We are currently using a Sophos SG230 as Firewall / upstream router and configuration management is pure horror. Even manually backuping the configuration after every change will result in un-diffable binary changes to the backup file.
Is there a de-facto standard for routing / firewall configuration as code? I have looked at pfsense but it's quite gui bound, too. There is at least a human readable configuration file, but it's hard to group rules in semantic bundles.