Firewall rules hitcount for pfSense 2.1.5 and 2.2.4
-
+1 thanks Marcello, really useful feature.
Love to see that merged also ;D -
Pull request sent do 2.3-DEVELOPMENT
https://github.com/pfsense/pfsense/pull/1892
-
Very, very nice.
(Also: One more column of info feels like a step toward widescreen display!)
-
I suggest all who cant test to do it on 2.2 and/or 2.3-devel and comment on pull request. Maybe with more people testing, it get merged faster…
-
I suggest all who cant test to do it on 2.2 and/or 2.3-devel and comment on pull request. Maybe with more people testing, it get merged faster…
Done.
The more I play with this the more I like it.
On mouseover, I get the data I was trying (unsuccessfully) to glean out of pfTop. -
The more I play with this the more I like it.
me too. :)
On mouseover, I get the data I was trying (unsuccessfully) to glean out of pfTop.
Great!
-
Send a new pull request with almost all code working on 2.3 with bootstrap.
I'll need some help to adjust the code to popup traffic on rule click.
The code is there but is not visible after ajax return.https://github.com/pfsense/pfsense/pull/1901
-
I noticed that 2.3 is nearing Beta stage. Has your great improvement been merged with 2.3(and approved)?
-
I noticed that 2.3 is nearing Beta stage. Has your great improvement been merged with 2.3(and approved)?
unfortunately no. :(
-
I noticed that 2.3 is nearing Beta stage. Has your great improvement been merged with 2.3(and approved)?
unfortunately no. :(
That is just very sad news :'(
Was there any particular reason it didn't "make it"?(Then the question becomes. Are you going to try to get it committed for a higher version?)
-
Hmm, not nice because this was a super no brainer feature that was very very helpful >:(
I see the pull request has a "CLA label". I have no idea for what CLA stands in this case :-[ Could someone shed a light here? -
I see the pull request has a "CLA label". I have no idea for what CLA stands in this case :-[ Could someone shed a light here?[/quote]
That means that the contributor has correctly completed the relevant licensing agreement. So that is a good thing.From the comments on https://github.com/pfsense/pfsense/pull/1901 it seems that there is some thought to add some support in binaries to make it more efficent to do. But for some reason progress in those comments stops in late Sep 2015.
-
Cool feature ;)
However on 2.2.6 x32, with pfBlockerNG, it does break pftop/Label
Before it was : USERRULES: pfB_PR, after patching it shows :USERRULES: 1770001532and the Status: System logs: Firewall Rule column
Instead of displaying pfB_PRI3 auto rule (1770001532) it shows 1770001532 (1770001532) -
The trackerid is used to count rules match.
If it get merged one day we will need to change the way pfblocker get his rules. -
Hmm, not nice because this was a super no brainer feature that was very very helpful >:(
I feel for marcelloc and everyone who finds this useful, as I know this is not the first time he's tried to get this merged.
I feel too for the core developers, as they face a difficult balance between trying to cram in extra features and trying to get 2.3 released as soon as possible. There seems now to be a real determination to get 2.3 released so that there is no need to revisit 2.2.x any further.
Based on a discussion I started in the 2.3 forum, I believe any new features or major changes have now missed the cut for 2.3. The RFC 4638 support I contributed was close to missing the cut, and only made it because it was a complete implementation, had no conflicts with the master branch and caused no regressions.
Hopefully, once 2.3 has released, there will be opportunity for this to be revisited by the necessary people.
Meanwhile, if marcelloc fixed the conflict(s) with master, those who find this useful could install this via System Patches (add .diff to the end of the pull request URL in a web browser, then create a patch using the URL that is shown in your web browser with a base directory of / and a path strip count of 2). This won't work until the conflict(s) are fixed.
-
The trackerid is used to count rules match.
If it get merged one day we will need to change the way pfblocker get his rules.pfBlockerNG is already using tracker IDs…
The issue with the current "Rule Count" code, is that its modifying the Description field in certain coditions which removes the human-readable text.... So I don't think the code in the pfBNG package needs to be changed. Let me know if you see it differently and I will consider making changes to the pfBNG code.
Thanks
-
Great. But first the code merge :)
-
The trackerid is used to count rules match.
If it get merged one day we will need to change the way pfblocker get his rules.But the patches changes things in "Status: System logs: Firewall" and "pftop/Label", not the pfBlockerNG tabs.
-
I'm working to merge this request, but in a way it doesn't break any of existing code.
We'll have this for 2.3.
Thanks for this great contribution.
-
I'm working to merge this request, but in a way it doesn't break any of existing code.
We'll have this for 2.3.
Thanks for this great contribution.
Sounds great, thanks ! :) :)