Book Image

pfSense 2.x Cookbook - Second Edition

By : David Zientara
Book Image

pfSense 2.x Cookbook - Second Edition

By: David Zientara

Overview of this book

pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for ?exible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings. pfSense 2.x Cookbook – Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom ?oating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages.
Table of Contents (18 chapters)
Title Page
Copyright and Credits
About Packt

Backing up pfSense

Backing up our pfSense system is an important part of minimizing downtime and maintenance time. In this recipe, we will demonstrate how to back up pfSense.

How to do it...

  1. Navigate to Diagnostics | Backup & Restore.
  2. Click on the Backup & Restore tab:
  1. Leave the Backup area drop-down menu set to All.
  2. Leave the Skip packages checkbox unchecked.
  3. Leave Skip RRD data checked.
  4. Check the Encryption checkbox.
  5. Enter a password in the Password text field.
  6. Click on the Download configuration as XML button and save the configuration file to a secure location.

How it works...

The Backup & Restore configuration section allows us to save the system settings as an XML file. With this XML file, we can restore pfSense to these settings in two different ways:

  • After a hardware or software failure, we can reinstall pfSense, and then restore the previous configuration using the previously-saved back up XML file.
  • In the absence of a hardware or software failure; say, we just want to rollback pfSense to a previous restore point, then we can use the previously-saved back up file to do so.

There's more...

In the recipe, we backed up all configuration areas, but we can select only a subset of the configuration using the Backup area drop-down menu. This is useful if we only need to backup a specific portion of the configuration. Note that we can select All and still exclude package and Round Robin Database (RRD) data. While it is generally good practice to save package information, you probably do not need to save RRD data; although it might prove useful later as a diagnostic tool, it can consume four megabytes or more of config.xml space.



If you need to review the recent config changes, click on the Config History tab. This tab provides functionality similar to the Restore recent configuration command available from the console/SSH. In addition to viewing all recent config changes, you can perform the following operations:

  1. View the difference between two configurations by selecting the older configuration in the right column of radio buttons, selecting the newer configuration in the left column, and clicking on the Diff button:
  1. The XML file contents will appear at the top of the page, showing what has been added (text with a green background), what has been removed (text with a red background), and what is unchanged (body text with a gray or white background; unchanged headers take gray backgrounds). An example of this is shown in the following screenshot:
  1. Revert to a previous configuration (the reverse arrow symbol).
  2. Save a previous configuration as a backup XML file (the downward arrow).
  3. Delete a previous configuration (the trashcan).