Commit 90eea7db authored by Franco Fichtner's avatar Franco Fichtner

acl: mostly merge rework from master

Keep two names intact that were broken on master for the sake
of simplicity: legacy map stays in place for these two.

(cherry picked from commit 4763373d)
(cherry picked from commit 9ad060f6)
(cherry picked from commit a90efa28)
(cherry picked from commit d83563fa)
(cherry picked from commit 4b99ff9f)
(cherry picked from commit 9205427c)
(cherry picked from commit 40879017)
(cherry picked from commit ffbbfc96)
(cherry picked from commit a674b5e0)
parent 58a8f00e
...@@ -428,6 +428,7 @@ ...@@ -428,6 +428,7 @@
/usr/local/opnsense/mvc/app/models/OPNsense/CaptivePortal/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/CaptivePortal/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/CaptivePortal/Migrations/M1_0_0.php /usr/local/opnsense/mvc/app/models/OPNsense/CaptivePortal/Migrations/M1_0_0.php
/usr/local/opnsense/mvc/app/models/OPNsense/Core/ACL.php /usr/local/opnsense/mvc/app/models/OPNsense/Core/ACL.php
/usr/local/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Core/ACL_Legacy_Page_Map.json /usr/local/opnsense/mvc/app/models/OPNsense/Core/ACL_Legacy_Page_Map.json
/usr/local/opnsense/mvc/app/models/OPNsense/Cron/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/Cron/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Cron/Cron.php /usr/local/opnsense/mvc/app/models/OPNsense/Cron/Cron.php
...@@ -444,6 +445,10 @@ ...@@ -444,6 +445,10 @@
/usr/local/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml /usr/local/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
/usr/local/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/IDS/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_0.php /usr/local/opnsense/mvc/app/models/OPNsense/IDS/Migrations/M1_0_0.php
/usr/local/opnsense/mvc/app/models/OPNsense/IGMPProxy/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/IGMPProxy/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Ntpd/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Ntpd/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Proxy/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/Proxy/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Migrations/M1_0_0.php /usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Migrations/M1_0_0.php
...@@ -451,6 +456,8 @@ ...@@ -451,6 +456,8 @@
/usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml /usr/local/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/SNMP/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/SNMP/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Migrations/M1_0_0.php /usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Migrations/M1_0_0.php
...@@ -458,6 +465,8 @@ ...@@ -458,6 +465,8 @@
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.xml /usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.xml
/usr/local/opnsense/mvc/app/models/OPNsense/UPnP/ACL/ACL.xml /usr/local/opnsense/mvc/app/models/OPNsense/UPnP/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/UPnP/Menu/Menu.xml /usr/local/opnsense/mvc/app/models/OPNsense/UPnP/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/WOL/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/WOL/Menu/Menu.xml
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt /usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/index.volt /usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/index.volt
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/vouchers.volt /usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/vouchers.volt
......
...@@ -252,21 +252,6 @@ ...@@ -252,21 +252,6 @@
<Lookup order="40" url="/diag_dns.php"/> <Lookup order="40" url="/diag_dns.php"/>
<LogFile order="100" VisibleName="Log File" url="/diag_logs_resolver.php"/> <LogFile order="100" VisibleName="Log File" url="/diag_logs_resolver.php"/>
</DNSTools> </DNSTools>
<IGMPProxy VisibleName="IGMP Proxy" url="/services_igmpproxy.php" cssClass="fa fa-map-signs fa-fw">
<Edit url="/services_igmpproxy_edit.php" visibility="hidden"/>
</IGMPProxy>
<NTP VisibleName="Network Time" cssClass="fa fa-clock-o fa-fw">
<General order="10" url="/services_ntpd.php"/>
<GPS order="20" url="/services_ntpd_gps.php"/>
<PPS order="30" url="/services_ntpd_pps.php"/>
<Status order="40" url="/status_ntpd.php"/>
<Log order="50" VisibleName="Log File" url="/diag_logs_ntpd.php"/>
</NTP>
<SNMP url="/services_snmp.php" cssClass="fa fa-database fa-fw"/>
<WoL VisibleName="Wake on LAN" url="/services_wol.php" cssClass="fa fa-power-off fa-fw">
<WoLEdit url="/services_wol_edit.php*" visibility="hidden"/>
<Wol url="/services_wol.php*" visibility="hidden"/>
</WoL>
<Diagnostics order="900" cssClass="fa fa-medkit fa-fw" url="/status_services.php"> <Diagnostics order="900" cssClass="fa fa-medkit fa-fw" url="/status_services.php">
<All url="/status_services.php?*" visibility="hidden"/> <All url="/status_services.php?*" visibility="hidden"/>
</Diagnostics> </Diagnostics>
......
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-services-captiveportal> <page-services-captiveportal>
<name>WebCfg - Services: Captive Portal</name> <name>Services: Captive Portal</name>
<description>Allow access to the 'Services: Captive Portal' page.</description>
<patterns> <patterns>
<pattern>ui/captiveportal/*</pattern> <pattern>ui/captiveportal/*</pattern>
<pattern>api/captiveportal/*</pattern> <pattern>api/captiveportal/*</pattern>
......
...@@ -112,10 +112,6 @@ class ACL ...@@ -112,10 +112,6 @@ class ACL
if (isset($ACLnode->name)) { if (isset($ACLnode->name)) {
$aclPayload = array(); $aclPayload = array();
$aclPayload['name'] = (string)$ACLnode->name; $aclPayload['name'] = (string)$ACLnode->name;
if (isset($ACLnode->description)) {
// rename internal tag for backward compat.
$aclPayload['descr'] = (string)$ACLnode->description;
}
if (isset($ACLnode->patterns->pattern)) { if (isset($ACLnode->patterns->pattern)) {
// rename pattern to match for internal usage, old code did use match and // rename pattern to match for internal usage, old code did use match and
// to avoid duplicate conversion let's do this only on input. // to avoid duplicate conversion let's do this only on input.
...@@ -267,8 +263,8 @@ class ACL ...@@ -267,8 +263,8 @@ class ACL
foreach ($this->ACLtags as $aclKey => $aclItem) { foreach ($this->ACLtags as $aclKey => $aclItem) {
$priv_list[$aclKey] = array(); $priv_list[$aclKey] = array();
foreach ($aclItem as $propName => $propValue) { foreach ($aclItem as $propName => $propValue) {
if ($propName == 'name' || $propName == 'descr') { if ($propName == 'name') {
// translate name and description tags // translate name tag
$priv_list[$aclKey][$propName] = gettext($propValue); $priv_list[$aclKey][$propName] = gettext($propValue);
} else { } else {
$priv_list[$aclKey][$propName] = $propValue; $priv_list[$aclKey][$propName] = $propValue;
......
<acl>
<user-config-readonly>
<name>System: Deny config write</name>
</user-config-readonly>
<user-shell-access>
<name>System: Shell account access</name>
</user-shell-access>
<user-ipsec-xauth-dialin>
<name>VPN: IPsec XAUTH dialin</name>
</user-ipsec-xauth-dialin>
<user-proxy-auth>
<name>Proxy: Login</name>
</user-proxy-auth>
<page-getserviceproviders>
<name>AJAX: Get Service Providers</name>
<patterns>
<pattern>license.php</pattern>
<pattern>getserviceproviders.php*</pattern>
</patterns>
</page-getserviceproviders>
<page-getstats>
<name>AJAX: Get Stats</name>
<patterns>
<pattern>license.php</pattern>
<pattern>widgets/api/get.php*</pattern>
</patterns>
</page-getstats>
<page-all>
<name>All pages</name>
<patterns>
<pattern>*</pattern>
</patterns>
</page-all>
<page-diagnostics-crash-reporter>
<name>System: Crash Reporter</name>
<patterns>
<pattern>crash_reporter.php*</pattern>
</patterns>
</page-diagnostics-crash-reporter>
<page-dashboard-all>
<name>Dashboard (all)</name>
<patterns>
<pattern>index.php*</pattern>
<pattern>*.widget.php*</pattern>
<pattern>widgets/api/get.php*</pattern>
<pattern>diag_logs_filter_dynamic.php*</pattern>
</patterns>
</page-dashboard-all>
<page-dashboard-widgets>
<name>Dashboard (widgets only)</name>
<patterns>
<pattern>*.widget.php*</pattern>
</patterns>
</page-dashboard-widgets>
<page-diagnostics-authentication>
<name>Diagnostics: Authentication</name>
<patterns>
<pattern>diag_authentication.php*</pattern>
</patterns>
</page-diagnostics-authentication>
<page-diagnostics-configurationhistory>
<name>Diagnostics: Configuration History</name>
<patterns>
<pattern>diag_confbak.php*</pattern>
</patterns>
</page-diagnostics-configurationhistory>
<page-diagnostics-factorydefaults>
<name>Diagnostics: Factory defaults</name>
<patterns>
<pattern>diag_defaults.php*</pattern>
</patterns>
</page-diagnostics-factorydefaults>
<page-diagnostics-haltsystem>
<name>Diagnostics: Halt system</name>
<patterns>
<pattern>diag_halt.php*</pattern>
</patterns>
</page-diagnostics-haltsystem>
<page-diagnostics-limiter-info>
<name>Diagnostics: Limiter Info</name>
<patterns>
<pattern>diag_limiter_info.php*</pattern>
</patterns>
</page-diagnostics-limiter-info>
<page-diagnostics-logs-dhcp>
<name>Diagnostics: Logs: DHCP</name>
<patterns>
<pattern>diag_logs_dhcp.php*</pattern>
</patterns>
</page-diagnostics-logs-dhcp>
<page-diagnostics-logs-gateways>
<name>Diagnostics: Logs: Gateways</name>
<patterns>
<pattern>diag_logs_gateways.php*</pattern>
</patterns>
</page-diagnostics-logs-gateways>
<page-diagnostics-logs-resolver>
<name>Diagnostics: Logs: Resolver</name>
<patterns>
<pattern>diag_logs_resolver.php*</pattern>
</patterns>
</page-diagnostics-logs-resolver>
<page-diagnostics-logs-settings>
<name>Diagnostics: Logs: Settings</name>
<patterns>
<pattern>diag_logs_settings.php*</pattern>
</patterns>
</page-diagnostics-logs-settings>
<page-diagnostics-logs-system>
<name>Diagnostics: Logs: System</name>
<patterns>
<pattern>diag_logs.php*</pattern>
</patterns>
</page-diagnostics-logs-system>
<page-diagnostics-packetcapture>
<name>Diagnostics: Packet Capture</name>
<patterns>
<pattern>diag_packet_capture.php*</pattern>
</patterns>
</page-diagnostics-packetcapture>
<page-diagnostics-tables>
<name>Diagnostics: PF Table IP addresses</name>
<patterns>
<pattern>diag_tables.php*</pattern>
</patterns>
</page-diagnostics-tables>
<page-diagnostics-pf-info>
<name>Diagnostics: pfInfo</name>
<patterns>
<pattern>diag_pf_info.php*</pattern>
</patterns>
</page-diagnostics-pf-info>
<page-diagnostics-system-pftop>
<name>Diagnostics: pfTop</name>
<patterns>
<pattern>diag_system_pftop.php*</pattern>
</patterns>
</page-diagnostics-system-pftop>
<page-diagnostics-ping>
<name>Diagnostics: Ping</name>
<patterns>
<pattern>diag_ping.php*</pattern>
</patterns>
</page-diagnostics-ping>
<page-diagnostics-rebootsystem>
<name>Diagnostics: Reboot System</name>
<patterns>
<pattern>reboot.php*</pattern>
</patterns>
</page-diagnostics-rebootsystem>
<page-diagnostics-resetstate>
