OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Add firewall rules from CLI
« previous next »
  • Print
Pages: [1]

Author Topic: Add firewall rules from CLI  (Read 10613 times)

oleschool

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Add firewall rules from CLI
« on: August 19, 2016, 08:53:33 am »
Greetings,

I was curious if there was a way to add firewall rules from the command line/console?

Apologies if this has been answered elsewhere, however I could not find anything through my forum search.

Version: OPNsense 16.7.1-amd64

Regards.
 
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13693
  • Karma: 1176
    • View Profile
Re: Add firewall rules from CLI
« Reply #1 on: August 19, 2016, 11:22:10 am »
Hi there,

Coincidentally, we talked about this on IRC yesterday. There is no API for firewall rules yet. Once we (hopefully) get interfaces into an API for 17.1, we can possibly dream of a firewall rules API for 17.7. It depends on workload and external help.

The safest bet for local automation right now is to adapt the actual firewall_rules_edit.php as a custom GET script, embed a security token into that script -- let's name it rules_patch.php -- and move it to /usr/local/www to be called from an external location for the actual APIsh invoke... Something like this:

1. SSH into box, embed unique security token into rules_patch.php, copy it to /usr/local/www/
2. Make your command line GET call https://foo.bar/rules_patch.php?all=my&rules=scripting&security=T0K3N!1
3. SSH into box, remove the exposed rules_patch.php and run /usr/local/etc/rc.filter_configure_sync to apply the new rule


Cheers,
Franco
« Last Edit: August 19, 2016, 12:02:24 pm by franco »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Add firewall rules from CLI
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2