diff options
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/firewall_rules.php | 36 | ||||
-rw-r--r-- | usr/local/www/system_groupmanager.php | 15 |
2 files changed, 40 insertions, 11 deletions
diff --git a/usr/local/www/firewall_rules.php b/usr/local/www/firewall_rules.php index 7fea1d3..7cc96bc 100755 --- a/usr/local/www/firewall_rules.php +++ b/usr/local/www/firewall_rules.php @@ -31,6 +31,17 @@ POSSIBILITY OF SUCH DAMAGE. */ +function have_ruleint_access($if) { + global $config, $g, $HTTP_SERVER_VARS; + $allowed = $g['privs']; + if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) + return true; + $security_url = "firewall_rules.php?if=". strtolower($if); + if(in_array($security_url, $allowed)) + return true; + return false; +} + $pgtitle = array("Firewall", "Rules"); require("guiconfig.inc"); @@ -44,22 +55,29 @@ $if = $_GET['if']; if ($_POST['if']) $if = $_POST['if']; -$iflist = array("lan" => "LAN", "wan" => "WAN"); +$iflist = array(); -for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { - $iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; -} +if(have_ruleint_access("lan")) + $iflist['lan'] = "LAN"; +if(have_ruleint_access("wan")) + $iflist['wan'] = "WAN"; + +for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) + if(have_ruleint_access("opt{$i}")) + $iflist['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; if ($config['pptpd']['mode'] == "server") - $iflist['pptp'] = "PPTP VPN"; + if(have_ruleint_access("pptp")) + $iflist['pptp'] = "PPTP VPN"; if ($config['pppoe']['mode'] == "server") - $iflist['pppoe'] = "PPPoE VPN"; + if(have_ruleint_access("pppoe")) + $iflist['pppoe'] = "PPPoE VPN"; /* add ipsec interfaces */ -if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])){ - $iflist["enc0"] = "IPSEC"; -} +if (isset($config['ipsec']['enable']) || isset($config['ipsec']['mobileclients']['enable'])) + if(have_ruleint_access("enc0")) + $iflist["enc0"] = "IPSEC"; if (!$if || !isset($iflist[$if])) $if = "wan"; diff --git a/usr/local/www/system_groupmanager.php b/usr/local/www/system_groupmanager.php index f1f79be..7d74efe 100644 --- a/usr/local/www/system_groupmanager.php +++ b/usr/local/www/system_groupmanager.php @@ -121,17 +121,28 @@ function getAdminPageList() { include("extensions.inc"); } + /* firewall rule view and edit entries for lan, wan, optX */ $iflist = array("lan" => "lan", "wan" => "wan"); for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { $iflist['opt' . $i] = strtolower($config['interfaces']['opt' . $i]['descr']); } foreach ($iflist as $ifent => $ifname) { $entryname = "firewall_rules.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall Rules: " . $ifname); + $tmp[$entryname] = ("Firewall: Rules: " . strtoupper($ifname)); $entryname = "firewall_rules_edit.php?if={$ifname}"; - $tmp[$entryname] = ("Firewall Rules: Edit: " . $ifname); + $tmp[$entryname] = ("Firewall: Rules: Edit: " . strtoupper($ifname)); } + /* additional firewal rules tab entries */ + $entryname = "firewall_rules_edit.php?if=enc0"; + $tmp[$entryname] = "Firewall: Rules: Edit: IPSEC"; + + $entryname = "firewall_rules_edit.php?if=pptp"; + $tmp[$entryname] = "Firewall: Rules: Edit: PPTP"; + + $entryname = "firewall_rules_edit.php?if=pppoe"; + $tmp[$entryname] = "Firewall: Rules: Edit: PPPoE"; + asort($tmp); return $tmp; } |