Currently, UFW provides only a command-line interface (CLI) for user interaction--the
ufw command. This project implements graphical frontends for UFW using PyGTK.
Version 0.3.2 Released! (April 6, 2012)
- Issue #18 (on Google Code)
- Issue 19 (on Google Code)
- Issue 20 (on Google Code)
Version 0.3.1 Released! (September 11, 2011)
- Issue 16 (on Google Code)
- Issue 17 (on Google Code)
Version 0.3.0 Released! (September 6, 2011)
- This will probably be the last feature release of ufw-frontends in its current form. I'm planning a major reorganization of its code using pygtkmvc.
- Code is now hosted at GitHub.
View ufw log entries from within ufw-frontends (Events tab).
The entries in the Events tab are parsed directly from the ufw log. New events are shown as soon as they appear in the ufw log. This feature requires Pyinotify.
Create rules based on the list of events in the event log.
You can use this feature to allow blocked connections.
Add support for more IPT modules specifically:
- nf_conntrack_ftp and nf_nat_ftp (for FTP)
- nf_conntrack_irc and nf_nat_irc (for IRC)
- nf_conntrack_sane (for saned)
- Issue 15 (on Google Code)
- Feature parity with the CLI frontend (add/delete rules, enable/disable firewall, show reports, etc.)
- Supports editing and reordering of existing rules
- Ability to enable/disable IPv6 support
- Import/export of rules 1
- Intuitive and straightforward PyGTK interface
1 NOTE: Exported rules are simply shell scripts containing a series of ufw commands, nothing fancy. This approach is advantageous because you can execute the scripts directly.
What about Gufw?
Short answer: Gufw is flawed by design.
This is because it was designed and implemented as a frontend for the CLI, which is a frontend itself. That is, it was designed and implemented as wrapper for a wrapper.
UFW was designed with extensibility in mind. Moreover, it already provides code and interfaces that can be readily extended for creating additional frontends (not just wrappers around the ufw command).
ufw-frontends uses the UFW Python modules directly, thus preventing code duplication, unnecessary code, and an additional layer of execution (ufw-frontends -> iptables vs. Gufw -> CLI -> iptables). This also makes ufw-frontends faster, since it does not call the ufw command for every operation, and more powerful, since it has direct access to the UFW internals. In other words, it does more with less (code).
ufw-frontends vs. Gufw at a glance
|ufw-gtk 0.3.2||Gufw 12.04.1|
|Toolkits||PyGTK||GTK+ 3 (via GIR)|
|Code Size||42.0 KiB||61.7 KiB|
|Translations||Partial (via ufw)||Yes|
|Reorder Rules||Yes||No (LP #605380)|
|Import/Export Rules||Yes||No (LP #486285)|
|App Profiles Support||Yes||No (LP #963871)|
|Additional IPT Modules||Yes (pre-configured)||No|