<name>Diagnostics: Reset state</name>
<patterns>
<pattern>diag_resetstate.php*</pattern>
</patterns>
</page-diagnostics-resetstate>
<page-diagnostics-showstates>
<name>Diagnostics: Show States</name>
<patterns>
<pattern>diag_dump_states.php*</pattern>
</patterns>
</page-diagnostics-showstates>
<page-diagnostics-sockets>
<name>Diagnostics: Sockets</name>
<patterns>
<pattern>diag_sockets.php*</pattern>
</patterns>
</page-diagnostics-sockets>
<page-diagnostics-statessummary>
<name>Diagnostics: States Summary</name>
<patterns>
<pattern>diag_states_summary.php*</pattern>
</patterns>
</page-diagnostics-statessummary>
<page-diagnostics-testport>
<name>Diagnostics: Test Port</name>
<patterns>
<pattern>diag_testport.php*</pattern>
</patterns>
</page-diagnostics-testport>
<page-diagnostics-traceroute>
<name>Diagnostics: Traceroute</name>
<patterns>
<pattern>diag_traceroute.php*</pattern>
</patterns>
</page-diagnostics-traceroute>
<page-firewall-alias-edit>
<name>Firewall: Alias: Edit</name>
<patterns>
<pattern>firewall_aliases_edit.php*</pattern>
</patterns>
</page-firewall-alias-edit>
<page-firewall-alias-import>
<name>Firewall: Alias: Import</name>
<patterns>
<pattern>firewall_aliases_import.php*</pattern>
</patterns>
</page-firewall-alias-import>
<page-firewall-aliases>
<name>Firewall: Aliases</name>
<patterns>
<pattern>firewall_aliases.php*</pattern>
</patterns>
</page-firewall-aliases>
<page-firewall-nat-1-1>
<name>Firewall: NAT: 1:1</name>
<patterns>
<pattern>firewall_nat_1to1.php*</pattern>
</patterns>
</page-firewall-nat-1-1>
<page-firewall-nat-1-1-edit>
<name>Firewall: NAT: 1:1: Edit</name>
<patterns>
<pattern>firewall_nat_1to1_edit.php*</pattern>
</patterns>
</page-firewall-nat-1-1-edit>
<page-firewall-nat-npt>
<name>Firewall: NAT: NPT</name>
<patterns>
<pattern>firewall_nat_npt.php*</pattern>
</patterns>
</page-firewall-nat-npt>
<page-firewall-nat-npt-edit>
<name>Firewall: NAT: NPT: Edit</name>
<patterns>
<pattern>firewall_nat_npt_edit.php*</pattern>
</patterns>
</page-firewall-nat-npt-edit>
<page-firewall-nat-outbound>
<name>Firewall: NAT: Outbound</name>
<patterns>
<pattern>firewall_nat_out.php*</pattern>
</patterns>
</page-firewall-nat-outbound>
<page-firewall-nat-outbound-edit>
<name>Firewall: NAT: Outbound: Edit</name>
<patterns>
<pattern>firewall_nat_out_edit.php*</pattern>
</patterns>
</page-firewall-nat-outbound-edit>
<page-firewall-nat-portforward>
<name>Firewall: NAT: Port Forward</name>
<patterns>
<pattern>firewall_nat.php*</pattern>
</patterns>
</page-firewall-nat-portforward>
<page-firewall-nat-portforward-edit>
<name>Firewall: NAT: Port Forward: Edit</name>
<patterns>
<pattern>firewall_nat_edit.php*</pattern>
</patterns>
</page-firewall-nat-portforward-edit>
<page-firewall-rules>
<name>Firewall: Rules</name>
<patterns>
<pattern>firewall_rules.php*</pattern>
</patterns>
</page-firewall-rules>
<page-firewall-rules-edit>
<name>Firewall: Rules: Edit</name>
<patterns>
<pattern>firewall_rules_edit.php*</pattern>
</patterns>
</page-firewall-rules-edit>
<page-firewall-schedules>
<name>Firewall: Schedules</name>
<patterns>
<pattern>firewall_schedule.php*</pattern>
</patterns>
</page-firewall-schedules>
<page-firewall-scrub>
<name>Firewall: Normalization</name>
<patterns>
<pattern>firewall_scrub.php*</pattern>
<pattern>firewall_scrub_edit.php*</pattern>
</patterns>
</page-firewall-scrub>
<page-firewall-schedules-edit>
<name>Firewall: Schedules: Edit</name>
<patterns>
<pattern>firewall_schedule_edit.php*</pattern>
</patterns>
</page-firewall-schedules-edit>
<page-firewall-virtualipaddress-edit>
<name>Firewall: Virtual IP Address: Edit</name>
<patterns>
<pattern>firewall_virtual_ip_edit.php*</pattern>
</patterns>
</page-firewall-virtualipaddress-edit>
<page-firewall-virtualipaddresses>
<name>Firewall: Virtual IP Addresses</name>
<patterns>
<pattern>firewall_virtual_ip.php*</pattern>
</patterns>
</page-firewall-virtualipaddresses>
<page-diagnostics-logs-firewall>
<name>Diagnostics: Logs: Firewall: Normal View</name>
<patterns>
<pattern>diag_logs_filter.php*</pattern>
</patterns>
</page-diagnostics-logs-firewall>
<page-diagnostics-logs-firewall-plain>
<name>Diagnostics: Logs: Firewall: Plain View</name>
<patterns>
<pattern>diag_logs_filter_plain.php*</pattern>
</patterns>
</page-diagnostics-logs-firewall-plain>
<page-diagnostics-logs-firewall-dynamic>
<name>Diagnostics: Logs: Firewall: Dynamic View</name>
<patterns>
<pattern>diag_logs_filter_dynamic.php*</pattern>
</patterns>
</page-diagnostics-logs-firewall-dynamic>
<page-diagnostics-logs-firewall-summary>
<name>Diagnostics: Logs: Firewall: Summary View</name>
<patterns>
<pattern>diag_logs_filter_summary.php*</pattern>
</patterns>
</page-diagnostics-logs-firewall-summary>
<page-interfaces-assignnetworkports>
<name>Interfaces: Assign network ports</name>
<patterns>
<pattern>interfaces_assign.php*</pattern>
</patterns>
</page-interfaces-assignnetworkports>
<page-interfaces-bridge-edit>
<name>Interfaces: Bridge edit</name>
<patterns>
<pattern>interfaces_bridge_edit.php*</pattern>
</patterns>
</page-interfaces-bridge-edit>
<page-interfaces-bridge>
<name>Interfaces: Bridge</name>
<patterns>
<pattern>interfaces_bridge.php*</pattern>
</patterns>
</page-interfaces-bridge>
<page-interfaces-gif>
<name>Interfaces: GIF</name>
<patterns>
<pattern>interfaces_gif.php*</pattern>
</patterns>
</page-interfaces-gif>
<page-interfaces-gif-edit>
<name>Interfaces: GIF: Edit</name>
<patterns>
<pattern>interfaces_gif_edit.php*</pattern>
</patterns>
</page-interfaces-gif-edit>
<page-interfaces-gre>
<name>Interfaces: GRE</name>
<patterns>
<pattern>interfaces_gre.php*</pattern>
</patterns>
</page-interfaces-gre>
<page-interfaces-gre-edit>
<name>Interfaces: GRE: Edit</name>
<patterns>
<pattern>interfaces_gre_edit.php*</pattern>
</patterns>
</page-interfaces-gre-edit>
<page-interfaces-groups>
<name>Interfaces: Groups</name>
<patterns>
<pattern>interfaces_groups.php*</pattern>
</patterns>
</page-interfaces-groups>
<page-interfaces-groups-edit>
<name>Interfaces: Groups: Edit</name>
<patterns>
<pattern>interfaces_groups_edit.php*</pattern>
</patterns>
</page-interfaces-groups-edit>
<page-interfaces-lagg-edit>
<name>Interfaces: LAGG: Edit</name>
<patterns>
<pattern>interfaces_lagg_edit.php*</pattern>
</patterns>
</page-interfaces-lagg-edit>
<page-interfaces-lagg>
<name>Interfaces: LAGG</name>
<patterns>
<pattern>interfaces_lagg.php*</pattern>
</patterns>
</page-interfaces-lagg>
<page-interfaces-ppps>
<name>Interfaces: PPPs</name>
<patterns>
<pattern>interfaces_ppps.php*</pattern>
</patterns>
</page-interfaces-ppps>
<page-interfaces-ppps-edit>
<name>Interfaces: PPPs: Edit</name>
<patterns>
<pattern>interfaces_ppps_edit.php*</pattern>
</patterns>
</page-interfaces-ppps-edit>
<page-interfaces-qinq>
<name>Interfaces: QinQ</name>
<patterns>
<pattern>interfaces_qinq.php*</pattern>
</patterns>
</page-interfaces-qinq>
<page-interfaces-qinq-edit>
<name>Interfaces: QinQ: Edit</name>
<patterns>
<pattern>interfaces_qinq_edit.php*</pattern>
</patterns>
</page-interfaces-qinq-edit>
<page-interfaces-vlan>
<name>Interfaces: VLAN</name>
<patterns>
<pattern>interfaces_vlan.php*</pattern>
</patterns>
</page-interfaces-vlan>
<page-interfaces-vlan-edit>
<name>Interfaces: VLAN: Edit</name>
<patterns>
<pattern>interfaces_vlan_edit.php*</pattern>
</patterns>
</page-interfaces-vlan-edit>
<page-interfaces>
<name>Interfaces: WAN</name>
<patterns>
<pattern>interfaces.php*</pattern>
</patterns>
</page-interfaces>
<page-interfaces-wireless-edit>
<name>Interfaces: Wireless edit</name>
<patterns>
<pattern>interfaces_wireless_edit.php*</pattern>
</patterns>
</page-interfaces-wireless-edit>
<page-interfaces-wireless>
<name>Interfaces: Wireless</name>
<patterns>
<pattern>interfaces_wireless.php*</pattern>
</patterns>
</page-interfaces-wireless>
<page-pfsensewizardsubsystem>
<name>Wizard subsystem</name>
<patterns>
<pattern>wizard.php*</pattern>
</patterns>
</page-pfsensewizardsubsystem>
<page-services-dhcprelay>
<name>Services: DHCP Relay</name>
<patterns>
<pattern>services_dhcp_relay.php*</pattern>
</patterns>
</page-services-dhcprelay>
<page-services-dhcpserver-editstaticmapping>
<name>Services: DHCP Server : Edit static mapping</name>
<patterns>
<pattern>services_dhcp_edit.php*</pattern>
</patterns>
</page-services-dhcpserver-editstaticmapping>
<page-services-dhcpserver>
<name>Services: DHCP server</name>
<patterns>
<pattern>services_dhcp.php*</pattern>
</patterns>
</page-services-dhcpserver>
<page-services-dhcpv6relay>
<name>Services: DHCPv6 Relay</name>
<patterns>
<pattern>services_dhcpv6_relay.php*</pattern>
</patterns>
</page-services-dhcpv6relay>
<page-services-dhcpserverv6-editstaticmapping>
<name>Services: DHCPv6 Server : Edit static mapping</name>
<patterns>
<pattern>services_dhcpv6_edit.php*</pattern>
</patterns>
</page-services-dhcpserverv6-editstaticmapping>
<page-services-dhcpv6server>
<name>Services: DHCPv6 server</name>
<patterns>
<pattern>services_dhcpv6.php*</pattern>
</patterns>
</page-services-dhcpv6server>
<page-services-opendns>
<name>Services: DNS Filter</name>
<patterns>
<pattern>services_opendns.php*</pattern>
</patterns>
</page-services-opendns>
<page-services-dnsforwarder>
<name>Services: DNS Forwarder</name>
<patterns>
<pattern>services_dnsmasq.php*</pattern>
</patterns>
</page-services-dnsforwarder>
<page-services-dnsforwarder-editdomainoverride>
<name>Services: DNS Forwarder: Edit Domain Override</name>
<patterns>
<pattern>services_dnsmasq_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-editdomainoverride>
<page-services-dnsforwarder-edithost>
<name>Services: DNS Forwarder: Edit host</name>
<patterns>
<pattern>services_dnsmasq_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-edithost>
<page-services-dnsresolver>
<name>Services: DNS Resolver</name>
<patterns>
<pattern>services_unbound.php*</pattern>
</patterns>
</page-services-dnsresolver>
<page-services-dnsresolver-acls>
<name>Services: DNS Resolver: Access Lists</name>
<patterns>
<pattern>services_unbound_acls.php*</pattern>
</patterns>
</page-services-dnsresolver-acls>
<page-services-dnsresolver-editacls>
<name>Services: DNS Resolver: Access Lists: Edit</name>
<patterns>
<pattern>services_unbound_acls_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editacls>
<page-services-dnsresolver-advanced>
<name>Services: DNS Resolver: Advanced</name>
<patterns>
<pattern>services_unbound_advanced.php*</pattern>
</patterns>
</page-services-dnsresolver-advanced>
<page-services-dnsresolver-editdomainoverride>
<name>Services: DNS Resolver: Edit Domain Override</name>
<patterns>
<pattern>services_unbound_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editdomainoverride>
<page-services-dnsresolver-edithost>
<name>Services: DNS Resolver: Edit host</name>
<patterns>
<pattern>services_unbound_host_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-edithost>
