pfSense command to delete stale SAD
Posted
by
Justin Shin
on Server Fault
See other posts from Server Fault
or by Justin Shin
Published on 2011-11-19T21:34:51Z
Indexed on
2011/11/20
1:56 UTC
Read the original article
Hit count: 527
I'm experiencing an issue with pfSense where duplicate SAD's are getting created after rekeying, forcing me to manually go ahead and delete the old SAD's. It's not a huge issue but it does get to be a problem once I let it go for a few days. I just installed the cron package for pfSense so I could run a script to identify stale SAD's and delete them but I am not that familiar with BSD or pfSense. Is there a command that enumerates SAD's and their properties, and another that can delete by ID? I can form the conditional parts of the script but I do not know the commands to run. I would imagine it would be something like:
- Enumerate SAD's
- Identify Duplicate ones by matching Source and destination IP's
- Find the one with the larger bytes transferred
- Delete
© Server Fault or respective owner