Depends on what system you’re running, and especially what task you’re doing. Trying to operate firewall rules via CLI is an exercise in self-inflicted pain, as is trying to set a complex cron schedule without a handy calculator.
TIL there are people configuring firewalls via GUIs. Okay … I‘m do that too on my private equipment because I’m lazy. But it feels wrong doing so in an enterprise context.
Personally, I’d take it a step further. Firewall rules should be defined as code in a git repo. So if you’re building rules in a gui, you’re simply doing it wrong. While a cli and/or api should be used, that should be automated and invisible to a human.
Depends on what system you’re running, and especially what task you’re doing. Trying to operate firewall rules via CLI is an exercise in self-inflicted pain, as is trying to set a complex cron schedule without a handy calculator.
TIL there are people configuring firewalls via GUIs. Okay … I‘m do that too on my private equipment because I’m lazy. But it feels wrong doing so in an enterprise context.
You using a Cisco firewall or something?
I’ve been using F5 in the past. Not doing that anymore though.
Junos CLI is a real treat. I work with the SRX line regularly, particularly the SRX4600 and the SRX300 series.
on the contrary, CLI is the BEST way to deal with firewall rules.
Personally, I’d take it a step further. Firewall rules should be defined as code in a git repo. So if you’re building rules in a gui, you’re simply doing it wrong. While a cli and/or api should be used, that should be automated and invisible to a human.