Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to install FW policies from FWbuilder.

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 4 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vandart
      last edited by

      Hi there,

      I am starting to work with PFSense and related tools. I am very impressed about the easy of installation and use of this software. But, I think that the webgui is not enought for my in order to create firewall rules.

      I found FWBuilder, and I want to use it to install the policy, but I don't know the correct platform (pf, ipfw, ipfilter, iptables). I have a problem to connect from FWBuilder using ssh connection but an error said it cannot open the port.

      Does anyone of you try to do something similar?

      Many thanks in advance.

      Vandart.

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        FWBuilder doesn't work with pfSense. It would need to modify the config.xml and trigger a remote reload of the new rules. This is not supported by either FWBuilder nor pfSense itself atm.

        1 Reply Last reply Reply Quote 0
        • Y
          yozh
          last edited by

          Is this still true ?

          I have a bunch of rules setup for my wrt54g using the fwbuilder, Im going to swith to pfsense this week, I would rather convert it to upload to pfsense instead of doing it manually.

          I see in the fwbuilder its able to do PF on freebsd so why shouldnt it work ? I get this error when trying it with a test pfsense setup.

          Initialised AES-256 client->server encryption
          Initialised HMAC-SHA1 client->server MAC algorithm
          Initialised AES-256 server->client encryption
          Initialised HMAC-SHA1 server->client MAC algorithm
          Using username "root".
          Using keyboard-interactive authentication.
          Access granted
          Opened channel for session
          Started a shell/command
          --**--**--
          dirname: not found
          net.inet.ip.forwarding: 1 -> 1
          pf disabled
          nat cleared
          rules cleared
          source tracking entries cleared
          0 tables deleted.
          pfctl: /192.168.1.1.conf: No such file or directory
          pf enabled
          Policy activated
          Server sent command exit status 0
          All channels closed. Disconnecting
          Server closed network connection
          kill: 11418: No such process
          SSH session terminated, exit status: OK
          Done 
          

          Any feedback appreciated.

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            @yozh:

            Is this still true ?

            I have a bunch of rules setup for my wrt54g using the fwbuilder, Im going to swith to pfsense this week, I would rather convert it to upload to pfsense instead of doing it manually.

            I see in the fwbuilder its able to do PF on freebsd so why shouldnt it work ? I get this error when trying it with a test pfsense setup.

            Initialised AES-256 client->server encryption
            Initialised HMAC-SHA1 client->server MAC algorithm
            Initialised AES-256 server->client encryption
            Initialised HMAC-SHA1 server->client MAC algorithm
            Using username "root".
            Using keyboard-interactive authentication.
            Access granted
            Opened channel for session
            Started a shell/command
            --**--**--
            dirname: not found
            net.inet.ip.forwarding: 1 -> 1
            pf disabled
            nat cleared
            rules cleared
            source tracking entries cleared
            0 tables deleted.
            pfctl: /192.168.1.1.conf: No such file or directory
            pf enabled
            Policy activated
            Server sent command exit status 0
            All channels closed. Disconnecting
            Server closed network connection
            kill: 11418: No such process
            SSH session terminated, exit status: OK
            Done 
            

            Any feedback appreciated.

            This will not work.  We generate our policies from a XML file, not from a pf.conf file.

            1 Reply Last reply Reply Quote 0
            • Y
              yozh
              last edited by

              Oh okie. Thats cool. Is there anyway for me to import my rules now, or do I have to put them in manually ?

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by

                @yozh:

                Oh okie. Thats cool. Is there anyway for me to import my rules now, or do I have to put them in manually ?

                Manually…

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.