<page-services-dynamicdnsclient>
<name>Services: Dynamic DNS client</name>
<patterns>
<pattern>services_dyndns_edit.php*</pattern>
</patterns>
</page-services-dynamicdnsclient>
<page-services-dynamicdnsclients>
<name>Services: Dynamic DNS clients</name>
<patterns>
<pattern>services_dyndns.php*</pattern>
</patterns>
</page-services-dynamicdnsclients>
<page-services-rfc2136clients>
<name>Services: RFC 2136 clients</name>
<patterns>
<pattern>services_rfc2136.php*</pattern>
</patterns>
</page-services-rfc2136clients>
<page-services-router-advertisements>
<name>Services: Router advertisements</name>
<patterns>
<pattern>services_router_advertisements.php*</pattern>
</patterns>
</page-services-router-advertisements>
<page-status-carp>
<name>Status: CARP</name>
<patterns>
<pattern>carp_status.php*</pattern>
</patterns>
</page-status-carp>
<page-status-habackup>
<name>Status: HA backup</name>
<patterns>
<pattern>status_habackup.php</pattern>
</patterns>
</page-status-habackup>
<page-status-dhcpleases>
<name>Status: DHCP leases</name>
<patterns>
<pattern>status_dhcp_leases.php*</pattern>
</patterns>
</page-status-dhcpleases>
<page-status-dhcpv6leases>
<name>Status: DHCPv6 leases</name>
<patterns>
<pattern>status_dhcpv6_leases.php*</pattern>
</patterns>
</page-status-dhcpv6leases>
<page-status-filterreloadstatus>
<name>Status: Filter Reload Status</name>
<patterns>
<pattern>status_filter_reload.php*</pattern>
</patterns>
</page-status-filterreloadstatus>
<page-status-gatewaygroups>
<name>Status: Gateway Groups</name>
<patterns>
<pattern>status_gateway_groups.php*</pattern>
</patterns>
</page-status-gatewaygroups>
<page-status-gateways>
<name>Status: Gateways</name>
<patterns>
<pattern>status_gateways.php*</pattern>
</patterns>
</page-status-gateways>
<page-status-interfaces>
<name>Status: Interfaces</name>
<patterns>
<pattern>status_interfaces.php*</pattern>
</patterns>
</page-status-interfaces>
<page-status-ipsec>
<name>Status: IPsec</name>
<patterns>
<pattern>diag_ipsec.php*</pattern>
</patterns>
</page-status-ipsec>
<page-status-ipsec-leases>
<name>Status: IPsec: Leasespage</name>
<patterns>
<pattern>diag_ipsec_leases.php*</pattern>
</patterns>
</page-status-ipsec-leases>
<page-status-ipsec-sad>
<name>Status: IPsec: SAD</name>
<patterns>
<pattern>diag_ipsec_sad.php*</pattern>
</patterns>
</page-status-ipsec-sad>
<page-status-ipsec-spd>
<name>Status: IPsec: SPD</name>
<patterns>
<pattern>diag_ipsec_spd.php*</pattern>
</patterns>
</page-status-ipsec-spd>
<page-status-openvpn>
<name>Status: OpenVPN</name>
<patterns>
<pattern>status_openvpn.php*</pattern>
</patterns>
</page-status-openvpn>
<page-status-services>
<name>Status: Services</name>
<patterns>
<pattern>status_services.php*</pattern>
</patterns>
</page-status-services>
<page-status-systemlogs-portalauth>
<name>Status: System logs: Captive portal</name>
<patterns>
<pattern>diag_logs_auth.php*</pattern>
</patterns>
</page-status-systemlogs-portalauth>
<page-status-systemlogs-ipsecvpn>
<name>Status: System logs: IPsec VPN</name>
<patterns>
<pattern>diag_logs_ipsec.php*</pattern>
</patterns>
</page-status-systemlogs-ipsecvpn>
<page-status-systemlogs-ppp>
<name>Status: System logs: IPsec VPN</name>
<patterns>
<pattern>diag_logs_ppp.php*</pattern>
</patterns>
</page-status-systemlogs-ppp>
<page-status-systemlogs-openvpn>
<name>Status: System logs: OpenVPN</name>
<patterns>
<pattern>diag_logs_openvpn.php*</pattern>
</patterns>
</page-status-systemlogs-openvpn>
<page-status-systemlogs-routing>
<name>Status: System logs: Routing</name>
<patterns>
<pattern>diag_logs_routing.php*</pattern>
</patterns>
</page-status-systemlogs-routing>
<page-status-systemlogs-wireless>
<name>Status: System logs: Wireless</name>
<patterns>
<pattern>diag_logs_wireless.php*</pattern>
</patterns>
</page-status-systemlogs-wireless>
<page-status-trafficgraph>
<name>Status: Traffic Graph</name>
<patterns>
<pattern>status_graph.php*</pattern>
</patterns>
</page-status-trafficgraph>
<page-diagnostics-wirelessstatus>
<name>Status: Wireless</name>
<patterns>
<pattern>status_wireless.php*</pattern>
</patterns>
</page-diagnostics-wirelessstatus>
<page-system-advanced-admin>
<name>System: Advanced: Admin Access Page</name>
<patterns>
<pattern>system_advanced_admin.php*</pattern>
</patterns>
</page-system-advanced-admin>
<page-system-advanced-firewall>
<name>System: Advanced: Firewall and NAT</name>
<patterns>
<pattern>system_advanced_firewall.php*</pattern>
</patterns>
</page-system-advanced-firewall>
<page-system-advanced-misc>
<name>System: Advanced: Miscellaneous</name>
<patterns>
<pattern>system_advanced_misc.php*</pattern>
</patterns>
</page-system-advanced-misc>
<page-system-advanced-network>
<name>System: Advanced: Network</name>
<patterns>
<pattern>system_advanced_network.php*</pattern>
</patterns>
</page-system-advanced-network>
<page-system-advanced-notifications>
<name>System: Advanced: Notifications</name>
<patterns>
<pattern>system_advanced_notifications.php*</pattern>
</patterns>
</page-system-advanced-notifications>
<page-system-advanced-sysctl>
<name>System: Advanced: Tunables</name>
<patterns>
<pattern>system_advanced_sysctl.php*</pattern>
</patterns>
</page-system-advanced-sysctl>
<page-system-authservers>
<name>System: Authentication Servers</name>
<patterns>
<pattern>system_authservers.php*</pattern>
</patterns>
</page-system-authservers>
<page-system-camanager>
<name>System: CA Manager</name>
<patterns>
<pattern>system_camanager.php*</pattern>
</patterns>
</page-system-camanager>
<page-system-certmanager>
<name>System: Certificate Manager</name>
<patterns>
<pattern>system_certmanager.php*</pattern>
</patterns>
</page-system-certmanager>
<page-system-crlmanager>
<name>System: CRL Manager</name>
<patterns>
<pattern>system_crlmanager.php*</pattern>
</patterns>
</page-system-crlmanager>
<page-system-firmware-autoupdate>
<name>System: Firmware</name>
<patterns>
<pattern>ui/core/firmware/*</pattern>
<pattern>api/core/firmware/*</pattern>
</patterns>
</page-system-firmware-autoupdate>
<page-system-firmware-manualupdate>
<name>System: Firmware</name>
<patterns>
<pattern>ui/core/firmware/*</pattern>
<pattern>api/core/firmware/*</pattern>
</patterns>
</page-system-firmware-manualupdate>
<page-system-gatewaygroups>
<name>System: Gateway Groups</name>
<patterns>
<pattern>system_gateway_groups.php*</pattern>
</patterns>
</page-system-gatewaygroups>
<page-system-gateways>
<name>System: Gateways</name>
<patterns>
<pattern>system_gateways.php*</pattern>
</patterns>
</page-system-gateways>
<page-system-gateways-editgatewaygroups>
<name>System: Gateways: Edit Gateway Groups</name>
<patterns>
<pattern>system_gateway_groups_edit.php*</pattern>
</patterns>
</page-system-gateways-editgatewaygroups>
<page-system-gateways-editgateway>
<name>System: Gateways: Edit Gateway</name>
<patterns>
<pattern>system_gateways_edit.php*</pattern>
</patterns>
</page-system-gateways-editgateway>
<page-system-generalsetup>
<name>System: General Setup</name>
<patterns>
<pattern>system_general.php*</pattern>
</patterns>
</page-system-generalsetup>
<page-system-groupmanager>
<name>System: Group manager</name>
<patterns>
<pattern>system_groupmanager.php*</pattern>
</patterns>
</page-system-groupmanager>
<page-system-groupmanager-addprivs>
<name>System: Group Manager: Add Privileges</name>
<patterns>
<pattern>system_usermanager_addprivs.php?group*</pattern>
</patterns>
</page-system-groupmanager-addprivs>
<page-system-hasync>
<name>System: High Availability</name>
<patterns>
<pattern>system_hasync.php*</pattern>
</patterns>
</page-system-hasync>
<page-system-license>
<name>System: License</name>
<patterns>
<pattern>license.php*</pattern>
</patterns>
</page-system-license>
<page-system-staticroutes>
<name>System: Static Routes</name>
<patterns>
<pattern>system_routes.php*</pattern>
</patterns>
</page-system-staticroutes>
<page-system-staticroutes-editroute>
<name>System: Static Routes: Edit route</name>
<patterns>
<pattern>system_routes_edit.php*</pattern>
</patterns>
</page-system-staticroutes-editroute>
<page-system-usermanager>
<name>System: User Manager</name>
<patterns>
<pattern>system_usermanager.php*</pattern>
<pattern>system_usermanager_import_ldap.php*</pattern>
</patterns>
</page-system-usermanager>
<page-system-usermanager-addprivs>
<name>System: User Manager: Add Privileges</name>
<patterns>
<pattern>system_usermanager_addprivs.php?user*</pattern>
</patterns>
</page-system-usermanager-addprivs>
<page-system-usermanager-settings>
<name>System: User Manager: settings</name>
<patterns>
<pattern>system_usermanager_settings.php*</pattern>
</patterns>
</page-system-usermanager-settings>
<page-system-usermanager-settings-testldap>
<name>System: User Manager: Settings: Test LDAP</name>
<patterns>
<pattern>system_usermanager_settings_test.php*</pattern>
</patterns>
</page-system-usermanager-settings-testldap>
<page-system-usermanager-passwordmg>
<name>System: User Password Manager</name>
<patterns>
<pattern>system_usermanager_passwordmg.php*</pattern>
</patterns>
</page-system-usermanager-passwordmg>
<page-vpn-ipsec>
<name>VPN: IPsec</name>
<patterns>
<pattern>vpn_ipsec.php*</pattern>
</patterns>
</page-vpn-ipsec>
<page-vpn-ipsec-editphase1>
<name>VPN: IPsec: Edit Phase 1</name>
<patterns>
<pattern>vpn_ipsec_phase1.php*</pattern>
</patterns>
</page-vpn-ipsec-editphase1>
<page-vpn-ipsec-editphase2>
<name>VPN: IPsec: Edit Phase 2</name>
<patterns>
<pattern>vpn_ipsec_phase2.php*</pattern>
</patterns>
</page-vpn-ipsec-editphase2>
<page-vpn-ipsec-editkeys>
<name>VPN: IPsec: Edit Pre-Shared Keys</name>
<patterns>
<pattern>vpn_ipsec_keys_edit.php*</pattern>
</patterns>
</page-vpn-ipsec-editkeys>
<page-vpn-ipsec-mobile>
<name>VPN: IPsec: Mobile</name>
<patterns>
<pattern>vpn_ipsec_mobile.php*</pattern>
</patterns>
</page-vpn-ipsec-mobile>
<page-vpn-ipsec-listkeys>
<name>VPN: IPsec: Pre-Shared Keys List</name>
<patterns>
<pattern>vpn_ipsec_keys.php*</pattern>
</patterns>
</page-vpn-ipsec-listkeys>
<page-openvpn-client-export>
<name>VPN: OpenVPN: Client Export Utility</name>
<patterns>
<pattern>vpn_openvpn_export.php*</pattern>
</patterns>
</page-openvpn-client-export>
<page-openvpn-client>
<name>VPN: OpenVPN: Client</name>
<patterns>
<pattern>vpn_openvpn_client.php*</pattern>
</patterns>
</page-openvpn-client>
<page-openvpn-csc>
<name>VPN: OpenVPN: Client Specific Override</name>
<patterns>
<pattern>vpn_openvpn_csc.php*</pattern>
</patterns>
</page-openvpn-csc>
<page-openvpn-server>
<name>VPN: OpenVPN: Server</name>
<patterns>
<pattern>vpn_openvpn_server.php*</pattern>
</patterns>
</page-openvpn-server>
<page-xmlrpclibrary>
<name>XMLRPC Library</name>
<patterns>
<pattern>xmlrpc.php*</pattern>
</patterns>
</page-xmlrpclibrary>
</acl>
{ {
"user-config-readonly": {
"name": "User - Config - Deny Config Write",
"descr": "If present, ignores requests from this user to write config.xml."
