Eek! I'm screwed! help!



  • Argh!

    I have got myself into a mess, and I just hope there is a way out of it.
    I had just finished putting the finishing touches on my firewall, and had starting configuring the VPN, when all of a sudden the webconfigurator went all crazy on me.  Forgot every single setting, and felll back into dull HTML mode.
    I'm pretty sure it had something to do with me running out of disk space….  :-)

    Anyhow - My system is screwed - my config.xml is basically empty, and if i copy an old backup across and try to restart the webconfigurator, i get:

    Restarting webConfigurator...
    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318
    done.

    *** Welcome to pfSense 1.0.1-pfSense on  ***

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 318

    Now - I don't seem to be able to recover from any config that is persisted to disk (I hadn't gotten around to taking a backup yet - mea culpa).
    HOWEVER - my router is still humming away perfectly - the config stored in RAM is still AOK.

    I've had a look through the inc files, and seen functions like 'serialize()' and 'backup_config()' that look like they dump the current RUNNING config to disk.  This would be Ideal for me - is there any way to call to these from a shell prompt (or at all), to get a copy of my current config?

    Any ideas most welcome....

    Gareth



  • you find a backup on /cf/conf/backup/



  • From a shell:

    cd /cf/conf/backup

    ls -la

    Find the file that should work.

    rm /tmp/config.cache # blow away pfSense cache
    cp $filename /cf/conf/config.xml

    /etc/rc.restart_webgui



  • I did find that backup directory, but all the recent backup files are truncated at 8192 bytes.  The newest one that is complete is abot 25 revisions old (and hence still developmental) - and it's when I copy that complete file across that I get the errors listed below.

    Thats why I would really like to get a dump of my running config - because it's the only one left that is potentially right.  If i roll the system, it looks like any version from /cf/conf/backup will cause errors.

    If there's no way to dump the config from memory, I think I will have to put in the most recent full backup, reboot, and pray.  Hopefully it will come up in a semi-useable state, and i can then fix my system up by hand.

      • BTW, backup/restore from the webinterface only sends the existing current config.xml - it doesn't recreate it either….


  • rm /tmp/config.cache # blow away pfSense cache

    That was the key - I missed that step.  I can now get it to load from my backup OK.  It is still an old backup, as all my recent ones are truncated, but this is a point i can rebuild from.  The core routing is still in place, so i can rebuild transparently without the users knowing.

    Thanks for the tip!



  • Btw, there is no config.xml stored in memory. The config.xml is parsed and the conf files for the various services and processes are generated from it on change. There is no way to reverse this process (converting the various conf files back to a config.xml).



  • I saw some functions in /etc/inc/config.inc and friends, like generate_config_cache() and write_config(), which include calls to serialize() and comments like:

    Write serialized configuration to cache
    

    and

    Backup and write the firewall configuration.
    

    Where do they get there $config variable from?  I got the impression they were part of an always-loaded backend.  Based on what you say above, however, I guess they are completely reloaded on each config change?

    For clarity, then, the process for every config change is:

    • start
    • Take a backup copy of the current xml
    • load entire config from cache/xml
    • make changes
    • apply changes to relevent service conf file(s)
    • write modified xml file
    • refresh cache
    • exit

    Correct?



  • If /tmp/config.cache exists, it is read otherwise /cf/conf/config.xml


Log in to reply