OPNsense Forum

English Forums => General Discussion => Topic started by: ikkeT on November 19, 2017, 08:15:58 pm

Title: API or any remote method to activate rules?
Post by: ikkeT on November 19, 2017, 08:15:58 pm: Hi,

I fancy a physical button at home, which would kill certain devices network connectivity. Think of kid not stopping playing after several mentions about dinner.... :)

So I could use my BT button which controls rules in my OpenHAB home automation box. That could then call API of OPNSense to toggle certain FW group on/off.

Is there such API, or any samples doing it e.g. using curl? I didn't find API in docs.

BR,
ikke
Title: Re: API or any remote method to activate rules?
Post by: franco on November 20, 2017, 07:43:04 am: Hi Ikke,

For the firewall not yet. We've been working on making rules fully pluggable for plugins, but this is still missing NAT support. This and hopefully API support for alias updates is all we will be able to finish for 18.1.

Cheers,
Franco
Title: Re: API or any remote method to activate rules?
Post by: buergeb on February 20, 2018, 10:45:06 pm: Hello Franco,

what does "for the firewall not yet" mean? Could you say please, if the feature for activaing/deactivating firewall rules via api is on the roadmap?

Thank you
Bodo
Title: Re: API or any remote method to activate rules?
Post by: seamus on February 23, 2018, 10:23:20 am: Quote from: ikkeT on November 19, 2017, 08:15:58 pm
Hi,

I fancy a physical button at home, which would kill certain devices network connectivity. Think of kid not stopping playing after several mentions about dinner.... :)

So I could use my BT button which controls rules in my OpenHAB home automation box. That could then call API of OPNSense to toggle certain FW group on/off.

Is there such API, or any samples doing it e.g. using curl? I didn't find API in docs.

Have you looked at the Firewall->Settings->Schedule config? Maybe a different way to accomplish your objective, but of course would require that you eat dinner at the same time :)
Title: Re: API or any remote method to activate rules?
Post by: ikkeT on February 23, 2018, 10:52:08 am: I have schedules set. Is there a way to update them over API?
Title: Re: API or any remote method to activate rules?
Post by: seamus on February 23, 2018, 08:52:42 pm: Have you looked at this?: https://docs.opnsense.org/development/how-tos/api.html

It doesn't provide many details, but it states that "All components... receive API capabilities", so that would mean you should be able to do what you want... except for maybe the "physical button" part - but I guess you have a plan for that.
Title: Re: API or any remote method to activate rules?
Post by: nycaleksey on October 12, 2020, 09:13:09 pm: Bumping this thread from 2.5 years ago.

Was the functionality to enable/disable firewall rules via API ever implemented? If not, does anyone know if it's on the roadmap ?

Thanks!
Title: Re: API or any remote method to activate rules?
Post by: fabian on October 13, 2020, 06:23:10 am: It is already there.
Title: Re: API or any remote method to activate rules?
Post by: nycaleksey on October 14, 2020, 10:06:12 pm: Thank you! Do you know what API command can be used to enable certain rule and to disable it?

Tried reading the documentation at https://docs.opnsense.org/development/api/core/firewall.html but it's very limited.
Title: Re: API or any remote method to activate rules?
Post by: lassieee on October 26, 2020, 02:44:58 pm: Stumbled upon this thread. Looking to implement this as well. Found this thread which seems to have the appropriate commands: https://forum.opnsense.org/index.php?topic=16943.0

edit: tried it, works like a charm :-)
docs: https://docs.opnsense.org/development/api/plugins/firewall.html