pf/OPNsense-like UI for Firewall inbound/outbound Rules + NAT Rules

Hyperkern · February 25, 2024, 9:04pm

Is it possible to get a pf/OPNsense-like UI in LuCi Web Interface that resembles pfSense/OPNsense Web GUI for Inbound/Outbound Firewall and manual/custom NAT Rules management, overview, and creation?

I am more familiar with/the *sense OS Web GUI flow and input fields for these functions just makes more sense to me than the standard OpenWRT Web GUI for the same functions does.

I would pay someone for the development of this... Any pointers?

trevormcooper · February 26, 2024, 3:26am

I get what you’re asking, but they are different products with their own identity. This is meant to be very light weight

slh · February 26, 2024, 3:29am

Realistically speaking, there are two options:

either you get familiar with fw4 and luci's representation of it, accepting that both firmwares use rather different configuration semantics (and very different backends)
or you start developing your desired UI and present it/ propose it for merging, as it would be very hard to motivate anyone else to do your bidding - or even to understand which aspects exactly are important to you and which may be less important (a 1:1 mapping is going to be unlikely, so the question is which aspects you really care about and which would be less important)

the former is more likely to succeed, but hey, you may have hit a gold mine and come up with a perfect alternative everyone else may want to follow.

stangri · February 26, 2024, 5:53am

What's your budget (and platform/device)?

Cheddoleum · February 26, 2024, 6:29pm

Remember that OPN/pfSense's UI is written in PHP, which has a vast developer base and is a real resource hog. Writing equivalent tools under lua to run on embedded systems is a more refined art that takes skills that are much scarcer.

Hyperkern · March 8, 2024, 5:11am

I may like to become familiar with OpenWRT and its Web GUI, LuCi, I suppose. I like the light-weight approach, my only concerns rest in areas of performance on the SoC platforms already brought-up, building successfully, and functioning well under OpenWRT 23.05.x / snapshot branch.

I appreciate a project maintainer/developer's input, thanks! (Though your final words were unexpected.)

I had just thought that this wouldn't be too difficult to implement since my understanding is that OpenWRT=Follows Torvalds' Linux kernel and pf/OPNsense = of *BSD lineage. Both Web UIs seem similar in that user input is used by the systems as variables to fill in and match arguments expected and understood by command line utilities/progs such as iptables/nftables for the firewall, NAT, or other routing/packet forwarding policy creation or likewise in configuration files.

Now I'm realizing the not so small differences between them...

Hyperkern · May 31, 2024, 11:49am

Solution: Program / Shell Script to interpret and convert between rule formats produced and understood by each system.

edit: I will post/share it once completed.

system · June 10, 2024, 11:49am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.