-xusr/local/www/firewall_nat_1to1_edit.php6
-rwxr-xr-xusr/local/www/firewall_nat_edit.php5
-rw-r--r--usr/local/www/firewall_nat_npt.php4
-rw-r--r--usr/local/www/firewall_nat_npt_edit.php5
-rwxr-xr-xusr/local/www/firewall_nat_out.php16
-rwxr-xr-xusr/local/www/firewall_nat_out_edit.php4
-rwxr-xr-xusr/local/www/firewall_rules.php12
-rwxr-xr-xusr/local/www/firewall_rules_edit.php3
-rw-r--r--usr/local/www/firewall_schedule_edit.php7
-rwxr-xr-xusr/local/www/firewall_shaper.php45
-rwxr-xr-xusr/local/www/firewall_shaper_layer7.php8
-rwxr-xr-xusr/local/www/firewall_shaper_queues.php8
-rw-r--r--usr/local/www/firewall_shaper_vinterface.php52
-rwxr-xr-xusr/local/www/firewall_virtual_ip.php6
-rwxr-xr-xusr/local/www/firewall_virtual_ip_edit.php8
20 files changed, 118 insertions, 115 deletions
diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php
index 5d13ec2..18314cd 100755
--- a/usr/local/www/firewall_aliases.php
+++ b/usr/local/www/firewall_aliases.php
@@ -107,9 +107,10 @@ if ($_GET['act'] == "del") {
$savemsg = sprintf(gettext("Cannot delete alias. Currently in use by %s"), $referenced_by);
} else {
unset($a_aliases[$_GET['id']]);
- write_config();
- filter_configure();
- mark_subsystem_dirty('aliases');
+ if (write_config()) {
+ filter_configure();
+ mark_subsystem_dirty('aliases');
+ }
header("Location: firewall_aliases.php");
exit;
}
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php
index 194d445..7672d75 100755
--- a/usr/local/www/firewall_aliases_edit.php
+++ b/usr/local/www/firewall_aliases_edit.php
@@ -350,12 +350,11 @@ if ($_POST) {
} else
$a_aliases[] = $alias;
- mark_subsystem_dirty('aliases');
-
// Sort list
$a_aliases = msort($a_aliases, "name");
- write_config();
+ if (write_config())
+ mark_subsystem_dirty('aliases');
if($_POST['tab'])
header("Location: firewall_aliases.php?tab=" . htmlspecialchars ($_POST['tab']));
diff --git a/usr/local/www/firewall_aliases_import.php b/usr/local/www/firewall_aliases_import.php
index 39311c4..b42bbe8 100755
--- a/usr/local/www/firewall_aliases_import.php
+++ b/usr/local/www/firewall_aliases_import.php
@@ -109,8 +109,9 @@ if($_POST['aliasimport'] <> "") {
// Sort list
$a_aliases = msort($a_aliases, "name");
- write_config();
-
+ if (write_config())
+ mark_subsystem_dirty('aliases');
+ }
pfSenseHeader("firewall_aliases.php");
exit;
diff --git a/usr/local/www/firewall_nat.php b/usr/local/www/firewall_nat.php
index b9eb91a..75d675d 100755
--- a/usr/local/www/firewall_nat.php
+++ b/usr/local/www/firewall_nat.php
@@ -82,13 +82,18 @@ if ($_POST) {
if ($_GET['act'] == "del") {
if ($a_nat[$_GET['id']]) {
+
if (isset($a_nat[$_GET['id']]['associated-rule-id'])) {
delete_id($a_nat[$_GET['id']]['associated-rule-id'], $config['filter']['rule']);
- mark_subsystem_dirty('filter');
+ $want_dirty_filter = true;
}
unset($a_nat[$_GET['id']]);
- write_config();
- mark_subsystem_dirty('natconf');
+
+ if (write_config()) {
+ mark_subsystem_dirty('natconf');
+ if ($want_dirty_filter)
+ mark_subsystem_dirty('filter');
+ }
header("Location: firewall_nat.php");
exit;
}
@@ -107,10 +112,10 @@ if (isset($_POST['del_x'])) {
}
unset($a_nat[$rulei]);
}
- write_config();
- mark_subsystem_dirty('natconf');
- header("Location: firewall_nat.php");
- exit;
+ if (write_config())
+ mark_subsystem_dirty('natconf');
+ header("Location: firewall_nat.php");
+ exit;
}
} else {
@@ -150,8 +155,8 @@ if (isset($_POST['del_x'])) {
$a_nat_new[] = $a_nat[$i];
}
$a_nat = $a_nat_new;
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat.php");
exit;
}
diff --git a/usr/local/www/firewall_nat_1to1.php b/usr/local/www/firewall_nat_1to1.php
index 567dc54..0582269 100755
--- a/usr/local/www/firewall_nat_1to1.php
+++ b/usr/local/www/firewall_nat_1to1.php
@@ -68,8 +68,8 @@ if ($_POST) {
if ($_GET['act'] == "del") {
if ($a_1to1[$_GET['id']]) {
unset($a_1to1[$_GET['id']]);
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_1to1.php");
exit;
}
diff --git a/usr/local/www/firewall_nat_1to1_edit.php b/usr/local/www/firewall_nat_1to1_edit.php
