PfSense androidGUI app (a work in progress)



  • Please read the whole of this post before installing the app otherwise it may not work/login successfully!

    Introduction

    I was after a way to access the Wake-on-Lan page of the Gui on my android device and so started to write an app (yes I know there are loads of wol apps already).
    I have now started adding more features. This is by no means a replacement for the webGUI, but should allow for some away from a desktop quick diagnostics etc
    I do not know how far I / we can take it but we'll just see what happens.

    As this is interfacing with the pfsense webGui a change to the gui in for example a new release/feature may break one/some/all of the apps features.

    If your webGui is via an http page the app is very simple to setup. If you are using http(s) which you should be! Then there are some extra steps we need to take to set up the app. Please see below.

    I developed / tested this using pfsense 2.0.2-RELEASE

    Screenshots

    Available here: http://imgur.com/a/niyaR#12

    Disclaimer

    I accept no responsibility for broken installs, downtime and anything else. You use this app entirely at your own risk. I suggest you use this on a test install not a live production unit.

    Working pages (known issues):

    If a page is not listed below the page is not yet supported. Clicking on an unsupported page will just result in a popup message saying "TO DO"

    Interfaces > any interfaces (0% done - Currently displays a page but actualy isn't doing anything)
    Firewall > Alias (50% done - Displays list of aliaes. Pop up menu for editing/adding - but currently not sending these changes back to pfsense)
    Services > Wake on Lan (100% done)
    Status > Interfaces (10% done - Just lists the interfaces - not currently displaying the details of each interface)
    Status > Services (100% done - Just needs some interface improvements)
    Diagnostics > DNS Lookup (100% done)
    Diagnostics > Factory Defaults (100% done - CURRENTLY DISABLED for obvious reasons)
    Diagnostics > Halt System (100% done)
    Diagnostics > Limiter Info* (100% done I believe? - Need someone who uses this to test)
    Diagnostics > pfInfo* - (100% done)
    Diagnostics > pfTop* - (90% done - Need to add the button for "Sort Type")
    Diagnostics > Ping - (100% done)
    Diagnostics > Reboot (100% done)
    Diagnostics > System Activity* (100% done)
    Diagnostics > Traceroute (100% done)
    Help > all pages except the "About This Page" button will open the relevent link in your browser

    • these pages may not be well formatted. There is not much I can do here. It appears the pages are being returned from a JavaScript call to pfsense as plaintext, therefore I am just displaying them as received.

    Source code:
    https://github.com/CharlieMarshall/pfSense-androidGUI

    Requirements for the App:

    1. Android device running android 4.0+ (this is needed for HTTPS support for self signed certificates)
    2. If you use HTTPS the following additional requirements:

    A trusted cert.

    OR

    If you use a self signed cert:
    Adding your self signed cert as a trusted cert to your android device (details below)
    Note: the default pfsense self signed cert will NOT work. If you currently use the default self signed cert please follow the instructions below to create your own self signed cert.

    How to create a self signed cert (follow these steps exactly)

    from the pfSense webGui:
    System > cert Manager > CA tab

    click + to add a new CA

    Descriptive name = choose a name
    Method = Create an internal CA
    fill in the rest with whatever you like
    save

    System > cert Manager > Certificates tab
    click + to add a new cert

    Method = Create an Internal Certificate
    Descriptive name = choose a name eg "myCert"
    Certificate authority = the CA you just created
    Certificate type = Certificate Authority (this is key)
    fill in the rest with whatever you like except:
    Common name = MUST BE THE SAME AS YOUR PFSENSE HOSTNAME eg if your webGUI is accessible at "pfsense.localdomain" then the common name must be "pfsense.localdomain"

    System > cert Manager > Certificates tab
    Now by using the buttons export/download the key and crt of the internal certificate you just created

    These files need to be merged into one file. For windows copy and paste into one file. On Linux / FreeBSD (replace myCert with the name of your files):
    cat myCert.crt > myCert.pem
    cat myCert.key >> myCert.pem

    Set the webGui to use the new certificate
    System > Advanced
    SSL Certificate = your new cert
    Save
    Wait for the changes to take effect

    Now we need to create a p12 from the pem file. On windows I don't know how to do this :( On Linux / FreeBSD (replace myCert with the name of your files):
    openssl pkcs12 -export -in myCert.pem -out myCert.p12
    It will prompt for a password:
    Give it a password

    Now we need to transfer this p12 file to your phone:
    Transfer it to your phone via scp / email it to your self. It should go to the root of your sdcard

    NOTE - you may notice pfsense allows you to download a p12 file of your cert from the webGUI. I was unsucessfull in getting this to install to my device. It kept asking for a password which I do not know!
    You can see this thread ( http://forum.pfsense.org/index.php/topic,61222.0.html ) for more details. If anyone finds out what the password is please share it as it will save a lot of steps!

