Hi All, I would need some suggestions from you. Currently I am setting up OpenBSD Firewall using PF at my working place. However, some of my colleagues are not so familiar with the OpenBSD and we would like to take turn to do that. I have the intention that I would like to limit the usage and access the root account.
I have intention to give them the 'more than enough' access for them to do daily administrative tasks as firewall admin like: 1.View/Configure IP Address, Subnet of network interface,VLAN and CARP 2.View/Configure default gateway and static route 3.View/Change the entry of DNS Server IP 4.Configure Syslog 5.Add/Remove PF rule 6.Backup/Restore 8.Viewing traffic using tcpdump Is that possible to make some CLI Menu which will appear to the fw admin after the login as long as they can do their job. Example: OpenBSD/i386 login:bob password:xxxxxxxx Please select the task below: 1>View/Configure IP Address, Subnet of network interface,VLAN and CARP 2>View/Configure default gateway and static route 3>View/Change the entry of DNS Server IP 4>Configure Syslog 5>Add/Remove PF rule 6>Backup/Restore 7>Viewing traffic using tcpdump 8>Logout Or is there a better way to limit the usage and access of root account by fw admin? My intention is: I would like to give enough access for the fw admin to do their job using a simple way. Thank you in advance. Regards, Stefan
