Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to apply security update on manipulated pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 5 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mrhamed
      last edited by

      Hello, We are a company that developing a system based on pfsense. The development process is consist of many webGUI changes and some minor changes on back-end in .inc or .php files.
      Now we are ready to release but because we are on 2.2.3 so it has some security hole as you know!
      https://www.us-cert.gov/ncas/bulletins/SB15-236

      In best situation, we should migrate our system to 2.2.6 [latest release] but we are aware about side effect(s).
      Also we need to support our system for long time and it's possible other security bug fix release by pfsense support team and it should apply to our system…

      How to apply security update on manipulated pfsense?

      We are not newbie team so we don't except apply further changes without side effect(s) but we are looking for easiest and stable approach because it's very important to prove the the system against security issues.

      Thank you for any properly suggestion(s).

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        your kidding right??  So your forking pfsense to I assume sell/distribute under your own company name.  And you want to know how to continue to use pfsense work..

        Your kidding???

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • M Offline
          muswellhillbilly
          last edited by

          @mrhamed:

          The development process is consist of many webGUI changes and some minor changes on back-end in .inc or .php files.

          Ok, so from the sound of things you're basically re-badging the GUI to show your own company logo/branding. Otherwise, you're going to present PFS as your own system. Quite apart from the legal issues, I should think you'd be better off putting this one to the development team. Though I doubt that they'll be happy with the idea of someone slapping their own branding on someone else's work and putting it across as something original.

          1 Reply Last reply Reply Quote 0
          • W Offline
            Wolf666
            last edited by

            @muswellhillbilly:

            @mrhamed:

            ….

            […] apart from the legal issues […]

            I would, first, fix this, not exactly a minor issue.

            Modem Draytek Vigor 130
            pfSense 2.4 Supermicro A1SRi-2558 - 8GB ECC RAM - Intel S3500 SSD 80GB - M350 Case
            Switch Cisco SG350-10
            AP Netgear R7000 (Stock FW)
            HTPC Intel NUC5i3RYH
            NAS Synology DS1515+
            NAS Synology DS213+

            1 Reply Last reply Reply Quote 0
            • M Offline
              muswellhillbilly
              last edited by

              @Wolf666:

              @muswellhillbilly:

              @mrhamed:

              ….

              […] apart from the legal issues […]

              I would, first, fix this, not exactly a minor issue.

              Quite. My habit of the traditional British understatement.

              1 Reply Last reply Reply Quote 0
              • J Offline
                jwt Netgate
                last edited by

                Mrhamed is posting from an IP address in Iran.

                Quite apart from the 'legal issues' others have pointed out here (which we're not going to help with), it's illegal for us to provide technical assistance to individuals in Iran.

                Yes, I know that's broad overstatement.  I do understand the intricacies of the rules here.

                Topic closed.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.