Ruy Rocha

pfdoc.rb is a parser which makes your pf.conf looks very sexy by writing an elegant documentation (from here just called as pfdoc).

First scenario: you have a medium to large client with almost 900 lines of conf. Everything works fine even with your quick fixes, redundant rules, etc. Someday your boss (who you love) request a paper with your firewall rules for some audit and you’ll have two hours to delivery entire work… (need I say more?)

Second scenario: you have all your macros, tables, queues, rules or anything else, commented and described, line per line, all what you did, how traffic works, wich services are (dis)allowed, what ip’s are blocked, etc.

If all you want is bring your work to the world in a pretty (sexy and stylish) way pfdoc will fit your needs.

pfdoc is entire written in Ruby; design (final .html, generated when you pfdocsify {WTF?!} your pf.conf) by pingfoo (LoadFoO).

Only MACROS are recognized at this time. You can view a sample here.

pfXXX its a (quite) simple tool to talk with PF (OpenBSD Packet Filter). Currently, it shows only: tables, rules and logs.

ToDo list:

* edit tables (CRUD :S)

* edit rules (why not?!)

* show logs more eyecandy (and too subjective, explaining the rules)

* graphics

I know exists N hundred of apps like this but mine is written in Rails, is human readable, dry, and “mine” (which “mine” means I did; not stoled, not ripped off anyone, etc, etc :S)

Bem, achei duas ferrametas bem interessantes no packages do OpenBSD: pflogx e Driftnet.

O primeiro, escreve em um xml todo o log do pf (muito parecido com o pfw), deixando bem transparente o trafego e pode ser encontrado aqui

A driftnet, citando diretamente a descricao do(s) desenvolvedor(es): Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Totalmente do psychobilly, AZOLIVRE. E pode ser encontrada aqui

ps: eu alterei o pflogx p/ jogar “diretamente” no postgres (nao tao diretamente assim) e pretendo brincar logo com a driftnet