Rule Separators

[chris929]

+1 for this.
Can't believe this is not yet implemented?
This makes the Rules a real nightmare (and is a possible security risk)

[relmes]

Another +1 for this.

Readability of rules is made far easier with separators.
Of course if there is a different "Opnsense" way to do this happy to learn.

[chemlud]

My 50.- euros are still in the pot, anybody joining? ;-)

[Patrick M. Hausen]

I'd prefer hierarchical rule groups/folders that can be collapsed and expanded in the UI. They would enable everything separators do but also a whole bunch of other features like enable/disable an entire group, reorder on the group/folder level by drag and drop, ...

Sidewinder did this.

50€ for that? Sure, count me in.

[chemlud]

... I would take the simple separators, but if a more elaborate solutions keeps the face for the programmers, I'm happy with that, too ;-)

[AdSchellevis]

.. and we offer simple, easy to use categories,  objects without functional value as already mentioned  years ago won't be added to OPNsense.

Showing category membership in an hierarchical fashion would be nice, but highly likely more work than anyone would like to invest in these legacy components. (Also challenging if one rule can be mapped to multiple categories).

[chemlud]

...if we can get together some hundred bucks some software developer might design a community plug-in. This functionality is far from "without functional value" and the categories are not helpful in my experience.

[Patrick M. Hausen]

This is the Sidewinder UI - the best one I ever used. Of course one rule can be only in one place ...

[marjohn56]

There is already the ability to add a description for each rule, do it logically and it becomes clear. For my two cents I'd rather the devs concentrate on improving the overall operation than graphical niceties. If pfsense was so great why leave it.

[chemlud]

Clarity in FW rules is not nicety, but security. The description does not replace the separators. pfsense is no longer actively developed as CE, or?

Ad and Franco have a strong opinion on this topic. But maybe someone with coding experience can/will help out? Repeating the same "arguments" over and over again does not make them better... ;-)

[marjohn56]

I'm baffled. With Catogories and descriptions it's as clear as dayligh to me. Maybe my brain works differently.

[crissi]

+1 for such an important Feature!  :)

[8191]

What about using interface groups to group rules?

[techadmin]

+1 Would love to see this feature, as I was used to it when using Fortigate. Even something fairly simple like pfSense did would do the job for me. I would also throw 20.- euros into the pot :)

[chemlud]

...I thought about buying a used LCD-screen and these here

https://www.post-it.com/3M/en_US/post-it/products/~/Post-it-Flags-in-Portable-Dispenser-47-in-x-1-7-in-20-Each-of-Red-Bright-Orange-Yellow-Green-and-Blue-100-Flags-Pack/?N=4327+3294529207+3294647198&preselect=5927578+3293786499&rt=rud

just for the firewall rules tab of each interface. At least a fast solution, if I have a look how long users are begging for this simple feature ;-)