Project

General

Profile

Feature #5373

Advanced option to add separator or group firewall rules in web gui

Added by TCI User over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
11/04/2015
Due date:
% Done:

0%

Estimated time:

Description

Will be very helpful if we can add separator (and probably add a name) or group firewall rules in web GUI.
This would allow the users to have a better view over all rules on the page.

The group option cold be very helpful for advanced users if it has read/write restrictions so low level users could not access/modify the rules behind the group.

NOTE: I am aware that each rule has a name but a separator or group would benefit the visual search.

rule_sepaators.gif (774 KB) rule_sepaators.gif Steve Beaver, 01/20/2016 11:05 AM

History

#1 Updated by Andrew Webster over 3 years ago

Would also be very helpful to be able to add a label to the rule, beyond the description.
I've written some automation scripts, and use a filter to find the rule I want to modify, but it means that the description must contain some tokens to that effect.
For example [[Netflix]] would be the the token used by the automation script to find and enable/disable the rules with that token.

#2 Updated by TCI User over 3 years ago

Please move this request to the main pfSense category.

It was created under the Packages category by mistake.

#3 Updated by Jim Thompson over 3 years ago

  • Assignee set to Steve Beaver

#4 Updated by Steve Beaver over 3 years ago

  • File rule_sepaators.gif added
  • Status changed from New to Feedback

Here is a prototype version that allows separators to be added to the rule display. Let me know what you think.

It is not something I want to spend a lot of time on, but if this presentation is OK, then it might be reasonable.

#5 Updated by Steve Beaver over 3 years ago

  • Assignee changed from Steve Beaver to TCI User

Initial functionality is now complete and ready for testing.

Click "+ Separator"
Add some text (or not)
Click the save button in the new separator
Drag the new separator to the position you want
Click the main "Save" button at the bottom of the table (which should now be enabled.

#6 Updated by Steve Beaver over 3 years ago

Ready for testing

#7 Updated by TCI User over 3 years ago

Thank you Steve. Having a group separator will help a lot.

Probably one day (in the future) we can see the rules hidden behind the separator (as a tree / sub-level).
Then (another day in the future) would be very useful to have user restrictions per separator (and every rule in the sub-level) so only users with access will be able to see/modify the rules. For example, I can create a separator "VPN access to customer A1" with multiple rules in the sub-level and make them restricted to anybody but me. In this case other users will be able to overwrite the rule by another one with a higher priority but I would not lose my rule own configuration.

#8 Updated by Steve Beaver over 3 years ago

Its really not that clever. The separator bar is just a label that is added to the rule display so that you can visually separate rules into logical groups. It has no effect on the rules themselves and is not in any way a hierarchy.

As you say, one day though :)

Somewhat sooner than that, I plan to add a cancel button and a color selector.

#9 Updated by Steve Beaver over 3 years ago

  • File rule_sepaators.gif added

#10 Updated by Steve Beaver over 3 years ago

  • File deleted (rule_sepaators.gif)

#11 Updated by Renato Botelho over 3 years ago

  • Project changed from pfSense Packages to pfSense
  • Category set to Web Interface
  • Target version set to 2.3

2 small improvements I believe would be good to have, both when editing a new separator:

- Cancel addition when press ESC
- Save item when press Enter

#12 Updated by Steve Beaver over 3 years ago

Esc key now cancels the new separator
Enter key saves it

If you try to change pages without saving you will get a warning message.

Events that trigger the warning include:

  1. Deleting
  2. Adding a separator
  3. Saving a separator without saving its position
  4. Dragging anything

Please note that Firefox cannot display a custom message, only its internal "canned" warning.

#13 Updated by Raul Ramos over 3 years ago

NAT would like to have this separator to, i think...

#14 Updated by Steve Beaver over 3 years ago

NAT will get this too. I'd like to get some more testing/feedback before doing that though.

#15 Updated by Steve Beaver over 3 years ago

  • File deleted (rule_sepaators.gif)

#17 Updated by Steve Beaver over 3 years ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF