Roadmap #1
Description
Rough Long-term Roadmap of my plans for this Project, Subject to change.
MVP Roadmap:
- Basic SPA Frontend (Vue 3)
- Address Object's
- Interface configuration
- Static routes
- DHCP Server
- DNS Server
- NTP Server
- WireGuard VPN
- Firewall Rule Creation UI
- Authentication
- Service State
- Power Actions
- Config / Input Validation
- Get error to frontend
- Firewall rule generation
- Rule Hit Count UI
- Firewall logging
- NAT Rule Generation
- Add/Remove Firewall users as linux users
- install script
- Documentation
Future Roadmap:
- Certificate Management and generation via caddy (use https://github.com/mholt/caddy-events-exec , events: Implement event system caddyserver/caddy#4912 to update cert in nfsense config / trigger service reloads. alternatively write custom module for sending events to nfsense via dbus)
- Reverse Proxy with Caddy json config
- Nat rules: automatic firewall rule checkbox
- API Websocket Streams (journalctl logs, PacketCapture and Webshell need constant bidirectional data)
- User ssh keys
- Service Log viewer (via journalctl dbus interface)
- Packet Capture UI (tcpdump/nfdump)
- Webshell
- Commit log & Service Error detection
- Basic CLI configuration
- Multi-Wan (Balancing / Failover Rules)
- QOS (Bandwidth limiting / Traffic Priority)
- IPv6
- Historic Metrics (Influx/prometheus/snmp)
- Frontend Metric Graphs
- Immutable Distro (osTree ? Fedora CoreOS?)
- Kernel BPF Patch to allow inet table rules to match ipv4 and ipv6 addresses in a single rule using a ipv6 ipset (ipv4 as ipv6)
- Firewall Zones
- pppoe
- IPsec Site-To-Site VPN
- OpenVPN Client VPN
- OpenVPN Site-To-Site VPN
- Snort / Suricata integration
- BGP / OSPF Routing Support
- VRRP/CARP/UCARP HA Support
- Plugin System