Layer7 interface finished

Well, the work still in progress. Since the last time, we have more development done.

The Layer7 shaper interface is finished. No significant differences were done to the interface since the last post. Now, we can create rules by simple select the protocol, structure and element. The protocol field contains a list of protocols that is builted dynamically from protocols patterns that come default in the pfSense instalation; the structure field allows the user to choose what type of structure will be applied: “action”, “queue” or “limiter”; the behaviour field is dynamically filled accordingly to the structure that was chosen. If the selected structure was “action”, the possible behaviours are only two, “allow” or “block”; if it was “queue”, the possible behaviours are all the altq queues already defined; if it was “limiter”, the possible behaviours are all the dummynet pipes and queues already defined too.

Some errors situations are controlled, such as the case of creating a rule with the same protocol chose more than once.

A new feature that we introduced was the possibility to add new protocol patterns.

Add Pattern functionality

Add Pattern functionality

 There are some patterns that come with a default pfSense installation, but we have the possibility to add more from the interface. It’s a simple gui interface, that uploads a protocol pattern file to the right location, but very useful if we want to upgrade our system with non default layer7 patterns. :)

Another option that we introduced was the capability to specify a layer7 rules container when editing the LAN firewall rules. Now, we can also specify to the filter if we want to apply the layer7 rules that we created.

Layer7 Dropbox in Firewall Rules Edit

Layer7 Dropbox in Firewall Rules Edit

Also some error situations are controlled such as the possibility to apply a layer7 rule only to TCP, UDP or TCP/UDP protocols.

The next step is creating a wizard to facilitate the configurations. Some ideas are thought but we still brainstorming. :)

About these ads

One Response to Layer7 interface finished

  1. Nice work guys! I’m really looking forward to this.

    there is a broken image in the second last paragraph.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: