Whereis the pf.conf file



  • Where is the pf.conf file ? Where does pfsense writes its rules. Why can't I wirte my own pf.conf for pfsense to use. I find the web interface very hard to use.

    Thanks



  • Every configuration in pfSense is generated from the config.xml. All changes you make to any config will be overwritten by applying new settings in the GUI or by rebooting the machine.

    The webGui is hard to use? It was made with simplicity in mind, so where exactly do you see problems in using it?



  • @swygue:

    Where is the pf.conf file ? Where does pfsense writes its rules. Why can't I wirte my own pf.conf for pfsense to use. I find the web interface very hard to use.

    Thanks

    Then install freebsd or openbsd and use it.  pfSense is not something you want if you find the web gui hard to use.



  • Where does the config.xml lives ? I want to get a better understanding of how it works ? For example, when I create a rule from the webgui, how does it get process by pf ? What files are modified by the config.xml ?

    As for the webGui, I find it hard to use only because I am use editing pf.conf. For some reason the point and click doesn't feel natural, I don't know if that makes much sense. But when I create a pf.conf file, I can read it and right away I can know what's going on. It's not matter of the webGui being hard to use, it's just that I prefer to write my rules the old way, then be able to look at them from the webGui.

    Maybe when I understand how the config.xml works, I will have a better apreciation of the webGUI.

    Thanks



  • @swygue:

    Where does the config.xml lives ? I want to get a better understanding of how it works ? For example, when I create a rule from the webgui, how does it get process by pf ? What files are modified by the config.xml ?

    As for the webGui, I find it hard to use only because I am use editing pf.conf. For some reason the point and click doesn't feel natural, I don't know if that makes much sense. But when I create a pf.conf file, I can read it and right away I can know what's going on. It's not matter of the webGui being hard to use, it's just that I prefer to write my rules the old way, then be able to look at them from the webGui.

    Maybe when I understand how the config.xml works, I will have a better apreciation of the webGUI.

    Thanks

    config.xml is in /cf/conf

    But really, what you want is a stock openbsd or freebsd install if you want to edit .conf files.  The whole point of pfSense is to NOT edit .conf files.



  • You are right, I came to that conclusion myself. Yet I would still like to understand how this works, the webGui makes allot of sense. It's great for an enviroment where people don't want to edit configuration files.

    So if someone could answer the questions from my previous post, I would apreciate it.

    Thanks



  • @swygue:

    You are right, I came to that conclusion myself. Yet I would still like to understand how this works, the webGui makes allot of sense. It's great for an enviroment where people don't want to edit configuration files.

    So if someone could answer the questions from my previous post, I would apreciate it.

    Thanks

    config.xml transforms into /tmp/rules.debug whenever a filter change occurs.



  • So bottom line you cant change configurations from the shell ?



  • @Aderium:

    So bottom line you cant change configurations from the shell ?

    Correct.  The shell is there for debugging, not for modifications to config files.

    –Bill


Log in to reply