Discussion:
pfSense change logging
Scott Benson
2011-07-29 15:41:00 UTC
Permalink
Is there a way to see who(based on IP) made a change to the webgui
causing a new /cf/conf/backup/ to be created? is it something in that
file, or logged anywhere?
--
Scott Benson
A1 Networks
(707)570-2021 x203


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Chris Clark
2011-07-29 15:44:50 UTC
Permalink
Authentication events should be recorded in the system log.

-----Original Message-----
From: Scott Benson [mailto:sbenson-I8rc8vgul+SEK/***@public.gmane.org]
Sent: Friday, July 29, 2011 11:41 AM
To: support-***@public.gmane.org
Subject: [pfSense Support] pfSense change logging

Is there a way to see who(based on IP) made a change to the webgui causing a new /cf/conf/backup/ to be created? is it something in that file, or logged anywhere?

--
Scott Benson
A1 Networks
(707)570-2021 x203


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Scott Benson
2011-07-29 16:39:19 UTC
Permalink
Yeah, at certain points there may be multiple people logged in to the
same firewall(either looking at different logs, or changes to different
services). Is there a way to enter in the IP of who submitted the
change in the header of the conf, just some way to track who is doing
what changes. I'll even hack the code in if someone can point me in the
direction of the module that backs up the configs on changes. Thanks in
advance.
--
Scott Benson
A1 Networks
(707)570-2021 x203
Post by Chris Clark
Authentication events should be recorded in the system log.
-----Original Message-----
Sent: Friday, July 29, 2011 11:41 AM
Subject: [pfSense Support] pfSense change logging
Is there a way to see who(based on IP) made a change to the webgui causing a new /cf/conf/backup/ to be created? is it something in that file, or logged anywhere?
--
Scott Benson
A1 Networks
(707)570-2021 x203
---------------------------------------------------------------------
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Jim Pingle
2011-07-29 16:45:15 UTC
Permalink
Post by Scott Benson
Is there a way to see who(based on IP) made a change to the webgui
causing a new /cf/conf/backup/ to be created? is it something in that
file, or logged anywhere?
On current 2.0 snapshots it logs the username and IP that caused a
change, and that appears in the description of the config file that
shows in the backup list.

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Scott Benson
2011-07-29 17:10:11 UTC
Permalink
Is there a way to hack it into 1.2.3?
--
Scott Benson
A1 Networks
(707)570-2021 x203
Post by Jim Pingle
Post by Scott Benson
Is there a way to see who(based on IP) made a change to the webgui
causing a new /cf/conf/backup/ to be created? is it something in that
file, or logged anywhere?
On current 2.0 snapshots it logs the username and IP that caused a
change, and that appears in the description of the config file that
shows in the backup list.
---------------------------------------------------------------------
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Jim Pingle
2011-07-29 17:15:57 UTC
Permalink
Post by Scott Benson
Is there a way to hack it into 1.2.3?
Probably, not sure it's worth the time it would take to do it at this
stage. 2.0 is practically out the door, it's time to stop holding onto
1.2.3 :-)



---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Scott Benson
2011-07-29 17:40:20 UTC
Permalink
well then. with that being said, upgrades from 1.2.3 and 1.2.3 embedded
to 2.0 are seemless?
--
Scott Benson
A1 Networks
(707)570-2021 x203
Post by Jim Pingle
Post by Scott Benson
Is there a way to hack it into 1.2.3?
Probably, not sure it's worth the time it would take to do it at this
stage. 2.0 is practically out the door, it's time to stop holding onto
1.2.3 :-)
---------------------------------------------------------------------
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Jim Pingle
2011-07-29 18:21:54 UTC
Permalink
Post by Scott Benson
well then. with that being said, upgrades from 1.2.3 and 1.2.3 embedded
to 2.0 are seemless?
Should be. You can install the pre-upgrade check package to ensure your
config doesn't have any data in it that would cause issues.

http://doc.pfsense.org/index.php/Upgrade_Guide

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Scott Lambert
2011-07-29 19:30:18 UTC
Permalink
Post by Scott Benson
well then. with that being said, upgrades from 1.2.3 and 1.2.3
embedded to 2.0 are seemless?
Most of the time. I had issues with one box running 1.2.3 on an
Intel P3 board with fxp0 on-board and a 4 port soekris vr based PCI
card.

With pfSense 2.x FreeBSD kept having to reset the vr interfaces
because of timeouts and it never actually worked after an hour of
trying. I finally reinstalled pfSense 1.2.3 and still had vr
timeouts. A power cycle seems to have cleared up whatever FreeBSD
did differently with the 4 port card vs the version of FreeBSD in
pfSense 1.2.3.

A hard power cycle might have lined things out with pfSense 2
installed, but I didn't think of doing that until it wouldn't run
right after re-installing 1.2.3.

I'm going to replace the hardware before I mess with it again.

All of that just to remind you that Murphy makes the rules...

In the future, especially on older hardware, I think I will boot
from the live CD and import the config to that to do some testing
before I upgrade the installed version.
--
Scott Lambert KC5MLE Unix SysAdmin
lambert-***@public.gmane.org


---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe-***@public.gmane.org
For additional commands, e-mail: support-help-***@public.gmane.org

Commercial support available - https://portal.pfsense.org
Loading...