},
"user-shell-access": {
"name": "User - System - Shell account access",
"descr": "Indicates whether the user is able to login for example via SSH."
},
"user-ipsec-xauth-dialin": {
"name": "User - VPN - IPsec xauth Dialin",
"descr": "Indicates whether the user is allowed to dial in via IPsec xauth."
},
"user-proxy-auth": {
"name": "User - Proxy - Login",
"descr": "Indicates whether the user is allowed to authenticate with the proxy."
},
"page-getserviceproviders": {
"name": "WebCfg - AJAX: Get Service Providers",
"descr": "Allow access to the 'AJAX: Service Providers' page.",
"match": [
"license.php",
"getserviceproviders.php*"
]
},
"page-getstats": {
"name": "WebCfg - AJAX: Get Stats",
"descr": "Allow access to the 'AJAX: Get Stats' page.",
"match": [
"license.php",
"widgets/api/get.php*"
]
},
"page-all": {
"name": "WebCfg - All pages",
"descr": "Allow access to all pages",
"match": [
"*"
]
},
"page-diagnostics-crash-reporter": {
"name": "WebCfg - System: Crash Reporter",
"descr": "Uploads crash reports to the developers.",
"match": [
"crash_reporter.php*"
]
},
"page-dashboard-all": {
"name": "WebCfg - Dashboard (all)",
"descr": "Allow access to all pages required for the dashboard.",
"match": [
"index.php*",
"*.widget.php*",
"widgets/api/get.php*",
"diag_logs_filter_dynamic.php*"
]
},
"page-dashboard-widgets": {
"name": "WebCfg - Dashboard widgets (direct access).",
"descr": "Allow direct access to all Dashboard widget pages, required for some widgets using AJAX.",
"match": [
"*.widget.php*"
]
},
"page-diagnostics-authentication": {
"name": "WebCfg - Diagnostics: Authentication page",
"descr": "Allow access to the 'Diagnostics: Authentication' page.",
"match": [
"diag_authentication.php*"
]
},
"page-diagnostics-backup\/restore": { "page-diagnostics-backup\/restore": {
"name": "WebCfg - Diagnostics: Backup\/restore page", "name": "Diagnostics: Backup \/ restore page",
"descr": "Allow access to the 'Diagnostics: Backup\/restore' page.",
"match": [ "match": [
"diag_backup.php*" "diag_backup.php*"
] ]
}, },
"page-diagnostics-configurationhistory": {
"name": "WebCfg - Diagnostics: Configuration History page",
"descr": "Allow access to the 'Diagnostics: Configuration History' page.",
"match": [
"diag_confbak.php*"
]
},
"page-diagnostics-factorydefaults": {
"name": "WebCfg - Diagnostics: Factory defaults page",
"descr": "Allow access to the 'Diagnostics: Factory defaults' page.",
"match": [
"diag_defaults.php*"
]
},
"page-diagnostics-haltsystem": {
"name": "WebCfg - Diagnostics: Halt system page",
"descr": "Allow access to the 'Diagnostics: Halt system' page.",
"match": [
"diag_halt.php*"
]
},
"page-diagnostics-limiter-info": {
"name": "WebCfg - Diagnostics: Limiter Info",
"descr": "Allows access to the 'Diagnostics: Limiter Info' page",
"match": [
"diag_limiter_info.php*"
]
},
"page-diagnostics-logs-dhcp": {
"name": "WebCfg - Diagnostics: Logs: DHCP page",
"descr": "Allow access to the 'Diagnostics: Logs: DHCP' page.",
"match": [
"diag_logs_dhcp.php*"
]
},
"page-diagnostics-logs-gateways": {
"name": "WebCfg - Diagnostics: Logs: Gateways page",
"descr": "Allow access to the 'Diagnostics: Logs: System: Gateways' page.",
"match": [
"diag_logs_gateways.php*"
]
},
"page-diagnostics-logs-resolver": {
"name": "WebCfg - Diagnostics: Logs: Resolver page",
"descr": "Allow access to the 'Diagnostics: Logs: System: Resolver' page.",
"match": [
"diag_logs_resolver.php*"
]
},
"page-diagnostics-logs-settings": {
"name": "WebCfg - Diagnostics: Logs: Settings page",
"descr": "Allow access to the 'Diagnostics: Logs: Settings' page.",
"match": [
"diag_logs_settings.php*"
]
},
"page-diagnostics-logs-system": {
"name": "WebCfg - Diagnostics: Logs: System page",
"descr": "Allow access to the 'Diagnostics: Logs: System' page.",
"match": [
"diag_logs.php*"
]
},
"page-diagnostics-packetcapture": {
"name": "WebCfg - Diagnostics: Packet Capture page",
"descr": "Allow access to the 'Diagnostics: Packet Capture' page.",
"match": [
"diag_packet_capture.php*"
]
},
"page-diagnostics-tables": {
"name": "WebCfg - Diagnostics: PF Table IP addresses",
"descr": "Allow access to the 'Diagnostics: Tables' page.",
"match": [
"diag_tables.php*"
]
},
"page-diagnostics-pf-info": {
"name": "WebCfg - Diagnostics: pfInfo",
"descr": "Allows access to the 'Diagnostics: pfInfo' page",
"match": [
"diag_pf_info.php*"
]
},
"page-diagnostics-system-pftop": {
"name": "WebCfg - Diagnostics: pfTop",
"descr": "Allows access to the 'Diagnostics: pfTop' page",
"match": [
"diag_system_pftop.php*"
]
},
"page-diagnostics-ping": {
"name": "WebCfg - Diagnostics: Ping page",
"descr": "Allow access to the 'Diagnostics: Ping' page.",
"match": [
"diag_ping.php*"
]
},
"page-diagnostics-rebootsystem": {
"name": "WebCfg - Diagnostics: Reboot System page",
"descr": "Allow access to the 'Diagnostics: Reboot System' page.",
"match": [
"reboot.php*"
]
},
"page-diagnostics-resetstate": {
"name": "WebCfg - Diagnostics: Reset state page",
"descr": "Allow access to the 'Diagnostics: Reset state' page.",
"match": [
"diag_resetstate.php*"
]
},
"page-diagnostics-showstates": {
"name": "WebCfg - Diagnostics: Show States page",
"descr": "Allow access to the 'Diagnostics: Show States' page.",
"match": [
"diag_dump_states.php*"
]
},
"page-diagnostics-sockets": {
"name": "WebCfg - Diagnostics: Sockets page",
"descr": "Allow access to the 'Diagnostics: Sockets' page.",
"match": [
"diag_sockets.php*"
]
},
"page-diagnostics-statessummary": {
"name": "WebCfg - Diagnostics: States Summary page",
"descr": "Allow access to the 'Diagnostics: States Summary' page.",
"match": [
"diag_states_summary.php*"
]
},
"page-diagnostics-testport": {
"name": "WebCfg - Diagnostics: Test Port",
"descr": "Allow access to the 'Diagnostics: Test Port' page.",
"match": [
"diag_testport.php*"
]
},
"page-diagnostics-traceroute": {
"name": "WebCfg - Diagnostics: Traceroute page",
"descr": "Allow access to the 'Diagnostics: Traceroute' page.",
"match": [
"diag_traceroute.php*"
]
},
"page-firewall-alias-edit": {
"name": "WebCfg - Firewall: Alias: Edit page",
"descr": "Allow access to the 'Firewall: Alias: Edit' page.",
"match": [
"firewall_aliases_edit.php*"
]
},
"page-firewall-alias-import": {
"name": "WebCfg - Firewall: Alias: Import page",
"descr": "Allow access to the 'Firewall: Alias: Import' page.",
"match": [
"firewall_aliases_import.php*"
]
},
"page-firewall-aliases": {
"name": "WebCfg - Firewall: Aliases page",
"descr": "Allow access to the 'Firewall: Aliases' page.",
"match": [
"firewall_aliases.php*"
]
},
"page-firewall-easyrule": {
"name": "WebCfg - Firewall: Easy Rule add\/status page",
"descr": "Allow access to the 'Firewall: Easy Rule' add\/status page.",
"match": [
"easyrule.php*"
]
},
"page-firewall-nat-1-1": {
"name": "WebCfg - Firewall: NAT: 1:1 page",
"descr": "Allow access to the 'Firewall: NAT: 1:1' page.",
"match": [
"firewall_nat_1to1.php*"
]
},
"page-firewall-nat-1-1-edit": {
"name": "WebCfg - Firewall: NAT: 1:1: Edit page",
"descr": "Allow access to the 'Firewall: NAT: 1:1: Edit' page.",
"match": [
"firewall_nat_1to1_edit.php*"
]
},
"page-firewall-nat-npt": {
"name": "WebCfg - Firewall: NAT: NPT page",
"descr": "Allow access to the 'Firewall: NAT: NPT' page.",
"match": [
"firewall_nat_npt.php*"
]
},
"page-firewall-nat-npt-edit": {
"name": "WebCfg - Firewall: NAT: NPT: Edit page",
"descr": "Allow access to the 'Firewall: NAT: NPT: Edit' page.",
"match": [
"firewall_nat_npt_edit.php*"
]
},
"page-firewall-nat-outbound": {
"name": "WebCfg - Firewall: NAT: Outbound page",
"descr": "Allow access to the 'Firewall: NAT: Outbound' page.",
"match": [
"firewall_nat_out.php*"
]
},
"page-firewall-nat-outbound-edit": {
"name": "WebCfg - Firewall: NAT: Outbound: Edit page",
"descr": "Allow access to the 'Firewall: NAT: Outbound: Edit' page.",
"match": [
"firewall_nat_out_edit.php*"
]
},
"page-firewall-nat-portforward": {
"name": "WebCfg - Firewall: NAT: Port Forward page",
"descr": "Allow access to the 'Firewall: NAT: Port Forward' page.",
"match": [
"firewall_nat.php*"
]
},
"page-firewall-nat-portforward-edit": {
"name": "WebCfg - Firewall: NAT: Port Forward: Edit page",
"descr": "Allow access to the 'Firewall: NAT: Port Forward: Edit' page.",
"match": [
"firewall_nat_edit.php*"
]
},
"page-firewall-rules": {
"name": "WebCfg - Firewall: Rules page",
"descr": "Allow access to the 'Firewall: Rules' page.",
"match": [
"firewall_rules.php*"
]
},
"page-firewall-rules-edit": {
"name": "WebCfg - Firewall: Rules: Edit page",
"descr": "Allow access to the 'Firewall: Rules: Edit' page.",
"match": [
"firewall_rules_edit.php*"
]
},
"page-firewall-schedules": {
"name": "WebCfg - Firewall: Schedules page",
"descr": "Allow access to the 'Firewall: Schedules' page.",
"match": [
"firewall_schedule.php*"
]
},
"page-firewall-scrub": {
"name": "WebCfg - Firewall: Normalization page",
"descr": "Allow access to the 'Firewall: Normalization' page.",
"match": [
"firewall_scrub.php*",
"firewall_scrub_edit.php*"
]
},
"page-firewall-schedules-edit": {
"name": "WebCfg - Firewall: Schedules: Edit page",
"descr": "Allow access to the 'Firewall: Schedules: Edit' page.",
