Text only | Text with Images

OPNsense Forum

English Forums => 25.1, 25.4 Production Series => Topic started by: Marius Rieder on April 16, 2025, 03:44:05 PM

Title: API Created Rules not visible in 25.1.5_5
Post by: Marius Rieder on April 16, 2025, 03:44:05 PM
I created some rules using the API (with the ansible module) and are a bit perplexed that this rules does not show up in the UI. I created a second rule un the UI. This one shows up. The search api (/api/firewall/filter/search_rule) only return the rule i created in the UI. Unless the show_all=true is set. However in /api/firewall/filter/get the ansible created rule shows up and in "pfctl -v -s rule" too.

In the config both rules seem to look fine. Any ideas where to investigate further?

 - Marius


Code Select
<Filter version="1.0.4">
<rules>
<rule uuid="b5ed14b9-54e9-4935-8de3-14f6aaa91715">
<enabled>1</enabled>
<statetype>keep</statetype>
<state-policy/>
<sequence>100</sequence>
<action>pass</action>
<quick>1</quick>
<interfacenot>0</interfacenot>
<interface/>
<direction>in</direction>
<ipprotocol>inet</ipprotocol>
<protocol>TCP/UDP</protocol>
<source_net>any</source_net>
<source_not>0</source_not>
<source_port/>
<destination_net>any</destination_net>
<destination_not>0</destination_not>
<destination_port/>
<gateway/>
<replyto/>
<disablereplyto>0</disablereplyto>
<log>0</log>
<allowopts>0</allowopts>
<nosync>0</nosync>
<nopfsync>0</nopfsync>
<statetimeout/>
<max-src-nodes/>
<max-src-states/>
<max-src-conn/>
<max/>
<max-src-conn-rate/>
<max-src-conn-rates/>
<overload/>
<adaptivestart/>
<adaptiveend/>
<prio/>
<set-prio/>
<set-prio-low/>
<tag/>
<tagged/>
<tcpflags1/>
<tcpflags2/>
<categories/>
<sched/>
<tos/>
<shaper1/>
<shaper2/>
<description>test</description>
</rule>
<rule uuid="894a4527-ea77-4c98-988a-5a75afc9a387">
<enabled>1</enabled>
<statetype>keep</statetype>
<state-policy/>
<sequence>101</sequence>
<action>pass</action>
<quick>1</quick>
<interfacenot>0</interfacenot>
<interface>lan</interface>
<direction>in</direction>
<ipprotocol>inet</ipprotocol>
<protocol>TCP</protocol>
<source_net>192.168.0.0/24</source_net>
<source_not>0</source_not>
<source_port/>
<destination_net>192.168.1.0/24</destination_net>
<destination_not>0</destination_not>
<destination_port>443</destination_port>
<gateway/>
<replyto/>
<disablereplyto>0</disablereplyto>
<log>1</log>
<allowopts>0</allowopts>
<nosync>0</nosync>
<nopfsync>0</nopfsync>
<statetimeout/>
<max-src-nodes/>
<max-src-states/>
<max-src-conn/>
<max/>
<max-src-conn-rate/>
<max-src-conn-rates/>
<overload/>
<adaptivestart/>
<adaptiveend/>
<prio/>
<set-prio/>
<set-prio-low/>
<tag/>
<tagged/>
<tcpflags1/>
<tcpflags2/>
<categories/>
<sched/>
<tos/>
<shaper1/>
<shaper2/>
<description>ANSIBLE_TEST_1_1</description>
</rule>
</rules>
<snatrules/>
<npt/>
<onetoone/>
</Filter>
</Firewall>
Title: Re: API Created Rules not visible in 25.1.5_5
Post by: EricPerl on April 16, 2025, 07:39:14 PM
The ansible rule is interface specific while the other one is not (floating?).
You're looking at the right page?
Category selector empty?
Text only | Text with Images