Auto Firmware Update Missing?

Started by marshalleq, June 06, 2021, 11:24:44 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 06, 2021, 11:24:44 PM
I've been googling this one and I'm unclear if this basic feature exists or not.  What I'm looking for is some method whereby the firmware can be auto downloaded, updated and rebooted if necessary at a scheduled time.  Seems like a pretty basic feature for a firewall to me.

There are a few discussions e.g here https://github.com/opnsense/core/issues/1798

What am I missing?

Many thanks,

Marshalleq
June 07, 2021, 07:58:17 AM #1
What happens if the auto-update fails and you're not around to fix it?
Regards


Bill
June 07, 2021, 09:09:34 AM #2
Hi,

Suggestion:
A auto update feature should be implemented in the following simplified way:

  • Download the new version of the software
  • Start a timer
  • Update the software
  • Stop the timer
  • If the timer hit its limit rollback to the old software version

I expect there are some pitfalls to go around:

  • Perhaps a reboot is required to get the updated software into action. This will require to use some sort of hardware timer. This will make such feature more or less "un-testable" because of limited resources in your QA lab.
  • Because of the complexity of the software there will be a lot of states after updating it. Besides "it is working fine" and "it totally fails" there might be some states like: "everything is OK but DNS", "DHCP is not working any more", "the firewall does not block anything" ... All these states can only be tested manually and fixed by an operator

Kind Regards
Thomas
Don't forget to [applaud] those offering time and brainpower to help you!
June 07, 2021, 10:02:29 AM #3
Why not use the easily accessible features that are already there through GUI and console...


Cheers,
Franco
Print
Go Up Pages1
User actions