Hi:
I'm fighting for hours to add a firewall rule on, lets say, openvpn interface.
def add_firewall_rules(cn):
payload = {
"rule":{
"interface": "openvpn",
"type": "pass",
"direction": "in",
"quick": "1",
"ipprotocol": "inet",
"protocol": "TCP/UDP",
"source": {
"address": cn + "_net"
},
"enabled": "1",
"destination": {
"address": cn + "_openvpn_host",
"port": cn + '_port',
},
"description": cn + 'fw1'
}
}
result=add_firewall_rules(cn)
print(result)
this's a very basic example. The API gives me an valid answers such like:
'result': 'saved', 'uuid': 'f2d28fb8-84a8-4f9c-a049-6f0ee2755e9c'}that's fine. But, the added rule is not visible on GUI interface. I'm looking for it for hours but it's invisible.
I'm able to find it on confi.xml file but on another paragraph.
for example:
here's visible firewall rule on conf.xml:
under: opensense->flter->
But the mine are under: opensense -> OPNsense -> Firewall -> <Filter version="1.0.4"> -> rules
So... humm.... I tried to get my rule with;
https://mystrangeopnsense.doctor.strange.somewhere/api/firewall/filter/get_rule/f2d28fb8-84a8-4f9c-a049-6f0ee2755e9c
and I get it.
So my question is: why is it invisible on GUI ??
Did you look at Firewall - Automation - Filter and select the OpenVPN Group?
Quote from: Monviech (Cedrik) on July 22, 2025, 07:08:32 PMDid you look at Firewall - Automation - Filter and select the OpenVPN Group?
Yes but I didn't see there are different groups. and yes, all my customs rules are here.
great thanks for your helps. But how automation rules interact with openvpn under "rules" group ?? are they parsed before ?
https://docs.opnsense.org/manual/firewall_automation.html#processing-order
Quote from: Monviech (Cedrik) on July 23, 2025, 06:17:31 AMhttps://docs.opnsense.org/manual/firewall_automation.html#processing-order
again, thx a lot for your helps for saving my time. this topic is SOVLED