Possible to do the cisco reload trick with pfsense?
-
Is there a way to do the "reload in 10" type command that cisco has that reboots and loads an old configuration?
I ask because we have a firewall that is 2 hours away where we need to do some tricky configs which could easily break things.
I'm guessing there is a way to do this from the CLI. I'm wondering if other people have done this to save me from digging into the guts of the system and figuring it out.
-
This would be extremely handy to have. Ubiquiti edge/toughswitches have a "Test" option where you can make a change then hit the "test" button. This when applies the change however if the "Save" option isn't hit during the test, the changes are reverted back to previous.
+1 for a "reload in xx mins" or "Test for xx mins" option
-
The problem is cisco-ish devices have a running config and a startup config. So all you have to do is reload (or get someone there to reload) and you are back to before the changes were made as long as you didn't write mem.
pfSense, as it exists today, has no such mechanism.
However, as long as you don't break whatever access you have (such as ssh) you can revert to a prior config (it stores the last 30) via ssh or the webgui and reboot.
-
Thanks Derelict
understand the difference re Cisco's running / saved config. If the pfSense units could have a running and saved config options would be sensational. I manage about 30 pfSense Netgate devices on vessels floating around the oceans. Having a "revert to previous config" type option would be extremely handy. -
Couldn't you just use the freebsd command: shutdown -r
https://www.freebsd.org/cgi/man.cgi?query=shutdown&sektion=8&manpath=freebsd-release-portsI'm not sure how to cancel that one though , as in (reload cancel)
Ahh … I got it now ... :-[
The Cisco does come up on the old saved config , if no "wr mem" has been done.But it must be possible to make some [b]at + shell magic
https://www.freebsd.org/cgi/man.cgi?query=at&sektion=1
"backup current config xml"
at now+xx minutes
copy the above backed up config to the system config
reboot/shutdown -rDoesn't pfsense have Cron installed , think it's a pre-req for at
Edit: Just remember to "Cancel" the at job if you are happy with what you have done , else the previous config will be restored ;)
/Bingo
-
If the pfSense team is in on this one , you could make a "recovery-xonfig.xml" in the script ,
and on boot check if it exists. If it exists : use that one (and delete it after boot) , else use normal config.xml.And then just a :
reload in xx minutes entry in the menu - making the revovery-config.xml , and the at now+xx (reboot)And
a reload cancel , that deletes the revovery-config.xml , and kills the at job
I don't know the "inners" of pfsense , and don't know if it goes "crazy" if the config.xml gets replaced , but i'm sure the team could make this in a short time.
/Bingo
