PfFocus tutorial/howto? Want to try OPNSense

I have my firewall up and running on PFSense. But I like the idea of open source software, and really want to give OPNSense a shot. I’m pretty sure it won’t be as simple as installing OPNSense and feeding it the PFSense backup xml.

I see PfFocus looks like the tool to use to make a readable configuration out of my PFSense xml file.
But I haven’t been able to figure out the python and syntax , as the instructions on the pfFocus page are vague at best.
Is there a tutorial on this somewhere? Or at least a coherent howto?

Been a while since I looked at that tool, but they do have a docker image that might help.

1 Like

I’d be very interested if you find a way because otherwise I have a lot of data entry to do. I intend to leave pfsense due to extremely unstable conditions in their features that enterprise use.

I installed in in ubuntu and got an error.
“ModuleNotFoundError : No Module named ‘pf_focus’ when trying to run pf-format”

so I may try docker next…

Working on trying it out in docker now…will let you know

Ok…getting errors on my docker ,
I installed it in docker , where I have made the most progress using the supplied instructions, but when I go to run it, I’m getting "format error, the following args are required : -i " . the “-i” argument is the input file. I have the input file set up as in the example given on the website. I am in over my head on this one. lol All I get are format errors, and the documentation isn’t helping

got it working in docker on Linux. Dumb mistake on my part. Someone on reddit pointed out that I left out the carets around my input filename when I typed in my command line.
correct working syntax :
docker run --rm -i hugojosefson/pffocus < input.xml >

So you were able to, with this docker container, easily convert your pfsense config to opnsense and put it into production?

The pfFocus tool just makes a report and list of settings from the pfsense XML backup. You then have to manually build all the settings in OpnSense.

1 Like

OP, Pro Tip, don’t bother with OPNSense. pfSense is also Open Source and is much more robust, easier to configure and predictable than the “rolling distro” OPNSense. And btw, OPNSense is finally ditching HardenedBSD for FreeBSD 13.x so be ready to fix issues a bit more in the upcoming years.