Enterprise style Central Management Interface - {Now $1900}
-
If someone wants to go about the project then let me know.
That is a good question. Dingo and several others have voiced interest in working on this bounty. Everyone seems to have posted their requirements. I do not know if one person will be taking this bounty or if it will be split between multiple devs. Mcrane, Juve and Dingo have expressed interest in this. Please correct me if I am wrong but Dingo asked for our final reqs which one might assume he is working on this. Some clarification would be nice. If someone could officially claim the bounty so I know that the money I budgeted isn't just sitting there.
As to helping you might want to ask Dingo, mcrane or Juve.
Mark
-
I havent 100% jumped on this, Ive been watching the thread to see what others have as input, I have a game plan for a CMI and I am working on the technical aspects of the implementation. So Id consider it as still alive but I also dont want to duplicate efforts and end up with 2 different systems. Been quiet the past two days as Im deeply involved ina project for a client
-
Hi,
I've been playing with backing up and restoring config files to pfsense using CURL today. And for anybody who decides to take on this bounty be aware that you need to force curl to use HTTP version 1.0 as lighttpd does not support curl posts properly without this.
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
Took me hours to figure out why it wasnt posting properly.
-
I don't know which is better but I have been using sftp to back them up automatically. It will be interesting to see how this might be done via a CIM.
-
Found this and it is pretty cool. Do not know regarding the license because it doesnt specify a specific one but describes its licensing instead. Also check out the demo…..
http://www.project-observer.org
http://demo.project-observer.org -
I just looked at http://www.project-observer.org as you suggested. Found the license it looks like a BSD style license. In the features it mentions "Aware of m0n0wall and pfSense SNMP limitations." that implies that it can talk to both m0n0wall and pfSense.
Very cool find. I'm definitely going to give it a try.
-
So that means this is something which could en integrated? Would this compromise security for networks outside of the local network?
-
To know how it could be integrated will first need to install it and see how it communicates with PFSense. Looking at the code may be useful as well. I should have time to do that on Monday or Tuesday.
-
I also like the fact that it supports
Cisco CatOS devices
devices since my internal routers tend to be cisco for voice and data.
-
This seems to be going a good way. I am going to add the $150 to make it the full 1000. :-)
I suggest to keep in mind that there will be installations with MANY pfsense boxes
as outlined earlier in this discussion. Please try to take into account the scalability,
maybe with a modular solution that could be deployed two tier for smaller (e.g. 2-20 boxes)
implementations and three tier for larger implementations (e.g. 21-… boxes)- adding part 1 and 2 on one box for the small solution and for large solutions go
part 1 on one box and then part 2a on another box managing e.g. no.1-20 pfsenses and part 2b on
yet another box managing e.g. no.21-40 pfsenses, etc.
Another one to take into account is IF MySQL is being used - check out the licensing if resold.
AFAIK they want to see cash.
postgres is AFAIK the REAL open solution.
just my $ .02. The bounty is held anyway. :-)
Best, B.
- adding part 1 and 2 on one box for the small solution and for large solutions go
-
Any news? Testting of solutions….?
-
Yupp Im compiling my research into a specification…. just takes time i guess... recovering from a bad motorcycle accident has slowed me down a bit.
-
Any news? I'm eager to add some $$$ to the bounty….
-
If you are eager to add some $$$ to the bounty then you should do it now. The more money…the more incentive there is to complete it.
Mark
-
Good point. I stopped as a saw the bounty not operating.
So I will try to do my part.
300$ is what i can add for now.Hoping to hear good news…
Fridaynoon
-
Im working on a pretty involved solution, bring on the bounties i havent forgotten about you all
-
Hi Dingo,
Do you have an ETA on when you will be ready to present a solution? Not looking for an exact date…but 1 month? 2 months....etc
Thanks,
Mark
-
Hi,
Some have said that they would be eager to contribute to m0n0wall-cmi to make it pfsense compliant and so on.
As of now, I haven't received any contribution of any kind, but I would be happy to! I currently lack of time to continue the work on the CMI but I got some ideas for its future and would be more that interested to share theses ideas to someone who can contribute. I stay of course available for discussion about this great project.
I've already thought about almost every requirement you have suggested here when I was working on this tools, but as I was more focused on a result side (so I needed a working version, even if it was a feature-limited one). Anyway, almost all the code produced is reusable. I've also thought about a daemon side to manage updates, alerts and so on, of course, written in PHP (php is not only a web-language).
So once again, if some people are willing to contribute or improve m0n0wall-CMI, I'll be happy to help them the best I can.
Best Regards,
Gouverneur Thomas,
Author of m0n0wall-CMI. -
Since I started another bounty similar to this (configuring PfSense remotely using a modified version of Firewall Builder) and I originally pledged $ 300 there (now withdrawn), I would like to pledge an additional $ 300 for the development of the central Management Interface project. I guess the .NET interface to this has the merit of expanding the use of PfSense to Windows users if the configuration can be performed from a Windows workstation.
Thanks.
Mike
-