"Quote from: Patrick M. Hausen on April 08, 2026, 06:11:58 PMHave you tried disabling ntopng?I'm getting an error with Gateways and Interface Statistics -> Failed to load widget.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
25.7, 25.10 Series / Re: 25.10.1_2 Business SSH and WebUI hangs up on a Deciso Appliance
April 08, 2026, 06:44:29 PM #2
25.7, 25.10 Series / Re: 25.10.1_2 Business SSH and WebUI hangs up on a Deciso Appliance
April 08, 2026, 06:25:03 PMQuote from: Patrick M. Hausen on April 08, 2026, 06:11:58 PMHave you tried disabling ntopng?I'm trying this option right now.
Thanks.
#3
25.7, 25.10 Series / Re: BUSINESS Version 25.10 os-OPNWAF: Our professional apps require detailed rules
April 08, 2026, 06:09:15 PMQuote from: Monviech (Cedrik) on April 01, 2026, 11:30:14 AMWe're working on it.Thank you!
Have a nice day,
Cedrik
#4
25.7, 25.10 Series / 25.10.1_2 Business SSH and WebUI hangs up on a Deciso Appliance
April 08, 2026, 06:08:15 PM
Dear Community,
After two or three updates, I'm writing to say that I'm still having issues with the WebUI and even with an unresponsive SSH. We use the Business version of the system and typically a hardware appliance that is fully compatible with the system, since it is a Deciso/OPNSense product. 8 GB AMD EPYC 3101 4-core processor DEC3840 – OPNsense
top -aSH
last pid: 37524; load averages: 19.72, 22.81, 27.25 up 75+17:14:16 17:25:58
722 threads: 23 running, 677 sleeping, 22 waiting
CPU: 6.3% user, 0.0% nice, 93.6% system, 0.2% interrupt, 0.0% idle
Mem: 2338M Active, 3065M Inact, 504M Laundry, 971M Wired, 2058K Buf, 874M Free
ARC: 308M Total, 63M MFU, 136M MRU, 38M Anon, 2677K Header, 68M Other
144M Compressed, 480M Uncompressed, 3.34:1 Ratio
Swap: 8418M Total, 4243M Used, 4175M Free, 50% Inuse
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
28535 root 68 0 17M 2624K RUN 0 0:04 72.71% /sbin/ifconfig -m -v
24521 root 68 0 17M 2628K CPU2 2 0:04 57.40% /sbin/ifconfig -m -v
0 root -64 - 0B 1712K CPU3 3 526.4H 55.32% [kernel{if_igc3_tq}]
22164 root 68 0 17M 2624K RUN 1 0:03 42.03% /sbin/ifconfig -m -v
33088 root 94 0 17M 2624K RUN 3 0:02 40.91% /sbin/ifconfig -m -v
33192 root 68 0 17M 2612K CPU1 1 0:03 33.31% /sbin/ifconfig -m -v
36021 root 68 0 17M 2624K RUN 2 0:01 13.56% /sbin/ifconfig -m -v
61959 ntopng 32 0 716M 186M RUN 0 274.2H 4.84% /usr/local/bin/ntopng /usr/local/etc/ntopng.conf -U ntopng -G /var/run/ntopng/ntopng.pid -1 /usr/local/share/ntopng/httpdocs -2 /usr/local
370 root 68 0 246M 49M accept 1 1:19 0.28% /usr/local/bin/python3 /usr/local/opnsense/service/configd.py console (python3.11){python3.11}
This happens every time I stay on the dashboard for too long.
Is there a patch or another solution I can implement myself?
Thank you in advance
Regards,
Joel
After two or three updates, I'm writing to say that I'm still having issues with the WebUI and even with an unresponsive SSH. We use the Business version of the system and typically a hardware appliance that is fully compatible with the system, since it is a Deciso/OPNSense product. 8 GB AMD EPYC 3101 4-core processor DEC3840 – OPNsense
top -aSH
last pid: 37524; load averages: 19.72, 22.81, 27.25 up 75+17:14:16 17:25:58
722 threads: 23 running, 677 sleeping, 22 waiting
CPU: 6.3% user, 0.0% nice, 93.6% system, 0.2% interrupt, 0.0% idle
Mem: 2338M Active, 3065M Inact, 504M Laundry, 971M Wired, 2058K Buf, 874M Free
ARC: 308M Total, 63M MFU, 136M MRU, 38M Anon, 2677K Header, 68M Other
144M Compressed, 480M Uncompressed, 3.34:1 Ratio
Swap: 8418M Total, 4243M Used, 4175M Free, 50% Inuse
PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
28535 root 68 0 17M 2624K RUN 0 0:04 72.71% /sbin/ifconfig -m -v
24521 root 68 0 17M 2628K CPU2 2 0:04 57.40% /sbin/ifconfig -m -v
0 root -64 - 0B 1712K CPU3 3 526.4H 55.32% [kernel{if_igc3_tq}]
22164 root 68 0 17M 2624K RUN 1 0:03 42.03% /sbin/ifconfig -m -v
33088 root 94 0 17M 2624K RUN 3 0:02 40.91% /sbin/ifconfig -m -v
33192 root 68 0 17M 2612K CPU1 1 0:03 33.31% /sbin/ifconfig -m -v
36021 root 68 0 17M 2624K RUN 2 0:01 13.56% /sbin/ifconfig -m -v
61959 ntopng 32 0 716M 186M RUN 0 274.2H 4.84% /usr/local/bin/ntopng /usr/local/etc/ntopng.conf -U ntopng -G /var/run/ntopng/ntopng.pid -1 /usr/local/share/ntopng/httpdocs -2 /usr/local
370 root 68 0 246M 49M accept 1 1:19 0.28% /usr/local/bin/python3 /usr/local/opnsense/service/configd.py console (python3.11){python3.11}
This happens every time I stay on the dashboard for too long.
Is there a patch or another solution I can implement myself?
Thank you in advance
Regards,
Joel
#5
25.7, 25.10 Series / Re: BUSINESS Version 25.10 os-OPNWAF: Our professional apps require detailed rules
April 01, 2026, 08:42:26 AMQuote from: Monviech (Cedrik) on March 26, 2026, 12:00:42 PMYou have to include it before any other import with the same include optional statement.
e.g.
Include etc/apache24/modsecurity.conf
IncludeOptional etc/apache24/afolder/*.conf
IncludeOptional etc/apache24/modsecurity-crs/crs-exclusions.conf <--- this one is new in the upcoming version, just as heads up
IncludeOptional etc/apache24/modsecurity-crs/crs-setup.conf
IncludeOptional etc/apache24/modsecurity-crs/rules/*.conf
I wrote that Phase1 matching rules have to be before any other ruleset inclusion.
Thank you for your help.
I hope that we will get this feature in the next release.
Regards,
Joel.
#6
25.7, 25.10 Series / Re: BUSINESS Version 25.10 os-OPNWAF: Our professional apps require detailed rules
March 26, 2026, 11:54:42 AM
I've tried something like that. Create a folder afolder
edit /usr/local/opnsense/service/templates/OPNsense/Apache/httpd.conf
add Include etc/apache24/afolder/*.conf
in
Include etc/apache24/modsecurity.conf
IncludeOptional etc/apache24/modsecurity-crs/crs-setup.conf
Include etc/apache24/afolder/*.conf
IncludeOptional etc/apache24/modsecurity-crs/rules/*.conf
Copy the conf file in the afolder
and tried with @pmFromFile or @contains
restart the apache service.
I've checked that in /usr/local/etc/apache24/httpd.conf is modified too.
It doesn't work after the restart of the apache24
I don't know what I'm doing wrong here.
I keep having something like that in the logs:
[security2:error] [pid xxxxxx:tid xxxxxxxx] [client X.X.X.X:49438] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:^|b[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0-9\\\\?@_a-\\\\{]*)?\\\\x5c?u[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0-9\\\\?@_a-\\\\{]*)?\\\\x5c?s[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0- ..." at ARGS:mainForm:sometabview:mycompany. [file "/usr/local/etc/apache24/modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "514"] [id "932250"] [msg "Remote Command Execution: Direct Unix Command Execution"] [data "Matched Data: SH GmbH (8532) found within ARGS:mainForm:sometabview:mycompany: SH GmbH (8532)"] [severity "CRITICAL"] [ver "OWASP_CRS/4.18.0"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-RCE"] [tag "capec/1000/152/248/88"] [hostname "xxxxxxx.xxx"] [uri "/xxxx/xxxxx/xxxxxx.xhtml"] [unique_id "xxxxxxxxxxxxxxxxxxxxxxx"], referer https://xxxxxxx.xxx/xxxx/xxxxx/xxxxxx.xhtml
edit /usr/local/opnsense/service/templates/OPNsense/Apache/httpd.conf
add Include etc/apache24/afolder/*.conf
in
Include etc/apache24/modsecurity.conf
IncludeOptional etc/apache24/modsecurity-crs/crs-setup.conf
Include etc/apache24/afolder/*.conf
IncludeOptional etc/apache24/modsecurity-crs/rules/*.conf
Copy the conf file in the afolder
and tried with @pmFromFile or @contains
restart the apache service.
I've checked that in /usr/local/etc/apache24/httpd.conf is modified too.
It doesn't work after the restart of the apache24
I don't know what I'm doing wrong here.
I keep having something like that in the logs:
[security2:error] [pid xxxxxx:tid xxxxxxxx] [client X.X.X.X:49438] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)(?:^|b[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0-9\\\\?@_a-\\\\{]*)?\\\\x5c?u[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0-9\\\\?@_a-\\\\{]*)?\\\\x5c?s[\\"'\\\\)\\\\[\\\\x5c]*(?:(?:(?:\\\\|\\\\||&&)[\\\\s\\\\x0b]*)?\\\\$[!#\\\\(\\\\*\\\\-0- ..." at ARGS:mainForm:sometabview:mycompany. [file "/usr/local/etc/apache24/modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "514"] [id "932250"] [msg "Remote Command Execution: Direct Unix Command Execution"] [data "Matched Data: SH GmbH (8532) found within ARGS:mainForm:sometabview:mycompany: SH GmbH (8532)"] [severity "CRITICAL"] [ver "OWASP_CRS/4.18.0"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-RCE"] [tag "capec/1000/152/248/88"] [hostname "xxxxxxx.xxx"] [uri "/xxxx/xxxxx/xxxxxx.xhtml"] [unique_id "xxxxxxxxxxxxxxxxxxxxxxx"], referer https://xxxxxxx.xxx/xxxx/xxxxx/xxxxxx.xhtml
#7
25.7, 25.10 Series / BUSINESS Version 25.10 os-OPNWAF: Our professional apps require detailed rules
March 26, 2026, 07:41:02 AM
Dear OPNSense community,
We have a scenario where we need to update the rules for one of our in-house developed professional apps, but without a direct exception like the one available for the user interface in ModSecurity. We need something like the ability to use a whitelist file. Something like this:
SecRule ARGS:mainForm:sometabview:mycompany "@pmFromFile /usr/local/etc/apache24/Includes/modsecurity_wl.txt" "id:1000,phase:1,pass,nolog,ctl:ruleRemoveById=932250"
2nd example (with the text of the whitelist): SecRule ARGS:mainForm:sometabview:mycompany "@contains SH GmbH" "id:1000,phase:1,pass,nolog,ctl:ruleRemoveById=932250"
This is really important for our application, as we sometimes conduct EPA/PEN-TEST audits.
Rule 932250 serves its purpose very precisely and blocks a company's input. However, it would be nonsensical to disable rule 932250, as it is truly important for security...[ Unix direct remote command execution ]
Could you give us some guidance on what we can adjust and how we can set this up permanently, or how the appliance can maintain this for as long as possible?
Thank you in advance.
Regards,
Joel.
We have a scenario where we need to update the rules for one of our in-house developed professional apps, but without a direct exception like the one available for the user interface in ModSecurity. We need something like the ability to use a whitelist file. Something like this:
SecRule ARGS:mainForm:sometabview:mycompany "@pmFromFile /usr/local/etc/apache24/Includes/modsecurity_wl.txt" "id:1000,phase:1,pass,nolog,ctl:ruleRemoveById=932250"
2nd example (with the text of the whitelist): SecRule ARGS:mainForm:sometabview:mycompany "@contains SH GmbH" "id:1000,phase:1,pass,nolog,ctl:ruleRemoveById=932250"
This is really important for our application, as we sometimes conduct EPA/PEN-TEST audits.
Rule 932250 serves its purpose very precisely and blocks a company's input. However, it would be nonsensical to disable rule 932250, as it is truly important for security...[ Unix direct remote command execution ]
Could you give us some guidance on what we can adjust and how we can set this up permanently, or how the appliance can maintain this for as long as possible?
Thank you in advance.
Regards,
Joel.
#8
Web Proxy Filtering and Caching / Re: OPNSense 25.10.2_4 Business Squid Proxy with LDAP (AD) Firefox ok / Chromium nok
March 19, 2026, 11:15:26 AMQuote from: Monviech (Cedrik) on March 19, 2026, 10:51:54 AMI would maybe look at what Zenarmor has to offer. They are one of our partners: https://docs.opnsense.org/vendor/sunnyvalley/zenarmor.html
The plugin combination you use has either no maintainers or support Tier3. They are all completely in community scope.
https://github.com/opnsense/plugins/blob/0e62a4992404873c2d0005ed2b3a474d0d9eac9b/README.md?plain=1#L130
https://github.com/opnsense/plugins/commit/7cd45894e266427fcddb25f9af30477d8de1a69f
Isn't os-OPNPROXY a business plugin from OPNSense / Deciso itself? (and sold as a bonus plugin)
https://docs.opnsense.org/manual/opnproxy.html
#9
Web Proxy Filtering and Caching / OPNSense 25.10.2_4 Business Squid Proxy with LDAP (AD) Firefox ok / Chromium nok
March 19, 2026, 09:34:48 AM
Dear OPNSense community,
We performed an upgrade this morning, and the proxy authentication via LDAP (AD) in Squid is not working as intended.
The Chromium browser prompts for a username and password, and even when these are entered correctly, the login window keeps reappearing.
It works with Firefox and we juste need to enter the username and password one time. Unfortunately, this shows us that the proxy cannot work with SSO, as was the case with a Sophos appliance, where this feature was truly user-friendly (one-time password at Windows login, no double/triple login with the browsers/ web app).
Even if the website is on the list of local websites (some of which we host ourselves), the proxy still displays the login window!!!
My infos:
Version: OPNsense 25.10.2_4 / FreeBSD 14.4-RELEASE
os-squid: 1.4
os-web-proxy-sso: 2.2_3
os-OPNProxy 1.0.5_4
Services -> Squid Web Proxy -> Forward Proxy -> Authentication Settings -> Authentication method -> LDAP
Do you have any idea why the Chromium browser isn't working with Squid/OPNSense?
Is it possible to set up a working web proxy with SSO on an OPNSense server? (This might also be of interest to the customers.)
Is there a better alternative to Squid that is also more user-friendly? (without requiring users to enter a username and password in the browser)
Thank you in advance for the information.
Regards,
Joel.
We performed an upgrade this morning, and the proxy authentication via LDAP (AD) in Squid is not working as intended.
The Chromium browser prompts for a username and password, and even when these are entered correctly, the login window keeps reappearing.
It works with Firefox and we juste need to enter the username and password one time. Unfortunately, this shows us that the proxy cannot work with SSO, as was the case with a Sophos appliance, where this feature was truly user-friendly (one-time password at Windows login, no double/triple login with the browsers/ web app).
