From 82d1aa37aae03a78b0b90343a9bac93850e50884 Mon Sep 17 00:00:00 2001 From: CyberMind-FR Date: Tue, 6 Jan 2026 20:26:01 +0100 Subject: [PATCH] fix: Add ACL permissions for firewall bouncer RPC methods MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added missing RPCD ACL permissions for the new firewall bouncer management methods to resolve "Access denied" errors. ACL Changes: - Added read permissions: * firewall_bouncer_status - Get service and nftables status * firewall_bouncer_config - Read UCI configuration * nftables_stats - Get blocked IPs and rules statistics - Added write permissions: * control_firewall_bouncer - Start/stop/restart/enable/disable service * update_firewall_bouncer_config - Modify UCI settings These permissions allow the bouncers page to fully manage the firewall bouncer service through the LuCI web interface. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 --- .../share/rpcd/acl.d/luci-app-crowdsec-dashboard.json | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/package/secubox/luci-app-crowdsec-dashboard/root/usr/share/rpcd/acl.d/luci-app-crowdsec-dashboard.json b/package/secubox/luci-app-crowdsec-dashboard/root/usr/share/rpcd/acl.d/luci-app-crowdsec-dashboard.json index b1027d73..a91f6d40 100644 --- a/package/secubox/luci-app-crowdsec-dashboard/root/usr/share/rpcd/acl.d/luci-app-crowdsec-dashboard.json +++ b/package/secubox/luci-app-crowdsec-dashboard/root/usr/share/rpcd/acl.d/luci-app-crowdsec-dashboard.json @@ -15,7 +15,10 @@ "seccubox_logs", "waf_status", "metrics_config", - "collections" + "collections", + "firewall_bouncer_status", + "firewall_bouncer_config", + "nftables_stats" ], "file": [ "read", "stat" ] }, @@ -32,7 +35,9 @@ "remove_collection", "update_hub", "register_bouncer", - "delete_bouncer" + "delete_bouncer", + "control_firewall_bouncer", + "update_firewall_bouncer_config" ] }, "uci": [ "crowdsec-dashboard" ]