Depends on what system you’re running, and especially what task you’re doing. Trying to operate firewall rules via CLI is an exercise in self-inflicted pain, as is trying to set a complex cron schedule without a handy calculator.
Personally, I’d take it a step further. Firewall rules should be defined as code in a git repo. So if you’re building rules in a gui, you’re simply doing it wrong. While a cli and/or api should be used, that should be automated and invisible to a human.
TIL there are people configuring firewalls via GUIs. Okay … I‘m do that too on my private equipment because I’m lazy. But it feels wrong doing so in an enterprise context.
Depends on what system you’re running, and especially what task you’re doing. Trying to operate firewall rules via CLI is an exercise in self-inflicted pain, as is trying to set a complex cron schedule without a handy calculator.
on the contrary, CLI is the BEST way to deal with firewall rules.
Personally, I’d take it a step further. Firewall rules should be defined as code in a git repo. So if you’re building rules in a gui, you’re simply doing it wrong. While a cli and/or api should be used, that should be automated and invisible to a human.
TIL there are people configuring firewalls via GUIs. Okay … I‘m do that too on my private equipment because I’m lazy. But it feels wrong doing so in an enterprise context.
You using a Cisco firewall or something?
I’ve been using F5 in the past. Not doing that anymore though.
Junos CLI is a real treat. I work with the SRX line regularly, particularly the SRX4600 and the SRX300 series.