Advanced option to add separator or group firewall rules in web gui
Will be very helpful if we can add separator (and probably add a name) or group firewall rules in web GUI.
This would allow the users to have a better view over all rules on the page.
The group option cold be very helpful for advanced users if it has read/write restrictions so low level users could not access/modify the rules behind the group.
NOTE: I am aware that each rule has a name but a separator or group would benefit the visual search.
#1 Updated by Andrew Webster about 4 years ago
Would also be very helpful to be able to add a label to the rule, beyond the description.
I've written some automation scripts, and use a filter to find the rule I want to modify, but it means that the description must contain some tokens to that effect.
For example [[Netflix]] would be the the token used by the automation script to find and enable/disable the rules with that token.
#4 Updated by Steve Beaver about 4 years ago
- File rule_sepaators.gif added
- Status changed from New to Feedback
Here is a prototype version that allows separators to be added to the rule display. Let me know what you think.
It is not something I want to spend a lot of time on, but if this presentation is OK, then it might be reasonable.
#5 Updated by Steve Beaver about 4 years ago
- Assignee changed from Steve Beaver to TCI User
Initial functionality is now complete and ready for testing.
Click "+ Separator"
Add some text (or not)
Click the save button in the new separator
Drag the new separator to the position you want
Click the main "Save" button at the bottom of the table (which should now be enabled.
#7 Updated by TCI User about 4 years ago
Thank you Steve. Having a group separator will help a lot.
Probably one day (in the future) we can see the rules hidden behind the separator (as a tree / sub-level).
Then (another day in the future) would be very useful to have user restrictions per separator (and every rule in the sub-level) so only users with access will be able to see/modify the rules. For example, I can create a separator "VPN access to customer A1" with multiple rules in the sub-level and make them restricted to anybody but me. In this case other users will be able to overwrite the rule by another one with a higher priority but I would not lose my rule own configuration.
#8 Updated by Steve Beaver about 4 years ago
Its really not that clever. The separator bar is just a label that is added to the rule display so that you can visually separate rules into logical groups. It has no effect on the rules themselves and is not in any way a hierarchy.
As you say, one day though :)
Somewhat sooner than that, I plan to add a cancel button and a color selector.
#11 Updated by Renato Botelho about 4 years ago
- Project changed from pfSense Packages to pfSense
- Category set to Web Interface
- Target version set to 2.3
2 small improvements I believe would be good to have, both when editing a new separator:
- Cancel addition when press ESC
- Save item when press Enter
#12 Updated by Steve Beaver about 4 years ago
Esc key now cancels the new separator
Enter key saves it
If you try to change pages without saving you will get a warning message.
Events that trigger the warning include:
- Adding a separator
- Saving a separator without saving its position
- Dragging anything
Please note that Firefox cannot display a custom message, only its internal "canned" warning.