add allowed scripts for group suggestions

(cherry picked from commit bdb7c5fd427bf5040ae9a079f71964a0aab72852)

3 files changed, 3 insertions, 0 deletions

diff --git a/templates/reset/firewall/group/address-group/node.tag/node.def b/templates/reset/firewall/group/address-group/node.tag/node.def
index e6ab418..0853c8f 100644
--- a/templates/reset/firewall/group/address-group/node.tag/node.def
+++ b/templates/reset/firewall/group/address-group/node.tag/node.def
@@ -1,2 +1,3 @@
 help: reset a firewall group 
+allowed: /opt/vyatta/sbin/vyatta-ipset.pl --action="show-address-groups"
 run: /opt/vyatta/bin/sudo-users/vyatta-ipset.pl --action=reset-set --set-name=$5 --set-type="address"
diff --git a/templates/reset/firewall/group/network-group/node.tag/node.def b/templates/reset/firewall/group/network-group/node.tag/node.def
index deead22..349a8a6 100644
--- a/templates/reset/firewall/group/network-group/node.tag/node.def
+++ b/templates/reset/firewall/group/network-group/node.tag/node.def
@@ -1,2 +1,3 @@
 help: reset a firewall group 
+allowed: /opt/vyatta/sbin/vyatta-ipset.pl --action="show-network-groups"
 run: /opt/vyatta/bin/sudo-users/vyatta-ipset.pl --action=reset-set --set-name=$5 --set-type="network"
diff --git a/templates/reset/firewall/group/port-group/node.tag/node.def b/templates/reset/firewall/group/port-group/node.tag/node.def
index f2b06c7..cbbbc42 100644
--- a/templates/reset/firewall/group/port-group/node.tag/node.def
+++ b/templates/reset/firewall/group/port-group/node.tag/node.def
@@ -1,2 +1,3 @@
 help: reset a firewall group 
+allowed: /opt/vyatta/sbin/vyatta-ipset.pl --action="show-port-groups"
 run: /opt/vyatta/bin/sudo-users/vyatta-ipset.pl --action=reset-set --set-name=$5 --set-type="port"