Re: [pfSense-discussion] Restricted viewing...
http://www.loganalysis.org/ For all your log analysis needs. -- http://www.lightconsulting.com/~travis/ -- We already have enough fast, insecure systems. -- Schneier Ferguson GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
Re: [pfSense-discussion] Restricted viewing...
On 10/28/05, Scott Ullrich [EMAIL PROTECTED] wrote: On 10/28/05, Kim C. Callis [EMAIL PROTECTED] wrote: I have a client that want to be able to view graphs and other general reports. Is there a way to make a strictly report based web interface, which will allow some to see things like state tables, dhcp leases, graphs, and other reports, but no ability to make any changes to any features or rules? Sure its possible. Are we planning to do this soon? Not on the list. It's on my list of TODO's, but it's below multiple user accounts and much farther down the list than some of the other enterprise features I'd personally like to add. We'll get there, but it's going to be slow going - and adding a permissions system into what's approximately 120 PHP files is going to be a large task. --Bill
RE: [pfSense-discussion] Restricted viewing...
On 10/28/05, Scott Ullrich [EMAIL PROTECTED] wrote: On 10/28/05, Kim C. Callis [EMAIL PROTECTED] wrote: I have a client that want to be able to view graphs and other general reports. Is there a way to make a strictly report based web interface, which will allow some to see things like state tables, dhcp leases, graphs, and other reports, but no ability to make any changes to any features or rules? Sure its possible. Are we planning to do this soon? Not on the list It's on my list of TODO's, but it's below multiple user accounts and much farther down the list than some of the other enterprise features I'd personally like to add. We'll get there, but it's going to be slow going - and adding a permissions system into what's approximately 120 PHP files is going to be a large task. --Bill It sounds like remote syslog would be your best option. Then you could parse the logs however you wanted. There are also open source tools and commercial tools to do that; you just need to look for them. Maybe start out on freshmeat.net or some place like that.
Re: [pfSense-discussion] Restricted viewing...
Scott Ullrich wrote: Sure its possible. Are we planning to do this soon? Not on the list. I'd also vote for pushing this far behind. Perhaps somebody has got an idea how to get a per-customer user-interface implemented so that the individual customers can view AND edit their own rules. I.E. to designate vlan20, vlan21 and vlan22 to customer Mr X and let him work out the rules. Everything else can be dealt with other means (I plan to syslog to another server and try to collect the data in Prelude (http://www.prelude-ids.org) and IMO no developer-minute should be wasted on this matter otherwhise. cheers, Rainer
Re: [pfSense-discussion] Restricted viewing...
On 10/28/05, Rainer Duffner [EMAIL PROTECTED] wrote: Scott Ullrich wrote: Sure its possible. Are we planning to do this soon? Not on the list. I'd also vote for pushing this far behind. Perhaps somebody has got an idea how to get a per-customer user-interface implemented so that the individual customers can view AND edit their own rules. I.E. to designate vlan20, vlan21 and vlan22 to customer Mr X and let him work out the rules. Yes, this is on my plate. One of my work locations is an ISP who really wants these features. Scott