Core: Several GUI issues, compared to PfSense | Firewall/Log (18.7.1)
Hello,
we have a PfSense cluster (DC1) and a OpnSense (DC2) cluster and I configered first the PfSense, which was done on a day.
I have to say, OpnSense is pretty hard to do the same work, like on a PfSense. The first what I dislike is, that we have no separate "tabs" for hosts/ports/networks, which makes it complicated to keep both clusters equal.
I had to first disable all the default loggings under Settings -> Logging, otherwise I get a lot of noise (let out anything from firewall host itself).
Next part is, I miss really the drag-n-drop feature. Managing ~80 rules and more for dmz/lan/wan doesn't make fun with, if you have to change the rule order.
If I want to add a rule for ICMP, I can't select more than one ICMP type. I want to have request/reply/trace/unreach, but that isn't possible (or did I something wrong?).
I miss "States", column in the Firewall log view. I need it to see if my new rule is O.K and how much traffic is there. Later we use it to watch, if the rule is still needed or obsolete (over a year!).
Next thing is: add a rule on the top, or the buttom. Just missing, because it means for me to move always the "allow all rule" to the end.
The pull down menus are to small for me, ok, the search works Ok if you know the alias, but if you don't know the "keyword", scrolling in the small drop down menu isn't nice. (see the screenshot)
The filter/search in the "Live view", it seems it just filter the text, but how can I filter "port 53 and source DMZ " ? At the moment, I use the syslog output (grep), which is not very nice to read.
Cutted text, menu is so small, that the text was cutted on the end.
Small drop down
Don't get me wrong, I like OpnSense very much, but it takes much more time to do the same thing like on a Fortigate/PFense. So please understand this issue as Feature request :-)
linuxmail
All 4 comments
+1
ccesario
on 7 Sep 2018
+1
The GUI lacks some not very obvious usability features. Like for example our team frequently complains about the Alias editor not remembering the number of shown rows. Everytime you go there you have to set it from 7 to whatever you want. This really is a pain if you work with more than 7 aliases. Also a grouping of the different alias types (networks, hosts, etc...) would be very welcome.
fenderle
on 10 Mar 2019
+1
I have pfSense at work and opnSense at home, the drag-n-drop and state counter miss me.
Safranil
on 19 Mar 2019
States, evaluations, packets and bytes are all in 19.7, see
https://twitter.com/opnsense/status/1126179245967826945
As a general rule, make your case in terms of UX in OPNsense, not how it compares and fares against other projects (spoiler: it's not the same) and keep the requests per issue workable (preferably 1) as it increases the chances of:
- someone having just enough free time to help
- someone going through text walls without having to deal with flavour discussions (nobody likes chocolate ice cream, am I right?)
Make a positive impact on the community and project either by 1-2 or contributing code. Everything else is just going to be futile. Remember: step by step, one good idea at a time, not copying the world.
That being said, I'm closing this ticket now.
fichtner
on 11 May 2019
Related issues
tkald
路
5Comments
mimugmail
路
6Comments
lordraiden
路
7Comments
gauthig
路
3Comments
sooslaca
路
5Comments
Most helpful comment
States, evaluations, packets and bytes are all in 19.7, see
https://twitter.com/opnsense/status/1126179245967826945
As a general rule, make your case in terms of UX in OPNsense, not how it compares and fares against other projects (spoiler: it's not the same) and keep the requests per issue workable (preferably 1) as it increases the chances of:
Make a positive impact on the community and project either by 1-2 or contributing code. Everything else is just going to be futile. Remember: step by step, one good idea at a time, not copying the world.
That being said, I'm closing this ticket now.