Test Mode Button like NanoStation ubnt
-
Hi there, i was thinking if there is a way to make a test button so when i make any change remotely and than click test button the changes will apply for lets say 120 seconds, after that if i dont save changes it will reboot the pfsense to the previous setting. This is very important when making changes remotely. Thanks
-
Currently there is not anything like that so make sure your changes will not lock you our or you have some OOB access if you are configuring it remotely.
Steve
-
Have done stuff like that on cisco routers and switches in the past ;)
Setup a timed reboot, make the change but not write it to config.. Worse case if you do lock yourself out the device reboots and your back.. If your change worked and didn't lock you out - you stop the reboot..
I was messing around with openvpn permissions on a remote pfsense a while back, locking down remote access for some users that needed to only be able to get to couple of machines.. For a second there I thought I had locked myself out of the vpn ;) But had ssh remote access worse case, and before playing with that I had also opened up the gui to remote access from my IP - on worse case scenario ;)
Moral of the story, inline with Steve's mention of OOB.. Always make sure you have a backup way to get in - if messing with stuff that could lock you out.. Especially if remote and there is just no way you could go console in.
-
Yes i did the same thing with my cisco asa5510 but switched it today to pfsense and i think that future is a MUST for a router, or something like RUNNING CONFIG and STARTUP CONFIG, so i hope it will be available soon on pfsense. Thanks again
-
I am not aware of such a feature request.. you could look through them over on redmine.
But there are many firewalls that do not have such feature.. Checkpoint, Juniper, etc.. I'm trying to recall on the palos - haven't been on one in a while... But there are many that are live update..
-
It will not surprise you find this has been suggested many times in the past. For example:
https://redmine.pfsense.org/issues/7259Implementing it in pfSense is non-trivial.
Feel free to add your comments on what looks like the earliest request here:
https://redmine.pfsense.org/issues/3895It's possible to do this with a custom script and a cron job I would think. Just requires some testing. It would not surprise me to find someone has already done it....
Steve
-
I did this and it worked:
- Go to /cf/conf/backup and rename last backup to config.xml
- Add these to crontab:
@reboot sleep 30 && rm /tmp/config.cache
@reboot sleep 40 && cp /cf/conf/backup/config.xml /cf/conf/
@reboot sleep 50 && /etc/rc.reload_all - Execute this command before making changes shutdown -r +2 (This will restart server after 2 minutes), if you want to interrupt reboot just execute pkill shutdown
-
@edmond
this is a sweet one !
thx gonna try this ;)
