summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/firewall_rules.php36
-rw-r--r--usr/local/www/system_groupmanager.php15
2 files changed, 40 insertions, 11 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php
index 7fea1d3..7cc96bc 100755
--- a/usr/local/www/firewall_rules.php
+++ b/usr/local/www/firewall_rules.php
@@ -31,6 +31,17 @@
POSSIBILITY OF SUCH DAMAGE.
*/
+function have_ruleint_access($if) {
+ global $config, $g, $HTTP_SERVER_VARS;
+ $allowed = $g['privs'];
+ if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))
+ return true;
+ $security_url = "firewall_rules.php?if=". strtolower($if);
+ if(in_array($security_url, $allowed))
+ return true;
+ return false;
+}
+
$pgtitle = array("Firewall", "Rules");
require("guiconfig.inc");
@@ -44,22 +55,29 @@ $if = $_GET['if'];
if ($_POST['if'])
$if = $_POST['if'];
-$iflist = array("lan" => "LAN", "wan" => "WAN");
+$iflist = array();
-for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
- $iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
-}
+if(have_ruleint_access("lan"))
+ $iflist['lan'] = "LAN";
+if(have_ruleint_access("wan"))
+ $iflist['wan'] = "WAN";
+
+for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++)
+ if(have_ruleint_access("opt{$i}"))
+ $iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr'];
if ($config['pptpd']['mode'] == "server")
- $iflist['pptp'] = "PPTP VPN";
+ if(have_ruleint_access("pptp"))
+ $iflist['pptp'] = "PPTP VPN";
if ($config['pppoe']['mode'] == "server")
- $iflist['pppoe'] = "PPPoE VPN";
+ if(have_ruleint_access("pppoe"))
+ $iflist['pppoe'] = "PPPoE VPN";
/* add ipsec interfaces */
-if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])){
- $iflist["enc0"] = "IPSEC";
-}
+if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable']))
+ if(have_ruleint_access("enc0"))
+ $iflist["enc0"] = "IPSEC";
if (!$if || !isset($iflist[$if]))
$if = "wan";
diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php
index f1f79be..7d74efe 100644
--- a/usr/local/www/system_groupmanager.php
+++ b/usr/local/www/system_groupmanager.php
@@ -121,17 +121,28 @@ function getAdminPageList() {
include("extensions.inc");
}
+ /* firewall rule view and edit entries for lan, wan, optX */
$iflist = array("lan" => "lan", "wan" => "wan");
for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) {
$iflist['opt' . $i] = strtolower($config['interfaces']['opt' . $i]['descr']);
}
foreach ($iflist as $ifent => $ifname) {
$entryname = "firewall_rules.php?if={$ifname}";
- $tmp[$entryname] = ("Firewall Rules: " . $ifname);
+ $tmp[$entryname] = ("Firewall: Rules: " . strtoupper($ifname));
$entryname = "firewall_rules_edit.php?if={$ifname}";
- $tmp[$entryname] = ("Firewall Rules: Edit: " . $ifname);
+ $tmp[$entryname] = ("Firewall: Rules: Edit: " . strtoupper($ifname));
}
+ /* additional firewal rules tab entries */
+ $entryname = "firewall_rules_edit.php?if=enc0";
+ $tmp[$entryname] = "Firewall: Rules: Edit: IPSEC";
+
+ $entryname = "firewall_rules_edit.php?if=pptp";
+ $tmp[$entryname] = "Firewall: Rules: Edit: PPTP";
+
+ $entryname = "firewall_rules_edit.php?if=pppoe";
+ $tmp[$entryname] = "Firewall: Rules: Edit: PPPoE";
+
asort($tmp);
return $tmp;
}
OpenPOWER on IntegriCloud