OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of bsdfans »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - bsdfans

Pages: [1] 2
1
24.1 Legacy Series / Re: schedule traffice shaper python script via Web API
« on: February 27, 2024, 04:02:34 pm »
Code: [Select]
python3 shaper.py disable 63c924d0-794e-4976-9bf0-e171e3911d29
I've input the uuid to the script,but it return the error.

Quote
2024-02-27 20:58:22,402 - ERROR - Failed to enable rule, status code: 400, response content: {"message":"action toggleRule expects at least 1 parameter(s)","status":400}

The show command works fine.

Quote
python3 shaper.py show 63c924d0-794e-4976-9bf0-e171e3911d29
Rule 63c924d0-794e-4976-9bf0-e171e3911d29 is currently enabled.

2
24.1 Legacy Series / schedule traffice shaper python script via Web API
« on: February 27, 2024, 02:08:51 pm »
Code: [Select]
import requests
import json
import logging
import argparse
import warnings
from urllib3.exceptions import InsecureRequestWarning
warnings.filterwarnings("ignore", category=InsecureRequestWarning)

# Set up command-line argument parsing
parser = argparse.ArgumentParser(description='Toggle the status of an OPNsense Traffic Shaper rule or show its current status.')
parser.add_argument('action', choices=['enable', 'disable', 'show'], help='Action to perform on the rule (enable, disable, or show status).')
parser.add_argument('rule_uuid', help='UUID of the rule to modify or view.', nargs='?')  # Make rule_uuid optional for show action
args = parser.parse_args()

# Initialize logging
LOG_FILE_PATH = '/root/shaper.log'
logging.basicConfig(filename=LOG_FILE_PATH, level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

API_KEY = 'YOUR_KEY'
API_SECRET = 'YOUR_SECRET'
OPNSENSE_URL = 'https://127.0.0.1/api'

def get_rule_status(rule_uuid):
    """Retrieve the current status of a rule."""
    url = f"{OPNSENSE_URL}/trafficshaper/settings/getRule/{rule_uuid}"
    auth = (API_KEY, API_SECRET)
    response = requests.get(url, auth=auth, verify=False)
    if response.ok:
        rule_data = response.json()
        enabled = rule_data['rule']['enabled'] == '1'
        return enabled
    else:
        logging.error(f"Failed to retrieve rule status, status code: {response.status_code}, response content: {response.text}")
        return None

def toggle_rule(rule_uuid, enable):
    """Toggle the status of a specified Traffic Shaper rule to either enable or disable."""
    url = f"{OPNSENSE_URL}/trafficshaper/settings/toggleRule"
    headers = {'Content-Type': 'application/json'}
    data = {"uuid": rule_uuid, "enabled": "1" if enable else "0"}
    auth = (API_KEY, API_SECRET)
    action = 'enable' if enable else 'disable'
    logging.info(f"Attempting to {action} rule: {rule_uuid}")
    response = requests.post(url, headers=headers, data=json.dumps(data), auth=auth, verify=False)
    if response.ok:
        logging.info(f"Rule {rule_uuid} successfully {action}d.")
    else:
        logging.error(f"Failed to {action} rule, status code: {response.status_code}, response content: {response.text}")

def show_rule_status(rule_uuid):
    """Show the enable/disable status of a specified Traffic Shaper rule."""
    enabled = get_rule_status(rule_uuid)
    if enabled is not None:
        status = 'enabled' if enabled else 'disabled'
        logging.info(f"Rule {rule_uuid} is currently {status}.")
        print(f"Rule {rule_uuid} is currently {status}.")
    else:
        print("Failed to retrieve rule status.")

# Determine action
if args.action == 'show':
    if args.rule_uuid:
        show_rule_status(args.rule_uuid)
    else:
        logging.error("Rule UUID is required for 'show' action.")
elif args.rule_uuid:
    if args.action in ['enable', 'disable']:
        enable = args.action == 'enable'
        toggle_rule(args.rule_uuid, enable)
    else:
        logging.error("Invalid action provided. Use 'enable', 'disable', or 'show'.")
else:
    logging.error("Rule UUID is required for 'enable' or 'disable' actions.")


Code: [Select]
python3 shaper.py -h
usage: shaper.py [-h] {enable,disable,show} [rule_uuid]

Toggle the status of an OPNsense Traffic Shaper rule or show its current status.

positional arguments:
  {enable,disable,show}
                        Action to perform on the rule (enable, disable, or show status).
  rule_uuid             UUID of the rule to modify or view.

optional arguments:
  -h, --help            show this help message and exit


The show function works fine,but the enable and disable can not work,the error is:

2024-02-27 20:58:22,402 - ERROR - Failed to enable rule, status code: 400, response content: {"message":"action toggleRule expects at least 1 parameter(s)","status":400}

How can I fix it ?

3
23.7 Legacy Series / redis should listen at 127.0.0.1 to reduce security risk.
« on: January 18, 2024, 02:57:06 am »
I use ntop-ng to monitor the network, it need redis to start,so I install redis,but I found redis can only listen at lan or wan,in face,it should only listen at 127.0.0.1 to reduce security risk.

