Project

General

Profile

Actions
Copy link

Feature #16403

open

"Real" Factory reset

Added by Lars Lindley about 1 month ago. Updated 3 days ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
Unknown
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

Hi,

An issue I face is that we have a "firewall-aas" kind of approach to some customer's firewalls.
They pay us a monthly fee to have a working (not necessarily completely new) firewall and support, updates etc are included.

In this scenario we get some firewalls back that will go to another customer later.

Ex if I do a factory reset of a 2100 it will retain the config history and boot environments.
I then set a dummy pw, login, clear config history and boot environments and then do another reset before putting it on a shelf for later use.

This seems counter intuitive to me. I would expect the 2100 to be as it came from the factory.

Using the usb installer takes a lot more time but leaves it in the desired state.

I recognize that a factory reset retaining config history and boot environments might have its merits too as sometimes it's a quicker fix to just start over but with the option to roll back if you totally get it wrong.

I propose having some more options for the reset.
"Full reset" including config history and boot environment.
"Return to default settings" but retain config history and boot environments.

Regards, Lars

Actions
Copy link
 #1

Updated by Kris Phillips 19 days ago

  • Status changed from New to Confirmed

Clearing Boot Environments might prove dangerous as an operation, although we may be able to add an option for "delete all non-current Boot Environments" or something on a Factory Reset as a toggle-able option.

Clearing Configuration History seems a no brainer.

Marking Confirmed.

Actions
Copy link
 #2

Updated by Kris Phillips 5 days ago

Per redmine https://redmine.pfsense.org/issues/16453

Adding a warning stating "Factory Reset does not remove Boot Environments" may also be a potential solution/warning to add.

Actions
Copy link
 #3

Updated by Steve Y 3 days ago

Corollary...https://docs.netgate.com/pfsense/en/latest/config/factory-defaults.html does not specifically mention that config history or BEs are retained, just that changes to the file system remain. The page in pfSense could also specifically suggest reading the doc page for more information.

Actions
Copy link

Also available in: Atom PDF