Suggestions for Aliases and Rules



  • Hi all and thanks for pfSense. Great featureset. And this is my personal feedback to prove i value it.

    Aliases give me creeps for two things:

    • Renaming an alias needs you renaming it in all rules
    • I'd like to give more sensible/readable names but i cannot due to character restrictions

    I think this is both an expression of one simple mistake (that's what i think of it). Aliases nae, description an data should be the visible part and as standard with DBs, there should be an invisible ID given to each Alias. The name of the Alias will be used for display and referencing from the Webinterface on data entry, being replaced with it's ID upon save. Parsing and consistency issues will be gone and rule readability improved.

    Secondary, i'd comletely separate the display/editing of the alias types (hosts, nets, ports) in different tabs.

    The other thing which i don't like (but may be based in the thinking of the filter technology) is that rules are associated with interfaces.
    IMO, internally the ruleset should possibly start with fencing off alien IPs from interfaces, this will be a few rules which can be auto generated per interface. Once that's done, the entire ruleset (and the user) can forget about interfaces. The user should have to think about hosts, networks and ports only. Interfaces is internally handled magic. If i reconfigure a network to a different interface, the user visible configuration should not have to change at all besides that move of the network to a different interface. The rules do not change visibly.

    From my point of view, would be nice to see these implemented. First one should be easy i'd think. Second i don't know.

    Thanks a lot.



  • @cc_smart:

    Secondary, i'd comletely separate the display/editing of the alias types (hosts, nets, ports) in different tabs.

    That is something I'd also love to see. Having all 3 types of aliases on one page makes it very hard to read and also starts to get chaotic quite fast when you have lots of aliases.
    Not a critical feature but it would enhance the administration experience a great deal. :)

    Cheers



  • Start a bounty.


Log in to reply