Commit 27eeef08 authored by Franco Fichtner's avatar Franco Fichtner

config: tone down overrides for config revision history

(cherry picked from commit abc621a2)
parent f8b9d427
...@@ -306,34 +306,28 @@ function set_device_perms() { ...@@ -306,34 +306,28 @@ function set_device_perms() {
} }
function make_config_revision_entry($desc = null, $override_user = null) function make_config_revision_entry($desc = null)
{ {
global $config; global $config;
if (empty($override_user)) { if (!empty($_SESSION['Username'])) {
if (empty($_SESSION["Username"])) { $username = $_SESSION['Username'];
$username = getenv("USER");
if (empty($username) || $username == "root") {
$username = "(system)";
}
} else { } else {
$username = $_SESSION["Username"]; $username = '(' . shell_exec('/usr/bin/whoami') . ')';
} }
if (!empty($_SERVER['REMOTE_ADDR'])) { if (!empty($_SERVER['REMOTE_ADDR'])) {
$username .= '@' . $_SERVER['REMOTE_ADDR']; $username .= '@' . $_SERVER['REMOTE_ADDR'];
} }
} else {
$username = $override_user; if ($desc == null) {
$desc = sprintf(gettext('%s changed the configuration'), $_SERVER['SCRIPT_NAME']);
} }
$revision = array(); $revision = array();
$revision['username'] = $username; $revision['username'] = $username;
$revision['time'] = microtime(true); $revision['time'] = microtime(true);
if ($desc == null || $desc == 'Unknown') {
$revision['description'] = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
} else {
$revision['description'] = $desc; $revision['description'] = $desc;
}
return $revision; return $revision;
} }
......
...@@ -644,7 +644,7 @@ function step12_submitphpaction() { ...@@ -644,7 +644,7 @@ function step12_submitphpaction() {
$rule['protocol'] = strtolower($server['protocol']); $rule['protocol'] = strtolower($server['protocol']);
$rule['type'] = "pass"; $rule['type'] = "pass";
$rule['enabled'] = "on"; $rule['enabled'] = "on";
$rule['created'] = make_config_revision_entry(null, gettext("OpenVPN Wizard")); $rule['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $rule; $config['filter']['rule'][] = $rule;
} }
if (isset($pconfig['step11']['ovpnallow'])) { if (isset($pconfig['step11']['ovpnallow'])) {
...@@ -659,7 +659,7 @@ function step12_submitphpaction() { ...@@ -659,7 +659,7 @@ function step12_submitphpaction() {
//$rule['protocol'] = $server['protocol']; //$rule['protocol'] = $server['protocol'];
$rule['type'] = "pass"; $rule['type'] = "pass";
$rule['enabled'] = "on"; $rule['enabled'] = "on";
$rule['created'] = make_config_revision_entry(null, gettext("OpenVPN Wizard")); $rule['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $rule; $config['filter']['rule'][] = $rule;
} }
......
...@@ -121,7 +121,7 @@ function easyrule_block_rule_create($int = 'wan', $ipproto = "inet") { ...@@ -121,7 +121,7 @@ function easyrule_block_rule_create($int = 'wan', $ipproto = "inet") {
$filterent['source']['address'] = $blockaliasname . strtoupper($int); $filterent['source']['address'] = $blockaliasname . strtoupper($int);
$filterent['destination']['any'] = ''; $filterent['destination']['any'] = '';
$filterent['descr'] = gettext("Easy Rule: Blocked from Firewall Log View"); $filterent['descr'] = gettext("Easy Rule: Blocked from Firewall Log View");
$filterent['created'] = make_config_revision_entry(null, gettext("Easy Rule")); $filterent['created'] = make_config_revision_entry();
array_splice($a_filter, 0, 0, array($filterent)); array_splice($a_filter, 0, 0, array($filterent));
...@@ -309,7 +309,7 @@ function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipp ...@@ -309,7 +309,7 @@ function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipp
pconfig_to_address($filterent['source'], $srchost, $srcmask); pconfig_to_address($filterent['source'], $srchost, $srcmask);
pconfig_to_address($filterent['destination'], $dsthost, $dstmask, '', $dstport, $dstport); pconfig_to_address($filterent['destination'], $dsthost, $dstmask, '', $dstport, $dstport);
$filterent['created'] = make_config_revision_entry(null, gettext("Easy Rule")); $filterent['created'] = make_config_revision_entry();
$a_filter[] = $filterent; $a_filter[] = $filterent;
write_config($filterent['descr']); write_config($filterent['descr']);
......
...@@ -365,7 +365,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -365,7 +365,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// If this is a new rule, create an ID and add the rule // If this is a new rule, create an ID and add the rule
if( isset($pconfig['filter-rule-association']) && $pconfig['filter-rule-association']=='add-associated' ) { if( isset($pconfig['filter-rule-association']) && $pconfig['filter-rule-association']=='add-associated' ) {
$filterent['associated-rule-id'] = $natent['associated-rule-id'] = uniqid("nat_", true); $filterent['associated-rule-id'] = $natent['associated-rule-id'] = uniqid("nat_", true);
$filterent['created'] = make_config_revision_entry(null, gettext("NAT Port Forward")); $filterent['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $filterent; $config['filter']['rule'][] = $filterent;
} }
mark_subsystem_dirty('filter'); mark_subsystem_dirty('filter');
......
...@@ -84,7 +84,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { ...@@ -84,7 +84,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
foreach ($automatic_rules as $natent) { foreach ($automatic_rules as $natent) {
$natent['source']['network'] = $tonathost['subnet']; $natent['source']['network'] = $tonathost['subnet'];
$natent['descr'] .= ' - ' . $tonathost['descr'] . ' -> ' . convert_real_interface_to_friendly_descr($natent['interface']); $natent['descr'] .= ' - ' . $tonathost['descr'] . ' -> ' . convert_real_interface_to_friendly_descr($natent['interface']);
$natent['created'] = make_config_revision_entry(null, gettext("Manual Outbound NAT Switch")); $natent['created'] = make_config_revision_entry();
/* Try to detect already auto created rules and avoid duplicate them */ /* Try to detect already auto created rules and avoid duplicate them */
$found = false; $found = false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment