New Live Firewall log view

Started by dcol, February 01, 2018, 07:03:22 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 01, 2018, 07:03:22 PM
I really like the new live firewall view, but I wish the normal view was also available since there doesn't seem to be any option to allow the blocked rule to create a new allow firewall rule like there was in the old normal view.
February 01, 2018, 10:08:26 PM #1
Yes. That's what I thought as well. Would be great to still have the old "normal" view :)
February 01, 2018, 10:51:55 PM #2
Unfortunately there were quite some bugs and messy code in the old view, which made us decide to remove it and replace it with the new live view.

Maybe we could reintegrate a similar feature at some point in time, although it might take some time to mature (given other plans around the firewall frontend and api ideas)
February 02, 2018, 01:08:40 AM #3
What would be nice is when the info windows pops up there is a button to create an allow firewall rule
February 02, 2018, 09:19:13 AM #4
That's what we had in mind. Though that particular effort will need some first iteration of an API as said, hopefully acting as a catalyst for this work item and gathering feedback about what features are actively being used in parallel.

So far we heard: no second thoughts about the reduced search field complexity but concerns about the "easy rule" creation.


Cheers,
Franco
February 02, 2018, 10:44:57 AM #5 Last Edit: February 02, 2018, 12:52:24 PM by you
Thanks for your feedback, gentlemen.

Well, to be honest, the reduced search field complexity made it in the first instance harder to find my stuff.

However, once I perceive it just like full-text search, I could find almost everything.

Though I yet need to find out how to set more than one filter at a time. F.e. block + LAN doesn't show anything, while block shows LAN items :)


EDIT: block+lan ... did the trick. Funny how ideas sometimes pop up :D
EDIT2: this doesn't do the trick completely. F.e. block+192.168.2.1 doesn't show anything, although traffic related to 192.168.2.1 (source and destination) gets blocked.
February 03, 2018, 08:29:35 PM #6
Indeed, we've talked about tokenising the search items by whitespace to allow more fine-grained matching.

The only weird trick we need to make known is that ":80" can force the port match.

With these two the search should be both simple and powerful enough. :)
March 07, 2018, 09:56:52 PM #7 Last Edit: March 07, 2018, 09:58:34 PM by Noctur
Quote from: dcol on February 02, 2018, 01:08:40 AM
What would be nice is when the info windows pops up there is a button to create an allow firewall rule

I miss this functionality... hope it finds its way back into production.

Re Search field - it would be nice to have some examples in an advanced help button like some of the other fields...
overkill: Dell SFF i5, 16gb, 120gb SSD, 4x gb NICs
OPNsense 21.1.x
Print
Go Up Pages1
User actions