Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Update messed up (again) my pfsense, call for transparent profiles and ZFS

    Scheduled Pinned Locked Moved
    Problems Installing or Upgrading pfSense Software
    3
    3
    363
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      amtriorix
      last edited by amtriorix

      And I am pretty p.ssed off.

      A firewall is often a criticial part in a network and using it with a customer base, I do not want some 'features' at all.

      Very often I may run to a company to cure the firewall and guess what? Automatic updates.

      1. I do not need automatic updates
      2. I do need update checks of new versions automatically
      3. I do not need 'call back home'

      Every good security specialist updates the firewall manually.
      Doing it automatically is the worse and most dangerous thing you can do.

      And yes, for some reason an automatic update did happen, put down criitical ongoing services in the process, did his thing, rebooted and bam, upgrade failed and firewall messed up.

      Result, corporate network down for hours until I did spacefly to the other side of the country... Automatic updates are a curse.

      Secondly I want to see at SETUP/INSTALL a profile to configure very fast a TRANSPARENT firewall.
      for those who do not know what it is:
      https://www.fortinet.com/lat/resources/cyberglossary/transparent-firewall
      https://support.adamnet.works/t/running-on-a-transparent-pfsense-bridge/79

      Right now it is all in terms of WAN/OPT/LAN

      And last but not least, I like to see the firewall running on ZFS.
      For the reason you can create different firmware profiles, switch betweem updates and test if they are working and you can mirror/raidz your setup. I do agree you can run it on a proxmox, but I want to see it on bare metal.

      1 Reply Last reply Reply Quote 0
      • S
        skogs
        last edited by

        I could be wrong, but I think you have the wrong product web forums.

        -pfsense doesn't auto update; and it is very easy to turn off the update check on the front landing page.
        -you linked a pretty good blog page about setting up a virtualized transparent bridge firewall. Does it not work? I'm guessing vlan issues with one end or the other.
        -Fairly sure zfs runs just fine.

        1 Reply Last reply Reply Quote 1
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Indeed there is no auto-update for firmware in pfSense.
          The only thing that does is the pfSense-upgrade and pkg packages in order to show you an updated repo list. That might happen if you open dashboard and have the firmware check enable.
          It will still just offer the upgrade though, it doesn't do anything until you click it.

          And, yes you can install as ZFS currently if you want.

          Steve

          1 Reply Last reply Reply Quote 1
          • First post
            Last post