Hi.
I’ve created a new add-on for backing up firewall rules. I’m missing this kind of management if you have a huge number of rules.
To install:
Decompress zip file
firewall_backup.ipfire.tgz.zip (8,2 KB)
Copy file “firewall_backup.ipfire.tgz” to /opt/pakfire/tmp.
Unpak with:
tar xvf firewall_backup.ipfire.tgz
To install:
./install.sh
To uninstall:
./uninstall.sh
Any incident reports you may have will be appreciated.
Bye.
They are backed up in the .ipf backup from the existing Backup WUI page.
Yes, you’re absolutely right, but it’s only for the Firewall rules and not the entire IPFire configuration. Perhaps you’re not interested in restoring the entire IPFire configuration when you restore the Firewall rules backup.
Bye.
I installed this on my test firewall, and it works great! That will be really handy for backing up just the rules before making changes. Thank you! The only thing I wonder is if it should also backup aliases and possibly firewall groups. Maybe those should just be reserved for the regular backups? Just thinking out loud… Could be something to consider for version 2.0.
Hi @seanp.
It backs up the entire contents of the “/var/ipfire/firewall” and “/var/ipfire/fwhosts” folders. That is, it backs up all firewall rules and firewall groups.
Bye.
Yes, you’re right. It would be much better in that location, but the problem is that these modifications will be affected by every update, disappearing, and you’ll have to apply them every time.
My addons are NOT official (the IPFire team is free to implement them), and they try to be as independent as possible so they can survive updates without issues.
Regards.
Every user of IPFire is invited to contributed ‘official’ parts. But this includes the maintainance for some time ( until it is ‘standard’, so other members of the dev community can maintain very easy ).
This process is necessary, to get a reliable product. For negative examples look at other open wireless router projects.
I don’t believe the IPFire team will implement these addons if you don’t submit them in the integration process.
I understand the difficulty 
I’d love to, but I find it extremely complex (those familiar with the process probably don’t find it that complex).
These are addons that I’ve tried at all times to ensure they don’t depend on anything in IPFire, so they won’t be affected by updates.
I made them this way because a forum member (I don’t know if he’s still here or not) made an addon for sending reports that worked very well at first, but as IPFire updates came and went, it started to cause problems, and I kept troubleshooting it until it stopped working.
I completely understand the IPFire developers’ point of not adding just anything to IPFire for this very reason, hence the reason they’ve done it the way they have.
In the event that an addon fails, which is likely, I’ll try to fix it.
Bye
The best will be to have checkboxes for the backup to be able to select what’s about to be backuped.
Atm it’s annoying. For example I do some changes and need to replicate these changes to lot’s of other fws. I need to do a full backup, restore and change the domain name + this www.ipfire.org - Migrate to new hardware for every single fw.
