Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Test Mode Button like NanoStation ubnt

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 821 Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      ed-tech
      last edited by

      Hi there, i was thinking if there is a way to make a test button so when i make any change remotely and than click test button the changes will apply for lets say 120 seconds, after that if i dont save changes it will reboot the pfsense to the previous setting. This is very important when making changes remotely. Thanks

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Currently there is not anything like that so make sure your changes will not lock you our or you have some OOB access if you are configuring it remotely.

        Steve

        1 Reply Last reply Reply Quote 0
        • johnpozJ Offline
          johnpoz LAYER 8 Global Moderator
          last edited by johnpoz

          Have done stuff like that on cisco routers and switches in the past ;)

          Setup a timed reboot, make the change but not write it to config.. Worse case if you do lock yourself out the device reboots and your back.. If your change worked and didn't lock you out - you stop the reboot..

          I was messing around with openvpn permissions on a remote pfsense a while back, locking down remote access for some users that needed to only be able to get to couple of machines.. For a second there I thought I had locked myself out of the vpn ;) But had ssh remote access worse case, and before playing with that I had also opened up the gui to remote access from my IP - on worse case scenario ;)

          Moral of the story, inline with Steve's mention of OOB.. Always make sure you have a backup way to get in - if messing with stuff that could lock you out.. Especially if remote and there is just no way you could go console in.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • E Offline
            ed-tech
            last edited by ed-tech

            Yes i did the same thing with my cisco asa5510 but switched it today to pfsense and i think that future is a MUST for a router, or something like RUNNING CONFIG and STARTUP CONFIG, so i hope it will be available soon on pfsense. Thanks again

            1 Reply Last reply Reply Quote 0
            • johnpozJ Offline
              johnpoz LAYER 8 Global Moderator
              last edited by

              I am not aware of such a feature request.. you could look through them over on redmine.

              But there are many firewalls that do not have such feature.. Checkpoint, Juniper, etc.. I'm trying to recall on the palos - haven't been on one in a while... But there are many that are live update..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                It will not surprise you find this has been suggested many times in the past. For example:
                https://redmine.pfsense.org/issues/7259

                Implementing it in pfSense is non-trivial.
                Feel free to add your comments on what looks like the earliest request here:
                https://redmine.pfsense.org/issues/3895

                It's possible to do this with a custom script and a cron job I would think. Just requires some testing. It would not surprise me to find someone has already done it....

                Steve

                1 Reply Last reply Reply Quote 0
                • E Offline
                  ed-tech
                  last edited by ed-tech

                  I did this and it worked:

                  1. Go to /cf/conf/backup and rename last backup to config.xml
                  2. Add these to crontab:
                    @reboot sleep 30 && rm /tmp/config.cache
                    @reboot sleep 40 && cp /cf/conf/backup/config.xml /cf/conf/
                    @reboot sleep 50 && /etc/rc.reload_all
                  3. Execute this command before making changes shutdown -r +2 (This will restart server after 2 minutes), if you want to interrupt reboot just execute pkill shutdown
                  noplanN 1 Reply Last reply Reply Quote 1
                  • noplanN Offline
                    noplan @ed-tech
                    last edited by

                    @edmond

                    this is a sweet one !
                    thx gonna try this ;)

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.