    Adding your self signed cert as a trusted cert to your android device

    Now we need to add this p12 certificate to our list of trusted certificates on our android device
    From our device > Device settings (menu button > settings) > Security > Install from device storage > select our p12 cert
    Enter the password we gave it earlier
    Hit Ok
    Note: once installed the p12 is automatically removed from the sdcard

    Now go back to the Security page eg one tap of the back button
    Click trusted credentials
    Click user tab
    You should now see your cert!

    You can check this is working by opening your pfsense webgui (by name eg "pfsense.localdomain" NOT IP) in the default android browser. It should open without a untrusted cert warning!

    Now you are ready to use the app.
    NOTE you must use the hostname in the app not the IP address

    Installing the app

    In the future I will push this to the play store. But while it is still very experimental you will have to manually install it.

    1. In your android device settings > security > you have to enable "Unknown sources (allow installation from non-market apps)"
    2. Downoad the apk file from https://dl.dropboxusercontent.com/u/12367642/Pfsense.apk. Open the file. It will then offer to install the app.
    3. Enjoy and report back with any issues which are not stated as known issues


  • My current setup is a laptop using the build in wireless as AP …so its a no go on wake-on-lan ... but halt would be convent at times.

    As for wake-on-lan I can achieve that once my desktop its booted ... but I flip the power on the surge to power up the switch and cable modem along with hitting the power button on the laptop. Once I'm done for the day I use Pfsense GUI to halt pfsense.

    Would be nice if wake-on-wlan was possible... ;)

    Here read some of my post here concerning a responsive GUI for Pfsense  http://forum.pfsense.org/index.php/topic,60830.0.html

    If Pfsense GUI where responsive there would be no need for a app as you are suggesting other than wake-on-lan. Once Pfsense boots you would have a native responsive GUI. Currently it seems a responsive GUI for Pfsense is a Pipe Dream.



  • @Clear-Pixel:

    Would be nice if wake-on-wlan was possible… ;)

    This is already possible via the app, I did most the testing of this app over a vpn so it was remote wireless wol as I don't have pfsense at home.

    Its also possible to remotely wol by adding an entry to the ARP table but I believe this is not recommened!

    I read that link you posted to. Looks like most the changes will be in the backend and the GUI isn't really going to be touched



  • For all computers that I'm aware of wake-on-wlan is not supported in the bios. Now wake-on-lan is supported of course.

    Keep in mind when my laptop is powered down my lan is hibernating but my wireless is not ….its powered down.

    I believe Freebsd/pfsense would also require that the driver support wowlan which I say they don't have. Could be wrong.....



  • I see. I misunderstood you. Thought you meant it would be good to be able to send the magic packets wireless.


  • Netgate Administrator

    This looks interesting!  :)

    Just so I understand this, your app is interacting with lighttpd on the pfSense box and showing the results on a small screen touch friendly interface?
    Whilst I commend your efforts this seems like perhaps not the best way to go about it. I have almost no experience in coding though so feel free to ignore me!  ;)

    The problems with doing it as you are would be that, as you said, you have to write code to interpret each page in the gui and that once you've done that you have to maintain it against any changes in the gui. Big and big commitment tasks.
    Might it not be better to ahve an app that simply 'translated' the existing html into something touch friendly? For example you could use the existing mobile theme (or write a super simple theme that's easier to interpret) and convert the Sections/subsections menu into something Android/finger friendly. You may be able to use the main frame code directly if your theme displayed large enough info. Thus new menu items and additional page objects would automatically become part of your app with no updating required on your part.

    There are definitely apps that already do stuff like this. How do they do it?

    Whatever you decide to do I'll gladly do some testing you if you need it.

    Steve



  • The app is first logging into the webgui and scraping the index page to provide me with the main menu ie all the URLS for the subpages!

    Then on each click of an button for example "Services > Wake on LAN" it scrapes the "Wake on LAN" html page and then I am having to handle the data, output it nicely to the screen and map buttons to the relevant commands such as HTTP posts. I was sceptical about responsiveness but it is very responsive and even over my VPN its quite quick.

    My Java skills aren't too bad but I wouldn't know where to begin translating into something touch friendly first. Feel free to point me in the right direction, links etc etc

    I am well aware some changes to the webGUI with a future release could break many features if I carry on the way I started! Anything to limit this should be done now before I go too far in the wrong direction. Also the way I am currently going there is no way it would support packages as each package adds new pages to the webGUI


  • Netgate Administrator

    Well my first suggestion is that there is no need to scrape the menus from the pfsense home page. If the app doesn't support packages or any additional pages it would be better to just provide the menu hard coded with only whatever pages you do support. Less chance of the code getting confused I would have thought.
    As I said this is way outside my field of expertise so there's a very good chance I'm overlooking something.  ::)

    Steve



  • An app like this could be interested. I am thinking of the situation where you get a notification from pfsense by email and then you want to have a look on your machines if everything is working or something crashed. So I think more of a pfsense app which is for fast support and checking of pfsense functions.

    So the diagnostic pages would be interesting and a possibility to restart some services.

