Download Latest Version
GetFirewallConfig-1.3.1.0.zip (518.6 kB)
Get an email when there's a new version of GetFirewallConfig
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| GetFirewallConfig-1.2.2.0.zip | 2024-12-02 | 512.2 kB | |
| README.txt | 2024-12-02 | 4.7 kB | |
| Totals: 2 Items | 516.9 kB | 0 | |
Support: thu@thu.ch
Download: https://sourceforge.net/projects/getfirewallconfig/
How to configure
----------------------------------------------------------------------------------------------------
GetFirewallConfig.exe
----------------------------------------------------------------------------------------------------
Usage:
- Collect config-files from a remote hosts by using https or sftp and stores those in a local ConfigStore.
- Integrated houskeeping capabilities keep the local ConfigStore clean.
- Has to be executed daily via sheduled task (or more often).
- Tested with pfSense (pfse) and FortiGate (sftp) or any other SFTP host.
1. Configure remote hosts to back-up in Settings.conf (must be located in the same directory as GetFirewallConfig.exe)
2. Format of Settings.conf
Separator: | (pipe)
Columns : Type|Hostname|IP-address|Port|Username|EncryptedPassword|RemoteFileName|ConfigStore|Compress|RemoveAfterDays
Values for pfse: pfse|my1.fqdn|10.0.0.2|443|admin|rwJYAfIOJuvEfh(..)|/diag_backup.php|D:\Data\firewall-configs\ConfigStore|Compress|30
Values for sftp: sftp|my2.fqdn|10.0.0.1|22|admin|rwJYAfIOJuvEfxv(..)|/cf/conf/config.xml|D:\Data\firewall-configs\ConfigStore|Compress|30
3. Description:
Type : Specify type of backup, possible values:
pfse - for pfSense specific backups (incl. RRD graphs, package-configuration, SSH-keys) via https-request, use /diag_backup.php in column RemoteFileName.
sshd - for sftp transfer of a config-file, file to download must be specified in column RemoteFileName.
Hostname : A string used to identify the device in ConfigStore (fqdn, ip-address, hostname, serial no, etc..).
IP-address : IPv4 address, used to connect to the device by using https or sftp.
Port : TCP port address, used to connect to the device by using https or sftp.
Username : Username, used to connect to the device by using https or sftp.
EncryptedPassword : Encrypted password, used to connect to the device by using https or sftp.
RemoteFileName : Remote path to https-post target (pfse) or file to download (sftp).
In case of Type pfse: used to specify https-post target, for example /diag_backup.php.
In case of Type sftp: Used to identify the config to back up, for example /cf/conf/config.xml
ConfigStore : Path to local ConfigStore, used to store the downloaded files locally (Format in ConfigStore: $hostname\yyyymmdd_$hostname.xml)
Compress : A string, possible values:
Compress - this will compress the downloaded config to a zip file and will remove the uncompressed config afterwards.
Raw - this will downloaded config and stores it uncompressed.
RemoveAfterDays : Period of days, configs older then n days will be removed from ConfigStore; houskeeping runs per device and only after succcesfull backups.
4. To create EncryptedPasswords to be used in Settings.conf, please use EncryptPassword.exe, see below.
5. To temorarly disable a line, comment out the line by using a leading hash-sign (#).
Change log:
GetFirewallConfig-1.2.2.0
- Better error handling
- Parameter to minimize the output (GetFirewallConfig.exe /output:[debug|normal|minimal])
GetFirewallConfig-1.2.0.0
- Inital stable-release
- Comment out a device to skip processing by adding a leading hash-sign (#) in Settings.conf
- Summarize Errors and Warnings in the final summary
GetFirewallConfig-1.1.2.4
- Multi-Threading support
- If an error is thrown, the application proceeds with the next device
- Multiple cosmetic issues
GetFirewallConfig-1.1.2.1
- Inital test-release
----------------------------------------------------------------------------------------------------
EncryptPassword.exe
----------------------------------------------------------------------------------------------------
Usage:
- Create encrypted strings of passwords to be used in Settings.conf.
1. Execute via cmd: EncryptPassword.exe -password:"<my_string_to_encrypt>"
2. Output:
- Cleartext: SwLTC6Sp5gM1ivhzfwHjSKdc5
- Encrypted: PaumquLTwLoHoFsOLaf0yQUNMau+GjC8/kGXoB3lcltsDHcb97k3j5cbRqy7jEZvlBjet5jIEY4vN0Om/5QC7g==
3. Use the encrypted value in Settings.conf.
Change log:
GetFirewallConfig-1.0.0.0
- Inital stable-release