Skip to content

Instantly share code, notes, and snippets.

@PiBa-NL

PiBa-NL/pfsense - easyenable.php page

Created April 2, 2015 20:26
Show Gist options
  • Save PiBa-NL/d4298fb38f8ec4076880 to your computer and use it in GitHub Desktop.
Save PiBa-NL/d4298fb38f8ec4076880 to your computer and use it in GitHub Desktop.
Download ZIP
pfsense - easyenable.php page, for easily enabling disabling a set of rules
Raw
pfsense - easyenable.php page
<?php
/*
easyenable.php
Copyright (C) 2015 PiBa-NL
Copy and use it as you like.
*/
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
require_once("config.inc");
require_once("filter.inc");
require_once("pfsense-utils.inc");
?>
<html>
<body>
Easyenable rule config page.<br/><br/>
<?
if (!is_alias('easyenable_page')){
echo "No alias 'easyenable_page' was found to allow only certain client-ip's to use this page.";
exit;
}
if (is_array($config['aliases']['alias'])) {
$remote_addr = $_SERVER['REMOTE_ADDR'];
$clientok = false;
foreach ($config['aliases']['alias'] as $alias) {
if ($alias['name'] == 'easyenable_page') {
$addr = explode(" ",$alias['address']);
foreach($addr as $clientip)
if ($clientip == $remote_addr)
{
$clientok = true;
break;
}
}
}
if (!$clientok) {
echo "Sorry your not allowed to configure this.";
echo "<br/><br/>";
echo "To resolve this issue add the client ip to the 'easyenable_page' alias.";
exit;
}
}
?>
<a href='?enable=yes'>Enable<a/><br/><br/>
<a href='?enable=no'>Disable<a/><br/>
<?
$a_rules = &$config['filter']['rule'];
if (isset($_GET['enable'])) {
$rulesfound = false;
$enable_rules = $_GET['enable'] == 'yes';
foreach($a_rules as &$a_rule) {
if (stristr($a_rule['descr'], 'easydisable')) {
$rulesfound = true;
if ($enable_rules)
$a_rule['disabled'] = true;
else
unset($a_rule['disabled']);
}
if (stristr($a_rule['descr'], 'easyenable')) {
$rulesfound = true;
if ($enable_rules)
unset($a_rule['disabled']);
else
$a_rule['disabled'] = true;
}
}
$enabletext = $enable_rules ? 'enable' : 'disable';
write_config("easyenable set rules to " . $enabletext);
// Apply rules just like firewall_rules.php apply button:
$retval = filter_configure();
clear_subsystem_dirty('filter');
pfSense_handle_custom_code("/usr/local/pkg/firewall_rules/apply");
//
if (!$rulesfound)
echo "No rules where found that have easyenable or easydisable in their description.";
echo "<br/>easyenable set rules to " . $enabletext;
}
?>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment