I'll answer the first question: The HEAD code already has the option to make the master sync to several slaves so you don't have to daisychain the sync anymore. This will appear in the next major version.
Regarding the other questions: Some of the ideas are nice, however as I'm not really a developer I'll leave it up to somebody elso to comment on these. Holger -----Original Message----- From: Matthias Hertzog [mailto:[EMAIL PROTECTED] Sent: Friday, January 12, 2007 7:39 PM To: [email protected] Subject: Re: [pfSense Support] questions/wishes Hi Scott Same topic, but additional wish: XMLRPC should be possible even if the "admin port" of the destination firewall is not set to Port 80. Thanks & best wishes, Matthias ----- Original Message ----- From: "Michael Schuh" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Friday, January 12, 2007 7:32 PM Subject: [pfSense Support] questions/wishes Hi Scott, Hi Holger, i have some questions over the xmlrpc functionality. First: is it possible to configure or to extend pfsene in an way, so that the xmlrpc-function sync the rules to many other slaves? Concret now pfsense's xmlrpc work in one to one mode, one master and one slave, so that it is only possible to define an chain to sync like pfsense01 sync to-> pfsense02 sync to -> pfsense03 sync to pfsense04 <note> setting pfsense04 up to sync with pfsense01 can get many fun :-) and a never ending story :-) just kidding </note> but not -> pfsense02 pfsense01 sync to -> pfsense03 -> pfsense04 Second is based on the first: is it possible to extend the prevention from xmlrpc, so that rules that gaves maked on the Slave prevented from deletion by the xmlrpc-sync? Or to make an extra Flag that prevents deletion. third is also based on the first two : is it possible to extend pfSense to mark such rules (prevented from xmlrpc, or from deletion) with an extra icon in the rules overview. like the block/reject/pass and info-icons? forth: it is possible to toggle the info flag like the block/pass/reject-Flag, to toggle logging temporary? The reason for this questiions wishes, is to manage Large Networks from one Master-Firewall ( commonly only a Confugiration backend) and sync common rules for every other Firewall to all Firewalls that we have to manage, but gaves us the possibility to define local rules that are prepended to the global rules or other configrations and prevented by deletion. I think you understand what the target in my mind is. Sorry for my bad english :-) thank you regards michael -- michael-schuh.net Michael Schuh Preußenstr. 13 66111 Saarbrücken phone: 0681/8319664 mobil: 0177/9738644 @: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