Even if the website is on the list of local websites (some of which we host ourselves), the proxy still displays the login window!!!
My infos:
Version: OPNsense 25.10.2_4 / FreeBSD 14.4-RELEASE
os-squid: 1.4
os-web-proxy-sso: 2.2_3
os-OPNProxy 1.0.5_4
Services -> Squid Web Proxy -> Forward Proxy -> Authentication Settings -> Authentication method -> LDAP
Do you have any idea why the Chromium browser isn't working with Squid/OPNSense?
Is it possible to set up a working web proxy with SSO on an OPNSense server? (This might also be of interest to the customers.)
Is there a better alternative to Squid that is also more user-friendly? (without requiring users to enter a username and password in the browser)
Thank you in advance for the information.
Regards,
Joel.
#10
Intrusion Detection and Prevention / Re: OPNSense 25.10.2_1 Problem with the button for activating/deactivating the rule
March 13, 2026, 08:11:03 AMQuote from: max1987martin on March 11, 2026, 07:46:03 AMQuote from: Wuensch-AG-Adm on February 23, 2026, 03:26:00 PMDear community,
I am trying to disable the rules (the manual part) in order to set up the rules using policies only, but when I select all entries (or 1000/500/200) and click the "Disable" button, the waiting circle appears, and when it is finished, nothing happens; the checkboxes are not empty.
Is this a known bug or something similar? Because it's crazy to manually deactivate about 30,000 entries.
Thank you in advance for your help.
Best regards,
Joel.
Hello,
Instead of disabling 30k rules manually, you should control them via IDS/IPS Policy settings.
Steps
Go to
Services → Intrusion Detection → Policies
Create or edit a policy.
Configure:
Rulesets: leave empty or select desired rulesets
Action: set to
disabled (to disable all rules)
or alert / drop depending on your setup.
Apply the policy to the interface.
Policies override individual rule states, so you do not need to manually disable rules.
Hi,
I have already done that, but I still get the message that some rules need to be activated manually, even though I am using the policies.
I don't know why.
Regards,
Joel
#11
25.7, 25.10 Series / BUSINESS Version 25.10.1_2 hangt high on cpu infconfig if_igc3_tq (Deciso App)
March 02, 2026, 11:48:56 AM
Dear community,
We have already made several updates to the system since December, but we are experiencing an issue with our Deciso Business Appliance. When we are logged into the dashboard, the CPU goes out of control. We can observe the CPU usage increasing without us doing anything.
0 root -64 - 0B 1824K iflib 2 263.1H 61.26% [kernel{if_igc3_tq}]
16330 root 68 0 17M 2524K iflib 1 0:02 30.67% /sbin/ifconfig -m -v
16386 root 68 0 17M 2520K iflib 1 0:02 22.59% /sbin/ifconfig -m -v
2915 root 68 0 17M 2528K iflib 2 0:04 22.14% /sbin/ifconfig -m -v
15589 root 68 0 17M 2528K iflib 2 0:02 19.85% /sbin/ifconfig -m -v
Is this a bug or a known issue?
I've seen some users complain about this in recent versions, but we're using an official Deciso business device, not a VM or home server.
DEC3842
hw.model: AMD EPYC 3101 4-Core Processor
Base Board Information
Manufacturer: Deciso B.V.
Product Name: NetBoard-A20
Version: R2.0
Ethernet Controller I225-V
I would appreciate it if you could give me some advice.
I feel that the latest business versions are not as stable as the older ones.
Thank you ahead.
Regards,
Joel.
We have already made several updates to the system since December, but we are experiencing an issue with our Deciso Business Appliance. When we are logged into the dashboard, the CPU goes out of control. We can observe the CPU usage increasing without us doing anything.
