Rule optimization/logical display
Update: This will be FREE if the interest is there. The way I made sure people knew would be free was misunderstood.
I’ve already got roughly 40 hours of development into a tool I’m building to display rules based on hierarchy like a Cisco ASA or Palo on box without Strata and such.
The other part of this program is to find redundant rules/zero hits and other unnecessary things.
I wrote it for myself so it’s not on GitHub nor is it complete enough to be that way. I’m not going to publish unless there is a lot of interest from this community.
It basically looks like this and at this time it’s working with MSP. I only have it able to pause the rules that aren’t really relevant vs deleting them as I’m not sure how to do that yet or if it’s even possible. It does let me just open up MSP and see what is paused then delete. I can see if it can work with local stuff but again this is for me unless there is large interest so it’s far from perfect but it does work exactly as it should.
The concept came from tools I work with everyday to optimize and clean up corporate firewalls with 20 years of rules never reviewed again on them. Let me know if you’d like me to publish this to a code repository which would take a lot of extra effort from me. I just hate and love how Firewalla handles rules with tags, it’s amazing until you get to a large and complicated rule base. That and I’m used to looking at traditional tools.