Where are the configurations of the various packages?
-
I want to backup the configurations of the various Packages, at least the main ones such as OpenVPN, FreeRadius, Squid, Squidguard, Snort, Backup, NUT, pfBlockerNG, Suricata, Wireguard, Zabbix.
In which folders can I find them?
Thanks in advance. -
Almost everything related to persistent configurations in pfSense resides in the
/conf/config.xmlfile. That file is read by pfSense itself and any installed packages, and then the configuration data pulled from that file is written out to the file system in the various folders each daemon or application requires. These configuration files are overwritten with each restart of the affected service.Any changes you make manually on most configuration files found in the file system on pfSense will be overwritten at the next restart of a service or when the firewall is rebooted. pfSense is not like your typical 'NIX operating system where you modify text-based conf files in
/etcto configure processes. -
@darkcorner
Added to what has been said already, you should be aware that pfSense is a fork of Monowall.
The feature list was :m0n0wall provides for a web-based configuration and uses PHP exclusively for the GUI and bootup configuration. Additionally, it adopts a single XML file for configuration parameters.
So : exact : there is just one config file.
This makes this very possible to do this :
- The system goes down ... no more "Internet" ....
- You found the issue : for example : the disk failed - so you swap it with a spare.
- No panic : you have a backup of your pfSense config as we all use Services >Auto Configuration Backup > Settings - and we all make regular internal copies of this one and only config file.
- Drop in here and download the latest and greatest.
- Write the downloaded file to an USB key (use Etcher !).
- Stick it in the pfSense device and boot from your key
- Install pfSense.
- Import the config,
- Do a reboot for good maters.
Done.
It's very well possible that the time it took to write this list is longer as the time to actually do it. -
I asked for two reasons.
The first is that there is the Backup package which I thought should be used to back up the various configuration folders.The second reason, above all, because two pfSenses have already blocked with the update to 2.27 and I was doing tests on a virtual machine before also blocking the third firewall.
But for this issue I already have a thread open and I'm going back to that.
-
You said in the other thread :
@darkcorner said in Network access blocked after update:
that I now have to configure from scratch..
That's a 'noop' ;)
When you remove all ('big') packages before upgrading, the upgrade process goes much faster.
When you have a copy of that config.xml file, right after the upgrade and reboot, you should import config.
All packages that are marked as "installed and configured" in the config file will get downloaded, installed and configured.
A final reboot and you're ok.
Nothing to reconfigure - with the exception : if there are new options, you should check these packages and make your config choices.
