Feature #5373
closed
Advanced option to add separator or group firewall rules in web gui
Added by TCI User over 8 years ago.
Updated about 8 years ago.
Description
Will be very helpful if we can add separator (and probably add a name) or group firewall rules in web GUI.
This would allow the users to have a better view over all rules on the page.
The group option cold be very helpful for advanced users if it has read/write restrictions so low level users could not access/modify the rules behind the group.
NOTE: I am aware that each rule has a name but a separator or group would benefit the visual search.
Files
Would also be very helpful to be able to add a label to the rule, beyond the description.
I've written some automation scripts, and use a filter to find the rule I want to modify, but it means that the description must contain some tokens to that effect.
For example [[Netflix]] would be the the token used by the automation script to find and enable/disable the rules with that token.
Please move this request to the main pfSense category.
It was created under the Packages category by mistake.
- Assignee set to Anonymous
- File rule_sepaators.gif added
- Status changed from New to Feedback
Here is a prototype version that allows separators to be added to the rule display. Let me know what you think.
It is not something I want to spend a lot of time on, but if this presentation is OK, then it might be reasonable.
- Assignee changed from Anonymous to TCI User
Initial functionality is now complete and ready for testing.
Click "+ Separator"
Add some text (or not)
Click the save button in the new separator
Drag the new separator to the position you want
Click the main "Save" button at the bottom of the table (which should now be enabled.
Thank you Steve. Having a group separator will help a lot.
Probably one day (in the future) we can see the rules hidden behind the separator (as a tree / sub-level).
Then (another day in the future) would be very useful to have user restrictions per separator (and every rule in the sub-level) so only users with access will be able to see/modify the rules. For example, I can create a separator "VPN access to customer A1" with multiple rules in the sub-level and make them restricted to anybody but me. In this case other users will be able to overwrite the rule by another one with a higher priority but I would not lose my rule own configuration.
Its really not that clever. The separator bar is just a label that is added to the rule display so that you can visually separate rules into logical groups. It has no effect on the rules themselves and is not in any way a hierarchy.
As you say, one day though :)
Somewhat sooner than that, I plan to add a cancel button and a color selector.
- File rule_sepaators.gif added
- File deleted (
rule_sepaators.gif)
- Project changed from pfSense Packages to pfSense
- Category set to Web Interface
- Target version set to 2.3
2 small improvements I believe would be good to have, both when editing a new separator:
- Cancel addition when press ESC
- Save item when press Enter
Esc key now cancels the new separator
Enter key saves it
If you try to change pages without saving you will get a warning message.
Events that trigger the warning include:
- Deleting
- Adding a separator
- Saving a separator without saving its position
- Dragging anything
Please note that Firefox cannot display a custom message, only its internal "canned" warning.
NAT would like to have this separator to, i think...
NAT will get this too. I'd like to get some more testing/feedback before doing that though.
- File deleted (
rule_sepaators.gif)
- Status changed from Feedback to Resolved
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by Anonymous 
Updated by 
Updated by