"match": [
"firewall_schedule_edit.php*"
]
},
"page-firewall-virtualipaddress-edit": {
"name": "WebCfg - Firewall: Virtual IP Address: Edit page",
"descr": "Allow access to the 'Firewall: Virtual IP Address: Edit' page.",
"match": [
"firewall_virtual_ip_edit.php*"
]
},
"page-firewall-virtualipaddresses": {
"name": "WebCfg - Firewall: Virtual IP Addresses page",
"descr": "Allow access to the 'Firewall: Virtual IP Addresses' page.",
"match": [
"firewall_virtual_ip.php*"
]
},
"page-diagnostics-logs-firewall": {
"name": "WebCfg - Diagnostics: Logs: Firewall: Normal View page",
"descr": "Allow access to the 'Diagnostics: Logs: Firewall: Normal View' page.",
"match": [
"diag_logs_filter.php*"
]
},
"page-diagnostics-logs-firewall-plain": {
"name": "WebCfg - Diagnostics: Logs: Firewall: Plain View page",
"descr": "Allow access to the 'Diagnostics: Logs: Firewall: Plain View' page.",
"match": [
"diag_logs_filter_plain.php*"
]
},
"page-diagnostics-logs-firewall-dynamic": {
"name": "WebCfg - Diagnostics: Logs: Firewall: Dynamic View page",
"descr": "Allow access to the 'Diagnostics: Logs: Firewall: Dynamic View' page.",
"match": [
"diag_logs_filter_dynamic.php*"
]
},
"page-diagnostics-logs-firewall-summary": {
"name": "WebCfg - Diagnostics: Logs: Firewall: Summary View page",
"descr": "Allow access to the 'Diagnostics: Logs: Firewall: Summary View' page.",
"match": [
"diag_logs_filter_summary.php*"
]
},
"page-interfaces-assignnetworkports": {
"name": "WebCfg - Interfaces: Assign network ports page",
"descr": "Allow access to the 'Interfaces: Assign network ports' page.",
"match": [
"interfaces_assign.php*"
]
},
"page-interfaces-bridge-edit": {
"name": "WebCfg - Interfaces: Bridge edit page",
"descr": "Allow access to the 'Interfaces: Bridge : Edit' page.",
"match": [
"interfaces_bridge_edit.php*"
]
},
"page-interfaces-bridge": {
"name": "WebCfg - Interfaces: Bridge page",
"descr": "Allow access to the 'Interfaces: Bridge' page.",
"match": [
"interfaces_bridge.php*"
]
},
"page-interfaces-gif": {
"name": "WebCfg - Interfaces: GIF page",
"descr": "Allow access to the 'Interfaces: GIF' page.",
"match": [
"interfaces_gif.php*"
]
},
"page-interfaces-gif-edit": {
"name": "WebCfg - Interfaces: GIF: Edit page",
"descr": "Allow access to the 'Interfaces: GIF: Edit' page.",
"match": [
"interfaces_gif_edit.php*"
]
},
"page-interfaces-gre": {
"name": "WebCfg - Interfaces: GRE page",
"descr": "Allow access to the 'Interfaces: GRE' page.",
"match": [
"interfaces_gre.php*"
]
},
"page-interfaces-gre-edit": {
"name": "WebCfg - Interfaces: GRE: Edit page",
"descr": "Allow access to the 'Interfaces: GRE: Edit' page.",
"match": [
"interfaces_gre_edit.php*"
]
},
"page-interfaces-groups": {
"name": "WebCfg - Interfaces: Groups page",
"descr": "Allow access to the 'Interfaces: Groups' page.",
"match": [
"interfaces_groups.php*"
]
},
"page-interfaces-groups-edit": {
"name": "WebCfg - Interfaces: Groups: Edit page",
"descr": "Allow access to the 'Interfaces: Groups: Edit' page.",
"match": [
"interfaces_groups_edit.php*"
]
},
"page-interfaces-lagg-edit": {
"name": "WebCfg - Interfaces: LAGG: Edit page",
"descr": "Allow access to the 'Interfaces: LAGG: Edit' page.",
"match": [
"interfaces_lagg_edit.php*"
]
},
"page-interfaces-lagg": {
"name": "WebCfg - Interfaces: LAGG page",
"descr": "Allow access to the 'Interfaces: LAGG' page.",
"match": [
"interfaces_lagg.php*"
]
},
"page-interfaces-ppps": {
"name": "WebCfg - Interfaces: PPPs page",
"descr": "Allow access to the 'Interfaces: PPPs' page.",
"match": [
"interfaces_ppps.php*"
]
},
"page-interfaces-ppps-edit": {
"name": "WebCfg - Interfaces: PPPs: Edit page",
"descr": "Allow access to the 'Interfaces: PPPs: Edit' page.",
"match": [
"interfaces_ppps_edit.php*"
]
},
"page-interfaces-qinq": {
"name": "WebCfg - Interfaces: QinQ page",
"descr": "Allow access to the 'Interfaces: QinQ' page.",
"match": [
"interfaces_qinq.php*"
]
},
"page-interfaces-qinq-edit": {
"name": "WebCfg - Interfaces: QinQ: Edit page",
"descr": "Allow access to 'Interfaces: QinQ: Edit' page",
"match": [
"interfaces_qinq_edit.php*"
]
},
"page-interfaces-vlan": {
"name": "WebCfg - Interfaces: VLAN page",
"descr": "Allow access to the 'Interfaces: VLAN' page.",
"match": [
"interfaces_vlan.php*"
]
},
"page-interfaces-vlan-edit": {
"name": "WebCfg - Interfaces: VLAN: Edit page",
"descr": "Allow access to the 'Interfaces: VLAN: Edit' page.",
"match": [
"interfaces_vlan_edit.php*"
]
},
"page-interfaces": {
"name": "WebCfg - Interfaces: WAN page",
"descr": "Allow access to the 'Interfaces' page.",
"match": [
"interfaces.php*"
]
},
"page-interfaces-wireless-edit": {
"name": "WebCfg - Interfaces: Wireless edit page",
"descr": "Allow access to the 'Interfaces: Wireless : Edit' page.",
"match": [
"interfaces_wireless_edit.php*"
]
},
"page-interfaces-wireless": {
"name": "WebCfg - Interfaces: Wireless page",
"descr": "Allow access to the 'Interfaces: Wireless' page.",
"match": [
"interfaces_wireless.php*"
]
},
"page-system-login\/logout": { "page-system-login\/logout": {
"name": "WebCfg - Lobby: Login \/ Logout \/ Dashboard page", "name": "Lobby: Login \/ Logout \/ Dashboard page",
"descr": "Allow access to the 'Lobby: Login \/ Logout\/ Dashboard' page.",
"match": [ "match": [
"index.php*" "index.php*"
] ]
},
"page-pfsensewizardsubsystem": {
"name": "WebCfg - Wizard subsystem page",
"descr": "Allow access to the 'Wizard subsystem' page.",
"match": [
"wizard.php*"
]
},
"page-services-dhcprelay": {
"name": "WebCfg - Services: DHCP Relay page",
"descr": "Allow access to the 'Services: DHCP Relay' page.",
"match": [
"services_dhcp_relay.php*"
]
},
"page-services-dhcpserver-editstaticmapping": {
"name": "WebCfg - Services: DHCP Server : Edit static mapping page",
"descr": "Allow access to the 'Services: DHCP Server : Edit static mapping' page.",
"match": [
"services_dhcp_edit.php*"
]
},
"page-services-dhcpserver": {
"name": "WebCfg - Services: DHCP server page",
"descr": "Allow access to the 'Services: DHCP server' page.",
"match": [
"services_dhcp.php*"
]
},
"page-services-dhcpv6relay": {
"name": "WebCfg - Services: DHCPv6 Relay page",
"descr": "Allow access to the 'Services: DHCPv6 Relay' page.",
"match": [
"services_dhcpv6_relay.php*"
]
},
"page-services-dhcpserverv6-editstaticmapping": {
"name": "WebCfg - Services: DHCPv6 Server : Edit static mapping page",
"descr": "Allow access to the 'Services: DHCPv6 Server : Edit static mapping' page.",
"match": [
"services_dhcpv6_edit.php*"
]
},
"page-services-dhcpv6server": {
"name": "WebCfg - Services: DHCPv6 server page",
"descr": "Allow access to the 'Services: DHCPv6 server' page.",
"match": [
"services_dhcpv6.php*"
]
},
"page-services-opendns": {
"name": "WebCfg - Services: DNS Filter",
"descr": "Allow access to the 'Services: DNS Filter' page.",
"match": [
"services_opendns.php*"
]
},
"page-services-dnsforwarder": {
"name": "WebCfg - Services: DNS Forwarder page",
"descr": "Allow access to the 'Services: DNS Forwarder' page.",
"match": [
"services_dnsmasq.php*"
]
},
"page-services-dnsforwarder-editdomainoverride": {
"name": "WebCfg - Services: DNS Forwarder: Edit Domain Override page",
"descr": "Allow access to the 'Services: DNS Forwarder: Edit Domain Override' page.",
"match": [
"services_dnsmasq_domainoverride_edit.php*"
]
},
"page-services-dnsforwarder-edithost": {
"name": "WebCfg - Services: DNS Forwarder: Edit host page",
"descr": "Allow access to the 'Services: DNS Forwarder: Edit host' page.",
"match": [
"services_dnsmasq_edit.php*"
]
},
"page-services-dnsresolver": {
"name": "WebCfg - Services: DNS Resolver page",
"descr": "Allow access to the 'Services: DNS Resolver' page.",
"match": [
"services_unbound.php*"
]
},
"page-services-dnsresolver-acls": {
"name": "WebCfg - Services: DNS Resolver: Access Lists page",
"descr": "Allow access to the 'Services: DNS Resolver: Access Lists' page.",
"match": [
"services_unbound_acls.php*"
]
},
"page-services-dnsresolver-editacls": {
"name": "WebCfg - Services: DNS Resolver: Access Lists: Edit page",
"descr": "Allow access to the 'Services: DNS Resolver: Access Lists: Edit' page.",
"match": [
"services_unbound_acls_edit.php*"
]
},
"page-services-dnsresolver-advanced": {
"name": "WebCfg - Services: DNS Resolver: Advanced page",
"descr": "Allow access to the 'Services: DNS Resolver: Advanced' page.",
"match": [
"services_unbound_advanced.php*"
]
},
"page-services-dnsresolver-editdomainoverride": {
"name": "WebCfg - Services: DNS Resolver: Edit Domain Override page",
"descr": "Allow access to the 'Services: DNS Resolver: Edit Domain Override' page.",
"match": [
"services_unbound_domainoverride_edit.php*"
]
},
"page-services-dnsresolver-edithost": {
"name": "WebCfg - Services: DNS Resolver: Edit host page",
"descr": "Allow access to the 'Services: DNS Resolver: Edit host' page.",
"match": [
"services_unbound_host_edit.php*"
]
},
"page-services-dynamicdnsclient": {
"name": "WebCfg - Services: Dynamic DNS client page",
"descr": "Allow access to the 'Services: Dynamic DNS client' page.",
"match": [
"services_dyndns_edit.php*"