    For major configuration on pfsense I would probably never use my smartphone. But if some service crashed and I need to check some things I could think that a quick login on pfsense using the app would be helpfull.

    I like the idea and I find it great that you spend time on something like that :)



  • @stephenw10:

    Well my first suggestion is that there is no need to scrape the menus from the pfsense home page.

    My reasoning here is that some users only have two interfaces LAN OPT1 while other have many OPT2, OPT3 which results in extra pages. So if I support setting up an interface I have to handle all links

    @stephenw10:

    As I said this is way outside my field of expertise so there's a very good chance I'm overlooking something.  ::)

    Mine too

    @Nachtfalke:

    So the diagnostic pages would be interesting and a possibility to restart some services.

    For major configuration on pfsense I would probably never use my smartphone. But if some service crashed and I need to check some things I could think that a quick login on pfsense using the app would be helpfull.

    Currently working on Status > Interfaces page. Scraped it pretty easily :) Now just need to enable the connect button and thats another page done.

    I agree this will NEVER be a replacement for the webGUI but as you said. If you need to do something quickly when away from a PC it should be great!

    @Nachtfalke:

    I like the idea and I find it great that you spend time on something like that :)

    I like to have an android project on the go. Couldn't think of an app I wanted so thought why not make a start on pfSense and see what happens

    90% completed the Aliases page today, luckily it was very similar to the wol page so that wasn't too bad either. I'm fast approaching the complex stuff. Then we'll see how feasible this app will be



  • @charlie0440

    I am sure you would get help on your project if you could bring this on github so that everyone can easy submit any patches and so on.

    I see this on another project like OCS Inventory-NG - they are on launchpad and this is very bad to submit some code. So just a suggestion how to spped up yur project and get some nice input from others :)



  • Yes I will probably go with github. But not quite yet for the following reasons.

    • I have to tidy up the code first

    • I have limited experience with github (cloning other people branches and compiling). I have never used it for development - Therefore it will be a learning curve. I don't want it to slow me down right now. So will probably wait until I lose momentum

    Plan to upload the app for testing tonight/next few days (it will still be very much in an alpha state).



  • I would say you should focus on the future. The future would be a responsive GUI for Pfsense. If the GUI was responsive it would be cross browser compatible on all of today's known mobile devices. If you need some help getting things going on that front, I would be glad to give you a hand.

    I also believe you would get far more interest on github for a new responsive GUI design for Pfsense than a android app as your setting up. Surely if interest took hold the developers of Pfsense I would think would put there 2 cents in to ensure at some point the two could merge.

    As for development for android all that would be needed would be wolan …. after that the responsive GUI would take over. If you setup the app to access various services for example, every time Pfsense has a update there's a chance something will break. I don't know what the odds are, but it could turn out to be a major headache. The same can be said for a responsive GUI github project also but if its going in the right direction like I said the Pfsense developers should give the project a helping hand.

    Hell, if you don't do the github for a responsive GUI I just might do it.



  • @Clear-Pixel:

    I would say you should focus on the future. The future would be a responsive GUI for Pfsense. If the GUI was responsive it would be cross browser compatible on all of today's known mobile devices. If you need some help getting things going on that front, I would be glad to give you a hand.

    Hell, if you don't do the github for a responsive GUI I just might do it.

    I hear what your saying but I am not a web developer and wouldn't know where to begin. If you make a start on this I can try and help you out!



  • I would like to see and Windows Phone version since I'm a windows guy. And you might as well make a Iphone version too. I would like to see you can do everything in the mobile version just as if I was on my laptop. I would even pay $5 if I knew that $2 was going to the Pfsense folks.



  • Uploaded a test version of the app for people to have a play with.

    Please read the first post of this thread for instructions on how to install & the download link



  • Very good.
    how i can donate ?. I use paypal.


  • Netgate Administrator

    Loaded it on my Nexus 7. Seems to work fine.
    It would be nice if the settings page showed the existing setting for each section without having to touch each one. More like the other android settings dialogues.

    Steve



  • Uploaded the project to github: https://github.com/CharlieMarshall/pfSense-androidGUI

    All contributions are welcome

    Edit: Upgraded my test box to pfSense 2.0.3 last night and everything seems to have survived the upgrade.


  • Netgate Administrator

    Ah, I should have mentioned my test box is 2.1. Worked fine.  :)

    Steve



  • Anyone know who I need to speak to about using the pfSense logo within the app?

    If I can't use it for copyright reasons does anyone fancy making something?

    On another note progress is moving along nicely (well it feel like it is but looking at the list of commits there's not a huge amount of new features)



  • Not had time to look at this project recently, been playing with the pfsense webconfiguration instead.

    Anyway here is an updated apk > https://dl.dropboxusercontent.com/u/12367642/Pfsense.apk (you will have to uninstall the previous verion if you have it)

    Changelog:

    Added Arp page
    Added Authentication page
    Added Table page
    Finished the Status > Interfaces page (untested)
    Improved UI of the services page
    Added validation to the wake on lan page


Log in to reply