Recent content by Alasdair Muckart

Is FWCloud still in active development? The last updates to the git repos looks like it was a year or more ago, there was a "new release coming soon" message on the Announce board in April, but nothing since then. If we can make it work for our use cases I'm keen to deploy it but I'm concerned...

Great news, thank you :)

Thank you Carlos, That is a very useful feature, unfortunately it won't work for the translation we need to do out of fwbuilder.

Hi Carlos, Do you have a rough idea when this might become available, or alternatively, can you give us an overview of what changes would be required in the source to implement custom chains and branching? Thanks.

Thank you!

Hi, Here's a screenshot of the custom service we created in FWBuilder. We then use this service in rules.

Thanks for your reply. The ability to create chains and to fully utilise the "branch" action of iptables/nftables should be all that's needed.

Thank you for the reply. It's good to know that's on the roadmap. I can't share specific examples of our policies but I'll try and explain the general setup we use. Rather than having an "inside" and "outside" our firewalls have multiple interfaces facing different tenants & networks and all...

Thank you for the reply, it's good to know that's possible. It probably won't work for our use cases since we have enough of this type of config in our environment that it probably isn't practical at the moment. Thanks again.

We're trying to replicate our current fwbuilder-generated configurations using fwcloud. One of the things we've found is that there's no way in fwcloud to use the policy module do do things like match previously-encrypted GRE traffic with --proto 47 -m policy --pol ipsec --dir in for example...

There doesn't seem to be a way in fwbuilder to create additional policy chains or to branch to them as the action on a rule. This is a function we use extensively in fwbuilder. We have complex firewalls with policies that control traffic based on egress interface. The initial policy branches to...

Ubuntu 20.04 has moved to nftables. It provides transition scripts to ease the migration but they are only temporary. Are there any plans to support nftables in future releases of fwcloud? Thanks.

Is it possible to import existing configuration from fwbuilder or its compiled IPTables rules?