]
},
"page-services-dynamicdnsclients": {
"name": "WebCfg - Services: Dynamic DNS clients page",
"descr": "Allow access to the 'Services: Dynamic DNS clients' page.",
"match": [
"services_dyndns.php*"
]
},
"page-services-igmpproxy": {
"name": "WebCfg - Services: Igmpproxy page",
"descr": "Allow access to the 'Services: Igmpproxy' page.",
"match": [
"services_igmpproxy.php*"
]
},
"page-services-igmpproxy-edit": {
"name": "WebCfg - Services: Igmpproxy: Edit page",
"descr": "Allow access to the 'Services: Igmpproxy: Edit' page.",
"match": [
"services_igmpproxy_edit.php*"
]
},
"page-services-ntpd": {
"name": "WebCfg - Services: NTP",
"descr": "Allow access to the 'Services: NTP' page.",
"match": [
"services_ntpd.php*"
]
},
"page-services-rfc2136clients": {
"name": "WebCfg - Services: RFC 2136 clients page",
"descr": "Allow access to the 'Services: RFC 2136 clients' page.",
"match": [
"services_rfc2136.php*"
]
},
"page-services-router-advertisements": {
"name": "WebCfg - Services: Router advertisements page",
"descr": "Allow access to the 'Services: Router Advertisements' page.",
"match": [
"services_router_advertisements.php*"
]
},
"page-services-snmp": {
"name": "WebCfg - Services: SNMP page",
"descr": "Allow access to the 'Services: SNMP' page.",
"match": [
"services_snmp.php*"
]
},
"page-services-wakeonlan": {
"name": "WebCfg - Services: Wake on LAN page",
"descr": "Allow access to the 'Services: Wake on LAN' page.",
"match": [
"services_wol.php*"
]
},
"page-services-wakeonlan-edit": {
"name": "WebCfg - Services: Wake on LAN: Edit page",
"descr": "Allow access to the 'Services: Wake on LAN: Edit' page.",
"match": [
"services_wol_edit.php*"
]
},
"page-status-carp": {
"name": "WebCfg - Status: CARP page",
"descr": "Allow access to the 'Status: CARP' page.",
"match": [
"carp_status.php*"
]
},
"page-status-habackup": {
"name": "WebCfg - Status: HA backup page",
"descr": "Allow access to the 'Status: HA backup' page.",
"match": [
"status_habackup.php"
]
},
"page-status-dhcpleases": {
"name": "WebCfg - Status: DHCP leases page",
"descr": "Allow access to the 'Status: DHCP leases' page.",
"match": [
"status_dhcp_leases.php*"
]
},
"page-status-dhcpv6leases": {
"name": "WebCfg - Status: DHCPv6 leases page",
"descr": "Allow access to the 'Status: DHCPv6 leases' page.",
"match": [
"status_dhcpv6_leases.php*"
]
},
"page-status-filterreloadstatus": {
"name": "WebCfg - Status: Filter Reload Status page",
"descr": "Allow access to the 'Status: Filter Reload Status' page.",
"match": [
"status_filter_reload.php*"
]
},
"page-status-gatewaygroups": {
"name": "WebCfg - Status: Gateway Groups page",
"descr": "Allow access to the 'Status: Gateway Groups' page.",
"match": [
"status_gateway_groups.php*"
]
},
"page-status-gateways": {
"name": "WebCfg - Status: Gateways page",
"descr": "Allow access to the 'Status: Gateways' page.",
"match": [
"status_gateways.php*"
]
},
"page-status-interfaces": {
"name": "WebCfg - Status: Interfaces page",
"descr": "Allow access to the 'Status: Interfaces' page.",
"match": [
"status_interfaces.php*"
]
},
"page-status-ipsec": {
"name": "WebCfg - Status: IPsec page",
"descr": "Allow access to the 'Status: IPsec' page.",
"match": [
"diag_ipsec.php*"
]
},
"page-status-ipsec-leases": {
"name": "WebCfg - Status: IPsec: Leasespage",
"descr": "Allow access to the 'Status: IPsec: Leases' page.",
"match": [
"diag_ipsec_leases.php*"
]
},
"page-status-ipsec-sad": {
"name": "WebCfg - Status: IPsec: SAD page",
"descr": "Allow access to the 'Status: IPsec: SAD' page.",
"match": [
"diag_ipsec_sad.php*"
]
},
"page-status-ipsec-spd": {
"name": "WebCfg - Status: IPsec: SPD page",
"descr": "Allow access to the 'Status: IPsec: SPD' page.",
"match": [
"diag_ipsec_spd.php*"
]
},
"page-services-ntp-gps": {
"name": "WebCfg - Status: NTP GPS page",
"descr": "Allow access to the 'Status: NTP Serial GPS' page.",
"match": [
"status_ntpd_gps.php*"
]
},
"page-status-ntp": {
"name": "WebCfg - Status: NTP page",
"descr": "Allow access to the 'Status: NTP' page.",
"match": [
"status_ntpd.php*"
]
},
"page-services-ntp-pps": {
"name": "WebCfg - Status: NTP PPS page",
"descr": "Allow access to the 'Status: NTP PPS' page.",
"match": [
"status_ntpd_pps.php*"
]
},
"page-status-openvpn": {
"name": "WebCfg - Status: OpenVPN page",
"descr": "Allow access to the 'Status: OpenVPN' page.",
"match": [
"status_openvpn.php*"
]
},
"page-status-services": {
"name": "WebCfg - Status: Services page",
"descr": "Allow access to the 'Status: Services' page.",
"match": [
"status_services.php*"
]
},
"page-status-systemlogs-portalauth": {
"name": "WebCfg - Status: System logs: Captive portal page",
"descr": "Allow access to the 'Status: System logs: Captive portal' page.",
"match": [
"diag_logs_auth.php*"
]
},
"page-status-systemlogs-ipsecvpn": {
"name": "WebCfg - Status: System logs: IPsec VPN page",
"descr": "Allow access to the 'Status: System logs: IPsec VPN' page.",
"match": [
"diag_logs_ipsec.php*"
]
},
"page-status-systemlogs-ppp": {
"name": "WebCfg - Status: System logs: IPsec VPN page",
"descr": "Allow access to the 'Status: System logs: IPsec VPN' page.",
"match": [
"diag_logs_ppp.php*"
]
},
"page-status-systemlogs-ntpd": {
"name": "WebCfg - Status: System logs: NTP page",
"descr": "Allow access to the 'Status: System logs: NTP' page.",
"match": [
"diag_logs_ntpd.php*"
]
},
"page-status-systemlogs-openvpn": {
"name": "WebCfg - Status: System logs: OpenVPN page",
"descr": "Allow access to the 'Status: System logs: OpenVPN' page.",
"match": [
"diag_logs_openvpn.php*"
]
},
"page-status-systemlogs-routing": {
"name": "WebCfg - Status: System logs: Routing page",
"descr": "Allow access to the 'Status: System logs: System: Routing' page.",
"match": [
"diag_logs_routing.php*"
]
},
"page-status-systemlogs-wireless": {
"name": "WebCfg - Status: System logs: Wireless page",
"descr": "Allow access to the 'Status: System logs: System: Wireless' page.",
"match": [
"diag_logs_wireless.php*"
]
},
"page-status-trafficgraph": {
"name": "WebCfg - Status: Traffic Graph page",
"descr": "Allow access to the 'Status: Traffic Graph' page.",
"match": [
"status_graph.php*"
]
},
"page-diagnostics-wirelessstatus": {
"name": "WebCfg - Status: Wireless page",
"descr": "Allow access to the 'Status: Wireless' page.",
"match": [
"status_wireless.php*"
]
},
"page-system-advanced-admin": {
"name": "WebCfg - System: Advanced: Admin Access Page",
"descr": "Allow access to the 'System: Advanced: Admin Access' page.",
"match": [
"system_advanced_admin.php*"
]
},
"page-system-advanced-firewall": {
"name": "WebCfg - System: Advanced: Firewall and NAT page",
"descr": "Allow access to the 'System: Advanced: Firewall and NAT' page.",
"match": [
"system_advanced_firewall.php*"
]
},
"page-system-advanced-misc": {
"name": "WebCfg - System: Advanced: Miscellaneous page",
"descr": "Allow access to the 'System: Advanced: Miscellaneous' page.",
"match": [
"system_advanced_misc.php*"
]
},
"page-system-advanced-network": {
"name": "WebCfg - System: Advanced: Network page",
"descr": "Allow access to the 'System: Advanced: Networking' page.",
"match": [
"system_advanced_network.php*"
]
},
"page-system-advanced-notifications": {
"name": "WebCfg - System: Advanced: Notifications page",
"descr": "Allow access to the 'System: Advanced: Notifications' page.",
"match": [
"system_advanced_notifications.php*"
]
},
"page-system-advanced-sysctl": {
"name": "WebCfg - System: Advanced: Tunables page",
"descr": "Allow access to the 'System: Advanced: Tunables' page.",
"match": [
"system_advanced_sysctl.php*"
]
},
"page-system-authservers": {
"name": "WebCfg - System: Authentication Servers",
"descr": "Allow access to the 'System: Authentication Servers' page.",
"match": [
"system_authservers.php*"
]
},
"page-system-camanager": {
"name": "WebCfg - System: CA Manager",
"descr": "Allow access to the 'System: CA Manager' page.",
"match": [
"system_camanager.php*"
]
},
"page-system-certmanager": {
"name": "WebCfg - System: Certificate Manager",
"descr": "Allow access to the 'System: Certificate Manager' page.",
"match": [
"system_certmanager.php*"
]
},
"page-system-crlmanager": {
"name": "WebCfg - System: CRL Manager",
"descr": "Allow access to the 'System: CRL Manager' page.",
"match": [
"system_crlmanager.php*"
]
},
"page-system-firmware-autoupdate": {
"name": "WebCfg - System: Firmware: Auto Update page",
"descr": "Allow access to the 'System: Firmware: Auto Update' page.",
"match": [
"ui/core/firmware/*",
"api/core/firmware/*"
]
},
"page-system-firmware-manualupdate": {
"name": "WebCfg - System: Firmware: Manual Update page",
"descr": "Allow access to the 'System: Firmware: Manual Update' page.",
"match": [
"ui/core/firmware/*",
"api/core/firmware/*"
]
},
"page-system-gatewaygroups": {
"name": "WebCfg - System: Gateway Groups page",
"descr": "Allow access to the 'System: Gateway Groups' page.",
"match": [
"system_gateway_groups.php*"
]
},
"page-system-gateways": {
"name": "WebCfg - System: Gateways page",
"descr": "Allow access to the 'System: Gateways' page.",
"match": [
"system_gateways.php*"
]
},
"page-system-gateways-editgatewaygroups": {
"name": "WebCfg - System: Gateways: Edit Gateway Groups page",
"descr": "Allow access to the 'System: Gateways: Edit Gateway Groups' page.",
"match": [
"system_gateway_groups_edit.php*"
]
},
"page-system-gateways-editgateway": {
"name": "WebCfg - System: Gateways: Edit Gateway page",
"descr": "Allow access to the 'System: Gateways: Edit Gateway' page.",
"match": [
"system_gateways_edit.php*"
]
},
"page-system-generalsetup": {
"name": "WebCfg - System: General Setup page",
"descr": "Allow access to the 'System: General Setup' page.",
"match": [
"system_general.php*"
]
},
"page-system-groupmanager": {
"name": "WebCfg - System: Group manager page",
"descr": "Allow access to the 'System: Group manager' page.",
"match": [
"system_groupmanager.php*"
]
},
"page-system-groupmanager-addprivs": {
"name": "WebCfg - System: Group Manager: Add Privileges page",
"descr": "Allow access to the 'System: Group Manager: Add Privileges' page.",
"match": [
"system_usermanager_addprivs.php?group*"
]
},
"page-system-hasync": {
"name": "WebCfg - System: High Availability",
"descr": "Allow access to the 'System: High Availability' page.",
"match": [
"system_hasync.php*"
]
},
"page-system-license": {
"name": "WebCfg - System: License page",
"descr": "Allow access to the 'System: License' page.",
"match": [
"license.php*"
]
},
"page-system-staticroutes": {
"name": "WebCfg - System: Static Routes page",
"descr": "Allow access to the 'System: Static Routes' page.",
"match": [
"system_routes.php*"
]
},
"page-system-staticroutes-editroute": {
"name": "WebCfg - System: Static Routes: Edit route page",
"descr": "Allow access to the 'System: Static Routes: Edit route' page.",
"match": [
"system_routes_edit.php*"
]
},
"page-system-usermanager": {
"name": "WebCfg - System: User Manager page",
"descr": "Allow access to the 'System: User Manager' page.",
"match": [
"system_usermanager.php*",
"system_usermanager_import_ldap.php*"
]
},
"page-system-usermanager-addprivs": {
"name": "WebCfg - System: User Manager: Add Privileges page",
"descr": "Allow access to the 'System: User Manager: Add Privileges' page.",
"match": [
"system_usermanager_addprivs.php?user*"
]
},
"page-system-usermanager-settings": {
"name": "WebCfg - System: User Manager: settings page",
"descr": "Allow access to the 'System: User Manager: settings' page.",
"match": [
"system_usermanager_settings.php*"
]
},
"page-system-usermanager-settings-testldap": {
"name": "WebCfg - System: User Manager: Settings: Test LDAP page",
"descr": "Allow access to the 'System: User Manager: Settings: Test LDAP' page.",
"match": [
"system_usermanager_settings_test.php*"
]
},
"page-system-usermanager-passwordmg": {
"name": "WebCfg - System: User Password Manager page",
"descr": "Allow access to the 'System: User Password Manager' page.",
"match": [
"system_usermanager_passwordmg.php*"
]
},
"page-vpn-ipsec": {
"name": "WebCfg - VPN: IPsec page",
"descr": "Allow access to the 'VPN: IPsec' page.",
"match": [
"vpn_ipsec.php*"
]
},
"page-vpn-ipsec-editphase1": {
"name": "WebCfg - VPN: IPsec: Edit Phase 1 page",
"descr": "Allow access to the 'VPN: IPsec: Edit Phase 1' page.",
"match": [
"vpn_ipsec_phase1.php*"
]
},
"page-vpn-ipsec-editphase2": {
"name": "WebCfg - VPN: IPsec: Edit Phase 2 page",
"descr": "Allow access to the 'VPN: IPsec: Edit Phase 2' page.",
"match": [
"vpn_ipsec_phase2.php*"
]
},
"page-vpn-ipsec-editkeys": {
"name": "WebCfg - VPN: IPsec: Edit Pre-Shared Keys",
"descr": "Allow access to the 'VPN: IPsec: Edit Pre-Shared Keys' page.",
"match": [
"vpn_ipsec_keys_edit.php*"
]
},
"page-vpn-ipsec-mobile": {
"name": "WebCfg - VPN: IPsec: Mobile page",
"descr": "Allow access to the 'VPN: IPsec: Mobile' page.",
"match": [
"vpn_ipsec_mobile.php*"
]
},
"page-vpn-ipsec-listkeys": {
"name": "WebCfg - VPN: IPsec: Pre-Shared Keys List",
"descr": "Allow access to the 'VPN: IPsec: Pre-Shared Keys List' page.",
"match": [
"vpn_ipsec_keys.php*"
]
},
"page-openvpn-client-export": {
"name": "WebCfg - VPN: OpenVPN: Client Export Utility",
"descr": "Allow access to the 'VPN: OpenVPN: Client Export Utility' page.",
"match": [
"vpn_openvpn_export.php*"
]
},
"page-openvpn-client": {
"name": "WebCfg - VPN: OpenVPN: Client page",
"descr": "Allow access to the 'VPN: OpenVPN: Client' page.",
"match": [
"vpn_openvpn_client.php*"
]
},
"page-openvpn-csc": {
"name": "WebCfg - VPN: OpenVPN: Client Specific Override page",
"descr": "Allow access to the 'VPN: OpenVPN: Client Specific Override' page.",
"match": [
"vpn_openvpn_csc.php*"
]
},
"page-openvpn-server": {
"name": "WebCfg - VPN: OpenVPN: Server page",
"descr": "Allow access to the 'VPN: OpenVPN: Server' page.",
"match": [
"vpn_openvpn_server.php*"
]
},
"page-xmlrpclibrary": {
"name": "WebCfg - XMLRPC Library page",
"descr": "Allow access to the 'XMLRPC Library' page.",
"match": [
"xmlrpc.php*"
]
} }
} }
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-system-cron> <page-system-cron>
<name>WebCfg - System: Settings: Cron page</name> <name>System: Settings: Cron</name>
<description>Allow access to the 'System: Settings: Cron' page.</description>
<patterns> <patterns>
<pattern>ui/cron/*</pattern> <pattern>ui/cron/*</pattern>
<pattern>api/cron/*</pattern> <pattern>api/cron/*</pattern>
......
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-diagnostics-arptable> <page-diagnostics-arptable>
<name>WebCfg - Diagnostics: ARP Table page</name> <name>Diagnostics: ARP Table</name>
<description>Allow access to the 'Diagnostics: ARP Table' page.</description>
<patterns> <patterns>
<pattern>ui/diagnostics/interface/arp/*</pattern> <pattern>ui/diagnostics/interface/arp/*</pattern>
<pattern>api/diagnostics/interface/getArp*</pattern> <pattern>api/diagnostics/interface/getArp*</pattern>
</patterns> </patterns>
</page-diagnostics-arptable> </page-diagnostics-arptable>
<page-diagnostics-ndptable> <page-diagnostics-ndptable>
<name>Webcfg - Diagnostics: NDP Table page</name> <name>Diagnostics: NDP Table</name>
<description>Allow access to the 'Diagnostics: NDP Table' page.</description>
<patterns> <patterns>
<pattern>ui/diagnostics/interface/ndp/*</pattern> <pattern>ui/diagnostics/interface/ndp/*</pattern>
<pattern>api/diagnostics/interface/getNdp*</pattern> <pattern>api/diagnostics/interface/getNdp*</pattern>
</patterns> </patterns>
</page-diagnostics-ndptable> </page-diagnostics-ndptable>
<page-diagnostics-routingtables> <page-diagnostics-routingtables>
<name>WebCfg - Diagnostics: Routing tables page</name> <name>Diagnostics: Routing tables</name>
<description>Allow access to the 'Diagnostics: Routing tables' page.</description>
<patterns> <patterns>
<pattern>ui/diagnostics/interface/routes/*</pattern> <pattern>ui/diagnostics/interface/routes/*</pattern>
<pattern>api/diagnostics/interface/getRoutes*</pattern> <pattern>api/diagnostics/interface/getRoutes*</pattern>
</patterns> </patterns>
</page-diagnostics-routingtables> </page-diagnostics-routingtables>
<page-diagnostics-system-activity> <page-diagnostics-system-activity>
<name>WebCfg - Diagnostics: System Activity</name> <name>Diagnostics: System Activity</name>
<description>Allows access to the 'Diagnostics: System Activity' page</description>
<patterns> <patterns>
<pattern>ui/diagnostics/activity/*</pattern> <pattern>ui/diagnostics/activity/*</pattern>
<pattern>api/diagnostics/activity/*</pattern> <pattern>api/diagnostics/activity/*</pattern>
</patterns> </patterns>
</page-diagnostics-system-activity> </page-diagnostics-system-activity>
<page-diagnostics-health> <page-diagnostics-health>
<name>WebCfg - Diagnostics: System Health</name> <name>Diagnostics: System Health</name>
<description>Allows access to the 'Diagnostics: System Health' page</description>
<patterns> <patterns>
<pattern>ui/diagnostics/systemhealth/*</pattern> <pattern>ui/diagnostics/systemhealth/*</pattern>
<pattern>api/diagnostics/systemhealth/*</pattern> <pattern>api/diagnostics/systemhealth/*</pattern>
...@@ -42,16 +36,14 @@ ...@@ -42,16 +36,14 @@
</patterns> </patterns>
</page-diagnostics-health> </page-diagnostics-health>
<page-diagnostics-networkinsight> <page-diagnostics-networkinsight>
<name>WebCfg - Diagnostics: Network Insight</name> <name>Diagnostics: Network Insight</name>
<description>Allows access to the 'Diagnostics: Network Insight' page</description>
<patterns> <patterns>
<pattern>ui/diagnostics/networkinsight/*</pattern> <pattern>ui/diagnostics/networkinsight/*</pattern>
<pattern>api/diagnostics/networkinsight/*</pattern> <pattern>api/diagnostics/networkinsight/*</pattern>
</patterns> </patterns>
</page-diagnostics-networkinsight> </page-diagnostics-networkinsight>
<page-diagnostics-netflow> <page-diagnostics-netflow>
<name>WebCfg - Diagnostics: Netflow configuration</name> <name>Diagnostics: Netflow configuration</name>
<description>Allows access to the Netflow configuration</description>
<patterns> <patterns>
<pattern>ui/diagnostics/netflow/*</pattern> <pattern>ui/diagnostics/netflow/*</pattern>
<pattern>api/diagnostics/netflow/*</pattern> <pattern>api/diagnostics/netflow/*</pattern>
......
