OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: gwaitsi on November 01, 2016, 01:54:35 pm
-
Does anyone know if http://www.fwbuilder.org is compatible with opnsense 16.7 such that the firewall rules can be built off line and trasnferred by ssh?
-
For what you wanna use this?
you got a really good webinterface with opensense
-
to be able to build a complete set of rules and then apply them at once.....
if something broken, quick reversion to the previous working ones.
i am beginner.....
-
When you should start slowly with the gui. learn with each rule and the results of it
you can save your config after each step and restore it with a simple login in the webgui and restore
i think the gui of this tool is not better or easier then the webgui of opensense
opensense works with a xml file wich is edited by the webgui. its not just pftables and so on.
and - you cant be sure what this tool on fwbuilder makes with you rules - if its configured right and secured.
btw the tool is really old (2013)...
-
Hi there,
fwbuilder is in the freebsd ports, but it only manages the firewall, not the rest of what OPNsense does.
http://www.fwbuilder.org/4.0/docs/users_guide5/freebsd.shtml
I think that using both would get in the way of proper setups...
The firewall rules edit in OPNsense itself is how you described: edit all the rules you need and apply after you're done. Recovery is also possible, given that you haven't locked yourself out of the box (the same issue with fwbuilder maybe), which isn't impossible, but also quite unlikely.
OPNsense has revision control so you can review your changes, roll back to an old state. I think it works as you expect fwbuilder to work, except for an unfamiliar GUI / workflow.
Cheers,
Franco