How to apply security update on manipulated pfsense

mrhamed

Hello, We are a company that developing a system based on pfsense. The development process is consist of many webGUI changes and some minor changes on back-end in .inc or .php files.
Now we are ready to release but because we are on 2.2.3 so it has some security hole as you know!
https://www.us-cert.gov/ncas/bulletins/SB15-236

In best situation, we should migrate our system to 2.2.6 [latest release] but we are aware about side effect(s).
Also we need to support our system for long time and it's possible other security bug fix release by pfsense support team and it should apply to our system…

How to apply security update on manipulated pfsense?

We are not newbie team so we don't except apply further changes without side effect(s) but we are looking for easiest and stable approach because it's very important to prove the the system against security issues.

Thank you for any properly suggestion(s).

johnpoz

your kidding right??  So your forking pfsense to I assume sell/distribute under your own company name.  And you want to know how to continue to use pfsense work..

Your kidding???

muswellhillbilly

@mrhamed:

The development process is consist of many webGUI changes and some minor changes on back-end in .inc or .php files.

Ok, so from the sound of things you're basically re-badging the GUI to show your own company logo/branding. Otherwise, you're going to present PFS as your own system. Quite apart from the legal issues, I should think you'd be better off putting this one to the development team. Though I doubt that they'll be happy with the idea of someone slapping their own branding on someone else's work and putting it across as something original.

Wolf666

@muswellhillbilly:

@mrhamed:

….

[…] apart from the legal issues […]

I would, first, fix this, not exactly a minor issue.

muswellhillbilly

@Wolf666:

@muswellhillbilly:

@mrhamed:

….

[…] apart from the legal issues […]

I would, first, fix this, not exactly a minor issue.

Quite. My habit of the traditional British understatement.

jwt

Mrhamed is posting from an IP address in Iran.

Quite apart from the 'legal issues' others have pointed out here (which we're not going to help with), it's illegal for us to provide technical assistance to individuals in Iran.

Yes, I know that's broad overstatement.  I do understand the intricacies of the rules here.

Topic closed.