PF GUI for firewall pf log analysis?

fufukauliza

Member

Reaction score: 1
Messages: 27

Hello everybody,
can you tell me if there is a GUI to analyze the firewall logs under KDE, Gnome etc etc?

Thank you all.
 
OP
F

fufukauliza

Member

Reaction score: 1
Messages: 27

Guys, thanks everyone but I wanted to switch to IPFW since it's the go-to firewall.
 

Zirias

Daemon

Reaction score: 1,346
Messages: 2,370

Preferred by whom?

Seriously, there's a reason different firewalling solutions come with FreeBSD. It's up to you to make your own choice. You should pick IPFW because you like it best, not because it was initially implemented within FreeBSD ;)
 
OP
F

fufukauliza

Member

Reaction score: 1
Messages: 27

Also this time the translator did not allow me to explain myself better.
I preferred IPFW because usually with the same configuration I like to give more space to the native tools of any type of software especially if, as in my case, it is simply blocking all the traffic entering my workstation and I do not need elaborate configurations.
I have never been a fan of "ports" in general, I only use them if I have special needs that the default software does not allow me to satisfy.
Sorry but my English is little more than enough.
 

Zirias

Daemon

Reaction score: 1,346
Messages: 2,370

I don't think this is a translation issue (which is kind of a good thing, right?)

Both pf and ipfilter are integrated with FreeBSD as well, so they are not "ports" (although they were "ported" at some time in the past to FreeBSD). It just means, you're free to decide which packet-filter to use for setting up your firewall. There's no officially "preferred" one, and people will have different preferences :)
 

mer

Well-Known Member

Reaction score: 191
Messages: 333

IPFW is a reasonable tool to set up firewalling for a typical workstation.
pf is also reasonable tool to set up firewalling for a typical workstation.
FreeBSD pf was originally ported from OpenBSD, but is not a typical "port" in the /usr/ports sense. As other point out, it's been part of FreeBSD for quite a while now and is as much part of FreeBSD as is IPFW, a default install of FreeBSD gives you both.

The tools work differently (one is first match wins, the other last match wins), some people think IPFW is easier to use than pf, there are others that think pf is easier to use than IPFW. IPFW logs to syslog so you need to process that. pf logs to a pcap interface (as others have said); this is easy to tcpdump/wireshark on.

I've used both for your use case, both work fine, both are easy to configure.
Putting this /etc/rc.conf is enough to get IPFW working as a simple workstation firewall. /etc/defaults/rc.conf has more variables if you need to tweak.

firewall_enable="yes"
firewall_type="workstation"

my opinions.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,625
Messages: 37,969

some people think IPFW is easier to use than pf, there are others that think pf is easier to use than IPFW.
I find the syntax of pf.conf easier to understand. But yes, it's more a personal preference than anything else.
 

mer

Well-Known Member

Reaction score: 191
Messages: 333

SirDice I should have put that in my post. I personally find the syntax of pf easier, especially on complex set ups, like a pfSense box (it's nice to be able to understand the rules as applied), but IPFW feels more like IpTables if one comes from Linux.
 
Top