index db79f6f..371db9c 100755
--- a/usr/local/www/firewall_nat_1to1_edit.php
+++ b/usr/local/www/firewall_nat_1to1_edit.php
@@ -211,10 +211,8 @@ if ($_POST) {
$a_1to1[] = $natent;
nat_1to1_rules_sort();
- mark_subsystem_dirty('natconf');
-
- write_config();
-
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_1to1.php");
exit;
}
diff --git a/usr/local/www/firewall_nat_edit.php b/usr/local/www/firewall_nat_edit.php
index 1ac2270..768fb8f 100755
--- a/usr/local/www/firewall_nat_edit.php
+++ b/usr/local/www/firewall_nat_edit.php
@@ -433,9 +433,8 @@ if ($_POST) {
$a_nat[] = $natent;
}
- mark_subsystem_dirty('natconf');
-
- write_config();
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat.php");
exit;
diff --git a/usr/local/www/firewall_nat_npt.php b/usr/local/www/firewall_nat_npt.php
index 4534931..ad035fa 100644
--- a/usr/local/www/firewall_nat_npt.php
+++ b/usr/local/www/firewall_nat_npt.php
@@ -68,8 +68,8 @@ if ($_POST) {
if ($_GET['act'] == "del") {
if ($a_npt[$_GET['id']]) {
unset($a_npt[$_GET['id']]);
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_npt.php");
exit;
}
diff --git a/usr/local/www/firewall_nat_npt_edit.php b/usr/local/www/firewall_nat_npt_edit.php
index ee03792..ae880b0 100644
--- a/usr/local/www/firewall_nat_npt_edit.php
+++ b/usr/local/www/firewall_nat_npt_edit.php
@@ -133,9 +133,8 @@ if ($_POST) {
$a_npt[] = $natent;
nat_npt_rules_sort();
- mark_subsystem_dirty('natconf');
-
- write_config();
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_npt.php");
exit;
diff --git a/usr/local/www/firewall_nat_out.php b/usr/local/www/firewall_nat_out.php
index 5098532..1a6734f 100755
--- a/usr/local/www/firewall_nat_out.php
+++ b/usr/local/www/firewall_nat_out.php
@@ -214,8 +214,8 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") {
}
break;
}
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_out.php");
exit;
}
@@ -223,8 +223,8 @@ if (isset($_POST['save']) && $_POST['save'] == "Save") {
if ($_GET['act'] == "del") {
if ($a_out[$_GET['id']]) {
unset($a_out[$_GET['id']]);
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_out.php");
exit;
}
@@ -236,8 +236,8 @@ if (isset($_POST['del_x'])) {
foreach ($_POST['rule'] as $rulei) {
unset($a_out[$rulei]);
}
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_out.php");
exit;
}
@@ -283,8 +283,8 @@ if (isset($_POST['del_x'])) {
else
unset($config['nat']['advancedoutbound']);
- write_config();
- mark_subsystem_dirty('natconf');
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_out.php");
exit;
}
diff --git a/usr/local/www/firewall_nat_out_edit.php b/usr/local/www/firewall_nat_out_edit.php
index 62d0ecc..d62de63 100755
--- a/usr/local/www/firewall_nat_out_edit.php
+++ b/usr/local/www/firewall_nat_out_edit.php
@@ -303,8 +303,8 @@ if ($_POST) {
}
}
- mark_subsystem_dirty('natconf');
- write_config();
+ if (write_config())
+ mark_subsystem_dirty('natconf');
header("Location: firewall_nat_out.php");
exit;
}
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php
index ea5dfe7..85e4eff 100755
--- a/usr/local/www/firewall_rules.php
+++ b/usr/local/www/firewall_rules.php
@@ -210,8 +210,7 @@ if ($_GET['act'] == "del") {
delete_nat_association($a_filter[$_GET['id']]['associated-rule-id']);
}
unset($a_filter[$_GET['id']]);
- $retval = write_config();
- if ($retval)
+ if (write_config())
mark_subsystem_dirty('filter');
header("Location: firewall_rules.php?if={$if}");
exit;
@@ -229,8 +228,7 @@ if (isset($_POST['del_x'])) {
delete_nat_association($a_filter[$rulei]['associated-rule-id']);
unset($a_filter[$rulei]);
}
- $retval = write_config();
- if ($retval)
+ if (write_config())
mark_subsystem_dirty('filter');
header("Location: firewall_rules.php?if={$if}");
exit;
@@ -241,8 +239,7 @@ if (isset($_POST['del_x'])) {
unset($a_filter[$_GET['id']]['disabled']);
else
$a_filter[$_GET['id']]['disabled'] = true;
- $retval = write_config();
- if ($retval)
+ if (write_config())
mark_subsystem_dirty('filter');
header("Location: firewall_rules.php?if={$if}");
exit;
