GetFirewallConfig - Browse /GetFirewallConfig-1.2.0.0 at SourceForge.net

The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
GetFirewallConfig-1.2.0.0.zip	2024-12-02	510.9 kB	0
README.txt	2024-12-02	4.6 kB	0
Totals: 2 Items		515.5 kB	0

Support: thu@thu.ch
Download: https://sourceforge.net/projects/getfirewallconfig/

How to configure
----------------------------------------------------------------------------------------------------
GetFirewallConfig.exe
----------------------------------------------------------------------------------------------------

Usage:

- Collect config-files from a remote hosts by using https or sftp and stores those in a local ConfigStore.
- Integrated houskeeping capabilities keep the local ConfigStore clean.
- Has to be executed daily via sheduled task (or more often).
- Tested with pfSense (pfse) and FortiGate (sftp) or any other SFTP host.

1. Configure remote hosts to back-up in Settings.conf (must be located in the same directory as GetFirewallConfig.exe)

2. Format of Settings.conf

Separator: | (pipe)

3. Description:

Type : Specify type of backup, possible values:
pfse - for pfSense specific backups (incl. RRD graphs, package-configuration, SSH-keys) via https-request, use /diag_backup.php in column RemoteFileName.
sshd - for sftp transfer of a config-file, file to download must be specified in column RemoteFileName.
Hostname : A string used to identify the device in ConfigStore (fqdn, ip-address, hostname, serial no, etc..).
IP-address : IPv4 address, used to connect to the device by using https or sftp.
Port : TCP port address, used to connect to the device by using https or sftp.
Username : Username, used to connect to the device by using https or sftp.
EncryptedPassword : Encrypted password, used to connect to the device by using https or sftp.
RemoteFileName : Remote path to https-post target (pfse) or file to download (sftp).
In case of Type pfse: used to specify https-post target, for example /diag_backup.php.
In case of Type sftp: Used to identify the config to back up, for example /cf/conf/config.xml
ConfigStore : Path to local ConfigStore, used to store the downloaded files locally (Format in ConfigStore: $hostname\yyyymmdd_$hostname.xml)
Compress : A string, possible values:
Compress - this will compress the downloaded config to a zip file and will remove the uncompressed config afterwards.
Raw - this will downloaded config and stores it uncompressed.
RemoveAfterDays : Period of days, configs older then n days will be removed from ConfigStore; houskeeping runs per device and only after succcesfull backups.

4. To create EncryptedPasswords to be used in Settings.conf, please use EncryptPassword.exe, see below.

5. To temorarly disable a line, comment out the line by using a leading hash-sign (#).

Change log:

GetFirewallConfig-1.2.0.0
- Inital stable-release
- Comment out a device to skip processing by adding a leading hash-sign (#) in Settings.conf
- Summarize Errors and Warnings in the final summary

GetFirewallConfig-1.1.2.4
- Multi-Threading support
- If an error is thrown, the application proceeds with the next device
- Multiple cosmetic issues

GetFirewallConfig-1.1.2.1
- Inital test-release

----------------------------------------------------------------------------------------------------
EncryptPassword.exe
----------------------------------------------------------------------------------------------------

Usage:

- Create encrypted strings of passwords to be used in Settings.conf.

1. Execute via cmd: EncryptPassword.exe -password:"<my_string_to_encrypt>"

2. Output:

- Cleartext: SwLTC6Sp5gM1ivhzfwHjSKdc5
- Encrypted: PaumquLTwLoHoFsOLaf0yQUNMau+GjC8/kGXoB3lcltsDHcb97k3j5cbRqy7jEZvlBjet5jIEY4vN0Om/5QC7g==

3. Use the encrypted value in Settings.conf.

Change log:

GetFirewallConfig-1.0.0.0
- Inital stable-release

Source: README.txt, updated 2024-12-02