4
23.7 Legacy Series / Re: [REQ]set shaper rules by time
« on: January 18, 2024, 02:54:42 am »
Quote from: Seimus on January 17, 2024, 03:36:51 pm
Not possible to do it at this time via GUI. This was already discussed and requested on the forum, but currently at least from the plan OPN has its not on the feature list to be developed.

You can however achieve this time based shaping via CRON and scripts, but that needs (your) manual work.

Regards,
S.

How can I make it via cron or script ?
Would you like to be kind enough to show me some way to do it?
I can not thought anything about using cron or scritpt to do it.
Thanks very much.

5
23.7 Legacy Series / [REQ]set shaper rules by time
« on: January 17, 2024, 08:35:38 am »
I'd like to shaper the flow by time,such as from 0:00 to 12:00 ,I can limit IP1 to 100Mbps,from 12:00 to 24:00,I can limit IP2 to 80Mbps.
Would you like add the time selector in the shaper rules editor?

6
23.7 Legacy Series / Re: How can I modify the rc.conf to enable secure_level of FreeBSD?
« on: January 16, 2024, 05:45:41 pm »
Quote from: franco on January 16, 2024, 05:13:40 pm
Besides the point that I don't know if securelevel adjustment works without messing with operation of OPNsense as a whole I don't see any reason why something would be reset if you set it correctly.

kern_securelevel_enable="YES"    # kernel security level (see security(7))       
kern_securelevel="x"   # range: -1..3 ; `-1' is the most insecure

Where x is the correct level and the file to put this into is /etc/rc.conf (which we don't even touch which is why it's not there and you need to create it).


Good luck,
Franco

The /etc/hosts was also restored after reboot.

7
23.7 Legacy Series / How can I modify the rc.conf to enable secure_level of FreeBSD?
« on: January 16, 2024, 04:44:11 am »
I want to modify the rc.conf to enable secure_level of FreeBSD,but I found that it will be restored after reboot.
How can I make it ?
Thanks.

8
23.7 Legacy Series / Re: what's new in 24.x
« on: January 15, 2024, 12:39:00 pm »
Quote from: tiermutter on January 15, 2024, 12:25:01 pm
https://opnsense.org/about/road-map/

 :P

Cool,suricata 7.
I thought the base will upgrade to FreeBSD 14.x, but it seems not be necessary.

9
23.7 Legacy Series / what's new in 24.x
« on: January 15, 2024, 12:21:00 pm »
 ;D
I can't wait to see it.

10
General Discussion / Re: howto: monit ping test
« on: January 15, 2024, 12:18:10 pm »
Anybody could be kind enough to show us a HOWTO about "monit ping test and auto reboot after ping failed"

11
23.7 Legacy Series / bandwidthd with ipv6 support
« on: January 13, 2024, 08:31:27 am »
Would you like to upgrade the bandwidthd with ipv6 support.
Thanks.

We can find the repo:
https://github.com/perkinslr/bandwidthd-ipv6

12
23.7 Legacy Series / Re: Would you like to upgrade to FreeBSD 14 after it released today?
« on: November 23, 2023, 12:28:12 pm »
Quote from: almodovaris on November 23, 2023, 04:58:03 am
I run FreeBSD 14.0 on my Microsoft Volterra. Web (Epiphany) crashes sometimes, Otter browser crashes often, Firefox and Thunderbird do not work. Gnome does not work (I use LXDE). Of course, much has to do with lack of support for my hardware. But they had a lot of time to fix it before releasing it.

You can try xfce , but I will not use FreeBSD as the desktop OS instead of server.

13
23.7 Legacy Series / Re: Would you like to upgrade to FreeBSD 14 after it released today?
« on: November 23, 2023, 12:25:45 pm »
Quote from: franco on November 15, 2023, 08:00:29 am
14.1 for sure. ;)


Cheers,
Franco

nod , 14.1 maybe the better choice :)

14
23.7 Legacy Series / Re: Would you like to upgrade to FreeBSD 14 after it released today?
« on: November 22, 2023, 03:24:18 pm »
https://www.freebsd.org/releases/14.0R/announce/

15
23.7 Legacy Series / Can not find the web interface to enable RSS
« on: November 15, 2023, 01:57:23 am »
Shall I enable RSS but the CLI ?

sysctl -a | grep rss
net.inet.rss.bucket_mapping: 0:0 1:1 2:2 3:3
net.inet.rss.enabled: 0
net.inet.rss.debug: 0
net.inet.rss.basecpu: 0
net.inet.rss.buckets: 4
net.inet.rss.maxcpus: 64
net.inet.rss.ncpus: 4
net.inet.rss.maxbits: 7
net.inet.rss.mask: 3
net.inet.rss.bits: 2
net.inet.rss.hashalgo: 2
hw.bxe.udp_rss: 0
hw.ix.enable_rss: 1

Pages: [1] 2
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2