0 root -64 - 0B 1824K iflib 2 263.1H 61.26% [kernel{if_igc3_tq}]
16330 root 68 0 17M 2524K iflib 1 0:02 30.67% /sbin/ifconfig -m -v
16386 root 68 0 17M 2520K iflib 1 0:02 22.59% /sbin/ifconfig -m -v
2915 root 68 0 17M 2528K iflib 2 0:04 22.14% /sbin/ifconfig -m -v
15589 root 68 0 17M 2528K iflib 2 0:02 19.85% /sbin/ifconfig -m -v
Is this a bug or a known issue?
I've seen some users complain about this in recent versions, but we're using an official Deciso business device, not a VM or home server.
DEC3842
hw.model: AMD EPYC 3101 4-Core Processor
Base Board Information
Manufacturer: Deciso B.V.
Product Name: NetBoard-A20
Version: R2.0
Ethernet Controller I225-V
I would appreciate it if you could give me some advice.
I feel that the latest business versions are not as stable as the older ones.
Thank you ahead.
Regards,
Joel.
#12
25.7, 25.10 Series / Re: BUSINESS V25.10.1_2 to Version 25.10.2 some of rules and aliases are lost!
February 23, 2026, 06:31:24 PM
I took a snapshot before every major upgrade and only used the function once to reboot on the last knows good version because of an error, but I'll check out your tip.
Regards,
Joel
Regards,
Joel
#13
Intrusion Detection and Prevention / OPNSense 25.10.2_1 Problem with the button for activating/deactivating the rule
February 23, 2026, 03:26:00 PM
Dear community,
I am trying to disable the rules (the manual part) in order to set up the rules using policies only, but when I select all entries (or 1000/500/200) and click the "Disable" button, the waiting circle appears, and when it is finished, nothing happens; the checkboxes are not empty.
Is this a known bug or something similar? Because it's crazy to manually deactivate about 30,000 entries.
Thank you in advance for your help.
Best regards,
Joel.
I am trying to disable the rules (the manual part) in order to set up the rules using policies only, but when I select all entries (or 1000/500/200) and click the "Disable" button, the waiting circle appears, and when it is finished, nothing happens; the checkboxes are not empty.
Is this a known bug or something similar? Because it's crazy to manually deactivate about 30,000 entries.
Thank you in advance for your help.
Best regards,
Joel.
#14
25.7, 25.10 Series / Re: BUSINESS V25.10.1_2 to Version 25.10.2 some of rules and aliases are lost!
February 23, 2026, 11:22:38 AMQuote from: Patrick M. Hausen on February 20, 2026, 08:55:06 AMIf you have evidence that an update really caused the loss of firewall rules, you can still open an issue on Github to reach the developers. My main point is that this is the community forum and although I run a handful of systems with the business edition I do not have the expertise to help you. Also I never experienced anything like that myself.
Side note - why do you need a maintenance window to run an audit?
That's the only time I can devote to it. I take care of many other networks and application infrastructures, and since the problem didn't block the system's communication (I've simply re-create the 4/5 missing rules), I'll take care of it next time.
It's not about the OPNSense-Firewalls, It's about the workflow in the company.
Cheers,
Joel.
#15
25.7, 25.10 Series / Re: BUSINESS V25.10.1_2 to Version 25.10.2 some of rules and aliases are lost!
February 20, 2026, 08:50:41 AMQuote from: franco on February 19, 2026, 07:56:26 PMWell, you can audit System: Configuration: History for where these disappeared (and restore them if they were lost then I suppose).
That also goes for opening a business support case as a starting point to investigate.
Without support hours posting here is as good as it gets.
Cheers,
Franco
Dear Franco and Patrick,
I get your point, but I don't understand the business model of why we should pay for troubleshooting the Deciso Business Appliance (which we purchased with a license). I understand that I need to purchase support if I need something that is beyond my expertise or if information is missing from the documentation because we need something more specific. But in my opinion, this is simply an automated update from the Deciso server that is faulty.
I'm will auditing the system the next monthly maintenance (I've already done a part of it, when I've found that some rules are missing), thank you for your advice.
Best regards,
Joel.
