Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Read PFsense Configuration Data

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 4 Posters 874 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trexman
      last edited by

      Hi Everyone,

      we are currently trying to set up a CMDB for our Company and plan to document which ports are Open on our Servers.
      So far our Network scan gives me a list of all Open HTTPS and HTTP ports in our Company network, the Probem is that just because there is an open Port, does not mean the Port is reachable from outside the Company.
      So im looking for a way to export the Configuration/Information from our PFsense, but i really dont know where to start.
      I know there is a conf file on the Server that has all the Information i need, or at least thats what i think, but i dont know how to get this information with a process that can be automatized.

      The next problem will be the Version of our PFsense because its rather old, we are using 2.1-RELEASE (i386) on FreeBSD 8.3-RELEASE-p11.

      thanks in Advance
      Florian

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Config is stored in /conf/config.xml. You can automate extracting it by SSHing to the firewall to and pulling it or by pushing it from the firewall using a cron job.

        https://www.netgate.com/docs/pfsense/backup/remote-config-backup.html

        Is there any good reason you're running such an old version? Even if you're stuck on 32bit you should be running 2.3.X.

        Steve

        1 Reply Last reply Reply Quote 0
        • T
          trexman
          last edited by

          That's the reason -> https://www.netgate.com/docs/pfsense/nat/ftp-without-a-proxy.html

          i know FTP sucks but some of our old costumers still are using it.

          1 Reply Last reply Reply Quote 0
          • GrimsonG
            Grimson Banned
            last edited by

            So you're running an outdated firewall to use an outdated protocol. Wow, that's beyond stupid.

            1 Reply Last reply Reply Quote 0
            • T
              trexman
              last edited by

              Don't tell me, I'm trying to convince them to update but so far no luck

              GertjanG 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @trexman
                last edited by

                @trexman said in Read PFsense Configuration Data:

                Don't tell me, I'm trying to convince them to update but so far no luck

                Well, there is always this potential huge advantage (for you) : maintain old software (like IE6 in the old days) tend to run into open budgets .... because you'll be dealing with the case after things go bad.
                So, more serious : they have to right to choose whatever they want. I'll advise you leave this boat - no need to sink with them ;)

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  So FTP servers behind the firewall that cannot be configured to pass an external IP or use a custom data port range?

                  Apart from the already mentioned issues can you not persuade customers to at least use a half decent FTP server? 😖

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.