CMI - Central Managment Interface for pfSense devices - {Now $4,000}
-
Please update the topic value and add my $1000 bounty.
Also, Kapara:
8. Should really act as an appliance and not as a package….unless it just means using pfSense with just that package.
- Could it become a "fork" à-la pfDns ?
- I still wouldn't mind being able to plug IN my existing intranet / whatever management interface .. thus running it on an admin dedicated LAMP..
- Having a package on the pfsense 'client' firewall seems required to permit setup & communication with the CMI, but maybe some framework (xml-rpc over vpn ?) could be (is already planned to be ?) added to pfsense's code, since if i understand correctly, pfsense is now meant to evolves as a general purpose appliance framework.. ?
9. I really think a one stop shop solution would be best (All services provided within the same box) since this unit will not be acting as a firewall. Prefered but not required.
- We need the ability to easily sync (CARP if working à la pfDns ? or simple db & docroot rsync to slave) to another 'backup-CMI' box
10. Would be great but not required is mobileweb..ie Iphone or PocketPC or WAP web like interface for remote management via Phone.
- Roughly a mater of template engine .. once the function are there .. it shouldn't be hard to generate aproriate html and css
I really hope (dream?) to see this bounty produce some result
Please show support and identify yourselves as possible coders / sponsors (?)
Best regards to the pfs family
-
I will donate $200 for a centralized management tool with these conditions:
1. Clean, documented/commented PHP code (pfsense devs could approve this)
2. Support for DNS based remote pfsense (ie. using dyndns versus ip)These are option, since it may be the purview of an NMS (snmp) software:
3. Visibility of failover from carp or wan
4. Visibility of power conditions based on NUT package messages
5. Visibility of cpu, memory, hdd, network statistics (snmp, rrd)
6. Visibility of users logged in, or state of ipsec connections -
So far based on each persons request this is the breakdown of the bounty:
Kapara - $750
fridaynoon - $750
hdejongh - $500
dotdash - $200
df - $1000
strafelife - $200 (Now $500) If started soon.
geewhz01 - $300
Total: $4,000 -
Is this bounty going somewhere? Just as I kill the bounty people show interest so I reopen. Now no response for a long time. Is someone truly interested? I can gauruntee the funds I have alocated for only so long. If there is no concrete sign of interest then I will either pull my $$$ from the bounty or request that it be closed unless someone would like to keep it open.
Thanks,
Mark
-
Recommend that this bounty be closed at this time.
-
I'd be willing to through another $300 in the pot if this happens.
-
Great! Lets give it another week and see what happens.
-
Going once…...
-
Going Twice…...
-
What does m0n0 CMI offer from your requests?
As i never seen it would be interesting to know what it covers and what needs to be added apart the customization for pfSense. Furthermore, this might take some time and with that will it be acceptable to have it only for 2.0+ releases? -
Not too sure about CMI as I am not running m0n0 to know how it works. As to time….I have waited this long...maybe close to a year or more. ;D Waiting for this in 2.0 would not make much of a difference to me. I could wait 8-12 months!
-
I can just imagine having a site with 6 remote sites and being able to push out lan to lan tunnels between firewalls from a single interface. That is not what I am looking for but once a package is available like that I am sure there will be even more features that people would want. Maybe I am wrong but after hearing that some people have upwards of over 100 pfsense firewalls running I cannot imagine how they would not want a central location for managing them.
-
OK i will give m0n0 CMI a look to what it offers and how extensible it is and report back.
Then if you collect the money i can start on giving you functionality to manage rules and get stats and logs from the configured machines. -
I've started coding something similar for my own use. I'd be interested in finishing it if this bounty is still up for grabs. PLMKWYT
-
xanthra, if you are serious about taking this bounty, I would encourage you to contact the individuals in this thread who bid on it, make sure they're still willing to donate and get a complete list of features they want. I would hate for you to go to the herculean effort this bounty is going to require and end up shorted because people aren't willing to pay you for your time.
-
@ Submicron…Good Point!
Can you please tell us more about your project which you have already begun coding? Is it using all BSD type licensed technologies? How far along are you and what capabilities does it currently have if any. Will your project be able to acheive all of the items which were laid out by the people who added to this bounty?
Thanks,
Mark
-
I initially committed $200, which is still up for grabs. I will raise it to $500, if we can get this project going, but the requirements must be met (as listed by those who posted bounties).
-
Can you please tell us more about your project which you have already begun coding? Is it using all BSD type licensed technologies? How far along are you and what capabilities does it currently have if any. Will your project be able to acheive all of the items which were laid out by the people who added to this bounty?
Right now it just pings a list of machines and shows a green or red light on a web page. It's kinda like smoke ping light : ) Edit: After re-reading the list in the first post of this thread, I think it basically covers #2
I'm working on pushing rules out to pfsense clusters because I will have a few to maintain in the near future.
I think I get backups for free because I'm fetching config.xml to update the rules in the <filter>section.Maybe instead of one huge bounty and big project we can make a list of individual requests and chip away at them ?</filter>
-
Hmmm.. It might be difficult to breakdown the items and add a monetary value to them. Leaving one item out could kill a majority of the bounty leaving only crumbs to be earned. Maybe you could tell us what you see as realistically possible based on your ability, time frame, cost of your time, etc…. As I mentioned before, I am willing to wait upwards of 8-12 months to be completed if it is broken down on a timeline of sorts. Also I am sure if done using the recommended technology..bsd license tech...other devs would be more than happy to chip in and help with certain parts as I have seen comments like this in the past on the previous thread for this project.
Thanks,
Mark
-
Has anybody seen this? Pretty nifty and seems to cover some of the items listed
http://www.observernms.org/