{Complete} Timebased Rules
-
It would be usefull if firewall rules show the schedule column.
–
Diego Morato
-
Hang on here. The person that sponsors the bounty has say so over this feature but with all due respect unless you contributed to the bounty then please sit on the sidelines.
-
It would be usefull if firewall rules show the schedule column.
–
Diego Moratowe will do something for that, just need to figure out something
-
Hi,
I sent an e-mail to Scott with some ideas to the GUI.
I´m testing the schedule and it looks fine. I don´t know if it is the objective, but it would be cool if exist the possibilitie to create generic rules without inform dates, like 'work hour: MON-FRI, 08:00-18:00', 'All Time: MON-SUN, 00:00-24:00'.–
Diego MoratoIn this case you would not need a schedule. If you want a rule to be active all the time, then don't assign a schedule to it.
-
@sdale:
In this case you would not need a schedule. If you want a rule to be active all the time, then don't assign a schedule to it.
Agree'd. Lets NOT over engineer this, please!!
-
Hello,
i think a schedule column in the firewall rule is really helpful, because the gui is more ergonomic…
In a few minutes, i will test twice an post the results.
Greetings from Germany
heiko -
Hello,
"In this case you would not need a schedule. If you want a rule to be active all the time, then don't assign a schedule to it."
I think, this is OK and also ergonomic. This behavior is the same as astaro for example. No "Clickorgy" please. I agree with "Scott´s".
Bye
heiko -
Good deal. We are making some progress over here. I've got the backend hooked into the rule logic. Now we just need to finish the date and time logic.
One of the hardest pieces of this puzzle will be killing active states once a rule period is being enforced. This will take some thinking about but I don't see any issues in the long run.
-
Hello Scott,
you save a schedule, but with no name, the schedule is save, but you cannot choose this schedule in the rule. It is ok, i think, but saving a schedule without a name is strange… , the "schedule name" is a duty field...., so i can save when i write a name, otherwise not..
Bye
Heiko -
Hello,
do not forget…
--> Timezone changes between Summer and Wintertime --> My Proposal: A drop Down Field with "change any schedules to +1h or -1h or anything else, so everybody can use timechanges...
--> I don´t choose anything in the time table, so in the calendar there is no selection.., i set the time to my favorite blocking mechanism, so i wish this schedule is save with the "setting time" and "every day", because i am choosing nothing in the calendar.
Greetings
Heiko -
Hello,
i think a schedule column in the firewall rule is really helpful, because the gui is more ergonomic…
In a few minutes, i will test twice an post the results.
Greetings from Germany
heikoI'll will get to that soon. Right now the focus is to get the backend working properly then fix the gui stuff.
Hello Scott,
you save a schedule, but with no name, the schedule is save, but you cannot choose this schedule in the rule. It is ok, i think, but saving a schedule without a name is strange… , the "schedule name" is a duty field...., so i can save when i write a name, otherwise not..
Bye
HeikoI've fixed that, it just hasn't been committed yet.
-
Hello Scott,
i agree, a little annotation:When you finish the coding behind the gui, please take a look to my requested features…..
Greetings
Heiko -
Time zone information will come from the system. If your timezone is honoring DST then FreeBSD/php should just work I would think. So I don't know if we need a daylight savings option?
-
Time zone information will come from the system. If your timezone is honoring DST then FreeBSD/php should just work I would think. So I don't know if we need a daylight savings option?
Agree
-
Having a really hard time figuring out how we are going to kill old states. Is this an absolute requirement for the bounty or is blocking new connections "good enough"?
-
Having a really hard time figuring out how we are going to kill old states. Is this an absolute requirement for the bounty or is blocking new connections "good enough"?
Easy way out would be an option to reset all states on the rule. When the rule comes into force, you reset the states if the option is ticked.
-
@sai:
Having a really hard time figuring out how we are going to kill old states. Is this an absolute requirement for the bounty or is blocking new connections "good enough"?
Easy way out would be an option to reset all states on the rule. When the rule comes into force, you reset the states if the option is ticked.
Not so easy. So how would you calculate this without redoing pf's logic in php?
-
Hello Scott,
i agree, a little annotation:When you finish the coding behind the gui, please take a look to my requested features…..
Greetings
HeikoDisregarding the bugs in the gui, do you like it so far? Do you find it easy to use? Will it meet your needs?
-
Good Morning,
yes, i think we can finish the discussion about the gui, any bugs can be fixed later. Good Job!
About the Firewall States: My Opinion: –> The expiration of a schedule must kill all the states, it is absolute for me, russia is very strange and i must kill all states from russia to switzerland at the expiration.........
Scott: i know, to kill the states it is a big JOB! But also you a very good coder... :)
Please verify, what do you mean, Scott?
Greetings from Germany
Heiko -
@sai:
Having a really hard time figuring out how we are going to kill old states. Is this an absolute requirement for the bounty or is blocking new connections "good enough"?
Easy way out would be an option to reset all states on the rule. When the rule comes into force, you reset the states if the option is ticked.
Not so easy. So how would you calculate this without redoing pf's logic in php?
I meant use filter_flush_state_table and reset all the states in the state table, not just the states affected by the rule. Not very elegant but I usually Reset States when I change/add a rule.
The other option would be to parse the states to see if they match the rule and only kill the states that match. non-trivial :-)