[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: web interface?



Metacortex as well..
http://www.securityoffice.net/products/metacortex/
On Fri, 11 Jun 2004, Per-Olov Sjöholm wrote:
> James Cammarata said:
> > Is there any interest in this?  I am currently writing one in Python/Zope
> > to manage the PF rules.  It's in the very early stages of planning so
> > there
> > isn't much to it yet, so I thought I'd ask people what they thought of the
> > idea / Zope.  I personally love Zope for web development (use it for our
> > Intranet at my company), so that's why I'm using it.  I could break out of
> > it without too much pain now, and just have to rewrite the low-level CGI
> > stuff myself.
> >
> > Also, in the future I would like to write a daemon that allowed a single
> > web interface to manage multiple firewalls.  This of course has many
> > inherent risks so it's definitely just a thought right now, but Cisco does
> > it and I'll be damned if they do something we can't do ;)
> >
> > Anyway, any thoughts are appreciated.
> >
> > James Cammarata
> > [email protected]
> > www.sngx.net
> > home: 314-966-5976
> > work: 314-872-2426
> > cell: 314-409-0583
> > ______________________________________________________________
> > Out the Ethernet, through the router,
> > down the fiber, off another router,
> > down the T1, past the fire-wall
> > ..nothing but Net
> >
>
>
> Yes! I think it's nice.
>
> I have installed many OpenBSD firewalls at customer sites. No matter what
> I and the OpenBSD community think... they really want a good gui. Or we
> can say it like this.. The install base for PF will go like a rocket if
> you can find a good gui.
>
> A  good gui is fwbuilder at fwbuilder.org. That gui is not web based but
> can handle multiple firewalls. But I think they must lack developers or
> have low priority on OpenBSD. This as they always lack the latest
> features. Because of this I have the whole customer install base running
> "vi" when managing pf.conf. They still miss important features from Open
> BSD 3.4. But the gui is very nice.
>
> I also know there already exist a web based gui to manage PF (don't
> remember the link). But that interface miss to much to be usable for me
> and/or my customers.
>
>
> A web based gui that can handle most of the important features of PF that
> will continue to evolve during new OpenBSD releases would be really great!
> If it can handle multiple firewalls it will be even better...
>
>
> Personally I actually don't care what tools this stuff is developed with.
> For me and my customer it is more important to support the important
> features as altq, synproxy, adaptive timeouts etc. Otherwise the tools is
> useless as you have to manually edit the rulesets anyway.
> So, from my and my customers point of view it is more important with the
> features and stability of the ruleset compiler that the tool it is
> developed with.
>
> /Per-Olov
>
Derrick MacPherson
[email protected]