Download Latest Version
GetFirewallConfig-1.3.1.0.zip (518.6 kB)
Get an email when there's a new version of GetFirewallConfig
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| GetFirewallConfig-1.1.2.4.zip | 2024-11-16 | 510.8 kB | |
| README.txt | 2024-11-16 | 3.8 kB | |
| Totals: 2 Items | 514.6 kB | 0 | |
README
######
Support: thu@thu.ch
How to configure
----------------------------------------------------------------------------------------------------
GetFirewallConfig.exe
----------------------------------------------------------------------------------------------------
Usage:
- Collects config-files from a remote hosts by using https or sftp and stores those in a local ConfigStore.
- Integrated houskeeping capabilities keeps the local ConfigStore clean.
- Will be executed daily via sheduled task.
1. Configure remote hosts to back-up in Settings.conf (must be located in the same directory as GetFirewallConfig.exe)
2. Format of Settings.conf
Separator: | (pipe)
Columns : Type|Hostname|IP-address|Port|Username|EncryptedPassword|RemoteFileName|ConfigStore|Compress|RemoveAfterDays
Values for pfse: pfse|my.fqdn.local|10.0.0.2|443|admin|rwJYAfIOJuvEfxvpIy74RkSLC2IGIhZCErrobQz/2v7u5hR4XnlIYjyoQcnPAMZn|/diag_backup.php|D:\Data\firewall-configs\ConfigStore|Compress|30
Values for sftp: sftp|my.fqdn.local|10.0.0.1|22|admin|rwJYAfIOJuvEfxvpIy74RkSLC2IGIhZCErrobQz/2v7u5hR4XnlIYjyoQcnPAMZn|/cf/conf/config.xml|D:\Data\firewall-configs\ConfigStore|Compress|30
3. Description:
Type : Specify type of backup, possible values:
pfse - for pfSense specific backups (incl. RRD graphs, package-configuration, SSH-keys) via https-request, use /diag_backup.php in column RemoteFileName.
sshd - for sftp transfer of a config-file, file to download must be specified in column RemoteFileName.
Hostname : A string used to identify the device in ConfigStore (fqdn, ip-address, hostname, serial no, etc..).
IP-address : IPv4 address, used to connect to the device by using https or sftp.
Port : TCP port address, used to connect to the device by using https or sftp.
Username : Username, used to connect to the device by using https or sftp.
EncryptedPassword : Encrypted password, used to connect to the device by using https or sftp.
RemoteFileName : Remote path to https-post target (pfse) or file to download (sftp).
In case of Type pfse: used to specify https-post target, for example /diag_backup.php.
In case of Type sftp: Used to identify the config to back up, for example /cf/conf/config.xml
ConfigStore : Path to local ConfigStore, used to store the downloaded files locally (Format in ConfigStore: $hostname\yyyymmdd_$hostname.xml)
Compress : A string, possible values:
Compress - this will compress the downloaded config to a zip file and will remove the uncompressed config afterwards.
Raw - this will downloaded config and stores it uncompressed.
RemoveAfterDays : Period of days, configs older then n days will be removed from ConfigStore; houskeeping runs per device and only after succcesfull backups.
4. To create EncryptedPasswords to be used in Settings.conf, please use EncryptPassword.exe
----------------------------------------------------------------------------------------------------
EncryptPassword.exe
----------------------------------------------------------------------------------------------------
Usage:
- Create encrypted strings of passwords to be used in Settings.conf.
1. Execute via cmd: EncryptPassword.exe -password:"<my_string_to_encrypt>"
2. Output:
- Cleartext: SwLTC6Sp5gM1ivhzfwHjSKdc5
- Encrypted: PaumquLTwLoHoFsOLaf0yQUNMau+GjC8/kGXoB3lcltsDHcb97k3j5cbRqy7jEZvlBjet5jIEY4vN0Om/5QC7g==
3. Use the encrypted value in Settings.conf.
