Firewall: NAT: Source NAT - cleanup model (serializeToConfig) for https://github.com/opnsense/core/pull/10373
When calling serializeToConfig() we should be able to trust the data as validation has already taken place.
The only downside here is that when changing the mode, other validations might trigger which are not shown by the gui because this attribute is persisted using the regular setAction, which might be solvable by limiting the "set" scope here.
core/ACL - uniform "user-config-readonly" trap to avoid repeating a similar pattern in multiple components.
When needed, a developer can just add a call to throwReadOnly() when an operation is deemed to modify the configuration and should be prohibited due to the read-only flag set.
Firewall: NAT: Source NAT - simplify /api/firewall/source_nat/search_rule for https://github.com/opnsense/core/pull/10373
While reviewing this code, I noticed the FilterController could by simplified a bit as well when it comes to extracting model records, so make sure we use the same strategy in both.
All rules follow the same logic now and we only have to parse the record set once to filter and update it.
Interfaces: Assignments - refactor to MVC for https://github.com/opnsense/core/issues/9945
In order to migrate the interface assignments, we need to think of a way to use the differently named xml nodes for interfaces (wan, lan, ..) into something that closely resembles a standard model implementation.
Since we can't match these nodes in our statically defined model xmls, the main idea is to flush all via an in-memory model with a separate load [construct] and save hook [serializeToConfig].
The next challenge is to "stash" updates and wait for "apply" in certain cases, for this we add a temporary database holding the changes which are synced after the actual system change has happend (pending_action, pending_if). When succesfully applied, the apply function cleans up the final stage of the configuration to make everything consistent again.
This database is a simple single json encoded file named /tmp/.interfaces.todo
Hide the Outbound NAT menu item if mode is either automatic or disabled, or no rules node exists anymore in it. Move migration assistant out of Rules [legacy] so it doesn't disappear if no legacy rules exist anymore, now that it is also used for NAT migration.
Interfaces: Assignments - refactor to MVC for https://github.com/opnsense/core/issues/9945
In order to migrate the interface assignments, we need to think of a way to use the differently named xml nodes for interfaces (wan, lan, ..) into something that closely resembles a standard model implementation.
Since we can't match these nodes in our statically defined model xmls, the main idea is to flush all via an in-memory model with a separate load [construct] and save hook [serializeToConfig].
The next challenge is to "stash" updates and wait for "apply" in certain cases, for this we add a temporary database holding the changes which are synced after the actual system change has happend (pending_action, pending_if). When succesfully applied, the apply function cleans up the final stage of the configuration to make everything consistent again.
This database is a simple single json encoded file named /tmp/.interfaces.todo
Interfaces: Assignments - refactor to MVC for https://github.com/opnsense/core/issues/9945
In order to migrate the interface assignments, we need to think of a way to use the differently named xml nodes for interfaces (wan, lan, ..) into something that closely resembles a standard model implementation.
Since we can't match these nodes in our statically defined model xmls, the main idea is to flush all via an in-memory model with a separate load [construct] and save hook [serializeToConfig].
The next challenge is to "stash" updates and wait for "apply" in certain cases, for this we add a temporary database holding the changes which are synced after the actual system change has happend (pending_action, pending_if). When succesfully applied, the apply function cleans up the final stage of the configuration to make everything consistent again.
This database is a simple single json encoded file named /tmp/.interfaces.todo
Interfaces: Assignments - refactor to MVC for https://github.com/opnsense/core/issues/9945
In order to migrate the interface assignments, we need to think of a way to use the differently named xml nodes for interfaces (wan, lan, ..) into something that closely resembles a standard model implementation.
Since we can't match these nodes in our statically defined model xmls, the main idea is to flush all via an in-memory model with a separate load [construct] and save hook [serializeToConfig].
The next challenge is to "stash" updates and wait for "apply" in certain cases, for this we add a temporary database holding the changes which are synced after the actual system change has happend (pending_action, pending_if). When succesfully applied, the apply function cleans up the final stage of the configuration to make everything consistent again.
This database is a simple single json encoded file named /tmp/.interfaces.todo
Interfaces: Assignments - work in progress for https://github.com/opnsense/core/issues/9945
In order to migrate the interface assignments, we need to think of a way to use the differently named xml nodes for interfaces (wan, lan, ..) into something that closely resembles a standard model implementation.
Since we can't match these nodes in our statically defined model xmls, the main idea is to flush all via an in-memory model with a separate load [construct] and save hook [serializeToConfig].
The next challenge is to "stash" updates and wait for "apply" in certain cases, for this we add a temporary database holding the changes which are synced after the actual system change has happend (pending_action, pending_if). When succesfully applied, the apply function cleans up the final stage of the configuration to make everything consistent again.
This database is a simple single json encoded file named /tmp/.interfaces.todo
