How to install FW policies from FWbuilder.



  • Hi there,

    I am starting to work with PFSense and related tools. I am very impressed about the easy of installation and use of this software. But, I think that the webgui is not enought for my in order to create firewall rules.

    I found FWBuilder, and I want to use it to install the policy, but I don't know the correct platform (pf, ipfw, ipfilter, iptables). I have a problem to connect from FWBuilder using ssh connection but an error said it cannot open the port.

    Does anyone of you try to do something similar?

    Many thanks in advance.

    Vandart.



  • FWBuilder doesn't work with pfSense. It would need to modify the config.xml and trigger a remote reload of the new rules. This is not supported by either FWBuilder nor pfSense itself atm.



  • Is this still true ?

    I have a bunch of rules setup for my wrt54g using the fwbuilder, Im going to swith to pfsense this week, I would rather convert it to upload to pfsense instead of doing it manually.

    I see in the fwbuilder its able to do PF on freebsd so why shouldnt it work ? I get this error when trying it with a test pfsense setup.

    Initialised AES-256 client->server encryption
    Initialised HMAC-SHA1 client->server MAC algorithm
    Initialised AES-256 server->client encryption
    Initialised HMAC-SHA1 server->client MAC algorithm
    Using username "root".
    Using keyboard-interactive authentication.
    Access granted
    Opened channel for session
    Started a shell/command
    --**--**--
    dirname: not found
    net.inet.ip.forwarding: 1 -> 1
    pf disabled
    nat cleared
    rules cleared
    source tracking entries cleared
    0 tables deleted.
    pfctl: /192.168.1.1.conf: No such file or directory
    pf enabled
    Policy activated
    Server sent command exit status 0
    All channels closed. Disconnecting
    Server closed network connection
    kill: 11418: No such process
    SSH session terminated, exit status: OK
    Done 
    

    Any feedback appreciated.



  • @yozh:

    Is this still true ?

    I have a bunch of rules setup for my wrt54g using the fwbuilder, Im going to swith to pfsense this week, I would rather convert it to upload to pfsense instead of doing it manually.

    I see in the fwbuilder its able to do PF on freebsd so why shouldnt it work ? I get this error when trying it with a test pfsense setup.

    Initialised AES-256 client->server encryption
    Initialised HMAC-SHA1 client->server MAC algorithm
    Initialised AES-256 server->client encryption
    Initialised HMAC-SHA1 server->client MAC algorithm
    Using username "root".
    Using keyboard-interactive authentication.
    Access granted
    Opened channel for session
    Started a shell/command
    --**--**--
    dirname: not found
    net.inet.ip.forwarding: 1 -> 1
    pf disabled
    nat cleared
    rules cleared
    source tracking entries cleared
    0 tables deleted.
    pfctl: /192.168.1.1.conf: No such file or directory
    pf enabled
    Policy activated
    Server sent command exit status 0
    All channels closed. Disconnecting
    Server closed network connection
    kill: 11418: No such process
    SSH session terminated, exit status: OK
    Done 
    

    Any feedback appreciated.

    This will not work.  We generate our policies from a XML file, not from a pf.conf file.



  • Oh okie. Thats cool. Is there anyway for me to import my rules now, or do I have to put them in manually ?



  • @yozh:

    Oh okie. Thats cool. Is there anyway for me to import my rules now, or do I have to put them in manually ?

    Manually…


Log in to reply