Running additional internet applications on pfsense
-
I am running some cloud service software on my pfsense installation. I start it using special user on system startup.
Is it safe? As far as I figured out, this application is not firewalled in any way and is connected to internet and LAN regardless of my firewall rules.
-
@mare Are you saying your pfSense is a virtual installation? That's what most folks do in such case. If not, most folks would say no other application should be on a firewall that's not an approved package.
-
It's not a virtual installation, it runs on a router HW.
-
@mare Well from a firewall sense, your set up doesn't sound safe especially bypassing the firewall completely yet attaches to your computer inner structure. Remember though, it's your setup, if you determined that it's safe, so be it.
-
@mare Might as well turn off pfSense.
-
...at least user privilleges are obeyed and it can read/write only to user's home address.
So is there a way to run additional applications in safe way? It is very handy to use my router HW for some additional 24/7 tasks.
-
@mare Run vetted applications installed from the Package Manager.
-
There's no 100% safe way to do this, whatever you choose to run is untested and might have introduced issues. Only you will be able to test and fix that. Installing pkgs from other repos may replace a package we modify for pfSense with unexpected results.
If you really have to do this the safest way is probably to use bhyve.Otherwise run pfSense and whatever else you need both as VMs in some other hypervisor.
Steve
