Forked from https://github.com/TKCERT/pfFocus/ This simple tool allows you to convert a full configuration backup of a OPNSense firewall into some meaningful output format, like Markdown or YAML. It enables you to focus on the important parts of your firewall configuration and allows you to get a quick overview of the most important settings.
- Python 3.6+
- defusedxml==0.5.0
- PyYAML==5.4
Before: Configuration backup as XML
After: Markdown documentation
opnFocus currently supports the following configuration sections:
- Basic system information
- List of interfaces, VLANs, bridges, gateways and static mappings
- List of DHCP ranges and aliases
- NAT rules with alias and interface resolution
- Outbound NAT rules with alias and interface resolution
- Filter rules with alias and interface resolution
- DNS forwarder (DNSmasq) configuration
- OpenVPN server and client configurations
- Syslog and sysctl configuration
Install into existing Python environment:
pip install git+https://github.com/TKCERT/opnFocus.git#egg=opnFocusCombine this with --user or pipx or pipenv for isolated installation.
Main formatting tool: opn-format
opn-formatExamples:
opn-format -i config-backup.xml -f md -o test.md
opn-format -i config-backup.xml -f yaml -o test.yamlTest parsing tool: opn-parse
opn-parse [-h] input_pathExamples:
opn-parse config-backup.xmlTODO
Some ideas for the future development of opnFocus:
- Producing additional output formats, especially structured formats like CSV.
- Using these structured formats to enable easy diff'ing of configurations.
- Maybe functionality to correlate rule configurations of different firewalls.
- Troubleshoot full features opn <> Pf
- Thomas Patzke (@thomaspatzke) for
- valuable suggestions and feedback
- Florian Roth (@Cyb3rOps) for
- giving it the name pfFocus
- the very nice and gorgeous logo