GUI for NAT
I assigned the below privilege for user operator. The user cannot view the NAT port forward ruleset
I tested it in deference pfsense version 2.0 - 2.3. Is it a bug in pfsense GUI? Please advise.
What version of pfsense is that from? Operator is not a valid username currently
Trying to duplicate your problem I get this
That username is reserved by the system.
I would suggest you run current version of pfsense and use a different username.
If still having issue then can take a look.
Yes you need to test in a current pfSense version. Preferably 2.4.3_1 but at least 2.3.5_2 if your hardware doesn't support 2.4.X.
I installed a new version 2.4.3 and created account tom for testing.
Version 2.4.3_1 have the same issue.
Webcfg - Firewall NAT : Port Forward (Edit)
It should work
We don´t want to grant edit priviliage for normal user/operator. Do you have other suggestions?
I'm also seeing this. Not adding the edit page does not actually stop some edits though. For example you can see the outbound NAT rules without have the webcfg edit enabled and you can remove outbound NAT rules.
To prevent that user having edit privilege add the
User - Config: Deny writeproperty.
That does apply globally though.
Confirmed here as well, I just opened https://redmine.pfsense.org/issues/8563 for it
Should be OK on the next snaps/release.
Thank you for all.