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-services-ids> <page-services-ids>
<name>WebCfg - Services: Intrusion Detection page</name> <name>Services: Intrusion Detection</name>
<description>Allow access to the 'Services: Intrusion Detection' page.</description>
<patterns> <patterns>
<pattern>ui/ids/*</pattern> <pattern>ui/ids/*</pattern>
<pattern>api/ids/*</pattern> <pattern>api/ids/*</pattern>
......
<acl>
<page-services-igmpproxy>
<name>Services: IGMP Proxy</name>
<patterns>
<pattern>services_igmpproxy.php*</pattern>
</patterns>
</page-services-igmpproxy>
<page-services-igmpproxy-edit>
<name>Services: IGMP Proxy: Edit</name>
<patterns>
<pattern>services_igmpproxy_edit.php*</pattern>
</patterns>
</page-services-igmpproxy-edit>
</acl>
<menu>
<Services>
<IGMPProxy VisibleName="IGMP Proxy" url="/services_igmpproxy.php" cssClass="fa fa-map-signs fa-fw">
<Edit url="/services_igmpproxy_edit.php" visibility="hidden"/>
</IGMPProxy>
</Services>
</menu>
<acl>
<page-services-ntpd>
<name>Services: NTP</name>
<patterns>
<pattern>services_ntpd.php*</pattern>
</patterns>
</page-services-ntpd>
<page-services-ntp-gps>
<name>Status: NTP GPS</name>
<patterns>
<pattern>status_ntpd_gps.php*</pattern>
</patterns>
</page-services-ntp-gps>
<page-status-ntp>
<name>Status: NTP</name>
<patterns>
<pattern>status_ntpd.php*</pattern>
</patterns>
</page-status-ntp>
<page-services-ntp-pps>
<name>Status: NTP PPS</name>
<patterns>
<pattern>status_ntpd_pps.php*</pattern>
</patterns>
</page-services-ntp-pps>
<page-status-systemlogs-ntpd>
<name>Status: System logs: NTP</name>
<patterns>
<pattern>diag_logs_ntpd.php*</pattern>
</patterns>
</page-status-systemlogs-ntpd>
</acl>
<menu>
<Services>
<NTP VisibleName="Network Time" cssClass="fa fa-clock-o fa-fw">
<General order="10" url="/services_ntpd.php"/>
<GPS order="20" url="/services_ntpd_gps.php"/>
<PPS order="30" url="/services_ntpd_pps.php"/>
<Status order="40" url="/status_ntpd.php"/>
<Log order="50" VisibleName="Log File" url="/diag_logs_ntpd.php"/>
</NTP>
</Services>
</menu>
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-services-proxy> <page-services-proxy>
<name>WebCfg - Services: Proxy page</name> <name>Services: Proxy</name>
<description>Allow access to the 'Services: Proxy' page.</description>
<patterns> <patterns>
<pattern>ui/proxy/*</pattern> <pattern>ui/proxy/*</pattern>
<pattern>api/proxy/*</pattern> <pattern>api/proxy/*</pattern>
......
<acl> <acl>
<page-services-loadbalancer-monitor-edit> <page-services-loadbalancer-monitor-edit>
<name>WebCfg - Services: Load Balancer: Monitor: Edit page</name> <name>Services: Load Balancer: Monitor: Edit</name>
<description>Allow access to the 'Services: Load Balancer: Monitor: Edit' page.</description>
<patterns> <patterns>
<pattern>load_balancer_monitor_edit.php*</pattern> <pattern>load_balancer_monitor_edit.php*</pattern>
</patterns> </patterns>
</page-services-loadbalancer-monitor-edit> </page-services-loadbalancer-monitor-edit>
<page-services-loadbalancer-monitor> <page-services-loadbalancer-monitor>
<name>WebCfg - Services: Load Balancer: Monitors page</name> <name>Services: Load Balancer: Monitors</name>
<description>Allow access to the 'Services: Load Balancer: Monitors' page.</description>
<patterns> <patterns>
<pattern>load_balancer_monitor.php*</pattern> <pattern>load_balancer_monitor.php*</pattern>
</patterns> </patterns>
</page-services-loadbalancer-monitor> </page-services-loadbalancer-monitor>
<page-services-loadbalancer-setting> <page-services-loadbalancer-setting>
<name>WebCfg - Services: Load Balancer: setting page</name> <name>Services: Load Balancer: setting</name>
<description>Allow access to the 'Settings: Load Balancer: Settings' page.</description>
<patterns> <patterns>
<pattern>load_balancer_setting.php*</pattern> <pattern>load_balancer_setting.php*</pattern>
</patterns> </patterns>
</page-services-loadbalancer-setting> </page-services-loadbalancer-setting>
<page-services-loadbalancer-virtualservers> <page-services-loadbalancer-virtualservers>
<name>WebCfg - Services: Load Balancer: Virtual Servers page</name> <name>Services: Load Balancer: Virtual Servers</name>
<description>Allow access to the 'Services: Load Balancer: Virtual Servers' page.</description>
<patterns> <patterns>
<pattern>load_balancer_virtual_server.php*</pattern> <pattern>load_balancer_virtual_server.php*</pattern>
</patterns> </patterns>
</page-services-loadbalancer-virtualservers> </page-services-loadbalancer-virtualservers>
<page-status-loadbalancer-pool> <page-status-loadbalancer-pool>
<name>WebCfg - Status: Load Balancer: Pool page</name> <name>Status: Load Balancer: Pool</name>
<description>Allow access to the 'Status: Load Balancer: Pool' page.</description>
<patterns> <patterns>
<pattern>status_lb_pool.php*</pattern> <pattern>status_lb_pool.php*</pattern>
</patterns> </patterns>
</page-status-loadbalancer-pool> </page-status-loadbalancer-pool>
<page-status-loadbalancer-virtualserver> <page-status-loadbalancer-virtualserver>
<name>WebCfg - Status: Load Balancer: Virtual Server page</name> <name>Status: Load Balancer: Virtual Server</name>
<description>Allow access to the 'Status: Load Balancer: Virtual Server' page.</description>
<patterns> <patterns>
<pattern>status_lb_vs.php*</pattern> <pattern>status_lb_vs.php*</pattern>
</patterns> </patterns>
</page-status-loadbalancer-virtualserver> </page-status-loadbalancer-virtualserver>
<page-status-systemlogs-loadbalancer> <page-status-systemlogs-loadbalancer>
<name>WebCfg - Status: System logs: Load Balancer page</name> <name>Status: System logs: Load Balancer</name>
<description>Allow access to the 'Status: System logs: Load Balancer' page.</description>
<patterns> <patterns>
<pattern>diag_logs_relayd.php*</pattern> <pattern>diag_logs_relayd.php*</pattern>
</patterns> </patterns>
</page-status-systemlogs-loadbalancer> </page-status-systemlogs-loadbalancer>
<page-loadbalancer-pool> <page-loadbalancer-pool>
<name>WebCfg - Load Balancer: Pool page</name> <name>Load Balancer: Pool</name>
<description>Allow access to the 'Load Balancer: Pool' page.</description>
<patterns> <patterns>
<pattern>load_balancer_pool.php*</pattern> <pattern>load_balancer_pool.php*</pattern>
</patterns> </patterns>
</page-loadbalancer-pool> </page-loadbalancer-pool>
<page-loadbalancer-pool-edit> <page-loadbalancer-pool-edit>
<name>WebCfg - Load Balancer: Pool: Edit page</name> <name>Load Balancer: Pool: Edit</name>
<description>Allow access to the 'Load Balancer: Pool: Edit' page.</description>
<patterns> <patterns>
<pattern>load_balancer_pool_edit.php*</pattern> <pattern>load_balancer_pool_edit.php*</pattern>
</patterns> </patterns>
</page-loadbalancer-pool-edit> </page-loadbalancer-pool-edit>
<page-loadbalancer-virtualserver-edit> <page-loadbalancer-virtualserver-edit>
<name>WebCfg - Load Balancer: Virtual Server: Edit page</name> <name>Load Balancer: Virtual Server: Edit</name>
<description>Allow access to the 'Load Balancer: Virtual Server: Edit' page.</description>
<patterns> <patterns>
<pattern>load_balancer_virtual_server_edit.php*</pattern> <pattern>load_balancer_virtual_server_edit.php*</pattern>
</patterns> </patterns>
......
<acl>
<page-services-snmp>
<name>Services: SNMP</name>
<patterns>
<pattern>services_snmp.php*</pattern>
</patterns>
</page-services-snmp>
</acl>
<menu>
<Services>
<SNMP url="/services_snmp.php" cssClass="fa fa-database fa-fw"/>
</Services>
</menu>
<acl> <acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-firewall-trafficshaper> <page-firewall-trafficshaper>
<name>WebCfg - Firewall: Traffic Shaper page</name> <name>Firewall: Traffic Shaper</name>
<description>Allow access to the 'Firewall: Traffic Shaper' page.</description>
<patterns> <patterns>
<pattern>ui/trafficshaper/*</pattern> <pattern>ui/trafficshaper/*</pattern>
<pattern>api/trafficshaper/*</pattern> <pattern>api/trafficshaper/*</pattern>
......
<acl> <acl>
<page-service-upnp> <page-service-upnp>
<name>WebCfg - Service: Universal Plug and Play page</name> <name>Service: Universal Plug and Play</name>
<description>Allow access to the 'Service: Universal Plug and Play' page.</description>
<patterns> <patterns>
<pattern>services_upnp.php*</pattern> <pattern>services_upnp.php*</pattern>
</patterns> </patterns>
</page-service-upnp> </page-service-upnp>
<page-status-upnpstatus> <page-status-upnpstatus>
<name>WebCfg - Status: Universal Plug and Play page</name> <name>Status: Universal Plug and Play</name>
<description>Allow access to the 'Status: Universal Plug and Play' page.</description>
<patterns> <patterns>
<pattern>status_upnp.php*</pattern> <pattern>status_upnp.php*</pattern>
</patterns> </patterns>
......
<acl>
<page-services-wakeonlan>
<name>Services: Wake on LAN</name>
<patterns>
<pattern>services_wol.php*</pattern>
</patterns>
</page-services-wakeonlan>
<page-services-wakeonlan-edit>
<name>Services: Wake on LAN: Edit</name>
<patterns>
<pattern>services_wol_edit.php*</pattern>
</patterns>
</page-services-wakeonlan-edit>
</acl>
<menu>
<Services>
<WoL VisibleName="Wake on LAN" url="/services_wol.php" cssClass="fa fa-power-off fa-fw">
<WoLEdit url="/services_wol_edit.php*" visibility="hidden"/>
<Wol url="/services_wol.php*" visibility="hidden"/>
</WoL>
</Services>
</menu>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment