Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Service profiles, templates or rule groups?

    Scheduled Pinned Locked Moved NAT
    2 Posts 1 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      donty01
      last edited by

      I wondered if anyone knows of a way to create a profile of a service that can apply all the rules/nat/carp information to pfsense as a standard set for a given service?

      Idea being you have a profile that describes what is needed for a complete server service, eg  a web server with public IP, LAN IP and rules/NAT for HTTP HTTPS SSH SMTP etc. or some subset of it grouping the information. Perhaps picking a NAT rule group to apply and link to the required FW rules etc.  Mainly as a way of ensuring reliable consistent rules are applied to services and perhaps that they could be updated en masse.

      Does that process exist and I missed it or is it something of interest for the future?

      K

      1 Reply Last reply Reply Quote 0
      • D
        donty01
        last edited by

        Replying a bit to my own post, but could this be done by simply externally rewriting the xml backup file and then restoring it? Presumably that would require a service restart?

        Thinking aloud, if that was done as part of a cluster would the new restored file then overwrite the configs on all FWs? That would possibly mean that the service as a whole stayed up all through the process?

        If that is all true then it would be possible to write an offline rule editor that could build the config from a DB produce the XML and then restore/export it to the firewalls?

        Any thoughts about that?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.