@@ -286,8 +283,7 @@ if (isset($_POST['del_x'])) {
}
$a_filter = $a_filter_new;
- $retval = write_config();
- if ($retval)
+ if (write_config())
mark_subsystem_dirty('filter');
header("Location: firewall_rules.php?if={$if}");
exit;
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 5420d19..d46c9f0 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -643,8 +643,7 @@ if ($_POST) {
filter_rules_sort();
- $retval = write_config();
- if ($retval)
+ if (write_config())
mark_subsystem_dirty('filter');
if (isset($_POST['floating']))
diff --git a/usr/local/www/firewall_schedule_edit.php b/usr/local/www/firewall_schedule_edit.php
index 08b8b8c..8e81d1b 100644
--- a/usr/local/www/firewall_schedule_edit.php
+++ b/usr/local/www/firewall_schedule_edit.php
@@ -183,10 +183,9 @@ if ($_POST) {
$a_schedules[] = $schedule;
}
schedule_sort();
- write_config();
-
- filter_configure();
-
+ if (write_config())
+ filter_configure();
+
header("Location: firewall_schedule.php");
exit;
diff --git a/usr/local/www/firewall_shaper.php b/usr/local/www/firewall_shaper.php
index 38a013b..6ac8538 100755
--- a/usr/local/www/firewall_shaper.php
+++ b/usr/local/www/firewall_shaper.php
@@ -94,8 +94,8 @@ if ($_GET) {
case "delete":
if ($queue) {
$queue->delete_queue();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
}
header("Location: firewall_shaper.php");
exit;
@@ -118,17 +118,18 @@ if ($_GET) {
if (isset($rule['wizard']) && $rule['wizard'] == "yes")
unset($config['filter']['rule'][$key]);
}
- write_config();
-
- $retval = 0;
- $retval |= filter_configure();
- $savemsg = get_std_save_message($retval);
+ if (write_config()) {
+ $retval = 0;
+ $retval |= filter_configure();
+ $savemsg = get_std_save_message($retval);
- if (stristr($retval, "error") <> true)
- $savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
-
+ if (stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ } else {
+ $savemsg = gettext("Unable to write config.xml (Access Denied?)");
+ }
$output_form = $default_shaper_message;
break;
@@ -178,8 +179,8 @@ if ($_GET) {
if ($queue) {
$queue->SetEnabled("on");
$output_form .= $queue->build_form();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
} else
$input_errors[] = gettext("Queue not found!");
break;
@@ -187,8 +188,8 @@ if ($_GET) {
if ($queue) {
$queue->SetEnabled("");
$output_form .= $queue->build_form();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
} else
$input_errors[] = gettext("Queue not found!");
break;
@@ -230,8 +231,8 @@ if ($_GET) {
$tmppath[] = $altq->GetInterface();
$altq->SetLink(&$tmppath);
$altq->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
$can_enable = true;
$can_add = true;
}
@@ -255,8 +256,8 @@ if ($_GET) {
$can_add = true;
} else
$can_add = false;
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
$can_enable = true;
if ($altq->GetScheduler() != "PRIQ") /* XXX */
if ($tmp->GetDefault() <> "")
@@ -301,8 +302,8 @@ if ($_GET) {
if (!$input_errors) {
$queue->update_altq_queue_data($_POST);
$queue->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
$dontshow = false;
}
read_altq_config();
diff --git a/usr/local/www/firewall_shaper_layer7.php b/usr/local/www/firewall_shaper_layer7.php
index 0cb8e30..44c659f 100755
--- a/usr/local/www/firewall_shaper_layer7.php
+++ b/usr/local/www/firewall_shaper_layer7.php
@@ -151,8 +151,8 @@ else if ($_POST) {
unset($non_dupes);
if(sizeof($dupes) == 0 && !$input_errors) {
$l7r->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
read_layer7_config();
}
@@ -195,8 +195,8 @@ else if ($_POST) {
}
} else if ($_POST['delete']) {
$container->delete_l7c();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
unset($container);
header("Location: firewall_shaper_layer7.php");
diff --git a/usr/local/www/firewall_shaper_queues.php b/usr/local/www/firewall_shaper_queues.php
index 68989e1..7eadc7b 100755
--- a/usr/local/www/firewall_shaper_queues.php
+++ b/usr/local/www/firewall_shaper_queues.php
@@ -81,8 +81,8 @@ if ($_GET) {
$qtmp =& $altq->find_queue("", $qname);
if ($qtmp) {
$qtmp->delete_queue();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
}
header("Location: firewall_shaper_queues.php");
exit;
@@ -119,8 +119,8 @@ if ($_GET) {
$newroot['queue'][] = $copycfg;
$config['shaper']['queue'][] = $newroot;
}
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
break;
}
}
diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php
index b2f2e1d..baeafe4 100644
--- a/usr/local/www/firewall_shaper_vinterface.php
+++ b/usr/local/www/firewall_shaper_vinterface.php
@@ -104,8 +104,8 @@ if ($_GET) {
}
if (!$input_errors) {
$queue->delete_queue();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
header("Location: firewall_shaper_vinterface.php");
exit;
}
@@ -133,17 +133,17 @@ if ($_GET) {
if (isset($rule['pdnpipe']))
unset($config['filter']['rule'][$key]['pdnpipe']);
}
- write_config();
-
- $retval = 0;
- $retval = filter_configure();
- $savemsg = get_std_save_message($retval);
-
- if (stristr($retval, "error") <> true)
+ if (write_config()) {
+ $retval = 0;
+ $retval = filter_configure();
$savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
+ if (stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ } else
+ $savemsg = gettext("Unable to write config.xml (Access Denied?)");
$output_form = $dn_default_shaper_message;
break;
@@ -176,8 +176,8 @@ if ($_GET) {
$queue->SetEnabled("on");
$output_form .= $queue->build_form();
$queue->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
} else
$input_errors[] = gettext("Queue not found!");
break;
@@ -186,8 +186,8 @@ if ($_GET) {
$queue->SetEnabled("");
$output_form .= $queue->build_form();
$queue->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
} else
$input_errors[] = gettext("Queue not found!");
break;
@@ -214,12 +214,12 @@ if ($_GET) {
$tmppath[] = $dnpipe->GetQname();
$dnpipe->SetLink(&$tmppath);
$dnpipe->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
$can_enable = true;
$can_add = true;
}
-
+
read_dummynet_config();
$output_form .= $dnpipe->build_form();
}
@@ -233,14 +233,14 @@ if ($_GET) {
if (!$input_errors) {
array_pop($tmppath);
$tmp->wconfig();
- write_config();
- $can_enable = true;
- $can_add = false;
- mark_subsystem_dirty('shaper');
- $can_enable = true;
+ if (write_config()) {
+ $can_enable = true;
+ $can_add = false;
+ mark_subsystem_dirty('shaper');
+ }
}
read_dummynet_config();
- $output_form .= $tmp->build_form();
+ $output_form .= $tmp->build_form();
} else
$input_errors[] = gettext("Could not add new queue.");
} else if ($_POST['apply']) {
@@ -274,8 +274,8 @@ if ($_GET) {
if (!$input_errors) {
$queue->update_dn_data($_POST);
$queue->wconfig();
- write_config();
- mark_subsystem_dirty('shaper');
+ if (write_config())
+ mark_subsystem_dirty('shaper');
$dontshow = false;
}
read_dummynet_config();
diff --git a/usr/local/www/firewall_virtual_ip.php b/usr/local/www/firewall_virtual_ip.php
index 547ce4b..e4aee0d 100755
--- a/usr/local/www/firewall_virtual_ip.php
+++ b/usr/local/www/firewall_virtual_ip.php
@@ -124,6 +124,12 @@ if ($_GET['act'] == "del") {
if (!$input_errors) {
+ $user = getUserEntry($_SESSION['Username']);
+ if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) {
+ header("Location: firewall_virtual_ip.php");
+ exit;
+ }
+
// Special case since every proxyarp vip is handled by the same daemon.
if ($a_vip[$_GET['id']]['mode'] == "proxyarp") {
$viface = $a_vip[$_GET['id']]['interface'];
diff --git a/usr/local/www/firewall_virtual_ip_edit.php b/usr/local/www/firewall_virtual_ip_edit.php
index ad05cdf..d208dd3 100755
--- a/usr/local/www/firewall_virtual_ip_edit.php
+++ b/usr/local/www/firewall_virtual_ip_edit.php
@@ -249,10 +249,10 @@ if ($_POST) {
}
$a_vip[$id] = $vipent;
- mark_subsystem_dirty('vip');
-
- write_config();
- file_put_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply", serialize($toapplylist));
+ if (write_config()) {
+ mark_subsystem_dirty('vip');
+ file_put_contents("{$g['tmp_path']}/.firewall_virtual_ip.apply", serialize($toapplylist));
+ }
header("Location: firewall_virtual_ip.php");
exit;
}
OpenPOWER on IntegriCloud